Last active
December 14, 2018 14:45
-
-
Save tarekdj/63bb740ac7f7eb6e338201be7b5db402 to your computer and use it in GitHub Desktop.
DDEV nginx: [emerg] bind() to 0.0.0.0:80 failed (13: Permission denied)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
version: '3.6' | |
#ddev-generated | |
services: | |
db: | |
container_name: ddev-${DDEV_SITENAME}-db | |
image: $DDEV_DBIMAGE | |
stop_grace_period: 60s | |
volumes: | |
- type: "volume" | |
source: mariadb-database | |
target: "/var/lib/mysql" | |
volume: | |
nocopy: true | |
- type: "bind" | |
source: "${DDEV_IMPORTDIR}" | |
target: "/db" | |
- type: "bind" | |
source: "." | |
target: "/mnt/ddev_config" | |
restart: "no" | |
user: "$DDEV_UID:$DDEV_GID" | |
ports: | |
- "3306" | |
labels: | |
com.ddev.site-name: ${DDEV_SITENAME} | |
com.ddev.platform: ddev | |
com.ddev.app-type: drupal8 | |
com.ddev.approot: $DDEV_APPROOT | |
com.ddev.app-url: $DDEV_URL | |
environment: | |
- COLUMNS=$COLUMNS | |
- LINES=$LINES | |
command: "$DDEV_MARIADB_LOCAL_COMMAND" | |
web: | |
container_name: ddev-${DDEV_SITENAME}-web | |
image: $DDEV_WEBIMAGE | |
cap_add: | |
- SYS_PTRACE | |
volumes: | |
- "../:/var/www/html:cached" | |
- ".:/mnt/ddev_config:ro" | |
- type: "volume" | |
source: ddev-ssh-agent_socket_dir | |
target: "/home/.ssh-agent" | |
- type: "volume" | |
source: ddev-composer-cache | |
target: "/mnt/composer_cache" | |
volume: | |
nocopy: true | |
restart: "no" | |
user: "$DDEV_UID:$DDEV_GID" | |
depends_on: | |
- db | |
links: | |
- db:db | |
ports: | |
- "8080" # <== CHANGED | |
- "8025" | |
# Override the healthcheck command (thx to @rfay for the tip!) | |
healthcheck: | |
test: ["CMD", "curl", "-f", "http://127.0.0.1:8080"] | |
interval: 2s | |
retries: 5 | |
environment: | |
- DDEV_URL=$DDEV_URL | |
- DOCROOT=$DDEV_DOCROOT | |
- DDEV_PHP_VERSION=$DDEV_PHP_VERSION | |
- DDEV_WEBSERVER_TYPE=$DDEV_WEBSERVER_TYPE | |
- DDEV_PROJECT_TYPE=$DDEV_PROJECT_TYPE | |
- DDEV_ROUTER_HTTP_PORT=$DDEV_ROUTER_HTTP_PORT | |
- DDEV_ROUTER_HTTPS_PORT=$DDEV_ROUTER_HTTPS_PORT | |
- DDEV_XDEBUG_ENABLED=$DDEV_XDEBUG_ENABLED | |
- DEPLOY_NAME=local | |
- VIRTUAL_HOST=$DDEV_HOSTNAME | |
- COLUMNS=$COLUMNS | |
- LINES=$LINES | |
- HTTP_EXPOSE=${DDEV_ROUTER_HTTP_PORT}:8080,8025 # <== CHANGED | |
- HTTPS_EXPOSE=${DDEV_ROUTER_HTTPS_PORT}:8080 # <== CHANGED | |
- SSH_AUTH_SOCK=/home/.ssh-agent/socket | |
labels: | |
com.ddev.site-name: ${DDEV_SITENAME} | |
com.ddev.platform: ddev | |
com.ddev.app-type: drupal8 | |
com.ddev.approot: $DDEV_APPROOT | |
com.ddev.app-url: $DDEV_URL | |
extra_hosts: ["host.docker.internal:172.17.0.1"] | |
external_links: | |
- ddev-router:$DDEV_HOSTNAME | |
dba: | |
container_name: ddev-${DDEV_SITENAME}-dba | |
image: $DDEV_DBAIMAGE | |
restart: "no" | |
labels: | |
com.ddev.site-name: ${DDEV_SITENAME} | |
com.ddev.platform: ddev | |
com.ddev.app-type: drupal8 | |
com.ddev.approot: $DDEV_APPROOT | |
com.ddev.app-url: $DDEV_URL | |
depends_on: | |
- db | |
links: | |
- db:db | |
ports: | |
- "80" | |
environment: | |
- PMA_USER=db | |
- PMA_PASSWORD=db | |
- VIRTUAL_HOST=$DDEV_HOSTNAME | |
# HTTP_EXPOSE allows for ports accepting HTTP traffic to be accessible from <site>.ddev.local:<port> | |
- HTTP_EXPOSE=8036 | |
networks: | |
default: | |
external: | |
name: ddev_default | |
volumes: | |
mariadb-database: | |
name: "${DDEV_SITENAME}-mariadb" | |
ddev-ssh-agent_socket_dir: | |
external: true | |
ddev-composer-cache: | |
name: ddev-composer-cache |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# ddev drupal8 config | |
