├── .env ├── .gitignore ├── LICENSE ├── Makefile ├── README.md ├── bin └── env ├── build └── docker │ ├── database │ ├── Dockerfile │ ├── memory.conf │ └── php.conf │ ├── php │ ├── Dockerfile │ ├── emergency_restart.conf │ ├── php.ini │ └── rr.yaml │ └── server │ ├── Dockerfile │ ├── acme.conf │ ├── challenges.conf │ ├── fpm.conf │ ├── proxy.conf │ ├── server.conf │ └── ssl.conf ├── composer.json ├── docker-compose.override.yaml └── docker-compose.yaml /.env: -------------------------------------------------------------------------------- 1 | DOMAIN=localhost 2 | WEB_PORT=8080 3 | SSL_PORT=8443 4 | RUNTIME=fpm 5 | DB_NAME=main 6 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | /.idea/ 2 | /build/.secrets/ 3 | /build/ssl/ 4 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) Fabien Potencier 2 | 3 | Permission is hereby granted, free of charge, to any person obtaining a copy 4 | of this software and associated documentation files (the "Software"), to deal 5 | in the Software without restriction, including without limitation the rights 6 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 7 | copies of the Software, and to permit persons to whom the Software is furnished 8 | to do so, subject to the following conditions: 9 | 10 | The above copyright notice and this permission notice shall be included in all 11 | copies or substantial portions of the Software. 12 | 13 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 14 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 15 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 16 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 17 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 18 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 19 | THE SOFTWARE. 20 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | SHELL := bash 2 | .SHELLFLAGS := -eu -o pipefail -c 3 | .ONESHELL: 4 | .DELETE_ON_ERROR: 5 | MAKEFLAGS += --warn-undefined-variables 6 | MAKEFLAGS += --no-builtin-rules 7 | ifeq ($(origin .RECIPEPREFIX), undefined) 8 | $(error This Make does not support .RECIPEPREFIX; Please use GNU Make 4.0 or later) 9 | endif 10 | .RECIPEPREFIX = > 11 | 12 | THIS_MAKEFILE_PATH:=$(word $(words $(MAKEFILE_LIST)),$(MAKEFILE_LIST)) 13 | THIS_DIR:=$(shell cd $(dir $(THIS_MAKEFILE_PATH));pwd) 14 | THIS_MAKEFILE:=$(notdir $(THIS_MAKEFILE_PATH)) 15 | 16 | usage: 17 | > @grep -E '(^[a-zA-Z_-]+:\s*?##.*$$)|(^##)' $(MAKEFILE_LIST) | awk 'BEGIN {FS = ":.?## "}; {printf "\033[32m %-30s\033[0m%s\n", $$1, $$2}' | sed -e 's/\[32m ## /[33m/' 18 | .PHONY: usage 19 | .SILENT: usage 20 | 21 | mock-ssl: ## Mocks an SSL Certificate for Development 22 | mock-ssl: 23 | > command -v "mkcert" >/dev/null 2>&1 || { echo >&2 "Please install MkCert for Development."; exit 1; } 24 | > export $$(echo "$$(cat "$(THIS_DIR)/.env" | sed 's/#.*//g'| xargs)") 25 | > [ -z "$${DOMAIN}" ] && { echo >&2 "Could not determine domain from environment file."; exit 1; } 26 | > mkdir -p "$(THIS_DIR)/build/ssl/challenges" 27 | > mkdir -p "$(THIS_DIR)/build/ssl/live/docker" 28 | > (cd "$(THIS_DIR)/build/ssl"; mkcert "localhost" "$${DOMAIN}" "127.0.0.1") 29 | > mv "$(THIS_DIR)/build/ssl/localhost+2.pem" "$(THIS_DIR)/build/ssl/live/docker/fullchain.pem" 30 | > cp "$(THIS_DIR)/build/ssl/live/docker/fullchain.pem" "$(THIS_DIR)/build/ssl/live/docker/chain.pem" 31 | > mv "$(THIS_DIR)/build/ssl/localhost+2-key.pem" "$(THIS_DIR)/build/ssl/live/docker/privkey.pem" 32 | > openssl dhparam -out "$(THIS_DIR)/build/ssl/dhparam.pem" 512 33 | > echo >&2 "Check that $$(tput setaf 2)$${DOMAIN}$$(tput sgr0) has been added to \"/etc/hosts\" (add the line \"127.0.0.1 $${DOMAIN}\")." 34 | .PHONY: mock-ssl 35 | .SILENT: mock-ssl 36 | 37 | password: ## Generates a secure, random password for the database 38 | password: 39 | > mkdir -p "$(THIS_DIR)/build/.secrets" 40 | > [ ! -f "$(THIS_DIR)/build/.secrets/dbpass" ] || { \ 41 | echo >&2 "$$(tput setaf 1)A password has already been created. Remove the file \"$(THIS_DIR)/build/.secrets/dbpass\" to try again.$$(tput sgr0)"; \ 42 | echo >&2 "$$(tput setaf 1)Double check that you're NOT REMOVING THE ONLY COPY OF YOUR EXISTING PASSWORD.$$(tput sgr0)"; \ 43 | exit 1; \ 44 | } 45 | > echo "$$(date "+%s.%N" | sha256sum | base64 | head -c 40)" > "$(THIS_DIR)/build/.secrets/dbpass" 46 | > echo >&2 "$$(tput setaf 2)Database password generated and placed in file \"$(THIS_DIR)/build/.secrets/dbpass\".$$(tput sgr0)" 47 | .PHONY: password 48 | .SILENT: password 49 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # This Project 2 | 3 | This is a working example of Symfony's Runtime component. 4 | Do not use this project, look through the code and pull out the parts you find interesting. Copy+paste is your friend. 5 | 6 | ## Contains: 7 | 8 | - Symfony v5.3 skeleton, 9 | - Docker Stack for both FPM, Swoole and RoadRunner, and 10 | - A handy Makefile for the SSL stuff. 11 | 12 | ## How? 13 | 14 | Depending on the Docker build target (`fpm`, `swoole`, or `roadrunner`) the PHP container does the following: 15 | 16 | - For build target `fpm`: 17 | - Execute `php-fpm --nodaemonize` 18 | - `APP_RUNTIME` is set to `Symfony\Component\Runtime\SymfonyRuntime` 19 | - For build target `swoole`: 20 | - Execute `php "/public/index.php"` 21 | - `APP_RUNTIME` is set to `Runtime\Swoole\Runtime` 22 | - Environment variables `SWOOLE_HOST` and `SWOOLE_PORT` are set. 23 | - For build target `roadrunner` 24 | - Execute `/sbin/rr serve` 25 | - `APP_RUNTIME` is set to `Runtime\RoadRunnerSymfonyNyholm\Runtime` 26 | - `.rr.yaml` configuration file is created 27 | 28 | In the Nginx container, build target `fpm` uses FastCGI, while build targets `swoole` and `roadrunner` use Reverse Proxy. 29 | 30 | ## Setup Locally 31 | 32 | - You will need [`git`](https://git-scm.com/), [`openssl`](https://www.openssl.org/), 33 | [`make`](https://www.gnu.org/software/make/), and [`mkcert`](https://mkcert.dev/). 34 | - Update values in `.env` (choose `fpm`, `swoole` or `roadrunner` for `${RUNTIME}`). 35 | - `docker-compose build --pull` 36 | - `make password` 37 | - `make mock-ssl` 38 | - `composer install` (or `bin/env composer install` to run it inside the PHP container) 39 | - `docker-compose up -d` 40 | - `mkcert -install` 41 | - Go to `https://${DOMAIN}:${SSL_PORT}` 42 | 43 | ## Production 44 | 45 | You probably shouldn't use this for production, but if you did: 46 | 47 | - `sudo mkdir -p "/etc/letsencrypt/challenges"` 48 | - `docker-compose -f "docker-compose.yaml" run -d --name "acme" server nginx -c "/etc/nginx/acme.conf"` 49 | - `sudo certbot certonly --webroot --webroot-path="/etc/letsencrypt/challenges" --cert-name="docker" -d "${YOUR_DOMAIN}"` 50 | - `sudo openssl dhparam -out "/etc/letsencrypt/dhparam.pem" 4096` 51 | -------------------------------------------------------------------------------- /bin/env: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | ## !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! ## 4 | # Common *nix PATH directories (such as /usr/local/bin) and therefore anything # 5 | # under them cannot be mounted using Docker for Mac (see # 6 | # https://stackoverflow.com/a/45123074). If you are using Docker for Mac, # 7 | # install Composer to a macOS-specific path (such as "${HOME}/.bin/composer"). # 8 | ## !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! ## 9 | 10 | # The root folder of the application (where "composer.json" is). 11 | APP_DIR=".." 12 | # The root folder of the application (where "docker-compose.yaml" is; usually the same as the APP_DIR). 13 | PROJECT_DIR="${APP_DIR}" 14 | 15 | ################################################################################### 16 | ### ENVIRONMENT HELPER ### 17 | ### --------------------------------------------------------------------------- ### 18 | ### Run this script to create a one-off container based on the PHP service for ### 19 | ### CLI work. It will auto-detect if you have Composer installed on your host; ### 20 | ### if so it will mount Composer as a binary inside the container and also ### 21 | ### Composer's cache directory to reduce the amount of downloading required. ### 22 | ### ### 23 | ### Useful if you have differing PHP versions between host and container. ### 24 | ################################################################################### 25 | 26 | # Standardize Paths 27 | realpath() { 28 | # Can't be bothered to refactor this. If you're not using Bash on macOS then 29 | # I'm not going to bother making sure this is compatible. 30 | [[ $1 = /* ]] && echo "$1" || echo "${PWD}/${1#./}" 31 | } 32 | readlink -f "$0" >/dev/null 2>&1 33 | if [ $? -ne 0 ]; then 34 | DIR="$(dirname "$(realpath "$0")")" 35 | APP_DIR="$(realpath "${DIR}/${APP_DIR}")" 36 | PROJECT_DIR="$(realpath "${DIR}/${PROJECT_DIR}")" 37 | else 38 | DIR="$(dirname "$(readlink -f "$0")")" 39 | APP_DIR="$(readlink -f -- "${DIR}/${APP_DIR}")" 40 | PROJECT_DIR="$(readlink -f -- "${DIR}/${PROJECT_DIR}")" 41 | fi 42 | 43 | # Check for Docker Permissions 44 | DOCKER="${DOCKER:-"docker"}" 45 | command -v "${DOCKER}" >/dev/null 2>&1 || { 46 | echo >&2 "$(tput setaf 1)Docker Client \"${DOCKER}\" not available on \$PATH.$(tput sgr0)"; 47 | exit 1; 48 | } 49 | INFO=$("${DOCKER}" info >/dev/null 2>&1) 50 | if [ $? -ne 0 ]; then 51 | echo >&2 "$(tput setaf 1)Docker Daemon unavailable.$(tput sgr0)" 52 | if [ "$(id -u 2>/dev/null)" -ne "0" ]; then 53 | echo >&2 "$(tput setaf 1)Perhaps retry as root?$(tput sgr0)" 54 | fi 55 | exit 1 56 | fi 57 | COMPOSE="${COMPOSE:-"docker-compose"}" 58 | command -v "${COMPOSE}" >/dev/null 2>&1 || { 59 | echo >&2 "$(tput setaf 1)Docker Compose \"${COMPOSE}\" not available on \$PATH.$(tput sgr0)"; 60 | exit 1; 61 | } 62 | 63 | ################################################################################ 64 | ### DETECTING COMPOSER BINARY AND CACHE DIRECTORIES ### 65 | ### ------------------------------------------------------------------------ ### 66 | ### The following is a little unweildy because it will: ### 67 | ### - Attempt to detect the globally-installed Composer binary, but fallback ### 68 | ### onto a "composer.phar" file installed inside the "bin/" project ### 69 | ### directory. ### 70 | ### - Set appropriate "COMPOSER_HOME" env variable (falling back to a tmpfs ### 71 | ### folder in case Composer doesn't exist so that the non-root user can ### 72 | ### still create it if needed). ### 73 | ### - Figure out Composer's home (cache directory) and load it as a volume, ### 74 | ### falling back to creating one inside the "var/" project directory if it ### 75 | ### can't find it. ### 76 | ################################################################################ 77 | 78 | COMPOSER="" 79 | # Use this default when no Composer binary is added, because without it set it will try to create on the root filesystem 80 | # which the non-root user cannot create directories in. 81 | COMPOSER_HOME="/tmp/composer" 82 | # Set the default cache directory to be inside the "var/" project directory (project-specific rather than global). 83 | COMPOSER_HOST_CACHE="${APP_DIR}/var/.composer" 84 | # Try loading the local, project-specific composer.phar first (in case we're on macOS which won't allow mounting 85 | # /private (/usr, /var, etc). If it does not exist, try mounting the globally installed Composer binary. 86 | for COMPOSER_BINARY in "${APP_DIR}/bin/composer.phar" "$(command -v composer 2>/dev/null)"; do 87 | if [ -f "${COMPOSER_BINARY}" ]; then 88 | # Assuming that PHP is installed on the host machine, try determine Composer's global home (cache) directory. 89 | COMPOSER_HOST_HOMEDIR="$(php "${COMPOSER_BINARY}" global config home 2>/dev/null)" 90 | if [ $? -eq 0 ] && [ -d "${COMPOSER_HOST_HOMEDIR}" ]; then 91 | COMPOSER_HOST_CACHE="${COMPOSER_HOST_HOMEDIR}" 92 | elif [ ! -d "${COMPOSER_HOST_CACHE}" ]; then 93 | # Create the cache directory now as the host machine user, rather than let Docker create the volume 94 | # bind as the root user (because then permissions would be all out of whack). 95 | echo "$(tput setaf 2)Creating Composer cache directory...$(tput sgr0)" 96 | mkdir -p "${COMPOSER_HOST_CACHE}" 97 | fi 98 | COMPOSER_HOME="/.composer" 99 | COMPOSER="--volume \"${COMPOSER_BINARY}:/bin/composer:ro\" --volume \"${COMPOSER_HOST_CACHE}:${COMPOSER_HOME}\" -e \"COMPOSER_HOME=${COMPOSER_HOME}\"" 100 | # Hopefully at this point, the contents of the variable $COMPOSER should look something like: 101 | # --volume "/usr/local/bin/composer:/bin/composer:ro" --volume "~/.config/composer:/.composer" 102 | # Break from the loop (we don't want to overwrite the flag string we just constructed). 103 | break 104 | fi 105 | done 106 | 107 | # You can specify a different service defined in docker-compose.yaml by prefixing the command with a variable, like: 108 | # SERVICE=node bin/env npm i 109 | SERVICE="${SERVICE:-"php"}" 110 | 111 | # Specify the project directory to Docker Compose, but if a specific configuration file has been passed, also add that. 112 | COMPOSE_CONFIG="--project-directory=\"${PROJECT_DIR}\"" 113 | if [ ! -z "${COMPOSE_FILE}"]; then 114 | COMPOSE_FILE_PATH="${PROJECT_DIR}/${COMPOSE_FILE}" 115 | if [ ! -f "${COMPOSE_FILE_PATH}" ]; then 116 | echo >&2 "$(tput setaf 1)Docker Compose file \"${COMPOSE_FILE}\" not found.$(tput sgr0)" 117 | exit 1 118 | fi 119 | COMPOSE_CONFIG="${COMPOSE_CONFIG} --file=\"${COMPOSE_FILE}\"" 120 | fi 121 | 122 | COMMAND="sh" 123 | # This little snippet wraps every command-line argument (after "bin/env") in quotes so that arguments with spaces in 124 | # them (such as `bin/env bin/console oauth2:client:create "My Client Name"`) do not get turned into separate arguments 125 | # (such as `bin/env bin/console oauth2:client:create "My" "Client" "Name"`). 126 | if [ $# -gt 0 ]; then 127 | COMMAND="" 128 | for ARG in "$@"; do 129 | COMMAND="${COMMAND} \"${ARG}\"" 130 | done 131 | fi 132 | 133 | SCRIPT="\"${COMPOSE}\" ${COMPOSE_CONFIG} run --rm --user=\"$(id -u):$(id -g)\" ${COMPOSER} -e \"TERM=xterm\" \"${SERVICE}\" ${COMMAND}" 134 | 135 | "${SHELL:-"sh"}" -c "${SCRIPT}" 136 | exit $? 