diff --git a/.env b/.env index c88eba9..5288a9b 100755 --- a/.env +++ b/.env @@ -6,4 +6,11 @@ NGINX_ROOT=/var/www/html NGINX_HOST=localhost NGINX_PORT=80 PHP_HOST=php -PHP_PORT=9000 \ No newline at end of file +PHP_PORT=9000 +DB_HOST=database +DB_PORT=3306 +DB_USERNAME=docker +DB_PASSWORD=banana pijama +REDIS_HOST='' +REDIS_PASSWORD='' +REDIS_PORT='' \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index f91d68a..708aa33 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -24,7 +24,7 @@ services: environment: - NGINX_ROOT=${NGINX_ROOT} - NGINX_HOST=${NGINX_HOST} - - NGINX_PORT=$[NGINX_PORT] + - NGINX_PORT=${NGINX_PORT} - PHP_HOST=${PHP_HOST} - PHP_PORT=${PHP_PORT} command: bash -c 'wait4ports -q -t 60 -s 10 tcp://php:${PHP_PORT}; /docker-entrypoint.sh nginx -g "daemon off;"' diff --git a/nginx/Dockerfile b/nginx/Dockerfile index 936c4cf..6fc391a 100644 --- a/nginx/Dockerfile +++ b/nginx/Dockerfile @@ -1,7 +1,7 @@ # @version 1.0.0 # Configures NGINX . -FROM nginx:1.19-alpine +FROM nginx:stable-alpine LABEL maintainer="marcosfreitas@c4network.com.br" # @todo change user to not run as root diff --git a/nginx/templates/snippets/base-vhosts.conf.template b/nginx/templates/snippets/base-vhosts.conf.template index 7adf28f..15af7d6 100755 --- a/nginx/templates/snippets/base-vhosts.conf.template +++ b/nginx/templates/snippets/base-vhosts.conf.template @@ -10,7 +10,7 @@ location / { #try_files $uri $uri/ =404; try_files $uri $uri/ /index.php?$query_string; - # Set CSP Rules + # @todo Set CSP Rules # https://content-security-policy.com/ # ajusta o conjunto de domínios permitidos para carregamento de scripts externos # aplica os métodos aceitos para aplicar estilos e executar scripts no site diff --git a/nginx/templates/snippets/performance.conf.template b/nginx/templates/snippets/performance.conf.template index 6a426a8..2680e97 100755 --- a/nginx/templates/snippets/performance.conf.template +++ b/nginx/templates/snippets/performance.conf.template @@ -6,13 +6,20 @@ client_header_buffer_size 2k; # should be equal to fastcgi param client_max_body_size 80M; +# control the length of HTTP headers received from clients +# ; + large_client_header_buffers 4 16k; # Start: Timeouts +# allow the server to close connection on non responding client, this will free up memory +reset_timedout_connection on; client_body_timeout 10; client_header_timeout 10; -keepalive_timeout 15; +keepalive_timeout 30; send_timeout 10; +fastcgi_read_timeout 60; + # Gzip Compression # disabled because use of ssl @@ -29,25 +36,25 @@ gzip_types text/plain text/xml text/css application/json application/javascript # Static file caching -location ~* .(js|json)$ { +location ~* .(txt|xml|js|json)$ { # Indicate that the resource may be cached by public caches like web caches for instance, # if set to 'private' the resource may only be cached by client's browser. add_header Cache-Control public; - # Indicate that the resource can be cached for 24 hours + # Indicate that the resource can be cached expires 24h; } location ~* .(css)$ { add_header Cache-Control public; # Equivalent to above: - # Indicate that the resource can be cached for 86400 seconds (24 hours) - expires 86400; + # Indicate that the resource can be cached + expires 24h; # Add an ETag header with an identifier that can be stored by the client etag on; } -location ~* \.(?:ico|gif|jpe?g|png|svg|woff|woff22|ttf)$ { +location ~* \.(?:ico|gif|jpe?g|png|webp|svg|woff|woff22|ttf)$ { add_header Cache-Control public; expires 30d; # Indicate that the browser can serve a compressed version of these resources diff --git a/nginx/templates/snippets/php.conf.template b/nginx/templates/snippets/php.conf.template index 0e3d7fc..c88139c 100755 --- a/nginx/templates/snippets/php.conf.template +++ b/nginx/templates/snippets/php.conf.template @@ -1,7 +1,6 @@ # cache-directives.conf already have bypasses location ~ \.php$ { - #include conf.d/snippets/fastcgi-php.conf; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; diff --git a/nginx/vhost-app.conf b/nginx/vhost-app.conf index 169e690..3ec5084 100755 --- a/nginx/vhost-app.conf +++ b/nginx/vhost-app.conf @@ -1,4 +1,7 @@ # @author Marcos Freitas +# @info some @features are disabled but can be used normaly +# @experimental things should not be enabled at production servers yet +# @todo have pendent tasks # the following configuration snippet implements a 1‑second caching period for responses with a 200 OK status code. fastcgi_cache_path /tmp/cache keys_zone=APPLICATION:10m levels=1:2 inactive=60m max_size=500m use_temp_path=off;