Compare commits

...

36 Commits

Author SHA1 Message Date
e6302859f4 add arm image 2022-05-13 01:57:30 +08:00
f05153fc65 Add php 7 image build workflow 2021-11-10 14:25:18 +08:00
Tim de Pater
df1a00c979
Replace old PHP7 example with PHP8 2021-10-07 21:37:35 +02:00
Tim de Pater
6a440c890f
Fix incorrect repository 2021-10-07 21:24:03 +02:00
Tim de Pater
1c140e8245
Update nginx version in badge 2021-10-07 21:09:30 +02:00
Tim de Pater
a41ad3100f
Automatically update the description on Docker Hub 2021-10-07 21:06:54 +02:00
Tim de Pater
68d8df88dc
Improving multi-platform support 2021-10-07 20:59:08 +02:00
Tim de Pater
61f31882ce
Merge pull request #75 from TrafeX/multi-arch-builds
Add multi-arch Docker builds
2021-10-07 20:54:09 +02:00
Tim de Pater
1bf1f811ff
Introduce multi-arch builds with Docker buildx 2021-10-07 20:51:33 +02:00
Tim de Pater
70b353a097
Add security documentation 2021-09-25 07:41:45 +02:00
Tim de Pater
23d5674a3a
Add contributing documentation 2021-09-25 07:41:30 +02:00
Tim de Pater
9365423d74
Added goal of this project 2021-09-25 07:41:10 +02:00
Tim de Pater
3a38277dc8
Fix build on tag creation 2021-09-25 07:09:52 +02:00
Tim de Pater
da76cd5f6b
Merge pull request #68 from TrafeX/migrate-github-actions
Migrate builds to GitHub Actions
2021-07-25 17:16:41 +02:00
Tim de Pater
16df3f80fc
Migrate builds to GitHub Actions 2021-07-25 09:45:28 +02:00
Tim de Pater
a58dccfd64
Upgraded to Alpine Linux 3.14 2021-07-04 20:47:14 +02:00
Tim de Pater
2102c58220
Merge pull request #60 from maggie0002/patch-1
Format Dockerfile using Docker's conventions
2021-05-22 08:14:45 +02:00
Tim de Pater
4689e12a6a
Create symlink to php 2021-05-17 13:03:59 +02:00
maggie0002
9c6624e118
Format Dockerfile using Docker's conventions
Sort multi-line arguments:
https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#sort-multi-line-arguments

LABEL:
https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#label
2021-05-14 10:51:52 -07:00
Tim de Pater
dab1e6766f
Switch to trafex/php-nginx repository 2021-04-21 00:01:29 +02:00
Tim de Pater
8f3920f3f9
Upgrade to PHP8.0 2021-04-13 22:43:03 +02:00
Tim de Pater
f67cc5755a
Upgraded Alpine Linux to 3.13 2021-01-18 17:23:07 +01:00
Tim de Pater
a866db2f37
Let nginx determine the amount of worker processes based on the number of CPU's 2020-12-15 10:25:52 +01:00
Tim de Pater
27c9f325b0
Merge pull request #49 from Jakobu5/https-patch-1
Update Link to https
2020-10-07 22:45:27 +02:00
Jakobu5
62e6509ab0
Update Link to https 2020-08-18 08:32:40 +02:00
Tim de Pater
58eddb0f7f
Merge pull request #42 from erseco/upstream-upgrade-alpine
Upgraded Alpine to 3.12
2020-06-18 17:34:46 +02:00
Ernesto Serrano
785b15f393 Fixed Label in Dockerfile 2020-06-18 17:16:07 +02:00
Ernesto Serrano
9f3f63d0a9 Upgraded alpine to 3.12 2020-06-16 18:17:37 +02:00
Tim de Pater
a9b19696cd
Merge pull request #40 from fagiani/master
Move defaults removal to upper layer
2020-06-12 16:19:03 +02:00
Paulo Fagiani
d972e69341 Move defaults removal to upper layer 2020-06-10 22:24:55 -03:00
Tim de Pater
be1b70deb6
Merge pull request #38 from sochi/composer-hints
Add a better example for usage with Composer
2020-06-03 15:55:14 +02:00
sochi
42af959fa1 Add better example for usage with Composer 2020-06-02 13:01:37 +02:00
Tim de Pater
918f3905dd
Merge pull request #32 from erseco/patch-2
Enable gzip compression on nginx
2020-04-26 08:19:06 +02:00
Tim de Pater
77660648cb
Merge pull request #31 from erseco/patch-1
Add the php7-opcache package
2020-04-26 08:02:11 +02:00
Ernesto Serrano
365f521c93
Enable gzip compression on nginx
Enable the gzip compression on nginx to improve performance
2020-04-22 08:51:52 +02:00
Ernesto Serrano
19f4bf4772
Add the php7-opcache package
Added the OPcache extension to improve PHP performance.
2020-04-22 08:47:13 +02:00
18 changed files with 612 additions and 44 deletions

