├── README.md ├── bin └── .gitignore ├── build.sh ├── db_interface ├── conf │ └── config.inc.php └── docker │ └── docker-compose.yml ├── demo ├── apache2-nginx-php5.6 │ ├── conf │ │ ├── apache2.conf │ │ ├── init.d_apache2 │ │ ├── nginx.conf │ │ ├── php.ini │ │ ├── ports.conf │ │ ├── postfix.cf │ │ └── remoteip.conf │ ├── cron │ │ ├── .gitignore │ │ ├── check_apache.php │ │ ├── check_nginx.php │ │ ├── cron.sh │ │ └── developer-crontab │ └── docker │ │ ├── Dockerfile │ │ ├── docker-compose.yml │ │ └── entrypoint ├── apache2-nginx-php7.0 │ ├── conf │ │ ├── apache2.conf │ │ ├── init.d_apache2 │ │ ├── nginx.conf │ │ ├── php.ini │ │ ├── ports.conf │ │ ├── postfix.cf │ │ └── remoteip.conf │ ├── cron │ │ ├── .gitignore │ │ ├── check_apache.php │ │ ├── check_nginx.php │ │ ├── cron.sh │ │ └── developer-crontab │ └── docker │ │ ├── Dockerfile │ │ ├── docker-compose.yml │ │ └── entrypoint ├── apache2_envvars ├── database │ ├── .gitignore │ ├── conf │ │ ├── debian.cnf │ │ └── my.cnf │ ├── cron │ │ ├── .gitignore │ │ ├── check_mysql.php │ │ ├── cron.sh │ │ └── developer-crontab │ └── docker │ │ ├── Dockerfile │ │ ├── docker-compose.yml │ │ └── entrypoint ├── hosts │ ├── sites-enabled-apache │ │ └── .gitignore │ └── sites-enabled-nginx │ │ └── .gitignore └── www │ └── .gitignore ├── empty-docker-compose.yml ├── example_hosts ├── example ├── example.conf ├── example_ssl ├── example_ssl.conf └── proxy │ ├── example │ └── example_ssl ├── prod ├── apache2-nginx-php5.6 │ ├── conf │ │ ├── apache2.conf │ │ ├── init.d_apache2 │ │ ├── nginx.conf │ │ ├── php.ini │ │ ├── ports.conf │ │ ├── postfix.cf │ │ └── remoteip.conf │ ├── cron │ │ ├── .gitignore │ │ ├── check_apache.php │ │ ├── check_nginx.php │ │ ├── cron.sh │ │ └── developer-crontab │ └── docker │ │ ├── Dockerfile │ │ ├── docker-compose.yml │ │ └── entrypoint ├── apache2-nginx-php7.0 │ ├── conf │ │ ├── apache2.conf │ │ ├── init.d_apache2 │ │ ├── nginx.conf │ │ ├── php.ini │ │ ├── ports.conf │ │ ├── postfix.cf │ │ └── remoteip.conf │ ├── cron │ │ ├── .gitignore │ │ ├── check_apache.php │ │ ├── check_nginx.php │ │ ├── cron.sh │ │ └── developer-crontab │ └── docker │ │ ├── Dockerfile │ │ ├── docker-compose.yml │ │ └── entrypoint ├── apache2_envvars ├── database │ ├── .gitignore │ ├── conf │ │ ├── debian.cnf │ │ └── my.cnf │ ├── cron │ │ ├── .gitignore │ │ ├── check_mysql.php │ │ ├── cron.sh │ │ └── developer-crontab │ └── docker │ │ ├── Dockerfile │ │ ├── docker-compose.yml │ │ └── entrypoint ├── hosts │ ├── sites-enabled-apache │ │ └── .gitignore │ └── sites-enabled-nginx │ │ └── .gitignore └── www │ └── .gitignore ├── proxy ├── certs │ └── .gitignore ├── conf │ └── nginx.conf ├── cron │ ├── .gitignore │ ├── check_nginx.php │ ├── cron.sh │ └── developer-crontab ├── docker │ ├── Dockerfile │ ├── docker-compose.yml │ └── entrypoint └── sites-enabled │ └── .gitignore ├── run.sh └── stop.sh /README.md: -------------------------------------------------------------------------------- 1 |

Docker management system

2 | 3 | Never delete empty-docker-compose.yml! 4 | Its presence is necessary to build relative paths due to the following issue: 5 | https://github.com/docker/compose/issues/3874 6 | 7 |

What is it?

8 | 9 | This project is a ready to use infrastructure for your web server, mainly oriented to PHP projects. It was originally developed for our company needs. Default php containers are optimised for 1C Bitrix CMS. 10 | 11 | The system consists of two parts: demo and prod. 12 | 13 | Each part has a separate database server. 14 | There is a phpmyadmin container that has access to both database servers. 15 | 16 | Demo and prod parts are exactly the same. They both have: 17 | 22 | 23 |

How it works?

24 | 25 | There is a container with an nginx proxy server that handles the request first. If the required server name matches any from its configuration files nginx redirects the request to the web server container as specified in the configuration file. 26 | 27 | Example: 28 | 29 | server { 30 | listen 80; 31 | server_name example.ru www.example.ru; 32 | 33 | location / { 34 | proxy_pass http://demo_php7_web; 35 | } 36 | } 37 | 38 | There is a bundle of apache2 and nginx running into each web server container. Nginx receives the request first. The request will be handled by nginx if static assets are requested or passed to apache otherwise. 39 | 40 |

Features

41 | 42 | 50 | 51 |

Project structure

52 | 53 | 61 | 62 |

Demo

63 | 64 | 71 | 72 |

Prod

73 | 74 | Has exactly the same structure and logic as demo part. 75 | 76 |

Proxy

77 | 78 | 85 | 86 |

Usage

87 | 88 |

When configuring the system in production you might need to use SSL, check example_ssl and example_ssl.conf in example_hosts.
89 | Remember to configure proxy with SSL too. Check proxy/example_ssl in example_hosts.
90 | If you're having troubles configuring the system for production, contact me by email: serkyron@gmail.com

91 | 92 |

Follow these steps to start using the system for local development. Create your 'example' host.

