├── .gitignore ├── 7.2 ├── Dockerfile ├── boot.sh └── rootfs │ └── etc │ ├── nginx │ ├── conf.d │ │ └── default.conf │ └── nginx.conf │ ├── php72 │ ├── conf.d │ │ └── custom.ini │ └── php-fpm.d │ │ └── www.conf │ └── service │ ├── nginx │ └── run │ └── php │ └── run ├── 7.4 ├── Dockerfile ├── boot.sh └── rootfs │ └── etc │ ├── nginx │ ├── conf.d │ │ └── default.conf │ └── nginx.conf │ ├── php74 │ ├── conf.d │ │ └── custom.ini │ └── php-fpm.d │ │ └── www.conf │ └── service │ ├── nginx │ └── run │ └── php │ └── run ├── 8.0 ├── Dockerfile ├── boot.sh └── rootfs │ └── etc │ ├── nginx │ ├── conf.d │ │ └── default.conf │ └── nginx.conf │ ├── php80 │ ├── conf.d │ │ └── custom.ini │ └── php-fpm.d │ │ └── www.conf │ └── service │ ├── nginx │ └── run │ └── php │ └── run ├── 8.1 ├── Dockerfile ├── boot.sh └── rootfs │ └── etc │ ├── nginx │ ├── conf.d │ │ └── default.conf │ └── nginx.conf │ ├── php81 │ ├── conf.d │ │ └── custom.ini │ └── php-fpm.d │ │ └── www.conf │ └── service │ ├── nginx │ └── run │ └── php │ └── run ├── 8.2 ├── Dockerfile ├── boot.sh └── rootfs │ └── etc │ ├── nginx │ ├── conf.d │ │ └── default.conf │ └── nginx.conf │ ├── php82 │ ├── conf.d │ │ └── custom.ini │ └── php-fpm.d │ │ └── www.conf │ └── service │ ├── nginx │ └── run │ └── php │ └── run ├── 8.3 ├── Dockerfile ├── boot.sh └── rootfs │ └── etc │ ├── nginx │ ├── conf.d │ │ └── default.conf │ └── nginx.conf │ ├── php83 │ ├── conf.d │ │ └── custom.ini │ └── php-fpm.d │ │ └── www.conf │ └── service │ ├── nginx │ └── run │ └── php │ └── run ├── Makefile ├── README.md ├── docs ├── enable-https.md └── xdebug-support.md ├── nginx-ssl.Dockerfile ├── nginx-ssl.conf ├── xdebug.Dockerfile └── xdebug.ini /.gitignore: -------------------------------------------------------------------------------- 1 | .idea 2 | -------------------------------------------------------------------------------- /7.2/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG ALPINE_VERSION=3.8 2 | FROM alpine:${ALPINE_VERSION} 3 | LABEL Maintainer="Ngoc Linh Pham " 4 | LABEL Description="Lightweight container with Nginx 1.14 & PHP 7.2 based on Alpine Linux." 5 | 6 | # Setup document root 7 | WORKDIR /var/www/html 8 | 9 | # Install packages and remove default server definition 10 | RUN apk add --no-cache \ 11 | php7 \ 12 | php7-fpm \ 13 | php7-bcmath \ 14 | php7-ctype \ 15 | php7-fileinfo \ 16 | php7-json \ 17 | php7-mbstring \ 18 | php7-openssl \ 19 | php7-pdo_pgsql \ 20 | php7-pdo_mysql \ 21 | php7-pdo_sqlite \ 22 | php7-curl \ 23 | php7-pdo \ 24 | php7-tokenizer \ 25 | php7-xml \ 26 | php7-phar \ 27 | php7-dom \ 28 | php7-gd \ 29 | php7-iconv \ 30 | php7-xmlwriter \ 31 | php7-xmlreader \ 32 | php7-zip \ 33 | php7-simplexml \ 34 | php7-session \ 35 | php7-opcache \ 36 | php7-pcntl \ 37 | php7-posix \ 38 | php7-ftp \ 39 | php7-sodium \ 40 | curl \ 41 | nginx \ 42 | runit 43 | 44 | # Create symlink so programs depending on `php` still function 45 | RUN cp /usr/bin/php7 /usr/bin/php 46 | 47 | # Install Composer 48 | COPY --from=composer/composer:2-bin /composer /usr/bin/composer 49 | 50 | ADD rootfs / 51 | COPY boot.sh /sbin/boot.sh 52 | 53 | # Make sure files/folders needed by the processes are accessable when they run under the www user 54 | ARG nginxUID=1000 55 | ARG nginxGID=1000 56 | 57 | RUN adduser -D -u ${nginxUID} -g ${nginxGID} -s /bin/sh www && \ 58 | mkdir -p /var/www/html && \ 59 | mkdir -p /var/cache/nginx && \ 60 | chown -R www:www /var/www/html && \ 61 | chown -R www:www /run && \ 62 | chown -R www:www /var/lib/nginx && \ 63 | chown -R www:www /var/log/nginx 64 | 65 | RUN chmod +x /etc/service/nginx/run \ 66 | && chmod +x /etc/service/php/run 67 | 68 | # Expose the port nginx is reachable on 69 | EXPOSE 80 70 | 71 | # Let boot start nginx & php-fpm 72 | CMD ["sh", "/sbin/boot.sh"] 73 | 74 | # Configure a healthcheck to validate that everything is up & running 75 | HEALTHCHECK --timeout=10s CMD curl --silent --fail http://127.0.0.1:80/fpm-ping || exit 1 76 | -------------------------------------------------------------------------------- /7.2/boot.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | shutdown() { 3 | echo "shutting down container" 4 | 5 | # first shutdown any service started by runit 6 | for _srv in $(ls -1 /etc/service); do 7 | sv force-stop ${_srv} 8 | done 9 | 10 | # shutdown runsvdir command 11 | kill -HUP ${PID} 12 | wait ${PID} 13 | 14 | # give processes time to stop 15 | sleep 0.5 16 | 17 | # kill any other processes still running in the container 18 | for _pid in $(ps -eo pid | grep -v PID | tr -d ' ' | grep -v '^1$' | head -n -6); do 19 | timeout -t 5 /bin/sh -c "kill $_pid && wait $_pid || kill -9 $_pid" 20 | done 21 | exit 22 | } 23 | 24 | exec env - PATH=$PATH runsvdir -P /etc/service & 25 | 26 | PID=$! 27 | echo "Started runsvdir, PID is $PID" 28 | echo "wait for processes to start...." 29 | 30 | sleep 5 31 | for _srv in $(ls -1 /etc/service); do 32 | sv status ${_srv} 33 | done 34 | 35 | # catch shutdown signals 36 | trap shutdown SIGTERM SIGHUP SIGQUIT SIGINT 37 | wait ${PID} 38 | 39 | shutdown -------------------------------------------------------------------------------- /7.2/rootfs/etc/nginx/conf.d/default.conf: -------------------------------------------------------------------------------- 1 | # Default server definition 2 | server { 3 | listen [::]:80 default_server; 4 | listen 80 default_server; 5 | server_name _; 6 | 7 | sendfile off; 8 | tcp_nodelay on; 9 | absolute_redirect off; 10 | 11 | root /var/www/html/public; 12 | index index.php index.html; 13 | 14 | location / { 15 | # First attempt to serve request as file, then 16 | # as directory, then fall back to index.php 17 | try_files $uri $uri/ /index.php?$query_string; 18 | } 19 | 20 | # Redirect server error pages to the static page /50x.html 21 | error_page 500 502 503 504 /50x.html; 22 | location = /50x.html { 23 | root /var/lib/nginx/html; 24 | } 25 | 26 | # Pass the PHP scripts to PHP-FPM listening on 127.0.0.1:9000 27 | location ~ \.php$ { 28 | try_files $uri =404; 29 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 30 | fastcgi_pass 127.0.0.1:9000; 31 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 32 | fastcgi_param SCRIPT_NAME $fastcgi_script_name; 33 | fastcgi_index index.php; 34 | include fastcgi_params; 35 | } 36 | 37 | # Set the cache-control headers on assets to cache for 5 days 38 | location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ { 39 | expires off; 40 | } 41 | 42 | # Deny access to . files, for security 43 | location ~ /\. { 44 | log_not_found off; 45 | deny all; 46 | } 47 | 48 | # Allow fpm ping and status from localhost 49 | location ~ ^/(fpm-status|fpm-ping)$ { 50 | access_log off; 51 | allow 127.0.0.1; 52 | deny all; 53 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 54 | include fastcgi_params; 55 | fastcgi_pass 127.0.0.1:9000; 56 | } 57 | } 58 | -------------------------------------------------------------------------------- /7.2/rootfs/etc/nginx/nginx.conf: -------------------------------------------------------------------------------- 1 | user www; 2 | worker_processes auto; 3 | error_log stderr warn; 4 | pid /run/nginx.pid; 5 | 6 | events { 7 | worker_connections 1024; 8 | } 9 | 10 | http { 11 | include mime.types; 12 | default_type application/octet-stream; 13 | 14 | # Define custom log format to include reponse times 15 | log_format main_timed '$remote_addr - $remote_user [$time_local] "$request" ' 16 | '$status $body_bytes_sent "$http_referer" ' 17 | '"$http_user_agent" "$http_x_forwarded_for" ' 18 | '$request_time $upstream_response_time $pipe $upstream_cache_status'; 19 | 20 | access_log /dev/stdout main_timed; 21 | error_log /dev/stderr notice; 22 | 23 | keepalive_timeout 3000; 24 | 25 | # Write temporary files to /tmp so they can be created as a non-privileged user 26 | client_body_temp_path /tmp/client_temp; 27 | proxy_temp_path /tmp/proxy_temp_path; 28 | fastcgi_temp_path /tmp/fastcgi_temp; 29 | uwsgi_temp_path /tmp/uwsgi_temp; 30 | scgi_temp_path /tmp/scgi_temp; 31 | 32 | # Hide headers that identify the server to prevent information leakage 33 | proxy_hide_header X-Powered-By; 34 | server_tokens off; 35 | fastcgi_hide_header X-Powered-By; 36 | 37 | # Enable gzip compression by default 38 | gzip on; 39 | gzip_proxied any; 40 | # Based on CloudFlare's recommended settings 41 | gzip_types text/richtext text/plain text/css text/x-script text/x-component text/x-java-source text/x-markdown application/javascript application/x-javascript text/javascript text/js image/x-icon image/vnd.microsoft.icon application/x-perl application/x-httpd-cgi text/xml application/xml application/rss+xml application/vnd.api+json application/x-protobuf application/json multipart/bag multipart/mixed application/xhtml+xml font/ttf font/otf font/x-woff image/svg+xml application/vnd.ms-fontobject application/ttf application/x-ttf application/otf application/x-otf application/truetype application/opentype application/x-opentype application/font-woff application/eot application/font application/font-sfnt application/wasm application/javascript-binast application/manifest+json application/ld+json application/graphql+json application/geo+json; 42 | gzip_vary on; 43 | gzip_disable "msie6"; 44 | 45 | # Include server configs 46 | include /etc/nginx/conf.d/*.conf; 47 | } 48 | -------------------------------------------------------------------------------- /7.2/rootfs/etc/php72/conf.d/custom.ini: -------------------------------------------------------------------------------- 1 | [Date] 2 | date.timezone="UTC" 3 | display_errors=On 4 | log_errors=On 5 | expose_php=Off 6 | 7 | ; Redirect errors to the container stderr 8 | error_log = "/dev/stderr" 9 | 10 | ; Maximum amount of memory a script may consume (128MB) 11 | ; http://php.net/memory-limit 12 | memory_limit = 256M 13 | ; Maximum allowed size for uploaded files. 14 | ; http://php.net/upload-max-filesize 15 | upload_max_filesize = 20M 16 | ; Sets max size of post data allowed. 17 | ; http://php.net/post-max-size 18 | post_max_size = 20M 19 | max_execution_time=600 20 | default_socket_timeout=3600 21 | request_terminate_timeout=600 22 | ; How many GET/POST/COOKIE input variables may be accepted 23 | max_input_vars = 2000 24 | -------------------------------------------------------------------------------- /7.2/rootfs/etc/php72/php-fpm.d/www.conf: -------------------------------------------------------------------------------- 1 | [global] 2 | ; Log to stderr 3 | error_log = /dev/stderr 4 | 5 | [www] 6 | 7 | user = www 8 | group = www 9 | 10 | ; The address on which to accept FastCGI requests. 11 | ; Valid syntaxes are: 12 | ; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on 13 | ; a specific port; 14 | ; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on 15 | ; a specific port; 16 | ; 'port' - to listen on a TCP socket to all addresses 17 | ; (IPv6 and IPv4-mapped) on a specific port; 18 | ; '/path/to/unix/socket' - to listen on a unix socket. 