43
.github/workflows/build-php7-arm.yml vendored Normal file
View File

@ -0,0 +1,43 @@
name: Build PHP 7 ARM Image
on:
push:
branches:
- master
jobs:
docker-build:
runs-on: ubuntu-latest
steps:
- name: 🔍 Checkout code
uses: actions/checkout@v2
- name: 🏗️ Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: 🔑 Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: 🎃 Set up outputs
id: vars
run: |
echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
- name: ⚓ Build and push
uses: docker/build-push-action@v2
with:
context: .
file: ./Dockerfile.php7.arm
pull: true
push: true
# build-args: |
# arg1=value1
# arg2=value2
cache-from: type=registry,ref=mashirozx/php-nginx:php7-arm
cache-to: type=inline
tags: |
mashirozx/php-nginx:php7-arm
mashirozx/php-nginx:php7arm-${{steps.vars.outputs.sha_short}}

43
.github/workflows/build-php7.yml vendored Normal file
View File

@ -0,0 +1,43 @@
name: Build PHP 7 Image
on:
push:
branches:
- master
jobs:
docker-build:
runs-on: ubuntu-latest
steps:
- name: 🔍 Checkout code
uses: actions/checkout@v2
- name: 🏗️ Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: 🔑 Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: 🎃 Set up outputs
id: vars
run: |
echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
- name: ⚓ Build and push
uses: docker/build-push-action@v2
with:
context: .
file: ./Dockerfile.php7
pull: true
push: true
# build-args: |
# arg1=value1
# arg2=value2
cache-from: type=registry,ref=mashirozx/php-nginx:php7
cache-to: type=inline
tags: |
mashirozx/php-nginx:php7
mashirozx/php-nginx:php7-${{steps.vars.outputs.sha_short}}

43
.github/workflows/build-php8-arm.yml vendored Normal file
View File

@ -0,0 +1,43 @@
name: Build PHP 8 ARM Image
on:
push:
branches:
- master
jobs:
docker-build:
runs-on: ubuntu-latest
steps:
- name: 🔍 Checkout code
uses: actions/checkout@v2
- name: 🏗️ Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: 🔑 Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: 🎃 Set up outputs
id: vars
run: |
echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
- name: ⚓ Build and push
uses: docker/build-push-action@v2
with:
context: .
file: ./Dockerfile.arm
pull: true
push: true
# build-args: |
# arg1=value1
# arg2=value2
cache-from: type=registry,ref=mashirozx/php-nginx:php8-arm
cache-to: type=inline
tags: |
mashirozx/php-nginx:php8-arm
mashirozx/php-nginx:php8-arm-${{steps.vars.outputs.sha_short}}

43
.github/workflows/build-php8.yml vendored Normal file
View File

@ -0,0 +1,43 @@
name: Build PHP 8 Image
on:
push:
branches:
- master
jobs:
docker-build:
runs-on: ubuntu-latest
steps:
- name: 🔍 Checkout code
uses: actions/checkout@v2
- name: 🏗️ Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: 🔑 Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: 🎃 Set up outputs
id: vars
run: |
echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
- name: ⚓ Build and push
uses: docker/build-push-action@v2
with:
context: .
file: ./Dockerfile
pull: true
push: true
# build-args: |
# arg1=value1
# arg2=value2
cache-from: type=registry,ref=mashirozx/php-nginx:php8
cache-to: type=inline
tags: |
mashirozx/php-nginx:php8
mashirozx/php-nginx:php8-${{steps.vars.outputs.sha_short}}

