reynoldsalec
commented
3 months ago @jffranck can you paste your entire Landofile? Curious if you're specifying an nginx version or making any other changes.
Open jffranck opened 3 months ago
reynoldsalec
commented
3 months ago @jffranck can you paste your entire Landofile? Curious if you're specifying an nginx version or making any other changes.
jffranck
commented
3 months ago Hi @reynoldsalec, Of course, here is my landofile:
name: project
recipe: drupal10
config:
php: '8.3'
via: nginx:1.24
webroot: web
database: mysql:8.0
drush: true
xdebug: true
config:
vhosts: docker/app/nginx/default.conf
php: docker/app/php/php.ini
proxy:
appserver_nginx:
- local.project.com
- project.lndo.site
services:
solr:
type: solr:8
core: project
forwardedport: true
config:
dir: docker/solr/config
phpmyadmin:
type: phpmyadmin
nodejs:
type: node:20
appserver:
build_as_root:
- apt-get update -y
- export DEBIAN_FRONTEND=noninteractive
- apt-get install cron -yq
- ln -snf /usr/share/zoneinfo/Europe/Paris /etc/localtime
- echo "Europe/Paris" > /etc/timezone
- echo "$CRON_FREQUENCY root drush cron -y" >> /etc/cron.d/project
- mkdir -p /scripts
- ln -s /app/docker/app/scripts/cron.sh /scripts/900-cron
appserver_nginx:
build_as_root:
- sed -i "s/daemon/www-data/" /opt/bitnami/scripts/nginx-env.sh
tooling:
npm:
description: Run npm command in the project_b5 theme
service: nodejs
dir: /app/web/themes/custom/project_b5
dfp:
description: Run the drupal_fix_permissions script
service: appserver
cmd: /app/vendor/metadrop/drupal-fix-permissions/drupal_fix_permissions.sh -u=www-data -g=www-data -p=/app/web
user: root
angarsky
commented
1 week ago @jffranck is right: something were broken in the configuration of NGINX container or the Drupal recipe. I had a stable local Lando environment for one of my Drupal projects. I didn't touch this project (and even any Drupal project locally) for a couple of months: I guess the most recent Lando build for a Drupal I did in the beginning of summer or even earlier.
Today I've done a rebuild of the project and got 403 error for JS/CSS assets.
Lando configuration (Docker Desktop 4.35.1, macOS Sonoma 14.5):
name: edume
recipe: drupal10
config:
php: '8.2'
via: nginx:1.18
webroot: drupal/web
database: mariadb:10.6
drush: ^11
xdebug: true
config:
php: .lando/php.ini
services:
database:
creds:
user: admin
password: admin
database: drupal
appserver:
overrides:
environment:
PHP_MEMORY_LIMIT: "128M"I've tried the most recent nginx:1.27 - it doesn't fix the issue.
Research
I connected to a container via lando ssh -u root appserver and executed next commands:
root@6e4e40521eb9:/app/drupal/web# ls -la core/modules/system/css/components/align.module.css
-rw------- 1 www-data dialout 484 May 1 2024 core/modules/system/css/components/align.module.css
root@6e4e40521eb9:/app/drupal/web# chown daemon core/modules/system/css/components/align.module.css
root@6e4e40521eb9:/app/drupal/web# ls -la core/modules/system/css/components/align.module.css
-rw------- 1 daemon dialout 484 May 1 2024 core/modules/system/css/components/align.module.cssAfter that I was able to access the CSS file (w/o 403 error) in a browser by next URL: https://edume.lndo.site/core/modules/system/css/components/align.module.css. Thus yes, the issue is somewhere in nginx configuration that's related to daemon, www-data users.
AaronFeledy
commented
1 week ago Related: lando/nginx#20
Hi, It seems that when using nginx in via config, the user of nginx server is "daemon" instead of "www-data". As a consequency, when using the correct permissions on Drupal folders, all css and js files are returning a 403 error from nginx. The only way to fix it that I found is to add this in services config:
Even adding a custom server.conf with config/config/server didn't work.