├── README.md ├── config ├── php.ini ├── fpm-pool.conf ├── supervisord.conf └── nginx.conf ├── entrypoint.sh └── Dockerfile /README.md: -------------------------------------------------------------------------------- 1 | [彩虹聚合DNS管理系统](https://github.com/netcccyun/dnsmgr) 的Docker镜像构建脚本 2 | 3 | 构建命令: 4 | 5 | ``` 6 | docker build -t netcccyun/dnsmgr:latest . 7 | ``` -------------------------------------------------------------------------------- /config/php.ini: -------------------------------------------------------------------------------- 1 | [PHP] 2 | short_open_tag = On 3 | expose_php = Off 4 | max_execution_time = 300 5 | post_max_size = 50M 6 | upload_max_filesize = 50M 7 | [Date] 8 | date.timezone = PRC 9 | -------------------------------------------------------------------------------- /entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -e 4 | 5 | if [ ! -f /app/www/public/index.php ] || [ ! -f /app/firstrun ]; then 6 | echo 'Copying new files' 7 | \cp -a /usr/src/www /app/ 8 | 9 | if [ -d /app/www/runtime/cache ]; then 10 | rm -rf /app/www/runtime/* 11 | fi 12 | 13 | chown -R www.www /app/www 14 | 15 | touch /app/firstrun 16 | fi 17 | 18 | exec "$@" -------------------------------------------------------------------------------- /config/fpm-pool.conf: -------------------------------------------------------------------------------- 1 | [global] 2 | error_log = /dev/stderr 3 | 4 | [www] 5 | listen = /run/php-fpm.sock 6 | listen.backlog = 8192 7 | listen.allowed_clients = 127.0.0.1 8 | listen.owner = www 9 | listen.group = www 10 | listen.mode = 0666 11 | user = www 12 | group = www 13 | pm.status_path = /fpm-status 14 | pm = ondemand 15 | pm.max_children = 100 16 | pm.process_idle_timeout = 60s; 17 | pm.max_requests = 1000 18 | clear_env = no 19 | catch_workers_output = yes 20 | decorate_workers_output = no 21 | ping.path = /fpm-ping 22 | -------------------------------------------------------------------------------- /config/supervisord.conf: -------------------------------------------------------------------------------- 1 | [supervisord] 2 | nodaemon=true 3 | logfile=/dev/null 4 | logfile_maxbytes=0 5 | pidfile=/run/supervisord.pid 6 | 7 | [program:php-fpm] 8 | command=php-fpm82 -F 9 | stdout_logfile=/dev/stdout 10 | stdout_logfile_maxbytes=0 11 | stderr_logfile=/dev/stderr 12 | stderr_logfile_maxbytes=0 13 | autorestart=false 14 | startretries=0 15 | 16 | [program:nginx] 17 | command=nginx -g 'daemon off;' 18 | stdout_logfile=/dev/stdout 19 | stdout_logfile_maxbytes=0 20 | stderr_logfile=/dev/stderr 21 | stderr_logfile_maxbytes=0 22 | autorestart=false 23 | startretries=0 24 | 25 | [program:dmtask] 26 | command=php think dmtask 27 | user=www 28 | stdout_logfile=/dev/stdout 29 | stdout_logfile_maxbytes=0 30 | stderr_logfile=/dev/stderr 31 | stderr_logfile_maxbytes=0 32 | autorestart=true 33 | startsecs = 5 34 | startretries = 3 35 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | ARG ALPINE_VERSION=3.19 2 | FROM alpine:${ALPINE_VERSION} 3 | # Setup document root 4 | WORKDIR /app/www 5 | 6 | # Install packages and remove default server definition 7 | RUN apk add --no-cache \ 8 | bash \ 9 | curl \ 10 | nginx \ 11 | php82 \ 12 | php82-ctype \ 13 | php82-curl \ 14 | php82-dom \ 15 | php82-fileinfo \ 16 | php82-fpm \ 17 | php82-gd \ 18 | php82-gettext \ 19 | php82-intl \ 20 | php82-iconv \ 21 | php82-mbstring \ 22 | php82-mysqli \ 23 | php82-opcache \ 24 | php82-openssl \ 25 | php82-phar \ 26 | php82-sodium \ 27 | php82-session \ 28 | php82-simplexml \ 29 | php82-tokenizer \ 30 | php82-xml \ 31 | php82-xmlreader \ 32 | php82-xmlwriter \ 33 | php82-zip \ 34 | php82-pdo \ 35 | php82-pdo_mysql \ 36 | php82-pdo_sqlite \ 37 | php82-pecl-swoole \ 38 | supervisor 39 | 40 | # Configure nginx - http 41 | COPY config/nginx.conf /etc/nginx/nginx.conf 42 | 43 | # Configure PHP-FPM 44 | ENV PHP_INI_DIR /etc/php82 45 | COPY config/fpm-pool.conf ${PHP_INI_DIR}/php-fpm.d/www.conf 46 | COPY config/php.ini ${PHP_INI_DIR}/conf.d/custom.ini 47 | 48 | # Configure