diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml new file mode 100644 index 00000000..8f644234 --- /dev/null +++ b/.github/FUNDING.yml @@ -0,0 +1 @@ +patreon: richarvey diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 00000000..66f8c527 --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,32 @@ +image: docker:latest +services: + - docker:dind + +stages: + - build_latest + - build_tags + +before_script: + - echo Logging in to $CI_REGISTRY... + - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" + - docker info | grep Registry + +build_latest: + stage: build_latest + script: + - echo Build started on `date` for $CI_COMMIT_REF_NAME + - docker build -t richarvey/nginx-php-fpm:latest . + - docker images + - docker push "$CI_REGISTRY_IMAGE":latest + only: + - master + +build_tags: + stage: build_tags + script: + - echo Build started on `date` for $CI_COMMIT_REF_NAME + - docker build -t richarvey/nginx-php-fpm:"$CI_COMMIT_REF_NAME" . + - docker images + - docker push "$CI_REGISTRY_IMAGE":"$CI_COMMIT_REF_NAME" + only: + - tags diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index a8fc0523..00000000 --- a/.travis.yml +++ /dev/null @@ -1,22 +0,0 @@ -language: python -python: - - 2.7 - -services: - - docker - -install: - - docker build -t php . - - docker run -d -p 127.0.0.1:80:80 --name nginx-php-fpm php - -before_script: - - pip install -r .travis/requirements.txt - -script: - - docker ps - - sleep 5 - - curl -I 127.0.0.1:80 - - python .travis/tests.py - -notifications: - slack: ngineered:EIKJFrzibOe0TwUhLXNe8Q2Q diff --git a/.travis/requirements.txt b/.travis/requirements.txt deleted file mode 100644 index f2293605..00000000 --- a/.travis/requirements.txt +++ /dev/null @@ -1 +0,0 @@ -requests diff --git a/.travis/tests.py b/.travis/tests.py deleted file mode 100644 index 8f494e7c..00000000 --- a/.travis/tests.py +++ /dev/null @@ -1,22 +0,0 @@ -''' test runner ''' - -import unittest -import sys - -def run_functional_tests(): - ''' Execute Functional Tests ''' - tests = unittest.TestLoader().discover('.travis/tests/functional') - result = unittest.TextTestRunner(verbosity=2).run(tests) - return result.wasSuccessful() - -if __name__ == '__main__': - - print "#" * 70 - print "Test Runner: Functional tests" - print "#" * 70 - functional_results = run_functional_tests() - - if functional_results: - sys.exit(0) - else: - sys.exit(1) diff --git a/.travis/tests/functional/test_content.py b/.travis/tests/functional/test_content.py deleted file mode 100644 index 769f491f..00000000 --- a/.travis/tests/functional/test_content.py +++ /dev/null @@ -1,62 +0,0 @@ -''' Crawl site and validate every page renders somewhat correctly ''' -import unittest -import re -import requests - -class ContentTest(unittest.TestCase): - ''' Run a functional test to validate content being served ''' - - def setUp(self): - ''' Create some starter data to be used in tests ''' - self.domain = "http://127.0.0.1" - self.search_string = "Version" - - def tearDown(self): - ''' Destroy starter data ''' - self.domain = None - self.search_string = "None" - - def request_recurse(self, url, requested=None): - ''' recursively request each page checking the return code and urls ''' - counts = { - 'pass' : 0, - 'fail' : 0, - } - if requested is None: - requested = [] - if url in requested: - return counts, requested - else: - requested.append(url) - url = self.domain + url - results = requests.get(url, allow_redirects=True, verify=False) - if self.search_string in results.text: - counts['pass'] = counts['pass'] + 1 - else: - counts['fail'] = counts['fail'] + 1 - urls = re.findall( - 'href="/(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+', - results.text - ) - for url in urls: - url = url.lstrip('href="') - if "/static/" not in url: - if "//" not in url: - results, requested = self.request_recurse(url, requested=requested) - # Add counts for status codes - for key in results.keys(): - if key in counts: - counts[key] = counts[key] + results[key] - else: - counts[key] = results[key] - return counts, requested - -class CrawlSite(ContentTest): - ''' Verify no broken links are present within blog ''' - def runTest(self): - ''' Execute recursive request ''' - results, requested_pages = self.request_recurse("/") - self.assertFalse( - results['fail'] > 0, - "Found {0} pages that did not return keyword".format(results['fail']) - ) diff --git a/Dockerfile b/Dockerfile index dbc18db8..f3bbcd0f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM php:7.1.12-fpm-alpine +FROM php:7.4.5-fpm-alpine3.11 LABEL maintainer="Ric Harvey " @@ -6,15 +6,16 @@ ENV php_conf /usr/local/etc/php-fpm.conf ENV fpm_conf /usr/local/etc/php-fpm.d/www.conf ENV php_vars /usr/local/etc/php/conf.d/docker-vars.ini -ENV NGINX_VERSION 1.13.7 -ENV LUA_MODULE_VERSION 0.10.11 +ENV NGINX_VERSION 1.16.1 +ENV LUA_MODULE_VERSION 0.10.14 ENV DEVEL_KIT_MODULE_VERSION 0.3.0 +ENV GEOIP2_MODULE_VERSION 3.2 ENV LUAJIT_LIB=/usr/lib -ENV LUAJIT_INC=/usr/include/luajit-2.0 +ENV LUAJIT_INC=/usr/include/luajit-2.1 # resolves #166 ENV LD_PRELOAD /usr/lib/preloadable_libiconv.so php -RUN apk add --no-cache --repository http://dl-3.alpinelinux.org/alpine/edge/testing gnu-libiconv +RUN apk add --no-cache --repository http://dl-3.alpinelinux.org/alpine/edge/community gnu-libiconv RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && CONFIG="\ @@ -48,14 +49,14 @@ RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ --with-http_auth_request_module \ --with-http_xslt_module=dynamic \ --with-http_image_filter_module=dynamic \ - --with-http_geoip_module=dynamic \ +# --with-http_geoip_module=dynamic \ --with-http_perl_module=dynamic \ --with-threads \ --with-stream \ --with-stream_ssl_module \ --with-stream_ssl_preread_module \ --with-stream_realip_module \ - --with-stream_geoip_module=dynamic \ +# --with-stream_geoip_module=dynamic \ --with-http_slice_module \ --with-mail \ --with-mail_ssl_module \ @@ -64,6 +65,7 @@ RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ --with-http_v2_module \ --add-module=/usr/src/ngx_devel_kit-$DEVEL_KIT_MODULE_VERSION \ --add-module=/usr/src/lua-nginx-module-$LUA_MODULE_VERSION \ +# --add-module=/usr/src/ngx_http_geoip2_module-$GEOIP2_MODULE_VERSION \ " \ && addgroup -S nginx \ && adduser -D -S -h /var/cache/nginx -s /sbin/nologin -G nginx nginx \ @@ -72,7 +74,7 @@ RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ gcc \ libc-dev \ make \ - openssl-dev \ + libressl-dev \ pcre-dev \ zlib-dev \ linux-headers \ @@ -80,13 +82,15 @@ RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ gnupg \ libxslt-dev \ gd-dev \ - geoip-dev \ + # geoip-dev \ + libmaxminddb-dev \ perl-dev \ luajit-dev \ && curl -fSL http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \ && curl -fSL http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc -o nginx.tar.gz.asc \ && curl -fSL https://github.com/simpl/ngx_devel_kit/archive/v$DEVEL_KIT_MODULE_VERSION.tar.gz -o ndk.tar.gz \ && curl -fSL https://github.com/openresty/lua-nginx-module/archive/v$LUA_MODULE_VERSION.tar.gz -o lua.tar.gz \ +# && curl -fSL https://github.com/leev/ngx_http_geoip2_module/archive/$GEOIP2_MODULE_VERSION.tar.gz -o ngx_http_geoip2_module.tar.gz \ && export GNUPGHOME="$(mktemp -d)" \ && found=''; \ for server in \ @@ -100,21 +104,22 @@ RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ done; \ test -z "$found" && echo >&2 "error: failed to fetch GPG key $GPG_KEYS" && exit 1; \ gpg --batch --verify nginx.tar.gz.asc nginx.tar.gz \ - && rm -r "$GNUPGHOME" nginx.tar.gz.asc \ + #&& rm -r "$GNUPGHOME" nginx.tar.gz.asc \ && mkdir -p /usr/src \ && tar -zxC /usr/src -f nginx.tar.gz \ && tar -zxC /usr/src -f ndk.tar.gz \ && tar -zxC /usr/src -f lua.tar.gz \ - && rm nginx.tar.gz ndk.tar.gz lua.tar.gz \ +# && tar -zxC /usr/src -f ngx_http_geoip2_module.tar.gz \ +# && rm nginx.tar.gz ndk.tar.gz lua.tar.gz ngx_http_geoip2_module.tar.gz \ && cd /usr/src/nginx-$NGINX_VERSION \ && ./configure $CONFIG --with-debug \ && make -j$(getconf _NPROCESSORS_ONLN) \ && mv objs/nginx objs/nginx-debug \ && mv objs/ngx_http_xslt_filter_module.so objs/ngx_http_xslt_filter_module-debug.so \ && mv objs/ngx_http_image_filter_module.so objs/ngx_http_image_filter_module-debug.so \ - && mv objs/ngx_http_geoip_module.so objs/ngx_http_geoip_module-debug.so \ +# && mv objs/ngx_http_geoip_module.so objs/ngx_http_geoip_module-debug.so \ && mv objs/ngx_http_perl_module.so objs/ngx_http_perl_module-debug.so \ - && mv objs/ngx_stream_geoip_module.so objs/ngx_stream_geoip_module-debug.so \ +# && mv objs/ngx_stream_geoip_module.so objs/ngx_stream_geoip_module-debug.so \ && ./configure $CONFIG \ && make -j$(getconf _NPROCESSORS_ONLN) \ && make install \ @@ -126,13 +131,14 @@ RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && install -m755 objs/nginx-debug /usr/sbin/nginx-debug \ && install -m755 objs/ngx_http_xslt_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_xslt_filter_module-debug.so \ && install -m755 objs/ngx_http_image_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_image_filter_module-debug.so \ - && install -m755 objs/ngx_http_geoip_module-debug.so /usr/lib/nginx/modules/ngx_http_geoip_module-debug.so \ +# && install -m755 objs/ngx_http_geoip_module-debug.so /usr/lib/nginx/modules/ngx_http_geoip_module-debug.so \ && install -m755 objs/ngx_http_perl_module-debug.so /usr/lib/nginx/modules/ngx_http_perl_module-debug.so \ - && install -m755 objs/ngx_stream_geoip_module-debug.so /usr/lib/nginx/modules/ngx_stream_geoip_module-debug.so \ +# && install -m755 objs/ngx_stream_geoip_module-debug.so /usr/lib/nginx/modules/ngx_stream_geoip_module-debug.so \ && ln -s ../../usr/lib/nginx/modules /etc/nginx/modules \ && strip /usr/sbin/nginx* \ && strip /usr/lib/nginx/modules/*.so \ && rm -rf /usr/src/nginx-$NGINX_VERSION \ +# && rm -rf /usr/src/ngx_http_geoip2_module-$GEOIP2_MODULE_VERSION \ \ # Bring in gettext so we can get `envsubst`, then throw # the rest away. To do this, we need to install `gettext` @@ -158,21 +164,24 @@ RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && ln -sf /dev/stderr /var/log/nginx/error.log RUN echo @testing http://nl.alpinelinux.org/alpine/edge/testing >> /etc/apk/repositories && \ -# sed -i -e "s/v3.4/edge/" /etc/apk/repositories && \ echo /etc/apk/respositories && \ - apk update && \ - apk add --no-cache bash \ + apk update && apk upgrade &&\ + apk add --no-cache \ + bash \ openssh-client \ wget \ supervisor \ curl \ libcurl \ + libzip-dev \ + bzip2-dev \ + imap-dev \ + openssl-dev \ git \ - python \ - python-dev \ - py-pip \ + python3 \ + python3-dev \ augeas-dev \ - openssl-dev \ + libressl-dev \ ca-certificates \ dialog \ autoconf \ @@ -188,29 +197,30 @@ RUN echo @testing http://nl.alpinelinux.org/alpine/edge/testing >> /etc/apk/repo libffi-dev \ freetype-dev \ sqlite-dev \ - libjpeg-turbo-dev && \ + libjpeg-turbo-dev \ + postgresql-dev && \ docker-php-ext-configure gd \ - --with-gd \ - --with-freetype-dir=/usr/include/ \ - --with-png-dir=/usr/include/ \ - --with-jpeg-dir=/usr/include/ && \ + --with-freetype \ + --with-jpeg && \ #curl iconv session - docker-php-ext-install pdo_mysql pdo_sqlite mysqli mcrypt gd exif intl xsl json soap dom zip opcache && \ - pecl install xdebug && \ + #docker-php-ext-install pdo_mysql pdo_sqlite mysqli mcrypt gd exif intl xsl json soap dom zip opcache && \ + docker-php-ext-install iconv pdo_mysql pdo_sqlite pgsql pdo_pgsql mysqli gd exif intl xsl json soap dom zip opcache && \ + pecl install xdebug-2.9.2 && \ + pecl install -o -f