From dcc936b35d7ea9a83d0206719f88d73bff4e1995 Mon Sep 17 00:00:00 2001 From: zeke Date: Thu, 1 Feb 2024 18:05:08 -0800 Subject: [PATCH 1/6] Use two Dockerfiles, move Docker stuff to /docker --- docker-compose.yml | 16 ++++++--- docker/common-setup.sh | 32 ++++++++++++++++++ docker/nginx/Dockerfile | 8 +++++ docker/nginx/leftypol.conf | 68 ++++++++++++++++++++++++++++++++++++++ docker/nginx/nginx.conf | 33 ++++++++++++++++++ docker/nginx/proxy.conf | 40 ++++++++++++++++++++++ docker/php/Dockerfile | 44 ++++++++++++++++++++++++ docker/php/custom.ini | 15 +++++++++ docker/php/www.conf | 10 ++++++ 9 files changed, 262 insertions(+), 4 deletions(-) create mode 100755 docker/common-setup.sh create mode 100644 docker/nginx/Dockerfile create mode 100644 docker/nginx/leftypol.conf create mode 100644 docker/nginx/nginx.conf create mode 100644 docker/nginx/proxy.conf create mode 100644 docker/php/Dockerfile create mode 100644 docker/php/custom.ini create mode 100644 docker/php/www.conf diff --git a/docker-compose.yml b/docker-compose.yml index 0008c064..98e93884 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,23 +1,31 @@ services: #nginx webserver + php 8.x web: - image: nginx:1.25.3-alpine + build: + context: . + dockerfile: ./docker/nginx/Dockerfile ports: - "8080:80" depends_on: - db volumes: - ./:/code - - ./site.conf:/etc/nginx/conf.d/default.conf + - ./docker/nginx/leftypol.conf:/etc/nginx/conf.d/default.conf + - ./docker/nginx/nginx.conf:/etc/nginx/nginx.conf + - ./docker/nginx/proxy.conf:/etc/nginx/conf.d/proxy.conf networks: leftchan_net: ipv4_address: 172.20.0.3 links: - php php: - build: . + build: + context: . + dockerfile: ./docker/php/Dockerfile volumes: - ./:/code + - ./docker/php/custom.ini:/usr/local/etc/php/conf.d/custom.ini + - ./docker/php/www.conf:/usr/local/etc/php-fpm.d/www.conf networks: leftchan_net: ipv4_address: 172.20.0.4 @@ -42,4 +50,4 @@ networks: ipam: driver: default config: - - subnet: 172.20.0.0/16 \ No newline at end of file + - subnet: 172.20.0.0/16 diff --git a/docker/common-setup.sh b/docker/common-setup.sh new file mode 100755 index 00000000..c7ea147e --- /dev/null +++ b/docker/common-setup.sh @@ -0,0 +1,32 @@ +#!/bin/sh + +# not exactly elegant, but one container is Debian, the other is Alpine +useradd -MU leftypol +addgroup leftypol +adduser -DHG leftypol leftypol + +set -eu + +install -m 775 -o leftypol -g leftypol -d /var/www-leftypol +ln -s \ + /code/banners/ \ + /code/static/ \ + /code/stylesheets/ \ + /code/tools/ \ + /code/walls/ \ + /code/*.php \ + /code/404.html \ + /code/LICENSE.* \ + /code/robots.txt \ + /code/install.sql \ + /var/www-leftypol/ + +install -m 775 -o leftypol -g leftypol -d /var/www/js +ln -s /code/js/* /var/www/js/ + +install -m 775 -o leftypol -g leftypol -d /var/www-leftypol/templates +install -m 775 -o leftypol -g leftypol -d /var/www-leftypol/templates/cache +ln -s /code/templates/* /var/www-leftypol/templates/ + +install -m 775 -o leftypol -g leftypol -d /var/www-leftypol/inc +ln -s /code/inc/* /var/www-leftypol/inc/ diff --git a/docker/nginx/Dockerfile b/docker/nginx/Dockerfile new file mode 100644 index 00000000..9c2392b2 --- /dev/null +++ b/docker/nginx/Dockerfile @@ -0,0 +1,8 @@ +FROM nginx:1.25.3-alpine + +COPY . /code +RUN /code/docker/common-setup.sh + + +CMD ["nginx", "-g", "daemon off;"] +EXPOSE 80 443 \ No newline at end of file diff --git a/docker/nginx/leftypol.conf b/docker/nginx/leftypol.conf new file mode 100644 index 00000000..a825fea7 --- /dev/null +++ b/docker/nginx/leftypol.conf @@ -0,0 +1,68 @@ +upstream php-upstream { + server php:9000; +} + +server { + listen 80 default_server; + listen [::]:80 default_server ipv6only=on; + server_name leftypol; + root /var/www-leftypol; + add_header X-Frame-Options "SAMEORIGIN"; + add_header X-Content-Type-Options "nosniff"; + + index index.html index.php; + + charset utf-8; + + location ~ ^([^.\?]*[^\/])$ { + try_files $uri @addslash; + } + + # Expire rules for static content + # Media: images, icons, video, audio, HTC + location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ { + expires 1M; + access_log off; + log_not_found off; + add_header Cache-Control "public"; + } + # CSS and Javascript + location ~* \.(?:css|js)$ { + expires 1y; + access_log off; + log_not_found off; + add_header Cache-Control "public"; + } + + location ~* \.(html)$ { + expires -1; + } + + location @addslash { + return 301 $uri/; + } + + location / { + try_files $uri $uri/ /index.php$is_args$args; + } + + client_max_body_size 2G; + + location ~ \.php$ { + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Request-Id $x_request_id; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header Forwarded-Request-Id $x_request_id; + fastcgi_pass php-upstream; + fastcgi_index index.php; + fastcgi_buffers 16 16k; + fastcgi_buffer_size 32k; + fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; + fastcgi_read_timeout 600; + include fastcgi_params; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } +} \ No newline at end of file diff --git a/docker/nginx/nginx.conf b/docker/nginx/nginx.conf new file mode 100644 index 00000000..8a42dee3 --- /dev/null +++ b/docker/nginx/nginx.conf @@ -0,0 +1,33 @@ +# This and proxy.conf are based on +# https://github.com/dead-guru/devichan/blob/master/nginx/nginx.conf + +user leftypol; +worker_processes 4; +# daemon off; +# error_log /var/log/nginx/error.log warn; +error_log /dev/stdout warn; +pid /var/run/nginx.pid; +events { + worker_connections 1024; +} +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + #access_log /var/log/nginx/access.log; + # Switch logging to console out to view via Docker + access_log /dev/stdout; + error_log /dev/stdout warn; + sendfile on; + keepalive_timeout 5; + + gzip on; + gzip_http_version 1.0; + gzip_vary on; + gzip_comp_level 6; + gzip_types text/xml text/plain text/css application/xhtml+xml application/xml application/rss+xml application/atom_xml application/x-javascript application/x-httpd-php; + gzip_disable "MSIE [1-6]\."; + + + include /etc/nginx/conf.d/*.conf; + include /etc/nginx/sites-available/*.conf; +} \ No newline at end of file diff --git a/docker/nginx/proxy.conf b/docker/nginx/proxy.conf new file mode 100644 index 00000000..bc22ea34 --- /dev/null +++ b/docker/nginx/proxy.conf @@ -0,0 +1,40 @@ +proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=czone:4m max_size=50m inactive=120m; +proxy_temp_path /var/tmp/nginx; +proxy_cache_key "$scheme://$host$request_uri"; + + +map $http_forwarded_request_id $x_request_id { + "" $request_id; + default $http_forwarded_request_id; +} + +map $http_forwarded_forwarded_host $forwardedhost { + "" $host; + default $http_forwarded_forwarded_host; +} + + +map $http_x_forwarded_proto $fcgi_https { + default ""; + https on; +} + +map $http_x_forwarded_proto $real_scheme { + default $scheme; + https https; +} + +proxy_set_header Host $host; +proxy_set_header X-Real-IP $remote_addr; +proxy_set_header X-Forwarded-Host $host; +proxy_set_header X-Forwarded-Server $host; + +real_ip_header X-Forwarded-For; + +set_real_ip_from 10.0.0.0/8; +set_real_ip_from 172.16.0.0/12; +set_real_ip_from 172.18.0.0/12; +set_real_ip_from 192.168.0.0/24; +set_real_ip_from 127.0.0.0/8; + +real_ip_recursive on; \ No newline at end of file diff --git a/docker/php/Dockerfile b/docker/php/Dockerfile new file mode 100644 index 00000000..2db11415 --- /dev/null +++ b/docker/php/Dockerfile @@ -0,0 +1,44 @@ +# Based on https://github.com/dead-guru/devichan/blob/master/php-fpm/Dockerfile + +FROM composer AS composer +FROM php:8.1-fpm-bullseye +COPY --from=composer /usr/bin/composer /usr/bin/composer +COPY . /code + +RUN apt-get update && apt-get upgrade -y && apt-get install -y \ + zlib1g-dev libicu-dev g++ \ + libjpeg62-turbo-dev \ + libzip-dev \ + libpng-dev \ + libwebp-dev \ + libfreetype6-dev \ + libxml2-dev \ + git \ + zip \ + ffmpeg \ + libonig-dev \ + unzip \ + libcurl4-openssl-dev \ + libmagickwand-dev \ + gifsicle \ + graphicsmagick \ + gettext \ + imagemagick \ + locales locales-all \ + libmagickwand-dev \ + libmcrypt-dev \ + && docker-php-ext-configure gd \ + --with-webp=/usr/include/webp \ + --with-jpeg=/usr/include \ + --with-freetype=/usr/include/freetype2/ \ + && pecl install redis \ + && pecl install imagick \ + && pecl install -o -f igbinary \ + && docker-php-ext-install gd zip opcache intl pdo pdo_mysql mysqli bcmath gettext iconv mbstring curl \ + && docker-php-ext-enable igbinary redis imagick + + +RUN /code/docker/common-setup.sh +WORKDIR "/var/www-leftypol" +CMD ["php-fpm"] +EXPOSE 9000 \ No newline at end of file diff --git a/docker/php/custom.ini b/docker/php/custom.ini new file mode 100644 index 00000000..aacb2d72 --- /dev/null +++ b/docker/php/custom.ini @@ -0,0 +1,15 @@ +; based on https://github.com/dead-guru/devichan/blob/master/php-fpm/custom.ini + +memory_limit = 2G +max_execution_time = 30 +upload_max_filesize = 2G +post_max_size = 2G +pm = dynamic +pm.max_children = 20 +pm.start_servers = 5 +pm.min_spare_servers = 3 +pm.max_spare_servers = 10 + +extension = igbinary.so +extension = redis.so +extension = imagick.so \ No newline at end of file diff --git a/docker/php/www.conf b/docker/php/www.conf new file mode 100644 index 00000000..f6c4f00e --- /dev/null +++ b/docker/php/www.conf @@ -0,0 +1,10 @@ +[www] +user = leftypol +group = leftypol +listen = 127.0.0.1:9000 +pm = dynamic +pm.max_children = 200 +pm.start_servers = 10 +pm.min_spare_servers = 1 +pm.max_spare_servers = 20 +pm.max_requests = 20000 From 64ba328c3b813a0692735a5a74b1f81c3121db62 Mon Sep 17 00:00:00 2001 From: zeke Date: Sun, 4 Feb 2024 23:29:38 -0800 Subject: [PATCH 2/6] Remove extension lines (added by docker-php-ext-enable) --- docker/php/custom.ini | 4 ---- 1 file changed, 4 deletions(-) diff --git a/docker/php/custom.ini b/docker/php/custom.ini index aacb2d72..527f44e7 100644 --- a/docker/php/custom.ini +++ b/docker/php/custom.ini @@ -9,7 +9,3 @@ pm.max_children = 20 pm.start_servers = 5 pm.min_spare_servers = 3 pm.max_spare_servers = 10 - -extension = igbinary.so -extension = redis.so -extension = imagick.so \ No newline at end of file From 57a6154287f9235e1288f9e8a322aee6584bc396 Mon Sep 17 00:00:00 2001 From: zeke Date: Sun, 4 Feb 2024 23:34:17 -0800 Subject: [PATCH 3/6] Update script with php/web container differences --- docker/common-setup.sh | 20 ++++++++++++++------ docker/nginx/Dockerfile | 2 +- docker/php/Dockerfile | 7 ++++--- 3 files changed, 19 insertions(+), 10 deletions(-) diff --git a/docker/common-setup.sh b/docker/common-setup.sh index c7ea147e..e4373971 100755 --- a/docker/common-setup.sh +++ b/docker/common-setup.sh @@ -1,10 +1,12 @@ #!/bin/sh # not exactly elegant, but one container is Debian, the other is Alpine -useradd -MU leftypol -addgroup leftypol -adduser -DHG leftypol leftypol - +if [ "$1" == "php" ]; then + useradd -MU leftypol +else + addgroup leftypol + adduser -DHG leftypol leftypol +fi set -eu install -m 775 -o leftypol -g leftypol -d /var/www-leftypol @@ -21,8 +23,8 @@ ln -s \ /code/install.sql \ /var/www-leftypol/ -install -m 775 -o leftypol -g leftypol -d /var/www/js -ln -s /code/js/* /var/www/js/ +install -m 775 -o leftypol -g leftypol -d /var/www-leftypol/js +ln -s /code/js/* /var/www-leftypol/js/ install -m 775 -o leftypol -g leftypol -d /var/www-leftypol/templates install -m 775 -o leftypol -g leftypol -d /var/www-leftypol/templates/cache @@ -30,3 +32,9 @@ ln -s /code/templates/* /var/www-leftypol/templates/ install -m 775 -o leftypol -g leftypol -d /var/www-leftypol/inc ln -s /code/inc/* /var/www-leftypol/inc/ + +if [ "$1" = "php" ]; then + ln -s /code/composer.json /code/composer.lock /var/www-leftypol/ \ + cd /var/www + composer install +fi diff --git a/docker/nginx/Dockerfile b/docker/nginx/Dockerfile index 9c2392b2..1f3333b3 100644 --- a/docker/nginx/Dockerfile +++ b/docker/nginx/Dockerfile @@ -1,7 +1,7 @@ FROM nginx:1.25.3-alpine COPY . /code -RUN /code/docker/common-setup.sh +RUN /code/docker/common-setup.sh web CMD ["nginx", "-g", "daemon off;"] diff --git a/docker/php/Dockerfile b/docker/php/Dockerfile index 2db11415..c1292d1e 100644 --- a/docker/php/Dockerfile +++ b/docker/php/Dockerfile @@ -35,10 +35,11 @@ RUN apt-get update && apt-get upgrade -y && apt-get install -y \ && pecl install imagick \ && pecl install -o -f igbinary \ && docker-php-ext-install gd zip opcache intl pdo pdo_mysql mysqli bcmath gettext iconv mbstring curl \ - && docker-php-ext-enable igbinary redis imagick + && docker-php-ext-enable igbinary redis imagick \ + && /code/docker/common-setup.sh \ + && cd /var/www-leftypol && composer install - -RUN /code/docker/common-setup.sh +# RUN /code/docker/common-setup.sh php WORKDIR "/var/www-leftypol" CMD ["php-fpm"] EXPOSE 9000 \ No newline at end of file From 17820b31c4585374bb62e0af72e93ad2ae89b37a Mon Sep 17 00:00:00 2001 From: zeke Date: Wed, 7 Feb 2024 10:47:36 -0800 Subject: [PATCH 4/6] Fix user and group creation for docker containers --- docker/common-setup.sh | 13 ------------- docker/nginx/Dockerfile | 5 ++++- docker/php/Dockerfile | 2 ++ 3 files changed, 6 insertions(+), 14 deletions(-) diff --git a/docker/common-setup.sh b/docker/common-setup.sh index e4373971..bf30bd20 100755 --- a/docker/common-setup.sh +++ b/docker/common-setup.sh @@ -1,12 +1,5 @@ #!