Merge branch 'master' into master-xiagw
This commit is contained in:
commit
263c9cd5df
22
.env.example
22
.env.example
@ -199,6 +199,7 @@ WORKSPACE_INSTALL_LNAV=false
|
||||
WORKSPACE_INSTALL_PROTOC=false
|
||||
WORKSPACE_INSTALL_PHPDECIMAL=false
|
||||
WORKSPACE_INSTALL_ZOOKEEPER=false
|
||||
WORKSPACE_INSTALL_SSDB=false
|
||||
WORKSPACE_PROTOC_VERSION=latest
|
||||
WORKSPACE_INSTALL_MEMCACHED=true
|
||||
|
||||
@ -262,6 +263,7 @@ PHP_FPM_INSTALL_MAILPARSE=false
|
||||
PHP_FPM_INSTALL_WKHTMLTOPDF=false
|
||||
PHP_FPM_INSTALL_PHPDECIMAL=false
|
||||
PHP_FPM_INSTALL_ZOOKEEPER=false
|
||||
PHP_FPM_INSTALL_SSDB=false
|
||||
PHP_FPM_FFMPEG=false
|
||||
PHP_FPM_AUDIOWAVEFORM=false
|
||||
PHP_FPM_ADDITIONAL_LOCALES="en_US.UTF-8 es_ES.UTF-8 fr_FR.UTF-8"
|
||||
@ -308,6 +310,7 @@ PHP_WORKER_INSTALL_GEARMAN=false
|
||||
PHP_WORKER_INSTALL_REDIS=false
|
||||
PHP_WORKER_INSTALL_IMAP=false
|
||||
PHP_WORKER_INSTALL_XMLRPC=false
|
||||
PHP_WORKER_INSTALL_SSDB=false
|
||||
|
||||
PHP_WORKER_PUID=1000
|
||||
PHP_WORKER_PGID=1000
|
||||
@ -322,6 +325,16 @@ NGINX_PHP_UPSTREAM_CONTAINER=php-fpm
|
||||
NGINX_PHP_UPSTREAM_PORT=9000
|
||||
NGINX_SSL_PATH=./nginx/ssl/
|
||||
|
||||
### OpenResty #################################################
|
||||
|
||||
OPENRESTY_HOST_HTTP_PORT=80
|
||||
OPENRESTY_HOST_HTTPS_PORT=443
|
||||
OPENRESTY_HOST_LOG_PATH=./logs/openresty/
|
||||
OPENRESTY_SITES_PATH=./openresty/sites/
|
||||
OPENRESTY_PHP_UPSTREAM_CONTAINER=php-fpm
|
||||
OPENRESTY_PHP_UPSTREAM_PORT=9000
|
||||
OPENRESTY_SSL_PATH=./openresty/ssl/
|
||||
|
||||
### LARAVEL_HORIZON ################################################
|
||||
|
||||
LARAVEL_HORIZON_INSTALL_BZ2=false
|
||||
@ -387,6 +400,10 @@ REDIS_PORT=6379
|
||||
|
||||
REDIS_CLUSTER_PORT_RANGE=7000-7005
|
||||
|
||||
### SSDB #################################################
|
||||
|
||||
SSDB_PORT=16801
|
||||
|
||||
### ZooKeeper #############################################
|
||||
|
||||
ZOOKEEPER_PORT=2181
|
||||
@ -435,8 +452,6 @@ SQS_MANAGEMENT_HTTP_HOST_PORT=9325
|
||||
RABBITMQ_NODE_HOST_PORT=5672
|
||||
RABBITMQ_MANAGEMENT_HTTP_HOST_PORT=15672
|
||||
RABBITMQ_MANAGEMENT_HTTPS_HOST_PORT=15671
|
||||
RABBITMQ_DEFAULT_USER=guest
|
||||
RABBITMQ_DEFAULT_PASS=guest
|
||||
|
||||
### MERCURE ##############################################
|
||||
|
||||
@ -486,6 +501,9 @@ SELENIUM_PORT=4444
|
||||
### MINIO #################################################
|
||||
|
||||
MINIO_PORT=9000
|
||||
MINIO_CONSOLE_PORT=9001
|
||||
MINIO_ROOT_USER=laradock
|
||||
MINIO_ROOT_PASSWORD=laradock
|
||||
|
||||
### ADMINER ###############################################
|
||||
|
||||
|
BIN
.github/home-page-images/custom-sponsors/VeePN.png
vendored
Normal file
BIN
.github/home-page-images/custom-sponsors/VeePN.png
vendored
Normal file
Binary file not shown.
After Width: | Height: | Size: 21 KiB |
39
.github/workflows/build-deploy-docs.yml
vendored
Normal file
39
.github/workflows/build-deploy-docs.yml
vendored
Normal file
@ -0,0 +1,39 @@
|
||||
name: Build Deploy Docs
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
paths:
|
||||
- '.github/workflows/build-deploy-docs.yml'
|
||||
- 'DOCUMENTATION/**'
|
||||
|
||||
jobs:
|
||||
build-deploy-docs:
|
||||
if: github.repository == 'laradock/laradock'
|
||||
runs-on: ubuntu-20.04
|
||||
concurrency:
|
||||
group: ${{ github.workflow }}-${{ github.ref }}
|
||||
defaults:
|
||||
run:
|
||||
working-directory: ./DOCUMENTATION
|
||||
steps:
|
||||
- name: Checkout Source Code
|
||||
uses: actions/checkout@v2
|
||||
|
||||
- name: Setup Hugo
|
||||
uses: peaceiris/actions-hugo@v2
|
||||
with:
|
||||
hugo-version: '0.55.0'
|
||||
env:
|
||||
ACTIONS_ALLOW_UNSECURE_COMMANDS: true
|
||||
|
||||
- name: Build Hugo Site
|
||||
run: hugo --minify
|
||||
|
||||
- name: Deploy Hugo Site to Github Pages
|
||||
uses: peaceiris/actions-gh-pages@v3
|
||||
with:
|
||||
github_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
publish_branch: gh-pages
|
||||
publish_dir: ./docs
|
73
.github/workflows/main-ci.yml
vendored
73
.github/workflows/main-ci.yml
vendored
@ -4,9 +4,12 @@ on:
|
||||
push:
|
||||
branches: '**'
|
||||
tags: '**'
|
||||
paths-ignore:
|
||||
- '.github/workflows/build-deploy-docs.yml'
|
||||
- 'DOCUMENTATION/**'
|
||||
pull_request:
|
||||
schedule:
|
||||
- cron: '0 0 * * 0'
|
||||
- cron: '0 0 * * 0'
|
||||
|
||||
jobs:
|
||||
build-php:
|
||||
@ -16,32 +19,34 @@ jobs:
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
php_version: ["5.6", "7.0", "7.1", "7.2", "7.3", "7.4", "8.0"]
|
||||
service: [php-fpm, php-worker, workspace, laravel-horizon]
|
||||
php_version: [ "5.6", "7.0", "7.1", "7.2", "7.3", "7.4", "8.0" ]
|
||||
service: [ php-fpm, php-worker, workspace ]
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- name: Build the Docker image
|
||||
env:
|
||||
PHP_VERSION: ${{ matrix.php_version }}
|
||||
run: |
|
||||
set -eux
|
||||
cp .env.example .env
|
||||
sed -i -- 's/=false/=true/g' .env
|
||||
sed -i -- 's/CHANGE_SOURCE=true/CHANGE_SOURCE=false/g' .env
|
||||
sed -i -- 's/PHPDBG=true/PHPDBG=false/g' .env
|
||||
sed -i -- 's/CASSANDRA=true/CASSANDRA=false/g' .env
|
||||
sed -i -- 's/GEARMAN=true/GEARMAN=false/g' .env
|
||||
sed -i -- 's/AEROSPIKE=true/AEROSPIKE=false/g' .env
|
||||
sed -i -- 's/PHALCON=true/PHALCON=false/g' .env
|
||||
sed -i -- 's/RDKAFKA=true/RDKAFKA=false/g' .env