# You can override ddev's configuration by placing an edited copy | |
# of this config (or one of the other ones) in .ddev/nginx-site.conf | |
# See https://ddev.readthedocs.io/en/stable/users/extend/customization-extendibility/#providing-custom-nginx-configuration | |
# Set https to 'on' if x-forwarded-proto is https | |
map $http_x_forwarded_proto $fcgi_https { | |
default off; | |
https on; | |
} | |
server { | |
listen 8080; # <==== PORT CHANGED TO 8080 | |
# The WEBSERVER_DOCROOT variable is substituted with | |
# its value when the container is started. | |
root $WEBSERVER_DOCROOT; | |
index index.php index.htm index.html; | |
# Make site accessible from http://localhost/ | |
server_name _; | |
# Disable sendfile as per https://docs.vagrantup.com/v2/synced-folders/virtualbox.html | |
sendfile off; | |
error_log /dev/stdout info; | |
access_log /var/log/nginx/access.log; | |
location / { | |
absolute_redirect off; | |
try_files $uri /index.php?$query_string; # For Drupal >= 7 | |
} | |
location @rewrite { | |
# For D7 and above: | |
# Clean URLs are handled in drupal_environment_initialize(). | |
rewrite ^ /index.php; | |
} | |
# Handle image styles for Drupal 7+ | |
location ~ ^/sites/.*/files/styles/ { | |
try_files $uri @rewrite; | |
} | |
# pass the PHP scripts to FastCGI server listening on socket | |
location ~ '\.php$|^/update.php' { | |
fastcgi_split_path_info ^(.+\.php)(/.+)$; | |
fastcgi_pass unix:/run/php-fpm.sock; | |
fastcgi_buffers 16 16k; | |
fastcgi_buffer_size 32k; | |
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |
fastcgi_param SCRIPT_NAME $fastcgi_script_name; | |
fastcgi_index index.php; | |
include fastcgi_params; | |
fastcgi_intercept_errors on; | |
# fastcgi_read_timeout should match max_execution_time in php.ini | |
fastcgi_read_timeout 10m; | |
fastcgi_param SERVER_NAME $host; | |
fastcgi_param HTTPS $fcgi_https; | |
} | |
# Expire rules for static content | |
# Feed | |
location ~* \.(?:rss|atom)$ { | |
expires 1h; | |
} | |
# Prevent clients from accessing hidden files (starting with a dot) | |
# This is particularly important if you store .htpasswd files in the site hierarchy | |
# Access to `/.well-known/` is allowed. | |
# https://www.mnot.net/blog/2010/04/07/well-known | |
# https://tools.ietf.org/html/rfc5785 | |
location ~* /\.(?!well-known\/) { | |
deny all; | |
} | |
# Prevent clients from accessing to backup/config/source files | |
location ~* (?:\.(?:bak|conf|dist|fla|in[ci]|log|psd|sh|sql|sw[op])|~)$ { | |
deny all; | |
} | |
## Regular private file serving (i.e. handled by Drupal). | |
location ^~ /system/files/ { | |
## For not signaling a 404 in the error log whenever the | |
## system/files directory is accessed add the line below. | |
## Note that the 404 is the intended behavior. | |
log_not_found off; | |
access_log off; | |
expires 30d; | |
try_files $uri @rewrite; | |
} | |
# Media: images, icons, video, audio, HTC | |
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { | |
try_files $uri @rewrite; | |
expires max; | |
log_not_found off; | |
} | |
## provide a health check endpoint | |
location /healthcheck { | |
access_log off; | |
stub_status on; | |
keepalive_timeout 0; # Disable HTTP keepalive | |
return 200; | |
} | |
error_page 400 401 /40x.html; | |
location = /40x.html { | |
root /usr/share/nginx/html; | |
} | |
location ~ ^/(phpstatus|ping)$ { | |
access_log off; | |
stub_status on; | |
keepalive_timeout 0; # Disable HTTP keepalive | |
allow 127.0.0.1; | |
allow all; | |
fastcgi_index index.php; | |
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |
include fastcgi_params; | |
fastcgi_pass unix:/run/php-fpm.sock; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment