hoellen/dockerfiles
1
0
Fork 0
mirror of https://github.com/hoellen/dockerfiles.git synced 2025-04-19 20:09:16 +00:00
Code Issues Projects Releases Wiki Activity

privatebin: use nginx-php as underlying image

Browse Source
This commit is contained in:
Wonderfall 2017-04-29 03:16:15 +02:00
parent d85d17067d
commit e1409accc1
10 changed files with 61 additions and 133 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
privatebin/Dockerfile
View File

@ -1,36 +1,30 @@
FROM alpine:3.5
FROM wonderfall/nginx-php
ENV GID=991 UID=991
ARG PRIVATEBIN_VER=1.1
ENV GID=991 UID=991 \
UPLOAD_MAX_SIZE=10M \
MEMORY_LIMIT=128M
RUN echo " https://nl.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories \
&& BUILD_DEPS="tar libressl ca-certificates" \
&& apk -U upgrade && apk add \
$BUILD_DEPS \
nginx \
s6 \
su-exec \
php7-fpm \
php7-gd \
php7-mcrypt \
php7-json \
php7-zlib \
&& mkdir zerobin && cd zerobin \
&& wget -qO- https://github.com/PrivateBin/PrivateBin/archive/master.tar.gz | tar xz --strip 1 \
&& apk -U upgrade && apk add $BUILD_DEPS \
&& mkdir privatebin && cd privatebin \
&& wget -qO- https://github.com/PrivateBin/PrivateBin/archive/${PRIVATEBIN_VER}.tar.gz | tar xz --strip 1 \
&& mv cfg/conf.ini.sample cfg/conf.ini \
&& apk del $BUILD_DEPS \
&& rm -f /var/cache/apk/*
COPY nginx.conf /etc/nginx/nginx.conf
COPY php-fpm.conf /etc/php7/php-fpm.conf
COPY run.sh /usr/local/bin/run.sh
COPY s6.d /etc/s6.d
COPY rootfs /
RUN chmod +x /usr/local/bin/run.sh /etc/s6.d/*/* /etc/s6.d/.s6-svscan/*
VOLUME /zerobin/data
VOLUME /zerobin/data /php/session
EXPOSE 8888
LABEL maintainer="Wonderfall <wonderfall@targaryen.house>"
LABEL maintainer="Wonderfall <wonderfall@targaryen.house>" \
description="A minimalist, open source online pastebin where the server has zero knowledge of pasted data" \
version="PrivateBin 1.1"
CMD ["run.sh"]

11
privatebin/README.md
View File

@ -3,16 +3,21 @@
Paste securely.
#### Features
- Based on Alpine Linux.
- Based on Alpine Linux (wonderfall/nginx-php image)
- Uses [PrivateBin](https://github.com/PrivateBin/PrivateBin), originally a fork of zerobin by elrido.
- Bundled with nginx and PHP7.
- Bundled with nginx and PHP7.1.
#### Build-time variables
- **PRIVATEBIN_VER** : version of PrivateBin
#### Environment variables
- **UID** : zerobin user id
- **GID** : zerobin group id
- **MEMORY_LIMIT** : php memory limit *(default : 128M)*
- **UPLOAD_MAX_SIZE** : maximum upload size *(default : 10M)*
#### Volumes
- **/zerobin/data**
- **/privatebin/data**
#### Ports
- **8888** [(reverse proxy!)](https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration)

89
privatebin/nginx.conf
View File

@ -1,89 +0,0 @@
worker_processes auto;
pid /tmp/nginx.pid;
daemon off;
events {
worker_connections 1024;
use epoll;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log off;
error_log /tmp/ngx_error.log error;
sendfile on;
keepalive_timeout 15;
keepalive_disable msie6;
keepalive_requests 100;
tcp_nopush on;
tcp_nodelay on;
server_tokens off;
fastcgi_temp_path /tmp/fastcgi 1 2;
client_body_temp_path /tmp/client_body 1 2;
proxy_temp_path /tmp/proxy 1 2;
uwsgi_temp_path /tmp/uwsgi 1 2;
scgi_temp_path /tmp/scgi 1 2;
gzip on;
gzip_comp_level 5;
gzip_min_length 512;
gzip_buffers 4 8k;
gzip_proxied any;
gzip_vary on;
gzip_disable "msie6";
gzip_types
text/css
text/javascript
text/xml
text/plain
text/x-component
application/javascript
application/x-javascript
application/json
application/xml
application/rss+xml
application/vnd.ms-fontobject
font/truetype
font/opentype
image/svg+xml;
server {
listen 8888;
root /zerobin;
index index.php index.html;
location ~* \.(jpg|jpeg|gif|css|png|js|map|woff|woff2|ttf|svg|eot)$ {
expires 30d;
access_log off;
}
location ~ ^/(data|cfg|tmp) {
deny all;
}
location ~* /(.*)\.(?:markdown|md|twig|yaml|yml|ht|htaccess|ini)$ {
deny all;
}
location ~ /\. {
deny all;
}
location / {
try_files $uri $uri/ /index.php;
}
location ~ \.php$ {
fastcgi_index index.php;
fastcgi_pass unix:/tmp/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
}
}

11
privatebin/php-fpm.conf
View File

@ -1,11 +0,0 @@
[global]
daemonize = no
[www]
listen = /tmp/php-fpm.sock
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
chdir = /

33
privatebin/rootfs/nginx/sites-enabled/nginx.conf Normal file
View File

@ -0,0 +1,33 @@
server {
listen 8888;
root /privatebin;
index index.php index.html;
location ~* \.(jpg|jpeg|gif|css|png|js|map|woff|woff2|ttf|svg|eot)$ {
expires 30d;
access_log off;
}
location ~ ^/(data|cfg|tmp) {
deny all;
}
location ~* /(.*)\.(?:markdown|md|twig|yaml|yml|ht|htaccess|ini)$ {
deny all;
}
location ~ /\. {
deny all;
}
location / {
try_files $uri $uri/ /index.php;
}
location ~ \.php$ {
fastcgi_index index.php;
fastcgi_pass unix:/php/run/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /nginx/conf/fastcgi_params;
}
}

6
privatebin/rootfs/usr/local/bin/run.sh Normal file
View File

@ -0,0 +1,6 @@
#!/bin/sh
sed -i -e "s/<UPLOAD_MAX_SIZE>/$UPLOAD_MAX_SIZE/g" /nginx/conf/nginx.conf /php/etc/php-fpm.conf \
-e "s/<MEMORY_LIMIT>/$MEMORY_LIMIT/g" /php/etc/php-fpm.conf
chown -R $UID:$GID /privatebin /nginx /php /tmp /etc/s6.d
exec su-exec $UID:$GID /bin/s6-svscan /etc/s6.d

3
privatebin/run.sh
View File

@ -1,3 +0,0 @@
#!/bin/sh
chown -R $UID:$GID /zerobin /etc/nginx /etc/php7 /var/log /var/lib/nginx /tmp /etc/s6.d
exec su-exec $UID:$GID /bin/s6-svscan /etc/s6.d

3
privatebin/s6.d/.s6-svscan/finish
View File

@ -1,3 +0,0 @@
#!/bin/sh
exit 0

2
privatebin/s6.d/nginx/run
View File

@ -1,2 +0,0 @@
#!/bin/sh
exec nginx

2
privatebin/s6.d/php/run
View File

@ -1,2 +0,0 @@
#!/bin/sh
exec php-fpm7