redis && \ + echo "extension=redis.so" > /usr/local/etc/php/conf.d/redis.ini && \ docker-php-source delete && \ mkdir -p /etc/nginx && \ mkdir -p /var/www/app && \ mkdir -p /run/nginx && \ mkdir -p /var/log/supervisor && \ - EXPECTED_COMPOSER_SIGNATURE=$(wget -q -O - https://composer.github.io/installer.sig) && \ php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" && \ - php -r "if (hash_file('SHA384', 'composer-setup.php') === '${EXPECTED_COMPOSER_SIGNATURE}') { echo 'Composer.phar Installer verified'; } else { echo 'Composer.phar Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;" && \ - php composer-setup.php --install-dir=/usr/bin --filename=composer && \ - php -r "unlink('composer-setup.php');" && \ - pip install -U pip && \ - pip install -U certbot && \ + php composer-setup.php --quiet --install-dir=/usr/bin --filename=composer && \ + rm composer-setup.php && \ + pip3 install -U pip && \ + pip3 install -U certbot && \ mkdir -p /etc/letsencrypt/webrootauth && \ - apk del gcc musl-dev linux-headers libffi-dev augeas-dev python-dev make autoconf + apk del gcc musl-dev linux-headers libffi-dev augeas-dev python3-dev make autoconf +# apk del .sys-deps # ln -s /usr/bin/php7 /usr/bin/php ADD conf/supervisord.conf /etc/supervisord.conf @@ -229,6 +239,13 @@ ADD conf/nginx-site.conf /etc/nginx/sites-available/default.conf ADD conf/nginx-site-ssl.conf /etc/nginx/sites-available/default-ssl.conf RUN ln -s /etc/nginx/sites-available/default.conf /etc/nginx/sites-enabled/default.conf +## disabled due to license changes (to fix in next release) +# Add GeoLite2 databases (https://dev.maxmind.com/geoip/geoip2/geolite2/) +#RUN curl -fSL http://geolite.maxmind.com/download/geoip/database/GeoLite2-City.mmdb.gz -o /etc/nginx/GeoLite2-City.mmdb.gz \ +# && curl -fSL http://geolite.maxmind.com/download/geoip/database/GeoLite2-Country.mmdb.gz -o /etc/nginx/GeoLite2-Country.mmdb.gz \ +# && gunzip /etc/nginx/GeoLite2-City.mmdb.gz \ +# && gunzip /etc/nginx/GeoLite2-Country.mmdb.gz + # tweak php-fpm config RUN echo "cgi.fix_pathinfo=0" > ${php_vars} &&\ echo "upload_max_filesize = 100M" >> ${php_vars} &&\ @@ -269,4 +286,5 @@ ADD errors/ /var/www/errors EXPOSE 443 80 +WORKDIR "/var/www/html" CMD ["/start.sh"] diff --git a/README.md b/README.md index 9659cad6..f35accc0 100644 --- a/README.md +++ b/README.md @@ -1,20 +1,23 @@ +![pipeline status](https://gitlab.com/ric_harvey/nginx-php-fpm/badges/master/pipeline.svg) ![docker hub](https://img.shields.io/docker/pulls/richarvey/nginx-php-fpm.svg?style=flat-square) ![docker hub](https://img.shields.io/docker/stars/richarvey/nginx-php-fpm.svg?style=flat-square) +## Please open pull requests and issues on [https://gitlab.com/ric_harvey/nginx-php-fpm](https://gitlab.com/ric_harvey/nginx-php-fpm) + ## Overview This is a Dockerfile/image to build a container for nginx and php-fpm, with the ability to pull website code from git when the container is created, as well as allowing the container to push and pull changes to the code to and from git. The container also has the ability to update templated files with variables passed to docker in order to update your code and settings. There is support for lets encrypt SSL configurations, custom nginx configs, core nginx/PHP variable overrides for running preferences, X-Forwarded-For headers and UID mapping for local volume support. If you have improvements or suggestions please open an issue or pull request on the GitHub project page. ### Versioning -| Docker Tag | GitHub Release | Nginx Version | PHP Version | Alpine Version | +| Docker Tag | Git Release | Nginx Version | PHP Version | Alpine Version | |-----|-------|-----|--------|--------| -| latest | Master Branch |1.13.7 | 7.1.12 | 3.4 | +| latest/1.9.1 | Master Branch |1.16.1 | 7.4.5 | 3.11 | -For other tags please see: [versioning](https://github.com/richarvey/nginx-php-fpm/blob/master/docs/versioning.md) +For other tags please see: [versioning](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/versioning.md) ### Links -- [https://github.com/richarvey/nginx-php-fpm](https://github.com/richarvey/nginx-php-fpm) +- [https://gitlab.com/ric_harvey/nginx-php-fpm](https://gitlab.com/ric_harvey/nginx-php-fpm) - [https://registry.hub.docker.com/u/richarvey/nginx-php-fpm/](https://registry.hub.docker.com/u/richarvey/nginx-php-fpm/) ## Quick Start @@ -37,29 +40,29 @@ You can then browse to ```http://``` to view the default install fi For more detailed examples and explanations please refer to the documentation. ## Documentation -- [Building from source](https://github.com/richarvey/nginx-php-fpm/blob/master/docs/building.md) -- [Versioning](https://github.com/richarvey/nginx-php-fpm/blob/master/docs/versioning.md) -- [Config Flags](https://github.com/richarvey/nginx-php-fpm/blob/master/docs/config_flags.md) -- [Git Auth](https://github.com/richarvey/nginx-php-fpm/blob/master/docs/git_auth.md) - - [Personal Access token](https://github.com/richarvey/nginx-php-fpm/blob/master/docs/git_auth.md#personal-access-token) - - [SSH Keys](https://github.com/richarvey/nginx-php-fpm/blob/master/docs/git_auth.md#ssh-keys) -- [Git Commands](https://github.com/richarvey/nginx-php-fpm/blob/master/docs/git_commands.md) - - [Push](https://github.com/richarvey/nginx-php-fpm/blob/master/docs/git_commands.md#push-code-to-git) - - [Pull](https://github.com/richarvey/nginx-php-fpm/blob/master/docs/git_commands.md#pull-code-from-git-refresh) -- [Repository layout / webroot](https://github.com/richarvey/nginx-php-fpm/blob/master/docs/repo_layout.md) - - [webroot](https://github.com/richarvey/nginx-php-fpm/blob/master/docs/repo_layout.md#src--webroot) -- [User / Group Identifiers](https://github.com/richarvey/nginx-php-fpm/blob/master/docs/UID_GID_Mapping.md) -- [Custom