93 | 94 |
    95 |
  1. git clone this repository
    2. 96 |
  2. ./build.sh
    3. 97 |
  3. cd demo/hosts
    4. 98 |
  4. 99 | put 'example.conf' file in to sites-enabled-apache with the following content: 100 | 101 | Listen 8080 102 | 103 | 104 | ServerName example 105 | ServerAlias www.example.ru 106 | 107 | ServerAdmin webmaster@localhost 108 | DocumentRoot /var/www/example/data 109 | 110 | 111 | Allowoverride All 112 | 113 | 114 | ErrorLog /var/www/example/logs/apache.error.log 115 | CustomLog /var/www/example/logs/apache.access.log combined_with_x_real_ip 116 | 117 |
    5. 118 |
  5. 119 | put 'example' file in to sites-enabled-nginx with the following content: 120 | 121 | server { 122 | listen 80; 123 | listen [::]:80; 124 | 125 | server_name www.example.ru example; 126 | 127 | root /var/www/example/data; 128 | index index.php index.html; 129 | 130 | # Add stdout logging 131 | 132 | error_log /dev/stdout info; 133 | access_log /dev/stdout; 134 | 135 | #error_page 404 /404.html; 136 | 137 | # redirect server error pages to the static page /50x.html 138 | # 139 | error_page 500 502 503 504 /50x.html; 140 | location = /50x.html { 141 | root /usr/share/nginx/html; 142 | } 143 | 144 | access_log /var/www/example/logs/nginx.access.log combined_with_x_real_ip; 145 | error_log /var/www/example/logs/nginx.error.log; 146 | 147 | location / { 148 | proxy_pass http://localhost:8080/; 149 | proxy_set_header Host $host; 150 | proxy_set_header X-Forwarded-For 82.202.249.25; 151 | proxy_redirect off; 152 | } 153 | 154 | location ~*^.+\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|wav|bmp|rtf|js|html)$ { 155 | root /var/www/example/data; 156 | add_header Source nginx; 157 | } 158 | } 159 | 160 |
    6. 161 |
  6. cd .. (go back to demo folder)
    7. 162 |
  7. cd www
    8. 163 |
  8. mkdir example
    9. 164 |
  9. cd exmaple
    10. 165 |
  10. mkdir data
    11. 166 |
  11. mkdir logs
    12. 167 |
  12. echo "" > data/index.php
    13. 168 |
  13. cd ../../../proxy/sites-enabled/
    14. 169 |
  14. 170 | create 'example' file with the following content: 171 | 172 | server { 173 | listen 80; 174 | 175 | server_name example example.ru www.example.ru; 176 | 177 | location / { 178 | proxy_pass http://demo_php7_web; 179 | } 180 | } 181 |
    15. 182 |
  15. cd ../../
    16. 183 |
  16. ./run.sh
    17. 184 |
  17. Add '127.0.0.1 example' entry to your /etc/hosts file.
    18. 185 |
  18. Open http://example in browser
    19. 186 |
187 | -------------------------------------------------------------------------------- /bin/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | docker build -t demo_apache2-nginx-php5.6 ./demo/apache2-nginx-php5.6/docker \ 4 | && docker build -t demo_apache2-nginx-php7.0 ./demo/apache2-nginx-php7.0/docker \ 5 | && docker build -t nginx-reverse-proxy ./proxy/docker \ 6 | && docker build -t demo_maria_db ./demo/database/docker \ 7 | && docker build -t prod_apache2-nginx-php5.6 ./prod/apache2-nginx-php5.6/docker \ 8 | && docker build -t prod_apache2-nginx-php7.0 ./prod/apache2-nginx-php7.0/docker \ 9 | && docker build -t prod_maria_db ./prod/database/docker 10 | -------------------------------------------------------------------------------- /db_interface/conf/config.inc.php: -------------------------------------------------------------------------------- 1 | ); 67 | # you will save yourself a lot of trouble. 68 | # 69 | # Do NOT add a slash at the end of the directory path. 70 | # 71 | #ServerRoot "/etc/apache2" 72 | 73 | # 74 | # The accept serialization lock file MUST BE STORED ON A LOCAL DISK. 75 | # 76 | Mutex file:${APACHE_LOCK_DIR} default 77 | 78 | # 79 | # PidFile: The file in which the server should record its process 80 | # identification number when it starts. 81 | # This needs to be set in /etc/apache2/envvars 82 | # 83 | PidFile ${APACHE_PID_FILE} 84 | 85 | # 86 | # Timeout: The number of seconds before receives and sends time out. 87 | # 88 | Timeout 300 89 | 90 | # 91 | # KeepAlive: Whether or not to allow persistent connections (more than 92 | # one request per connection). Set to "Off" to deactivate. 93 | # 94 | KeepAlive On 95 | 96 | # 97 | # MaxKeepAliveRequests: The maximum number of requests to allow 98 | # during a persistent connection. Set to 0 to allow an unlimited amount. 99 | # We recommend you leave this number high, for maximum performance. 100 | # 101 | MaxKeepAliveRequests 100 102 | 103 | # 104 | # KeepAliveTimeout: Number of seconds to wait for the next request from the 105 | # same client on the same connection. 106 | # 107 | KeepAliveTimeout 5 108 | 109 | 110 | # These need to be set in /etc/apache2/envvars 111 | User ${APACHE_RUN_USER} 112 | Group ${APACHE_RUN_GROUP} 113 | 114 | # 115 | # HostnameLookups: Log the names of clients or just their IP addresses 116 | # e.g., www.apache.org (on) or 204.62.129.132 (off). 117 | # The default is off because it'd be overall better for the net if people 118 | # had to knowingly turn this feature on, since enabling it means that 119 | # each client request will result in AT LEAST one lookup request to the 120 | # nameserver. 121 | # 122 | HostnameLookups Off 123 | 124 | # ErrorLog: The location of the error log file. 125 | # If you do not specify an ErrorLog directive within a 126 | # container, error messages relating to that virtual host will be 127 | # logged here. If you *do* define an error logfile for a 128 | # container, that host's errors will be logged there and not here. 129 | # 130 | ErrorLog ${APACHE_LOG_DIR}/error.log 131 | 132 | # 133 | # LogLevel: Control the severity of messages logged to the error_log. 134 | # Available values: trace8, ..., trace1, debug, info, notice, warn, 135 | # error, crit, alert, emerg. 136 | # It is also possible to configure the log level for particular modules, e.g. 137 | # "LogLevel info ssl:warn" 138 | # 139 | LogLevel warn 140 | 141 | # Include module configuration: 142 | IncludeOptional mods-enabled/*.load 143 | IncludeOptional mods-enabled/*.conf 144 | 145 | # Include list of ports to listen on 146 | Include ports.conf 147 | 148 | 149 | # Sets the default security model of the Apache2 HTTPD server. It does 150 | # not allow access to the root filesystem outside of /usr/share and /var/www. 151 | # The former is used by web applications packaged in Debian, 152 | # the latter may be used for local directories served by the web server. If 153 | # your system is serving content from a sub-directory in /srv you must allow 154 | # access here, or in any related virtual host. 155 | 156 | Options FollowSymLinks 157 | AllowOverride None 158 | Require all denied 159 | 160 | 161 | 162 | AllowOverride None 163 | Require all granted 164 | 165 | 166 | 167 | Options Indexes FollowSymLinks 168 | AllowOverride None 169 | Require all granted 170 | 171 | 172 | # 173 | # Options Indexes FollowSymLinks 174 | # AllowOverride None 175 | # Require all granted 176 | # 177 | 178 | 179 | 180 | 181 | # AccessFileName: The name of the file to look for in each directory 182 | # for additional configuration directives. See also the AllowOverride 183 | # directive. 184 | # 185 | AccessFileName .htaccess 186 | 187 | # 188 | # The following lines prevent .htaccess and .htpasswd files from being 189 | # viewed by Web clients. 190 | # 191 | 192 | Require all denied 193 | 194 | 195 | 196 | # 197 | # The following directives define some format nicknames for use with 198 | # a CustomLog directive. 199 | # 200 | # These deviate from the Common Log Format definitions in that they use %O 201 | # (the actual bytes sent including headers) instead of %b (the size of the 202 | # requested file), because the latter makes it impossible to detect partial 203 | # requests. 204 | # 205 | # Note that the use of %{X-Forwarded-For}i instead of %h is not recommended. 206 | # Use mod_remoteip instead. 207 | # 208 | LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined 209 | LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined 210 | LogFormat "%h %l %u %t \"%r\" %>s %O" common 211 | LogFormat "%{Referer}i -> %U" referer 212 | LogFormat "%{User-agent}i" agent 213 | #custom 214 | LogFormat "%{X-Real-IP}i %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined_with_x_real_ip 215 | 216 | # Include of directories ignores editors' and dpkg's backup files, 217 | # see README.Debian for details. 218 | 219 | # Include generic snippets of statements 220 | IncludeOptional conf-enabled/*.conf 221 | 222 | # Include the virtual host configurations: 223 | IncludeOptional sites-enabled/*.conf 224 | 225 | # vim: syntax=apache ts=4 sw=4 sts=4 sr noet 226 | -------------------------------------------------------------------------------- /demo/apache2-nginx-php5.6/conf/init.d_apache2: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | ### BEGIN INIT INFO 3 | # Provides: apache2 4 | # Required-Start: $local_fs $remote_fs $network $syslog $named 5 | # Required-Stop: $local_fs $remote_fs $network $syslog $named 6 | # Default-Start: 2 3 4 5 7 | # Default-Stop: 0 1 6 8 | # X-Interactive: true 9 | # Short-Description: Apache2 web server 10 | # Description: Start the web server 11 | # This script will start the apache2 web server. 12 | ### END INIT INFO 13 | 14 | DESC="Apache httpd web server" 15 | NAME=apache2 16 | DAEMON=/usr/sbin/$NAME 17 | 18 | SCRIPTNAME="${0##*/}" 19 | SCRIPTNAME="${SCRIPTNAME##[KS][0-9][0-9]}" 20 | if [ -n "$APACHE_CONFDIR" ] ; then 21 | if [ "${APACHE_CONFDIR##/etc/apache2-}" != "${APACHE_CONFDIR}" ] ; then 22 | DIR_SUFFIX="${APACHE_CONFDIR##/etc/apache2-}" 23 | else 24 | DIR_SUFFIX= 25 | fi 26 | elif [ "${SCRIPTNAME##apache2-}" != "$SCRIPTNAME" ] ; then 27 | DIR_SUFFIX="-${SCRIPTNAME##apache2-}" 28 | APACHE_CONFDIR=/etc/apache2$DIR_SUFFIX 29 | else 30 | DIR_SUFFIX= 31 | APACHE_CONFDIR=/etc/apache2 32 | fi 33 | if [ -z "$APACHE_ENVVARS" ] ; then 34 | APACHE_ENVVARS=$APACHE_CONFDIR/envvars 35 | fi 36 | export APACHE_CONFDIR APACHE_ENVVARS 37 | 38 | ENV="env -i LANG=C PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" 39 | if [ "$APACHE_CONFDIR" != /etc/apache2 ] ; then 40 | ENV="$ENV APACHE_CONFDIR=$APACHE_CONFDIR" 41 | fi 42 | if [ "$APACHE_ENVVARS" != "$APACHE_CONFDIR/envvars" ] ; then 43 | ENV="$ENV APACHE_ENVVARS=$APACHE_ENVVARS" 44 | fi 45 | 46 | PIDFILE=$(. $APACHE_ENVVARS && echo $APACHE_PID_FILE) 47 | 48 | VERBOSE=no 49 | if [ -f /etc/default/rcS ]; then 50 | . /etc/default/rcS 51 | fi 52 | . /lib/lsb/init-functions 53 | 54 | 55 | # Now, set defaults: 56 | APACHE2CTL="$ENV apache2ctl" 57 | PIDFILE=$(. $APACHE_ENVVARS && echo $APACHE_PID_FILE) 58 | APACHE2_INIT_MESSAGE="" 59 | 60 | CONFTEST_OUTFILE= 61 | cleanup() { 62 | if [ -n "$CONFTEST_OUTFILE" ] ; then 63 | rm -f "$CONFTEST_OUTFILE" 64 | fi 65 | } 66 | trap cleanup 0 # "0" means "EXIT", but "EXIT" is not portable 67 | 68 | 69 | apache_conftest() { 70 | [ -z "$CONFTEST_OUTFILE" ] || rm -f "$CONFTEST_OUTFILE" 71 | CONFTEST_OUTFILE=$(mktemp) 72 | if ! $APACHE2CTL configtest > "$CONFTEST_OUTFILE" 2>&1 ; then 73 | return 1 74 | else 75 | rm -f "$CONFTEST_OUTFILE" 76 | CONFTEST_OUTFILE= 77 | return 0 78 | fi 79 | } 80 | 81 | clear_error_msg() { 82 | [ -z "$CONFTEST_OUTFILE" ] || rm -f "$CONFTEST_OUTFILE" 83 | CONFTEST_OUTFILE= 84 | APACHE2_INIT_MESSAGE= 85 | } 86 | 87 | print_error_msg() { 88 | [ -z "$APACHE2_INIT_MESSAGE" ] || log_warning_msg "$APACHE2_INIT_MESSAGE" 89 | if [ -n "$CONFTEST_OUTFILE" ] ; then 90 | echo "Output of config test was:" >&2 91 | cat "$CONFTEST_OUTFILE" >&2 92 | rm -f "$CONFTEST_OUTFILE" 93 | CONFTEST_OUTFILE= 94 | fi 95 | } 96 | 97 | apache_wait_start() { 98 | local STATUS=$1 99 | local i=0 100 | 101 | if [ $STATUS != 0 ] ; then 102 | return $STATUS 103 | fi 104 | while : ; do 105 | PIDTMP=$(pidofproc -p $PIDFILE $DAEMON) 106 | if [ -n "${PIDTMP:-}" ] && kill -0 "${PIDTMP:-}" 2> /dev/null; then 107 | return $STATUS 108 | fi 109 | 110 | if [ $i = "20" ] ; then 111 | APACHE2_INIT_MESSAGE="The apache2$DIR_SUFFIX instance did not start within 20 seconds. Please read the log files to discover problems" 112 | return 2 113 | fi 114 | 115 | [ "$VERBOSE" != no ] && log_progress_msg "." 116 | sleep 1 117 | i=$(($i+1)) 118 | done 119 | } 120 | 121 | apache_wait_stop() { 122 | local STATUS=$1 123 | 124 | if [ $STATUS != 0 ] ; then 125 | return $STATUS 126 | fi 127 | 128 | PIDTMP=$(pidofproc -p $PIDFILE $DAEMON) 129 | if [ -n "${PIDTMP:-}" ] && kill -0 "${PIDTMP:-}" 2> /dev/null; then 130 | local i=0 131 | while kill -0 "${PIDTMP:-}" 2> /dev/null; do 132 | if [ $i = '60' ]; then 133 | break 134 | STATUS=2 135 | fi 136 | [ "$VERBOSE" != no ] && log_progress_msg "." 137 | sleep 1 138 | i=$(($i+1)) 139 | done 140 | return $STATUS 141 | else 142 | return $STATUS 143 | fi 144 | } 145 | 146 | 147 | # 148 | # Function that starts the daemon/service 149 | # 150 | do_start() 151 | { 152 | # Return 153 | # 0 if daemon has been started 154 | # 1 if daemon was already running 155 | # 2 if daemon could not be started 156 | 157 | ulimit -s unlimited 158 | if pidofproc -p $PIDFILE "$DAEMON" > /dev/null 2>&1 ; then 159 | return 1 160 | fi 161 | 162 | if apache_conftest ; then 163 | $APACHE2CTL start 164 | apache_wait_start $? 165 | return $? 166 | else 167 | APACHE2_INIT_MESSAGE="The apache2$DIR_SUFFIX configtest failed." 168 | return 2 169 | fi 170 | } 171 | 172 | # 173 | # Function that stops the daemon/service 174 | # 175 | do_stop() 176 | { 177 | # Return 178 | # 0 if daemon has been stopped 179 | # 1 if daemon was already stopped 180 | # 2 if daemon could not be stopped 181 | # other if a failure occurred 182 | 183 | # either "stop" or "graceful-stop" 184 | local STOP=$1 185 | # can't use pidofproc from LSB here 186 | local AP_RET=0 187 | 188 | if pidof $DAEMON > /dev/null 2>&1 ; then 189 | if [ -e $PIDFILE ] && pidof $DAEMON | tr ' ' '\n' | grep -w $(cat $PIDFILE) > /dev/null 2>&1 ; then 190 | AP_RET=2 191 | else 192 | AP_RET=1 193 | fi 194 | else 195 | AP_RET=0 196 | fi 197 | 198 | # AP_RET is: 199 | # 0 if Apache (whichever) is not running 200 | # 1 if Apache (whichever) is running 201 | # 2 if Apache from the PIDFILE is running 202 | 203 | if [ $AP_RET = 0 ] ; then 204 | return 1 205 | fi 206 | 207 | if [ $AP_RET = 2 ] && apache_conftest ; then 208 | $APACHE2CTL $STOP > /dev/null 2>&1 209 | apache_wait_stop $? 210 | return $? 211 | else 212 | if [ $AP_RET = 2 ]; then 213 | clear_error_msg 214 | APACHE2_INIT_MESSAGE="The apache2$DIR_SUFFIX configtest failed, so we are trying to kill it manually. This is almost certainly suboptimal, so please make sure your system is working as you'd expect now!" 215 | killproc -p $PIDFILE $DAEMON 216 | apache_wait_stop $? 217 | return $? 218 | elif [ $AP_RET = 1 ] ; then 219 | APACHE2_INIT_MESSAGE="There are processes named 'apache2' running which do not match your pid file which are left untouched in the name of safety, Please review the situation by hand". 220 | return 2 221 | fi 222 | fi 223 | 224 | } 225 | 226 | 227 | # 228 | # Function that sends a SIGHUP to the daemon/service 229 | # 230 | do_reload() { 231 | if apache_conftest; then 232 | if ! pidofproc -p $PIDFILE "$DAEMON" > /dev/null 2>&1 ; then 233 | APACHE2_INIT_MESSAGE="Apache2 is not running" 234 | return 2 235 | fi 236 | $APACHE2CTL graceful > /dev/null 2>&1 237 | return $? 238 | else 239 | APACHE2_INIT_MESSAGE="The apache2$DIR_SUFFIX configtest failed. Not doing anything." 240 | return 2 241 | fi 242 | } 243 | 244 | 245 | # Sanity checks. They need to occur after function declarations 246 | [ -x $DAEMON ] || exit 0 247 | 248 | if [ ! -x $DAEMON ] ; then 249 | echo "No apache-bin package installed" 250 | exit 0 251 | fi 252 | 253 | if [ -z "$PIDFILE" ] ; then 254 | echo ERROR: APACHE_PID_FILE needs to be defined in $APACHE_ENVVARS >&2 255 | exit 2 256 | fi 257 | 258 | 259 | case "$1" in 260 | start) 261 | log_daemon_msg "Starting $DESC" "$NAME" 262 | do_start 263 | RET_STATUS=$? 264 | case "$RET_STATUS" in 265 | 0|1) 266 | log_success_msg 267 | [ "$VERBOSE" != no ] && [ $RET_STATUS = 1 ] && log_warning_msg "Server was already running" 268 | ;; 269 | 2) 270 | log_failure_msg 271 | print_error_msg 272 | exit 1 273 | ;; 274 | esac 275 | ;; 276 | stop|graceful-stop) 277 | log_daemon_msg "Stopping $DESC" "$NAME" 278 | do_stop "$1" 279 | RET_STATUS=$? 280 | case "$RET_STATUS" in 281 | 0|1) 282 | log_success_msg 283 | [ "$VERBOSE" != no ] && [ $RET_STATUS = 1 ] && log_warning_msg "Server was not running" 284 | ;; 285 | 2) 286 | log_failure_msg 287 | print_error_msg 288 | exit 1 289 | ;; 290 | esac 291 | print_error_msg 292 | 293 | ;; 294 | status) 295 | status_of_proc -p $PIDFILE "apache2" "$NAME" 296 | exit $? 297 | ;; 298 | reload|force-reload|graceful) 299 | log_daemon_msg "Reloading $DESC" "$NAME" 300 | do_reload 301 | RET_STATUS=$? 302 | case "$RET_STATUS" in 303 | 0|1) 304 | log_success_msg 305 | [ "$VERBOSE" != no ] && [ $RET_STATUS = 1 ] && log_warning_msg "Server was already running" 306 | ;; 307 | 2) 308 | log_failure_msg 309 | print_error_msg 310 | exit 1 311 | ;; 312 | esac 313 | print_error_msg 314 | ;; 315 | restart) 316 | log_daemon_msg "Restarting $DESC" "$NAME" 317 | do_stop stop 318 | case "$?" in 319 | 0|1) 320 | do_start 321 | case "$?" in 322 | 0) 323 | log_end_msg 0 324 | ;; 325 | 1|*) 326 | log_end_msg 1 # Old process is still or failed to running 327 | print_error_msg 328 | exit 1 329 | ;; 330 | esac 331 | ;; 332 | *) 333 | # Failed to stop 334 | log_end_msg 1 335 | print_error_msg 336 | exit 1 337 | ;; 338 | esac 339 | ;; 340 | start-htcacheclean|stop-htcacheclean) 341 | echo "Use 'service apache-htcacheclean' instead" 342 | ;; 343 | *) 344 | echo "Usage: $SCRIPTNAME {start|stop|graceful-stop|restart|reload|force-reload}" >&2 345 | exit 3 346 | ;; 347 | esac 348 | 349 | exit 0 350 | 351 | # vim: syntax=sh ts=4 sw=4 sts=4 sr noet 352 | -------------------------------------------------------------------------------- /demo/apache2-nginx-php5.6/conf/nginx.conf: -------------------------------------------------------------------------------- 1 | user www-data; 2 | worker_processes auto; 3 | pid /run/nginx.pid; 4 | 5 | events { 6 | worker_connections 768; 7 | # multi_accept on; 8 | } 9 | 10 | http { 11 | 12 | ## 13 | # Basic Settings 14 | ## 15 | 16 | sendfile on; 17 | tcp_nopush on; 18 | tcp_nodelay on; 19 | keepalive_timeout 65; 20 | types_hash_max_size 2048; 21 | 22 | include /etc/nginx/mime.types; 23 | default_type application/octet-stream; 24 | 25 | client_max_body_size 10m; 26 | client_body_buffer_size 4m; 27 | proxy_buffering on; 28 | proxy_connect_timeout 300; 29 | proxy_send_timeout 300; 30 | proxy_read_timeout 300; 31 | proxy_buffer_size 64k; 32 | proxy_buffers 8 64k; 33 | proxy_busy_buffers_size 64k; 34 | proxy_temp_file_write_size 10m; 35 | 36 | proxy_set_header Host $http_host; 37 | proxy_set_header X-Real-IP $remote_addr; 38 | 39 | ## 40 | # SSL Settings 41 | ## 42 | 43 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE 44 | ssl_prefer_server_ciphers on; 45 | 46 | ## 47 | # Logging Settings 48 | ## 49 | 50 | access_log /var/log/nginx/access.log; 51 | error_log /var/log/nginx/error.log; 52 | 53 | log_format combined_with_x_real_ip '$http_x_real_ip [$time_local] ' 54 | '"$request" $status $body_bytes_sent "$http_referer" ' 55 | '"$http_user_agent"' ; 56 | 57 | ## 58 | # Virtual Host Configs 59 | ## 60 | 61 | include /etc/nginx/conf.d/*.conf; 62 | include /etc/nginx/sites-enabled/*; 63 | } 64 | -------------------------------------------------------------------------------- /demo/apache2-nginx-php5.6/conf/ports.conf: -------------------------------------------------------------------------------- 1 | # If you just change the port or add more ports here, you will likely also 2 | # have to change the VirtualHost statement in 3 | # /etc/apache2/sites-enabled/000-default.conf 4 | 5 | Listen 8080 6 | 7 | 8 | Listen 443 9 | 10 | 11 | 12 | Listen 443 13 | 14 | 15 | # vim: syntax=apache ts=4 sw=4 sts=4 sr noet 16 | 17 | 18 | 19 | -------------------------------------------------------------------------------- /demo/apache2-nginx-php5.6/conf/postfix.cf: -------------------------------------------------------------------------------- 1 | # See /usr/share/postfix/main.cf.dist for a commented, more complete version 2 | 3 | 4 | # Debian specific: Specifying a file name will cause the first 5 | # line of that file to be used as the name. The Debian default 6 | # is /etc/mailname. 7 | #myorigin = /etc/mailname 8 | 9 | smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) 10 | biff = no 11 | 12 | # appending .domain is the MUA's job. 13 | append_dot_mydomain = no 14 | 15 | # Uncomment the next line to generate "delayed mail" warnings 16 | #delay_warning_time = 4h 17 | 18 | readme_directory = no 19 | 20 | # TLS parameters 21 | smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem 22 | smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key 23 | smtpd_use_tls=yes 24 | smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache 25 | smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache 26 | 27 | # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for 28 | # information on enabling SSL in the smtp client. 