From 50bf6c01f4382a14fa1d1739fc4c05bb3db799c3 Mon Sep 17 00:00:00 2001
From: Davide Aprea <davide@suma-ev.de>
Date: Thu, 18 Feb 2021 15:52:45 +0100
Subject: [PATCH] create docker container *WIP*
---
Dockerfile | 70 +++++++++++++++++++++++++++++++++++
DockerfileDev | 62 +++++++++++++++++++++++++++++++
config/nginx-default-dev.conf | 56 ++++++++++++++++++++++++++++
config/nginx-default.conf | 55 +++++++++++++++++++++++++++
config/nginx.conf | 34 +++++++++++++++++
docker-compose.yaml | 37 ++++++++++++++++++
6 files changed, 314 insertions(+)
create mode 100644 Dockerfile
create mode 100644 DockerfileDev
create mode 100644 config/nginx-default-dev.conf
create mode 100644 config/nginx-default.conf
create mode 100644 config/nginx.conf
create mode 100644 docker-compose.yaml
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..0a7f074
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,70 @@
+FROM debian:10
+
+# Install System Components
+RUN apt update \
+ && apt install -y \
+ nginx \
+ tzdata \
+ cron \
+ lsb-release \
+ apt-transport-https \
+ curl
+
+RUN curl -o /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg \
+ && echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | tee /etc/apt/sources.list.d/php.list
+
+# Install PHP Components
+RUN apt update \
+ && apt install -y \
+ php7.4 \
+ php7.4-fpm \
+ php7.4-json \
+ php7.4-bcmath \
+ php7.4-ctype \
+ php7.4-mbstring \
+ php7.4-pdo \
+ php7.4-tokenizer \
+ php7.4-xml \
+ php7.4-curl \
+ php7.4-dom \
+ php7.4-fileinfo \
+ php7.4-redis
+
+WORKDIR /html
+
+RUN sed -i 's/error_log = \/var\/log\/php7.4-fpm.log/error_log = \/dev\/stderr/g' /etc/php/7.4/fpm/php-fpm.conf && \
+ sed -i 's/;daemonize = yes/daemonize = no/g' /etc/php/7.4/fpm/php-fpm.conf && \
+ mkdir -p /run/php && \
+ sed -i 's/listen = \/run\/php\/php7.4-fpm.sock/listen = 9000/g' /etc/php/7.4/fpm/pool.d/www.conf && \
+ sed -i 's/decorate_workers_output = no/decorate_workers_output = no/g' /etc/php/7.4/fpm/pool.d/www.conf && \
+ sed -i 's/user = nobody/user = www-data/g' /etc/php/7.4/fpm/pool.d/www.conf && \
+ sed -i 's/group = nobody/group = www-data/g' /etc/php/7.4/fpm/pool.d/www.conf && \
+ sed -i 's/pm.max_children = 5/pm.max_children = 1024/g' /etc/php/7.4/fpm/pool.d/www.conf && \
+ sed -i 's/pm.start_servers = 2/pm.start_servers = 50/g' /etc/php/7.4/fpm/pool.d/www.conf && \
+ sed -i 's/pm.min_spare_servers = 1/pm.min_spare_servers = 5/g' /etc/php/7.4/fpm/pool.d/www.conf && \
+ sed -i 's/pm.max_spare_servers = 3/pm.max_spare_servers = 50/g' /etc/php/7.4/fpm/pool.d/www.conf && \
+ sed -i 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' /etc/php/7.4/fpm/php.ini && \
+ sed -i 's/expose_php = On/expose_php = Off/g' /etc/php/7.4/fpm/php.ini && \
+ # Opcache configuration
+ sed -i 's/;opcache.enable=1/opcache.enable=1/g' /etc/php/7.4/fpm/php.ini && \
+ sed -i 's/;opcache.memory_consumption=128/opcache.memory_consumption=128/g' /etc/php/7.4/fpm/php.ini && \
+ sed -i 's/;opcache.interned_strings_buffer=8/opcache.interned_strings_buffer=8/g' /etc/php/7.4/fpm/php.ini && \
+ sed -i 's/;opcache.max_accelerated_files=10000/opcache.max_accelerated_files=10000/g' /etc/php/7.4/fpm/php.ini && \
+ sed -i 's/;opcache.max_wasted_percentage=5/opcache.max_wasted_percentage=5/g' /etc/php/7.4/fpm/php.ini && \
+ sed -i 's/;opcache.validate_timestamps=1/opcache.validate_timestamps=1/g' /etc/php/7.4/fpm/php.ini && \
+ sed -i 's/;opcache.revalidate_freq=2/opcache.revalidate_freq=300/g' /etc/php/7.4/fpm/php.ini && \
+ cp /usr/share/zoneinfo/Europe/Berlin /etc/localtime && \
+ echo "Europe/Berlin" > /etc/timezone && \
+ (crontab -l ; echo "* * * * * php /html/artisan schedule:run >> /dev/null 2>&1") | crontab -
+
+
+COPY config/nginx.conf /etc/nginx/nginx.conf
+COPY config/nginx-default.conf /etc/nginx/sites-available/default