Nginx Config files](https://github.com/richarvey/nginx-php-fpm/blob/master/docs/nginx_configs.md) - - [REAL IP / X-Forwarded-For Headers](https://github.com/richarvey/nginx-php-fpm/blob/master/docs/nginx_configs.md#real-ip--x-forwarded-for-headers) -- [Scripting and Templating](https://github.com/richarvey/nginx-php-fpm/blob/master/docs/scripting_templating.md) - - [Environment Variables](https://github.com/richarvey/nginx-php-fpm/blob/master/docs/scripting_templating.md#using-environment-variables--templating) -- [Lets Encrypt Support](https://github.com/richarvey/nginx-php-fpm/blob/master/docs/lets_encrypt.md) - - [Setup](https://github.com/richarvey/nginx-php-fpm/blob/master/docs/lets_encrypt.md#setup) - - [Renewal](https://github.com/richarvey/nginx-php-fpm/blob/master/docs/lets_encrypt.md#renewal) -- [PHP Modules](https://github.com/richarvey/nginx-php-fpm/blob/master/docs/php_modules.md) -- [Xdebug](https://github.com/richarvey/nginx-php-fpm/blob/master/docs/xdebug.md) -- [Logging and Errors](https://github.com/richarvey/nginx-php-fpm/blob/master/docs/logs.md) +- [Building from source](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/building.md) +- [Versioning](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/versioning.md) +- [Config Flags](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/config_flags.md) +- [Git Auth](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/git_auth.md) + - [Personal Access token](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/git_auth.md#personal-access-token) + - [SSH Keys](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/git_auth.md#ssh-keys) +- [Git Commands](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/git_commands.md) + - [Push](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/git_commands.md#push-code-to-git) + - [Pull](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/git_commands.md#pull-code-from-git-refresh) +- [Repository layout / webroot](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/repo_layout.md) + - [webroot](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/repo_layout.md#src--webroot) +- [User / Group Identifiers](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/UID_GID_Mapping.md) +- [Custom Nginx Config files](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/nginx_configs.md) + - [REAL IP / X-Forwarded-For Headers](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/nginx_configs.md#real-ip--x-forwarded-for-headers) +- [Scripting and Templating](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/scripting_templating.md) + - [Environment Variables](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/scripting_templating.md#using-environment-variables--templating) +- [Lets Encrypt Support](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/lets_encrypt.md) + - [Setup](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/lets_encrypt.md#setup) + - [Renewal](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/lets_encrypt.md#renewal) +- [PHP Modules](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/php_modules.md) +- [Xdebug](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/xdebug.md) +- [Logging and Errors](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/logs.md) ## Guides -- [Running in Kubernetes](https://github.com/richarvey/nginx-php-fpm/blob/master/docs/guides/kubernetes.md) -- [Using Docker Compose](https://github.com/richarvey/nginx-php-fpm/blob/master/docs/guides/docker_compose.md) +- [Running in Kubernetes](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/guides/kubernetes.md) +- [Using Docker Compose](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/guides/docker_compose.md) diff --git a/TODO.md b/TODO.md deleted file mode 100644 index 2f5e0e36..00000000 --- a/TODO.md +++ /dev/null @@ -1,5 +0,0 @@ -## To Do List - -- Docker swarm guide -- AWS ECS guide -- Kubernetes guide diff --git a/conf/nginx-site-ssl.conf b/conf/nginx-site-ssl.conf index 5a460b69..0c2e0887 100644 --- a/conf/nginx-site-ssl.conf +++ b/conf/nginx-site-ssl.conf @@ -1,6 +1,6 @@ server { - listen 443 ssl; - listen [::]:443 ssl ipv6only=on; ## listen for ipv6 + listen 443 ssl http2; + listen [::]:443 ssl http2 ipv6only=on; ## listen for ipv6 root /var/www/html; index index.php index.html index.htm; @@ -26,6 +26,12 @@ server { #real_ip_header X-Forwarded-For; #set_real_ip_from 172.16.0.0/12; + # block access to sensitive information about git + location /.git { + deny all; + return 403; + } + location / { # First attempt to serve request as file, then # as directory, then fall back to index.html @@ -57,6 +63,16 @@ server { fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param SCRIPT_NAME $fastcgi_script_name; fastcgi_index index.php; +# fastcgi_param GEOIP2_LONGITUDE $geoip2_data_longitude; +# fastcgi_param GEOIP2_LATITUDE $geoip2_data_latitude; +# fastcgi_param GEOIP2_CONTINENT_CODE $geoip2_data_continent_code; +# fastcgi_param GEOIP2_CONTINENT_NAME $geoip2_data_continent_name; +# fastcgi_param GEOIP2_COUNTRY_CODE $geoip2_data_country_code; +# fastcgi_param GEOIP2_COUNTRY_NAME $geoip2_data_country_name; +# fastcgi_param GEOIP2_STATE_CODE $geoip2_data_state_code; +# fastcgi_param GEOIP2_STATE_NAME $geoip2_data_state_name; +# fastcgi_param GEOIP2_CITY_NAME $geoip2_data_city_name; +# fastcgi_param GEOIP2_POSTAL_CODE $geoip2_data_postal_code; include fastcgi_params; } diff --git a/conf/nginx-site.conf b/conf/nginx-site.conf index 31a967b2..0b75de87 100644 --- a/conf/nginx-site.conf +++ b/conf/nginx-site.conf @@ -19,6 +19,12 @@ server { #real_ip_header X-Forwarded-For; #set_real_ip_from 172.16.0.0/12; + # block access to sensitive information about git + location /.git { + deny all; + return 