diff --git a/.editorconfig b/.editorconfig index 060b2ba..1c84ceb 100644 --- a/.editorconfig +++ b/.editorconfig @@ -4,8 +4,8 @@ root = true charset = utf-8 end_of_line = lf insert_final_newline = true -indent_style = space -indent_size = 4 +indent_style = tab +indent_size = 8 trim_trailing_whitespace = true [*.md] diff --git a/Dockerfile b/Dockerfile index ca47ebe..7c05e0e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,246 +5,246 @@ ARG VCS_REF ARG VERSION LABEL \ - org.label-schema.build-date=${BUILD_DATE} \ - org.label-schema.name="nginx-php Dockerfile" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.vcs-ref=${VCS_REF} \ - org.label-schema.vcs-url="https://github.com/rtucek/nginx-php" \ - org.label-schema.version=${VERSION} + org.label-schema.build-date=${BUILD_DATE} \ + org.label-schema.name="nginx-php Dockerfile" \ + org.label-schema.schema-version="1.0" \ + org.label-schema.vcs-ref=${VCS_REF} \ + org.label-schema.vcs-url="https://github.com/rtucek/nginx-php" \ + org.label-schema.version=${VERSION} ENV \ - NGINX_VERSION=1.13.0 \ - PHP_VERSION=7.1.5 \ - XDEBUG_VERSION=2.5.4 \ - VERSION=${VERSION} + NGINX_VERSION=1.13.0 \ + PHP_VERSION=7.1.5 \ + XDEBUG_VERSION=2.5.4 \ + VERSION=${VERSION} COPY \ - docker-entrypoint \ - fix-permission \ - nginx.conf \ - Procfile \ - /tmp/build/scripts/ + docker-entrypoint \ + fix-permission \ + nginx.conf \ + Procfile \ + /tmp/build/scripts/ RUN \ - # Install tools, required for building - apt-get update && \ - apt-get install -y --no-install-recommends \ - # For building (will be removed) - autoconf \ - build-essential \ - curl \ - - # For Nginx - libpcre3-dev \ - libssl-dev \ - - # For PHP - bison \ - libbz2-dev \ - libcurl4-openssl-dev \ - libpng12-dev \ - libpq-dev \ - libreadline-dev \ - libxml2-dev \ - libxslt1-dev \ - pkg-config \ - re2c \ - - # For PHP composer - git \ - - # For Honcho - python \ - python-pip \ - python-pkg-resources \ - - # Fron crontab - cron && \ - - pip install honcho && \ - - # Prepare for building - mkdir -p /tmp/build && \ - - mkdir -p /tmp/build/nginx/ && \ - cd /tmp/build/nginx && \ - - # Download Nginx - curl -SLO https://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz && \ - - cd /tmp/build/nginx && \ - - # GPG keys from the main maintainers of Nginx - # Source https://nginx.org/en/pgp_keys.html - gpg --keyserver sks-keyservers.net --recv-keys \ - "6550 6C02 EFC2 50F1 B7A3 D694 ECF0 E90B 2C17 2083" \ - "4C2C 85E7 05DC 7308 3399 0C38 A937 6139 A524 C53E" \ - "B0F4 2533 73F8 F6F5 10D4 2178 520A 9993 A1C0 52F8" \ - "7338 9730 69ED 3F44 3F4D 37DF A64F D5B1 7ADB 39A8" \ - "A09C D539 B8BB 8CBE 96E8 2BDF ABD4 D3B3 F580 6B4D" \ - "573B FD6B 3D8F BC64 1079 A6AB ABF5 BD82 7BD9 BF62" && \ - - # Verify signature - curl -SLO https://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz.asc && \ - gpg nginx-${NGINX_VERSION}.tar.gz.asc && \ - - cd /tmp/build/nginx && \ - # Unpack tarball - tar -xvzf nginx-${NGINX_VERSION}.tar.gz && \ - - cd /tmp/build/nginx/nginx-${NGINX_VERSION} && \ - # Run configuration - ./configure \ - --group=www-data \ - --user=www-data \ - --with-file-aio \ - --with-http_gunzip_module \ - --with-http_gzip_static_module \ - --with-http_realip_module \ - --with-http_ssl_module \ - --with-http_v2_module \ - --with-pcre \ - --with-threads && \ - - cd /tmp/build/nginx/nginx-${NGINX_VERSION} && \ - # Start compiling and installing - make -j$(nproc) build && \ - make modules && \ - make install && \ - - # Nginx configuration - mv /tmp/build/scripts/nginx.conf /usr/local/nginx/conf/ && \ - - mkdir -p /tmp/build/php/ && \ - cd /tmp/build/php && \ - - # Download PHP - curl -SLo php-${PHP_VERSION}.tar.gz http://ch1.php.net/get/php-${PHP_VERSION}.tar.gz/from/this/mirror && \ - - cd /tmp/build/php/ && \ - - # GPG keys from the release managers of PHP 7.1 - # Source https://secure.php.net/downloads.php#gpg-7.1 - gpg --keyserver sks-keyservers.net --recv-keys \ - "A917 B1EC DA84 AEC2 B568 FED6 F50A BC80 7BD5 DCD0" \ - "5289 95BF EDFB A719 1D46 839E F9BA 0ADA 31CB D89E" && \ - - # Verify signature - curl -SLo php-${PHP_VERSION}.tar.gz.asc http://ch1.php.net/get/php-${PHP_VERSION}.tar.gz.asc/from/this/mirror && \ - gpg php-${PHP_VERSION}.tar.gz.asc && \ - - cd /tmp/build/php && \ - # Unpack tarball - tar -xvzf php-${PHP_VERSION}.tar.gz && \ - - cd /tmp/build/php/php-${PHP_VERSION} && \ - # Run configuration - ./configure \ - --enable-fpm \ - --enable-mbregex \ - --enable-mbstring \ - --enable-mbstring=all \ - --enable-opcache \ - --enable-sockets \ - --enable-zip \ - --enable-zip \ - --with-bz2 \ - --with-curl \ - --with-fpm-group=www-data \ - --with-fpm-user=www-data \ - --with-gd \ - --with-gettext \ - --with-openssl \ - --with-pcre-regex \ - --with-pdo-mysql \ - --with-pdo-pgsql \ - --with-readline \ - --with-xsl \ - --with-zlib && \ - - cd /tmp/build/php/php-${PHP_VERSION} && \ - # Compile, test and install - make -j$(nproc) build && \ - make install && \ - - # Compile Xdebug - mkdir -p /tmp/build/xdebug && \ - cd /tmp/build/xdebug && \ - curl -SLO \ - "https://github.com/xdebug/xdebug/archive/XDEBUG_"$(echo ${XDEBUG_VERSION} | sed "s/\./_/g")".tar.gz" && \ - tar -xvzf "XDEBUG_"$(echo ${XDEBUG_VERSION} | sed "s/\./_/g")".tar.gz" && \ - cd "xdebug-XDEBUG_"$(echo ${XDEBUG_VERSION} | sed "s/\./_/g") && \ - phpize && \ - ./configure && \ - make && \ - make install && \ - - # Fix permissions - chown -R www-data:www-data /usr/local/nginx/html && \ - - # Symlink Nginx binary - ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/ && \ - - # Copy PHP-FPM configuration files - cp /tmp/build/php/php-${PHP_VERSION}/sapi/fpm/php-fpm.conf /usr/local/etc/php-fpm.conf && \ - cp /tmp/build/php/php-${PHP_VERSION}/sapi/fpm/www.conf /usr/local/etc/www.conf && \ - cp /tmp/build/php/php-${PHP_VERSION}/php.ini-development /usr/local/php/php.ini && \ - - # Patch PHP-FPM for proper loading www.conf - sed -Ei \ - -e 's/^;?\s*daemonize\s*=\s*yes/daemonize = no/' \ - -e 's/^;?\s*include=NONE\/etc\/php-fpm.d\/\*.conf/include=\/usr\/local\/etc\/www.conf/' \ - /usr/local/etc/php-fpm.conf && \ - - # Patch www.conf config connection establishment - sed -Ei \ - -e 's/^;?\s*listen\s*=.*/listen = \/var\/run\/php-fpm.sock/' \ - -e 's/^;?\s*?\s*listen.owner\s*=.*/listen.owner = www-data/' \ - -e 's/^;?\s*?\s*listen.group\s*=.*/listen.group = www-data/' \ - -e 's/^;?\s*?\s*listen.mode\s*=.