|
||||
sed -i -- 's/MAILPARSE=true/MAILPARSE=false/g' .env
|
||||
sed -i -- 's/OCI8=true/OCI8=false/g' .env
|
||||
sed -i -- 's/IONCUBE=true/IONCUBE=false/g' .env
|
||||
sed -i -- 's/V8JS=true/V8JS=false/g' .env
|
||||
docker-compose build ${{ matrix.service }}
|
||||
docker-compose up -d --no-deps -- ${{ matrix.service }}
|
||||
docker-compose exec -T -- ${{ matrix.service }} php -m
|
||||
docker-compose down
|
||||
- uses: actions/checkout@v2
|
||||
- name: Build the Docker image
|
||||
env:
|
||||
PHP_VERSION: ${{ matrix.php_version }}
|
||||
run: |
|
||||
set -eux
|
||||
cp .env.example .env
|
||||
sed -i -- 's/=false/=true/g' .env
|
||||
sed -i -- 's/CHANGE_SOURCE=true/CHANGE_SOURCE=false/g' .env
|
||||
sed -i -- 's/PHPDBG=true/PHPDBG=false/g' .env
|
||||
sed -i -- 's/CASSANDRA=true/CASSANDRA=false/g' .env
|
||||
sed -i -- 's/GEARMAN=true/GEARMAN=false/g' .env
|
||||
sed -i -- 's/AEROSPIKE=true/AEROSPIKE=false/g' .env
|
||||
sed -i -- 's/PHALCON=true/PHALCON=false/g' .env
|
||||
sed -i -- 's/RDKAFKA=true/RDKAFKA=false/g' .env
|
||||
sed -i -- 's/MAILPARSE=true/MAILPARSE=false/g' .env
|
||||
sed -i -- 's/OCI8=true/OCI8=false/g' .env
|
||||
sed -i -- 's/IONCUBE=true/IONCUBE=false/g' .env
|
||||
sed -i -- 's/V8JS=true/V8JS=false/g' .env
|
||||
sed -i -- 's/AUDIOWAVEFORM=true/AUDIOWAVEFORM=false/g' .env
|
||||
sed -i -- 's/SSDB=true/SSDB=false/g' .env
|
||||
docker-compose build ${{ matrix.service }}
|
||||
docker-compose up -d --no-deps -- ${{ matrix.service }}
|
||||
docker-compose exec -T -- ${{ matrix.service }} php -m
|
||||
docker-compose down
|
||||
|
||||
build-other:
|
||||
# Don't trigger on schedule event when in a fork
|
||||
@ -50,12 +55,12 @@ jobs:
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
service: ['nginx', 'redis', 'mysql', 'mariadb', 'percona', 'minio', 'mongo']
|
||||
service: [ 'nginx', 'redis', 'mysql', 'mariadb', 'percona', 'minio', 'mongo' ]
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- name: Build the Docker image
|
||||
run: |
|
||||
cp .env.example .env
|
||||
sed -i -- 's/=false/=true/g' .env
|
||||
sed -i -- 's/CHANGE_SOURCE=true/CHANGE_SOURCE=false/g' .env
|
||||
docker-compose build ${{ matrix.service }}
|
||||
- uses: actions/checkout@v2
|
||||
- name: Build the Docker image
|
||||
run: |
|
||||
cp .env.example .env
|
||||
sed -i -- 's/=false/=true/g' .env
|
||||
sed -i -- 's/CHANGE_SOURCE=true/CHANGE_SOURCE=false/g' .env
|
||||
docker-compose build ${{ matrix.service }}
|
||||
|
@ -17,7 +17,7 @@ It supports a variety of common services, all pre-configured to provide a ready
|
||||
<a name="features"></a>
|
||||
## Features
|
||||
|
||||
- Easy switch between PHP versions: 7.4, 7.3, 7.2, 7.1, 5.6...
|
||||
- Easy switch between PHP versions: 8.0, 7.4, 7.3, 7.2, 7.1, 5.6...
|
||||
- Choose your favorite database engine: MySQL, Postgres, MariaDB...
|
||||
- Run your own stack: Memcached, HHVM, RabbitMQ...
|
||||
- Each software runs on its own container: PHP-FPM, NGINX, PHP-CLI...
|
||||
@ -417,6 +417,9 @@ Sponsoring is an act of giving in a different fashion. 🌱
|
||||
|
||||
<p align="center">
|
||||
|
||||
<a href="https://veepn.com/vpn-apps/vpn-for-chrome/" target="_blank" style="margin-right: 4em"><img src="https://raw.githubusercontent.com/laradock/laradock/master/.github/home-page-images/custom-sponsors/VeePN.png" height="65px" alt="VeePN Chrome extension"></a>
|
||||
|
||||
|
||||
<a href="https://opencollective.com/laradock/tiers/silver-sponsors/0/website" target="_blank"><img src="https://opencollective.com/laradock/tiers/silver-sponsors/0/avatar.svg?button=false&isActive=true" height="65px"></a>
|
||||
<a href="https://opencollective.com/laradock/tiers/silver-sponsors/1/website" target="_blank"><img src="https://opencollective.com/laradock/tiers/silver-sponsors/1/avatar.svg?button=false&isActive=true" height="65px"></a>
|
||||
<a href="https://opencollective.com/laradock/tiers/silver-sponsors/2/website" target="_blank"><img src="https://opencollective.com/laradock/tiers/silver-sponsors/2/avatar.svg?button=false&isActive=true" height="65px"></a>
|
||||
|
@ -224,6 +224,9 @@ Sponsoring is an act of giving in a different fashion. 🌱
|
||||
|
||||
<p align="center">
|
||||
|
||||
<a href="https://veepn.com/vpn-apps/vpn-for-chrome/" target="_blank" style="margin-right: 4em"><img src="https://raw.githubusercontent.com/laradock/laradock/master/.github/home-page-images/custom-sponsors/VeePN.png" height="65px" alt="VeePN Chrome extension"></a>
|
||||
|
||||
|
||||
<a href="https://opencollective.com/laradock/tiers/silver-sponsors/0/website" target="_blank"><img src="https://opencollective.com/laradock/tiers/silver-sponsors/0/avatar.svg?button=false&isActive=true" height="65px"></a>
|
||||
<a href="https://opencollective.com/laradock/tiers/silver-sponsors/1/website" target="_blank"><img src="https://opencollective.com/laradock/tiers/silver-sponsors/1/avatar.svg?button=false&isActive=true" height="65px"></a>
|
||||
<a href="https://opencollective.com/laradock/tiers/silver-sponsors/2/website" target="_blank"><img src="https://opencollective.com/laradock/tiers/silver-sponsors/2/avatar.svg?button=false&isActive=true" height="65px"></a>
|
||||
|
@ -1,5 +1,5 @@
|
||||
FROM abiosoft/caddy:no-stats
|
||||
FROM caddy/caddy:latest
|
||||
|
||||
CMD ["--conf", "/etc/caddy/Caddyfile", "--log", "stdout", "--agree=true"]