137 | -------------------------------------------------------------------------------- /build/docker/database/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG MYSQL_VERSION="8.0.25" 2 | 3 | FROM "mysql:${MYSQL_VERSION}" AS production 4 | MAINTAINER Zan Baldwin "hello@zanbaldwin.com" 5 | 6 | COPY "./php.conf" "/etc/mysql/conf.d/php.conf" 7 | 8 | FROM production AS development 9 | COPY "./memory.conf" "/etc/mysql/conf.d/memory.conf" 10 | -------------------------------------------------------------------------------- /build/docker/database/memory.conf: -------------------------------------------------------------------------------- 1 | [mysqld] 2 | 3 | performance_schema = off 4 | 5 | # performance_schema_digests_size = 10000 6 | performance_schema_digests_size = 1000 7 | # performance_schema_error_size = 4860 8 | performance_schema_error_size = 1 9 | # performance_schema_events_stages_history_long_size = 10000 10 | performance_schema_events_stages_history_long_size = 1000 11 | # performance_schema_events_statements_history_long_size = 10000 12 | performance_schema_events_statements_history_long_size = 1000 13 | # performance_schema_events_transactions_history_long_size = 10000 14 | performance_schema_events_transactions_history_long_size = 1000 15 | # performance_schema_events_waits_history_long_size = 10000 16 | performance_schema_events_waits_history_long_size = 1000 17 | # performance_schema_max_cond_classes = 100 18 | performance_schema_max_cond_classes = 80 19 | # performance_schema_max_digest_length = 1024 20 | performance_schema_max_digest_length = 512 21 | # performance_schema_max_mutex_classes = 300 22 | performance_schema_max_mutex_classes = 210 23 | # performance_schema_max_rwlock_classes = 60 24 | performance_schema_max_rwlock_classes = 50 25 | # performance_schema_max_sql_text_length = 1024 26 | performance_schema_max_sql_text_length = 512 27 | # performance_schema_max_stage_classes = 175 28 | performance_schema_max_stage_classes = 150 29 | # performance_schema_max_thread_classes = 100 30 | performance_schema_max_thread_classes = 50 31 | 32 | skip-external-locking 33 | 34 | # max_allowed_packet = 64M 35 | max_allowed_packet = 16M 36 | # innodb_buffer_pool_size = 128M 37 | innodb_buffer_pool_size = 16M 38 | # innodb_log_buffer_size = 16M 39 | innodb_log_buffer_size = 2M 40 | # max_connections = 151 41 | max_connections = 10 42 | # key_buffer_size = 8M 43 | key_buffer_size = 4M 44 | # thread_cache_size = 9 45 | thread_cache_size = 1 46 | # host_cache_size = 279 47 | host_cache_size = 0 48 | # query_cache_size = 0 49 | query_cache_size = 0 50 | # innodb_ft_cache_size = 8M 51 | innodb_ft_cache_size = 2M 52 | # innodb_ft_total_cache_size = 512M 53 | innodb_ft_total_cache_size = 64M 54 | # thread_stack = 280K 55 | thread_stack = 140K 56 | # sort_buffer_size = 256K 57 | sort_buffer_size = 128K 58 | # read_buffer_size = 128K 59 | read_buffer_size = 64K 60 | # read_rnd_buffer_size = 256K 61 | read_rnd_buffer_size = 128K 62 | # max_heap_table_size = 16M 63 | max_heap_table_size = 8M 64 | # tmp_table_size = 16M 65 | tmp_table_size = 8M 66 | # bulk_insert_buffer_size = 8M 67 | bulk_insert_buffer_size = 4M 68 | # join_buffer_size = 256K 69 | join_buffer_size = 128K 70 | # net_buffer_length = 16K 71 | net_buffer_length = 8K 72 | # innodb_sort_buffer_size = 1M 73 | innodb_sort_buffer_size = 512K 74 | # binlog_cache_size = 32K 75 | binlog_cache_size = 16K 76 | # binlog_stmt_cache_size = 32K 77 | binlog_stmt_cache_size = 16K 78 | -------------------------------------------------------------------------------- /build/docker/database/php.conf: -------------------------------------------------------------------------------- 1 | [mysqld] 2 | default-time-zone='+00:00' 3 | # Required for PHP to connect to MySQL 8. 4 | default-authentication-plugin='mysql_native_password' 5 | -------------------------------------------------------------------------------- /build/docker/php/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG PHP_VERSION="8.0-fpm-alpine3.13" 2 | FROM "php:${PHP_VERSION}" AS base 3 | MAINTAINER Zan Baldwin "hello@zanbaldwin.com" 4 | 5 | # Compiles a statically-linked version of the init (PID 1) process bundled with Docker since v1.13 (API v1.25). 6 | # Alpine uses musl instead of glibc, so it's best not to use the dynamically-linked version. 7 | # See https://github.com/krallin/tini/issues/8#issuecomment-146135930 8 | RUN apk add --no-cache --virtual .tini-build-deps cmake gcc git libc-dev make \ 9 | && git clone 'git://github.com/krallin/tini.git' '/tmp/tini' \ 10 | && ( \ 11 | cd '/tmp/tini'; \ 12 | git checkout "$(git describe --tags)"; \ 13 | export CFLAGS='-DPR_SET_CHILD_SUBREAPER=36 -DPR_GET_CHILD_SUBREAPER=37'; \ 14 | cmake . && make; \ 15 | ) \ 16 | && mv '/tmp/tini/tini-static' '/tini' && chmod +x '/tini' \ 17 | && rm -rf '/tmp/tini' \ 18 | && apk del '.tini-build-deps' 19 | ENTRYPOINT [ "/tini", "--" ] 20 | 21 | # Install all standardised PHP extensions that are likely to be used by most applications. 22 | RUN apk add --no-cache --upgrade --virtual ".extension-build-deps" \ 23 | gmp-dev icu-dev libffi-dev libxml2-dev \ 24 | && apk add --no-cache --upgrade --virtual ".extension-runtime-deps" \ 25 | gmp icu libffi libxml2 \ 26 | && docker-php-ext-install \ 27 | ffi gmp intl opcache pcntl pdo_mysql sockets xml \ 28 | && apk del ".extension-build-deps" 29 | # Plus other PECL extensions that could be useful. 30 | # NOTE: If you want to install XDebug, make sure that you DON'T have it enabled when running Swoole. 31 | RUN apk add --no-cache --upgrade --virtual ".pecl-build-deps" $PHPIZE_DEPS \ 32 | && apk add --no-cache --upgrade --virtual ".pecl-runtime-deps" \ 33 | && pecl install swoole && docker-php-ext-enable swoole \ 34 | && apk del ".pecl-build-deps" 35 | 36 | # Composer (see https://github.com/composer/docker/blob/master/1.8/Dockerfile) 37 | RUN curl --silent --fail --location --retry 3 --output "/tmp/installer.sig" --url "https://composer.github.io/installer.sig" \ 38 | && curl --silent --fail --location --retry 3 --output "/tmp/installer.php" --url "https://getcomposer.org/installer" \ 39 | && php -r "if (hash_file('sha384', '/tmp/installer.php') === file_get_contents('/tmp/installer.sig')) { echo 'Installer verified.' . PHP_EOL; } else { echo 'Installer corrupt.' . PHP_EOL; unlink('/tmp/installer.php'); exit(1); }" \ 40 | && php "/tmp/installer.php" --no-ansi --install-dir="/sbin" --filename="composer" \ 41 | && rm -f "/tmp/installer.sig" "/tmp/installer.php" 42 | 43 | COPY "./php.ini" "/usr/local/etc/php/php.ini" 44 | COPY "./emergency_restart.conf" "/usr/local/etc/php-fpm.d/emergency_restart.conf" 45 | 46 | # Create a new user with UID#1000 (the UID that the user on the host machine is likely to have). 47 | # Instruct PHP-FPM to run as that user. 48 | ARG PHP_USER="www-data" 49 | RUN apk add --no-cache --virtual .user-build-deps shadow \ 50 | && (userdel "www-data" || true) \ 51 | && useradd --no-create-home --uid 1000 --user-group "${PHP_USER}" \ 52 | && sed -i -e "s/www-data/${PHP_USER}/g" "/usr/local/etc/php-fpm.d/www.conf" \ 53 | && apk del '.user-build-deps' 54 | 55 | WORKDIR "/srv" 56 | 57 | FROM base AS swoole 58 | ENV APP_RUNTIME="Runtime\Swoole\Runtime" 59 | ENV SWOOLE_HOST="0.0.0.0" 60 | # Use a port number above 1024 so it doesn't require root privileges. Might as well reuse the FPM port. 61 | ENV SWOOLE_PORT="9000" 62 | ARG PHP_USER="www-data" 63 | USER "${PHP_USER}" 64 | CMD [ "php", "/srv/public/index.php" ] 65 | 66 | FROM base AS roadrunner 67 | RUN apk add --no-cache --virtual '.rr-build-deps' curl zip \ 68 | && mkdir -p "/tmp/rr" \ 69 | && curl -L -o "/tmp/rr/release.zip" "https://github.com/spiral/roadrunner-binary/releases/download/v2.2.1/roadrunner-2.2.1-unknown-musl-amd64.zip" \ 70 | && unzip "/tmp/rr/release.zip" -d "/tmp/rr" \ 71 | && mv "/tmp/rr/roadrunner-2.2.1-unknown-musl-amd64/rr" "/sbin/rr" \ 72 | && rm -rf "/tmp/rr" \ 73 | && apk del '.rr-build-deps' 74 | ENV APP_RUNTIME="Runtime\RoadRunnerSymfonyNyholm\Runtime" 75 | COPY "./rr.yaml" "/.rr.yaml" 76 | ARG PHP_USER="www-data" 77 | USER "${PHP_USER}" 78 | CMD [ "/sbin/rr", "-c", "/.rr.yaml", "serve" ] 79 | 80 | FROM base as fpm 81 | # PHP-FPM initializes as the root user, and will then switch to "${PHP_USER}" according to pool directive. 82 | USER "root" 83 | ENV APP_RUNTIME="Symfony\Component\Runtime\SymfonyRuntime" 84 | CMD [ "php-fpm", "--nodaemonize" ] 85 | -------------------------------------------------------------------------------- /build/docker/php/emergency_restart.conf: -------------------------------------------------------------------------------- 1 | [global] 2 | emergency_restart_threshold = 10 3 | emergency_restart_interval = 1m 4 | process_control_timeout = 10s 5 | -------------------------------------------------------------------------------- /build/docker/php/php.ini: -------------------------------------------------------------------------------- 1 | [PHP] 2 | 3 | ;;;;;;;;;;;;;;;;;;; 4 | ; About php.ini ; 5 | ;;;;;;;;;;;;;;;;;;; 6 | ; PHP's initialization file, generally called php.ini, is responsible for 7 | ; configuring many of the aspects of PHP's behavior. 8 | 9 | ; PHP attempts to find and load this configuration from a number of locations. 10 | ; The following is a summary of its search order: 11 | ; 1. SAPI module specific location. 12 | ; 2. The PHPRC environment variable. (As of PHP 5.2.0) 13 | ; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) 14 | ; 4. Current working directory (except CLI) 15 | ; 5. The web server's directory (for SAPI modules), or directory of PHP 16 | ; (otherwise in Windows) 17 | ; 6. The directory from the --with-config-file-path compile time option, or the 18 | ; Windows directory (usually C:\windows) 19 | ; See the PHP docs for more specific information. 20 | ; http://php.net/configuration.file 21 | 22 | ; The syntax of the file is extremely simple. Whitespace and lines 23 | ; beginning with a semicolon are silently ignored (as you probably guessed). 24 | ; Section headers (e.g. [Foo]) are also silently ignored, even though 25 | ; they might mean something in the future. 26 | 27 | ; Directives following the section heading [PATH=/www/mysite] only 28 | ; apply to PHP files in the /www/mysite directory. Directives 29 | ; following the section heading [HOST=www.example.com] only apply to 30 | ; PHP files served from www.example.com. Directives set in these 31 | ; special sections cannot be overridden by user-defined INI files or 32 | ; at runtime. Currently, [PATH=] and [HOST=] sections only work under 33 | ; CGI/FastCGI. 34 | ; http://php.net/ini.sections 35 | 36 | ; Directives are specified using the following syntax: 37 | ; directive = value 38 | ; Directive names are *case sensitive* - foo=bar is different from FOO=bar. 39 | ; Directives are variables used to configure PHP or PHP extensions. 40 | ; There is no name validation. If PHP can't find an expected 41 | ; directive because it is not set or is mistyped, a default value will be used. 42 | 43 | ; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one 44 | ; of the INI constants (On, Off, True, False, Yes, No and None) or an expression 45 | ; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a 46 | ; previously set variable or directive (e.g. ${foo}) 47 | 48 | ; Expressions in the INI file are limited to bitwise operators and parentheses: 49 | ; | bitwise OR 50 | ; ^ bitwise XOR 51 | ; & bitwise AND 52 | ; ~ bitwise NOT 53 | ; ! boolean NOT 54 | 55 | ; Boolean flags can be turned on using the values 1, On, True or Yes. 56 | ; They can be turned off using the values 0, Off, False or No. 57 | 58 | ; An empty string can be denoted by simply not writing anything after the equal 59 | ; sign, or by using the None keyword: 60 | 61 | ; foo = ; sets foo to an empty string 62 | ; foo = None ; sets foo to an empty string 63 | ; foo = "None" ; sets foo to the string 'None' 64 | 65 | ; If you use constants in your value, and these constants belong to a 66 | ; dynamically loaded extension (either a PHP extension or a Zend extension), 67 | ; you may only use these constants *after* the line that loads the extension. 68 | 69 | ;;;;;;;;;;;;;;;;;;; 70 | ; About this file ; 71 | ;;;;;;;;;;;;;;;;;;; 72 | ; PHP comes packaged with two INI files. One that is recommended to be used 73 | ; in production environments and one that is recommended to be used in 74 | ; development environments. 75 | 76 | ; php.ini-production contains settings which hold security, performance and 77 | ; best practices at its core. But please be aware, these settings may break 78 | ; compatibility with older or less security conscience applications. We 79 | ; recommending using the production ini in production and testing environments. 80 | 81 | ; php.ini-development is very similar to its production variant, except it is 82 | ; much more verbose when it comes to errors. We recommend using the 83 | ; development version only in development environments, as errors shown to 84 | ; application users can inadvertently leak otherwise secure information. 85 | 86 | ; This is the php.ini-development INI file. 87 | 88 | ;;;;;;;;;;;;;;;;;;; 89 | ; Quick Reference ; 90 | ;;;;;;;;;;;;;;;;;;; 91 | 92 | ; The following are all the settings which are different in either the production 93 | ; or development versions of the INIs with respect to PHP's default behavior. 94 | ; Please see the actual settings later in the document for more details as to why 95 | ; we recommend these changes in PHP's behavior. 