Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
ba6c408
commit 8f6b172
Showing
22 changed files
with
16,446 additions
and
61 deletions.
There are no files selected for viewing
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
# | ||
# Copyright (C) 2018 Brady Miller <brady.g.miller@gmail.com> | ||
# | ||
# This program is free software; you can redistribute it and/or modify | ||
# it under the terms of the GNU General Public License as published by | ||
# the Free Software Foundation; either version 3 of the License, or | ||
# (at your option) any later version. | ||
# | ||
# php-fpm Dockerfile build for openemr development docker environment | ||
# This docker is hosted here: https://hub.docker.com/r/openemr/dev-php-fpm/ <tag is 7.2> | ||
# | ||
FROM nginx | ||
|
||
# Copy over the nginx.conf conf | ||
COPY nginx.conf /etc/nginx/nginx.conf | ||
|
||
# Copy over the dummy self signed key/cert | ||
COPY dummy-cert /etc/nginx/dummy-cert | ||
COPY dummy-key /etc/nginx/dummy-key | ||
|
||
# Needed to ensure permissions work across shared volumes with openemr, nginx, and php-fpm dockers | ||
RUN usermod -u 1000 nginx |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
-----BEGIN CERTIFICATE----- | ||
MIIDhTCCAm2gAwIBAgIJANY3h5+fH4BeMA0GCSqGSIb3DQEBCwUAMFkxCzAJBgNV | ||
BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX | ||
aWRnaXRzIFB0eSBMdGQxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xODA2MTkwNjE4 | ||
MTlaFw0yODA2MTYwNjE4MTlaMFkxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21l | ||
LVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxEjAQBgNV | ||
BAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOVX | ||
qQBVb+gjxpsXW9qLdA3IuoiMpwyd7aCbkyJp9XoRTEzPL38PxnB/kyfT8Ft1tCDE | ||
prc6lmP7Ag5ocTmU9Ezz1cer4ialR83QADBMwpG4EmLrme8B89iKO3MM1tlXL5w9 | ||
1sp/UJYZpD4/gHASt0pstj73gHwUn6yeC7DzQ1aWkORJ90+0uWNtyL9sLNBMNrkf | ||
dHJG7mBVMYKipQdP9aIwe557uktmA0thhazcbdprdsOsIa0Ad3k4ShpsjLOzzyG8 | ||
SICWt/r9h28tfaEV/8EUR09hwxP11yaJm/XNgXVgx+8pI3RxwAzB/KY27rBzuEHV | ||
hI2zWMcGnKfj8WMt8i0CAwEAAaNQME4wHQYDVR0OBBYEFFmoQt7EreB9ge+lBNwg | ||
z9p63jT7MB8GA1UdIwQYMBaAFFmoQt7EreB9ge+lBNwgz9p63jT7MAwGA1UdEwQF | ||
MAMBAf8wDQYJKoZIhvcNAQELBQADggEBAJEyfbY2NeNV9B9MmZ1Ffkxz/sunoGrf | ||
7ECFjfhpSpXgzdy2Tfo+jPkhLf249Ehzy7KPBaSJMmEIqDa8KtYkOl6AVtMn+9cu | ||
mA4c9tWYWfNz+/RplDMo5kikTIejkMzInM3O5I7/0yvYkLlOrr5WupvaffBbWxdq | ||
mtjC8IFxJ2LpRwN1eYTQyhuQf2c94KETpB9LB3YkahGOy2nTdByakm79PMhBsj71 | ||
HrmBSg4cNZkBEhWnH9mIN37sh0BDbhJdHHZDOYauWdUo2rZm8MWqNQDICIHvO3eV | ||
cBM2jO5tAKHAAwKar9oJWHVKIeJDZ9Jj79xjmNeQHq9c6z2XxLxe+0A= | ||
-----END CERTIFICATE----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
-----BEGIN PRIVATE KEY----- | ||
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDlV6kAVW/oI8ab | ||
F1vai3QNyLqIjKcMne2gm5MiafV6EUxMzy9/D8Zwf5Mn0/BbdbQgxKa3OpZj+wIO | ||
aHE5lPRM89XHq+ImpUfN0AAwTMKRuBJi65nvAfPYijtzDNbZVy+cPdbKf1CWGaQ+ | ||
P4BwErdKbLY+94B8FJ+snguw80NWlpDkSfdPtLljbci/bCzQTDa5H3RyRu5gVTGC | ||
oqUHT/WiMHuee7pLZgNLYYWs3G3aa3bDrCGtAHd5OEoabIyzs88hvEiAlrf6/Ydv | ||
LX2hFf/BFEdPYcMT9dcmiZv1zYF1YMfvKSN0ccAMwfymNu6wc7hB1YSNs1jHBpyn | ||
4/FjLfItAgMBAAECggEAMESHxBM3LzNAXGnJIjDRZwlFAPIhQk2GspOrnsWQLXWw | ||
ikXcqDBIwmqHLQ20+3rFQ1RABjYlartsTl363nSUChITfyeUvC9y8kUBlSjClmqY | ||
LAuL5TqS+JL3OhqMqUdpNMfrCclLy5tv7s3smSnHO7mvjYcHmpW4mVrV+RLprDI0 | ||