403; + } + location / { # First attempt to serve request as file, then # as directory, then fall back to index.html @@ -31,13 +37,16 @@ server { internal; } - location ^~ /ngd-style.css { - alias /var/www/errors/style.css; + location ^~ /sad.svg { + alias /var/www/errors/sad.svg; access_log off; } - - location ^~ /ngd-sad.svg { - alias /var/www/errors/sad.svg; + location ^~ /twitter.svg { + alias /var/www/errors/twitter.svg; + access_log off; + } + location ^~ /gitlab.svg { + alias /var/www/errors/gitlab.svg; access_log off; } @@ -50,6 +59,16 @@ server { fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param SCRIPT_NAME $fastcgi_script_name; fastcgi_index index.php; +# fastcgi_param GEOIP2_LONGITUDE $geoip2_data_longitude; +# fastcgi_param GEOIP2_LATITUDE $geoip2_data_latitude; +# fastcgi_param GEOIP2_CONTINENT_CODE $geoip2_data_continent_code; +# fastcgi_param GEOIP2_CONTINENT_NAME $geoip2_data_continent_name; +# fastcgi_param GEOIP2_COUNTRY_CODE $geoip2_data_country_code; +# fastcgi_param GEOIP2_COUNTRY_NAME $geoip2_data_country_name; +# fastcgi_param GEOIP2_STATE_CODE $geoip2_data_state_code; +# fastcgi_param GEOIP2_STATE_NAME $geoip2_data_state_name; +# fastcgi_param GEOIP2_CITY_NAME $geoip2_data_city_name; +# fastcgi_param GEOIP2_POSTAL_CODE $geoip2_data_postal_code; include fastcgi_params; } diff --git a/conf/nginx.conf b/conf/nginx.conf index bcda82ad..19f1b456 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -33,6 +33,39 @@ http { server_tokens off; #gzip on; +# Disabled due to license +# geoip2 /etc/nginx/GeoLite2-Country.mmdb { +# auto_reload 1h; +# +# $geoip2_metadata_country_build metadata build_epoch; +# +# # populate the country +# $geoip2_data_country_code source=$remote_addr country iso_code; +# $geoip2_data_country_name source=$remote_addr country names en; +# +# # populate the continent +# $geoip2_data_continent_code source=$remote_addr continent code; +# $geoip2_data_continent_name source=$remote_addr continent names en; +# } +# +# geoip2 /etc/nginx/GeoLite2-City.mmdb { +# auto_reload 1h; +# +# # City name itself +# $geoip2_data_city_name source=$remote_addr city names en; +# +# # Postal code will be an approximation, probably the first one in the list that covers an area +# $geoip2_data_postal_code source=$remote_addr postal code; +# +# # State in code and long form +# $geoip2_data_state_code source=$remote_addr subdivisions 0 iso_code; +# $geoip2_data_state_name source=$remote_addr subdivisions 0 names en; +# +# # Lat and Lng +# $geoip2_data_latitude source=$remote_addr location latitude; +# $geoip2_data_longitude source=$remote_addr location longitude; +# } + include /etc/nginx/sites-enabled/*; } #daemon off; diff --git a/conf/supervisord.conf b/conf/supervisord.conf index d4c1da68..889087ee 100644 --- a/conf/supervisord.conf +++ b/conf/supervisord.conf @@ -22,14 +22,17 @@ supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface serverurl=unix:///dev/shm/supervisor.sock ; use a unix:// URL for a unix socket [program:php-fpm] -command = /usr/local/sbin/php-fpm --nodaemonize --fpm-config /usr/local/etc/php-fpm.d/www.conf +command = /usr/local/sbin/php-fpm --force-stderr --nodaemonize --fpm-config /usr/local/etc/php-fpm.d/www.conf autostart=true autorestart=true priority=5 +stdout_events_enabled=true +stderr_events_enabled=true stdout_logfile=/dev/stdout stdout_logfile_maxbytes=0 stderr_logfile=/dev/stderr stderr_logfile_maxbytes=0 +stopsignal=QUIT [program:nginx] command=/usr/sbin/nginx -g "daemon off; error_log /dev/stderr info;" @@ -42,6 +45,7 @@ stdout_logfile=/dev/stdout stdout_logfile_maxbytes=0 stderr_logfile=/dev/stderr stderr_logfile_maxbytes=0 +stopsignal=QUIT [include] files = /etc/supervisor/conf.d/*.conf diff --git a/docs/config_flags.md b/docs/config_flags.md index a8d62efd..52b0cfb9 100644 --- a/docs/config_flags.md +++ b/docs/config_flags.md @@ -7,6 +7,8 @@ The following flags are a list of all the currently supported options that can b |--------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | GIT_REPO | URL to the repository containing your source code. If you are using a personal token, this is the https URL without `https://` (e.g `github.com/project/`). For ssh prepend with `git@` (e.g `git@github.com/project.git`) | | GIT_BRANCH | Select a specific branch (optional) | +| GIT_TAG | Specify a specific git tag (optional) | +| GIT_COMMIT | Specify a specific git commit (optional) | | GIT_EMAIL | Set your email for code pushing (required for git to work) | | GIT_NAME | Set your name for code pushing (required for git to work) | | GIT_USE_SSH | Set this to 1 if you want to use git over SSH (instead of HTTP), useful if you want to use Bitbucket instead of GitHub | @@ -21,6 +23,7 @@ The following flags are a list of all the currently supported options that can b | WEBROOT | Change the default webroot directory from `/var/www/html` to your own setting | | ERRORS | Set to 1 to display PHP Errors in the browser | | HIDE_NGINX_HEADERS | Disable by setting to 0, default behaviour is to hide nginx + php version in headers | +| PHP_CATCHALL | Enable a 404 catch all to `index.php` -- changes `=404` on `try_files` to `/index.php?