mirror of
https://github.com/N0rthernL1ghts/wordpress.git
synced 2024-11-27 06:30:07 +01:00
Remove remaining ties to nlss/php-nginx:7.4 image
This commit is contained in:
parent
6d526d71e1
commit
e344128779
|
@ -17,12 +17,6 @@ COPY --from=nlss/attr ["/usr/local/bin/attr", "/usr/local/bin/"]
|
|||
# Add crond service
|
||||
COPY --from=nlss/base-alpine:3.14 ["/etc/services.d/cron/", "/etc/services.d/cron/"]
|
||||
|
||||
# Add nginx service and configuration
|
||||
COPY --from=nlss/php-nginx:7.4 ["/etc/services.d/nginx/", "/etc/services.d/nginx/"]
|
||||
COPY --from=nlss/php-nginx:7.4 ["/etc/nginx/", "/etc/nginx/"]
|
||||
COPY --from=nlss/php-nginx:7.4 ["/var/log/nginx/", "/var/log/nginx/"]
|
||||
COPY --from=nlss/php-nginx:7.4 ["/var/www/", "/var/www/"]
|
||||
|
||||
# Install gomplate
|
||||
COPY --from=hairyhenderson/gomplate:v3.10.0-alpine ["/bin/gomplate", "/usr/local/bin/"]
|
||||
|
||||
|
|
40
rootfs/etc/nginx/nginx.conf
Normal file
40
rootfs/etc/nginx/nginx.conf
Normal file
|
@ -0,0 +1,40 @@
|
|||
# Generated by nginxconfig.io
|
||||
# https://www.digitalocean.com/community/tools/nginx#?0.domain=test.com&0.path=%2Fvar%2Fwww&0.non_www=false&0.https=false&0.access_log_domain&0.error_log_domain&php_server=%2Fvar%2Frun%2Fphp%2Fphp7.3-fpm.sock&php_server_backup=%2Fvar%2Frun%2Fphp%2Fphp7.3-fpm.sock&client_max_body_size=100
|
||||
|
||||
user www-data;
|
||||
pid /run/nginx.pid;
|
||||
worker_processes auto;
|
||||
worker_rlimit_nofile 65535;
|
||||
|
||||
events {
|
||||
multi_accept on;
|
||||
worker_connections 65535;
|
||||
}
|
||||
|
||||
http {
|
||||
upstream php {
|
||||
server unix:/var/run/php-fpm.sock;
|
||||
#server unix:/var/run/php/php-fpm.sock backup;
|
||||
}
|
||||
|
||||
charset utf-8;
|
||||
sendfile on;
|
||||
tcp_nopush on;
|
||||
tcp_nodelay on;
|
||||
server_tokens off;
|
||||
log_not_found off;
|
||||
types_hash_max_size 2048;
|
||||
client_max_body_size 100M;
|
||||
|
||||
# MIME
|
||||
include mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
# logging
|
||||
access_log /var/log/nginx/access.log;
|
||||
error_log /var/log/nginx/error.log warn;
|
||||
|
||||
# load configs
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
include /etc/nginx/sites-enabled/*;
|
||||
}
|
34
rootfs/etc/nginx/nginxconfig.io/general.conf
Normal file
34
rootfs/etc/nginx/nginxconfig.io/general.conf
Normal file
|
@ -0,0 +1,34 @@
|
|||
# favicon.ico
|
||||
location = /favicon.ico {
|
||||
log_not_found off;
|
||||
access_log off;
|
||||
}
|
||||
|
||||
# robots.txt
|
||||
location = /robots.txt {
|
||||
log_not_found off;
|
||||
access_log off;
|
||||
}
|
||||
|
||||
# assets, media
|
||||
location ~* \.(?:css(\.map)?|js(\.map)?|jpe?g|png|gif|ico|cur|heic|webp|tiff?|mp3|m4a|aac|ogg|midi?|wav|mp4|mov|webm|mpe?g|avi|ogv|flv|wmv)$ {
|
||||
expires 7d;
|
||||
access_log off;
|
||||
}
|
||||
|
||||
# svg, fonts
|
||||
location ~* \.(?:svgz?|ttf|ttc|otf|eot|woff2?)$ {
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
expires 7d;
|
||||
access_log off;
|
||||
}
