From 10bea1d0f36f67650c2d4c724d75cd62c83bff9d Mon Sep 17 00:00:00 2001 From: Cloudflying Date: Sat, 10 Jul 2021 06:24:31 +0800 Subject: [PATCH 01/50] Add Playcoin --- .editorconfig | 36 + .env.example | 1143 ++++++++++ .gitattributes | 18 + .github/ISSUE_TEMPLATE/bug_report.md | 38 + .github/ISSUE_TEMPLATE/feature_request.md | 20 + .github/workflows/build-docs.yml | 46 + .github/workflows/check-link.yml | 57 + .github/workflows/ci.yml | 168 ++ .github/workflows/docker-image-rootfs.yml | 91 + .github/workflows/dockerimage.yml | 14 + .github/workflows/labeler.yml | 13 + .github/workflows/lrew.yml | 56 + .github/workflows/lwpm.yml | 64 + .github/workflows/main.yml | 19 + .github/workflows/manifest.yml | 106 + .github/workflows/php-fpm.yml | 33 + .github/workflows/sync-actions.yml | 86 + .github/workflows/sync-git.yml | 179 ++ .github/workflows/sync-php.yml | 33 + .gitignore | 54 + .travis.yml | 30 + .vscode/settings.json | 16 + LICENSE | 21 + README-zh.md | 385 ++++ README.md | 453 +++- _config.yml | 1 - bin/dockone | 79 - bin/git | 35 + bin/grunt | 35 + bin/gulp | 34 + bin/node | 35 + bin/npm | 34 + bin/php | 14 + bin/tool | 8 +- bin/tsc | 35 + bin/yarn | 34 + compose/1.yml | 50 + docker-compose.yml => compose/10.yml | 0 .../docker-compose.yml => compose/11.yml | 0 compose/2.yml | 99 + compose/3.yml | 97 + compose/4.yml | 56 + compose/5.yml | 49 + compose/6.yml | 90 + compose/7.yml | 114 + compose/8.yml | 38 + compose/9.yml | 29 + compose/apm-server-compose.yml | 9 + compose/aria2.yml | 17 + compose/container_scanning_all_arch.yml | 74 + compose/docker-compose-10.yml | 76 + compose/docker-compose-8.yml | 97 + compose/docker-compose-9.yml | 141 ++ compose/docker-compose-sync.yml | 102 + compose/docker-compose.laradock.yml | 1819 +++++++++++++++ compose/docker-composer-2.yml | 97 + compose/docker-composer-3.yml | 81 + compose/docker-composer-4.yml | 329 +++ compose/docker-composer-5.yml | 94 + compose/docker-composer-6.yml | 52 + compose/docker-composer-7.yml | 41 + compose/elasticsearch-compose.yml | 53 + compose/ethereum-stack-compose.yml | 32 + compose/fast.yml | 89 + compose/filebeat-compose.yml | 4 + compose/kibana-compose.yml | 10 + compose/laradock.yml | 314 +++ compose/lnmp-stack-compose.yml | 53 + compose/logstash.yml | 9 + compose/metricbeat.yml | 12 + compose/nginx-lua-compose.yml | 50 + compose/simplify.yml | 58 + conf/apache/httpd.conf | 549 +++++ conf/apache/vhosts/default.conf | 19 + conf/bashrc | 128 ++ conf/elk/README.md | 21 + conf/elk/elk.sh | 117 + conf/elk/es-master.yml | 43 + conf/elk/es-slave1.yml | 41 + conf/elk/es-slave2.yml | 41 + conf/elk/filebeat.yml | 54 + conf/elk/kibana.yml | 14 + conf/elk/logstash-filebeat.conf | 61 + conf/elk/logstash.yml | 6 + conf/elk/nginx.conf | 53 + conf/mongo/conf/mongo.conf | 43 + conf/mongo/conf/mongod.yml | 44 + conf/nginx/cert/*.demo.com.crt | 15 + conf/nginx/cert/*.demo.com.csr | 12 + conf/nginx/cert/*.demo.com.key | 15 + conf/nginx/cert/*.demo.com.origin.key | 18 + conf/nginx/cert/cert.key | 27 + conf/nginx/cert/cert.pem | 64 + conf/nginx/cert/envdev.crt | 14 + conf/nginx/cert/envdev.csr | 11 + conf/nginx/cert/envdev.key | 15 + conf/nginx/conf.d/app.conf.example | 43 + conf/nginx/conf.d/confluence.conf.example | 43 + conf/nginx/conf.d/default.conf | 47 + conf/nginx/conf.d/demo.conf | 236 ++ conf/nginx/conf.d/http3.conf | 130 ++ conf/nginx/conf.d/laravel.conf.example | 43 + .../nginx/conf.d/laravel_varnish.conf.example | 110 + conf/nginx/conf.d/proxy.conf | 11 + conf/nginx/conf.d/symfony.conf.example | 42 + conf/nginx/fastcgi.conf | 25 + conf/nginx/fastcgi_params | 25 + conf/nginx/koi-utf | 108 + conf/nginx/koi-win | 103 + conf/nginx/logrotate/nginx | 14 + conf/nginx/mime.types | 97 + conf/nginx/nginx.conf | 102 + conf/nginx/rewrite/DEDECMS.conf | 10 + conf/nginx/rewrite/Discuz_7.conf | 5 + conf/nginx/rewrite/Discuz_X.conf | 12 + conf/nginx/rewrite/PHPWind.conf | 4 + conf/nginx/rewrite/ecshop.conf | 32 + conf/nginx/rewrite/laravel.conf | 3 + conf/nginx/rewrite/none.conf | 0 conf/nginx/rewrite/phpcms.conf | 8 + conf/nginx/rewrite/shopex.conf | 5 + conf/nginx/rewrite/thinkphp.conf | 6 + conf/nginx/rewrite/typecho.conf | 12 + conf/nginx/rewrite/wordpress.conf | 11 + conf/nginx/scgi_params | 16 + conf/nginx/uwsgi_params | 16 + conf/php/build/install.sh | 124 + conf/php/extends/aerospike.ini | 3 + conf/php/extends/opcache.ini | 8 + conf/php/extends/xdebug.ini | 24 + conf/php/php-fpm.d/72.conf | 413 ++++ conf/php/php-fpm.d/Dockerfile | 179 ++ conf/php/php-fpm.d/conf-7.1/php-fpm.conf | 125 + .../php-fpm.d/conf-7.1/php-fpm.d/docker.conf | 11 + .../php/php-fpm.d/conf-7.1/php-fpm.d/www.conf | 419 ++++ .../conf-7.1/php-fpm.d/zz-docker.conf | 5 + conf/php/php-fpm.d/conf-7.1/php.ini | 1955 ++++++++++++++++ conf/php/php-fpm.d/conf-7.2/php-fpm.conf | 125 + .../php-fpm.d/conf-7.2/php-fpm.d/docker.conf | 11 + .../php/php-fpm.d/conf-7.2/php-fpm.d/www.conf | 423 ++++ .../conf-7.2/php-fpm.d/zz-docker.conf | 5 + conf/php/php-fpm.d/conf-7.2/php.ini | 1938 ++++++++++++++++ conf/php/php-fpm.d/conf-7.3/php-fpm.conf | 143 ++ .../php-fpm.d/conf-7.3/php-fpm.d/docker.conf | 15 + .../php/php-fpm.d/conf-7.3/php-fpm.d/www.conf | 430 ++++ .../conf-7.3/php-fpm.d/www.conf.default | 430 ++++ .../conf-7.3/php-fpm.d/zz-docker.conf | 5 + conf/php/php-fpm.d/conf-7.3/php.ini | 1949 ++++++++++++++++ conf/php/php-fpm.d/conf-7.4/php-fpm.conf | 143 ++ .../php-fpm.d/conf-7.4/php-fpm.d/docker.conf | 15 + .../php/php-fpm.d/conf-7.4/php-fpm.d/www.conf | 438 ++++ .../conf-7.4/php-fpm.d/zz-docker.conf | 5 + conf/php/php-fpm.d/conf-7.4/php.ini | 1952 ++++++++++++++++ conf/php/php-fpm.d/php-fpm.conf | 38 + conf/php/php-fpm.d/php-fpm2.conf | 80 + conf/php/php-fpm.d/php-fpm3.conf | 30 + conf/php/php5.ini | 1918 ++++++++++++++++ conf/php/php7.ini | 2011 ++++++++++++++++ conf/phpMyAdmin/config.inc.php | 100 + conf/services/apache.yml | 20 + conf/services/demo.service | 11 + conf/services/elasticsearch/Dockerfile | 116 + conf/services/elasticsearch/elasticsearch.yml | 9 + conf/services/maildev.yml | 15 + conf/services/mariadb.yml | 38 + conf/services/memcached.yml | 13 + conf/services/mongodb.yml | 39 + conf/services/mysql.yml | 38 + conf/services/mysql5/mysql.cnf | 29 + conf/services/nginx.yml | 20 + conf/services/nginx/Dockerfile | 25 + conf/services/nginx/conf.d/.gitignore | 4 + conf/services/nginx/conf.d/localhost.conf | 92 + conf/services/nginx/fastcgi-php.conf | 14 + conf/services/nginx/fastcgi_params | 26 + conf/services/nginx/initsh | 3 + conf/services/nginx/nginx.conf | 35 + .../nginx/ssl/localhost/localhost.crt | 15 + .../nginx/ssl/localhost/localhost.key | 15 + conf/services/openresty/conf.d/.gitignore | 4 + conf/services/openresty/conf.d/localhost.conf | 88 + conf/services/openresty/fastcgi-php.conf | 14 + conf/services/openresty/fastcgi_params | 27 + conf/services/openresty/openresty.conf | 56 + .../openresty/ssl/localhost/localhost.crt | 15 + .../openresty/ssl/localhost/localhost.key | 15 + conf/services/php/Dockerfile | 45 + conf/services/php/initsh | 3 + conf/services/php/php-fpm.conf | 30 + conf/services/php/php.ini | 196 ++ conf/services/php54/Dockerfile | 31 + conf/services/php54/extensions/install.sh | 289 +++ conf/services/php54/php-fpm.conf | 423 ++++ conf/services/php54/php.ini | 1930 ++++++++++++++++ conf/services/php56/php-fpm.conf | 423 ++++ conf/services/php56/php.ini | 1933 ++++++++++++++++ conf/services/phpmyadmin/config.user.inc.php | 19 + conf/services/phpmyadmin/php-phpmyadmin.ini | 20 + conf/services/rabbitmq.yml | 13 + conf/services/redis.yml | 29 + conf/services/supervisor/Dockerfile | 18 + conf/services/supervisor/conf.d/php-fpm.ini | 20 + conf/services/supervisor/supervisord.conf | 129 ++ conf/tmux.conf | 11 + conf/tmuxinator_init.yml | 75 + conf/voocel-docker-lnmp | 1 + conf/workspace/Dockerfile | 215 ++ conf/workspace/insecure_id_rsa | 51 + conf/workspace/insecure_id_rsa.ppk | 46 + conf/workspace/insecure_id_rsa.pub | 1 + dockenv | 243 ++ docs/Help.md | 191 ++ docs/README.md | 5 + docs/TODO.md | 6 + docs/configuration.md | 235 ++ docs/docker.md | 41 + docs/error.md | 69 + docs/https.md | 71 + docs/image.md | 51 + docs/installation.md | 20 + docs/nginx.md | 47 + docs/presentation.md | 146 ++ docs/tmp.md | 647 ++++++ docs/vhost.md | 51 + ...\243\205swoole\346\211\251\345\261\225.md" | 33 + ...350\243\205yaf\346\211\251\345\261\225.md" | 27 + ...00\344\270\252\347\253\231\347\202\271.md" | 74 + images/aerospike/Dockerfile | 8 + images/aerospike/aerospike.conf | 77 + images/almalinux/8.4/Dockerfile | 5 + images/almalinux/latest/Dockerfile | 5 + images/alpine-mariadb-amd64/Dockerfile | 34 + images/alpine-mariadb-amd64/files/run.sh | 99 + images/alpine/3.10/Dockerfile | 8 + images/alpine/3.11/Dockerfile | 8 + images/alpine/3.12/Dockerfile | 8 + images/alpine/3.13/Dockerfile | 8 + images/alpine/3.7/Dockerfile | 8 + images/alpine/3.8/Dockerfile | 8 + images/alpine/3.9/Dockerfile | 8 + images/alpine/Dockerfile | 9 - images/alpine/Dockerfile.dev | 9 - images/alpine/README.md | 8 - images/alpine/edge/Dockerfile | 8 + images/android/Dockerfile | 14 + images/apache2/Dockerfile | 17 + images/archlinux-vnc/Dockerfile | 29 - images/archlinux-vnc/conf/build.sh | 7 - images/archlinux/Dockerfile | 10 - images/archlinux/Dockerfile.base | 26 - images/archlinux/Dockerfile.vncenv | 18 - .../{Dockerfile.dev => dev/Dockerfile} | 2 +- images/archlinux/latest/Dockerfile | 18 + images/aria2/Dockerfile | 43 +- images/aria2/conf/aria2c.conf | 239 +- images/aria2/conf/aria2c.session | 0 images/aria2/conf/aria2c.torrents.conf | 252 ++ images/aria2/conf/build.sh | 101 + images/aria2/conf/delete.sh | 21 + images/aria2/conf/dht.dat | Bin 0 -> 5488 bytes images/aria2/conf/dht6.dat | Bin 0 -> 8008 bytes images/aria2/conf/docker-entrypoint.sh | 6 - images/aria2/conf/entrypoint.sh | 35 + images/aria2/conf/on-complete.sh | 29 + images/aria2/conf/on-delete.sh | 81 + images/aria2/conf/on-move.sh | 81 + images/aria2/conf/run.sh | 7 - images/aria2/docker-compose.yml | 23 - images/beanstalkd-console/Dockerfile | 17 + images/beanstalkd/Dockerfile | 16 + images/boxs/Dockerfile | 51 + images/boxs/README.md | 107 + images/{ubuntu => boxs}/README.unity.md | 0 images/boxs/app | 1 + images/boxs/conf.d/1/50-motd-news | 146 ++ images/boxs/conf.d/1/60-unminimize | 9 + images/{cmdide => boxs}/conf.d/default.conf | 0 .../desktop}/xfce/.config/background.jpg | Bin .../xfce-perchannel-xml/xfce4-desktop.xml | 0 .../xfce4-keyboard-shortcuts.xml | 0 .../xfce-perchannel-xml/xfce4-panel.xml | 0 .../xfconf/xfce-perchannel-xml/xfwm4.xml | 0 .../xfconf/xfce-perchannel-xml/xsettings.xml | 0 .../desktop}/xfce/Desktop/.firefox.desktop | 0 .../xfce/Desktop/chromium-browser.desktop | 0 images/{cmdide => boxs}/conf.d/index.php | 21 +- images/boxs/conf.d/init.d/sshd | 162 ++ images/boxs/conf.d/landscape-sysinfo.py | 22 + .../{cmdide => boxs}/conf.d/letsencrypt-renew | 0 .../{cmdide => boxs}/conf.d/letsencrypt-setup | 0 images/boxs/conf.d/motd.sh | 21 + images/boxs/conf.d/motd/50-landscape-sysinfo | 14 + images/boxs/conf.d/motd/50-motd-news | 135 ++ images/boxs/conf.d/motd/80-esm | 24 + images/boxs/conf.d/motd/80-livepatch | 93 + images/boxs/conf.d/motd/91-release-upgrade | 9 + images/boxs/conf.d/motd/95-hwe-eol | 5 + images/boxs/conf.d/motd/97-overlayroot | 4 + images/boxs/conf.d/motd/98-fsck-at-reboot | 5 + images/boxs/conf.d/motd/98-reboot-required | 5 + .../nginx.conf => boxs/conf.d/nginx.2.conf} | 0 images/{cmdide => boxs}/conf.d/nginx.conf | 0 images/boxs/conf.d/nginx.conf.d/LICENSE | 674 ++++++ images/boxs/conf.d/nginx.conf.d/README.md | 19 + .../boxs/conf.d/nginx.conf.d/anti-floc.conf | 2 + .../nginx.conf.d/archive.fastgit.org.conf | 71 + .../nginx.conf.d/assets.fastgit.org.conf | 81 + .../nginx.conf.d/download.fastgit.org.conf | 73 + .../boxs/conf.d/nginx.conf.d/fastgit.org.conf | 38 + .../conf.d/nginx.conf.d/hub.fastgit.org.conf | 109 + .../conf.d/nginx.conf.d/install-debian10.sh | 97 + .../conf.d/nginx.conf.d/raw.fastgit.org.conf | 99 + images/boxs/conf.d/nginx.conf.d/robots.txt | 2 + images/boxs/conf.d/nginx/google.nginx.conf | 26 + images/boxs/conf.d/nginx/google2.nginx.conf | 35 + images/boxs/conf.d/nginx/gravatar.conf | 44 + images/boxs/conf.d/nginx/sni-host.conf | 26 + images/boxs/conf.d/nginx/sni.nginx.conf | 26 + .../usr/lib/update-notifier/apt-cdrom-check | 93 + .../usr/lib/update-notifier/apt-check | 1 + .../usr/lib/update-notifier/apt_check.py | 214 ++ .../usr/lib/update-notifier/backend_helper.py | 168 ++ .../usr/lib/update-notifier/cddistupgrader | 31 + .../update-notifier/package-data-downloader | 337 +++ .../lib/update-notifier/package-system-locked | 16 + .../update-motd-fsck-at-reboot | 81 + .../lib/update-notifier/update-motd-hwe-eol | 60 + .../update-motd-reboot-required | 7 + .../update-motd-updates-available | 59 + images/{cmdide => boxs}/conf.d/php.ini | 0 images/boxs/conf.d/supervisor-novnc.conf | 9 + .../conf.d}/supervisord.conf | 0 images/{ => boxs}/panel/Dockerfile.bt | 0 images/{ => boxs}/panel/Dockerfile.bt6 | 0 images/{ => boxs}/panel/scripts/bt6.sh | 0 images/{ => boxs}/panel/scripts/install-bt.sh | 0 images/boxs/script/bootstrap.sh | 278 +++ images/{cmdide => boxs}/script/build.sh | 36 +- images/boxs/script/entrypoint.sh | 9 + images/{ubuntu => boxs}/script/startup.sh | 0 .../script/build.sh => boxs/script/vnc.sh} | 0 images/{ubuntu => boxs}/script/wm_startup.sh | 0 images/{ubuntu => boxs}/unity/startup.sh | 6 +- images/{ubuntu => boxs}/unity/startup_bak.sh | 0 images/{ubuntu => boxs}/unity/unity.sh | 0 images/{ubuntu => boxs}/unity/xfce_startup.sh | 0 .../vnc}/conf/.ratpoisonrc | 0 .../{archlinux-vnc => boxs/vnc}/conf/.xinitrc | 0 .../vnc}/conf/.xsession | 0 .../vnc}/conf/vnc/xstartup | 0 images/{archlinux-vnc => boxs/vnc}/run.sh | 0 images/boxs/workspace/Dockerfile | 1534 +++++++++++++ images/boxs/workspace/aerospike.ini | 3 + images/boxs/workspace/aliases.sh | 151 ++ images/boxs/workspace/crontab/laradock | 1 + images/boxs/workspace/insecure_id_rsa | 51 + images/boxs/workspace/insecure_id_rsa.ppk | 46 + images/boxs/workspace/insecure_id_rsa.pub | 1 + images/boxs/workspace/mc/config.json | 29 + images/boxs/workspace/sources.sh | 83 + images/boxs/workspace/xdebug.ini | 19 + images/buildbot/Dockerfile | 23 - images/buildbot/init.sh | 4 - images/buildbot/run.sh | 18 - images/caddy/Caddyfile | 69 + images/caddy/Dockerfile | 24 + images/caddy/authlist.conf | 1 + images/centos/7.0/Dockerfile | 3 + images/centos/7.1/Dockerfile | 3 + images/centos/7.2/Dockerfile | 3 + images/centos/7.3/Dockerfile | 3 + images/centos/7.4/Dockerfile | 3 + images/centos/7.5/Dockerfile | 3 + images/centos/7.6/Dockerfile | 3 + images/centos/7.7/Dockerfile | 3 + images/centos/7.8/Dockerfile | 3 + images/centos/7.9/Dockerfile | 3 + images/centos/8.1/Dockerfile | 3 + images/centos/8.2/Dockerfile | 3 + images/centos/8.3/Dockerfile | 3 + images/certbot/Dockerfile | 10 + images/certbot/letsencrypt/.gitkeep | 0 .../certbot/letsencrypt/.well-known/.gitkeep | 0 images/certbot/run-certbot.sh | 7 + images/cloudlinux/8/Dockerfile | 5 + images/cloudlinux/latest/Dockerfile | 5 + images/cmdide/Dockerfile | 27 - images/cmdide/Dockerfile.alpine | 27 - images/cmdide/Dockerfile.debian9 | 11 - images/cmdide/Dockerfile.php | 19 - images/cmdide/Dockerfile.php-ext | 38 - images/cmdide/Dockerfile.tomcat7 | 33 - images/cmdide/script/alpine-runenv.sh | 159 -- images/cmdide/script/cmdide.sh | 63 - images/cmdide/script/laravel-alpine.sh | 61 - images/cmdide/script/run.sh | 35 - images/cmdide/script/tomcat-run.sh | 18 - images/debian/Dockerfile.8.11 | 12 - images/debian/Dockerfile.9.9 | 12 - images/debian/Dockerfile.dev | 17 - images/debian/bullseye/Dockerfile | 12 + .../{Dockerfile.buster => buster/Dockerfile} | 24 +- .../{Dockerfile.jessie => jessie/Dockerfile} | 24 +- images/debian/{ => latest}/Dockerfile | 22 +- .../Dockerfile} | 24 +- .../{Dockerfile.wheezy => wheezy/Dockerfile} | 24 +- images/dotnet/Dockerfile | 0 images/elasticsearch/Dockerfile | 3 + images/gentoo/Dockerfile | 1 + images/gitbook/Dockerfile | 20 + images/{golang => go}/Dockerfile | 4 +- images/haproxy/Dockerfile | 5 + images/hubot/Dockerfile | 12 + images/java/Dockerfile | 8 - images/java/Dockerfile.7 | 8 - images/java/Dockerfile.8 | 8 - images/java/README.md | 3 - images/kali/Dockerfile | 3 + images/laradock-workspace | 1 + images/laravel-echo-server/Dockerfile | 30 + .../laravel-echo-server.json | 19 + images/laravel-echo-server/package.json | 12 + images/laravel-horizon/Dockerfile | 268 +++ images/laravel-horizon/supervisord.conf | 10 + .../laravel-horizon/supervisord.d/.gitignore | 1 + .../laravel-horizon.conf.example | 7 + images/ldap/Dockerfile | 12 + images/ldap/README.md | 18 + images/ldap/docker-entrypoint.sh | 70 + images/mariadb/.gitlab-ci.yml | 207 ++ images/mariadb/Dockerfile | 2 +- images/mariadb/Dockerfile.10.4 | 2 +- images/mariadb/README.md | 223 ++ .../mariadb/alpine-mariadb-aarch64/Dockerfile | 34 + .../alpine-mariadb-aarch64/files/run.sh | 99 + .../mariadb/alpine-mariadb-amd64/Dockerfile | 34 + .../mariadb/alpine-mariadb-amd64/files/run.sh | 99 + .../mariadb/alpine-mariadb-armhf/Dockerfile | 34 + .../mariadb/alpine-mariadb-armhf/files/run.sh | 99 + images/memcached/Dockerfile | 64 +- images/memcached/README.md | 2 - images/mongo-webui/Dockerfile | 3 + images/mongo/Dockerfile | 12 + images/mongodb/Dockerfile | 32 +- images/mssql/Dockerfile | 10 + images/nginx/1.18.0/Dockerfile | 18 + images/nginx/1.19.6/Dockerfile | 18 + images/nginx/Dockerfile | 8 - images/nginx/Dockerfile.lograte | 44 + images/nginx/Dockerfile.nginx-http3 | 235 ++ images/nginx/conf.d/.gitignore | 4 + images/nginx/conf.d/default.conf | 59 + .../10-listen-on-ipv6-by-default.sh | 61 + .../alpine-perl/20-envsubst-on-templates.sh | 32 + images/nginx/mainline/alpine-perl/Dockerfile | 125 + .../mainline/alpine-perl/docker-entrypoint.sh | 38 + .../alpine/10-listen-on-ipv6-by-default.sh | 61 + .../alpine/20-envsubst-on-templates.sh | 32 + images/nginx/mainline/alpine/Dockerfile | 124 + .../mainline/alpine/docker-entrypoint.sh | 38 + .../10-listen-on-ipv6-by-default.sh | 61 + .../debian-perl/20-envsubst-on-templates.sh | 32 + images/nginx/mainline/debian-perl/Dockerfile | 116 + .../mainline/debian-perl/docker-entrypoint.sh | 38 + .../debian/10-listen-on-ipv6-by-default.sh | 61 + .../debian/20-envsubst-on-templates.sh | 32 + images/nginx/mainline/debian/Dockerfile | 115 + .../mainline/debian/docker-entrypoint.sh | 38 + images/nginx/nginx-http3 | 1 + .../10-listen-on-ipv6-by-default.sh | 61 + .../alpine-perl/20-envsubst-on-templates.sh | 32 + images/nginx/stable/alpine-perl/Dockerfile | 125 + .../stable/alpine-perl/docker-entrypoint.sh | 38 + .../alpine/10-listen-on-ipv6-by-default.sh | 61 + .../stable/alpine/20-envsubst-on-templates.sh | 32 + images/nginx/stable/alpine/Dockerfile | 124 + .../nginx/stable/alpine/docker-entrypoint.sh | 38 + .../10-listen-on-ipv6-by-default.sh | 61 + .../debian-perl/20-envsubst-on-templates.sh | 32 + images/nginx/stable/debian-perl/Dockerfile | 116 + .../stable/debian-perl/docker-entrypoint.sh | 38 + .../debian/10-listen-on-ipv6-by-default.sh | 61 + .../stable/debian/20-envsubst-on-templates.sh | 32 + images/nginx/stable/debian/Dockerfile | 115 + .../nginx/stable/debian/docker-entrypoint.sh | 38 + images/openresty/Dockerfile | 165 ++ images/openresty/Dockerfile.1.17.8.1 | 167 ++ images/openresty/nginx-waf.conf | 88 + images/openresty/nginx.conf | 88 + images/openresty/nginx.vh.default.conf | 58 + images/opensuse/Dockerfile | 3 - images/opensuse/Dockerfile.leap | 3 - images/opensuse/Dockerfile.tumbleweed | 3 - images/opensuse/latest/Dockerfile | 5 + images/opensuse/leap/Dockerfile | 5 + images/opensuse/tumbleweed/Dockerfile | 5 + images/percona/Dockerfile | 11 + .../docker-entrypoint-initdb.d/.gitignore | 1 + .../createdb.sql.example | 28 + images/percona/my.cnf | 9 + images/pgadmin/Dockerfile | 5 + images/php-crond/Dockerfile | 14 + images/php-crond/crontabs/.gitignore | 3 + images/php-crond/crontabs/default.example | 3 + images/php-fpm/Dockerfile | 1005 ++++++++ images/php-fpm/aerospike.ini | 3 + images/php-fpm/laravel.ini | 16 + images/php-fpm/mysql.ini | 58 + images/php-fpm/opcache.ini | 9 + images/php-fpm/phalcon.ini | 2 + images/php-fpm/php5.6.ini | 2030 +++++++++++++++++ images/php-fpm/php7.0.ini | 1918 ++++++++++++++++ images/php-fpm/php7.1.ini | 1918 ++++++++++++++++ images/php-fpm/php7.2.ini | 1918 ++++++++++++++++ images/php-fpm/php7.3.ini | 1918 ++++++++++++++++ images/php-fpm/php7.4.ini | 1918 ++++++++++++++++ images/php-fpm/xdebug | 101 + images/php-fpm/xdebug.ini | 19 + images/php-fpm/xhprof.ini | 8 + images/php-fpm/xlaravel.pool.conf | 76 + images/php-supervisor/Dockerfile | 16 + images/php-supervisor/supervisor/.gitignore | 4 + .../supervisor/supervisord.conf | 15 + images/php-worker/Dockerfile | 370 +++ images/php-worker/supervisord.conf | 10 + images/php-worker/supervisord.d/.gitignore | 1 + .../laravel-scheduler.conf.example | 8 + .../supervisord.d/laravel-worker.conf.example | 8 + images/php/56/Dockerfile | 22 + images/php/71/Dockerfile | 16 + images/php/72/Dockerfile | 18 + images/php/73/Dockerfile | 20 + images/php/74/Dockerfile | 20 + images/php/8/Dockerfile | 19 + images/php/Dockerfile | 17 - images/php/Dockerfile.multiple | 16 - images/php/README.md | 3 + images/php/php-fpm/Dockerfile-56 | 137 ++ images/php/php-fpm/Dockerfile-70 | 149 ++ images/php/php-fpm/aerospike.ini | 3 + images/php/php-fpm/laravel.ini | 13 + images/php/php-fpm/laravel.pool.conf | 76 + images/php/php-fpm/opcache.ini | 7 + images/php/php-fpm/xdebug.ini | 12 + images/php/php56/Dockerfile | 69 + images/php/php56/custom-php.ini | 230 ++ images/php/php56/opcache.ini | 9 + images/php/php56/timezone.ini | 4 + images/php/php56/xdebug.ini | 16 + images/php/php72/Dockerfile | 209 ++ images/php/php72/opcache.ini | 9 + images/php/php72/php71.ini | 232 ++ images/php/php72/php72.ini | 1918 ++++++++++++++++ images/php/php72/sources.list | 8 + images/php/php72/xdebug.ini | 15 + images/phpmyadmin/Dockerfile | 14 + images/portainer/Dockerfile | 3 + images/postgres/Dockerfile | 4 + .../docker-entrypoint-initdb.d/.gitignore | 5 + .../createdb.sh.example | 33 + .../init_confluence_db.sh | 44 + .../init_gitlab_db.sh | 44 + .../init_jupyterhub_db.sh | 44 + .../init_sonarqube_db.sh | 44 + images/rabbitmq/Dockerfile | 11 + images/redis-cluster/5.0/Dockerfile | 10 + images/redis-cluster/6.0/Dockerfile | 10 + images/redis-cluster/6.2/Dockerfile | 10 + images/redis-webui/Dockerfile | 3 + images/redis/Dockerfile | 47 - images/redis/Dockerfile.4 | 47 - images/redis/README.md | 32 +- images/rhel/6/Dockerfile | 5 + images/rhel/7/Dockerfile | 5 + images/rhel/8/Dockerfile | 5 + images/rhel/minimal/Dockerfile | 5 + images/seedbox/Dockerfile | 26 + images/seedbox/README.md | 13 + images/seedbox/conf/aria2c.conf | 272 +++ images/seedbox/conf/aria2c.session | 0 images/seedbox/conf/aria2c.torrents.conf | 252 ++ images/seedbox/conf/build.sh | 101 + images/seedbox/conf/delete.sh | 21 + images/seedbox/conf/dht.dat | Bin 0 -> 5488 bytes images/seedbox/conf/dht6.dat | Bin 0 -> 8008 bytes images/seedbox/conf/entrypoint.sh | 35 + images/seedbox/conf/on-complete.sh | 29 + images/seedbox/conf/on-delete.sh | 81 + images/seedbox/conf/on-move.sh | 81 + images/seedbox/conf/rtorrent.rc | 72 + images/selenium/Dockerfile | 5 + images/sshd/tools.sh | 66 +- images/ssr/Dockerfile | 26 +- images/ssr/README.md | 66 +- images/tengine/Dockerfile | 112 + images/ubuntu/12.04/Dockerfile | 13 + images/ubuntu/13.10/Dockerfile | 13 + .../{Dockerfile.trusty => 14.04/Dockerfile} | 0 images/ubuntu/14.10/Dockerfile | 13 + images/ubuntu/15.04/Dockerfile | 13 + images/ubuntu/15.10/Dockerfile | 13 + .../{Dockerfile.xenial => 16.04/Dockerfile} | 0 images/ubuntu/16.10/Dockerfile | 13 + images/ubuntu/18.04/Dockerfile | 13 + images/ubuntu/18.10/Dockerfile | 13 + images/ubuntu/19.04/Dockerfile | 13 + images/ubuntu/19.10/Dockerfile | 13 + images/ubuntu/20.04/Dockerfile | 13 + images/ubuntu/20.10/Dockerfile | 13 + images/ubuntu/21.04/Dockerfile | 13 + images/ubuntu/21.10/Dockerfile | 13 + images/ubuntu/Dockerfile | 23 - images/ubuntu/Dockerfile.bionic | 22 - images/ubuntu/Dockerfile.btpanel | 23 - images/ubuntu/Dockerfile.cosmic | 22 - images/ubuntu/Dockerfile.unity | 31 - images/ubuntu/Dockerfile.unity.bak | 40 - images/ubuntu/Dockerfile.vncenv | 20 - images/ubuntu/Dockerfile.xenial-vncenv | 28 - images/ubuntu/Dockerfile.xfce | 32 - images/ubuntu/README.md | 35 + images/ubuntu/latest/Dockerfile | 13 + images/ubuntu/script/bt.sh | 457 ---- images/ubuntu/script/btpanel.sh | 404 ---- images/varnish/Dockerfile | 21 + images/varnish/default.vcl | 420 ++++ images/varnish/default_wordpress.vcl | 243 ++ images/varnish/start.sh | 25 + images/vscode-remote/.devcontainer/.gitignore | 6 + images/vscode-remote/.devcontainer/.npmrc | 3 + .../.devcontainer/composer.config.json | 9 + .../.devcontainer/devcontainer.json | 43 + .../.devcontainer/docker-php.ini | 38 + .../README.DOCKER-DESKTOP-macOS.md | 40 + .../README.DOCKER-DESKTOP-wsl2.md | 15 + images/vscode-remote/README.md | 106 + images/vscode-remote/docker-workspace.yml | 98 + index.html | 23 - scripts/boxs.sh | 11 + scripts/docker.sh | 197 ++ .../10-listen-on-ipv6-by-default.sh | 61 + .../entrypoint/20-envsubst-on-templates.sh | 32 + scripts/entrypoint/docker-entrypoint.sh | 38 + scripts/env.sh | 140 ++ scripts/function.sh | 416 ++++ scripts/generate-stackbrew-library.sh | 102 + scripts/http_website_easy_install.bash | 90 + scripts/https_website_easy_install.bash | 186 ++ scripts/index.php | 89 + scripts/install/build.sh | 275 +++ scripts/install/install-php.sh | 23 + scripts/install/install-pkgs.sh | 63 + scripts/install/install-tengine.sh | 4 + scripts/install/mysql.sh | 45 + scripts/install/nginx-alpine.sh | 25 + scripts/install/nginx-install.sh | 97 + scripts/install/php56-alpine.sh | 244 ++ scripts/install/php73-alpine.sh | 43 + scripts/install/php74-alpine-compile.sh | 116 + scripts/install/php74-alpine.sh | 259 +++ scripts/install/php8-alpine.sh | 45 + scripts/letsencrypt | 1 + scripts/mysql_run.sh | 514 +++++ scripts/php | 87 + scripts/sec.sh | 9 + scripts/test.php | 23 + scripts/vbackup | 56 + scripts/vhost | 298 +++ scripts/xdebug | 101 + startup/boxs.sh | 13 + 670 files changed, 69119 insertions(+), 2475 deletions(-) create mode 100644 .editorconfig create mode 100644 .env.example create mode 100644 .gitattributes create mode 100644 .github/ISSUE_TEMPLATE/bug_report.md create mode 100644 .github/ISSUE_TEMPLATE/feature_request.md create mode 100644 .github/workflows/build-docs.yml create mode 100644 .github/workflows/check-link.yml create mode 100644 .github/workflows/ci.yml create mode 100644 .github/workflows/docker-image-rootfs.yml create mode 100644 .github/workflows/dockerimage.yml create mode 100644 .github/workflows/labeler.yml create mode 100644 .github/workflows/lrew.yml create mode 100644 .github/workflows/lwpm.yml create mode 100644 .github/workflows/main.yml create mode 100644 .github/workflows/manifest.yml create mode 100644 .github/workflows/php-fpm.yml create mode 100644 .github/workflows/sync-actions.yml create mode 100644 .github/workflows/sync-git.yml create mode 100644 .github/workflows/sync-php.yml create mode 100644 .travis.yml create mode 100644 .vscode/settings.json create mode 100644 LICENSE create mode 100644 README-zh.md delete mode 100644 _config.yml create mode 100755 bin/git create mode 100755 bin/grunt create mode 100755 bin/gulp create mode 100755 bin/node create mode 100755 bin/npm create mode 100755 bin/php create mode 100755 bin/tsc create mode 100755 bin/yarn create mode 100644 compose/1.yml rename docker-compose.yml => compose/10.yml (100%) rename images/cmdide/docker-compose.yml => compose/11.yml (100%) create mode 100644 compose/2.yml create mode 100644 compose/3.yml create mode 100644 compose/4.yml create mode 100644 compose/5.yml create mode 100644 compose/6.yml create mode 100644 compose/7.yml create mode 100644 compose/8.yml create mode 100644 compose/9.yml create mode 100644 compose/apm-server-compose.yml create mode 100644 compose/aria2.yml create mode 100644 compose/container_scanning_all_arch.yml create mode 100644 compose/docker-compose-10.yml create mode 100644 compose/docker-compose-8.yml create mode 100644 compose/docker-compose-9.yml create mode 100644 compose/docker-compose-sync.yml create mode 100644 compose/docker-compose.laradock.yml create mode 100644 compose/docker-composer-2.yml create mode 100644 compose/docker-composer-3.yml create mode 100644 compose/docker-composer-4.yml create mode 100644 compose/docker-composer-5.yml create mode 100644 compose/docker-composer-6.yml create mode 100644 compose/docker-composer-7.yml create mode 100644 compose/elasticsearch-compose.yml create mode 100755 compose/ethereum-stack-compose.yml create mode 100644 compose/fast.yml create mode 100644 compose/filebeat-compose.yml create mode 100644 compose/kibana-compose.yml create mode 100644 compose/laradock.yml create mode 100755 compose/lnmp-stack-compose.yml create mode 100644 compose/logstash.yml create mode 100644 compose/metricbeat.yml create mode 100755 compose/nginx-lua-compose.yml create mode 100644 compose/simplify.yml create mode 100644 conf/apache/httpd.conf create mode 100644 conf/apache/vhosts/default.conf create mode 100644 conf/bashrc create mode 100644 conf/elk/README.md create mode 100644 conf/elk/elk.sh create mode 100644 conf/elk/es-master.yml create mode 100644 conf/elk/es-slave1.yml create mode 100644 conf/elk/es-slave2.yml create mode 100644 conf/elk/filebeat.yml create mode 100644 conf/elk/kibana.yml create mode 100644 conf/elk/logstash-filebeat.conf create mode 100644 conf/elk/logstash.yml create mode 100644 conf/elk/nginx.conf create mode 100644 conf/mongo/conf/mongo.conf create mode 100644 conf/mongo/conf/mongod.yml create mode 100644 conf/nginx/cert/*.demo.com.crt create mode 100644 conf/nginx/cert/*.demo.com.csr create mode 100644 conf/nginx/cert/*.demo.com.key create mode 100644 conf/nginx/cert/*.demo.com.origin.key create mode 100644 conf/nginx/cert/cert.key create mode 100644 conf/nginx/cert/cert.pem create mode 100644 conf/nginx/cert/envdev.crt create mode 100644 conf/nginx/cert/envdev.csr create mode 100644 conf/nginx/cert/envdev.key create mode 100644 conf/nginx/conf.d/app.conf.example create mode 100644 conf/nginx/conf.d/confluence.conf.example create mode 100644 conf/nginx/conf.d/default.conf create mode 100644 conf/nginx/conf.d/demo.conf create mode 100644 conf/nginx/conf.d/http3.conf create mode 100644 conf/nginx/conf.d/laravel.conf.example create mode 100644 conf/nginx/conf.d/laravel_varnish.conf.example create mode 100644 conf/nginx/conf.d/proxy.conf create mode 100644 conf/nginx/conf.d/symfony.conf.example create mode 100644 conf/nginx/fastcgi.conf create mode 100644 conf/nginx/fastcgi_params create mode 100644 conf/nginx/koi-utf create mode 100644 