96 | 97 | ; display_errors 98 | ; Default Value: On 99 | ; Development Value: On 100 | ; Production Value: Off 101 | 102 | ; display_startup_errors 103 | ; Default Value: On 104 | ; Development Value: On 105 | ; Production Value: Off 106 | 107 | ; error_reporting 108 | ; Default Value: E_ALL 109 | ; Development Value: E_ALL 110 | ; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT 111 | 112 | ; log_errors 113 | ; Default Value: Off 114 | ; Development Value: On 115 | ; Production Value: On 116 | 117 | ; max_input_time 118 | ; Default Value: -1 (Unlimited) 119 | ; Development Value: 60 (60 seconds) 120 | ; Production Value: 60 (60 seconds) 121 | 122 | ; output_buffering 123 | ; Default Value: Off 124 | ; Development Value: 4096 125 | ; Production Value: 4096 126 | 127 | ; register_argc_argv 128 | ; Default Value: On 129 | ; Development Value: Off 130 | ; Production Value: Off 131 | 132 | ; request_order 133 | ; Default Value: None 134 | ; Development Value: "GP" 135 | ; Production Value: "GP" 136 | 137 | ; session.gc_divisor 138 | ; Default Value: 100 139 | ; Development Value: 1000 140 | ; Production Value: 1000 141 | 142 | ; session.sid_bits_per_character 143 | ; Default Value: 4 144 | ; Development Value: 5 145 | ; Production Value: 5 146 | 147 | ; short_open_tag 148 | ; Default Value: On 149 | ; Development Value: Off 150 | ; Production Value: Off 151 | 152 | ; variables_order 153 | ; Default Value: "EGPCS" 154 | ; Development Value: "GPCS" 155 | ; Production Value: "GPCS" 156 | 157 | ; zend.exception_ignore_args 158 | ; Default Value: Off 159 | ; Development Value: Off 160 | ; Production Value: On 161 | 162 | ; zend.exception_string_param_max_len 163 | ; Default Value: 15 164 | ; Development Value: 15 165 | ; Production Value: 0 166 | 167 | ;;;;;;;;;;;;;;;;;;;; 168 | ; php.ini Options ; 169 | ;;;;;;;;;;;;;;;;;;;; 170 | ; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" 171 | ;user_ini.filename = ".user.ini" 172 | 173 | ; To disable this feature set this option to an empty value 174 | ;user_ini.filename = 175 | 176 | ; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) 177 | ;user_ini.cache_ttl = 300 178 | 179 | ;;;;;;;;;;;;;;;;;;;; 180 | ; Language Options ; 181 | ;;;;;;;;;;;;;;;;;;;; 182 | 183 | ; Enable the PHP scripting language engine under Apache. 184 | ; http://php.net/engine 185 | engine = On 186 | 187 | ; This directive determines whether or not PHP will recognize code between 188 | ; tags as PHP source which should be processed as such. It is 189 | ; generally recommended that should be used and that this feature 190 | ; should be disabled, as enabling it may result in issues when generating XML 191 | ; documents, however this remains supported for backward compatibility reasons. 192 | ; Note that this directive does not control the would work. 332 | ; http://php.net/syntax-highlighting 333 | ;highlight.string = #DD0000 334 | ;highlight.comment = #FF9900 335 | ;highlight.keyword = #007700 336 | ;highlight.default = #0000BB 337 | ;highlight.html = #000000 338 | 339 | ; If enabled, the request will be allowed to complete even if the user aborts 340 | ; the request. Consider enabling it if executing long requests, which may end up 341 | ; being interrupted by the user or a browser timing out. PHP's default behavior 342 | ; is to disable this feature. 343 | ; http://php.net/ignore-user-abort 344 | ;ignore_user_abort = On 345 | 346 | ; Determines the size of the realpath cache to be used by PHP. This value should 347 | ; be increased on systems where PHP opens many files to reflect the quantity of 348 | ; the file operations performed. 349 | ; Note: if open_basedir is set, the cache is disabled 350 | ; http://php.net/realpath-cache-size 351 | ;realpath_cache_size = 4096k 352 | 353 | ; Duration of time, in seconds for which to cache realpath information for a given 354 | ; file or directory. For systems with rarely changing files, consider increasing this 355 | ; value. 356 | ; http://php.net/realpath-cache-ttl 357 | ;realpath_cache_ttl = 120 358 | 359 | ; Enables or disables the circular reference collector. 360 | ; http://php.net/zend.enable-gc 361 | zend.enable_gc = On 362 | 363 | ; If enabled, scripts may be written in encodings that are incompatible with 364 | ; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such 365 | ; encodings. To use this feature, mbstring extension must be enabled. 366 | ;zend.multibyte = Off 367 | 368 | ; Allows to set the default encoding for the scripts. This value will be used 369 | ; unless "declare(encoding=...)" directive appears at the top of the script. 370 | ; Only affects if zend.multibyte is set. 371 | ;zend.script_encoding = 372 | 373 | ; Allows to include or exclude arguments from stack traces generated for exceptions. 374 | ; In production, it is recommended to turn this setting on to prohibit the output 375 | ; of sensitive information in stack traces 376 | ; Default Value: Off 377 | ; Development Value: Off 378 | ; Production Value: On 379 | zend.exception_ignore_args = Off 380 | 381 | ; Allows setting the maximum string length in an argument of a stringified stack trace 382 | ; to a value between 0 and 1000000. 383 | ; This has no effect when zend.exception_ignore_args is enabled. 384 | ; Default Value: 15 385 | ; Development Value: 15 386 | ; Production Value: 0 387 | zend.exception_string_param_max_len = 15 388 | 389 | ;;;;;;;;;;;;;;;;; 390 | ; Miscellaneous ; 391 | ;;;;;;;;;;;;;;;;; 392 | 393 | ; Decides whether PHP may expose the fact that it is installed on the server 394 | ; (e.g. by adding its signature to the Web server header). It is no security 395 | ; threat in any way, but it makes it possible to determine whether you use PHP 396 | ; on your server or not. 397 | ; http://php.net/expose-php 398 | expose_php = Off 399 | 400 | ;;;;;;;;;;;;;;;;;;; 401 | ; Resource Limits ; 402 | ;;;;;;;;;;;;;;;;;;; 403 | 404 | ; Maximum execution time of each script, in seconds 405 | ; http://php.net/max-execution-time 406 | ; Note: This directive is hardcoded to 0 for the CLI SAPI 407 | max_execution_time = 30 408 | 409 | ; Maximum amount of time each script may spend parsing request data. It's a good 410 | ; idea to limit this time on productions servers in order to eliminate unexpectedly 411 | ; long running scripts. 412 | ; Note: This directive is hardcoded to -1 for the CLI SAPI 413 | ; Default Value: -1 (Unlimited) 414 | ; Development Value: 60 (60 seconds) 415 | ; Production Value: 60 (60 seconds) 416 | ; http://php.net/max-input-time 417 | max_input_time = 60 418 | 419 | ; Maximum input variable nesting level 420 | ; http://php.net/max-input-nesting-level 421 | ;max_input_nesting_level = 64 422 | 423 | ; How many GET/POST/COOKIE input variables may be accepted 424 | ;max_input_vars = 1000 425 | 426 | ; Maximum amount of memory a script may consume 427 | ; http://php.net/memory-limit 428 | memory_limit = 256M 429 | 430 | ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; 431 | ; Error handling and logging ; 432 | ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; 433 | 434 | ; This directive informs PHP of which errors, warnings and notices you would like 435 | ; it to take action for. The recommended way of setting values for this 436 | ; directive is through the use of the error level constants and bitwise 437 | ; operators. The error level constants are below here for convenience as well as 438 | ; some common settings and their meanings. 439 | ; By default, PHP is set to take action on all errors, notices and warnings EXCEPT 440 | ; those related to E_NOTICE and E_STRICT, which together cover best practices and 441 | ; recommended coding standards in PHP. For performance reasons, this is the 442 | ; recommend error reporting setting. Your production server shouldn't be wasting 443 | ; resources complaining about best practices and coding standards. That's what 444 | ; development servers and development settings are for. 445 | ; Note: The php.ini-development file has this setting as E_ALL. This 446 | ; means it pretty much reports everything which is exactly what you want during 447 | ; development and early testing. 448 | ; 449 | ; Error Level Constants: 450 | ; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0) 451 | ; E_ERROR - fatal run-time errors 452 | ; E_RECOVERABLE_ERROR - almost fatal run-time errors 453 | ; E_WARNING - run-time warnings (non-fatal errors) 454 | ; E_PARSE - compile-time parse errors 455 | ; E_NOTICE - run-time notices (these are warnings which often result 456 | ; from a bug in your code, but it's possible that it was 457 | ; intentional (e.g., using an uninitialized variable and 458 | ; relying on the fact it is automatically initialized to an 459 | ; empty string) 460 | ; E_STRICT - run-time notices, enable to have PHP suggest changes 461 | ; to your code which will ensure the best interoperability 462 | ; and forward compatibility of your code 463 | ; E_CORE_ERROR - fatal errors that occur during PHP's initial startup 464 | ; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's 465 | ; initial startup 466 | ; E_COMPILE_ERROR - fatal compile-time errors 467 | ; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) 468 | ; E_USER_ERROR - user-generated error message 469 | ; E_USER_WARNING - user-generated warning message 470 | ; E_USER_NOTICE - user-generated notice message 471 | ; E_DEPRECATED - warn about code that will not work in future versions 472 | ; of PHP 473 | ; E_USER_DEPRECATED - user-generated deprecation warnings 474 | ; 475 | ; Common Values: 476 | ; E_ALL (Show all errors, warnings and notices including coding standards.) 477 | ; E_ALL & ~E_NOTICE (Show all errors, except for notices) 478 | ; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.) 479 | ; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) 480 | ; Default Value: E_ALL 481 | ; Development Value: E_ALL 482 | ; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT 483 | ; http://php.net/error-reporting 484 | error_reporting = -1 485 | 486 | ; This directive controls whether or not and where PHP will output errors, 487 | ; notices and warnings too. Error output is very useful during development, but 488 | ; it could be very dangerous in production environments. Depending on the code 489 | ; which is triggering the error, sensitive information could potentially leak 490 | ; out of your application such as database usernames and passwords or worse. 491 | ; For production environments, we recommend logging errors rather than 492 | ; sending them to STDOUT. 493 | ; Possible Values: 494 | ; Off = Do not display any errors 495 | ; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) 496 | ; On or stdout = Display errors to STDOUT 497 | ; Default Value: On 498 | ; Development Value: On 499 | ; Production Value: Off 500 | ; http://php.net/display-errors 501 | display_errors = On 502 | 503 | ; The display of errors which occur during PHP's startup sequence are handled 504 | ; separately from display_errors. We strongly recommend you set this to 'off' 505 | ; for production servers to avoid leaking configuration details. 506 | ; Default Value: On 507 | ; Development Value: On 508 | ; Production Value: Off 509 | ; http://php.net/display-startup-errors 510 | display_startup_errors = On 511 | 512 | ; Besides displaying errors, PHP can also log errors to locations such as a 513 | ; server-specific log, STDERR, or a location specified by the error_log 514 | ; directive found below. While errors should not be displayed on productions 515 | ; servers they should still be monitored and logging is a great way to do that. 516 | ; Default Value: Off 517 | ; Development Value: On 518 | ; Production Value: On 519 | ; http://php.net/log-errors 520 | log_errors = On 521 | 522 | ; Set maximum length of log_errors. In error_log information about the source is 523 | ; added. The default is 1024 and 0 allows to not apply any maximum length at all. 524 | ; http://php.net/log-errors-max-len 525 | log_errors_max_len = 1024 526 | 527 | ; Do not log repeated messages. Repeated errors must occur in same file on same 528 | ; line unless ignore_repeated_source is set true. 529 | ; http://php.net/ignore-repeated-errors 530 | ignore_repeated_errors = Off 531 | 532 | ; Ignore source of message when ignoring repeated messages. When this setting 533 | ; is On you will not log errors with repeated messages from different files or 534 | ; source lines. 535 | ; http://php.net/ignore-repeated-source 536 | ignore_repeated_source = Off 537 | 538 | ; If this parameter is set to Off, then memory leaks will not be shown (on 539 | ; stdout or in the log). This is only effective in a debug compile, and if 540 | ; error reporting includes E_WARNING in the allowed list 541 | ; http://php.net/report-memleaks 542 | report_memleaks = On 543 | 544 | ; This setting is off by default. 545 | ;report_zend_debug = 0 546 | 547 | ; Turn off normal error reporting and emit XML-RPC error XML 548 | ; http://php.net/xmlrpc-errors 549 | ;xmlrpc_errors = 0 550 | 551 | ; An XML-RPC faultCode 552 | ;xmlrpc_error_number = 0 553 | 554 | ; When PHP displays or logs an error, it has the capability of formatting the 555 | ; error message as HTML for easier reading. This directive controls whether 556 | ; the error message is formatted as HTML or not. 557 | ; Note: This directive is hardcoded to Off for the CLI SAPI 558 | ; http://php.net/html-errors 559 | ;html_errors = On 560 | 561 | ; If html_errors is set to On *and* docref_root is not empty, then PHP 562 | ; produces clickable error messages that direct to a page describing the error 563 | ; or function causing the error in detail. 564 | ; You can download a copy of the PHP manual from http://php.net/docs 565 | ; and change docref_root to the base URL of your local copy including the 566 | ; leading '/'. You must also specify the file extension being used including 567 | ; the dot. PHP's default behavior is to leave these settings empty, in which 568 | ; case no links to documentation are generated. 569 | ; Note: Never use this feature for production boxes. 570 | ; http://php.net/docref-root 571 | ; Examples 572 | ;docref_root = "/phpmanual/" 573 | 574 | ; http://php.net/docref-ext 575 | ;docref_ext = .html 576 | 577 | ; String to output before an error message. PHP's default behavior is to leave 578 | ; this setting blank. 579 | ; http://php.net/error-prepend-string 580 | ; Example: 581 | ;error_prepend_string = "" 582 | 583 | ; String to output after an error message. PHP's default behavior is to leave 584 | ; this setting blank. 585 | ; http://php.net/error-append-string 586 | ; Example: 587 | ;error_append_string = "" 588 | 589 | ; Log errors to specified file. PHP's default behavior is to leave this value 590 | ; empty. 591 | ; http://php.net/error-log 592 | ; Example: 593 | ;error_log = php_errors.log 594 | ; Log errors to syslog (Event Log on Windows). 