From 7fe9a4c2a251d3ddeb58fceaaefe167d52e382be Mon Sep 17 00:00:00 2001 From: Birkhoff Lee Date: Wed, 4 Dec 2019 14:49:57 +0800 Subject: [PATCH] Fix Dockerfile and docker-compose.yml 1. Generate a testing SQLite db on build 2. Optimize image layer caching 3. Fix permissions 4. Simplify nginx configuration 5. Fix nginx infinite redirect loop (couldn't access app folder) --- Dockerfile | 32 +++++++++++++++++++++++++------- nginx.conf | 23 +---------------------- 2 files changed, 26 insertions(+), 29 deletions(-) diff --git a/Dockerfile b/Dockerfile index 07550568..92a45694 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,12 +1,22 @@ +##### STAGE 1 ##### + FROM composer as composer +# Copy composer files from project root into composer container's working dir +COPY composer.* /app/ + +# Copy database directory for autoloader optimization +COPY database /app/database + +# Run composer to build dependencies in vendor folder +RUN composer install --no-scripts --no-suggest --no-interaction --prefer-dist --optimize-autoloader + # Copy everything from project root into composer container's working dir COPY . /app -# Run composer to build dependencies in vendor folder -RUN set -xe \ - && composer install --no-scripts --no-suggest --no-interaction --prefer-dist --optimize-autoloader \ - && composer dump-autoload --optimize --classmap-authoritative +RUN composer dump-autoload --optimize --classmap-authoritative + +##### STAGE 2 ##### FROM php:7.4.0-fpm-alpine @@ -25,10 +35,18 @@ COPY . /app # Copy vendor folder from composer container into php container COPY --from=composer /app/vendor /app/vendor -RUN php artisan config:cache && \ - chmod -R 755 storage bootstrap/cache && \ - chown -R www-data:www-data storage +RUN touch database/database.sqlite && \ + php artisan migrate && \ + php artisan config:cache && \ + php artisan passport:install && \ + php artisan key:generate && \ + chown -R www-data:www-data . && \ + chmod -R 755 . && \ + chmod -R 775 storage/framework/ && \ + chmod -R 775 storage/logs/ && \ + chmod -R 775 bootstrap/cache/ EXPOSE 9000 + CMD ["php-fpm", "--nodaemonize"] diff --git a/nginx.conf b/nginx.conf index 47d52728..36645fa7 100644 --- a/nginx.conf +++ b/nginx.conf @@ -22,7 +22,7 @@ http { keepalive_timeout 65; server { - listen 80 default_server; + listen 80 default_server; root /app/public; index index.php; @@ -34,41 +34,20 @@ http { try_files $uri $uri/ /index.php?$query_string; } - client_max_body_size 100m; - client_body_timeout 120s; - location = /favicon.ico { access_log off; log_not_found off; } location = /robots.txt { access_log off; log_not_found off; } - sendfile off; - add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; add_header Content-Security-Policy "frame-ancestors 'self'"; location ~ \.php$ { - fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass php:9000; fastcgi_index index.php; include fastcgi_params; - fastcgi_param PHP_VALUE "upload_max_filesize = 100M \n post_max_size=100M"; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_param HTTP_PROXY ""; - fastcgi_intercept_errors off; - fastcgi_buffer_size 16k; - fastcgi_buffers 4 16k; - fastcgi_connect_timeout 300; - fastcgi_send_timeout 300; - fastcgi_read_timeout 300; include /etc/nginx/fastcgi_params; } - - # deny access to .htaccess files, if Apache's document root - # concurs with nginx's one - # - location ~ /\.ht { - deny all; - } } }