conf/nginx/koi-win create mode 100644 conf/nginx/logrotate/nginx create mode 100644 conf/nginx/mime.types create mode 100644 conf/nginx/nginx.conf create mode 100644 conf/nginx/rewrite/DEDECMS.conf create mode 100644 conf/nginx/rewrite/Discuz_7.conf create mode 100644 conf/nginx/rewrite/Discuz_X.conf create mode 100644 conf/nginx/rewrite/PHPWind.conf create mode 100644 conf/nginx/rewrite/ecshop.conf create mode 100644 conf/nginx/rewrite/laravel.conf create mode 100644 conf/nginx/rewrite/none.conf create mode 100644 conf/nginx/rewrite/phpcms.conf create mode 100644 conf/nginx/rewrite/shopex.conf create mode 100644 conf/nginx/rewrite/thinkphp.conf create mode 100644 conf/nginx/rewrite/typecho.conf create mode 100644 conf/nginx/rewrite/wordpress.conf create mode 100644 conf/nginx/scgi_params create mode 100644 conf/nginx/uwsgi_params create mode 100644 conf/php/build/install.sh create mode 100644 conf/php/extends/aerospike.ini create mode 100644 conf/php/extends/opcache.ini create mode 100644 conf/php/extends/xdebug.ini create mode 100644 conf/php/php-fpm.d/72.conf create mode 100644 conf/php/php-fpm.d/Dockerfile create mode 100644 conf/php/php-fpm.d/conf-7.1/php-fpm.conf create mode 100644 conf/php/php-fpm.d/conf-7.1/php-fpm.d/docker.conf create mode 100644 conf/php/php-fpm.d/conf-7.1/php-fpm.d/www.conf create mode 100644 conf/php/php-fpm.d/conf-7.1/php-fpm.d/zz-docker.conf create mode 100644 conf/php/php-fpm.d/conf-7.1/php.ini create mode 100644 conf/php/php-fpm.d/conf-7.2/php-fpm.conf create mode 100644 conf/php/php-fpm.d/conf-7.2/php-fpm.d/docker.conf create mode 100644 conf/php/php-fpm.d/conf-7.2/php-fpm.d/www.conf create mode 100644 conf/php/php-fpm.d/conf-7.2/php-fpm.d/zz-docker.conf create mode 100644 conf/php/php-fpm.d/conf-7.2/php.ini create mode 100644 conf/php/php-fpm.d/conf-7.3/php-fpm.conf create mode 100644 conf/php/php-fpm.d/conf-7.3/php-fpm.d/docker.conf create mode 100644 conf/php/php-fpm.d/conf-7.3/php-fpm.d/www.conf create mode 100644 conf/php/php-fpm.d/conf-7.3/php-fpm.d/www.conf.default create mode 100644 conf/php/php-fpm.d/conf-7.3/php-fpm.d/zz-docker.conf create mode 100644 conf/php/php-fpm.d/conf-7.3/php.ini create mode 100644 conf/php/php-fpm.d/conf-7.4/php-fpm.conf create mode 100644 conf/php/php-fpm.d/conf-7.4/php-fpm.d/docker.conf create mode 100644 conf/php/php-fpm.d/conf-7.4/php-fpm.d/www.conf create mode 100644 conf/php/php-fpm.d/conf-7.4/php-fpm.d/zz-docker.conf create mode 100644 conf/php/php-fpm.d/conf-7.4/php.ini create mode 100644 conf/php/php-fpm.d/php-fpm.conf create mode 100644 conf/php/php-fpm.d/php-fpm2.conf create mode 100644 conf/php/php-fpm.d/php-fpm3.conf create mode 100644 conf/php/php5.ini create mode 100644 conf/php/php7.ini create mode 100644 conf/phpMyAdmin/config.inc.php create mode 100644 conf/services/apache.yml create mode 100644 conf/services/demo.service create mode 100644 conf/services/elasticsearch/Dockerfile create mode 100644 conf/services/elasticsearch/elasticsearch.yml create mode 100644 conf/services/maildev.yml create mode 100644 conf/services/mariadb.yml create mode 100644 conf/services/memcached.yml create mode 100644 conf/services/mongodb.yml create mode 100644 conf/services/mysql.yml create mode 100644 conf/services/mysql5/mysql.cnf create mode 100644 conf/services/nginx.yml create mode 100644 conf/services/nginx/Dockerfile create mode 100644 conf/services/nginx/conf.d/.gitignore create mode 100644 conf/services/nginx/conf.d/localhost.conf create mode 100644 conf/services/nginx/fastcgi-php.conf create mode 100644 conf/services/nginx/fastcgi_params create mode 100644 conf/services/nginx/initsh create mode 100644 conf/services/nginx/nginx.conf create mode 100644 conf/services/nginx/ssl/localhost/localhost.crt create mode 100644 conf/services/nginx/ssl/localhost/localhost.key create mode 100644 conf/services/openresty/conf.d/.gitignore create mode 100644 conf/services/openresty/conf.d/localhost.conf create mode 100644 conf/services/openresty/fastcgi-php.conf create mode 100644 conf/services/openresty/fastcgi_params create mode 100644 conf/services/openresty/openresty.conf create mode 100644 conf/services/openresty/ssl/localhost/localhost.crt create mode 100644 conf/services/openresty/ssl/localhost/localhost.key create mode 100644 conf/services/php/Dockerfile create mode 100644 conf/services/php/initsh create mode 100644 conf/services/php/php-fpm.conf create mode 100644 conf/services/php/php.ini create mode 100644 conf/services/php54/Dockerfile create mode 100644 conf/services/php54/extensions/install.sh create mode 100644 conf/services/php54/php-fpm.conf create mode 100644 conf/services/php54/php.ini create mode 100644 conf/services/php56/php-fpm.conf create mode 100644 conf/services/php56/php.ini create mode 100644 conf/services/phpmyadmin/config.user.inc.php create mode 100644 conf/services/phpmyadmin/php-phpmyadmin.ini create mode 100644 conf/services/rabbitmq.yml create mode 100644 conf/services/redis.yml create mode 100644 conf/services/supervisor/Dockerfile create mode 100644 conf/services/supervisor/conf.d/php-fpm.ini create mode 100644 conf/services/supervisor/supervisord.conf create mode 100644 conf/tmux.conf create mode 100644 conf/tmuxinator_init.yml create mode 160000 conf/voocel-docker-lnmp create mode 100644 conf/workspace/Dockerfile create mode 100644 conf/workspace/insecure_id_rsa create mode 100644 conf/workspace/insecure_id_rsa.ppk create mode 100644 conf/workspace/insecure_id_rsa.pub create mode 100755 dockenv create mode 100644 docs/Help.md create mode 100644 docs/README.md create mode 100644 docs/TODO.md create mode 100644 docs/configuration.md create mode 100644 docs/docker.md create mode 100644 docs/error.md create mode 100644 docs/https.md create mode 100644 docs/image.md create mode 100644 docs/installation.md create mode 100644 docs/nginx.md create mode 100644 docs/presentation.md create mode 100644 docs/tmp.md create mode 100644 docs/vhost.md create mode 100644 "docs/\345\246\202\344\275\225\345\256\211\350\243\205swoole\346\211\251\345\261\225.md" create mode 100644 "docs/\345\246\202\344\275\225\345\256\211\350\243\205yaf\346\211\251\345\261\225.md" create mode 100644 "docs/\345\246\202\344\275\225\346\226\260\345\273\272\344\270\200\344\270\252\347\253\231\347\202\271.md" create mode 100644 images/aerospike/Dockerfile create mode 100644 images/aerospike/aerospike.conf create mode 100644 images/almalinux/8.4/Dockerfile create mode 100644 images/almalinux/latest/Dockerfile create mode 100644 images/alpine-mariadb-amd64/Dockerfile create mode 100644 images/alpine-mariadb-amd64/files/run.sh create mode 100644 images/alpine/3.10/Dockerfile create mode 100644 images/alpine/3.11/Dockerfile create mode 100644 images/alpine/3.12/Dockerfile create mode 100644 images/alpine/3.13/Dockerfile create mode 100644 images/alpine/3.7/Dockerfile create mode 100644 images/alpine/3.8/Dockerfile create mode 100644 images/alpine/3.9/Dockerfile delete mode 100644 images/alpine/Dockerfile delete mode 100644 images/alpine/Dockerfile.dev delete mode 100644 images/alpine/README.md create mode 100644 images/alpine/edge/Dockerfile create mode 100644 images/android/Dockerfile create mode 100644 images/apache2/Dockerfile delete mode 100644 images/archlinux-vnc/Dockerfile delete mode 100644 images/archlinux-vnc/conf/build.sh delete mode 100644 images/archlinux/Dockerfile delete mode 100755 images/archlinux/Dockerfile.base delete mode 100644 images/archlinux/Dockerfile.vncenv rename images/archlinux/{Dockerfile.dev => dev/Dockerfile} (81%) create mode 100644 images/archlinux/latest/Dockerfile create mode 100644 images/aria2/conf/aria2c.session create mode 100755 images/aria2/conf/aria2c.torrents.conf create mode 100755 images/aria2/conf/build.sh create mode 100644 images/aria2/conf/delete.sh create mode 100644 images/aria2/conf/dht.dat create mode 100755 images/aria2/conf/dht6.dat delete mode 100644 images/aria2/conf/docker-entrypoint.sh create mode 100644 images/aria2/conf/entrypoint.sh create mode 100644 images/aria2/conf/on-complete.sh create mode 100755 images/aria2/conf/on-delete.sh create mode 100755 images/aria2/conf/on-move.sh delete mode 100644 images/aria2/conf/run.sh delete mode 100644 images/aria2/docker-compose.yml create mode 100644 images/beanstalkd-console/Dockerfile create mode 100644 images/beanstalkd/Dockerfile create mode 100644 images/boxs/Dockerfile create mode 100644 images/boxs/README.md rename images/{ubuntu => boxs}/README.unity.md (100%) create mode 160000 images/boxs/app create mode 100755 images/boxs/conf.d/1/50-motd-news create mode 100755 images/boxs/conf.d/1/60-unminimize rename images/{cmdide => boxs}/conf.d/default.conf (100%) rename images/{ubuntu => boxs/conf.d/desktop}/xfce/.config/background.jpg (100%) rename images/{ubuntu => boxs/conf.d/desktop}/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-desktop.xml (100%) rename images/{ubuntu => boxs/conf.d/desktop}/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-keyboard-shortcuts.xml (100%) rename images/{ubuntu => boxs/conf.d/desktop}/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml (100%) rename images/{ubuntu => boxs/conf.d/desktop}/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfwm4.xml (100%) rename images/{ubuntu => boxs/conf.d/desktop}/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xsettings.xml (100%) rename images/{ubuntu => boxs/conf.d/desktop}/xfce/Desktop/.firefox.desktop (100%) rename images/{ubuntu => boxs/conf.d/desktop}/xfce/Desktop/chromium-browser.desktop (100%) rename images/{cmdide => boxs}/conf.d/index.php (98%) create mode 100644 images/boxs/conf.d/init.d/sshd create mode 100644 images/boxs/conf.d/landscape-sysinfo.py rename images/{cmdide => boxs}/conf.d/letsencrypt-renew (100%) rename images/{cmdide => boxs}/conf.d/letsencrypt-setup (100%) create mode 100644 images/boxs/conf.d/motd.sh create mode 100644 images/boxs/conf.d/motd/50-landscape-sysinfo create mode 100755 images/boxs/conf.d/motd/50-motd-news create mode 100755 images/boxs/conf.d/motd/80-esm create mode 100755 images/boxs/conf.d/motd/80-livepatch create mode 100755 images/boxs/conf.d/motd/91-release-upgrade create mode 100755 images/boxs/conf.d/motd/95-hwe-eol create mode 100755 images/boxs/conf.d/motd/97-overlayroot create mode 100755 images/boxs/conf.d/motd/98-fsck-at-reboot create mode 100755 images/boxs/conf.d/motd/98-reboot-required rename images/{cmdide/alpine/nginx.conf => boxs/conf.d/nginx.2.conf} (100%) rename images/{cmdide => boxs}/conf.d/nginx.conf (100%) create mode 100644 images/boxs/conf.d/nginx.conf.d/LICENSE create mode 100644 images/boxs/conf.d/nginx.conf.d/README.md create mode 100644 images/boxs/conf.d/nginx.conf.d/anti-floc.conf create mode 100644 images/boxs/conf.d/nginx.conf.d/archive.fastgit.org.conf create mode 100644 images/boxs/conf.d/nginx.conf.d/assets.fastgit.org.conf create mode 100644 images/boxs/conf.d/nginx.conf.d/download.fastgit.org.conf create mode 100644 images/boxs/conf.d/nginx.conf.d/fastgit.org.conf create mode 100644 images/boxs/conf.d/nginx.conf.d/hub.fastgit.org.conf create mode 100644 images/boxs/conf.d/nginx.conf.d/install-debian10.sh create mode 100644 images/boxs/conf.d/nginx.conf.d/raw.fastgit.org.conf create mode 100644 images/boxs/conf.d/nginx.conf.d/robots.txt create mode 100644 images/boxs/conf.d/nginx/google.nginx.conf create mode 100644 images/boxs/conf.d/nginx/google2.nginx.conf create mode 100644 images/boxs/conf.d/nginx/gravatar.conf create mode 100644 images/boxs/conf.d/nginx/sni-host.conf create mode 100644 images/boxs/conf.d/nginx/sni.nginx.conf create mode 100755 images/boxs/conf.d/notifier/usr/lib/update-notifier/apt-cdrom-check create mode 120000 images/boxs/conf.d/notifier/usr/lib/update-notifier/apt-check create mode 100755 images/boxs/conf.d/notifier/usr/lib/update-notifier/apt_check.py create mode 100755 images/boxs/conf.d/notifier/usr/lib/update-notifier/backend_helper.py create mode 100755 images/boxs/conf.d/notifier/usr/lib/update-notifier/cddistupgrader create mode 100755 images/boxs/conf.d/notifier/usr/lib/update-notifier/package-data-downloader create mode 100755 images/boxs/conf.d/notifier/usr/lib/update-notifier/package-system-locked create mode 100755 images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-fsck-at-reboot create mode 100755 images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-hwe-eol create mode 100755 images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-reboot-required create mode 100755 images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-updates-available rename images/{cmdide => boxs}/conf.d/php.ini (100%) create mode 100644 images/boxs/conf.d/supervisor-novnc.conf rename images/{archlinux-vnc => boxs/conf.d}/supervisord.conf (100%) rename images/{ => boxs}/panel/Dockerfile.bt (100%) rename images/{ => boxs}/panel/Dockerfile.bt6 (100%) rename images/{ => boxs}/panel/scripts/bt6.sh (100%) rename images/{ => boxs}/panel/scripts/install-bt.sh (100%) create mode 100644 images/boxs/script/bootstrap.sh rename images/{cmdide => boxs}/script/build.sh (84%) create mode 100644 images/boxs/script/entrypoint.sh rename images/{ubuntu => boxs}/script/startup.sh (100%) rename images/{ubuntu/script/build.sh => boxs/script/vnc.sh} (100%) rename images/{ubuntu => boxs}/script/wm_startup.sh (100%) rename images/{ubuntu => boxs}/unity/startup.sh (71%) rename images/{ubuntu => boxs}/unity/startup_bak.sh (100%) rename images/{ubuntu => boxs}/unity/unity.sh (100%) rename images/{ubuntu => boxs}/unity/xfce_startup.sh (100%) rename images/{archlinux-vnc => boxs/vnc}/conf/.ratpoisonrc (100%) rename images/{archlinux-vnc => boxs/vnc}/conf/.xinitrc (100%) rename images/{archlinux-vnc => boxs/vnc}/conf/.xsession (100%) rename images/{archlinux-vnc => boxs/vnc}/conf/vnc/xstartup (100%) rename images/{archlinux-vnc => boxs/vnc}/run.sh (100%) create mode 100644 images/boxs/workspace/Dockerfile create mode 100644 images/boxs/workspace/aerospike.ini create mode 100644 images/boxs/workspace/aliases.sh create mode 100644 images/boxs/workspace/crontab/laradock create mode 100644 images/boxs/workspace/insecure_id_rsa create mode 100644 images/boxs/workspace/insecure_id_rsa.ppk create mode 100644 images/boxs/workspace/insecure_id_rsa.pub create mode 100644 images/boxs/workspace/mc/config.json create mode 100755 images/boxs/workspace/sources.sh create mode 100644 images/boxs/workspace/xdebug.ini delete mode 100644 images/buildbot/Dockerfile delete mode 100644 images/buildbot/init.sh delete mode 100644 images/buildbot/run.sh create mode 100644 images/caddy/Caddyfile create mode 100644 images/caddy/Dockerfile create mode 100644 images/caddy/authlist.conf create mode 100644 images/centos/7.0/Dockerfile create mode 100644 images/centos/7.1/Dockerfile create mode 100644 images/centos/7.2/Dockerfile create mode 100644 images/centos/7.3/Dockerfile create mode 100644 images/centos/7.4/Dockerfile create mode 100644 images/centos/7.5/Dockerfile create mode 100644 images/centos/7.6/Dockerfile create mode 100644 images/centos/7.7/Dockerfile create mode 100644 images/centos/7.8/Dockerfile create mode 100644 images/centos/7.9/Dockerfile create mode 100644 images/centos/8.1/Dockerfile create mode 100644 images/centos/8.2/Dockerfile create mode 100644 images/centos/8.3/Dockerfile create mode 100644 images/certbot/Dockerfile create mode 100644 images/certbot/letsencrypt/.gitkeep create mode 100644 