|
||||
|
||||
# gzip
|
||||
gzip on;
|
||||
gzip_vary on;
|
||||
gzip_proxied any;
|
||||
gzip_comp_level 6;
|
||||
gzip_types text/plain text/css text/xml application/json application/javascript application/rss+xml application/atom+xml image/svg+xml;
|
||||
|
||||
# Fix permission error on file(s) upload
|
||||
client_body_temp_path /tmp;
|
16
rootfs/etc/nginx/nginxconfig.io/php_fastcgi.conf
Normal file
16
rootfs/etc/nginx/nginxconfig.io/php_fastcgi.conf
Normal file
|
@ -0,0 +1,16 @@
|
|||
# 404
|
||||
try_files $fastcgi_script_name =404;
|
||||
|
||||
# default fastcgi_params
|
||||
include fastcgi_params;
|
||||
|
||||
# fastcgi settings
|
||||
fastcgi_pass php;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_buffers 8 16k;
|
||||
fastcgi_buffer_size 32k;
|
||||
|
||||
# fastcgi params
|
||||
fastcgi_param DOCUMENT_ROOT $realpath_root;
|
||||
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
|
||||
fastcgi_param PHP_ADMIN_VALUE "open_basedir=$base/:/usr/lib/php/:/tmp/";
|
11
rootfs/etc/nginx/nginxconfig.io/security.conf
Normal file
11
rootfs/etc/nginx/nginxconfig.io/security.conf
Normal file
|
@ -0,0 +1,11 @@
|
|||
# security headers
|
||||
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||
add_header X-XSS-Protection "1; mode=block" always;
|
||||
add_header X-Content-Type-Options "nosniff" always;
|
||||
add_header Referrer-Policy "no-referrer-when-downgrade" always;
|
||||
add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always;
|
||||
|
||||
# . files
|
||||
location ~ /\.(?!well-known) {
|
||||
deny all;
|
||||
}
|
31
rootfs/etc/nginx/sites-available/app.conf
Normal file
31
rootfs/etc/nginx/sites-available/app.conf
Normal file
|
@ -0,0 +1,31 @@
|
|||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
|
||||
server_name ;
|
||||
set $base /var/www;
|
||||
root $base/html;
|
||||
|
||||
# security
|
||||
include nginxconfig.io/security.conf;
|
||||
|
||||
# logging
|
||||
access_log /var/log/nginx/app-access.log;
|
||||
error_log /var/log/nginx/app-error.log warn;
|
||||
|
||||
# index files
|
||||
index index.php index.html index.htm index.nginx-debian.html;
|
||||
|
||||
# index.php fallback
|
||||
location / {
|
||||
try_files $uri $uri/ /index.php?$query_string;
|
||||
}
|
||||
|
||||
# handle .php
|
||||
location ~ \.php$ {
|
||||
include nginxconfig.io/php_fastcgi.conf;
|
||||
}
|
||||
|
||||
# additional config
|
||||
include nginxconfig.io/general.conf;
|
||||
}
|
0
rootfs/etc/nginx/sites-enabled/.gitkeep
Normal file
0
rootfs/etc/nginx/sites-enabled/.gitkeep
Normal file
3
rootfs/etc/services.d/nginx/run
Executable file
3
rootfs/etc/services.d/nginx/run
Executable file
|
@ -0,0 +1,3 @@
|
|||
#!/bin/execlineb -P
|
||||
|
||||
nginx -g "daemon off;"
|
0
rootfs/var/log/nginx/.gitkeep
Normal file
0
rootfs/var/log/nginx/.gitkeep
Normal file
3
rootfs/var/www/html/index.php
Normal file
3
rootfs/var/www/html/index.php
Normal file
|
@ -0,0 +1,3 @@
|
|||
<?php
|
||||
|
||||
echo 'Hello World!';
|
Loading…
Reference in New Issue
Block a user