19 | ; Note: This value is mandatory. 20 | listen = 127.0.0.1:9000 21 | 22 | ; Enable status page 23 | pm.status_path = /fpm-status 24 | 25 | ; Ondemand process manager 26 | pm = ondemand 27 | 28 | ; The number of child processes to be created when pm is set to 'static' and the 29 | ; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. 30 | ; This value sets the limit on the number of simultaneous requests that will be 31 | ; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. 32 | ; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP 33 | ; CGI. The below defaults are based on a server without much resources. Don't 34 | ; forget to tweak pm.* to fit your needs. 35 | ; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' 36 | ; Note: This value is mandatory. 37 | pm.max_children = 100 38 | 39 | ; The number of seconds after which an idle process will be killed. 40 | ; Note: Used only when pm is set to 'ondemand' 41 | ; Default Value: 10s 42 | pm.process_idle_timeout = 10s; 43 | 44 | ; The number of requests each child process should execute before respawning. 45 | ; This can be useful to work around memory leaks in 3rd party libraries. For 46 | ; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. 47 | ; Default Value: 0 48 | pm.max_requests = 1000 49 | 50 | ; Make sure the FPM workers can reach the environment variables for configuration 51 | clear_env = no 52 | 53 | ; Catch output from PHP 54 | catch_workers_output = yes 55 | 56 | ; Remove the 'child 10 said into stderr' prefix in the log and only show the actual message 57 | decorate_workers_output = no 58 | 59 | ; Enable ping page to use in healthcheck 60 | ping.path = /fpm-ping 61 | -------------------------------------------------------------------------------- /7.2/rootfs/etc/service/nginx/run: -------------------------------------------------------------------------------- 1 | #!/bin/sh -e 2 | 3 | # pipe stderr to stdout and run nginx 4 | exec 2>&1 5 | exec nginx -g 'daemon off;' -------------------------------------------------------------------------------- /7.2/rootfs/etc/service/php/run: -------------------------------------------------------------------------------- 1 | #!/bin/sh -e 2 | 3 | # pipe stderr to stdout and run php-fpm 4 | exec 2>&1 5 | exec php-fpm7 -F 6 | -------------------------------------------------------------------------------- /7.4/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG ALPINE_VERSION=3.15.11 2 | FROM alpine:${ALPINE_VERSION} 3 | LABEL Maintainer="Ngoc Linh Pham " 4 | LABEL Description="Lightweight container with Nginx 1.20 & PHP 7.4 based on Alpine Linux." 5 | 6 | # Setup document root 7 | WORKDIR /var/www/html 8 | 9 | # Install packages and remove default server definition 10 | RUN apk add --no-cache \ 11 | php7 \ 12 | php7-fpm \ 13 | php7-bcmath \ 14 | php7-ctype \ 15 | php7-fileinfo \ 16 | php7-json \ 17 | php7-mbstring \ 18 | php7-openssl \ 19 | php7-pdo_pgsql \ 20 | php7-pdo_mysql \ 21 | php7-pdo_sqlite \ 22 | php7-curl \ 23 | php7-pdo \ 24 | php7-tokenizer \ 25 | php7-xml \ 26 | php7-phar \ 27 | php7-dom \ 28 | php7-gd \ 29 | php7-iconv \ 30 | php7-xmlwriter \ 31 | php7-xmlreader \ 32 | php7-zip \ 33 | php7-simplexml \ 34 | php7-session \ 35 | php7-opcache \ 36 | php7-gd \ 37 | php7-intl \ 38 | php7-pcntl \ 39 | php7-posix \ 40 | php7-ftp \ 41 | php7-sodium \ 42 | curl \ 43 | nginx \ 44 | runit 45 | 46 | # Create symlink so programs depending on `php` still function 47 | RUN cp /usr/bin/php7 /usr/bin/php 48 | 49 | # Install Composer 50 | COPY --from=composer/composer:2-bin /composer /usr/bin/composer 51 | 52 | ADD rootfs / 53 | COPY boot.sh /sbin/boot.sh 54 | 55 | # Make sure files/folders needed by the processes are accessable when they run under the www user 56 | ARG nginxUID=1000 57 | ARG nginxGID=1000 58 | 59 | RUN adduser -D -u ${nginxUID} -g ${nginxGID} -s /bin/sh www && \ 60 | mkdir -p /var/www/html && \ 61 | mkdir -p /var/cache/nginx && \ 62 | chown -R www:www /var/www/html && \ 63 | chown -R www:www /run && \ 64 | chown -R www:www /var/lib/nginx && \ 65 | chown -R www:www /var/log/nginx 66 | 67 | RUN chmod +x /etc/service/nginx/run \ 68 | && chmod +x /etc/service/php/run 69 | 70 | # Expose the port nginx is reachable on 71 | EXPOSE 80 72 | 73 | # Let boot start nginx & php-fpm 74 | CMD ["sh", "/sbin/boot.sh"] 75 | 76 | # Configure a healthcheck to validate that everything is up & running 77 | HEALTHCHECK --timeout=10s CMD curl --silent --fail http://127.0.0.1:80/fpm-ping || exit 1 78 | -------------------------------------------------------------------------------- /7.4/boot.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | shutdown() { 3 | echo "shutting down container" 4 | 5 | # first shutdown any service started by runit 6 | for _srv in $(ls -1 /etc/service); do 7 | sv force-stop ${_srv} 8 | done 9 | 10 | # shutdown runsvdir command 11 | kill -HUP ${PID} 12 | wait ${PID} 13 | 14 | # give processes time to stop 15 | sleep 0.5 16 | 17 | # kill any other processes still running in the container 18 | for _pid in $(ps -eo pid | grep -v PID | tr -d ' ' | grep -v '^1$' | head -n -6); do 19 | timeout -t 5 /bin/sh -c "kill $_pid && wait $_pid || kill -9 $_pid" 20 | done 21 | exit 22 | } 23 | 24 | exec env - PATH=$PATH runsvdir -P /etc/service & 25 | 26 | PID=$! 27 | echo "Started runsvdir, PID is $PID" 28 | echo "wait for processes to start...." 29 | 30 | sleep 5 31 | for _srv in $(ls -1 /etc/service); do 32 | sv status ${_srv} 33 | done 34 | 35 | # catch shutdown signals 36 | trap shutdown SIGTERM SIGHUP SIGQUIT SIGINT 37 | wait ${PID} 38 | 39 | shutdown -------------------------------------------------------------------------------- /7.4/rootfs/etc/nginx/conf.d/default.conf: -------------------------------------------------------------------------------- 1 | # Default server definition 2 | server { 3 | listen [::]:80 default_server; 4 | listen 80 default_server; 5 | server_name _; 6 | 7 | sendfile off; 8 | tcp_nodelay on; 9 | absolute_redirect off; 10 | 11 | root /var/www/html/public; 12 | index index.php index.html; 13 | 14 | location / { 15 | # First attempt to serve request as file, then 16 | # as directory, then fall back to index.php 17 | try_files $uri $uri/ /index.php?$query_string; 18 | } 19 | 20 | # Redirect server error pages to the static page /50x.html 21 | error_page 500 502 503 504 /50x.html; 22 | location = /50x.html { 23 | root /var/lib/nginx/html; 24 | } 25 | 26 | # Pass the PHP scripts to PHP-FPM listening on 127.0.0.1:9000 27 | location ~ \.php$ { 28 | try_files $uri =404; 29 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 30 | fastcgi_pass 127.0.0.1:9000; 31 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 32 | fastcgi_param SCRIPT_NAME $fastcgi_script_name; 33 | fastcgi_index index.php; 34 | include fastcgi_params; 35 | } 36 | 37 | # Set the cache-control headers on assets to cache for 5 days 38 | location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ { 39 | expires off; 40 | } 41 | 42 | # Deny access to . files, for security 43 | location ~ /\. { 44 | log_not_found off; 45 | deny all; 46 | } 47 | 48 | # Allow fpm ping and status from localhost 49 | location ~ ^/(fpm-status|fpm-ping)$ { 50 | access_log off; 51 | allow 127.0.0.1; 52 | deny all; 53 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 54 | include fastcgi_params; 55 | fastcgi_pass 127.0.0.1:9000; 56 | } 57 | } 58 | -------------------------------------------------------------------------------- /7.4/rootfs/etc/nginx/nginx.conf: -------------------------------------------------------------------------------- 1 | user www; 2 | worker_processes auto; 3 | error_log stderr warn; 4 | pid /run/nginx.pid; 5 | 6 | events { 7 | worker_connections 1024; 8 | } 9 | 10 | http { 11 | include mime.types; 12 | default_type application/octet-stream; 13 | 14 | # Define custom log format to include reponse times 15 | log_format main_timed '$remote_addr - $remote_user [$time_local] "$request" ' 16 | '$status $body_bytes_sent "$http_referer" ' 17 | '"$http_user_agent" "$http_x_forwarded_for" ' 18 | '$request_time $upstream_response_time $pipe $upstream_cache_status'; 19 | 20 | access_log /dev/stdout main_timed; 21 | error_log /dev/stderr notice; 22 | 23 | keepalive_timeout 3000; 24 | 25 | # Write temporary files to /tmp so they can be created as a non-privileged user 26 | client_body_temp_path /tmp/client_temp; 27 | proxy_temp_path /tmp/proxy_temp_path; 28 | fastcgi_temp_path /tmp/fastcgi_temp; 29 | uwsgi_temp_path /tmp/uwsgi_temp; 30 | scgi_temp_path /tmp/scgi_temp; 31 | 32 | # Hide headers that identify the server to prevent information leakage 33 | proxy_hide_header X-Powered-By; 34 | server_tokens off; 35 | fastcgi_hide_header X-Powered-By; 36 | 37 | # Enable gzip compression by default 38 | gzip on; 39 | gzip_proxied any; 40 | # Based on CloudFlare's recommended settings 41 | gzip_types text/richtext text/plain text/css text/x-script text/x-component text/x-java-source text/x-markdown application/javascript application/x-javascript text/javascript text/js image/x-icon image/vnd.microsoft.icon application/x-perl application/x-httpd-cgi text/xml application/xml application/rss+xml application/vnd.api+json application/x-protobuf application/json multipart/bag multipart/mixed application/xhtml+xml font/ttf font/otf font/x-woff image/svg+xml application/vnd.ms-fontobject application/ttf application/x-ttf application/otf application/x-otf application/truetype application/opentype application/x-opentype application/font-woff application/eot application/font application/font-sfnt application/wasm application/javascript-binast application/manifest+json application/ld+json application/graphql+json application/geo+json; 42 | gzip_vary on; 43 | gzip_disable "msie6"; 44 | 45 | # Include server configs 46 | include /etc/nginx/conf.d/*.conf; 47 | } 48 | -------------------------------------------------------------------------------- /7.4/rootfs/etc/php74/conf.d/custom.ini: -------------------------------------------------------------------------------- 1 | [Date] 2 | date.timezone="UTC" 3 | display_errors=On 4 | log_errors=On 5 | expose_php=Off 6 | 7 | ; Redirect errors to the container stderr 8 | error_log = "/dev/stderr" 9 | 10 | ; Maximum amount of memory a script may consume (128MB) 11 | ; http://php.net/memory-limit 12 | memory_limit = 256M 13 | ; Maximum allowed size for uploaded files. 14 | ; http://php.net/upload-max-filesize 15 | upload_max_filesize = 20M 16 | ; Sets max size of post data allowed. 