595 | error_log = /proc/self/fd/2 596 | 597 | ; The syslog ident is a string which is prepended to every message logged 598 | ; to syslog. Only used when error_log is set to syslog. 599 | ;syslog.ident = php 600 | 601 | ; The syslog facility is used to specify what type of program is logging 602 | ; the message. Only used when error_log is set to syslog. 603 | ;syslog.facility = user 604 | 605 | ; Set this to disable filtering control characters (the default). 606 | ; Some loggers only accept NVT-ASCII, others accept anything that's not 607 | ; control characters. If your logger accepts everything, then no filtering 608 | ; is needed at all. 609 | ; Allowed values are: 610 | ; ascii (all printable ASCII characters and NL) 611 | ; no-ctrl (all characters except control characters) 612 | ; all (all characters) 613 | ; raw (like "all", but messages are not split at newlines) 614 | ; http://php.net/syslog.filter 615 | ;syslog.filter = ascii 616 | 617 | ;windows.show_crt_warning 618 | ; Default value: 0 619 | ; Development value: 0 620 | ; Production value: 0 621 | 622 | ;;;;;;;;;;;;;;;;; 623 | ; Data Handling ; 624 | ;;;;;;;;;;;;;;;;; 625 | 626 | ; The separator used in PHP generated URLs to separate arguments. 627 | ; PHP's default setting is "&". 628 | ; http://php.net/arg-separator.output 629 | ; Example: 630 | ;arg_separator.output = "&" 631 | 632 | ; List of separator(s) used by PHP to parse input URLs into variables. 633 | ; PHP's default setting is "&". 634 | ; NOTE: Every character in this directive is considered as separator! 635 | ; http://php.net/arg-separator.input 636 | ; Example: 637 | ;arg_separator.input = ";&" 638 | 639 | ; This directive determines which super global arrays are registered when PHP 640 | ; starts up. G,P,C,E & S are abbreviations for the following respective super 641 | ; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty 642 | ; paid for the registration of these arrays and because ENV is not as commonly 643 | ; used as the others, ENV is not recommended on productions servers. You 644 | ; can still get access to the environment variables through getenv() should you 645 | ; need to. 646 | ; Default Value: "EGPCS" 647 | ; Development Value: "GPCS" 648 | ; Production Value: "GPCS"; 649 | ; http://php.net/variables-order 650 | variables_order = "GPCS" 651 | 652 | ; This directive determines which super global data (G,P & C) should be 653 | ; registered into the super global array REQUEST. If so, it also determines 654 | ; the order in which that data is registered. The values for this directive 655 | ; are specified in the same manner as the variables_order directive, 656 | ; EXCEPT one. Leaving this value empty will cause PHP to use the value set 657 | ; in the variables_order directive. It does not mean it will leave the super 658 | ; globals array REQUEST empty. 659 | ; Default Value: None 660 | ; Development Value: "GP" 661 | ; Production Value: "GP" 662 | ; http://php.net/request-order 663 | request_order = "GP" 664 | 665 | ; This directive determines whether PHP registers $argv & $argc each time it 666 | ; runs. $argv contains an array of all the arguments passed to PHP when a script 667 | ; is invoked. $argc contains an integer representing the number of arguments 668 | ; that were passed when the script was invoked. These arrays are extremely 669 | ; useful when running scripts from the command line. When this directive is 670 | ; enabled, registering these variables consumes CPU cycles and memory each time 671 | ; a script is executed. For performance reasons, this feature should be disabled 672 | ; on production servers. 673 | ; Note: This directive is hardcoded to On for the CLI SAPI 674 | ; Default Value: On 675 | ; Development Value: Off 676 | ; Production Value: Off 677 | ; http://php.net/register-argc-argv 678 | register_argc_argv = Off 679 | 680 | ; When enabled, the ENV, REQUEST and SERVER variables are created when they're 681 | ; first used (Just In Time) instead of when the script starts. If these 682 | ; variables are not used within a script, having this directive on will result 683 | ; in a performance gain. The PHP directive register_argc_argv must be disabled 684 | ; for this directive to have any effect. 685 | ; http://php.net/auto-globals-jit 686 | auto_globals_jit = On 687 | 688 | ; Whether PHP will read the POST data. 689 | ; This option is enabled by default. 690 | ; Most likely, you won't want to disable this option globally. It causes $_POST 691 | ; and $_FILES to always be empty; the only way you will be able to read the 692 | ; POST data will be through the php://input stream wrapper. This can be useful 693 | ; to proxy requests or to process the POST data in a memory efficient fashion. 694 | ; http://php.net/enable-post-data-reading 695 | ;enable_post_data_reading = Off 696 | 697 | ; Maximum size of POST data that PHP will accept. 698 | ; Its value may be 0 to disable the limit. It is ignored if POST data reading 699 | ; is disabled through enable_post_data_reading. 700 | ; http://php.net/post-max-size 701 | post_max_size = 16M 702 | 703 | ; Automatically add files before PHP document. 704 | ; http://php.net/auto-prepend-file 705 | auto_prepend_file = 706 | 707 | ; Automatically add files after PHP document. 708 | ; http://php.net/auto-append-file 709 | auto_append_file = 710 | 711 | ; By default, PHP will output a media type using the Content-Type header. To 712 | ; disable this, simply set it to be empty. 713 | ; 714 | ; PHP's built-in default media type is set to text/html. 715 | ; http://php.net/default-mimetype 716 | default_mimetype = "text/html" 717 | 718 | ; PHP's default character set is set to UTF-8. 719 | ; http://php.net/default-charset 720 | default_charset = "UTF-8" 721 | 722 | ; PHP internal character encoding is set to empty. 723 | ; If empty, default_charset is used. 724 | ; http://php.net/internal-encoding 725 | ;internal_encoding = 726 | 727 | ; PHP input character encoding is set to empty. 728 | ; If empty, default_charset is used. 729 | ; http://php.net/input-encoding 730 | ;input_encoding = 731 | 732 | ; PHP output character encoding is set to empty. 733 | ; If empty, default_charset is used. 734 | ; See also output_buffer. 735 | ; http://php.net/output-encoding 736 | ;output_encoding = 737 | 738 | ;;;;;;;;;;;;;;;;;;;;;;;;; 739 | ; Paths and Directories ; 740 | ;;;;;;;;;;;;;;;;;;;;;;;;; 741 | 742 | ; UNIX: "/path1:/path2" 743 | ;include_path = ".:/php/includes" 744 | ; 745 | ; Windows: "\path1;\path2" 746 | ;include_path = ".;c:\php\includes" 747 | ; 748 | ; PHP's default setting for include_path is ".;/path/to/php/pear" 749 | ; http://php.net/include-path 750 | 751 | ; The root of the PHP pages, used only if nonempty. 752 | ; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root 753 | ; if you are running php as a CGI under any web server (other than IIS) 754 | ; see documentation for security issues. The alternate is to use the 755 | ; cgi.force_redirect configuration below 756 | ; http://php.net/doc-root 757 | doc_root = 758 | 759 | ; The directory under which PHP opens the script using /~username used only 760 | ; if nonempty. 761 | ; http://php.net/user-dir 762 | user_dir = 763 | 764 | ; Directory in which the loadable extensions (modules) reside. 765 | ; http://php.net/extension-dir 766 | ;extension_dir = "./" 767 | ; On windows: 768 | ;extension_dir = "ext" 769 | 770 | ; Directory where the temporary files should be placed. 771 | ; Defaults to the system default (see sys_get_temp_dir) 772 | ;sys_temp_dir = "/tmp" 773 | 774 | ; Whether or not to enable the dl() function. The dl() function does NOT work 775 | ; properly in multithreaded servers, such as IIS or Zeus, and is automatically 776 | ; disabled on them. 777 | ; http://php.net/enable-dl 778 | enable_dl = Off 779 | 780 | ; cgi.force_redirect is necessary to provide security running PHP as a CGI under 781 | ; most web servers. Left undefined, PHP turns this on by default. You can 782 | ; turn it off here AT YOUR OWN RISK 783 | ; **You CAN safely turn this off for IIS, in fact, you MUST.** 784 | ; http://php.net/cgi.force-redirect 785 | ;cgi.force_redirect = 1 786 | 787 | ; if cgi.nph is enabled it will force cgi to always sent Status: 200 with 788 | ; every request. PHP's default behavior is to disable this feature. 789 | ;cgi.nph = 1 790 | 791 | ; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape 792 | ; (iPlanet) web servers, you MAY need to set an environment variable name that PHP 793 | ; will look for to know it is OK to continue execution. Setting this variable MAY 794 | ; cause security issues, KNOW WHAT YOU ARE DOING FIRST. 795 | ; http://php.net/cgi.redirect-status-env 796 | ;cgi.redirect_status_env = 797 | 798 | ; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's 799 | ; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok 800 | ; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting 801 | ; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting 802 | ; of zero causes PHP to behave as before. Default is 1. You should fix your scripts 803 | ; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. 804 | ; http://php.net/cgi.fix-pathinfo 805 | ;cgi.fix_pathinfo=1 806 | 807 | ; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside 808 | ; of the web tree and people will not be able to circumvent .htaccess security. 809 | ;cgi.discard_path=1 810 | 811 | ; FastCGI under IIS supports the ability to impersonate 812 | ; security tokens of the calling client. This allows IIS to define the 813 | ; security context that the request runs under. mod_fastcgi under Apache 814 | ; does not currently support this feature (03/17/2002) 815 | ; Set to 1 if running under IIS. Default is zero. 816 | ; http://php.net/fastcgi.impersonate 817 | ;fastcgi.impersonate = 1 818 | 819 | ; Disable logging through FastCGI connection. PHP's default behavior is to enable 820 | ; this feature. 821 | ;fastcgi.logging = 0 822 | 823 | ; cgi.rfc2616_headers configuration option tells PHP what type of headers to 824 | ; use when sending HTTP response code. If set to 0, PHP sends Status: header that 825 | ; is supported by Apache. When this option is set to 1, PHP will send 826 | ; RFC2616 compliant header. 827 | ; Default is zero. 828 | ; http://php.net/cgi.rfc2616-headers 829 | ;cgi.rfc2616_headers = 0 830 | 831 | ; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! 832 | ; (shebang) at the top of the running script. This line might be needed if the 833 | ; script support running both as stand-alone script and via PHP CGI<. PHP in CGI 834 | ; mode skips this line and ignores its content if this directive is turned on. 835 | ; http://php.net/cgi.check-shebang-line 836 | ;cgi.check_shebang_line=1 837 | 838 | ;;;;;;;;;;;;;;;; 839 | ; File Uploads ; 840 | ;;;;;;;;;;;;;;;; 841 | 842 | ; Whether to allow HTTP file uploads. 843 | ; http://php.net/file-uploads 844 | file_uploads = On 845 | 846 | ; Temporary directory for HTTP uploaded files (will use system default if not 847 | ; specified). 848 | ; http://php.net/upload-tmp-dir 849 | ;upload_tmp_dir = 850 | 851 | ; Maximum allowed size for uploaded files. 852 | ; http://php.net/upload-max-filesize 853 | upload_max_filesize = 16M 854 | 855 | ; Maximum number of files that can be uploaded via a single request 856 | max_file_uploads = 20 857 | 858 | ;;;;;;;;;;;;;;;;;; 859 | ; Fopen wrappers ; 860 | ;;;;;;;;;;;;;;;;;; 861 | 862 | ; Whether to allow the treatment of URLs (like http:// or ftp://) as files. 863 | ; http://php.net/allow-url-fopen 864 | allow_url_fopen = On 865 | 866 | ; Whether to allow include/require to open URLs (like http:// or ftp://) as files. 867 | ; http://php.net/allow-url-include 868 | allow_url_include = Off 869 | 870 | ; Define the anonymous ftp password (your email address). PHP's default setting 871 | ; for this is empty. 872 | ; http://php.net/from 873 | ;from="john@doe.com" 874 | 875 | ; Define the User-Agent string. PHP's default setting for this is empty. 876 | ; http://php.net/user-agent 877 | ;user_agent="PHP" 878 | 879 | ; Default timeout for socket based streams (seconds) 880 | ; http://php.net/default-socket-timeout 881 | default_socket_timeout = 60 882 | 883 | ; If your scripts have to deal with files from Macintosh systems, 884 | ; or you are running on a Mac and need to deal with files from 885 | ; unix or win32 systems, setting this flag will cause PHP to 886 | ; automatically detect the EOL character in those files so that 887 | ; fgets() and file() will work regardless of the source of the file. 888 | ; http://php.net/auto-detect-line-endings 889 | ;auto_detect_line_endings = Off 890 | 891 | ;;;;;;;;;;;;;;;;;;;;;; 892 | ; Dynamic Extensions ; 893 | ;;;;;;;;;;;;;;;;;;;;;; 894 | 895 | ; If you wish to have an extension loaded automatically, use the following 896 | ; syntax: 897 | ; 898 | ; extension=modulename 899 | ; 900 | ; For example: 901 | ; 902 | ; extension=mysqli 903 | ; 904 | ; When the extension library to load is not located in the default extension 905 | ; directory, You may specify an absolute path to the library file: 906 | ; 907 | ; extension=/path/to/extension/mysqli.so 908 | ; 909 | ; Note : The syntax used in previous PHP versions ('extension=.so' and 910 | ; 'extension='php_.dll') is supported for legacy reasons and may be 911 | ; deprecated in a future PHP major version. So, when it is possible, please 912 | ; move to the new ('extension=) syntax. 913 | ; 914 | ; Notes for Windows environments : 915 | ; 916 | ; - Many DLL files are located in the extensions/ (PHP 4) or ext/ (PHP 5+) 917 | ; extension folders as well as the separate PECL DLL download (PHP 5+). 918 | ; Be sure to appropriately set the extension_dir directive. 919 | ; 920 | ;extension=bz2 921 | ;extension=curl 922 | ;extension=ffi 923 | ;extension=ftp 924 | ;extension=fileinfo 925 | ;extension=gd 926 | ;extension=gettext 927 | ;extension=gmp 928 | ;extension=intl 929 | ;extension=imap 930 | ;extension=ldap 931 | ;extension=mbstring 932 | ;extension=exif ; Must be after mbstring as it depends on it 933 | ;extension=mysqli 934 | ;extension=oci8_12c ; Use with Oracle Database 12c Instant Client 935 | ;extension=odbc 936 | ;extension=openssl 937 | ;extension=pdo_firebird 938 | ;extension=pdo_mysql 939 | ;extension=pdo_oci 940 | ;extension=pdo_odbc 941 | ;extension=pdo_pgsql 942 | ;extension=pdo_sqlite 943 | ;extension=pgsql 944 | ;extension=shmop 945 | 946 | ; The MIBS data available in the PHP distribution must be installed. 