├── .github ├── ISSUE_TEMPLATE │ ├── bug_report.md │ └── config.yml └── workflows │ └── build-and-push.yml ├── 8.0 ├── Dockerfile ├── craft-cms-xdebug.ini ├── craft-cms.ini └── dev.Dockerfile ├── 8.1 ├── Dockerfile ├── craft-cms-xdebug.ini ├── craft-cms.ini └── dev.Dockerfile ├── 8.2 ├── Dockerfile ├── craft-cms-xdebug.ini ├── craft-cms.ini └── dev.Dockerfile ├── CHANGELOG.md ├── Makefile ├── README.md └── nginx ├── Dockerfile ├── craftcms ├── general.conf ├── php_fastcgi.conf └── security.conf ├── default.conf ├── dev.default.conf ├── nginx.conf └── supervisor.conf /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bug Report 3 | about: Report an issue or unexpected behavior 4 | labels: 5 | - bug # Linear 6 | - Craft Docker Images # Linear 7 | --- 8 | 9 | ### Description 10 | 11 | 12 | 13 | ### Steps to reproduce 14 | 15 | 1. 16 | 2. 17 | 18 | ### Additional info 19 | 20 | - `craftcms/cms` version: 21 | - PHP version: 22 | - Database driver & version: 23 | - Plugins & versions: 24 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/config.yml: -------------------------------------------------------------------------------- 1 | blank_issues_enabled: false 2 | contact_links: 3 | - name: Feature Request 4 | url: https://github.com/craftcms/docker/discussions/new?category=ideas 5 | about: Start a new discussion about your idea 6 | -------------------------------------------------------------------------------- /.github/workflows/build-and-push.yml: -------------------------------------------------------------------------------- 1 | name: Build and push Docker images 2 | 3 | on: 4 | workflow_dispatch: 5 | # schedule: 6 | # - cron: "30 2 * * *" # Runs at 02:30 UTC every day 7 | push: 8 | tags: 9 | - "*.*.*" 10 | permissions: 11 | contents: read 12 | env: 13 | BUILD_PLATFORMS: linux/amd64, linux/arm64 14 | 15 | jobs: 16 | build-php-images: 17 | name: Build PHP images 18 | runs-on: ubuntu-latest 19 | strategy: 20 | matrix: 21 | php: ["8.2", "8.1", "8.0"] 22 | type: ["php-fpm", "cli"] 23 | include: 24 | - type: php-fpm 25 | type_short: fpm 26 | 27 | - type: cli 28 | type_short: cli 29 | steps: 30 | - name: Set env 31 | run: | 32 | echo "PROD_IMAGE_REF=craftcms/${{ matrix.type }}:${{ matrix.php }}" >> $GITHUB_ENV 33 | echo "DEV_IMAGE_REF=craftcms/${{ matrix.type }}:${{ matrix.php }}-dev" >> $GITHUB_ENV 34 | echo "PROD_DOCKERFILE=${{ matrix.php }}/Dockerfile" >> $GITHUB_ENV 35 | echo "DEV_DOCKERFILE=${{ matrix.php }}/dev.Dockerfile" >> $GITHUB_ENV 36 | 37 | - name: Check out the repository 38 | uses: actions/checkout@v2 39 | 40 | - name: Set up QEMU 41 | uses: docker/setup-qemu-action@v1 42 | 43 | - name: Set up Docker Buildx 44 | uses: docker/setup-buildx-action@v1 45 | with: 46 | install: true 47 | 48 | - name: Build production image for Snyk test 49 | uses: docker/build-push-action@v2 50 | with: 51 | context: ${{ matrix.php }} 52 | push: false 53 | load: true 54 | tags: ${{ env.PROD_IMAGE_REF }} 55 | build-args: | 56 | PROJECT_TYPE=${{ matrix.type_short }} 57 | PHP_VERSION=${{ matrix.php }} 58 | 59 | - name: Snyk test production image 60 | uses: snyk/actions/docker@master 61 | env: 62 | SNYK_CFG_ORG: ${{ secrets.SNYK_CFG_ORG }} 63 | SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} 64 | with: 65 | image: ${{ env.PROD_IMAGE_REF }} 66 | args: --file=${{ env.PROD_DOCKERFILE }} 67 | 68 | - name: Login to Docker Hub 69 | uses: docker/login-action@v1 70 | with: 71 | username: ${{ secrets.DOCKERHUB_USERNAME }} 72 | password: ${{ secrets.DOCKERHUB_TOKEN }} 73 | 74 | - name: Build & push production image 75 | uses: docker/build-push-action@v2 76 | with: 77 | context: ${{ matrix.php }} 78 | push: true 79 | platforms: ${{ env.BUILD_PLATFORMS }} 80 | tags: ${{ env.PROD_IMAGE_REF }} 81 | build-args: | 82 | PROJECT_TYPE=${{ matrix.type_short }} 83 | PHP_VERSION=${{ matrix.php }} 84 | 85 | - name: Build development image 86 | uses: docker/build-push-action@v2 87 | with: 88 | context: ${{ matrix.php }} 89 | file: ${{ env.DEV_DOCKERFILE }} 90 | push: false 91 | load: true 92 | tags: ${{ env.DEV_IMAGE_REF }} 93 | build-args: | 94 | PROJECT_TYPE=${{ matrix.type }} 95 | PHP_VERSION=${{ matrix.php }} 96 | 97 | - name: Build & push development image 98 | uses: docker/build-push-action@v2 99 | with: 100 | context: ${{ matrix.php }} 101 | file: ${{ env.DEV_DOCKERFILE }} 102 | push: true 103 | platforms: ${{ env.BUILD_PLATFORMS }} 104 | tags: ${{ env.DEV_IMAGE_REF }} 105 | build-args: | 106 | PROJECT_TYPE=${{ matrix.type }} 107 | PHP_VERSION=${{ matrix.php }} 108 | 109 | build-nginx-images: 110 | name: Build NGINX images 111 | needs: build-php-images 112 | runs-on: ubuntu-latest 113 | strategy: 114 | matrix: 115 | php: ["8.2", "8.1", "8.0"] 116 | steps: 117 | - name: Set env 118 | run: | 119 | echo "PROD_IMAGE_REF=craftcms/nginx:${{ matrix.php }}" >> $GITHUB_ENV 120 | echo "DEV_IMAGE_REF=craftcms/nginx:${{ matrix.php }}-dev" >> $GITHUB_ENV 121 | echo "BASE_PROD_IMAGE_TAG=${{ matrix.php }}" >> $GITHUB_ENV 122 | echo "BASE_DEV_IMAGE_TAG=${{ matrix.php }}-dev" >> $GITHUB_ENV 123 | 124 | - name: Check out the repository 125 | uses: actions/checkout@v2 126 | 127 | - name: Set up QEMU 128 | uses: docker/setup-qemu-action@v1 129 | 130 | - name: Set up Docker Buildx 131 | uses: docker/setup-buildx-action@v1 132 | with: 133 | install: true 134 | 135 | - name: Build production image for Snyk test 136 | uses: docker/build-push-action@v2 137 | with: 138 | context: nginx 139 | push: false 140 | load: true 141 | tags: ${{ env.PROD_IMAGE_REF }} 142 | build-args: | 143 | PHP_VERSION=${{ env.BASE_PROD_IMAGE_TAG }} 144 | 145 | - name: Snyk test production image 146 | uses: snyk/actions/docker@master 147 | env: 148 | SNYK_CFG_ORG: ${{ secrets.SNYK_CFG_ORG }} 149 | SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} 150 | with: 151 | image: ${{ env.PROD_IMAGE_REF }} 152 | args: --file=nginx/Dockerfile 153 | 154 | - name: Login to Docker Hub 155 | uses: docker/login-action@v1 156 | with: 157 | username: ${{ secrets.DOCKERHUB_USERNAME }} 158 | password: ${{ secrets.DOCKERHUB_TOKEN }} 159 | 160 | - name: Build & push production image 161 | uses: docker/build-push-action@v2 162 | with: 163 | context: nginx 164 | push: true 165 | platforms: ${{ env.BUILD_PLATFORMS }} 166 | tags: ${{ env.PROD_IMAGE_REF }} 167 | build-args: | 168 | PHP_VERSION=${{ env.BASE_PROD_IMAGE_TAG }} 169 | 170 | - name: Build development image 171 | uses: docker/build-push-action@v2 172 | with: 173 | context: nginx 174 | push: false 175 | load: true 176 | tags: ${{ env.DEV_IMAGE_REF }} 177 | build-args: | 178 | PHP_VERSION=${{ env.BASE_DEV_IMAGE_TAG }} 179 | NGINX_CONF=dev.default.conf 180 | 181 | - name: Build & push development image 182 | uses: docker/build-push-action@v2 183 | with: 184 | context: nginx 185 | push: true 186 | platforms: ${{ env.BUILD_PLATFORMS }} 187 | tags: ${{ env.DEV_IMAGE_REF }} 188 | build-args: | 189 | PHP_VERSION=${{ env.BASE_DEV_IMAGE_TAG }} 190 | NGINX_CONF=dev.default.conf 191 | bump_tag: 192 | name: Bump Version Tag 193 | if: ${{ github.event_name != 'push' }} 194 | needs: 195 | - build-php-images 196 | - build-nginx-images 197 | runs-on: ubuntu-latest 198 | steps: 199 | - name: Bump version and push tag 200 | uses: mathieudutour/github-tag-action@v6.2 201 | with: 202 | github_token: ${{ secrets.TAG_ACTION_TOKEN }} 203 | tag_prefix: "" 204 | -------------------------------------------------------------------------------- /8.0/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG PHP_VERSION 2 | ARG PROJECT_TYPE 3 | 4 | FROM alpine:3.13 AS iconv-build 5 | RUN apk upgrade --no-cache \ 6 | && apk add --no-cache gnu-libiconv 