Skip to content
Permalink
Browse files

Rewrite Docker-Setup

* make it simpler and cleaner
* switch to nginx-alpine and php-fpm-alpine
* docker-compose: autobuild php-image for stikked
* serve all files directly (htdocs is mounted instead of copied)
* stikked-configuration for docker resides in docker/stikked.php
  • Loading branch information
claudehohl committed Nov 23, 2019
1 parent e579784 commit 4462a471c516691ccc4dcb335d74063dae1ecd8f
Showing with 2,795 additions and 148 deletions.
  1. +0 −1 .dockerignore
  2. +0 −23 Dockerfile
  3. +3 −4 README.md
  4. +25 −23 docker-compose.yml
  5. +0 −70 docker/docker-php-entrypoint
  6. +69 −0 docker/nginx.conf
  7. +413 −0 docker/php-fpm.conf
  8. +1,918 −0 docker/php.ini
  9. +9 −0 docker/php/Dockerfile
  10. +0 −27 docker/stikked-envvars.txt
  11. +358 −0 docker/stikked.php

This file was deleted.

This file was deleted.

@@ -58,12 +58,11 @@ Installation
How to run it in Docker
-----------------------

sudo docker build -t stikked .
sudo docker-compose up -d
docker-compose up

This automatically creates a database with passwords that are configurable in the docker-compose.yml file.
This automatically builds the docker-image and fires up nginx, php and mariadb. Access your Stikked instance at http://localhost/.

NOTE: This sets the captcha to false and requires port 80 to be accessible on the host machine. Also, a host entry of 127.0.0.1 stikked.local will fix the base_url issues.
All files are served directly; the Stikked-configuration for Docker resides in docker/stikked.php


Documentation
@@ -1,29 +1,31 @@
version: "3.2"
version: "3.7"

services:
db:
image: mysql:latest
nginx:
image: nginx:1.17-alpine
volumes:
- db_data:/var/lib/mysql
env_file: docker/stikked-envvars.txt

stikked:
depends_on:
- db
image: stikked
env_file: docker/stikked-envvars.txt
- ./docker/nginx.conf:/etc/nginx/conf.d/default.conf:ro
- ./htdocs:/htdocs:ro
ports:
- 80:80

# You should use persistant storage for this,
# as if the volume is deleted, everything is gone!
volumes:
db_data:
- 127.0.0.1:80:80/tcp

# Example of NFS backed persistant storage:
# db_data:
# driver_opts:
# type: "nfs"
# o: "addr=192.168.1.254,nolock,soft,rw"
# device: ":/nfs/export/pbdatabase"
php:
image: stikked-php:1
volumes:
- ./docker/php.ini:/usr/local/etc/php/php.ini:ro
- ./docker/php-fpm.conf:/usr/local/etc/php-fpm.d/www.conf:ro
- ./htdocs:/htdocs
- ./docker/stikked.php:/htdocs/application/config/stikked.php:ro
build:
context: ./docker/php

mysql:
image: mariadb:10.4
command: mysqld --innodb-buffer-pool-size=4000000000
volumes:
- ./mysql-datadir_customize-in-docker-compose.yml:/var/lib/mysql
environment:
MYSQL_ROOT_PASSWORD: root
MYSQL_DATABASE: stikked
MYSQL_USER: stikked
MYSQL_PASSWORD: stikked

This file was deleted.

@@ -0,0 +1,69 @@
upstream php {
#server unix:/var/run/php5-fpm.sock;
server php:9000;
}

server {
listen 80 backlog=1024;

server_name localhost;
server_tokens off;

root /htdocs;
index index.php;

client_body_buffer_size 8M;
client_max_body_size 8M;

gzip on;
gzip_types text/plain text/css application/javascript;

# Only requests to our Host are allowed
if ($host !~ ^localhost$ ) {
return 444;
}

# Only allow these request methods
if ($request_method !~ ^(GET|HEAD|POST)$ ) {
return 444;
}

location = /favicon.ico {
log_not_found off;
access_log off;
}

location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}

# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
deny all;
}

# Deny access to any files with a .php extension in the static directory
location ~* /(?:static)/.*\.php$ {
deny all;
}

location / {
# This is cool because no php is touched for static content.
# include the "?$args" part so non-default permalinks doesn't break when using query string
try_files $uri $uri/ /index.php?$args;
}

location ~ \.php$ {
#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
include fastcgi.conf;
fastcgi_intercept_errors on;
fastcgi_pass php;
}

location ~* \.(js|css|png|ico)$ {
expires max;
log_not_found off;
}
}

0 comments on commit 4462a47

Please sign in to comment.
You can’t perform that action at this time.