947 | ; See http://www.php.net/manual/en/snmp.installation.php 948 | ;extension=snmp 949 | 950 | ;extension=soap 951 | ;extension=sockets 952 | ;extension=sodium 953 | ;extension=sqlite3 954 | ;extension=tidy 955 | ;extension=xsl 956 | 957 | ;zend_extension=opcache 958 | 959 | ;;;;;;;;;;;;;;;;;;; 960 | ; Module Settings ; 961 | ;;;;;;;;;;;;;;;;;;; 962 | 963 | [CLI Server] 964 | ; Whether the CLI web server uses ANSI color coding in its terminal output. 965 | cli_server.color = On 966 | 967 | [Date] 968 | ; Defines the default timezone used by the date functions 969 | ; http://php.net/date.timezone 970 | date.timezone = Europe/London 971 | 972 | ; http://php.net/date.default-latitude 973 | ;date.default_latitude = 31.7667 974 | 975 | ; http://php.net/date.default-longitude 976 | ;date.default_longitude = 35.2333 977 | 978 | ; http://php.net/date.sunrise-zenith 979 | ;date.sunrise_zenith = 90.833333 980 | 981 | ; http://php.net/date.sunset-zenith 982 | ;date.sunset_zenith = 90.833333 983 | 984 | [filter] 985 | ; http://php.net/filter.default 986 | ;filter.default = unsafe_raw 987 | 988 | ; http://php.net/filter.default-flags 989 | ;filter.default_flags = 990 | 991 | [iconv] 992 | ; Use of this INI entry is deprecated, use global input_encoding instead. 993 | ; If empty, default_charset or input_encoding or iconv.input_encoding is used. 994 | ; The precedence is: default_charset < input_encoding < iconv.input_encoding 995 | ;iconv.input_encoding = 996 | 997 | ; Use of this INI entry is deprecated, use global internal_encoding instead. 998 | ; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. 999 | ; The precedence is: default_charset < internal_encoding < iconv.internal_encoding 1000 | ;iconv.internal_encoding = 1001 | 1002 | ; Use of this INI entry is deprecated, use global output_encoding instead. 1003 | ; If empty, default_charset or output_encoding or iconv.output_encoding is used. 1004 | ; The precedence is: default_charset < output_encoding < iconv.output_encoding 1005 | ; To use an output encoding conversion, iconv's output handler must be set 1006 | ; otherwise output encoding conversion cannot be performed. 1007 | ;iconv.output_encoding = 1008 | 1009 | [imap] 1010 | ; rsh/ssh logins are disabled by default. Use this INI entry if you want to 1011 | ; enable them. Note that the IMAP library does not filter mailbox names before 1012 | ; passing them to rsh/ssh command, thus passing untrusted data to this function 1013 | ; with rsh/ssh enabled is insecure. 1014 | ;imap.enable_insecure_rsh=0 1015 | 1016 | [intl] 1017 | ;intl.default_locale = 1018 | ; This directive allows you to produce PHP errors when some error 1019 | ; happens within intl functions. The value is the level of the error produced. 1020 | ; Default is 0, which does not produce any errors. 1021 | ;intl.error_level = E_WARNING 1022 | ;intl.use_exceptions = 0 1023 | 1024 | [sqlite3] 1025 | ; Directory pointing to SQLite3 extensions 1026 | ; http://php.net/sqlite3.extension-dir 1027 | ;sqlite3.extension_dir = 1028 | 1029 | ; SQLite defensive mode flag (only available from SQLite 3.26+) 1030 | ; When the defensive flag is enabled, language features that allow ordinary 1031 | ; SQL to deliberately corrupt the database file are disabled. This forbids 1032 | ; writing directly to the schema, shadow tables (eg. FTS data tables), or 1033 | ; the sqlite_dbpage virtual table. 1034 | ; https://www.sqlite.org/c3ref/c_dbconfig_defensive.html 1035 | ; (for older SQLite versions, this flag has no use) 1036 | ;sqlite3.defensive = 1 1037 | 1038 | [Pcre] 1039 | ; PCRE library backtracking limit. 1040 | ; http://php.net/pcre.backtrack-limit 1041 | ;pcre.backtrack_limit=100000 1042 | 1043 | ; PCRE library recursion limit. 1044 | ; Please note that if you set this value to a high number you may consume all 1045 | ; the available process stack and eventually crash PHP (due to reaching the 1046 | ; stack size limit imposed by the Operating System). 1047 | ; http://php.net/pcre.recursion-limit 1048 | ;pcre.recursion_limit=100000 1049 | 1050 | ; Enables or disables JIT compilation of patterns. This requires the PCRE 1051 | ; library to be compiled with JIT support. 1052 | ;pcre.jit=1 1053 | 1054 | [Pdo] 1055 | ; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" 1056 | ; http://php.net/pdo-odbc.connection-pooling 1057 | ;pdo_odbc.connection_pooling=strict 1058 | 1059 | [Pdo_mysql] 1060 | ; Default socket name for local MySQL connects. If empty, uses the built-in 1061 | ; MySQL defaults. 1062 | pdo_mysql.default_socket= 1063 | 1064 | [Phar] 1065 | ; http://php.net/phar.readonly 1066 | ;phar.readonly = On 1067 | 1068 | ; http://php.net/phar.require-hash 1069 | ;phar.require_hash = On 1070 | 1071 | ;phar.cache_list = 1072 | 1073 | [mail function] 1074 | ; For Win32 only. 1075 | ; http://php.net/smtp 1076 | SMTP = localhost 1077 | ; http://php.net/smtp-port 1078 | smtp_port = 25 1079 | 1080 | ; For Win32 only. 1081 | ; http://php.net/sendmail-from 1082 | ;sendmail_from = me@example.com 1083 | 1084 | ; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). 1085 | ; http://php.net/sendmail-path 1086 | ;sendmail_path = 1087 | 1088 | ; Force the addition of the specified parameters to be passed as extra parameters 1089 | ; to the sendmail binary. These parameters will always replace the value of 1090 | ; the 5th parameter to mail(). 1091 | ;mail.force_extra_parameters = 1092 | 1093 | ; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename 1094 | mail.add_x_header = Off 1095 | 1096 | ; The path to a log file that will log all mail() calls. Log entries include 1097 | ; the full path of the script, line number, To address and headers. 1098 | ;mail.log = 1099 | ; Log mail to syslog (Event Log on Windows). 1100 | ;mail.log = syslog 1101 | 1102 | [ODBC] 1103 | ; http://php.net/odbc.default-db 1104 | ;odbc.default_db = Not yet implemented 1105 | 1106 | ; http://php.net/odbc.default-user 1107 | ;odbc.default_user = Not yet implemented 1108 | 1109 | ; http://php.net/odbc.default-pw 1110 | ;odbc.default_pw = Not yet implemented 1111 | 1112 | ; Controls the ODBC cursor model. 1113 | ; Default: SQL_CURSOR_STATIC (default). 1114 | ;odbc.default_cursortype 1115 | 1116 | ; Allow or prevent persistent links. 1117 | ; http://php.net/odbc.allow-persistent 1118 | odbc.allow_persistent = On 1119 | 1120 | ; Check that a connection is still valid before reuse. 1121 | ; http://php.net/odbc.check-persistent 1122 | odbc.check_persistent = On 1123 | 1124 | ; Maximum number of persistent links. -1 means no limit. 1125 | ; http://php.net/odbc.max-persistent 1126 | odbc.max_persistent = -1 1127 | 1128 | ; Maximum number of links (persistent + non-persistent). -1 means no limit. 1129 | ; http://php.net/odbc.max-links 1130 | odbc.max_links = -1 1131 | 1132 | ; Handling of LONG fields. Returns number of bytes to variables. 0 means 1133 | ; passthru. 1134 | ; http://php.net/odbc.defaultlrl 1135 | odbc.defaultlrl = 4096 1136 | 1137 | ; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. 1138 | ; See the documentation on odbc_binmode and odbc_longreadlen for an explanation 1139 | ; of odbc.defaultlrl and odbc.defaultbinmode 1140 | ; http://php.net/odbc.defaultbinmode 1141 | odbc.defaultbinmode = 1 1142 | 1143 | [MySQLi] 1144 | 1145 | ; Maximum number of persistent links. -1 means no limit. 1146 | ; http://php.net/mysqli.max-persistent 1147 | mysqli.max_persistent = -1 1148 | 1149 | ; Allow accessing, from PHP's perspective, local files with LOAD DATA statements 1150 | ; http://php.net/mysqli.allow_local_infile 1151 | ;mysqli.allow_local_infile = On 1152 | 1153 | ; Allow or prevent persistent links. 1154 | ; http://php.net/mysqli.allow-persistent 1155 | mysqli.allow_persistent = On 1156 | 1157 | ; Maximum number of links. -1 means no limit. 1158 | ; http://php.net/mysqli.max-links 1159 | mysqli.max_links = -1 1160 | 1161 | ; Default port number for mysqli_connect(). If unset, mysqli_connect() will use 1162 | ; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the 1163 | ; compile-time value defined MYSQL_PORT (in that order). Win32 will only look 1164 | ; at MYSQL_PORT. 1165 | ; http://php.net/mysqli.default-port 1166 | mysqli.default_port = 3306 1167 | 1168 | ; Default socket name for local MySQL connects. If empty, uses the built-in 1169 | ; MySQL defaults. 1170 | ; http://php.net/mysqli.default-socket 1171 | mysqli.default_socket = 1172 | 1173 | ; Default host for mysqli_connect() (doesn't apply in safe mode). 1174 | ; http://php.net/mysqli.default-host 1175 | mysqli.default_host = 1176 | 1177 | ; Default user for mysqli_connect() (doesn't apply in safe mode). 1178 | ; http://php.net/mysqli.default-user 1179 | mysqli.default_user = 1180 | 1181 | ; Default password for mysqli_connect() (doesn't apply in safe mode). 1182 | ; Note that this is generally a *bad* idea to store passwords in this file. 1183 | ; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") 1184 | ; and reveal this password! And of course, any users with read access to this 1185 | ; file will be able to reveal the password as well. 1186 | ; http://php.net/mysqli.default-pw 1187 | mysqli.default_pw = 1188 | 1189 | ; Allow or prevent reconnect 1190 | mysqli.reconnect = Off 1191 | 1192 | [mysqlnd] 1193 | ; Enable / Disable collection of general statistics by mysqlnd which can be 1194 | ; used to tune and monitor MySQL operations. 1195 | mysqlnd.collect_statistics = On 1196 | 1197 | ; Enable / Disable collection of memory usage statistics by mysqlnd which can be 1198 | ; used to tune and monitor MySQL operations. 1199 | mysqlnd.collect_memory_statistics = On 1200 | 1201 | ; Records communication from all extensions using mysqlnd to the specified log 1202 | ; file. 1203 | ; http://php.net/mysqlnd.debug 1204 | ;mysqlnd.debug = 1205 | 1206 | ; Defines which queries will be logged. 1207 | ;mysqlnd.log_mask = 0 1208 | 1209 | ; Default size of the mysqlnd memory pool, which is used by result sets. 1210 | ;mysqlnd.mempool_default_size = 16000 1211 | 1212 | ; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. 1213 | ;mysqlnd.net_cmd_buffer_size = 2048 1214 | 1215 | ; Size of a pre-allocated buffer used for reading data sent by the server in 1216 | ; bytes. 1217 | ;mysqlnd.net_read_buffer_size = 32768 1218 | 1219 | ; Timeout for network requests in seconds. 1220 | ;mysqlnd.net_read_timeout = 31536000 1221 | 1222 | ; SHA-256 Authentication Plugin related. File with the MySQL server public RSA 1223 | ; key. 1224 | ;mysqlnd.sha256_server_public_key = 1225 | 1226 | [OCI8] 1227 | 1228 | ; Connection: Enables privileged connections using external 1229 | ; credentials (OCI_SYSOPER, OCI_SYSDBA) 1230 | ; http://php.net/oci8.privileged-connect 1231 | ;oci8.privileged_connect = Off 1232 | 1233 | ; Connection: The maximum number of persistent OCI8 connections per 1234 | ; process. Using -1 means no limit. 1235 | ; http://php.net/oci8.max-persistent 1236 | ;oci8.max_persistent = -1 1237 | 1238 | ; Connection: The maximum number of seconds a process is allowed to 1239 | ; maintain an idle persistent connection. Using -1 means idle 1240 | ; persistent connections will be maintained forever. 1241 | ; http://php.net/oci8.persistent-timeout 1242 | ;oci8.persistent_timeout = -1 1243 | 1244 | ; Connection: The number of seconds that must pass before issuing a 1245 | ; ping during oci_pconnect() to check the connection validity. When 1246 | ; set to 0, each oci_pconnect() will cause a ping. Using -1 disables 1247 | ; pings completely. 1248 | ; http://php.net/oci8.ping-interval 1249 | ;oci8.ping_interval = 60 1250 | 1251 | ; Connection: Set this to a user chosen connection class to be used 1252 | ; for all pooled server requests with Oracle 11g Database Resident 1253 | ; Connection Pooling (DRCP). To use DRCP, this value should be set to 1254 | ; the same string for all web servers running the same application, 1255 | ; the database pool must be configured, and the connection string must 1256 | ; specify to use a pooled server. 1257 | ;oci8.connection_class = 1258 | 1259 | ; High Availability: Using On lets PHP receive Fast Application 1260 | ; Notification (FAN) events generated when a database node fails. The 1261 | ; database must also be configured to post FAN events. 1262 | ;oci8.events = Off 1263 | 1264 | ; Tuning: This option enables statement caching, and specifies how 1265 | ; many statements to cache. Using 0 disables statement caching. 1266 | ; http://php.net/oci8.statement-cache-size 1267 | ;oci8.statement_cache_size = 20 1268 | 1269 | ; Tuning: Enables statement prefetching and sets the default number of 1270 | ; rows that will be fetched automatically after statement execution. 1271 | ; http://php.net/oci8.default-prefetch 1272 | ;oci8.default_prefetch = 100 1273 | 1274 | ; Compatibility. Using On means oci_close() will not close 1275 | ; oci_connect() and oci_new_connect() connections. 1276 | ; http://php.net/oci8.old-oci-close-semantics 1277 | ;oci8.old_oci_close_semantics = Off 1278 | 1279 | [PostgreSQL] 1280 | ; Allow or prevent persistent links. 1281 | ; http://php.net/pgsql.allow-persistent 1282 | pgsql.allow_persistent = On 1283 | 1284 | ; Detect broken persistent links always with pg_pconnect(). 1285 | ; Auto reset feature requires a little overheads. 1286 | ; http://php.net/pgsql.auto-reset-persistent 1287 | pgsql.auto_reset_persistent = Off 1288 | 1289 | ; Maximum number of persistent links. -1 means no limit. 1290 | ; http://php.net/pgsql.max-persistent 1291 | pgsql.max_persistent = -1 1292 | 1293 | ; Maximum number of links (persistent+non persistent). -1 means no limit. 1294 | ; http://php.net/pgsql.max-links 1295 | pgsql.max_links = -1 1296 | 1297 | ; Ignore PostgreSQL backends Notice message or not. 1298 | ; Notice message logging require a little overheads. 