$args` | | PHP_MEM_LIMIT | Set higher PHP memory limit, default is 128 Mb | | PHP_POST_MAX_SIZE | Set a larger post_max_size, default is 100 Mb | | PHP_UPLOAD_MAX_FILESIZE | Set a larger upload_max_filesize, default is 100 Mb | diff --git a/docs/guides/docker_compose.md b/docs/guides/docker_compose.md index 8e769ac4..6a9e68be 100644 --- a/docs/guides/docker_compose.md +++ b/docs/guides/docker_compose.md @@ -15,7 +15,7 @@ services: restart: always environment: SSH_KEY: '' - GIT_REPO: 'git@github.com://.git' GIT_EMAIL: 'void@ngd.io' GIT_NAME: '' ``` diff --git a/docs/guides/kubernetes.md b/docs/guides/kubernetes.md index 499cfc58..122b61b4 100644 --- a/docs/guides/kubernetes.md +++ b/docs/guides/kubernetes.md @@ -81,7 +81,7 @@ kind: Service metadata: namespace: example name: example-app - spec: +spec: type: ClusterIP ports: - protocol: TCP diff --git a/docs/php_modules.md b/docs/php_modules.md index 843d6b69..976ac082 100644 --- a/docs/php_modules.md +++ b/docs/php_modules.md @@ -14,3 +14,21 @@ supervisorctl restart php-fpm ``` We may include a env var to do this in the future. + +## Extensions already installed +The following are already installed and ready to use: + +| `docker-php-ext-`name | Description +|----|----| +| curl | cURL: command line tool and library for transferring data with URLs +| dom | **DOM**-manipulation library +| gd | **GD**: Image creation and manipulation library +| intl | **Internationalization** (i18n) function library +| mysqli | **MySQL Improved**: Procedural-style library for connecting to and using a MySQL database +| opcache | **OPcache**: Improves PHP performace by storing precompiled script bytecode in shared memory +| pdo | **PDO**: PHP Database Object; Object-oriented library for connecting to various databases. +| pdo_mysql | **MySQL Driver** for PDO +| pdo_sqlite | **SQLite Driver** for PDO +| soap | **SOAP**: **S**imple **O**bject **A**ccess **P**rotocol library +| xsl | **XSL**: e**X**stensible **S**tyling **L**anguage library +| zip | **ZIP**: Transparently read and write ZIP compressed archives diff --git a/docs/scripting_templating.md b/docs/scripting_templating.md index 5eefc29a..02ab7153 100644 --- a/docs/scripting_templating.md +++ b/docs/scripting_templating.md @@ -1,5 +1,5 @@ ## Scripting -There is often an occasion where you need to run a script on code to do a transformation once code lands in the container. For this reason we have developed scripting support. By including a scripts folder in your git repository and passing the __RUN_SCRIPTS=1__ flag to your command line the container will execute your scripts. Please see the [repo layout guidelines](https://github.com/ngineered/nginx-php-fpm/blob/master/docs/repo_layout.md) for more details on how to organise this. +There is often an occasion where you need to run a script on code to do a transformation once code lands in the container. For this reason we have developed scripting support. By including a scripts folder in your git repository and passing the __RUN_SCRIPTS=1__ flag to your command line the container will execute your scripts. Please see the [repo layout guidelines](https://gitlab.com/ric_harvey/nginx-php-fpm/blob/master/docs/repo_layout.md) for more details on how to organise this. ## Using environment variables / templating To set the variables pass them in as environment variables on the docker command line. diff --git a/docs/versioning.md b/docs/versioning.md index 18e5ae02..3724a588 100644 --- a/docs/versioning.md +++ b/docs/versioning.md @@ -13,7 +13,57 @@ We will use the [semver](http://ricostacruz.com/cheatsheets/semver.html) style n The latest tag will always follow the master branch in git. the other versions will have releases attached. -| Docker Tag | GitHub Release | Nginx Version | PHP Version | Alpine Version | Container Scripts | +#### PHP 7.4 + +| Docker Tag | PHP Version | Nginx Version | Alpine Version | Container Scripts | Notes | +|-----|-------|-----|--------|--------|----------| +| 1.9.0 | 7.4.2 |1.16.1 | 3.11 | 0.3.13 | upgrade to PHP 7.4.2 | +| 1.9.1 | 7.4.5 |1.16.1 | 3.11 | 0.3.13 | upgrade to PHP 7.4.5 | + +These tags will be created on GitLab and as tags in docker hub. + +### Unmaintained tags: + +#### PHP 7.3 + +| Docker Tag | PHP Version | Nginx Version | Alpine Version | Container Scripts | Notes | +|-----|-------|-----|--------|--------|----------| +| 1.6.0 | 7.3.2 |1.14.2 | 3.9 | 0.3.8 || +| 1.6.1 | 7.3.2 |1.14.2 | 3.9 | 0.3.9 || +| 1.6.2 | 7.3.3 |1.14.2 | 3.9 | 0.3.10 || +| 1.6.3 | 7.3.3 |1.14.2 | 3.9 | 0.3.11 || +| 1.6.4 | 7.3.3 |1.14.2 | 3.9 | 0.3.12 || +| 1.6.5 | 7.3.3 |1.14.2 | 3.9 | 0.3.12 || +| 1.6.6 | 7.3.3 |1.14.2 | 3.9 | 0.3.12 || +| 1.6.7 | 7.3.3 |1.14.2 | 3.9 | 0.3.13 | Broken | +| 1.6.8 | 7.3.4 |1.14.2 | 3.9 | 0.3.12 | Custom scripts rolled back | +| 1.7.0 | 7.3.4 |1.16.0 | 3.9 | 0.3.12 | First move to nginx 1.16.0 | +| 1.7.1 | 7.3.5 |1.16.0 | 3.9 | 0.3.12 | Bump to PHP 7.3.5 | +| 1.7.2 | 7.3.6 |1.16.0 | 3.9 | 0.3.12 | Bump to PHP 7.3.6 | +| 1.7.3 | 7.3.6 |1.16.0 | 3.9 | 0.3.12 | Bump xdebug 2.7.2 | +| 1.7.4 | 7.3.8 |1.16.0 | 3.9 | 0.3.12 | upgrade php to 7.3.8 | +| 1.8.0 | 7.3.9 |1.16.1 | 3.10 | 0.3.12 | Alpine upgrade to 3.10, PHP 7.3.9 and nginx 1.16.1 upgrades | +| 1.8.1 | 7.3.9 |1.16.1 | 3.10 | 0.3.12 | started python upgrade | +| 1.8.2 | 7.3.9 |1.16.1 | 3.10 | 0.3.13 | geoip2, catchall and xdebug.remote merges | + +#### PHP 7.2 + +| Docker Tag | PHP Version | Nginx Version | Alpine Version | Container Scripts | +|-----|-------|-----|--------|--------| +| 1.4.0 | 7.2.0 |1.13.2 | 3.6 | 0.3.5 | +| 1.4.1 | 7.2.0 |1.13.2 | 3.6 | 0.3.6 | +| 1.5.0 | 7.2.4 |1.14.0 | 3.6 | 0.3.6 | +| 1.5.1 | 7.2.6 |1.14.0 | 3.7 | 0.3.6 | +| 1.5.2 | 7.2.6 |1.14.0 | 3.7 | 0.3.7 | +| 1.5.3 | 7.2.7 |1.14.0 | 3.7 | 0.3.7 | +| 1.5.4 | 7.2.7 |1.14.0 | 3.7 | 0.3.8 | +| 1.5.5 | 7.2.10 |1.14.0 | 3.7 | 0.3.8 | +| 1.5.6 | 7.2.9 |1.14.0 | 3.7 | 0.3.8 | +| 1.5.7 | 7.2.10 |1.14.0 | 3.7 | 0.3.8 | + +#### PHP 7.1 + +| Docker Tag | Git Release | Nginx Version | PHP Version | Alpine Version | Container Scripts | |-----|-------|-----|--------|--------|--------| | latest | Master Branch |1.13.2 | 7.1.7 | 3.4 | 0.2.9 | | 1.1.1 | 1.1.1 |1.11.9 | 7.1.1 | 3.4 | 0.2.5 | @@ -41,9 +91,7 @@ The latest tag will always follow the master branch in git. the other versions w | 1.3.9 | 1.3.9 |1.13.7 | 7.1.11 | 3.4 | 0.3.3 | | 1.3.10 | 1.3.10 |1.13.7 | 7.1.12 | 3.4 | 0.3.4 | -These tags will be created as releases on GitHub and as tags in docker hub. - -### Unmaintained tags: +### Legacy tags: - php5 - php7 diff --git a/errors/404.html b/errors/404.html index 1c3db7a3..4c33c479 100644 --- a/errors/404.html +++ b/errors/404.html @@ -2,38 +2,15 @@ - - + + Error - 404 - -