images/certbot/letsencrypt/.well-known/.gitkeep create mode 100644 images/certbot/run-certbot.sh create mode 100644 images/cloudlinux/8/Dockerfile create mode 100644 images/cloudlinux/latest/Dockerfile delete mode 100644 images/cmdide/Dockerfile delete mode 100644 images/cmdide/Dockerfile.alpine delete mode 100644 images/cmdide/Dockerfile.debian9 delete mode 100644 images/cmdide/Dockerfile.php delete mode 100644 images/cmdide/Dockerfile.php-ext delete mode 100644 images/cmdide/Dockerfile.tomcat7 delete mode 100644 images/cmdide/script/alpine-runenv.sh delete mode 100644 images/cmdide/script/cmdide.sh delete mode 100644 images/cmdide/script/laravel-alpine.sh delete mode 100644 images/cmdide/script/run.sh delete mode 100644 images/cmdide/script/tomcat-run.sh delete mode 100644 images/debian/Dockerfile.8.11 delete mode 100644 images/debian/Dockerfile.9.9 delete mode 100644 images/debian/Dockerfile.dev create mode 100644 images/debian/bullseye/Dockerfile rename images/debian/{Dockerfile.buster => buster/Dockerfile} (96%) rename images/debian/{Dockerfile.jessie => jessie/Dockerfile} (96%) rename images/debian/{ => latest}/Dockerfile (97%) rename images/debian/{Dockerfile.stretch => stretch/Dockerfile} (96%) rename images/debian/{Dockerfile.wheezy => wheezy/Dockerfile} (96%) create mode 100644 images/dotnet/Dockerfile create mode 100644 images/elasticsearch/Dockerfile create mode 100644 images/gentoo/Dockerfile create mode 100644 images/gitbook/Dockerfile rename images/{golang => go}/Dockerfile (91%) create mode 100644 images/haproxy/Dockerfile create mode 100644 images/hubot/Dockerfile delete mode 100644 images/java/Dockerfile delete mode 100644 images/java/Dockerfile.7 delete mode 100644 images/java/Dockerfile.8 delete mode 100644 images/java/README.md create mode 100644 images/kali/Dockerfile create mode 160000 images/laradock-workspace create mode 100644 images/laravel-echo-server/Dockerfile create mode 100644 images/laravel-echo-server/laravel-echo-server.json create mode 100644 images/laravel-echo-server/package.json create mode 100644 images/laravel-horizon/Dockerfile create mode 100644 images/laravel-horizon/supervisord.conf create mode 100644 images/laravel-horizon/supervisord.d/.gitignore create mode 100644 images/laravel-horizon/supervisord.d/laravel-horizon.conf.example create mode 100644 images/ldap/Dockerfile create mode 100644 images/ldap/README.md create mode 100755 images/ldap/docker-entrypoint.sh create mode 100644 images/mariadb/.gitlab-ci.yml create mode 100644 images/mariadb/README.md create mode 100644 images/mariadb/alpine-mariadb-aarch64/Dockerfile create mode 100644 images/mariadb/alpine-mariadb-aarch64/files/run.sh create mode 100644 images/mariadb/alpine-mariadb-amd64/Dockerfile create mode 100644 images/mariadb/alpine-mariadb-amd64/files/run.sh create mode 100644 images/mariadb/alpine-mariadb-armhf/Dockerfile create mode 100644 images/mariadb/alpine-mariadb-armhf/files/run.sh delete mode 100644 images/memcached/README.md create mode 100644 images/mongo-webui/Dockerfile create mode 100644 images/mongo/Dockerfile create mode 100644 images/mssql/Dockerfile create mode 100644 images/nginx/1.18.0/Dockerfile create mode 100644 images/nginx/1.19.6/Dockerfile delete mode 100644 images/nginx/Dockerfile create mode 100644 images/nginx/Dockerfile.lograte create mode 100644 images/nginx/Dockerfile.nginx-http3 create mode 100644 images/nginx/conf.d/.gitignore create mode 100644 images/nginx/conf.d/default.conf create mode 100755 images/nginx/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh create mode 100755 images/nginx/mainline/alpine-perl/20-envsubst-on-templates.sh create mode 100644 images/nginx/mainline/alpine-perl/Dockerfile create mode 100755 images/nginx/mainline/alpine-perl/docker-entrypoint.sh create mode 100755 images/nginx/mainline/alpine/10-listen-on-ipv6-by-default.sh create mode 100755 images/nginx/mainline/alpine/20-envsubst-on-templates.sh create mode 100644 images/nginx/mainline/alpine/Dockerfile create mode 100755 images/nginx/mainline/alpine/docker-entrypoint.sh create mode 100755 images/nginx/mainline/debian-perl/10-listen-on-ipv6-by-default.sh create mode 100755 images/nginx/mainline/debian-perl/20-envsubst-on-templates.sh create mode 100644 images/nginx/mainline/debian-perl/Dockerfile create mode 100755 images/nginx/mainline/debian-perl/docker-entrypoint.sh create mode 100755 images/nginx/mainline/debian/10-listen-on-ipv6-by-default.sh create mode 100755 images/nginx/mainline/debian/20-envsubst-on-templates.sh create mode 100644 images/nginx/mainline/debian/Dockerfile create mode 100755 images/nginx/mainline/debian/docker-entrypoint.sh create mode 160000 images/nginx/nginx-http3 create mode 100755 images/nginx/stable/alpine-perl/10-listen-on-ipv6-by-default.sh create mode 100755 images/nginx/stable/alpine-perl/20-envsubst-on-templates.sh create mode 100644 images/nginx/stable/alpine-perl/Dockerfile create mode 100755 images/nginx/stable/alpine-perl/docker-entrypoint.sh create mode 100755 images/nginx/stable/alpine/10-listen-on-ipv6-by-default.sh create mode 100755 images/nginx/stable/alpine/20-envsubst-on-templates.sh create mode 100644 images/nginx/stable/alpine/Dockerfile create mode 100755 images/nginx/stable/alpine/docker-entrypoint.sh create mode 100755 images/nginx/stable/debian-perl/10-listen-on-ipv6-by-default.sh create mode 100755 images/nginx/stable/debian-perl/20-envsubst-on-templates.sh create mode 100644 images/nginx/stable/debian-perl/Dockerfile create mode 100755 images/nginx/stable/debian-perl/docker-entrypoint.sh create mode 100755 images/nginx/stable/debian/10-listen-on-ipv6-by-default.sh create mode 100755 images/nginx/stable/debian/20-envsubst-on-templates.sh create mode 100644 images/nginx/stable/debian/Dockerfile create mode 100755 images/nginx/stable/debian/docker-entrypoint.sh create mode 100644 images/openresty/Dockerfile create mode 100644 images/openresty/Dockerfile.1.17.8.1 create mode 100644 images/openresty/nginx-waf.conf create mode 100644 images/openresty/nginx.conf create mode 100644 images/openresty/nginx.vh.default.conf delete mode 100644 images/opensuse/Dockerfile delete mode 100644 images/opensuse/Dockerfile.leap delete mode 100644 images/opensuse/Dockerfile.tumbleweed create mode 100644 images/opensuse/latest/Dockerfile create mode 100644 images/opensuse/leap/Dockerfile create mode 100644 images/opensuse/tumbleweed/Dockerfile create mode 100644 images/percona/Dockerfile create mode 100644 images/percona/docker-entrypoint-initdb.d/.gitignore create mode 100644 images/percona/docker-entrypoint-initdb.d/createdb.sql.example create mode 100644 images/percona/my.cnf create mode 100644 images/pgadmin/Dockerfile create mode 100644 images/php-crond/Dockerfile create mode 100644 images/php-crond/crontabs/.gitignore create mode 100644 images/php-crond/crontabs/default.example create mode 100644 images/php-fpm/Dockerfile create mode 100644 images/php-fpm/aerospike.ini create mode 100644 images/php-fpm/laravel.ini create mode 100644 images/php-fpm/mysql.ini create mode 100644 images/php-fpm/opcache.ini create mode 100644 images/php-fpm/phalcon.ini create mode 100644 images/php-fpm/php5.6.ini create mode 100644 images/php-fpm/php7.0.ini create mode 100644 images/php-fpm/php7.1.ini create mode 100644 images/php-fpm/php7.2.ini create mode 100644 images/php-fpm/php7.3.ini create mode 100644 images/php-fpm/php7.4.ini create mode 100755 images/php-fpm/xdebug create mode 100644 images/php-fpm/xdebug.ini create mode 100644 images/php-fpm/xhprof.ini create mode 100644 images/php-fpm/xlaravel.pool.conf create mode 100644 images/php-supervisor/Dockerfile create mode 100644 images/php-supervisor/supervisor/.gitignore create mode 100644 images/php-supervisor/supervisor/supervisord.conf create mode 100644 images/php-worker/Dockerfile create mode 100644 images/php-worker/supervisord.conf create mode 100644 images/php-worker/supervisord.d/.gitignore create mode 100644 images/php-worker/supervisord.d/laravel-scheduler.conf.example create mode 100644 images/php-worker/supervisord.d/laravel-worker.conf.example create mode 100644 images/php/56/Dockerfile create mode 100644 images/php/71/Dockerfile create mode 100644 images/php/72/Dockerfile create mode 100644 images/php/73/Dockerfile create mode 100644 images/php/74/Dockerfile create mode 100644 images/php/8/Dockerfile delete mode 100644 images/php/Dockerfile delete mode 100644 images/php/Dockerfile.multiple create mode 100644 images/php/php-fpm/Dockerfile-56 create mode 100644 images/php/php-fpm/Dockerfile-70 create mode 100644 images/php/php-fpm/aerospike.ini create mode 100644 images/php/php-fpm/laravel.ini create mode 100644 images/php/php-fpm/laravel.pool.conf create mode 100644 images/php/php-fpm/opcache.ini create mode 100644 images/php/php-fpm/xdebug.ini create mode 100644 images/php/php56/Dockerfile create mode 100644 images/php/php56/custom-php.ini create mode 100644 images/php/php56/opcache.ini create mode 100644 images/php/php56/timezone.ini create mode 100644 images/php/php56/xdebug.ini create mode 100644 images/php/php72/Dockerfile create mode 100644 images/php/php72/opcache.ini create mode 100644 images/php/php72/php71.ini create mode 100644 images/php/php72/php72.ini create mode 100644 images/php/php72/sources.list create mode 100644 images/php/php72/xdebug.ini create mode 100644 images/phpmyadmin/Dockerfile create mode 100644 images/portainer/Dockerfile create mode 100644 images/postgres/Dockerfile create mode 100644 images/postgres/docker-entrypoint-initdb.d/.gitignore create mode 100644 images/postgres/docker-entrypoint-initdb.d/createdb.sh.example create mode 100644 images/postgres/docker-entrypoint-initdb.d/init_confluence_db.sh create mode 100644 images/postgres/docker-entrypoint-initdb.d/init_gitlab_db.sh create mode 100644 images/postgres/docker-entrypoint-initdb.d/init_jupyterhub_db.sh create mode 100644 images/postgres/docker-entrypoint-initdb.d/init_sonarqube_db.sh create mode 100644 images/rabbitmq/Dockerfile create mode 100644 images/redis-cluster/5.0/Dockerfile create mode 100644 images/redis-cluster/6.0/Dockerfile create mode 100644 images/redis-cluster/6.2/Dockerfile create mode 100644 images/redis-webui/Dockerfile delete mode 100644 images/redis/Dockerfile delete mode 100644 images/redis/Dockerfile.4 create mode 100644 images/rhel/6/Dockerfile create mode 100644 images/rhel/7/Dockerfile create mode 100644 images/rhel/8/Dockerfile create mode 100644 images/rhel/minimal/Dockerfile create mode 100644 images/seedbox/Dockerfile create mode 100644 images/seedbox/README.md create mode 100644 images/seedbox/conf/aria2c.conf create mode 100644 images/seedbox/conf/aria2c.session create mode 100755 images/seedbox/conf/aria2c.torrents.conf create mode 100755 images/seedbox/conf/build.sh create mode 100644 images/seedbox/conf/delete.sh create mode 100644 images/seedbox/conf/dht.dat create mode 100755 images/seedbox/conf/dht6.dat create mode 100644 images/seedbox/conf/entrypoint.sh create mode 100644 images/seedbox/conf/on-complete.sh create mode 100755 images/seedbox/conf/on-delete.sh create mode 100755 images/seedbox/conf/on-move.sh create mode 100644 images/seedbox/conf/rtorrent.rc create mode 100644 images/selenium/Dockerfile create mode 100644 images/tengine/Dockerfile create mode 100644 images/ubuntu/12.04/Dockerfile create mode 100644 images/ubuntu/13.10/Dockerfile rename images/ubuntu/{Dockerfile.trusty => 14.04/Dockerfile} (100%) create mode 100644 images/ubuntu/14.10/Dockerfile create mode 100644 images/ubuntu/15.04/Dockerfile create mode 100644 images/ubuntu/15.10/Dockerfile rename images/ubuntu/{Dockerfile.xenial => 16.04/Dockerfile} (100%) create mode 100644 images/ubuntu/16.10/Dockerfile create mode 100644 images/ubuntu/18.04/Dockerfile create mode 100644 images/ubuntu/18.10/Dockerfile create mode 100644 images/ubuntu/19.04/Dockerfile create mode 100644 images/ubuntu/19.10/Dockerfile create mode 100644 images/ubuntu/20.04/Dockerfile create mode 100644 images/ubuntu/20.10/Dockerfile create mode 100644 images/ubuntu/21.04/Dockerfile create mode 100644 images/ubuntu/21.10/Dockerfile delete mode 100644 images/ubuntu/Dockerfile delete mode 100644 images/ubuntu/Dockerfile.bionic delete mode 100644 images/ubuntu/Dockerfile.btpanel delete mode 100644 images/ubuntu/Dockerfile.cosmic delete mode 100644 images/ubuntu/Dockerfile.unity delete mode 100644 images/ubuntu/Dockerfile.unity.bak delete mode 100644 images/ubuntu/Dockerfile.vncenv delete mode 100644 images/ubuntu/Dockerfile.xenial-vncenv delete mode 100644 images/ubuntu/Dockerfile.xfce create mode 100644 images/ubuntu/latest/Dockerfile delete mode 100644 images/ubuntu/script/bt.sh delete mode 100644 images/ubuntu/script/btpanel.sh create mode 100644 images/varnish/Dockerfile create mode 100644 images/varnish/default.vcl create mode 100644 images/varnish/default_wordpress.vcl create mode 100644 images/varnish/start.sh create mode 100644 images/vscode-remote/.devcontainer/.gitignore create mode 100644 images/vscode-remote/.devcontainer/.npmrc create mode 100644 images/vscode-remote/.devcontainer/composer.config.json create mode 100644 images/vscode-remote/.devcontainer/devcontainer.json create mode 100644 images/vscode-remote/.devcontainer/docker-php.ini create mode 100644 images/vscode-remote/README.DOCKER-DESKTOP-macOS.md create mode 100644 images/vscode-remote/README.DOCKER-DESKTOP-wsl2.md create mode 100644 images/vscode-remote/README.md create mode 100644 images/vscode-remote/docker-workspace.yml delete mode 100644 index.html create mode 100644 scripts/boxs.sh create mode 100644 scripts/docker.sh create mode 100755 scripts/entrypoint/10-listen-on-ipv6-by-default.sh create mode 100755 scripts/entrypoint/20-envsubst-on-templates.sh create mode 100755 scripts/entrypoint/docker-entrypoint.sh create mode 100644 scripts/env.sh create mode 100644 scripts/function.sh create mode 100644 scripts/generate-stackbrew-library.sh create mode 100644 scripts/http_website_easy_install.bash create mode 100644 scripts/https_website_easy_install.bash create mode 100644 scripts/index.php create mode 100644 scripts/install/build.sh create mode 100644 scripts/install/install-php.sh create mode 100644 scripts/install/install-pkgs.sh create mode 100644 scripts/install/install-tengine.sh create mode 100644 scripts/install/mysql.sh create mode 100644 scripts/install/nginx-alpine.sh create mode 100644 scripts/install/nginx-install.sh create mode 100644 scripts/install/php56-alpine.sh create mode 100644 scripts/install/php73-alpine.sh create mode 100644 scripts/install/php74-alpine-compile.sh create mode 100644 scripts/install/php74-alpine.sh create mode 100644 scripts/install/php8-alpine.sh create mode 160000 scripts/letsencrypt create mode 100644 scripts/mysql_run.sh create mode 100644 scripts/php create mode 100644 scripts/sec.sh create mode 100644 scripts/test.php create mode 100644 scripts/vbackup create mode 100644 scripts/vhost create mode 100644 scripts/xdebug create mode 100644 startup/boxs.sh diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 00000000..6dd4eabe --- /dev/null +++ b/.editorconfig @@ -0,0 +1,36 @@ +# EditorConfig is awesome: https://EditorConfig.org +root = true + +[*] +charset = utf-8 +end_of_line = lf +indent_style = space +indent_size = 4 +insert_final_newline = true +trim_trailing_whitespace = true + +[Dockerfile] +indent_size = 4 + +[{docker-compose.yml,package.json,.travis.yml,.pcit.yml,.drone.yml}] +indent_style = space +indent_size = 2 + +[*.md] +trim_trailing_whitespace = true +indent_size = 2 + +[*.py] +indent_size = 4 + +[*.php] +indent_size = 4 + +[*.