7 | 8 | FROM php:${PHP_VERSION}-${PROJECT_TYPE}-alpine3.16 9 | 10 | # setup general options for environment variables 11 | ARG PHP_MEMORY_LIMIT_ARG="256M" 12 | ENV PHP_MEMORY_LIMIT=${PHP_MEMORY_LIMIT_ARG} 13 | ARG PHP_MAX_EXECUTION_TIME_ARG="120" 14 | ENV PHP_MAX_EXECUTION_TIME=${PHP_MAX_EXECUTION_TIME_ARG} 15 | ARG PHP_UPLOAD_MAX_FILESIZE_ARG="20M" 16 | ENV PHP_UPLOAD_MAX_FILESIZE=${PHP_UPLOAD_MAX_FILESIZE_ARG} 17 | ARG PHP_MAX_INPUT_VARS_ARG="1000" 18 | ENV PHP_MAX_INPUT_VARS=${PHP_MAX_INPUT_VARS_ARG} 19 | ARG PHP_POST_MAX_SIZE_ARG="8M" 20 | ENV PHP_POST_MAX_SIZE=${PHP_POST_MAX_SIZE_ARG} 21 | ARG PHP_REGISTER_ARGC_ARGV="0" 22 | ENV PHP_REGISTER_ARGC_ARGV=${PHP_REGISTER_ARGC_ARGV} 23 | 24 | # setup opcache for environment variables 25 | ARG PHP_OPCACHE_ENABLE_ARG="1" 26 | ARG PHP_OPCACHE_REVALIDATE_FREQ_ARG="0" 27 | ARG PHP_OPCACHE_VALIDATE_TIMESTAMPS_ARG="0" 28 | ARG PHP_OPCACHE_MAX_ACCELERATED_FILES_ARG="10000" 29 | ARG PHP_OPCACHE_MEMORY_CONSUMPTION_ARG="128" 30 | ARG PHP_OPCACHE_MAX_WASTED_PERCENTAGE_ARG="10" 31 | ARG PHP_OPCACHE_INTERNED_STRINGS_BUFFER_ARG="16" 32 | ARG PHP_OPCACHE_FAST_SHUTDOWN_ARG="1" 33 | ENV PHP_OPCACHE_ENABLE=$PHP_OPCACHE_ENABLE_ARG 34 | ENV PHP_OPCACHE_REVALIDATE_FREQ=$PHP_OPCACHE_REVALIDATE_FREQ_ARG 35 | ENV PHP_OPCACHE_VALIDATE_TIMESTAMPS=$PHP_OPCACHE_VALIDATE_TIMESTAMPS_ARG 36 | ENV PHP_OPCACHE_MAX_ACCELERATED_FILES=$PHP_OPCACHE_MAX_ACCELERATED_FILES_ARG 37 | ENV PHP_OPCACHE_MEMORY_CONSUMPTION=$PHP_OPCACHE_MEMORY_CONSUMPTION_ARG 38 | ENV PHP_OPCACHE_MAX_WASTED_PERCENTAGE=$PHP_OPCACHE_MAX_WASTED_PERCENTAGE_ARG 39 | ENV PHP_OPCACHE_INTERNED_STRINGS_BUFFER=$PHP_OPCACHE_INTERNED_STRINGS_BUFFER_ARG 40 | ENV PHP_OPCACHE_FAST_SHUTDOWN=$PHP_OPCACHE_FAST_SHUTDOWN_ARG 41 | 42 | # MozJPEG 43 | ENV MOZJPEG_VERSION="3.3.1" 44 | ENV MOZJPEG_BUILD_DEPS \ 45 | autoconf \ 46 | automake \ 47 | build-base \ 48 | libtool \ 49 | nasm \ 50 | pkgconf \ 51 | tar 52 | 53 | RUN set -ex \ 54 | && apk upgrade --no-cache \ 55 | && apk add --no-cache --virtual .build-deps \ 56 | $PHPIZE_DEPS \ 57 | $MOZJPEG_BUILD_DEPS \ 58 | freetype-dev \ 59 | icu-dev \ 60 | icu-data-full \ 61 | libwebp-dev \ 62 | imagemagick-dev \ 63 | libjpeg-turbo-dev \ 64 | libpng-dev \ 65 | libxml2-dev \ 66 | libzip-dev \ 67 | postgresql-dev \ 68 | && apk add --no-cache \ 69 | gifsicle \ 70 | imagemagick \ 71 | jpegoptim \ 72 | libjpeg-turbo-utils \ 73 | libwebp-tools \ 74 | optipng \ 75 | pngquant \ 76 | && docker-php-ext-configure gd \ 77 | --with-freetype \ 78 | --with-jpeg \ 79 | --with-webp \ 80 | && docker-php-ext-install -j$(nproc) \ 81 | bcmath \ 82 | gd \ 83 | intl \ 84 | opcache \ 85 | pdo \ 86 | pdo_mysql \ 87 | pdo_pgsql \ 88 | soap \ 89 | zip \ 90 | && pecl install \ 91 | imagick \ 92 | redis \ 93 | && docker-php-ext-enable \ 94 | imagick \ 95 | redis 96 | 97 | # https://github.com/craftcms/docker/issues/16 98 | COPY --from=iconv-build /usr/lib/preloadable_libiconv.so /usr/lib/preloadable_libiconv.so 99 | 100 | # https://github.com/docker-library/php/issues/1121 101 | ENV LD_PRELOAD=/usr/lib/preloadable_libiconv.so 102 | 103 | # MozJPEG 104 | WORKDIR /tmp 105 | ADD https://github.com/mozilla/mozjpeg/archive/v${MOZJPEG_VERSION}.tar.gz ./ 106 | RUN set -ex \ 107 | && tar -xzf v${MOZJPEG_VERSION}.tar.gz \ 108 | && cd ./mozjpeg-${MOZJPEG_VERSION} \ 109 | && autoreconf -fiv \ 110 | && ./configure --with-jpeg8 \ 111 | && make \ 112 | && make install 113 | 114 | RUN ln -s /opt/mozjpeg/bin/jpegtran /usr/local/bin/mozjpegtran 115 | RUN ln -s /opt/mozjpeg/bin/cjpeg /usr/local/bin/mozcjpeg 116 | 117 | # Cleanup 118 | RUN RUNTIME_DEPS="$(scanelf --needed --nobanner --recursive /usr/local \ 119 | | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ 120 | | sort -u \ 121 | | xargs -r apk info --installed \ 122 | | sort -u)" \ 123 | && apk add --no-cache --virtual .runtime-deps $RUNTIME_DEPS \ 124 | && apk del --no-network .build-deps \ 125 | && rm -rf /tmp/* 126 | 127 | # copy custom.ini settings 128 | COPY craft-cms.ini /usr/local/etc/php/conf.d/ 129 | 130 | # run container as the www-data user 131 | USER www-data 132 | 133 | # set the working directory for convenience 134 | WORKDIR /app 135 | -------------------------------------------------------------------------------- /8.0/craft-cms-xdebug.ini: -------------------------------------------------------------------------------- 1 | xdebug.mode=develop,debug 2 | -------------------------------------------------------------------------------- /8.0/craft-cms.ini: -------------------------------------------------------------------------------- 1 | memory_limit=${PHP_MEMORY_LIMIT} 2 | max_execution_time=${PHP_MAX_EXECUTION_TIME} 3 | upload_max_filesize=${PHP_UPLOAD_MAX_FILESIZE} 4 | max_input_vars=${PHP_MAX_INPUT_VARS} 5 | post_max_size=${PHP_POST_MAX_SIZE} 6 | register_argc_argv=${PHP_REGISTER_ARGC_ARGV} 7 | [opcache] 8 | opcache.enable=${PHP_OPCACHE_ENABLE} 9 | opcache.revalidate_freq=${PHP_OPCACHE_REVALIDATE_FREQ} 10 | opcache.validate_timestamps=${PHP_OPCACHE_VALIDATE_TIMESTAMPS} 11 | opcache.max_accelerated_files=${PHP_OPCACHE_MAX_ACCELERATED_FILES} 12 | opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION} 13 | opcache.max_wasted_percentage=${PHP_OPCACHE_MAX_WASTED_PERCENTAGE} 14 | opcache.interned_strings_buffer=${PHP_OPCACHE_INTERNED_STRINGS_BUFFER} 15 | opcache.fast_shutdown=${PHP_OPCACHE_FAST_SHUTDOWN} 16 | -------------------------------------------------------------------------------- /8.0/dev.Dockerfile: -------------------------------------------------------------------------------- 1 | ARG PHP_VERSION 2 | ARG PROJECT_TYPE 3 | FROM craftcms/${PROJECT_TYPE}:${PHP_VERSION} 4 | 5 | # disable opcache 6 | ENV PHP_OPCACHE_ENABLE=0 7 | 8 | USER root 9 | 10 | COPY craft-cms-xdebug.ini /usr/local/etc/php/conf.d/ 11 | 12 | RUN set -ex \ 13 | && apk upgrade --no-cache \ 14 | && apk --no-cache add --virtual .build-deps $PHPIZE_DEPS \ 15 | && apk --no-cache add \ 16 | git \ 17 | mariadb-connector-c \ 18 | mysql-client \ 19 | nodejs \ 20 | npm \ 21 | postgresql-client \ 22 | linux-headers \ 23 | && pecl install xdebug \ 24 | && docker-php-ext-enable xdebug \ 25 | && apk del --no-network .build-deps 26 | 27 | # install composer 28 | RUN set -ex && curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/bin --filename=composer 29 | 30 | # expose additional ports for node 31 | EXPOSE 3000 3001 32 | 33 | USER www-data 34 | -------------------------------------------------------------------------------- /8.1/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG PHP_VERSION 2 | ARG PROJECT_TYPE 3 | 4 | FROM alpine:3.13 AS iconv-build 5 | RUN apk upgrade --no-cache \ 6 | && apk add --no-cache gnu-libiconv 7 | 8 | FROM php:${PHP_VERSION}-${PROJECT_TYPE}-alpine3.20 9 | 10 | # setup general options for environment variables 11 | ARG PHP_MEMORY_LIMIT_ARG="256M" 12 | ENV PHP_MEMORY_LIMIT=${PHP_MEMORY_LIMIT_ARG} 13 | ARG PHP_MAX_EXECUTION_TIME_ARG="120" 14 | ENV PHP_MAX_EXECUTION_TIME=${PHP_MAX_EXECUTION_TIME_ARG} 15 | ARG PHP_UPLOAD_MAX_FILESIZE_ARG="20M" 16 | ENV PHP_UPLOAD_MAX_FILESIZE=${PHP_UPLOAD_MAX_FILESIZE_ARG} 17 | ARG PHP_MAX_INPUT_VARS_ARG="1000" 18 | ENV PHP_MAX_INPUT_VARS=${PHP_MAX_INPUT_VARS_ARG} 19 | ARG PHP_POST_MAX_SIZE_ARG="8M" 20 | ENV PHP_POST_MAX_SIZE=${PHP_POST_MAX_SIZE_ARG} 21 | ARG PHP_REGISTER_ARGC_ARGV="0" 22 | ENV PHP_REGISTER_ARGC_ARGV=${PHP_REGISTER_ARGC_ARGV} 23 | 24 | # setup opcache for environment variables 25 | ARG PHP_OPCACHE_ENABLE_ARG="1" 26 | ARG PHP_OPCACHE_REVALIDATE_FREQ_ARG="0" 27 | ARG PHP_OPCACHE_VALIDATE_TIMESTAMPS_ARG="0" 28 | ARG PHP_OPCACHE_MAX_ACCELERATED_FILES_ARG="10000" 29 | ARG PHP_OPCACHE_MEMORY_CONSUMPTION_ARG="128" 