From a558472afe0c92ca90f90e90e402b49b3fed4ad5 Mon Sep 17 00:00:00 2001 From: Wilmer Arambula Date: Thu, 10 Jul 2025 09:09:28 -0400 Subject: [PATCH 01/18] feat: Add Docker configuration for `Yii2` application with `Nginx` and `Apache` setups. --- docker-compose.nginx.yml | 16 ++ docker-compose.yml | 15 ++ docker/apache/Dockerfile | 18 ++ docker/apache/apache.conf | 234 ++++++++++++++++++ docker/apache/supervisord/conf.d/apache2.conf | 4 + docker/apache/supervisord/conf.d/queue.conf | 9 + docker/apache/supervisord/log/.gitignore | 2 + docker/apache/supervisord/supervisord.conf | 10 + docker/apache/vhost.conf | 36 +++ docker/nginx/Dockerfile | 19 ++ docker/nginx/default.conf | 70 ++++++ docker/nginx/nginx.conf | 57 +++++ docker/nginx/supervisord/conf.d/nginx.conf | 9 + docker/nginx/supervisord/conf.d/php-fpm.conf | 10 + docker/nginx/supervisord/conf.d/queue.conf | 9 + docker/nginx/supervisord/log/.gitignore | 2 + docker/nginx/supervisord/supervisord.conf | 12 + docker/php/php.ini | 18 ++ src/framework/resource/css/site.css | 1 - 19 files changed, 550 insertions(+), 1 deletion(-) create mode 100644 docker-compose.nginx.yml create mode 100644 docker-compose.yml create mode 100644 docker/apache/Dockerfile create mode 100644 docker/apache/apache.conf create mode 100644 docker/apache/supervisord/conf.d/apache2.conf create mode 100644 docker/apache/supervisord/conf.d/queue.conf create mode 100644 docker/apache/supervisord/log/.gitignore create mode 100644 docker/apache/supervisord/supervisord.conf create mode 100644 docker/apache/vhost.conf create mode 100644 docker/nginx/Dockerfile create mode 100644 docker/nginx/default.conf create mode 100644 docker/nginx/nginx.conf create mode 100644 docker/nginx/supervisord/conf.d/nginx.conf create mode 100644 docker/nginx/supervisord/conf.d/php-fpm.conf create mode 100644 docker/nginx/supervisord/conf.d/queue.conf create mode 100644 docker/nginx/supervisord/log/.gitignore create mode 100644 docker/nginx/supervisord/supervisord.conf create mode 100644 docker/php/php.ini diff --git a/docker-compose.nginx.yml b/docker-compose.nginx.yml new file mode 100644 index 0000000..3d459df --- /dev/null +++ b/docker-compose.nginx.yml @@ -0,0 +1,16 @@ + +services: + yii2-nginx: + build: + context: docker/ + dockerfile: nginx/Dockerfile + image: yii2-nginx:84 + restart: always + working_dir: /app + volumes: + - ./:/app + - ~/.composer-docker/cache:/root/.composer/cache:delegated + ports: + - '8081:80' + environment: + TZ: "UTC" diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..c5512b6 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,15 @@ +services: + yii2-apache: + build: + context: docker/ + dockerfile: apache/Dockerfile + image: yii2-apache:84 + restart: always + working_dir: /app + volumes: + - ./:/app + - ~/.composer-docker/cache:/root/.composer/cache:delegated + ports: + - '8080:80' + environment: + TZ: "UTC" diff --git a/docker/apache/Dockerfile b/docker/apache/Dockerfile new file mode 100644 index 0000000..0353e19 --- /dev/null +++ b/docker/apache/Dockerfile @@ -0,0 +1,18 @@ +FROM yiisoftware/yii2-php:8.4-apache + +# change web server config +COPY apache/apache.conf /etc/apache2/apache2.conf +COPY apache/vhost.conf /etc/apache2/sites-available/000-default.conf + +# change PHP config +COPY ../php/php.ini /usr/local/etc/php/conf.d/base.ini + +# install supervisord +RUN apt-get update && apt-get install -y supervisor --no-install-recommends && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* +COPY apache/supervisord/supervisord.conf /etc/supervisor/supervisord.conf + +# copy apache2 config +COPY apache/supervisord/conf.d/apache2.conf /etc/supervisor/conf.d/apache2.conf + +# run supervisord +CMD ["supervisord", "-c", "/etc/supervisor/supervisord.conf"] diff --git a/docker/apache/apache.conf b/docker/apache/apache.conf new file mode 100644 index 0000000..413858f --- /dev/null +++ b/docker/apache/apache.conf @@ -0,0 +1,234 @@ +# This is the main Apache server configuration file. It contains the +# configuration directives that give the server its instructions. +# See http://httpd.apache.org/docs/2.4/ for detailed information about +# the directives and /usr/share/doc/apache2/README.Debian about Debian specific +# hints. +# +# +# Summary of how the Apache 2 configuration works in Debian: +# The Apache 2 web server configuration in Debian is quite different to +# upstream's suggested way to configure the web server. This is because Debian's +# default Apache2 installation attempts to make adding and removing modules, +# virtual hosts, and extra configuration directives as flexible as possible, in +# order to make automating the changes and administering the server as easy as +# possible. + +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf-enabled +# | `-- *.conf +# `-- sites-enabled +# `-- *.conf +# +# +# * apache2.conf is the main configuration file (this file). It puts the pieces +# together by including all remaining configuration files when starting up the +# web server. +# +# * ports.conf is always included from the main configuration file. It is +# supposed to determine listening ports for incoming connections which can be +# customized anytime. +# +# * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/ +# directories contain particular configuration snippets which manage modules, +# global configuration fragments, or virtual host configurations, +# respectively. +# +# They are activated by symlinking available configuration files from their +# respective *-available/ counterparts. These should be managed by using our +# helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See +# their respective man pages for detailed information. +# +# * The binary is called apache2. Due to the use of environment variables, in +# the default configuration, apache2 needs to be started/stopped with +# /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not +# work with the default configuration. + + +# Global configuration +# + +# +# ServerRoot: The top of the directory tree under which the server's +# configuration, error, and log files are kept. +# +# NOTE! If you intend to place this on an NFS (or otherwise network) +# mounted filesystem then please read the Mutex documentation (available +# at ); +# you will save yourself a lot of trouble. +# +# Do NOT add a slash at the end of the directory path. +# +#ServerRoot "/etc/apache2" + +# +# The accept serialization lock file MUST BE STORED ON A LOCAL DISK. +# +#Mutex file:${APACHE_LOCK_DIR} default + +# +# The directory where shm and other runtime files will be stored. +# + +DefaultRuntimeDir ${APACHE_RUN_DIR} + +# +# PidFile: The file in which the server should record its process +# identification number when it starts. +# This needs to be set in /etc/apache2/envvars +# +PidFile ${APACHE_PID_FILE} + +# +# Timeout: The number of seconds before receives and sends time out. +# +Timeout 500 + +# +# KeepAlive: Whether or not to allow persistent connections (more than +# one request per connection). Set to "Off" to deactivate. +# +KeepAlive On + +# +# MaxKeepAliveRequests: The maximum number of requests to allow +# during a persistent connection. Set to 0 to allow an unlimited amount. +# We recommend you leave this number high, for maximum performance. +# +MaxKeepAliveRequests 100 + +# +# KeepAliveTimeout: Number of seconds to wait for the next request from the +# same client on the same connection. +# +KeepAliveTimeout 5 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} + +# +# HostnameLookups: Log the names of clients or just their IP addresses +# e.g., www.apache.org (on) or 204.62.129.132 (off). +# The default is off because it'd be overall better for the net if people +# had to knowingly turn this feature on, since enabling it means that +# each client request will result in AT LEAST one lookup request to the +# nameserver. +# +HostnameLookups Off + +# ErrorLog: The location of the error log file. +# If you do not specify an ErrorLog directive within a +# container, error messages relating to that virtual host will be +# logged here. If