29 | 30 | smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination 31 | myhostname = sinc.ru 32 | alias_maps = hash:/etc/aliases 33 | alias_database = hash:/etc/aliases 34 | mydestination = $myhostname, localhost.localdomain, , localhost 35 | relayhost = 36 | mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 37 | mailbox_size_limit = 0 38 | recipient_delimiter = + 39 | inet_interfaces = loopback-only 40 | inet_protocols = all 41 | -------------------------------------------------------------------------------- /demo/apache2-nginx-php5.6/conf/remoteip.conf: -------------------------------------------------------------------------------- 1 | RemoteIPHeader X-Forwarded-For 2 | RemoteIPTrustedProxy 127.0.0.1 -------------------------------------------------------------------------------- /demo/apache2-nginx-php5.6/cron/.gitignore: -------------------------------------------------------------------------------- 1 | cron.log 2 | -------------------------------------------------------------------------------- /demo/apache2-nginx-php5.6/cron/check_apache.php: -------------------------------------------------------------------------------- 1 | &$file) { 10 | $modifiedTime = filemtime($dir."/".$file); 11 | $file = [ 12 | 'name' => $file, 13 | 'path' => $dir."/".$file, 14 | 'modified' => $modifiedTime 15 | ]; 16 | if (time() - $modifiedTime <= 60) 17 | exit(1); 18 | } 19 | 20 | /* Check apache2 conf */ 21 | if (time() - filemtime('/etc/apache2/apache2.conf') <= 60) 22 | exit(1); 23 | 24 | /* Check ports.conf */ 25 | if (time() - filemtime('/etc/apache2/ports.conf') <= 60) 26 | exit(1); 27 | 28 | /* Check remote ip */ 29 | if (time() - filemtime('/etc/apache2/conf-available/remoteip.conf') <= 60) 30 | exit(1); 31 | 32 | /* Check php.ini */ 33 | if (time() - filemtime('/etc/php/5.6/apache2/php.ini') <= 60) 34 | exit(1); 35 | 36 | exit(0); 37 | ?> -------------------------------------------------------------------------------- /demo/apache2-nginx-php5.6/cron/check_nginx.php: -------------------------------------------------------------------------------- 1 | &$file) { 10 | $modifiedTime = filemtime($dir."/".$file); 11 | $file = [ 12 | 'name' => $file, 13 | 'path' => $dir."/".$file, 14 | 'modified' => $modifiedTime 15 | ]; 16 | if (time() - $modifiedTime <= 60) 17 | exit(1); 18 | } 19 | 20 | /* Check apache2 conf */ 21 | if (time() - filemtime('/etc/nginx/nginx.conf') <= 60) 22 | exit(1); 23 | 24 | exit(0); 25 | ?> -------------------------------------------------------------------------------- /demo/apache2-nginx-php5.6/cron/cron.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ps auxw | grep nginx | grep -v grep > /dev/null 4 | if [ $? != 0 ]; then 5 | /etc/init.d/nginx start > /dev/null 6 | echo "$(date) - nginx started" 7 | else 8 | data=$(/usr/bin/php -q /tmp/check_nginx.php); 9 | if [ $? != 0 ] 10 | then 11 | /etc/init.d/nginx reload > /dev/null 12 | echo "$(date) - nginx reloaded" 13 | fi 14 | fi 15 | 16 | ps auxw | grep apache2 | grep -v grep > /dev/null 17 | if [ $? != 0 ]; then 18 | /etc/init.d/apache2 start > /dev/null 19 | echo "$(date) - apache2 started" 20 | else 21 | data=$(/usr/bin/php -q /tmp/check_apache.php); 22 | if [ $? != 0 ] 23 | then 24 | /etc/init.d/apache2 reload > /dev/null 25 | echo "$(date) - apache2 reloaded" 26 | fi 27 | fi 28 | -------------------------------------------------------------------------------- /demo/apache2-nginx-php5.6/cron/developer-crontab: -------------------------------------------------------------------------------- 1 | * * * * * /tmp/cron.sh >> /tmp/cron.log 2>&1 2 | -------------------------------------------------------------------------------- /demo/apache2-nginx-php5.6/docker/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM serkyron/apache2-nginx-php5.6 2 | WORKDIR /var/www/ 3 | COPY entrypoint /usr/bin 4 | ENTRYPOINT ["entrypoint"] 5 | -------------------------------------------------------------------------------- /demo/apache2-nginx-php5.6/docker/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | services: 3 | 4 | demo_php5_web: 5 | # replace username/repo:tag with your name and image details 6 | image: demo_apache2-nginx-php5.6 7 | volumes: 8 | - ./demo/www/:/var/www/ 9 | - ./demo/hosts/sites-enabled-apache/:/etc/apache2/sites-enabled/ 10 | - ./demo/hosts/sites-enabled-nginx/:/etc/nginx/sites-enabled/ 11 | - ./demo/apache2-nginx-php5.6/conf/apache2.conf:/etc/apache2/apache2.conf 12 | - ./demo/apache2-nginx-php5.6/conf/ports.conf:/etc/apache2/ports.conf 13 | - ./demo/apache2-nginx-php5.6/conf/remoteip.conf:/etc/apache2/conf-available/remoteip.conf 14 | - ./demo/apache2-nginx-php5.6/conf/php.ini:/etc/php/5.6/apache2/php.ini 15 | - ./demo/apache2-nginx-php5.6/conf/nginx.conf:/etc/nginx/nginx.conf 16 | - ./demo/apache2-nginx-php5.6/cron/developer-crontab/:/etc/cron.d/developer-crontab 17 | - ./demo/apache2-nginx-php5.6/cron/cron.sh:/tmp/cron.sh 18 | - ./demo/apache2-nginx-php5.6/cron/cron.log:/tmp/cron.log 19 | - ./demo/apache2-nginx-php5.6/conf/postfix.cf:/etc/postfix/main.cf 20 | - ./demo/apache2-nginx-php5.6/cron/check_apache.php:/tmp/check_apache.php 21 | - ./demo/apache2-nginx-php5.6/cron/check_nginx.php:/tmp/check_nginx.php 22 | - ./demo/apache2_envvars:/etc/apache2/envvars 23 | - ./demo/apache2-nginx-php5.6/conf/init.d_apache2:/etc/init.d/apache2 24 | - ./bin/:/usr/local/bin 25 | networks: 26 | - demo_webnet 27 | 28 | networks: 29 | demo_webnet: 30 | -------------------------------------------------------------------------------- /demo/apache2-nginx-php5.6/docker/entrypoint: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | chown -R developer:developer /var/www 3 | chown -R root:root /etc/cron.d 4 | a2enmod headers 5 | a2enmod rewrite 6 | a2enmod remoteip 7 | a2enconf remoteip 8 | service apache2 start 9 | service nginx start 10 | service postfix start 11 | cron 12 | crontab /etc/cron.d/developer-crontab 13 | mv /etc/localtime /etc/localtime-old 14 | ln -s /usr/share/zoneinfo/Europe/Moscow /etc/localtime 15 | tail -F -n0 /etc/hosts 16 | -------------------------------------------------------------------------------- /demo/apache2-nginx-php7.0/conf/apache2.conf: -------------------------------------------------------------------------------- 1 | # This is the main Apache server configuration file. It contains the 2 | 3 | # configuration directives that give the server its instructions. 4 | # See http://httpd.apache.org/docs/2.4/ for detailed information about 5 | # the directives and /usr/share/doc/apache2/README.Debian about Debian specific 6 | # hints. 7 | # 8 | # 9 | # Summary of how the Apache 2 configuration works in Debian: 10 | # The Apache 2 web server configuration in Debian is quite different to 11 | # upstream's suggested way to configure the web server. This is because Debian's 12 | # default Apache2 installation attempts to make adding and removing modules, 13 | # virtual hosts, and extra configuration directives as flexible as possible, in 14 | # order to make automating the changes and administering the server as easy as 15 | # possible. 16 | 17 | # It is split into several files forming the configuration hierarchy outlined 18 | # below, all located in the /etc/apache2/ directory: 19 | # 20 | # /etc/apache2/ 21 | # |-- apache2.conf 22 | # | `-- ports.conf 23 | # |-- mods-enabled 24 | # | |-- *.load 25 | # | `-- *.conf 26 | # |-- conf-enabled 27 | # | `-- *.conf 28 | # `-- sites-enabled 29 | # `-- *.conf 30 | # 31 | # 32 | # * apache2.conf is the main configuration file (this file). It puts the pieces 33 | # together by including all remaining configuration files when starting up the 34 | # web server. 35 | # 36 | # * ports.conf is always included from the main configuration file. It is 37 | # supposed to determine listening ports for incoming connections which can be 38 | # customized anytime. 39 | # 40 | # * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/ 41 | # directories contain particular configuration snippets which manage modules, 42 | # global configuration fragments, or virtual host configurations, 43 | # respectively. 44 | # 45 | # They are activated by symlinking available configuration files from their 46 | # respective *-available/ counterparts. These should be managed by using our 47 | # helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See 48 | # their respective man pages for detailed information. 49 | # 50 | # * The binary is called apache2. Due to the use of environment variables, in 51 | # the default configuration, apache2 needs to be started/stopped with 52 | # /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not 53 | # work with the default configuration. 54 | 55 | 56 | # Global configuration 57 | # 58 | 59 | ServerName localhost 60 | 61 | # 62 | # ServerRoot: The top of the directory tree under which the server's 63 | # configuration, error, and log files are kept. 64 | # 65 | # NOTE! If you intend to place this on an NFS (or otherwise network) 66 | # mounted filesystem then please read the Mutex documentation (available 67 | # at ); 68 | # you will save yourself a lot of trouble. 69 | # 70 | # Do NOT add a slash at the end of the directory path. 71 | # 72 | #ServerRoot "/etc/apache2" 73 | 74 | # 75 | # The accept serialization lock file MUST BE STORED ON A LOCAL DISK. 76 | # 77 | Mutex file:${APACHE_LOCK_DIR} default 78 | 79 | # 80 | # PidFile: The file in which the server should record its process 81 | # identification number when it starts. 82 | # This needs to be set in /etc/apache2/envvars 83 | # 84 | PidFile ${APACHE_PID_FILE} 85 | 86 | # 87 | # Timeout: The number of seconds before receives and sends time out. 88 | # 89 | Timeout 300 90 | 91 | # 92 | # KeepAlive: Whether or not to allow persistent connections (more than 93 | # one request per connection). Set to "Off" to deactivate. 94 | # 95 | KeepAlive On 96 | 97 | # 98 | # MaxKeepAliveRequests: The maximum number of requests to allow 99 | # during a persistent connection. Set to 0 to allow an unlimited amount. 100 | # We recommend you leave this number high, for maximum performance. 101 | # 102 | MaxKeepAliveRequests 100 103 | 104 | # 105 | # KeepAliveTimeout: Number of seconds to wait for the next request from the 106 | # same client on the same connection. 107 | # 108 | KeepAliveTimeout 5 109 | 110 | 111 | # These need to be set in /etc/apache2/envvars 112 | User ${APACHE_RUN_USER} 113 | Group ${APACHE_RUN_GROUP} 114 | 115 | # 116 | # HostnameLookups: Log the names of clients or just their IP addresses 117 | # e.g., www.apache.org (on) or 204.62.129.132 (off). 118 | # The default is off because it'd be overall better for the net if people 119 | # had to knowingly turn this feature on, since enabling it means that 120 | # each client request will result in AT LEAST one lookup request to the 121 | # nameserver. 122 | # 123 | HostnameLookups Off 124 | 125 | # ErrorLog: The location of the error log file. 126 | # If you do not specify an ErrorLog directive within a 127 | # container, error messages relating to that virtual host will be 128 | # logged here. If you *do* define an error logfile for a 129 | # container, that host's errors will be logged there and not here. 130 | # 131 | ErrorLog ${APACHE_LOG_DIR}/error.log 132 | 133 | # 134 | # LogLevel: Control the severity of messages logged to the error_log. 135 | # Available values: trace8, ..., trace1, debug, info, notice, warn, 136 | # error, crit, alert, emerg. 137 | # It is also possible to configure the log level for particular modules, e.g. 138 | # "LogLevel info ssl:warn" 139 | # 140 | LogLevel warn 141 | 142 | # Include module configuration: 143 | IncludeOptional mods-enabled/*.load 144 | IncludeOptional mods-enabled/*.conf 145 | 146 | # Include list of ports to listen on 147 | Include ports.conf 148 | 149 | 150 | # Sets the default security model of the Apache2 HTTPD server. It does 151 | # not allow access to the root filesystem outside of /usr/share and /var/www. 152 | # The former is used by web applications packaged in Debian, 153 | # the latter may be used for local directories served by the web server. If 154 | # your system is serving content from a sub-directory in /srv you must allow 155 | # access here, or in any related virtual host. 156 | 157 | Options FollowSymLinks 158 | AllowOverride None 159 | Require all denied 160 | 161 | 162 | 163 | AllowOverride None 164 | Require all granted 165 | 166 | 167 | 168 | Options Indexes FollowSymLinks 169 | AllowOverride None 170 | Require all granted 171 | 172 | 173 | # 174 | # Options Indexes FollowSymLinks 175 | # AllowOverride None 176 | # Require all granted 177 | # 178 | 179 | 180 | 181 | 182 | # AccessFileName: The name of the file to look for in each directory 183 | # for additional configuration directives. See also the AllowOverride 184 | # directive. 185 | # 186 | AccessFileName .htaccess 187 | 188 | # 189 | # The following lines prevent .htaccess and .htpasswd files from being 190 | # viewed by Web clients. 191 | # 192 | 193 | Require all denied 194 | 195 | 196 | 197 | # 198 | # The following directives define some format nicknames for use with 199 | # a CustomLog directive. 200 | # 201 | # These deviate from the Common Log Format definitions in that they use %O 202 | # (the actual bytes sent including headers) instead of %b (the size of the 203 | # requested file), because the latter makes it impossible to detect partial 204 | # requests. 205 | # 206 | # Note that the use of %{X-Forwarded-For}i instead of %h is not recommended. 207 | # Use mod_remoteip instead. 208 | # 209 | LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined 210 | LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined 211 | LogFormat "%h %l %u %t \"%r\" %>s %O" common 212 | LogFormat "%{Referer}i -> %U" referer 213 | LogFormat "%{User-agent}i" agent 214 | #custom 215 | LogFormat "%{X-Real-IP}i %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined_with_x_real_ip 216 | 217 | # Include of directories ignores editors' and dpkg's backup files, 218 | # see README.Debian for details. 219 | 220 | # Include generic snippets of statements 221 | IncludeOptional conf-enabled/*.conf 222 | 223 | # Include the virtual host configurations: 224 | IncludeOptional sites-enabled/*.conf 225 | 226 | # vim: syntax=apache ts=4 sw=4 sts=4 sr noet 227 | -------------------------------------------------------------------------------- /demo/apache2-nginx-php7.0/conf/init.d_apache2: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | ### BEGIN INIT INFO 3 | # Provides: apache2 4 | # Required-Start: $local_fs $remote_fs $network $syslog $named 5 | # Required-Stop: $local_fs $remote_fs $network $syslog $named 6 | # Default-Start: 2 3 4 5 7 | # Default-Stop: 0 1 6 8 | # X-Interactive: true 9 | # Short-Description: Apache2 web server 10 | # Description: Start the web server 11 | # This script will start the apache2 web server. 12 | ### END INIT INFO 13 | 14 | DESC="Apache httpd web server" 15 | NAME=apache2 16 | DAEMON=/usr/sbin/$NAME 17 | 18 | SCRIPTNAME="${0##*/}" 19 | SCRIPTNAME="${SCRIPTNAME##[KS][0-9][0-9]}" 20 | if [ -n "$APACHE_CONFDIR" ] ; then 21 | if [ "${APACHE_CONFDIR##/etc/apache2-}" != "${APACHE_CONFDIR}" ] ; then 22 | DIR_SUFFIX="${APACHE_CONFDIR##/etc/apache2-}" 23 | else 24 | DIR_SUFFIX= 25 | fi 26 | elif [ "${SCRIPTNAME##apache2-}" != "$SCRIPTNAME" ] ; then 27 | DIR_SUFFIX="-${SCRIPTNAME##apache2-}" 28 | APACHE_CONFDIR=/etc/apache2$DIR_SUFFIX 29 | else 30 | DIR_SUFFIX= 31 | APACHE_CONFDIR=/etc/apache2 32 | fi 33 | if [ -z "$APACHE_ENVVARS" ] ; then 34 | APACHE_ENVVARS=$APACHE_CONFDIR/envvars 35 | fi 36 | export APACHE_CONFDIR APACHE_ENVVARS 37 | 38 | ENV="env -i LANG=C PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" 39 | if [ "$APACHE_CONFDIR" != /etc/apache2 ] ; then 40 | ENV="$ENV APACHE_CONFDIR=$APACHE_CONFDIR" 41 | fi 42 | if [ "$APACHE_ENVVARS" != "$APACHE_CONFDIR/envvars" ] ; then 43 | ENV="$ENV APACHE_ENVVARS=$APACHE_ENVVARS" 44 | fi 45 | 46 | PIDFILE=$(. $APACHE_ENVVARS && echo $APACHE_PID_FILE) 47 | 48 | VERBOSE=no 49 | if [ -f /etc/default/rcS ]; then 50 | . /etc/default/rcS 51 | fi 52 | . /lib/lsb/init-functions 53 | 54 | 55 | # Now, set defaults: 56 | APACHE2CTL="$ENV apache2ctl" 57 | PIDFILE=$(. $APACHE_ENVVARS && echo $APACHE_PID_FILE) 58 | APACHE2_INIT_MESSAGE="" 59 | 60 | CONFTEST_OUTFILE= 61 | cleanup() { 62 | if [ -n "$CONFTEST_OUTFILE" ] ; then 63 | rm -f "$CONFTEST_OUTFILE" 64 | fi 65 | } 66 | trap cleanup 0 # "0" means "EXIT", but "EXIT" is not portable 67 | 68 | 69 | apache_conftest() { 70 | [ -z "$CONFTEST_OUTFILE" ] || rm -f "$CONFTEST_OUTFILE" 71 | CONFTEST_OUTFILE=$(mktemp) 72 | if ! $APACHE2CTL configtest > "$CONFTEST_OUTFILE" 2>&1 ; then 73 | return 1 74 | else 75 | rm -f "$CONFTEST_OUTFILE" 76 | CONFTEST_OUTFILE= 77 | return 0 78 | fi 79 | } 80 | 81 | clear_error_msg() { 82 | [ -z "$CONFTEST_OUTFILE" ] || rm -f "$CONFTEST_OUTFILE" 83 | CONFTEST_OUTFILE= 84 | APACHE2_INIT_MESSAGE= 85 | } 86 | 87 | print_error_msg() { 88 | [ -z "$APACHE2_INIT_MESSAGE" ] || log_warning_msg "$APACHE2_INIT_MESSAGE" 89 | if [ -n "$CONFTEST_OUTFILE" ] ; then 90 | echo "Output of config test was:" >&2 91 | cat "$CONFTEST_OUTFILE" >&2 92 | rm -f "$CONFTEST_OUTFILE" 93 | CONFTEST_OUTFILE= 94 | fi 95 | } 96 | 97 | apache_wait_start() { 98 | local STATUS=$1 99 | local i=0 100 | 101 | if [ $STATUS != 0 ] ; then 102 | return $STATUS 103 | fi 104 | while : ; do 105 | PIDTMP=$(pidofproc -p $PIDFILE $DAEMON) 106 | if [ -n "${PIDTMP:-}" ] && kill -0 "${PIDTMP:-}" 2> /dev/null; then 107 | return $STATUS 108 | fi 109 | 110 | if [ $i = "20" ] ; then 111 | APACHE2_INIT_MESSAGE="The apache2$DIR_SUFFIX instance did not start within 20 seconds. Please read the log files to discover problems" 112 | return 2 113 | fi 114 | 115 | [ "$VERBOSE" != no ] && log_progress_msg "." 116 | sleep 1 117 | i=$(($i+1)) 118 | done 119 | } 120 | 121 | apache_wait_stop() { 122 | local STATUS=$1 123 | 124 | if [ $STATUS != 0 ] ; then 125 | return $STATUS 126 | fi 127 | 128 | PIDTMP=$(pidofproc -p $PIDFILE $DAEMON) 129 | if [ -n "${PIDTMP:-}" ] && kill -0 "${PIDTMP:-}" 2> /dev/null; then 130 | local i=0 131 | while kill -0 "${PIDTMP:-}" 2> /dev/null; do 132 | if [ $i = '60' ]; then 133 | break 134 | STATUS=2 135 | fi 136 | [ "$VERBOSE" != no ] && log_progress_msg "." 137 | sleep 1 138 | i=$(($i+1)) 139 | done 140 | return $STATUS 141 | else 142 | return $STATUS 143 | fi 144 | } 145 | 146 | 147 | # 148 | # Function that starts the daemon/service 149 | # 150 | do_start() 151 | { 152 | # Return 153 | # 0 if daemon has been started 154 | # 1 if daemon was already running 155 | # 2 if daemon could not be started 156 | 157 | ulimit -s unlimited 158 | if pidofproc -p $PIDFILE "$DAEMON" > /dev/null 2>&1 ; then 159 | return 1 160 | fi 161 | 162 | if apache_conftest ; then 163 | $APACHE2CTL start 164 | apache_wait_start $? 165 | return $? 166 | else 167 | APACHE2_INIT_MESSAGE="The apache2$DIR_SUFFIX configtest failed." 168 | return 2 169 | fi 170 | } 171 | 172 | # 173 | # Function that stops the daemon/service 174 | # 175 | do_stop() 176 | { 177 | # Return 178 | # 0 if daemon has been stopped 179 | # 1 if daemon was already stopped 180 | # 2 if daemon could not be stopped 181 | # other if a failure occurred 182 | 183 | # either "stop" or "graceful-stop" 184 | local STOP=$1 185 | # can't use pidofproc from LSB here 186 | local AP_RET=0 187 | 188 | if pidof $DAEMON > /dev/null 2>&1 ; then 189 | if [ -e $PIDFILE ] && pidof $DAEMON | tr ' ' '\n' | grep -w $(cat $PIDFILE) > /dev/null 2>&1 ; then 190 | AP_RET=2 191 | else 192 | AP_RET=1 193 | fi 194 | else 195 | AP_RET=0 196 | fi 197 | 198 | # AP_RET is: 199 | # 0 if Apache (whichever) is not running 200 | # 1 if Apache (whichever) is running 201 | # 2 if Apache from the PIDFILE is running 202 | 203 | if [ $AP_RET = 0 ] ; then 204 | return 1 205 | fi 206 | 207 | if [ $AP_RET = 2 ] && apache_conftest ; then 208 | $APACHE2CTL $STOP > /dev/null 2>&1 209 | apache_wait_stop $? 210 | return $? 211 | else 212 | if [ $AP_RET = 2 ]; then 213 | clear_error_msg 214 | APACHE2_INIT_MESSAGE="The apache2$DIR_SUFFIX configtest failed, so we are trying to kill it manually. This is almost certainly suboptimal, so please make sure your system is working as you'd expect now!" 215 | killproc -p $PIDFILE $DAEMON 216 | apache_wait_stop $? 217 | return $? 218 | elif [ $AP_RET = 1 ] ; then 219 | APACHE2_INIT_MESSAGE="There are processes named 'apache2' running which do not match your pid file which are left untouched in the name of safety, Please review the situation by hand". 220 | return 2 221 | fi 222 | fi 223 | 224 | } 225 | 226 | 227 | # 228 | # Function that sends a SIGHUP to the daemon/service 229 | # 230 | do_reload() { 231 | if apache_conftest; then 232 | if ! pidofproc -p $PIDFILE "$DAEMON" > /dev/null 2>&1 ; then 233 | APACHE2_INIT_MESSAGE="Apache2 is not running" 234 | return 2 235 | fi 236 | $APACHE2CTL graceful > /dev/null 2>&1 237 | return $? 238 | else 239 | APACHE2_INIT_MESSAGE="The apache2$DIR_SUFFIX configtest failed. Not doing anything." 