├── 7.2 ├── base │ ├── Dockerfile │ ├── defaults.ini │ ├── entrypoint.sh │ ├── nginx.conf.tpl │ ├── nginx_ssl.conf.tpl │ └── php-fpm.conf.tpl ├── build-images.sh ├── php-all-exts │ └── Dockerfile └── push-images.sh ├── 7.3 ├── base │ ├── Dockerfile │ ├── defaults.ini │ ├── entrypoint.sh │ ├── nginx.conf.tpl │ ├── nginx_ssl.conf.tpl │ └── php-fpm.conf.tpl ├── build-images.sh ├── php-all-exts │ └── Dockerfile └── push-images.sh ├── LICENSE └── README.md /7.2/base/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu:16.04 2 | 3 | MAINTAINER Maksim Kotliar 4 | 5 | ENV LC_ALL=C.UTF-8 6 | 7 | RUN apt-get update && \ 8 | apt-get -y --no-install-recommends --no-install-suggests install software-properties-common python-software-properties && \ 9 | add-apt-repository ppa:ondrej/php && \ 10 | add-apt-repository ppa:ondrej/pkg-gearman && \ 11 | rm -rf /var/lib/apt/lists/* 12 | 13 | RUN apt-get update && \ 14 | apt-get remove php7.0 && \ 15 | apt-get install -y --no-install-recommends --no-install-suggests nginx php7.2 php7.2-fpm php7.2-cli php7.2-common ca-certificates gettext && \ 16 | rm -rf /var/lib/apt/lists/* 17 | 18 | # forward request and error logs to docker log collector 19 | RUN ln -sf /dev/stderr /var/log/nginx/access.log \ 20 | && ln -sf /dev/stderr /var/log/nginx/error.log \ 21 | && ln -sf /dev/stderr /var/log/php7.2-fpm.log \ 22 | && ln -sf /dev/stderr /var/log/php-fpm.log 23 | 24 | RUN rm -f /etc/nginx/sites-enabled/* 25 | 26 | COPY nginx.conf.tpl /nginx.conf.tpl 27 | COPY nginx_ssl.conf.tpl /nginx_ssl.conf.tpl 28 | COPY php-fpm.conf.tpl /php-fpm.conf.tpl 29 | COPY defaults.ini /etc/php/7.2/cli/conf.d/defaults.ini 30 | COPY defaults.ini /etc/php/7.2/fpm/conf.d/defaults.ini 31 | 32 | RUN mkdir -p /run/php && touch /run/php/php7.2-fpm.sock && touch /run/php/php7.2-fpm.pid 33 | 34 | COPY entrypoint.sh /entrypoint.sh 35 | RUN chmod 755 /entrypoint.sh 36 | 37 | EXPOSE 80 38 | 39 | CMD ["/entrypoint.sh"] 40 | -------------------------------------------------------------------------------- /7.2/base/defaults.ini: -------------------------------------------------------------------------------- 1 | date.timezone=UTC -------------------------------------------------------------------------------- /7.2/base/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | export NGINX_WEB_ROOT=${NGINX_WEB_ROOT:-'/var/www/html'} 4 | export NGINX_PHP_FALLBACK=${NGINX_PHP_FALLBACK:-'/index.php'} 5 | export NGINX_PHP_LOCATION=${NGINX_PHP_LOCATION:-'^/index\.php(/|$$)'} 6 | export NGINX_USER=${NGINX_USER:-'www-data'} 7 | export NGINX_CONF=${NGINX_CONF:-'/etc/nginx/nginx.conf'} 8 | export NGINX_SSL_PUBLIC_CERTIFICATE=${NGINX_SSL_PUBLIC_CERTIFICATE:-''} 9 | export NGINX_SSL_PRIVATE_CERTIFICATE=${NGINX_SSL_PRIVATE_CERTIFICATE:-''} 10 | 11 | export PHP_SOCK_FILE=${PHP_SOCK_FILE:-'/run/php.sock'} 12 | export PHP_USER=${PHP_USER:-'www-data'} 13 | export PHP_GROUP=${PHP_GROUP:-'www-data'} 14 | export PHP_MODE=${PHP_MODE:-'0660'} 15 | export PHP_FPM_CONF=${PHP_FPM_CONF:-'/etc/php/7.2/fpm/php-fpm.conf'} 16 | 17 | envsubst '${NGINX_WEB_ROOT} ${NGINX_PHP_FALLBACK} ${NGINX_PHP_LOCATION} ${NGINX_USER} ${NGINX_CONF} ${PHP_SOCK_FILE} ${PHP_USER} ${PHP_GROUP} ${PHP_MODE} ${PHP_FPM_CONF}' < /nginx.conf.tpl > $NGINX_CONF 18 | envsubst '${NGINX_WEB_ROOT} ${NGINX_PHP_FALLBACK} ${NGINX_PHP_LOCATION} ${NGINX_USER} ${NGINX_CONF} ${PHP_SOCK_FILE} ${PHP_USER} ${PHP_GROUP} ${PHP_MODE} ${PHP_FPM_CONF}' < /php-fpm.conf.tpl > $PHP_FPM_CONF 19 | 20 | if [ ! -z "$NGINX_SSL_PUBLIC_CERTIFICATE" ] 21 | then 22 | envsubst '${NGINX_SSL_PUBLIC_CERTIFICATE} ${NGINX_SSL_PRIVATE_CERTIFICATE} ${NGINX_WEB_ROOT} ${NGINX_PHP_FALLBACK} ${NGINX_PHP_LOCATION} ${NGINX_USER} ${NGINX_CONF} ${PHP_SOCK_FILE} ${PHP_USER} ${PHP_GROUP} ${PHP_MODE} ${PHP_FPM_CONF}' < /nginx_ssl.conf.tpl > /etc/nginx/conf.d/nginx_ssl.conf 23 | fi 24 | 25 | TRAPPED_SIGNAL=false 26 | 27 | echo 'Starting NGINX'; 28 | nginx -c $NGINX_CONF -g 'daemon off;' 2>&1 & 29 | NGINX_PID=$! 30 | 31 | echo 'Starting PHP-FPM'; 32 | php-fpm7.2 -R -F -c $PHP_FPM_CONF 2>&1 & 33 | PHP_FPM_PID=$! 34 | 35 | trap "TRAPPED_SIGNAL=true; kill -15 $NGINX_PID; kill -15 $PHP_FPM_PID;" SIGTERM SIGINT 36 | 37 | while : 38 | do 39 | kill -0 $NGINX_PID 2> /dev/null 40 | NGINX_STATUS=$? 41 | 42 | kill -0 $PHP_FPM_PID 2> /dev/null 43 | PHP_FPM_STATUS=$? 44 | 45 | if [ "$TRAPPED_SIGNAL" = "false" ]; then 46 | if [ $NGINX_STATUS -ne 0 ] || [ $PHP_FPM_STATUS -ne 0 ]; then 47 | if [ $NGINX_STATUS -eq 0 ]; then 48 | kill -15 $NGINX_PID; 49 | wait $NGINX_PID; 50 | fi 51 | if [ $PHP_FPM_STATUS -eq 0 ]; then 52 | kill -15 $PHP_FPM_PID; 53 | wait $PHP_FPM_PID; 54 | fi 55 | 56 | exit 1; 57 | fi 58 | else 59 | if [ $NGINX_STATUS -ne 0 ] && [ $PHP_FPM_STATUS -ne 0 ]; then 60 | exit 0; 61 | fi 62 | fi 63 | 64 | sleep 1 65 | done 66 | -------------------------------------------------------------------------------- /7.2/base/nginx.conf.tpl: -------------------------------------------------------------------------------- 1 | user $NGINX_USER; 2 | worker_processes auto; 3 | pid /run/nginx.pid; 4 | 5 | events { 6 | worker_connections 768; 7 | } 8 | 9 | http { 10 | sendfile on; 11 | tcp_nopush on; 12 | tcp_nodelay on; 13 | keepalive_timeout 65; 14 | types_hash_max_size 2048; 15 | 16 | include /etc/nginx/mime.types; 17 | default_type application/octet-stream; 18 | 19 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE 20 | ssl_prefer_server_ciphers on; 21 | 22 | access_log /var/log/nginx/access.log; 23 | error_log /var/log/nginx/error.log; 24 | 25 | gzip on; 26 | gzip_disable "msie6"; 27 | 28 | include /etc/nginx/conf.d/*.conf; 29 | #include /etc/nginx/sites-enabled/*; 30 | 31 | server { 32 | listen 80 default_server; 33 | root $NGINX_WEB_ROOT; 34 | 35 | location / { 36 | try_files $uri $NGINX_PHP_FALLBACK$is_args$args; 37 | } 38 | location ~ $NGINX_PHP_LOCATION { 39 | fastcgi_pass unix:$PHP_SOCK_FILE; 40 | fastcgi_split_path_info ^(.+\.php)(/.*)$; 41 | include fastcgi_params; 42 | fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; 43 | fastcgi_param DOCUMENT_ROOT $realpath_root; 44 | 45 | internal; 46 | } 47 | 48 | # return 404 for all other php files not matching the front controller 49 | # this prevents access to other php files you don't want to be accessible. 50 | location ~ \.php$ { 51 | return 404; 52 | } 53 | } 54 | } 55 | -------------------------------------------------------------------------------- /7.2/base/nginx_ssl.conf.tpl: -------------------------------------------------------------------------------- 1 | 2 | server { 3 | listen 443 ssl http2 default_server; 4 | listen [::]:443 ssl http2 default_server; 5 | root $NGINX_WEB_ROOT; 6 | 7 | location / { 8 | try_files $uri $NGINX_PHP_FALLBACK$is_args$args; 9 | } 10 | location ~ $NGINX_PHP_LOCATION { 11 | fastcgi_pass unix:$PHP_SOCK_FILE; 12 | fastcgi_split_path_info ^(.+\.php)(/.