17 | ; http://php.net/post-max-size 18 | post_max_size = 20M 19 | max_execution_time=600 20 | default_socket_timeout=3600 21 | request_terminate_timeout=600 22 | ; How many GET/POST/COOKIE input variables may be accepted 23 | max_input_vars = 2000 24 | -------------------------------------------------------------------------------- /7.4/rootfs/etc/php74/php-fpm.d/www.conf: -------------------------------------------------------------------------------- 1 | [global] 2 | ; Log to stderr 3 | error_log = /dev/stderr 4 | 5 | [www] 6 | 7 | user = www 8 | group = www 9 | 10 | ; The address on which to accept FastCGI requests. 11 | ; Valid syntaxes are: 12 | ; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on 13 | ; a specific port; 14 | ; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on 15 | ; a specific port; 16 | ; 'port' - to listen on a TCP socket to all addresses 17 | ; (IPv6 and IPv4-mapped) on a specific port; 18 | ; '/path/to/unix/socket' - to listen on a unix socket. 19 | ; Note: This value is mandatory. 20 | listen = 127.0.0.1:9000 21 | 22 | ; Enable status page 23 | pm.status_path = /fpm-status 24 | 25 | ; Ondemand process manager 26 | pm = ondemand 27 | 28 | ; The number of child processes to be created when pm is set to 'static' and the 29 | ; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. 30 | ; This value sets the limit on the number of simultaneous requests that will be 31 | ; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. 32 | ; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP 33 | ; CGI. The below defaults are based on a server without much resources. Don't 34 | ; forget to tweak pm.* to fit your needs. 35 | ; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' 36 | ; Note: This value is mandatory. 37 | pm.max_children = 100 38 | 39 | ; The number of seconds after which an idle process will be killed. 40 | ; Note: Used only when pm is set to 'ondemand' 41 | ; Default Value: 10s 42 | pm.process_idle_timeout = 10s; 43 | 44 | ; The number of requests each child process should execute before respawning. 45 | ; This can be useful to work around memory leaks in 3rd party libraries. For 46 | ; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. 47 | ; Default Value: 0 48 | pm.max_requests = 1000 49 | 50 | ; Make sure the FPM workers can reach the environment variables for configuration 51 | clear_env = no 52 | 53 | ; Catch output from PHP 54 | catch_workers_output = yes 55 | 56 | ; Remove the 'child 10 said into stderr' prefix in the log and only show the actual message 57 | decorate_workers_output = no 58 | 59 | ; Enable ping page to use in healthcheck 60 | ping.path = /fpm-ping 61 | -------------------------------------------------------------------------------- /7.4/rootfs/etc/service/nginx/run: -------------------------------------------------------------------------------- 1 | #!/bin/sh -e 2 | 3 | # pipe stderr to stdout and run nginx 4 | exec 2>&1 5 | exec nginx -g 'daemon off;' -------------------------------------------------------------------------------- /7.4/rootfs/etc/service/php/run: -------------------------------------------------------------------------------- 1 | #!/bin/sh -e 2 | 3 | # pipe stderr to stdout and run php-fpm 4 | exec 2>&1 5 | exec php-fpm7 -F 6 | -------------------------------------------------------------------------------- /8.0/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG ALPINE_VERSION=3.16.8 2 | FROM alpine:${ALPINE_VERSION} 3 | LABEL Maintainer="Ngoc Linh Pham " 4 | LABEL Description="Lightweight container with Nginx 1.22 & PHP 8.0 based on Alpine Linux." 5 | 6 | # Setup document root 7 | WORKDIR /var/www/html 8 | 9 | # Install packages and remove default server definition 10 | RUN apk add --no-cache \ 11 | php8 \ 12 | php8-fpm \ 13 | php8-bcmath \ 14 | php8-ctype \ 15 | php8-fileinfo \ 16 | php8-json \ 17 | php8-mbstring \ 18 | php8-openssl \ 19 | php8-pdo_pgsql \ 20 | php8-pdo_mysql \ 21 | php8-pdo_sqlite \ 22 | php8-curl \ 23 | php8-pdo \ 24 | php8-tokenizer \ 25 | php8-xml \ 26 | php8-phar \ 27 | php8-dom \ 28 | php8-gd \ 29 | php8-iconv \ 30 | php8-xmlwriter \ 31 | php8-xmlreader \ 32 | php8-zip \ 33 | php8-simplexml \ 34 | php8-session \ 35 | php8-opcache \ 36 | php8-gd \ 37 | php8-intl \ 38 | php8-pcntl \ 39 | php8-posix \ 40 | php8-ftp \ 41 | php8-sodium \ 42 | curl \ 43 | nginx \ 44 | runit 45 | 46 | # Create symlink so programs depending on `php` still function 47 | RUN cp /usr/bin/php8 /usr/bin/php 48 | 49 | # Install Composer 50 | COPY --from=composer/composer:2-bin /composer /usr/bin/composer 51 | 52 | ADD rootfs / 53 | COPY boot.sh /sbin/boot.sh 54 | 55 | # Make sure files/folders needed by the processes are accessable when they run under the www user 56 | ARG nginxUID=1000 57 | ARG nginxGID=1000 58 | 59 | RUN adduser -D -u ${nginxUID} -g ${nginxGID} -s /bin/sh www && \ 60 | mkdir -p /var/www/html && \ 61 | mkdir -p /var/cache/nginx && \ 62 | chown -R www:www /var/www/html && \ 63 | chown -R www:www /run && \ 64 | chown -R www:www /var/lib/nginx && \ 65 | chown -R www:www /var/log/nginx 66 | 67 | RUN chmod +x /etc/service/nginx/run \ 68 | && chmod +x /etc/service/php/run 69 | 70 | # Expose the port nginx is reachable on 71 | EXPOSE 80 72 | 73 | # Let boot start nginx & php-fpm 74 | CMD ["sh", "/sbin/boot.sh"] 75 | 76 | # Configure a healthcheck to validate that everything is up & running 77 | HEALTHCHECK --timeout=10s CMD curl --silent --fail http://127.0.0.1:80/fpm-ping || exit 1 78 | -------------------------------------------------------------------------------- /8.0/boot.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | shutdown() { 3 | echo "shutting down container" 4 | 5 | # first shutdown any service started by runit 6 | for _srv in $(ls -1 /etc/service); do 7 | sv force-stop ${_srv} 8 | done 9 | 10 | # shutdown runsvdir command 11 | kill -HUP ${PID} 12 | wait ${PID} 13 | 14 | # give processes time to stop 15 | sleep 0.5 16 | 17 | # kill any other processes still running in the container 18 | for _pid in $(ps -eo pid | grep -v PID | tr -d ' ' | grep -v '^1$' | head -n -6); do 19 | timeout -t 5 /bin/sh -c "kill $_pid && wait $_pid || kill -9 $_pid" 20 | done 21 | exit 22 | } 23 | 24 | exec env - PATH=$PATH runsvdir -P /etc/service & 25 | 26 | PID=$! 27 | echo "Started runsvdir, PID is $PID" 28 | echo "wait for processes to start...." 29 | 30 | sleep 5 31 | for _srv in $(ls -1 /etc/service); do 32 | sv status ${_srv} 33 | done 34 | 35 | # catch shutdown signals 36 | trap shutdown SIGTERM SIGHUP SIGQUIT SIGINT 37 | wait ${PID} 38 | 39 | shutdown -------------------------------------------------------------------------------- /8.0/rootfs/etc/nginx/conf.d/default.conf: -------------------------------------------------------------------------------- 1 | # Default server definition 2 | server { 3 | listen [::]:80 default_server; 4 | listen 80 default_server; 5 | server_name _; 6 | 7 | sendfile off; 8 | tcp_nodelay on; 9 | absolute_redirect off; 10 | 11 | root /var/www/html/public; 12 | index index.php index.html; 13 | 14 | location / { 15 | # First attempt to serve request as file, then 16 | # as directory, then fall back to index.php 17 | try_files $uri $uri/ /index.php?$query_string; 18 | } 19 | 20 | # Redirect server error pages to the static page /50x.html 21 | error_page 500 502 503 504 /50x.html; 22 | location = /50x.html { 23 | root /var/lib/nginx/html; 24 | } 25 | 26 | # Pass the PHP scripts to PHP-FPM listening on 127.0.0.1:9000 27 | location ~ \.php$ { 28 | try_files $uri =404; 29 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 30 | fastcgi_pass 127.0.0.1:9000; 31 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 32 | fastcgi_param SCRIPT_NAME $fastcgi_script_name; 33 | fastcgi_index index.php; 34 | include fastcgi_params; 35 | } 36 | 37 | # Set the cache-control headers on assets to cache for 5 days 38 | location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ { 39 | expires off; 40 | } 41 | 42 | # Deny access to . files, for security 43 | location ~ /\. { 44 | log_not_found off; 45 | deny all; 46 | } 47 | 48 | # Allow fpm ping and status from localhost 49 | location ~ ^/(fpm-status|fpm-ping)$ { 50 | access_log off; 51 | allow 127.0.0.1; 52 | deny all; 53 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 54 | include fastcgi_params; 55 | fastcgi_pass 127.0.0.1:9000; 56 | } 57 | } 58 | -------------------------------------------------------------------------------- /8.0/rootfs/etc/nginx/nginx.conf: -------------------------------------------------------------------------------- 1 | user www; 2 | worker_processes auto; 3 | error_log stderr warn; 4 | pid /run/nginx.pid; 5 | 6 | events { 7 | worker_connections 1024; 8 | } 9 | 10 | http { 11 | include mime.types; 12 | default_type application/octet-stream; 13 | 14 | # Define custom log format to include reponse times 15 | log_format main_timed '$remote_addr - $remote_user [$time_local] "$request" ' 16 | '$status $body_bytes_sent "$http_referer" ' 17 | '"$http_user_agent" "$http_x_forwarded_for" ' 18 | '$request_time $upstream_response_time $pipe $upstream_cache_status'; 19 | 20 | access_log /dev/stdout main_timed; 21 | error_log /dev/stderr notice; 22 | 23 | keepalive_timeout 3000; 24 | 25 | # Write temporary files to /tmp so they can be created as a non-privileged user 26 | client_body_temp_path /tmp/client_temp; 27 | proxy_temp_path /tmp/proxy_temp_path; 28 | fastcgi_temp_path /tmp/fastcgi_temp; 29 | uwsgi_temp_path /tmp/uwsgi_temp; 30 | scgi_temp_path /tmp/scgi_temp; 31 | 32 | # Hide headers that identify the server to prevent information leakage 33 | proxy_hide_header X-Powered-By; 34 | server_tokens off; 35 | fastcgi_hide_header X-Powered-By; 36 | 37 | # Enable gzip compression by default 38 | gzip on; 39 | gzip_proxied any; 40 | # Based on CloudFlare's recommended settings 41 | gzip_types text/richtext text/plain text/css text/x-script text/x-component text/x-java-source text/x-markdown application/javascript application/x-javascript text/javascript text/js image/x-icon image/vnd.microsoft.icon application/x-perl application/x-httpd-cgi text/xml application/xml application/rss+xml application/vnd.api+json application/x-protobuf application/json multipart/bag multipart/mixed application/xhtml+xml font/ttf font/otf font/x-woff image/svg+xml application/vnd.ms-fontobject application/ttf application/x-ttf application/otf application/x-otf application/truetype application/opentype application/x-opentype application/font-woff application/eot application/font application/font-sfnt application/wasm application/javascript-binast application/manifest+json application/ld+json application/graphql+json application/geo+json; 42 | gzip_vary on; 43 | gzip_disable "msie6"; 44 | 45 | # Include server configs 46 | include /etc/nginx/conf.d/*.conf; 47 | } 48 | -------------------------------------------------------------------------------- /8.0/rootfs/etc/php80/conf.d/custom.ini: -------------------------------------------------------------------------------- 1 | [Date] 2 | date.timezone="UTC" 3 | display_errors=On 4 | log_errors=On 5 | expose_php=Off 6 | 7 | ; Redirect errors to the container stderr 8 | error_log = "/dev/stderr" 9 | 10 | ; Maximum amount of memory a script may consume (128MB) 11 | ; http://php.net/memory-limit 12 | memory_limit = 256M 13 | ; Maximum allowed size for uploaded files. 