H82z8LnQIBOUlHJcVS5kK9Nh71P+Lnfa4VzrAE03H8elpReYQKJAxrWtBZfeggAJ | ||
/Yrb0sG5UclB6gzc12CPyCRSyCGcpWzGzzZTgCWRJO+Iocjy25Jdot5XZ4rmlnLq | ||
gixuY1CZTov0k6NzVnk7cGo6FWqgL2O9oHZLjIiCHQKBgQD2xagZQ3/ZlnN4y+3n | ||
QZXv8+XwevWaHt7ceVrH3/ZhrT88ezRpt1uMbUTMYXyN+hg3UBr/sZy057ISDGm8 | ||
rh9ZB+80ff+S/2f/SGig2l3MBh5cBiDVOJljuVGTFzeNzGISeFZPlg8cmTPrSNG5 | ||
KADXPNjchvfsLGtp5OyR1gT1LwKBgQDt6yZROVSwZnA/86lRF4Ffnk/1int9AVYW | ||
NMVXnAPSfGrFQho+jVmPXiGz8bGmC5jne/C6rvLpuIupoxcVD6HNmUnqQoqVWFu/ | ||
8YR2zE4NHate+/Cbg7KMKbdQpMin2qJMd8CvFlNoWmturJdI6UQzrKDZQSCyHIKR | ||
lOIHZNivYwKBgCvwM6cT6q6+aB8JCHoVpnHMFpQEALkJaBsPjIdsLD1mEI1fTozI | ||
NgfB6O8PKJNLBYbLv5LpeAKKAp3OEgGjazd5/zB0gs4UpdrBdMe3Od469Krj+HKe | ||
mkk0VP8AskaQLqIlRRD0ogowiRsKozT5l3S7g814RqqJmjKHrUumNMnHAoGAP2KK | ||
jtErUuO3vBH6ZfRRL1xKCSyfwan9eWUNvk1+ZzFmcK8vtsKJvbxiVkJqBcbJMcK/ | ||
W70IUmQsMUGWALJtdQ0FuDeKHEeyCe0aUVwU30GsSl3suEHZ66WhhQahvrZsztqI | ||
pxzXk9GjFZU9qNscpHe1UqwbPdiCoK59mWKwp+kCgYEAljDEm3MXh002IyQd4gSI | ||
wGpHSxGbqIDNx1tQcAXhxsxjSvsTMett32+N5FXHaY+Jj2qYeRDD0C8mzhZbF0Uf | ||
hMRgj5XSxJ0Plx6WRPgT9u7xV0zBgFgLo9ncAf2s8tPy6qY2zGq296MtqdzbWD9S | ||
uGgd+MWE6EUq6fhTBus7WUc= | ||
-----END PRIVATE KEY----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,221 @@ | ||
worker_processes auto; | ||
error_log /var/log/nginx/error.log; | ||
events { | ||
worker_connections 1024; | ||
} | ||
# start the http block | ||
http { | ||
include mime.types; | ||
default_type application/octet-stream; | ||
|
||
log_format main '$remote_addr - $remote_user [$time_local] "$request" ' | ||
'$status $body_bytes_sent "$http_referer" ' | ||
'"$http_user_agent" "$http_x_forwarded_for"'; | ||
access_log /var/log/nginx/access.log main; | ||
|
||
sendfile on; | ||
#tcp_nopush on; | ||
|
||
#keepalive_timeout 0; | ||
server_names_hash_bucket_size 128; | ||
keepalive_timeout 65; | ||
|
||
gzip off; | ||
#upstream php { | ||
#server unix:/var/run/php-fpm.sock; | ||
#} | ||
index index.html index.htm index.php; | ||
|
||
ssl_certificate /etc/nginx/dummy-cert; | ||
ssl_certificate_key /etc/nginx/dummy-key; | ||
|
||
# http host for php 7.1 connect | ||
# redirects to ssl only host below | ||
server { | ||
# Note that the different ports are used below to decide | ||
# which version of php-fpm to use | ||
listen 80; | ||
listen 81; | ||
listen 82; | ||
listen 83; | ||
listen 84; | ||
listen 85; | ||
listen 86; | ||
listen 87; | ||
listen 443 ssl; | ||
listen 444 ssl; | ||
listen 445 ssl; | ||
listen 446 ssl; | ||
listen 447 ssl; | ||
listen 448 ssl; | ||
listen 449 ssl; | ||
listen 450 ssl; | ||
server_name example.net www.example.net; | ||
root /usr/share/nginx/html/openemr; | ||
|
||
## redirect www to nowww | ||
#if ($host = 'www.example.net' ) { | ||
#rewrite ^/(.*)$ https://example.net/$1 permanent; | ||
#} | ||
|
||
#access_log /var/log/*/example.net_access_log main; | ||
#error_log /var/log/*/example.net_error_log notice; | ||
|
||
# openemr specific SSL settings, I am still working on this? | ||
#include openemr-ssl.conf; | ||
|
||
# restrict/protect certain files | ||
#include globals.conf; | ||
# globals.conf configuration file. | ||
# Designed to be included in any server {} block | ||
# If this server only hosts openemr, this file can be merged with openemr.conf | ||
|
||