240 | return 2 241 | fi 242 | } 243 | 244 | 245 | # Sanity checks. They need to occur after function declarations 246 | [ -x $DAEMON ] || exit 0 247 | 248 | if [ ! -x $DAEMON ] ; then 249 | echo "No apache-bin package installed" 250 | exit 0 251 | fi 252 | 253 | if [ -z "$PIDFILE" ] ; then 254 | echo ERROR: APACHE_PID_FILE needs to be defined in $APACHE_ENVVARS >&2 255 | exit 2 256 | fi 257 | 258 | 259 | case "$1" in 260 | start) 261 | log_daemon_msg "Starting $DESC" "$NAME" 262 | do_start 263 | RET_STATUS=$? 264 | case "$RET_STATUS" in 265 | 0|1) 266 | log_success_msg 267 | [ "$VERBOSE" != no ] && [ $RET_STATUS = 1 ] && log_warning_msg "Server was already running" 268 | ;; 269 | 2) 270 | log_failure_msg 271 | print_error_msg 272 | exit 1 273 | ;; 274 | esac 275 | ;; 276 | stop|graceful-stop) 277 | log_daemon_msg "Stopping $DESC" "$NAME" 278 | do_stop "$1" 279 | RET_STATUS=$? 280 | case "$RET_STATUS" in 281 | 0|1) 282 | log_success_msg 283 | [ "$VERBOSE" != no ] && [ $RET_STATUS = 1 ] && log_warning_msg "Server was not running" 284 | ;; 285 | 2) 286 | log_failure_msg 287 | print_error_msg 288 | exit 1 289 | ;; 290 | esac 291 | print_error_msg 292 | 293 | ;; 294 | status) 295 | status_of_proc -p $PIDFILE "apache2" "$NAME" 296 | exit $? 297 | ;; 298 | reload|force-reload|graceful) 299 | log_daemon_msg "Reloading $DESC" "$NAME" 300 | do_reload 301 | RET_STATUS=$? 302 | case "$RET_STATUS" in 303 | 0|1) 304 | log_success_msg 305 | [ "$VERBOSE" != no ] && [ $RET_STATUS = 1 ] && log_warning_msg "Server was already running" 306 | ;; 307 | 2) 308 | log_failure_msg 309 | print_error_msg 310 | exit 1 311 | ;; 312 | esac 313 | print_error_msg 314 | ;; 315 | restart) 316 | log_daemon_msg "Restarting $DESC" "$NAME" 317 | do_stop stop 318 | case "$?" in 319 | 0|1) 320 | do_start 321 | case "$?" in 322 | 0) 323 | log_end_msg 0 324 | ;; 325 | 1|*) 326 | log_end_msg 1 # Old process is still or failed to running 327 | print_error_msg 328 | exit 1 329 | ;; 330 | esac 331 | ;; 332 | *) 333 | # Failed to stop 334 | log_end_msg 1 335 | print_error_msg 336 | exit 1 337 | ;; 338 | esac 339 | ;; 340 | start-htcacheclean|stop-htcacheclean) 341 | echo "Use 'service apache-htcacheclean' instead" 342 | ;; 343 | *) 344 | echo "Usage: $SCRIPTNAME {start|stop|graceful-stop|restart|reload|force-reload}" >&2 345 | exit 3 346 | ;; 347 | esac 348 | 349 | exit 0 350 | 351 | # vim: syntax=sh ts=4 sw=4 sts=4 sr noet 352 | -------------------------------------------------------------------------------- /demo/apache2-nginx-php7.0/conf/nginx.conf: -------------------------------------------------------------------------------- 1 | user www-data; 2 | worker_processes auto; 3 | pid /run/nginx.pid; 4 | 5 | events { 6 | worker_connections 768; 7 | # multi_accept on; 8 | } 9 | 10 | http { 11 | 12 | ## 13 | # Basic Settings 14 | ## 15 | 16 | sendfile on; 17 | tcp_nopush on; 18 | tcp_nodelay on; 19 | keepalive_timeout 65; 20 | types_hash_max_size 2048; 21 | 22 | include /etc/nginx/mime.types; 23 | default_type application/octet-stream; 24 | 25 | client_max_body_size 10m; 26 | client_body_buffer_size 4m; 27 | proxy_buffering on; 28 | proxy_connect_timeout 300; 29 | proxy_send_timeout 300; 30 | proxy_read_timeout 300; 31 | proxy_buffer_size 64k; 32 | proxy_buffers 8 64k; 33 | proxy_busy_buffers_size 64k; 34 | proxy_temp_file_write_size 10m; 35 | 36 | proxy_set_header Host $http_host; 37 | 38 | ## 39 | # SSL Settings 40 | ## 41 | 42 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE 43 | ssl_prefer_server_ciphers on; 44 | 45 | ## 46 | # Logging Settings 47 | ## 48 | 49 | access_log /var/log/nginx/access.log; 50 | error_log /var/log/nginx/error.log; 51 | 52 | log_format combined_with_x_real_ip '$http_x_real_ip [$time_local] ' 53 | '"$request" $status $body_bytes_sent "$http_referer" ' 54 | '"$http_user_agent"' ; 55 | 56 | ## 57 | # Virtual Host Configs 58 | ## 59 | 60 | include /etc/nginx/conf.d/*.conf; 61 | include /etc/nginx/sites-enabled/*; 62 | } 63 | -------------------------------------------------------------------------------- /demo/apache2-nginx-php7.0/conf/ports.conf: -------------------------------------------------------------------------------- 1 | # If you just change the port or add more ports here, you will likely also 2 | # have to change the VirtualHost statement in 3 | # /etc/apache2/sites-enabled/000-default.conf 4 | 5 | Listen 8080 6 | 7 | 8 | Listen 443 9 | 10 | 11 | 12 | Listen 443 13 | 14 | 15 | # vim: syntax=apache ts=4 sw=4 sts=4 sr noet 16 | 17 | 18 | 19 | -------------------------------------------------------------------------------- /demo/apache2-nginx-php7.0/conf/postfix.cf: -------------------------------------------------------------------------------- 1 | # See /usr/share/postfix/main.cf.dist for a commented, more complete version 2 | 3 | 4 | # Debian specific: Specifying a file name will cause the first 5 | # line of that file to be used as the name. The Debian default 6 | # is /etc/mailname. 7 | #myorigin = /etc/mailname 8 | 9 | smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) 10 | biff = no 11 | 12 | # appending .domain is the MUA's job. 13 | append_dot_mydomain = no 14 | 15 | # Uncomment the next line to generate "delayed mail" warnings 16 | #delay_warning_time = 4h 17 | 18 | readme_directory = no 19 | 20 | # TLS parameters 21 | smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem 22 | smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key 23 | smtpd_use_tls=yes 24 | smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache 25 | smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache 26 | 27 | # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for 28 | # information on enabling SSL in the smtp client. 29 | 30 | smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination 31 | myhostname = sinc.ru 32 | alias_maps = hash:/etc/aliases 33 | alias_database = hash:/etc/aliases 34 | mydestination = $myhostname, localhost.localdomain, , localhost 35 | relayhost = 36 | mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 37 | mailbox_size_limit = 0 38 | recipient_delimiter = + 39 | inet_interfaces = loopback-only 40 | inet_protocols = all 41 | -------------------------------------------------------------------------------- /demo/apache2-nginx-php7.0/conf/remoteip.conf: -------------------------------------------------------------------------------- 1 | RemoteIPHeader X-Forwarded-For 2 | RemoteIPTrustedProxy 127.0.0.1 -------------------------------------------------------------------------------- /demo/apache2-nginx-php7.0/cron/.gitignore: -------------------------------------------------------------------------------- 1 | cron.log 2 | -------------------------------------------------------------------------------- /demo/apache2-nginx-php7.0/cron/check_apache.php: -------------------------------------------------------------------------------- 1 | &$file) { 10 | $modifiedTime = filemtime($dir."/".$file); 11 | $file = [ 12 | 'name' => $file, 13 | 'path' => $dir."/".$file, 14 | 'modified' => $modifiedTime 15 | ]; 16 | if (time() - $modifiedTime <= 60) 17 | exit(1); 18 | } 19 | 20 | /* Check apache2 conf */ 21 | if (time() - filemtime('/etc/apache2/apache2.conf') <= 60) 22 | exit(1); 23 | 24 | /* Check ports.conf */ 25 | if (time() - filemtime('/etc/apache2/ports.conf') <= 60) 26 | exit(1); 27 | 28 | /* Check remote ip */ 29 | if (time() - filemtime('/etc/apache2/conf-available/remoteip.conf') <= 60) 30 | exit(1); 31 | 32 | /* Check php.ini */ 33 | if (time() - filemtime('/etc/php/7.0/apache2/php.ini') <= 60) 34 | exit(1); 35 | 36 | exit(0); 37 | ?> -------------------------------------------------------------------------------- /demo/apache2-nginx-php7.0/cron/check_nginx.php: -------------------------------------------------------------------------------- 1 | &$file) { 10 | $modifiedTime = filemtime($dir."/".$file); 11 | $file = [ 12 | 'name' => $file, 13 | 'path' => $dir."/".$file, 14 | 'modified' => $modifiedTime 15 | ]; 16 | if (time() - $modifiedTime <= 60) 17 | exit(1); 18 | } 19 | 20 | /* Check apache2 conf */ 21 | if (time() - filemtime('/etc/nginx/nginx.conf') <= 60) 22 | exit(1); 23 | 24 | exit(0); 25 | ?> -------------------------------------------------------------------------------- /demo/apache2-nginx-php7.0/cron/cron.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ps auxw | grep nginx | grep -v grep > /dev/null 4 | if [ $? != 0 ]; then 5 | /etc/init.d/nginx start > /dev/null 6 | echo "$(date) - nginx started" 7 | else 8 | data=$(/usr/bin/php -q /tmp/check_nginx.php); 9 | if [ $? != 0 ] 10 | then 11 | /etc/init.d/nginx reload > /dev/null 12 | echo "$(date) - nginx reloaded" 13 | fi 14 | fi 15 | 16 | ps auxw | grep apache2 | grep -v grep > /dev/null 17 | if [ $? != 0 ]; then 18 | /etc/init.d/apache2 start > /dev/null 19 | echo "$(date) - apache2 started" 20 | else 21 | data=$(/usr/bin/php -q /tmp/check_apache.php); 22 | if [ $? != 0 ] 23 | then 24 | /etc/init.d/apache2 reload > /dev/null 25 | echo "$(date) - apache2 reloaded" 26 | fi 27 | fi 28 | -------------------------------------------------------------------------------- /demo/apache2-nginx-php7.0/cron/developer-crontab: -------------------------------------------------------------------------------- 1 | * * * * * /tmp/cron.sh >> /tmp/cron.log 2>&1 2 | -------------------------------------------------------------------------------- /demo/apache2-nginx-php7.0/docker/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM serkyron/apache2-nginx-php7.0 2 | WORKDIR /var/www/ 3 | COPY entrypoint /usr/bin 4 | ENTRYPOINT ["entrypoint"] 5 | -------------------------------------------------------------------------------- /demo/apache2-nginx-php7.0/docker/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | services: 3 | 4 | demo_php7_web: 5 | # replace username/repo:tag with your name and image details 6 | image: demo_apache2-nginx-php7.0 7 | volumes: 8 | - ./demo/www/:/var/www/ 9 | - ./demo/hosts/sites-enabled-apache/:/etc/apache2/sites-enabled/ 10 | - ./demo/hosts/sites-enabled-nginx/:/etc/nginx/sites-enabled/ 11 | - ./demo/apache2-nginx-php7.0/conf/apache2.conf:/etc/apache2/apache2.conf 12 | - ./demo/apache2-nginx-php7.0/conf/ports.conf:/etc/apache2/ports.conf 13 | - ./demo/apache2-nginx-php7.0/conf/remoteip.conf:/etc/apache2/conf-available/remoteip.conf 14 | - ./demo/apache2-nginx-php7.0/conf/php.ini:/etc/php/7.0/apache2/php.ini 15 | - ./demo/apache2-nginx-php7.0/conf/nginx.conf:/etc/nginx/nginx.conf 16 | - ./demo/apache2-nginx-php7.0/cron/developer-crontab/:/etc/cron.d/developer-crontab 17 | - ./demo/apache2-nginx-php7.0/cron/cron.sh:/tmp/cron.sh 18 | - ./demo/apache2-nginx-php7.0/cron/cron.log:/tmp/cron.log 19 | - ./demo/apache2-nginx-php7.0/conf/postfix.cf:/etc/postfix/main.cf 20 | - ./demo/apache2-nginx-php7.0/cron/check_apache.php:/tmp/check_apache.php 21 | - ./demo/apache2-nginx-php7.0/cron/check_nginx.php:/tmp/check_nginx.php 22 | - ./demo/apache2_envvars:/etc/apache2/envvars 23 | - ./demo/apache2-nginx-php7.0/conf/init.d_apache2:/etc/init.d/apache2 24 | - ./bin/:/usr/local/bin 25 | networks: 26 | - demo_webnet 27 | 28 | networks: 29 | demo_webnet: 30 | -------------------------------------------------------------------------------- /demo/apache2-nginx-php7.0/docker/entrypoint: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | chown -R developer:developer /var/www 3 | chown -R root:root /etc/cron.d 4 | a2enmod headers 5 | a2enmod rewrite 6 | a2enmod remoteip 7 | a2enconf remoteip 8 | service apache2 start 9 | service nginx start 10 | service postfix start 11 | cron 12 | crontab /etc/cron.d/developer-crontab 13 | mv /etc/localtime /etc/localtime-old 14 | ln -s /usr/share/zoneinfo/Europe/Moscow /etc/localtime 15 | tail -F -n0 /etc/hosts 16 | -------------------------------------------------------------------------------- /demo/apache2_envvars: -------------------------------------------------------------------------------- 1 | # envvars - default environment variables for apache2ctl 2 | 3 | # this won't be correct after changing uid 4 | unset HOME 5 | 6 | # for supporting multiple apache2 instances 7 | if [ "${APACHE_CONFDIR##/etc/apache2-}" != "${APACHE_CONFDIR}" ] ; then 8 | SUFFIX="-${APACHE_CONFDIR##/etc/apache2-}" 9 | else 10 | SUFFIX= 11 | fi 12 | 13 | # Since there is no sane way to get the parsed apache2 config in scripts, some 14 | # settings are defined via environment variables and then used in apache2ctl, 15 | # /etc/init.d/apache2, /etc/logrotate.d/apache2, etc. 16 | export APACHE_RUN_USER=developer 17 | export APACHE_RUN_GROUP=developer 18 | # temporary state file location. This might be changed to /run in Wheezy+1 19 | export APACHE_PID_FILE=/var/run/apache2/apache2$SUFFIX.pid 20 | export APACHE_RUN_DIR=/var/run/apache2$SUFFIX 21 | export APACHE_LOCK_DIR=/var/lock/apache2$SUFFIX 22 | # Only /var/log/apache2 is handled by /etc/logrotate.d/apache2. 23 | export APACHE_LOG_DIR=/var/log/apache2$SUFFIX 24 | 25 | ## The locale used by some modules like mod_dav 26 | export LANG=C 27 | ## Uncomment the following line to use the system default locale instead: 28 | #. /etc/default/locale 29 | 30 | export LANG 31 | 32 | ## The command to get the status for 'apache2ctl status'. 33 | ## Some packages providing 'www-browser' need '--dump' instead of '-dump'. 34 | #export APACHE_LYNX='www-browser -dump' 35 | 36 | ## If you need a higher file descriptor limit, uncomment and adjust the 37 | ## following line (default is 8192): 38 | #APACHE_ULIMIT_MAX_FILES='ulimit -n 65536' 39 | 40 | ## If you would like to pass arguments to the web server, add them below 41 | ## to the APACHE_ARGUMENTS environment. 42 | #export APACHE_ARGUMENTS='' 43 | 44 | ## Enable the debug mode for maintainer scripts. 45 | ## This will produce a verbose output on package installations of web server modules and web application 46 | ## installations which interact with Apache 47 | #export APACHE2_MAINTSCRIPT_DEBUG=1 48 | -------------------------------------------------------------------------------- /demo/database/.gitignore: -------------------------------------------------------------------------------- 1 | data 2 | -------------------------------------------------------------------------------- /demo/database/conf/debian.cnf: -------------------------------------------------------------------------------- 1 | # Automatically generated for Debian scripts. DO NOT TOUCH! 2 | [client] 3 | host = localhost 4 | user = debian-sys-maint 5 | password = siKsMS9eXqxguhPC 6 | socket = /var/run/mysqld/mysqld.sock 7 | [mysql_upgrade] 8 | host = localhost 9 | user = debian-sys-maint 10 | password = siKsMS9eXqxguhPC 11 | socket = /var/run/mysqld/mysqld.sock 12 | basedir = /usr 13 | -------------------------------------------------------------------------------- /demo/database/conf/my.cnf: -------------------------------------------------------------------------------- 1 | # MariaDB database server configuration file. 2 | # 3 | 4 | # You can copy this file to one of: 5 | # - "/etc/mysql/my.cnf" to set global options, 6 | # - "~/.my.cnf" to set user-specific options. 7 | # 8 | # One can use all long options that the program supports. 9 | # Run program with --help to get a list of available options and with 10 | # --print-defaults to see which it would actually understand and use. 11 | # 12 | # For explanations see 13 | # http://dev.mysql.com/doc/mysql/en/server-system-variables.html 14 | 15 | # This will be passed to all mysql clients 16 | # It has been reported that passwords should be enclosed with ticks/quotes 17 | # escpecially if they contain "#" chars... 18 | # Remember to edit /etc/mysql/debian.cnf when changing the socket location. 19 | [client] 20 | port = 3306 21 | socket = /var/run/mysqld/mysqld.sock 22 | 23 | # Here is entries for some specific programs 24 | # The following values assume you have at least 32M ram 25 | 26 | # This was formally known as [safe_mysqld]. Both versions are currently parsed. 27 | [mysqld_safe] 28 | socket = /var/run/mysqld/mysqld.sock 29 | nice = 0 30 | 31 | [mysqld] 32 | # 33 | # * Basic Settings 34 | # 35 | #user = mysql 36 | pid-file = /var/run/mysqld/mysqld.pid 37 | socket = /var/run/mysqld/mysqld.sock 38 | port = 3306 39 | basedir = /usr 40 | datadir = /var/lib/mysql 41 | tmpdir = /tmp 42 | lc_messages_dir = /usr/share/mysql 43 | lc_messages = en_US 44 | skip-external-locking 45 | # 46 | # Instead of skip-networking the default is now to listen only on 47 | # localhost which is more compatible and is not less secure. 48 | #bind-address = 127.0.0.1 49 | # 50 | # * Fine Tuning 51 | # 52 | max_connections = 100 53 | connect_timeout = 5 54 | wait_timeout = 600 55 | max_allowed_packet = 16M 56 | thread_cache_size = 128 57 | sort_buffer_size = 4M 58 | bulk_insert_buffer_size = 16M 59 | tmp_table_size = 32M 60 | max_heap_table_size = 32M 61 | # 62 | # * MyISAM 63 | # 64 | # This replaces the startup script and checks MyISAM tables if needed 65 | # the first time they are touched. On error, make copy and try a repair. 66 | myisam_recover_options = BACKUP 67 | key_buffer_size = 128M 68 | #open-files-limit = 2000 69 | table_open_cache = 400 70 | myisam_sort_buffer_size = 512M 71 | concurrent_insert = 2 72 | read_buffer_size = 2M 73 | read_rnd_buffer_size = 1M 74 | # 75 | # * Query Cache Configuration 76 | # 77 | # Cache only tiny result sets, so we can fit more in the query cache. 78 | query_cache_limit = 128K 79 | query_cache_size = 64M 80 | # for more write intensive setups, set to DEMAND or OFF 81 | #query_cache_type = DEMAND 82 | # 83 | # * Logging and Replication 84 | # 85 | # Both location gets rotated by the cronjob. 86 | # Be aware that this log type is a performance killer. 87 | # As of 5.1 you can enable the log at runtime! 88 | general_log_file = /var/log/mysql/mysql.log 89 | #general_log = 1 90 | # 91 | # Error logging goes to syslog due to /etc/mysql/conf.d/mysqld_safe_syslog.cnf. 92 | # 93 | # we do want to know about network errors and such 94 | #log_warnings = 2 95 | # 96 | # Enable the slow query log to see queries with especially long duration 97 | #slow_query_log[={0|1}] 98 | slow_query_log_file = /var/log/mysql/mariadb-slow.log 99 | long_query_time = 10 100 | #log_slow_rate_limit = 1000 101 | #log_slow_verbosity = query_plan 102 | 103 | #log-queries-not-using-indexes 104 | #log_slow_admin_statements 105 | # 106 | # The following can be used as easy to replay backup logs or for replication. 107 | # note: if you are setting up a replication slave, see README.Debian about 108 | # other settings you may need to change. 109 | #server-id = 1 110 | #report_host = master1 111 | #auto_increment_increment = 2 112 | #auto_increment_offset = 1 113 | #log_bin = /var/log/mysql/mariadb-bin 114 | #log_bin_index = /var/log/mysql/mariadb-bin.index 115 | # not fab for performance, but safer 116 | #sync_binlog = 1 117 | expire_logs_days = 10 118 | max_binlog_size = 100M 119 | # slaves 120 | #relay_log = /var/log/mysql/relay-bin 121 | #relay_log_index = /var/log/mysql/relay-bin.index 122 | #relay_log_info_file = /var/log/mysql/relay-bin.info 123 | #log_slave_updates 124 | #read_only 125 | # 126 | # If applications support it, this stricter sql_mode prevents some 127 | # mistakes like inserting invalid dates etc. 128 | #sql_mode = NO_ENGINE_SUBSTITUTION,TRADITIONAL 129 | # 130 | # * InnoDB 131 | # 132 | # InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/. 133 | # Read the manual for more InnoDB related options. There are many! 134 | default_storage_engine = InnoDB 135 | # you can't just change log file size, requires special procedure 136 | #innodb_log_file_size = 50M 137 | innodb_buffer_pool_size = 256M 138 | innodb_log_buffer_size = 8M 139 | innodb_file_per_table = 1 140 | innodb_open_files = 400 141 | innodb_io_capacity = 400 142 | innodb_flush_method = O_DIRECT 143 | # 144 | # * Security Features 145 | # 146 | # Read the manual, too, if you want chroot! 147 | # chroot = /var/lib/mysql/ 148 | # 149 | # For generating SSL certificates I recommend the OpenSSL GUI "tinyca". 150 | # 151 | # ssl-ca=/etc/mysql/cacert.pem 152 | # ssl-cert=/etc/mysql/server-cert.pem 153 | # ssl-key=/etc/mysql/server-key.pem 154 | 155 | # 156 | # * Galera-related settings 157 | # 158 | [galera] 159 | # Mandatory settings 160 | #wsrep_on=ON 161 | #wsrep_provider= 162 | #wsrep_cluster_address= 163 | #binlog_format=row 164 | #default_storage_engine=InnoDB 165 | #innodb_autoinc_lock_mode=2 166 | # 167 | # Allow server to accept connections on all interfaces. 168 | # 169 | #bind-address=0.0.0.0 170 | # 171 | # Optional setting 172 | #wsrep_slave_threads=1 173 | #innodb_flush_log_at_trx_commit=0 174 | 175 | [mysqldump] 176 | quick 177 | quote-names 178 | max_allowed_packet = 16M 179 | 180 | [mysql] 181 | #no-auto-rehash # faster start of mysql but no tab completion 182 | 183 | [isamchk] 184 | key_buffer = 16M 185 | 186 | # 187 | # * IMPORTANT: Additional settings that can override those from this file! 188 | # The files must end with '.cnf', otherwise they'll be ignored. 189 | # 190 | !includedir /etc/mysql/conf.d/ 191 | 192 | [mysqld_safe] 193 | log_error=/var/log/mysql/mysql_error.log 194 | 195 | [mysqld] 196 | log_error=/var/log/mysql/mysql_error.log -------------------------------------------------------------------------------- /demo/database/cron/.gitignore: -------------------------------------------------------------------------------- 1 | cron.log 2 | -------------------------------------------------------------------------------- /demo/database/cron/check_mysql.