ddev-webserver Nginx - do not intercept 400 errors (#1555)

containers/ddev-webserver/files/etc/nginx/nginx_backdrop.conf

@@ -34,7 +34,7 @@
         fastcgi_param SCRIPT_NAME $fastcgi_script_name;
         fastcgi_index index.php;
         include fastcgi_params;
-        fastcgi_intercept_errors on;
+        fastcgi_intercept_errors off;
         # fastcgi_read_timeout should match max_execution_time in php.ini
         fastcgi_read_timeout 10m;
         fastcgi_param SERVER_NAME $host;

containers/ddev-webserver/files/etc/nginx/nginx_default.conf

@@ -36,7 +36,7 @@
         fastcgi_param SCRIPT_NAME $fastcgi_script_name;
         fastcgi_index index.php;
         include fastcgi_params;
-        fastcgi_intercept_errors on;
+        fastcgi_intercept_errors off;
         # fastcgi_read_timeout should match max_execution_time in php.ini
         fastcgi_read_timeout 10m;
         fastcgi_param SERVER_NAME $host;

containers/ddev-webserver/files/etc/nginx/nginx_drupal6.conf

@@ -36,7 +36,7 @@
         fastcgi_param SCRIPT_NAME $fastcgi_script_name;
         fastcgi_index index.php;
         include fastcgi_params;
-        fastcgi_intercept_errors on;
+        fastcgi_intercept_errors off;
         # fastcgi_read_timeout should match max_execution_time in php.ini
         fastcgi_read_timeout 10m;
         fastcgi_param SERVER_NAME $host;

containers/ddev-webserver/files/etc/nginx/nginx_drupal7.conf

@@ -38,7 +38,7 @@
         fastcgi_param SCRIPT_NAME $fastcgi_script_name;
         fastcgi_index index.php;
         include fastcgi_params;
-        fastcgi_intercept_errors on;
+        fastcgi_intercept_errors off;
         # fastcgi_read_timeout should match max_execution_time in php.ini
         fastcgi_read_timeout 10m;
         fastcgi_param SERVER_NAME $host;

containers/ddev-webserver/files/etc/nginx/nginx_drupal8.conf

@@ -34,7 +34,7 @@
         fastcgi_param SCRIPT_NAME $fastcgi_script_name;
         fastcgi_index index.php;
         include fastcgi_params;
-        fastcgi_intercept_errors on;
+        fastcgi_intercept_errors off;
         # fastcgi_read_timeout should match max_execution_time in php.ini
         fastcgi_read_timeout 10m;
         fastcgi_param SERVER_NAME $host;

containers/ddev-webserver/files/etc/nginx/nginx_typo3.conf

@@ -24,7 +24,7 @@
         fastcgi_param SCRIPT_NAME $fastcgi_script_name;
         fastcgi_index index.php;
         include fastcgi_params;
-        fastcgi_intercept_errors on;
+        fastcgi_intercept_errors off;
         # fastcgi_read_timeout should match max_execution_time in php.ini
         fastcgi_read_timeout 10m;
         fastcgi_param SERVER_NAME $host;

containers/ddev-webserver/files/etc/nginx/nginx_wordpress.conf

@@ -53,7 +53,7 @@
         fastcgi_param SCRIPT_NAME $fastcgi_script_name;
         fastcgi_index index.php;
         include fastcgi_params;
-        fastcgi_intercept_errors on;
+        fastcgi_intercept_errors off;
         # fastcgi_read_timeout should match max_execution_time in php.ini
         fastcgi_read_timeout 10m;
         fastcgi_param SERVER_NAME $host;

containers/ddev-webserver/files/var/www/html/docroot/test/upstream-error.php

@@ -0,0 +1,3 @@
+<?php
+header($_SERVER['SERVER_PROTOCOL'] . ' 500 Internal Server Error', true, 500);
+echo "Upstream error message";

containers/ddev-webserver/test/containertest.sh

@@ -144,14 +144,20 @@ for project_type in drupal6 drupal7 drupal8 typo3 backdrop wordpress default; do
 		docker exec -t $CONTAINER_NAME bash -c 'if [ ! -d  ~/.drush/commands/backdrop ] ; then echo "Failed to find expected backdrop drush commands"; exit 106; fi'
 	else
 		docker exec -t $CONTAINER_NAME bash -c 'if [ -d  ~/.drush/commands/backdrop ] ; then echo "Found unexpected backdrop drush commands"; exit 107; fi'
+  fi
+
+  # Test if we have access to upstream error messages.
+	ERRMSG="$(curl localhost:$HOST_HTTP_PORT/test/upstream-error.php)"
+	if [ "$ERRMSG" != "Upstream error message" ] ; then
+	  exit 108
 	fi
 	docker rm -f $CONTAINER_NAME
 done
 
 echo "--- testing use of custom nginx and php configs"
 docker run  -u "$MOUNTUID:$MOUNTGID" -p $HOST_HTTP_PORT:$CONTAINER_HTTP_PORT -p $HOST_HTTPS_PORT:$CONTAINER_HTTPS_PORT -e "DOCROOT=potato" -e "DDEV_PHP_VERSION=7.2" -v "/$PWD/test/testdata:/mnt/ddev_config:ro" -v ddev-global-cache:/mnt/ddev-global-cache -d --name $CONTAINER_NAME -d $DOCKER_IMAGE
 if ! containercheck; then
-    exit 108
+    exit 109
 fi
 docker exec -t $CONTAINER_NAME grep "docroot is /var/www/html/potato in custom conf" //etc/nginx/sites-enabled/nginx-site.conf
 

