fresh install docker 14.0.0-B1 account-profile-switcher 404 error with prefix www.exemple.com/prefix/
I mention that this solution works perfectly with docker without the "social" prefix in nginx.conf including loading images and processing them, the bug I mentioned before
image process thanks to this post: https://unacms.com/d/fresh-install-from-docker-images-don-t fix by https://unacms.com/u/cgouguen if you want to use docker you can find my complete solution here: https://github.com/olariuromeo/una
My steps:
version: '3'
networks:
private_network:
external: true
services:
web:
image: nginx:latest
deploy:
resources:
limits:
cpus: '1.5' # Limit the service to 1.5 CPUs
memory: 6G # Limit the service to 512MB of memory
reservations:
memory: 6G # Soft limit: reserve 256MB of memory
hostname: localhost
domainname: www.exemple.com
ports:
- "8888:8888"
volumes:
- ./scripts/docker-compose/nginx.conf:/etc/nginx/conf.d/default.conf
# - ./scripts/docker-compose/phpmyadmin.conf:/etc/nginx/conf.d/phpmyadmin.conf
- ./:/opt/una
depends_on:
- php
networks:
- private_network
extra_hosts:
- "host.docker.internal:host-gateway"
memcached:
image: memcached:latest
hostname: localhost
ports:
- "11211:11211"
networks:
- private_network
extra_hosts:
- "host.docker.internal:host-gateway"
php:
build:
context: .
dockerfile: scripts/docker-compose/PHP.Dockerfile
deploy:
resources:
limits:
cpus: '2' # Limit the service to 1.5 CPUs
memory: 12G # Limit the service to 512MB of memory
reservations:
memory: 12G # Soft limit: reserve 256MB of memory
hostname: localhost
domainname: www.exemple.com
volumes:
- ./scripts/docker-compose/php.ini:/usr/local/etc/php/php.ini
- ./scripts/docker-compose/www.conf:/usr/local/etc/php-fpm.d/www.conf
- ./:/opt/una:Z
depends_on:
- mysql
networks:
- private_network
env_file:
- .env
extra_hosts:
- "host.docker.internal:host-gateway"
cron:
build:
context: .
dockerfile: scripts/docker-compose/Cron.Dockerfile
deploy:
resources:
limits:
cpus: '1.5' # Limit the service to 1.5 CPUs
memory: 8G # Limit the service to 512MB of memory
reservations:
memory: 8G # Soft limit: reserve 256MB of memory
hostname: localhost
domainname: www.exemple.com
volumes:
- ./scripts/docker-compose/php.ini:/usr/local/etc/php/php.ini
- ./scripts/docker-compose/www.conf:/usr/local/etc/php-fpm.d/www.conf
- ./:/opt/una:Z
depends_on:
- mysql
networks:
- private_network
env_file:
- .env
extra_hosts:
- "host.docker.internal:host-gateway"
mysql:
image: mariadb:latest
environment:
MYSQL_ROOT_PASSWORD: 'password'
MYSQL_USER: 'exemple'
MYSQL_PASSWORD: 'password'
MYSQL_DATABASE: 'exemple'
volumes:
- mysqldata:/var/lib/mysql
- ./scripts/docker-compose/db_dump.sql:/docker-entrypoint-initdb.d/db_dump.sql
- ./scripts/docker-compose/mysqld.cnf:/etc/mysql/conf.d/mysqld.cnf
ports:
- 3306:3306
networks:
- private_network
extra_hosts:
- "host.docker.internal:host-gateway"
jot:
image: unaio/jot-server:latest
hostname: localhost
domainname: www.exemple.com
restart: always
ports:
- 5000:5000
networks:
- private_network
extra_hosts:
- "host.docker.internal:host-gateway"
volumes:
mysqldata: {}
## clone una
```bash
gh repo clone unacms/una
```
# go to una folder
```bash
## cd una
```
# swich the tag
```bash
git checkout 14.0.0-B1
```
## 1. Installing Composer
Begin by downloading the Docker image for Composer using the following command:
```bash
docker pull composer/composer
```
## 2. Installing PHP Dependencies using Composer
After downloading the Docker image for Composer, run the following command to install the PHP dependencies of the application:
```bash
docker run --rm -it -v "$(pwd):/app" composer/composer install
```
This command will run Composer in a Docker container, and the PHP dependencies will be installed in the current directory.