|
||||
COPY ./caddy/Caddyfile /etc/caddy/Caddyfile
|
||||
|
||||
EXPOSE 80 443 2015
|
||||
EXPOSE 80 443
|
||||
|
@ -1,51 +1,9 @@
|
||||
# Docs: https://caddyserver.com/docs/caddyfile
|
||||
0.0.0.0:80 {
|
||||
root /var/www/public
|
||||
fastcgi / php-fpm:9000 php {
|
||||
index index.php
|
||||
}
|
||||
laradock.test {
|
||||
root * /var/www/public
|
||||
php_fastcgi php-fpm:9000
|
||||
file_server
|
||||
|
||||
# To handle .html extensions with laravel change ext to
|
||||
# ext / .html
|
||||
|
||||
rewrite {
|
||||
to {path} {path}/ /index.php?{query}
|
||||
}
|
||||
gzip
|
||||
browse
|
||||
log /var/log/caddy/access.log
|
||||
errors /var/log/caddy/error.log
|
||||
# Uncomment to enable TLS (HTTPS)
|
||||
# Change the first list to listen on port 443 when enabling TLS
|
||||
#tls self_signed
|
||||
|
||||
# To use Lets encrpt tls with a DNS provider uncomment these
|
||||
# lines and change the provider as required
|
||||
#tls {
|
||||
# dns cloudflare
|
||||
#}
|
||||
}
|
||||
|
||||
laradock1.demo:80 {
|
||||
root /var/www/public
|
||||
# Create a Webhook in git.
|
||||
#git {
|
||||
#repo https://github.com/xxx/xxx
|
||||
# path /home/xxx
|
||||
# #interval 60
|
||||
# hook webhook laradock
|
||||
# hook_type generic
|
||||
#}
|
||||
|
||||
}
|
||||
|
||||
laradock2.demo:80 {
|
||||
# Create a Proxy and cors.
|
||||
#proxy domain.com
|
||||
#cors
|
||||
}
|
||||
|
||||
laradock3.demo:80 {
|
||||
import authlist.conf
|
||||
root /var/www/public
|
||||
encode gzip
|
||||
tls internal
|
||||
}
|
@ -1 +0,0 @@
|
||||
basicauth / laradock laradock
|
@ -5,7 +5,6 @@ networks:
|
||||
driver: ${NETWORKS_DRIVER}
|
||||
backend:
|
||||
driver: ${NETWORKS_DRIVER}
|
||||
|
||||
volumes:
|
||||
mysql:
|
||||
driver: ${VOLUMES_DRIVER}
|
||||
@ -167,6 +166,7 @@ services:
|
||||
- INSTALL_PROTOC=${WORKSPACE_INSTALL_PROTOC}
|
||||
- INSTALL_PHPDECIMAL=${WORKSPACE_INSTALL_PHPDECIMAL}
|
||||
- INSTALL_ZOOKEEPER=${WORKSPACE_INSTALL_ZOOKEEPER}
|
||||
- INSTALL_SSDB=${WORKSPACE_INSTALL_SSDB}
|
||||
- PROTOC_VERSION=${WORKSPACE_PROTOC_VERSION}
|
||||
- INSTALL_DOCKER_CLIENT=${WORKSPACE_INSTALL_DOCKER_CLIENT}
|
||||
- INSTALL_MEMCACHED=${WORKSPACE_INSTALL_MEMCACHED}
|
||||
@ -267,6 +267,7 @@ services:
|
||||
- INSTALL_XMLRPC=${PHP_FPM_INSTALL_XMLRPC}
|
||||
- INSTALL_PHPDECIMAL=${PHP_FPM_INSTALL_PHPDECIMAL}
|
||||
- INSTALL_ZOOKEEPER=${PHP_FPM_INSTALL_ZOOKEEPER}
|
||||
- INSTALL_SSDB=${PHP_FPM_INSTALL_SSDB}
|
||||
- DOWNGRADE_OPENSSL_TLS_AND_SECLEVEL=${PHP_DOWNGRADE_OPENSSL_TLS_AND_SECLEVEL}
|
||||
- PUID=${PHP_FPM_PUID}
|
||||
- PGID=${PHP_FPM_PGID}
|
||||
@ -337,6 +338,7 @@ services:
|
||||
- INSTALL_REDIS=${PHP_WORKER_INSTALL_REDIS}
|
||||
- INSTALL_IMAP=${PHP_WORKER_INSTALL_IMAP}
|
||||
- INSTALL_XMLRPC=${PHP_WORKER_INSTALL_XMLRPC}
|
||||
- INSTALL_SSDB=${PHP_WORKER_INSTALL_SSDB}
|
||||
- PUID=${PHP_WORKER_PUID}
|
||||
- PGID=${PHP_WORKER_PGID}
|
||||
- IMAGEMAGICK_VERSION=${PHP_WORKER_IMAGEMAGICK_VERSION}
|
||||
@ -412,6 +414,32 @@ services:
|
||||
- frontend
|
||||
- backend
|
||||
|
||||
### OpenResty Server #########################################
|
||||
openresty:
|
||||
build:
|
||||
context: ./openresty
|
||||
args:
|
||||
- CHANGE_SOURCE=${CHANGE_SOURCE}
|
||||
- PHP_UPSTREAM_CONTAINER=${OPENRESTY_PHP_UPSTREAM_CONTAINER}
|
||||
- PHP_UPSTREAM_PORT=${OPENRESTY_PHP_UPSTREAM_PORT}
|
||||
- http_proxy
|
||||
- https_proxy
|
||||
- no_proxy
|
||||
volumes:
|
||||
- ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}${APP_CODE_CONTAINER_FLAG}
|
||||
- ${OPENRESTY_HOST_LOG_PATH}:/var/log/nginx
|
||||
- ${OPENRESTY_SITES_PATH}:/etc/nginx/sites-available
|
||||
- ${OPENRESTY_SSL_PATH}:/etc/nginx/ssl
|
||||
ports:
|
||||
- "${OPENRESTY_HOST_HTTP_PORT}:80"
|
||||
- "${OPENRESTY_HOST_HTTPS_PORT}:443"
|
||||
- "${VARNISH_BACKEND_PORT}:81"
|
||||
depends_on:
|
||||
- php-fpm
|
||||
networks:
|
||||
- frontend
|
||||
- backend
|
||||
|
||||
### Blackfire ########################################
|
||||
blackfire:
|
||||
image: blackfire/blackfire
|
||||
@ -468,9 +496,10 @@ services:
|
||||
- ${DATA_PATH_HOST}/minio/config:/root/.minio
|
||||
ports:
|
||||
- "${MINIO_PORT}:9000"
|
||||
- "${MINIO_CONSOLE_PORT}:9001"
|
||||
environment:
|
||||
- MINIO_ACCESS_KEY=access
|
||||
- MINIO_SECRET_KEY=secretkey
|
||||
- MINIO_ROOT_USER=${MINIO_ROOT_USER}
|
||||
- MINIO_ROOT_PASSWORD=${MINIO_ROOT_PASSWORD}
|
||||
networks:
|
||||
- frontend
|
||||
- backend
|
||||
@ -691,6 +720,15 @@ services:
|
||||
- "${REDIS_CLUSTER_PORT_RANGE}:7000-7005"
|
||||
networks:
|
||||
- backend
|
||||
### SSDB ################################################
|
||||
ssdb:
|
||||
build: ./ssdb
|
||||
volumes:
|
||||
- ${DATA_PATH_HOST}/ssdb:/data
|
||||
ports:
|
||||
- "${SSDB_PORT}:8888"
|
||||
networks:
|
||||
- backend
|
||||
|
||||
### ZooKeeper #########################################
|
||||
zookeeper:
|
||||
@ -766,12 +804,11 @@ services:
|
||||
- "${RABBITMQ_MANAGEMENT_HTTP_HOST_PORT}:15672"
|
||||
- "${RABBITMQ_MANAGEMENT_HTTPS_HOST_PORT}:15671"
|
||||
privileged: true
|
||||
environment:
|
||||
- RABBITMQ_DEFAULT_USER=${RABBITMQ_DEFAULT_USER}
|
||||
- RABBITMQ_DEFAULT_PASS=${RABBITMQ_DEFAULT_PASS}
|
||||
hostname: laradock-rabbitmq
|
||||
volumes:
|
||||
- ${DATA_PATH_HOST}/rabbitmq:/var/lib/rabbitmq
|
||||
- ./rabbitmq/rabbitmq.conf:/etc/rabbitmq/rabbitmq.conf
|
||||
- ./rabbitmq/management_agent.disable_metrics_collector.conf:/etc/rabbitmq/conf.d/management_agent.disable_metrics_collector.conf
|
||||
depends_on:
|
||||
- php-fpm
|
||||
networks:
|
||||
|
@ -5,7 +5,7 @@
|
||||
#
|
||||
|
||||
ARG LARADOCK_PHP_VERSION
|
||||
FROM php:${LARADOCK_PHP_VERSION}-alpine
|
||||
FROM php:${LARADOCK_PHP_VERSION}-alpine3.13
|
||||
|
||||
LABEL maintainer="Mahmoud Zalt <mahmoud@zalt.me>"
|
||||
|
||||
|
@ -2,4 +2,4 @@ FROM minio/minio
|
||||
|
||||
