Cannot serve directory /opt/bitnami/wordpress/: No matching DirectoryIndex after

[mike12806]

Name and Version

wordpress:21.0.6

What architecture are you using?

amd64

What steps will reproduce the bug?

Upgrade chart from 20.1.2 using below values.yaml to 21.0.6 and then try to load site and getting a "Forbidden" error from PHP web server

Are you using any custom parameters or values?

affinity: {}
allowEmptyPassword: false
allowOverrideNone: false
apacheConfiguration: ''
args: []
automountServiceAccountToken: false
autoscaling:
  enabled: false
  maxReplicas: 5
  minReplicas: 1
  targetCPU: 50
  targetMemory: 50
clusterDomain: cluster.local
command: []
commonAnnotations: {}
commonLabels: {}
containerPorts:
  http: 8080
  https: 8443
containerSecurityContext:
  allowPrivilegeEscalation: false
  capabilities:
    drop:
      - ALL
  enabled: true
  privileged: false
  readOnlyRootFilesystem: true
  runAsGroup: 1001
  runAsNonRoot: true
  runAsUser: 1001
  seLinuxOptions: {}
  seccompProfile:
    type: RuntimeDefault
customHTAccessCM: ''
customLivenessProbe: {}
customPostInitScripts: {}
customReadinessProbe: {}
customStartupProbe: {}
diagnosticMode:
  args:
    - infinity
  command:
    - sleep
  enabled: false
existingApacheConfigurationConfigMap: ''
existingSecret: ''
existingWordPressConfigurationSecret: ''
externalCache:
  host: localhost
  port: 11211
externalDatabase:
  database: bitnami_wordpress
  existingSecret: ''
  host: localhost
  password: REDACTED
  port: 3306
  user: bn_wordpress
extraContainerPorts: []
extraDeploy: []
extraEnvVars: []
extraEnvVarsCM: ''
extraEnvVarsSecret: ''
extraVolumeMounts: []
extraVolumes: []
fullnameOverride: ''
global:
  compatibility:
    openshift:
      adaptSecurityContext: auto
  imagePullSecrets: []
  imageRegistry: ''
  storageClass: longhorn
  cattle:
    clusterId: c-m-dwm6xthz
    systemProjectId: p-n4j7m
    url: https://192.168.1.112
hostAliases:
  - hostnames:
      - status.localhost
    ip: 127.0.0.1
htaccessPersistenceEnabled: false
image:
  debug: false
  digest: ''
  pullPolicy: IfNotPresent
  pullSecrets: []
  registry: docker.io
  repository: bitnami/wordpress
  tag: latest
ingress:
  annotations: {}
  apiVersion: ''
  enabled: false
  extraHosts: []
  extraPaths: []
  extraRules: []
  extraTls: []
  hostname: wordpress.local
  ingressClassName: ''
  path: /
  pathType: ImplementationSpecific
  secrets: []
  selfSigned: false
  tls: false
  tlsWwwPrefix: false
initContainers: []
kubeVersion: ''
lifecycleHooks: {}
livenessProbe:
  enabled: true
  failureThreshold: 6
  httpGet:
    httpHeaders: []
    path: /wp-admin/install.php
    port: '{{ .Values.wordpressScheme }}'
    scheme: '{{ .Values.wordpressScheme | upper }}'
  initialDelaySeconds: 120
  periodSeconds: 10
  successThreshold: 1
  timeoutSeconds: 5
mariadb:
  architecture: standalone
  auth:
    database: bitnami_wordpress
    password: REDACTED
    rootPassword: REDACTED
    username: bn_wordpress
  enabled: true
  primary:
    persistence:
      accessModes:
        - ReadWriteOnce
      enabled: true
      size: 60Gi
      storageClass: longhorn
      existingClaim: data-wordpress-mariadb-0
    resources: {}
    resourcesPreset: micro
memcached:
  auth:
    enabled: false
    existingPasswordSecret: ''
    password: REDACTED
    username: admin
  enabled: true
  resources: {}
  resourcesPreset: nano
  service:
    port: 11211
metrics:
  containerPorts:
    metrics: 9117
  containerSecurityContext:
    allowPrivilegeEscalation: false
    capabilities:
      drop:
        - ALL
    enabled: true
    privileged: false
    readOnlyRootFilesystem: false
    runAsNonRoot: true
    runAsUser: 1001
    seLinuxOptions: {}
    seccompProfile:
      type: RuntimeDefault
  customLivenessProbe: {}
  customReadinessProbe: {}
  customStartupProbe: {}
  enabled: true
  image:
    digest: ''
    pullPolicy: IfNotPresent
    pullSecrets: []
    registry: docker.io
    repository: bitnami/apache-exporter
    tag: 1.0.1-debian-11-r32
  livenessProbe:
    enabled: true
    failureThreshold: 3
    initialDelaySeconds: 15
    periodSeconds: 10
    successThreshold: 1
    timeoutSeconds: 5
  readinessProbe:
    enabled: true
    failureThreshold: 3
    initialDelaySeconds: 5
