Commit ae3e0feb authored by Dave Lane's avatar Dave Lane

initial commit borrowing the best from my recent grav docker container update

parents
docker-compose.yml
nginx/cache
This diff is collapsed.
This [Docker Compose](https://docs.docker.com/compose/) recipe creates a set of 3 Docker containers which should let you run a very efficient [Grav](https://getgrav.org) website (or multiple sites).
It provides a container based on Debian Stretch running the latest PHP (7.2 as of this edit) in FPM mode, with an Nginx container for serving it (you will need to have a reverse proxy to serve it and - I recommend - provide HTTPS support - I provide an example Nginx proxy configuration for this), and, for caching performance, an optional Redis container. Support for all of these is compiled into the PHP container.
## Quick start
To quickly get underway, you should be able to copy the sample docker-compose.yml-sample to docker-compose.yml
`cp docker-compose.yml-sample docker-compose.yml`
and edit the tokens (marked with []) to suit your setup.
Then you can get started with `docker-compose up -d && docker-compose logs -f`... if you want to log out, use CTRL-C to exit the log stream. Your containers should continue running.
version: "3"
services:
redis:
image: redis:4-alpine
restart:
unless-stopped
networks:
default:
aliases:
- redis.[grav.local]
app:
image: kiwilightweight/php7-fpm
links:
- redis
volumes:
- [path-to-my-grav-data]:/var/www/html
restart:
unless-stopped
networks:
default:
aliases:
- [grav.local]
nginx:
image: kiwilightweight/nginx
links:
- app
- redis
ports:
- "127.0.0.1:8081:80"
volumes:
- ./nginx:/etc/nginx/conf.d
- ./nginx/cache:/var/cache/nginx
- [path-to-my-grav-data]:/var/www/html
restart: unless-stopped
networks:
default:
aliases:
- nginx.[grav.local]
FROM debian
# Forked from:
# MAINTAINER Real Geeks "kevin@realgeeks.com"
# MAINTAINER Eric McNiece "hello@emc2innovation.com"
MAINTAINER Dave Lane <dave@davelane.nz> @lightweight@mastodon.nzoss.nz
ENV NGINX_VERSION=1.13.7
ENV NGX_CACHE_PURGE_VERSION=2.3
# Install basic packages and build tools
RUN apt-get update && apt-get install -y \
wget \
build-essential \
libssl-dev \
libpcre3 \
libpcre3-dev \
&& apt-get clean
# Get sources
RUN cd /tmp && wget http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz http://labs.frickle.com/files/ngx_cache_purge-$NGX_CACHE_PURGE_VERSION.tar.gz && \
tar -zxvf nginx-$NGINX_VERSION.tar.gz && mv nginx-$NGINX_VERSION nginx && rm nginx-$NGINX_VERSION.tar.gz && \
tar -zxvf ngx_cache_purge-$NGX_CACHE_PURGE_VERSION.tar.gz && mv ngx_cache_purge-$NGX_CACHE_PURGE_VERSION ngx_cache_purge && rm ngx_cache_purge-$NGX_CACHE_PURGE_VERSION.tar.gz
# get build dependencies
RUN apt-get install -y \
libgeoip-dev zlib1g-dev
# Configure and build software
RUN cd /tmp/nginx && ./configure \
--user=www-data \
--group=www-data \
--sbin-path=/usr/local/sbin \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--http-client-body-temp-path=/var/cache/nginx/client_temp \
--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \
--http-proxy-temp-path=/var/cache/nginx/proxy_temp \
--http-scgi-temp-path=/var/cache/nginx/scgi_temp \
--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \
--with-compat \
--with-file-aio \
--with-http_addition_module \
--with-http_gzip_static_module \
--with-http_ssl_module \
--with-http_geoip_module \
--with-http_flv_module \
--with-http_sub_module \
--with-http_realip_module \
--with-http_dav_module \
--with-http_gunzip_module \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_auth_request_module \
--without-http_ssi_module \
--with-threads \
--with-stream \
--with-stream_ssl_module \
--with-http_v2_module \
--with-ipv6 \
--without-mail_pop3_module \
--without-mail_imap_module \
--without-mail_smtp_module \
--with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic' \
--add-module=/tmp/ngx_cache_purge && \
make && make install
# userful resource https://gist.github.com/ealebed/a55170049830b75c0f339ea4e8d6d21b
# Install basic necessities
RUN apt-get install -y \
less \
dnsutils \
vim \
sudo \
telnet \
&& apt-get clean
# Copy configuration files into /etc/nginx and clean up config file to point to
# correct root
RUN mkdir /var/www && \
mv /usr/local/nginx/html /var/www/html && \
chown -R www-data:www-data /var/www/html && \
mkdir -p /etc/nginx/conf.d
# set up a known good nginx.conf
COPY nginx.conf /etc/nginx/nginx.conf
# Forward request and error logs to docker log collector
RUN ln -sf /dev/stdout /var/log/nginx/access.log && \
ln -sf /dev/stderr /var/log/nginx/error.log \
ls /var/www \
ln -sf /usr/local/nginx /var/www
VOLUME ["/etc/nginx/conf.d", "/var/www/html", "/var/cache/nginx"]
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]