79
.github/workflows/build.yaml vendored Normal file
View File

@ -0,0 +1,79 @@
name: Test & build Docker image
on:
push:
branches: [ master-no ]
tags: ['*']
pull_request:
env:
IMAGE_NAME: trafex/php-nginx
IMAGE_TAG: ${{ github.sha }}
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
- name: Build image
run: |-
docker build -t $IMAGE_NAME:$IMAGE_TAG .
- name: Smoke test image
run: |-
docker-compose -f docker-compose.test.yml up -d app
sleep 2
docker-compose -f docker-compose.test.yml run sut
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: '${{ env.IMAGE_NAME }}:${{ github.sha }}'
format: 'template'
template: '@/contrib/sarif.tpl'
output: 'trivy-results.sarif'
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v1
with:
sarif_file: 'trivy-results.sarif'
- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build multi-arch image and push latest tag
if: github.ref == 'refs/heads/master' && github.event_name == 'push'
run: |-
docker buildx build \
--cache-from=$IMAGE_NAME:latest \
--push \
-t $IMAGE_NAME:latest \
--platform linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6 \
.
- name: Set tag in environment
if: contains(github.ref, 'refs/tags/')
run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
- name: Build multi-arch image and push release tag
if: contains(github.ref, 'refs/tags/')
run: |-
docker buildx build \
--cache-from=$IMAGE_NAME:latest \
--push \
-t $IMAGE_NAME:$RELEASE_VERSION \
--platform linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6 \
.

View File

@ -0,0 +1,21 @@
name: Update Docker Hub Description
on:
push:
branches:
- master-no
paths:
- README.md
- .github/workflows/dockerhub-description.yml
jobs:
dockerHubDescription:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Docker Hub Description
uses: peter-evans/dockerhub-description@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
repository: trafex/php-nginx
short-description: ${{ github.event.repository.description }}

19
CONTRIBUTING.md Normal file
View File

@ -0,0 +1,19 @@
# Contributing to this project
I love your input! I want to make contributing to this project as easy and transparent as possible.
## Report bugs using Github's [issues](https://github.com/TrafeX/docker-php-nginx/issues)
GitHub issues is used to track public bugs.
Report a bug by [opening a new issue](https://github.com/TrafeX/docker-php-nginx/issues/new); it's that easy!
### What to include in an issue?
- A quick summary and/or background
- Steps to reproduce
- Include what version of the image you are using
- Add the `Dockerfile` if you made any changes
- Include the command you used to run the container
- What you expected would happen
- What actually happens
- Notes (possibly including why you think this might be happening, or stuff you tried that didn't work)
## License
By contributing, you agree that your contributions will be licensed under its [MIT License](./LICENSE).

View File

@ -1,20 +1,39 @@
FROM alpine:3.11 FROM alpine:3.14
LABEL Maintainer="Tim de Pater <code@trafex.nl>" \ LABEL Maintainer="Tim de Pater <code@trafex.nl>"
Description="Lightweight container with Nginx 1.16 & PHP-FPM 7.3 based on Alpine Linux." LABEL Description="Lightweight container with Nginx 1.20 & PHP 8.0 based on Alpine Linux."
# Install packages # Install packages and remove default server definition
RUN apk --no-cache add php7 php7-fpm php7-mysqli php7-json php7-openssl php7-curl \ RUN apk --no-cache add \
php7-zlib php7-xml php7-phar php7-intl php7-dom php7-xmlreader php7-ctype php7-session \ curl \
php7-mbstring php7-gd nginx supervisor curl nginx \
php8 \
php8-ctype \
php8-curl \
php8-dom \
php8-fpm \
php8-gd \
php8-intl \
php8-json \
php8-mbstring \
php8-mysqli \
php8-opcache \
php8-openssl \
php8-phar \
php8-session \
php8-xml \
php8-xmlreader \
php8-zlib \
supervisor
# Create symlink so programs depending on `php` still function
RUN ln -s /usr/bin/php8 /usr/bin/php
# Configure nginx # Configure nginx
COPY config/nginx.conf /etc/nginx/nginx.conf COPY config/nginx.conf /etc/nginx/nginx.conf
# Remove default server definition
RUN rm /etc/nginx/conf.d/default.conf
# Configure PHP-FPM # Configure PHP-FPM
COPY config/fpm-pool.conf /etc/php7/php-fpm.d/www.conf COPY config/fpm-pool.conf /etc/php8/php-fpm.d/www.conf
COPY config/php.ini /etc/php7/conf.d/custom.ini COPY config/php.ini /etc/php8/conf.d/custom.ini
# Configure supervisord # Configure supervisord
COPY config/supervisord.conf /etc/supervisor/conf.d/supervisord.conf COPY config/supervisord.conf /etc/supervisor/conf.d/supervisord.conf

