update code

2021-04-07 06:32:42 -04:00
parent 7fb98911a6
commit a4753625f6
779 changed files with 335717 additions and 0 deletions
--- a/laradock/nginx/Dockerfile
+++ b/laradock/nginx/Dockerfile
@@ -0,0 +1,44 @@
+FROM nginx:alpine
+
+LABEL maintainer="Mahmoud Zalt <mahmoud@zalt.me>"
+
+COPY nginx.conf /etc/nginx/
+
+# If you're in China, or you need to change sources, will be set CHANGE_SOURCE to true in .env.
+
+ARG CHANGE_SOURCE=false
+RUN if [ ${CHANGE_SOURCE} = true ]; then \
+    # Change application source from dl-cdn.alpinelinux.org to aliyun source
+    sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/' /etc/apk/repositories \
+;fi
+
+RUN apk update \
+    && apk upgrade \
+    && apk --update add logrotate \
+    && apk add --no-cache openssl \
+    && apk add --no-cache bash
+
+RUN apk add --no-cache curl
+
+RUN set -x ; \
+    addgroup -g 82 -S www-data ; \
+    adduser -u 82 -D -S -G www-data www-data && exit 0 ; exit 1
+
+ARG PHP_UPSTREAM_CONTAINER=php-fpm
+ARG PHP_UPSTREAM_PORT=9000
+
+# Create 'messages' file used from 'logrotate'
+RUN touch /var/log/messages
+
+# Copy 'logrotate' config file
+COPY logrotate/nginx /etc/logrotate.d/
+
+# Set upstream conf and remove the default conf
+RUN echo "upstream php-upstream { server ${PHP_UPSTREAM_CONTAINER}:${PHP_UPSTREAM_PORT}; }" > /etc/nginx/conf.d/upstream.conf \
+    && rm /etc/nginx/conf.d/default.conf
+
+ADD ./startup.sh /opt/startup.sh
+RUN sed -i 's/\r//g' /opt/startup.sh
+CMD ["/bin/bash", "/opt/startup.sh"]
+
+EXPOSE 80 81 443
--- a/laradock/nginx/logrotate/nginx
+++ b/laradock/nginx/logrotate/nginx
@@ -0,0 +1,14 @@
+/var/log/nginx/*.log {
+        daily
+        missingok
+        rotate 32
+        compress
+        delaycompress
+        nodateext
+        notifempty
+        create 644 www-data root
+        sharedscripts
+        postrotate
+                [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid`
+        endscript
+}
--- a/laradock/nginx/nginx.conf
+++ b/laradock/nginx/nginx.conf
@@ -0,0 +1,34 @@
+user www-data;
+worker_processes 4;
+pid /run/nginx.pid;
+daemon off;
+
+events {
+  worker_connections  2048;
+  multi_accept on;
+  use epoll;
+}
+
+http {
+  server_tokens off;
+  sendfile on;
+  tcp_nopush on;
+  tcp_nodelay on;
+  keepalive_timeout 15;
+  types_hash_max_size 2048;
+  client_max_body_size 20M;
+  include /etc/nginx/mime.types;
+  default_type application/octet-stream;
+  access_log /dev/stdout;
+  error_log /dev/stderr;
+  gzip on;
+  gzip_disable "msie6";
+  
+  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+  ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
+  
+  include /etc/nginx/conf.d/*.conf;
+  include /etc/nginx/sites-available/*.conf;
+  open_file_cache off; # Disabled for issue 619
+  charset UTF-8;
+}
--- a/laradock/nginx/sites/.gitignore
+++ b/laradock/nginx/sites/.gitignore
@@ -0,0 +1,2 @@
+*.conf
+!default.conf
--- a/laradock/nginx/sites/app.conf.example
+++ b/laradock/nginx/sites/app.conf.example
@@ -0,0 +1,43 @@
+server {
+
+    listen 80;
+    listen [::]:80;
+
+    # For https
+    # listen 443 ssl;
+    # listen [::]:443 ssl ipv6only=on;
+    # ssl_certificate /etc/nginx/ssl/default.crt;
+    # ssl_certificate_key /etc/nginx/ssl/default.key;
+
+    server_name app.test;
+    root /var/www/app;
+    index index.php index.html index.htm;
+
+    location / {
+         try_files $uri $uri/ /index.php$is_args$args;
+    }
+
+    location ~ \.php$ {
+        try_files $uri /index.php =404;
+        fastcgi_pass php-upstream;
+        fastcgi_index index.php;
+        fastcgi_buffers 16 16k;
+        fastcgi_buffer_size 32k;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        #fixes timeouts
+        fastcgi_read_timeout 600;
+        include fastcgi_params;
+    }
+
+    location ~ /\.ht {
+        deny all;
+    }
+
+    location /.well-known/acme-challenge/ {
+        root /var/www/letsencrypt/;
+        log_not_found off;
+    }
+
+    error_log /var/log/nginx/app_error.log;
+    access_log /var/log/nginx/app_access.log;
+}
--- a/laradock/nginx/sites/confluence.conf.example
+++ b/laradock/nginx/sites/confluence.conf.example