LABEL maintainer="Thor Erik Lie <thor@thorerik.com>"
|
||||
|
||||
ENTRYPOINT ["minio", "server", "/export"]
|
||||
ENTRYPOINT ["minio", "server", "--console-address", ":9001", "/export"]
|
||||
|
211
openresty/Dockerfile
Normal file
211
openresty/Dockerfile
Normal file
@ -0,0 +1,211 @@
|
||||
# Dockerfile - alpine
|
||||
# https://github.com/openresty/docker-openresty
|
||||
|
||||
ARG RESTY_IMAGE_BASE="alpine"
|
||||
ARG RESTY_IMAGE_TAG="3.13"
|
||||
|
||||
FROM ${RESTY_IMAGE_BASE}:${RESTY_IMAGE_TAG}
|
||||
|
||||
LABEL maintainer="Evan Wies <evan@neomantra.net>"
|
||||
|
||||
# Docker Build Arguments
|
||||
ARG RESTY_IMAGE_BASE="alpine"
|
||||
ARG RESTY_IMAGE_TAG="3.13"
|
||||
ARG RESTY_VERSION="1.19.3.2"
|
||||
ARG RESTY_OPENSSL_VERSION="1.1.1k"
|
||||
ARG RESTY_OPENSSL_PATCH_VERSION="1.1.1f"
|
||||
ARG RESTY_OPENSSL_URL_BASE="https://www.openssl.org/source"
|
||||
ARG RESTY_PCRE_VERSION="8.44"
|
||||
ARG RESTY_J="1"
|
||||
ARG RESTY_CONFIG_OPTIONS="\
|
||||
--with-compat \
|
||||
--with-file-aio \
|
||||
--with-http_addition_module \
|
||||
--with-http_auth_request_module \
|
||||
--with-http_dav_module \
|
||||
--with-http_flv_module \
|
||||
--with-http_geoip_module=dynamic \
|
||||
--with-http_gunzip_module \
|
||||
--with-http_gzip_static_module \
|
||||
--with-http_image_filter_module=dynamic \
|
||||
--with-http_mp4_module \
|
||||
--with-http_random_index_module \
|
||||
--with-http_realip_module \
|
||||
--with-http_secure_link_module \
|
||||
--with-http_slice_module \
|
||||
--with-http_ssl_module \
|
||||
--with-http_stub_status_module \
|
||||
--with-http_sub_module \
|
||||
--with-http_v2_module \
|
||||
--with-http_xslt_module=dynamic \
|
||||
--with-ipv6 \
|
||||
--with-mail \
|
||||
--with-mail_ssl_module \
|
||||
--with-md5-asm \
|
||||
--with-pcre-jit \
|
||||
--with-sha1-asm \
|
||||
--with-stream \
|
||||
--with-stream_ssl_module \
|
||||
--with-threads \
|
||||
"
|
||||
ARG RESTY_CONFIG_OPTIONS_MORE="\
|
||||
--conf-path=/etc/nginx/nginx.conf \
|
||||
--error-log-path=/var/log/nginx/error.log \
|
||||
--http-log-path=/var/log/nginx/access.log \
|
||||
--pid-path=/var/run/nginx.pid \
|
||||
--user=www-data \
|
||||
--group=www-data \
|
||||
--with-http_iconv_module \
|
||||
--add-module=/tmp/nginx-ct-master \
|
||||
--add-module=/tmp/nginx-dav-ext-module-master \
|
||||
--add-module=/tmp/ngx_brotli \
|
||||
--add-module=/tmp/ngx_cache_purge-master \
|
||||
--add-module=/tmp/ngx_http_substitutions_filter_module-master \
|
||||
"
|
||||
ARG RESTY_LUAJIT_OPTIONS="--with-luajit-xcflags='-DLUAJIT_NUMMODE=2 -DLUAJIT_ENABLE_LUA52COMPAT'"
|
||||
|
||||
ARG RESTY_ADD_PACKAGE_BUILDDEPS=""
|
||||
ARG RESTY_ADD_PACKAGE_RUNDEPS=""
|
||||
ARG RESTY_EVAL_PRE_CONFIGURE=""
|
||||
ARG RESTY_EVAL_POST_MAKE=""
|
||||
|
||||
# These are not intended to be user-specified
|
||||
ARG _RESTY_CONFIG_DEPS="--with-pcre \
|
||||
--with-cc-opt='-DNGX_LUA_ABORT_AT_PANIC -I/usr/local/openresty/pcre/include -I/usr/local/openresty/openssl/include' \
|
||||
--with-ld-opt='-L/usr/local/openresty/pcre/lib -L/usr/local/openresty/openssl/lib -Wl,-rpath,/usr/local/openresty/pcre/lib:/usr/local/openresty/openssl/lib' \
|
||||
"
|
||||
|
||||
LABEL resty_image_base="${RESTY_IMAGE_BASE}"
|
||||
LABEL resty_image_tag="${RESTY_IMAGE_TAG}"
|
||||
LABEL resty_version="${RESTY_VERSION}"
|
||||
LABEL resty_openssl_version="${RESTY_OPENSSL_VERSION}"
|
||||
LABEL resty_openssl_patch_version="${RESTY_OPENSSL_PATCH_VERSION}"
|
||||
LABEL resty_openssl_url_base="${RESTY_OPENSSL_URL_BASE}"
|
||||
LABEL resty_pcre_version="${RESTY_PCRE_VERSION}"
|
||||
LABEL resty_config_options="${RESTY_CONFIG_OPTIONS}"
|
||||
LABEL resty_config_options_more="${RESTY_CONFIG_OPTIONS_MORE}"
|
||||
LABEL resty_config_deps="${_RESTY_CONFIG_DEPS}"
|
||||
LABEL resty_add_package_builddeps="${RESTY_ADD_PACKAGE_BUILDDEPS}"
|
||||
LABEL resty_add_package_rundeps="${RESTY_ADD_PACKAGE_RUNDEPS}"
|
||||
LABEL resty_eval_pre_configure="${RESTY_EVAL_PRE_CONFIGURE}"
|
||||
LABEL resty_eval_post_make="${RESTY_EVAL_POST_MAKE}"
|
||||
|
||||
ARG CHANGE_SOURCE=false
|
||||
RUN if [ ${CHANGE_SOURCE} = true ]; then \
|
||||
# Change application source from dl-cdn.alpinelinux.org to aliyun source
|
||||
sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/' /etc/apk/repositories \
|
||||
;fi
|
||||
|
||||
RUN set -x ; \
|
||||
addgroup -g 82 -S www-data ; \
|
||||
adduser -u 82 -D -S -G www-data www-data && exit 0 ; exit 1
|
||||
|
||||
|
||||
RUN apk add --no-cache --virtual .build-deps \
|
||||
build-base \
|
||||
coreutils \
|
||||
curl \
|
||||
gd-dev \
|
||||
geoip-dev \
|
||||
libxslt-dev \
|
||||
linux-headers \
|
||||
make \
|
||||
perl-dev \
|
||||
readline-dev \
|
||||
zlib-dev \
|
||||
${RESTY_ADD_PACKAGE_BUILDDEPS} \
|
||||
&& apk add --no-cache \
|
||||
gd \
|
||||
geoip \
|
||||
libgcc \
|
||||
libxslt \
|
||||
zlib \
|
||||
bash \
|
||||
logrotate \
|
||||
openssl \
|
||||
${RESTY_ADD_PACKAGE_RUNDEPS} \
|
||||
&& cd /tmp \
|
||||
&& if [ -n "${RESTY_EVAL_PRE_CONFIGURE}" ]; then eval $(echo ${RESTY_EVAL_PRE_CONFIGURE}); fi \
|
||||
&& cd /tmp \
|
||||
&& curl -fSL "${RESTY_OPENSSL_URL_BASE}/openssl-${RESTY_OPENSSL_VERSION}.tar.gz" -o openssl-${RESTY_OPENSSL_VERSION}.tar.gz \
|
||||
&& tar xzf openssl-${RESTY_OPENSSL_VERSION}.tar.gz \
|
||||
&& cd openssl-${RESTY_OPENSSL_VERSION} \
|
||||
&& if [ $(echo ${RESTY_OPENSSL_VERSION} | cut -c 1-5) = "1.1.1" ] ; then \
|
||||
echo 'patching OpenSSL 1.1.1 for OpenResty' \
|
||||
&& curl -s https://raw.githubusercontent.com/openresty/openresty/master/patches/openssl-${RESTY_OPENSSL_PATCH_VERSION}-sess_set_get_cb_yield.patch | patch -p1 ; \
|
||||
fi \
|
||||
&& if [ $(echo ${RESTY_OPENSSL_VERSION} | cut -c 1-5) = "1.1.0" ] ; then \
|
||||
echo 'patching OpenSSL 1.1.0 for OpenResty' \
|
||||