64
Dockerfile.arm Normal file
View File

@ -0,0 +1,64 @@
FROM arm64v8/alpine:3.14
LABEL Maintainer="Tim de Pater <code@trafex.nl>"
LABEL Description="Lightweight container with Nginx 1.20 & PHP 8.0 based on Alpine Linux."
# Install packages and remove default server definition
RUN apk --no-cache add \
curl \
nginx \
php8 \
php8-ctype \
php8-curl \
php8-dom \
php8-fpm \
php8-gd \
php8-intl \
php8-json \
php8-mbstring \
php8-mysqli \
php8-opcache \
php8-openssl \
php8-phar \
php8-session \
php8-xml \
php8-xmlreader \
php8-zlib \
supervisor
# Create symlink so programs depending on `php` still function
RUN ln -s /usr/bin/php8 /usr/bin/php
# Configure nginx
COPY config/nginx.conf /etc/nginx/nginx.conf
# Configure PHP-FPM
COPY config/fpm-pool.conf /etc/php8/php-fpm.d/www.conf
COPY config/php.ini /etc/php8/conf.d/custom.ini
# Configure supervisord
COPY config/supervisord.conf /etc/supervisor/conf.d/supervisord.conf
# Setup document root
RUN mkdir -p /var/www/html
# Make sure files/folders needed by the processes are accessable when they run under the nobody user
RUN chown -R nobody.nobody /var/www/html && \
chown -R nobody.nobody /run && \
chown -R nobody.nobody /var/lib/nginx && \
chown -R nobody.nobody /var/log/nginx
# Switch to use a non-root user from here on
USER nobody
# Add application
WORKDIR /var/www/html
COPY --chown=nobody src/ /var/www/html/
# Expose the port nginx is reachable on
EXPOSE 8080
# Let supervisord start nginx & php-fpm
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"]
# Configure a healthcheck to validate that everything is up&running
HEALTHCHECK --timeout=10s CMD curl --silent --fail http://127.0.0.1:8080/fpm-ping

64
Dockerfile.php7 Normal file
View File

@ -0,0 +1,64 @@
FROM alpine:3.14
LABEL Maintainer="Tim de Pater <code@trafex.nl>"
LABEL Description="Lightweight container with Nginx 1.20 & PHP 8.0 based on Alpine Linux."
# Install packages and remove default server definition
RUN apk --no-cache add \
curl \
nginx \
php7 \
php7-ctype \
php7-curl \
php7-dom \
php7-fpm \
php7-gd \
php7-intl \
php7-json \
php7-mbstring \
php7-mysqli \
php7-opcache \
php7-openssl \
php7-phar \
php7-session \
php7-xml \
php7-xmlreader \
php7-zlib \
supervisor
# Create symlink so programs depending on `php` still function
# RUN ln -s /usr/bin/php7 /usr/bin/php
# Configure nginx
COPY config/nginx.conf /etc/nginx/nginx.conf
# Configure PHP-FPM
COPY config/fpm-pool.conf /etc/php7/php-fpm.d/www.conf
COPY config/php.ini /etc/php7/conf.d/custom.ini
# Configure supervisord
COPY config/supervisord.php7.conf /etc/supervisor/conf.d/supervisord.conf
# Setup document root
RUN mkdir -p /var/www/html
# Make sure files/folders needed by the processes are accessable when they run under the nobody user
RUN chown -R nobody.nobody /var/www/html && \
chown -R nobody.nobody /run && \
chown -R nobody.nobody /var/lib/nginx && \
chown -R nobody.nobody /var/log/nginx
# Switch to use a non-root user from here on
USER nobody
# Add application
WORKDIR /var/www/html
COPY --chown=nobody src/ /var/www/html/
# Expose the port nginx is reachable on
EXPOSE 8080
# Let supervisord start nginx & php-fpm
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"]
# Configure a healthcheck to validate that everything is up&running
HEALTHCHECK --timeout=10s CMD curl --silent --fail http://127.0.0.1:8080/fpm-ping