    periodSeconds: 10
    successThreshold: 1
    timeoutSeconds: 3
  resources: {}
  resourcesPreset: nano
  service:
    annotations:
      prometheus.io/port: '{{ .Values.metrics.containerPorts.metrics }}'
      prometheus.io/scrape: 'true'
    ports:
      metrics: 9150
  serviceMonitor:
    enabled: false
    honorLabels: false
    interval: ''
    jobLabel: ''
    labels: {}
    metricRelabelings: []
    namespace: ''
    relabelings: []
    scrapeTimeout: ''
    selector: {}
  startupProbe:
    enabled: false
    failureThreshold: 15
    initialDelaySeconds: 10
    periodSeconds: 10
    successThreshold: 1
    timeoutSeconds: 1
multisite:
  enable: false
  enableNipIoRedirect: false
  host: ''
  networkType: subdomain
nameOverride: ''
networkPolicy:
  allowExternal: true
  allowExternalEgress: true
  enabled: true
  extraEgress: []
  extraIngress: []
  ingressNSMatchLabels: {}
  ingressNSPodMatchLabels: {}
nodeAffinityPreset:
  key: ''
  type: ''
  values: []
nodeSelector: {}
overrideDatabaseSettings: false
pdb:
  create: false
  maxUnavailable: ''
  minAvailable: 1
persistence:
  accessMode: ReadWriteOnce
  accessModes:
    - ReadWriteOnce
  annotations: {}
  dataSource: {}
  enabled: true
  existingClaim: wordpress
  selector: {}
  size: 60Gi
  storageClass: longhorn
podAffinityPreset: ''
podAnnotations: {}
podAntiAffinityPreset: soft
podLabels: {}
podSecurityContext:
  enabled: true
  fsGroup: 1001
  fsGroupChangePolicy: Always
  supplementalGroups: []
  sysctls: []
priorityClassName: ''
readinessProbe:
  enabled: true
  failureThreshold: 6
  httpGet:
    httpHeaders: []
    path: /wp-login.php
    port: '{{ .Values.wordpressScheme }}'
    scheme: '{{ .Values.wordpressScheme | upper }}'
  initialDelaySeconds: 30
  periodSeconds: 10
  successThreshold: 1
  timeoutSeconds: 5
replicaCount: 1
resources: {}
resourcesPreset: micro
schedulerName: ''
service:
  annotations: {}
  clusterIP: ''
  externalTrafficPolicy: Cluster
  extraPorts: []
  httpsTargetPort: https
  loadBalancerIP: 192.168.1.3
  loadBalancerSourceRanges: []
  nodePorts:
    http: ''
    https: ''
  ports:
    http: 33880
    https: 33443
  sessionAffinity: None
  sessionAffinityConfig: {}
  type: LoadBalancer
serviceAccount:
  annotations: {}
  automountServiceAccountToken: false
  create: true
  name: ''
sidecars: []
smtpExistingSecret: ''
smtpHost: smtp.gmail.com
smtpPassword: REDACTED
smtpPort: '587'
smtpProtocol: tls
smtpUser: REDACTED
startupProbe:
  enabled: false
  failureThreshold: 6
  httpGet:
    httpHeaders: []
    path: /wp-login.php
    port: '{{ .Values.wordpressScheme }}'
    scheme: '{{ .Values.wordpressScheme | upper }}'
  initialDelaySeconds: 30
  periodSeconds: 10
  successThreshold: 1
  timeoutSeconds: 5
terminationGracePeriodSeconds: ''
tolerations: []
topologySpreadConstraints: []
updateStrategy:
  type: Recreate
volumePermissions:
  containerSecurityContext:
    runAsUser: 0
    seLinuxOptions: {}
  enabled: false
  image:
    digest: ''
    pullPolicy: IfNotPresent
    pullSecrets: []
    registry: docker.io
    repository: bitnami/os-shell
    tag: 11-debian-11-r54
  resources: {}
  resourcesPreset: nano
wordpressBlogName: Mike's Blog
wordpressConfiguration: ''
wordpressConfigureCache: true
wordpressEmail: REDACTED
wordpressExtraConfigContent: ''
wordpressFirstName: REDACTED
wordpressLastName: REDACTED
wordpressPassword: REDACTED
wordpressPlugins: none
wordpressScheme: https
wordpressSkipInstall: false
wordpressTablePrefix: wp_
wordpressUsername: REDACTED

What is the expected behavior?

Blog to load

What do you see instead?

A page served by Wordpress that says "Forbidden"

Additional information

Reverting back to 20.1.2 restored functionality so I suspect a possible change from security settings is breaking here?

Tried setting readOnlyRootFilesystem = false and runasgroup = 0 but that didn't work either

Error message: AH01276: Cannot serve directory /opt/bitnami/wordpress/: No matching DirectoryIndex

[javsalgar]

Hi,

Could you make sure that you are using this exact tag? docker.io/bitnami/wordpress:6.4.3-debian-12-r28

[mike12806]

Hi,

Could you make sure that you are using this exact tag? docker.io/bitnami/wordpress:6.4.3-debian-12-r28

That fixed it - thanks so much!