-
-
-
-
-
-
-
-
-
- -

Error: 404

-

Looks like we can't find that page

-
-
-
-
-
- - - -
- -
-
+ + +
+

Page not Found

+ Gitlab + Twitter diff --git a/errors/gitlab.svg b/errors/gitlab.svg new file mode 100644 index 00000000..ad4c30cb --- /dev/null +++ b/errors/gitlab.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/errors/style.css b/errors/style.css deleted file mode 100644 index 188e98ce..00000000 --- a/errors/style.css +++ /dev/null @@ -1,398 +0,0 @@ -/*! normalize.css v2.1.3 | MIT License | git.io/normalize */ - -img { - border: 0; -} - -body,html { - min-height: 100%; - height: 100%; -} - -figure,footer,nav,section { - display: block; -} - -[hidden] { - display: none; -} - -html { - font-family: sans-serif; - -ms-text-size-adjust: 100%; - -webkit-text-size-adjust: 100%; -} - -body,figure { - margin: 0; -} - -a { - background: 0 0; -} - -a:focus { - outline: dotted thin; -} - -a:active,a:hover { - outline: 0; -} - -h1 { - margin: .67em 0; -} - -code { - font-family: monospace, serif; - font-size: 1em; -} - -svg:not(:root) { - overflow: hidden; -} - -.navbar { - -ms-box-sizing: border-box; - -o-box-sizing: border-box; - -khtml-box-sizing: border-box; -} - -.navbar-container { - border-bottom: 1px solid #EBEBEB; -} - -/*! - Ionicons, v2.0.0 - Created by Ben Sperry for the Ionic Framework, http://ionicons.com/ - https://twitter.com/benjsperry https://twitter.com/ionicframework - MIT License: https://github.com/driftyco/ionicons - - Android-style icons originally built by Google’s - Material Design Icons: https://github.com/google/material-design-icons - used under CC BY http://creativecommons.org/licenses/by/4.0/ - Modified icons to fit ionicon’s grid from original. -*/ - -@font-face { - font-family: Ionicons; - src: url(../fonts/ionicons/ionicons.eot?v=2.0.0); - src: url(../fonts/ionicons/ionicons.eot?v=2.0.0#iefix) format("embedded-opentype"), url(../fonts/ionicons/ionicons.ttf?v=2.0.0) format("truetype"), url(../fonts/ionicons/ionicons.woff?v=2.0.0) format("woff"), url(../fonts/ionicons/ionicons.svg?v=2.0.0#Ionicons) format("svg"); - font-weight: 400; - font-style: normal; -} - -.ion,.ion-code:before,.ion-link:before,.ion-sad:before,.ion-social-chrome:before,.ion-social-css3:before,.ion-social-github:before,.ion-social-html5:before,.ion-social-twitter:before,.ionicons { - display: inline-block; - font-family: Ionicons; - speak: none; - font-style: normal; - font-weight: 400; - font-variant: normal; - text-transform: none; - text-rendering: auto; - line-height: 1; - -webkit-font-smoothing: antialiased; - -moz-osx-font-smoothing: grayscale; -} - -.ion-code:before { - content: ""; -} - -.ion-link:before { - content: ""; -} - -.ion-sad:before { - content: ""; -} - -.ion-social-chrome:before { - content: ""; -} - -.ion-social-css3:before { - content: ""; -} - -.ion-social-github:before { - content: ""; -} - -.ion-social-html5:before { - content: ""; -} - -.ion-social-twitter:before { - content: ""; -} - -code[class*=language-] { - color: #000; - background: 0 0; - text-shadow: 0 1px #fff; - font-family: Consolas, Monaco, 'Andale Mono', 'Ubuntu Mono', monospace; - direction: ltr; - text-align: left; - white-space: pre; - word-spacing: normal; - word-break: normal; - word-wrap: normal; - line-height: 1.5; - -moz-tab-size: 4; - tab-size: 4; - -webkit-hyphens: none; - -moz-hyphens: none; - -ms-hyphens: none; - hyphens: none; -} - -code[class*=language-]::-moz-selection,code[class*=language-]::-moz-selection { - text-shadow: none; - background: #b3d4fc; -} - -code[class*=language-]::selection,code[class*=language-]::selection { - text-shadow: none; - background: #b3d4fc; -} - -@media print { - code[class*=language-] { - text-shadow: none; - } -} - -:not(pre)>code[class*=language-] { - background: #f5f2f0; -} - -:not(pre)>code[class*=language-] { - padding: .1em; - border-radius: .3em; - white-space: normal; -} - -.pad { - max-width: 1100px; - margin: 0 auto; - padding: 0 2em; -} - -.interface:after,.interface:before,.navbar:after,.navbar:before,.site-footer .social-links:after,.site-footer .social-links:before,.site-footer section:after,.site-footer section:before { - content: ""; - display: table; -} - -.interface:after,.navbar:after,.site-footer .social-links:after,.site-footer section:after { - clear: both; -} - -body { - background-color: #202B30; - line-height: 1.5; - font-size: 1em; - font-family: proxima-nova, "Helvetica Neue", Helvetica, Arial, sans-serif; - color: #031C2B; -} - -.navbar,.site-footer section { - max-width: 1070px; - margin: 0 5%; -} - -@media all and (min-width:1180px) { - .navbar, .site-footer section { - margin: 0 auto; - } -} - -.interface { - background-color: #fff; -} - -img { - width: 100%; - max-width: 100%; -} - -h1,h2,h3,h4 { - font-weight: 300; - line-height: 1.2; -} - -h1 a,h2 a,h3 a,h4 a { - color: inherit; - text-decoration: none; -} - -h1 a:hover,h2 a:hover,h3 a:hover,h4 a:hover { - color: #2796D8; -} - -h1 { - font-size: 2.3em; -} - -h2 { - font-size: 2em; -} - -h3 { - font-size: 1.5em; -} - -h6 { - text-transform: uppercase; - font-size: .75em; -} - -a { - color: #1577C1; -} - -a:hover { - color: #FF6A39; -} - -.navbar-container { - border-top: 10px solid #FF6A39; -} - -.navbar-container:before { - content: ''; - position: absolute; - background-color: #F45B29; - width: 33.33%; - height: 10px; - top: 0; -} - -.navbar { - padding: 1em 