&& curl -s https://raw.githubusercontent.com/openresty/openresty/ed328977028c3ec3033bc25873ee360056e247cd/patches/openssl-1.1.0j-parallel_build_fix.patch | patch -p1 \
|
||||
&& curl -s https://raw.githubusercontent.com/openresty/openresty/master/patches/openssl-${RESTY_OPENSSL_PATCH_VERSION}-sess_set_get_cb_yield.patch | patch -p1 ; \
|
||||
fi \
|
||||
&& ./config \
|
||||
no-threads shared zlib -g \
|
||||
enable-ssl3 enable-ssl3-method \
|
||||
--prefix=/usr/local/openresty/openssl \
|
||||
--libdir=lib \
|
||||
-Wl,-rpath,/usr/local/openresty/openssl/lib \
|
||||
&& make -j${RESTY_J} \
|
||||
&& make -j${RESTY_J} install_sw \
|
||||
&& cd /tmp \
|
||||
&& curl -fSL https://ftp.pcre.org/pub/pcre/pcre-${RESTY_PCRE_VERSION}.tar.gz -o pcre-${RESTY_PCRE_VERSION}.tar.gz \
|
||||
&& tar xzf pcre-${RESTY_PCRE_VERSION}.tar.gz \
|
||||
&& cd /tmp/pcre-${RESTY_PCRE_VERSION} \
|
||||
&& ./configure \
|
||||
--prefix=/usr/local/openresty/pcre \
|
||||
--disable-cpp \
|
||||
--enable-jit \
|
||||
--enable-utf \
|
||||
--enable-unicode-properties \
|
||||
&& make -j${RESTY_J} \
|
||||
&& make -j${RESTY_J} install \
|
||||
&& cd /tmp \
|
||||
&& curl -fSL https://openresty.org/download/openresty-${RESTY_VERSION}.tar.gz -o openresty-${RESTY_VERSION}.tar.gz \
|
||||
&& tar xzf openresty-${RESTY_VERSION}.tar.gz \
|
||||
&& curl -fSL https://github.com/grahamedgecombe/nginx-ct/archive/master.tar.gz -o nginx-ct.tar.gz \
|
||||
&& tar xzf nginx-ct.tar.gz \
|
||||
&& curl -fSL https://github.com/arut/nginx-dav-ext-module/archive/master.tar.gz -o nginx-dav-ext-module.tar.gz \
|
||||
&& tar xzf nginx-dav-ext-module.tar.gz \
|
||||
&& curl -fSL https://www.downsoft.cn/software/linux/nginx/ngx_brotli.tar.gz -o ngx_brotli.tar.gz \
|
||||
&& tar xzf ngx_brotli.tar.gz \
|
||||
&& curl -fSL https://github.com/yaoweibin/ngx_http_substitutions_filter_module/archive/master.tar.gz -o ngx_http_substitutions_filter_module.tar.gz \
|
||||
&& tar xzf ngx_http_substitutions_filter_module.tar.gz \
|
||||
&& curl -fSL https://github.com/FRiCKLE/ngx_cache_purge/archive/master.tar.gz -o ngx_cache_purge.tar.gz \
|
||||
&& tar xzf ngx_cache_purge.tar.gz \
|
||||
&& cd /tmp/openresty-${RESTY_VERSION} \
|
||||
&& eval ./configure -j${RESTY_J} ${_RESTY_CONFIG_DEPS} ${RESTY_CONFIG_OPTIONS} ${RESTY_CONFIG_OPTIONS_MORE} ${RESTY_LUAJIT_OPTIONS} \
|
||||
&& make -j${RESTY_J} \
|
||||
&& make -j${RESTY_J} install \
|
||||
&& cd /tmp \
|
||||
&& if [ -n "${RESTY_EVAL_POST_MAKE}" ]; then eval $(echo ${RESTY_EVAL_POST_MAKE}); fi \
|
||||
&& rm -rf \
|
||||
openssl-${RESTY_OPENSSL_VERSION}.tar.gz openssl-${RESTY_OPENSSL_VERSION} \
|
||||
pcre-${RESTY_PCRE_VERSION}.tar.gz pcre-${RESTY_PCRE_VERSION} \
|
||||
openresty-${RESTY_VERSION}.tar.gz openresty-${RESTY_VERSION} \
|
||||
&& apk del .build-deps \
|
||||
&& mkdir -p /etc/nginx/conf.d/ /var/run/openresty/
|
||||
|
||||
# Add additional binaries into PATH for convenience
|
||||
ENV PATH=$PATH:/usr/local/openresty/luajit/bin:/usr/local/openresty/nginx/sbin:/usr/local/openresty/bin
|
||||
|
||||
|
||||
ARG PHP_UPSTREAM_CONTAINER=php-fpm
|
||||
ARG PHP_UPSTREAM_PORT=9000
|
||||
|
||||
# Create 'messages' file used from 'logrotate'
|
||||
RUN touch /var/log/messages
|
||||
|
||||
# Copy 'logrotate' config file
|
||||
COPY logrotate/nginx /etc/logrotate.d/
|
||||
|
||||
# Set upstream conf and remove the default conf
|
||||
RUN echo "upstream php-upstream { server ${PHP_UPSTREAM_CONTAINER}:${PHP_UPSTREAM_PORT}; }" > /etc/nginx/conf.d/upstream.conf
|
||||
|
||||
# Copy nginx configuration files
|
||||
COPY nginx.conf /etc/nginx/
|
||||
|
||||
ADD ./startup.sh /opt/startup.sh
|
||||
RUN sed -i 's/\r//g' /opt/startup.sh
|
||||
CMD ["/bin/bash", "/opt/startup.sh"]
|
||||
|
||||
EXPOSE 80 81 443
|
14
openresty/logrotate/nginx
Normal file
14
openresty/logrotate/nginx
Normal file
@ -0,0 +1,14 @@
|
||||
/var/log/nginx/*.log {
|
||||
daily
|
||||
missingok
|
||||
rotate 32
|
||||
compress
|
||||
delaycompress
|
||||
nodateext
|
||||
notifempty
|
||||
create 644 www-data root
|
||||
sharedscripts
|
||||
postrotate
|
||||
[ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid`
|
||||
endscript
|
||||
}
|
100
openresty/nginx.conf
Normal file
100
openresty/nginx.conf
Normal file
@ -0,0 +1,100 @@
|
||||
# nginx.conf -- docker-openresty
|
||||
#
|
||||
# This file is installed to:
|
||||
# `/usr/local/openresty/nginx/conf/nginx.conf`
|
||||
# and is the file loaded by nginx at startup,
|
||||
# unless the user specifies otherwise.
|
||||
#
|
||||
# It tracks the upstream OpenResty's `nginx.conf`, but removes the `server`
|
||||
# section and adds this directive:
|
||||
# `include /etc/nginx/conf.d/*.conf;`
|
||||
#
|
||||
# The `docker-openresty` file `nginx.vh.default.conf` is copied to
|
||||
# `/etc/nginx/conf.d/default.conf`. It contains the `server section
|
||||
# of the upstream `nginx.conf`.
|
||||
#
|
||||
# See https://github.com/openresty/docker-openresty/blob/master/README.md#nginx-config-files
|
||||
#
|
||||
|
||||
user www-data;
|
||||
worker_processes 4;
|
||||
|
||||
# Enables the use of JIT for regular expressions to speed-up their processing.
|
||||
pcre_jit on;
|
||||
|
||||
|
||||
#error_log logs/error.log;
|
||||
#error_log logs/error.log notice;
|
||||
#error_log logs/error.log info;
|
||||
|
||||
pid /var/run/nginx.pid;
|
||||
daemon off;
|
||||
|
||||
worker_rlimit_nofile 65535;
|
||||
events {
|
||||
use epoll;
|
||||
worker_connections 65535;
|
||||
multi_accept on;
|
||||
accept_mutex on;
|
||||
}
|
||||
|
||||
http {
|
||||
include mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
# Enables or disables the use of underscores in client request header fields.
|
||||
# When the use of underscores is disabled, request header fields whose names contain underscores are marked as invalid and become subject to the ignore_invalid_headers directive.
