Initial commit.

nginx 1.20.1 php 7.4.21
2021-07-12 11:24:52 +05:00 · 2021-07-12 11:24:52 +05:00 · 21dfd067ec
commit 21dfd067ec
11 changed files with 2180 additions and 0 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -0,0 +1,61 @@
+image: docker:19.03.13
+
+services:
+  - docker:19.03.13-dind
+
+variables:
+  DOCKER_HOST: tcp://docker:2375
+  DOCKER_TCP_PORT: 2375
+  DOCKER_TLS_CERTDIR: ""
+  LOCAL_REGISTRY_IMAGE_LATEST: $CI_REGISTRY_IMAGE:latest
+  LOCAL_REGISTRY_IMAGE_TAGGED: $CI_REGISTRY_IMAGE:$CI_COMMIT_TAG
+  DOCKERHUB_IMAGE_LATEST: pztrn/npf:latest
+  DOCKERHUB_IMAGE_TAGGED: pztrn/npf:$CI_COMMIT_TAG
+
+stages:
+  - build
+
+before_script:
+  - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
+  - docker login -u "$DOCKERHUB_USER" -p "$DOCKERHUB_PASSWORD"
+  - docker info
+
+build-local-registry-latest:
+  stage: build
+  tags:
+    - docker
+  script:
+    - docker build --pull -t $LOCAL_REGISTRY_IMAGE_LATEST .
+    - docker push $LOCAL_REGISTRY_IMAGE_LATEST
+  only:
+    - master
+
+build-local-registry-version:
+  stage: build
+  tags:
+    - docker
+  script:
+    - docker build --pull -t $LOCAL_REGISTRY_IMAGE_TAGGED .
+    - docker push $LOCAL_REGISTRY_IMAGE_TAGGED
+  only:
+    - tags
+
+build-dockerhub-latest:
+  stage: build
+  tags:
+    - docker
+  script:
+    - docker build --pull -t $DOCKERHUB_IMAGE_LATEST .
+    - docker push $DOCKERHUB_IMAGE_LATEST
+  only:
+    - master
+
+build-dockerhub-version:
+  stage: build
+  tags:
+    - docker
+  script:
+    - docker build --pull -t $DOCKERHUB_IMAGE_TAGGED .
+    - docker push $DOCKERHUB_IMAGE_TAGGED
+  only:
+    - tags
--- a/7
+++ b/7
@ -0,0 +1,7 @@
+FROM alpine:3.14
+
+RUN apk add --no-cache nginx php7-bcmath php7-bz2 php7-common php7-ctype php7-curl php7-dba php7-dom php7-embed php7-enchant php7-exif php7-ffi php7-fileinfo php7-fpm php7-ftp php7-gd php7-gettext php7-gmp php7-iconv php7-imap php7-intl php7-json php7-ldap php7-mbstring php7-mysqlnd php7-odbc php7-opcache php7-openssl php7-pcntl php7-pdo php7-pdo_dblib php7-pdo_mysql php7-pdo_odbc php7-pdo_pgsql php7-pdo_sqlite php7-pear php7-pgsql php7-phar php7-posix php7-pspell php7-session php7-shmop php7-simplexml php7-snmp php7-soap php7-sockets php7-sodium php7-sqlite3 php7-sysvmsg php7-sysvshm php7-tidy php7-tokenizer php7-xml php7-xmlreader php7-xmlrpc php7-xmlwriter php7-xsl php7-zip s6
+
+COPY configuration/* /etc/
+
+ENTRYPOINT ["/bin/s6-svscan", "/etc/s6"]
--- a/README.md
+++ b/README.md
@ -0,0 +1,51 @@
+# nginx, php, fpm
+
+This container provides ability to use nginx with php-fpm for any PHP application.
+
+Container was created as an attempt to move everything inside Docker, even things that isn't really dockerized for some reason.
+
+**Warning:** this image isn't small and contains everything that is available in Alpine Linux for php. If you want to minimize image size - please build application-specific container!
+
+## Adding nginx configuration
+
+Just bind files (or whole directory) to `/etc/nginx/conf.d`.
+
+## Adding php-fpm configuration
+
+Just bind files (or whole directory) to `/etc/php7/php-fpm.d` with valid php-fpm configuration. Example:
+
+```ini
+[your-app]
+user = nginx
+group = nginx
+
+listen = 127.0.0.1:9000
+
+listen.owner = nginx
+listen.group = nginx
+
+listen.allowed_clients = 127.0.0.1
+
+pm = dynamic
+pm.max_children = 40
+pm.start_servers = 4
+pm.min_spare_servers = 4
+pm.max_spare_servers = 36
+pm.process_idle_timeout = 10s;
+pm.max_requests = 100
+
+catch_workers_output = yes
+access.log = /proc/self/fd/2
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /tmp
+env[TMPDIR] = /tmp
+env[TEMP] = /tmp
+
+php_admin_value[memory_limit] = 128M
+```
+
+Notable things:
+
+* As nginx runs as user `nginx`, then php-fpm should also work using this user!