30 | ARG PHP_OPCACHE_MAX_WASTED_PERCENTAGE_ARG="10" 31 | ARG PHP_OPCACHE_INTERNED_STRINGS_BUFFER_ARG="16" 32 | ARG PHP_OPCACHE_FAST_SHUTDOWN_ARG="1" 33 | ENV PHP_OPCACHE_ENABLE=$PHP_OPCACHE_ENABLE_ARG 34 | ENV PHP_OPCACHE_REVALIDATE_FREQ=$PHP_OPCACHE_REVALIDATE_FREQ_ARG 35 | ENV PHP_OPCACHE_VALIDATE_TIMESTAMPS=$PHP_OPCACHE_VALIDATE_TIMESTAMPS_ARG 36 | ENV PHP_OPCACHE_MAX_ACCELERATED_FILES=$PHP_OPCACHE_MAX_ACCELERATED_FILES_ARG 37 | ENV PHP_OPCACHE_MEMORY_CONSUMPTION=$PHP_OPCACHE_MEMORY_CONSUMPTION_ARG 38 | ENV PHP_OPCACHE_MAX_WASTED_PERCENTAGE=$PHP_OPCACHE_MAX_WASTED_PERCENTAGE_ARG 39 | ENV PHP_OPCACHE_INTERNED_STRINGS_BUFFER=$PHP_OPCACHE_INTERNED_STRINGS_BUFFER_ARG 40 | ENV PHP_OPCACHE_FAST_SHUTDOWN=$PHP_OPCACHE_FAST_SHUTDOWN_ARG 41 | 42 | # MozJPEG 43 | ENV MOZJPEG_VERSION="3.3.1" 44 | ENV MOZJPEG_BUILD_DEPS \ 45 | autoconf \ 46 | automake \ 47 | build-base \ 48 | libtool \ 49 | nasm \ 50 | pkgconf \ 51 | tar 52 | 53 | RUN set -ex \ 54 | && apk upgrade --no-cache \ 55 | && apk add --no-cache --virtual .build-deps \ 56 | $PHPIZE_DEPS \ 57 | $MOZJPEG_BUILD_DEPS \ 58 | freetype-dev \ 59 | icu-dev \ 60 | icu-data-full \ 61 | libwebp-dev \ 62 | imagemagick-dev \ 63 | libjpeg-turbo-dev \ 64 | libpng-dev \ 65 | libxml2-dev \ 66 | libzip-dev \ 67 | postgresql-dev \ 68 | && apk add --no-cache \ 69 | gifsicle \ 70 | imagemagick \ 71 | jpegoptim \ 72 | libjpeg-turbo-utils \ 73 | libwebp-tools \ 74 | optipng \ 75 | pngquant \ 76 | && docker-php-ext-configure gd \ 77 | --with-freetype \ 78 | --with-jpeg \ 79 | --with-webp \ 80 | && docker-php-ext-install -j$(nproc) \ 81 | bcmath \ 82 | gd \ 83 | intl \ 84 | opcache \ 85 | pdo \ 86 | pdo_mysql \ 87 | pdo_pgsql \ 88 | soap \ 89 | zip \ 90 | && pecl install \ 91 | imagick \ 92 | redis \ 93 | && docker-php-ext-enable \ 94 | imagick \ 95 | redis 96 | 97 | # https://github.com/craftcms/docker/issues/16 98 | COPY --from=iconv-build /usr/lib/preloadable_libiconv.so /usr/lib/preloadable_libiconv.so 99 | 100 | # https://github.com/docker-library/php/issues/1121 101 | ENV LD_PRELOAD=/usr/lib/preloadable_libiconv.so 102 | 103 | # MozJPEG 104 | WORKDIR /tmp 105 | ADD https://github.com/mozilla/mozjpeg/archive/v${MOZJPEG_VERSION}.tar.gz ./ 106 | RUN set -ex \ 107 | && tar -xzf v${MOZJPEG_VERSION}.tar.gz \ 108 | && cd ./mozjpeg-${MOZJPEG_VERSION} \ 109 | && autoreconf -fiv \ 110 | && ./configure --with-jpeg8 \ 111 | && make \ 112 | && make install 113 | 114 | RUN ln -s /opt/mozjpeg/bin/jpegtran /usr/local/bin/mozjpegtran 115 | RUN ln -s /opt/mozjpeg/bin/cjpeg /usr/local/bin/mozcjpeg 116 | 117 | # Cleanup 118 | RUN RUNTIME_DEPS="$(scanelf --needed --nobanner --recursive /usr/local \ 119 | | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ 120 | | sort -u \ 121 | | xargs -r apk info --installed \ 122 | | sort -u)" \ 123 | && apk add --no-cache --virtual .runtime-deps $RUNTIME_DEPS \ 124 | && apk del --no-network .build-deps \ 125 | && rm -rf /tmp/* 126 | 127 | # copy custom.ini settings 128 | COPY craft-cms.ini /usr/local/etc/php/conf.d/ 129 | 130 | # run container as the www-data user 131 | USER www-data 132 | 133 | # set the working directory for convenience 134 | WORKDIR /app 135 | -------------------------------------------------------------------------------- /8.1/craft-cms-xdebug.ini: -------------------------------------------------------------------------------- 1 | xdebug.mode=develop,debug 2 | -------------------------------------------------------------------------------- /8.1/craft-cms.ini: -------------------------------------------------------------------------------- 1 | memory_limit=${PHP_MEMORY_LIMIT} 2 | max_execution_time=${PHP_MAX_EXECUTION_TIME} 3 | upload_max_filesize=${PHP_UPLOAD_MAX_FILESIZE} 4 | max_input_vars=${PHP_MAX_INPUT_VARS} 5 | post_max_size=${PHP_POST_MAX_SIZE} 6 | register_argc_argv=${PHP_REGISTER_ARGC_ARGV} 7 | [opcache] 8 | opcache.enable=${PHP_OPCACHE_ENABLE} 9 | opcache.revalidate_freq=${PHP_OPCACHE_REVALIDATE_FREQ} 10 | opcache.validate_timestamps=${PHP_OPCACHE_VALIDATE_TIMESTAMPS} 11 | opcache.max_accelerated_files=${PHP_OPCACHE_MAX_ACCELERATED_FILES} 12 | opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION} 13 | opcache.max_wasted_percentage=${PHP_OPCACHE_MAX_WASTED_PERCENTAGE} 14 | opcache.interned_strings_buffer=${PHP_OPCACHE_INTERNED_STRINGS_BUFFER} 15 | opcache.fast_shutdown=${PHP_OPCACHE_FAST_SHUTDOWN} 16 | -------------------------------------------------------------------------------- /8.1/dev.Dockerfile: -------------------------------------------------------------------------------- 1 | ARG PHP_VERSION 2 | ARG PROJECT_TYPE 3 | FROM craftcms/${PROJECT_TYPE}:${PHP_VERSION} 4 | 5 | # disable opcache 6 | ENV PHP_OPCACHE_ENABLE=0 7 | 8 | USER root 9 | 10 | COPY craft-cms-xdebug.ini /usr/local/etc/php/conf.d/ 11 | 12 | RUN set -ex \ 13 | && apk upgrade --no-cache \ 14 | && apk --no-cache add --virtual .build-deps $PHPIZE_DEPS \ 15 | && apk --no-cache add \ 16 | git \ 17 | mariadb-connector-c \ 18 | mysql-client \ 19 | nodejs \ 20 | npm \ 21 | postgresql-client \ 22 | linux-headers \ 23 | && pecl install xdebug \ 24 | && docker-php-ext-enable xdebug \ 25 | && apk del --no-network .build-deps 26 | 27 | # install composer 28 | RUN set -ex && curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/bin --filename=composer 29 | 30 | # expose additional ports for node 31 | EXPOSE 3000 3001 32 | 33 | USER www-data 34 | -------------------------------------------------------------------------------- /8.2/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG PHP_VERSION 2 | ARG PROJECT_TYPE 3 | 4 | FROM alpine:3.13 AS iconv-build 5 | RUN apk upgrade --no-cache \ 6 | && apk add --no-cache gnu-libiconv 7 | 8 | FROM php:${PHP_VERSION}-${PROJECT_TYPE}-alpine3.20 9 | 10 | # setup general options for environment variables 11 | ARG PHP_MEMORY_LIMIT_ARG="256M" 12 | ENV PHP_MEMORY_LIMIT=${PHP_MEMORY_LIMIT_ARG} 13 | ARG PHP_MAX_EXECUTION_TIME_ARG="120" 14 | ENV PHP_MAX_EXECUTION_TIME=${PHP_MAX_EXECUTION_TIME_ARG} 15 | ARG PHP_UPLOAD_MAX_FILESIZE_ARG="20M" 16 | ENV PHP_UPLOAD_MAX_FILESIZE=${PHP_UPLOAD_MAX_FILESIZE_ARG} 17 | ARG PHP_MAX_INPUT_VARS_ARG="1000" 18 | ENV PHP_MAX_INPUT_VARS=${PHP_MAX_INPUT_VARS_ARG} 19 | ARG PHP_POST_MAX_SIZE_ARG="8M" 20 | ENV PHP_POST_MAX_SIZE=${PHP_POST_MAX_SIZE_ARG} 21 | ARG PHP_REGISTER_ARGC_ARGV="0" 22 | ENV PHP_REGISTER_ARGC_ARGV=${PHP_REGISTER_ARGC_ARGV} 23 | 24 | # setup opcache for environment variables 25 | ARG PHP_OPCACHE_ENABLE_ARG="1" 26 | ARG PHP_OPCACHE_REVALIDATE_FREQ_ARG="0" 27 | ARG PHP_OPCACHE_VALIDATE_TIMESTAMPS_ARG="0" 28 | ARG PHP_OPCACHE_MAX_ACCELERATED_FILES_ARG="10000" 29 | ARG PHP_OPCACHE_MEMORY_CONSUMPTION_ARG="128" 30 | ARG PHP_OPCACHE_MAX_WASTED_PERCENTAGE_ARG="10" 31 | ARG PHP_OPCACHE_INTERNED_STRINGS_BUFFER_ARG="16" 32 | ARG PHP_OPCACHE_FAST_SHUTDOWN_ARG="1" 33 | ENV PHP_OPCACHE_ENABLE=$PHP_OPCACHE_ENABLE_ARG 34 | ENV PHP_OPCACHE_REVALIDATE_FREQ=$PHP_OPCACHE_REVALIDATE_FREQ_ARG 35 | ENV PHP_OPCACHE_VALIDATE_TIMESTAMPS=$PHP_OPCACHE_VALIDATE_TIMESTAMPS_ARG 36 | ENV PHP_OPCACHE_MAX_ACCELERATED_FILES=$PHP_OPCACHE_MAX_ACCELERATED_FILES_ARG 37 | ENV PHP_OPCACHE_MEMORY_CONSUMPTION=$PHP_OPCACHE_MEMORY_CONSUMPTION_ARG 38 | ENV PHP_OPCACHE_MAX_WASTED_PERCENTAGE=$PHP_OPCACHE_MAX_WASTED_PERCENTAGE_ARG 39 | ENV PHP_OPCACHE_INTERNED_STRINGS_BUFFER=$PHP_OPCACHE_INTERNED_STRINGS_BUFFER_ARG 40 | ENV PHP_OPCACHE_FAST_SHUTDOWN=$PHP_OPCACHE_FAST_SHUTDOWN_ARG 41 | 42 | # MozJPEG 43 | ENV MOZJPEG_VERSION="3.3.1" 44 | ENV MOZJPEG_BUILD_DEPS \ 45 | autoconf \ 46 | automake \ 47 | build-base \ 48 | libtool \ 49 | nasm \ 50 | pkgconf \ 51 | tar 52 | 53 | RUN set -ex \ 54 | && apk