{go,java}] +indent_size = 4 + +[*.xml] +indent_size = 4 + +[Makefile] +indent_style = tab diff --git a/.env.example b/.env.example new file mode 100644 index 00000000..c6cc0798 --- /dev/null +++ b/.env.example @@ -0,0 +1,1143 @@ +# Dockenv 配置信息 + +# Common +# 未配置密码的服务默认密码 +PASSWORD=dockenv +# SSH +SSH_PORT=22 +SSH_USER=root +SSH_PASSWORD=password + +TZ=Asia/Shanghai +USER=www +PASSWORD=password + +# Image Version +PHP8_VERSION=8.0.0 +PHP56_VERSION=5.6.40 +PHP70_VERSION=7.0.33 +PHP71_VERSION=7.1.33 +PHP72_VERSION=7.2.34 +PHP73_VERSION=7.3.25 +PHP74_VERSION=7.4.13 +ELASTICSEARCH_VERSION=7.1.1 +MYSQL_VERSION=5.7 +MYSQL8_VERSION=8.0.13 +REDIS_VERSION=5.0.6 +MONGO_VERSION=4.2 +MONGO_EXPRESS_VERSION= +NODE_VERSION=10.16.1-alpine +MEMCACHED_VERSION=1.5.16 +OPENRESTY_VERSION=alpine +LOGSTASH_VERSION=7.1.1 +SWOOLE_VERSION=5.3.0 +AMQP_VERSION=1.10.2 +NGINX_VERSION=1.19.6 + +# MIRRORS +MIRRORS_PHP=http://mirrors.sohu.com/php/ +MIRRORS_NGINX=http://mirrors.sohu.com/nginx/ + +# Docker Registry +# docker login registry.xxx.com -u xxx -p xxx or --password-stdin (recommend) +DOCKER_REGISTRY_PREFIX=cloudflying-docker.pkg.coding.net/storage/docker/ +# Coding +DOCKER_REGISTRY_CODING=username-docker.pkg.coding.net/project_name/docker/image_name +# Baidu +DOCKER_REGISTRY_BAIDU=registry.baidubce.com +# daocloud +DOCKER_REGISTRY_BAIDU=daocloud.io/user/ +# Aliyun +DOCKER_REGISTRY_ALIYUN=registry..aliyuncs.com/USERNAME/ +# Tencent +DOCKER_REGISTRY_TENCENT=ccr.ccs.tencentyun.com// +# Github with token to login +DOCKER_REGISTRY_GITHUB_OLD=ghcr.io +#Github with token to login deprecated +DOCKER_REGISTRY_GITHUB=docker.pkg.github.com +# Gitlab with token to login +DOCKER_REGISTRY_GITLAB=registry.gitlab.com +# RedHat +DOCKER_REGISTRY_QUAY=quay.io +# bintray +DOCKER_REGISTRY_BINTRAY=username-docker-docker.bintray.io +# Oracle +DOCKER_REGISTRY_QUAY=.ocir.io +# Google Google Artifact Registry (GAR) Need Credit Card +DOCKER_REGISTRY_GAR=-docker.pkg.dev +# Google Google Container Registry (GCR) Need Credit Card +DOCKER_REGISTRY_GCR=gcr.io +# Azure Need Credit Card +DOCKER_REGISTRY_AZURE=.azurecr.io +# UCloud +DOCKER_REGISTRY_UCLOUD=uhub.service.ucloud.cn +# Amazon +DOCKER_REGISTRY_AMAZON=.dkr.ecr..amazonaws.com +# Amazon AWS Public Elastic Container Registry (ECR) +DOCKER_REGISTRY_ECR=public.ecr.aws + +# Web server +# Possible value: nginx / apache / Tengine / Canddy / VeryNginx +WEB_SERVER=nginx + +# Web Port +WEB_PORT=80 +WEB_SSL_PORT=443 +WEB_STATIC_IP=0.0.0.0 + +# Possible value: mysql / mariadb / mongodb +DB_SERVER=mysql + +# Cache server +# Possible value: redis / memcached +CACHE_SERVER=redis + +# Queuer server +QUEUER_SERVER=rabbitmq + +# PHP +WEB_DIR=/var/www/html +PHP_PORT_LOCAL=9000 +PHP_PORT_DOCKER=9000 +EXTENSION_ENABLE_OPCACHE=false + +# PHP7 Available PHP_EXTENSIONS: +# +# pdo_mysql,zip,pcntl,mysqli,mbstring,exif,bcmath,calendar, +# sockets,gettext,shmop,sysvmsg,sysvsem,sysvshm,pdo_rebird, +# pdo_dblib,pdo_oci,pdo_odbc,pdo_pgsql,pgsql,oci8,odbc,dba, +# gd,intl,bz2,soap,xsl,xmlrpc,wddx,curl,readline,snmp,pspell, +# recode,tidy,gmp,imap,ldap,imagick,sqlsrv,mcrypt,opcache, +# redis,memcached,xdebug,swoole,pdo_sqlsrv,sodium,yaf,mysql, +# amqp,mongodb,event,rar,ast,yac,yaconf,msgpack,igbinary, +# seaslog,varnish,xhprof,xlswriter,pdo_mysql,mysqli,gd,curl,opcache +# bcmath,mysqli,opcache,pdo_mysql,redis,zip,gd,mongodb,openssl,rdkafka,swoole,amqp,soap,xdebug +# You can let it empty to avoid installing any extensions, +# or install multi plugins as: + +PHP_PHP_CONF_FILE=./services/php/php.ini +PHP_FPM_CONF_FILE=./services/php/php-fpm.conf +PHP_LOG_DIR=./logs/php +PHP_EXTENSIONS=bcmath,mysqli,opcache,pdo_mysql,redis,zip,gd,openssl,pdo_mysql,mysqli,mbstring,gd,curl,opcache,mongodb,amqp,redis,sockets,zip,swoole,sockets,pdo_mysql,mysqli,mbstring,gd,curl,opcache,mongodb,amqp,redis,sockets,zip,swoole,sockets + +# phpmyadmin +PHPMYADMIN_PORT=8080 +PHPMYADMIN_USER_CONF_FILE=./services/phpmyadmin/config.user.inc.php +PHPMYADMIN_PHP_CONF_FILE=./services/phpmyadmin/php-phpmyadmin.ini + +# redisMyAdmin +REDIS_MYADMIN_PORT=8081 + +# AdminMongo +ADMIN_MONGO_PORT=1234 + +# rabbitmq 配置 +RABBITMQ_NODE_HOST_PORT=5672 +RABBITMQ_MANAGEMENT_HTTP_HOST_PORT=15672 +RABBITMQ_MANAGEMENT_HTTPS_HOST_PORT=15671 +RABBITMQ_DEFAULT_USER=guest +RABBITMQ_DEFAULT_PASS=guest + +# Docker 配置 +# 网络驱动 +NETWORKS_DRIVER=bridge + +# MYSQL +MYSQL_PORT=3306 +MYSQL_DATABASE='dockenv' +MYSQL_USER='dockenv' +MYSQL_USER_PASSWORD='dockenv' +MYSQL_ROOT_PASSWORD=123456 +MYSQL_CHARSET=utf-8 + +# MySQL8 +MYSQL8_HOST_PORT=3306 +MYSQL8_DATABASE='dockenv' +MYSQL8_USER='dockenv' +MYSQL8_USER_PASSWORD='dockenv' +MYSQL8_ROOT_PASSWORD=123456 +MYSQL8_CHARSET=utf-8 +MYSQL8_CONF_FILE=./services/mysql/mysql.cnf + +# Mongo +MONGO_PORT=27017 +MONGO_ROOT_USERNAME=root +MONGO_ROOT_PASSWORD=123456 + +# Redis +REDIS_CONF_FILE=./services/redis/redis.conf +REDIS_DATA=./data/redis +REDIS_PORT=6379 +REDIS_HOST=0.0.0.1 # 填写redis, 运行时容器会自动解析的。因为 docker ps 查看,得知 redis 的容器名叫做 "redis" +REDIS_PASSWORD=null + +# Memcached +MEMCACHED_PORT=11211 +MEMCACHED_CACHE_SIZE=128 + +# Openresty +OPENRESTY_HTTP_PORT=80 +OPENRESTY_HTTPS_PORT=443 +OPENRESTY_CONFD_DIR=./services/openresty/conf.d +OPENRESTY_CONF_FILE=./services/openresty/openresty.conf +OPENRESTY_FASTCGI_PHP_CONF=./services/openresty/fastcgi-php.conf +OPENRESTY_CONF_FASTCGIPARAMS_FILE=./services/openresty/fastcgi_params +OPENRESTY_SSL_CERTIFICATE_DIR=./services/openresty/ssl + +# LOGSTASH +LOGSTASH_PORT=5601 +LOGSTASH_PORT_C=9600 +LOGSTASH_PORT_S=5044 + +# Nginx 配置 +NGINX_HTTP_PORT=80 +NGINX_HTTPS_PORT=443 +NGINX_LOG_PATH=./logs/nginx/ +NGINX_SITES_PATH=./nginx/sites/ +NGINX_CONFD_DIR=./services/nginx/conf.d +NGINX_CONF_FILE=./services/nginx/nginx.conf +NGINX_FASTCGI_PHP_CONF=./services/nginx/fastcgi-php.conf +NGINX_PHP_UPSTREAM_CONTAINER=php-fpm +NGINX_PHP_UPSTREAM_PORT=9000 +NGINX_FASTCGI_PARAMS=./services/nginx/fastcgi_params +NGINX_SSL_CERTIFICATE_DIR=./services/nginx/ssl +NGINX_LOG_DIR=./logs/nginx +# Available apps: certbot +NGINX_INSTALL_APPS= + +# ELASTICSEARCH +ELASTICSEARCH_CONF_FILE=./services/elasticsearch/elasticsearch.yml +ELASTICSEARCH_HOST_PORT_C=9200 +ELASTICSEARCH_HOST_PORT_S=9300 +ELASTICSEARCH_PLUGINS= + +########################################################### +###################### General Setup ###################### +########################################################### + +### Paths ################################################# + +# Point to the path of your applications code on your host +APP_CODE_PATH_HOST=../ + +# Point to where the `APP_CODE_PATH_HOST` should be in the container +APP_CODE_PATH_CONTAINER=/var/www + +# You may add flags to the path `:cached`, `:delegated`. When using Docker Sync add `:nocopy` +APP_CODE_CONTAINER_FLAG=:cached + +# Choose storage path on your machine. For all storage systems +DATA_PATH_HOST=~/.laradock/data + +### Drivers ################################################ + +# All volumes driver +VOLUMES_DRIVER=local + +# All Networks driver +NETWORKS_DRIVER=bridge + +### Docker compose files ################################## + +# Select which docker-compose files to include. If using docker-sync append `:docker-compose.sync.yml` at the end +COMPOSE_FILE=docker-compose.yml + +# Change the separator from : to ; on Windows +COMPOSE_PATH_SEPARATOR=: + +# Define the prefix of container names. This is useful if you have multiple projects that use laradock to have separate containers per project. +COMPOSE_PROJECT_NAME=laradock + +### PHP Version ########################################### + +# Select a PHP version of the Workspace and PHP-FPM containers (Does not apply to HHVM). +# Accepted values: 7.4 - 7.3 - 7.2 - 7.1 - 7.0 - 5.6 +PHP_VERSION=7.3 + +### Phalcon Version ########################################### + +# Select a Phalcon version of the Workspace and PHP-FPM containers (Does not apply to HHVM). Accepted values: 3.4.0+ +PHALCON_VERSION=4.0.5 + +### PHP Interpreter ####################################### + +# Select the PHP Interpreter. Accepted values: hhvm - php-fpm +PHP_INTERPRETER=php-fpm + +### Docker Host IP ######################################## + +# Enter your Docker Host IP (will be appended to /etc/hosts). Default is `10.0.75.1` +DOCKER_HOST_IP=10.0.75.1 + +### Remote Interpreter #################################### + +# Choose a Remote Interpreter entry matching name. Default is `laradock` +PHP_IDE_CONFIG=serverName=laradock + +### PHP DOWNGRADEOPENSSL TLS AND SECLEVEL ################# + +PHP_DOWNGRADE_OPENSSL_TLS_AND_SECLEVEL=false + +### Windows Path ########################################## + +# A fix for Windows users, to ensure the application path works +COMPOSE_CONVERT_WINDOWS_PATHS=1 + +### Environment ########################################### + +# If you need to change the sources (i.e. to China), set CHANGE_SOURCE to true +CHANGE_SOURCE=false +# Set CHANGE_SOURCE and UBUNTU_SOURCE option if you want to change the Ubuntu system sources.list file. +UBUNTU_SOURCE=aliyun + +### Docker Sync ########################################### + +# If you are using Docker Sync. For `osx` use 'native_osx', for `windows` use 'unison', for `linux` docker-sync is not required +DOCKER_SYNC_STRATEGY=native_osx + +### Install Oh My ZSH! #################################### + +# If you want to use "Oh My ZSH!" with Laravel autocomplete plugin, set SHELL_OH_MY_ZSH to true. + +SHELL_OH_MY_ZSH=false +SHELL_OH_MY_ZSH_AUTOSUGESTIONS=false +SHELL_OH_MY_ZSH_ALIASES=false + +########################################################### +################ Containers Customization ################# +########################################################### + +### WORKSPACE ############################################# + +WORKSPACE_BASE_IMAGE_TAG_PREFIX=latest +WORKSPACE_COMPOSER_GLOBAL_INSTALL=true +WORKSPACE_COMPOSER_AUTH=false +WORKSPACE_COMPOSER_REPO_PACKAGIST= +WORKSPACE_NVM_NODEJS_ORG_MIRROR= +WORKSPACE_INSTALL_NODE=true +WORKSPACE_NODE_VERSION=node +WORKSPACE_NPM_REGISTRY= +WORKSPACE_INSTALL_PNPM=false +WORKSPACE_INSTALL_YARN=true +WORKSPACE_YARN_VERSION=latest +WORKSPACE_INSTALL_NPM_GULP=true +WORKSPACE_INSTALL_NPM_BOWER=false +WORKSPACE_INSTALL_NPM_VUE_CLI=true +WORKSPACE_INSTALL_NPM_ANGULAR_CLI=false +WORKSPACE_INSTALL_PHPREDIS=true +WORKSPACE_INSTALL_WORKSPACE_SSH=false +WORKSPACE_INSTALL_SUBVERSION=false +WORKSPACE_INSTALL_BZ2=false +WORKSPACE_INSTALL_GMP=false +WORKSPACE_INSTALL_XDEBUG=false +WORKSPACE_INSTALL_PCOV=false +WORKSPACE_INSTALL_PHPDBG=false +WORKSPACE_INSTALL_SSH2=false +WORKSPACE_INSTALL_LDAP=false +WORKSPACE_INSTALL_SOAP=false +WORKSPACE_INSTALL_XSL=false +WORKSPACE_INSTALL_SMB=false +WORKSPACE_INSTALL_IMAP=false +WORKSPACE_INSTALL_MONGO=false +WORKSPACE_INSTALL_AMQP=false +WORKSPACE_INSTALL_CASSANDRA=false +WORKSPACE_INSTALL_GEARMAN=false +WORKSPACE_INSTALL_MSSQL=false +WORKSPACE_INSTALL_DRUSH=false +WORKSPACE_DRUSH_VERSION=8.1.17 +WORKSPACE_INSTALL_DRUPAL_CONSOLE=false +WORKSPACE_INSTALL_WP_CLI=false +WORKSPACE_INSTALL_AEROSPIKE=false +WORKSPACE_INSTALL_OCI8=false +WORKSPACE_INSTALL_V8JS=false +WORKSPACE_INSTALL_LARAVEL_ENVOY=false +WORKSPACE_INSTALL_LARAVEL_INSTALLER=false +WORKSPACE_INSTALL_DEPLOYER=false +WORKSPACE_INSTALL_PRESTISSIMO=false +WORKSPACE_INSTALL_LINUXBREW=false +WORKSPACE_INSTALL_MC=false +WORKSPACE_INSTALL_SYMFONY=false +WORKSPACE_INSTALL_PYTHON=false +WORKSPACE_INSTALL_PYTHON3=false +WORKSPACE_INSTALL_POWERLINE=false +WORKSPACE_INSTALL_SUPERVISOR=false +WORKSPACE_INSTALL_IMAGE_OPTIMIZERS=false +WORKSPACE_INSTALL_IMAGEMAGICK=false +WORKSPACE_INSTALL_TERRAFORM=false +WORKSPACE_INSTALL_DUSK_DEPS=false +WORKSPACE_INSTALL_PG_CLIENT=false +WORKSPACE_INSTALL_PHALCON=false +WORKSPACE_INSTALL_SWOOLE=false +WORKSPACE_INSTALL_TAINT=false +WORKSPACE_INSTALL_LIBPNG=false +WORKSPACE_INSTALL_GRAPHVIZ=false +WORKSPACE_INSTALL_IONCUBE=false +WORKSPACE_INSTALL_MYSQL_CLIENT=false +WORKSPACE_INSTALL_PING=false +WORKSPACE_INSTALL_SSHPASS=false +WORKSPACE_INSTALL_INOTIFY=false +WORKSPACE_INSTALL_FSWATCH=false +WORKSPACE_INSTALL_YAML=false +WORKSPACE_INSTALL_RDKAFKA=false +WORKSPACE_INSTALL_MAILPARSE=false +WORKSPACE_INSTALL_XMLRPC=false +WORKSPACE_PUID=1000 +WORKSPACE_PGID=1000 +WORKSPACE_CHROME_DRIVER_VERSION=2.42 +WORKSPACE_TIMEZONE=UTC +WORKSPACE_SSH_PORT=2222 +WORKSPACE_INSTALL_FFMPEG=false +WORKSPACE_INSTALL_AUDIOWAVEFORM=false +WORKSPACE_INSTALL_WKHTMLTOPDF=false +WORKSPACE_INSTALL_GNU_PARALLEL=false +WORKSPACE_INSTALL_AST=true +WORKSPACE_AST_VERSION=1.0.3 +WORKSPACE_BROWSERSYNC_HOST_PORT=3000 +WORKSPACE_BROWSERSYNC_UI_HOST_PORT=3001 +WORKSPACE_VUE_CLI_SERVE_HOST_PORT=8080 +WORKSPACE_VUE_CLI_UI_HOST_PORT=8001 +WORKSPACE_ANGULAR_CLI_SERVE_HOST_PORT=4200 +WORKSPACE_INSTALL_GIT_PROMPT=false +WORKSPACE_INSTALL_LNAV=false +WORKSPACE_INSTALL_PROTOC=false +WORKSPACE_PROTOC_VERSION=latest + +### PHP_FPM ############################################### + +PHP_FPM_BASE_IMAGE_TAG_PREFIX=latest +PHP_FPM_INSTALL_BCMATH=true +PHP_FPM_INSTALL_MYSQLI=true +PHP_FPM_INSTALL_INTL=true +PHP_FPM_INSTALL_IMAGEMAGICK=true +PHP_FPM_INSTALL_OPCACHE=true +PHP_FPM_INSTALL_IMAGE_OPTIMIZERS=true +PHP_FPM_INSTALL_PHPREDIS=true +PHP_FPM_INSTALL_MEMCACHED=false +PHP_FPM_INSTALL_BZ2=false +PHP_FPM_INSTALL_GMP=false +PHP_FPM_INSTALL_XDEBUG=false +PHP_FPM_INSTALL_PCOV=false +PHP_FPM_INSTALL_XHPROF=false +PHP_FPM_INSTALL_PHPDBG=false +PHP_FPM_INSTALL_SMB=false +PHP_FPM_INSTALL_IMAP=false +PHP_FPM_INSTALL_MONGO=false +PHP_FPM_INSTALL_AMQP=false +PHP_FPM_INSTALL_CASSANDRA=false +PHP_FPM_INSTALL_GEARMAN=false +PHP_FPM_INSTALL_MSSQL=false +PHP_FPM_INSTALL_SSH2=false +PHP_FPM_INSTALL_SOAP=false +PHP_FPM_INSTALL_XSL=false +PHP_FPM_INSTALL_EXIF=false +PHP_FPM_INSTALL_AEROSPIKE=false +PHP_FPM_INSTALL_OCI8=false +PHP_FPM_INSTALL_PGSQL=false +PHP_FPM_INSTALL_GHOSTSCRIPT=false +PHP_FPM_INSTALL_LDAP=false +PHP_FPM_INSTALL_PHALCON=false +PHP_FPM_INSTALL_SWOOLE=false +PHP_FPM_INSTALL_TAINT=false +PHP_FPM_INSTALL_PG_CLIENT=false +PHP_FPM_INSTALL_POSTGIS=false +PHP_FPM_INSTALL_PCNTL=false +PHP_FPM_INSTALL_CALENDAR=false +PHP_FPM_INSTALL_FAKETIME=false +PHP_FPM_INSTALL_IONCUBE=false +PHP_FPM_INSTALL_RDKAFKA=false +PHP_FPM_INSTALL_GETTEXT=false +PHP_FPM_INSTALL_XMLRPC=false +PHP_FPM_FAKETIME=-0 +PHP_FPM_INSTALL_APCU=false +PHP_FPM_INSTALL_CACHETOOL=false +PHP_FPM_INSTALL_YAML=false +PHP_FPM_INSTALL_ADDITIONAL_LOCALES=false +PHP_FPM_INSTALL_MYSQL_CLIENT=false +PHP_FPM_INSTALL_PING=false +PHP_FPM_INSTALL_SSHPASS=false +PHP_FPM_INSTALL_MAILPARSE=false +PHP_FPM_INSTALL_WKHTMLTOPDF=false +PHP_FPM_FFMPEG=false +PHP_FPM_AUDIOWAVEFORM=false +PHP_FPM_ADDITIONAL_LOCALES="en_US.UTF-8 es_ES.UTF-8 fr_FR.UTF-8" +PHP_FPM_DEFAULT_LOCALE=POSIX + +PHP_FPM_PUID=1000 +PHP_FPM_PGID=1000 + +### PHP_WORKER ############################################ + +PHP_WORKER_INSTALL_BZ2=false +PHP_WORKER_INSTALL_GD=false +PHP_WORKER_INSTALL_IMAGEMAGICK=false +PHP_WORKER_INSTALL_GMP=false +PHP_WORKER_INSTALL_PGSQL=false +PHP_WORKER_INSTALL_BCMATH=false +# PHP_WORKER_INSTALL_OCI8 Does not work in php5.6 version +PHP_WORKER_INSTALL_OCI8=false +PHP_WORKER_INSTALL_PHALCON=false +PHP_WORKER_INSTALL_SOAP=false +PHP_WORKER_INSTALL_ZIP_ARCHIVE=false +PHP_WORKER_INSTALL_MYSQL_CLIENT=false +PHP_WORKER_INSTALL_AMQP=false +PHP_WORKER_INSTALL_GHOSTSCRIPT=false +PHP_WORKER_INSTALL_SWOOLE=false +PHP_WORKER_INSTALL_TAINT=false +PHP_WORKER_INSTALL_FFMPEG=false +PHP_WORKER_INSTALL_AUDIOWAVEFORM=false +PHP_WORKER_INSTALL_CASSANDRA=false +PHP_WORKER_INSTALL_GEARMAN=false +PHP_WORKER_INSTALL_REDIS=false +PHP_WORKER_INSTALL_IMAP=false +PHP_WORKER_INSTALL_XMLRPC=false + +PHP_WORKER_PUID=1000 +PHP_WORKER_PGID=1000 + +### NGINX ################################################# + +NGINX_HOST_HTTP_PORT=80 +NGINX_HOST_HTTPS_PORT=443 +NGINX_HOST_LOG_PATH=./logs/nginx/ +NGINX_SITES_PATH=./nginx/sites/ +NGINX_PHP_UPSTREAM_CONTAINER=php-fpm +NGINX_PHP_UPSTREAM_PORT=9000 +NGINX_SSL_PATH=./nginx/ssl/ + +### LARAVEL_HORIZON ################################################ + +LARAVEL_HORIZON_INSTALL_BZ2=false +LARAVEL_HORIZON_INSTALL_GD=false +LARAVEL_HORIZON_INSTALL_GMP=false +LARAVEL_HORIZON_INSTALL_IMAGEMAGICK=false +LARAVEL_HORIZON_INSTALL_SOCKETS=false +LARAVEL_HORIZON_INSTALL_YAML=false +LARAVEL_HORIZON_INSTALL_ZIP_ARCHIVE=false +LARAVEL_HORIZON_INSTALL_PHPREDIS=true +LARAVEL_HORIZON_INSTALL_MONGO=false +LARAVEL_HORIZON_INSTALL_FFMPEG=false +LARAVEL_HORIZON_INSTALL_AUDIOWAVEFORM=false +LARAVEL_HORIZON_PGID=1000 +LARAVEL_HORIZON_PUID=1000 + +### APACHE ################################################ + +APACHE_HOST_HTTP_PORT=80 +APACHE_HOST_HTTPS_PORT=443 +APACHE_HOST_LOG_PATH=./logs/apache2 +APACHE_SITES_PATH=./apache2/sites +APACHE_PHP_UPSTREAM_CONTAINER=php-fpm +APACHE_PHP_UPSTREAM_PORT=9000 +APACHE_PHP_UPSTREAM_TIMEOUT=60 +APACHE_DOCUMENT_ROOT=/var/www/ +APACHE_INSTALL_HTTP2=false + +### MYSQL ################################################# + +MYSQL_VERSION=latest +MYSQL_DATABASE=default +MYSQL_USER=default +MYSQL_PASSWORD=secret +MYSQL_PORT=3306 +MYSQL_ROOT_PASSWORD=root +MYSQL_ENTRYPOINT_INITDB=./mysql/docker-entrypoint-initdb.d + +### REDIS ################################################# + +REDIS_PORT=6379 + +### REDIS CLUSTER ######################################### + +REDIS_CLUSTER_PORT_RANGE=7000-7005 + +### ZooKeeper ############################################# + +ZOOKEEPER_PORT=2181 + +### Percona ############################################### + +PERCONA_DATABASE=homestead +PERCONA_USER=homestead +PERCONA_PASSWORD=secret +PERCONA_PORT=3306 +PERCONA_ROOT_PASSWORD=root +PERCONA_ENTRYPOINT_INITDB=./percona/docker-entrypoint-initdb.d + +### MSSQL ################################################# + +MSSQL_DATABASE=master +MSSQL_PASSWORD="yourStrong(!)Password" +MSSQL_PORT=1433 + +### MARIADB ############################################### + +MARIADB_VERSION=latest +MARIADB_DATABASE=default +MARIADB_USER=default +MARIADB_PASSWORD=secret +MARIADB_PORT=3306 +MARIADB_ROOT_PASSWORD=root +MARIADB_ENTRYPOINT_INITDB=./mariadb/docker-entrypoint-initdb.d + +### POSTGRES ############################################## + +POSTGRES_VERSION=alpine +POSTGRES_DB=default +POSTGRES_USER=default +POSTGRES_PASSWORD=secret +POSTGRES_PORT=5432 +POSTGRES_ENTRYPOINT_INITDB=./postgres/docker-entrypoint-initdb.d + +### SQS ############################################## + +SQS_NODE_HOST_PORT=9324 +SQS_MANAGEMENT_HTTP_HOST_PORT=9325 + +### RABBITMQ ############################################## + +RABBITMQ_NODE_HOST_PORT=5672 +RABBITMQ_MANAGEMENT_HTTP_HOST_PORT=15672 +RABBITMQ_MANAGEMENT_HTTPS_HOST_PORT=15671 +RABBITMQ_DEFAULT_USER=guest +RABBITMQ_DEFAULT_PASS=guest + +### MEILISEARCH ########################################### + +MEILISEARCH_HOST_PORT=7700 +MEILISEARCH_KEY=masterkey + +### ELASTICSEARCH ######################################### + +ELASTICSEARCH_HOST_HTTP_PORT=9200 +ELASTICSEARCH_HOST_TRANSPORT_PORT=9300 + +### KIBANA ################################################ + +KIBANA_HTTP_PORT=5601 + +### DEJAVU ################################################ + +DEJAVU_HTTP_PORT=1358 + +### MEMCACHED ############################################# + +MEMCACHED_HOST_PORT=11211 + +### BEANSTALKD CONSOLE #################################### + +BEANSTALKD_CONSOLE_BUILD_PATH=./beanstalkd-console +BEANSTALKD_CONSOLE_CONTAINER_NAME=beanstalkd-console +BEANSTALKD_CONSOLE_HOST_PORT=2080 + +### BEANSTALKD ############################################ + +BEANSTALKD_HOST_PORT=11300 + +### SELENIUM ############################################## + +SELENIUM_PORT=4444 + +### MINIO ################################################# + +MINIO_PORT=9000 + +### ADMINER ############################################### + +ADM_PORT=8081 +ADM_INSTALL_MSSQL=false +ADM_PLUGINS= +ADM_DESIGN=pepa-linha +ADM_DEFAULT_SERVER=mysql + +### PHP MY ADMIN ########################################## + +# Accepted values: mariadb - mysql + +PMA_DB_ENGINE=mysql + +# Credentials/Port: + +PMA_USER=default +PMA_PASSWORD=secret +PMA_ROOT_PASSWORD=secret +PMA_PORT=8081 + +### MAILDEV ############################################### + +MAILDEV_HTTP_PORT=1080 +MAILDEV_SMTP_PORT=25 + +### VARNISH ############################################### + +VARNISH_CONFIG=/etc/varnish/default.vcl +VARNISH_PORT=6081 +VARNISH_BACKEND_PORT=81 +VARNISHD_PARAMS="-p default_ttl=3600 -p default_grace=3600" + +### Varnish ############################################### + +# Proxy 1 +VARNISH_PROXY1_CACHE_SIZE=128m +VARNISH_PROXY1_BACKEND_HOST=workspace +VARNISH_PROXY1_SERVER=SERVER1 + +# Proxy 2 +VARNISH_PROXY2_CACHE_SIZE=128m +VARNISH_PROXY2_BACKEND_HOST=workspace +VARNISH_PROXY2_SERVER=SERVER2 + +### HAPROXY ############################################### + +HAPROXY_HOST_HTTP_PORT=8085 + +### JENKINS ############################################### + +JENKINS_HOST_HTTP_PORT=8090 +JENKINS_HOST_SLAVE_AGENT_PORT=50000 +JENKINS_HOME=./jenkins/jenkins_home + +### CONFLUENCE ############################################### +CONFLUENCE_POSTGRES_INIT=true +CONFLUENCE_VERSION=6.13-ubuntu-18.04-adoptopenjdk8 +CONFLUENCE_POSTGRES_DB=laradock_confluence +CONFLUENCE_POSTGRES_USER=laradock_confluence +CONFLUENCE_POSTGRES_PASSWORD=laradock_confluence +CONFLUENCE_HOST_HTTP_PORT=8090 + +### GRAFANA ############################################### + +GRAFANA_PORT=3000 + +### GRAYLOG ############################################### + +# password must be 16 characters long +GRAYLOG_PASSWORD=somesupersecretpassword +# sha256 representation of the password +GRAYLOG_SHA256_PASSWORD=b1cb6e31e172577918c9e7806c572b5ed8477d3f57aa737bee4b5b1db3696f09 +GRAYLOG_PORT=9000 +GRAYLOG_SYSLOG_TCP_PORT=514 +GRAYLOG_SYSLOG_UDP_PORT=514 +GRAYLOG_GELF_TCP_PORT=12201 +GRAYLOG_GELF_UDP_PORT=12201 + +### BLACKFIRE ############################################# + +# Create an account on blackfire.io. Don't enable blackfire and xDebug at the same time. # visit https://blackfire.io/docs/24-days/06-installation#install-probe-debian for more info. +INSTALL_BLACKFIRE=false +BLACKFIRE_CLIENT_ID="" +BLACKFIRE_CLIENT_TOKEN="" +BLACKFIRE_SERVER_ID="" +BLACKFIRE_SERVER_TOKEN="" + +### AEROSPIKE ############################################# + +AEROSPIKE_SERVICE_PORT=3000 +AEROSPIKE_FABRIC_PORT=3001 +AEROSPIKE_HEARTBEAT_PORT=3002 +AEROSPIKE_INFO_PORT=3003 +AEROSPIKE_STORAGE_GB=1 +AEROSPIKE_MEM_GB=1 +AEROSPIKE_NAMESPACE=test + +### RETHINKDB ############################################# + +RETHINKDB_PORT=8090 + +### MONGODB ############################################### + +MONGODB_PORT=27017 + +### CADDY ################################################# + +CADDY_HOST_HTTP_PORT=80 +CADDY_HOST_HTTPS_PORT=443 +CADDY_HOST_LOG_PATH=./logs/caddy +CADDY_CONFIG_PATH=./caddy/caddy + +### LARAVEL ECHO SERVER ################################### + +LARAVEL_ECHO_SERVER_PORT=6001 + +### THUMBOR ############################################################################################################ + +THUMBOR_PORT=8000 +THUMBOR_LOG_FORMAT="%(asctime)s %(name)s:%(levelname)s %(message)s" +THUMBOR_LOG_DATE_FORMAT="%Y-%m-%d %H:%M:%S" +MAX_WIDTH=0 +MAX_HEIGHT=0 +MIN_WIDTH=1 +MIN_HEIGHT=1 +ALLOWED_SOURCES=[] +QUALITY=80 +WEBP_QUALITY=None +PNG_COMPRESSION_LEVEL=6 +AUTO_WEBP=False +MAX_AGE=86400 +MAX_AGE_TEMP_IMAGE=0 +RESPECT_ORIENTATION=False +IGNORE_SMART_ERRORS=False +PRESERVE_EXIF_INFO=False +ALLOW_ANIMATED_GIFS=True +USE_GIFSICLE_ENGINE=False +USE_BLACKLIST=False +LOADER=thumbor.loaders.http_loader +STORAGE=thumbor.storages.file_storage +AWS_ACCESS_KEY_ID= +AWS_SECRET_ACCESS_KEY= +RESULT_STORAGE=thumbor.result_storages.file_storage +ENGINE=thumbor.engines.pil +SECURITY_KEY="MY_SECURE_KEY" +ALLOW_UNSAFE_URL=True +ALLOW_OLD_URLS=True +FILE_LOADER_ROOT_PATH=/data/loader +HTTP_LOADER_CONNECT_TIMEOUT=5 +HTTP_LOADER_REQUEST_TIMEOUT=20 +HTTP_LOADER_FOLLOW_REDIRECTS=True +HTTP_LOADER_MAX_REDIRECTS=5 +HTTP_LOADER_FORWARD_USER_AGENT=False +HTTP_LOADER_DEFAULT_USER_AGENT="Thumbor/5.2.1" +HTTP_LOADER_PROXY_HOST=None +HTTP_LOADER_PROXY_PORT=None +HTTP_LOADER_PROXY_USERNAME=None +HTTP_LOADER_PROXY_PASSWORD=None +HTTP_LOADER_CA_CERTS=None +HTTP_LOADER_VALIDATE_CERTS=True +HTTP_LOADER_CLIENT_KEY=None +HTTP_LOADER_CLIENT_CERT=None +HTTP_LOADER_CURL_ASYNC_HTTP_CLIENT=False +STORAGE_EXPIRATION_SECONDS=2592000 +STORES_CRYPTO_KEY_FOR_EACH_IMAGE=False +FILE_STORAGE_ROOT_PATH=/data/storage +UPLOAD_MAX_SIZE=0 +UPLOAD_ENABLED=False +UPLOAD_PHOTO_STORAGE=thumbor.storages.file_storage +UPLOAD_DELETE_ALLOWED=False +UPLOAD_PUT_ALLOWED=False +UPLOAD_DEFAULT_FILENAME=image +MONGO_STORAGE_SERVER_HOST=mongo +MONGO_STORAGE_SERVER_PORT=27017 +MONGO_STORAGE_SERVER_DB=thumbor +MONGO_STORAGE_SERVER_COLLECTION=images +REDIS_STORAGE_SERVER_HOST=redis +REDIS_STORAGE_SERVER_PORT=6379 +REDIS_STORAGE_SERVER_DB=0 +REDIS_STORAGE_SERVER_PASSWORD=None +REDIS_RESULT_STORAGE_SERVER_HOST=redis +REDIS_RESULT_STORAGE_SERVER_PORT=6379 +REDIS_RESULT_STORAGE_SERVER_DB=0 +REDIS_RESULT_STORAGE_SERVER_PASSWORD=None +MEMCACHE_STORAGE_SERVERS=["localhost:11211",] +MIXED_STORAGE_FILE_STORAGE=thumbor.storages.no_storage +MIXED_STORAGE_CRYPTO_STORAGE=thumbor.storages.no_storage +MIXED_STORAGE_DETECTOR_STORAGE=thumbor.storages.no_storage +META_CALLBACK_NAME=None +DETECTORS=[] +FACE_DETECTOR_CASCADE_FILE=haarcascade_frontalface_alt.xml +OPTIMIZERS=[] +JPEGTRAN_PATH=/usr/bin/jpegtran +PROGRESSIVE_JPEG=True +FILTERS="[thumbor.filters.brightness, thumbor.filters.contrast, thumbor.filters.rgb, thumbor.filters.round_corner, thumbor.filters.quality, thumbor.filters.noise, thumbor.filters.watermark, thumbor.filters.equalize, thumbor.filters.fill, thumbor.filters.sharpen, thumbor.filters.strip_icc, thumbor.filters.frame, thumbor.filters.grayscale, thumbor.filters.rotate, thumbor.filters.format, thumbor.filters.max_bytes, thumbor.filters.convolution, thumbor.filters.blur, thumbor.filters.extract_focal, thumbor.filters.no_upscale]" +RESULT_STORAGE_EXPIRATION_SECONDS=0 +RESULT_STORAGE_FILE_STORAGE_ROOT_PATH=/data/result_storage +RESULT_STORAGE_STORES_UNSAFE=False +REDIS_QUEUE_SERVER_HOST=redis +REDIS_QUEUE_SERVER_PORT=6379 +REDIS_QUEUE_SERVER_DB="0" +REDIS_QUEUE_SERVER_PASSWORD=None +SQS_QUEUE_KEY_ID=None +SQS_QUEUE_KEY_SECRET=None +SQS_QUEUE_REGION=us-east-1 +USE_CUSTOM_ERROR_HANDLING=False +ERROR_HANDLER_MODULE=thumbor.error_handlers.sentry +ERROR_FILE_LOGGER=None +ERROR_FILE_NAME_USE_CONTEXT="False" +SENTRY_DSN_URL= +TC_AWS_REGION=eu-west-1 +TC_AWS_ENDPOINT=None +TC_AWS_STORAGE_BUCKET= +TC_AWS_STORAGE_ROOT_PATH= +TC_AWS_LOADER_BUCKET= +TC_AWS_LOADER_ROOT_PATH= +TC_AWS_RESULT_STORAGE_BUCKET= +TC_AWS_RESULT_STORAGE_ROOT_PATH= +TC_AWS_STORAGE_SSE=False +TC_AWS_STORAGE_RRS=False +TC_AWS_ENABLE_HTTP_LOADER=False +TC_AWS_ALLOWED_BUCKETS=False +TC_AWS_STORE_METADATA=False + +### SOLR ################################################## + +SOLR_VERSION=5.5 +SOLR_PORT=8983 +SOLR_DATAIMPORTHANDLER_MYSQL=false +SOLR_DATAIMPORTHANDLER_MSSQL=false + +### GITLAB ############################################### +GITLAB_POSTGRES_INIT=true +GITLAB_HOST_HTTP_PORT=8989 +GITLAB_HOST_HTTPS_PORT=9898 +GITLAB_HOST_SSH_PORT=2289 +GITLAB_DOMAIN_NAME=http://localhost +GITLAB_ROOT_PASSWORD=laradock +GITLAB_HOST_LOG_PATH=./logs/gitlab +GITLAB_POSTGRES_HOST=postgres +GITLAB_POSTGRES_USER=laradock_gitlab +GITLAB_POSTGRES_PASSWORD=laradock_gitlab +GITLAB_POSTGRES_DB=laradock_gitlab + +### GITLAB-RUNNER ############################################### +GITLAB_CI_SERVER_URL=http://localhost:8989 +GITLAB_RUNNER_REGISTRATION_TOKEN="" +GITLAB_REGISTER_NON_INTERACTIVE=true + +### JUPYTERHUB ############################################### +JUPYTERHUB_POSTGRES_INIT=true +JUPYTERHUB_POSTGRES_HOST=postgres +JUPYTERHUB_POSTGRES_USER=laradock_jupyterhub +JUPYTERHUB_POSTGRES_PASSWORD=laradock_jupyterhub +JUPYTERHUB_POSTGRES_DB=laradock_jupyterhub +JUPYTERHUB_PORT=9991 +JUPYTERHUB_OAUTH_CALLBACK_URL=http://laradock:9991/hub/oauth_callback +JUPYTERHUB_OAUTH_CLIENT_ID={GITHUB_CLIENT_ID} +JUPYTERHUB_OAUTH_CLIENT_SECRET={GITHUB_CLIENT_SECRET} +JUPYTERHUB_CUSTOM_CONFIG=./jupyterhub/jupyterhub_config.py +JUPYTERHUB_USER_DATA=/jupyterhub +JUPYTERHUB_USER_LIST=./jupyterhub/userlist +JUPYTERHUB_ENABLE_NVIDIA=false + +### IPYTHON ################################################## +LARADOCK_IPYTHON_CONTROLLER_IP=127.0.0.1 + +### NETDATA ############################################### +NETDATA_PORT=19999 + +### REDISWEBUI ######################################### +REDIS_WEBUI_USERNAME=laradock +REDIS_WEBUI_PASSWORD=laradock +REDIS_WEBUI_CONNECT_HOST=redis +REDIS_WEBUI_CONNECT_PORT=6379 +REDIS_WEBUI_PORT=9987 + +### MONGOWEBUI ############################################### +MONGO_WEBUI_PORT=3000 +MONGO_WEBUI_ROOT_URL=http://localhost +MONGO_WEBUI_MONGO_URL=mongodb://mongo:27017/ +MONGO_WEBUI_INSTALL_MONGO=false + +### METABASE ############################################### +METABASE_PORT=3030 +METABASE_DB_FILE=metabase.db +METABASE_JAVA_TIMEZONE=US/Pacific + +### IDE ############################################### +IDE_THEIA_PORT=987 +IDE_WEBIDE_PORT=984 +IDE_CODIAD_PORT=985 +IDE_ICECODER_PORT=986 + +### DOCKERREGISTRY ############################################### +DOCKER_REGISTRY_PORT=5000 + +### DOCKERWEBUI ############################################### +DOCKER_WEBUI_REGISTRY_HOST=docker-registry +DOCKER_WEBUI_REGISTRY_PORT=5000 +# if have use https proxy please set to 1 +DOCKER_REGISTRY_USE_SSL=0 +DOCKER_REGISTRY_BROWSE_ONLY=false +DOCKER_WEBUI_PORT=8754 + +### MAILU ############################################### +MAILU_VERSION=latest +MAILU_RECAPTCHA_PUBLIC_KEY="" +MAILU_RECAPTCHA_PRIVATE_KEY="" +# Main mail domain +MAILU_HTTP_PORT=6080 +MAILU_HTTPS_PORT=60443 +MAILU_DOMAIN=example.com +MAILU_INIT_ADMIN_USERNAME=laradock +MAILU_INIT_ADMIN_PASSWORD=laradock +# Hostnames for this server, separated with comas +MAILU_HOSTNAMES=mail.example.com,alternative.example.com,yetanother.example.com +# Postmaster local part (will append the main mail domain) +MAILU_POSTMASTER=admin +# Set to a randomly generated 16 bytes string +MAILU_SECRET_KEY=ChangeMeChangeMe +# Choose how secure connections will behave (value: letsencrypt, cert, notls, mail) +MAILU_TLS_FLAVOR=cert +# Authentication rate limit (per source IP address) +MAILU_AUTH_RATELIMIT="10/minute;1000/hour" +# Opt-out of statistics, replace with "True" to opt out +MAILU_DISABLE_STATISTICS=False +# Message size limit in bytes +# Default: accept messages up to 50MB +MAILU_MESSAGE_SIZE_LIMIT=50000000 +# Will relay all outgoing mails if configured +MAILU_RELAYHOST= +# Networks granted relay permissions, make sure that you include your Docker +# internal network (default to 172.17.0.0/16) +MAILU_RELAYNETS=172.16.0.0/12 +# Fetchmail delay +MAILU_FETCHMAIL_DELAY=600 +# Recipient delimiter, character used