|
||||
# underscores_in_headers off;
|
||||
|
||||
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
'$status $body_bytes_sent "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for" "$host"';
|
||||
#access_log logs/access.log main;
|
||||
|
||||
# Log in JSON Format
|
||||
# log_format nginxlog_json escape=json '{ "timestamp": "$time_iso8601", '
|
||||
# '"remote_addr": "$remote_addr", '
|
||||
# '"body_bytes_sent": $body_bytes_sent, '
|
||||
# '"request_time": $request_time, '
|
||||
# '"response_status": $status, '
|
||||
# '"request": "$request", '
|
||||
# '"request_method": "$request_method", '
|
||||
# '"host": "$host",'
|
||||
# '"upstream_addr": "$upstream_addr",'
|
||||
# '"http_x_forwarded_for": "$http_x_forwarded_for",'
|
||||
# '"http_referrer": "$http_referer", '
|
||||
# '"http_user_agent": "$http_user_agent", '
|
||||
# '"http_version": "$server_protocol", '
|
||||
# '"nginx_access": true }';
|
||||
# access_log /dev/stdout nginxlog_json;
|
||||
|
||||
# See Move default writable paths to a dedicated directory (#119)
|
||||
# https://github.com/openresty/docker-openresty/issues/119
|
||||
client_body_temp_path /var/run/openresty/nginx-client-body;
|
||||
proxy_temp_path /var/run/openresty/nginx-proxy;
|
||||
fastcgi_temp_path /var/run/openresty/nginx-fastcgi;
|
||||
uwsgi_temp_path /var/run/openresty/nginx-uwsgi;
|
||||
scgi_temp_path /var/run/openresty/nginx-scgi;
|
||||
|
||||
sendfile on;
|
||||
tcp_nopush on;
|
||||
tcp_nodelay on;
|
||||
|
||||
#keepalive_timeout 0;
|
||||
keepalive_timeout 65;
|
||||
types_hash_max_size 2048;
|
||||
client_max_body_size 128M;
|
||||
|
||||
gzip on;
|
||||
gzip_disable "msie6";
|
||||
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
|
||||
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
include /etc/nginx/sites-available/*.conf;
|
||||
|
||||
# Don't reveal OpenResty version to clients.
|
||||
server_tokens off;
|
||||
charset UTF-8;
|
||||
}
|
2
openresty/sites/.gitignore
vendored
Normal file
2
openresty/sites/.gitignore
vendored
Normal file
@ -0,0 +1,2 @@
|
||||
*.conf
|
||||
!default.conf
|
43
openresty/sites/app.conf.example
Normal file
43
openresty/sites/app.conf.example
Normal file
@ -0,0 +1,43 @@
|
||||
server {
|
||||
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
|
||||
# For https
|
||||
# listen 443 ssl;
|
||||
# listen [::]:443 ssl ipv6only=on;
|
||||
# ssl_certificate /etc/nginx/ssl/default.crt;
|
||||
# ssl_certificate_key /etc/nginx/ssl/default.key;
|
||||
|
||||
server_name app.test;
|
||||
root /var/www/app;
|
||||
index index.php index.html index.htm;
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/ /index.php$is_args$args;
|
||||
}
|
||||
|
||||
location ~ \.php$ {
|
||||
try_files $uri /index.php =404;
|
||||
fastcgi_pass php-upstream;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_buffers 16 16k;
|
||||
fastcgi_buffer_size 32k;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
#fixes timeouts
|
||||
fastcgi_read_timeout 600;
|
||||
include fastcgi_params;
|
||||
}
|
||||
|
||||
location ~ /\.ht {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location /.well-known/acme-challenge/ {
|
||||
root /var/www/letsencrypt/;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
error_log /var/log/nginx/app_error.log;
|
||||
access_log /var/log/nginx/app_access.log;
|
||||
}
|
43
openresty/sites/confluence.conf.example
Normal file
43
openresty/sites/confluence.conf.example
Normal file
@ -0,0 +1,43 @@
|
||||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name www.confluence-domain.com;
|
||||
rewrite ^(.*) https://confluence-domain.com$1/ permanent;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name confluence-domain.com;
|
||||
rewrite ^(.*) https://confluence-domain.com/ permanent;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
ssl_certificate /etc/nginx/ssl/confluence-domain.com.crt;
|
||||
ssl_certificate_key /etc/nginx/ssl/confluence-domain.com.key;
|
||||
|
||||
server_name confluence-domain.com;
|
||||
|
||||
location / {
|
||||
client_max_body_size 100m;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
proxy_set_header X-Forwarded-Server $host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_pass http://confluence-domain.com:8090/;
|
||||
}
|
||||
|
||||
location /synchrony {
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
proxy_set_header X-Forwarded-Server $host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_pass http://confluence-domain.com:8090/synchrony-proxy;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "Upgrade";
|
||||
}
|
||||
|
||||
error_log /var/log/nginx/bookchangerru_error.log;
|
||||
access_log /var/log/nginx/bookchangerru_access.log;
|
||||
}
|
40
openresty/sites/default.conf
Normal file
40
openresty/sites/default.conf
Normal file
@ -0,0 +1,40 @@
|
||||
server {
|
||||
|
||||
listen 80 default_server;
|
||||
listen [::]:80 default_server ipv6only=on;
|
||||
|
||||
# For https
|
||||
# listen 443 ssl default_server;
|
||||
# listen [::]:443 ssl default_server ipv6only=on;
|
||||
# ssl_certificate /etc/nginx/ssl/default.crt;
|
||||
# ssl_certificate_key /etc/nginx/ssl/default.key;
|
||||
|
||||
server_name localhost;
|
||||
root /var/www/public;
|
||||
index index.php index.html index.htm;
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/ /index.php$is_args$args;
|
||||
}
|
||||
|
||||
location ~ \.php$ {
|
||||
try_files $uri /index.php =404;
|
||||
fastcgi_pass php-upstream;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_buffers 16 16k;
|
||||
fastcgi_buffer_size 32k;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
#fixes timeouts
|
||||
fastcgi_read_timeout 600;
|
||||
include fastcgi_params;
|
||||
}
|
||||
|
||||
location ~ /\.ht {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location /.well-known/acme-challenge/ {
|
||||
root /var/www/letsencrypt/;
|
||||
log_not_found off;
|
||||
}
|
||||
}
|
49
openresty/sites/laravel.conf.example
Normal file
49
openresty/sites/laravel.conf.example
Normal file
@ -0,0 +1,49 @@
|
||||
#server {
|
||||
# listen 80;
|
||||
# server_name laravel.com.co;
|
||||
# return 301 https://laravel.com.co$request_uri;
|
||||
#}
|
||||
|
||||
server {
|
||||
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
|
||||
# For https
|
||||
# listen 443 ssl;
|
||||
# listen [::]:443 ssl ipv6only=on;
|
||||
# ssl_certificate /etc/nginx/ssl/default.crt;
|
||||
# ssl_certificate_key /etc/nginx/ssl/default.key;
|
||||
|
||||
server_name laravel.test;
|
||||
root /var/www/laravel/public;
|
||||
index index.php index.html index.htm;
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/ /index.php$is_args$args;
|
||||
}
|
||||
|
||||
location ~ \.php$ {
|
||||
try_files $uri /index.php =404;
|
||||
fastcgi_pass php-upstream;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_buffers 16 16k;
|
||||
fastcgi_buffer_size 32k;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
#fixes timeouts
|
||||
fastcgi_read_timeout 600;
|
||||
include fastcgi_params;
|
||||
}
|
||||
|
||||