@@ -0,0 +1,43 @@
+server {
+    listen 80;
+    listen [::]:80;
+    server_name www.confluence-domain.com;
+    rewrite ^(.*) https://confluence-domain.com$1/ permanent;
+}
+
+server {
+    listen 80;
+    listen [::]:80;
+    server_name confluence-domain.com;
+    rewrite ^(.*) https://confluence-domain.com/ permanent;
+}
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    ssl_certificate /etc/nginx/ssl/confluence-domain.com.crt;
+    ssl_certificate_key /etc/nginx/ssl/confluence-domain.com.key;
+
+    server_name confluence-domain.com;
+
+    location / {
+            client_max_body_size 100m;
+            proxy_set_header X-Forwarded-Host $host;
+            proxy_set_header X-Forwarded-Server $host;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_pass http://confluence-domain.com:8090/;
+    }
+
+    location /synchrony {
+        proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Server $host;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_pass http://confluence-domain.com:8090/synchrony-proxy;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade";
+    }
+
+    error_log /var/log/nginx/bookchangerru_error.log;
+    access_log /var/log/nginx/bookchangerru_access.log;
+}
--- a/laradock/nginx/sites/default.conf
+++ b/laradock/nginx/sites/default.conf
@@ -0,0 +1,40 @@
+server {
+
+    listen 80 default_server;
+    listen [::]:80 default_server ipv6only=on;
+
+    # For https
+    # listen 443 ssl default_server;
+    # listen [::]:443 ssl default_server ipv6only=on;
+    # ssl_certificate /etc/nginx/ssl/default.crt;
+    # ssl_certificate_key /etc/nginx/ssl/default.key;
+
+    server_name localhost;
+    root /var/www/public;
+    index index.php index.html index.htm;
+
+    location / {
+         try_files $uri $uri/ /index.php$is_args$args;
+    }
+
+    location ~ \.php$ {
+        try_files $uri /index.php =404;
+        fastcgi_pass php-upstream;
+        fastcgi_index index.php;
+        fastcgi_buffers 16 16k;
+        fastcgi_buffer_size 32k;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        #fixes timeouts
+        fastcgi_read_timeout 600;
+        include fastcgi_params;
+    }
+
+    location ~ /\.ht {
+        deny all;
+    }
+
+    location /.well-known/acme-challenge/ {
+        root /var/www/letsencrypt/;
+        log_not_found off;
+    }
+}
--- a/laradock/nginx/sites/laravel.conf.example
+++ b/laradock/nginx/sites/laravel.conf.example
@@ -0,0 +1,43 @@
+server {
+
+    listen 80;
+    listen [::]:80;
+
+    # For https
+    # listen 443 ssl;
+    # listen [::]:443 ssl ipv6only=on;
+    # ssl_certificate /etc/nginx/ssl/default.crt;
+    # ssl_certificate_key /etc/nginx/ssl/default.key;
+
+    server_name laravel.test;
+    root /var/www/laravel/public;
+    index index.php index.html index.htm;
+
+    location / {
+         try_files $uri $uri/ /index.php$is_args$args;
+    }
+
+    location ~ \.php$ {
+        try_files $uri /index.php =404;
+        fastcgi_pass php-upstream;
+        fastcgi_index index.php;
+        fastcgi_buffers 16 16k;
+        fastcgi_buffer_size 32k;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        #fixes timeouts
+        fastcgi_read_timeout 600;
+        include fastcgi_params;
+    }
+
+    location ~ /\.ht {
+        deny all;
+    }
+
+    location /.well-known/acme-challenge/ {
+        root /var/www/letsencrypt/;
+        log_not_found off;
+    }
+
+    error_log /var/log/nginx/laravel_error.log;
+    access_log /var/log/nginx/laravel_access.log;
+}
--- a/laradock/nginx/sites/laravel_varnish.conf.example
+++ b/laradock/nginx/sites/laravel_varnish.conf.example
@@ -0,0 +1,110 @@
+server {
+    listen 80;
+    listen [::]:80;
+    server_name www.laravel.test;
+    rewrite ^(.*) https://laravel.test$1/ permanent;
+}
+
+server {
+    listen 80;
+    listen [::]:80;
+    server_name laravel.test;
+    rewrite ^(.*) https://laravel.test$1/ permanent;
+}
+
+server {
+    listen 443 ssl ;
+    listen [::]:443 ssl;
+    ssl_certificate /etc/nginx/ssl/laravel.test.crt;
+    ssl_certificate_key /etc/nginx/ssl/laravel.test.key;
+    server_name www.laravel.test;