1299 | ; http://php.net/pgsql.ignore-notice 1300 | pgsql.ignore_notice = 0 1301 | 1302 | ; Log PostgreSQL backends Notice message or not. 1303 | ; Unless pgsql.ignore_notice=0, module cannot log notice message. 1304 | ; http://php.net/pgsql.log-notice 1305 | pgsql.log_notice = 0 1306 | 1307 | [bcmath] 1308 | ; Number of decimal digits for all bcmath functions. 1309 | ; http://php.net/bcmath.scale 1310 | bcmath.scale = 0 1311 | 1312 | [browscap] 1313 | ; http://php.net/browscap 1314 | ;browscap = extra/browscap.ini 1315 | 1316 | [Session] 1317 | ; Handler used to store/retrieve data. 1318 | ; http://php.net/session.save-handler 1319 | session.save_handler = files 1320 | 1321 | ; Argument passed to save_handler. In the case of files, this is the path 1322 | ; where data files are stored. Note: Windows users have to change this 1323 | ; variable in order to use PHP's session functions. 1324 | ; 1325 | ; The path can be defined as: 1326 | ; 1327 | ; session.save_path = "N;/path" 1328 | ; 1329 | ; where N is an integer. Instead of storing all the session files in 1330 | ; /path, what this will do is use subdirectories N-levels deep, and 1331 | ; store the session data in those directories. This is useful if 1332 | ; your OS has problems with many files in one directory, and is 1333 | ; a more efficient layout for servers that handle many sessions. 1334 | ; 1335 | ; NOTE 1: PHP will not create this directory structure automatically. 1336 | ; You can use the script in the ext/session dir for that purpose. 1337 | ; NOTE 2: See the section on garbage collection below if you choose to 1338 | ; use subdirectories for session storage 1339 | ; 1340 | ; The file storage module creates files using mode 600 by default. 1341 | ; You can change that by using 1342 | ; 1343 | ; session.save_path = "N;MODE;/path" 1344 | ; 1345 | ; where MODE is the octal representation of the mode. Note that this 1346 | ; does not overwrite the process's umask. 1347 | ; http://php.net/session.save-path 1348 | ;session.save_path = "/tmp" 1349 | 1350 | ; Whether to use strict session mode. 1351 | ; Strict session mode does not accept an uninitialized session ID, and 1352 | ; regenerates the session ID if the browser sends an uninitialized session ID. 1353 | ; Strict mode protects applications from session fixation via a session adoption 1354 | ; vulnerability. It is disabled by default for maximum compatibility, but 1355 | ; enabling it is encouraged. 1356 | ; https://wiki.php.net/rfc/strict_sessions 1357 | session.use_strict_mode = 0 1358 | 1359 | ; Whether to use cookies. 1360 | ; http://php.net/session.use-cookies 1361 | session.use_cookies = 1 1362 | 1363 | ; http://php.net/session.cookie-secure 1364 | ;session.cookie_secure = 1365 | 1366 | ; This option forces PHP to fetch and use a cookie for storing and maintaining 1367 | ; the session id. We encourage this operation as it's very helpful in combating 1368 | ; session hijacking when not specifying and managing your own session id. It is 1369 | ; not the be-all and end-all of session hijacking defense, but it's a good start. 1370 | ; http://php.net/session.use-only-cookies 1371 | session.use_only_cookies = 1 1372 | 1373 | ; Name of the session (used as cookie name). 1374 | ; http://php.net/session.name 1375 | session.name = PHPSESSID 1376 | 1377 | ; Initialize session on request startup. 1378 | ; http://php.net/session.auto-start 1379 | session.auto_start = 0 1380 | 1381 | ; Lifetime in seconds of cookie or, if 0, until browser is restarted. 1382 | ; http://php.net/session.cookie-lifetime 1383 | session.cookie_lifetime = 0 1384 | 1385 | ; The path for which the cookie is valid. 1386 | ; http://php.net/session.cookie-path 1387 | session.cookie_path = / 1388 | 1389 | ; The domain for which the cookie is valid. 1390 | ; http://php.net/session.cookie-domain 1391 | session.cookie_domain = 1392 | 1393 | ; Whether or not to add the httpOnly flag to the cookie, which makes it 1394 | ; inaccessible to browser scripting languages such as JavaScript. 1395 | ; http://php.net/session.cookie-httponly 1396 | session.cookie_httponly = 1397 | 1398 | ; Add SameSite attribute to cookie to help mitigate Cross-Site Request Forgery (CSRF/XSRF) 1399 | ; Current valid values are "Strict", "Lax" or "None". When using "None", 1400 | ; make sure to include the quotes, as `none` is interpreted like `false` in ini files. 1401 | ; https://tools.ietf.org/html/draft-west-first-party-cookies-07 1402 | session.cookie_samesite = 1403 | 1404 | ; Handler used to serialize data. php is the standard serializer of PHP. 1405 | ; http://php.net/session.serialize-handler 1406 | session.serialize_handler = php 1407 | 1408 | ; Defines the probability that the 'garbage collection' process is started on every 1409 | ; session initialization. The probability is calculated by using gc_probability/gc_divisor, 1410 | ; e.g. 1/100 means there is a 1% chance that the GC process starts on each request. 1411 | ; Default Value: 1 1412 | ; Development Value: 1 1413 | ; Production Value: 1 1414 | ; http://php.net/session.gc-probability 1415 | session.gc_probability = 1 1416 | 1417 | ; Defines the probability that the 'garbage collection' process is started on every 1418 | ; session initialization. The probability is calculated by using gc_probability/gc_divisor, 1419 | ; e.g. 1/100 means there is a 1% chance that the GC process starts on each request. 1420 | ; For high volume production servers, using a value of 1000 is a more efficient approach. 1421 | ; Default Value: 100 1422 | ; Development Value: 1000 1423 | ; Production Value: 1000 1424 | ; http://php.net/session.gc-divisor 1425 | session.gc_divisor = 1000 1426 | 1427 | ; After this number of seconds, stored data will be seen as 'garbage' and 1428 | ; cleaned up by the garbage collection process. 1429 | ; http://php.net/session.gc-maxlifetime 1430 | session.gc_maxlifetime = 1440 1431 | 1432 | ; NOTE: If you are using the subdirectory option for storing session files 1433 | ; (see session.save_path above), then garbage collection does *not* 1434 | ; happen automatically. You will need to do your own garbage 1435 | ; collection through a shell script, cron entry, or some other method. 1436 | ; For example, the following script is the equivalent of setting 1437 | ; session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): 1438 | ; find /path/to/sessions -cmin +24 -type f | xargs rm 1439 | 1440 | ; Check HTTP Referer to invalidate externally stored URLs containing ids. 1441 | ; HTTP_REFERER has to contain this substring for the session to be 1442 | ; considered as valid. 1443 | ; http://php.net/session.referer-check 1444 | session.referer_check = 1445 | 1446 | ; Set to {nocache,private,public,} to determine HTTP caching aspects 1447 | ; or leave this empty to avoid sending anti-caching headers. 1448 | ; http://php.net/session.cache-limiter 1449 | session.cache_limiter = nocache 1450 | 1451 | ; Document expires after n minutes. 1452 | ; http://php.net/session.cache-expire 1453 | session.cache_expire = 180 1454 | 1455 | ; trans sid support is disabled by default. 1456 | ; Use of trans sid may risk your users' security. 1457 | ; Use this option with caution. 1458 | ; - User may send URL contains active session ID 1459 | ; to other person via. email/irc/etc. 1460 | ; - URL that contains active session ID may be stored 1461 | ; in publicly accessible computer. 1462 | ; - User may access your site with the same session ID 1463 | ; always using URL stored in browser's history or bookmarks. 1464 | ; http://php.net/session.use-trans-sid 1465 | session.use_trans_sid = 0 1466 | 1467 | ; Set session ID character length. This value could be between 22 to 256. 1468 | ; Shorter length than default is supported only for compatibility reason. 1469 | ; Users should use 32 or more chars. 1470 | ; http://php.net/session.sid-length 1471 | ; Default Value: 32 1472 | ; Development Value: 26 1473 | ; Production Value: 26 1474 | session.sid_length = 26 1475 | 1476 | ; The URL rewriter will look for URLs in a defined set of HTML tags. 1477 | ;
is special; if you include them here, the rewriter will 1478 | ; add a hidden field with the info which is otherwise appended 1479 | ; to URLs. tag's action attribute URL will not be modified 1480 | ; unless it is specified. 1481 | ; Note that all valid entries require a "=", even if no value follows. 1482 | ; Default Value: "a=href,area=href,frame=src,form=" 1483 | ; Development Value: "a=href,area=href,frame=src,form=" 1484 | ; Production Value: "a=href,area=href,frame=src,form=" 1485 | ; http://php.net/url-rewriter.tags 1486 | session.trans_sid_tags = "a=href,area=href,frame=src,form=" 1487 | 1488 | ; URL rewriter does not rewrite absolute URLs by default. 1489 | ; To enable rewrites for absolute paths, target hosts must be specified 1490 | ; at RUNTIME. i.e. use ini_set() 1491 | ; tags is special. PHP will check action attribute's URL regardless 1492 | ; of session.trans_sid_tags setting. 1493 | ; If no host is defined, HTTP_HOST will be used for allowed host. 1494 | ; Example value: php.net,www.php.net,wiki.php.net 1495 | ; Use "," for multiple hosts. No spaces are allowed. 1496 | ; Default Value: "" 1497 | ; Development Value: "" 1498 | ; Production Value: "" 1499 | ;session.trans_sid_hosts="" 1500 | 1501 | ; Define how many bits are stored in each character when converting 1502 | ; the binary hash data to something readable. 1503 | ; Possible values: 1504 | ; 4 (4 bits: 0-9, a-f) 1505 | ; 5 (5 bits: 0-9, a-v) 1506 | ; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") 1507 | ; Default Value: 4 1508 | ; Development Value: 5 1509 | ; Production Value: 5 1510 | ; http://php.net/session.hash-bits-per-character 1511 | session.sid_bits_per_character = 5 1512 | 1513 | ; Enable upload progress tracking in $_SESSION 1514 | ; Default Value: On 1515 | ; Development Value: On 1516 | ; Production Value: On 1517 | ; http://php.net/session.upload-progress.enabled 1518 | ;session.upload_progress.enabled = On 1519 | 1520 | ; Cleanup the progress information as soon as all POST data has been read 1521 | ; (i.e. upload completed). 1522 | ; Default Value: On 1523 | ; Development Value: On 1524 | ; Production Value: On 1525 | ; http://php.net/session.upload-progress.cleanup 1526 | ;session.upload_progress.cleanup = On 1527 | 1528 | ; A prefix used for the upload progress key in $_SESSION 1529 | ; Default Value: "upload_progress_" 1530 | ; Development Value: "upload_progress_" 1531 | ; Production Value: "upload_progress_" 1532 | ; http://php.net/session.upload-progress.prefix 1533 | ;session.upload_progress.prefix = "upload_progress_" 1534 | 1535 | ; The index name (concatenated with the prefix) in $_SESSION 1536 | ; containing the upload progress information 1537 | ; Default Value: "PHP_SESSION_UPLOAD_PROGRESS" 1538 | ; Development Value: "PHP_SESSION_UPLOAD_PROGRESS" 1539 | ; Production Value: "PHP_SESSION_UPLOAD_PROGRESS" 1540 | ; http://php.net/session.upload-progress.name 1541 | ;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" 1542 | 1543 | ; How frequently the upload progress should be updated. 1544 | ; Given either in percentages (per-file), or in bytes 1545 | ; Default Value: "1%" 1546 | ; Development Value: "1%" 1547 | ; Production Value: "1%" 1548 | ; http://php.net/session.upload-progress.freq 1549 | ;session.upload_progress.freq = "1%" 1550 | 1551 | ; The minimum delay between updates, in seconds 1552 | ; Default Value: 1 1553 | ; Development Value: 1 1554 | ; Production Value: 1 1555 | ; http://php.net/session.upload-progress.min-freq 1556 | ;session.upload_progress.min_freq = "1" 1557 | 1558 | ; Only write session data when session data is changed. Enabled by default. 1559 | ; http://php.net/session.lazy-write 1560 | ;session.lazy_write = On 1561 | 1562 | [Assertion] 1563 | ; Switch whether to compile assertions at all (to have no overhead at run-time) 1564 | ; -1: Do not compile at all 1565 | ; 0: Jump over assertion at run-time 1566 | ; 1: Execute assertions 1567 | ; Changing from or to a negative value is only possible in php.ini! (For turning assertions on and off at run-time, see assert.active, when zend.assertions = 1) 1568 | ; Default Value: 1 1569 | ; Development Value: 1 1570 | ; Production Value: -1 1571 | ; http://php.net/zend.assertions 1572 | zend.assertions = 1 1573 | 1574 | ; Assert(expr); active by default. 1575 | ; http://php.net/assert.active 1576 | ;assert.active = On 1577 | 1578 | ; Throw an AssertionError on failed assertions 1579 | ; http://php.net/assert.exception 1580 | ;assert.exception = On 1581 | 1582 | ; Issue a PHP warning for each failed assertion. (Overridden by assert.exception if active) 1583 | ; http://php.net/assert.warning 1584 | ;assert.warning = On 1585 | 1586 | ; Don't bail out by default. 1587 | ; http://php.net/assert.bail 1588 | ;assert.bail = Off 1589 | 1590 | ; User-function to be called if an assertion fails. 1591 | ; http://php.net/assert.callback 1592 | ;assert.callback = 0 1593 | 1594 | [COM] 1595 | ; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs 1596 | ; http://php.net/com.typelib-file 1597 | ;com.typelib_file = 1598 | 1599 | ; allow Distributed-COM calls 1600 | ; http://php.net/com.allow-dcom 1601 | ;com.allow_dcom = true 1602 | 1603 | ; autoregister constants of a component's typlib on com_load() 1604 | ; http://php.net/com.autoregister-typelib 1605 | ;com.autoregister_typelib = true 1606 | 1607 | ; register constants casesensitive 1608 | ; http://php.net/com.autoregister-casesensitive 1609 | ;com.autoregister_casesensitive = false 1610 | 1611 | ; show warnings on duplicate constant registrations 1612 | ; http://php.net/com.autoregister-verbose 1613 | ;com.autoregister_verbose = true 1614 | 1615 | ; The default character set code-page to use when passing strings to and from COM objects. 1616 | ; Default: system ANSI code page 1617 | ;com.code_page= 1618 | 1619 | ; The version of the .NET framework to use. The value of the setting are the first three parts 1620 | ; of the framework's version number, separated by dots, and prefixed with "v", e.g. "v4.0.30319". 