64
Dockerfile.php7.arm Normal file
View File

@ -0,0 +1,64 @@
FROM arm64v8/alpine:3.14
LABEL Maintainer="Tim de Pater <code@trafex.nl>"
LABEL Description="Lightweight container with Nginx 1.20 & PHP 8.0 based on Alpine Linux."
# Install packages and remove default server definition
RUN apk --no-cache add \
curl \
nginx \
php7 \
php7-ctype \
php7-curl \
php7-dom \
php7-fpm \
php7-gd \
php7-intl \
php7-json \
php7-mbstring \
php7-mysqli \
php7-opcache \
php7-openssl \
php7-phar \
php7-session \
php7-xml \
php7-xmlreader \
php7-zlib \
supervisor
# Create symlink so programs depending on `php` still function
# RUN ln -s /usr/bin/php7 /usr/bin/php
# Configure nginx
COPY config/nginx.conf /etc/nginx/nginx.conf
# Configure PHP-FPM
COPY config/fpm-pool.conf /etc/php7/php-fpm.d/www.conf
COPY config/php.ini /etc/php7/conf.d/custom.ini
# Configure supervisord
COPY config/supervisord.php7.conf /etc/supervisor/conf.d/supervisord.conf
# Setup document root
RUN mkdir -p /var/www/html
# Make sure files/folders needed by the processes are accessable when they run under the nobody user
RUN chown -R nobody.nobody /var/www/html && \
chown -R nobody.nobody /run && \
chown -R nobody.nobody /var/lib/nginx && \
chown -R nobody.nobody /var/log/nginx
# Switch to use a non-root user from here on
USER nobody
# Add application
WORKDIR /var/www/html
COPY --chown=nobody src/ /var/www/html/
# Expose the port nginx is reachable on
EXPOSE 8080
# Let supervisord start nginx & php-fpm
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"]
# Configure a healthcheck to validate that everything is up&running
HEALTHCHECK --timeout=10s CMD curl --silent --fail http://127.0.0.1:8080/fpm-ping

