Skip to content

D
docker
提交 6c2b1723 authored 作者: 陈欢's avatar 陈欢
浏览文件
操作

增加新文件

上级 a86a4eae
显示空白字符变更
内嵌 并排
正在显示 包含 292 行增加0 行删除
base-images/nginx-php-fpm-main/DockerfileNew 0 → 100644
浏览文件 @ 6c2b1723
FROM php:8.1.12-fpm-alpine3.16
LABEL maintainer="Ric Harvey <ric@squarecows.com>"
ENV php_conf /usr/local/etc/php-fpm.conf
ENV fpm_conf /usr/local/etc/php-fpm.d/www.conf
ENV php_vars /usr/local/etc/php/conf.d/docker-vars.ini
ENV NGINX_VERSION 1.22.1
ENV LUA_MODULE_VERSION 0.10.22
ENV DEVEL_KIT_MODULE_VERSION 0.3.1
ENV LUAJIT_LIB=/usr/lib
ENV LUAJIT_INC=/usr/include/luajit-2.1
# resolves #166
ENV LD_PRELOAD /usr/lib/preloadable_libiconv.so php
RUN apk add --no-cache --repository http://dl-3.alpinelinux.org/alpine/edge/community gnu-libiconv
RUN GPG_KEYS=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62 \
&& CONFIG="\
--prefix=/etc/nginx \
--sbin-path=/usr/sbin/nginx \
--modules-path=/usr/lib/nginx/modules \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--pid-path=/var/run/nginx.pid \
--lock-path=/var/run/nginx.lock \
--http-client-body-temp-path=/var/cache/nginx/client_temp \
--http-proxy-temp-path=/var/cache/nginx/proxy_temp \
--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \
--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \
--http-scgi-temp-path=/var/cache/nginx/scgi_temp \
--user=nginx \
--group=nginx \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_addition_module \
--with-http_sub_module \
--with-http_dav_module \
--with-http_flv_module \
--with-http_mp4_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_stub_status_module \
--with-http_auth_request_module \
--with-http_xslt_module=dynamic \
--with-http_image_filter_module=dynamic \
# --with-http_geoip_module=dynamic \
--with-http_perl_module=dynamic \
--with-threads \
--with-stream \
--with-stream_ssl_module \
--with-stream_ssl_preread_module \
--with-stream_realip_module \
# --with-stream_geoip_module=dynamic \
--with-http_slice_module \
--with-mail \
--with-mail_ssl_module \
--with-compat \
--with-file-aio \
--with-http_v2_module \
--add-module=/usr/src/ngx_devel_kit-$DEVEL_KIT_MODULE_VERSION \
--add-module=/usr/src/lua-nginx-module-$LUA_MODULE_VERSION \
" \
&& addgroup -S nginx \
&& adduser -D -S -h /var/cache/nginx -s /sbin/nologin -G nginx nginx \
&& apk add --no-cache --virtual .build-deps \
autoconf \
gcc \
libc-dev \
make \
libressl-dev \
pcre-dev \
zlib-dev \
linux-headers \
curl \
gnupg \
libxslt-dev \
gd-dev \
# geoip-dev \
libmaxminddb-dev \
perl-dev \
luajit-dev \
&& curl -fSL http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \
&& curl -fSL http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc -o nginx.tar.gz.asc \
&& curl -fSL https://github.com/simpl/ngx_devel_kit/archive/v$DEVEL_KIT_MODULE_VERSION.tar.gz -o ndk.tar.gz \
&& curl -fSL https://github.com/openresty/lua-nginx-module/archive/v$LUA_MODULE_VERSION.tar.gz -o lua.tar.gz \
# && curl -fSL https://github.com/leev/ngx_http_geoip2_module/archive/$GEOIP2_MODULE_VERSION.tar.gz -o ngx_http_geoip2_module.tar.gz \
# && export GNUPGHOME="$(mktemp -d)" \
# && found=''; \
# for server in \
# ha.pool.sks-keyservers.net \
# hkp://keyserver.ubuntu.com:80 \
# hkp://p80.pool.sks-keyservers.net:80 \
# pgp.mit.edu \
# ; do \
# echo "Fetching GPG key $GPG_KEYS from $server"; \
# gpg --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$GPG_KEYS" && found=yes && break; \
# done; \
# test -z "$found" && echo >&2 "error: failed to fetch GPG key $GPG_KEYS" && exit 1; \
# gpg --batch --verify nginx.tar.gz.asc nginx.tar.gz \
#&& rm -r "$GNUPGHOME" nginx.tar.gz.asc \