1621 | ;com.dotnet_version= 1622 | 1623 | [mbstring] 1624 | ; language for internal character representation. 1625 | ; This affects mb_send_mail() and mbstring.detect_order. 1626 | ; http://php.net/mbstring.language 1627 | ;mbstring.language = Japanese 1628 | 1629 | ; Use of this INI entry is deprecated, use global internal_encoding instead. 1630 | ; internal/script encoding. 1631 | ; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*) 1632 | ; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. 1633 | ; The precedence is: default_charset < internal_encoding < iconv.internal_encoding 1634 | ;mbstring.internal_encoding = 1635 | 1636 | ; Use of this INI entry is deprecated, use global input_encoding instead. 1637 | ; http input encoding. 1638 | ; mbstring.encoding_translation = On is needed to use this setting. 1639 | ; If empty, default_charset or input_encoding or mbstring.input is used. 1640 | ; The precedence is: default_charset < input_encoding < mbsting.http_input 1641 | ; http://php.net/mbstring.http-input 1642 | ;mbstring.http_input = 1643 | 1644 | ; Use of this INI entry is deprecated, use global output_encoding instead. 1645 | ; http output encoding. 1646 | ; mb_output_handler must be registered as output buffer to function. 1647 | ; If empty, default_charset or output_encoding or mbstring.http_output is used. 1648 | ; The precedence is: default_charset < output_encoding < mbstring.http_output 1649 | ; To use an output encoding conversion, mbstring's output handler must be set 1650 | ; otherwise output encoding conversion cannot be performed. 1651 | ; http://php.net/mbstring.http-output 1652 | ;mbstring.http_output = 1653 | 1654 | ; enable automatic encoding translation according to 1655 | ; mbstring.internal_encoding setting. Input chars are 1656 | ; converted to internal encoding by setting this to On. 1657 | ; Note: Do _not_ use automatic encoding translation for 1658 | ; portable libs/applications. 1659 | ; http://php.net/mbstring.encoding-translation 1660 | ;mbstring.encoding_translation = Off 1661 | 1662 | ; automatic encoding detection order. 1663 | ; "auto" detect order is changed according to mbstring.language 1664 | ; http://php.net/mbstring.detect-order 1665 | ;mbstring.detect_order = auto 1666 | 1667 | ; substitute_character used when character cannot be converted 1668 | ; one from another 1669 | ; http://php.net/mbstring.substitute-character 1670 | ;mbstring.substitute_character = none 1671 | 1672 | ; Enable strict encoding detection. 1673 | ;mbstring.strict_detection = Off 1674 | 1675 | ; This directive specifies the regex pattern of content types for which mb_output_handler() 1676 | ; is activated. 1677 | ; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) 1678 | ;mbstring.http_output_conv_mimetype= 1679 | 1680 | ; This directive specifies maximum stack depth for mbstring regular expressions. It is similar 1681 | ; to the pcre.recursion_limit for PCRE. 1682 | ;mbstring.regex_stack_limit=100000 1683 | 1684 | ; This directive specifies maximum retry count for mbstring regular expressions. It is similar 1685 | ; to the pcre.backtrack_limit for PCRE. 1686 | ;mbstring.regex_retry_limit=1000000 1687 | 1688 | [gd] 1689 | ; Tell the jpeg decode to ignore warnings and try to create 1690 | ; a gd image. The warning will then be displayed as notices 1691 | ; disabled by default 1692 | ; http://php.net/gd.jpeg-ignore-warning 1693 | ;gd.jpeg_ignore_warning = 1 1694 | 1695 | [exif] 1696 | ; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. 1697 | ; With mbstring support this will automatically be converted into the encoding 1698 | ; given by corresponding encode setting. When empty mbstring.internal_encoding 1699 | ; is used. For the decode settings you can distinguish between motorola and 1700 | ; intel byte order. A decode setting cannot be empty. 1701 | ; http://php.net/exif.encode-unicode 1702 | ;exif.encode_unicode = ISO-8859-15 1703 | 1704 | ; http://php.net/exif.decode-unicode-motorola 1705 | ;exif.decode_unicode_motorola = UCS-2BE 1706 | 1707 | ; http://php.net/exif.decode-unicode-intel 1708 | ;exif.decode_unicode_intel = UCS-2LE 1709 | 1710 | ; http://php.net/exif.encode-jis 1711 | ;exif.encode_jis = 1712 | 1713 | ; http://php.net/exif.decode-jis-motorola 1714 | ;exif.decode_jis_motorola = JIS 1715 | 1716 | ; http://php.net/exif.decode-jis-intel 1717 | ;exif.decode_jis_intel = JIS 1718 | 1719 | [Tidy] 1720 | ; The path to a default tidy configuration file to use when using tidy 1721 | ; http://php.net/tidy.default-config 1722 | ;tidy.default_config = /usr/local/lib/php/default.tcfg 1723 | 1724 | ; Should tidy clean and repair output automatically? 1725 | ; WARNING: Do not use this option if you are generating non-html content 1726 | ; such as dynamic images 1727 | ; http://php.net/tidy.clean-output 1728 | tidy.clean_output = Off 1729 | 1730 | [soap] 1731 | ; Enables or disables WSDL caching feature. 1732 | ; http://php.net/soap.wsdl-cache-enabled 1733 | soap.wsdl_cache_enabled=1 1734 | 1735 | ; Sets the directory name where SOAP extension will put cache files. 1736 | ; http://php.net/soap.wsdl-cache-dir 1737 | soap.wsdl_cache_dir="/tmp" 1738 | 1739 | ; (time to live) Sets the number of second while cached file will be used 1740 | ; instead of original one. 1741 | ; http://php.net/soap.wsdl-cache-ttl 1742 | soap.wsdl_cache_ttl=86400 1743 | 1744 | ; Sets the size of the cache limit. (Max. number of WSDL files to cache) 1745 | soap.wsdl_cache_limit = 5 1746 | 1747 | [sysvshm] 1748 | ; A default size of the shared memory segment 1749 | ;sysvshm.init_mem = 10000 1750 | 1751 | [ldap] 1752 | ; Sets the maximum number of open links or -1 for unlimited. 1753 | ldap.max_links = -1 1754 | 1755 | [dba] 1756 | ;dba.default_handler= 1757 | 1758 | [opcache] 1759 | ; Determines if Zend OPCache is enabled 1760 | ;opcache.enable=1 1761 | 1762 | ; Determines if Zend OPCache is enabled for the CLI version of PHP 1763 | ;opcache.enable_cli=0 1764 | 1765 | ; The OPcache shared memory storage size. 1766 | ;opcache.memory_consumption=128 1767 | 1768 | ; The amount of memory for interned strings in Mbytes. 1769 | ;opcache.interned_strings_buffer=8 1770 | 1771 | ; The maximum number of keys (scripts) in the OPcache hash table. 1772 | ; Only numbers between 200 and 1000000 are allowed. 1773 | ;opcache.max_accelerated_files=10000 1774 | 1775 | ; The maximum percentage of "wasted" memory until a restart is scheduled. 1776 | ;opcache.max_wasted_percentage=5 1777 | 1778 | ; When this directive is enabled, the OPcache appends the current working 1779 | ; directory to the script key, thus eliminating possible collisions between 1780 | ; files with the same name (basename). Disabling the directive improves 1781 | ; performance, but may break existing applications. 1782 | ;opcache.use_cwd=1 1783 | 1784 | ; When disabled, you must reset the OPcache manually or restart the 1785 | ; webserver for changes to the filesystem to take effect. 1786 | ;opcache.validate_timestamps=1 1787 | 1788 | ; How often (in seconds) to check file timestamps for changes to the shared 1789 | ; memory storage allocation. ("1" means validate once per second, but only 1790 | ; once per request. "0" means always validate) 1791 | ;opcache.revalidate_freq=2 1792 | 1793 | ; Enables or disables file search in include_path optimization 1794 | ;opcache.revalidate_path=0 1795 | 1796 | ; If disabled, all PHPDoc comments are dropped from the code to reduce the 1797 | ; size of the optimized code. 1798 | ;opcache.save_comments=1 1799 | 1800 | ; If enabled, compilation warnings (including notices and deprecations) will 1801 | ; be recorded and replayed each time a file is included. Otherwise, compilation 1802 | ; warnings will only be emitted when the file is first cached. 1803 | ;opcache.record_warnings=0 1804 | 1805 | ; Allow file existence override (file_exists, etc.) performance feature. 1806 | ;opcache.enable_file_override=0 1807 | 1808 | ; A bitmask, where each bit enables or disables the appropriate OPcache 1809 | ; passes 1810 | ;opcache.optimization_level=0x7FFFBFFF 1811 | 1812 | ;opcache.dups_fix=0 1813 | 1814 | ; The location of the OPcache blacklist file (wildcards allowed). 1815 | ; Each OPcache blacklist file is a text file that holds the names of files 1816 | ; that should not be accelerated. The file format is to add each filename 1817 | ; to a new line. The filename may be a full path or just a file prefix 1818 | ; (i.e., /var/www/x blacklists all the files and directories in /var/www 1819 | ; that start with 'x'). Line starting with a ; are ignored (comments). 1820 | ;opcache.blacklist_filename= 1821 | 1822 | ; Allows exclusion of large files from being cached. By default all files 1823 | ; are cached. 1824 | ;opcache.max_file_size=0 1825 | 1826 | ; Check the cache checksum each N requests. 1827 | ; The default value of "0" means that the checks are disabled. 1828 | ;opcache.consistency_checks=0 1829 | 1830 | ; How long to wait (in seconds) for a scheduled restart to begin if the cache 1831 | ; is not being accessed. 1832 | ;opcache.force_restart_timeout=180 1833 | 1834 | ; OPcache error_log file name. Empty string assumes "stderr". 1835 | ;opcache.error_log= 1836 | 1837 | ; All OPcache errors go to the Web server log. 1838 | ; By default, only fatal errors (level 0) or errors (level 1) are logged. 1839 | ; You can also enable warnings (level 2), info messages (level 3) or 1840 | ; debug messages (level 4). 1841 | ;opcache.log_verbosity_level=1 1842 | 1843 | ; Preferred Shared Memory back-end. Leave empty and let the system decide. 1844 | ;opcache.preferred_memory_model= 1845 | 1846 | ; Protect the shared memory from unexpected writing during script execution. 1847 | ; Useful for internal debugging only. 1848 | ;opcache.protect_memory=0 1849 | 1850 | ; Allows calling OPcache API functions only from PHP scripts which path is 1851 | ; started from specified string. The default "" means no restriction 1852 | ;opcache.restrict_api= 1853 | 1854 | ; Mapping base of shared memory segments (for Windows only). All the PHP 1855 | ; processes have to map shared memory into the same address space. This 1856 | ; directive allows to manually fix the "Unable to reattach to base address" 1857 | ; errors. 1858 | ;opcache.mmap_base= 1859 | 1860 | ; Facilitates multiple OPcache instances per user (for Windows only). All PHP 1861 | ; processes with the same cache ID and user share an OPcache instance. 1862 | ;opcache.cache_id= 1863 | 1864 | ; Enables and sets the second level cache directory. 1865 | ; It should improve performance when SHM memory is full, at server restart or 1866 | ; SHM reset. The default "" disables file based caching. 1867 | ;opcache.file_cache= 1868 | 1869 | ; Enables or disables opcode caching in shared memory. 1870 | ;opcache.file_cache_only=0 1871 | 1872 | ; Enables or disables checksum validation when script loaded from file cache. 1873 | ;opcache.file_cache_consistency_checks=1 1874 | 1875 | ; Implies opcache.file_cache_only=1 for a certain process that failed to 1876 | ; reattach to the shared memory (for Windows only). Explicitly enabled file 1877 | ; cache is required. 1878 | ;opcache.file_cache_fallback=1 1879 | 1880 | ; Enables or disables copying of PHP code (text segment) into HUGE PAGES. 1881 | ; This should improve performance, but requires appropriate OS configuration. 1882 | ;opcache.huge_code_pages=0 1883 | 1884 | ; Validate cached file permissions. 1885 | ;opcache.validate_permission=0 1886 | 1887 | ; Prevent name collisions in chroot'ed environment. 1888 | ;opcache.validate_root=0 1889 | 1890 | ; If specified, it produces opcode dumps for debugging different stages of 1891 | ; optimizations. 1892 | ;opcache.opt_debug_level=0 1893 | 1894 | ; Specifies a PHP script that is going to be compiled and executed at server 1895 | ; start-up. 1896 | ; http://php.net/opcache.preload 1897 | ;opcache.preload= 1898 | 1899 | ; Preloading code as root is not allowed for security reasons. This directive 1900 | ; facilitates to let the preloading to be run as another user. 1901 | ; http://php.net/opcache.preload_user 1902 | ;opcache.preload_user= 1903 | 1904 | ; Prevents caching files that are less than this number of seconds old. It 1905 | ; protects from caching of incompletely updated files. In case all file updates 1906 | ; on your site are atomic, you may increase performance by setting it to "0". 1907 | ;opcache.file_update_protection=2 1908 | 1909 | ; Absolute path used to store shared lockfiles (for *nix only). 1910 | ;opcache.lockfile_path=/tmp 1911 | 1912 | [curl] 1913 | ; A default value for the CURLOPT_CAINFO option. This is required to be an 1914 | ; absolute path. 1915 | ;curl.cainfo = 1916 | 1917 | [openssl] 1918 | ; The location of a Certificate Authority (CA) file on the local filesystem 1919 | ; to use when verifying the identity of SSL/TLS peers. Most users should 1920 | ; not specify a value for this directive as PHP will attempt to use the 1921 | ; OS-managed cert stores in its absence. If specified, this value may still 1922 | ; be overridden on a per-stream basis via the "cafile" SSL stream context 1923 | ; option. 1924 | ;openssl.cafile= 1925 | 1926 | ; If openssl.cafile is not specified or if the CA file is not found, the 1927 | ; directory pointed to by openssl.capath is searched for a suitable 1928 | ; certificate. This value must be a correctly hashed certificate directory. 1929 | ; Most users should not specify a value for this directive as PHP will 1930 | ; attempt to use the OS-managed cert stores in its absence. If specified, 1931 | ; this value may still be overridden on a per-stream basis via the "capath" 1932 | ; SSL stream context option. 1933 | ;openssl.capath= 1934 | 1935 | [ffi] 1936 | ; FFI API restriction. Possible values: 1937 | ; "preload" - enabled in CLI scripts and preloaded files (default) 1938 | ; "false" - always disabled 1939 | ; "true" - always enabled 1940 | ;ffi.enable=preload 1941 | 1942 | ; List of headers files to preload, wildcard patterns allowed. 