Combining an OLS host with multiple docker containers

[floodlitworld]

I'm pretty new to both OLS and averagely experienced with Docker.

So I'm trying to set up a server on AlmaLinux 9 where OLS runs on the VPS level. I then want to use the vhost-map to send all the traffic (depending on domain) to one of many docker containers. However, I must have spent 6 hours just banging my head against a wall trying to get it to work.

I researched before starting and came to the conclusion that having the docker containers run as images of php:8.4-fpm which exposed port 9000 as FastCGI processes was the best idea. Is this a correct decision?

If so, I can't for the life of me get it working. This is the first vhost config:

docRoot                   /home/testing/public/
vhDomain                  testing.mydomain.dev

index  {
  useServer               0
  autoIndex               0
}

extprocessor php84 {
  type                    fcgi
  address                 127.0.0.1:9000
  maxConns                10
  initTimeout             60
  retryTimeout            0
  respBuffer              0
  autoStart               2
}

context / {
  type                    fcgi
  handler                 php84
  addDefaultCharset       off
}

vhssl  {
  keyFile                 /etc/letsencrypt/live/testing.mydomain.dev/privkey.pem
  certFile                /etc/letsencrypt/live/testing.mydomain.dev/fullchain.pem
  certChain               1
}

But all I ever get in 403 errors. And this in the log:

2025-09-16 00:07:12.790186 [INFO] [14609] [155.55.55.55:49364:HTTP2-3] Context [/] is not accessible: access denied.

and Docker is running on Port 9000:

# ss -ltnp | grep 9000
LISTEN 0 4096 0.0.0.0:9000 0.0.0.0:* users("docker-proxy",pid=15093,fd=7))
LISTEN 0 4096 [::]:9000 [::]:* users("docker-proxy",pid=15098,fd=7))

For good measure, here's my testing docker-compose.yml file:

services:
  php:
    image: php:8.4-fpm
    container_name: myapp-php
    working_dir: /var/www/html
    restart: unless-stopped
    volumes:
      - ./public:/var/www/html
    networks:
      - testingnet
    ports:
      - 9000:9000

  db:
    image: mariadb:11
    container_name: myapp-db
    restart: unless-stopped
    environment:
      MYSQL_ROOT_PASSWORD: supersecret
      MYSQL_DATABASE: myapp
      MYSQL_USER: myappuser
      MYSQL_PASSWORD: myapppass
    volumes:
      - dbdata:/var/lib/mysql
    networks:
      - testingnet

volumes:
  dbdata:

networks:
  testingnet:
    driver: bridge

Does anyone have any ideas? I'm on the verge of giving up here.

 

[Cold-Egg]

Just an idea, not a solution.
For OLS, using built-in LSAPI should be much easier.
Have you tried this stack setup, https://docs.litespeedtech.com/cloud/docker/ols-wordpress/

 

[floodlitworld]

The problem is that I want to use Litespeed with multiple docker containers varying stacks (some Wordpress, some Laravel etc) and SSH access and things like that.

So I really need to keep the setup I have. It feels like I'm one setting away from it working, but it's just a permissions issue blocking it.

One thing I wasn't sure about is what the 'docRoot' should be for a FCGI app, since I believe that Litespeed passes that path to the docker container.

EDIT:
So I ran

SCRIPT_FILENAME=/var/www/html/index.php REQUEST_METHOD=GET cgi-fcgi -bind -connect 127.0.0.1:9000

from my VPS to the docker container and it responded correctly (with the PHP version installed in the container and "Hello World".

It's definitely an issue with Litespeed. I've set the php-fpm in-container to DEBUG and nothing is hitting it from a request via LiteSpeed.

EDIT 2:
Okay, so major progress, requests via LiteSpeed are now hitting the docker container, but unfortunately, I'm now getting a 'file not found' error 404 from the container.

I've logged the SCRIPT_FILENAME (SF) and DOCUMENT_ROOT (DR) that php-fpm is executing with, and that seems to be the problem:

myapp-php  | 172.18.0.1 -  16/Sep/2025:18:24:29 +0000 "GET /" 404 - SF=- DR=/home/testing/public

The DOCUMENT_ROOT should be `/var/www/html/`, but if I change that in the LiteSpeed vHost config, then LiteSpeed 404's and doesn't send the request to the FCGI server.

I've tried adding this to my vhost.conf file:

extprocessor php84 {
  type                    fcgi
  address                 127.0.0.1:9000
  maxConns                10
  env                     SCRIPT_FILENAME=/var/www/html/$URI
  env                     DOCUMENT_ROOT=/var/www/html
  env                     PHP_SELF=$URI
  initTimeout             60
  retryTimeout            0
  persistConn             1
  respBuffer              0
  autoStart               0
}

but they don't seem to get forwarded at all.

EDIT 3:

I ended up with a hacky solution: use the same filepath inside the docker container that the host uses for the docRoot. So before I had `/home/testing/public` as the host docRoot and then `/var/www/html` as the container's document root. I changed the latter to match the former and it works.

Final issue: I can't seem to get any kind of rewrite working. So if I request `https://testing.mydomain.dev/index.php` then it works, but `https://testing.mydomain.dev` returns the old 'file not found' error again.

I've tried adding rewrite rules and setting the 'server index' at every level, but nothing seems to affect the uri request sent to the container's FCGI process.

 

[Cold-Egg]

Adding those parameters to the environment looks correct, though I’m not sure whether DOCUMENT_ROOT is the right one or if PHP-FPM actually receives it.

Context might have higher priority than rewrite rules. Instead of using a FastCGI context, you can create a PHP handler for FastCGI so that PHP files are served through it, while using a / static context for general purposes.