View File

@ -1,45 +1,45 @@
# Docker PHP-FPM 7.3 & Nginx 1.16 on Alpine Linux # Docker PHP-FPM 8.0 & Nginx 1.20 on Alpine Linux
Example PHP-FPM 7.3 & Nginx 1.16 setup for Docker, build on [Alpine Linux](http://www.alpinelinux.org/). Example PHP-FPM 8.0 & Nginx 1.20 container image for Docker, build on [Alpine Linux](https://www.alpinelinux.org/).
The image is only +/- 35MB large.
Repository: https://github.com/TrafeX/docker-php-nginx Repository: https://github.com/TrafeX/docker-php-nginx
* Built on the lightweight and secure Alpine Linux distribution * Built on the lightweight and secure Alpine Linux distribution
* Very small Docker image size (+/-35MB) * Multi-platform, supporting AMD4, ARMv6, ARMv7, ARM64
* Uses PHP 7.3 for better performance, lower cpu usage & memory footprint * Very small Docker image size (+/-40MB)
* Uses PHP 8.0 for better performance, lower CPU usage & memory footprint
* Optimized for 100 concurrent users * Optimized for 100 concurrent users
* Optimized to only use resources when there's traffic (by using PHP-FPM's ondemand PM) * Optimized to only use resources when there's traffic (by using PHP-FPM's `on-demand` process manager)
* The servers Nginx, PHP-FPM and supervisord run under a non-privileged user (nobody) to make it more secure * The services Nginx, PHP-FPM and supervisord run under a non-privileged user (nobody) to make it more secure
* The logs of all the services are redirected to the output of the Docker container (visible with `docker logs -f <container name>`) * The logs of all the services are redirected to the output of the Docker container (visible with `docker logs -f <container name>`)
* Follows the KISS principle (Keep It Simple, Stupid) to make it easy to understand and adjust the image to your needs * Follows the KISS principle (Keep It Simple, Stupid) to make it easy to understand and adjust the image to your needs
[![Docker Pulls](https://img.shields.io/docker/pulls/trafex/php-nginx.svg)](https://hub.docker.com/r/trafex/php-nginx/)
[![Docker Pulls](https://img.shields.io/docker/pulls/trafex/alpine-nginx-php7.svg)](https://hub.docker.com/r/trafex/alpine-nginx-php7/) ![nginx 1.20](https://img.shields.io/badge/nginx-1.20-brightgreen.svg)
[![Docker image layers](https://images.microbadger.com/badges/image/trafex/alpine-nginx-php7.svg)](https://microbadger.com/images/trafex/alpine-nginx-php7) ![php 8.0](https://img.shields.io/badge/php-8.0-brightgreen.svg)
![nginx 1.16.1](https://img.shields.io/badge/nginx-1.16-brightgreen.svg)
![php 7.3](https://img.shields.io/badge/php-7.3-brightgreen.svg)
![License MIT](https://img.shields.io/badge/license-MIT-blue.svg) ![License MIT](https://img.shields.io/badge/license-MIT-blue.svg)
### Breaking changes (26/01/2019) ## Goal of this project
The goal of this container image is to provide an example for running Nginx and PHP-FPM in a container which follows
Please note that the new builds since 26/01/2019 are exposing a different port to access Nginx. the best practices and is easy to understand and modify to your needs.
To be able to run Nginx as a non-privileged user, the port it's running on needed
to change to a non-privileged port (above 1024).
The last build of the old version that exposed port 80 was `trafex/alpine-nginx-php7:ba1dd422`
## Usage ## Usage
Start the Docker container: Start the Docker container:
docker run -p 80:8080 trafex/alpine-nginx-php7 docker run -p 80:8080 trafex/php-nginx
See the PHP info on http://localhost, or the static html page on http://localhost/test.html See the PHP info on http://localhost, or the static html page on http://localhost/test.html
Or mount your own code to be served by PHP-FPM & Nginx Or mount your own code to be served by PHP-FPM & Nginx
docker run -p 80:8080 -v ~/my-codebase:/var/www/html trafex/alpine-nginx-php7 docker run -p 80:8080 -v ~/my-codebase:/var/www/html trafex/php-nginx
### Docker Hub repository name change
Since we switched to PHP8 the repository name [trafex/alpine-nginx-php7](https://hub.docker.com/r/trafex/alpine-nginx-php7) didn't make sense anymore.
Because you can't change the name of the repository on Docker Hub I created a new one.
From now on this image can be pulled from Docker Hub under the name [trafex/php-nginx](https://hub.docker.com/r/trafex/php-nginx).
## Configuration ## Configuration
In [config/](config/) you'll find the default configuration files for Nginx, PHP and PHP-FPM. In [config/](config/) you'll find the default configuration files for Nginx, PHP and PHP-FPM.
@ -47,25 +47,25 @@ If you want to extend or customize that you can do so by mounting a configuratio
Nginx configuration: Nginx configuration:
docker run -v "`pwd`/nginx-server.conf:/etc/nginx/conf.d/server.conf" trafex/alpine-nginx-php7 docker run -v "`pwd`/nginx-server.conf:/etc/nginx/conf.d/server.conf" trafex/php-nginx
PHP configuration: PHP configuration:
docker run -v "`pwd`/php-setting.ini:/etc/php7/conf.d/settings.ini" trafex/alpine-nginx-php7 docker run -v "`pwd`/php-setting.ini:/etc/php8/conf.d/settings.ini" trafex/php-nginx
PHP-FPM configuration: PHP-FPM configuration:
docker run -v "`pwd`/php-fpm-settings.conf:/etc/php7/php-fpm.d/server.conf" trafex/alpine-nginx-php7 docker run -v "`pwd`/php-fpm-settings.conf:/etc/php8/php-fpm.d/server.conf" trafex/php-nginx
_Note; Because `-v` requires an absolute path I've added `pwd` in the example to return the absolute path to the current directory_ _Note; Because `-v` requires an absolute path I've added `pwd` in the example to return the absolute path to the current directory_
## Adding composer ## Adding composer
If you need composer in your project, here's an easy way to add it; If you need [Composer](https://getcomposer.org/) in your project, here's an easy way to add it.
```dockerfile ```Dockerfile
FROM trafex/alpine-nginx-php7:latest FROM trafex/php-nginx:latest
# Install composer from the official image # Install composer from the official image
COPY --from=composer /usr/bin/composer /usr/bin/composer COPY --from=composer /usr/bin/composer /usr/bin/composer
@ -73,3 +73,26 @@ COPY --from=composer /usr/bin/composer /usr/bin/composer
# Run composer install to install the dependencies # Run composer install to install the dependencies
RUN composer install --optimize-autoloader --no-interaction --no-progress RUN composer install --optimize-autoloader --no-interaction --no-progress
``` ```
### Building with composer
If you are building an image with source code in it and dependencies managed by composer then the definition can be improved.
The dependencies should be retrieved by the composer but the composer itself (`/usr/bin/composer`) is not necessary to be included in the image.
```Dockerfile
FROM composer AS composer
# copying the source directory and install the dependencies with composer
COPY <your_directory>/ /app
# run composer install to install the dependencies
RUN composer install \
--optimize-autoloader \
--no-interaction \
--no-progress
# continue stage build with the desired image and copy the source including the
# dependencies downloaded by composer
FROM trafex/php-nginx
COPY --chown=nginx --from=composer /app /var/www/html
```