## HTTP server.
server {
listen 0.0.0.0:80;
server_name default;
root /var/www/html;
index index.php index.html;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Very rarely should these ever be accessed outside of your lan
location ~* \.(txt|log)$ {
allow 192.168.0.0/16;
deny all;
}
location ~ \..*/.*\.php$ { return 403; }
location ~ ^/sites/.*/private/ { return 403; }
# Allow "Well-Known URIs" as per RFC 5785
location ~* ^/.well-known/ { allow all; }
# Block access to "hidden" files and directories whose names begin with a
# period. This includes directories used by version control systems such
# as Subversion or Git to store control files.
location ~ (^|/)\. {
return 403;
}
location / {
try_files $uri @rewrite; # For Drupal <= 6
}
location @rewrite {
rewrite ^/(.*)$ /index.php;
}
# Tweaked from https://www.drupal.org/project/ais
location ~* /(?:.+)/files/styles/adaptive/(?:.+)$ {
if ( $http_cookie ~* "ais=(?<ais_cookie>[a-z0-9-_]+)" ) {
rewrite ^/(.+)/files/styles/adaptive/(.+)$ /$1/files/styles/$ais_cookie/$2 last;
}
access_log off;
add_header X-Header "AIS Generator 1.0";
set $nocache_details "Skip";
try_files $uri @rewrite;
}
# Don't allow direct access to PHP files in the vendor directory.
location ~ /vendor/.*\.php$ {
deny all;
return 404;
}
location ~ '\.php$|^/update.php' {
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_intercept_errors on;
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
fastcgi_read_timeout 2400;
#include fastcgi_params;
include fastcgi.conf;
fastcgi_pass app:9000;
}
# Fighting with Styles? This little gem is amazing.
location ~ ^/sites/.*/files/imagecache/ { # For Drupal <= 6
try_files $uri @rewrite;
}
location ^~ /system/files/ {
log_not_found off;
access_log off;
expires 30d;
try_files $uri @rewrite;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
try_files $uri @rewrite;
expires max;
log_not_found off;
}
}
## HTTP server.
server {
listen 0.0.0.0:80;
server_name default;
root /var/www/html;
index index.php index.html;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Very rarely should these ever be accessed outside of your lan
location ~* \.(txt|log)$ {
allow 192.168.0.0/16;
deny all;
}
location ~ \..*/.*\.php$ { return 403; }
location ~ ^/sites/.*/private/ { return 403; }
# Allow "Well-Known URIs" as per RFC 5785
location ~* ^/.well-known/ { allow all; }
# Block access to "hidden" files and directories whose names begin with a
# period. This includes directories used by version control systems such
# as Subversion or Git to store control files.
location ~ (^|/)\. {
return 403;
}
location / {
try_files $uri @rewrite; # For Drupal <= 6
}
location @rewrite {
rewrite ^/(.*)$ /index.php?q=$1;
}
# Don't allow direct access to PHP files in the vendor directory.
location ~ /vendor/.*\.php$ {
deny all;
return 404;