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /demo/database/cron/cron.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ps auxw | grep mysql | grep -v grep > /dev/null 4 | if [ $? != 0 ]; then 5 | /etc/init.d/mysql start > /dev/null 6 | echo "$(date) - mysql started" 7 | else 8 | data=$(/usr/bin/php -q /tmp/check_mysql.php); 9 | if [ $? != 0 ] 10 | then 11 | /etc/init.d/mysql reload > /dev/null 12 | echo "$(date) - mysql reloaded" 13 | fi 14 | fi -------------------------------------------------------------------------------- /demo/database/cron/developer-crontab: -------------------------------------------------------------------------------- 1 | * * * * * /tmp/cron.sh >> /tmp/cron.log 2>&1 2 | -------------------------------------------------------------------------------- /demo/database/docker/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM serkyron/maria_db 2 | COPY entrypoint /usr/bin 3 | ENTRYPOINT ["entrypoint"] -------------------------------------------------------------------------------- /demo/database/docker/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | services: 3 | 4 | demo_maria_db: 5 | image: demo_maria_db 6 | command: [mysqld, --character-set-server=utf8mb4, --collation-server=utf8mb4_unicode_ci] 7 | volumes: 8 | - ./demo/database/data:/var/lib/mysql 9 | - ./demo/database/conf/my.cnf:/etc/mysql/my.cnf 10 | - ./demo/database/conf/debian.cnf:/etc/mysql/debian.cnf 11 | - ./demo/database/cron/developer-crontab/:/etc/cron.d/developer-crontab 12 | - ./demo/database/cron/cron.sh:/tmp/cron.sh 13 | - ./demo/database/cron/cron.log:/tmp/cron.log 14 | environment: 15 | MYSQL_ROOT_PASSWORD: gL*Px|0SJr5#iZtI 16 | networks: 17 | - demo_webnet 18 | 19 | networks: 20 | demo_webnet: 21 | -------------------------------------------------------------------------------- /demo/database/docker/entrypoint: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | chown -R root:root /etc/cron.d 3 | cron 4 | crontab /etc/cron.d/developer-crontab 5 | mysql_install_db --user=mysql --basedir=/usr/ --ldata=/var/lib/mysql/ 6 | service mysql start 7 | query="GRANT ALL PRIVILEGES ON *.* TO 'debian-sys-maint'@'localhost' IDENTIFIED BY 'siKsMS9eXqxguhPC';" 8 | query2="GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '$MYSQL_ROOT_PASSWORD';" 9 | query3="UPDATE mysql.user SET Grant_priv='Y', Super_priv='Y' WHERE User='root';" 10 | query4="delete from mysql.user where user='root' and host!='%';" 11 | query5="SET GLOBAL time_zone ='+03:00';" 12 | mysql -u root -e "$query2" -e "$query" -e "$query4" -e "$query3" -e "$query5" 13 | mv /etc/localtime /etc/localtime-old 14 | ln -s /usr/share/zoneinfo/Europe/Moscow /etc/localtime 15 | tail -F -n0 /etc/hosts 16 | -------------------------------------------------------------------------------- /demo/hosts/sites-enabled-apache/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /demo/hosts/sites-enabled-nginx/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /demo/www/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /empty-docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | -------------------------------------------------------------------------------- /example_hosts/example: -------------------------------------------------------------------------------- 1 | ## 2 | # You should look at the following URL's in order to grasp a solid understanding 3 | # of Nginx configuration files in order to fully unleash the power of Nginx. 4 | 5 | # http://wiki.nginx.org/Pitfalls 6 | # http://wiki.nginx.org/QuickStart 7 | # http://wiki.nginx.org/Configuration 8 | # 9 | # Generally, you will want to move this file somewhere, and start with a clean 10 | # file but keep this around for reference. Or just disable in sites-enabled. 11 | # 12 | # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. 13 | ## 14 | 15 | # Virtual Host configuration for example.com 16 | 17 | # You can move that to a different file under sites-available/ and symlink that 18 | # to sites-enabled/ to enable it. 19 | # 20 | 21 | server { 22 | listen 80; 23 | listen [::]:80; 24 | 25 | server_name www.example.ru example.ru; 26 | 27 | root /var/www/example/data; 28 | index index.php index.html; 29 | 30 | # Add stdout logging 31 | 32 | error_log /dev/stdout info; 33 | access_log /dev/stdout; 34 | 35 | #error_page 404 /404.html; 36 | 37 | # redirect server error pages to the static page /50x.html 38 | # 39 | error_page 500 502 503 504 /50x.html; 40 | location = /50x.html { 41 | root /usr/share/nginx/html; 42 | } 43 | 44 | access_log /var/www/example/logs/nginx.access.log combined_with_x_real_ip; 45 | error_log /var/www/example/logs/nginx.error.log; 46 | 47 | location / { 48 | proxy_pass http://localhost:8080/; 49 | proxy_set_header Host $host; 50 | proxy_set_header X-Forwarded-For 82.202.249.25; 51 | proxy_redirect off; 52 | } 53 | 54 | location ~*^.+\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|wav|bmp|rtf|js|html)$ { 55 | root /var/www/example/data; 56 | add_header Source nginx; 57 | } 58 | } 59 | 60 | -------------------------------------------------------------------------------- /example_hosts/example.conf: -------------------------------------------------------------------------------- 1 | Listen 8080 2 | 3 | 4 | # The ServerName directive sets the request scheme, hostname and port that 5 | # the server uses to identify itself. This is used when creating 6 | # redirection URLs. In the context of virtual hosts, the ServerName 7 | # specifies what hostname must appear in the request's Host: header to 8 | # match this virtual host. For the default virtual host (this file) this 9 | # value is not decisive as it is used as a last resort host regardless. 10 | # However, you must set it for any further virtual host explicitly. 11 | 12 | ServerName example.ru 13 | ServerAlias www.example.ru 14 | 15 | ServerAdmin webmaster@localhost 16 | DocumentRoot /var/www/example/data 17 | 18 | 19 | Allowoverride All 20 | 21 | 22 | # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, 23 | # error, crit, alert, emerg. 24 | # It is also possible to configure the loglevel for particular 25 | # modules, e.g. 26 | #LogLevel info ssl:warn 27 | 28 | ErrorLog /var/www/example/logs/apache.error.log 29 | CustomLog /var/www/example/logs/apache.access.log combined_with_x_real_ip 30 | 31 | # For most configuration files from conf-available/, which are 32 | # enabled or disabled at a global level, it is possible to 33 | # include a line for only one particular virtual host. For example the 34 | # following line enables the CGI configuration for this host only 35 | # after it has been globally disabled with "a2disconf". 36 | #Include conf-available/serve-cgi-bin.conf 37 | 38 | 39 | # vim: syntax=apache ts=4 sw=4 sts=4 sr noet 40 | -------------------------------------------------------------------------------- /example_hosts/example_ssl: -------------------------------------------------------------------------------- 1 | ## 2 | # You should look at the following URL's in order to grasp a solid understanding 3 | # of Nginx configuration files in order to fully unleash the power of Nginx. 4 | 5 | # http://wiki.nginx.org/Pitfalls 6 | # http://wiki.nginx.org/QuickStart 7 | # http://wiki.nginx.org/Configuration 8 | # 9 | # Generally, you will want to move this file somewhere, and start with a clean 10 | # file but keep this around for reference. Or just disable in sites-enabled. 11 | # 12 | # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. 13 | ## 14 | 15 | # Virtual Host configuration for example.com 16 | 17 | # You can move that to a different file under sites-available/ and symlink that 18 | # to sites-enabled/ to enable it. 19 | # 20 | 21 | server { 22 | listen 80; 23 | listen [::]:80; 24 | 25 | server_name www.example.ru example.ru; 26 | 27 | root /var/www/example/data; 28 | index index.php index.html; 29 | 30 | # Add stdout logging 31 | 32 | error_log /dev/stdout info; 33 | access_log /dev/stdout; 34 | 35 | #error_page 404 /404.html; 36 | 37 | # redirect server error pages to the static page /50x.html 38 | # 39 | error_page 500 502 503 504 /50x.html; 40 | location = /50x.html { 41 | root /usr/share/nginx/html; 42 | } 43 | 44 | access_log /var/www/example/logs/nginx.access.log combined_with_x_real_ip; 45 | error_log /var/www/example/logs/nginx.error.log; 46 | 47 | location / { 48 | proxy_pass http://localhost:8080/; 49 | proxy_set_header Host $host; 50 | proxy_set_header X-Forwarded-For 82.202.249.25; 51 | proxy_set_header X-Forwarded-Proto https; 52 | proxy_redirect off; 53 | } 54 | 55 | location ~*^.+\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|wav|bmp|rtf|js|html)$ { 56 | root /var/www/example/data; 57 | add_header Source nginx; 58 | } 59 | } 60 | 61 | -------------------------------------------------------------------------------- /example_hosts/example_ssl.conf: -------------------------------------------------------------------------------- 1 | Listen 8080 2 | 3 | 4 | # The ServerName directive sets the request scheme, hostname and port that 5 | # the server uses to identify itself. This is used when creating 6 | # redirection URLs. In the context of virtual hosts, the ServerName 7 | # specifies what hostname must appear in the request's Host: header to 8 | # match this virtual host. For the default virtual host (this file) this 9 | # value is not decisive as it is used as a last resort host regardless. 10 | # However, you must set it for any further virtual host explicitly. 11 | 12 | ServerName example.ru 13 | ServerAlias www.example.ru 14 | 15 | SetEnvIf X-Forwarded-Proto https HTTPS=on 16 | 17 | ServerAdmin webmaster@localhost 18 | DocumentRoot /var/www/example/data 19 | 20 | 21 | Allowoverride All 22 | 23 | 24 | # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, 25 | # error, crit, alert, emerg. 26 | # It is also possible to configure the loglevel for particular 27 | # modules, e.g. 28 | #LogLevel info ssl:warn 29 | 30 | ErrorLog /var/www/example/logs/apache.error.log 31 | CustomLog /var/www/example/logs/apache.access.log combined_with_x_real_ip 32 | 33 | # For most configuration files from conf-available/, which are 34 | # enabled or disabled at a global level, it is possible to 35 | # include a line for only one particular virtual host. For example the 36 | # following line enables the CGI configuration for this host only 37 | # after it has been globally disabled with "a2disconf". 38 | #Include conf-available/serve-cgi-bin.conf 39 | 40 | 41 | # vim: syntax=apache ts=4 sw=4 sts=4 sr noet 42 | -------------------------------------------------------------------------------- /example_hosts/proxy/example: -------------------------------------------------------------------------------- 1 | # Virtual Host configuration for example.com 2 | # 3 | # You can move that to a different file under sites-available/ and symlink that 4 | # to sites-enabled/ to enable it. 5 | # 6 | 7 | server { 8 | listen 80; 9 | 10 | server_name example.ru www.example.ru; 11 | 12 | location / { 13 | proxy_pass http://demo_php7_web; 14 | } 15 | } 16 | 17 | -------------------------------------------------------------------------------- /example_hosts/proxy/example_ssl: -------------------------------------------------------------------------------- 1 | # Virtual Host configuration for example.com 2 | # 3 | # You can move that to a different file under sites-available/ and symlink that 4 | # to sites-enabled/ to enable it. 5 | # 6 | 7 | server { 8 | listen 80; 9 | server_name example.ru www.example.ru; 10 | return 301 https://$server_name$request_uri; 11 | } 12 | 13 | server { 14 | listen 443; 15 | server_name example.ru www.example.ru; 16 | 17 | ssl_certificate /etc/nginx/certs/example.ru.crt; 18 | ssl_certificate_key /etc/nginx/certs/example.ru.key; 19 | 20 | ssl on; 21 | ssl_session_cache builtin:1000 shared:SSL:10m; 22 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 23 | ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4; 24 | ssl_prefer_server_ciphers on; 25 | 26 | location / { 27 | proxy_pass http://prod_php7_web; 28 | } 29 | } 30 | 31 | -------------------------------------------------------------------------------- /prod/apache2-nginx-php5.6/conf/apache2.conf: -------------------------------------------------------------------------------- 1 | # This is the main Apache server configuration file. It contains the 2 | # configuration directives that give the server its instructions. 3 | # See http://httpd.apache.org/docs/2.4/ for detailed information about 4 | # the directives and /usr/share/doc/apache2/README.Debian about Debian specific 5 | # hints. 6 | # 7 | # 8 | # Summary of how the Apache 2 configuration works in Debian: 9 | # The Apache 2 web server configuration in Debian is quite different to 10 | # upstream's suggested way to configure the web server. This is because Debian's 11 | # default Apache2 installation attempts to make adding and removing modules, 12 | # virtual hosts, and extra configuration directives as flexible as possible, in 13 | # order to make automating the changes and administering the server as easy as 14 | # possible. 15 | 16 | # It is split into several files forming the configuration hierarchy outlined 17 | # below, all located in the /etc/apache2/ directory: 18 | # 19 | # /etc/apache2/ 20 | # |-- apache2.conf 21 | # | `-- ports.conf 22 | # |-- mods-enabled 23 | # | |-- *.load 24 | # | `-- *.conf 25 | # |-- conf-enabled 26 | # | `-- *.conf 27 | # `-- sites-enabled 28 | # `-- *.conf 29 | # 30 | # 31 | # * apache2.conf is the main configuration file (this file). It puts the pieces 32 | # together by including all remaining configuration files when starting up the 33 | # web server. 34 | # 35 | # * ports.conf is always included from the main configuration file. It is 36 | # supposed to determine listening ports for incoming connections which can be 37 | # customized anytime. 38 | # 39 | # * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/ 40 | # directories contain particular configuration snippets which manage modules, 41 | # global configuration fragments, or virtual host configurations, 42 | # respectively. 43 | # 44 | # They are activated by symlinking available configuration files from their 45 | # respective *-available/ counterparts. These should be managed by using our 46 | # helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See 47 | # their respective man pages for detailed information. 48 | # 49 | # * The binary is called apache2. Due to the use of environment variables, in 50 | # the default configuration, apache2 needs to be started/stopped with 51 | # /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not 52 | # work with the default configuration. 53 | 54 | 55 | # Global configuration 56 | # 57 | 58 | ServerName localhost 59 | 60 | # 61 | # ServerRoot: The top of the directory tree under which the server's 62 | # configuration, error, and log files are kept. 63 | # 64 | # NOTE! If you intend to place this on an NFS (or otherwise network) 65 | # mounted filesystem then please read the Mutex documentation (available 66 | # at ); 67 | # you will save yourself a lot of trouble. 68 | # 69 | # Do NOT add a slash at the end of the directory path. 70 | # 71 | #ServerRoot "/etc/apache2" 72 | 73 | # 74 | # The accept serialization lock file MUST BE STORED ON A LOCAL DISK. 75 | # 76 | Mutex file:${APACHE_LOCK_DIR} default 77 | 78 | # 79 | # PidFile: The file in which the server should record its process 80 | # identification number when it starts. 81 | # This needs to be set in /etc/apache2/envvars 82 | # 83 | PidFile ${APACHE_PID_FILE} 84 | 85 | # 86 | # Timeout: The number of seconds before receives and sends time out. 87 | # 88 | Timeout 300 89 | 90 | # 91 | # KeepAlive: Whether or not to allow persistent connections (more than 92 | # one request per connection). Set to "Off" to deactivate. 93 | # 94 | KeepAlive On 95 | 96 | # 97 | # MaxKeepAliveRequests: The maximum number of requests to allow 98 | # during a persistent connection. Set to 0 to allow an unlimited amount. 99 | # We recommend you leave this number high, for maximum performance. 100 | # 101 | MaxKeepAliveRequests 100 102 | 103 | # 104 | # KeepAliveTimeout: Number of seconds to wait for the next request from the 105 | # same client on the same connection. 106 | # 107 | KeepAliveTimeout 5 108 | 109 | 110 | # These need to be set in /etc/apache2/envvars 111 | User ${APACHE_RUN_USER} 112 | Group ${APACHE_RUN_GROUP} 113 | 114 | # 115 | # HostnameLookups: Log the names of clients or just their IP addresses 116 | # e.g., www.apache.org (on) or 204.62.129.132 (off). 117 | # The default is off because it'd be overall better for the net if people 118 | # had to knowingly turn this feature on, since enabling it means that 119 | # each client request will result in AT LEAST one lookup request to the 120 | # nameserver. 121 | # 122 | HostnameLookups Off 123 | 124 | # ErrorLog: The location of the error log file. 125 | # If you do not specify an ErrorLog directive within a 126 | # container, error messages relating to that virtual host will be 127 | # logged here. If you *do* define an error logfile for a 128 | # container, that host's errors will be logged there and not here. 129 | # 130 | ErrorLog ${APACHE_LOG_DIR}/error.log 131 | 132 | # 133 | # LogLevel: Control the severity of messages logged to the error_log. 134 | # Available values: trace8, ..., trace1, debug, info, notice, warn, 135 | # error, crit, alert, emerg. 136 | # It is also possible to configure the log level for particular modules, e.g. 137 | # "LogLevel info ssl:warn" 138 | # 139 | LogLevel warn 140 | 141 | # Include module configuration: 142 | IncludeOptional mods-enabled/*.load 143 | IncludeOptional mods-enabled/*.conf 144 | 145 | # Include list of ports to listen on 146 | Include ports.conf 147 | 148 | 149 | # Sets the default security model of the Apache2 HTTPD server. It does 150 | # not allow access to the root filesystem outside of /usr/share and /var/www. 151 | # The former is used by web applications packaged in Debian, 152 | # the latter may be used for local directories served by the web server. If 153 | # your system is serving content from a sub-directory in /srv you must allow 154 | # access here, or in any related virtual host. 155 | 156 | Options FollowSymLinks 157 | AllowOverride None 158 | Require all denied 159 | 160 | 161 | 162 | AllowOverride None 163 | Require all granted 164 | 165 | 166 | 167 | Options Indexes FollowSymLinks 168 | AllowOverride None 169 | Require all granted 170 | 171 | 172 | # 173 | # Options Indexes FollowSymLinks 174 | # AllowOverride None 175 | # Require all granted 176 | # 177 | 178 | 179 | 180 | 181 | # AccessFileName: The name of the file to look for in each directory 182 | # for additional configuration directives. See also the AllowOverride 183 | # directive. 184 | # 185 | AccessFileName .htaccess 186 | 187 | # 188 | # The following lines prevent .htaccess and .htpasswd files from being 189 | # viewed by Web clients. 190 | # 191 | 192 | Require all denied 193 | 194 | 195 | 196 | # 197 | # The following directives define some format nicknames for use with 198 | # a CustomLog directive. 199 | # 200 | # These deviate from the Common Log Format definitions in that they use %O 201 | # (the actual bytes sent including headers) instead of %b (the size of the 202 | # requested file), because the latter makes it impossible to detect partial 203 | # requests. 204 | # 205 | # Note that the use of %{X-Forwarded-For}i instead of %h is not recommended. 206 | # Use mod_remoteip instead. 207 | # 208 | LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined 209 | LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined 210 | LogFormat "%h %l %u %t \"%r\" %>s %O" common 211 | LogFormat "%{Referer}i -> %U" referer 212 | LogFormat "%{User-agent}i" agent 213 | #custom 214 | LogFormat "%{X-Real-IP}i %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined_with_x_real_ip 215 | 216 | # Include of directories ignores editors' and dpkg's backup files, 217 | # see README.Debian for details. 218 | 219 | # Include generic snippets of statements 220 | IncludeOptional conf-enabled/*.conf 221 | 222 | # Include the virtual host configurations: 223 | IncludeOptional sites-enabled/*.conf 224 | 225 | # vim: syntax=apache ts=4 sw=4 sts=4 sr noet 226 | -------------------------------------------------------------------------------- /prod/apache2-nginx-php5.6/conf/init.d_apache2: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | ### BEGIN INIT INFO 3 | # Provides: apache2 4 | # Required-Start: $local_fs $remote_fs $network $syslog $named 5 | # Required-Stop: $local_fs $remote_fs $network $syslog $named 6 | # Default-Start: 2 3 4 5 7 | # Default-Stop: 0 1 6 8 | # X-Interactive: true 9 | # Short-Description: Apache2 web server 10 | # Description: Start the web server 11 | # This script will start the apache2 web server. 