0; - box-sizing: border-box; - min-height: 60px; -} - -.navbar .brand { - width: 60%; - float: left; - margin-top: 3px; -} - -.navbar .brand img { - width: 100px; -} - -@media all and (min-width:980px) { - .navbar { - padding: 2.5em 0 2em; - } - - .navbar .brand { - width: 15%; - margin-top: 0; - } - - .navbar .brand img { - width: 150px; - } -} - -.status-page .interface { - height: 90%; -} - -.status-page-panel { - margin: 0 auto; - width: 80%; - max-width: 500px; - text-align: center; - position: relative; - top: 30%; - -webkit-transform: translateY(-50%); - transform: translateY(-50%); -} - -.status-page-panel .status-page-brand { - margin: 2em 0; -} - -.status-page-panel .status-page-brand img { - width: 150px; -} - -.status-page-panel img { - width: 80px; -} - -.status-page-panel h1 { - margin: 0; -} - -.status-page-panel p { - margin: .5em 0 0; -} - -.site-footer { - font-size: .875em; - border-top: 4px solid #FF6A39; - color: #70858F; -} - -.site-footer .footer-section { - background-color: #1D2529; -} - -.site-footer a { - color: #fff; - text-decoration: none; -} - -.site-footer section { - padding: 2em 0; -} - -.site-footer section.extra-pad { - padding: 3em 0; -} - -.site-footer .brand { - width: 100px; -} - -.site-footer .social-links { - margin-top: 1em; -} - -.site-footer .social-links i { - display: inline-block; - margin-right: 5px; -} - -.site-footer .social-links a { - display: inline-block; - margin-top: 1em; - margin-right: 20px; -} - -@media all and (min-width:787px) { - .site-footer .brand { - width: 10%; - float: left; - } - - .site-footer .social-links { - width: 80%; - float: right; - margin-top: 0; - text-align: right; - } - - .site-footer .social-links a { - margin-top: 0; - margin-left: 20px; - margin-right: 0; - } -} \ No newline at end of file diff --git a/errors/twitter.svg b/errors/twitter.svg new file mode 100644 index 00000000..30c7c9f3 --- /dev/null +++ b/errors/twitter.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/scripts/letsencrypt-setup b/scripts/letsencrypt-setup index 45f560be..0a4f9f87 100755 --- a/scripts/letsencrypt-setup +++ b/scripts/letsencrypt-setup @@ -10,10 +10,6 @@ else # change nginx for webroot and domain name sed -i "s/##DOMAIN##/${DOMAIN}/g" /etc/nginx/sites-enabled/default-ssl.conf sed -i "s#root /var/www/html;#root ${WEBROOT};#g" /etc/nginx/sites-available/default-ssl.conf - if [ ! -z "$WEBROOT" ]; then - webroot=$WEBROOT - sed -i "s#root /var/www/html;#root ${webroot};#g" /etc/nginx/sites-available/default-ssl.conf - fi supervisorctl restart nginx diff --git a/scripts/pull b/scripts/pull index 2231550b..8ec30458 100755 --- a/scripts/pull +++ b/scripts/pull @@ -11,10 +11,10 @@ if [ -z "$GIT_NAME" ]; then fi # Try auto install for composer -if [ -f "/var/www/html/composer.lock" ]; then - composer install --no-dev --working-dir=/var/www/html +if [ -f "${WEBROOT}/composer.lock" ]; then + composer install --no-dev --working-dir=${WEBROOT} fi -cd /var/www/html +cd ${WEBROOT} git pull || exit 1 -chown -Rf nginx:nginx /var/www/html +chown -Rf nginx:nginx ${WEBROOT} diff --git a/scripts/push b/scripts/push index bf577cfa..ff89d393 100755 --- a/scripts/push +++ b/scripts/push @@ -15,7 +15,7 @@ if [ -z "$GIT_NAME" ]; then fi ts=$(timestamp) -cd /var/www/html +cd ${WEBROOT} git add . git commit -a -m "push from container $ts" git push diff --git a/scripts/start.sh b/scripts/start.sh index 199276dd..13e3dab8 100644 --- a/scripts/start.sh +++ b/scripts/start.sh @@ -24,6 +24,12 @@ else webroot=/var/www/html fi +# Enables 404 pages through php index +if [ ! -z "$PHP_CATCHALL" ]; then + sed -i 's#try_files $uri $uri/ =404;#try_files $uri $uri/ /index.php?$args;#g' /etc/nginx/sites-available/default.conf +fi + + # Setup git variables if [ ! -z "$GIT_EMAIL" ]; then git config --global user.email "$GIT_EMAIL" @@ -58,6 +64,12 @@ if [ ! -d "/var/www/html/.git" ]; then fi fi ${GIT_COMMAND} /var/www/html || exit 1 + if [ ! -z "$GIT_TAG" ]; then + git checkout ${GIT_TAG} || exit 1 + fi + if [ ! -z "$GIT_COMMIT" ]; then + git checkout ${GIT_COMMIT} || exit 1 + fi if [ -z "$SKIP_CHOWN" ]; then chown -Rf nginx.nginx /var/www/html fi @@ -86,9 +98,9 @@ fi # Display PHP error's or not if [[ "$ERRORS" != "1" ]] ; then - echo php_flag[display_errors] = off >> /usr/local/etc/php-fpm.conf + echo php_flag[display_errors] = off >> /usr/local/etc/php-fpm.d/www.conf else - echo php_flag[display_errors] = on >> /usr/local/etc/php-fpm.conf + echo php_flag[display_errors] = on >> /usr/local/etc/php-fpm.d/www.conf fi # Display Version Details or not @@ -117,7 +129,10 @@ if [ -f /etc/nginx/sites-available/default-ssl.conf ]; then fi fi -#Display errors in docker logs +# Set the desired timezone +echo date.timezone=$(cat /etc/TZ) > /usr/local/etc/php/conf.d/timezone.ini + +# Display errors in docker logs if [ ! -z "$PHP_ERRORS_STDERR" ]; then echo "log_errors = On" >> /usr/local/etc/php/conf.d/docker-vars.ini echo "error_log = /dev/stderr" >> /usr/local/etc/php/conf.d/docker-vars.ini @@ -156,6 +171,7 @@ if [[ "$ENABLE_XDEBUG" == "1" ]] ; then else echo "zend_extension=$(find /usr/local/lib/php/extensions/ -name xdebug.so)" > $XdebugFile # Note, single arrow to overwrite file. echo "xdebug.remote_enable=1 " >> $XdebugFile + echo "xdebug.remote_host=host.docker.internal" >> $XdebugFile echo "xdebug.remote_log=/tmp/xdebug.log" >> $XdebugFile echo "xdebug.remote_autostart=false " >> $XdebugFile # I use the xdebug chrome extension instead of using autostart # NOTE: xdebug.remote_host is not needed here if you set an environment variable in docker-compose like so `- XDEBUG_CONFIG=remote_host=192.168.111.27`. diff --git a/src/index.php b/src/index.php index 2c6ebd25..9f016e1f 100644 --- a/src/index.php +++ b/src/index.php @@ -1,3 +1,5 @@