location ~ /\.ht {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location /.well-known/acme-challenge/ {
|
||||
root /var/www/letsencrypt/;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
error_log /var/log/nginx/laravel_error.log;
|
||||
access_log /var/log/nginx/laravel_access.log;
|
||||
}
|
110
openresty/sites/laravel_varnish.conf.example
Normal file
110
openresty/sites/laravel_varnish.conf.example
Normal file
@ -0,0 +1,110 @@
|
||||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name www.laravel.test;
|
||||
rewrite ^(.*) https://laravel.test$1/ permanent;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name laravel.test;
|
||||
rewrite ^(.*) https://laravel.test$1/ permanent;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl ;
|
||||
listen [::]:443 ssl;
|
||||
ssl_certificate /etc/nginx/ssl/laravel.test.crt;
|
||||
ssl_certificate_key /etc/nginx/ssl/laravel.test.key;
|
||||
server_name www.laravel.test;
|
||||
rewrite ^(.*) https://laravel.test$1/ permanent;
|
||||
}
|
||||
|
||||
server {
|
||||
server_name laravel.test;
|
||||
|
||||
# For https
|
||||
listen 443 ssl ;
|
||||
listen [::]:443 ssl;
|
||||
ssl_certificate /etc/nginx/ssl/laravel.test.crt;
|
||||
ssl_certificate_key /etc/nginx/ssl/laravel.test.key;
|
||||
|
||||
port_in_redirect off;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=31536000";
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
|
||||
location / {
|
||||
proxy_pass http://proxy:6081;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto https;
|
||||
proxy_set_header HTTPS "on";
|
||||
proxy_redirect off;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
server_name laravel.test;
|
||||
|
||||
listen 81;
|
||||
listen [::]:81;
|
||||
|
||||
root /var/www/laravel.test/www;
|
||||
|
||||
index index.php index.html index.htm;
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/ /index.php$is_args$args;
|
||||
}
|
||||
|
||||
location ~ \.php$ {
|
||||
fastcgi_max_temp_file_size 4m;
|
||||
fastcgi_pass php-upstream;
|
||||
|
||||
# Additional configs
|
||||
fastcgi_pass_header Set-Cookie;
|
||||
fastcgi_pass_header Cookie;
|
||||
fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
|
||||
try_files $uri /index.php =404;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||
fastcgi_param PATH_INFO $fastcgi_path_info;
|
||||
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
|
||||
fastcgi_param HTTPS on;
|
||||
|
||||
fastcgi_buffers 16 16k;
|
||||
fastcgi_buffer_size 32k;
|
||||
|
||||
fastcgi_intercept_errors on;
|
||||
|
||||
#fixes timeouts
|
||||
fastcgi_read_timeout 600;
|
||||
include fastcgi_params;
|
||||
}
|
||||
|
||||
# Caching
|
||||
location ~* \.(ico|jpg|webp|jpeg|gif|css|png|js|ico|bmp|zip|woff)$ {
|
||||
access_log off;
|
||||
log_not_found off;
|
||||
add_header Pragma public;
|
||||
add_header Cache-Control "public";
|
||||
expires 14d;
|
||||
}
|
||||
|
||||
location ~* \.(php|html)$ {
|
||||
access_log on;
|
||||
log_not_found on;
|
||||
add_header Pragma public;
|
||||
add_header Cache-Control "public";
|
||||
expires 14d;
|
||||
}
|
||||
|
||||
location ~ /\.ht {
|
||||
deny all;
|
||||
}
|
||||
}
|
47
openresty/sites/node.conf.example
Normal file
47
openresty/sites/node.conf.example
Normal file
@ -0,0 +1,47 @@
|
||||
#server {
|
||||
# listen 80;
|
||||
# server_name node.com.co;
|
||||
# return 301 https://node.com.co$request_uri;
|
||||
#}
|
||||
|
||||
server {
|
||||
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
|
||||
#listen 443;
|
||||
#listen [::]:443;
|
||||
|
||||
server_name node.com.co;
|
||||
|
||||
#ssl on;
|
||||
#ssl_certificate /var/certs/node.com.co/cert.pem;
|
||||
#ssl_certificate_key /var/certs/node.com.co/privkey.pem;
|
||||
#ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
|
||||
#ssl_ciphers HIGH:!aNULL:!MD5;
|
||||
|
||||
|
||||
location / {
|
||||
proxy_pass http://node.com.co:3001;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection 'upgrade';
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_cache_bypass $http_upgrade;
|
||||
}
|
||||
|
||||
location ~ /\.ht {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location /.well-known/acme-challenge/ {
|
||||
root /var/www/letsencrypt/;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
error_log /var/log/nginx/node.com.co.local_error.log;
|
||||
access_log /var/log/nginx/node.com.co.local_access.log;
|
||||
}
|
42
openresty/sites/symfony.conf.example
Normal file
42
openresty/sites/symfony.conf.example
Normal file
@ -0,0 +1,42 @@
|
||||
server {
|
||||
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
|
||||
# For https
|
||||
# listen 443 ssl;
|
||||
# listen [::]:443 ssl ipv6only=on;
|
||||
# ssl_certificate /etc/nginx/ssl/default.crt;
|
||||
# ssl_certificate_key /etc/nginx/ssl/default.key;
|
||||
|
||||
server_name symfony.test;
|
||||
root /var/www/projects/symfony/web;
|
||||
index index.php index.html index.htm;
|
||||
|
||||
location / {
|
||||
try_files $uri @rewriteapp;
|
||||
}
|
||||
|
||||
# For Symfony 3
|
||||
location @rewriteapp {
|
||||
rewrite ^(.*)$ /app.php/$1 last;
|
||||
}
|
||||
|
||||
# For Symfony 4 config
|
||||
# location @rewriteapp {
|
||||
# rewrite ^(.*)$ /index.php/$1 last;
|
||||
# }
|
||||
|
||||
location ~ ^/(app|app_dev|config|index)\.php(/|$) {
|
||||
fastcgi_pass php-upstream;
|
||||
fastcgi_split_path_info ^(.+\.php)(/.*)$;
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
#fixes timeouts
|
||||
fastcgi_read_timeout 600;
|
||||
fastcgi_param HTTPS off;
|
||||
}
|
||||
|
||||
error_log /var/log/nginx/symfony_error.log;
|
||||
access_log /var/log/nginx/symfony_access.log;
|
||||
}
|
4
openresty/ssl/.gitignore
vendored
Normal file
4
openresty/ssl/.gitignore
vendored
Normal file
@ -0,0 +1,4 @@
|
||||
*.crt
|
||||
*.csr
|
||||
*.key
|
||||
*.pem
|
14
openresty/startup.sh
Normal file
14
openresty/startup.sh
Normal file
@ -0,0 +1,14 @@
|
||||
#!/bin/bash
|
||||
|
||||
if [ ! -f /etc/nginx/ssl/default.crt ]; then
|
||||
openssl genrsa -out "/etc/nginx/ssl/default.key" 2048
|
||||
openssl req -new -key "/etc/nginx/ssl/default.key" -out "/etc/nginx/ssl/default.csr" -subj "/CN=default/O=default/C=UK"
|
||||
openssl x509 -req -days 365 -in "/etc/nginx/ssl/default.csr" -signkey "/etc/nginx/ssl/default.key" -out "/etc/nginx/ssl/default.crt"
|
||||
chmod 644 /etc/nginx/ssl/default.key
|
||||
fi
|
||||
|
||||
# Start crond in background
|
||||
crond -l 2 -b
|
||||
|
||||
# Start nginx in foreground
|
||||
nginx
|
@ -990,12 +990,10 @@ ARG INSTALL_AUDIOWAVEFORM=false
|
||||
|
||||
RUN if [ ${INSTALL_AUDIOWAVEFORM} = true ]; then \
|
||||
apt-get -y install wget make cmake gcc g++ libmad0-dev libid3tag0-dev libsndfile1-dev libgd-dev libboost-filesystem-dev libboost-program-options-dev libboost-regex-dev \
|
||||
&& cd /tmp \
|
||||
&& git clone https://github.com/bbc/audiowaveform.git \
|
||||
&& cd audiowaveform \
|
||||
&& wget https://github.com/google/googletest/archive/release-1.10.0.tar.gz \
|
||||
&& tar xzf release-1.10.0.tar.gz \
|
||||