12 | ### END INIT INFO 13 | 14 | DESC="Apache httpd web server" 15 | NAME=apache2 16 | DAEMON=/usr/sbin/$NAME 17 | 18 | SCRIPTNAME="${0##*/}" 19 | SCRIPTNAME="${SCRIPTNAME##[KS][0-9][0-9]}" 20 | if [ -n "$APACHE_CONFDIR" ] ; then 21 | if [ "${APACHE_CONFDIR##/etc/apache2-}" != "${APACHE_CONFDIR}" ] ; then 22 | DIR_SUFFIX="${APACHE_CONFDIR##/etc/apache2-}" 23 | else 24 | DIR_SUFFIX= 25 | fi 26 | elif [ "${SCRIPTNAME##apache2-}" != "$SCRIPTNAME" ] ; then 27 | DIR_SUFFIX="-${SCRIPTNAME##apache2-}" 28 | APACHE_CONFDIR=/etc/apache2$DIR_SUFFIX 29 | else 30 | DIR_SUFFIX= 31 | APACHE_CONFDIR=/etc/apache2 32 | fi 33 | if [ -z "$APACHE_ENVVARS" ] ; then 34 | APACHE_ENVVARS=$APACHE_CONFDIR/envvars 35 | fi 36 | export APACHE_CONFDIR APACHE_ENVVARS 37 | 38 | ENV="env -i LANG=C PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" 39 | if [ "$APACHE_CONFDIR" != /etc/apache2 ] ; then 40 | ENV="$ENV APACHE_CONFDIR=$APACHE_CONFDIR" 41 | fi 42 | if [ "$APACHE_ENVVARS" != "$APACHE_CONFDIR/envvars" ] ; then 43 | ENV="$ENV APACHE_ENVVARS=$APACHE_ENVVARS" 44 | fi 45 | 46 | PIDFILE=$(. $APACHE_ENVVARS && echo $APACHE_PID_FILE) 47 | 48 | VERBOSE=no 49 | if [ -f /etc/default/rcS ]; then 50 | . /etc/default/rcS 51 | fi 52 | . /lib/lsb/init-functions 53 | 54 | 55 | # Now, set defaults: 56 | APACHE2CTL="$ENV apache2ctl" 57 | PIDFILE=$(. $APACHE_ENVVARS && echo $APACHE_PID_FILE) 58 | APACHE2_INIT_MESSAGE="" 59 | 60 | CONFTEST_OUTFILE= 61 | cleanup() { 62 | if [ -n "$CONFTEST_OUTFILE" ] ; then 63 | rm -f "$CONFTEST_OUTFILE" 64 | fi 65 | } 66 | trap cleanup 0 # "0" means "EXIT", but "EXIT" is not portable 67 | 68 | 69 | apache_conftest() { 70 | [ -z "$CONFTEST_OUTFILE" ] || rm -f "$CONFTEST_OUTFILE" 71 | CONFTEST_OUTFILE=$(mktemp) 72 | if ! $APACHE2CTL configtest > "$CONFTEST_OUTFILE" 2>&1 ; then 73 | return 1 74 | else 75 | rm -f "$CONFTEST_OUTFILE" 76 | CONFTEST_OUTFILE= 77 | return 0 78 | fi 79 | } 80 | 81 | clear_error_msg() { 82 | [ -z "$CONFTEST_OUTFILE" ] || rm -f "$CONFTEST_OUTFILE" 83 | CONFTEST_OUTFILE= 84 | APACHE2_INIT_MESSAGE= 85 | } 86 | 87 | print_error_msg() { 88 | [ -z "$APACHE2_INIT_MESSAGE" ] || log_warning_msg "$APACHE2_INIT_MESSAGE" 89 | if [ -n "$CONFTEST_OUTFILE" ] ; then 90 | echo "Output of config test was:" >&2 91 | cat "$CONFTEST_OUTFILE" >&2 92 | rm -f "$CONFTEST_OUTFILE" 93 | CONFTEST_OUTFILE= 94 | fi 95 | } 96 | 97 | apache_wait_start() { 98 | local STATUS=$1 99 | local i=0 100 | 101 | if [ $STATUS != 0 ] ; then 102 | return $STATUS 103 | fi 104 | while : ; do 105 | PIDTMP=$(pidofproc -p $PIDFILE $DAEMON) 106 | if [ -n "${PIDTMP:-}" ] && kill -0 "${PIDTMP:-}" 2> /dev/null; then 107 | return $STATUS 108 | fi 109 | 110 | if [ $i = "20" ] ; then 111 | APACHE2_INIT_MESSAGE="The apache2$DIR_SUFFIX instance did not start within 20 seconds. Please read the log files to discover problems" 112 | return 2 113 | fi 114 | 115 | [ "$VERBOSE" != no ] && log_progress_msg "." 116 | sleep 1 117 | i=$(($i+1)) 118 | done 119 | } 120 | 121 | apache_wait_stop() { 122 | local STATUS=$1 123 | 124 | if [ $STATUS != 0 ] ; then 125 | return $STATUS 126 | fi 127 | 128 | PIDTMP=$(pidofproc -p $PIDFILE $DAEMON) 129 | if [ -n "${PIDTMP:-}" ] && kill -0 "${PIDTMP:-}" 2> /dev/null; then 130 | local i=0 131 | while kill -0 "${PIDTMP:-}" 2> /dev/null; do 132 | if [ $i = '60' ]; then 133 | break 134 | STATUS=2 135 | fi 136 | [ "$VERBOSE" != no ] && log_progress_msg "." 137 | sleep 1 138 | i=$(($i+1)) 139 | done 140 | return $STATUS 141 | else 142 | return $STATUS 143 | fi 144 | } 145 | 146 | 147 | # 148 | # Function that starts the daemon/service 149 | # 150 | do_start() 151 | { 152 | # Return 153 | # 0 if daemon has been started 154 | # 1 if daemon was already running 155 | # 2 if daemon could not be started 156 | 157 | ulimit -s unlimited 158 | if pidofproc -p $PIDFILE "$DAEMON" > /dev/null 2>&1 ; then 159 | return 1 160 | fi 161 | 162 | if apache_conftest ; then 163 | $APACHE2CTL start 164 | apache_wait_start $? 165 | return $? 166 | else 167 | APACHE2_INIT_MESSAGE="The apache2$DIR_SUFFIX configtest failed." 168 | return 2 169 | fi 170 | } 171 | 172 | # 173 | # Function that stops the daemon/service 174 | # 175 | do_stop() 176 | { 177 | # Return 178 | # 0 if daemon has been stopped 179 | # 1 if daemon was already stopped 180 | # 2 if daemon could not be stopped 181 | # other if a failure occurred 182 | 183 | # either "stop" or "graceful-stop" 184 | local STOP=$1 185 | # can't use pidofproc from LSB here 186 | local AP_RET=0 187 | 188 | if pidof $DAEMON > /dev/null 2>&1 ; then 189 | if [ -e $PIDFILE ] && pidof $DAEMON | tr ' ' '\n' | grep -w $(cat $PIDFILE) > /dev/null 2>&1 ; then 190 | AP_RET=2 191 | else 192 | AP_RET=1 193 | fi 194 | else 195 | AP_RET=0 196 | fi 197 | 198 | # AP_RET is: 199 | # 0 if Apache (whichever) is not running 200 | # 1 if Apache (whichever) is running 201 | # 2 if Apache from the PIDFILE is running 202 | 203 | if [ $AP_RET = 0 ] ; then 204 | return 1 205 | fi 206 | 207 | if [ $AP_RET = 2 ] && apache_conftest ; then 208 | $APACHE2CTL $STOP > /dev/null 2>&1 209 | apache_wait_stop $? 210 | return $? 211 | else 212 | if [ $AP_RET = 2 ]; then 213 | clear_error_msg 214 | APACHE2_INIT_MESSAGE="The apache2$DIR_SUFFIX configtest failed, so we are trying to kill it manually. This is almost certainly suboptimal, so please make sure your system is working as you'd expect now!" 215 | killproc -p $PIDFILE $DAEMON 216 | apache_wait_stop $? 217 | return $? 218 | elif [ $AP_RET = 1 ] ; then 219 | APACHE2_INIT_MESSAGE="There are processes named 'apache2' running which do not match your pid file which are left untouched in the name of safety, Please review the situation by hand". 220 | return 2 221 | fi 222 | fi 223 | 224 | } 225 | 226 | 227 | # 228 | # Function that sends a SIGHUP to the daemon/service 229 | # 230 | do_reload() { 231 | if apache_conftest; then 232 | if ! pidofproc -p $PIDFILE "$DAEMON" > /dev/null 2>&1 ; then 233 | APACHE2_INIT_MESSAGE="Apache2 is not running" 234 | return 2 235 | fi 236 | $APACHE2CTL graceful > /dev/null 2>&1 237 | return $? 238 | else 239 | APACHE2_INIT_MESSAGE="The apache2$DIR_SUFFIX configtest failed. Not doing anything." 240 | return 2 241 | fi 242 | } 243 | 244 | 245 | # Sanity checks. They need to occur after function declarations 246 | [ -x $DAEMON ] || exit 0 247 | 248 | if [ ! -x $DAEMON ] ; then 249 | echo "No apache-bin package installed" 250 | exit 0 251 | fi 252 | 253 | if [ -z "$PIDFILE" ] ; then 254 | echo ERROR: APACHE_PID_FILE needs to be defined in $APACHE_ENVVARS >&2 255 | exit 2 256 | fi 257 | 258 | 259 | case "$1" in 260 | start) 261 | log_daemon_msg "Starting $DESC" "$NAME" 262 | do_start 263 | RET_STATUS=$? 264 | case "$RET_STATUS" in 265 | 0|1) 266 | log_success_msg 267 | [ "$VERBOSE" != no ] && [ $RET_STATUS = 1 ] && log_warning_msg "Server was already running" 268 | ;; 269 | 2) 270 | log_failure_msg 271 | print_error_msg 272 | exit 1 273 | ;; 274 | esac 275 | ;; 276 | stop|graceful-stop) 277 | log_daemon_msg "Stopping $DESC" "$NAME" 278 | do_stop "$1" 279 | RET_STATUS=$? 280 | case "$RET_STATUS" in 281 | 0|1) 282 | log_success_msg 283 | [ "$VERBOSE" != no ] && [ $RET_STATUS = 1 ] && log_warning_msg "Server was not running" 284 | ;; 285 | 2) 286 | log_failure_msg 287 | print_error_msg 288 | exit 1 289 | ;; 290 | esac 291 | print_error_msg 292 | 293 | ;; 294 | status) 295 | status_of_proc -p $PIDFILE "apache2" "$NAME" 296 | exit $? 297 | ;; 298 | reload|force-reload|graceful) 299 | log_daemon_msg "Reloading $DESC" "$NAME" 300 | do_reload 301 | RET_STATUS=$? 302 | case "$RET_STATUS" in 303 | 0|1) 304 | log_success_msg 305 | [ "$VERBOSE" != no ] && [ $RET_STATUS = 1 ] && log_warning_msg "Server was already running" 306 | ;; 307 | 2) 308 | log_failure_msg 309 | print_error_msg 310 | exit 1 311 | ;; 312 | esac 313 | print_error_msg 314 | ;; 315 | restart) 316 | log_daemon_msg "Restarting $DESC" "$NAME" 317 | do_stop stop 318 | case "$?" in 319 | 0|1) 320 | do_start 321 | case "$?" in 322 | 0) 323 | log_end_msg 0 324 | ;; 325 | 1|*) 326 | log_end_msg 1 # Old process is still or failed to running 327 | print_error_msg 328 | exit 1 329 | ;; 330 | esac 331 | ;; 332 | *) 333 | # Failed to stop 334 | log_end_msg 1 335 | print_error_msg 336 | exit 1 337 | ;; 338 | esac 339 | ;; 340 | start-htcacheclean|stop-htcacheclean) 341 | echo "Use 'service apache-htcacheclean' instead" 342 | ;; 343 | *) 344 | echo "Usage: $SCRIPTNAME {start|stop|graceful-stop|restart|reload|force-reload}" >&2 345 | exit 3 346 | ;; 347 | esac 348 | 349 | exit 0 350 | 351 | # vim: syntax=sh ts=4 sw=4 sts=4 sr noet 352 | -------------------------------------------------------------------------------- /prod/apache2-nginx-php5.6/conf/nginx.conf: -------------------------------------------------------------------------------- 1 | user www-data; 2 | worker_processes auto; 3 | pid /run/nginx.pid; 4 | 5 | events { 6 | worker_connections 768; 7 | # multi_accept on; 8 | } 9 | 10 | http { 11 | 12 | ## 13 | # Basic Settings 14 | ## 15 | 16 | sendfile on; 17 | tcp_nopush on; 18 | tcp_nodelay on; 19 | keepalive_timeout 65; 20 | types_hash_max_size 2048; 21 | 22 | include /etc/nginx/mime.types; 23 | default_type application/octet-stream; 24 | 25 | client_max_body_size 10m; 26 | client_body_buffer_size 4m; 27 | proxy_buffering on; 28 | proxy_connect_timeout 300; 29 | proxy_send_timeout 300; 30 | proxy_read_timeout 300; 31 | proxy_buffer_size 64k; 32 | proxy_buffers 8 64k; 33 | proxy_busy_buffers_size 64k; 34 | proxy_temp_file_write_size 10m; 35 | 36 | proxy_set_header Host $http_host; 37 | proxy_set_header X-Real-IP $remote_addr; 38 | 39 | ## 40 | # SSL Settings 41 | ## 42 | 43 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE 44 | ssl_prefer_server_ciphers on; 45 | 46 | ## 47 | # Logging Settings 48 | ## 49 | 50 | access_log /var/log/nginx/access.log; 51 | error_log /var/log/nginx/error.log; 52 | 53 | log_format combined_with_x_real_ip '$http_x_real_ip [$time_local] ' 54 | '"$request" $status $body_bytes_sent "$http_referer" ' 55 | '"$http_user_agent"' ; 56 | 57 | ## 58 | # Virtual Host Configs 59 | ## 60 | 61 | include /etc/nginx/conf.d/*.conf; 62 | include /etc/nginx/sites-enabled/*; 63 | } 64 | -------------------------------------------------------------------------------- /prod/apache2-nginx-php5.6/conf/ports.conf: -------------------------------------------------------------------------------- 1 | # If you just change the port or add more ports here, you will likely also 2 | # have to change the VirtualHost statement in 3 | # /etc/apache2/sites-enabled/000-default.conf 4 | 5 | Listen 8080 6 | 7 | 8 | Listen 443 9 | 10 | 11 | 12 | Listen 443 13 | 14 | 15 | # vim: syntax=apache ts=4 sw=4 sts=4 sr noet 16 | 17 | 18 | 19 | -------------------------------------------------------------------------------- /prod/apache2-nginx-php5.6/conf/postfix.cf: -------------------------------------------------------------------------------- 1 | # See /usr/share/postfix/main.cf.dist for a commented, more complete version 2 | 3 | 4 | # Debian specific: Specifying a file name will cause the first 5 | # line of that file to be used as the name. The Debian default 6 | # is /etc/mailname. 7 | #myorigin = /etc/mailname 8 | 9 | smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) 10 | biff = no 11 | 12 | # appending .domain is the MUA's job. 13 | append_dot_mydomain = no 14 | 15 | # Uncomment the next line to generate "delayed mail" warnings 16 | #delay_warning_time = 4h 17 | 18 | readme_directory = no 19 | 20 | # TLS parameters 21 | smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem 22 | smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key 23 | smtpd_use_tls=yes 24 | smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache 25 | smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache 26 | 27 | # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for 28 | # information on enabling SSL in the smtp client. 29 | 30 | smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination 31 | myhostname = sinc.ru 32 | alias_maps = hash:/etc/aliases 33 | alias_database = hash:/etc/aliases 34 | mydestination = $myhostname, localhost.localdomain, , localhost 35 | relayhost = 36 | mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 37 | mailbox_size_limit = 0 38 | recipient_delimiter = + 39 | inet_interfaces = loopback-only 40 | inet_protocols = all 41 | -------------------------------------------------------------------------------- /prod/apache2-nginx-php5.6/conf/remoteip.conf: -------------------------------------------------------------------------------- 1 | RemoteIPHeader X-Forwarded-For 2 | RemoteIPTrustedProxy 127.0.0.1 -------------------------------------------------------------------------------- /prod/apache2-nginx-php5.6/cron/.gitignore: -------------------------------------------------------------------------------- 1 | cron.log 2 | -------------------------------------------------------------------------------- /prod/apache2-nginx-php5.6/cron/check_apache.php: -------------------------------------------------------------------------------- 1 | &$file) { 10 | $modifiedTime = filemtime($dir."/".$file); 11 | $file = [ 12 | 'name' => $file, 13 | 'path' => $dir."/".$file, 14 | 'modified' => $modifiedTime 15 | ]; 16 | if (time() - $modifiedTime <= 60) 17 | exit(1); 18 | } 19 | 20 | /* Check apache2 conf */ 21 | if (time() - filemtime('/etc/apache2/apache2.conf') <= 60) 22 | exit(1); 23 | 24 | /* Check ports.conf */ 25 | if (time() - filemtime('/etc/apache2/ports.conf') <= 60) 26 | exit(1); 27 | 28 | /* Check remote ip */ 29 | if (time() - filemtime('/etc/apache2/conf-available/remoteip.conf') <= 60) 30 | exit(1); 31 | 32 | /* Check php.ini */ 33 | if (time() - filemtime('/etc/php/5.6/apache2/php.ini') <= 60) 34 | exit(1); 35 | 36 | exit(0); 37 | ?> -------------------------------------------------------------------------------- /prod/apache2-nginx-php5.6/cron/check_nginx.php: -------------------------------------------------------------------------------- 1 | &$file) { 10 | $modifiedTime = filemtime($dir."/".$file); 11 | $file = [ 12 | 'name' => $file, 13 | 'path' => $dir."/".$file, 14 | 'modified' => $modifiedTime 15 | ]; 16 | if (time() - $modifiedTime <= 60) 17 | exit(1); 18 | } 19 | 20 | /* Check apache2 conf */ 21 | if (time() - filemtime('/etc/nginx/nginx.conf') <= 60) 22 | exit(1); 23 | 24 | exit(0); 25 | ?> -------------------------------------------------------------------------------- /prod/apache2-nginx-php5.6/cron/cron.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ps auxw | grep nginx | grep -v grep > /dev/null 4 | if [ $? != 0 ]; then 5 | /etc/init.d/nginx start > /dev/null 6 | echo "$(date) - nginx started" 7 | else 8 | data=$(/usr/bin/php -q /tmp/check_nginx.php); 9 | if [ $? != 0 ] 10 | then 11 | /etc/init.d/nginx reload > /dev/null 12 | echo "$(date) - nginx reloaded" 13 | fi 14 | fi 15 | 16 | ps auxw | grep apache2 | grep -v grep > /dev/null 17 | if [ $? != 0 ]; then 18 | /etc/init.d/apache2 start > /dev/null 19 | echo "$(date) - apache2 started" 20 | else 21 | data=$(/usr/bin/php -q /tmp/check_apache.php); 22 | if [ $? != 0 ] 23 | then 24 | /etc/init.d/apache2 reload > /dev/null 25 | echo "$(date) - apache2 reloaded" 26 | fi 27 | fi 28 | -------------------------------------------------------------------------------- /prod/apache2-nginx-php5.6/cron/developer-crontab: -------------------------------------------------------------------------------- 1 | * * * * * /tmp/cron.sh >> /tmp/cron.log 2>&1 2 | -------------------------------------------------------------------------------- /prod/apache2-nginx-php5.6/docker/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM serkyron/apache2-nginx-php5.6 2 | WORKDIR /var/www/ 3 | COPY entrypoint /usr/bin 4 | ENTRYPOINT ["entrypoint"] 5 | -------------------------------------------------------------------------------- /prod/apache2-nginx-php5.6/docker/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | services: 3 | 4 | prod_php5_web: 5 | # replace username/repo:tag with your name and image details 6 | image: prod_apache2-nginx-php5.6 7 | volumes: 8 | - ./prod/www/:/var/www/ 9 | - ./prod/hosts/sites-enabled-apache/:/etc/apache2/sites-enabled/ 10 | - ./prod/hosts/sites-enabled-nginx/:/etc/nginx/sites-enabled/ 11 | - ./prod/apache2-nginx-php5.6/conf/apache2.conf:/etc/apache2/apache2.conf 12 | - ./prod/apache2-nginx-php5.6/conf/ports.conf:/etc/apache2/ports.conf 13 | - ./prod/apache2-nginx-php5.6/conf/remoteip.conf:/etc/apache2/conf-available/remoteip.conf 14 | - ./prod/apache2-nginx-php5.6/conf/php.ini:/etc/php/5.6/apache2/php.ini 15 | - ./prod/apache2-nginx-php5.6/conf/nginx.conf:/etc/nginx/nginx.conf 16 | - ./prod/apache2-nginx-php5.6/cron/developer-crontab/:/etc/cron.d/developer-crontab 17 | - ./prod/apache2-nginx-php5.6/cron/cron.sh:/tmp/cron.sh 18 | - ./prod/apache2-nginx-php5.6/cron/cron.log:/tmp/cron.log 19 | - ./prod/apache2-nginx-php5.6/conf/postfix.cf:/etc/postfix/main.cf 20 | - ./prod/apache2-nginx-php5.6/cron/check_apache.php:/tmp/check_apache.php 21 | - ./prod/apache2-nginx-php5.6/cron/check_nginx.php:/tmp/check_nginx.php 22 | - ./prod/apache2_envvars:/etc/apache2/envvars 23 | - ./prod/apache2-nginx-php5.6/conf/init.d_apache2:/etc/init.d/apache2 24 | - ./bin/:/usr/local/bin 25 | networks: 26 | - prod_webnet 27 | 28 | networks: 29 | prod_webnet: 30 | -------------------------------------------------------------------------------- /prod/apache2-nginx-php5.6/docker/entrypoint: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | chown -R developer:developer /var/www 3 | chown -R root:root /etc/cron.d 4 | a2enmod headers 5 | a2enmod rewrite 6 | a2enmod remoteip 7 | a2enconf remoteip 8 | service apache2 start 9 | service nginx start 10 | service postfix start 11 | cron 12 | crontab /etc/cron.d/developer-crontab 13 | mv /etc/localtime /etc/localtime-old 14 | ln -s /usr/share/zoneinfo/Europe/Moscow /etc/localtime 15 | tail -F -n0 /etc/hosts 16 | -------------------------------------------------------------------------------- /prod/apache2-nginx-php7.0/conf/apache2.conf: -------------------------------------------------------------------------------- 1 | # This is the main Apache server configuration file. It contains the 2 | 3 | # configuration directives that give the server its instructions. 4 | # See http://httpd.apache.org/docs/2.4/ for detailed information about 5 | # the directives and /usr/share/doc/apache2/README.Debian about Debian specific 6 | # hints. 7 | # 8 | # 9 | # Summary of how the Apache 2 configuration works in Debian: 10 | # The Apache 2 web server configuration in Debian is quite different to 11 | # upstream's suggested way to configure the web server. This is because Debian's 12 | # default Apache2 installation attempts to make adding and removing modules, 13 | # virtual hosts, and extra configuration directives as flexible as possible, in 14 | # order to make automating the changes and administering the server as easy as 15 | # possible. 16 | 17 | # It is split into several files forming the configuration hierarchy outlined 18 | # below, all located in the /etc/apache2/ directory: 19 | # 20 | # /etc/apache2/ 21 | # |-- apache2.conf 22 | # | `-- ports.conf 23 | # |-- mods-enabled 24 | # | |-- *.load 25 | # | `-- *.conf 26 | # |-- conf-enabled 27 | # | `-- *.conf 28 | # `-- sites-enabled 29 | # `-- *.conf 30 | # 31 | # 32 | # * apache2.conf is the main configuration file (this file). It puts the pieces 33 | # together by including all remaining configuration files when starting up the 34 | # web server. 35 | # 36 | # * ports.conf is always included from the main configuration file. It is 37 | # supposed to determine listening ports for incoming connections which can be 38 | # customized anytime. 39 | # 40 | # * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/ 41 | # directories contain particular configuration snippets which manage modules, 42 | # global configuration fragments, or virtual host configurations, 43 | # respectively. 44 | # 45 | # They are activated by symlinking available configuration files from their 46 | # respective *-available/ counterparts. These should be managed by using our 47 | # helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See 48 | # their respective man pages for detailed information. 49 | # 50 | # * The binary is called apache2. Due to the use of environment variables, in 51 | # the default configuration, apache2 needs to be started/stopped with 52 | # /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not 53 | # work with the default configuration. 54 | 55 | 56 | # Global configuration 57 | # 58 | 59 | ServerName localhost 60 | 61 | # 62 | # ServerRoot: The top of the directory tree under which the server's 63 | # configuration, error, and log files are kept. 64 | # 65 | # NOTE! If you intend to place this on an NFS (or otherwise network) 66 | # mounted filesystem then please read the Mutex documentation (available 67 | # at ); 68 | # you will save yourself a lot of trouble. 