supervisord 49 | COPY config/supervisord.conf /etc/supervisor/conf.d/supervisord.conf 50 | 51 | # Add application 52 | RUN mkdir -p /usr/src && wget https://github.com/netcccyun/dnsmgr/archive/refs/heads/main.zip -O /usr/src/www.zip && unzip /usr/src/www.zip -d /usr/src/ && mv /usr/src/dnsmgr-main /usr/src/www && rm -f /usr/src/www.zip 53 | 54 | # Install composer 55 | RUN wget https://mirrors.aliyun.com/composer/composer.phar -O /usr/local/bin/composer && chmod +x /usr/local/bin/composer 56 | 57 | RUN composer install -d /usr/src/www --no-dev 58 | 59 | RUN adduser -D -s /sbin/nologin -g www www && chown -R www.www /usr/src/www /var/lib/nginx /var/log/nginx 60 | 61 | # crontab 62 | RUN echo "*/15 * * * * cd /app/www && /usr/bin/php82 think opiptask" | crontab -u www - 63 | 64 | # copy entrypoint script 65 | COPY entrypoint.sh /entrypoint.sh 66 | ENTRYPOINT ["sh", "/entrypoint.sh"] 67 | 68 | # Expose the port nginx is reachable on 69 | EXPOSE 80 70 | 71 | # Let supervisord start nginx & php-fpm 72 | CMD crond && /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf 73 | 74 | # Configure a healthcheck to validate that everything is up&running 75 | HEALTHCHECK --timeout=10s CMD curl --silent --fail http://127.0.0.1/fpm-ping || exit 1 76 | -------------------------------------------------------------------------------- /config/nginx.conf: -------------------------------------------------------------------------------- 1 | user www; 2 | worker_processes auto; 3 | error_log stderr warn; 4 | pid /run/nginx.pid; 5 | 6 | events { 7 | worker_connections 1024; 8 | } 9 | 10 | http { 11 | include mime.types; 12 | # Threat files with a unknown filetype as binary 13 | default_type application/octet-stream; 14 | 15 | # Define custom log format to include reponse times 16 | log_format main_timed '$remote_addr - $remote_user [$time_local] "$request" ' 17 | '$status $body_bytes_sent "$http_referer" ' 18 | '"$http_user_agent" "$http_x_forwarded_for" ' 19 | '$request_time $upstream_response_time $pipe $upstream_cache_status'; 20 | 21 | access_log /dev/stdout main_timed; 22 | error_log /dev/stderr crit; 23 | 24 | keepalive_timeout 65; 25 | 26 | server_tokens off; 27 | 28 | # Enable gzip compression by default 29 | gzip on; 30 | gzip_min_length 1k; 31 | gzip_buffers 4 16k; 32 | gzip_proxied expired no-cache no-store private auth; 33 | gzip_types text/plain application/javascript application/x-javascript text/javascript text/css application/xml; 34 | gzip_vary on; 35 | gzip_disable "MSIE [1-6]\."; 36 | 37 | # Include server configs 38 | server { 39 | listen [::]:80 default_server; 40 | listen 80 default_server; 41 | server_name _; 42 | 43 | sendfile on; 44 | tcp_nodelay on; 45 | absolute_redirect off; 46 | 47 | root /app/www/public; 48 | index index.php; 49 | 50 | # Pass the PHP scripts to PHP-FPM listening on php-fpm.sock 51 | location ~ \.php$ { 52 | try_files $uri =404; 53 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 54 | fastcgi_pass unix:/run/php-fpm.sock; 55 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 56 | fastcgi_index index.php; 57 | include fastcgi_params; 58 | } 59 | 60 | #rewrite rule for pretty urls 61 | location / { 62 | if (!-e $request_filename){ 63 | rewrite ^(.*)$ /index.php?s=$1 last; break; 64 | } 65 | } 66 | 67 | # Set the cache-control headers on assets to cache for 5 days 68 | location ~* \.(jpg|jpeg|gif|png|ico|bmp)$ { 69 | access_log off; 70 | expires 30d; 71 | } 72 | 73 | location ~* \.(css|js)$ { 74 | access_log off; 75 | expires 12h; 76 | } 77 | 78 | # Deny access to . files, for security 79 | location ~ /\. { 80 | log_not_found off; 81 | deny all; 82 | } 83 | 84 | # Allow fpm ping and status from localhost 85 | location ~ ^/(fpm-status|fpm-ping)$ { 86 | access_log off; 87 | allow 127.0.0.1; 88 | deny all; 89 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 90 | include fastcgi_params; 91 | fastcgi_pass unix:/run/php-fpm.sock; 92 | } 93 | } 94 | } 95 | --------------------------------------------------------------------------------