# Stops the annoying error messages in the logs. robots are not allowed | ||
location = /favicon.ico { | ||
log_not_found off; | ||
access_log off; | ||
} | ||
|
||
location = /robots.txt { | ||
log_not_found off; | ||
access_log off; | ||
} | ||
|
||
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac). | ||
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban) | ||
location ~ /\. { | ||
deny all; | ||
} | ||
|
||
# protect or deny access to important server information and testing files | ||
# alternatively, you can deny access to all files using {deny all; return 404;} or remove them | ||
#location ~* /(info|test)\.php$ { | ||
#auth_basic "Restricted Access"; | ||
#auth_basic_user_file /path/to/.htpasswd; | ||
#fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | ||
#fastcgi_pass fastcgi_pass dev-php-fpm-7-1:9000; | ||
#include fastcgi_params; | ||
#} | ||
|
||
# Not sure if openemr needs this. it comes from wordpress | ||
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ { | ||
access_log off; | ||
log_not_found off; | ||
expires max; | ||
} | ||
|
||
## Deny certain Referers | ||
if ( $http_referer ~* (babes|forsale|girl|jewelry|love|nudit|organic|poker|porn|sex|teen) ) { | ||
#return 404; | ||
return 403; | ||
} | ||
|
||
# Stop deep linking or hot linking | ||
location /images/ { | ||
valid_referers none blocked www.example.com example.com; | ||
if ($invalid_referer) { | ||
return 403; | ||
} | ||
} | ||
# end globals.conf configuration file. | ||
|
||
# deny access to writable files/directories | ||
location ~* ^/sites/*/(documents|edi|era) { | ||
deny all; | ||
} | ||
|
||
# Pick one of the following two blockc, but not both: | ||
# protect special files from outside openemer login, and restrict them to superAdmins only | ||
#location ~* ^/(admin|setup|acl_setup|acl_upgrade|sl_convert|sql_upgrade|gacl/setup|ippf_upgrade|sql_patch)\.php { | ||
#auth_basic "Restricted Access"; | ||
#auth_basic_user_file /path/to/.htpasswd; | ||
#fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | ||
#fastcgi_pass dev-php-fpm-7-1:9000; | ||
#include fastcgi_params; | ||
#} | ||
|
||
# Alternatively all access to these files can be denied | ||
#location ~* ^/(admin|setup|acl_setup|acl_upgrade|sl_convert|sql_upgrade|gacl/setup|ippf_upgrade|sql_patch)\.php { | ||
#deny all; | ||
#return 404; | ||
#} | ||
|
||
if (!-e $request_filename) { | ||
# Needed for zend to work | ||
rewrite ^(.*/zend_modules/public)(.*) $1/index.php?$is_args$args last; | ||
|
||
# Needed for patient portal to work | ||
rewrite ^(.*/portal/patient)(.*) $1/index.php?_REWRITE_COMMAND=$1$2 last; | ||
} | ||
|
||
location / { | ||
# try as file ($uri), as directory ($uri/) if not found, send to index file | ||
# no php is touched for static content | ||
try_files $uri $uri/ /index.php; | ||
} | ||
|
||
# redirect server error pages to the static page /50x.html | ||
#error_page 500 502 503 504 /50x.html; | ||
#location = /50x.html { | ||
#root /usr/local/www/nginx-dist; | ||
#} | ||
|
||
# pass the PHP scripts to the FastCGI server listening on unix socket, in this case php-fpm | ||
# NOTE this is using if statements to decide which version of php-fpm to use, which is | ||
# dependent on the port of the server that is used | ||
location ~* \.php$ { | ||
try_files $uri =404; | ||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | ||