upgrade --no-cache \ 55 | && apk add --no-cache --virtual .build-deps \ 56 | $PHPIZE_DEPS \ 57 | $MOZJPEG_BUILD_DEPS \ 58 | freetype-dev \ 59 | icu-dev \ 60 | icu-data-full \ 61 | libwebp-dev \ 62 | imagemagick-dev \ 63 | libjpeg-turbo-dev \ 64 | libpng-dev \ 65 | libxml2-dev \ 66 | libzip-dev \ 67 | postgresql-dev \ 68 | && apk add --no-cache \ 69 | gifsicle \ 70 | imagemagick \ 71 | jpegoptim \ 72 | libjpeg-turbo-utils \ 73 | libwebp-tools \ 74 | optipng \ 75 | pngquant \ 76 | && docker-php-ext-configure gd \ 77 | --with-freetype \ 78 | --with-jpeg \ 79 | --with-webp \ 80 | && docker-php-ext-install -j$(nproc) \ 81 | bcmath \ 82 | gd \ 83 | intl \ 84 | opcache \ 85 | pdo \ 86 | pdo_mysql \ 87 | pdo_pgsql \ 88 | soap \ 89 | zip \ 90 | && pecl install \ 91 | imagick \ 92 | redis \ 93 | && docker-php-ext-enable \ 94 | imagick \ 95 | redis 96 | 97 | # https://github.com/craftcms/docker/issues/16 98 | COPY --from=iconv-build /usr/lib/preloadable_libiconv.so /usr/lib/preloadable_libiconv.so 99 | 100 | # https://github.com/docker-library/php/issues/1121 101 | ENV LD_PRELOAD=usr/lib/preloadable_libiconv.so 102 | 103 | # MozJPEG 104 | WORKDIR /tmp 105 | ADD https://github.com/mozilla/mozjpeg/archive/v${MOZJPEG_VERSION}.tar.gz ./ 106 | RUN set -ex \ 107 | && tar -xzf v${MOZJPEG_VERSION}.tar.gz \ 108 | && cd ./mozjpeg-${MOZJPEG_VERSION} \ 109 | && autoreconf -fiv \ 110 | && ./configure --with-jpeg8 \ 111 | && make \ 112 | && make install 113 | 114 | RUN ln -s /opt/mozjpeg/bin/jpegtran /usr/local/bin/mozjpegtran 115 | RUN ln -s /opt/mozjpeg/bin/cjpeg /usr/local/bin/mozcjpeg 116 | 117 | # Cleanup 118 | RUN RUNTIME_DEPS="$(scanelf --needed --nobanner --recursive /usr/local \ 119 | | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ 120 | | sort -u \ 121 | | xargs -r apk info --installed \ 122 | | sort -u)" \ 123 | && apk add --no-cache --virtual .runtime-deps $RUNTIME_DEPS \ 124 | && apk del --no-network .build-deps \ 125 | && rm -rf /tmp/* 126 | 127 | # copy custom.ini settings 128 | COPY craft-cms.ini /usr/local/etc/php/conf.d/ 129 | 130 | # run container as the www-data user 131 | USER www-data 132 | 133 | # set the working directory for convenience 134 | WORKDIR /app 135 | -------------------------------------------------------------------------------- /8.2/craft-cms-xdebug.ini: -------------------------------------------------------------------------------- 1 | xdebug.mode=develop,debug 2 | -------------------------------------------------------------------------------- /8.2/craft-cms.ini: -------------------------------------------------------------------------------- 1 | memory_limit=${PHP_MEMORY_LIMIT} 2 | max_execution_time=${PHP_MAX_EXECUTION_TIME} 3 | upload_max_filesize=${PHP_UPLOAD_MAX_FILESIZE} 4 | max_input_vars=${PHP_MAX_INPUT_VARS} 5 | post_max_size=${PHP_POST_MAX_SIZE} 6 | register_argc_argv=${PHP_REGISTER_ARGC_ARGV} 7 | [opcache] 8 | opcache.enable=${PHP_OPCACHE_ENABLE} 9 | opcache.revalidate_freq=${PHP_OPCACHE_REVALIDATE_FREQ} 10 | opcache.validate_timestamps=${PHP_OPCACHE_VALIDATE_TIMESTAMPS} 11 | opcache.max_accelerated_files=${PHP_OPCACHE_MAX_ACCELERATED_FILES} 12 | opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION} 13 | opcache.max_wasted_percentage=${PHP_OPCACHE_MAX_WASTED_PERCENTAGE} 14 | opcache.interned_strings_buffer=${PHP_OPCACHE_INTERNED_STRINGS_BUFFER} 15 | opcache.fast_shutdown=${PHP_OPCACHE_FAST_SHUTDOWN} 16 | -------------------------------------------------------------------------------- /8.2/dev.Dockerfile: -------------------------------------------------------------------------------- 1 | ARG PHP_VERSION 2 | ARG PROJECT_TYPE 3 | FROM craftcms/${PROJECT_TYPE}:${PHP_VERSION} 4 | 5 | # disable opcache 6 | ENV PHP_OPCACHE_ENABLE=0 7 | 8 | USER root 9 | 10 | COPY craft-cms-xdebug.ini /usr/local/etc/php/conf.d/ 11 | 12 | RUN set -ex \ 13 | && apk upgrade --no-cache \ 14 | && apk --no-cache add --virtual .build-deps $PHPIZE_DEPS \ 15 | && apk --no-cache add \ 16 | git \ 17 | mariadb-connector-c \ 18 | mysql-client \ 19 | nodejs \ 20 | npm \ 21 | postgresql-client \ 22 | linux-headers \ 23 | && pecl install xdebug \ 24 | && docker-php-ext-enable xdebug \ 25 | && apk del --no-network .build-deps 26 | 27 | # install composer 28 | RUN set -ex && curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/bin --filename=composer 29 | 30 | # expose additional ports for node 31 | EXPOSE 3000 3001 32 | 33 | USER www-data 34 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | # Release Notes for Craft CMS Docker Images 2 | 3 | ## 2.0.0 - 2023-09-03 4 | 5 | - Removed Blackfire by popular demand [#83](https://github.com/craftcms/docker/pull/83/files) (thanks @jawys) 6 | - Fixed nginx logs permission error [#74](https://github.com/craftcms/docker/pull/74) 7 | 8 | ## 1.3.3 - 2021-08-13 9 | 10 | ### Fixed 11 | 12 | - Fix broken runtime dependencies (thanks @kylecotter) 13 | 14 | ## 1.3.2 - 2021-08-13 15 | 16 | ### Changed 17 | 18 | - Build mozjpeg instead of using dependency. 19 | 20 | ## 1.3.1 - 2021-08-10 21 | 22 | ### Changed 23 | 24 | - Removed reference to `host.docker.internal`, as it is not cross-platform [#34](https://github.com/craftcms/docker/issues/34) 25 | 26 | ## 1.3.0 - 2021-08-10 27 | 28 | ### Added 29 | 30 | - Set default `xdebug.mode` [#34](https://github.com/craftcms/docker/issues/34) 31 | - Added common image optimizers: jpegoptim, jpegtran, mozjpeg, optipng, pngquant, gifsicle 32 | 33 | ## 1.2.8 - 2021-04-22 34 | 35 | ### Fixed 36 | 37 | - Fixed an issue with `iconv` build [#35](https://github.com/craftcms/docker/pull/35) 38 | - Fixed a runtime dependency issue with Imagemagick [#32](https://github.com/craftcms/docker/issues/32) 39 | - Fix webp transforms via GD [#33](https://github.com/craftcms/docker/issues/33) 40 | 41 | ### Changed 42 | 43 | - Don't uneccessarily expose xdebug port [#30](https://github.com/craftcms/docker/issues/30) 44 | - Remove EOL PHP versions (`7.0`, `7.1`, `7.2`) 45 | - Use xdebug 3 for all `-dev` variants 46 | - Remove postgres-client from non-dev images 47 | 48 | ## 1.2.7 - 2021-04-22 49 | 50 | ### Added 51 | 52 | - Added an include to `/app/nitro.conf` to the `craftcms/nginx:-dev` images. 53 | 54 | ### Changed 55 | 56 | - `/robots.txt` requests are now passed to `index.php` if the file does not exist. 57 | 58 | ## 1.2.6 - 2021-03-30 59 | 60 | ### Added 61 | 62 | - Added GD JPEG support to PHP images. ([#25](https://github.com/craftcms/docker/issues/25)) 63 | 64 | ## 1.2.5 - 2021-03-29 65 | 66 | ### Changed 67 | 68 | - Expose ports 3000 and 3001 for tools such as nodejs. 69 | 70 | ## 1.2.4 - 2021-03-16 71 | 72 | ### Changed 73 | 74 | - Nodejs and npm are now pre-installed in `craftcms/nginx:-dev` images. 75 | - `craftcms/nginx:-dev` now exposes port 3000 as the "node" port. 76 | 77 | ## 1.2.3 - 2021-03-05 78 | 79 | ### Fixed 80 | 81 | - Fixed a warning when installing Blackfire on ARM devices. 82 | 83 | ## 1.2.2 - 2021-03-05 84 | 85 | ### Added 86 | 87 | - Added the Blackfire PHP extension. 88 | 89 | ## 1.2.1 - 2021-03-02 90 | 91 | ### Changed 92 | 93 | - Added the mariadb-connector-c package to resolve issues with mysql 8.0 for `-dev` images [#19](https://github.com/craftcms/docker/issues/19). 94 | - Allow `txt` files to be sent to PHP [#23](https://github.com/craftcms/docker/issues/23). 95 | 96 | ## 1.2.0 - 2021-02-25 97 | 98 | ### Fixed 99 | 100 | - Fixed an issue with the iconv library [#16](https://github.com/craftcms/docker/issues/16). 101 | 102 | ## 1.1.4 - 2021-02-22 103 | 104 | ### Fixed 105 | 106 | - Fixed a bug where requests for CSS, JS, font files, etc. were not being passed onto index.php when they 404. 