&& mkdir -p /usr/src \
&& tar -zxC /usr/src -f nginx.tar.gz \
&& tar -zxC /usr/src -f ndk.tar.gz \
&& tar -zxC /usr/src -f lua.tar.gz \
# && tar -zxC /usr/src -f ngx_http_geoip2_module.tar.gz \
# && rm nginx.tar.gz ndk.tar.gz lua.tar.gz ngx_http_geoip2_module.tar.gz \
&& cd /usr/src/nginx-$NGINX_VERSION \
&& ./configure $CONFIG --with-debug \
&& make -j$(getconf _NPROCESSORS_ONLN) \
&& mv objs/nginx objs/nginx-debug \
&& mv objs/ngx_http_xslt_filter_module.so objs/ngx_http_xslt_filter_module-debug.so \
&& mv objs/ngx_http_image_filter_module.so objs/ngx_http_image_filter_module-debug.so \
# && mv objs/ngx_http_geoip_module.so objs/ngx_http_geoip_module-debug.so \
&& mv objs/ngx_http_perl_module.so objs/ngx_http_perl_module-debug.so \
# && mv objs/ngx_stream_geoip_module.so objs/ngx_stream_geoip_module-debug.so \
&& ./configure $CONFIG \
&& make -j$(getconf _NPROCESSORS_ONLN) \
&& make install \
&& rm -rf /etc/nginx/html/ \
&& mkdir /etc/nginx/conf.d/ \
&& mkdir -p /usr/share/nginx/html/ \
&& install -m644 html/index.html /usr/share/nginx/html/ \
&& install -m644 html/50x.html /usr/share/nginx/html/ \
&& install -m755 objs/nginx-debug /usr/sbin/nginx-debug \
&& install -m755 objs/ngx_http_xslt_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_xslt_filter_module-debug.so \
&& install -m755 objs/ngx_http_image_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_image_filter_module-debug.so \
# && install -m755 objs/ngx_http_geoip_module-debug.so /usr/lib/nginx/modules/ngx_http_geoip_module-debug.so \
&& install -m755 objs/ngx_http_perl_module-debug.so /usr/lib/nginx/modules/ngx_http_perl_module-debug.so \
# && install -m755 objs/ngx_stream_geoip_module-debug.so /usr/lib/nginx/modules/ngx_stream_geoip_module-debug.so \
&& ln -s ../../usr/lib/nginx/modules /etc/nginx/modules \
&& strip /usr/sbin/nginx* \
&& strip /usr/lib/nginx/modules/*.so \
&& rm -rf /usr/src/nginx-$NGINX_VERSION \
# && rm -rf /usr/src/ngx_http_geoip2_module-$GEOIP2_MODULE_VERSION \
\
# Bring in gettext so we can get `envsubst`, then throw
# the rest away. To do this, we need to install `gettext`
# then move `envsubst` out of the way so `gettext` can
# be deleted completely, then move `envsubst` back.
&& apk add --no-cache --virtual .gettext gettext \
&& mv /usr/bin/envsubst /tmp/ \
\
&& runDeps="$( \
scanelf --needed --nobanner /usr/sbin/nginx /usr/lib/nginx/modules/*.so /tmp/envsubst \
| awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \
| sort -u \
| xargs -r apk info --installed \
| sort -u \
)" \
&& apk add --no-cache --virtual .nginx-rundeps $runDeps \
&& apk del .build-deps \
&& apk del .gettext \
&& mv /tmp/envsubst /usr/local/bin/ \
\
# forward request and error logs to docker log collector
&& ln -sf /dev/stdout /var/log/nginx/access.log \
&& ln -sf /dev/stderr /var/log/nginx/error.log
RUN echo @testing http://nl.alpinelinux.org/alpine/edge/testing >> /etc/apk/repositories && \
echo /etc/apk/respositories && \
apk update && apk upgrade &&\
apk add --no-cache \
bash \
openssh-client \
wget \
supervisor \
curl \
libcurl \
libpq \
git \
python3 \
py3-pip \
ca-certificates \
dialog \
autoconf \
make \
openssl-dev \
libressl-dev \
libzip-dev \
bzip2-dev \
icu-dev \
gcc && \
apk add --no-cache --virtual .sys-deps \
musl-dev \
linux-headers \
augeas-dev \
libmcrypt-dev \
libpng-dev \
libxslt-dev \
python3-dev \
libffi-dev \
freetype-dev \
sqlite-dev \
imap-dev \
libjpeg-turbo-dev \
postgresql-dev && \
docker-php-ext-configure gd \