*/listen.mode = 0660/' \ - /usr/local/etc/www.conf && \ - - # Patch PHP config files on the fly - sed -Ei \ - -e 's/^;?\s*expose_php\s*=.*/expose_php = Off/' \ - -e 's/^;?\s*cgi.fix_pathinfo\s*=.*/cgi.fix_pathinfo=0/' \ - -e 's/^;?\s*error_log\s*=.*/error_log = \/usr\/local\/nginx\/logs\/error-php.log/' \ - -e 's/^;?\s*date.timezone\s*=.*/date.timezone = \"UTC\"/' \ - -e 's/^;?\s*opcache.enable\s*=.*/opcache.enable = 1/' \ - -e 's/^;?\s*opcache.enable_cli\s*=.*/opcache.enable_cli=1/' \ - -e 's/^;?\s*opcache.memory_consumption\s*=.*/opcache.memory_consumption = 256/' \ - -e 's/^;?\s*opcache.max_accelerated_files\s=.*/opcache.max_accelerated_files = 10000/' \ - /usr/local/php/php.ini && \ - - # Install PHP composer - php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" && \ - php -r "if (hash_file('SHA384', 'composer-setup.php') === trim(file_get_contents('https://composer.github.io/installer.sig'))) { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;" && \ - php composer-setup.php --install-dir=/usr/local/bin --filename=composer && \ - php -r "unlink('composer-setup.php');" && \ - - # Configure Honcho - mv /tmp/build/scripts/Procfile / && \ - - # Add entrypoint for docker - mv /tmp/build/scripts/docker-entrypoint / && \ - chmod +x /docker-entrypoint && \ - mv /tmp/build/scripts/fix-permission / && \ - chmod +x /fix-permission && \ - - # Final cleanup - apt-get remove -y \ - autoconf \ - bison \ - build-essential \ - curl \ - pkg-config \ - python-pip \ - re2c && \ - - apt-get autoremove -y && \ - - rm -rf /var/lib/apt/lists/* && \ - rm -rf /tmp/build + # Install tools, required for building + apt-get update && \ + apt-get install -y --no-install-recommends \ + # For building (will be removed) + autoconf \ + build-essential \ + curl \ + + # For Nginx + libpcre3-dev \ + libssl-dev \ + + # For PHP + bison \ + libbz2-dev \ + libcurl4-openssl-dev \ + libpng12-dev \ + libpq-dev \ + libreadline-dev \ + libxml2-dev \ + libxslt1-dev \ + pkg-config \ + re2c \ + + # For PHP composer + git \ + + # For Honcho + python \ + python-pip \ + python-pkg-resources \ + + # Fron crontab + cron && \ + + pip install honcho && \ + + # Prepare for building + mkdir -p /tmp/build && \ + + mkdir -p /tmp/build/nginx/ && \ + cd /tmp/build/nginx && \ + + # Download Nginx + curl -SLO https://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz && \ + + cd /tmp/build/nginx && \ + + # GPG keys from the main maintainers of Nginx + # Source https://nginx.org/en/pgp_keys.html + gpg --keyserver sks-keyservers.net --recv-keys \ + "6550 6C02 EFC2 50F1 B7A3 D694 ECF0 E90B 2C17 2083" \ + "4C2C 85E7 05DC 7308 3399 0C38 A937 6139 A524 C53E" \ + "B0F4 2533 73F8 F6F5 10D4 2178 520A 9993 A1C0 52F8" \ + "7338 9730 69ED 3F44 3F4D 37DF A64F D5B1 7ADB 39A8" \ + "A09C D539 B8BB 8CBE 96E8 2BDF ABD4 D3B3 F580 6B4D" \ + "573B FD6B 3D8F BC64 1079 A6AB ABF5 BD82 7BD9 BF62" && \ + + # Verify signature + curl -SLO https://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz.asc && \ + gpg nginx-${NGINX_VERSION}.tar.gz.asc && \ + + cd /tmp/build/nginx && \ + # Unpack tarball + tar -xvzf nginx-${NGINX_VERSION}.tar.gz && \ + + cd /tmp/build/nginx/nginx-${NGINX_VERSION} && \ + # Run configuration + ./configure \ + --group=www-data \ + --user=www-data \ + --with-file-aio \ + --with-http_gunzip_module \ + --with-http_gzip_static_module \ + --with-http_realip_module \ + --with-http_ssl_module \ + --with-http_v2_module \ + --with-pcre \ + --with-threads && \ + + cd /tmp/build/nginx/nginx-${NGINX_VERSION} && \ + # Start compiling and installing + make -j$(nproc) build && \ + make modules && \ + make install && \ + + # Nginx configuration + mv /tmp/build/scripts/nginx.conf /usr/local/nginx/conf/ && \ + + mkdir -p /tmp/build/php/ && \ + cd /tmp/build/php && \ + + # Download PHP + curl -SLo php-${PHP_VERSION}.tar.gz http://ch1.php.net/get/php-${PHP_VERSION}.tar.gz/from/this/mirror && \ + + cd /tmp/build/php/ && \ + + # GPG keys from the release managers of PHP 7.1 + # Source https://secure.php.net/downloads.php#gpg-7.1 + gpg --keyserver sks-keyservers.net --recv-keys \ + "A917 B1EC DA84 AEC2 B568 FED6 F50A BC80 7BD5 DCD0" \ + "5289 95BF EDFB A719 1D46 839E F9BA 0ADA 31CB D89E" && \ + + # Verify signature + curl -SLo php-${PHP_VERSION}.tar.gz.asc http://ch1.php.net/get/php-${PHP_VERSION}.tar.gz.asc/from/this/mirror && \ + gpg php-${PHP_VERSION}.tar.gz.asc && \ + + cd /tmp/build/php && \ + # Unpack tarball + tar -xvzf php-${PHP_VERSION}.tar.gz && \ + + cd /tmp/build/php/php-${PHP_VERSION} && \ + # Run configuration + ./configure \ + --enable-fpm \ + --enable-mbregex \ + --enable-mbstring \ + --enable-mbstring=all \ + --enable-opcache \ + --enable-sockets \ + --enable-zip \ + --enable-zip \ + --with-bz2 \ + --with-curl \ + --with-fpm-group=www-data \ + --with-fpm-user=www-data \ + --with-gd \ + --with-gettext \ + --with-openssl \ + --with-pcre-regex \ + --with-pdo-mysql \ + --with-pdo-pgsql \ + --with-readline \ + --with-xsl \ + --with-zlib && \ + + cd /tmp/build/php/php-${PHP_VERSION} && \ + # Compile, test and install + make -j$(nproc) build && \ + make install && \ + + # Compile Xdebug + mkdir -p /tmp/build/xdebug && \ + cd /tmp/build/xdebug && \ + curl -SLO \ + "https://github.com/xdebug/xdebug/archive/XDEBUG_"$(echo ${XDEBUG_VERSION} | sed "s/\./_/g")".tar.gz" && \ + tar -xvzf "XDEBUG_"$(echo ${XDEBUG_VERSION} | sed "s/\./_/g")".tar.gz" && \ + cd "xdebug-XDEBUG_"$(echo ${XDEBUG_VERSION} | sed "s/\./_/g") && \ + phpize && \ + ./configure && \ + make && \ + make install && \ + + # Fix permissions + chown -R www-data:www-data /usr/local/nginx/html && \ + + # Symlink Nginx binary + ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/ && \ + + # Copy PHP-FPM configuration files + cp /tmp/build/php/php-${PHP_VERSION}/sapi/fpm/php-fpm.conf /usr/local/etc/php-fpm.conf && \ + cp /tmp/build/php/php-${PHP_VERSION}/sapi/fpm/www.conf /usr/local/etc/www.conf && \ + cp /tmp/build/php/php-${PHP_VERSION}/php.ini-development /usr/local/php/php.ini && \ + + # Patch PHP-FPM for proper loading www.conf + sed -Ei \ + -e 's/^;?\s*daemonize\s*=\s*yes/daemonize = no/' \ + -e 's/^;?\s*include=NONE\/etc\/php-fpm.d\/\*.conf/include=\/usr\/local\/etc\/www.conf/' \ + /usr/local/etc/php-fpm.conf && \ + + # Patch www.conf config connection establishment + sed -Ei \ + -e 's/^;?\s*listen\s*=.*/listen = \/var\/run\/php-fpm.sock/' \ + -e 's/^;?\s*?\s*listen.owner\s*=.*/listen.owner = www-data/' \ + -e 's/^;?