14 | ; http://php.net/upload-max-filesize 15 | upload_max_filesize = 20M 16 | ; Sets max size of post data allowed. 17 | ; http://php.net/post-max-size 18 | post_max_size = 20M 19 | max_execution_time=600 20 | default_socket_timeout=3600 21 | request_terminate_timeout=600 22 | ; How many GET/POST/COOKIE input variables may be accepted 23 | max_input_vars = 2000 24 | -------------------------------------------------------------------------------- /8.0/rootfs/etc/php80/php-fpm.d/www.conf: -------------------------------------------------------------------------------- 1 | [global] 2 | ; Log to stderr 3 | error_log = /dev/stderr 4 | 5 | [www] 6 | 7 | user = www 8 | group = www 9 | 10 | ; The address on which to accept FastCGI requests. 11 | ; Valid syntaxes are: 12 | ; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on 13 | ; a specific port; 14 | ; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on 15 | ; a specific port; 16 | ; 'port' - to listen on a TCP socket to all addresses 17 | ; (IPv6 and IPv4-mapped) on a specific port; 18 | ; '/path/to/unix/socket' - to listen on a unix socket. 19 | ; Note: This value is mandatory. 20 | listen = 127.0.0.1:9000 21 | 22 | ; Enable status page 23 | pm.status_path = /fpm-status 24 | 25 | ; Ondemand process manager 26 | pm = ondemand 27 | 28 | ; The number of child processes to be created when pm is set to 'static' and the 29 | ; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. 30 | ; This value sets the limit on the number of simultaneous requests that will be 31 | ; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. 32 | ; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP 33 | ; CGI. The below defaults are based on a server without much resources. Don't 34 | ; forget to tweak pm.* to fit your needs. 35 | ; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' 36 | ; Note: This value is mandatory. 37 | pm.max_children = 100 38 | 39 | ; The number of seconds after which an idle process will be killed. 40 | ; Note: Used only when pm is set to 'ondemand' 41 | ; Default Value: 10s 42 | pm.process_idle_timeout = 10s; 43 | 44 | ; The number of requests each child process should execute before respawning. 45 | ; This can be useful to work around memory leaks in 3rd party libraries. For 46 | ; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. 47 | ; Default Value: 0 48 | pm.max_requests = 1000 49 | 50 | ; Make sure the FPM workers can reach the environment variables for configuration 51 | clear_env = no 52 | 53 | ; Catch output from PHP 54 | catch_workers_output = yes 55 | 56 | ; Remove the 'child 10 said into stderr' prefix in the log and only show the actual message 57 | decorate_workers_output = no 58 | 59 | ; Enable ping page to use in healthcheck 60 | ping.path = /fpm-ping 61 | -------------------------------------------------------------------------------- /8.0/rootfs/etc/service/nginx/run: -------------------------------------------------------------------------------- 1 | #!/bin/sh -e 2 | 3 | # pipe stderr to stdout and run nginx 4 | exec 2>&1 5 | exec nginx -g 'daemon off;' -------------------------------------------------------------------------------- /8.0/rootfs/etc/service/php/run: -------------------------------------------------------------------------------- 1 | #!/bin/sh -e 2 | 3 | # pipe stderr to stdout and run php-fpm 4 | exec 2>&1 5 | exec php-fpm8 -F 6 | -------------------------------------------------------------------------------- /8.1/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG ALPINE_VERSION=3.18.5 2 | FROM alpine:${ALPINE_VERSION} 3 | LABEL Maintainer="Ngoc Linh Pham " 4 | LABEL Description="Lightweight container with Nginx 1.24 & PHP 8.1 based on Alpine Linux." 5 | 6 | # Setup document root 7 | WORKDIR /var/www/html 8 | 9 | # Install packages and remove default server definition 10 | RUN apk add --no-cache \ 11 | php81 \ 12 | php81-fpm \ 13 | php81-bcmath \ 14 | php81-ctype \ 15 | php81-fileinfo \ 16 | php81-json \ 17 | php81-mbstring \ 18 | php81-openssl \ 19 | php81-pdo_pgsql \ 20 | php81-pdo_mysql \ 21 | php81-pdo_sqlite \ 22 | php81-curl \ 23 | php81-pdo \ 24 | php81-tokenizer \ 25 | php81-xml \ 26 | php81-phar \ 27 | php81-dom \ 28 | php81-gd \ 29 | php81-iconv \ 30 | php81-xmlwriter \ 31 | php81-xmlreader \ 32 | php81-zip \ 33 | php81-simplexml \ 34 | php81-session \ 35 | php81-opcache \ 36 | php81-gd \ 37 | php81-intl \ 38 | php81-pcntl \ 39 | php81-posix \ 40 | php81-ftp \ 41 | php81-sodium \ 42 | curl \ 43 | nginx \ 44 | runit 45 | 46 | # Create symlink so programs depending on `php` still function 47 | RUN cp /usr/bin/php81 /usr/bin/php 48 | 49 | # Install Composer 50 | COPY --from=composer/composer:2-bin /composer /usr/bin/composer 51 | 52 | ADD rootfs / 53 | COPY boot.sh /sbin/boot.sh 54 | 55 | # Make sure files/folders needed by the processes are accessable when they run under the www user 56 | ARG nginxUID=1000 57 | ARG nginxGID=1000 58 | 59 | RUN adduser -D -u ${nginxUID} -g ${nginxGID} -s /bin/sh www && \ 60 | mkdir -p /var/www/html && \ 61 | mkdir -p /var/cache/nginx && \ 62 | chown -R www:www /var/www/html && \ 63 | chown -R www:www /run && \ 64 | chown -R www:www /var/lib/nginx && \ 65 | chown -R www:www /var/log/nginx 66 | 67 | RUN chmod +x /etc/service/nginx/run \ 68 | && chmod +x /etc/service/php/run 69 | 70 | # Expose the port nginx is reachable on 71 | EXPOSE 80 72 | 73 | # Let boot start nginx & php-fpm 74 | CMD ["sh", "/sbin/boot.sh"] 75 | 76 | # Configure a healthcheck to validate that everything is up & running 77 | HEALTHCHECK --timeout=10s CMD curl --silent --fail http://127.0.0.1:80/fpm-ping || exit 1 78 | -------------------------------------------------------------------------------- /8.1/boot.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | shutdown() { 3 | echo "shutting down container" 4 | 5 | # first shutdown any service started by runit 6 | for _srv in $(ls -1 /etc/service); do 7 | sv force-stop ${_srv} 8 | done 9 | 10 | # shutdown runsvdir command 11 | kill -HUP ${PID} 12 | wait ${PID} 13 | 14 | # give processes time to stop 15 | sleep 0.5 16 | 17 | # kill any other processes still running in the container 18 | for _pid in $(ps -eo pid | grep -v PID | tr -d ' ' | grep -v '^1$' | head -n -6); do 19 | timeout -t 5 /bin/sh -c "kill $_pid && wait $_pid || kill -9 $_pid" 20 | done 21 | exit 22 | } 23 | 24 | exec env - PATH=$PATH runsvdir -P /etc/service & 25 | 26 | PID=$! 27 | echo "Started runsvdir, PID is $PID" 28 | echo "wait for processes to start...." 29 | 30 | sleep 5 31 | for _srv in $(ls -1 /etc/service); do 32 | sv status ${_srv} 33 | done 34 | 35 | # catch shutdown signals 36 | trap shutdown SIGTERM SIGHUP SIGQUIT SIGINT 37 | wait ${PID} 38 | 39 | shutdown -------------------------------------------------------------------------------- /8.1/rootfs/etc/nginx/conf.d/default.conf: -------------------------------------------------------------------------------- 1 | # Default server definition 2 | server { 3 | listen [::]:80 default_server; 4 | listen 80 default_server; 5 | server_name _; 6 | 7 | sendfile off; 8 | tcp_nodelay on; 9 | absolute_redirect off; 10 | 11 | root /var/www/html/public; 12 | index index.php index.html; 13 | 14 | location / { 15 | # First attempt to serve request as file, then 16 | # as directory, then fall back to index.php 17 | try_files $uri $uri/ /index.php?$query_string; 18 | } 19 | 20 | # Redirect server error pages to the static page /50x.html 21 | error_page 500 502 503 504 /50x.html; 22 | location = /50x.html { 23 | root /var/lib/nginx/html; 24 | } 25 | 26 | # Pass the PHP scripts to PHP-FPM listening on 127.0.0.1:9000 27 | location ~ \.php$ { 28 | try_files $uri =404; 29 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 30 | fastcgi_pass 127.0.0.1:9000; 31 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 32 | fastcgi_param SCRIPT_NAME $fastcgi_script_name; 33 | fastcgi_index index.php; 34 | include fastcgi_params; 35 | } 36 | 37 | # Set the cache-control headers on assets to cache for 5 days 38 | location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ { 39 | expires off; 40 | } 41 | 42 | # Deny access to . files, for security 43 | location ~ /\. { 44 | log_not_found off; 45 | deny all; 46 | } 47 | 48 | # Allow fpm ping and status from localhost 49 | location ~ ^/(fpm-status|fpm-ping)$ { 50 | access_log off; 51 | allow 127.0.0.1; 52 | deny all; 53 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 54 | include fastcgi_params; 55 | fastcgi_pass 127.0.0.1:9000; 56 | } 57 | } 58 | -------------------------------------------------------------------------------- /8.1/rootfs/etc/nginx/nginx.conf: -------------------------------------------------------------------------------- 1 | user www; 2 | worker_processes auto; 3 | error_log stderr warn; 4 | pid /run/nginx.pid; 5 | 6 | events { 7 | worker_connections 1024; 8 | } 9 | 10 | http { 11 | include mime.types; 12 | default_type application/octet-stream; 13 | 14 | # Define custom log format to include reponse times 15 | log_format main_timed '$remote_addr - $remote_user [$time_local] "$request" ' 16 | '$status $body_bytes_sent "$http_referer" ' 17 | '"$http_user_agent" "$http_x_forwarded_for" ' 18 | '$request_time $upstream_response_time $pipe $upstream_cache_status'; 19 | 20 | access_log /dev/stdout main_timed; 21 | error_log /dev/stderr notice; 22 | 23 | keepalive_timeout 3000; 24 | 25 | # Write temporary files to /tmp so they can be created as a non-privileged user 26 | client_body_temp_path /tmp/client_temp; 27 | proxy_temp_path /tmp/proxy_temp_path; 28 | fastcgi_temp_path /tmp/fastcgi_temp; 29 | uwsgi_temp_path /tmp/uwsgi_temp; 30 | scgi_temp_path /tmp/scgi_temp; 31 | 32 | # Hide headers that identify the server to prevent information leakage 33 | proxy_hide_header X-Powered-By; 34 | server_tokens off; 35 | fastcgi_hide_header X-Powered-By; 36 | 37 | # Enable gzip compression by default 38 | gzip on; 39 | gzip_proxied any; 40 | # Based on CloudFlare's recommended settings 41 | gzip_types text/richtext text/plain text/css text/x-script text/x-component text/x-java-source text/x-markdown application/javascript application/x-javascript text/javascript text/js image/x-icon image/vnd.microsoft.icon application/x-perl application/x-httpd-cgi text/xml application/xml application/rss+xml application/vnd.api+json application/x-protobuf application/json multipart/bag multipart/mixed application/xhtml+xml font/ttf font/otf font/x-woff image/svg+xml application/vnd.ms-fontobject application/ttf application/x-ttf application/otf application/x-otf application/truetype application/opentype application/x-opentype application/font-woff application/eot application/font application/font-sfnt application/wasm application/javascript-binast application/manifest+json application/ld+json application/graphql+json application/geo+json; 42 | gzip_vary on; 43 | gzip_disable "msie6"; 44 | 45 | # Include server configs 46 | include /etc/nginx/conf.d/*.conf; 47 | } 48 | -------------------------------------------------------------------------------- /8.1/rootfs/etc/php81/conf.d/custom.ini: -------------------------------------------------------------------------------- 1 | [Date] 2 | date.timezone="UTC" 3 | display_errors=On 4 | log_errors=On 5 | expose_php=Off 6 | 7 | ; Redirect errors to the container stderr 8 | error_log = "/dev/stderr" 9 | 10 | ; Maximum amount of memory a script may consume (128MB) 11 | ; http://php.net/memory-limit 12 | memory_limit = 256M 13 | ; Maximum allowed size for uploaded files. 