--- a/configuration/nginx/nginx.conf
+++ b/configuration/nginx/nginx.conf
@ -0,0 +1,92 @@
+# /etc/nginx/nginx.conf
+
+user nginx;
+
+# Set number of worker processes automatically based on number of CPU cores.
+worker_processes auto;
+
+# Enables the use of JIT for regular expressions to speed-up their processing.
+pcre_jit on;
+
+# Configures default error logger.
+error_log /dev/stdout info;
+
+# Includes files with directives to load dynamic modules.
+include /etc/nginx/modules/*.conf;
+
+daemon off;
+
+events {
+	# The maximum number of simultaneous connections that can be opened by
+	# a worker process.
+	worker_connections 1024;
+}
+
+http {
+	# Includes mapping of file name extensions to MIME types of responses
+	# and defines the default type.
+	include /etc/nginx/mime.types;
+	default_type application/octet-stream;
+
+	# Name servers used to resolve names of upstream servers into addresses.
+	# It's also needed when using tcpsocket and udpsocket in Lua modules.
+	#resolver 208.67.222.222 208.67.220.220;
+
+	# Don't tell nginx version to clients.
+	server_tokens off;
+
+	# Specifies the maximum accepted body size of a client request, as
+	# indicated by the request header Content-Length. If the stated content
+	# length is greater than this size, then the client receives the HTTP
+	# error code 413. Set to 0 to disable.
+	client_max_body_size 1m;
+
+	# Timeout for keep-alive connections. Server will close connections after
+	# this time.
+	keepalive_timeout 65;
+
+	# Sendfile copies data between one FD and other from within the kernel,
+	# which is more efficient than read() + write().
+	sendfile on;
+
+	# Don't buffer data-sends (disable Nagle algorithm).
+	# Good for sending frequent small bursts of data in real time.
+	tcp_nodelay on;
+
+	# Causes nginx to attempt to send its HTTP response head in one packet,
+	# instead of using partial frames.
+	#tcp_nopush on;
+
+
+	# Path of the file with Diffie-Hellman parameters for EDH ciphers.
+	#ssl_dhparam /etc/ssl/nginx/dh2048.pem;
+
+	# Specifies that our cipher suits should be preferred over client ciphers.
+	ssl_prefer_server_ciphers on;
+
+	# Enables a shared SSL cache with size that can hold around 8000 sessions.
+	ssl_session_cache shared:SSL:2m;
+
+
+	# Enable gzipping of responses.
+	#gzip on;
+
+	# Set the Vary HTTP header as defined in the RFC 2616.
+	gzip_vary on;
+
+	# Enable checking the existence of precompressed files.
+	#gzip_static on;
+
+
+	# Specifies the main log format.
+	log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+			'$status $body_bytes_sent "$http_referer" '
+			'"$http_user_agent" "$http_x_forwarded_for"';
+
+	# Sets the path, format, and configuration for a buffered log write.
+	access_log /dev/stdout main;
+
+
+	# Includes virtual hosts configs.
+	include /etc/nginx/conf.d/*.conf;
+}
--- a/configuration/php7/php-fpm.conf
+++ b/configuration/php7/php-fpm.conf
@ -0,0 +1,7 @@
+[global]
+pid = /var/run/php-fpm7.pid
+
+error_log = /proc/self/fd/2
+daemonize = no
+
+include=/etc/php7/php-fpm.d/*.conf
--- a/configuration/php7/php.ini
+++ b/configuration/php7/php.ini
--- a/configuration/s6/.s6-svscan/finish
+++ b/configuration/s6/.s6-svscan/finish
@ -0,0 +1,5 @@
+#!/bin/sh
+
+for file in /etc/s6/*/finish; do
+   $file
+done
--- a/configuration/s6/nginx/finish
+++ b/configuration/s6/nginx/finish
@ -0,0 +1,3 @@
+#!/bin/sh
+
+kill `cat /var/run/nginx/nginx.pid`
--- a/configuration/s6/nginx/run
+++ b/configuration/s6/nginx/run
@ -0,0 +1,3 @@
+#!/bin/execlineb -P
+
+/usr/sbin/nginx
--- a/configuration/s6/php-fpm/finish
+++ b/configuration/s6/php-fpm/finish
@ -0,0 +1,3 @@
+#!/bin/sh
+
+kill `cat /var/run/php-fpm7.pid`
--- a/configuration/s6/php-fpm/run
+++ b/configuration/s6/php-fpm/run
@ -0,0 +1,3 @@
+#!/bin/execlineb -P
+
+/usr/sbin/php-fpm7 -F