*)$; 13 | include fastcgi_params; 14 | fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; 15 | fastcgi_param DOCUMENT_ROOT $realpath_root; 16 | 17 | internal; 18 | } 19 | 20 | # return 404 for all other php files not matching the front controller 21 | # this prevents access to other php files you don't want to be accessible. 22 | location ~ \.php$ { 23 | return 404; 24 | } 25 | 26 | ssl_certificate $NGINX_SSL_PUBLIC_CERTIFICATE; 27 | ssl_certificate_key $NGINX_SSL_PRIVATE_CERTIFICATE; 28 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 29 | ssl_prefer_server_ciphers on; 30 | ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; 31 | ssl_ecdh_curve secp384r1; 32 | ssl_session_cache shared:SSL:10m; 33 | ssl_session_tickets off; 34 | ssl_stapling on; 35 | ssl_stapling_verify on; 36 | resolver 8.8.8.8 8.8.4.4 valid=300s; 37 | resolver_timeout 5s; 38 | # Disable preloading HSTS for now. You can use the commented out header line that includes 39 | # the "preload" directive if you understand the implications. 40 | #add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"; 41 | add_header Strict-Transport-Security "max-age=63072000; includeSubdomains"; 42 | add_header X-Frame-Options DENY; 43 | add_header X-Content-Type-Options nosniff; 44 | } 45 | -------------------------------------------------------------------------------- /7.2/base/php-fpm.conf.tpl: -------------------------------------------------------------------------------- 1 | [www] 2 | 3 | pm = dynamic 4 | pm.max_children = 5 5 | pm.start_servers = 2 6 | pm.min_spare_servers = 1 7 | pm.max_spare_servers = 3 8 | 9 | clear_env = no 10 | catch_workers_output=yes 11 | 12 | user = $PHP_USER 13 | group = $PHP_GROUP 14 | listen = $PHP_SOCK_FILE 15 | listen.owner = $PHP_USER 16 | listen.group = $PHP_GROUP 17 | listen.mode = $PHP_MODE 18 | -------------------------------------------------------------------------------- /7.2/build-images.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -x 4 | set -e 5 | 6 | (cd 7.2/base && docker build --rm --pull -t formapro/nginx-php-fpm:7.2-latest .) 7 | (cd 7.2/php-all-exts && docker build --rm -t formapro/nginx-php-fpm:7.2-latest-all-exts .) 8 | -------------------------------------------------------------------------------- /7.2/php-all-exts/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM formapro/nginx-php-fpm:7.2-latest 2 | 3 | # exts 4 | RUN apt-get update && \ 5 | apt-get install -y --no-install-recommends --no-install-suggests \ 6 | php-mongodb php-curl php-intl php-soap php-xml php-mcrypt php-bcmath \ 7 | php-mysql php-amqp php-gearman php-mbstring php-ldap php-zip php-gd php-xdebug php-imagick && \ 8 | rm -f /etc/php/7.2/cli/conf.d/*xdebug.ini && \ 9 | rm -f /etc/php/7.2/fpm/conf.d/*xdebug.ini && \ 10 | rm -rf /var/lib/apt/lists/* 11 | -------------------------------------------------------------------------------- /7.2/push-images.