## 3. Setting Permissions
Before running the Docker containers, ensure that proper permissions are set for directories and files. Follow the instructions below to set permissions:
create file
```bash
vim set_permissions.sh
```
# copy the instruction below
```sh
#!/bin/bash
# set_permissions.sh
sudo chown -R www-data:www-data .
sudo find ./ -type d -exec chmod 775 {} \;
sudo find ./ -type f -exec chmod 644 {} \;
# Set execute permissions for ffmpeg.exe
chmod +x ./plugins/ffmpeg/ffmpeg.exe
chmod +x ./periodic/cron.php
chmod +x ./image_transcoder.php
# Set permissions for the specified directories
chmod 777 ./inc
chmod 777 ./cache
chmod 777 ./cache_public
chmod 777 ./logs
chmod 777 ./tmp
chmod 777 ./storage
chmod 777 ./periodic
```
Make sure you are in the root directory of the application.
Make the set_permissions.sh script executable using the command:
```bash
chmod +x set_permissions.sh
```
Run the set_permissions.sh script using the command:
```bash
sudo ./set_permissions.sh
```
This will automatically apply the appropriate permissions for all directories and files specified in the script.
## 4 Add .env variable
UNA_HTTP_HOST=www.exemple.com
UNA_SITE_TITLE=Exemple
UNA_SITE_EMAIL=no-reply@exemple.com
UNA_ADMIN_USERNAME=exemple
UNA_ADMIN_EMAIL=contact@exemple.com
UNA_KEY=key
UNA_SECRET=2secret
# MYSQL
MYSQL_ROOT_PASSWORD=pasword
MYSQL_USER=exemple
MYSQL_PASSWORD=pasword
MYSQL_DATABASE=exemple
UNA_DB_HOST=host.docker.internal
UNA_AUTO_HOSTNAME=1
## 5. Running Docker Containers using docker-compose
To run the application, use docker-compose. Make sure you have a properly configured docker-compose.yml file for your application.
```bash
docker-compose up
```
This command will start the Docker containers according to the specifications in the docker-compose.yml file, allowing you to run the application.
This guide details the steps to download Composer using Docker, install PHP dependencies using Composer, and run the application using Docker Compose. The `INSTALL.md` file should serve as a helpful guide for someone looking to install and run your application using Docker and Composer.
the studio works correctly, I can install any application as well as the index from the site, but I cannot create profiles get nginx error if I want to add a prefix, in https://www.exemple.com/social/account-profile-switcher I mention that without a prefix, adding profiles works correctly, but if I add the "social" prefix, for example the page, it is not found.
404 Not Found nginx/1.25.5
Thanks to Alex, I added this modification after installation in the hope that it will help me: on inc/header.inc.php: https://unacms.com/cmts-view/z9tfe0?sys=bx_forum&cmt_id=48608
/// define('BX_DOL_URL_ROOT', 'https://www.exemple.com/prefix/'); ///< site url
define('BX_DOL_URL_ROOT', ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') || (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' || !empty($_SERVER['HTTP_X_FORWARDED_SSL']) && $_SERVER['HTTP_X_FORWARDED_SSL'] == 'on') ? 'https' : 'http') . '://' . (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'https://www.exemple.com/') . '/prefix/');
caddyfile config:
{
admin off
}
#{
# servers {
# metrics
# }
# admin :2019
#}
{$EXEMPLE_HOSTNAME} {
log {
output discard
}
# log access-formatted {# include http.log.access.{$EXEMPLE_HOSTNAME}# output file /var/log/access-{$EXEMPLE_HOSTNAME}.log# format transform "{common_log}"# }#log {# output file /var/log/caddy/access.log# format single_field common_log# }
tls {$EXEMPLE_TLS}
@api {
path /config
path /healthz
path /stats/errors
path /stats/checker
}
@static {
path /static
}
@notstatic {
not path /static
}
@imageproxy {
path /image_proxy
}
@notimageproxy {
not path /image_proxy
}
header {
# Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
# Enable cross-site filter (XSS) and tell browser to block detected attacks
X-XSS-Protection "1; mode=block"
# Prevent some browsers from MIME-sniffing a response away from the declared Content-Type
X-Content-Type-Options "nosniff"
# Disable some features
Permissions-Policy "accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),encrypted-media=(),focus-without-user-activation=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),speaker=(),sync-xhr=(),usb=(),vr=()"
# Disable some features (legacy)
Feature-Policy "accelerometer 'none';ambient-light-sensor 'none'; autoplay 'none';camera 'none';encrypted-media 'none';focus-without-user-activation 'none'; geolocation 'none';gyroscope 'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none'; speaker 'none';sync-xhr 'none';usb 'none';vr 'none'"
# Referer# Referrer-Policy "no-referrer"
# Add protection fail2ban
Referrer-Policy "strict-origin-when-cross-origin"
# X-Robots-Tag
X-Robots-Tag "noindex, noarchive, nofollow"
# Remove Server header
-Server
}
header @api {