/bin/sh -# not exactly elegant, but one container is Debian, the other is Alpine -if [ "$1" == "php" ]; then - useradd -MU leftypol -else - addgroup leftypol - adduser -DHG leftypol leftypol -fi set -eu install -m 775 -o leftypol -g leftypol -d /var/www-leftypol @@ -32,9 +25,3 @@ ln -s /code/templates/* /var/www-leftypol/templates/ install -m 775 -o leftypol -g leftypol -d /var/www-leftypol/inc ln -s /code/inc/* /var/www-leftypol/inc/ - -if [ "$1" = "php" ]; then - ln -s /code/composer.json /code/composer.lock /var/www-leftypol/ \ - cd /var/www - composer install -fi diff --git a/docker/nginx/Dockerfile b/docker/nginx/Dockerfile index 1f3333b3..e58381da 100644 --- a/docker/nginx/Dockerfile +++ b/docker/nginx/Dockerfile @@ -1,7 +1,10 @@ FROM nginx:1.25.3-alpine COPY . /code -RUN /code/docker/common-setup.sh web +RUN addgroup --system leftypol \ + && adduser --system leftypol \ + && adduser leftypol leftypol \ + && /code/docker/common-setup.sh CMD ["nginx", "-g", "daemon off;"] diff --git a/docker/php/Dockerfile b/docker/php/Dockerfile index c1292d1e..cb2225bb 100644 --- a/docker/php/Dockerfile +++ b/docker/php/Dockerfile @@ -36,7 +36,9 @@ RUN apt-get update && apt-get upgrade -y && apt-get install -y \ && pecl install -o -f igbinary \ && docker-php-ext-install gd zip opcache intl pdo pdo_mysql mysqli bcmath gettext iconv mbstring curl \ && docker-php-ext-enable igbinary redis imagick \ + && useradd -MU leftypol \ && /code/docker/common-setup.sh \ + && ln -s /code/composer.json /code/composer.lock /var/www-leftypol/ \ && cd /var/www-leftypol && composer install # RUN /code/docker/common-setup.sh php From 3191ef31052b6865422261439a3849b4acbded4a Mon Sep 17 00:00:00 2001 From: zeke Date: Wed, 7 Feb 2024 12:03:05 -0800 Subject: [PATCH 5/6] Remove unused Dockerfile --- Dockerfile | 29 ----------------------------- 1 file changed, 29 deletions(-) delete mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index 4e76f72e..00000000 --- a/Dockerfile +++ /dev/null @@ -1,29 +0,0 @@ -FROM php:8.1.8-fpm - -COPY . /code - -RUN docker-php-ext-install pdo pdo_mysql -RUN apt-get update -y && apt-get install -y libpng-dev libjpeg-dev libonig-dev -RUN docker-php-ext-install mbstring -RUN apt-get update -y && apt-get install -y libmcrypt-dev -# RUN docker-php-ext-install -j$(nproc) mcrypt -RUN docker-php-ext-install iconv -RUN apt-get update -y && apt-get install -y imagemagick -RUN apt-get update -y && apt-get install -y graphicsmagick -RUN apt-get update -y && apt-get install -y gifsicle -# RUN docker-php-ext-configure gd -# --with-jpeg=/usr/include -# --with-png-dir=/usr \ -RUN docker-php-ext-install gd -RUN apt-get update -y \ - && apt-get install -y libmemcached11 libmemcachedutil2 build-essential libmemcached-dev libz-dev git \ - && pecl install memcached \ - && echo extension=memcached.so >> /usr/local/etc/php/conf.d/memcached.ini \ - && apt-get remove -y build-essential libmemcached-dev libz-dev \ - && apt-get autoremove -y \ - && apt-get clean \ - && rm -rf /tmp/pear \ - && curl -sS https://getcomposer.org/installer -o composer-setup.php \ - && php composer-setup.php --install-dir=/usr/local/bin --filename=composer \ - && docker-php-ext-install bcmath \ - && cd /code && composer install \ No newline at end of file From 39412b44272627f3fc10faf0ed1064a106c6eb8b Mon Sep 17 00:00:00 2001 From: zeke Date: Fri, 9 Feb 2024 11:01:07 -0800 Subject: [PATCH 6/6] Apply suggested changes --- docker-compose.yml | 1 - docker/nginx/leftypol.conf | 104 ++++++++++++++++++------------------- docker/nginx/nginx.conf | 36 ++++++------- docker/php/custom.ini | 11 ---- docker/php/www.conf | 9 ++-- 5 files changed, 73 insertions(+), 88 deletions(-) delete mode 100644 docker/php/custom.ini diff --git a/docker-compose.yml b/docker-compose.yml index 98e93884..9ae4f02f 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -24,7 +24,6 @@ services: dockerfile: ./docker/php/Dockerfile volumes: - ./:/code - - ./docker/php/custom.ini:/usr/local/etc/php/conf.d/custom.ini - ./docker/php/www.conf:/usr/local/etc/php-fpm.d/www.conf networks: leftchan_net: diff --git a/docker/nginx/leftypol.conf b/docker/nginx/leftypol.conf index a825fea7..eada8ee9 100644 --- a/docker/nginx/leftypol.conf +++ b/docker/nginx/leftypol.conf @@ -1,68 +1,66 @@ upstream php-upstream { - server php:9000; + server php:9000; } server { - listen 80 default_server; - listen [::]:80 default_server ipv6only=on; - server_name leftypol; - root /var/www-leftypol; - add_header X-Frame-Options "SAMEORIGIN"; - add_header X-Content-Type-Options "nosniff"; + listen 80 default_server; + listen [::]:80 default_server ipv6only=on; + server_name leftypol; + root /var/www-leftypol; + add_header X-Frame-Options "SAMEORIGIN"; + add_header X-Content-Type-Options "nosniff"; - index index.html index.php; + index index.html index.php; - charset utf-8; + charset utf-8; - location ~ ^([^.\?]*[^\/])$ { - try_files $uri @addslash; - } + location ~ ^([^.\?]*[^\/])$ { + try_files $uri @addslash; + } - # Expire rules for static content - # Media: images, icons, video, audio, HTC - location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ { - expires 1M; - access_log off; - log_not_found off; - add_header Cache-Control "public"; - } - # CSS and Javascript - location ~* \.(?:css|js)$ { - expires 1y; - access_log off; - log_not_found off; - add_header Cache-Control "public"; - } + # Expire rules for static content + # Media: images, icons, video, audio, HTC + location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ { + expires 1M; + access_log off; + log_not_found off; + add_header Cache-Control "public"; + } + # CSS and Javascript + location ~* \.(?:css|js)$ { + expires 1y; + access_log off; + log_not_found off; + add_header Cache-Control "public"; + } - location ~* \.(html)$ { - expires -1; - } + location ~* \.(html)$ { + expires -1; + } - location @addslash { - return 301 $uri/; - } + location @addslash { + return 301 $uri/; + } - location / { - try_files $uri $uri/ /index.php$is_args$args; - } + location / { + try_files $uri $uri/ /index.php$is_args$args; + } - client_max_body_size 2G; + client_max_body_size 2G; - location ~ \.php$ { - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $remote_addr; - proxy_set_header X-Request-Id $x_request_id; - proxy_set_header X-Forwarded-Host $host; - proxy_set_header Forwarded-Request-Id $x_request_id; - fastcgi_pass php-upstream; - fastcgi_index