you *do* define an error logfile for a +# container, that host's errors will be logged there and not here. +# +ErrorLog ${APACHE_LOG_DIR}/error.log + +# +# LogLevel: Control the severity of messages logged to the error_log. +# Available values: trace8, ..., trace1, debug, info, notice, warn, +# error, crit, alert, emerg. +# It is also possible to configure the log level for particular modules, e.g. +# "LogLevel info ssl:warn" +# +LogLevel warn + +# Include module configuration: +IncludeOptional mods-enabled/*.load +IncludeOptional mods-enabled/*.conf + +# Include list of ports to listen on +Include ports.conf + + +# Sets the default security model of the Apache2 HTTPD server. It does +# not allow access to the root filesystem outside of /usr/share and /var/www. +# The former is used by web applications packaged in Debian, +# the latter may be used for local directories served by the web server. If +# your system is serving content from a sub-directory in /srv you must allow +# access here, or in any related virtual host. + + Options FollowSymLinks + AllowOverride None + Require all denied + + + + AllowOverride None + Require all granted + + + + Options Indexes FollowSymLinks + AllowOverride None + Require all granted + + +# +# Options Indexes FollowSymLinks +# AllowOverride None +# Require all granted +# + + +# AccessFileName: The name of the file to look for in each directory +# for additional configuration directives. See also the AllowOverride +# directive. +# +AccessFileName .htaccess + +# +# The following lines prevent .htaccess and .htpasswd files from being +# viewed by Web clients. +# + + Require all denied + + + +# +# The following directives define some format nicknames for use with +# a CustomLog directive. +# +# These deviate from the Common Log Format definitions in that they use %O +# (the actual bytes sent including headers) instead of %b (the size of the +# requested file), because the latter makes it impossible to detect partial +# requests. +# +# Note that the use of %{X-Forwarded-For}i instead of %h is not recommended. +# Use mod_remoteip instead. +# +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent + +# Include of directories ignores editors' and dpkg's backup files, +# see README.Debian for details. + +# Include generic snippets of statements +IncludeOptional conf-enabled/*.conf + +# Include the virtual host configurations: +IncludeOptional sites-enabled/*.conf + +# vim: syntax=apache ts=4 sw=4 sts=4 sr noet + +ServerTokens ProductOnly +ServerSignature Off + +TraceEnable Off + + + Require all denied + \ No newline at end of file diff --git a/docker/apache/supervisord/conf.d/apache2.conf b/docker/apache/supervisord/conf.d/apache2.conf new file mode 100644 index 0000000..0d42f1e --- /dev/null +++ b/docker/apache/supervisord/conf.d/apache2.conf @@ -0,0 +1,4 @@ +[program:apache2] +command=/bin/bash -c "source /etc/apache2/envvars && exec /usr/sbin/apache2 -DFOREGROUND" +autostart=true +autorestart=true \ No newline at end of file diff --git a/docker/apache/supervisord/conf.d/queue.conf b/docker/apache/supervisord/conf.d/queue.conf new file mode 100644 index 0000000..5ee7012 --- /dev/null +++ b/docker/apache/supervisord/conf.d/queue.conf @@ -0,0 +1,9 @@ +[program:yii-queue-worker] +process_name=%(program_name)s_%(process_num)02d +command=/usr/local/bin/php /app/yii queue/listen --verbose=1 --color=0 +autostart=true +autorestart=true +user=www-data +numprocs=4 +redirect_stderr=true +stdout_logfile=/app/docker/apache/supervisord/log/yii-queue-worker.log diff --git a/docker/apache/supervisord/log/.gitignore b/docker/apache/supervisord/log/.gitignore new file mode 100644 index 0000000..c96a04f --- /dev/null +++ b/docker/apache/supervisord/log/.gitignore @@ -0,0 +1,2 @@ +* +!.gitignore \ No newline at end of file diff --git a/docker/apache/supervisord/supervisord.conf b/docker/apache/supervisord/supervisord.conf new file mode 100644 index 0000000..b879ad7 --- /dev/null +++ b/docker/apache/supervisord/supervisord.conf @@ -0,0 +1,10 @@ +[supervisord] +logfile = /dev/null +loglevel = info +pidfile = /var/run/supervisord.pid +nodaemon = true + +[include] +files = /etc/supervisor/conf.d/*.conf + +[supervisorctl] diff --git a/docker/apache/vhost.conf b/docker/apache/vhost.conf new file mode 100644 index 0000000..cf6f1ff --- /dev/null +++ b/docker/apache/vhost.conf @@ -0,0 +1,36 @@ + + Options FollowSymLinks + AllowOverride All + Require all granted + + + + # The ServerName directive sets the request scheme, hostname and port that + # the server uses to identify itself. This is used when creating + # redirection URLs. In the context of virtual hosts, the ServerName + # specifies what hostname must appear in the request's Host: header to + # match this virtual host. For the default virtual host (this file) this + # value is not decisive as it is used as a last resort host regardless. + # However, you must set it for any further virtual host explicitly. + #ServerName example.com + #ServerAlias www.example.com + + ServerAdmin webmaster@localhost + DocumentRoot /app/public + + # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, + # error, crit, alert, emerg. + # It is also possible to configure the loglevel for particular + # modules, e.g. + #LogLevel info ssl:warn + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + # For most configuration files from conf-available/, which are + # enabled or disabled at a global level, it is possible to + # include a line for only one particular virtual host. For example the + # following line enables the CGI configuration for this host only + # after it has been globally disabled with "a2disconf". + #Include conf-available/serve-cgi-bin.conf + \ No newline at end of file diff --git a/docker/nginx/Dockerfile b/docker/nginx/Dockerfile new file mode 100644 index 0000000..f787c2f --- /dev/null +++ b/docker/nginx/Dockerfile @@ -0,0 +1,19 @@ +FROM yiisoftware/yii2-php:8.4-fpm-nginx + +# change nginx config +COPY nginx/nginx.conf /etc/nginx/nginx.conf +COPY nginx/default.conf /etc/nginx/conf.d/default.conf + +# change PHP config (same as Apache) +COPY ../php/php.ini /usr/local/etc/php/conf.d/base.ini + +# install supervisord +RUN apt-get update && apt-get install -y supervisor --no-install-recommends && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* +COPY nginx/supervisord/supervisord.conf /etc/supervisor/supervisord.conf + +# copy nginx + php-fpm + queue configs for supervisord +COPY nginx/supervisord/conf.d/nginx.conf /etc/supervisor/conf.d/nginx.conf +COPY nginx/supervisord/conf.d/php-fpm.conf /etc/supervisor/conf.d/php-fpm.conf + +# run supervisord +CMD ["supervisord", "-c", "/etc/supervisor/supervisord.conf"] diff --git a/docker/nginx/default.conf b/docker/nginx/default.conf new file mode 100644 index 0000000..1147cee --- /dev/null +++ b/docker/nginx/default.conf @@ -0,0 +1,70 @@ +server { + charset utf-8; + client_max_body_size 128M; + listen 80; + server_name localhost; + + # root directory for the application + root /app/public; + index index.php; + + # decurity headers + add_header X-Frame-Options "SAMEORIGIN" always; + add_header X-XSS-Protection "1; mode=block" always; + add_header X-Content-Type-Options "nosniff" always; + + # logging + access_log /var/log/nginx/access.log; + error_log /var/log/nginx/error.log; + + # yii2 URL rewriting (CRITICAL for Yii2) + location / { + try_files $uri $uri/ /index.php$is_args$args; + } + + # PHP handling via PHP-FPM + location ~ \.php$ { + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass 127.0.0.1:9000; + try_files $uri =404; + + # PHP execution settings + fastcgi_read_timeout 300; + fastcgi_buffer_size 128k; + fastcgi_buffers 4 256k; + fastcgi_busy_buffers_size 256k; + } + + # deny accessing php files for the /assets directory (Yii2 security) + location ~ ^/assets/.