14 | ; http://php.net/upload-max-filesize 15 | upload_max_filesize = 20M 16 | ; Sets max size of post data allowed. 17 | ; http://php.net/post-max-size 18 | post_max_size = 20M 19 | max_execution_time=600 20 | default_socket_timeout=3600 21 | request_terminate_timeout=600 22 | ; How many GET/POST/COOKIE input variables may be accepted 23 | max_input_vars = 2000 24 | -------------------------------------------------------------------------------- /8.1/rootfs/etc/php81/php-fpm.d/www.conf: -------------------------------------------------------------------------------- 1 | [global] 2 | ; Log to stderr 3 | error_log = /dev/stderr 4 | 5 | [www] 6 | 7 | user = www 8 | group = www 9 | 10 | ; The address on which to accept FastCGI requests. 11 | ; Valid syntaxes are: 12 | ; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on 13 | ; a specific port; 14 | ; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on 15 | ; a specific port; 16 | ; 'port' - to listen on a TCP socket to all addresses 17 | ; (IPv6 and IPv4-mapped) on a specific port; 18 | ; '/path/to/unix/socket' - to listen on a unix socket. 19 | ; Note: This value is mandatory. 20 | listen = 127.0.0.1:9000 21 | 22 | ; Enable status page 23 | pm.status_path = /fpm-status 24 | 25 | ; Ondemand process manager 26 | pm = ondemand 27 | 28 | ; The number of child processes to be created when pm is set to 'static' and the 29 | ; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. 30 | ; This value sets the limit on the number of simultaneous requests that will be 31 | ; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. 32 | ; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP 33 | ; CGI. The below defaults are based on a server without much resources. Don't 34 | ; forget to tweak pm.* to fit your needs. 35 | ; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' 36 | ; Note: This value is mandatory. 37 | pm.max_children = 100 38 | 39 | ; The number of seconds after which an idle process will be killed. 40 | ; Note: Used only when pm is set to 'ondemand' 41 | ; Default Value: 10s 42 | pm.process_idle_timeout = 10s; 43 | 44 | ; The number of requests each child process should execute before respawning. 45 | ; This can be useful to work around memory leaks in 3rd party libraries. For 46 | ; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. 47 | ; Default Value: 0 48 | pm.max_requests = 1000 49 | 50 | ; Make sure the FPM workers can reach the environment variables for configuration 51 | clear_env = no 52 | 53 | ; Catch output from PHP 54 | catch_workers_output = yes 55 | 56 | ; Remove the 'child 10 said into stderr' prefix in the log and only show the actual message 57 | decorate_workers_output = no 58 | 59 | ; Enable ping page to use in healthcheck 60 | ping.path = /fpm-ping 61 | -------------------------------------------------------------------------------- /8.1/rootfs/etc/service/nginx/run: -------------------------------------------------------------------------------- 1 | #!/bin/sh -e 2 | 3 | # pipe stderr to stdout and run nginx 4 | exec 2>&1 5 | exec nginx -g 'daemon off;' -------------------------------------------------------------------------------- /8.1/rootfs/etc/service/php/run: -------------------------------------------------------------------------------- 1 | #!/bin/sh -e 2 | 3 | # pipe stderr to stdout and run php-fpm 4 | exec 2>&1 5 | exec php-fpm81 -F 6 | -------------------------------------------------------------------------------- /8.2/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG ALPINE_VERSION=3.19 2 | FROM alpine:${ALPINE_VERSION} 3 | LABEL Maintainer="Ngoc Linh Pham " 4 | LABEL Description="Lightweight container with Nginx 1.24 & PHP 8.2 based on Alpine Linux." 5 | 6 | # Setup document root 7 | WORKDIR /var/www/html 8 | 9 | # Install packages and remove default server definition 10 | RUN apk add --no-cache \ 11 | php82 \ 12 | php82-fpm \ 13 | php82-bcmath \ 14 | php82-ctype \ 15 | php82-fileinfo \ 16 | php82-json \ 17 | php82-mbstring \ 18 | php82-openssl \ 19 | php82-pdo_pgsql \ 20 | php82-pdo_mysql \ 21 | php82-pdo_sqlite \ 22 | php82-curl \ 23 | php82-pdo \ 24 | php82-tokenizer \ 25 | php82-xml \ 26 | php82-phar \ 27 | php82-dom \ 28 | php82-gd \ 29 | php82-iconv \ 30 | php82-xmlwriter \ 31 | php82-xmlreader \ 32 | php82-zip \ 33 | php82-simplexml \ 34 | php82-session \ 35 | php82-opcache \ 36 | php82-gd \ 37 | php82-intl \ 38 | php82-pcntl \ 39 | php82-posix \ 40 | php82-ftp \ 41 | php82-sodium \ 42 | curl \ 43 | nginx \ 44 | runit 45 | 46 | # Create symlink so programs depending on `php` still function 47 | RUN cp /usr/bin/php82 /usr/bin/php 48 | 49 | # Install Composer 50 | COPY --from=composer/composer:2-bin /composer /usr/bin/composer 51 | 52 | ADD rootfs / 53 | COPY boot.sh /sbin/boot.sh 54 | 55 | # Make sure files/folders needed by the processes are accessable when they run under the www user 56 | ARG nginxUID=1000 57 | ARG nginxGID=1000 58 | 59 | RUN adduser -D -u ${nginxUID} -g ${nginxGID} -s /bin/sh www && \ 60 | mkdir -p /var/www/html && \ 61 | mkdir -p /var/cache/nginx && \ 62 | chown -R www:www /var/www/html && \ 63 | chown -R www:www /run && \ 64 | chown -R www:www /var/lib/nginx && \ 65 | chown -R www:www /var/log/nginx 66 | 67 | RUN chmod +x /etc/service/nginx/run \ 68 | && chmod +x /etc/service/php/run 69 | 70 | # Expose the port nginx is reachable on 71 | EXPOSE 80 72 | 73 | # Let boot start nginx & php-fpm 74 | CMD ["sh", "/sbin/boot.sh"] 75 | 76 | # Configure a healthcheck to validate that everything is up & running 77 | HEALTHCHECK --timeout=10s CMD curl --silent --fail http://127.0.0.1:80/fpm-ping || exit 1 78 | -------------------------------------------------------------------------------- /8.2/boot.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | shutdown() { 3 | echo "shutting down container" 4 | 5 | # first shutdown any service started by runit 6 | for _srv in $(ls -1 /etc/service); do 7 | sv force-stop ${_srv} 8 | done 9 | 10 | # shutdown runsvdir command 11 | kill -HUP ${PID} 12 | wait ${PID} 13 | 14 | # give processes time to stop 15 | sleep 0.5 16 | 17 | # kill any other processes still running in the container 18 | for _pid in $(ps -eo pid | grep -v PID | tr -d ' ' | grep -v '^1$' | head -n -6); do 19 | timeout -t 5 /bin/sh -c "kill $_pid && wait $_pid || kill -9 $_pid" 20 | done 21 | exit 22 | } 23 | 24 | exec env - PATH=$PATH runsvdir -P /etc/service & 25 | 26 | PID=$! 27 | echo "Started runsvdir, PID is $PID" 28 | echo "wait for processes to start...." 29 | 30 | sleep 5 31 | for _srv in $(ls -1 /etc/service); do 32 | sv status ${_srv} 33 | done 34 | 35 | # catch shutdown signals 36 | trap shutdown SIGTERM SIGHUP SIGQUIT SIGINT 37 | wait ${PID} 38 | 39 | shutdown -------------------------------------------------------------------------------- /8.2/rootfs/etc/nginx/conf.d/default.conf: -------------------------------------------------------------------------------- 1 | # Default server definition 2 | server { 3 | listen [::]:80 default_server; 4 | listen 80 default_server; 5 | server_name _; 6 | 7 | sendfile off; 8 | tcp_nodelay on; 9 | absolute_redirect off; 10 | 11 | root /var/www/html/public; 12 | index index.php index.html; 13 | 14 | location / { 15 | # First attempt to serve request as file, then 16 | # as directory, then fall back to index.php 17 | try_files $uri $uri/ /index.php?$query_string; 18 | } 19 | 20 | # Redirect server error pages to the static page /50x.html 21 | error_page 500 502 503 504 /50x.html; 22 | location = /50x.html { 23 | root /var/lib/nginx/html; 24 | } 25 | 26 | # Pass the PHP scripts to PHP-FPM listening on 127.0.0.1:9000 27 | location ~ \.php$ { 28 | try_files $uri =404; 29 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 30 | fastcgi_pass 127.0.0.1:9000; 31 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 32 | fastcgi_param SCRIPT_NAME $fastcgi_script_name; 33 | fastcgi_index index.php; 34 | include fastcgi_params; 35 | } 36 | 37 | # Set the cache-control headers on assets to cache for 5 days 38 | location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ { 39 | expires off; 40 | } 41 | 42 | # Deny access to . files, for security 43 | location ~ /\. { 44 | log_not_found off; 45 | deny all; 46 | } 47 | 48 | # Allow fpm ping and status from localhost 49 | location ~ ^/(fpm-status|fpm-ping)$ { 50 | access_log off; 51 | allow 127.0.0.1; 52 | deny all; 53 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 54 | include fastcgi_params; 55 | fastcgi_pass 127.0.0.1:9000; 56 | } 57 | } 58 | -------------------------------------------------------------------------------- /8.2/rootfs/etc/nginx/nginx.conf: -------------------------------------------------------------------------------- 1 | user www; 2 | worker_processes auto; 3 | error_log stderr warn; 4 | pid /run/nginx.pid; 5 | 6 | events { 7 | worker_connections 1024; 8 | } 9 | 10 | http { 11 | include mime.types; 12 | default_type application/octet-stream; 13 | 14 | # Define custom log format to include reponse times 15 | log_format main_timed '$remote_addr - $remote_user [$time_local] "$request" ' 16 | '$status $body_bytes_sent "$http_referer" ' 17 | '"$http_user_agent" "$http_x_forwarded_for" ' 18 | '$request_time $upstream_response_time $pipe $upstream_cache_status'; 19 | 20 | access_log /dev/stdout main_timed; 21 | error_log /dev/stderr notice; 22 | 23 | keepalive_timeout 3000; 24 | 25 | # Write temporary files to /tmp so they can be created as a non-privileged user 26 | client_body_temp_path /tmp/client_temp; 27 | proxy_temp_path /tmp/proxy_temp_path; 28 | fastcgi_temp_path /tmp/fastcgi_temp; 29 | uwsgi_temp_path /tmp/uwsgi_temp; 30 | scgi_temp_path /tmp/scgi_temp; 31 | 32 | # Hide headers that identify the server to prevent information