107 | 108 | ## 1.1.3 - 2021-02-15 109 | 110 | ### Changed 111 | 112 | - Removed the blackfire extension. 113 | 114 | ## 1.1.2 - 2021-02-15 115 | 116 | ### Changed 117 | 118 | - Changed the CORS header for `craftcms/nginx:-dev` images to allow `*`. 119 | 120 | ### Fixed 121 | 122 | - Fixed an issue with the Blackfire installation script for `php-fpm` and `nginx`. 123 | 124 | ## 1.1.1 - 2021-02-11 125 | 126 | ### Changed 127 | 128 | - Removed Arm v6 and v7 builds to support the Blackfire extension. 129 | 130 | ## 1.1.0 - 2021-02-11 131 | 132 | ### Added 133 | 134 | - Added the `blackfire` extension for all images. [#18](https://github.com/craftcms/docker/issues/18) 135 | 136 | ## 1.0.0 - 2021-02-05 137 | 138 | ### Added 139 | 140 | - Added the `bcmath` extension to all images. 141 | - Added php `7.0` images for `craftcms/cli`, `craftcms/php-fpm`, and `craftcms/nginx`. 142 | - Added multi-architecture images for arm64, arm/v6, arm/v7, and amd64 to support ARM based development environments like Apple Silicon. 143 | - Added an option `NGINX_CONF` ARG to the `craftcms/nginx` images to allow overriding the nginx configuration file to COPY to the image. 144 | - Add PHP 8.0 images without imagick until [this upstream issue](https://github.com/Imagick/imagick/issues/358) is resolved. 145 | - Added `craftcms/php-fpm:7.2`, `craftcms/php-fpm:7.2-dev`, `craftcms/nginx:7.4`, `craftcms/nginx:7.3`, `craftcms/nginx:7.2`, `craftcms/nginx:7.4-dev`, `craftcms/nginx:7.3-dev`, `craftcms/nginx:7.2-dev` images. 146 | - Added `soap` extension to support Commerce ([#11](https://github.com/craftcms/docker/issues/11)) 147 | 148 | ### Changed 149 | 150 | - PHP `7.0` no longer ship with xdebug as `pecl` no longer supports 7.0 (e.g. `pecl/xdebug requires PHP (version >= 7.2.0, version <= 8.0.99), installed version is 7.0.33`). 151 | - `craftcms/php-fpm:-dev` and `craftcms/nginx:-dev` images now include `git`. 152 | - `craftcms/php-fpm:-dev` and `craftcms/nginx:-dev` images now include backup tools for mysql and postgres databases. 153 | - All `-dev*` images now ship with composer installed by default. 154 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | .PHONY: build snyk 2 | 3 | LOCAL_PHP_VERSION ?= 8.2 4 | 5 | build: all-cli all-cli-dev all-php-fpm all-php-fpm-dev all-nginx all-nginx-dev 6 | snyk: snyk-all-cli snyk-all-cli-dev snyk-all-php-fpm snyk-all-php-fpm-dev snyk-all-nginx snyk-all-nginx-dev 7 | 8 | all-cli: 9 | docker buildx build --load --platform linux/amd64 --builder all-platforms \ 10 | --build-arg PHP_VERSION=8.2 \ 11 | --build-arg PROJECT_TYPE=cli \ 12 | -t craftcms/cli:8.2 8.2 13 | docker buildx build --load --platform linux/amd64 --builder all-platforms \ 14 | --build-arg PHP_VERSION=8.1 \ 15 | --build-arg PROJECT_TYPE=cli \ 16 | -t craftcms/cli:8.1 8.1 17 | docker buildx build --load --platform linux/amd64 --builder all-platforms \ 18 | --build-arg PHP_VERSION=8.0 \ 19 | --build-arg PROJECT_TYPE=cli \ 20 | -t craftcms/cli:8.0 8.0 21 | 22 | all-cli-dev: 23 | docker buildx build --load --platform linux/amd64 --builder all-platforms \ 24 | -f 8.2/dev.Dockerfile \ 25 | --build-arg PHP_VERSION=8.2 \ 26 | --build-arg PROJECT_TYPE=cli \ 27 | -t craftcms/cli:8.2-dev 8.2 28 | docker buildx build --load --platform linux/amd64 --builder all-platforms \ 29 | -f 8.1/dev.Dockerfile \ 30 | --build-arg PHP_VERSION=8.1 \ 31 | --build-arg PROJECT_TYPE=cli \ 32 | -t craftcms/cli:8.1-dev 8.1 33 | docker buildx build --load --platform linux/amd64 --builder all-platforms \ 34 | -f 8.0/dev.Dockerfile \ 35 | --build-arg PHP_VERSION=8.0 \ 36 | --build-arg PROJECT_TYPE=cli \ 37 | -t craftcms/cli:8.0-dev 8.0 38 | 39 | all-php-fpm: 40 | docker buildx build --load --platform linux/amd64 --builder all-platforms \ 41 | --build-arg PHP_VERSION=8.2 \ 42 | --build-arg PROJECT_TYPE=fpm \ 43 | -t craftcms/php-fpm:8.2 8.2 44 | docker buildx build --load --platform linux/amd64 --builder all-platforms \ 45 | --build-arg PHP_VERSION=8.1 \ 46 | --build-arg PROJECT_TYPE=fpm \ 47 | -t craftcms/php-fpm:8.1 8.1 48 | docker buildx build --load --platform linux/amd64 --builder all-platforms \ 49 | --build-arg PHP_VERSION=8.0 \ 50 | --build-arg PROJECT_TYPE=fpm \ 51 | -t craftcms/php-fpm:8.0 8.0 52 | 53 | all-php-fpm-dev: 54 | docker buildx build --load --platform linux/amd64 --builder all-platforms \ 55 | -f 8.2/dev.Dockerfile \ 56 | --build-arg PHP_VERSION=8.2 \ 57 | --build-arg PROJECT_TYPE=php-fpm \ 58 | -t craftcms/php-fpm:8.2-dev 8.2 59 | docker buildx build --load --platform linux/amd64 --builder all-platforms \ 60 | -f 8.1/dev.Dockerfile \ 61 | --build-arg PHP_VERSION=8.1 \ 62 | --build-arg PROJECT_TYPE=php-fpm \ 63 | -t craftcms/php-fpm:8.1-dev 8.1 64 | docker buildx build --load --platform linux/amd64 --builder all-platforms \ 65 | -f 8.0/dev.Dockerfile \ 66 | --build-arg PHP_VERSION=8.0 \ 67 | --build-arg PROJECT_TYPE=php-fpm \ 68 | -t craftcms/php-fpm:8.0-dev 8.0 69 | 70 | all-nginx: 71 | docker buildx build --load --platform linux/amd64 --builder all-platforms \ 72 | --build-arg PHP_VERSION=8.2 \ 73 | -t craftcms/nginx:8.2 nginx 74 | docker buildx build --load --platform linux/amd64 --builder all-platforms \ 75 | --build-arg PHP_VERSION=8.1 \ 76 | -t craftcms/nginx:8.1 nginx 77 | docker buildx build --load --platform linux/amd64 --builder all-platforms \ 78 | --build-arg PHP_VERSION=8.0 \ 79 | -t craftcms/nginx:8.0 nginx 80 | 81 | all-nginx-dev: 82 | docker buildx build --load --platform linux/amd64 --builder all-platforms \ 83 | --build-arg PHP_VERSION=8.2 \ 84 | --build-arg NGINX_CONF=dev.default.conf \ 85 | -t craftcms/nginx:8.2-dev nginx 86 | docker buildx build --load --platform linux/amd64 --builder all-platforms \ 87 | --build-arg PHP_VERSION=8.1 \ 88 | --build-arg NGINX_CONF=dev.default.conf \ 89 | -t craftcms/nginx:8.1-dev nginx 90 | docker buildx build --load --platform linux/amd64 --builder all-platforms \ 91 | --build-arg PHP_VERSION=8.0 \ 92 | --build-arg NGINX_CONF=dev.default.conf \ 93 | -t craftcms/nginx:8.0-dev nginx 94 | 95 | setup: 96 | docker buildx create --name all-platforms --platform linux/amd64,linux/arm64 97 | docker buildx use all-platforms 98 | docker buildx inspect --bootstrap 99 | 100 | local: 101 | docker buildx build --load --platform linux/amd64 \ 102 | --build-arg PHP_VERSION=${LOCAL_PHP_VERSION} \ 103 | --build-arg PROJECT_TYPE=fpm \ 104 | -t craftcms/php-fpm:${LOCAL_PHP_VERSION} ${LOCAL_PHP_VERSION} 105 | docker buildx build --load --platform linux/amd64 \ 106 | -f ${LOCAL_PHP_VERSION}/dev.Dockerfile \ 107 | --build-arg PHP_VERSION=${LOCAL_PHP_VERSION} \ 108 | --build-arg PROJECT_TYPE=php-fpm \ 109 | -t craftcms/php-fpm:${LOCAL_PHP_VERSION}-dev ${LOCAL_PHP_VERSION} 110 | 111 | docker buildx build --load --platform linux/amd64 \ 112 | --build-arg PHP_VERSION=${LOCAL_PHP_VERSION} \ 113 | --build-arg PROJECT_TYPE=cli \ 114 | -t craftcms/cli:${LOCAL_PHP_VERSION} ${LOCAL_PHP_VERSION} 115 | docker buildx build --load --platform linux/amd64 \ 116 | -f ${LOCAL_PHP_VERSION}/dev.Dockerfile \ 117 | --build-arg PHP_VERSION=${LOCAL_PHP_VERSION} \ 118 | --build-arg PROJECT_TYPE=cli \ 119 | -t craftcms/cli:${LOCAL_PHP_VERSION}-dev ${LOCAL_PHP_VERSION} 120 | 121 | docker buildx build --load --platform linux/amd64 \ 122 | --build-arg PHP_VERSION=${LOCAL_PHP_VERSION} \ 123 | -t craftcms/nginx:${LOCAL_PHP_VERSION} nginx 124 | docker buildx build --load --platform linux/amd64 \ 125 | --build-arg PHP_VERSION=${LOCAL_PHP_VERSION} \ 126 | --build-arg NGINX_CONF=dev.default.conf \ 127 | -t craftcms/nginx:${LOCAL_PHP_VERSION}-dev nginx 128 | 129 | run: 130 | docker buildx build --load --platform linux/amd64 \ 131 | --build-arg PHP_VERSION=${LOCAL_PHP_VERSION} \ 132 | --build-arg PROJECT_TYPE=fpm \ 133 | -t craftcms/php-fpm:${LOCAL_PHP_VERSION} ${LOCAL_PHP_VERSION} 134 | docker run --rm -it craftcms/php-fpm:${LOCAL_PHP_VERSION} sh 135 | 136 | run-dev: 137 | docker buildx build --load --platform linux/amd64 \ 138 | -f ${LOCAL_PHP_VERSION}/dev.Dockerfile \ 139 | --build-arg PHP_VERSION=${LOCAL_PHP_VERSION} \ 140 | --build-arg PROJECT_TYPE=php-fpm \ 141 | -t craftcms/php-fpm:${LOCAL_PHP_VERSION}-dev ${LOCAL_PHP_VERSION} 142 | docker run --rm -it craftcms/php-fpm:${LOCAL_PHP_VERSION}-dev sh 143 | 144 | snyk-local: 145 | snyk container test \ 146 | craftcms/php-fpm:${LOCAL_PHP_VERSION} \ 147 | craftcms/php-fpm:${LOCAL_PHP_VERSION}-dev \ 148 | craftcms/cli:${LOCAL_PHP_VERSION} \ 149 | craftcms/cli:${LOCAL_PHP_VERSION}-dev \ 150 | craftcms/nginx:${LOCAL_PHP_VERSION} \ 151 | craftcms/nginx:${LOCAL_PHP_VERSION}-dev 152 | 153 | snyk-all-cli: 154 | snyk container test \ 155 | craftcms/cli:8.2 \ 156 | craftcms/cli:8.1 \ 157 | craftcms/cli:8.0 158 | 159 | snyk-all-cli-dev: 160 | snyk container test \ 161 | craftcms/cli:8.2-dev \ 162 | craftcms/cli:8.1-dev \ 163 | craftcms/cli:8.0-dev 164 | 165 | snyk-all-php-fpm: 166 | snyk container test \ 167 | craftcms/php-fpm:8.2 \ 168 | craftcms/php-fpm:8.1 \ 169 | craftcms/php-fpm:8.0 170 | 171 | snyk-all-php-fpm-dev: 172 | snyk container test \ 173 | craftcms/php-fpm:8.2-dev \ 174 | craftcms/php-fpm:8.1-dev \ 175 | craftcms/php-fpm:8.0-dev 176 | 177 | snyk-all-nginx: 178 | snyk container test \ 179 | craftcms/nginx:8.2 \ 180 | craftcms/nginx:8.1 \ 181 | craftcms/nginx:8.0 182 | 183 | snyk-all-nginx-dev: 184 | snyk container test \ 185 | craftcms/nginx:8.2-dev \ 186 | craftcms/nginx:8.1-dev \ 187 | craftcms/nginx:8.0-dev 188 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Craft Docker Images 2 | 3 | > _Note_: We are going to deprecate these images and archive this repository. Please see [this issue](https://github.com/craftcms/docker/issues/93) for additional details. New images are located at [craftcms/image](https://github.com/craftcms/image). 4 | 5 | These images are provided as a starting point for your Docker-based Craft CMS deployments. They’re discrete, lightweight, and pre-configured to meet Craft’s requirements in production and development environments. 6 | 7 | ## Images 8 | 9 | There are three main "types" of images provided for different types of applications; `php-fpm`, `nginx`, and `cli`. Each image allows the developer to select a PHP version (e.g. `craftcms/nginx:8.2`). 10 | 11 | Each image and PHP version also provides a `-dev` variant which has Xdebug installed and is useful for local development (e.g. `craftcms/php-fpm:8.2-dev`), as well as database tools for creating and restoring backups. Images that do not include `-dev` are considered production. 12 | 13 | > Note: you are not required to use `-dev` images for local development, they are provided with Xdebug and to make debugging easier. 14 | 15 | To keep the production images lean and secure, database tools are NOT included by default (they are included in the `-dev` variants). If you want to create database backups from the Craft control panel, you will need to [install these yourself](#database-tools). 16 | 17 | Supported PHP versions are aligned with [PHP's official support](https://www.php.net/supported-versions.php), meaning that once a PHP version is EOL, we will no longer build new images for that version. 18 | 19 | ### php-fpm 20 | 21 | [![craftcms/php-fpm](https://img.shields.io/docker/pulls/craftcms/php-fpm.svg)](https://hub.docker.com/r/craftcms/php-fpm) 22 | 23 | The `php-fpm` image is provided as the base image (and is also used for the `nginx` image) and requires you "bring your own server". 24 | 25 | | Image | Use | Environment | Status | 26 | | -------------------------- | --- | ------------- | ----------------- | 27 | | `craftcms/php-fpm:8.2` | web | `production` | | 28 | | `craftcms/php-fpm:8.2-dev` | web | `development` | | 29 | | `craftcms/php-fpm:8.1` | web | `production` | | 30 | | `craftcms/php-fpm:8.1-dev` | web | `development` | | 31 | | `craftcms/php-fpm:8.0` | web | `production` | EOL on 2023-11-26 | 32 | | `craftcms/php-fpm:8.0-dev` | web | `development` | EOL on 2023-11-26 | 33 | | `craftcms/php-fpm:7.4` | web | `production` | EOL | 34 | | `craftcms/php-fpm:7.4-dev` | web | `development` | EOL | 35 | | `craftcms/php-fpm:7.3` | web | `production` | EOL | 36 | | `craftcms/php-fpm:7.3-dev` | web | `development` | EOL | 37 | | `craftcms/php-fpm:7.2` | web | `production` | EOL | 38 | | `craftcms/php-fpm:7.2-dev` | web | `development` | EOL | 39 | | `craftcms/php-fpm:7.1` | web | `production` | EOL | 40 | | `craftcms/php-fpm:7.1-dev` | web | `development` | EOL | 41 | | `craftcms/php-fpm:7.0` | web | `production` | EOL | 42 | | `craftcms/php-fpm:7.0-dev` | web | `development` | EOL | 43 | 44 | ### Nginx 45 | 46 | [![craftcms/nginx](https://img.shields.io/docker/pulls/craftcms/nginx.svg)](https://hub.docker.com/r/craftcms/nginx) 47 | 48 | The `nginx` image is used for a typical installation and includes an Nginx server configured for Craft CMS and php-fpm. 49 | 50 | | Image | Use | Environment | Status | 51 | | ------------------------ | --- | ------------- | ----------------- | 52 | | `craftcms/nginx:8.2` | web | `production` | | 53 | | `craftcms/nginx:8.2-dev` | web | `development` | | 54 | | `craftcms/nginx:8.1` | web | `production` | | 55 | | `craftcms/nginx:8.1-dev` | web | `development` | | 56 | | `craftcms/nginx:8.0` | web | `production` | EOL on 2023-11-26 | 57 | | `craftcms/nginx:8.0-dev` | web | `development` | EOL on 2023-11-26 | 58 | | `craftcms/nginx:7.4` | web | `production` | EOL | 59 | | `craftcms/nginx:7.4-dev` | web | `development` | EOL | 60 | | `craftcms/nginx:7.3` | web | `production` | EOL | 61 | | `craftcms/nginx:7.3-dev` | web | `development` | EOL | 62 | | `craftcms/nginx:7.2` | web | `production` | EOL | 63 | | `craftcms/nginx:7.2-dev` | web | `development` | EOL | 64 | | `craftcms/nginx:7.1` | web | `production` | EOL | 65 | | `craftcms/nginx:7.1-dev` | web | `development` | EOL | 66 | | `craftcms/nginx:7.0` | web | `production` | EOL | 67 | | `craftcms/nginx:7.0-dev` | web | `development` | EOL | 68 | 69 | ### cli 70 | 71 | [![craftcms/cli](https://img.shields.io/docker/pulls/craftcms/cli.svg)](https://hub.docker.com/r/craftcms/cli) 72 | 73 | The image type `cli` which is used to run queues, migrations, etc. and the image does not expose ports for HTTP/S or PHP-FPM. 74 | 75 | | Image | Use | Environment | Status | 76 | | ---------------------- | --- | ------------- | ----------------- | 77 | | `craftcms/cli:8.2` | web | `production` | | 78 | | `craftcms/cli:8.2-dev` | web | `development` | | 79 | | `craftcms/cli:8.1` | web | `production` | | 80 | | `craftcms/cli:8.1-dev` | web | `development` | | 81 | | `craftcms/cli:8.0` | web | `production` | EOL on 2023-11-26 | 82 | | `craftcms/cli:8.0-dev` | web | `development` | EOL on 2023-11-26 | 83 | | `craftcms/cli:7.4` | web | `production` | EOL | 84 | | `craftcms/cli:7.4-dev` | web | `development` | EOL | 85 | | `craftcms/cli:7.3` | web | `production` | EOL | 86 | | `craftcms/cli:7.3-dev` | web | `development` | EOL | 87 | | `craftcms/cli:7.2` | web | `production` | EOL | 88 | | `craftcms/cli:7.2-dev` | web | `development` | EOL | 89 | | `craftcms/cli:7.1` | web | `production` | EOL | 90 | | `craftcms/cli:7.1-dev` | web | `development` | EOL | 91 | | `craftcms/cli:7.0` | web | `production` | EOL | 92 | | `craftcms/cli:7.0-dev` | web | `development` | EOL | 93 | 94 | ## Usage 95 | 96 | There are two main types of images: `php-fpm` for handling the web application, and `cli` for running queues and other Craft CLI commands. Additionally, we provide an `nginx` image, which combines `php-fpm` and `nginx` into a single image for simplicity and ease of development. 