*\.php$ { + deny all; + } + + # block access to sensitive files + location ~ /\.git { + deny all; + } + + location ~ /\.ht { + deny all; + } + + # block access to hidden files/directories + location ~* /\. { + deny all; + } + + # static files handling with caching + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ { + expires 1y; + add_header Cache-Control "public, immutable"; + try_files $uri =404; + } + + # deny access to PHP files in specific directories (ajustado a tu estructura) + location ~ ^/(vendor|runtime)/.+\.php$ { + deny all; + return 404; + } +} diff --git a/docker/nginx/nginx.conf b/docker/nginx/nginx.conf new file mode 100644 index 0000000..e808bd5 --- /dev/null +++ b/docker/nginx/nginx.conf @@ -0,0 +1,57 @@ +user www-data; +worker_processes auto; +pid /run/nginx.pid; +include /etc/nginx/modules-enabled/*.conf; + +events { + worker_connections 768; + multi_accept on; + use epoll; +} + +http { + # Basic Settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + + # Security headers + server_tokens off; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + # SSL Settings + ssl_protocols TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + # Logging Settings + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + error_log /var/log/nginx/error.log warn; + + # Gzip Settings + gzip on; + gzip_vary on; + gzip_proxied any; + gzip_comp_level 6; + gzip_types + text/plain + text/css + text/xml + text/javascript + application/json + application/javascript + application/xml+rss + application/atom+xml + image/svg+xml; + + # Virtual Host Configs + include /etc/nginx/conf.d/*.conf; + include /etc/nginx/sites-enabled/*; +} diff --git a/docker/nginx/supervisord/conf.d/nginx.conf b/docker/nginx/supervisord/conf.d/nginx.conf new file mode 100644 index 0000000..93bc8b1 --- /dev/null +++ b/docker/nginx/supervisord/conf.d/nginx.conf @@ -0,0 +1,9 @@ +[program:nginx] +command=/usr/sbin/nginx -g "daemon off;" +autostart=true +autorestart=true +priority=10 +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/docker/nginx/supervisord/conf.d/php-fpm.conf b/docker/nginx/supervisord/conf.d/php-fpm.conf new file mode 100644 index 0000000..257c60c --- /dev/null +++ b/docker/nginx/supervisord/conf.d/php-fpm.conf @@ -0,0 +1,10 @@ + +[program:php-fpm] +command=/usr/local/sbin/php-fpm --nodaemonize +autostart=true +autorestart=true +priority=5 +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/docker/nginx/supervisord/conf.d/queue.conf b/docker/nginx/supervisord/conf.d/queue.conf new file mode 100644 index 0000000..d6cf5e3 --- /dev/null +++ b/docker/nginx/supervisord/conf.d/queue.conf @@ -0,0 +1,9 @@ +[program:yii-queue-worker] +process_name=%(program_name)s_%(process_num)02d +command=/usr/local/bin/php /app/yii queue/listen --verbose=1 --color=0 +autostart=true +autorestart=true +user=www-data +numprocs=4 +redirect_stderr=true +stdout_logfile=/app/docker/nginx/supervisord/log/yii-queue-worker.log diff --git a/docker/nginx/supervisord/log/.gitignore b/docker/nginx/supervisord/log/.gitignore new file mode 100644 index 0000000..c96a04f --- /dev/null +++ b/docker/nginx/supervisord/log/.gitignore @@ -0,0 +1,2 @@ +* +!.gitignore \ No newline at end of file diff --git a/docker/nginx/supervisord/supervisord.conf b/docker/nginx/supervisord/supervisord.conf new file mode 100644 index 0000000..f3abc22 --- /dev/null +++ b/docker/nginx/supervisord/supervisord.conf @@ -0,0 +1,12 @@ +[supervisord] +logfile = /dev/null +loglevel = info +pidfile = /var/run/supervisord.pid +nodaemon = true +user = root + +[include] +files = /etc/supervisor/conf.d/*.conf + +[supervisorctl] +serverurl = unix:///var/run/supervisor.sock diff --git a/docker/php/php.ini b/docker/php/php.ini new file mode 100644 index 0000000..4f7adf6 --- /dev/null +++ b/docker/php/php.ini @@ -0,0 +1,18 @@ +;apc.enable_cli = 1 +date.timezone = UTC +session.auto_start = Off +short_open_tag = Off +expose_php = Off +upload_max_filesize = 15M +post_max_size = 150M +memory_limit = 512M +display_errors = Off + +# https://symfony.com/doc/current/performance.html +opcache.interned_strings_buffer = 16 +opcache.max_accelerated_files = 20000 +opcache.memory_consumption = 256 +opcache.validate_timestamps = 0 +realpath_cache_size = 4096K +realpath_cache_ttl = 600 +opcache.preload_user = www-data \ No newline at end of file diff --git a/src/framework/resource/css/site.css b/src/framework/resource/css/site.css index 09cba52..fe627e9 100644 --- a/src/framework/resource/css/site.css +++ b/src/framework/resource/css/site.css @@ -43,7 +43,6 @@ html, body { } [data-bs-theme=dark] #contactform-verifycode-image { - background-color: var(--bs-secondary-bg); border: 1px solid rgba(255, 255, 255, 0.1); box-shadow: 0 1px 3px rgba(0,0,0,0.3); filter: invert(1) hue-rotate(180deg); From 89f49a9714fa9c753e779f3d6c1acf266a527dea Mon Sep 17 00:00:00 2001 From: Wilmer Arambula Date: Thu, 10 Jul 2025 09:22:11 -0400 Subject: [PATCH 02/18] feat: Enhance Nginx supervisord configuration with process management options. --- docker/nginx/supervisord/conf.d/nginx.conf | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docker/nginx/supervisord/conf.d/nginx.conf b/docker/nginx/supervisord/conf.d/nginx.conf index 93bc8b1..3df5802 100644 --- a/docker/nginx/supervisord/conf.d/nginx.conf +++ b/docker/nginx/supervisord/conf.d/nginx.conf @@ -3,6 +3,9 @@ command=/usr/sbin/nginx -g "daemon off;" autostart=true autorestart=true priority=10 +killasgroup=true +stopasgroup=true +stopsignal=QUIT stdout_logfile=/dev/stdout stdout_logfile_maxbytes=0 stderr_logfile=/dev/stderr From c6ce9c0ac242bdd4a6275efedce00bf6c0a91311 Mon Sep 17 00:00:00 2001 From: Wilmer Arambula Date: Thu, 10 Jul 2025 09:39:49 -0400 Subject: [PATCH 03/18] fix: Update Dockerfile and configuration paths for Nginx and Apache services. --- docker-compose.nginx.yml | 3 +-- docker-compose.yml | 3 +-- docker/apache/Dockerfile | 10 +++++----- docker/apache/supervisord/supervisord.conf | 7 ++++++- docker/nginx/Dockerfile | 12 ++++++------ docker/nginx/default.conf | 17 +++++++++-------- docker/nginx/supervisord/conf.d/php-fpm.conf | 9 ++++++--- docker/nginx/supervisord/conf.d/queue.conf | 11 ++++++++--- docker/nginx/supervisord/supervisord.conf | 4 +++- 9 files changed, 45 insertions(+), 31 deletions(-) diff --git a/docker-compose.nginx.yml b/docker-compose.nginx.yml index 3d459df..42cae31 100644 --- a/docker-compose.nginx.yml +++ b/docker-compose.nginx.yml @@ -2,8 +2,7 @@ services: yii2-nginx: build: - context: docker/ - dockerfile: nginx/Dockerfile + dockerfile: docker/nginx/Dockerfile image: yii2-nginx:84 restart: always working_dir: /app diff --git a/docker-compose.yml b/docker-compose.yml index c5512b6..a2fc846 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,8 +1,7 @@ services: yii2-apache: build: - context: docker/ - dockerfile: apache/Dockerfile + dockerfile: docker/apache/Dockerfile image: yii2-apache:84 restart: always working_dir: /app diff --git a/docker/apache/Dockerfile b/docker/apache/Dockerfile index 0353e19..e319978 100644 --- a/docker/apache/Dockerfile +++ b/docker/apache/Dockerfile @@ -1,18 +1,18 @@ FROM yiisoftware/yii2-php:8.4-apache # change web server config -COPY apache/apache.conf /etc/apache2/apache2.conf -COPY apache/vhost.conf /etc/apache2/sites-available/000-default.conf +COPY docker/apache/apache.conf /etc/apache2/apache2.conf +COPY docker/apache/vhost.conf /etc/apache2/sites-available/000-default.conf # change PHP config -COPY ../php/php.ini /usr/local/etc/php/conf.d/base.ini +COPY docker/php/php.ini /usr/local/etc/php/conf.d/base.ini # install supervisord RUN apt-get update && apt-get install -y supervisor --no-install-recommends && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* -COPY apache/supervisord/supervisord.conf /etc/supervisor/supervisord.conf +COPY docker/apache/supervisord/supervisord.conf /etc/supervisor/supervisord.conf # copy apache2 config -COPY apache/supervisord/conf.d/apache2.conf /etc/supervisor/conf.d/apache2.conf +COPY docker/apache/supervisord/conf.d/apache2.conf /etc/supervisor/conf.d/apache2.conf # run supervisord CMD ["supervisord", "-c", "/etc/supervisor/supervisord.conf"] diff --git a/docker/apache/supervisord/supervisord.conf b/docker/apache/supervisord/supervisord.conf index b879ad7..649e117 100644 --- a/docker/apache/supervisord/supervisord.conf +++ b/docker/apache/supervisord/supervisord.conf @@ -1,10 +1,15 @@ + [supervisord] -logfile = /dev/null +logfile = /proc/self/fd/1 +logfile_maxbytes = 0 loglevel = info pidfile = /var/run/supervisord.pid nodaemon = true +user = root +silent = true [include] files = /etc/supervisor/conf.d/*.conf [supervisorctl] +serverurl = unix:///var/run/supervisor.sock diff --git a/docker/nginx/Dockerfile b/docker/nginx/Dockerfile index f787c2f..3b9c994 100644 --- a/docker/nginx/Dockerfile +++ b/docker/nginx/Dockerfile @@ -1,19 +1,19 @@ FROM yiisoftware/yii2-php:8.4-fpm-nginx # change nginx config -COPY nginx/nginx.conf /etc/nginx/nginx.conf -COPY nginx/default.conf /etc/nginx/conf.d/default.conf +COPY docker/nginx/nginx.conf /etc/nginx/nginx.conf +COPY docker/nginx/default.conf /etc/nginx/conf.d/default.conf # change PHP config (same as Apache) -COPY ../php/php.ini /usr/local/etc/php/conf.d/base.ini +COPY docker/php/php.ini /usr/local/etc/php/conf.d/base.ini # install supervisord RUN apt-get update && apt-get install -y supervisor --no-install-recommends && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* -COPY nginx/supervisord/supervisord.conf /etc/supervisor/supervisord.conf +COPY docker/nginx/supervisord/supervisord.conf /etc/supervisor/supervisord.conf # copy nginx + php-fpm + queue configs for supervisord -COPY nginx/supervisord/conf.d/nginx.conf /etc/supervisor/conf.d/nginx.conf -COPY nginx/supervisord/conf.d/php-fpm.conf /etc/supervisor/conf.d/php-fpm.conf +COPY docker/nginx/supervisord/conf.d/nginx.conf /etc/supervisor/conf.d/nginx.conf +COPY docker/nginx/supervisord/conf.d/php-fpm.conf /etc/supervisor/conf.d/php-fpm.conf # run supervisord CMD ["supervisord", "-c", "/etc/supervisor/supervisord.conf"] diff --git a/docker/nginx/default.conf b/docker/nginx/default.conf index 1147cee..d82fe08 100644 --- a/docker/nginx/default.conf +++ b/docker/nginx/default.conf @@ -4,11 +4,11 @@ server { listen 80; server_name localhost; - # root directory for the application + # document root and index file root /app/public; index index.php; - # decurity headers + # security headers add_header X-Frame-Options "SAMEORIGIN" always; add_header X-XSS-Protection "1; mode=block" always; add_header X-Content-Type-Options "nosniff" always; @@ -17,11 +17,17 @@ server { access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; - # yii2 URL rewriting (CRITICAL for Yii2) + # Yii URL rewriting (CRITICAL for Yii2) location / { try_files $uri $uri/ /index.php$is_args$args; } + # deny PHP execution in /assets before the generic handler (Yii2 security) + location ~ ^/assets/.*\.php$ { + deny all; + return 403; + } + # PHP handling via PHP-FPM location ~ \.php$ { include fastcgi_params; @@ -36,11 +42,6 @@ server { fastcgi_busy_buffers_size 256k; } - # deny accessing php files for the /assets directory (Yii2 security) - location ~ ^/assets/.*\.php$ { - deny all; - } - # block access to sensitive files location ~ /\.git { deny all; diff --git a/docker/nginx/supervisord/conf.d/php-fpm.conf b/docker/nginx/supervisord/conf.d/php-fpm.conf index 257c60c..39399ab 100644 --- a/docker/nginx/supervisord/conf.d/php-fpm.conf +++ b/docker/nginx/supervisord/conf.d/php-fpm.conf @@ -1,10 +1,13 @@ [program:php-fpm] command=/usr/local/sbin/php-fpm --nodaemonize -autostart=true autorestart=true +autostart=true +killasgroup=true priority=5 -stdout_logfile=/dev/stdout -stdout_logfile_maxbytes=0 stderr_logfile=/dev/stderr stderr_logfile_maxbytes=0 +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stopasgroup=true +stopsignal=QUIT diff --git a/docker/nginx/supervisord/conf.d/queue.conf b/docker/nginx/supervisord/conf.d/queue.conf index d6cf5e3..b27b6bb 100644 --- a/docker/nginx/supervisord/conf.d/queue.conf +++ b/docker/nginx/supervisord/conf.d/queue.conf @@ -1,9 +1,14 @@ [program:yii-queue-worker] process_name=%(program_name)s_%(process_num)02d command=/usr/local/bin/php /app/yii queue/listen --verbose=1 --color=0 -autostart=true autorestart=true -user=www-data +autostart=true +killasgroup=true numprocs=4 redirect_stderr=true -stdout_logfile=/app/docker/nginx/supervisord/log/yii-queue-worker.log +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stopasgroup=true +user=www-data diff --git a/docker/nginx/supervisord/supervisord.conf b/docker/nginx/supervisord/supervisord.conf index f3abc22..f2bbee4 100644 --- a/docker/nginx/supervisord/supervisord.conf +++ b/docker/nginx/supervisord/supervisord.conf @@ -1,9 +1,11 @@ [supervisord] -logfile = /dev/null +logfile = /proc/self/fd/1 +logfile_maxbytes = 0 loglevel = info pidfile = /var/run/supervisord.pid nodaemon = true user = root +silent = true [include] files = /etc/supervisor/conf.d/*.conf From 1141b3f6be47f9b7e6148be45bf114db7652665b Mon Sep 17 00:00:00 2001 From: Wilmer Arambula Date: Thu, 10 Jul 2025 09:52:36 -0400 Subject: [PATCH 04/18] docs: Clarify comments in Dockerfiles for Apache and Nginx regarding supervisord configurations. --- docker/apache/Dockerfile | 5 ++++- docker/nginx/Dockerfile | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/docker/apache/Dockerfile b/docker/apache/Dockerfile index e319978..8f88cc3 100644 --- a/docker/apache/Dockerfile +++ b/docker/apache/Dockerfile @@ -11,8 +11,11 @@ COPY docker/php/php.ini /usr/local/etc/php/conf.d/base.ini RUN apt-get update && apt-get install -y supervisor --no-install-recommends && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* COPY docker/apache/supervisord/supervisord.conf /etc/supervisor/supervisord.conf -# copy apache2 config +# copy supervisord program configs COPY docker/apache/supervisord/conf.d/apache2.conf /etc/supervisor/conf.d/apache2.conf +# copy queue worker config uncommented for use with yii2-queue +#COPY docker/apache/supervisord/conf.d/queue.conf /etc/supervisor/conf.d/queue.conf + # run supervisord CMD ["supervisord", "-c", "/etc/supervisor/supervisord.conf"] diff --git a/docker/nginx/Dockerfile b/docker/nginx/Dockerfile index 3b9c994..11be84c 100644 --- a/docker/nginx/Dockerfile +++ b/docker/nginx/Dockerfile @@ -11,9 +11,12 @@ COPY docker/php/php.ini /usr/local/etc/php/conf.d/base.ini RUN apt-get update && apt-get install -y supervisor --no-install-recommends && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* COPY docker/nginx/supervisord/supervisord.conf /etc/supervisor/supervisord.conf -# copy nginx + php-fpm + queue configs for supervisord +# copy supervisord program configs COPY docker/nginx/supervisord/conf.d/nginx.conf /etc/supervisor/conf.d/nginx.conf COPY docker/nginx/supervisord/conf.d/php-fpm.conf /etc/supervisor/conf.d/php-fpm.conf +# copy queue worker config uncommented for use with yii2-queue +#COPY docker/apache/supervisord/conf.d/queue.conf /etc/supervisor/conf.d/queue.conf + # run supervisord CMD ["supervisord", "-c", "/etc/supervisor/supervisord.conf"] From 8b818474e5544d68aa9d211bb97f8713bde6fbac Mon Sep 17 00:00:00 2001 From: Wilmer Arambula Date: Thu, 10 Jul 2025 10:02:02 -0400 Subject: [PATCH 05/18] feat: Add SSL configuration for Nginx with enhanced security settings. --- .github/workflows/docker.yml | 145 +++++++++++++++++++++++++++++++++++ docker/nginx/nginx.conf | 4 +- 2 files changed, 148 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/docker.yml diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml new file mode 100644 index 0000000..cf8d6cd --- /dev/null +++ b/.github/workflows/docker.yml @@ -0,0 +1,145 @@ +name: Docker CI + +on: + pull_request: + paths: + - 'docker/**' + - 'docker-compose*.yml' + - '.github/workflows/docker-ci.yml' + push: + paths: + - 'docker/**' + - 'docker-compose*.yml' + - '.github/workflows/docker-ci.yml' + +jobs: + test-apache: + name: Test Apache Image + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Build Apache image + run: docker-compose build yii2-apache + + - name: Start Apache container + run: docker-compose up -d yii2-apache + + - name: Wait for Apache to be ready + run: timeout 60 sh -c 'until curl -f http://localhost:8080/health || curl -f http://localhost:8080 ; do sleep 2; done' + + - name: Test Apache container health + run: | + # Test that Apache is responding + curl -f