From 63a523a088a3119f9c2e722382c7633039ab16cd Mon Sep 17 00:00:00 2001 From: Wonderfall Date: Tue, 25 Apr 2017 21:49:24 +0200 Subject: [PATCH] add nginx-php image --- nginx-php/Dockerfile | 129 ++++++++++++++++++ nginx-php/README.md | 93 +++++++++++++ nginx-php/rootfs/etc/s6.d/.s6-svscan/finish | 2 + nginx-php/rootfs/etc/s6.d/nginx/run | 6 + nginx-php/rootfs/etc/s6.d/nginx/setup | 4 + nginx-php/rootfs/etc/s6.d/php/run | 6 + nginx-php/rootfs/etc/s6.d/php/setup | 8 ++ nginx-php/rootfs/nginx/conf.d/php.conf | 6 + nginx-php/rootfs/nginx/conf/nginx.conf | 31 +++++ .../usr/local/bin/docker-php-ext-configure | 19 +++ .../usr/local/bin/docker-php-ext-enable | 83 +++++++++++ .../usr/local/bin/docker-php-ext-install | 71 ++++++++++ nginx-php/rootfs/usr/local/etc/php-fpm.conf | 20 +++ 13 files changed, 478 insertions(+) create mode 100644 nginx-php/Dockerfile create mode 100644 nginx-php/README.md create mode 100644 nginx-php/rootfs/etc/s6.d/.s6-svscan/finish create mode 100644 nginx-php/rootfs/etc/s6.d/nginx/run create mode 100644 nginx-php/rootfs/etc/s6.d/nginx/setup create mode 100644 nginx-php/rootfs/etc/s6.d/php/run create mode 100644 nginx-php/rootfs/etc/s6.d/php/setup create mode 100644 nginx-php/rootfs/nginx/conf.d/php.conf create mode 100644 nginx-php/rootfs/nginx/conf/nginx.conf create mode 100644 nginx-php/rootfs/usr/local/bin/docker-php-ext-configure create mode 100644 nginx-php/rootfs/usr/local/bin/docker-php-ext-enable create mode 100644 nginx-php/rootfs/usr/local/bin/docker-php-ext-install create mode 100644 nginx-php/rootfs/usr/local/etc/php-fpm.conf diff --git a/nginx-php/Dockerfile b/nginx-php/Dockerfile new file mode 100644 index 0000000..8e18b12 --- /dev/null +++ b/nginx-php/Dockerfile @@ -0,0 +1,129 @@ +FROM alpine:3.5 + +ARG BUILD_CORES + +ARG NGINX_VER=1.11.13 +ARG NGINX_GPG="B0F4253373F8F6F510D42178520A9993A1C052F8" + +ARG NGINX_CONF=" \ + --prefix=/nginx \ + --sbin-path=/usr/local/sbin/nginx \ + --http-log-path=/nginx/logs/access.log \ + --error-log-path=/nginx/logs/error.log \ + --pid-path=/nginx/run/nginx.pid \ + --lock-path=/nginx/run/nginx.lock \ + --with-threads \ + --with-file-aio \ + --without-http_geo_module \ + --without-http_autoindex_module \ + --without-http_split_clients_module \ + --without-http_memcached_module \ + --without-http_empty_gif_module \ + --without-http_browser_module" + +ARG PHP_VER=7.1.4 +ARG PHP_MIRROR=http://ch1.php.net + +ARG PHP_GPG=" \ + A917B1ECDA84AEC2B568FED6F50ABC807BD5DCD0 \ + 528995BFEDFBA7191D46839EF9BA0ADA31CBD89E \ + 1A4E8B7277C42E53DBA9C7B9BCAA30EA9C0D5763 \ + 6E4F6AB321FDC07F2C332E3AC2BF0BC433CFC8B3 \ + 0BD78B5F97500D450838F95DFE857D9A90D90EC1 \ + 0B96609E270F565C13292B24C13C70B87267B52D" + +ARG LIBICONV_VERSION=1.15 + +ARG PHP_CONF=" \ + --enable-fpm \ + --with-config-file-path="/php" \ + --with-config-file-scan-dir="/php/conf.d" \ + --disable-cgi \ + --enable-mysqlnd \ + --enable-mbstring \ + --with-curl \ + --with-libedit \ + --with-openssl \ + --with-iconv \ + --with-iconv-dir=/usr/local \ + --with-zlib" + +ENV PHP_MEMORY_LIMIT=512M \ + UPLOAD_MAX_SIZE=1G + +COPY rootfs / + +RUN NB_CORES=${BUILD_CORES-$(getconf _NPROCESSORS_CONF)} \ + +### Packages installation + && BUILD_DEPS=" \ + build-base \ + pcre-dev \ + zlib-dev \ + wget \ + gnupg \ + autoconf \ + g++ \ + gcc \ + libc-dev \ + make \ + pkgconf \ + url-dev \ + libedit-dev \ + ibxml2-dev \ + libressl-dev \ + sqlite-dev \ + ca-certificates" \ + && apk -U add \ + ${BUILD_DEPS} \ + s6 \ + su-exec \ + curl \ + libedit \ + libxml2 \ + libressl \ + pcre \ + zlib \ + s6 \ + su-exec \ + +### Source downloading + && wget http://nginx.org/download/nginx-${NGINX_VER}.tar.gz -O /tmp/nginx-${NGINX_VER}.tar.gz \ + && wget http://nginx.org/download/nginx-${NGINX_VER}.tar.gz.asc -O /tmp/nginx-${NGINX_VER}.tar.gz.asc \ + && wget ${PHP_MIRROR}/get/php-${PHP_VER}.tar.gz/from/this/mirror -O /tmp/php-${PHP_VER}.tar.gz \ + && wget ${PHP_MIRROR}/get/php-${PHP_VER}.tar.gz.asc/from/this/mirror -O /tmp/php-${PHP_VER}.tar.gz.asc \ + && wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-${LIBICONV_VERSION}.tar.gz -O /tmp/libiconv-${LIBICONV_VERSION}.tar.gz \ + && gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$NGINX_GPG" \ + && gpg --batch --verify /tmp/nginx-${NGINX_VER}.tar.gz.asc /tmp/nginx-${NGINX_VER}.tar.gz \ + && gpg --keyserver pgp.mit.edu --recv-keys "$PHP_GPG" \ + && gpg --batch --verify /tmp/php-${PHP_VER}.tar.gz.asc /tmp/php-${PHP_VER}.tar.gz \ + && mkdir -p /php/conf.d \ + && mkdir -p /usr/src \ + && tar xzf /tmp/nginx-${NGINX_VER}.tar.gz -C /usr/src \ + && tar xzvf /tmp/php-${PHP_VER}.tar.gz -C /usr/src \ + && tar xzf /tmp/libiconv-${LIBICONV_VERSION}.tar.gz -C /usr/src \ + +### nginx installation + && cd /usr/src/nginx-${NGINX_VER} \ + && ./configure ${NGINX_CONF} \ + && make -j ${NB_CORES} \ + && make install \ + +### GNU Libiconv installation + && cd /usr/src/ibiconv-${LIBICONV_VERSION} \ + && ./configure --prefix=/usr/local \ + && make && make install && libtool --finish /usr/local/lib \ + +### PHP installation + && mv /usr/src/php-${PHP_VER} /usr/src/php \ + && cd /usr/src/php \ + && ./configure ${PHP_CONF} \ + && make -j ${NB_CORES} \ + && make install \ + +### Strip & clean + && { find /usr/local/bin /usr/local/sbin -type f -perm +0111 -exec strip --strip-all '{}' + || true; } \ + && make clean \ + && chmod u+x /usr/local/bin/* /etc/s6.d/*/* \ + && apk del ${BUILD_DEPS} \ + && rm -rf /tmp/* /var/cache/apk/* /usr/src/* \ No newline at end of file diff --git a/nginx-php/README.md b/nginx-php/README.md new file mode 100644 index 0000000..7eaac26 --- /dev/null +++ b/nginx-php/README.md @@ -0,0 +1,93 @@ +![nginx-php](http://apmblog.dynatrace.com/wp-content/uploads/2014/10/PHP-on-Nginx.jpg) + +> This image is build and push with [drone.io](https://github.com/drone/drone), a circle-ci like self-hosted. +> If you don't trust, you can build yourself. + +## Description +What is [Nginx](http://nginx.org)? + +nginx (engine x) is an HTTP and reverse proxy server, a mail proxy server, and a generic TCP proxy server, originally written by Igor Sysoev. For a long time, it has been running on many heavily loaded Russian sites including Yandex, Mail.Ru, VK, and Rambler. According to Netcraft, nginx served or proxied 24.29% busiest sites in December 2015. Here are some of the success stories: Netflix, Wordpress.com, FastMail.FM. + +What is [PHP](https://secure.php.net/)? + +PHP is a popular general-purpose scripting language that is especially suited to web development. +Fast, flexible and pragmatic, PHP powers everything from your blog to the most popular websites in the world. + + +## BUILD IMAGE +### Build arguments +* BUILD_CORES : Number of cpu's core for compile (default : empty for use all cores) +* NGINX_VER : Nginx version (default : latest version) +* NGINX_GPG : Nginx gpg fingerprint +* NGINX_CONF : Nginx build arguments (default : see Dockerfile) +* PHP_VER : PHP version (default : latest version) +* PHP_MIRROR: Mirror for download PHP (default : http://fr2.php.net) +* PHP_GPG : PHP gpg fingerprint +* PHP_CONF : PHP build arguments (default : see Dockerfile) +* PHP_EXT_LIST : PHP extensions list, for install there (default : see Dockerfile) +* CUSTOM_BUILD_PKGS : Necessary packages for build PHP extension, there packages are remove after build (default : see Dockerfile) +* CUSTOM_PKGS : Necessary package for PHP extension (default : see Dockerfile) + +### simple build +```shell +docker build -t xataz/nginx-php github.com/xataz/dockerfiles.git#master:nginx-php +``` + +### Build with arguments +```shell +docker build -t xataz/nginx-php \ + --build-arg NGINX_VER=1.10.1 \ + --build-arg PHP_VER=5.6.27 \ + --build-arg PHP_EXT_LIST="gd mysqli gmp" \ + --build-arg CUSTOM_BUILD_PKGS="freetype-dev gmp-dev" \ + --build-arg CUSTOM_PKGS="freetype gmp" \ + github.com/xataz/dockerfiles.git#master:nginx-php +``` + + +## Configuration +### Environments +* UID : Choose uid for launch rtorrent (default : 991) +* GID : Choose gid for launch rtorrent (default : 991) + +### Volumes +* /nginx/sites-enabled : Place your vhost here +* /nginx/log : Log emplacement +* /nginx/run : Here is pid and lock file +* /nginx/conf/nginx.conf : General configuration of nginx +* /nginx/conf.d : folder for other configuration (ex : php.conf, headers_param.conf) + +if you mount /nginx/conf.d, use this php.conf : +```shell +location ~ \.php$ { + fastcgi_index index.php; + fastcgi_pass unix:/php/run/php-fpm.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /nginx/conf/fastcgi_params; +} +``` + +### Ports +* 8080 + + +## Usage +### Simple launch +```shell +docker run -d -p 8080:8080 xataz/nginx-php +``` +URI access : http://XX.XX.XX.XX:8080 + +### Advanced launch +```shell +docker run -d -p 80:8080 -p 443:8443 \ + -v /docker/nginx/sites-enabled:/nginx/sites-enabled \ + -v /docker/nginx/certs:/nginx/certs \ + -e UID=1001 \ + -e GID=1001 \ + xataz/nginx-php +``` +URI access : http://XX.XX.XX.XX + +## Contributing +Any contributions, are very welcome ! diff --git a/nginx-php/rootfs/etc/s6.d/.s6-svscan/finish b/nginx-php/rootfs/etc/s6.d/.s6-svscan/finish new file mode 100644 index 0000000..03538c0 --- /dev/null +++ b/nginx-php/rootfs/etc/s6.d/.s6-svscan/finish @@ -0,0 +1,2 @@ +#!/bin/sh +exit 0 \ No newline at end of file diff --git a/nginx-php/rootfs/etc/s6.d/nginx/run b/nginx-php/rootfs/etc/s6.d/nginx/run new file mode 100644 index 0000000..b9bff68 --- /dev/null +++ b/nginx-php/rootfs/etc/s6.d/nginx/run @@ -0,0 +1,6 @@ +#!/bin/sh +if test -f ./setup; then + source ./setup +fi + +exec nginx \ No newline at end of file diff --git a/nginx-php/rootfs/etc/s6.d/nginx/setup b/nginx-php/rootfs/etc/s6.d/nginx/setup new file mode 100644 index 0000000..bd4102b --- /dev/null +++ b/nginx-php/rootfs/etc/s6.d/nginx/setup @@ -0,0 +1,4 @@ +#!/bin/sh +mkdir -p /nginx/logs /nginx/run +chown -R $UID:$GID /nginx +sed -i 's//$UPLOAD_MAX_SIZE/g' /nginx/conf/nginx.conf \ No newline at end of file diff --git a/nginx-php/rootfs/etc/s6.d/php/run b/nginx-php/rootfs/etc/s6.d/php/run new file mode 100644 index 0000000..2b3f879 --- /dev/null +++ b/nginx-php/rootfs/etc/s6.d/php/run @@ -0,0 +1,6 @@ +#!