97 | 98 | This example uses a Docker [multi-stage build](https://docs.docker.com/develop/develop-images/multistage-build/) to install composer dependencies inside a separate layer before copying them into the final image. 99 | 100 | ```dockerfile 101 | # use a multi-stage build for dependencies 102 | FROM composer:2 as vendor 103 | COPY composer.json composer.json 104 | COPY composer.lock composer.lock 105 | RUN composer install --ignore-platform-reqs --no-interaction --prefer-dist 106 | 107 | FROM craftcms/php-fpm:8.2 108 | 109 | # the user is `www-data`, so we copy the files using the user and group 110 | COPY --chown=www-data:www-data --from=vendor /app/vendor/ /app/vendor/ 111 | COPY --chown=www-data:www-data . . 112 | ``` 113 | 114 | ### Database tools 115 | 116 | This example uses the `craftcms/nginx` repository and installs the database tools to enable backups from the Craft CMS control panel. Note: These will be included automatically if using the `-dev` image variants. 117 | 118 | ```dockerfile 119 | # composer dependencies 120 | FROM composer:2 as vendor 121 | COPY composer.json composer.json 122 | COPY composer.lock composer.lock 123 | RUN composer install --ignore-platform-reqs --no-interaction --prefer-dist 124 | 125 | FROM craftcms/nginx:8.2 126 | 127 | # switch to the root user to install mysql tools 128 | USER root 129 | RUN apk add --no-cache mysql-client postgresql-client 130 | USER www-data 131 | 132 | # the user is `www-data`, so we copy the files using the user and group 133 | COPY --chown=www-data:www-data --from=vendor /app/vendor/ /app/vendor/ 134 | COPY --chown=www-data:www-data . . 135 | ``` 136 | 137 | ## Permissions 138 | 139 | The image is designed to be run by a `www-data` user that owns of the image’s `/app` directory. Running as non-root is considered a Docker best practice, especially when shipping container images to production. 140 | 141 | > Note: You can use the `USER root` directive to switch back to `root` to install any additional packages you need. 142 | 143 | ## Running Locally with Docker Compose 144 | 145 | We recommend running Docker locally if you’re shipping your project to a Docker-based environment such as Amazon Web Services Elastic Container Services (ECS). The following Docker Compose file will setup your local environment with the following: 146 | 147 | 1. `web` service that will handle running PHP and Nginx 148 | 2. `postgres` service that will store your content 149 | 3. `console` service that will run the queue locally 150 | 4. `redis` service that will handle queue and caching 151 | 152 | ```yaml 153 | version: "3.6" 154 | services: 155 | console: 156 | image: craftcms/cli:8.2-dev 157 | env_file: .env 158 | environment: 159 | XDEBUG_CONFIG: client_host=host.docker.internal 160 | depends_on: 161 | postgres: 162 | condition: service_healthy 163 | redis: 164 | condition: service_healthy 165 | volumes: 166 | - .:/app 167 | command: php craft queue/listen 168 | 169 | web: 170 | image: craftcms/nginx:8.2-dev 171 | ports: 172 | - 8080:8080 173 | env_file: .env 174 | environment: 175 | XDEBUG_CONFIG: client_host=host.docker.internal 176 | depends_on: 177 | postgres: 178 | condition: service_healthy 179 | redis: 180 | condition: service_healthy 181 | volumes: 182 | - .:/app 183 | 184 | postgres: 185 | image: postgres:13-alpine 186 | ports: 187 | - 5432:5432 188 | environment: 189 | POSTGRES_DB: dev_craftcms 190 | POSTGRES_USER: craftcms 191 | POSTGRES_PASSWORD: SecretPassword 192 | volumes: 193 | - db_data:/var/lib/postgresql/data 194 | healthcheck: 195 | test: ["CMD", "pg_isready", "-U", "craftcms", "-d", "dev_craftcms"] 196 | interval: 5s 197 | retries: 3 198 | 199 | redis: 200 | image: redis:5-alpine 201 | ports: 202 | - 6379:6379 203 | healthcheck: 204 | test: ["CMD", "redis-cli", "ping"] 205 | 206 | volumes: 207 | db_data: 208 | ``` 209 | 210 | ## Using Xdebug 211 | 212 | Xdebug is install on the `-dev` image variants, but you will still need to set `xdebug.client_host`. 213 | We do not do this in our images, as it is platform-specific. However, if you are on Docker Desktop for Mac or Windows, you can use `host.docker.internal`. 214 | 215 | This can be done via environment variable: `XDEBUG_CONFIG=client_host=host.docker.internal`. [See example](#running-locally-with-docker-compose) 216 | 217 | ## Installing Extensions 218 | 219 | This image is based off the [official Docker PHP FPM image](https://hub.docker.com/_/php) (Alpine Linux). Therefore you can use all of the tools to install PHP extensions. To install an extension, you have to switch to the `root` user. This example switches to the `root` user to install the [`sockets` extension](https://www.php.net/manual/en/book.sockets.php) for PHP 8.2. Note that it switches back to `www-data` after installation: 220 | 221 | ```dockerfile 222 | FROM craftcms/php-fpm:8.2 223 | 224 | # switch to the root user 225 | USER root 226 | RUN docker-php-ext-install sockets 227 | USER www-data 228 | 229 | # the user is www-data, so we copy the files using the user and group 230 | COPY --chown=www-data:www-data --from=vendor /app/vendor/ /app/vendor/ 231 | COPY --chown=www-data:www-data . . 232 | ``` 233 | 234 | ## Customizing PHP Settings 235 | 236 | Some PHP settings may be customized by setting environment variables for the `php-fpm` or `cli` images. 237 | 238 | In this example, we’re setting the PHP memory limit to `512M` rather than the default `256M`: 239 | 240 | ```yaml 241 | version: "3.6" 242 | services: 243 | php-fpm: 244 | image: craftcms/php-fpm:8.2-dev 245 | volumes: 246 | - .:/app 247 | env_file: .env 248 | environment: 249 | PHP_MEMORY_LIMIT: 512M 250 | # ... 251 | ``` 252 | 253 | ### Customizable Settings 254 | 255 | | PHP Setting | Environment Variable | Default Value | 256 | | --------------------------------- | ------------------------------------- | ------------- | 257 | | `memory_limit` | `PHP_MEMORY_LIMIT` | `256M` | 258 | | `max_execution_time` | `PHP_MAX_EXECUTION_TIME` | `120` | 259 | | `upload_max_filesize` | `PHP_UPLOAD_MAX_FILESIZE` | `20M` | 260 | | `max_input_vars` | `PHP_MAX_INPUT_VARS` | `1000` | 261 | | `post_max_size` | `PHP_POST_MAX_SIZE` | `8M` | 262 | | `opcache.enable` | `PHP_OPCACHE_ENABLE` | `1` | 263 | | `opcache.revalidate_freq` | `PHP_OPCACHE_REVALIDATE_FREQ` | `0` | 264 | | `opcache.validate_timestamps` | `PHP_OPCACHE_VALIDATE_TIMESTAMPS` | `0` | 265 | | `opcache.max_accelerated_files` | `PHP_OPCACHE_MAX_ACCELERATED_FILES` | `10000` | 266 | | `opcache.memory_consumption` | `PHP_OPCACHE_MEMORY_CONSUMPTION` | `256` | 267 | | `opcache.max_wasted_percentage` | `PHP_OPCACHE_MAX_WASTED_PERCENTAGE` | `10` | 268 | | `opcache.interned_strings_buffer` | `PHP_OPCACHE_INTERNED_STRINGS_BUFFER` | `16` | 269 | | `opcache.fast_shutdown` | `PHP_OPCACHE_FAST_SHUTDOWN` | `1` | 270 | -------------------------------------------------------------------------------- /nginx/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG PHP_VERSION 2 | FROM craftcms/php-fpm:${PHP_VERSION} 3 | 4 | ARG NGINX_CONF=default.conf 5 | 6 | # install supervisor and nginx 7 | USER root 8 | RUN apk update --no-cache && apk add --no-cache supervisor nginx 9 | COPY supervisor.conf /etc/supervisor/conf.d/supervisor.conf 10 | COPY nginx.conf /etc/nginx/nginx.conf 11 | COPY craftcms/general.conf /etc/nginx/craftcms/ 12 | COPY craftcms/php_fastcgi.conf /etc/nginx/craftcms/ 13 | COPY craftcms/security.conf /etc/nginx/craftcms/ 14 | COPY ${NGINX_CONF} /etc/nginx/conf.d/default.conf 15 | RUN touch /run/nginx.pid 16 | RUN touch /run/supervisord.pid 17 | RUN chown www-data /run/nginx.pid 18 | RUN chown www-data /run/supervisord.pid 19 | RUN chown -R www-data:www-data /var/lib/nginx/ 20 | USER www-data 21 | 22 | EXPOSE 8080 23 | ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisor.conf"] 24 | 25 | # ONBUILD COPY --chown=www-data:www-data . . 