\s*?\s*listen.group\s*=.*/listen.group = www-data/' \ + -e 's/^;?\s*?\s*listen.mode\s*=.*/listen.mode = 0660/' \ + /usr/local/etc/www.conf && \ + + # Patch PHP config files on the fly + sed -Ei \ + -e 's/^;?\s*expose_php\s*=.*/expose_php = Off/' \ + -e 's/^;?\s*cgi.fix_pathinfo\s*=.*/cgi.fix_pathinfo=0/' \ + -e 's/^;?\s*error_log\s*=.*/error_log = \/usr\/local\/nginx\/logs\/error-php.log/' \ + -e 's/^;?\s*date.timezone\s*=.*/date.timezone = \"UTC\"/' \ + -e 's/^;?\s*opcache.enable\s*=.*/opcache.enable = 1/' \ + -e 's/^;?\s*opcache.enable_cli\s*=.*/opcache.enable_cli=1/' \ + -e 's/^;?\s*opcache.memory_consumption\s*=.*/opcache.memory_consumption = 256/' \ + -e 's/^;?\s*opcache.max_accelerated_files\s=.*/opcache.max_accelerated_files = 10000/' \ + /usr/local/php/php.ini && \ + + # Install PHP composer + php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" && \ + php -r "if (hash_file('SHA384', 'composer-setup.php') === trim(file_get_contents('https://composer.github.io/installer.sig'))) { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;" && \ + php composer-setup.php --install-dir=/usr/local/bin --filename=composer && \ + php -r "unlink('composer-setup.php');" && \ + + # Configure Honcho + mv /tmp/build/scripts/Procfile / && \ + + # Add entrypoint for docker + mv /tmp/build/scripts/docker-entrypoint / && \ + chmod +x /docker-entrypoint && \ + mv /tmp/build/scripts/fix-permission / && \ + chmod +x /fix-permission && \ + + # Final cleanup + apt-get remove -y \ + autoconf \ + bison \ + build-essential \ + curl \ + pkg-config \ + python-pip \ + re2c && \ + + apt-get autoremove -y && \ + + rm -rf /var/lib/apt/lists/* && \ + rm -rf /tmp/build # Declare entrypoint ENTRYPOINT ["/docker-entrypoint"] diff --git a/docker-entrypoint b/docker-entrypoint index de06396..7d7de4f 100644 --- a/docker-entrypoint +++ b/docker-entrypoint @@ -12,32 +12,32 @@ # However, this blocks starting the initial process IF you have a bad or no Internet connection at # all. To avoid this, you can start the container with SKIP_COMPOSER_UPDATE env set to 1. if [[ $SKIP_COMPOSER_UPDATE != "1" ]]; then - composer selfupdate -vvvn + composer selfupdate -vvvn fi # Enable Xdebug # Use Xdebug if ENABLE_XDEBUG env is set to 1. if [[ $ENABLE_XDEBUG == "1" ]]; then - # Check if Xdebug extension is already enabled - touch /usr/local/lib/php.ini - grep -xq 'zend_extension\s*=\s*/usr/local/lib/php/extensions/no-debug-non-zts-20160303/xdebug.so' /usr/local/lib/php.ini - if [[ $? != "0" ]]; then - echo "zend_extension = /usr/local/lib/php/extensions/no-debug-non-zts-20160303/xdebug.so" >> /usr/local/lib/php.ini - fi - - echo -e "\e[32mXdebug enabled\e[0m" + # Check if Xdebug extension is already enabled + touch /usr/local/lib/php.ini + grep -xq 'zend_extension\s*=\s*/usr/local/lib/php/extensions/no-debug-non-zts-20160303/xdebug.so' /usr/local/lib/php.ini + if [[ $? != "0" ]]; then + echo "zend_extension = /usr/local/lib/php/extensions/no-debug-non-zts-20160303/xdebug.so" >> /usr/local/lib/php.ini + fi + + echo -e "\e[32mXdebug enabled\e[0m" fi # Deploy available crontabs if [[ -d /crontab ]]; then - for crontab_file in $(ls /crontab); do - crontab -u $crontab_file /crontab/$crontab_file - done + for crontab_file in $(ls /crontab); do + crontab -u $crontab_file /crontab/$crontab_file + done fi # Start Honcho if [[ $1 == "server" ]]; then - exec honcho -d / start + exec honcho -d / start fi exec "$@" diff --git a/fix-permission b/fix-permission index 636d0ab..ccfb6c6 100644 --- a/fix-permission +++ b/fix-permission @@ -7,73 +7,73 @@ TARGET_GROUP=$2 TARGET_DIR=$3 function get_target_uid() { - echo $(stat -c '%u' $TARGET_DIR) + echo $(stat -c '%u' $TARGET_DIR) } function get_target_gid() { - echo $(stat -c '%g' $TARGET_DIR) + echo $(stat -c '%g' $TARGET_DIR) } function get_current_uid_of() { - echo $(getent passwd $1 | cut -d: -f3) + echo $(getent passwd $1 | cut -d: -f3) } function get_current_username_of() { - echo $(getent passwd $1 | cut -d: -f1) + echo $(getent passwd $1 | cut -d: -f1) } function get_current_gid_of() { - echo $(getent group $1 | cut -d: -f3) + echo $(getent group $1 | cut -d: -f3) } function get_current_groupname_of() { - echo $(getent group $1 | cut -d: -f1) + echo $(getent group $1 | cut -d: -f1) } # Exist if UID and GID already match if [[ get_target_uid -eq $(get_current_uid_of "$TARGET_USER") && get_target_gid -eq $(get_current_gid_of "$TARGET_GROUP") ]]; then - # Nothing to do here... - exit 0 + # Nothing to do here... + exit 0 fi # Remove conflicting group if needed if [[ $(get_target_gid) -ne $(get_current_gid_of "$TARGET_GROUP") && -z $(get_current_gid_of "$TARGET_GROUP") && $(get_target_gid) -ne 0 ]]; then - groupdel $(get_target_gid) - if [[ $? -ne 0 ]]; then - exit $? - fi + groupdel $(get_target_gid) + if [[ $? -ne 0 ]]; then + exit $? + fi fi # Remove conflicting user if needed if [[ $(get_target_uid) -ne $(get_current_uid_of "$TARGET_USER") && -z $(get_current_uid_of "$TARGET_USER") && $(get_target_uid) -ne 0 ]]; then - userdel $(get_target_uid) - if [[ $? -ne 0 ]]; then - exit $? - fi + userdel $(get_target_uid) + if [[ $? -ne 0 ]]; then + exit $? + fi fi # Create target group if needed if [[ $TARGET_GROUP != $(get_current_groupname_of "$TARGET_GROUP") ]]; then - groupadd -g $(get_target_gid) $TARGET_GROUP + groupadd -g $(get_target_gid) $TARGET_GROUP fi # Create target user if needed if [[ $TARGET_USER != $(get_current_username_of "$TARGET_USER") ]]; then - useradd -u $(get_target_uid) $TARGET_USER + useradd -u $(get_target_uid) $TARGET_USER fi # Modify the GID if needed if [[ $(get_target_gid) -ne $(get_current_gid_of "$TARGET_GROUP") ]]; then - groupmod -g $(get_target_gid) $TARGET_GROUP - if [[ $? -ne 0 ]]; then - exit $? - fi + groupmod -g $(get_target_gid) $TARGET_GROUP + if [[ $? -ne 0 ]]; then + exit $? + fi fi # Modify the UID if needed if [[ $(get_target_uid) -ne $(get_current_uid_of "$TARGET_USER") ]]; then - usermod -u $(get_target_uid) $TARGET_USER - if [[ $? -ne 0 ]]; then - exit $? - fi + usermod -u $(get_target_uid) $TARGET_USER + if [[ $? -ne 0 ]]; then + exit $? + fi fi diff --git a/nginx.conf b/nginx.conf index 52f39e0..27c276c 100644 --- a/nginx.conf +++ b/nginx.conf @@ -11,77 +11,77 @@ error_log logs/error-nginx.log info; pid /var/run/nginx.pid; events { - worker_connections 1024; + worker_connections 1024; } http { - include mime.types; - default_type