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -x 4 | set -e 5 | 6 | docker login -u $DOCKER_USER -p $DOCKER_PASSWORD 7 | docker push formapro/nginx-php-fpm:7.2-latest 8 | docker push formapro/nginx-php-fpm:7.2-latest-all-exts 9 | -------------------------------------------------------------------------------- /7.3/base/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu:16.04 2 | 3 | MAINTAINER Maksim Kotliar 4 | 5 | ENV LC_ALL=C.UTF-8 6 | 7 | RUN apt-get update && \ 8 | apt-get -y --no-install-recommends --no-install-suggests install software-properties-common python-software-properties && \ 9 | add-apt-repository ppa:ondrej/php && \ 10 | add-apt-repository ppa:ondrej/pkg-gearman && \ 11 | rm -rf /var/lib/apt/lists/* 12 | 13 | RUN apt-get update && \ 14 | apt-get remove php7.0 && \ 15 | apt-get install -y --no-install-recommends --no-install-suggests nginx php7.3 php7.3-fpm php7.3-cli php7.3-common ca-certificates gettext && \ 16 | rm -rf /var/lib/apt/lists/* 17 | 18 | # forward request and error logs to docker log collector 19 | RUN ln -sf /dev/stderr /var/log/nginx/access.log \ 20 | && ln -sf /dev/stderr /var/log/nginx/error.log \ 21 | && ln -sf /dev/stderr /var/log/php7.3-fpm.log \ 22 | && ln -sf /dev/stderr /var/log/php-fpm.log 23 | 24 | RUN rm -f /etc/nginx/sites-enabled/* 25 | 26 | COPY nginx.conf.tpl /nginx.conf.tpl 27 | COPY nginx_ssl.conf.tpl /nginx_ssl.conf.tpl 28 | COPY php-fpm.conf.tpl /php-fpm.conf.tpl 29 | COPY defaults.ini /etc/php/7.3/cli/conf.d/defaults.ini 30 | COPY defaults.ini /etc/php/7.3/fpm/conf.d/defaults.ini 31 | 32 | RUN mkdir -p /run/php && touch /run/php/php7.3-fpm.sock && touch /run/php/php7.3-fpm.pid 33 | 34 | COPY entrypoint.sh /entrypoint.sh 35 | RUN chmod 755 /entrypoint.sh 36 | 37 | EXPOSE 80 38 | 39 | CMD ["/entrypoint.sh"] 40 | -------------------------------------------------------------------------------- /7.3/base/defaults.ini: -------------------------------------------------------------------------------- 1 | date.timezone=UTC -------------------------------------------------------------------------------- /7.3/base/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | export NGINX_WEB_ROOT=${NGINX_WEB_ROOT:-'/var/www/html'} 4 | export NGINX_PHP_FALLBACK=${NGINX_PHP_FALLBACK:-'/index.php'} 5 | export NGINX_PHP_LOCATION=${NGINX_PHP_LOCATION:-'^/index\.php(/|$$)'} 6 | export NGINX_USER=${NGINX_USER:-'www-data'} 7 | export NGINX_CONF=${NGINX_CONF:-'/etc/nginx/nginx.conf'} 8 | export NGINX_SSL_PUBLIC_CERTIFICATE=${NGINX_SSL_PUBLIC_CERTIFICATE:-''} 9 | export NGINX_SSL_PRIVATE_CERTIFICATE=${NGINX_SSL_PRIVATE_CERTIFICATE:-''} 10 | 11 | export PHP_SOCK_FILE=${PHP_SOCK_FILE:-'/run/php.sock'} 12 | export PHP_USER=${PHP_USER:-'www-data'} 13 | export PHP_GROUP=${PHP_GROUP:-'www-data'} 14 | export PHP_MODE=${PHP_MODE:-'0660'} 15 | export PHP_FPM_CONF=${PHP_FPM_CONF:-'/etc/php/7.3/fpm/php-fpm.conf'} 16 | 17 | envsubst '${NGINX_WEB_ROOT} ${NGINX_PHP_FALLBACK} ${NGINX_PHP_LOCATION} ${NGINX_USER} ${NGINX_CONF} ${PHP_SOCK_FILE} ${PHP_USER} ${PHP_GROUP} ${PHP_MODE} ${PHP_FPM_CONF}' < /nginx.conf.tpl > $NGINX_CONF 18 | envsubst '${NGINX_WEB_ROOT} ${NGINX_PHP_FALLBACK} ${NGINX_PHP_LOCATION} ${NGINX_USER} ${NGINX_CONF} ${PHP_SOCK_FILE} ${PHP_USER} ${PHP_GROUP} ${PHP_MODE} ${PHP_FPM_CONF}' < /php-fpm.conf.tpl > $PHP_FPM_CONF 19 | 20 | if [ ! -z "$NGINX_SSL_PUBLIC_CERTIFICATE" ] 21 | then 22 | envsubst '${NGINX_SSL_PUBLIC_CERTIFICATE} ${NGINX_SSL_PRIVATE_CERTIFICATE} ${NGINX_WEB_ROOT} ${NGINX_PHP_FALLBACK} ${NGINX_PHP_LOCATION} ${NGINX_USER} ${NGINX_CONF} ${PHP_SOCK_FILE} ${PHP_USER} ${PHP_GROUP} ${PHP_MODE} ${PHP_FPM_CONF}' < /nginx_ssl.conf.tpl > /etc/nginx/conf.d/nginx_ssl.conf 23 | fi 24 | 25 | TRAPPED_SIGNAL=false 26 | 27 | echo 'Starting NGINX'; 28 | nginx -c $NGINX_CONF -g 'daemon off;' 2>&1 & 29 | NGINX_PID=$! 30 | 31 | echo 'Starting PHP-FPM'; 32 | php-fpm7.3 -R -F -c $PHP_FPM_CONF 2>&1 & 33 | PHP_FPM_PID=$! 