69 | # 70 | # Do NOT add a slash at the end of the directory path. 71 | # 72 | #ServerRoot "/etc/apache2" 73 | 74 | # 75 | # The accept serialization lock file MUST BE STORED ON A LOCAL DISK. 76 | # 77 | Mutex file:${APACHE_LOCK_DIR} default 78 | 79 | # 80 | # PidFile: The file in which the server should record its process 81 | # identification number when it starts. 82 | # This needs to be set in /etc/apache2/envvars 83 | # 84 | PidFile ${APACHE_PID_FILE} 85 | 86 | # 87 | # Timeout: The number of seconds before receives and sends time out. 88 | # 89 | Timeout 300 90 | 91 | # 92 | # KeepAlive: Whether or not to allow persistent connections (more than 93 | # one request per connection). Set to "Off" to deactivate. 94 | # 95 | KeepAlive On 96 | 97 | # 98 | # MaxKeepAliveRequests: The maximum number of requests to allow 99 | # during a persistent connection. Set to 0 to allow an unlimited amount. 100 | # We recommend you leave this number high, for maximum performance. 101 | # 102 | MaxKeepAliveRequests 100 103 | 104 | # 105 | # KeepAliveTimeout: Number of seconds to wait for the next request from the 106 | # same client on the same connection. 107 | # 108 | KeepAliveTimeout 5 109 | 110 | 111 | # These need to be set in /etc/apache2/envvars 112 | User ${APACHE_RUN_USER} 113 | Group ${APACHE_RUN_GROUP} 114 | 115 | # 116 | # HostnameLookups: Log the names of clients or just their IP addresses 117 | # e.g., www.apache.org (on) or 204.62.129.132 (off). 118 | # The default is off because it'd be overall better for the net if people 119 | # had to knowingly turn this feature on, since enabling it means that 120 | # each client request will result in AT LEAST one lookup request to the 121 | # nameserver. 122 | # 123 | HostnameLookups Off 124 | 125 | # ErrorLog: The location of the error log file. 126 | # If you do not specify an ErrorLog directive within a 127 | # container, error messages relating to that virtual host will be 128 | # logged here. If you *do* define an error logfile for a 129 | # container, that host's errors will be logged there and not here. 130 | # 131 | ErrorLog ${APACHE_LOG_DIR}/error.log 132 | 133 | # 134 | # LogLevel: Control the severity of messages logged to the error_log. 135 | # Available values: trace8, ..., trace1, debug, info, notice, warn, 136 | # error, crit, alert, emerg. 137 | # It is also possible to configure the log level for particular modules, e.g. 138 | # "LogLevel info ssl:warn" 139 | # 140 | LogLevel warn 141 | 142 | # Include module configuration: 143 | IncludeOptional mods-enabled/*.load 144 | IncludeOptional mods-enabled/*.conf 145 | 146 | # Include list of ports to listen on 147 | Include ports.conf 148 | 149 | 150 | # Sets the default security model of the Apache2 HTTPD server. It does 151 | # not allow access to the root filesystem outside of /usr/share and /var/www. 152 | # The former is used by web applications packaged in Debian, 153 | # the latter may be used for local directories served by the web server. If 154 | # your system is serving content from a sub-directory in /srv you must allow 155 | # access here, or in any related virtual host. 156 | 157 | Options FollowSymLinks 158 | AllowOverride None 159 | Require all denied 160 | 161 | 162 | 163 | AllowOverride None 164 | Require all granted 165 | 166 | 167 | 168 | Options Indexes FollowSymLinks 169 | AllowOverride None 170 | Require all granted 171 | 172 | 173 | # 174 | # Options Indexes FollowSymLinks 175 | # AllowOverride None 176 | # Require all granted 177 | # 178 | 179 | 180 | 181 | 182 | # AccessFileName: The name of the file to look for in each directory 183 | # for additional configuration directives. See also the AllowOverride 184 | # directive. 185 | # 186 | AccessFileName .htaccess 187 | 188 | # 189 | # The following lines prevent .htaccess and .htpasswd files from being 190 | # viewed by Web clients. 191 | # 192 | 193 | Require all denied 194 | 195 | 196 | 197 | # 198 | # The following directives define some format nicknames for use with 199 | # a CustomLog directive. 200 | # 201 | # These deviate from the Common Log Format definitions in that they use %O 202 | # (the actual bytes sent including headers) instead of %b (the size of the 203 | # requested file), because the latter makes it impossible to detect partial 204 | # requests. 205 | # 206 | # Note that the use of %{X-Forwarded-For}i instead of %h is not recommended. 207 | # Use mod_remoteip instead. 208 | # 209 | LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined 210 | LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined 211 | LogFormat "%h %l %u %t \"%r\" %>s %O" common 212 | LogFormat "%{Referer}i -> %U" referer 213 | LogFormat "%{User-agent}i" agent 214 | #custom 215 | LogFormat "%{X-Real-IP}i %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined_with_x_real_ip 216 | 217 | # Include of directories ignores editors' and dpkg's backup files, 218 | # see README.Debian for details. 219 | 220 | # Include generic snippets of statements 221 | IncludeOptional conf-enabled/*.conf 222 | 223 | # Include the virtual host configurations: 224 | IncludeOptional sites-enabled/*.conf 225 | 226 | # vim: syntax=apache ts=4 sw=4 sts=4 sr noet 227 | -------------------------------------------------------------------------------- /prod/apache2-nginx-php7.0/conf/init.d_apache2: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | ### BEGIN INIT INFO 3 | # Provides: apache2 4 | # Required-Start: $local_fs $remote_fs $network $syslog $named 5 | # Required-Stop: $local_fs $remote_fs $network $syslog $named 6 | # Default-Start: 2 3 4 5 7 | # Default-Stop: 0 1 6 8 | # X-Interactive: true 9 | # Short-Description: Apache2 web server 10 | # Description: Start the web server 11 | # This script will start the apache2 web server. 12 | ### END INIT INFO 13 | 14 | DESC="Apache httpd web server" 15 | NAME=apache2 16 | DAEMON=/usr/sbin/$NAME 17 | 18 | SCRIPTNAME="${0##*/}" 19 | SCRIPTNAME="${SCRIPTNAME##[KS][0-9][0-9]}" 20 | if [ -n "$APACHE_CONFDIR" ] ; then 21 | if [ "${APACHE_CONFDIR##/etc/apache2-}" != "${APACHE_CONFDIR}" ] ; then 22 | DIR_SUFFIX="${APACHE_CONFDIR##/etc/apache2-}" 23 | else 24 | DIR_SUFFIX= 25 | fi 26 | elif [ "${SCRIPTNAME##apache2-}" != "$SCRIPTNAME" ] ; then 27 | DIR_SUFFIX="-${SCRIPTNAME##apache2-}" 28 | APACHE_CONFDIR=/etc/apache2$DIR_SUFFIX 29 | else 30 | DIR_SUFFIX= 31 | APACHE_CONFDIR=/etc/apache2 32 | fi 33 | if [ -z "$APACHE_ENVVARS" ] ; then 34 | APACHE_ENVVARS=$APACHE_CONFDIR/envvars 35 | fi 36 | export APACHE_CONFDIR APACHE_ENVVARS 37 | 38 | ENV="env -i LANG=C PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" 39 | if [ "$APACHE_CONFDIR" != /etc/apache2 ] ; then 40 | ENV="$ENV APACHE_CONFDIR=$APACHE_CONFDIR" 41 | fi 42 | if [ "$APACHE_ENVVARS" != "$APACHE_CONFDIR/envvars" ] ; then 43 | ENV="$ENV APACHE_ENVVARS=$APACHE_ENVVARS" 44 | fi 45 | 46 | PIDFILE=$(. $APACHE_ENVVARS && echo $APACHE_PID_FILE) 47 | 48 | VERBOSE=no 49 | if [ -f /etc/default/rcS ]; then 50 | . /etc/default/rcS 51 | fi 52 | . /lib/lsb/init-functions 53 | 54 | 55 | # Now, set defaults: 56 | APACHE2CTL="$ENV apache2ctl" 57 | PIDFILE=$(. $APACHE_ENVVARS && echo $APACHE_PID_FILE) 58 | APACHE2_INIT_MESSAGE="" 59 | 60 | CONFTEST_OUTFILE= 61 | cleanup() { 62 | if [ -n "$CONFTEST_OUTFILE" ] ; then 63 | rm -f "$CONFTEST_OUTFILE" 64 | fi 65 | } 66 | trap cleanup 0 # "0" means "EXIT", but "EXIT" is not portable 67 | 68 | 69 | apache_conftest() { 70 | [ -z "$CONFTEST_OUTFILE" ] || rm -f "$CONFTEST_OUTFILE" 71 | CONFTEST_OUTFILE=$(mktemp) 72 | if ! $APACHE2CTL configtest > "$CONFTEST_OUTFILE" 2>&1 ; then 73 | return 1 74 | else 75 | rm -f "$CONFTEST_OUTFILE" 76 | CONFTEST_OUTFILE= 77 | return 0 78 | fi 79 | } 80 | 81 | clear_error_msg() { 82 | [ -z "$CONFTEST_OUTFILE" ] || rm -f "$CONFTEST_OUTFILE" 83 | CONFTEST_OUTFILE= 84 | APACHE2_INIT_MESSAGE= 85 | } 86 | 87 | print_error_msg() { 88 | [ -z "$APACHE2_INIT_MESSAGE" ] || log_warning_msg "$APACHE2_INIT_MESSAGE" 89 | if [ -n "$CONFTEST_OUTFILE" ] ; then 90 | echo "Output of config test was:" >&2 91 | cat "$CONFTEST_OUTFILE" >&2 92 | rm -f "$CONFTEST_OUTFILE" 93 | CONFTEST_OUTFILE= 94 | fi 95 | } 96 | 97 | apache_wait_start() { 98 | local STATUS=$1 99 | local i=0 100 | 101 | if [ $STATUS != 0 ] ; then 102 | return $STATUS 103 | fi 104 | while : ; do 105 | PIDTMP=$(pidofproc -p $PIDFILE $DAEMON) 106 | if [ -n "${PIDTMP:-}" ] && kill -0 "${PIDTMP:-}" 2> /dev/null; then 107 | return $STATUS 108 | fi 109 | 110 | if [ $i = "20" ] ; then 111 | APACHE2_INIT_MESSAGE="The apache2$DIR_SUFFIX instance did not start within 20 seconds. Please read the log files to discover problems" 112 | return 2 113 | fi 114 | 115 | [ "$VERBOSE" != no ] && log_progress_msg "." 116 | sleep 1 117 | i=$(($i+1)) 118 | done 119 | } 120 | 121 | apache_wait_stop() { 122 | local STATUS=$1 123 | 124 | if [ $STATUS != 0 ] ; then 125 | return $STATUS 126 | fi 127 | 128 | PIDTMP=$(pidofproc -p $PIDFILE $DAEMON) 129 | if [ -n "${PIDTMP:-}" ] && kill -0 "${PIDTMP:-}" 2> /dev/null; then 130 | local i=0 131 | while kill -0 "${PIDTMP:-}" 2> /dev/null; do 132 | if [ $i = '60' ]; then 133 | break 134 | STATUS=2 135 | fi 136 | [ "$VERBOSE" != no ] && log_progress_msg "." 137 | sleep 1 138 | i=$(($i+1)) 139 | done 140 | return $STATUS 141 | else 142 | return $STATUS 143 | fi 144 | } 145 | 146 | 147 | # 148 | # Function that starts the daemon/service 149 | # 150 | do_start() 151 | { 152 | # Return 153 | # 0 if daemon has been started 154 | # 1 if daemon was already running 155 | # 2 if daemon could not be started 156 | 157 | ulimit -s unlimited 158 | if pidofproc -p $PIDFILE "$DAEMON" > /dev/null 2>&1 ; then 159 | return 1 160 | fi 161 | 162 | if apache_conftest ; then 163 | $APACHE2CTL start 164 | apache_wait_start $? 165 | return $? 166 | else 167 | APACHE2_INIT_MESSAGE="The apache2$DIR_SUFFIX configtest failed." 168 | return 2 169 | fi 170 | } 171 | 172 | # 173 | # Function that stops the daemon/service 174 | # 175 | do_stop() 176 | { 177 | # Return 178 | # 0 if daemon has been stopped 179 | # 1 if daemon was already stopped 180 | # 2 if daemon could not be stopped 181 | # other if a failure occurred 182 | 183 | # either "stop" or "graceful-stop" 184 | local STOP=$1 185 | # can't use pidofproc from LSB here 186 | local AP_RET=0 187 | 188 | if pidof $DAEMON > /dev/null 2>&1 ; then 189 | if [ -e $PIDFILE ] && pidof $DAEMON | tr ' ' '\n' | grep -w $(cat $PIDFILE) > /dev/null 2>&1 ; then 190 | AP_RET=2 191 | else 192 | AP_RET=1 193 | fi 194 | else 195 | AP_RET=0 196 | fi 197 | 198 | # AP_RET is: 199 | # 0 if Apache (whichever) is not running 200 | # 1 if Apache (whichever) is running 201 | # 2 if Apache from the PIDFILE is running 202 | 203 | if [ $AP_RET = 0 ] ; then 204 | return 1 205 | fi 206 | 207 | if [ $AP_RET = 2 ] && apache_conftest ; then 208 | $APACHE2CTL $STOP > /dev/null 2>&1 209 | apache_wait_stop $? 210 | return $? 211 | else 212 | if [ $AP_RET = 2 ]; then 213 | clear_error_msg 214 | APACHE2_INIT_MESSAGE="The apache2$DIR_SUFFIX configtest failed, so we are trying to kill it manually. This is almost certainly suboptimal, so please make sure your system is working as you'd expect now!" 215 | killproc -p $PIDFILE $DAEMON 216 | apache_wait_stop $? 217 | return $? 218 | elif [ $AP_RET = 1 ] ; then 219 | APACHE2_INIT_MESSAGE="There are processes named 'apache2' running which do not match your pid file which are left untouched in the name of safety, Please review the situation by hand". 220 | return 2 221 | fi 222 | fi 223 | 224 | } 225 | 226 | 227 | # 228 | # Function that sends a SIGHUP to the daemon/service 229 | # 230 | do_reload() { 231 | if apache_conftest; then 232 | if ! pidofproc -p $PIDFILE "$DAEMON" > /dev/null 2>&1 ; then 233 | APACHE2_INIT_MESSAGE="Apache2 is not running" 234 | return 2 235 | fi 236 | $APACHE2CTL graceful > /dev/null 2>&1 237 | return $? 238 | else 239 | APACHE2_INIT_MESSAGE="The apache2$DIR_SUFFIX configtest failed. Not doing anything." 240 | return 2 241 | fi 242 | } 243 | 244 | 245 | # Sanity checks. They need to occur after function declarations 246 | [ -x $DAEMON ] || exit 0 247 | 248 | if [ ! -x $DAEMON ] ; then 249 | echo "No apache-bin package installed" 250 | exit 0 251 | fi 252 | 253 | if [ -z "$PIDFILE" ] ; then 254 | echo ERROR: APACHE_PID_FILE needs to be defined in $APACHE_ENVVARS >&2 255 | exit 2 256 | fi 257 | 258 | 259 | case "$1" in 260 | start) 261 | log_daemon_msg "Starting $DESC" "$NAME" 262 | do_start 263 | RET_STATUS=$? 264 | case "$RET_STATUS" in 265 | 0|1) 266 | log_success_msg 267 | [ "$VERBOSE" != no ] && [ $RET_STATUS = 1 ] && log_warning_msg "Server was already running" 268 | ;; 269 | 2) 270 | log_failure_msg 271 | print_error_msg 272 | exit 1 273 | ;; 274 | esac 275 | ;; 276 | stop|graceful-stop) 277 | log_daemon_msg "Stopping $DESC" "$NAME" 278 | do_stop "$1" 279 | RET_STATUS=$? 280 | case "$RET_STATUS" in 281 | 0|1) 282 | log_success_msg 283 | [ "$VERBOSE" != no ] && [ $RET_STATUS = 1 ] && log_warning_msg "Server was not running" 284 | ;; 285 | 2) 286 | log_failure_msg 287 | print_error_msg 288 | exit 1 289 | ;; 290 | esac 291 | print_error_msg 292 | 293 | ;; 294 | status) 295 | status_of_proc -p $PIDFILE "apache2" "$NAME" 296 | exit $? 297 | ;; 298 | reload|force-reload|graceful) 299 | log_daemon_msg "Reloading $DESC" "$NAME" 300 | do_reload 301 | RET_STATUS=$? 302 | case "$RET_STATUS" in 303 | 0|1) 304 | log_success_msg 305 | [ "$VERBOSE" != no ] && [ $RET_STATUS = 1 ] && log_warning_msg "Server was already running" 306 | ;; 307 | 2) 308 | log_failure_msg 309 | print_error_msg 310 | exit 1 311 | ;; 312 | esac 313 | print_error_msg 314 | ;; 315 | restart) 316 | log_daemon_msg "Restarting $DESC" "$NAME" 317 | do_stop stop 318 | case "$?" in 319 | 0|1) 320 | do_start 321 | case "$?" in 322 | 0) 323 | log_end_msg 0 324 | ;; 325 | 1|*) 326 | log_end_msg 1 # Old process is still or failed to running 327 | print_error_msg 328 | exit 1 329 | ;; 330 | esac 331 | ;; 332 | *) 333 | # Failed to stop 334 | log_end_msg 1 335 | print_error_msg 336 | exit 1 337 | ;; 338 | esac 339 | ;; 340 | start-htcacheclean|stop-htcacheclean) 341 | echo "Use 'service apache-htcacheclean' instead" 342 | ;; 343 | *) 344 | echo "Usage: $SCRIPTNAME {start|stop|graceful-stop|restart|reload|force-reload}" >&2 345 | exit 3 346 | ;; 347 | esac 348 | 349 | exit 0 350 | 351 | # vim: syntax=sh ts=4 sw=4 sts=4 sr noet 352 | -------------------------------------------------------------------------------- /prod/apache2-nginx-php7.0/conf/nginx.conf: -------------------------------------------------------------------------------- 1 | user www-data; 2 | worker_processes auto; 3 | pid /run/nginx.pid; 4 | 5 | events { 6 | worker_connections 768; 7 | # multi_accept on; 8 | } 9 | 10 | http { 11 | 12 | ## 13 | # Basic Settings 14 | ## 15 | 16 | sendfile on; 17 | tcp_nopush on; 18 | tcp_nodelay on; 19 | keepalive_timeout 65; 20 | types_hash_max_size 2048; 21 | 22 | include /etc/nginx/mime.types; 23 | default_type application/octet-stream; 24 | 25 | client_max_body_size 10m; 26 | client_body_buffer_size 4m; 27 | proxy_buffering on; 28 | proxy_connect_timeout 300; 29 | proxy_send_timeout 300; 30 | proxy_read_timeout 300; 31 | proxy_buffer_size 64k; 32 | proxy_buffers 8 64k; 33 | proxy_busy_buffers_size 64k; 34 | proxy_temp_file_write_size 10m; 35 | 36 | proxy_set_header Host $http_host; 37 | 38 | ## 39 | # SSL Settings 40 | ## 41 | 42 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE 43 | ssl_prefer_server_ciphers on; 44 | 45 | ## 46 | # Logging Settings 47 | ## 48 | 49 | access_log /var/log/nginx/access.log; 50 | error_log /var/log/nginx/error.log; 51 | 52 | log_format combined_with_x_real_ip '$http_x_real_ip [$time_local] ' 53 | '"$request" $status $body_bytes_sent "$http_referer" ' 54 | '"$http_user_agent"' ; 55 | 56 | ## 57 | # Virtual Host Configs 58 | ## 59 | 60 | include /etc/nginx/conf.d/*.conf; 61 | include /etc/nginx/sites-enabled/*; 62 | } 63 | -------------------------------------------------------------------------------- /prod/apache2-nginx-php7.0/conf/ports.conf: -------------------------------------------------------------------------------- 1 | # If you just change the port or add more ports here, you will likely also 2 | # have to change the VirtualHost statement in 3 | # /etc/apache2/sites-enabled/000-default.conf 4 | 5 | Listen 8080 6 | 7 | 8 | Listen 443 9 | 10 | 11 | 12 | Listen 443 13 | 14 | 15 | # vim: syntax=apache ts=4 sw=4 sts=4 sr noet 16 | 17 | 18 | 19 | -------------------------------------------------------------------------------- /prod/apache2-nginx-php7.0/conf/postfix.cf: -------------------------------------------------------------------------------- 1 | # See /usr/share/postfix/main.cf.dist for a commented, more complete version 2 | 3 | 4 | # Debian specific: Specifying a file name will cause the first 5 | # line of that file to be used as the name. The Debian default 6 | # is /etc/mailname. 7 | #myorigin = /etc/mailname 8 | 9 | smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) 10 | biff = no 11 | 12 | # appending .domain is the MUA's job. 13 | append_dot_mydomain = no 14 | 15 | # Uncomment the next line to generate "delayed mail" warnings 16 | #delay_warning_time = 4h 17 | 18 | readme_directory = no 19 | 20 | # TLS parameters 21 | smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem 22 | smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key 23 | smtpd_use_tls=yes 24 | smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache 25 | smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache 26 | 27 | # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for 28 | # information on enabling SSL in the smtp client. 29 | 30 | smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination 31 | myhostname = sinc.ru 32 | alias_maps = hash:/etc/aliases 33 | alias_database = hash:/etc/aliases 34 | mydestination = $myhostname, localhost.localdomain, , localhost 35 | relayhost = 36 | mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 37 | mailbox_size_limit = 0 38 | recipient_delimiter = + 39 | inet_interfaces = loopback-only 40 | inet_protocols = all 41 | -------------------------------------------------------------------------------- /prod/apache2-nginx-php7.0/conf/remoteip.conf: -------------------------------------------------------------------------------- 1 | RemoteIPHeader X-Forwarded-For 2 | RemoteIPTrustedProxy 127.0.0.1 -------------------------------------------------------------------------------- /prod/apache2-nginx-php7.0/cron/.gitignore: -------------------------------------------------------------------------------- 1 | cron.log 2 | -------------------------------------------------------------------------------- /prod/apache2-nginx-php7.0/cron/check_apache.php: -------------------------------------------------------------------------------- 1 | &$file) { 10 | $modifiedTime = filemtime($dir."/".$file); 11 | $file = [ 12 | 'name' => $file, 13 | 'path' => $dir."/".$file, 14 | 'modified' => $modifiedTime 15 | ]; 16 | if (time() - $modifiedTime <= 60) 17 | exit(1); 18 | } 19 | 20 | /* Check apache2 conf */ 21 | if (time() - filemtime('/etc/apache2/apache2.conf') <= 60) 22 | exit(1); 23 | 24 | /* Check ports.conf */ 25 | if (time() - filemtime('/etc/apache2/ports.conf') <= 60) 26 | exit(1); 27 | 28 | /* Check remote ip */ 29 | if (time() - filemtime('/etc/apache2/conf-available/remoteip.conf') <= 60) 30 | exit(1); 31 | 32 | /* Check php.ini */ 33 | if (time() - filemtime('/etc/php/7.0/apache2/php.ini') <= 60) 34 | exit(1); 35 | 36 | exit(0); 37 | ?> -------------------------------------------------------------------------------- /prod/apache2-nginx-php7.0/cron/check_nginx.php: -------------------------------------------------------------------------------- 1 | &$file) { 10 | $modifiedTime = filemtime($dir."/".$file); 11 | $file = [ 12 | 'name' => $file, 13 | 'path' => $dir."/".$file, 14 | 'modified' => $modifiedTime 15 | ]; 16 | if (time() - $modifiedTime <= 60) 17 | exit(1); 18 | } 19 | 20 | /* Check apache2 conf */ 21 | if (time() - filemtime('/etc/nginx/nginx.conf') <= 60) 22 | exit(1); 23 | 24 | exit(0); 25 | ?> -------------------------------------------------------------------------------- /prod/apache2-nginx-php7.0/cron/cron.