init
This commit is contained in:
parent
d32387b0e8
commit
4e69f9a945
36
Dockerfile
Normal file
36
Dockerfile
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
FROM alpine:3.5
|
||||||
|
MAINTAINER kolaente - mowie.cc
|
||||||
|
|
||||||
|
ENV TZ "Europe/Berlin"
|
||||||
|
|
||||||
|
RUN apk update && \
|
||||||
|
apk --no-cache add bash tzdata curl ca-certificates s6 ssmtp mysql-client \
|
||||||
|
nginx nginx-mod-http-headers-more
|
||||||
|
|
||||||
|
RUN ln -sf "/usr/share/zoneinfo/$TZ" /etc/localtime && \
|
||||||
|
echo "$TZ" > /etc/timezone && date
|
||||||
|
|
||||||
|
RUN apk --no-cache add \
|
||||||
|
php7 php7-phar php7-curl php7-fpm php7-json php7-zlib php7-gd \
|
||||||
|
php7-xml php7-dom php7-ctype php7-opcache php7-zip php7-iconv \
|
||||||
|
php7-pdo php7-pdo_mysql php7-mysqli php7-mbstring php7-session \
|
||||||
|
php7-mcrypt php7-openssl php7-sockets php7-posix
|
||||||
|
|
||||||
|
RUN rm -rf /var/cache/apk/* && \
|
||||||
|
ln -s /usr/bin/php7 /usr/bin/php && \
|
||||||
|
rm -f /etc/php7/php-fpm.d/www.conf && \
|
||||||
|
touch /etc/php7/php-fpm.d/env.conf
|
||||||
|
|
||||||
|
RUN rm -rf /var/www
|
||||||
|
|
||||||
|
COPY conf/services.d /etc/services.d
|
||||||
|
COPY conf/nginx/nginx.conf /etc/nginx/nginx.conf
|
||||||
|
COPY conf/php/php-fpm.conf /etc/php7/
|
||||||
|
COPY conf/php/conf.d/php.ini /etc/php7/conf.d/zphp.ini
|
||||||
|
|
||||||
|
VOLUME /var/www/content
|
||||||
|
|
||||||
|
EXPOSE 80
|
||||||
|
|
||||||
|
ENTRYPOINT ["/bin/s6-svscan", "/etc/services.d"]
|
||||||
|
CMD []
|
88
conf/nginx/nginx.conf
Normal file
88
conf/nginx/nginx.conf
Normal file
@ -0,0 +1,88 @@
|
|||||||
|
load_module modules/ngx_http_headers_more_filter_module.so;
|
||||||
|
|
||||||
|
user nginx;
|
||||||
|
worker_processes auto;
|
||||||
|
pid /var/run/nginx.pid;
|
||||||
|
|
||||||
|
events {
|
||||||
|
worker_connections 1024;
|
||||||
|
}
|
||||||
|
|
||||||
|
http {
|
||||||
|
|
||||||
|
include mime.types;
|
||||||
|
default_type application/octet-stream;
|
||||||
|
|
||||||
|
sendfile on;
|
||||||
|
tcp_nopush on;
|
||||||
|
tcp_nodelay on;
|
||||||
|
keepalive_timeout 65;
|
||||||
|
server_tokens off;
|
||||||
|
|
||||||
|
log_format main_timed '$remote_addr - $remote_user [$time_local] "$request" '
|
||||||
|
'$status $body_bytes_sent "$http_referer" '
|
||||||
|
'"$http_user_agent" "$http_x_forwarded_for" '
|
||||||
|
'$request_time $upstream_response_time $pipe $upstream_cache_status';
|
||||||
|
|
||||||
|
#access_log off;
|
||||||
|
#error_log /dev/stderr;
|
||||||
|
access_log /dev/stdout main_timed;
|
||||||
|
error_log /dev/stderr;
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen [::]:80 default_server;
|
||||||
|
listen 80 default_server;
|
||||||
|
server_name _;
|
||||||
|
index index.php;
|
||||||
|
root /var/www;
|
||||||
|
client_max_body_size 1G;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
try_files $uri $uri/ /index.php;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ \.php$ {
|
||||||
|
try_files $uri =404;
|
||||||
|
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||||
|
fastcgi_pass unix:/var/run/php-fpm.sock;
|
||||||
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||||
|
fastcgi_index index.php;
|
||||||
|
include fastcgi_params;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~* ^.+\.(log|sqlite|yml|yaml|ini)$ {
|
||||||
|
return 404;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ /\.ht {
|
||||||
|