Access-Control-Allow-Methods "GET, OPTIONS"
Access-Control-Allow-Origin "*"
}
# Cache
header @static {
# Cache
Cache-Control "public, max-age=31536000, must-revalidate"
defer
}
header @notstatic {
# No Cache
Cache-Control "no-cache, no-store"
Pragma "no-cache"
}
# CSP (see http://content-security-policy.com/ )
header @imageproxy {
# Content-Security-Policy "default-src 'none'; img-src 'self' data:"
Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; manifest-src 'self'"
}
#header @notimageproxy {# # Content-Security-Policy "upgrade-insecure-requests; default-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; form-action 'self' https://github.com/exemple/exemple/issues/new; font-src 'self'; frame-ancestors 'self'; base-uri 'self'; connect-src 'self' https://overpass-api.de; img-src 'self' data: https://*.tile.openstreetmap.org; frame-src https://www.youtube-nocookie.com https://player.vimeo.com https://www.dailymotion.com https://www.deezer.com https://www.mixcloud.com https://w.soundcloud.com https://embed.spotify.com"# Content-Security-Policy "upgrade-insecure-requests; default-src 'none'; style-src 'self' 'unsafe-inline'; form-action 'self' https://github.com/exemple/exemple/issues/new; font-src 'self'; frame-ancestors 'self'; base-uri 'self'; connect-src 'self' https://overpass-api.de; img-src 'self' data: https://*.tile.openstreetmap.org; frame-src https://www.youtube-nocookie.com https://player.vimeo.com https://www.dailymotion.com https://www.deezer.com https://www.mixcloud.com https://w.soundcloud.com https://embed.spotify.com"# }
# www.exemple.com proxy server
handle {
encode zstd gzip
reverse_proxy localhost:8181 {
header_up X-Forwarded-Port {http.request.port}
# header_up X-Forwarded-Proto {http.request.scheme}
header_up X-Real-IP {remote_host}
}
}
# www.exemple.com/prefix proxy server
handle_path /prefix/* {
encode zstd gzip
reverse_proxy localhost:9999 {
header_up X-Forwarded-Port {http.request.port}
# header_up X-Forwarded-Proto {http.request.scheme}
header_up X-Real-IP {remote_host}
}
}
}
{$EXEMPLE_DOMAIN_HOSTNAME} {
log {
output discard
}
tls {$EXEMPLE_TLS}
redir https://www.{host}
}
nginx.conf
server {
listen 9999 default_server;
server_name localhost;
root /opt/una;
client_max_body_size 1024M;
## Timeouts## request timed out -- default 60# read timeout for the request body from client, its set for testing purpose
client_body_timeout 900;
# how long to wait for the client to send a request header, its set for testing purpose
client_header_timeout 900;
# server will close connection after this time
keepalive_timeout 900;
## if client stop responding, free up memory -- default 60
send_timeout 900;
## Reset lingering timed out connections. Deflect DDoS.## allow the server to close connection on non responding client, this will free up memory
reset_timedout_connection on;
proxy_connect_timeout 3600;
proxy_send_timeout 3600;
proxy_read_timeout 3600;
location / {
index index.html index.htm index.php;
rewrite "^/social/page/(.*)$" /social/page.php?i=$1 last;
rewrite "^/social/m/(.*)$" /social/modules/index.php?r=$1 last;
rewrite "^/social/s/([a-zA-Z0-9_]+)/([a-zA-Z0-9\.]+)" /social/storage.php?o=$1&f=$2 last;
if (!-e $request_filename) {
rewrite ^/social/(.+)$ /social/r.php?_q=$1 last;
break;
}
}
index index.php index.html index.htm;
location ~ \.php$ {
fastcgi_pass php:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
# Adăugați aceste setări de timeout
fastcgi_connect_timeout 3600;
fastcgi_send_timeout 3600;
fastcgi_read_timeout 3600;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
}
############################################################################# HSTS policy #############################################################################
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
# add_header Content-Security-Policy "default-src 'self'" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
############################################################################# serve static files directly Tanks to Alex T https://una.io/u/alex-t #############################################################################
location ~* ^(/cache_public/|/plugins_public/|/modules/|/studio/|/template/).+\.(jpg|jpeg|gif|css|png|js|ico|svg|eot|ttf|woff|woff2|)$ {
access_log off;
expires 1h;
# root /opt/una# add_header Cache-Control "public";
try_files $uri =404;
}
############################################################################# deny access to hidden files #############################################################################
location ~ /(\.ht|\.git) {
deny all;
}
############################################################################# deny access to specific folders #############################################################################
location ~ ^/(cache/|storage/|logs/|plugins/|tmp/) {
deny all;
}
}