if ($server_port = 80) { | ||
fastcgi_pass dev-php-fpm-5-6:9000; | ||
} | ||
if ($server_port = 443) { | ||
fastcgi_pass dev-php-fpm-5-6:9000; | ||
} | ||
if ($server_port = 81) { | ||
fastcgi_pass dev-php-fpm-7-0:9000; | ||
} | ||
if ($server_port = 444) { | ||
fastcgi_pass dev-php-fpm-7-0:9000; | ||
} | ||
if ($server_port = 82) { | ||
fastcgi_pass dev-php-fpm-7-1:9000; | ||
} | ||
if ($server_port = 445) { | ||
fastcgi_pass dev-php-fpm-7-1:9000; | ||
} | ||
if ($server_port = 83) { | ||
fastcgi_pass dev-php-fpm-7-2:9000; | ||
} | ||
if ($server_port = 446) { | ||
fastcgi_pass dev-php-fpm-7-2:9000; | ||
} | ||
if ($server_port = 84) { | ||
fastcgi_pass dev-php-fpm-5-6-redis:9000; | ||
} | ||
if ($server_port = 447) { | ||
fastcgi_pass dev-php-fpm-5-6-redis:9000; | ||
} | ||
if ($server_port = 85) { | ||
fastcgi_pass dev-php-fpm-7-0-redis:9000; | ||
} | ||
if ($server_port = 448) { | ||
fastcgi_pass dev-php-fpm-7-0-redis:9000; | ||
} | ||
if ($server_port = 86) { | ||
fastcgi_pass dev-php-fpm-7-1-redis:9000; | ||
} | ||
if ($server_port = 449) { | ||
fastcgi_pass dev-php-fpm-7-1-redis:9000; | ||
} | ||
if ($server_port = 87) { | ||
fastcgi_pass dev-php-fpm-7-2-redis:9000; | ||
} | ||
if ($server_port = 450) { | ||
fastcgi_pass dev-php-fpm-7-2-redis:9000; | ||
} | ||
|
||
include fastcgi_params; | ||
} | ||
} | ||
} # end http block |
46 changes: 46 additions & 0 deletions
46
contrib/util/docker/dockers/dev-php-fpm-5-6-redis/Dockerfile
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
# | ||
# Copyright (C) 2018 Brady Miller <brady.g.miller@gmail.com> | ||
# | ||
# This program is free software; you can redistribute it and/or modify | ||
# it under the terms of the GNU General Public License as published by | ||
# the Free Software Foundation; either version 3 of the License, or | ||
# (at your option) any later version. | ||
# | ||
# php-fpm Dockerfile build for openemr development docker environment | ||
# This docker is hosted here: https://hub.docker.com/r/openemr/dev-php-fpm/ <tag is 7.1> | ||
# | ||
FROM php:5.6-fpm | ||
|
||
# Update | ||
RUN apt-get update | ||
|
||
# Add mysql-client package that is needed in the OpenEMR Backup gui, which does direct command mysql commands | ||
# Add imagemagick that is needed for some image processing in OpenEMR | ||
# Note this basically add 160MB of space to the docker, so would be nice for OpenEMR to not require this stuff | ||
# and instead rely on php scripts, if possible. | ||
RUN apt-get install -y mysql-client \ | ||
imagemagick | ||
|
||
# Add the php extensions (note using a very cool script by mlocati to do this) | ||
ADD https://raw.githubusercontent.com/mlocati/docker-php-extension-installer/master/install-php-extensions /usr/local/bin/ | ||
RUN chmod uga+x /usr/local/bin/install-php-extensions && sync && \ | ||
install-php-extensions pdo_mysql \ | ||
ldap \ | ||
xsl \ | ||
gd \ | ||
zip \ | ||
soap \ | ||
gettext \ | ||
mysqli \ | ||
sockets \ | ||
tokenizer \ | ||
xmlreader \ | ||
redis | ||
|
||
|
||
|
||
# Copy over the php.ini conf | ||
COPY php.ini /usr/local/etc/php/php.ini | ||
|
||
# Needed to ensure permissions work across shared volumes with openemr, nginx, and php-fpm dockers | ||
RUN usermod -u 1000 www-data |
Oops, something went wrong.