pkg/ddevapp/testdata/TestConfigOverrideDetection/.ddev/nginx-site.conf

@@ -11,118 +11,33 @@ map $http_x_forwarded_proto $fcgi_https {
 }
 
 server {
-    listen 80; ## listen for ipv4; this line is default and implied
-    listen [::]:80 default ipv6only=on; ## listen for ipv6
+    listen 80;
+    listen [::]:80 default ipv6only=on;
+
     # The WEBSERVER_DOCROOT variable is substituted with
     # its value when the container is started.
     root $WEBSERVER_DOCROOT;
-    index index.php index.htm index.html;
-
-    # Make site accessible from http://localhost/
-    server_name _;
-
-    # Disable sendfile as per https://docs.vagrantup.com/v2/synced-folders/virtualbox.html
-    sendfile off;
-    error_log /dev/stdout info;
-    access_log /var/log/nginx/access.log;
-
-    location / {
-        absolute_redirect off;
-        try_files $uri $uri/ /index.php?q=$uri&$args;
-    }
-
-    location @rewrite {
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
-
-    # Handle image styles for Drupal 7+
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
-
-    # pass the PHP scripts to FastCGI server listening on socket
-    location ~ \.php$ {
-        try_files $uri =404;
-        fastcgi_split_path_info ^(.+\.php)(/.+)$;
-        fastcgi_pass unix:/run/php-fpm.sock;
-        fastcgi_buffers 16 16k;
-        fastcgi_buffer_size 32k;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_param SCRIPT_NAME $fastcgi_script_name;
-        fastcgi_index index.php;
-        include fastcgi_params;
-        fastcgi_intercept_errors on;
-        # fastcgi_read_timeout should match max_execution_time in php.ini
-        fastcgi_read_timeout 10m;
-        fastcgi_param SERVER_NAME $host;
-        fastcgi_param HTTPS $fcgi_https;
-    }
-
-    # Expire rules for static content
-    # Feed
-    location ~* \.(?:rss|atom)$ {
-        expires 1h;
-    }
 
-    # Media: images, icons, video, audio, HTC
-    location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ {
-        expires 1M;
-        access_log off;
-        add_header Cache-Control "public";
-    }
+    include /etc/nginx/monitoring.conf;
 
-    # Prevent clients from accessing hidden files (starting with a dot)
-    # This is particularly important if you store .htpasswd files in the site hierarchy
-    # Access to `/.well-known/` is allowed.
-    # https://www.mnot.net/blog/2010/04/07/well-known
-    # https://tools.ietf.org/html/rfc5785
-    location ~* /\.(?!well-known\/) {
-        deny all;
-    }
-
-    # Prevent clients from accessing to backup/config/source files
-    location ~* (?:\.(?:bak|conf|dist|fla|in[ci]|log|psd|sh|sql|sw[op])|~)$ {
-        deny all;
-    }
+    include /etc/nginx/nginx_default.conf;
+    include /mnt/ddev_config/nginx/*.conf;
+}
 
-    ## Regular private file serving (i.e. handled by Drupal).
-    location ^~ /system/files/ {
-        ## For not signaling a 404 in the error log whenever the
-        ## system/files directory is accessed add the line below.
-        ## Note that the 404 is the intended behavior.
-        log_not_found off;
-        access_log off;
-        expires 30d;
-        try_files $uri @rewrite;
-    }
 
-    ## provide a health check endpoint
-    location /healthcheck {
-        access_log off;
-        stub_status     on;
-        keepalive_timeout 0;    # Disable HTTP keepalive
-        return 200;
-    }
+server {
+    listen 443 ssl;
+    listen [::]:443 default ipv6only=on;
 
-    error_page 400 401 /40x.html;
-    location = /40x.html {
-            root   /usr/share/nginx/html;
-    }
+    # The WEBSERVER_DOCROOT variable is substituted with
+    # its value when the container is started.
+    root $WEBSERVER_DOCROOT;
 
-    location ~ ^/(phpstatus|ping)$ {
-        access_log off;
-        stub_status     on;
-        keepalive_timeout 0;    # Disable HTTP keepalive
-        allow 127.0.0.1;
-        allow all;
-        fastcgi_index index.php;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        include fastcgi_params;
-        fastcgi_pass unix:/run/php-fpm.sock;
-    }
+    ssl_certificate /etc/ssl/certs/master.crt;
+    ssl_certificate_key /etc/ssl/certs/master.key;
 
+    include /etc/nginx/monitoring.conf;
 
+    include /etc/nginx/nginx_default.conf;
+    include /mnt/ddev_config/nginx/*.conf;
 }
-

pkg/ddevapp/testdata/TestPHPOverrides/phpinfo.php

@@ -1,2 +1,2 @@
 <?php
-phpinfo();
+phpinfo(INFO_CONFIGURATION);

pkg/version/version.go

@@ -45,7 +45,7 @@ var DockerComposeFileFormatVersion = "3.6"
 var WebImg = "drud/ddev-webserver"
 
 // WebTag defines the default web image tag for drud dev
-var WebTag = "20190420_fix_apache_cgi" // Note that this can be overridden by make
+var WebTag = "nginx-dont-hide-upstream-errors" // Note that this can be overridden by make
 
 // DBImg defines the default db image used for applications.
 var DBImg = "drud/ddev-dbserver"