1943 | ;ffi.preload= 1944 | -------------------------------------------------------------------------------- /build/docker/php/rr.yaml: -------------------------------------------------------------------------------- 1 | server: 2 | command: "php /srv/public/index.php" 3 | http: 4 | address: "0.0.0.0:9000" 5 | -------------------------------------------------------------------------------- /build/docker/server/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG NGINX_VERSION="1.19.10-alpine" 2 | FROM "nginx:${NGINX_VERSION}" AS base 3 | MAINTAINER Zan Baldwin "hello@zanbaldwin.com" 4 | 5 | # Compiles a statically-linked version of the init (PID 1) process bundled with Docker since v1.13 (API v1.25). 6 | # Alpine uses musl instead of glibc, so it's best not to use the dynamically-linked version. 7 | # See https://github.com/krallin/tini/issues/8#issuecomment-146135930 8 | RUN apk add --no-cache --virtual .tini-build-deps cmake gcc git libc-dev make \ 9 | && git clone 'git://github.com/krallin/tini.git' '/tmp/tini' \ 10 | && ( \ 11 | cd '/tmp/tini'; \ 12 | git checkout "$(git describe --tags)"; \ 13 | export CFLAGS='-DPR_SET_CHILD_SUBREAPER=36 -DPR_GET_CHILD_SUBREAPER=37'; \ 14 | cmake . && make; \ 15 | ) \ 16 | && mv '/tmp/tini/tini-static' '/tini' && chmod +x '/tini' \ 17 | && rm -rf '/tmp/tini' \ 18 | && apk del '.tini-build-deps' 19 | ENTRYPOINT [ "/tini", "--" ] 20 | CMD [ "nginx", "-g", "daemon off;" ] 21 | WORKDIR "/srv/public" 22 | EXPOSE 80 23 | EXPOSE 443 24 | 25 | RUN rm -rf "/etc/nginx/conf.d" \ 26 | && mkdir -p "/etc/nginx/conf.d" \ 27 | && mkdir -p "/srv/public" \ 28 | && [ -e "/srv/public/index.php" ] || touch "/srv/public/index.php" 29 | 30 | COPY "./acme.conf" "/etc/nginx/acme.conf" 31 | COPY "./challenges.conf" "/etc/nginx/challenges.conf" 32 | COPY "./ssl.conf" "/etc/nginx/ssl.conf" 33 | COPY "./server.conf" "/etc/nginx/conf.d/server.conf" 34 | 35 | ARG DOMAIN="localhost" 36 | RUN sed -i -e "s/\${DOMAIN}/${DOMAIN}/g" "/etc/nginx/conf.d/server.conf" 37 | 38 | # Create a new user with UID#1000 (the UID that the user on the host machine is likely to have). 39 | # Instruct Nginx to run as that user. 40 | ARG NGINX_USER="nginx" 41 | RUN apk add --no-cache --virtual .user-build-deps shadow \ 42 | && (userdel "nginx" || true) \ 43 | && useradd --no-create-home --uid 1000 --user-group "${NGINX_USER}" \ 44 | && sed -i -E "s/user\s+nginx/user ${NGINX_USER}/g" "/etc/nginx/nginx.conf" \ 45 | && apk del '.user-build-deps' 46 | 47 | FROM base AS swoole 48 | COPY "./proxy.conf" "/etc/nginx/php.conf" 49 | 50 | FROM base AS roadrunner 51 | COPY "./proxy.conf" "/etc/nginx/php.conf" 52 | 53 | FROM base AS fpm 54 | COPY "./fpm.conf" "/etc/nginx/php.conf" 55 | -------------------------------------------------------------------------------- /build/docker/server/acme.conf: -------------------------------------------------------------------------------- 1 | # Really basic configuration to serve files from /etc/letsencrypt/challenges for any request. 2 | user root; 3 | worker_processes auto; 4 | error_log /proc/self/fd/2 warn; 5 | pid /var/run/nginx.pid; 6 | events { 7 | worker_connections 1024; 8 | } 9 | http { 10 | include /etc/nginx/mime.types; 11 | default_type application/octet-stream; 12 | sendfile on; 13 | server { 14 | listen 80 default_server; 15 | listen [::]:80 default_server ipv6only=on; 16 | server_tokens off; 17 | include challenges.conf; 18 | location / { 19 | return 503; 20 | } 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /build/docker/server/challenges.conf: -------------------------------------------------------------------------------- 1 | location /.well-known/acme-challenge { 2 | root /etc/letsencrypt/challenges; 3 | log_not_found off; 4 | access_log off; 5 | allow all; 6 | try_files $uri =404; 7 | } 8 | -------------------------------------------------------------------------------- /build/docker/server/fpm.conf: -------------------------------------------------------------------------------- 1 | fastcgi_split_path_info '^(.+?\.php)(/.*)$'; 2 | if (!-f $document_root$fastcgi_script_name) { 3 | return 404; 4 | } 5 | try_files $uri $fastcgi_script_name =404; 6 | fastcgi_index index.php; 7 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 8 | fastcgi_param PATH_INFO $fastcgi_path_info; 9 | fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; 10 | fastcgi_param REDIRECT_STATUS 200; 11 | # Specify the HTTPS FCGI param. Some software, such as WordPress, is written so badly that it only understands 12 | # Apache-specific conventions. These two param declarations (plus the variable map above) should be enough to 13 | # detect if SSL was enabled at some point in the proxy. Standard HTTPS param is already specified in 14 | # fastcgi_params file. 15 | fastcgi_param HTTPS $fastcgi_https if_not_empty; 16 | 17 | fastcgi_intercept_errors on; 18 | fastcgi_buffer_size 512k; 19 | fastcgi_buffers 1024 16k; 20 | fastcgi_busy_buffers_size 1m; 21 | fastcgi_connect_timeout 60; 22 | fastcgi_send_timeout 180; 23 | fastcgi_read_timeout 180; 24 | fastcgi_temp_file_write_size 4m; 25 | fastcgi_max_temp_file_size 4m; 26 | 27 | include fastcgi_params; 28 | fastcgi_pass phpfpm; 29 | -------------------------------------------------------------------------------- /build/docker/server/proxy.conf: -------------------------------------------------------------------------------- 1 | proxy_pass http://php:9000; 2 | proxy_pass_request_headers on; 3 | proxy_set_header Host $http_host; 4 | proxy_set_header X-Real-IP $remote_addr; 5 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 6 | proxy_set_header X-Forwarded-Proto $scheme; 7 | proxy_set_header Upgrade $http_upgrade; 8 | -------------------------------------------------------------------------------- /build/docker/server/server.conf: -------------------------------------------------------------------------------- 1 | map $http_x_forwarded_proto $fastcgi_https { 2 | default ''; 3 | https on; 4 | } 5 | 6 | upstream phpfpm { 7 | server php:9000; 8 | } 9 | 10 | error_log /proc/self/fd/2 debug; 11 | 12 | server { 13 | listen 80 default_server; 14 | listen [::]:80 default_server; 15 | server_name ${DOMAIN}; 16 | server_tokens off; 17 | include challenges.conf; 18 | location / { 19 | return 301 https://localhost$request_uri; 20 | } 21 | } 22 | 23 | server { 24 | listen 443 default_server ssl http2; 25 | listen [::]:443 default_server ssl http2; 26 | server_name ${DOMAIN}; 27 | server_tokens off; 28 | include ssl.conf; 29 | include challenges.conf; 30 | charset utf-8; 31 | 32 | client_max_body_size 16m; 33 | client_body_buffer_size 128k; 34 | 35 | # If you want a different webroot, then use a symlink. 36 | root /srv/public; 37 | index index.php index.html index.htm; 38 | autoindex off; 39 | 40 | access_log /proc/self/fd/1 combined; 41 | 42 | # Block access to "hidden" files and directories whose names begin with a period. This includes directories used by 43 | # version control systems such as Subversion or Git to store control files. 44 | location ~ '(^|/)\.' { 45 | deny all; 46 | } 47 | # But allow "Well-Known URIs" as per RFC 5785. 48 | location ~* ^/.well-known/ { 49 | allow all; 50 | } 51 | 52 | location = /favicon.ico { 53 | log_not_found off; 54 | access_log off; 55 | } 56 | 57 | location = /robots.txt { 58 | allow all; 59 | try_files $uri $uri/ @robots; 60 | log_not_found off; 61 | access_log off; 62 | } 63 | # Fallback in case robots.txt doesn't exist. 64 | location @robots { 65 | return 200 "User-agent: *\nAllow: *\n"; 66 | } 67 | 68 | location / { 69 | # Push any resources listed in the Link header before the browser has requested it to speed up on HTTP/2. 70 | http2_push_preload on; 71 | # Warning for future me: the "try_files" directive is *LITERAL*, it means try a *FILE*. Only the *LAST* argument 72 | # will be treated as a fallback causing an internal rewrite (ie. the another location block). Do *NOT* put any 73 | # arguments after "/index.php" or you'll spend nearly two days trying to figure out why Nginx is serving the 74 | # literal contents of the index.php file as "application/octet-stream" MIME type. 75 | try_files $uri $uri/ /index.php$is_args$args; 76 | } 77 | 78 | # Deny access to any files with a .php extension in the uploads directory. 79 | # Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban). 80 | location ~* /(?:uploads|files)/.*\.php$ { 81 | deny all; 82 | } 83 | 84 | # Pass all PHP files onto PHP's Fast Process Manager server OR pass via proxy to a Swoole process. 85 | location ~* '[^/]\.php(/|$)' { 86 | include php.conf; 87 | } 88 | 89 | location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ { 90 | expires max; 91 | log_not_found off; 92 | } 93 | } 94 | -------------------------------------------------------------------------------- /build/docker/server/ssl.conf: -------------------------------------------------------------------------------- 1 | # Good Security is hard to configure! Don't do it yourself! Use https://ssl-config.mozilla.org/ 2 | 3 | ssl_certificate /etc/letsencrypt/live/docker/fullchain.pem; 4 | ssl_certificate_key /etc/letsencrypt/live/docker/privkey.pem; 5 | ssl_session_timeout 1d; 6 | ssl_session_cache shared:MozSSL:10m; 7 | ssl_session_tickets off; 8 | ## [sudo] openssl dhparam -out "/etc/letsencrypt/dhparam.pem" 4096 9 | ssl_dhparam /etc/letsencrypt/dhparam.pem; 10 | ssl_protocols TLSv1.2 TLSv1.3; 11 | ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; 12 | ssl_prefer_server_ciphers off; 13 | add_header Strict-Transport-Security "max-age=63072000" always; 14 | add_header X-XSS-Protection "1; mode=block"; 15 | add_header X-Frame-Options SAMEORIGIN; 16 | ssl_stapling on; 17 | ssl_stapling_verify on; 18 | ssl_trusted_certificate /etc/letsencrypt/live/docker/chain.pem; 19 | # Use Cloudflare's Nameserver resolver, with Google as a backup. 20 | resolver 1.1.1.1 8.8.8.8; 21 | -------------------------------------------------------------------------------- /composer.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "symfony/skeleton", 3 | "type": "project", 4 | "license": "MIT", 5 | "description": "A minimal Symfony project recommended to create bare bones applications", 6 | "minimum-stability": "dev", 7 | "prefer-stable": true, 8 | "require": { 9 | "php": ">=7.2.5", 10 | "ext-ctype": "*", 11 | "ext-iconv": "*", 12 | "symfony/flex": "^1.3.1", 13 | "runtime/roadrunner-symfony-nyholm": "^0.1", 14 | "runtime/swoole": "^0.1" 15 | }, 16 | "flex-require": { 17 | "symfony/console": "*", 18 | "symfony/dotenv": "*", 19 | "symfony/framework-bundle": "*", 20 | "symfony/runtime": "*", 21 | "symfony/yaml": "*" 22 | }, 23 | "require-dev": { 24 | }, 25 | "config": { 26 | "optimize-autoloader": true, 27 | "preferred-install": { 28 | "*": "dist" 29 | }, 30 | "sort-packages": true 31 | }, 32 | "autoload": { 33 | "psr-4": { 34 | "App\\": "src/" 35 | } 36 | }, 37 | "autoload-dev": { 38 | "psr-4": { 39 | "App\\Tests\\": "tests/" 40 | } 41 | }, 42 | "replace": { 43 | "symfony/polyfill-ctype": "*", 44 | "symfony/polyfill-iconv": "*", 45 | "symfony/polyfill-php72": "*" 46 | }, 47 | "scripts": { 48 | "auto-scripts": [ 49 | ], 50 | "post-install-cmd": [ 51 | "@auto-scripts" 52 | ], 53 | "post-update-cmd": [ 54 | "@auto-scripts" 55 | ] 56 | }, 57 | "conflict": { 58 | "symfony/symfony": "*" 59 | }, 60 | "extra": { 61 | "symfony": { 62 | "allow-contrib": false, 63 | "require": "5.3.*" 64 | } 65 | } 66 | } 67 | -------------------------------------------------------------------------------- /docker-compose.override.yaml: -------------------------------------------------------------------------------- 1 | version: '3.8' 2 | 3 | ## This file is meant to be used for developing on a local machine. 4 | ## Use only the main Compose file when deploying to production using: 5 | ## docker-compose -f docker-compose.yaml 6 | services: 7 | 8 | server: 9 | volumes: 10 | # Use self-generated certificates during development. 11 | - type: 'bind' 12 | source: './build/ssl' 13 | target: '/etc/letsencrypt' 14 | read_only: true 15 | 16 | database: 17 | volumes: 18 | # Use a volume for data during development instead of messing with 19 | # system directories. 20 | - type: 'volume' 21 | source: 'database' 22 | target: '/var/lib/mysql' 23 | read_only: false 24 | 25 | volumes: 26 | database: 27 | driver: 'local' 28 | -------------------------------------------------------------------------------- /docker-compose.yaml: -------------------------------------------------------------------------------- 1 | version: '3.8' 2 | 3 | x-logging: 4 | &default-logging 5 | driver: 'json-file' 6 | options: 7 | max-size: '5m' 8 | max-file: '1' 9 | 10 | services: 11 | 12 | server: 13 | image: 'zanbaldwin/server' 14 | build: 15 | context: './build/docker/server' 16 | target: '${RUNTIME:-fpm}' 17 | args: 18 | NGINX_VERSION: '1.21.0-alpine' 19 | DOMAIN: '${DOMAIN:-localhost}' 20 | restart: 'unless-stopped' 21 | ports: 22 | - target: 80 23 | published: '${WEB_PORT:-80}' 24 | protocol: 'tcp' 25 | mode: 'host' 26 | - target: 443 27 | published: '${SSL_PORT:-443}' 28 | protocol: 'tcp' 29 | mode: 'host' 30 | volumes: 31 | - type: 'bind' 32 | source: './public' 33 | target: '/srv/public' 34 | read_only: true 35 | - type: 'bind' 36 | source: '/etc/letsencrypt' 37 | target: '/etc/letsencrypt' 38 | read_only: true 39 | logging: *default-logging 40 | 41 | php: 42 | image: 'zanbaldwin/php' 43 | build: 44 | context: './build/docker/php' 45 | target: '${RUNTIME:-fpm}' 46 | args: 47 | PHP_VERSION: '8.0-fpm-alpine3.13' 48 | restart: 'unless-stopped' 49 | volumes: 50 | - type: 'bind' 51 | source: './' 52 | target: '/srv' 53 | read_only: false 54 | logging: *default-logging 55 | 56 | database: 57 | image: 'zanbaldwin/database' 58 | build: 59 | context: './build/docker/database' 60 | args: 61 | MYSQL_VERSION: '8.0.25' 62 | restart: 'unless-stopped' 63 | environment: 64 | MYSQL_ROOT_PASSWORD_FILE: '/run/secrets/dbpass' 65 | MYSQL_DATABASE: '${DB_NAME:-main}' 66 | volumes: 67 | - type: 'bind' 68 | source: '/var/lib/mysql' 69 | target: '/var/lib/mysql' 70 | read_only: false 71 | secrets: 72 | - 'dbpass' 73 | logging: *default-logging 74 | 75 | secrets: 76 | dbpass: 77 | file: './build/.secrets/dbpass' 78 | --------------------------------------------------------------------------------