/bin/sh +if test -f ./setup; then + source ./setup +fi + +exec php-fpm \ No newline at end of file diff --git a/nginx-php/rootfs/etc/s6.d/php/setup b/nginx-php/rootfs/etc/s6.d/php/setup new file mode 100644 index 0000000..fa0aa6b --- /dev/null +++ b/nginx-php/rootfs/etc/s6.d/php/setup @@ -0,0 +1,8 @@ +#!/bin/sh +mkdir -p /php/php-fpm.d /php/logs /php/run + +sed -i -e 's//$UPLOAD_MAX_SIZE' \ + -e 's//$PHP_MEMORY_LIMIT' \ + /usr/local/etc/php-fpm.conf + +chown -R $UID:GID /php /usr/local/etc/php-fpm.conf \ No newline at end of file diff --git a/nginx-php/rootfs/nginx/conf.d/php.conf b/nginx-php/rootfs/nginx/conf.d/php.conf new file mode 100644 index 0000000..911615e --- /dev/null +++ b/nginx-php/rootfs/nginx/conf.d/php.conf @@ -0,0 +1,6 @@ +location ~ \.php$ { + fastcgi_index index.php; + fastcgi_pass unix:/php/run/php-fpm.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /nginx/conf/fastcgi_params; +} diff --git a/nginx-php/rootfs/nginx/conf/nginx.conf b/nginx-php/rootfs/nginx/conf/nginx.conf new file mode 100644 index 0000000..fe8d44b --- /dev/null +++ b/nginx-php/rootfs/nginx/conf/nginx.conf @@ -0,0 +1,31 @@ +worker_processes auto; +pid /nginx/run/nginx.pid; +daemon off; + +events { + worker_connections 2048; + use epoll; +} + +http { + include /nginx/conf/mime.types; + default_type application/octet-stream; + + access_log /nginx/logs/access.log combined; + error_log /nginx/logs/error.log error; + + client_max_body_size ; + + aio threads; + sendfile on; + keepalive_timeout 15; + keepalive_disable msie6; + keepalive_requests 100; + tcp_nopush on; + tcp_nodelay on; + server_tokens off; + + gzip off + + include /nginx/sites-enabled/*.conf; +} diff --git a/nginx-php/rootfs/usr/local/bin/docker-php-ext-configure b/nginx-php/rootfs/usr/local/bin/docker-php-ext-configure new file mode 100644 index 0000000..34fc8f8 --- /dev/null +++ b/nginx-php/rootfs/usr/local/bin/docker-php-ext-configure @@ -0,0 +1,19 @@ +#!/bin/sh +set -e + +ext="$1" +extDir="/usr/src/php/ext/$ext" +if [ -z "$ext" ] || ! [ -d "$extDir" ]; then + echo >&2 "usage: $0 ext-name [configure flags]" + echo >&2 " ie: $0 gd --with-jpeg-dir=/usr/local/something" + echo >&2 + echo >&2 'Possible values for ext-name:' + echo >&2 $(find /usr/src/php/ext -mindepth 2 -maxdepth 2 -type f -name 'config.m4' | cut -d/ -f6 | sort) + exit 1 +fi +shift + +set -x +cd "$extDir" +phpize +./configure "$@" diff --git a/nginx-php/rootfs/usr/local/bin/docker-php-ext-enable b/nginx-php/rootfs/usr/local/bin/docker-php-ext-enable new file mode 100644 index 0000000..4ed34c7 --- /dev/null +++ b/nginx-php/rootfs/usr/local/bin/docker-php-ext-enable @@ -0,0 +1,83 @@ +#!/bin/sh +set -e + +cd "$(php -r 'echo ini_get("extension_dir");')" + +usage() { + echo "usage: $0 [options] module-name [module-name ...]" + echo " ie: $0 gd mysqli" + echo " $0 pdo pdo_mysql" + echo " $0 --ini-name 0-apc.ini apcu apc" + echo + echo 'Possible values for module-name:' + echo $(find -maxdepth 1 -type f -name '*.so' -exec basename '{}' ';' | sort) +} + +opts="$(getopt -o 'h?' --long 'help,ini-name:' -- "$@" || { usage >&2 && false; })" +eval set -- "$opts" + +iniName= +while true; do + flag="$1" + shift + case "$flag" in + --help|-h|'-?') usage && exit 0 ;; + --ini-name) iniName="$1" && shift ;; + --) break ;; + *) + { + echo "error: unknown flag: $flag" + usage + } >&2 + exit 1 + ;; + esac +done + +modules= +for module; do + if [ -z "$module" ]; then + continue + fi + if [ -f "$module.so" ] && ! [ -f "$module" ]; then + # allow ".so" to be optional + module="$module.so" + fi + if ! [ -f "$module" ]; then + echo >&2 "error: $(readlink -f "$module") does not exist" + echo >&2 + usage >&2 + exit 1 + fi + modules="$modules $module" +done + +if [ -z "$modules" ]; then + usage >&2 + exit 1 +fi + +for module in $modules; do + if nm -g "$module" | grep -q ' zend_extension_entry$'; then + # https://wiki.php.net/internals/extensions#loading_zend_extensions + line="zend_extension=$(readlink -f "$module")" + else + line="extension=$module" + fi + + ext="$(basename "$module")" + ext="${ext%.*}" + if php -r 'exit(extension_loaded("'"$ext"'") ? 0 : 1);'; then + # this isn't perfect, but it's better than nothing + # (for example, 'opcache.so' presents inside PHP as 'Zend OPcache', not 'opcache') + echo >&2 + echo >&2 "warning: $ext ($module) is already loaded!" + echo >&2 + continue + fi + + ini="/php/conf.d/${iniName:-"docker-php-ext-$ext.ini"}" + if ! grep -q "$line" "$ini" 2>/dev/null; then + echo "$line" >> "$ini" + fi +done diff --git a/nginx-php/rootfs/usr/local/bin/docker-php-ext-install b/nginx-php/rootfs/usr/local/bin/docker-php-ext-install new file mode 100644 index 0000000..e47b537 --- /dev/null +++ b/nginx-php/rootfs/usr/local/bin/docker-php-ext-install @@ -0,0 +1,71 @@ +#!/bin/sh +set -e + +cd /usr/src/php/ext + +usage() { + echo "usage: $0 [-jN] ext-name [ext-name ...]" + echo " ie: $0 gd mysqli" + echo " $0 pdo pdo_mysql" + echo " $0 -j5 gd mbstring mysqli pdo pdo_mysql shmop" + echo + echo 'if custom ./configure arguments are necessary, see docker-php-ext-configure' + echo + echo 'Possible values for ext-name:' + echo $(find /usr/src/php/ext -mindepth 2 -maxdepth 2 -type f -name 'config.m4' | cut -d/ -f6 | sort) +} + +opts="$(getopt -o 'h?j:' --long 'help,jobs:' -- "$@" || { usage >&2 && false; })" +eval set -- "$opts" + +j=1 +while true; do + flag="$1" + shift + case "$flag" in + --help|-h|'-?') usage && exit 0 ;; + --jobs|-j) j="$1" && shift ;; + --) break ;; + *) + { + echo "error: unknown flag: $flag" + usage + } >&2 + exit 1 + ;; + esac +done + +exts= +for ext; do + if [ -z "$ext" ]; then + continue + fi + if [ ! -d "$ext" ]; then + echo >&2 "error: $(pwd -P)/$ext does not exist" + echo >&2 + usage >&2 + exit 1 + fi + exts="$exts $ext" +done + +if [ -z "$exts" ]; then + usage >&2 + exit 1 +fi + +for ext in $exts; do + ( + cd "$ext" + [ -e Makefile ] || docker-php-ext-configure "$ext" + make -j"$j" + make -j"$j" install + find modules \ + -maxdepth 1 \ + -name '*.so' \ + -exec basename '{}' ';' \ + | xargs -r docker-php-ext-enable + make -j"$j" clean + ) +done diff --git a/nginx-php/rootfs/usr/local/etc/php-fpm.conf b/nginx-php/rootfs/usr/local/etc/php-fpm.conf new file mode 100644 index 0000000..808edd7 --- /dev/null +++ b/nginx-php/rootfs/usr/local/etc/php-fpm.conf @@ -0,0 +1,20 @@ +[global] +daemonize = no +error_log = /php/logs/error.log + +[www] +listen = /php/run/php-fpm.sock +pm = dynamic +pm.max_children = 15 +pm.start_servers = 2 +pm.min_spare_servers = 1 +pm.max_spare_servers = 6 +chdir = / +env[PATH] = /usr/local/bin:/usr/bin:/bin +php_admin_value[post_max_size] = +php_admin_value[upload_max_filesize] = +php_admin_value[max_execution_time] = 10800 +php_admin_value[max_input_time] = 3600 +php_admin_value[expose_php] = Off +php_admin_value[memory_limit] = +include=/php/php-fpm.d/*.conf \ No newline at end of file