}
location ~ '\.php$|^/update.php' {
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
# Security note: If you're running a version of PHP older than the
# latest 5.3, you should have "cgi.fix_pathinfo = 0;" in php.ini.
# See http://serverfault.com/q/627903/94922 for details.
include fastcgi_params;
# Block httpoxy attacks. See https://httpoxy.org/.
fastcgi_param HTTP_PROXY "";
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param QUERY_STRING $query_string;
fastcgi_intercept_errors on;
# PHP 5 socket location.
fastcgi_pass app:9000;
}
# Fighting with Styles? This little gem is amazing.
location ~ ^/sites/.*/files/imagecache/ { # For Drupal <= 6
try_files $uri @rewrite;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
try_files $uri @rewrite;
expires max;
log_not_found off;
}
}
server {
listen 0.0.0.0:80;
index index.html index.php;
## Web root and Domain Name
root /var/www/html;
server_name default;
## Begin - Index
# for subfolders, simply adjust the rewrite:
# to use `/subfolder/index.php`
location / {
try_files $uri $uri/ /index.php?$query_string;
#try_files $uri $uri/ /index.php;
}
## End - Index
## Begin - Security
# deny all direct access for these folders
location ~* /(\.git|cache|bin|logs|backup|tests)/.*$ { return 403; }
# deny running scripts inside core system folders
location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny running scripts inside user folder
location ~* /user/.*\.(txt|md|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny access to specific files in the root folder
location ~ /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) { return 403; }
## End - Security
## Begin - PHP
location ~ \.php$ {
# Choose either a socket or TCP/IP address
#fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_pass app:9000;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
}
client_max_body_size 100m;
## Begin - Security
# deny all direct access for these folders
location ~* /(\.git|cache|bin|logs|backups)/.*$ { return 403; }
# deny running scripts inside core system folders
location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny running scripts inside user folder
location ~* /user/.*\.(txt|md|yaml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny access to specific files in the root folder
location ~ /(LICENSEi\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) { return 403; }
## End - Security
}
# Caching configuration
# https://easyengine.io/wordpress-nginx/tutorials/multisite/subdirectories/fastcgi-cache-with-purging/
#
#fastcgi_cache_path /var/cache/nginx levels=1:2 keys_zone=WORDPRESS:500m inactive=60m;
#fastcgi_cache_key "$scheme$request_method$host$request_uri";
#fastcgi_cache_use_stale error timeout invalid_header http_500;
# from https://www.nginx.com/resources/wiki/start/topics/recipes/wordpress/
#
# using subdir approach, not subdomain...
map $uri $blogname{
~^(?P<blogpath>/[^/]+/)files/(.*) $blogpath ;
}
map $blogname $blogid{
default -999;
#Ref: http://wordpress.org/extend/plugins/nginx-helper/
include /var/www/html/wp-content/uploads/nginx-helper/map.conf;
}
# statements for each of your virtual hosts to this file
server {
listen 0.0.0.0:80;
root /var/www/html;
index index.php index.html index.htm;
#
# Caching configuration
#
#fastcgi_cache start
set $skip_cache 1;
# POST requests and urls with a query string should always go to PHP
if ($request_method = POST) { set $skip_cache 1; }
if ($query_string != "") { set $skip_cache 1; }
# Don't cache uris containing the following segments
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php|wp-.*.php|/feed/|index.php|wp-comments-popup.php|wp-links-opml.php|wp-locations.php|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
set $skip_cache 1;
}
# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $skip_cache 1;
}
# end main Caching functionality
#
# Flow of serving pages
#
# from https://www.nginx.com/resources/wiki/start/topics/recipes/wordpress/
#avoid php readfile()
location ^~ /blogs.dir {
internal;
alias /var/www/html/wp-content/blogs.dir;
access_log off; log_not_found off; expires max;
}
if (!-e $request_filename) {
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
rewrite ^(/[^/]+)?(/wp-.*) $2 last;
rewrite ^(/[^/]+)?(/.*\.php) $2 last;
}
# from https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-with-nginx-on-ubuntu-14-04
# with other bits from https://premium.wpmudev.org/blog/wordpress-multisite-wordpress-nginx/
location / {
try_files $uri $uri/ /index.php?$args;
}
error_page 404 /404.html;
