Commit b7bae90d authored by Dave Lane's avatar Dave Lane

shifting to a sample docker-compose.yml file and updated nginx conf

parents 6f162bba 55ff8f1f
Pipeline #253 canceled with stages
...@@ -8,19 +8,27 @@ services: ...@@ -8,19 +8,27 @@ services:
networks: networks:
default: default:
aliases: aliases:
<<<<<<< HEAD:docker-compose.yml
- redis.grav.troy - redis.grav.troy
=======
- redis.grav.nzoss.nz
>>>>>>> 55ff8f1fcedb9b67997ba36bc88ccd2bdae35535:docker-compose.yml.sample
app: app:
image: kiwilightweight/grav image: kiwilightweight/grav
links: links:
- redis - redis
volumes: volumes:
- /home/dave/Projects/grav/new:/var/www/html - /home/data/nzoss/grav:/var/www/html
restart: restart:
unless-stopped unless-stopped
networks: networks:
default: default:
aliases: aliases:
<<<<<<< HEAD:docker-compose.yml
- grav.troy - grav.troy
=======
- grav.nzoss.nz
>>>>>>> 55ff8f1fcedb9b67997ba36bc88ccd2bdae35535:docker-compose.yml.sample
nginx: nginx:
image: oeru/nginx-jessie image: oeru/nginx-jessie
links: links:
...@@ -31,9 +39,13 @@ services: ...@@ -31,9 +39,13 @@ services:
volumes: volumes:
- ./nginx:/etc/nginx/conf.d - ./nginx:/etc/nginx/conf.d
- ./nginx/cache:/var/cache/nginx - ./nginx/cache:/var/cache/nginx
- /home/dave/Projects/grav/new:/var/www/html - /home/data/nzoss/grav:/var/www/html
restart: unless-stopped restart: unless-stopped
networks: networks:
default: default:
aliases: aliases:
<<<<<<< HEAD:docker-compose.yml
- nginx.grav.troy - nginx.grav.troy
=======
- nginx.grav.nzoss.nz
>>>>>>> 55ff8f1fcedb9b67997ba36bc88ccd2bdae35535:docker-compose.yml.sample
...@@ -11,12 +11,25 @@ server { ...@@ -11,12 +11,25 @@ server {
# to use `/subfolder/index.php` # to use `/subfolder/index.php`
location / { location / {
try_files $uri $uri/ /index.php?$query_string; try_files $uri $uri/ /index.php?$query_string;
#try_files $uri $uri/ /index.php;
} }
## End - Index ## End - Index
## Begin - PHP-FPM Configuration ## Begin - Security
# deny all direct access for these folders
location ~* /(\.git|cache|bin|logs|backup|tests)/.*$ { return 403; }
# deny running scripts inside core system folders
location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny running scripts inside user folder
location ~* /user/.*\.(txt|md|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny access to specific files in the root folder
location ~ /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) { return 403; }
## End - Security
## Begin - PHP
location ~ \.php$ { location ~ \.php$ {
# Choose either a socket or TCP/IP address # Choose either a socket or TCP/IP address
#fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_pass app:9000; fastcgi_pass app:9000;
fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_split_path_info ^(.+\.php)(/.+)$;
...@@ -24,9 +37,8 @@ server { ...@@ -24,9 +37,8 @@ server {
include fastcgi_params; include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name; fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
} }
## End - PHP
client_max_body_size 100m; client_max_body_size 100m;
<<<<<<< HEAD
## Begin - Security ## Begin - Security
# deny all direct access for these folders # deny all direct access for these folders
...@@ -38,4 +50,7 @@ server { ...@@ -38,4 +50,7 @@ server {
# deny access to specific files in the root folder # deny access to specific files in the root folder
location ~ /(LICENSEi\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) { return 403; } location ~ /(LICENSEi\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) { return 403; }
## End - Security ## End - Security
=======
## End - PHP
>>>>>>> 55ff8f1fcedb9b67997ba36bc88ccd2bdae35535
} }
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment