fresh install docker 14.0.0-B1 account-profile-switcher 404 error with prefix www.exemple.com/prefix/

I mention that this solution works perfectly with docker without the "social" prefix in nginx.conf including loading images and processing them, the bug I mentioned before

image process thanks to this post: https://unacms.com/d/fresh-install-from-docker-images-don-t fix by https://unacms.com/u/cgouguen if you want to use docker you can find my complete solution here: https://github.com/olariuromeo/una

My steps:

version: '3'


networks:
  private_network:
    external: true


services:
    web:
        image: nginx:latest
        deploy:
            resources:
                limits:
                    cpus: '1.5'       # Limit the service to 1.5 CPUs
                    memory: 6G      # Limit the service to 512MB of memory
                reservations:
                    memory: 6G      # Soft limit: reserve 256MB of memory
        hostname: localhost
        domainname: www.exemple.com
        ports:
            - "8888:8888"
        volumes:
            - ./scripts/docker-compose/nginx.conf:/etc/nginx/conf.d/default.conf
            # - ./scripts/docker-compose/phpmyadmin.conf:/etc/nginx/conf.d/phpmyadmin.conf
            - ./:/opt/una
        depends_on:
            - php
        networks:
            - private_network
        extra_hosts:
            - "host.docker.internal:host-gateway"


    memcached:
        image: memcached:latest
        hostname: localhost
        ports:
            - "11211:11211"
        networks:
            - private_network
        extra_hosts:
            - "host.docker.internal:host-gateway"


    php:
        build:
            context: .
            dockerfile: scripts/docker-compose/PHP.Dockerfile
        deploy:
            resources:
                limits:
                    cpus: '2'       # Limit the service to 1.5 CPUs
                    memory: 12G      # Limit the service to 512MB of memory
                reservations:
                    memory: 12G      # Soft limit: reserve 256MB of memory
        hostname: localhost
        domainname: www.exemple.com
        volumes:
            - ./scripts/docker-compose/php.ini:/usr/local/etc/php/php.ini
            - ./scripts/docker-compose/www.conf:/usr/local/etc/php-fpm.d/www.conf
            - ./:/opt/una:Z
        depends_on:
            - mysql
        networks:
            - private_network
        env_file:
            - .env
        extra_hosts:
            - "host.docker.internal:host-gateway"


    cron:
        build:
            context: .
            dockerfile: scripts/docker-compose/Cron.Dockerfile
        deploy:
            resources:
                limits:
                    cpus: '1.5'       # Limit the service to 1.5 CPUs
                    memory: 8G      # Limit the service to 512MB of memory
                reservations:
                    memory: 8G      # Soft limit: reserve 256MB of memory
        hostname: localhost
        domainname: www.exemple.com
        volumes:
            - ./scripts/docker-compose/php.ini:/usr/local/etc/php/php.ini
            - ./scripts/docker-compose/www.conf:/usr/local/etc/php-fpm.d/www.conf
            - ./:/opt/una:Z
        depends_on:
            - mysql
        networks:
            - private_network
        env_file:
            - .env
        extra_hosts:
            - "host.docker.internal:host-gateway"


    mysql:
        image: mariadb:latest
        environment:
            MYSQL_ROOT_PASSWORD: 'password'
            MYSQL_USER: 'exemple'
            MYSQL_PASSWORD: 'password'
            MYSQL_DATABASE: 'exemple'
        volumes:
            - mysqldata:/var/lib/mysql
            - ./scripts/docker-compose/db_dump.sql:/docker-entrypoint-initdb.d/db_dump.sql
            - ./scripts/docker-compose/mysqld.cnf:/etc/mysql/conf.d/mysqld.cnf
        ports:
            - 3306:3306
        networks:
            - private_network
        extra_hosts:
            - "host.docker.internal:host-gateway"


    jot:
        image: unaio/jot-server:latest
        hostname: localhost
        domainname: www.exemple.com
        restart: always
        ports:
            - 5000:5000
        networks:
            - private_network
        extra_hosts:
            - "host.docker.internal:host-gateway"


volumes:
    mysqldata: {}
## clone una
```bash
gh repo clone unacms/una

```
# go to una folder
```bash
## cd una
```
# swich the tag

```bash
git checkout 14.0.0-B1
```
## 1. Installing Composer

Begin by downloading the Docker image for Composer using the following command:

```bash
docker pull composer/composer
```
## 2. Installing PHP Dependencies using Composer
After downloading the Docker image for Composer, run the following command to install the PHP dependencies of the application:

```bash
docker run --rm -it -v "$(pwd):/app" composer/composer install
```
This command will run Composer in a Docker container, and the PHP dependencies will be installed in the current directory.

## 3. Setting Permissions
Before running the Docker containers, ensure that proper permissions are set for directories and files. Follow the instructions below to set permissions:

create file

```bash
vim set_permissions.sh
```
# copy the instruction below
```sh
#!/bin/bash
# set_permissions.sh
sudo chown -R www-data:www-data .
sudo find ./ -type d -exec chmod 775 {} \;
sudo find ./ -type f -exec chmod 644 {} \;


# Set execute permissions for ffmpeg.exe
chmod +x ./plugins/ffmpeg/ffmpeg.exe
chmod +x ./periodic/cron.php
chmod +x ./image_transcoder.php
# Set permissions for the specified directories
chmod 777 ./inc
chmod 777 ./cache
chmod 777 ./cache_public
chmod 777 ./logs
chmod 777 ./tmp
chmod 777 ./storage
chmod 777 ./periodic
```

Make sure you are in the root directory of the application.

Make the set_permissions.sh script executable using the command:

```bash

chmod +x set_permissions.sh

```

Run the set_permissions.sh script using the command:

```bash
sudo ./set_permissions.sh
```


This will automatically apply the appropriate permissions for all directories and files specified in the script.

## 4 Add .env variable

UNA_HTTP_HOST=www.exemple.com


UNA_SITE_TITLE=Exemple
UNA_SITE_EMAIL=no-reply@exemple.com
UNA_ADMIN_USERNAME=exemple
UNA_ADMIN_EMAIL=contact@exemple.com
UNA_KEY=key
UNA_SECRET=2secret

# MYSQL
MYSQL_ROOT_PASSWORD=pasword
MYSQL_USER=exemple
MYSQL_PASSWORD=pasword
MYSQL_DATABASE=exemple

UNA_DB_HOST=host.docker.internal
UNA_AUTO_HOSTNAME=1

## 5. Running Docker Containers using docker-compose

To run the application, use docker-compose. Make sure you have a properly configured docker-compose.yml file for your application.

```bash
docker-compose up
```


This command will start the Docker containers according to the specifications in the docker-compose.yml file, allowing you to run the application.



This guide details the steps to download Composer using Docker, install PHP dependencies using Composer, and run the application using Docker Compose. The `INSTALL.md` file should serve as a helpful guide for someone looking to install and run your application using Docker and Composer.

the studio works correctly, I can install any application as well as the index from the site, but I cannot create profiles get nginx error if I want to add a prefix, in https://www.exemple.com/social/account-profile-switcher I mention that without a prefix, adding profiles works correctly, but if I add the "social" prefix, for example the page, it is not found.

404 Not Found
nginx/1.25.5

Thanks to Alex, I added this modification after installation in the hope that it will help me: on inc/header.inc.php: https://unacms.com/cmts-view/z9tfe0?sys=bx_forum&cmt_id=48608

/// define('BX_DOL_URL_ROOT', 'https://www.exemple.com/prefix/'); ///< site url
define('BX_DOL_URL_ROOT', ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') || (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' || !empty($_SERVER['HTTP_X_FORWARDED_SSL']) && $_SERVER['HTTP_X_FORWARDED_SSL'] == 'on') ? 'https' : 'http') . '://' . (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'https://www.exemple.com/') . '/prefix/');


caddyfile config:

{
  admin off
}
#{
#     servers {
#     metrics
#    }
#    admin :2019
#}


{$EXEMPLE_HOSTNAME} {
  log {
        output discard
  }
 # log access-formatted {#     include http.log.access.{$EXEMPLE_HOSTNAME}#     output file /var/log/access-{$EXEMPLE_HOSTNAME}.log#     format transform "{common_log}"# } {#      output file /var/log/caddy/access.log#      format single_field common_log# }


  tls {$EXEMPLE_TLS}


  @api {
        path /config
        path /healthz
        path /stats/errors
        path /stats/checker
  }


  @static {
        path /static
  }


  @notstatic {
        not path /static
  }


  @imageproxy {
        path /image_proxy
  }


  @notimageproxy {
        not path /image_proxy
  }


  header {
        # Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS
        Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"


        # Enable cross-site filter (XSS) and tell browser to block detected attacks
        X-XSS-Protection "1; mode=block"


        # Prevent some browsers from MIME-sniffing a response away from the declared Content-Type
        X-Content-Type-Options "nosniff"


        # Disable some features
        Permissions-Policy "accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),encrypted-media=(),focus-without-user-activation=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),speaker=(),sync-xhr=(),usb=(),vr=()"


        # Disable some features (legacy)
        Feature-Policy "accelerometer 'none';ambient-light-sensor 'none'; autoplay 'none';camera 'none';encrypted-media 'none';focus-without-user-activation 'none'; geolocation 'none';gyroscope 'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none'; speaker 'none';sync-xhr 'none';usb 'none';vr 'none'"


        # Referer# Referrer-Policy "no-referrer"
        
        # Add protection fail2ban
        Referrer-Policy "strict-origin-when-cross-origin"


        # X-Robots-Tag
        X-Robots-Tag "noindex, noarchive, nofollow"


        # Remove Server header
        -Server
  }


  header @api {
        Access-Control-Allow-Methods "GET, OPTIONS"
        Access-Control-Allow-Origin  "*"
  }


  # Cache
  header @static {
        # Cache
        Cache-Control "public, max-age=31536000, must-revalidate"
        defer
  }


  header @notstatic {
        # No Cache
        Cache-Control "no-cache, no-store"
        Pragma "no-cache"
  }


