docker/nginx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Change to alpine, add php and mail proxy configuration

Browse Source
This commit is contained in:
Deon George 2022-06-01 20:47:43 +10:00
parent ad00aa25e9
commit 7ad4f9d74e
6 changed files with 107 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
Dockerfile
View File

@ -1,30 +1,38 @@
# NAME leenooks/nginx # NAME leenooks/nginx
# VERSION latest # VERSION latest
FROM nginx:latest FROM php:fpm-alpine
COPY etc/nginx/default.d /etc/nginx/default.d RUN apk add nginx nginx-mod-mail bash
COPY etc/nginx/nginx.conf /etc/nginx
COPY var/www/maintenance /var/www/maintenance
RUN chmod 444 /etc/nginx/default.d/ssl/* && chmod 400 /etc/nginx/default.d/ssl/default.key /etc/nginx/default.d/ssl/dhparams.pem
RUN apt-get update && apt-get install certbot -yy \ EXPOSE 80 443 25 110 143
&& rm -rf /var/lib/apt/lists/* /tmp/*
# Add Cloudflare Certbot
RUN apt-get update && apt-get install python3-certbot-dns-cloudflare -yy \
&& rm -rf /var/lib/apt/lists/* /tmp/*
# Add acme-lego Certbot # Add acme-lego Certbot
RUN curl -sL https://github.com/go-acme/lego/releases/download/v4.2.0/lego_v4.2.0_linux_amd64.tar.gz | tar -C /usr/local/sbin -xzf - RUN curl -sL https://github.com/go-acme/lego/releases/download/v4.6.0/lego_v4.6.0_linux_amd64.tar.gz | tar -C /usr/local/sbin -xzf -
EXPOSE 80 443 RUN mv /sbin/init /sbin/init.busybox
COPY init /sbin/
#RUN apt-get update && apt-get install certbot -yy \
# && rm -rf /var/lib/apt/lists/* /tmp/*
# Add Cloudflare Certbot
#RUN apt-get update && apt-get install python3-certbot-dns-cloudflare -yy \
# && rm -rf /var/lib/apt/lists/* /tmp/*
COPY etc/nginx/nginx.conf /etc/nginx
COPY etc/nginx/default.d /etc/nginx/default.d
COPY etc/nginx/include.d /etc/nginx/include.d
RUN chmod 444 /etc/nginx/default.d/ssl/* && chmod 400 /etc/nginx/default.d/ssl/default.key /etc/nginx/default.d/ssl/dhparams.pem
COPY var/www/maintenance /var/www/maintenance
COPY www.conf /usr/local/etc/php-fpm.d/
COPY ssl.sh /usr/local/sbin/ COPY ssl.sh /usr/local/sbin/
LABEL cron.container.weekly root#/usr/local/sbin/ssl.sh lego renew LABEL cron.container.weekly root#/usr/local/sbin/ssl.sh lego renew
RUN mkdir -p /etc/nginx/conf.d/ssl && ln -s ../../default.d/ssl/default.crt /etc/nginx/conf.d/ssl/mail.crt && ln -s ../../default.d/ssl/default.key /etc/nginx/conf.d/ssl/mail.key
# Expose our web root and log directories log. # Expose our web root and log directories log.
#VOLUME [ "/etc/nginx/conf.d", "/etc/nginx/default.d" ] #VOLUME [ "/etc/nginx/conf.d", "/etc/nginx/default.d", "/etc/nginx/include.d" ]
# Starting # Starting
ENTRYPOINT [ "/usr/sbin/nginx" ] ENTRYPOINT [ "/sbin/init" ]
CMD [ "-g daemon off;" ]

19
etc/nginx/include.d/http.conf Normal file
View File

@ -0,0 +1,19 @@
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}

36
etc/nginx/include.d/mail.conf Normal file
View File

@ -0,0 +1,36 @@
mail {
#server_name mail.example.net;
auth_http http://localhost/mail-auth.php;
error_log /var/log/nginx/mail.log debug;
proxy_pass_error_message on;
#ssl on;
ssl_certificate conf.d/ssl/mail.crt;
ssl_certificate_key conf.d/ssl/mail.key;
#ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
#ssl_ciphers HIGH:!aNULL:!MD5;
#ssl_session_cache shared:SSL:10m;
#ssl_session_timeout 10m;
server {
listen 25;
listen 465 ssl;
protocol smtp;
smtp_auth login plain cram-md5;
}
server {
listen 110;
listen 995 ssl;
protocol pop3;
pop3_auth plain apop cram-md5;
}
server {
listen 143;
listen 993 ssl;
protocol imap;
}
}

36
etc/nginx/nginx.conf
View File

@ -1,33 +1,13 @@
load_module /usr/lib/nginx/modules/ngx_mail_module.so;
user nginx;
worker_processes auto;
user nginx; error_log /var/log/nginx/error.log warn;
worker_processes 1; pid /var/run/nginx.pid;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events { events {
worker_connections 1024; worker_connections 1024;
multi_accept on; multi_accept on;
} }
http { include /etc/nginx/include.d/*.conf;
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
include /etc/nginx/include.d/*.conf;

8
init Executable file
View File

@ -0,0 +1,8 @@
#!/bin/sh
set -e
echo '+ Starting PHP-FPM'
php-fpm -D
exec /usr/sbin/nginx -g "daemon off;"

12
www.conf Normal file
View File

@ -0,0 +1,12 @@
[www]
group = www-data
listen = 127.0.0.1:9000
pm = dynamic
pm.max_children = 25
pm.max_spare_servers = 10
pm.min_spare_servers = 5
pm.start_servers = 10
user = www-data
prefix = /var/www/html
php_admin_value[memory_limit] = 512M
php_admin_value[max_execution_time] = 300