return 404;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~* ^.+\.(ico|jpg|gif|png|css|js|svg|eot|ttf|woff|woff2|otf)$ {
|
||||||
|
log_not_found off;
|
||||||
|
expires 7d;
|
||||||
|
etag on;
|
||||||
|
}
|
||||||
|
|
||||||
|
gzip on;
|
||||||
|
gzip_comp_level 3;
|
||||||
|
gzip_disable "msie6";
|
||||||
|
gzip_vary on;
|
||||||
|
gzip_types
|
||||||
|
text/plain
|
||||||
|
text/css
|
||||||
|
text/javascript
|
||||||
|
text/xml
|
||||||
|
application/javascript
|
||||||
|
application/json
|
||||||
|
application/xml
|
||||||
|
application/rss+xml;
|
||||||
|
}
|
||||||
|
|
||||||
|
add_header X-Frame-Options SAMEORIGIN;
|
||||||
|
add_header X-Content-Type-Options nosniff;
|
||||||
|
add_header X-XSS-Protection "1; mode=block";
|
||||||
|
|
||||||
|
more_clear_headers 'X-Powered-By';
|
||||||
|
more_clear_headers 'Server';
|
||||||
|
}
|
9
conf/nginx/security.conf
Normal file
9
conf/nginx/security.conf
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
server_tokens off;
|
||||||
|
|
||||||
|
add_header X-Frame-Options SAMEORIGIN;
|
||||||
|
add_header X-Content-Type-Options nosniff;
|
||||||
|
add_header X-XSS-Protection "1; mode=block";
|
||||||
|
|
||||||
|
more_clear_headers 'X-Powered-By';
|
||||||
|
more_clear_headers 'Server';
|
||||||
|
|
17
conf/php/conf.d/php.ini
Normal file
17
conf/php/conf.d/php.ini
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
expose_php = Off
|
||||||
|
error_reporting = E_ALL
|
||||||
|
display_errors = Off
|
||||||
|
log_errors = On
|
||||||
|
error_log = /dev/stderr
|
||||||
|
cgi.fix_pathinfo=0
|
||||||
|
date.timezone = Europe/Berlin
|
||||||
|
allow_url_fopen = On
|
||||||
|
post_max_size = 1300M
|
||||||
|
upload_max_filesize = 1024M
|
||||||
|
opcache.max_accelerated_files = 7963
|
||||||
|
opcache.validate_timestamps = Off
|
||||||
|
opcache.save_comments = 0
|
||||||
|
opcache.load_comments = 0
|
||||||
|
opcache.fast_shutdown = 1
|
||||||
|
opcache.enable_file_override = On
|
||||||
|
session.save_path = "/var/session"
|
20
conf/php/php-fpm.conf
Normal file
20
conf/php/php-fpm.conf
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
[global]
|
||||||
|
error_log = /proc/self/fd/2
|
||||||
|
log_level = error
|
||||||
|
daemonize = no
|
||||||
|
|
||||||
|
[www]
|
||||||
|
catch_workers_output = yes
|
||||||
|
user = nginx
|
||||||
|
group = nginx
|
||||||
|
listen.owner = nginx
|
||||||
|
listen.group = nginx
|
||||||
|
listen = /var/run/php-fpm.sock
|
||||||
|
pm = dynamic
|
||||||
|
pm.max_children = 20
|
||||||
|
pm.start_servers = 1
|
||||||
|
pm.min_spare_servers = 1
|
||||||
|
pm.max_spare_servers = 3
|
||||||
|
pm.max_requests = 2048
|
||||||
|
include = /etc/php7/php-fpm.d/env.conf
|
||||||
|
|
2
conf/services.d/.s6-svscan/crash
Executable file
2
conf/services.d/.s6-svscan/crash
Executable file
@ -0,0 +1,2 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
/bin/true
|
2
conf/services.d/.s6-svscan/finish
Executable file
2
conf/services.d/.s6-svscan/finish
Executable file
@ -0,0 +1,2 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
/bin/true
|
2
conf/services.d/nginx/run
Executable file
2
conf/services.d/nginx/run
Executable file
@ -0,0 +1,2 @@
|
|||||||
|
#!/bin/execlineb -P
|
||||||
|
nginx -g "daemon off;"
|
2
conf/services.d/php/run
Executable file
2
conf/services.d/php/run
Executable file
@ -0,0 +1,2 @@
|
|||||||
|
#!/bin/execlineb -P
|
||||||
|
php-fpm7 -F
|
Loading…
Reference in New Issue
Block a user