# Directives to send expires headers and turn off 404 error logging.
location ~* ^.+\.(xml|ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
access_log off; log_not_found off; expires max;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass php:9000;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_keep_conn on;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_intercept_errors on;
fastcgi_buffer_size 128k;
fastcgi_buffers 256 16k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
#
# caching functionality
# fastcgi_cache_bypass $skip_cache;
# fastcgi_no_cache $skip_cache;
# fastcgi_cache WORDPRESS;
# fastcgi_cache_valid 60m;
}
#
# caching functionality
# location ~ /purge(/.*) { fastcgi_cache_purge WORDPRESS "$scheme$request_method$host$1"; }
location = /favicon.ico { log_not_found off; access_log off; }
location = /robots.txt { allow all; log_not_found off; access_log off; }
location ~ ^(/[^/]+/)?files/(.+) {
try_files /wp-content/blogs.dir/$blogid/files/$2 /wp-includes/ms-files.php?file=$2 ;
access_log off; log_not_found off; expires max;
}
}
server {
listen 0.0.0.0:80;
index index.html index.php;
## Web root and Domain Name
root /var/www/html;
server_name default;
## Begin - Index
# for subfolders, simply adjust the rewrite:
# to use `/subfolder/index.php`
location / {
try_files $uri $uri/ /index.php?$query_string;
#try_files $uri $uri/ /index.php;
}
## End - Index
## Begin - Security
# deny all direct access for these folders
location ~* /(\.git|cache|bin|logs|backup|tests)/.*$ { return 403; }
# deny running scripts inside core system folders
location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny running scripts inside user folder
location ~* /user/.*\.(txt|md|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny access to specific files in the root folder
location ~ /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) { return 403; }
## End - Security
## Begin - PHP
location ~ \.php$ {
# Choose either a socket or TCP/IP address
#fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_pass app:9000;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
}
client_max_body_size 100m;
## Begin - Security
# deny all direct access for these folders
location ~* /(\.git|cache|bin|logs|backups)/.*$ { return 403; }
# deny running scripts inside core system folders
location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny running scripts inside user folder
location ~* /user/.*\.(txt|md|yaml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny access to specific files in the root folder
location ~ /(LICENSEi\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) { return 403; }
## End - Security
}
# this is for silverstripe
server {
listen 0.0.0.0:80;
include mime.types;
default_type application/octet-stream;
client_max_body_size 0; # Manage this in php.ini (upload_max_filesize & post_max_size)
root /var/www/html;
server_name default;
# Defend against SS-2015-013 -- http://www.silverstripe.org/software/download/security-releases/ss-2015-013
if ($http_x_forwarded_host) {
return 400;
}
location / {
try_files $uri /index.php?$query_string;
}
error_page 404 /assets/error-404.html;
error_page 500 /assets/error-500.html;
# See caveats
error_page 502 /assets/error-500.html;
error_page 503 /assets/error-500.html;
location ^~ /assets/ {
sendfile on;
try_files $uri =404;
}
location /index.php {
fastcgi_buffer_size 32k;
fastcgi_busy_buffers_size 64k;
fastcgi_buffers 4 32k;
fastcgi_keep_conn on;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
user www-data;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
FROM php:7-fpm
MAINTAINER Dave Lane <dave@oerfoundation.org> (@lightweight)
RUN apt-get update && apt-get install -y software-properties-common apt-utils
ENV DEBIAN_FRONTEND="noninteractive"
#RUN add-apt-repository ppa:ondrej/php
# Install PHP extensions
RUN apt-get update && apt-get install -y apt-utils git less libbz2-dev libc-client-dev \