http://localhost:8080 || echo "Apache not responding" + + # Check that supervisord is running all services + docker exec $(docker-compose ps -q yii2-apache) supervisorctl status + + # Check for any container errors + docker logs $(docker-compose ps -q yii2-apache) 2>&1 | grep -i error && exit 1 || true + + - name: Test PHP functionality + run: | + # Test PHP is working + docker exec $(docker-compose ps -q yii2-apache) php -v + + # Test Yii2 application (if you have a test endpoint) + # curl -f http://localhost:8080/site/about || echo "Yii2 routes not working" + + - name: Stop Apache container + run: docker-compose down yii2-apache + + test-nginx: + name: Test Nginx Image + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Build Nginx image + run: docker-compose -f docker-compose.nginx.yml build yii2-nginx + + - name: Start Nginx container + run: docker-compose -f docker-compose.nginx.yml up -d yii2-nginx + + - name: Wait for Nginx to be ready + run: timeout 60 sh -c 'until curl -f http://localhost:8081/health || curl -f http://localhost:8081 ; do sleep 2; done' + + - name: Test Nginx container health + run: | + # Test that Nginx is responding + curl -f http://localhost:8081 || echo "Nginx not responding" + + # Check that supervisord is running all services + docker exec $(docker-compose -f docker-compose.nginx.yml ps -q yii2-nginx) supervisorctl status + + # Check for any container errors + docker logs $(docker-compose -f docker-compose.nginx.yml ps -q yii2-nginx) 2>&1 | grep -i error && exit 1 || true + + - name: Test PHP-FPM functionality + run: | + # Test PHP-FPM is working + docker exec $(docker-compose -f docker-compose.nginx.yml ps -q yii2-nginx) php -v + + # Test that PHP-FPM is listening + docker exec $(docker-compose -f docker-compose.nginx.yml ps -q yii2-nginx) netstat -ln | grep :9000 + + - name: Test Queue Workers + run: | + # Check that queue workers are running + docker exec $(docker-compose -f docker-compose.nginx.yml ps -q yii2-nginx) supervisorctl status | grep yii-queue-worker + + - name: Stop Nginx container + run: docker-compose -f docker-compose.nginx.yml down yii2-nginx + + security-scan: + name: Security Scan + runs-on: ubuntu-latest + needs: [test-apache, test-nginx] + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Build images for scanning + run: | + docker-compose build + docker-compose -f docker-compose.nginx.yml build + + - name: Run Trivy vulnerability scanner - Apache + uses: aquasecurity/trivy-action@master + with: + image-ref: 'yii2-apache:84' + format: 'sarif' + output: 'trivy-apache-results.sarif' + severity: 'CRITICAL,HIGH' + + - name: Run Trivy vulnerability scanner - Nginx + uses: aquasecurity/trivy-action@master + with: + image-ref: 'yii2-nginx:84' + format: 'sarif' + output: 'trivy-nginx-results.sarif' + severity: 'CRITICAL,HIGH' + + - name: Upload Trivy scan results to GitHub Security tab + uses: github/codeql-action/upload-sarif@v2 + if: always() + with: + sarif_file: 'trivy-apache-results.sarif' + + - name: Upload Trivy scan results to GitHub Security tab + uses: github/codeql-action/upload-sarif@v2 + if: always() + with: + sarif_file: 'trivy-nginx-results.sarif' diff --git a/docker/nginx/nginx.conf b/docker/nginx/nginx.conf index e808bd5..af7722a 100644 --- a/docker/nginx/nginx.conf +++ b/docker/nginx/nginx.conf @@ -24,8 +24,10 @@ http { default_type application/octet-stream; # SSL Settings - ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM'; + ssl_ecdh_curve X25519:P-256; ssl_prefer_server_ciphers on; + ssl_dhparam /etc/ssl/certs/dhparam.pem; # Logging Settings log_format main '$remote_addr - $remote_user [$time_local] "$request" ' From 37acca027ece5f17a56181dbe057f3797c696df9 Mon Sep 17 00:00:00 2001 From: Wilmer Arambula Date: Thu, 10 Jul 2025 10:06:33 -0400 Subject: [PATCH 06/18] feat: Enhance Docker CI workflow with Docker Compose installation and improved step descriptions. --- .github/workflows/docker.yml | 32 ++++++++++++++++++++++---------- 1 file changed, 22 insertions(+), 10 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index cf8d6cd..f13bb47 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -18,22 +18,28 @@ jobs: runs-on: ubuntu-latest steps: - - name: Checkout code + - name: Checkout code. uses: actions/checkout@v4 - - name: Set up Docker Buildx + - name: Set up Docker Buildx. uses: docker/setup-buildx-action@v3 - - name: Build Apache image + - name: Install Docker Compose + run: | + sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose + sudo chmod +x /usr/local/bin/docker-compose + docker-compose --version + + - name: Build Apache image. run: docker-compose build yii2-apache - - name: Start Apache container + - name: Start Apache container. run: docker-compose up -d yii2-apache - - name: Wait for Apache to be ready + - name: Wait for Apache to be ready. run: timeout 60 sh -c 'until curl -f http://localhost:8080/health || curl -f http://localhost:8080 ; do sleep 2; done' - - name: Test Apache container health + - name: Test Apache container health. run: | # Test that Apache is responding curl -f http://localhost:8080 || echo "Apache not responding" @@ -44,7 +50,7 @@ jobs: # Check for any container errors docker logs $(docker-compose ps -q yii2-apache) 2>&1 | grep -i error && exit 1 || true - - name: Test PHP functionality + - name: Test PHP functionality. run: | # Test PHP is working docker exec $(docker-compose ps -q yii2-apache) php -v @@ -52,7 +58,7 @@ jobs: # Test Yii2 application (if you have a test endpoint) # curl -f http://localhost:8080/site/about || echo "Yii2 routes not working" - - name: Stop Apache container + - name: Stop Apache container. run: docker-compose down yii2-apache test-nginx: @@ -66,6 +72,12 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: Install Docker Compose + run: | + sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose + sudo chmod +x /usr/local/bin/docker-compose + docker-compose --version + - name: Build Nginx image run: docker-compose -f docker-compose.nginx.yml build yii2-nginx @@ -108,10 +120,10 @@ jobs: needs: [test-apache, test-nginx] steps: - - name: Checkout code + - name: Checkout code. uses: actions/checkout@v4 - - name: Build images for scanning + - name: Build images for scanning. run: | docker-compose build docker-compose -f docker-compose.nginx.yml build From 13f65350d67c038423b9ac1ae85ed8e038f6aa68 Mon Sep 17 00:00:00 2001 From: Wilmer Arambula Date: Thu, 10 Jul 2025 10:14:37 -0400 Subject: [PATCH 07/18] style: Standardize step names in Docker CI workflow for consistency. --- .github/workflows/docker.yml | 51 ++++++++++++++++-------------------- 1 file changed, 23 insertions(+), 28 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index f13bb47..268e9a9 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -18,28 +18,28 @@ jobs: runs-on: ubuntu-latest steps: - - name: Checkout code. + - name: Checkout. uses: actions/checkout@v4 - - name: Set up Docker Buildx. + - name: Set up docker buildx. uses: docker/setup-buildx-action@v3 - - name: Install Docker Compose + - name: Install docker compose. run: | sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose sudo chmod +x /usr/local/bin/docker-compose docker-compose --version - - name: Build Apache image. + - name: Build apache image. run: docker-compose build yii2-apache - - name: Start Apache container. + - name: Start apache container. run: docker-compose up -d yii2-apache - - name: Wait for Apache to be ready. - run: timeout 60 sh -c 'until curl -f http://localhost:8080/health || curl -f http://localhost:8080 ; do sleep 2; done' + - name: Wait for apache to be ready. + run: timeout 60 sh -c 'until curl -f http://localhost:8080 ; do sleep 2; done' - - name: Test Apache container health. + - name: Test apache container health. run: | # Test that Apache is responding curl -f http://localhost:8080 || echo "Apache not responding" @@ -58,7 +58,7 @@ jobs: # Test Yii2 application (if you have a test endpoint) # curl -f http://localhost:8080/site/about || echo "Yii2 routes not working" - - name: Stop Apache container. + - name: Stop apache container. run: docker-compose down yii2-apache test-nginx: @@ -66,28 +66,28 @@ jobs: runs-on: ubuntu-latest steps: - - name: Checkout code + - name: Checkout. uses: actions/checkout@v4 - - name: Set up Docker Buildx + - name: Set up docker buildx. uses: docker/setup-buildx-action@v3 - - name: Install Docker Compose + - name: Install docker compose. run: | sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose sudo chmod +x /usr/local/bin/docker-compose docker-compose --version - - name: Build Nginx image + - name: Build nginx image. run: docker-compose -f docker-compose.nginx.yml build yii2-nginx - - name: Start Nginx container + - name: Start nginx container. run: docker-compose -f docker-compose.nginx.yml up -d yii2-nginx - - name: Wait for Nginx to be ready - run: timeout 60 sh -c 'until curl -f http://localhost:8081/health || curl -f http://localhost:8081 ; do sleep 2; done' + - name: Wait for nginx to be ready. + run: timeout 60 sh -c 'until curl -f curl -f http://localhost:8081 ; do sleep 2; done' - - name: Test Nginx container health + - name: Test nginx container health. run: | # Test that Nginx is responding curl -f http://localhost:8081 || echo "Nginx not responding" @@ -98,7 +98,7 @@ jobs: # Check for any container errors docker logs $(docker-compose -f docker-compose.nginx.yml ps -q yii2-nginx) 2>&1 | grep -i error && exit 1 || true - - name: Test PHP-FPM functionality + - name: Test PHP-FPM functionality. run: | # Test PHP-FPM is working docker exec $(docker-compose -f docker-compose.nginx.yml ps -q yii2-nginx) php -v @@ -106,11 +106,6 @@ jobs: # Test that PHP-FPM is listening docker exec $(docker-compose -f docker-compose.nginx.yml ps -q yii2-nginx) netstat -ln | grep :9000 - - name: Test Queue Workers - run: | - # Check that queue workers are running - docker exec $(docker-compose -f docker-compose.nginx.yml ps -q yii2-nginx) supervisorctl status | grep yii-queue-worker - - name: Stop Nginx container run: docker-compose -f docker-compose.nginx.yml down yii2-nginx @@ -120,7 +115,7 @@ jobs: needs: [test-apache, test-nginx] steps: - - name: Checkout code. + - name: Checkout. uses: actions/checkout@v4 - name: Build images for scanning. @@ -128,7 +123,7 @@ jobs: docker-compose build docker-compose -f docker-compose.nginx.yml build - - name: Run Trivy vulnerability scanner - Apache + - name: Run trivy vulnerability scanner - apache. uses: aquasecurity/trivy-action@master with: image-ref: 'yii2-apache:84' @@ -136,7 +131,7 @@ jobs: output: 'trivy-apache-results.sarif' severity: 'CRITICAL,HIGH' - - name: Run Trivy vulnerability scanner - Nginx + - name: Run trivy vulnerability scanner - nginx. uses: aquasecurity/trivy-action@master with: image-ref: 'yii2-nginx:84' @@ -144,13 +139,13 @@ jobs: output: 'trivy-nginx-results.sarif' severity: 'CRITICAL,HIGH' - - name: Upload Trivy scan results to GitHub Security tab + - name: Upload trivy scan results to GitHub security tab. uses: github/codeql-action/upload-sarif@v2 if: always() with: sarif_file: 'trivy-apache-results.sarif' - - name: Upload Trivy scan results to GitHub Security tab + - name: Upload trivy scan results to GitHub security tab. uses: github/codeql-action/upload-sarif@v2 if: always() with: From feb1e357c1f9d812294fc01ab10946b9fe7168a7 Mon Sep 17 00:00:00 2001 From: Wilmer Arambula Date: Thu, 10 Jul 2025 10:20:22 -0400 Subject: [PATCH 08/18] feat: Add error log checks for Apache and Nginx containers in CI workflow --- .github/workflows/docker.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 268e9a9..172771e 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -36,6 +36,10 @@ jobs: - name: Start apache container. run: docker-compose up -d yii2-apache + - name: Check container logs for errors. + run: | + docker logs $(docker-compose.yml ps -q yii2-apache) 2>&1 | grep -i error || true + - name: Wait for apache to be ready. run: timeout 60 sh -c 'until curl -f http://localhost:8080 ; do sleep 2; done' @@ -84,6 +88,10 @@ jobs: - name: Start nginx container. run: docker-compose -f docker-compose.nginx.yml up -d yii2-nginx + - name: Check container logs for errors. + run: | + docker logs $(docker-compose.nginx.yml ps -q yii2-nginx) 2>&1 | grep -i error || true + - name: Wait for nginx to be ready. run: timeout 60 sh -c 'until curl -f curl -f http://localhost:8081 ; do sleep 2; done' From 08415d174aa6d9c7a561f68f5e96479d10e14d31 Mon Sep 17 00:00:00 2001 From: Wilmer Arambula Date: Thu, 10 Jul 2025 10:27:57 -0400 Subject: [PATCH 09/18] fix: Correct docker-compose command syntax for log checks in Apache and Nginx CI workflow. --- .github/workflows/docker.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 172771e..28fc204 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -38,7 +38,7 @@ jobs: - name: Check container logs for errors. run: | - docker logs $(docker-compose.yml ps -q yii2-apache) 2>&1 | grep -i error || true + docker logs $(docker-compose ps -q yii2-apache) 2>&1 | grep -i error || true - name: Wait for apache to be ready. run: timeout 60 sh -c 'until curl -f http://localhost:8080 ; do sleep 2; done' @@ -90,10 +90,10 @@ jobs: - name: Check container logs for errors. run: | - docker logs $(docker-compose.nginx.yml ps -q yii2-nginx) 2>&1 | grep -i error || true + docker logs $(docker-compose -f docker-compose.nginx.yml ps -q yii2-nginx) 2>&1 | grep -i error || true - name: Wait for nginx to be ready. - run: timeout 60 sh -c 'until curl -f curl -f http://localhost:8081 ; do sleep 2; done' + run: timeout 60 sh -c 'until curl -f http://localhost:8081 ; do sleep 2; done' - name: Test nginx container health. run: | From 063e4d6a3ad5c622cbeb092e81e70abc518ac3e8 Mon Sep 17 00:00:00 2001 From: Wilmer Arambula Date: Thu, 10 Jul 2025 11:01:29 -0400 Subject: [PATCH 10/18] feat: Update Docker CI workflow and configurations for Apache and Nginx, including Node.js installation and Codeception tests. --- .github/workflows/docker.yml | 143 ++++------------------------------- composer.lock | 12 +-- docker-compose.nginx.yml | 2 +- docker-compose.yml | 1 + docker/apache/Dockerfile | 13 +++- docker/nginx/Dockerfile | 15 +++- 6 files changed, 46 insertions(+), 140 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 28fc204..076bd36 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -5,156 +5,43 @@ on: paths: - 'docker/**' - 'docker-compose*.yml' - - '.github/workflows/docker-ci.yml' + - '.github/workflows/docker.yml' push: paths: - 'docker/**' - 'docker-compose*.yml' - - '.github/workflows/docker-ci.yml' + - '.github/workflows/docker.yml' jobs: test-apache: - name: Test Apache Image runs-on: ubuntu-latest steps: - name: Checkout. uses: actions/checkout@v4 - - name: Set up docker buildx. - uses: docker/setup-buildx-action@v3 + - name: Build and start Containers. + run: docker-compose build --no-cache && docker-compose up -d - - name: Install docker compose. - run: | - sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose - sudo chmod +x /usr/local/bin/docker-compose - docker-compose --version + - name: Update Vendor Packages. + run: docker exec yii2-apache composer update --prefer-dist -vvv - - name: Build apache image. - run: docker-compose build yii2-apache - - - name: Start apache container. - run: docker-compose up -d yii2-apache - - - name: Check container logs for errors. - run: | - docker logs $(docker-compose ps -q yii2-apache) 2>&1 | grep -i error || true - - - name: Wait for apache to be ready. - run: timeout 60 sh -c 'until curl -f http://localhost:8080 ; do sleep 2; done' - - - name: Test apache container health. - run: | - # Test that Apache is responding - curl -f http://localhost:8080 || echo "Apache not responding" - - # Check that supervisord is running all services - docker exec $(docker-compose ps -q yii2-apache) supervisorctl status - - # Check for any container errors - docker logs $(docker-compose ps -q yii2-apache) 2>&1 | grep -i error && exit 1 || true - - - name: Test PHP functionality. - run: | - # Test PHP is working - docker exec $(docker-compose ps -q yii2-apache) php -v - - # Test Yii2 application (if you have a test endpoint) - # curl -f