13
SECURITY.md Normal file
View File

@ -0,0 +1,13 @@
# Security Policy
## Supported Versions
Only the latest version will be supported and receive security updates.
| Version | Supported |
| ------- | ------------------ |
| 2.x.x | :white_check_mark: |
| 1.x.x | :x: |
## Reporting a Vulnerability
Found a potential vulnerability? Report it by e-mail on security@trafex.nl.

View File

@ -1,4 +1,4 @@
worker_processes 1; worker_processes auto;
error_log stderr warn; error_log stderr warn;
pid /run/nginx.pid; pid /run/nginx.pid;
@ -83,6 +83,12 @@ http {
} }
} }
gzip on;
gzip_proxied any;
gzip_types text/plain application/xml text/css text/js text/xml application/x-javascript text/javascript application/json application/xml+rss;
gzip_vary on;
gzip_disable "msie6";
# Include other server configs # Include other server configs
include /etc/nginx/conf.d/*.conf; include /etc/nginx/conf.d/*.conf;
} }

View File

@ -5,7 +5,7 @@ logfile_maxbytes=0
pidfile=/run/supervisord.pid pidfile=/run/supervisord.pid
[program:php-fpm] [program:php-fpm]
command=php-fpm7 -F command=php-fpm8 -F
stdout_logfile=/dev/stdout stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0 stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr stderr_logfile=/dev/stderr

View File

@ -0,0 +1,23 @@
[supervisord]
nodaemon=true
logfile=/dev/null
logfile_maxbytes=0
pidfile=/run/supervisord.pid
[program:php-fpm]
command=php-fpm7 -F
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
autorestart=false
startretries=0
[program:nginx]
command=nginx -g 'daemon off;'
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
autorestart=false
startretries=0

View File

@ -1,9 +1,10 @@
version: '3.5' version: '3.5'
services: services:
app: app:
image: ${IMAGE_NAME}:${IMAGE_TAG}
build: . build: .
sut: sut:
image: alpine:3.10 image: alpine:3.13
depends_on: depends_on:
- app - app
command: /tmp/run_tests.sh command: /tmp/run_tests.sh

View File

@ -1,3 +1,3 @@
#!/usr/bin/env sh #!/usr/bin/env sh
apk --no-cache add curl apk --no-cache add curl
curl --silent --fail http://app:8080 | grep 'PHP 7.3' curl --silent --fail http://app:8080 | grep 'PHP 8.0'