libcurl4-gnutls-dev libicu-dev libkrb5-dev libmcrypt-dev libpng-dev \
libpspell-dev libssl-dev libxml2-dev mariadb-client telnet unzip zip
RUN apt-get install -y net-tools vim dnsutils
# install cron and msmtp for outgoing email
RUN apt-get install -y cron msmtp sudo
RUN apt-get install -y --no-install-recommends libpq-dev
RUN docker-php-ext-configure imap --with-imap --with-imap-ssl --with-kerberos
# RUN docker-php-ext-install bz2 curl imap intl mbstring mcrypt \
RUN docker-php-ext-install bz2 curl imap intl mbstring \
pspell opcache pdo pdo_mysql pdo_pgsql pspell soap xmlrpc zip
# install PHPRedis
ENV PHPREDIS_VERSION 4.1.1
RUN docker-php-source extract \
&& curl -L -o /tmp/redis.tar.gz https://github.com/phpredis/phpredis/archive/$PHPREDIS_VERSION.tar.gz \
&& tar xfz /tmp/redis.tar.gz \
&& rm -r /tmp/redis.tar.gz \
&& mv phpredis-$PHPREDIS_VERSION /usr/src/php/ext/redis \
&& docker-php-ext-install redis \
&& docker-php-source delete
# install GD
RUN apt-get update && apt-get install -y \
libfreetype6-dev \
libjpeg62-turbo-dev \
libmcrypt-dev \
libpng-dev \
# && docker-php-ext-install -j$(nproc) iconv mcrypt \
&& docker-php-ext-install -j$(nproc) iconv \
&& docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ \
&& docker-php-ext-install -j$(nproc) gd
# install APCU and YAML
RUN apt-get install -y \
libyaml-dev unzip
RUN pecl install yaml-2.0.0
RUN docker-php-ext-enable yaml
RUN pecl install apcu
RUN docker-php-ext-enable apcu
# clean up all Apt stuff
RUN rm -rf /var/lib/apt/lists/*
# address app-specific config requirements
RUN set -ex \
&& { \
echo 'log_errors = on'; \
echo 'display_errors = off'; \
echo 'always_populate_raw_post_data = -1'; \
echo 'date.timezone = "Pacific/Auckland"'; \
echo 'cgi.fix_pathinfo = 0'; \
echo 'sendmail_path = /usr/bin/msmtp -t'; \
echo 'upload_max_filesize = 100M'; \
echo 'post_max_size = 150M'; \
echo 'memory_limit = 250M'; \
echo '[opcache]'; \
echo 'opcache.enable = 1'; \
echo 'opcache.memory_consumption = 128'; \
echo 'opcache.max_accelerated_files = 8000'; \
echo 'opcache.revalidate_freq = 60'; \
echo 'opcache.use_cwd = 1'; \
echo 'opcache.validate_timestamps = 1'; \
echo 'opcache.save_comments = 1'; \
echo 'opcache.enable_file_override = 0'; \
} | tee /usr/local/etc/php/conf.d/php.ini
# the PHP-fpm configuration - create new www.conf file!
RUN set -ex \
&& { \
echo '[global]'; \
echo 'error_log = /proc/self/fd/2'; \
echo '[www]'; \
echo 'user = www-data'; \
echo 'group = www-data'; \
echo '; if we send this to /proc/self/fd/1, it never appears'; \
echo 'access.log = /proc/self/fd/2'; \
echo 'clear_env = no'; \
echo 'catch_workers_output = yes'; \
echo '; Ensure worker stdout and stderr are sent to the main error log.'; \
echo 'security.limit_extensions = .php'; \
echo '; process management stuff'; \
echo 'pm = ondemand'; \
echo 'pm.max_children = 10'; \
echo 'pm.start_servers = 2'; \
echo 'pm.min_spare_servers = 1'; \
echo 'pm.max_spare_servers = 3'; \
} | tee /usr/local/etc/php-fpm.d/www.conf
VOLUME /var/www/html
# Copy init scripts and custom .htaccess
COPY docker-entrypoint.sh /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"]
CMD ["php-fpm"]
#!/bin/bash
set -e
SEMAPH=composer-running
# if it's not already there, install composer.
if ! [ -e /usr/local/bin/composer ]; then
echo >&2 "first getting Composer"
# Get Composer
curl -S https://getcomposer.org/installer | php
chmod a+x composer.phar
mv composer.phar /usr/local/bin/composer
fi
if ! [ -e .git/hooks ]; then
echo >&2 "creating a .git/hooks dir to avoid errors"
mkdir -p .git/hooks
fi
if ! [ -f $SEMAPH ] ; then
# create the semaphore file with the date in it...
date > $SEMAPH
# run composer to set up dependencies if not already there...
if ! [ -e vendor/autoload.php ]; then
echo >&2 "installing dependencies with Composer"
composer install
else
echo >&2 "vendor dependencies already in place, updating."
composer update
fi
#remove semaphore
rm $SEMAPH
else
echo >&2 "Looks like another composer is already running. If not, please remove