34 | 35 | trap "TRAPPED_SIGNAL=true; kill -15 $NGINX_PID; kill -15 $PHP_FPM_PID;" SIGTERM SIGINT 36 | 37 | while : 38 | do 39 | kill -0 $NGINX_PID 2> /dev/null 40 | NGINX_STATUS=$? 41 | 42 | kill -0 $PHP_FPM_PID 2> /dev/null 43 | PHP_FPM_STATUS=$? 44 | 45 | if [ "$TRAPPED_SIGNAL" = "false" ]; then 46 | if [ $NGINX_STATUS -ne 0 ] || [ $PHP_FPM_STATUS -ne 0 ]; then 47 | if [ $NGINX_STATUS -eq 0 ]; then 48 | kill -15 $NGINX_PID; 49 | wait $NGINX_PID; 50 | fi 51 | if [ $PHP_FPM_STATUS -eq 0 ]; then 52 | kill -15 $PHP_FPM_PID; 53 | wait $PHP_FPM_PID; 54 | fi 55 | 56 | exit 1; 57 | fi 58 | else 59 | if [ $NGINX_STATUS -ne 0 ] && [ $PHP_FPM_STATUS -ne 0 ]; then 60 | exit 0; 61 | fi 62 | fi 63 | 64 | sleep 1 65 | done 66 | -------------------------------------------------------------------------------- /7.3/base/nginx.conf.tpl: -------------------------------------------------------------------------------- 1 | user $NGINX_USER; 2 | worker_processes auto; 3 | pid /run/nginx.pid; 4 | 5 | events { 6 | worker_connections 768; 7 | } 8 | 9 | http { 10 | sendfile on; 11 | tcp_nopush on; 12 | tcp_nodelay on; 13 | keepalive_timeout 65; 14 | types_hash_max_size 2048; 15 | 16 | include /etc/nginx/mime.types; 17 | default_type application/octet-stream; 18 | 19 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE 20 | ssl_prefer_server_ciphers on; 21 | 22 | access_log /var/log/nginx/access.log; 23 | error_log /var/log/nginx/error.log; 24 | 25 | gzip on; 26 | gzip_disable "msie6"; 27 | 28 | include /etc/nginx/conf.d/*.conf; 29 | #include /etc/nginx/sites-enabled/*; 30 | 31 | server { 32 | listen 80 default_server; 33 | root $NGINX_WEB_ROOT; 34 | 35 | location / { 36 | try_files $uri $NGINX_PHP_FALLBACK$is_args$args; 37 | } 38 | location ~ $NGINX_PHP_LOCATION { 39 | fastcgi_pass unix:$PHP_SOCK_FILE; 40 | fastcgi_split_path_info ^(.+\.php)(/.*)$; 41 | include fastcgi_params; 42 | fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; 43 | fastcgi_param DOCUMENT_ROOT $realpath_root; 44 | 45 | internal; 46 | } 47 | 48 | # return 404 for all other php files not matching the front controller 49 | # this prevents access to other php files you don't want to be accessible. 50 | location ~ \.php$ { 51 | return 404; 52 | } 53 | } 54 | } 55 | -------------------------------------------------------------------------------- /7.3/base/nginx_ssl.conf.tpl: -------------------------------------------------------------------------------- 1 | 2 | server { 3 | listen 443 ssl http2 default_server; 4 | listen [::]:443 ssl http2 default_server; 5 | root $NGINX_WEB_ROOT; 6 | 7 | location / { 8 | try_files $uri $NGINX_PHP_FALLBACK$is_args$args; 9 | } 10 | location ~ $NGINX_PHP_LOCATION { 11 | fastcgi_pass unix:$PHP_SOCK_FILE; 12 | fastcgi_split_path_info ^(.+\.php)(/.*)$; 13 | include fastcgi_params; 14 | fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; 15 | fastcgi_param DOCUMENT_ROOT $realpath_root; 16 | 17 | internal; 18 | } 19 | 20 | # return 404 for all other php files not matching the front controller 21 | # this prevents access to other php files you don't want to be accessible. 