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ps auxw | grep nginx | grep -v grep > /dev/null 4 | if [ $? != 0 ]; then 5 | /etc/init.d/nginx start > /dev/null 6 | echo "$(date) - nginx started" 7 | else 8 | data=$(/usr/bin/php -q /tmp/check_nginx.php); 9 | if [ $? != 0 ] 10 | then 11 | /etc/init.d/nginx reload > /dev/null 12 | echo "$(date) - nginx reloaded" 13 | fi 14 | fi 15 | 16 | ps auxw | grep apache2 | grep -v grep > /dev/null 17 | if [ $? != 0 ]; then 18 | /etc/init.d/apache2 start > /dev/null 19 | echo "$(date) - apache2 started" 20 | else 21 | data=$(/usr/bin/php -q /tmp/check_apache.php); 22 | if [ $? != 0 ] 23 | then 24 | /etc/init.d/apache2 reload > /dev/null 25 | echo "$(date) - apache2 reloaded" 26 | fi 27 | fi 28 | -------------------------------------------------------------------------------- /prod/apache2-nginx-php7.0/cron/developer-crontab: -------------------------------------------------------------------------------- 1 | * * * * * /tmp/cron.sh >> /tmp/cron.log 2>&1 2 | -------------------------------------------------------------------------------- /prod/apache2-nginx-php7.0/docker/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM serkyron/apache2-nginx-php7.0 2 | WORKDIR /var/www/ 3 | COPY entrypoint /usr/bin 4 | ENTRYPOINT ["entrypoint"] 5 | -------------------------------------------------------------------------------- /prod/apache2-nginx-php7.0/docker/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | services: 3 | 4 | prod_php7_web: 5 | # replace username/repo:tag with your name and image details 6 | image: prod_apache2-nginx-php7.0 7 | volumes: 8 | - ./prod/www/:/var/www/ 9 | - ./prod/hosts/sites-enabled-apache/:/etc/apache2/sites-enabled/ 10 | - ./prod/hosts/sites-enabled-nginx/:/etc/nginx/sites-enabled/ 11 | - ./prod/apache2-nginx-php7.0/conf/apache2.conf:/etc/apache2/apache2.conf 12 | - ./prod/apache2-nginx-php7.0/conf/ports.conf:/etc/apache2/ports.conf 13 | - ./prod/apache2-nginx-php7.0/conf/remoteip.conf:/etc/apache2/conf-available/remoteip.conf 14 | - ./prod/apache2-nginx-php7.0/conf/php.ini:/etc/php/7.0/apache2/php.ini 15 | - ./prod/apache2-nginx-php7.0/conf/nginx.conf:/etc/nginx/nginx.conf 16 | - ./prod/apache2-nginx-php7.0/cron/developer-crontab/:/etc/cron.d/developer-crontab 17 | - ./prod/apache2-nginx-php7.0/cron/cron.sh:/tmp/cron.sh 18 | - ./prod/apache2-nginx-php7.0/cron/cron.log:/tmp/cron.log 19 | - ./prod/apache2-nginx-php7.0/conf/postfix.cf:/etc/postfix/main.cf 20 | - ./prod/apache2-nginx-php7.0/cron/check_apache.php:/tmp/check_apache.php 21 | - ./prod/apache2-nginx-php7.0/cron/check_nginx.php:/tmp/check_nginx.php 22 | - ./prod/apache2_envvars:/etc/apache2/envvars 23 | - ./prod/apache2-nginx-php7.0/conf/init.d_apache2:/etc/init.d/apache2 24 | - ./bin/:/usr/local/bin 25 | networks: 26 | - prod_webnet 27 | 28 | networks: 29 | prod_webnet: 30 | -------------------------------------------------------------------------------- /prod/apache2-nginx-php7.0/docker/entrypoint: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | chown -R developer:developer /var/www 3 | chown -R root:root /etc/cron.d 4 | a2enmod headers 5 | a2enmod rewrite 6 | a2enmod remoteip 7 | a2enconf remoteip 8 | service apache2 start 9 | service nginx start 10 | service postfix start 11 | cron 12 | crontab /etc/cron.d/developer-crontab 13 | mv /etc/localtime /etc/localtime-old 14 | ln -s /usr/share/zoneinfo/Europe/Moscow /etc/localtime 15 | tail -F -n0 /etc/hosts 16 | -------------------------------------------------------------------------------- /prod/apache2_envvars: -------------------------------------------------------------------------------- 1 | # envvars - default environment variables for apache2ctl 2 | 3 | # this won't be correct after changing uid 4 | unset HOME 5 | 6 | # for supporting multiple apache2 instances 7 | if [ "${APACHE_CONFDIR##/etc/apache2-}" != "${APACHE_CONFDIR}" ] ; then 8 | SUFFIX="-${APACHE_CONFDIR##/etc/apache2-}" 9 | else 10 | SUFFIX= 11 | fi 12 | 13 | # Since there is no sane way to get the parsed apache2 config in scripts, some 14 | # settings are defined via environment variables and then used in apache2ctl, 15 | # /etc/init.d/apache2, /etc/logrotate.d/apache2, etc. 16 | export APACHE_RUN_USER=developer 17 | export APACHE_RUN_GROUP=developer 18 | # temporary state file location. This might be changed to /run in Wheezy+1 19 | export APACHE_PID_FILE=/var/run/apache2/apache2$SUFFIX.pid 20 | export APACHE_RUN_DIR=/var/run/apache2$SUFFIX 21 | export APACHE_LOCK_DIR=/var/lock/apache2$SUFFIX 22 | # Only /var/log/apache2 is handled by /etc/logrotate.d/apache2. 23 | export APACHE_LOG_DIR=/var/log/apache2$SUFFIX 24 | 25 | ## The locale used by some modules like mod_dav 26 | export LANG=C 27 | ## Uncomment the following line to use the system default locale instead: 28 | #. /etc/default/locale 29 | 30 | export LANG 31 | 32 | ## The command to get the status for 'apache2ctl status'. 33 | ## Some packages providing 'www-browser' need '--dump' instead of '-dump'. 34 | #export APACHE_LYNX='www-browser -dump' 35 | 36 | ## If you need a higher file descriptor limit, uncomment and adjust the 37 | ## following line (default is 8192): 38 | #APACHE_ULIMIT_MAX_FILES='ulimit -n 65536' 39 | 40 | ## If you would like to pass arguments to the web server, add them below 41 | ## to the APACHE_ARGUMENTS environment. 42 | #export APACHE_ARGUMENTS='' 43 | 44 | ## Enable the debug mode for maintainer scripts. 45 | ## This will produce a verbose output on package installations of web server modules and web application 46 | ## installations which interact with Apache 47 | #export APACHE2_MAINTSCRIPT_DEBUG=1 48 | -------------------------------------------------------------------------------- /prod/database/.gitignore: -------------------------------------------------------------------------------- 1 | data 2 | -------------------------------------------------------------------------------- /prod/database/conf/debian.cnf: -------------------------------------------------------------------------------- 1 | # Automatically generated for Debian scripts. DO NOT TOUCH! 2 | [client] 3 | host = localhost 4 | user = debian-sys-maint 5 | password = siKsMS9eXqxguhPC 6 | socket = /var/run/mysqld/mysqld.sock 7 | [mysql_upgrade] 8 | host = localhost 9 | user = debian-sys-maint 10 | password = siKsMS9eXqxguhPC 11 | socket = /var/run/mysqld/mysqld.sock 12 | basedir = /usr 13 | -------------------------------------------------------------------------------- /prod/database/conf/my.cnf: -------------------------------------------------------------------------------- 1 | # MariaDB database server configuration file. 2 | # 3 | 4 | # You can copy this file to one of: 5 | # - "/etc/mysql/my.cnf" to set global options, 6 | # - "~/.my.cnf" to set user-specific options. 7 | # 8 | # One can use all long options that the program supports. 9 | # Run program with --help to get a list of available options and with 10 | # --print-defaults to see which it would actually understand and use. 11 | # 12 | # For explanations see 13 | # http://dev.mysql.com/doc/mysql/en/server-system-variables.html 14 | 15 | # This will be passed to all mysql clients 16 | # It has been reported that passwords should be enclosed with ticks/quotes 17 | # escpecially if they contain "#" chars... 18 | # Remember to edit /etc/mysql/debian.cnf when changing the socket location. 19 | [client] 20 | port = 3306 21 | socket = /var/run/mysqld/mysqld.sock 22 | 23 | # Here is entries for some specific programs 24 | # The following values assume you have at least 32M ram 25 | 26 | # This was formally known as [safe_mysqld]. Both versions are currently parsed. 27 | [mysqld_safe] 28 | socket = /var/run/mysqld/mysqld.sock 29 | nice = 0 30 | 31 | [mysqld] 32 | # 33 | # * Basic Settings 34 | # 35 | #user = mysql 36 | pid-file = /var/run/mysqld/mysqld.pid 37 | socket = /var/run/mysqld/mysqld.sock 38 | port = 3306 39 | basedir = /usr 40 | datadir = /var/lib/mysql 41 | tmpdir = /tmp 42 | lc_messages_dir = /usr/share/mysql 43 | lc_messages = en_US 44 | skip-external-locking 45 | # 46 | # Instead of skip-networking the default is now to listen only on 47 | # localhost which is more compatible and is not less secure. 48 | #bind-address = 127.0.0.1 49 | # 50 | # * Fine Tuning 51 | # 52 | max_connections = 100 53 | connect_timeout = 5 54 | wait_timeout = 600 55 | max_allowed_packet = 16M 56 | thread_cache_size = 128 57 | sort_buffer_size = 4M 58 | bulk_insert_buffer_size = 16M 59 | tmp_table_size = 32M 60 | max_heap_table_size = 32M 61 | # 62 | # * MyISAM 63 | # 64 | # This replaces the startup script and checks MyISAM tables if needed 65 | # the first time they are touched. On error, make copy and try a repair. 66 | myisam_recover_options = BACKUP 67 | key_buffer_size = 128M 68 | #open-files-limit = 2000 69 | table_open_cache = 400 70 | myisam_sort_buffer_size = 512M 71 | concurrent_insert = 2 72 | read_buffer_size = 2M 73 | read_rnd_buffer_size = 1M 74 | # 75 | # * Query Cache Configuration 76 | # 77 | # Cache only tiny result sets, so we can fit more in the query cache. 78 | query_cache_limit = 128K 79 | query_cache_size = 64M 80 | # for more write intensive setups, set to DEMAND or OFF 81 | #query_cache_type = DEMAND 82 | # 83 | # * Logging and Replication 84 | # 85 | # Both location gets rotated by the cronjob. 86 | # Be aware that this log type is a performance killer. 87 | # As of 5.1 you can enable the log at runtime! 88 | general_log_file = /var/log/mysql/mysql.log 89 | #general_log = 1 90 | # 91 | # Error logging goes to syslog due to /etc/mysql/conf.d/mysqld_safe_syslog.cnf. 92 | # 93 | # we do want to know about network errors and such 94 | #log_warnings = 2 95 | # 96 | # Enable the slow query log to see queries with especially long duration 97 | #slow_query_log[={0|1}] 98 | slow_query_log_file = /var/log/mysql/mariadb-slow.log 99 | long_query_time = 10 100 | #log_slow_rate_limit = 1000 101 | #log_slow_verbosity = query_plan 102 | 103 | #log-queries-not-using-indexes 104 | #log_slow_admin_statements 105 | # 106 | # The following can be used as easy to replay backup logs or for replication. 107 | # note: if you are setting up a replication slave, see README.Debian about 108 | # other settings you may need to change. 109 | #server-id = 1 110 | #report_host = master1 111 | #auto_increment_increment = 2 112 | #auto_increment_offset = 1 113 | #log_bin = /var/log/mysql/mariadb-bin 114 | #log_bin_index = /var/log/mysql/mariadb-bin.index 115 | # not fab for performance, but safer 116 | #sync_binlog = 1 117 | expire_logs_days = 10 118 | max_binlog_size = 100M 119 | # slaves 120 | #relay_log = /var/log/mysql/relay-bin 121 | #relay_log_index = /var/log/mysql/relay-bin.index 122 | #relay_log_info_file = /var/log/mysql/relay-bin.info 123 | #log_slave_updates 124 | #read_only 125 | # 126 | # If applications support it, this stricter sql_mode prevents some 127 | # mistakes like inserting invalid dates etc. 128 | #sql_mode = NO_ENGINE_SUBSTITUTION,TRADITIONAL 129 | # 130 | # * InnoDB 131 | # 132 | # InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/. 133 | # Read the manual for more InnoDB related options. There are many! 134 | default_storage_engine = InnoDB 135 | # you can't just change log file size, requires special procedure 136 | #innodb_log_file_size = 50M 137 | innodb_buffer_pool_size = 256M 138 | innodb_log_buffer_size = 8M 139 | innodb_file_per_table = 1 140 | innodb_open_files = 400 141 | innodb_io_capacity = 400 142 | innodb_flush_method = O_DIRECT 143 | # 144 | # * Security Features 145 | # 146 | # Read the manual, too, if you want chroot! 147 | # chroot = /var/lib/mysql/ 148 | # 149 | # For generating SSL certificates I recommend the OpenSSL GUI "tinyca". 150 | # 151 | # ssl-ca=/etc/mysql/cacert.pem 152 | # ssl-cert=/etc/mysql/server-cert.pem 153 | # ssl-key=/etc/mysql/server-key.pem 154 | 155 | # 156 | # * Galera-related settings 157 | # 158 | [galera] 159 | # Mandatory settings 160 | #wsrep_on=ON 161 | #wsrep_provider= 162 | #wsrep_cluster_address= 163 | #binlog_format=row 164 | #default_storage_engine=InnoDB 165 | #innodb_autoinc_lock_mode=2 166 | # 167 | # Allow server to accept connections on all interfaces. 168 | # 169 | #bind-address=0.0.0.0 170 | # 171 | # Optional setting 172 | #wsrep_slave_threads=1 173 | #innodb_flush_log_at_trx_commit=0 174 | 175 | [mysqldump] 176 | quick 177 | quote-names 178 | max_allowed_packet = 16M 179 | 180 | [mysql] 181 | #no-auto-rehash # faster start of mysql but no tab completion 182 | 183 | [isamchk] 184 | key_buffer = 16M 185 | 186 | # 187 | # * IMPORTANT: Additional settings that can override those from this file! 188 | # The files must end with '.cnf', otherwise they'll be ignored. 189 | # 190 | !includedir /etc/mysql/conf.d/ 191 | 192 | [mysqld_safe] 193 | log_error=/var/log/mysql/mysql_error.log 194 | 195 | [mysqld] 196 | log_error=/var/log/mysql/mysql_error.log -------------------------------------------------------------------------------- /prod/database/cron/.gitignore: -------------------------------------------------------------------------------- 1 | cron.log 2 | -------------------------------------------------------------------------------- /prod/database/cron/check_mysql.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /prod/database/cron/cron.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ps auxw | grep mysql | grep -v grep > /dev/null 4 | if [ $? != 0 ]; then 5 | /etc/init.d/mysql start > /dev/null 6 | echo "$(date) - mysql started" 7 | else 8 | data=$(/usr/bin/php -q /tmp/check_mysql.php); 9 | if [ $? != 0 ] 10 | then 11 | /etc/init.d/mysql reload > /dev/null 12 | echo "$(date) - mysql reloaded" 13 | fi 14 | fi -------------------------------------------------------------------------------- /prod/database/cron/developer-crontab: -------------------------------------------------------------------------------- 1 | * * * * * /tmp/cron.sh >> /tmp/cron.log 2>&1 2 | -------------------------------------------------------------------------------- /prod/database/docker/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM serkyron/maria_db 2 | COPY entrypoint /usr/bin 3 | ENTRYPOINT ["entrypoint"] -------------------------------------------------------------------------------- /prod/database/docker/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | services: 3 | 4 | prod_maria_db: 5 | image: prod_maria_db 6 | command: [mysqld, --character-set-server=utf8mb4, --collation-server=utf8mb4_unicode_ci] 7 | volumes: 8 | - ./prod/database/data:/var/lib/mysql 9 | - ./prod/database/conf/my.cnf:/etc/mysql/my.cnf 10 | - ./prod/database/conf/debian.cnf:/etc/mysql/debian.cnf 11 | - ./prod/database/cron/developer-crontab/:/etc/cron.d/developer-crontab 12 | - ./prod/database/cron/cron.sh:/tmp/cron.sh 13 | - ./prod/database/cron/cron.log:/tmp/cron.log 14 | environment: 15 | MYSQL_ROOT_PASSWORD: bsb%gW4P4BvlQR#% 16 | networks: 17 | - prod_webnet 18 | 19 | networks: 20 | prod_webnet: 21 | -------------------------------------------------------------------------------- /prod/database/docker/entrypoint: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | chown -R root:root /etc/cron.d 3 | cron 4 | crontab /etc/cron.d/developer-crontab 5 | mysql_install_db --user=mysql --basedir=/usr/ --ldata=/var/lib/mysql/ 6 | service mysql start 7 | query="GRANT ALL PRIVILEGES ON *.* TO 'debian-sys-maint'@'localhost' IDENTIFIED BY 'siKsMS9eXqxguhPC';" 8 | query2="GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '$MYSQL_ROOT_PASSWORD';" 9 | query3="UPDATE mysql.user SET Grant_priv='Y', Super_priv='Y' WHERE User='root';" 10 | query4="delete from mysql.user where user='root' and host!='%';" 11 | query5="SET GLOBAL time_zone ='+03:00';" 12 | mysql -u root -e "$query2" -e "$query" -e "$query4" -e "$query3" -e "$query5" 13 | tail -F -n0 /etc/hosts 14 | -------------------------------------------------------------------------------- /prod/hosts/sites-enabled-apache/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /prod/hosts/sites-enabled-nginx/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /prod/www/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /proxy/certs/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /proxy/conf/nginx.conf: -------------------------------------------------------------------------------- 1 | user www-data; 2 | worker_processes 2; 3 | 4 | error_log /var/log/nginx/error.log; 5 | pid /var/run/nginx.pid; 6 | 7 | events { 8 | worker_connections 1024; 9 | } 10 | 11 | http { 12 | include /etc/nginx/mime.types; 13 | 14 | proxy_set_header Host $host; 15 | 16 | default_type application/octet-stream; 17 | access_log /var/log/nginx/access.log; 18 | server_names_hash_bucket_size 64; 19 | sendfile on; 20 | tcp_nopush on; 21 | keepalive_timeout 65; 22 | tcp_nodelay on; 23 | gzip on; 24 | gzip_comp_level 6; 25 | gzip_http_version 1.0; 26 | gzip_min_length 0; 27 | gzip_types text/plain text/css image/x-icon application/javascript; 28 | gzip_vary on; 29 | include /etc/nginx/conf.d/*.conf; 30 | include /etc/nginx/sites-enabled/*; 31 | 32 | expires 30d; 33 | add_header Pragma public; 34 | add_header Cache-Control "max-age=2629000, public, must-revalidate, proxy-revalidate"; 35 | } -------------------------------------------------------------------------------- /proxy/cron/.gitignore: -------------------------------------------------------------------------------- 1 | cron.log 2 | -------------------------------------------------------------------------------- /proxy/cron/check_nginx.php: -------------------------------------------------------------------------------- 1 | &$file) { 10 | $modifiedTime = filemtime($dir."/".$file); 11 | $file = [ 12 | 'name' => $file, 13 | 'path' => $dir."/".$file, 14 | 'modified' => $modifiedTime 15 | ]; 16 | 17 | if (time() - $modifiedTime <= 60) 18 | exit(1); 19 | } 20 | 21 | /* Check apache2 conf */ 22 | if (time() - filemtime('/etc/nginx/nginx.conf') <= 60) 23 | exit(1); 24 | 25 | exit(0); 26 | ?> -------------------------------------------------------------------------------- /proxy/cron/cron.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ps auxw | grep nginx | grep -v grep > /dev/null 4 | if [ $? != 0 ]; then 5 | /etc/init.d/nginx start > /dev/null 6 | echo "$(date) - nginx started" 7 | else 8 | data=$(/usr/bin/php -q /tmp/check_nginx.php); 9 | if [ $? != 0 ] 10 | then 11 | /etc/init.d/nginx reload > /dev/null 12 | echo "$(date) - nginx reloaded" 13 | fi 14 | fi -------------------------------------------------------------------------------- /proxy/cron/developer-crontab: -------------------------------------------------------------------------------- 1 | * * * * * /tmp/cron.sh >> /tmp/cron.log 2>&1 2 | -------------------------------------------------------------------------------- /proxy/docker/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM serkyron/nginx-reverse-proxy 2 | WORKDIR / 3 | COPY entrypoint /usr/bin 4 | ENTRYPOINT ["entrypoint"] 5 | -------------------------------------------------------------------------------- /proxy/docker/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | services: 3 | 4 | nginx_proxy: 5 | image: nginx-reverse-proxy 6 | ports: 7 | - "80:80" 8 | - "443:443" 9 | volumes: 10 | - ./proxy/sites-enabled/:/etc/nginx/sites-enabled 11 | - ./proxy/conf/nginx.conf:/etc/nginx/nginx.conf 12 | - ./proxy/cron/developer-crontab:/etc/cron.d/developer-crontab 13 | - ./proxy/cron/cron.sh:/tmp/cron.sh 14 | - ./proxy/cron/cron.log:/tmp/cron.log 15 | - ./proxy/cron/check_nginx.php:/tmp/check_nginx.php 16 | - ./proxy/certs:/etc/nginx/certs 17 | networks: 18 | - demo_webnet 19 | - prod_webnet 20 | 21 | networks: 22 | demo_webnet: 23 | prod_webnet: 24 | -------------------------------------------------------------------------------- /proxy/docker/entrypoint: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | chown -R root:root /etc/cron.d 3 | service nginx start 4 | cron 5 | crontab /etc/cron.d/developer-crontab 6 | mv /etc/localtime /etc/localtime-old 7 | ln -s /usr/share/zoneinfo/Europe/Moscow /etc/localtime 8 | tail -F -n0 /etc/hosts 9 | -------------------------------------------------------------------------------- /proxy/sites-enabled/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | touch demo/apache2-nginx-php5.6/cron/cron.log \ 4 | demo/apache2-nginx-php7.0/cron/cron.log \ 5 | proxy/cron/cron.log \ 6 | demo/database/cron/cron.log 7 | 8 | touch prod/apache2-nginx-php5.6/cron/cron.log \ 9 | prod/apache2-nginx-php7.0/cron/cron.log \ 10 | proxy/cron/cron.log \ 11 | prod/database/cron/cron.log 12 | 13 | chmod 666 demo/apache2-nginx-php5.6/cron/cron.log \ 14 | demo/apache2-nginx-php7.0/cron/cron.log \ 15 | proxy/cron/cron.log \ 16 | demo/database/cron/cron.log 17 | 18 | chmod 666 prod/apache2-nginx-php5.6/cron/cron.log \ 19 | prod/apache2-nginx-php7.0/cron/cron.log \ 20 | proxy/cron/cron.log \ 21 | prod/database/cron/cron.log 22 | 23 | docker-compose \ 24 | -f empty-docker-compose.yml \ 25 | \ 26 | -f demo/apache2-nginx-php5.6/docker/docker-compose.yml \ 27 | -f demo/apache2-nginx-php7.0/docker/docker-compose.yml \ 28 | -f demo/database/docker/docker-compose.yml \ 29 | \ 30 | -f prod/apache2-nginx-php5.6/docker/docker-compose.yml \ 31 | -f prod/apache2-nginx-php7.0/docker/docker-compose.yml \ 32 | -f prod/database/docker/docker-compose.yml \ 33 | \ 34 | -f proxy/docker/docker-compose.yml \ 35 | -f db_interface/docker/docker-compose.yml \ 36 | up -d 37 | -------------------------------------------------------------------------------- /stop.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | docker-compose \ 4 | -f empty-docker-compose.yml \ 5 | -f proxy/docker/docker-compose.yml \ 6 | -f db_interface/docker/docker-compose.yml \ 7 | \ 8 | -f demo/apache2-nginx-php5.6/docker/docker-compose.yml \ 9 | -f demo/apache2-nginx-php7.0/docker/docker-compose.yml \ 10 | -f demo/database/docker/docker-compose.yml \ 11 | \ 12 | -f prod/apache2-nginx-php5.6/docker/docker-compose.yml \ 13 | -f prod/apache2-nginx-php7.0/docker/docker-compose.yml \ 14 | -f prod/database/docker/docker-compose.yml \ 15 | down 16 | --------------------------------------------------------------------------------