Fastcgi script "file not found" / Primary script unknown

Question

ACTUAL SITUATION

I am in the process of transferring a static web server to a container.

ISSUE ENCOUNTERED

When i'm trying to reach my server, i received "File not found" with :

• curl command : curl --insecure -v -H "Host: <site_name>" https://127.0.0.1:443
• Browser : https://<site_name>

Here is the error message on NGINX container log for the site :

2023/07/04 13:25:38 [error] 8#8: *1 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: x.x.x.x, server: site, request: "GET / HTTP/1.1", upstream: "fastcgi://172.22.0.2:9000", host: "site"

Here is the 404 error on php container log :

172.22.0.3 - 04/Jul/2023:13:25:38 +0000 "GET /php/index.php" 404

VERSIONS

Here are my all versions used :

• OS Docker server : Red Hat Enterprise Linux Server release 7.6
• Docker : Docker version 24.0.2
• Docker compose : Docker Compose version v2.18.1

On containers :

• php-fpm : PHP 8.2.0 (fpm-fcgi) / Zend Engine v4.2.0 / Zend OPcache v8.2.0
• OS for php container : Debian 11.5
• nginx : nginx/1.23.1
• openssl : OpenSSL 1.1.1n
• OS for nginx container : Debian 11.5

FILES CONFIG

PHP-FPM container (i never modified the file, i removed the ";" lines for a better understanding) :

/usr/local/etc/php-fpm.conf

;;;;;;;;;;;;;;;;;;;;; ; FPM Configuration ; ;;;;;;;;;;;;;;;;;;;;; include=/usr/local/etc/php-fpm.d/*.conf ;;;;;;;;;;;;;;;;;; ; Global Options ; ;;;;;;;;;;;;;;;;;; [global] pid = /usr/local/var/run/php-fpm.pid error_log = /proc/self/fd/2 log_level = notice daemonize = no 

NGINX container :

/etc/nginx/conf.d/site1.conf

 server { listen 80; return 301 https://<site_name>$request_uri; } server { listen 443 ssl; server_name <site_name>; root /webservers/site1; # Self-signed with openssl ssl_certificate /etc/nginx/ssl/testapp1/testapp1.crt; ssl_certificate_key /etc/nginx/ssl/testapp1/testapp1.key; location / { try_files $uri $uri/ /index.php?$query_string; } location ~ \.php$ { fastcgi_pass php-fpm:9000; fastcgi_index /webservers/oca/php/index.php; #include fastcgi_params; #fastcgi_param SCRIPT_FILENAME /usr/local/var/run/$fastcgi_script_name; include fastcgi.conf; } location ~ \.(css|js|gif|ico|jpeg|jpg|png)(.*)$ { expires max; } access_log /var/log/site1.info.access.log; error_log /var/log/site1.info.error.log; } 

/etc/nginx/nginx.conf

user nginx; worker_processes auto; error_log /var/log/nginx/error.log; pid /run/nginx.pid; include /usr/share/nginx/modules/*.conf; events { worker_connections 1024; } http { index php/index.php index.html index.htm; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; include /etc/nginx/mime.types; default_type application/octet-stream; include /etc/nginx/conf.d/*.conf; } 

/etc/nginx/fastcgi.conf

fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param QUERY_STRING $query_string; fastcgi_param REQUEST_METHOD $request_method; fastcgi_param CONTENT_TYPE $content_type; fastcgi_param CONTENT_LENGTH $content_length; fastcgi_param SCRIPT_NAME $fastcgi_script_name; fastcgi_param REQUEST_URI $request_uri; fastcgi_param DOCUMENT_URI $document_uri; fastcgi_param DOCUMENT_ROOT $document_root; fastcgi_param SERVER_PROTOCOL $server_protocol; fastcgi_param REQUEST_SCHEME $scheme; fastcgi_param HTTPS $https if_not_empty; fastcgi_param GATEWAY_INTERFACE CGI/1.1; fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; fastcgi_param REMOTE_ADDR $remote_addr; fastcgi_param REMOTE_PORT $remote_port; fastcgi_param SERVER_ADDR $server_addr; fastcgi_param SERVER_PORT $server_port; fastcgi_param SERVER_NAME $server_name; # PHP only, required if PHP was built with --enable-force-cgi-redirect fastcgi_param REDIRECT_STATUS 200; 

ls -a /etc/nginx/

conf.d fastcgi.conf fastcgi.conf.bak fastcgi_params mime.types modules nginx.conf scgi_params ssl uwsgi_params 

ls -a /webservers/site1

css js lifecycle_policy.sh php files 

ls -a /webservers/site1/php

index.php

docker-compose.yml

version: "3.8" services: web: image: nginx:0.1 ports: - "80:80" - "443:443" command: - service nginx restart depends_on: - "php-fpm" links: - "php-fpm" php-fpm: image: php-fpm:0.1 ports: - ":9000" 

WHAT I'M TRYING TO RESOLV IT

I've trying many configuration which are indicated on forums but it didn't work.

fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

to

fastcgi_param SCRIPT_FILENAME $request_filename;

Restart NGINX

and another tests...

WHAT WORKS

It works without fastcgi_param :

location ~ \.php$ { fastcgi_pass php-fpm:9000; fastcgi_index php/index.php; } 

But i have blank page...

It work with fastcgi_param :

Directly installed on VM with NGINX / OPENSSL / PHP-FPM (RedHat 8.7)

QUESTION

I know there is many answer on forums at this issue but i didn't find a good solution. Have you suggestions ?

Answer 1

I finally resolved my issue :

I didn't understand that the .php file need to be in PHP-FPM container. I build my own image of php-fpm and transfert the site files :

FROM repo/php-fpm AS builder LABEL maintainer="x" description="NGINX PHP" RUN mkdir /webservers COPY --chown=root:root site1.tar /webservers RUN cd /webservers \ && tar xvf site1.tar \ && chown -R root:root site1/* \ && chmod -R 755 site1/* EXPOSE 9000 ENTRYPOINT ["php-fpm"] 

docker image build -t php-fpm:0.1 .