+    rewrite ^(.*) https://laravel.test$1/ permanent;
+}
+
+server {
+    server_name laravel.test;
+
+    # For https
+    listen 443 ssl ;
+    listen [::]:443 ssl;
+    ssl_certificate /etc/nginx/ssl/laravel.test.crt;
+    ssl_certificate_key /etc/nginx/ssl/laravel.test.key;
+
+    port_in_redirect off;
+
+    add_header Strict-Transport-Security "max-age=31536000";
+    add_header X-Content-Type-Options nosniff;
+
+    location / {
+         proxy_pass http://proxy:6081;
+         proxy_set_header Host $http_host;
+         proxy_set_header X-Forwarded-Host $http_host;
+         proxy_set_header X-Real-IP $remote_addr;
+         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+         proxy_set_header X-Forwarded-Proto https;
+         proxy_set_header HTTPS "on";
+         proxy_redirect     off;
+    }
+}
+
+server {
+    server_name laravel.test;
+
+    listen 81;
+    listen [::]:81;
+
+    root /var/www/laravel.test/www;
+
+    index index.php index.html index.htm;
+
+    location / {
+         try_files $uri $uri/ /index.php$is_args$args;
+    }
+
+    location ~ \.php$ {
+        fastcgi_max_temp_file_size 4m;
+        fastcgi_pass php-upstream;
+
+        # Additional configs
+        fastcgi_pass_header Set-Cookie;
+        fastcgi_pass_header Cookie;
+        fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
+        try_files $uri /index.php =404;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_split_path_info ^(.+\.php)(/.+)$;
+        fastcgi_param  PATH_INFO $fastcgi_path_info;
+        fastcgi_param  PATH_TRANSLATED $document_root$fastcgi_path_info;
+        fastcgi_param HTTPS on;
+
+        fastcgi_buffers 16 16k;
+        fastcgi_buffer_size 32k;
+
+        fastcgi_intercept_errors on;
+
+        #fixes timeouts
+        fastcgi_read_timeout 600;
+        include fastcgi_params;
+    }
+
+    # Caching
+    location ~* \.(ico|jpg|webp|jpeg|gif|css|png|js|ico|bmp|zip|woff)$ {
+        access_log off;
+        log_not_found off;
+        add_header Pragma public;
+        add_header Cache-Control "public";
+        expires 14d;
+    }
+
+    location ~* \.(php|html)$ {
+        access_log on;
+        log_not_found on;
+        add_header Pragma public;
+        add_header Cache-Control "public";
+        expires 14d;
+    }
+
+    location ~ /\.ht {
+        deny all;
+    }
+}
--- a/laradock/nginx/sites/symfony.conf.example
+++ b/laradock/nginx/sites/symfony.conf.example
@@ -0,0 +1,42 @@
+server {
+
+    listen 80;
+    listen [::]:80;
+
+    # For https
+    # listen 443 ssl;
+    # listen [::]:443 ssl ipv6only=on;
+    # ssl_certificate /etc/nginx/ssl/default.crt;
+    # ssl_certificate_key /etc/nginx/ssl/default.key;
+
+    server_name symfony.test;
+    root /var/www/projects/symfony/web;
+    index index.php index.html index.htm;
+
+    location / {
+      try_files $uri @rewriteapp;
+    }
+
+    # For Symfony 3
+    location @rewriteapp {
+        rewrite ^(.*)$ /app.php/$1 last;
+    }
+    
+    # For Symfony 4 config
+    # location @rewriteapp {
+    #     rewrite ^(.*)$ /index.php/$1 last;
+    # }
+
+    location ~ ^/(app|app_dev|config|index)\.php(/|$) {
+        fastcgi_pass php-upstream;
+        fastcgi_split_path_info ^(.+\.php)(/.*)$;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        #fixes timeouts
+        fastcgi_read_timeout 600;
+        fastcgi_param HTTPS off;
+    }
+
+    error_log /var/log/nginx/symfony_error.log;
+    access_log /var/log/nginx/symfony_access.log;
+}
--- a/laradock/nginx/ssl/.gitignore
+++ b/laradock/nginx/ssl/.gitignore
@@ -0,0 +1,4 @@
+*.crt
+*.csr
+*.key
+*.pem
--- a/laradock/nginx/startup.sh
+++ b/laradock/nginx/startup.sh
@@ -0,0 +1,13 @@
+#!/bin/bash
+
+if [ ! -f /etc/nginx/ssl/default.crt ]; then
+    openssl genrsa -out "/etc/nginx/ssl/default.key" 2048
+    openssl req -new -key "/etc/nginx/ssl/default.key" -out "/etc/nginx/ssl/default.csr" -subj "/CN=default/O=default/C=UK"
+    openssl x509 -req -days 365 -in "/etc/nginx/ssl/default.csr" -signkey "/etc/nginx/ssl/default.key" -out "/etc/nginx/ssl/default.crt"
+fi
+
+# Start crond in background
+crond -l 2 -b
+
+# Start nginx in foreground
+nginx