index.php; - fastcgi_buffers 16 16k; - fastcgi_buffer_size 32k; - fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; - fastcgi_read_timeout 600; - include fastcgi_params; - } + location ~ \.php$ { + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Request-Id $x_request_id; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header Forwarded-Request-Id $x_request_id; + fastcgi_pass php-upstream; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; + fastcgi_read_timeout 600; + include fastcgi_params; + } - location = /favicon.ico { access_log off; log_not_found off; } - location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } } \ No newline at end of file diff --git a/docker/nginx/nginx.conf b/docker/nginx/nginx.conf index 8a42dee3..8a4ba95f 100644 --- a/docker/nginx/nginx.conf +++ b/docker/nginx/nginx.conf @@ -2,32 +2,32 @@ # https://github.com/dead-guru/devichan/blob/master/nginx/nginx.conf user leftypol; -worker_processes 4; +worker_processes auto; # daemon off; # error_log /var/log/nginx/error.log warn; error_log /dev/stdout warn; pid /var/run/nginx.pid; events { - worker_connections 1024; + worker_connections 1024; } http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - #access_log /var/log/nginx/access.log; - # Switch logging to console out to view via Docker - access_log /dev/stdout; - error_log /dev/stdout warn; - sendfile on; - keepalive_timeout 5; + include /etc/nginx/mime.types; + default_type application/octet-stream; + #access_log /var/log/nginx/access.log; + # Switch logging to console out to view via Docker + access_log /dev/stdout; + error_log /dev/stdout warn; + sendfile on; + keepalive_timeout 5; - gzip on; - gzip_http_version 1.0; - gzip_vary on; - gzip_comp_level 6; - gzip_types text/xml text/plain text/css application/xhtml+xml application/xml application/rss+xml application/atom_xml application/x-javascript application/x-httpd-php; - gzip_disable "MSIE [1-6]\."; + gzip on; + gzip_http_version 1.0; + gzip_vary on; + gzip_comp_level 6; + gzip_types text/xml text/plain text/css application/xhtml+xml application/xml application/rss+xml application/atom_xml application/x-javascript application/x-httpd-php; + gzip_disable "MSIE [1-6]\."; - include /etc/nginx/conf.d/*.conf; - include /etc/nginx/sites-available/*.conf; + include /etc/nginx/conf.d/*.conf; + include /etc/nginx/sites-available/*.conf; } \ No newline at end of file diff --git a/docker/php/custom.ini b/docker/php/custom.ini deleted file mode 100644 index 527f44e7..00000000 --- a/docker/php/custom.ini +++ /dev/null @@ -1,11 +0,0 @@ -; based on https://github.com/dead-guru/devichan/blob/master/php-fpm/custom.ini - -memory_limit = 2G -max_execution_time = 30 -upload_max_filesize = 2G -post_max_size = 2G -pm = dynamic -pm.max_children = 20 -pm.start_servers = 5 -pm.min_spare_servers = 3 -pm.max_spare_servers = 10 diff --git a/docker/php/www.conf b/docker/php/www.conf index f6c4f00e..07fa7c28 100644 --- a/docker/php/www.conf +++ b/docker/php/www.conf @@ -2,9 +2,8 @@ user = leftypol group = leftypol listen = 127.0.0.1:9000 -pm = dynamic -pm.max_children = 200 -pm.start_servers = 10 +pm = static +pm.max_children = 16 +pm.start_servers = 2 pm.min_spare_servers = 1 -pm.max_spare_servers = 20 -pm.max_requests = 20000 +pm.max_spare_servers = 3