22 | location ~ \.php$ { 23 | return 404; 24 | } 25 | 26 | ssl_certificate $NGINX_SSL_PUBLIC_CERTIFICATE; 27 | ssl_certificate_key $NGINX_SSL_PRIVATE_CERTIFICATE; 28 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 29 | ssl_prefer_server_ciphers on; 30 | ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; 31 | ssl_ecdh_curve secp384r1; 32 | ssl_session_cache shared:SSL:10m; 33 | ssl_session_tickets off; 34 | ssl_stapling on; 35 | ssl_stapling_verify on; 36 | resolver 8.8.8.8 8.8.4.4 valid=300s; 37 | resolver_timeout 5s; 38 | # Disable preloading HSTS for now. You can use the commented out header line that includes 39 | # the "preload" directive if you understand the implications. 40 | #add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"; 41 | add_header Strict-Transport-Security "max-age=63072000; includeSubdomains"; 42 | add_header X-Frame-Options DENY; 43 | add_header X-Content-Type-Options nosniff; 44 | } 45 | -------------------------------------------------------------------------------- /7.3/base/php-fpm.conf.tpl: -------------------------------------------------------------------------------- 1 | [www] 2 | 3 | pm = dynamic 4 | pm.max_children = 5 5 | pm.start_servers = 2 6 | pm.min_spare_servers = 1 7 | pm.max_spare_servers = 3 8 | 9 | clear_env = no 10 | catch_workers_output=yes 11 | decorate_workers_output=no 12 | 13 | user = $PHP_USER 14 | group = $PHP_GROUP 15 | listen = $PHP_SOCK_FILE 16 | listen.owner = $PHP_USER 17 | listen.group = $PHP_GROUP 18 | listen.mode = $PHP_MODE -------------------------------------------------------------------------------- /7.3/build-images.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -x 4 | set -e 5 | 6 | (cd 7.3/base && docker build --rm --pull -t formapro/nginx-php-fpm:7.3-latest .) 7 | (cd 7.3/php-all-exts && docker build --rm -t formapro/nginx-php-fpm:7.3-latest-all-exts .) 8 | -------------------------------------------------------------------------------- /7.3/php-all-exts/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM formapro/nginx-php-fpm:7.3-latest 2 | 3 | # exts 4 | RUN apt-get update && \ 5 | apt-get install -y --no-install-recommends --no-install-suggests \ 6 | php-mongodb php-curl php-intl php-soap php-xml php-mcrypt php-bcmath \ 7 | php-mysql php-amqp php-gearman php-mbstring php-ldap php-zip php-gd php-xdebug php-imagick && \ 8 | rm -f /etc/php/7.3/cli/conf.d/*xdebug.ini && \ 9 | rm -f /etc/php/7.3/fpm/conf.d/*xdebug.ini && \ 10 | rm -rf /var/lib/apt/lists/* 11 | -------------------------------------------------------------------------------- /7.3/push-images.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -x 4 | set -e 5 | 6 | docker login -u $DOCKER_USER -p $DOCKER_PASSWORD 7 | docker push formapro/nginx-php-fpm:7.3-latest 8 | docker push formapro/nginx-php-fpm:7.3-latest-all-exts 9 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2016 Kotliar Maksym 2 | 3 | Permission is hereby granted, free of charge, to any person obtaining a copy 4 | of this software and associated documentation files (the "Software"), to deal 5 | in the Software without restriction, including without limitation the rights 6 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 7 | copies of the Software, and to permit persons to whom the Software is furnished 8 | to do so, subject to the following conditions: 9 | 10 | The above copyright notice and this permission notice shall be included in all 11 | copies or substantial portions of the Software. 12 | 13 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 14 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 15 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 16 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 17 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 18 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 19 | THE SOFTWARE. 