  # CSP (see http://content-security-policy.com/ )
  header @imageproxy {
        # Content-Security-Policy "default-src 'none'; img-src 'self' data:"
        Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; manifest-src 'self'"
  }


   @notimageproxy {#      # Content-Security-Policy "upgrade-insecure-requests; default-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; form-action 'self' https://github.com/exemple/exemple/issues/new; font-src 'self'; frame-ancestors 'self'; base-uri 'self'; connect-src 'self' https://overpass-api.de; img-src 'self' data: https://*.tile.openstreetmap.org; frame-src https://www.youtube-nocookie.com https://player.vimeo.com https://www.dailymotion.com https://www.deezer.com https://www.mixcloud.com https://w.soundcloud.com https://embed.spotify.com"#     Content-Security-Policy "upgrade-insecure-requests; default-src 'none'; style-src 'self' 'unsafe-inline'; form-action 'self' https://github.com/exemple/exemple/issues/new; font-src 'self'; frame-ancestors 'self'; base-uri 'self'; connect-src 'self' https://overpass-api.de; img-src 'self' data: https://*.tile.openstreetmap.org; frame-src https://www.youtube-nocookie.com https://player.vimeo.com https://www.dailymotion.com https://www.deezer.com https://www.mixcloud.com https://w.soundcloud.com https://embed.spotify.com"#    }


  # www.exemple.com proxy server
  handle {
        encode zstd gzip


        reverse_proxy localhost:8181 {
               header_up X-Forwarded-Port {http.request.port}
               # header_up X-Forwarded-Proto {http.request.scheme}
               header_up X-Real-IP {remote_host}
        }


  }


  # www.exemple.com/prefix proxy server
  handle_path /prefix/* {
      encode zstd gzip


      reverse_proxy localhost:9999 {
          header_up X-Forwarded-Port {http.request.port}
          # header_up X-Forwarded-Proto {http.request.scheme}
          header_up X-Real-IP {remote_host}
      }


  }


}



{$EXEMPLE_DOMAIN_HOSTNAME} {
      log {
            output discard
      }


      tls {$EXEMPLE_TLS}


      redir https://www.{host}
  }

nginx.conf

server {
    listen 9999 default_server;
    server_name localhost;


    root /opt/una;


    client_max_body_size 1024M;
    ## Timeouts## request timed out -- default 60# read timeout for the request body from client, its set for testing purpose
    client_body_timeout   900;


    # how long to wait for the client to send a request header, its set for testing purpose
    client_header_timeout 900;


    # server will close connection after this time
    keepalive_timeout 900;


    ## if client stop responding, free up memory -- default 60
    send_timeout 900;


    ## Reset lingering timed out connections. Deflect DDoS.## allow the server to close connection on non responding client, this will free up memory
    reset_timedout_connection on;


    proxy_connect_timeout 3600;
    proxy_send_timeout 3600;
    proxy_read_timeout 3600;


    location / {
        index index.html index.htm index.php;


        rewrite "^/social/page/(.*)$" /social/page.php?i=$1 last;
        rewrite "^/social/m/(.*)$" /social/modules/index.php?r=$1 last;
        rewrite "^/social/s/([a-zA-Z0-9_]+)/([a-zA-Z0-9\.]+)" /social/storage.php?o=$1&f=$2 last;


        if (!-e $request_filename) {
            rewrite  ^/social/(.+)$  /social/r.php?_q=$1  last;
            break;
        }
    }


    index index.php index.html index.htm;


    location ~ \.php$ {
        fastcgi_pass php:9000;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;


        # Adăugați aceste setări de timeout
        fastcgi_connect_timeout 3600;
        fastcgi_send_timeout 3600;
        fastcgi_read_timeout 3600;
        fastcgi_buffer_size 128k;
        fastcgi_buffers 4 256k;
        fastcgi_busy_buffers_size 256k;
        fastcgi_temp_file_write_size 256k;
    }


    ############################################################################# HSTS policy                                                           #############################################################################
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header X-XSS-Protection "1; mode=block" always;
    add_header X-Content-Type-Options "nosniff" always;
    # add_header Content-Security-Policy "default-src 'self'" always;
    add_header Referrer-Policy "strict-origin-when-cross-origin" always;


    ############################################################################# serve static files directly Tanks to Alex T https://una.io/u/alex-t   #############################################################################
    location ~* ^(/cache_public/|/plugins_public/|/modules/|/studio/|/template/).+\.(jpg|jpeg|gif|css|png|js|ico|svg|eot|ttf|woff|woff2|)$ {
        access_log        off;
        expires           1h;
        # root /opt/una# add_header Cache-Control "public";
        try_files       $uri =404;
    }


    ############################################################################# deny access to hidden files                                           #############################################################################
    location ~ /(\.ht|\.git) {
        deny  all;
    }


    ############################################################################# deny access to specific folders                                       #############################################################################
    location ~ ^/(cache/|storage/|logs/|plugins/|tmp/) {
        deny  all;
    }


}
  • 259
  • More
Replies (1)
    Login or Join to comment.