leakage 33 | proxy_hide_header X-Powered-By; 34 | server_tokens off; 35 | fastcgi_hide_header X-Powered-By; 36 | 37 | # Enable gzip compression by default 38 | gzip on; 39 | gzip_proxied any; 40 | # Based on CloudFlare's recommended settings 41 | gzip_types text/richtext text/plain text/css text/x-script text/x-component text/x-java-source text/x-markdown application/javascript application/x-javascript text/javascript text/js image/x-icon image/vnd.microsoft.icon application/x-perl application/x-httpd-cgi text/xml application/xml application/rss+xml application/vnd.api+json application/x-protobuf application/json multipart/bag multipart/mixed application/xhtml+xml font/ttf font/otf font/x-woff image/svg+xml application/vnd.ms-fontobject application/ttf application/x-ttf application/otf application/x-otf application/truetype application/opentype application/x-opentype application/font-woff application/eot application/font application/font-sfnt application/wasm application/javascript-binast application/manifest+json application/ld+json application/graphql+json application/geo+json; 42 | gzip_vary on; 43 | gzip_disable "msie6"; 44 | 45 | # Include server configs 46 | include /etc/nginx/conf.d/*.conf; 47 | } 48 | -------------------------------------------------------------------------------- /8.2/rootfs/etc/php82/conf.d/custom.ini: -------------------------------------------------------------------------------- 1 | [Date] 2 | date.timezone="UTC" 3 | display_errors=On 4 | log_errors=On 5 | expose_php=Off 6 | 7 | ; Redirect errors to the container stderr 8 | error_log = "/dev/stderr" 9 | 10 | ; Maximum amount of memory a script may consume (128MB) 11 | ; http://php.net/memory-limit 12 | memory_limit = 256M 13 | ; Maximum allowed size for uploaded files. 14 | ; http://php.net/upload-max-filesize 15 | upload_max_filesize = 20M 16 | ; Sets max size of post data allowed. 17 | ; http://php.net/post-max-size 18 | post_max_size = 20M 19 | max_execution_time=600 20 | default_socket_timeout=3600 21 | request_terminate_timeout=600 22 | ; How many GET/POST/COOKIE input variables may be accepted 23 | max_input_vars = 2000 24 | -------------------------------------------------------------------------------- /8.2/rootfs/etc/php82/php-fpm.d/www.conf: -------------------------------------------------------------------------------- 1 | [global] 2 | ; Log to stderr 3 | error_log = /dev/stderr 4 | 5 | [www] 6 | 7 | user = www 8 | group = www 9 | 10 | ; The address on which to accept FastCGI requests. 11 | ; Valid syntaxes are: 12 | ; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on 13 | ; a specific port; 14 | ; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on 15 | ; a specific port; 16 | ; 'port' - to listen on a TCP socket to all addresses 17 | ; (IPv6 and IPv4-mapped) on a specific port; 18 | ; '/path/to/unix/socket' - to listen on a unix socket. 19 | ; Note: This value is mandatory. 20 | listen = 127.0.0.1:9000 21 | 22 | ; Enable status page 23 | pm.status_path = /fpm-status 24 | 25 | ; Ondemand process manager 26 | pm = ondemand 27 | 28 | ; The number of child processes to be created when pm is set to 'static' and the 29 | ; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. 30 | ; This value sets the limit on the number of simultaneous requests that will be 31 | ; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. 32 | ; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP 33 | ; CGI. The below defaults are based on a server without much resources. Don't 34 | ; forget to tweak pm.* to fit your needs. 35 | ; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' 36 | ; Note: This value is mandatory. 37 | pm.max_children = 100 38 | 39 | ; The number of seconds after which an idle process will be killed. 40 | ; Note: Used only when pm is set to 'ondemand' 41 | ; Default Value: 10s 42 | pm.process_idle_timeout = 10s; 43 | 44 | ; The number of requests each child process should execute before respawning. 45 | ; This can be useful to work around memory leaks in 3rd party libraries. For 46 | ; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. 47 | ; Default Value: 0 48 | pm.max_requests = 1000 49 | 50 | ; Make sure the FPM workers can reach the environment variables for configuration 51 | clear_env = no 52 | 53 | ; Catch output from PHP 54 | catch_workers_output = yes 55 | 56 | ; Remove the 'child 10 said into stderr' prefix in the log and only show the actual message 57 | decorate_workers_output = no 58 | 59 | ; Enable ping page to use in healthcheck 60 | ping.path = /fpm-ping 61 | -------------------------------------------------------------------------------- /8.2/rootfs/etc/service/nginx/run: -------------------------------------------------------------------------------- 1 | #!/bin/sh -e 2 | 3 | # pipe stderr to stdout and run nginx 4 | exec 2>&1 5 | exec nginx -g 'daemon off;' -------------------------------------------------------------------------------- /8.2/rootfs/etc/service/php/run: -------------------------------------------------------------------------------- 1 | #!/bin/sh -e 2 | 3 | # pipe stderr to stdout and run php-fpm 4 | exec 2>&1 5 | exec php-fpm82 -F 6 | -------------------------------------------------------------------------------- /8.3/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG ALPINE_VERSION=3.19.0 2 | FROM alpine:${ALPINE_VERSION} 3 | LABEL Maintainer="Ngoc Linh Pham " 4 | LABEL Description="Lightweight container with Nginx 1.24 & PHP 8.3 based on Alpine Linux." 5 | 6 | # Setup document root 7 | WORKDIR /var/www/html 8 | 9 | # Install packages and remove default server definition 10 | RUN apk add --no-cache \ 11 | php83 \ 12 | php83-fpm \ 13 | php83-bcmath \ 14 | php83-ctype \ 15 | php83-fileinfo \ 16 | php83-json \ 17 | php83-mbstring \ 18 | php83-openssl \ 19 | php83-pdo_pgsql \ 20 | php83-pdo_mysql \ 21 | php83-pdo_sqlite \ 22 | php83-curl \ 23 | php83-pdo \ 24 | php83-tokenizer \ 25 | php83-xml \ 26 | php83-phar \ 27 | php83-dom \ 28 | php83-gd \ 29 | php83-iconv \ 30 | php83-xmlwriter \ 31 | php83-xmlreader \ 32 | php83-zip \ 33 | php83-simplexml \ 34 | php83-session \ 35 | php83-opcache \ 36 | php83-gd \ 37 | php83-intl \ 38 | php83-pcntl \ 39 | php83-posix \ 40 | php83-ftp \ 41 | php83-sodium \ 42 | curl \ 43 | nginx \ 44 | runit 45 | 46 | # Create symlink so programs depending on `php` still function 47 | RUN cp /usr/bin/php83 /usr/bin/php 48 | 49 | # Install Composer 50 | COPY --from=composer/composer:2-bin /composer /usr/bin/composer 51 | 52 | ADD rootfs / 53 | COPY boot.sh /sbin/boot.sh 54 | 55 | # Make sure files/folders needed by the processes are accessable when they run under the www user 56 | ARG nginxUID=1000 57 | ARG nginxGID=1000 58 | 59 | RUN adduser -D -u ${nginxUID} -g ${nginxGID} -s /bin/sh www && \ 60 | mkdir -p /var/www/html && \ 61 | mkdir -p /var/cache/nginx && \ 62 | chown -R www:www /var/www/html && \ 63 | chown -R www:www /run && \ 64 | chown -R www:www /var/lib/nginx && \ 65 | chown -R www:www /var/log/nginx 66 | 67 | RUN chmod +x /etc/service/nginx/run \ 68 | && chmod +x /etc/service/php/run 69 | 70 | # Expose the port nginx is reachable on 71 | EXPOSE 80 72 | 73 | # Let boot start nginx & php-fpm 74 | CMD ["sh", "/sbin/boot.sh"] 75 | 76 | # Configure a healthcheck to validate that everything is up & running 77 | HEALTHCHECK --timeout=10s CMD curl --silent --fail http://127.0.0.1:80/fpm-ping || exit 1 78 | -------------------------------------------------------------------------------- /8.3/boot.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | shutdown() { 3 | echo "shutting down container" 4 | 5 | # first shutdown any service started by runit 6 | for _srv in $(ls -1 /etc/service); do 7 | sv force-stop ${_srv} 8 | done 9 | 10 | # shutdown runsvdir command 11 | kill -HUP ${PID} 12 | wait ${PID} 13 | 14 | # give processes time to stop 15 | sleep 0.5 16 | 17 | # kill any other processes still running in the container 18 | for _pid in $(ps -eo pid | grep -v PID | tr -d ' ' | grep -v '^1$' | head -n -6); do 19 | timeout -t 5 /bin/sh -c "kill $_pid && wait $_pid || kill -9 $_pid" 20 | done 21 | exit 22 | } 23 | 24 | exec env - PATH=$PATH runsvdir -P /etc/service & 25 | 26 | PID=$! 27 | echo "Started runsvdir, PID is $PID" 28 | echo "wait for processes to start...." 29 | 30 | sleep 5 31 | for _srv in $(ls -1 /etc/service); do 32 | sv status ${_srv} 33 | done 34 | 35 | # catch shutdown signals 36 | trap shutdown SIGTERM SIGHUP SIGQUIT SIGINT 37 | wait ${PID} 38 | 39 | shutdown -------------------------------------------------------------------------------- /8.3/rootfs/etc/nginx/conf.d/default.conf: -------------------------------------------------------------------------------- 1 | # Default server definition 2 | server { 3 | listen [::]:80 default_server; 4 | listen 80 default_server; 5 | server_name _; 6 | 7 | sendfile off; 8 | tcp_nodelay on; 9 | absolute_redirect off; 10 | 11 | root /var/www/html/public; 12 | index index.php index.html; 13 | 14 | location / { 15 | # First attempt to serve request as file, then 16 | # as directory, then fall back to index.php 17 | try_files $uri $uri/ /index.php?$query_string; 18 | } 19 | 20 | # Redirect server error pages to the static page /50x.html 21 | error_page 500 502 503 504 /50x.html; 22 | location = /50x.html { 23 | root /var/lib/nginx/html; 24 | } 25 | 26 | # Pass the PHP scripts to PHP-FPM listening on 127.0.0.1:9000 27 | location ~ \.php$ { 28 | try_files $uri =404; 29 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 30 | fastcgi_pass 127.0.0.1:9000; 31 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 32 | fastcgi_param SCRIPT_NAME $fastcgi_script_name; 33 | fastcgi_index index.php; 34 | include fastcgi_params; 35 | } 36 | 37 | # Set the cache-control headers on assets to cache for 5 days 38 | location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ { 39 | expires off; 40 | } 41 | 42 | # Deny access to . files, for security 43 | location ~ /\. { 44 | log_not_found off; 45 | deny all; 46 | } 47 | 48 | # Allow fpm ping and status from localhost 49 | location ~ ^/(fpm-status|fpm-ping)$ { 50 | access_log off; 51 | allow 127.0.0.1; 52 | deny all; 53 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 54 | include fastcgi_params; 55 | fastcgi_pass 127.0.0.1:9000; 56 | } 57 | } 58 | -------------------------------------------------------------------------------- /8.3/rootfs/etc/nginx/nginx.conf: -------------------------------------------------------------------------------- 1 | user www; 2 | worker_processes auto; 3 | error_log stderr warn; 4 | pid /run/nginx.pid; 5 | 6 | events { 7 | worker_connections 1024; 8 | } 9 | 10 | http { 11 | include mime.types; 12 | default_type application/octet-stream; 13 | 14 | # Define custom log format to include reponse times 15 | log_format main_timed '$remote_addr - $remote_user [$time_local] "$request" ' 16 | '$status $body_bytes_sent "$http_referer" ' 17 | '"$http_user_agent" "$http_x_forwarded_for" ' 18 | '$request_time $upstream_response_time $pipe $upstream_cache_status'; 19 | 20 | access_log /dev/stdout main_timed; 21 | error_log /dev/stderr notice; 22 | 23 | keepalive_timeout 3000; 24 | 25 | # Write temporary files to /tmp so they can be created as a non-privileged user 26 | client_body_temp_path /tmp/client_temp; 27 | proxy_temp_path /tmp/proxy_temp_path; 28 | fastcgi_temp_path /tmp/fastcgi_temp; 29 | uwsgi_temp_path /tmp/uwsgi_temp; 30 | scgi_temp_path /tmp/scgi_temp; 31 | 32 | # Hide headers that identify the server to prevent information leakage 33 | proxy_hide_header X-Powered-By; 34 | server_tokens off; 35 | fastcgi_hide_header X-Powered-By; 36 | 37 | # Enable gzip compression by default 38 | gzip on; 39 | gzip_proxied any; 40 | # Based on CloudFlare's recommended settings 41 | gzip_types text/richtext text/plain text/css text/x-script text/x-component text/x-java-source text/x-markdown application/javascript application/x-javascript text/javascript text/js image/x-icon image/vnd.microsoft.icon application/x-perl application/x-httpd-cgi text/xml application/xml application/rss+xml application/vnd.api+json application/x-protobuf application/json multipart/bag multipart/mixed application/xhtml+xml font/ttf font/otf font/x-woff image/svg+xml application/vnd.ms-fontobject application/ttf application/x-ttf application/otf application/x-otf application/truetype application/opentype application/x-opentype application/font-woff application/eot application/font application/font-sfnt application/wasm application/javascript-binast application/manifest+json application/ld+json application/graphql+json application/geo+json; 42 | gzip_vary on; 43 | gzip_disable "msie6"; 44 | 45 | # Include server configs 46 | include /etc/nginx/conf.d/*.conf; 47 | } 48 | -------------------------------------------------------------------------------- /8.3/rootfs/etc/php83/conf.d/custom.ini: -------------------------------------------------------------------------------- 1 | [Date] 2 | date.timezone="UTC" 3 | display_errors=On 4 | log_errors=On 5 | expose_php=Off 6 | 7 | ; Redirect errors to the container stderr 8 | error_log = "/dev/stderr" 9 | 10 | ; Maximum amount of memory a script may consume (128MB) 11 | ; http://php.net/memory-limit 12 | memory_limit = 256M 13 | ; Maximum allowed size for uploaded files. 14 | ; http://php.net/upload-max-filesize 15 | upload_max_filesize = 20M 16 | ; Sets max size of post data allowed. 17 | ; http://php.net/post-max-size 18 | post_max_size = 20M 19 | max_execution_time=600 20 | default_socket_timeout=3600 21 | request_terminate_timeout=600 22 | ; How many GET/POST/COOKIE input variables may be accepted 23 | max_input_vars = 2000 24 | -------------------------------------------------------------------------------- /8.3/rootfs/etc/php83/php-fpm.d/www.conf: -------------------------------------------------------------------------------- 1 | [global] 2 | ; Log to stderr 3 | error_log = /dev/stderr 4 | 5 | [www] 6 | 7 | user = www 8 | group = www 9 | 10 | ; The address on which to accept FastCGI requests. 11 | ; Valid syntaxes are: 12 | ; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on 13 | ; a specific port; 14 | ; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on 15 | ; a specific port; 16 | ; 'port' - to listen on a TCP socket to all addresses 17 | ; (IPv6 and IPv4-mapped) on a specific port; 18 | ; '/path/to/unix/socket' - to listen on a unix socket. 19 | ; Note: This value is mandatory. 20 | listen = 127.0.0.1:9000 21 | 22 | ; Enable status page 23 | pm.status_path = /fpm-status 24 | 25 | ; Ondemand process manager 26 | pm = ondemand 27 | 28 | ; The number of child processes to be created when pm is set to 'static' and the 29 | ; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. 30 | ; This value sets the limit on the number of simultaneous requests that will be 31 | ; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. 32 | ; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP 33 | ; CGI. The below defaults are based on a server without much resources. Don't 34 | ; forget to tweak pm.* to fit your needs. 35 | ; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' 36 | ; Note: This value is mandatory. 37 | pm.max_children = 100 38 | 39 | ; The number of seconds after which an idle process will be killed. 40 | ; Note: Used only when pm is set to 'ondemand' 41 | ; Default Value: 10s 42 | pm.process_idle_timeout = 10s; 43 | 44 | ; The number of requests each child process should execute before respawning. 45 | ; This can be useful to work around memory leaks in 3rd party libraries. For 46 | ; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. 47 | ; Default Value: 0 48 | pm.max_requests = 1000 49 | 50 | ; Make sure the FPM workers can reach the environment variables for configuration 51 | clear_env = no 52 | 53 | ; Catch output from PHP 54 | catch_workers_output = yes 55 | 56 | ; Remove the 'child 10 said into stderr' prefix in the log and only show the actual message 57 | decorate_workers_output = no 58 | 59 | ; Enable ping page to use in healthcheck 60 | ping.path = /fpm-ping 61 | -------------------------------------------------------------------------------- /8.3/rootfs/etc/service/nginx/run: -------------------------------------------------------------------------------- 1 | #!/bin/sh -e 2 | 3 | # pipe stderr to stdout and run nginx 4 | exec 2>&1 5 | exec nginx -g 'daemon off;' -------------------------------------------------------------------------------- /8.3/rootfs/etc/service/php/run: -------------------------------------------------------------------------------- 1 | #!/bin/sh -e 2 | 3 | # pipe stderr to stdout and run php-fpm 4 | exec 2>&1 5 | exec php-fpm83 -F 6 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | IMAGE?=pnlinh/laravel:php 2 | DOCKER_RUN:=docker run --rm ${IMAGE}${VERSION} 3 | DEFAULT_ARCHS?=linux/arm64 4 | ARCHS?=linux/amd64,linux/arm64,linux/arm/v8,linux/arm/v7,linux/arm/v6 5 | 6 | help: 7 | @grep -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "⚡ \033[34m%-30s\033[0m %s\n", $$1, $$2}' 8 | 9 | build: ## Build docker image 10 | docker buildx build --load --platform $(DEFAULT_ARCHS) -t $(IMAGE)${VERSION} -f ${VERSION}/Dockerfile ${VERSION}/ 11 | 12 | release: ### Build and push image to DockerHub 13 | echo "Releasing: ${IMAGE}${VERSION}" 14 | docker buildx build --push --platform $(ARCHS) -t $(IMAGE)${VERSION} -f ${VERSION}/Dockerfile ${VERSION}/ 15 | 16 | release-all: ### Build all PHP version and push image to DockerHub 17 | echo "Releasing all PHP version" 18 | VERSION=8.3 make release 19 | VERSION=8.2 make release 20 | VERSION=8.1 make release 21 | VERSION=8.0 make release 22 | VERSION=7.4 make release 23 | VERSION=7.2 make release 24 | 25 | test: ### Test image 26 | $(DOCKER_RUN) php -v 27 | $(DOCKER_RUN) sh -c "php -v | grep ${VERSION}" 28 | $(DOCKER_RUN) sh -c "php -v | grep OPcache" 29 | $(DOCKER_RUN) sh -c "nginx -t" 30 | 31 | test-all: ### Test all image 32 | VERSION=8.3 make build test 33 | VERSION=8.2 make build test 34 | VERSION=8.1 make build test 35 | VERSION=8.0 make build test 36 | VERSION=7.4 make build test 37 | VERSION=7.2 make build test 38 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Docker PHP-FPM & Nginx base on Alpine Linux 2 | 3 | Simple docker image for Laravel development 4 | 5 | ### Why should use this image 6 | 7 | - Built on the lightweight and 8 | secure [Alpine Linux](https://www.alpinelinux.org/) distribution 9 | - Multi-platform, supporting AMD4, ARMv6, ARMv7, ARM64 10 | - Use [runit](http://smarden.org/runit/) instead 11 | of [supervisor](http://supervisord.org/) 12 | - Very small Docker image size 13 | 14 | ### PHP version support 15 | 16 | - [x] PHP 7.2 17 | - [x] PHP 7.4 18 | - [x] PHP 8.0 19 | - [x] PHP 8.1 (recommend usage) 20 | - [x] PHP 8.2 (recommend usage) 21 | - [x] PHP 8.3 22 | 23 | ### How to use 24 | 25 | - Build image 26 | 27 | ```shell 28 | VERSION=7.2 make build # Build image with php 7.2 29 | VERSION=7.4 make build # Build image with php 7.4 30 | VERSION=8.0 make build # Build image with php 8.0 31 | VERSION=8.1 make build # Build image with php 8.1 32 | VERSION=8.2 make build # Build image with php 8.2 33 | VERSION=8.3 make build # Build image with php 8.3 34 | ``` 35 | 36 | - How to customize image name 37 | 38 | ```shell 39 | VERSION=7.2 IMAGE=archielite/laravel:php make build # Build image with php 7.2 40 | VERSION=7.4 IMAGE=archielite/laravel:php make build # Build image with php 7.4 41 | VERSION=8.0 IMAGE=archielite/laravel:php make build # Build image with php 8.0 42 | VERSION=8.1 IMAGE=archielite/laravel:php make build # Build image with php 8.1 43 | VERSION=8.2 IMAGE=archielite/laravel:php make build # Build image with php 8.2 44 | VERSION=8.3 IMAGE=archielite/laravel:php make build # Build image with php 8.3 45 | ``` 46 | 47 | - Test image by PHP version 48 | 49 | ```shell 50 | VERSION=8.3 make test 51 | VERSION=8.2 make test 52 | VERSION=8.1 make test 53 | VERSION=8.0 make test 54 | VERSION=7.4 make test 55 | VERSION=7.2 make test 56 | ``` 57 | 58 | - Test all image 59 | 60 | ```shell 61 | make test-all 62 | ``` 63 | 64 | - Mount your code to be served with container 65 | 66 | ```shell 67 | docker run --name=app -v /path/to/project:/var/www/html -p 80:80 pnlinh/laravel:php8.1 68 | ``` 69 | 70 | - Using docker-compose 71 | 72 | ``` 73 | version: '3.4' 74 | 75 | services: 76 | app: 77 | image: pnlinh/laravel:php8.1 78 | hostname: laravel-app 79 | container_name: laravel-app 80 | ports: 81 | - "80:80" 82 | volumes: 83 | - .:/var/www/html 84 | networks: 85 | - localnet 86 | networks: 87 | localnet: 88 | driver: "bridge" 89 | ``` 90 | 91 | - Browser to: [http://localhost](http://localhost) 92 | 93 | ![image](https://user-images.githubusercontent.com/26193890/198828634-fc11aaa1-7175-4433-b4f3-755381669e74.png) 94 | 95 | ### Security scanner 96 | 97 | - PHP 8.3 98 | 99 | ``` 100 | trivy image pnlinh/laravel:php8.3 101 | 2023-12-10T10:49:03.211+0700 INFO Vulnerability scanning is enabled 102 | 2023-12-10T10:49:03.211+0700 INFO Secret scanning is enabled 103 | 2023-12-10T10:49:03.211+0700 INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning 104 | 2023-12-10T10:49:03.211+0700 INFO Please see also https://aquasecurity.github.io/trivy/v0.48/docs/scanner/secret/#recommendation for faster secret detection 105 | 2023-12-10T10:49:03.221+0700 INFO Detected OS: alpine 106 | 2023-12-10T10:49:03.221+0700 INFO Detecting Alpine vulnerabilities... 