From ed6ec39a4737dca16edde32f143304f9b1ff90b5 Mon Sep 17 00:00:00 2001 From: victor-sm <7871132+victor-sm@users.noreply.github.com> Date: Fri, 20 Oct 2023 15:43:01 +0200 Subject: [PATCH 1/2] Updated nginx.conf with new pid path --- nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nginx.conf b/nginx.conf index 04d76b2..85a8f7f 100644 --- a/nginx.conf +++ b/nginx.conf @@ -8,7 +8,7 @@ include /etc/nginx/main.d/*.conf; worker_processes 1; error_log /var/log/nginx/error.log warn; -pid /var/run/nginx.pid; +pid /var/run/nginx/nginx.pid; events { worker_connections 1024; From f86bf0987bf360caa1580d44cc0e97e5b129e3a7 Mon Sep 17 00:00:00 2001 From: victor-sm <7871132+victor-sm@users.noreply.github.com> Date: Fri, 20 Oct 2023 15:48:21 +0200 Subject: [PATCH 2/2] Update Dockerfile with new .pid and .lock path This solves the permission error on startup: > unlink() "/var/run/nginx.pid" failed (13: Permission denied) --- Dockerfile | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index 1b99ac6..948d7d6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -33,8 +33,8 @@ ARG CONFIG="\ --conf-path=/etc/nginx/nginx.conf \ --error-log-path=/var/log/nginx/error.log \ --http-log-path=/var/log/nginx/access.log \ - --pid-path=/var/run/nginx.pid \ - --lock-path=/var/run/nginx.lock \ + --pid-path=/var/run/nginx/nginx.pid \ + --lock-path=/var/run/nginx/nginx.lock \ --http-client-body-temp-path=/var/cache/nginx/client_temp \ --http-proxy-temp-path=/var/cache/nginx/proxy_temp \ --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \ @@ -174,6 +174,7 @@ RUN \ RUN \ echo "Building nginx ..." \ + && mkdir -p /var/run/nginx/ \ && cd /usr/src/nginx-$NGINX_VERSION \ && ./auto/configure $CONFIG \ --with-cc-opt="-I../boringssl/include" \ @@ -214,6 +215,7 @@ ARG NGINX_GROUP_GID ENV NGINX_VERSION $NGINX_VERSION ENV NGINX_COMMIT $NGINX_COMMIT +COPY --from=base /var/run/nginx/ /var/run/nginx/ COPY --from=base /tmp/runDeps.txt /tmp/runDeps.txt COPY --from=base /etc/nginx /etc/nginx COPY --from=base /usr/lib/nginx/modules/*.so /usr/lib/nginx/modules/ @@ -253,9 +255,11 @@ EXPOSE 8080 8443 STOPSIGNAL SIGTERM -# prepare to switching to non-root - update file permissions -RUN chown --verbose nginx:nginx \ - /var/run/nginx.pid +# prepare to switching to non-root - update file permissions of directory containing +# nginx.lock and nginx.pid file +RUN \ + chown -R --verbose nginx:nginx \ + /var/run/nginx/ USER nginx CMD ["nginx", "-g", "daemon off;"]