http://localhost:8080/site/about || echo "Yii2 routes not working" - - - name: Stop apache container. - run: docker-compose down yii2-apache + - name: Run Codeception Tests + run: docker exec yii2-apache vendor/bin/codecept run +jobs: test-nginx: - name: Test Nginx Image - runs-on: ubuntu-latest - - steps: - - name: Checkout. - uses: actions/checkout@v4 - - - name: Set up docker buildx. - uses: docker/setup-buildx-action@v3 - - - name: Install docker compose. - run: | - sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose - sudo chmod +x /usr/local/bin/docker-compose - docker-compose --version - - - name: Build nginx image. - run: docker-compose -f docker-compose.nginx.yml build yii2-nginx - - - name: Start nginx container. - run: docker-compose -f docker-compose.nginx.yml up -d yii2-nginx - - - name: Check container logs for errors. - run: | - docker logs $(docker-compose -f docker-compose.nginx.yml ps -q yii2-nginx) 2>&1 | grep -i error || true - - - name: Wait for nginx to be ready. - run: timeout 60 sh -c 'until curl -f http://localhost:8081 ; do sleep 2; done' - - - name: Test nginx container health. - run: | - # Test that Nginx is responding - curl -f http://localhost:8081 || echo "Nginx not responding" - - # Check that supervisord is running all services - docker exec $(docker-compose -f docker-compose.nginx.yml ps -q yii2-nginx) supervisorctl status - - # Check for any container errors - docker logs $(docker-compose -f docker-compose.nginx.yml ps -q yii2-nginx) 2>&1 | grep -i error && exit 1 || true - - - name: Test PHP-FPM functionality. - run: | - # Test PHP-FPM is working - docker exec $(docker-compose -f docker-compose.nginx.yml ps -q yii2-nginx) php -v - - # Test that PHP-FPM is listening - docker exec $(docker-compose -f docker-compose.nginx.yml ps -q yii2-nginx) netstat -ln | grep :9000 - - - name: Stop Nginx container - run: docker-compose -f docker-compose.nginx.yml down yii2-nginx - - security-scan: - name: Security Scan runs-on: ubuntu-latest - needs: [test-apache, test-nginx] steps: - name: Checkout. uses: actions/checkout@v4 - - name: Build images for scanning. - run: | - docker-compose build - docker-compose -f docker-compose.nginx.yml build - - - name: Run trivy vulnerability scanner - apache. - uses: aquasecurity/trivy-action@master - with: - image-ref: 'yii2-apache:84' - format: 'sarif' - output: 'trivy-apache-results.sarif' - severity: 'CRITICAL,HIGH' - - - name: Run trivy vulnerability scanner - nginx. - uses: aquasecurity/trivy-action@master - with: - image-ref: 'yii2-nginx:84' - format: 'sarif' - output: 'trivy-nginx-results.sarif' - severity: 'CRITICAL,HIGH' + - name: Build and start Containers. + run: docker-compose -f docker-compose-nginx.yml build --no-cache && docker-compose -f docker-compose-nginx.yml up -d - - name: Upload trivy scan results to GitHub security tab. - uses: github/codeql-action/upload-sarif@v2 - if: always() - with: - sarif_file: 'trivy-apache-results.sarif' + - name: Update Vendor Packages. + run: docker exec yii2-nginx composer update --prefer-dist -vvv - - name: Upload trivy scan results to GitHub security tab. - uses: github/codeql-action/upload-sarif@v2 - if: always() - with: - sarif_file: 'trivy-nginx-results.sarif' + - name: Run Codeception Tests + run: docker exec yii2-nginx vendor/bin/codecept run diff --git a/composer.lock b/composer.lock index 8719093..93e003f 100644 --- a/composer.lock +++ b/composer.lock @@ -6493,16 +6493,16 @@ }, { "name": "rector/rector", - "version": "2.1.0", + "version": "2.1.1", "source": { "type": "git", "url": "https://github.com/rectorphp/rector.git", - "reference": "d513dea45a94394b660e15c155d1fa27826f8e30" + "reference": "d0917c069bb0d9bb06ed111cf052510f609015a4" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/rectorphp/rector/zipball/d513dea45a94394b660e15c155d1fa27826f8e30", - "reference": "d513dea45a94394b660e15c155d1fa27826f8e30", + "url": "https://api.github.com/repos/rectorphp/rector/zipball/d0917c069bb0d9bb06ed111cf052510f609015a4", + "reference": "d0917c069bb0d9bb06ed111cf052510f609015a4", "shasum": "" }, "require": { @@ -6541,7 +6541,7 @@ ], "support": { "issues": "https://github.com/rectorphp/rector/issues", - "source": "https://github.com/rectorphp/rector/tree/2.1.0" + "source": "https://github.com/rectorphp/rector/tree/2.1.1" }, "funding": [ { @@ -6549,7 +6549,7 @@ "type": "github" } ], - "time": "2025-06-24T20:26:57+00:00" + "time": "2025-07-10T11:31:31+00:00" }, { "name": "sebastian/cli-parser", diff --git a/docker-compose.nginx.yml b/docker-compose.nginx.yml index 42cae31..ca2708d 100644 --- a/docker-compose.nginx.yml +++ b/docker-compose.nginx.yml @@ -3,7 +3,7 @@ services: yii2-nginx: build: dockerfile: docker/nginx/Dockerfile - image: yii2-nginx:84 + container_name: yii2-nginx restart: always working_dir: /app volumes: diff --git a/docker-compose.yml b/docker-compose.yml index a2fc846..819629d 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -2,6 +2,7 @@ services: yii2-apache: build: dockerfile: docker/apache/Dockerfile + container_name: yii2-apache image: yii2-apache:84 restart: always working_dir: /app diff --git a/docker/apache/Dockerfile b/docker/apache/Dockerfile index 8f88cc3..3944a98 100644 --- a/docker/apache/Dockerfile +++ b/docker/apache/Dockerfile @@ -7,8 +7,17 @@ COPY docker/apache/vhost.conf /etc/apache2/sites-available/000-default.conf # change PHP config COPY docker/php/php.ini /usr/local/etc/php/conf.d/base.ini -# install supervisord -RUN apt-get update && apt-get install -y supervisor --no-install-recommends && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* +# install supervisord and Node.js (includes npm) +RUN apt-get update && apt-get install -y \ + supervisor \ + curl \ + --no-install-recommends \ + && curl -fsSL https://deb.nodesource.com/setup_lts.x | bash - \ + && apt-get install -y nodejs \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# copy supervisord config COPY docker/apache/supervisord/supervisord.conf /etc/supervisor/supervisord.conf # copy supervisord program configs diff --git a/docker/nginx/Dockerfile b/docker/nginx/Dockerfile index 11be84c..a64b306 100644 --- a/docker/nginx/Dockerfile +++ b/docker/nginx/Dockerfile @@ -7,9 +7,18 @@ COPY docker/nginx/default.conf /etc/nginx/conf.d/default.conf # change PHP config (same as Apache) COPY docker/php/php.ini /usr/local/etc/php/conf.d/base.ini -# install supervisord -RUN apt-get update && apt-get install -y supervisor --no-install-recommends && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* -COPY docker/nginx/supervisord/supervisord.conf /etc/supervisor/supervisord.conf +# install supervisord and Node.js (includes npm) +RUN apt-get update && apt-get install -y \ + supervisor \ + curl \ + --no-install-recommends \ + && curl -fsSL https://deb.nodesource.com/setup_lts.x | bash - \ + && apt-get install -y nodejs \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# copy supervisord config +COPY docker/apache/supervisord/supervisord.conf /etc/supervisor/supervisord.conf # copy supervisord program configs COPY docker/nginx/supervisord/conf.d/nginx.conf /etc/supervisor/conf.d/nginx.conf From 516a216d256b67bd36b50b4fb11e659db0f0adf6 Mon Sep 17 00:00:00 2001 From: Wilmer Arambula Date: Thu, 10 Jul 2025 11:03:36 -0400 Subject: [PATCH 11/18] fix: Remove redundant jobs declaration in Docker CI workflow for Apache. --- .github/workflows/docker.