107 | 2023-12-10T10:49:03.223+0700 INFO Number of language-specific files: 0 108 | 109 | pnlinh/laravel:php8.3 (alpine 3.19.0) 110 | 111 | Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0) 112 | 113 | ``` 114 | 115 | - PHP 8.2 116 | 117 | ``` 118 | trivy image pnlinh/laravel:php8.2 119 | 2023-10-10T15:02:53.141+0700 INFO Need to update DB 120 | 2023-10-10T15:02:53.142+0700 INFO DB Repository: ghcr.io/aquasecurity/trivy-db 121 | 2023-10-10T15:02:53.142+0700 INFO Downloading DB... 122 | 40.28 MiB / 40.28 MiB [--------------------------------------------------------------------------------------------------] 100.00% 1.62 MiB p/s 25s 123 | 2023-10-10T15:03:22.397+0700 INFO Vulnerability scanning is enabled 124 | 2023-10-10T15:03:22.397+0700 INFO Secret scanning is enabled 125 | 2023-10-10T15:03:22.397+0700 INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning 126 | 2023-10-10T15:03:22.397+0700 INFO Please see also https://aquasecurity.github.io/trivy/v0.45/docs/scanner/secret/#recommendation for faster secret detection 127 | 2023-10-10T15:03:24.592+0700 INFO Detected OS: alpine 128 | 2023-10-10T15:03:24.592+0700 INFO Detecting Alpine vulnerabilities... 129 | 2023-10-10T15:03:24.596+0700 INFO Number of language-specific files: 0 130 | 131 | pnlinh/laravel:php8.2 (alpine 3.18.4) 132 | 133 | Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0) 134 | ``` 135 | 136 | - PHP 8.1 137 | 138 | ```text 139 | trivy image pnlinh/laravel:php8.1 140 | 2023-10-10T15:05:27.635+0700 INFO Vulnerability scanning is enabled 141 | 2023-10-10T15:05:27.635+0700 INFO Secret scanning is enabled 142 | 2023-10-10T15:05:27.635+0700 INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning 143 | 2023-10-10T15:05:27.635+0700 INFO Please see also https://aquasecurity.github.io/trivy/v0.45/docs/scanner/secret/#recommendation for faster secret detection 144 | 2023-10-10T15:06:09.378+0700 INFO Detected OS: alpine 145 | 2023-10-10T15:06:09.378+0700 INFO Detecting Alpine vulnerabilities... 146 | 2023-10-10T15:06:09.391+0700 INFO Number of language-specific files: 0 147 | 148 | pnlinh/laravel:php8.1 (alpine 3.18.4) 149 | 150 | Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0) 151 | ``` 152 | 153 | - PHP 7.4 154 | ```text 155 | trivy image pnlinh/laravel:php7.4 156 | 2023-10-10T15:10:18.620+0700 INFO Vulnerability scanning is enabled 157 | 2023-10-10T15:10:18.620+0700 INFO Secret scanning is enabled 158 | 2023-10-10T15:10:18.620+0700 INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning 159 | 2023-10-10T15:10:18.620+0700 INFO Please see also https://aquasecurity.github.io/trivy/v0.45/docs/scanner/secret/#recommendation for faster secret detection 160 | 2023-10-10T15:10:40.824+0700 INFO Detected OS: alpine 161 | 2023-10-10T15:10:40.824+0700 INFO Detecting Alpine vulnerabilities... 162 | 2023-10-10T15:10:40.842+0700 INFO Number of language-specific files: 0 163 | 164 | pnlinh/laravel:php7.4 (alpine 3.15.10) 165 | 166 | Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0) 167 | ``` 168 | 169 | - PHP 7.2 170 | ```text 171 | trivy image pnlinh/laravel:php7.2 172 | 2023-10-10T15:11:17.417+0700 INFO Vulnerability scanning is enabled 173 | 2023-10-10T15:11:17.417+0700 INFO Secret scanning is enabled 174 | 2023-10-10T15:11:17.417+0700 INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning 175 | 2023-10-10T15:11:17.417+0700 INFO Please see also https://aquasecurity.github.io/trivy/v0.45/docs/scanner/secret/#recommendation for faster secret detection 176 | 2023-10-10T15:11:33.151+0700 INFO Detected OS: alpine 177 | 2023-10-10T15:11:33.151+0700 INFO Detecting Alpine vulnerabilities... 178 | 2023-10-10T15:11:33.161+0700 INFO Number of language-specific files: 0 179 | 2023-10-10T15:11:33.161+0700 WARN This OS version is no longer supported by the distribution: alpine 3.8.5 180 | 2023-10-10T15:11:33.161+0700 WARN The vulnerability detection may be insufficient because security updates are not provided 181 | 182 | pnlinh/laravel:php7.2 (alpine 3.8.5) 183 | 184 | Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0) 185 | 186 | ``` 187 | 188 | ### Add Xdebug 189 | 190 | - See [docs/xdebug-support.md](docs/xdebug-support.md) 191 | 192 | ### Add SSL in local 193 | 194 | - See [docs/enable-https.md](docs/enable-https.md) 195 | 196 | ### Useful images 197 | 198 | - Magento: https://github.com/pnlinh/docker-php/tree/feature/magento 199 | - Symfony: https://github.com/pnlinh/docker-php/tree/feature/symfony 200 | - CodeIgniter: https://github.com/pnlinh/docker-php/tree/feature/codeigniter 201 | 202 | ### References 203 | 204 | - https://github.com/TrafeX/docker-php-nginx 205 | - https://bolshov.online/docker/2020/11/18/runit-vs-supervisor 206 | - https://stackoverflow.com/questions/67231714/how-to-add-trusted-root-ca-to-docker-alpine/67232164#67232164 207 | -------------------------------------------------------------------------------- /docs/enable-https.md: -------------------------------------------------------------------------------- 1 | # Adding support for HTTPS/SSL 2 | 3 | > All the following instructions should be adapted to your personal needs 4 | 5 | If your plan to work locally only, first generate your self-signed cert and key using [mkcert](https://github.com/FiloSottile/mkcert) 6 | 7 | ```shell 8 | mkcert localhost 9 | ``` 10 | 11 | Then copy your cert files on build stage of your Dockerfile: 12 | 13 | ```Dockerfile 14 | FROM pnlinh/laravel:php8.2 15 | 16 | COPY localhost.pem /usr/local/share/ca-certificates/my-cert.crt 17 | RUN cat /usr/local/share/ca-certificates/my-cert.crt >> /etc/ssl/certs/ca-certificates.crt 18 | 19 | COPY localhost*.pem /etc/nginx/ssl/ 20 | 21 | EXPOSE 80 443 22 | 23 | ``` 24 | 25 | Edit your nginx.conf file. 26 | 27 | 28 | ```nginx 29 | server { 30 | listen [::]:80 default_server; 31 | listen 80 default_server; 32 | server_name _; 33 | 34 | return 301 https://$host$request_uri; 35 | } 36 | 37 | 38 | server { 39 | listen [::]:443 ssl; 40 | listen 443 ssl; 41 | server_name _; 42 | 43 | ssl_certificate /etc/nginx/ssl/localhost.pem; 44 | ssl_certificate_key /etc/nginx/ssl/localhost-key.pem; 45 | 46 | # ... the rest here 47 | } 48 | ``` 49 | 50 | If you use docker-compose here is an example: 51 | 52 | ```yaml 53 | app: 54 | build: 55 | context: . 56 | dockerfile: Dockerfile 57 | ports: 58 | - "80:80" 59 | - "443:443" 60 | volumes: 61 | - ./:/var/www/html 62 | - ./nginx-ssl.conf:/etc/nginx/conf.d/default.conf 63 | # ... 64 | ``` 65 | 66 | Finally, rebuild and restart your docker/compose. 67 | -------------------------------------------------------------------------------- /docs/xdebug-support.md: -------------------------------------------------------------------------------- 1 | # Adding xdebug support 2 | 3 | Create the following file `xdebug.ini` 4 | 5 | ```ini 6 | zend_extension=xdebug.so 7 | xdebug.mode=develop,debug 8 | xdebug.discover_client_host=true 9 | xdebug.start_with_request=yes 10 | xdebug.trigger_value=PHPSTORM 11 | xdebug.log_level=0 12 | 13 | xdebug.var_display_max_children=10 14 | xdebug.var_display_max_data=10 15 | xdebug.var_display_max_depth=10 16 | 17 | xdebug.client_host=host.docker.internal 18 | xdebug.client_port=9003 19 | ``` 20 | 21 | Create a new image with the following `Dockerfile` 22 | 23 | ```Dockerfile 24 | FROM pnlinh/laravel:php8.2 25 | 26 | # Temporary switch to root 27 | USER root 28 | 29 | # Install xdebug 30 | RUN apk add --no-cache php82-pecl-xdebug 31 | 32 | # Add configuration 33 | COPY xdebug.ini ${PHP_INI_DIR}/conf.d/xdebug.ini 34 | 35 | # Switch back to www user 36 | USER www 37 | ``` 38 | -------------------------------------------------------------------------------- /nginx-ssl.Dockerfile: -------------------------------------------------------------------------------- 1 | FROM pnlinh/laravel:php8.2 2 | 3 | COPY localhost.pem /usr/local/share/ca-certificates/my-cert.crt 4 | RUN cat /usr/local/share/ca-certificates/my-cert.crt >> /etc/ssl/certs/ca-certificates.crt 5 | COPY localhost*.pem /etc/nginx/ssl/ 6 | 7 | EXPOSE 80 443 8 | -------------------------------------------------------------------------------- /nginx-ssl.conf: -------------------------------------------------------------------------------- 1 | server { 2 | listen [::]:80 default_server; 3 | listen 80 default_server; 4 | server_name _; 5 | 6 | return 301 https://$host$request_uri; 7 | } 8 | 9 | server { 10 | listen [::]:443 ssl; 11 | listen 443 ssl; 12 | server_name _; 13 | 14 | ssl_certificate /etc/nginx/ssl/localhost.pem; 15 | ssl_certificate_key /etc/nginx/ssl/localhost-key.pem; 16 | 17 | sendfile off; 18 | tcp_nodelay on; 19 | absolute_redirect off; 20 | 21 | root /var/www/html/public; 22 | index index.php index.html; 23 | 24 | location / { 25 | # First attempt to serve request as file, then 26 | # as directory, then fall back to index.php 27 | try_files $uri $uri/ /index.php?$query_string; 28 | } 29 | 30 | # Redirect server error pages to the static page /50x.html 31 | error_page 500 502 503 504 /50x.html; 32 | location = /50x.html { 33 | root /var/lib/nginx/html; 34 | } 35 | 36 | # Pass the PHP scripts to PHP-FPM listening on 127.0.0.1:9000 37 | location ~ \.php$ { 38 | try_files $uri =404; 39 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 40 | fastcgi_pass 127.0.0.1:9000; 41 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 42 | fastcgi_param SCRIPT_NAME $fastcgi_script_name; 43 | fastcgi_index index.php; 44 | include fastcgi_params; 45 | } 46 | 47 | # Set the cache-control headers on assets to cache for 5 days 48 | location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ { 49 | expires off; 50 | } 51 | 52 | # Deny access to . files, for security 53 | location ~ /\. { 54 | log_not_found off; 55 | deny all; 56 | } 57 | 58 | # Allow fpm ping and status from localhost 59 | location ~ ^/(fpm-status|fpm-ping)$ { 60 | access_log off; 61 | allow 127.0.0.1; 62 | deny all; 63 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 64 | include fastcgi_params; 65 | fastcgi_pass 127.0.0.1:9000; 66 | } 67 | } 68 | -------------------------------------------------------------------------------- /xdebug.Dockerfile: -------------------------------------------------------------------------------- 1 | FROM pnlinh/laravel:php8.2 2 | 3 | # Install xdebug 4 | RUN apk add --no-cache php82-pecl-xdebug 5 | 6 | # Add configuration 7 | COPY xdebug.ini /etc/php82/conf.d/xdebug.ini 8 | -------------------------------------------------------------------------------- /xdebug.ini: -------------------------------------------------------------------------------- 1 | zend_extension=xdebug.so 2 | xdebug.mode=develop,debug 3 | xdebug.discover_client_host=true 4 | xdebug.start_with_request=yes 5 | xdebug.trigger_value=PHPSTORM 6 | xdebug.log_level=0 7 | 8 | xdebug.var_display_max_children=10 9 | xdebug.var_display_max_data=10 10 | xdebug.var_display_max_depth=10 11 | 12 | xdebug.client_host=host.docker.internal 13 | xdebug.client_port=9003 14 | --------------------------------------------------------------------------------