26 | -------------------------------------------------------------------------------- /nginx/craftcms/general.conf: -------------------------------------------------------------------------------- 1 | # favicon.ico 2 | location = /favicon.ico { 3 | log_not_found off; 4 | access_log off; 5 | } 6 | 7 | # robots.txt 8 | location = /robots.txt { 9 | try_files $uri /index.php?$query_string; 10 | log_not_found off; 11 | access_log off; 12 | } 13 | 14 | # assets, media 15 | location ~* \.(?:css(\.map)?|js(\.map)?|jpe?g|png|gif|ico|cur|heic|webp|tiff?|mp3|m4a|aac|ogg|midi?|wav|mp4|mov|webm|mpe?g|avi|ogv|flv|wmv|txt)$ { 16 | try_files $uri /index.php?$query_string; 17 | expires 7d; 18 | access_log off; 19 | } 20 | 21 | # svg, fonts 22 | location ~* \.(?:svgz?|ttf|ttc|otf|eot|woff2?)$ { 23 | try_files $uri /index.php?$query_string; 24 | add_header Access-Control-Allow-Origin "*"; 25 | expires 7d; 26 | access_log off; 27 | } 28 | 29 | # gzip 30 | gzip on; 31 | gzip_vary on; 32 | gzip_proxied any; 33 | gzip_comp_level 6; 34 | gzip_types text/plain text/css text/xml application/json application/javascript application/rss+xml application/atom+xml image/svg+xml; 35 | 36 | # # brotli 37 | # brotli on; 38 | # brotli_comp_level 6; 39 | # brotli_types text/plain text/css text/xml application/json application/javascript application/rss+xml application/atom+xml image/svg+xml; 40 | -------------------------------------------------------------------------------- /nginx/craftcms/php_fastcgi.conf: -------------------------------------------------------------------------------- 1 | # 404 2 | try_files $fastcgi_script_name =404; 3 | 4 | # default fastcgi_params 5 | include fastcgi_params; 6 | 7 | # fastcgi settings 8 | fastcgi_pass 127.0.0.1:9000; 9 | fastcgi_index index.php; 10 | fastcgi_buffers 8 16k; 11 | fastcgi_buffer_size 32k; 12 | 13 | # fastcgi params 14 | fastcgi_param DOCUMENT_ROOT $realpath_root; 15 | fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; 16 | -------------------------------------------------------------------------------- /nginx/craftcms/security.conf: -------------------------------------------------------------------------------- 1 | # security headers 2 | add_header X-Frame-Options "SAMEORIGIN" always; 3 | add_header X-XSS-Protection "1; mode=block" always; 4 | add_header X-Content-Type-Options "nosniff" always; 5 | add_header Referrer-Policy "no-referrer-when-downgrade" always; 6 | #add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always; 7 | 8 | # . files 9 | location ~ /\.(?!well-known) { 10 | deny all; 11 | } 12 | -------------------------------------------------------------------------------- /nginx/default.conf: -------------------------------------------------------------------------------- 1 | server { 2 | listen 8080 default_server; 3 | listen [::]:8080 default_server; 4 | server_name _; 5 | set $base /app; 6 | root $base/web; 7 | 8 | # security 9 | include craftcms/security.conf; 10 | 11 | # index.php 12 | index index.php; 13 | 14 | # index.php fallback 15 | location / { 16 | try_files $uri $uri/ /index.php?$query_string; 17 | } 18 | 19 | # additional config 20 | include craftcms/general.conf; 21 | 22 | # handle .php 23 | location ~ \.php$ { 24 | include craftcms/php_fastcgi.conf; 25 | } 26 | 27 | # Allow fpm ping and status from localhost 28 | location ~ ^/(fpm-status|fpm-ping)$ { 29 | access_log off; 30 | allow 127.0.0.1; 31 | deny all; 32 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 33 | include fastcgi_params; 34 | fastcgi_pass 127.0.0.1:9000; 35 | } 36 | } 37 | -------------------------------------------------------------------------------- /nginx/dev.default.conf: -------------------------------------------------------------------------------- 1 | server { 2 | listen 8080 default_server; 3 | listen [::]:8080 default_server; 4 | server_name _; 5 | set $base /app; 6 | root $base/web; 7 | 8 | proxy_send_timeout 240s; 9 | proxy_read_timeout 240s; 10 | fastcgi_send_timeout 240s; 11 | fastcgi_read_timeout 240s; 12 | client_max_body_size 100M; 13 | 14 | # security 15 | include craftcms/security.conf; 16 | 17 | # include custom configuration for nitro 18 | include /app/*nitro.conf; 19 | 20 | # index.php 21 | index index.php; 22 | 23 | # index.php fallback 24 | location / { 25 | # allow cors 26 | add_header Access-Control-Allow-Origin *; 27 | 28 | try_files $uri $uri/ /index.php?$query_string; 29 | } 30 | 31 | # additional config 32 | include craftcms/general.conf; 33 | 34 | # handle .php 35 | location ~ \.php$ { 36 | include craftcms/php_fastcgi.conf; 37 | } 38 | 39 | # Allow fpm ping and status from localhost 40 | location ~ ^/(fpm-status|fpm-ping)$ { 41 | access_log off; 42 | allow 127.0.0.1; 43 | deny all; 44 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 45 | include fastcgi_params; 46 | fastcgi_pass 127.0.0.1:9000; 47 | } 48 | } 49 | -------------------------------------------------------------------------------- /nginx/nginx.conf: -------------------------------------------------------------------------------- 1 | pid /run/nginx.pid; 2 | worker_processes auto; 3 | worker_rlimit_nofile 65535; 4 | error_log /dev/stdout; 5 | 6 | events { 7 | multi_accept on; 8 | worker_connections 65535; 9 | } 10 | 11 | http { 12 | charset utf-8; 13 | sendfile on; 14 | tcp_nopush on; 15 | tcp_nodelay on; 16 | server_tokens off; 17 | log_not_found off; 18 | types_hash_max_size 2048; 19 | client_max_body_size 25M; 20 | 21 | # MIME 22 | include mime.types; 23 | default_type application/octet-stream; 24 | 25 | # Logging 26 | 27 | # Define custom log format to include reponse times 28 | log_format main_timed '$remote_addr - $remote_user [$time_local] "$request" ' 29 | '$status $body_bytes_sent "$http_referer" ' 30 | '"$http_user_agent" "$http_x_forwarded_for" ' 31 | '$request_time $upstream_response_time $pipe $upstream_cache_status'; 32 | access_log /dev/stdout main_timed; 33 | 34 | # write to tmp for non-privileged user 35 | client_body_temp_path /tmp/client_temp; 36 | proxy_temp_path /tmp/proxy_temp_path; 37 | fastcgi_temp_path /tmp/fastcgi_temp; 38 | uwsgi_temp_path /tmp/uwsgi_temp; 39 | scgi_temp_path /tmp/scgi_temp; 40 | 41 | # Load configs 42 | include /etc/nginx/conf.d/*.conf; 43 | include /etc/nginx/sites-enabled/*; 44 | } 45 | -------------------------------------------------------------------------------- /nginx/supervisor.conf: -------------------------------------------------------------------------------- 1 | [supervisord] 2 | nodaemon=true 3 | logfile=/dev/null 4 | logfile_maxbytes=0 5 | pidfile=/run/supervisord.pid 6 | 7 | [program:php-fpm] 8 | command=php-fpm --nodaemonize 9 | stdout_logfile=/dev/stdout 10 | stdout_logfile_maxbytes=0 11 | stderr_logfile=/dev/stderr 12 | stderr_logfile_maxbytes=0 13 | startretries=0 14 | autorestart=false 15 | 16 | [program:nginx] 17 | command=nginx -g 'daemon off;' 18 | stdout_logfile=/dev/stdout 19 | stdout_logfile_maxbytes=0 20 | stderr_logfile=/dev/stderr 21 | stderr_logfile_maxbytes=0 22 | startretries=0 23 | autorestart=true 24 | --------------------------------------------------------------------------------