application/octet-stream; - - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - sendfile on; - - keepalive_timeout 15; - - gzip on; - gzip_comp_level 2; - gzip_min_length 1000; - gzip_proxied expired no-cache no-store private auth; - gzip_types text/plain application/x-javascript text/xml text/css application/xml; - - server { - listen 80 default_server; - server_name localhost; - - root /usr/local/nginx/html; - index index.php index.html index.htm; - - access_log logs/http-access.log main; - - location ~ \.php { - include fastcgi_params; - fastcgi_keep_conn on; - fastcgi_index index.php; - fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_intercept_errors on; - fastcgi_pass unix:/var/run/php-fpm.sock; - } - - } - - # server { - # listen 443 ssl; - # server_name localhost; - - # ssl_protocols TLSv1.2 TLSv1.1 TLSv1; - # ssl_prefer_server_ciphers on; - # ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4 !MEDIUM"; - - # ssl_certificate /etc/ssl/private/cert.pem; - # ssl_certificate_key /etc/ssl/private/cert.key; - - # ssl_session_cache shared:SSL:10m; - # ssl_session_timeout 5m; - - # root /usr/local/nginx/html; - # index index.php index.html index.htm; - - # access_log logs/https-access.log main; - - # location ~ \.php { - # include fastcgi_params; - # fastcgi_keep_conn on; - # fastcgi_index index.php; - # fastcgi_split_path_info ^(.+\.php)(/.+)$; - # fastcgi_param PATH_INFO $fastcgi_path_info; - # fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - # fastcgi_intercept_errors on; - # fastcgi_pass unix:/var/run/php-fpm.sock; - # } - # } + include mime.types; + default_type application/octet-stream; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + sendfile on; + + keepalive_timeout 15; + + gzip on; + gzip_comp_level 2; + gzip_min_length 1000; + gzip_proxied expired no-cache no-store private auth; + gzip_types text/plain application/x-javascript text/xml text/css application/xml; + + server { + listen 80 default_server; + server_name localhost; + + root /usr/local/nginx/html; + index index.php index.html index.htm; + + access_log logs/http-access.log main; + + location ~ \.php { + include fastcgi_params; + fastcgi_keep_conn on; + fastcgi_index index.php; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_intercept_errors on; + fastcgi_pass unix:/var/run/php-fpm.sock; + } + + } + + # server { + # listen 443 ssl; + # server_name localhost; + + # ssl_protocols TLSv1.2 TLSv1.1 TLSv1; + # ssl_prefer_server_ciphers on; + # ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4 !MEDIUM"; + + # ssl_certificate /etc/ssl/private/cert.pem; + # ssl_certificate_key /etc/ssl/private/cert.key; + + # ssl_session_cache shared:SSL:10m; + # ssl_session_timeout 5m; + + # root /usr/local/nginx/html; + # index index.php index.html index.htm; + + # access_log logs/https-access.log main; + + # location ~ \.php { + # include fastcgi_params; + # fastcgi_keep_conn on; + # fastcgi_index index.php; + # fastcgi_split_path_info ^(.+\.php)(/.+)$; + # fastcgi_param PATH_INFO $fastcgi_path_info; + # fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + # fastcgi_intercept_errors on; + # fastcgi_pass unix:/var/run/php-fpm.sock; + # } + # } }