+RUN sed -i 's/fastcgi_pass phpfpm:9000;/fastcgi_pass localhost:9000;/g' /etc/nginx/sites-available/default
+COPY --chown=root:www-data . /html
+
+WORKDIR /html
+EXPOSE 80
+
+CMD cron -L /dev/stdout && \
+ php-fpm7.4 -F -R
diff --git a/DockerfileDev b/DockerfileDev
new file mode 100644
index 0000000..f2c43b0
--- /dev/null
+++ b/DockerfileDev
@@ -0,0 +1,62 @@
+FROM debian:10
+
+# Install System Components
+RUN apt update \
+ && apt install -y \
+ nginx \
+ tzdata \
+ cron \
+ lsb-release \
+ apt-transport-https \
+ curl
+
+RUN curl -o /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg \
+ && echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | tee /etc/apt/sources.list.d/php.list
+
+# Install PHP Components
+RUN apt update \
+ && apt install -y \
+ php7.4 \
+ php7.4-fpm \
+ php7.4-json \
+ php7.4-bcmath \
+ php7.4-ctype \
+ php7.4-mbstring \
+ php7.4-pdo \
+ php7.4-tokenizer \
+ php7.4-xml \
+ php7.4-curl \
+ php7.4-dom \
+ php7.4-fileinfo \
+ php7.4-redis \
+ php7.4-xdebug
+
+WORKDIR /html
+
+RUN sed -i 's/error_log = \/var\/log\/php7.4-fpm.log/error_log = \/dev\/stderr/g' /etc/php/7.4/fpm/php-fpm.conf && \
+ sed -i 's/;daemonize = yes/daemonize = no/g' /etc/php/7.4/fpm/php-fpm.conf && \
+ mkdir -p /run/php && \
+ sed -i 's/listen = \/run\/php\/php7.4-fpm.sock/listen = 9000/g' /etc/php/7.4/fpm/pool.d/www.conf && \
+ sed -i 's/decorate_workers_output = no/decorate_workers_output = no/g' /etc/php/7.4/fpm/pool.d/www.conf && \
+ sed -i 's/user = nobody/user = www-data/g' /etc/php/7.4/fpm/pool.d/www.conf && \
+ sed -i 's/group = nobody/group = www-data/g' /etc/php/7.4/fpm/pool.d/www.conf && \
+ sed -i 's/pm.max_children = 5/pm.max_children = 100/g' /etc/php/7.4/fpm/pool.d/www.conf && \
+ sed -i 's/pm.start_servers = 2/pm.start_servers = 5/g' /etc/php/7.4/fpm/pool.d/www.conf && \
+ sed -i 's/pm.min_spare_servers = 1/pm.min_spare_servers = 5/g' /etc/php/7.4/fpm/pool.d/www.conf && \
+ sed -i 's/pm.max_spare_servers = 3/pm.max_spare_servers = 25/g' /etc/php/7.4/fpm/pool.d/www.conf && \
+ sed -i 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' /etc/php/7.4/fpm/php.ini && \
+ sed -i 's/expose_php = On/expose_php = Off/g' /etc/php/7.4/fpm/php.ini && \
+ sed -i 's/;zend_extension=xdebug.so/zend_extension=xdebug.so/g' /etc/php/7.4/fpm/conf.d/20-xdebug.ini && \
+ echo "xdebug.remote_enable = 1" >> /etc/php/7.4/fpm/conf.d/20-xdebug.ini && \
+ echo "xdebug.remote_autostart = 1" >> /etc/php/7.4/fpm/conf.d/20-xdebug.ini && \
+ echo "xdebug.remote_connect_back = 1" >> /etc/php/7.4/fpm/conf.d/20-xdebug.ini && \
+ echo "xdebug.idekey=VSCODE" >> /etc/php/7.4/fpm/conf.d/20-xdebug.ini && \
+ cp /usr/share/zoneinfo/Europe/Berlin /etc/localtime && \
+ echo "Europe/Berlin" > /etc/timezone && \
+ (crontab -l ; echo "* * * * * php /html/artisan schedule:run >> /dev/null 2>&1") | crontab -
+
+WORKDIR /html
+EXPOSE 80
+
+CMD cron -L /dev/stdout && \
+ php-fpm7.4 -F -R
diff --git a/config/nginx-default-dev.conf b/config/nginx-default-dev.conf
new file mode 100644
index 0000000..0529f83
--- /dev/null
+++ b/config/nginx-default-dev.conf
@@ -0,0 +1,56 @@
+server {
+ listen 80;
+ server_name localhost;
+ root /html/public;
+ index index.php index.html index.htm;
+
+ add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; script-src-attr 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; connect-src 'self'; frame-src 'self'; frame-ancestors 'self'; form-action 'self'";
+ #charset koi8-r;
+ #access_log /var/log/nginx/host.access.log main;
+
+ location / {
+ try_files $uri $uri/ /index.php?$query_string;
+ }
+
+ location ~ \.php$ {
+ try_files $uri /index.php =404;
+ fastcgi_split_path_info ^(.+\.php)(/.+)$;
+ fastcgi_pass phpfpm:9000;
+ fastcgi_index index.php;
+ fastcgi_read_timeout 900;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include fastcgi_params;
+ }
+
+ #error_page 404 /404.html;
+