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 076bd36..d792049 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -29,7 +29,6 @@ jobs: - name: Run Codeception Tests run: docker exec yii2-apache vendor/bin/codecept run -jobs: test-nginx: runs-on: ubuntu-latest From 5e5848c7334d9ac53b64bc25f99aeca4c8355413 Mon Sep 17 00:00:00 2001 From: Wilmer Arambula Date: Thu, 10 Jul 2025 11:07:22 -0400 Subject: [PATCH 12/18] fix: Standardize step names and improve docker-compose installation in CI workflow. --- .github/workflows/docker.yml | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index d792049..8e10d46 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -20,13 +20,19 @@ jobs: - name: Checkout. uses: actions/checkout@v4 - - name: Build and start Containers. + - name: Install docker compose. + run: | + sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose + sudo chmod +x /usr/local/bin/docker-compose + docker-compose --version + + - name: Build and start containers. run: docker-compose build --no-cache && docker-compose up -d - - name: Update Vendor Packages. + - name: Update vendor packages. run: docker exec yii2-apache composer update --prefer-dist -vvv - - name: Run Codeception Tests + - name: Run codeception tests. run: docker exec yii2-apache vendor/bin/codecept run test-nginx: @@ -36,11 +42,17 @@ jobs: - name: Checkout. uses: actions/checkout@v4 - - name: Build and start Containers. + - name: Install docker Compose. + run: | + sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose + sudo chmod +x /usr/local/bin/docker-compose + docker-compose --version + + - name: Build and start containers. run: docker-compose -f docker-compose-nginx.yml build --no-cache && docker-compose -f docker-compose-nginx.yml up -d - - name: Update Vendor Packages. + - name: Update vendor packages. run: docker exec yii2-nginx composer update --prefer-dist -vvv - - name: Run Codeception Tests + - name: Run codeception tests. run: docker exec yii2-nginx vendor/bin/codecept run From b44c0f2fe04dc916772cc2508e2dec9283de78c6 Mon Sep 17 00:00:00 2001 From: Wilmer Arambula Date: Thu, 10 Jul 2025 11:07:55 -0400 Subject: [PATCH 13/18] fix: Update PHPDoc for $tester property and improve assertion for Yii2 module initialization in ContactControllerTest. --- tests/Unit/ContactControllerTest.php | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/tests/Unit/ContactControllerTest.php b/tests/Unit/ContactControllerTest.php index 21ed7ac..5b4daf1 100644 --- a/tests/Unit/ContactControllerTest.php +++ b/tests/Unit/ContactControllerTest.php @@ -15,7 +15,10 @@ final class ContactControllerTest extends Unit { - public mixed $tester = null; + /** + * @phpstan-var Yii2|null $tester + */ + public $tester = null; public function testEmailIsSentOnContact(): void { @@ -31,10 +34,8 @@ public function testEmailIsSentOnContact(): void ]; verify($controller->sendEmail($form))->notEmpty(); - assert( - $this->tester instanceof Yii2, - '\'Yii2\' module should be available in the tester', - ); + + self::assertNotNull($this->tester, 'Yii2 module is not initialized'); $this->tester->seeEmailIsSent(); $emailMessage = $this->tester->grabLastSentEmail(); From 13a536fdb21f2616ae1929b49054d06190dfb9ae Mon Sep 17 00:00:00 2001 From: Wilmer Arambula Date: Thu, 10 Jul 2025 11:10:25 -0400 Subject: [PATCH 14/18] fix: Update Docker CI workflow to run Codeception build and tests for nginx and correct docker-compose command. --- .github/workflows/docker.yml | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 8e10d46..fc586cc 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -32,8 +32,10 @@ jobs: - name: Update vendor packages. run: docker exec yii2-apache composer update --prefer-dist -vvv - - name: Run codeception tests. - run: docker exec yii2-apache vendor/bin/codecept run + - name: Run codeception build and tests. + run: | + docker exec yii2-nginx vendor/bin/codecept build + docker exec yii2-nginx vendor/bin/codecept run test-nginx: runs-on: ubuntu-latest @@ -49,10 +51,12 @@ jobs: docker-compose --version - name: Build and start containers. - run: docker-compose -f docker-compose-nginx.yml build --no-cache && docker-compose -f docker-compose-nginx.yml up -d + run: docker-compose -f docker-compose build --no-cache && docker-compose -f docker-compose-nginx.yml up -d - name: Update vendor packages. run: docker exec yii2-nginx composer update --prefer-dist -vvv - - name: Run codeception tests. - run: docker exec yii2-nginx vendor/bin/codecept run + - name: Run codeception build and tests. + run: | + docker exec yii2-nginx vendor/bin/codecept build + docker exec yii2-nginx vendor/bin/codecept run From 2c0baad53b072a25b71aef783882f94a28dd79cf Mon Sep 17 00:00:00 2001 From: Wilmer Arambula Date: Thu, 10 Jul 2025 11:15:22 -0400 Subject: [PATCH 15/18] fix: Refactor Codeception steps in Docker CI workflow for Apache and Nginx. --- .github/workflows/docker.yml | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index fc586cc..e98e11f 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -32,10 +32,11 @@ jobs: - name: Update vendor packages. run: docker exec yii2-apache composer update --prefer-dist -vvv - - name: Run codeception build and tests. - run: | - docker exec yii2-nginx vendor/bin/codecept build - docker exec yii2-nginx vendor/bin/codecept run + - name: Codeceptcion build. + run: docker exec yii2-apache vendor/bin/codecept build + + - name: Run codeception tests. + run: docker exec yii2-apache vendor/bin/codecept run test-nginx: runs-on: ubuntu-latest @@ -56,7 +57,8 @@ jobs: - name: Update vendor packages. run: docker exec yii2-nginx composer update --prefer-dist -vvv + - name: Codeception build. + run: docker exec yii2-nginx vendor/bin/codecept build + - name: Run codeception build and tests. - run: | - docker exec yii2-nginx vendor/bin/codecept build - docker exec yii2-nginx vendor/bin/codecept run + run: docker exec yii2-nginx vendor/bin/codecept run From c9720882ce9e0be7f657253e9d57050c5e38ee05 Mon Sep 17 00:00:00 2001 From: Wilmer Arambula Date: Thu, 10 Jul 2025 11:17:17 -0400 Subject: [PATCH 16/18] fix: Correct docker-compose command for nginx to improve container build process. --- .github/workflows/docker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index e98e11f..a760373 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -52,7 +52,7 @@ jobs: docker-compose --version - name: Build and start containers. - run: docker-compose -f docker-compose build --no-cache && docker-compose -f docker-compose-nginx.yml up -d + run: docker-compose build --no-cache && docker-compose -f docker-compose-nginx.yml up -d - name: Update vendor packages. run: docker exec yii2-nginx composer update --prefer-dist -vvv From 989bb6f8bcc12d1c6fc363040042b3adef1dfe1e Mon Sep 17 00:00:00 2001 From: Wilmer Arambula Date: Thu, 10 Jul 2025 11:21:33 -0400 Subject: [PATCH 17/18] fix: Update Dockerfile to correct supervisord config path and improve ContactControllerTest PHPDoc annotation. --- docker/nginx/Dockerfile | 2 +- tests/Unit/ContactControllerTest.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docker/nginx/Dockerfile b/docker/nginx/Dockerfile index a64b306..8d215ff 100644 --- a/docker/nginx/Dockerfile +++ b/docker/nginx/Dockerfile @@ -18,7 +18,7 @@ RUN apt-get update && apt-get install -y \ && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* # copy supervisord config -COPY docker/apache/supervisord/supervisord.conf /etc/supervisor/supervisord.conf +COPY docker/nginx/supervisord/supervisord.conf /etc/supervisor/supervisord.conf # copy supervisord program configs COPY docker/nginx/supervisord/conf.d/nginx.conf /etc/supervisor/conf.d/nginx.conf diff --git a/tests/Unit/ContactControllerTest.php b/tests/Unit/ContactControllerTest.php index 5b4daf1..89670c5 100644 --- a/tests/Unit/ContactControllerTest.php +++ b/tests/Unit/ContactControllerTest.php @@ -16,7 +16,7 @@ final class ContactControllerTest extends Unit { /** - * @phpstan-var Yii2|null $tester + * @phpstan-var Yii2|null */ public $tester = null; From f5b000dc289494aa4a9bd2eb9248ac5de7ee4da3 Mon Sep 17 00:00:00 2001 From: Wilmer Arambula Date: Thu, 10 Jul 2025 11:24:39 -0400 Subject: [PATCH 18/18] fix: Correct docker-compose filename in Nginx CI workflow for consistency. --- .github/workflows/docker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index a760373..9f856a0 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -52,7 +52,7 @@ jobs: docker-compose --version - name: Build and start containers. - run: docker-compose build --no-cache && docker-compose -f docker-compose-nginx.yml up -d + run: docker-compose -f docker-compose.nginx.yml build --no-cache && docker-compose -f docker-compose.nginx.yml up -d - name: Update vendor packages. run: docker exec yii2-nginx composer update --prefer-dist -vvv