--enable-gd \
--with-freetype \
--with-jpeg && \
docker-php-ext-install gd && \
pip install --upgrade pip && \
#curl iconv session
#docker-php-ext-install pdo_mysql pdo_sqlite mysqli mcrypt gd exif intl xsl json soap dom zip opcache && \
# docker-php-ext-install iconv pdo_mysql pdo_sqlite pgsql pdo_pgsql mysqli gd exif intl xsl json soap dom zip opcache && \
docker-php-ext-install pdo_mysql mysqli pdo_sqlite pgsql pdo_pgsql exif intl xsl soap zip && \
pecl install xdebug-3.1.4 && \
pecl install -o -f redis && \
echo "extension=redis.so" > /usr/local/etc/php/conf.d/redis.ini && \
docker-php-source delete && \
mkdir -p /etc/nginx && \
mkdir -p /var/www/app && \
mkdir -p /run/nginx && \
mkdir -p /var/log/supervisor && \
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" && \
php composer-setup.php --quiet --install-dir=/usr/bin --filename=composer && \
rm composer-setup.php &&\
# pip3 install -U pip && \
pip3 install -U certbot && \
mkdir -p /etc/letsencrypt/webrootauth && \
apk del gcc musl-dev linux-headers libffi-dev augeas-dev python3-dev make autoconf && \
apk del .sys-deps
# ln -s /usr/bin/php7 /usr/bin/php
ADD conf/supervisord.conf /etc/supervisord.conf
# Copy our nginx config
RUN rm -Rf /etc/nginx/nginx.conf
ADD conf/nginx.conf /etc/nginx/nginx.conf
# nginx site conf
RUN mkdir -p /etc/nginx/sites-available/ && \
mkdir -p /etc/nginx/sites-enabled/ && \
mkdir -p /etc/nginx/ssl/ && \
rm -Rf /var/www/* && \
mkdir /var/www/html/
ADD conf/nginx-site.conf /etc/nginx/sites-available/default.conf
ADD conf/nginx-site-ssl.conf /etc/nginx/sites-available/default-ssl.conf
RUN ln -s /etc/nginx/sites-available/default.conf /etc/nginx/sites-enabled/default.conf
# tweak php-fpm config
RUN echo "cgi.fix_pathinfo=0" > ${php_vars} &&\
echo "upload_max_filesize = 100M" >> ${php_vars} &&\
echo "post_max_size = 100M" >> ${php_vars} &&\
echo "variables_order = \"EGPCS\"" >> ${php_vars} && \
echo "memory_limit = 128M" >> ${php_vars} && \
sed -i \
-e "s/;catch_workers_output\s*=\s*yes/catch_workers_output = yes/g" \
-e "s/pm.max_children = 5/pm.max_children = 4/g" \
-e "s/pm.start_servers = 2/pm.start_servers = 3/g" \
-e "s/pm.min_spare_servers = 1/pm.min_spare_servers = 2/g" \
-e "s/pm.max_spare_servers = 3/pm.max_spare_servers = 4/g" \
-e "s/;pm.max_requests = 500/pm.max_requests = 200/g" \
-e "s/user = www-data/user = nginx/g" \
-e "s/group = www-data/group = nginx/g" \
-e "s/;listen.mode = 0660/listen.mode = 0666/g" \
-e "s/;listen.owner = www-data/listen.owner = nginx/g" \
-e "s/;listen.group = www-data/listen.group = nginx/g" \
-e "s/listen = 127.0.0.1:9000/listen = \/var\/run\/php-fpm.sock/g" \
-e "s/^;clear_env = no$/clear_env = no/" \
${fpm_conf}
# ln -s /etc/php7/php.ini /etc/php7/conf.d/php.ini && \
RUN cp /usr/local/etc/php/php.ini-development /usr/local/etc/php/php.ini && \
sed -i \
-e "s/;opcache/opcache/g" \
-e "s/;zend_extension=opcache/zend_extension=opcache/g" \
/usr/local/etc/php/php.ini
# Add Scripts
ADD scripts/start.sh /start.sh
ADD scripts/pull /usr/bin/pull
ADD scripts/push /usr/bin/push
ADD scripts/letsencrypt-setup /usr/bin/letsencrypt-setup
ADD scripts/letsencrypt-renew /usr/bin/letsencrypt-renew
RUN chmod 755 /usr/bin/pull && chmod 755 /usr/bin/push && chmod 755 /usr/bin/letsencrypt-setup && chmod 755 /usr/bin/letsencrypt-renew && chmod 755 /start.sh
# copy in code
ADD src/ /var/www/html/
ADD errors/ /var/www/errors
EXPOSE 443 80
WORKDIR "/var/www/html"
CMD ["/start.sh"]
\ No newline at end of file
Markdown 格式
0%
您添加了 0 到此讨论。请谨慎行事。
请先完成此评论的编辑!
注册 或者 后发表评论