20 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # docker-nginx-php-fpm 2 | 3 | ## Usage 4 | 5 | Let's say you have `/home/user/app/web` folder which web root of your project. 6 | If the file physically exists on filesystem it is served by nginx. 7 | If file not present Nginx proxy a request to PHP-FPM. 8 | There must be a `app.php` inside the folder. 9 | 10 | ```bash 11 | echo " app.php 12 | echo "

Hello world

" > hello.html 13 | 14 | docker run -d -p 8080:80 -v `pwd`:/var/www/html formapro/nginx-php-fpm 15 | 16 | curl -X GET localhost:8080 # runs app.php and outputs phpinfo 17 | curl -X GET localhost:8080/hello.html # shows Hello world 18 | ``` 19 | 20 | ## Env vars 21 | 22 | Here's available env vars and their default values: 23 | 24 | ``` 25 | NGINX_WEB_ROOT= /var/www/html 26 | NGINX_PHP_FALLBACK= /index.php 27 | NGINX_PHP_LOCATION= ^/index\.php(/|$$) 28 | NGINX_USER= www-data 29 | NGINX_CONF= /etc/nginx/nginx.conf 30 | 31 | PHP_SOCK_FILE= /run/php.sock 32 | PHP_USER= www-data 33 | PHP_GROUP= www-data 34 | PHP_MODE= 0660 35 | PHP_FPM_CONF= /etc/php/7.0/fpm/php-fpm.conf 36 | ``` 37 | 38 | ## XDebug on Mac 39 | 40 | * To enable xdebug mount xdebug configuration file to: `/etc/php/7.0/mods-available/xdebug.ini` 41 | * Set fake ip on the docker host: `sudo ifconfig lo0 alias 172.10.0.1` 42 | * For PHPStorm set container env: `PHP_IDE_CONFIG: 'serverName=server.loc'` where 'server.loc' - PHPStorm server name 43 | 44 | ```ini 45 | ; xdebug.ini 46 | zend_extension=xdebug.so 47 | xdebug.profiler_enable = Off 48 | xdebug.profiler_enable_trigger = Off 49 | xdebug.max_nesting_level = 5000 50 | xdebug.remote_enable = On 51 | xdebug.remote_host = 172.10.0.1 52 | ``` 53 | 54 | ## Enable HTTPS 55 | 56 | *Use it only locally.* 57 | 58 | Generate self-signed certificates: 59 | 60 | ``` 61 | openssl req -newkey rsa:2048 -sha256 -nodes -keyout YOURPRIVATE.key -x509 -days 365 -out YOURPUBLIC.pem -subj "/C=US/ST=New York/L=Brooklyn/O=Example Brooklyn Company/CN=YOURDOMAIN.EXAMPLE" 62 | ``` 63 | 64 | Run container with additional env vars: 65 | 66 | ``` 67 | docker run -d -p443:443 -v `pwd`:/var/www/html -e NGINX_SSL_PUBLIC_CERTIFICATE=/var/www/html/YOURPUBLIC.pem -e NGINX_SSL_PRIVATE_CERTIFICATE=/var/www/html/YOURPRIVATE.key formapro/nginx-php-fpm:latest 68 | 69 | curl https://localhost:443 --insecure 70 | ``` 71 | 72 | ## Developed by Forma-Pro 73 | 74 | Forma-Pro is a full stack development company which interests also spread to open source development. 75 | Being a team of strong professionals we have an aim an ability to help community by developing cutting edge solutions in the areas of e-commerce, docker & microservice oriented architecture where we have accumulated a huge many-years experience. 76 | Our main specialization is Symfony framework based solution, but we are always looking to the technologies that allow us to do our job the best way. We are committed to creating solutions that revolutionize the way how things are developed in aspects of architecture & scalability. 77 | 78 | If you have any questions and inquires about our open source development, this product particularly or any other matter feel free to contact at opensource@forma-pro.com 79 | --------------------------------------------------------------------------------