+ # redirect server error pages to the static page /50x.html
+ #
+ error_page 500 502 503 504 /50x.html;
+ location = /50x.html {
+ root /usr/share/nginx/html;
+ }
+
+ # proxy the PHP scripts to Apache listening on 127.0.0.1:80
+ #
+ #location ~ \.php$ {
+ # proxy_pass http://127.0.0.1;
+ #}
+
+ # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
+ #
+ #location ~ \.php$ {
+ # root html;
+ # fastcgi_pass 127.0.0.1:9000;
+ # fastcgi_index index.php;
+ # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
+ # include fastcgi_params;
+ #}
+
+ # deny access to .htaccess files, if Apache's document root
+ # concurs with nginx's one
+ #
+ #location ~ /\.ht {
+ # deny all;
+ #}
+}
diff --git a/config/nginx-default.conf b/config/nginx-default.conf
new file mode 100644
index 0000000..45f95f0
--- /dev/null
+++ b/config/nginx-default.conf
@@ -0,0 +1,55 @@
+server {
+ listen 80;
+ server_name localhost;
+ root /html/public;
+ index index.php index.html index.htm;
+
+ add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; script-src-attr 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; connect-src 'self'; frame-src 'self'; frame-ancestors 'self'; form-action 'self'";
+ #charset koi8-r;
+ #access_log /var/log/nginx/host.access.log main;
+
+ location / {
+ try_files $uri $uri/ /index.php?$query_string;
+ }
+
+ location ~ \.php$ {
+ try_files $uri /index.php =404;
+ fastcgi_split_path_info ^(.+\.php)(/.+)$;
+ fastcgi_pass phpfpm:9000;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include fastcgi_params;
+ }
+
+ #error_page 404 /404.html;
+
+ # redirect server error pages to the static page /50x.html
+ #
+ error_page 500 502 503 504 /50x.html;
+ location = /50x.html {
+ root /usr/share/nginx/html;
+ }
+
+ # proxy the PHP scripts to Apache listening on 127.0.0.1:80
+ #
+ #location ~ \.php$ {
+ # proxy_pass http://127.0.0.1;
+ #}
+
+ # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
+ #
+ #location ~ \.php$ {
+ # root html;
+ # fastcgi_pass 127.0.0.1:9000;
+ # fastcgi_index index.php;
+ # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
+ # include fastcgi_params;
+ #}
+
+ # deny access to .htaccess files, if Apache's document root
+ # concurs with nginx's one
+ #
+ #location ~ /\.ht {
+ # deny all;
+ #}
+}
diff --git a/config/nginx.conf b/config/nginx.conf
new file mode 100644
index 0000000..5bd0a6e
--- /dev/null
+++ b/config/nginx.conf
@@ -0,0 +1,34 @@
+user www-data;
+worker_processes auto;
+
+error_log /dev/stdout warn;
+pid /run/nginx.pid;
+
+daemon off;
+
+events {
+ worker_connections 1024;
+}
+
+
+http {
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+ log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+ '$status $body_bytes_sent "$http_referer" '
+ '"$http_user_agent" "$http_x_forwarded_for"';
+
+ access_log /dev/null main;
+
+ sendfile on;
+ #tcp_nopush on;
+
+ keepalive_timeout 5;
+ keepalive_requests 50;
+
+ gzip on;
+
+ include /etc/nginx/conf.d/*.conf;
+ include /etc/nginx/sites-enabled/*;
+}
diff --git a/docker-compose.yaml b/docker-compose.yaml
new file mode 100644
index 0000000..797d820
--- /dev/null
+++ b/docker-compose.yaml
@@ -0,0 +1,37 @@
+version: '3.7'
+services:
+ phpdeps:
+ image: prooph/composer:7.3
+ volumes:
+ - .:/app
+ command: install
+ assets:
+ image: node:10
+ volumes:
+ - .:/usr/src/app
+ working_dir: /usr/src/app
+ command: bash -c "npm install && npm run watch"
+ phpfpm:
+ depends_on:
+ - "phpdeps"
+ - "assets"
+ restart: on-failure
+ build:
+ context: .
+ dockerfile: DockerfileDev
+ image: searx-proxy:latest
+ working_dir: /html
+ volumes:
+ - .:/html
+ web:
+ depends_on:
+ - "phpfpm"
+ image: searx-proxy:latest
+ working_dir: /html
+ command: nginx
+ volumes:
+ - .:/html
+ - ./config/nginx.conf:/etc/nginx/nginx.conf
+ - ./config/nginx-default-dev.conf:/etc/nginx/sites-available/default
+ ports:
+ - "8080:80"
--
GitLab