forked from richarvey/nginx-php-fpm
/
Dockerfile
132 lines (119 loc) · 4.32 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
FROM nginx:mainline-alpine
MAINTAINER ngineered <support@ngineered.co.uk>
ENV php_conf /etc/php5/php.ini
ENV fpm_conf /etc/php5/php-fpm.conf
ENV composer_hash e115a8dc7871f15d853148a7fbac7da27d6c0030b848d9b3dc09e2a0388afed865e6a3d6b3c0fad45c48e2b5fc1196ae
RUN apk add --no-cache bash \
openssh-client \
wget \
supervisor \
curl \
git \
php5-dev \
php5-fpm \
php5-pdo \
php5-pdo_mysql \
php5-mysql \
php5-mysqli \
php5-mcrypt \
php5-ctype \
php5-zlib \
php5-gd \
php5-exif \
php5-intl \
php5-memcache \
php5-sqlite3 \
php5-pgsql \
php5-xml \
php5-xsl \
php5-curl \
php5-openssl \
php5-iconv \
php5-json \
php5-phar \
php5-soap \
php5-dom \
php5-zip \
python \
python-dev \
py-pip \
augeas-dev \
openssl-dev \
ca-certificates \
dialog \
gcc \
make \
autoconf \
libc-dev \
musl-dev \
linux-headers \
libffi-dev &&\
mkdir -p /etc/nginx && \
mkdir -p /var/www/app && \
mkdir -p /run/nginx && \
mkdir -p /var/log/supervisor &&\
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" && \
php -r "if (hash_file('SHA384', 'composer-setup.php') === '${composer_hash}') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;" && \
php composer-setup.php --install-dir=/usr/bin --filename=composer && \
php -r "unlink('composer-setup.php');" && \
pip install -U certbot && \
cd /tmp && \
git clone git://github.com/phalcon/cphalcon.git && \
cd cphalcon/build/ && \
./install && \
echo 'extension=phalcon.so' >/etc/php5/conf.d/phalcon.ini && \
rm -rf /tmp/cphalcon/ && \
mkdir -p /etc/letsencrypt/webrootauth && \
apk del gcc make autoconf libc-dev php5-dev musl-dev linux-headers libffi-dev augeas-dev python-dev
ADD conf/supervisord.conf /etc/supervisord.conf
# Copy our nginx config
RUN rm -Rf /etc/nginx/nginx.conf
ADD conf/nginx.conf /etc/nginx/nginx.conf
# nginx site conf
RUN mkdir -p /etc/nginx/sites-available/ && \
mkdir -p /etc/nginx/sites-enabled/ && \
mkdir -p /etc/nginx/ssl/ && \
rm -Rf /var/www/* && \
mkdir /var/www/html/
ADD conf/nginx-site.conf /etc/nginx/sites-available/default.conf
ADD conf/nginx-site-ssl.conf /etc/nginx/sites-available/default-ssl.conf
RUN ln -s /etc/nginx/sites-available/default.conf /etc/nginx/sites-enabled/default.conf
# tweak php-fpm config
RUN sed -i \
-e "s/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g" \
-e "s/upload_max_filesize\s*=\s*2M/upload_max_filesize = 100M/g" \
-e "s/post_max_size\s*=\s*8M/post_max_size = 100M/g" \
-e "s/variables_order = \"GPCS\"/variables_order = \"EGPCS\"/g" \
${php_conf} && \
sed -i \
-e "s/;daemonize\s*=\s*yes/daemonize = no/g" \
-e "s/;catch_workers_output\s*=\s*yes/catch_workers_output = yes/g" \
-e "s/pm.max_children = 4/pm.max_children = 4/g" \
-e "s/pm.start_servers = 2/pm.start_servers = 3/g" \
-e "s/pm.min_spare_servers = 1/pm.min_spare_servers = 2/g" \
-e "s/pm.max_spare_servers = 3/pm.max_spare_servers = 4/g" \
-e "s/pm.max_requests = 500/pm.max_requests = 200/g" \
-e "s/user = nobody/user = nginx/g" \
-e "s/group = nobody/group = nginx/g" \
-e "s/;listen.mode = 0660/listen.mode = 0666/g" \
-e "s/;listen.owner = nobody/listen.owner = nginx/g" \
-e "s/;listen.group = nobody/listen.group = nginx/g" \
-e "s/listen = 127.0.0.1:9000/listen = \/var\/run\/php-fpm.sock/g" \
-e "s/^;clear_env = no$/clear_env = no/" \
${fpm_conf} && \
ln -s /etc/php5/php.ini /etc/php5/conf.d/php.ini && \
find /etc/php5/conf.d/ -name "*.ini" -exec sed -i -re 's/^(\s*)#(.*)/\1;\2/g' {} \;
# Add Scripts
ADD scripts/start.sh /start.sh
ADD scripts/pull /usr/bin/pull
ADD scripts/push /usr/bin/push
ADD scripts/letsencrypt-setup /usr/bin/letsencrypt-setup
ADD scripts/letsencrypt-renew /usr/bin/letsencrypt-renew
RUN chmod 755 /usr/bin/pull && chmod 755 /usr/bin/push && chmod 755 /usr/bin/letsencrypt-setup && chmod 755 /usr/bin/letsencrypt-renew && chmod 755 /start.sh
# copy in code
ADD src/ /var/www/html/
ADD errors/ /var/www/errors/
VOLUME /var/www/html
EXPOSE 443 80
#CMD ["/usr/bin/supervisord", "-n", "-c", "/etc/supervisord.conf"]
CMD ["/start.sh"]