From 8bc5ea2d5e3899ac3e29ed94a9fee3e2e2975265 Mon Sep 17 00:00:00 2001 From: Birkhoff Lee Date: Thu, 21 Nov 2019 12:54:22 +0800 Subject: [PATCH] Initial Docker support This commit adds: 1. A Dockerfile that runs PHP 7.2 FPM on Alpine Linux 2. A example docker-compose file that simplifies deployment --- .gitignore | 1 + Dockerfile | 31 ++++++++++++++++ docker-compose.yml.example | 18 ++++++++++ nginx.conf | 74 ++++++++++++++++++++++++++++++++++++++ 4 files changed, 124 insertions(+) create mode 100644 Dockerfile create mode 100644 docker-compose.yml.example create mode 100644 nginx.conf diff --git a/.gitignore b/.gitignore index 0afb940b..9dc3413f 100644 --- a/.gitignore +++ b/.gitignore @@ -11,3 +11,4 @@ Homestead.yaml .rnd /.expo /.vscode +docker-compose.yml diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 00000000..0525e49d --- /dev/null +++ b/Dockerfile @@ -0,0 +1,31 @@ +FROM php:7.2-fpm-alpine + +# Use the default production configuration +RUN mv "$PHP_INI_DIR/php.ini-production" "$PHP_INI_DIR/php.ini" + +RUN apk add --no-cache curl git tar unzip libpng-dev libxml2-dev + +RUN docker-php-ext-install bcmath && \ + docker-php-ext-install ctype && \ + docker-php-ext-install json && \ + docker-php-ext-install gd && \ + docker-php-ext-install mbstring && \ + docker-php-ext-install pdo && \ + docker-php-ext-install pdo_mysql && \ + docker-php-ext-install tokenizer && \ + docker-php-ext-install xml && \ + curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer && \ + composer --version + +WORKDIR /var/www + +COPY . /var/www + +RUN composer install --optimize-autoloader && \ + php artisan config:cache && \ + chmod -R 755 storage bootstrap/cache && \ + chown -R www-data:www-data storage + +EXPOSE 9000 +CMD ["php-fpm"] + diff --git a/docker-compose.yml.example b/docker-compose.yml.example new file mode 100644 index 00000000..48bdda1a --- /dev/null +++ b/docker-compose.yml.example @@ -0,0 +1,18 @@ +version: '3.1' + +services: + + nginx: + image: nginx + expose: + - 80 + volumes: + - ./nginx.conf:/etc/nginx/nginx.conf:ro + restart: always + + php: + build: . + expose: + - 9000 + restart: always + diff --git a/nginx.conf b/nginx.conf new file mode 100644 index 00000000..ecb9f59f --- /dev/null +++ b/nginx.conf @@ -0,0 +1,74 @@ +worker_processes 8; + +error_log /var/log/nginx/error.log warn; +pid /var/run/nginx.pid; + +events { + worker_connections 4096; +} + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + + keepalive_timeout 65; + + server { + listen 80 default_server; + + root /var/www/public; + index index.php; + charset utf-8; + + access_log off; + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + + client_max_body_size 100m; + client_body_timeout 120s; + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + sendfile off; + + add_header X-Content-Type-Options nosniff; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Robots-Tag none; + add_header Content-Security-Policy "frame-ancestors 'self'"; + + location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass php:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param PHP_VALUE "upload_max_filesize = 100M \n post_max_size=100M"; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param HTTP_PROXY ""; + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + fastcgi_connect_timeout 300; + fastcgi_send_timeout 300; + fastcgi_read_timeout 300; + include /etc/nginx/fastcgi_params; + } + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + location ~ /\.ht { + deny all; + } + } +}