&& ln -s googletest-release-1.10.0/googletest googletest \
|
||||
&& ln -s googletest-release-1.10.0/googlemock googlemock \
|
||||
&& git clone --depth=1 https://github.com/google/googletest.git -b release-1.11.0 \
|
||||
&& mkdir build \
|
||||
&& cd build \
|
||||
&& cmake .. \
|
||||
@ -1138,6 +1136,33 @@ RUN if [ ${NEW_RELIC} = true ]; then \
|
||||
-e 's/;newrelic.daemon.start_timeout =.*/newrelic.daemon.start_timeout=5s/' \
|
||||
/usr/local/etc/php/conf.d/newrelic.ini \
|
||||
;fi
|
||||
|
||||
###########################################################################
|
||||
# PHP SSDB:
|
||||
###########################################################################
|
||||
|
||||
USER root
|
||||
|
||||
ARG INSTALL_SSDB=false
|
||||
|
||||
RUN set -xe; \
|
||||
if [ ${INSTALL_SSDB} = true ] && [ $(php -r "echo PHP_MAJOR_VERSION;") != "8" ]; then \
|
||||
apt-get -y install sudo wget && \
|
||||
if [ $(php -r "echo PHP_MAJOR_VERSION;") = "7" ]; then \
|
||||
curl -L -o /tmp/ssdb-client-php.tar.gz https://github.com/jonnywang/phpssdb/archive/php7.tar.gz; \
|
||||
else \
|
||||
curl -L -o /tmp/ssdb-client-php.tar.gz https://github.com/jonnywang/phpssdb/archive/master.tar.gz; \
|
||||
fi \
|
||||
&& mkdir -p /tmp/ssdb-client-php \
|
||||
&& tar -C /tmp/ssdb-client-php -zxvf /tmp/ssdb-client-php.tar.gz --strip 1 \
|
||||
&& cd /tmp/ssdb-client-php \
|
||||
&& phpize \
|
||||
&& ./configure \
|
||||
&& make \
|
||||
&& make install \
|
||||
&& rm /tmp/ssdb-client-php.tar.gz \
|
||||
&& docker-php-ext-enable ssdb \
|
||||
;fi
|
||||
###########################################################################
|
||||
# Downgrade Openssl:
|
||||
###########################################################################
|
||||
|
@ -422,6 +422,33 @@ RUN if [ ${INSTALL_MEMCACHED} = true ]; then \
|
||||
php -m | grep -r 'memcached'; \
|
||||
fi
|
||||
|
||||
###########################################################################
|
||||
# PHP SSDB:
|
||||
###########################################################################
|
||||
|
||||
USER root
|
||||
|
||||
ARG INSTALL_SSDB=false
|
||||
|
||||
RUN set -xe; \
|
||||
if [ ${INSTALL_SSDB} = true ] && [ $(php -r "echo PHP_MAJOR_VERSION;") != "8" ]; then \
|
||||
apk --update add sudo wget && \
|
||||
if [ $(php -r "echo PHP_MAJOR_VERSION;") = "7" ]; then \
|
||||
curl -L -o /tmp/ssdb-client-php.tar.gz https://github.com/jonnywang/phpssdb/archive/php7.tar.gz; \
|
||||
else \
|
||||
curl -L -o /tmp/ssdb-client-php.tar.gz https://github.com/jonnywang/phpssdb/archive/master.tar.gz; \
|
||||
fi \
|
||||
&& mkdir -p /tmp/ssdb-client-php \
|
||||
&& tar -C /tmp/ssdb-client-php -zxvf /tmp/ssdb-client-php.tar.gz --strip 1 \
|
||||
&& cd /tmp/ssdb-client-php \
|
||||
&& phpize \
|
||||
&& ./configure \
|
||||
&& make \
|
||||
&& make install \
|
||||
&& rm /tmp/ssdb-client-php.tar.gz \
|
||||
&& docker-php-ext-enable ssdb \
|
||||
;fi
|
||||
|
||||
#
|
||||
#--------------------------------------------------------------------------
|
||||
# Optional Supervisord Configuration
|
||||
|
1
rabbitmq/management_agent.disable_metrics_collector.conf
Normal file
1
rabbitmq/management_agent.disable_metrics_collector.conf
Normal file
@ -0,0 +1 @@
|
||||
management_agent.disable_metrics_collector = false
|
2
rabbitmq/rabbitmq.conf
Normal file
2
rabbitmq/rabbitmq.conf
Normal file
@ -0,0 +1,2 @@
|
||||
default_user = guest
|
||||
default_pass = guest
|
22
ssdb/Dockerfile
Normal file
22
ssdb/Dockerfile
Normal file
@ -0,0 +1,22 @@
|
||||
FROM alpine
|
||||
LABEL maintainer="Leonard Buskin <leonardbuskin@gmail.com>"
|
||||
|
||||
ARG VERSION=${VERSION:-master}
|
||||
|
||||
RUN apk add --no-cache --virtual .build-deps \
|
||||
curl gcc g++ make autoconf libc-dev libevent-dev linux-headers perl tar \
|
||||
&& mkdir -p /ssdb/tmp \
|
||||
&& curl -Lk "https://github.com/ideawu/ssdb/archive/${VERSION}.tar.gz" | \
|
||||
tar -xz -C /ssdb/tmp --strip-components=1 \
|
||||
&& cd /ssdb/tmp \
|
||||
&& make -j$(getconf _NPROCESSORS_ONLN) \
|
||||
&& make install PREFIX=/ssdb \
|
||||
&& rm -rf /ssdb/tmp \
|
||||
&& apk add --virtual .rundeps libstdc++ \
|
||||
&& apk add --no-cache bash python2 \
|
||||
&& apk del .build-deps
|
||||
|
||||
EXPOSE 8888
|
||||
VOLUME /ssdb/var
|
||||
COPY ssdb.conf /ssdb/ssdb.conf
|
||||
CMD ["/ssdb/ssdb-server", "/ssdb/ssdb.conf"]
|
52
ssdb/ssdb.conf
Normal file
52
ssdb/ssdb.conf
Normal file
@ -0,0 +1,52 @@
|
||||
# ssdb-server config
|
||||
# MUST indent by TAB!
|
||||
|
||||
# relative to path of this file, directory must exists
|
||||
work_dir = /data
|
||||
pidfile = /run/ssdb.pid
|
||||
|
||||
server:
|
||||
#ip: 127.0.0.1
|
||||
port: 8888
|
||||
# bind to public ip
|
||||
ip: 0.0.0.0
|
||||
# format: allow|deny: all|ip_prefix
|
||||
# multiple allows or denys is supported
|
||||
deny: all
|
||||
allow: 127.0.0.1
|
||||
allow: 192.
|
||||
allow: 172.
|
||||
# auth password must be at least 32 characters
|
||||
#auth: very-strong-password
|
||||
|
||||
replication:
|
||||
binlog: yes
|
||||
# Limit sync speed to *MB/s, -1: no limit
|
||||
sync_speed: -1
|
||||
slaveof:
|
||||
# to identify a master even if it moved(ip, port changed)
|
||||
# if set to empty or not defined, ip:port will be used.
|
||||
#id: svc_2
|
||||
# sync|mirror, default is sync
|
||||
#type: sync
|
||||
#host: s1.ssdb.db
|
||||
#port: 8888
|
||||
|
||||
logger:
|
||||
level: warn
|
||||
output: /var/log/ssdb.log
|
||||
rotate:
|
||||
size: 1000000000
|
||||
|
||||
leveldb:
|
||||
# in MB
|
||||
cache_size: 500
|
||||
# in KB
|
||||
block_size: 32
|
||||
# in MB
|
||||
write_buffer_size: 64
|
||||
# in MB
|
||||
compaction_speed: 1000
|
||||
# yes|no
|
||||
compression: yes
|
||||
|
@ -1649,6 +1649,32 @@ RUN set -eux; \
|
||||
php -m | grep -q 'zookeeper'; \
|
||||
fi
|
||||
|
||||
###########################################################################
|
||||
# PHP SSDB:
|
||||
###########################################################################
|
||||
|
||||
USER root
|
||||
|
||||
ARG INSTALL_SSDB=false
|
||||
|
||||
RUN set -xe; \
|
||||
if [ ${INSTALL_SSDB} = true ] && [ $(php -r "echo PHP_MAJOR_VERSION;") != "8" ]; then \
|
||||
apt-get -y install sudo wget && \
|
||||
if [ $(php -r "echo PHP_MAJOR_VERSION;") = "7" ]; then \
|
||||
curl -L -o /tmp/ssdb-client-php.tar.gz https://github.com/jonnywang/phpssdb/archive/php7.tar.gz; \
|
||||
else \
|
||||
curl -L -o /tmp/ssdb-client-php.tar.gz https://github.com/jonnywang/phpssdb/archive/master.tar.gz; \
|
||||
fi \
|
||||
&& mkdir -p /tmp/ssdb-client-php \
|
||||
&& tar -C /tmp/ssdb-client-php -zxvf /tmp/ssdb-client-php.tar.gz --strip 1 \
|
||||
&& cd /tmp/ssdb-client-php \
|
||||
&& phpize \
|
||||
&& ./configure \
|
||||
&& make \
|
||||
&& make install \
|
||||
&& rm /tmp/ssdb-client-php.tar.gz \
|
||||
&& docker-php-ext-enable ssdb \
|
||||
;fi
|
||||
#
|
||||
#--------------------------------------------------------------------------
|
||||
# Final Touch
|
||||
|
Loading…
Reference in New Issue
Block a user