to delimiter localpart from custom address part +# e.g. localpart+custom@domain;tld +MAILU_RECIPIENT_DELIMITER=+ +# DMARC rua and ruf email +MAILU_DMARC_RUA=admin +MAILU_DMARC_RUF=admin +# Welcome email, enable and set a topic and body if you wish to send welcome +# emails to all users. +MAILU_WELCOME=True +MAILU_WELCOME_SUBJECT="Welcome to your new email account" +MAILU_WELCOME_BODY="Welcome to your new email account, if you can read this, then it is configured properly!" +# Path to the admin interface if enabled +MAILU_WEB_ADMIN=/admin +# Path to the webmail if enabled +MAILU_WEB_WEBMAIL=/webmail +# Website name +MAILU_SITENAME="Example Mail" +# Linked Website URL +MAILU_WEBSITE=http://mail.example.com +# Default password scheme used for newly created accounts and changed passwords +# (value: SHA512-CRYPT, SHA256-CRYPT, MD5-CRYPT, CRYPT) +MAILU_PASSWORD_SCHEME=SHA512-CRYPT +# Expose the admin interface (value: true, false) +MAILU_ADMIN=true +# Choose which webmail to run if any (values: roundcube, rainloop, none) +MAILU_WEBMAIL=rainloop +# Dav server implementation (value: radicale, none) +MAILU_WEBDAV=radicale + + +### TRAEFIK ################################################# + +TRAEFIK_HOST_HTTP_PORT=80 +TRAEFIK_HOST_HTTPS_PORT=443 +TRAEFIK_DASHBOARD_PORT=8888 +# basic authentication for traefik dashboard username: admin password:admin +TRAEFIK_DASHBOARD_USER=admin:$2y$10$lXaL3lj6raFic6rFqr2.lOBoCudAIhB6zyoqObNg290UFppiUzTTi +ACME_DOMAIN=example.org +ACME_EMAIL=email@example.org + + +### MOSQUITTO ################################################# + +MOSQUITTO_PORT=9001 + +### COUCHDB ################################################### + +COUCHDB_PORT=5984 + +### Manticore Search ########################################## + +MANTICORE_CONFIG_PATH=./manticore/config +MANTICORE_API_PORT=9312 +MANTICORE_SPHINXQL_PORT=9306 +MANTICORE_HTTP_PORT=9308 + +### pgadmin ################################################## +# use this address http://ip6-localhost:5050 +PGADMIN_PORT=5050 +PGADMIN_DEFAULT_EMAIL=pgadmin4@pgadmin.org +PGADMIN_DEFAULT_PASSWORD=admin + +### SONARQUBE ################################################ +## docker-compose up -d sonarqube +## (If you encounter a database error) +## docker-compose exec --user=root postgres +## source docker-entrypoint-initdb.d/init_sonarqube_db.sh +## (If you encounter logs error) +## docker-compose run --user=root --rm sonarqube chown sonarqube:sonarqube /opt/sonarqube/logs + +SONARQUBE_HOSTNAME=sonar.example.com +SONARQUBE_PORT=9000 +SONARQUBE_POSTGRES_INIT=true +SONARQUBE_POSTGRES_HOST=postgres +SONARQUBE_POSTGRES_DB=sonar +SONARQUBE_POSTGRES_USER=sonar +SONARQUBE_POSTGRES_PASSWORD=sonarPass + +### TOMCAT ################################################ +TOMCAT_VERSION=8.5.43 +TOMCAT_HOST_HTTP_PORT=8080 + +### CASSANDRA ################################################ + +# Cassandra Version, supported tags can be found at https://hub.docker.com/r/bitnami/cassandra/ +CASSANDRA_VERSION=latest +# Inter-node cluster communication port. Default: 7000 +CASSANDRA_TRANSPORT_PORT_NUMBER=7000 +# JMX connections port. Default: 7199 +CASSANDRA_JMX_PORT_NUMBER=7199 +# Client port. Default: 9042. +CASSANDRA_CQL_PORT_NUMBER=9042 +# Cassandra user name. Defaults: cassandra +CASSANDRA_USER=cassandra +# Password seeder will change the Cassandra default credentials at initialization. In clusters, only one node should be marked as password seeder. Default: no +CASSANDRA_PASSWORD_SEEDER=no +# Cassandra user password. Default: cassandra +CASSANDRA_PASSWORD=cassandra +# Number of tokens for the node. Default: 256. +CASSANDRA_NUM_TOKENS=256 +# Hostname used to configure Cassandra. It can be either an IP or a domain. If left empty, it will be resolved to the machine IP. +CASSANDRA_HOST= +# Cluster name to configure Cassandra.. Defaults: My Cluster +CASSANDRA_CLUSTER_NAME="My Cluster" +# : Hosts that will act as Cassandra seeds. No defaults. +CASSANDRA_SEEDS= + # Snitch name (which determines which data centers and racks nodes belong to). Default SimpleSnitch +CASSANDRA_ENDPOINT_SNITCH=SimpleSnitch + # Enable the thrift RPC endpoint. Default :true +CASSANDRA_ENABLE_RPC=true +# Datacenter name for the cluster. Ignored in SimpleSnitch endpoint snitch. Default: dc1. +CASSANDRA_DATACENTER=dc1 +# Rack name for the cluster. Ignored in SimpleSnitch endpoint snitch. Default: rack1. +CASSANDRA_RACK=rack1 + +### GEARMAN ################################################## + +# Gearman version to use. See available tags at https://hub.docker.com/r/artefactual/gearmand +GEARMAN_VERSION=latest +# Port to use (Default: 4730) +GEARMAN_PORT=4730 +# Logging Level (Default: INFO) +GEARMAN_VERBOSE=INFO +# Persistent queue type to use (Default: builtin) +GEARMAN_QUEUE_TYPE=builtin +# Number of I/O threads to use (Default: 4) +GEARMAN_THREADS=4 +# Number of backlog connections for listen (Default: 32) +GEARMAN_BACKLOG=32 +# Number of file descriptors to allow for the process (Default is max allowed for user) +GEARMAN_FILE_DESCRIPTORS= +# Number of attempts to run the job before the job server removes it. (Default: no limit = 0) +GEARMAN_JOB_RETRIES=0 +# Assign work in round-robin order per worker connection (Default: 0) +GEARMAN_ROUND_ROBIN=0 +# Number of workers to wakeup for each job received (Default: 0) +GEARMAN_WORKER_WAKEUP=0 +# Enable keepalive on sockets (Default: 0) +GEARMAN_KEEPALIVE=0 +# The duration between two keepalive transmissions in idle condition (Default: 30) +GEARMAN_KEEPALIVE_IDLE=30 +# The duration between two successive keepalive retransmissions, if acknowledgement to the previous keepalive transmission is not received (Default: 10) +GEARMAN_KEEPALIVE_INTERVAL=10 +# The number of retransmissions to be carried out before declaring that remote end is not available (Default: 5) +GEARMAN_KEEPALIVE_COUNT=5 +# Mysql server host (Default: localhost) +GEARMAN_MYSQL_HOST=localhost +# Mysql server port (Default: 3306) +GEARMAN_MYSQL_PORT=3306 +# Mysql server user (Default: root) +GEARMAN_MYSQL_USER=root +# Mysql password +GEARMAN_MYSQL_PASSWORD= +# Path to file with mysql password(Docker secrets) +GEARMAN_MYSQL_PASSWORD_FILE= +# Database to use by Gearman (Default: Gearmand) +GEARMAN_MYSQL_DB=Gearmand +# Table to use by Gearman (Default: gearman_queue) +GEARMAN_MYSQL_TABLE=gearman_queue + +### ELK Stack ################################################## +ELK_VERSION=7.9.1 diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 00000000..4e2718b4 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,18 @@ +* text eol=lf +*.png binary +*.jpg binary +*.tgz binary +*.zip binary +*.gz binary +*.md text +*.txt text +*.bash text eol=lf +*.sh text eol=lf +*.yaml text +*.yml text +*.7z binary +*.gz binary +*.tar binary +*.tgz binary +*.zip binary +*.py text diff=python \ No newline at end of file diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 00000000..dd84ea78 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,38 @@ +--- +name: Bug report +about: Create a report to help us improve +title: '' +labels: '' +assignees: '' + +--- + +**Describe the bug** +A clear and concise description of what the bug is. + +**To Reproduce** +Steps to reproduce the behavior: +1. Go to '...' +2. Click on '....' +3. Scroll down to '....' +4. See error + +**Expected behavior** +A clear and concise description of what you expected to happen. + +**Screenshots** +If applicable, add screenshots to help explain your problem. + +**Desktop (please complete the following information):** + - OS: [e.g. iOS] + - Browser [e.g. chrome, safari] + - Version [e.g. 22] + +**Smartphone (please complete the following information):** + - Device: [e.g. iPhone6] + - OS: [e.g. iOS8.1] + - Browser [e.g. stock browser, safari] + - Version [e.g. 22] + +**Additional context** +Add any other context about the problem here. diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md new file mode 100644 index 00000000..bbcbbe7d --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -0,0 +1,20 @@ +--- +name: Feature request +about: Suggest an idea for this project +title: '' +labels: '' +assignees: '' + +--- + +**Is your feature request related to a problem? Please describe.** +A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] + +**Describe the solution you'd like** +A clear and concise description of what you want to happen. + +**Describe alternatives you've considered** +A clear and concise description of any alternative solutions or features you've considered. + +**Additional context** +Add any other context or screenshots about the feature request here. diff --git a/.github/workflows/build-docs.yml b/.github/workflows/build-docs.yml new file mode 100644 index 00000000..eb301c78 --- /dev/null +++ b/.github/workflows/build-docs.yml @@ -0,0 +1,46 @@ +# https://help.github.com/en/articles/workflow-syntax-for-github-actions + +# build when commit message include [Docs] + +on: + push: + paths: + - '**' + - 'docs/**' + tags: + - '*' + branches: + - "20.10" + workflow_dispatch: + +name: Build Docs + +jobs: + docs: + runs-on: ubuntu-latest + if: | + contains( github.ref, 'refs/tags/' ) + || contains( github.event.head_commit.message, '[Docs]') + || github.event_name == 'workflow_dispatch' + steps: + - uses: actions/checkout@main + with: + fetch-depth: 2 + - name: docs-build + uses: docker://pcit/vuepress + env: + PCIT_LOCAL_DIR: docs + with: + args: build + dir: docs + - name: sync-docs + uses: docker://pcit/pages + env: + PCIT_EMAIL: khs1994@khs1994.com + PCIT_GIT_TOKEN: ${{ secrets.PCIT_GIT_TOKEN }} + PCIT_GIT_URL: github.com/khs1994-docker/lnmp-docs + PCIT_KEEP_HISTORY: "true" + PCIT_LOCAL_DIR: docs/.vuepress/dist + PCIT_MESSAGE: Build docs by vuepress, Upload docs by PCIT + PCIT_TARGET_BRANCH: master + PCIT_USERNAME: khs1994 diff --git a/.github/workflows/check-link.yml b/.github/workflows/check-link.yml new file mode 100644 index 00000000..1c20da73 --- /dev/null +++ b/.github/workflows/check-link.yml @@ -0,0 +1,57 @@ +name: Check Link + +on: + workflow_dispatch: + +jobs: + check-link: + name: check-link + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@master + with: + fetch-depth: 1 + # search Issues :-( + - uses: azure/docker-login@v1 + if: | + github.event_name == 'push' + with: + # login-server: contoso.azurecr.io + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + - run: | + docker run -i --rm \ + -v $PWD:/mnt:ro \ + dkhamsing/awesome_bot \ + --white-list "localhost","0.0.0.0",\ + "server","example.com","docker",\ + "docker.domain.com","YourIP","register",\ + "https://www.freedesktop.org/wiki/Software/systemd/",\ + "cloud.tencent.com",\ + "zan.khs1994.com",\ + "storage.khs1994.com",\ + "test2.t.khs1994.com",\ + "harbor.t.khs1994.com",\ + "packages.t.khs1994.com",\ + "registry.t.khs1994.com",\ + "minio.t.khs1994.com",\ + "t.khs1994.com",\ + "192.168.199.100",\ + "192.168.57.1",\ + "192.168.57.112",\ + "192.168.64.98",\ + "127.0.0.1",\ + "IP",\ + "kubernetes.default.svc.cluster.local",\ + "gcr.mirrors.ustc.edu.cn",\ + "github.com/settings/tokens",\ + "mritd.me",\ + "my.oschina.net",\ + "xxx",\ + "www.aliyun.com" \ + --allow-dupe \ + --skip-save-results \ + -t 10 \ + `find . \( -path "./a" -o -path "./b" \) -prune -o -name "*.md" -exec ls {} \;` + name: check-link + # timeout-minutes: 25 diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 00000000..775cccdb --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,168 @@ +name: CI + +on: + push: + branches: + - "master" + tags: + - "*" + pull_request: + +jobs: + skip: + runs-on: ubuntu-latest + if: | + (! (contains( github.event.head_commit.message, '[skip ci]') + || contains( github.event.head_commit.message, '[skip action]') + || contains( github.event.head_commit.message, '[skip actions]') + || contains( github.event.head_commit.message, '[ci skip]') + || contains( github.event.head_commit.message, '[actions skip]') + || contains( github.event.head_commit.message, '[action skip]'))) + steps: + - run: echo "build continue !" + ci: + strategy: + fail-fast: false + matrix: + os: + - ubuntu-latest + - macos-latest + needs: skip + runs-on: ${{ matrix.os }} + defaults: + run: + shell: bash --noprofile --norc -exo pipefail {0} + steps: + - uses: actions/checkout@main + with: + fetch-depth: 2 + - uses: azure/docker-login@v1 + if: | + github.event_name == 'push' + with: + # login-server: contoso.azurecr.io + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + - uses: docker-practice/actions-setup-docker@master + with: + docker_channel: nightly + # docker_version: "20.10" + - uses: azure/docker-login@v1 + if: | + github.event_name == 'push' + && startsWith(matrix.os, 'ubuntu' ) + with: + # login-server: contoso.azurecr.io + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + - name: Update docker compose + run: | + docker-compose --version + ./lnmp-docker compose --official || true + - name: Stop MySQL + run: sudo systemctl stop mysql + if: | + startsWith(matrix.os, 'ubuntu' ) + - name: Up + run: | + ./lnmp-docker build-config > docker-compose.yml + docker-compose config -q + + ./lnmp-docker config > docker-compose.yml + docker-compose config -q + + docker-compose up -d $(./lnmp-docker services) + sleep 20 + docker ps -a + curl -fsSL 127.0.0.1 + quite=true ./lnmp-docker down + + ./lnmp-docker up + ./lnmp-docker down + + QUITE=true ./lnmp-docker test development + + # command -v docker-compose + # sudo rm -rf $(command -v docker-compose) || true + # export LNMP_SERVICES="nginx mariadb php7 redis" + # export LREW_INCLUDE="mariadb" + + ./lnmp-docker up + - name: Connect + run: | + sleep 20 + curl -fsSL 127.0.0.1 + - name: Down + run: ./lnmp-docker down + - name: Test Swarm mode + run: | + QUITE=true ./lnmp-docker test swarm + if: | + startsWith(matrix.os, 'ubuntu' ) + - name: pwsh + shell: pwsh + run: ./lnmp-docker.ps1 + - name: Set ENV + run: | + echo "$(pwd)" >> $GITHUB_PATH + echo "$(pwd)/bin" >> $GITHUB_PATH + #echo "LNMP_PATH=$(pwd)" >> $GITHUB_ENV + - name: lnmp-CLI + run: | + lnmp-php -v + lnmp-composer --version + + lnmp-npm -v + lnmp-yarn -v + - name: build and push [ lwpm ] image + if: | + contains( github.event.head_commit.message, '[lwpm]' ) + && github.event_name == 'push' + && startsWith(matrix.os, 'ubuntu' ) + run: | + docker buildx build -t lwpm/lwpm -f windows/lwpm.Dockerfile --push windows + - name: build and push [ docker-image-sync ] image + if: | + contains( github.event.head_commit.message, '[lwpm]' ) + && github.event_name == 'push' + && startsWith(matrix.os, 'ubuntu' ) + run: | + docker buildx build -t khs1994/docker-image-sync -f windows/docker-image-sync.Dockerfile --push windows + - name: build and push [ lrew ] image + if: | + contains( github.event.head_commit.message, '[lrew]' ) + && github.event_name == 'push' + && startsWith(matrix.os, 'ubuntu' ) + run: | + docker buildx build -t lrew/lrew --push lrew + - name: Config git + run: | + git config --global user.email "ci@khs1994.com" + git config --global user.name "gh-bot" + - name: Check config + run: | + sudo apt install -y tree + cd config + ./default.sh + tree . + cd .. + git status | grep "nothing to commit" && exit 0 || true + git add . + git commit -m "[Config] Update default config" || exit 0 + git remote add github https://khs1994:${GITHUB_TOKEN}@github.com/khs1994-docker/lnmp.git + git checkout -b 20.10-config + git push github 20.10-config -f + env: + GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} + if: | + startsWith(matrix.os, 'ubuntu' ) + powershell: + needs: skip + runs-on: windows-latest + steps: + - uses: actions/checkout@main + with: + fetch-depth: 2 + - shell: powershell + run: | + ./lnmp-docker.ps1 diff --git a/.github/workflows/docker-image-rootfs.yml b/.github/workflows/docker-image-rootfs.yml new file mode 100644 index 00000000..04e70396 --- /dev/null +++ b/.github/workflows/docker-image-rootfs.yml @@ -0,0 +1,91 @@ +name: Docker Image rootfs + +on: + workflow_dispatch: + +env: + LNMP_CN_ENV: 'false' + +jobs: + windows: + runs-on: windows-latest + steps: + - uses: actions/checkout@main + with: + fetch-depth: 2 + - shell: pwsh + name: Download docker hub docker image rootfs + run: | + . ./windows/sdk/dockerhub/rootfs.ps1 + rootfs hello-world + # env: + # DOCKER_USERNAME: ${{secrets.DOCKER_USERNAME}} + # DOCKER_PASSWORD: ${{secrets.DOCKER_PASSWORD}} + - shell: pwsh + name: Download aliyun docker image rootfs + run: | + . ./windows/sdk/dockerhub/rootfs.ps1 + rootfs khs1994/hello-world latest '' '' '' 0 registry.us-west-1.aliyuncs.com + # env: + # DOCKER_USERNAME: ${{secrets.DOCKER_ALIYUN_USERNAME}} + # DOCKER_PASSWORD: ${{secrets.DOCKER_PASSWORD}} + - shell: pwsh + name: Download tencent cloud docker image rootfs + run: | + . ./windows/sdk/dockerhub/rootfs.ps1 + rootfs khs1994/hello-world latest '' '' '' 0 uswccr.ccs.tencentyun.com + # env: + # DOCKER_USERNAME: ${{secrets.DOCKER_TENCENT_CLOUD_USERNAME}} + # DOCKER_PASSWORD: ${{secrets.DOCKER_PASSWORD}} + - shell: pwsh + name: Download mirror.gcr.io docker image rootfs + run: | + . ./windows/sdk/dockerhub/rootfs.ps1 + rootfs hello-world latest '' '' '' 0 mirror.gcr.io + # env: + # DOCKER_USERNAME: ${{secrets.DOCKER_USERNAME}} + # DOCKER_PASSWORD: ${{secrets.DOCKER_PASSWORD}} + continue-on-error: true + - name: List docker image rootfs + run: | + ls ~/.khs1994-docker-lnmp/dockerhub + linux: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@main + with: + fetch-depth: 2 + - name: Download docker hub docker image rootfs + run: | + bash ./windows/sdk/dockerhub/rootfs.sh hello-world + # env: + # DOCKER_USERNAME: ${{secrets.DOCKER_USERNAME}} + # DOCKER_PASSWORD: ${{secrets.DOCKER_PASSWORD}} + - name: Download aliyun docker image rootfs + run: | + bash ./windows/sdk/dockerhub/rootfs.sh \ + khs1994/hello-world latest '' '' '' 0 registry.us-west-1.aliyuncs.com + # env: + # DOCKER_USERNAME: ${{secrets.DOCKER_ALIYUN_USERNAME}} + # DOCKER_PASSWORD: ${{secrets.DOCKER_PASSWORD}} + - name: Download tencent cloud docker image rootfs + run: | + bash ./windows/sdk/dockerhub/rootfs.sh \ + khs1994/hello-world latest '' '' '' 0 uswccr.ccs.tencentyun.com + # env: + # DOCKER_USERNAME: ${{secrets.DOCKER_TENCENT_CLOUD_USERNAME}} + # DOCKER_PASSWORD: ${{secrets.DOCKER_PASSWORD}} + - name: Download mirror.gcr.io docker image rootfs + run: | + bash ./windows/sdk/dockerhub/rootfs.sh \ + hello-world latest '' '' '' 0 mirror.gcr.io + # env: + # DOCKER_USERNAME: ${{secrets.DOCKER_USERNAME}} + # DOCKER_PASSWORD: ${{secrets.DOCKER_PASSWORD}} + continue-on-error: true + - name: List docker image rootfs + run: | + ls -la ~/.khs1994-docker-lnmp/dockerhub + - name: lpm-on-linux + run: | + ./lpm.ps1 install coredns diff --git a/.github/workflows/dockerimage.yml b/.github/workflows/dockerimage.yml new file mode 100644 index 00000000..2732c812 --- /dev/null +++ b/.github/workflows/dockerimage.yml @@ -0,0 +1,14 @@ +name: Docker Image CI + +on: [push] + +jobs: + + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v1 + - name: Build the Docker image + run: docker build . --file Dockerfile --tag vfac/envdevphpbase:7.4-fpm diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml new file mode 100644 index 00000000..efcd7871 --- /dev/null +++ b/.github/workflows/labeler.yml @@ -0,0 +1,13 @@ +# https://github.com/actions/labeler + +name: "Pull Request Labeler" +on: +- pull_request + +jobs: + triage: + runs-on: ubuntu-latest + steps: + - uses: actions/labeler@v2 + with: + repo-token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/lrew.yml b/.github/workflows/lrew.yml new file mode 100644 index 00000000..cf31c499 --- /dev/null +++ b/.github/workflows/lrew.yml @@ -0,0 +1,56 @@ +name: LREW + +on: + push: + pull_request: + +jobs: + skip: + runs-on: ubuntu-latest + if: | + (! (contains( github.event.head_commit.message, '[skip ci]') + || contains( github.event.head_commit.message, '[skip action]') + || contains( github.event.head_commit.message, '[skip actions]') + || contains( github.event.head_commit.message, '[ci skip]') + || contains( github.event.head_commit.message, '[actions skip]') + || contains( github.event.head_commit.message, '[action skip]'))) + steps: + - run: echo "build continue !" + CI: + runs-on: windows-latest + needs: skip + env: + LNMP_CN_ENV: "false" + steps: + - uses: actions/checkout@main + with: + fetch-depth: 2 + - name: Set ENV + shell: pwsh + run: | + echo "$(pwd)" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append + echo "$(pwd)\windows" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append + #echo "LNMP_PATH=$(pwd)" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append + - name: lrew-init-test + shell: powershell + run: lnmp-docker.ps1 lrew-init test + - name: lrew-init-test2-quite + shell: powershell + run: | + $QUITE=$true + lnmp-docker.ps1 lrew-init test2 + - name: lrew-add-etcd + shell: pwsh + run: | + lnmp-docker.ps1 lrew-add etcd + - name: lrew-add-smee + shell: pwsh + run: | + ./lrew/lrew.ps1 add smee + - name: lrew-add-not-exists-pkg + shell: pwsh + run: | + ./lrew/lrew.ps1 add ooooo + - name: list vendor + run: | + ls -r vendor diff --git a/.github/workflows/lwpm.yml b/.github/workflows/lwpm.yml new file mode 100644 index 00000000..d55110e9 --- /dev/null +++ b/.github/workflows/lwpm.yml @@ -0,0 +1,64 @@ +name: LWPM + +on: + push: + pull_request: + +jobs: + skip: + runs-on: ubuntu-latest + if: | + (! (contains( github.event.head_commit.message, '[skip ci]') + || contains( github.event.head_commit.message, '[skip action]') + || contains( github.event.head_commit.message, '[skip actions]') + || contains( github.event.head_commit.message, '[ci skip]') + || contains( github.event.head_commit.message, '[actions skip]') + || contains( github.event.head_commit.message, '[action skip]'))) + steps: + - run: echo "build continue !" + windows: + runs-on: windows-latest + needs: skip + timeout-minutes: 10 + env: + LNMP_CN_ENV: false + steps: + - uses: actions/checkout@main + with: + fetch-depth: 2 + - name: Set ENV + shell: pwsh + run: | + echo "$(pwd)\windows" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append + echo "C:\ProgramData\ComposerSetup\bin" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append + #echo "LNMP_PATH=$(pwd)" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append + - name: init + shell: pwsh + run: echo "extension=openssl" C:\tools\php\php.ini > $null + - shell: powershell + run: php -i | select-string .ini + - run: php -m + - shell: powershell + run: cat C:\tools\php\php.ini | select-string extension + - name: lwpm-install-composer + shell: powershell + run: lnmp-windows-pm.ps1 install composer + - name: lwpm-init-test + shell: powershell + run: lnmp-windows-pm.ps1 init test + - name: lwpm-add-openjdk + shell: pwsh + run: lnmp-windows-pm.ps1 add openjdk + - name: lwpm-install-openjdk + shell: pwsh + run: | + lnmp-windows-pm.ps1 install openjdk + echo $env:PATH + - name: lwpm-add-not-exists-pkg + shell: pwsh + run: | + lnmp-windows-pm.ps1 add ooooooo + echo $env:PATH + - shell: pwsh + run: | + ls -r vendor diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 00000000..e01d283a --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,19 @@ +name: CI + +on: [push, pull_request] + +jobs: + build: + runs-on: ubuntu-latest + strategy: + matrix: + php_version: ["7.1", "7.2", "7.3", "7.4"] + service: [php-fpm, php-worker, workspace, laravel-horizon] + steps: + - uses: actions/checkout@v2 + - name: Build the Docker image + env: + PHP_VERSION: ${{ matrix.php_version }} + run: | + cp env-example .env + docker-compose build ${{ matrix.service }} diff --git a/.github/workflows/manifest.yml b/.github/workflows/manifest.yml new file mode 100644 index 00000000..a694d65b --- /dev/null +++ b/.github/workflows/manifest.yml @@ -0,0 +1,106 @@ +on: + push: + pull_request: + workflow_dispatch: + +name: Manifest + +jobs: + manifest: + if: | + (! (contains( github.event.head_commit.message, '[skip ci]') + || contains( github.event.head_commit.message, '[skip action]') + || contains( github.event.head_commit.message, '[skip actions]') + || contains( github.event.head_commit.message, '[ci skip]') + || contains( github.event.head_commit.message, '[actions skip]') + || contains( github.event.head_commit.message, '[action skip]')) + ) || github.event_name == 'workflow_dispatch' + strategy: + matrix: + os: + - ubuntu-latest + - macos-latest + runs-on: ubuntu-latest + services: + redis: + image: redis:6.0.9-alpine + defaults: + run: + shell: bash --noprofile --norc -exo pipefail {0} + steps: + - name: Dump GitHub context + env: + GITHUB_CONTEXT: ${{ toJson(github) }} + run: echo "$GITHUB_CONTEXT" + - name: Dump job context + env: + JOB_CONTEXT: ${{ toJson(job) }} + run: echo "$JOB_CONTEXT" + - name: Dump steps context + env: + STEPS_CONTEXT: ${{ toJson(steps) }} + run: echo "$STEPS_CONTEXT" + - name: Dump runner context + env: + RUNNER_CONTEXT: ${{ toJson(runner) }} + run: echo "$RUNNER_CONTEXT" + - name: Dump strategy context + env: + STRATEGY_CONTEXT: ${{ toJson(strategy) }} + run: echo "$STRATEGY_CONTEXT" + - name: Dump matrix context + env: + MATRIX_CONTEXT: ${{ toJson(matrix) }} + run: echo "$MATRIX_CONTEXT" + + - name: Only Build on Tag + run: | + echo "tag event" + if: github.event_name == 'push' && contains(github.ref,'refs/tags/') + - name: Check skip ci + run: | + echo "this build skip" + if: | + contains( github.event.head_commit.message, '[skip ci]') + || contains( github.event.head_commit.message, '[skip action]') + || contains( github.event.head_commit.message, '[ci skip]') + || contains( github.event.head_commit.message, '[action skip]') + - run: docker version + - run: docker info + - run: docker-compose --version + - name: System info + run: | + env + + echo $PATH + + sudo netstat -nlpt || true + + sudo systemctl -t service --all || true + sudo systemctl -t service --all | grep mysql || true + sudo systemctl -t service --all | grep redis || true + sudo systemctl -t service --all | grep php || true + + docker network ls + docker network ls | grep github || true + docker ps -a + + mysql --version + sudo systemctl status mysql || true + + sudo systemctl status redis || true + + which php7.1 && php7.1 -v || true + which php7.2 && php7.2 -v || true + which php7.3 && php7.3 -v || true + which php7.4 && php7.4 -v || true + which php8.0 && php8.0 -v || true + which php && php -v || true + + which composer && composer -V && composer config -g -l || true + + which go && go version || true + + which node && node --version || true + which node12 && node12 --version || true + which npm && npm --version || true diff --git a/.github/workflows/php-fpm.yml b/.github/workflows/php-fpm.yml new file mode 100644 index 00000000..c5fb5c70 --- /dev/null +++ b/.github/workflows/php-fpm.yml @@ -0,0 +1,33 @@ +name: Docker Image CI + +on: + push: + branches: master + schedule: + - cron: 0 0 * * 6 + +jobs: + build: + runs-on: ubuntu-latest + strategy: + matrix: + php_version: [56, 70, 71, 72, 73, 74] + steps: + - uses: actions/checkout@v2 + - name: Build the Docker image + env: + PHP_VERSION: ${{ matrix.php_version }} + run: | + export TAG_VERSION=${PHP_VERSION:0:1}.${PHP_VERSION:1:1} + docker build . --file Dockerfile-${{ matrix.php_version }} --tag laradock/php-fpm:latest-${TAG_VERSION} + docker image ls + + - name: Push image to Docker hub + if: success() + env: + PHP_VERSION: ${{ matrix.php_version }} + run: | + export TAG_VERSION=${PHP_VERSION:0:1}.${PHP_VERSION:1:1} + echo ${{ secrets.DOCKER_HUB_PASSWORD }} | docker login -u ${{ secrets.DOCKER_HUB_USER }} --password-stdin + docker push laradock/php-fpm:latest-${TAG_VERSION} + docker logout diff --git a/.github/workflows/sync-actions.yml b/.github/workflows/sync-actions.yml new file mode 100644 index 00000000..907563e8 --- /dev/null +++ b/.github/workflows/sync-actions.yml @@ -0,0 +1,86 @@ +on: + push: + tags: + - '*' + branches: + - "20.10" + # paths: + # - '/.github/actions/*' + workflow_dispatch: + +name: Sync Actions + +defaults: + run: + shell: bash --noprofile --norc -exo pipefail {0} + +jobs: + skip: + runs-on: ubuntu-latest + if: | + contains( github.ref, 'refs/tags/' ) + || contains( github.event.head_commit.message, '[sync actions]') + || contains( github.event.head_commit.message, '[sync action]') + || github.event_name == 'workflow_dispatch' + steps: + - run: echo "sync continue !" + sync-actions: + runs-on: ubuntu-latest + needs: skip + if: | + github.ref != 'refs/heads/master' + steps: + - uses: actions/checkout@main + with: + fetch-depth: 2 + - name: build-actions-setup-php + run: | + cd .github/actions/setup-php + sed -i 's#node_modules##g' .gitignore + npm i + npm outdated || true + - name: sync-actions-setup-php + uses: docker://pcit/pages + env: + PCIT_EMAIL: khs1994@khs1994.com + PCIT_GIT_TOKEN: ${{ secrets.PCIT_GIT_TOKEN }} + PCIT_GIT_URL: github.com/khs1994-docker/actions-setup-php + PCIT_KEEP_HISTORY: "true" + PCIT_LOCAL_DIR: .github/actions/setup-php + PCIT_MESSAGE: Sync from khs1994-docker/lnmp@${{github.sha}} by PCIT + PCIT_TARGET_BRANCH: master + PCIT_USERNAME: khs1994 + - name: build-actions-setup-docker + run: | + cd .github/actions/setup-docker + sed -i 's#node_modules##g' .gitignore + npm i + npm outdated || true + - name: sync-actions-setup-docker + uses: docker://pcit/pages + env: + PCIT_EMAIL: khs1994@khs1994.com + PCIT_GIT_TOKEN: ${{ secrets.PCIT_GIT_TOKEN }} + PCIT_GIT_URL: github.com/docker-practice/actions-setup-docker + PCIT_KEEP_HISTORY: "true" + PCIT_LOCAL_DIR: .github/actions/setup-docker + PCIT_MESSAGE: Sync from khs1994-docker/lnmp@${{github.sha}} by PCIT + PCIT_TARGET_BRANCH: master + PCIT_USERNAME: khs1994 + - name: build-actions-setup-lnmp + run: | + cd .github/actions/setup-lnmp + sed -i 's#node_modules##g' .gitignore + npm i + npm outdated || true + - name: sync-actions-setup-lnmp + uses: docker://pcit/pages + env: + PCIT_EMAIL: khs1994@khs1994.com + PCIT_GIT_TOKEN: ${{ secrets.PCIT_GIT_TOKEN }} + PCIT_GIT_URL: github.com/khs1994-docker/actions-setup-lnmp + PCIT_KEEP_HISTORY: "true" + PCIT_LOCAL_DIR: .github/actions/setup-lnmp + PCIT_MESSAGE: Sync from khs1994-docker/lnmp@${{github.sha}} by PCIT + PCIT_TARGET_BRANCH: master + PCIT_USERNAME: khs1994 diff --git a/.github/workflows/sync-git.yml b/.github/workflows/sync-git.yml new file mode 100644 index 00000000..de483b60 --- /dev/null +++ b/.github/workflows/sync-git.yml @@ -0,0 +1,179 @@ +# commit mesage include [skip sync] to skip ci + +on: + push: + tags: + - '*' + branches: + - "20.10" + workflow_dispatch: + +name: Sync Git + +jobs: + skip: + runs-on: ubuntu-latest + if: | + contains( github.ref, 'refs/tags/' ) + || contains( github.event.head_commit.message, '[sync git]') + || github.event_name == 'workflow_dispatch' + steps: + - run: echo "sync continue !" + sync-git: + runs-on: ubuntu-latest + needs: skip + if: | + github.ref != 'refs/heads/master' + env: + PCIT_EMAIL: khs1994@khs1994.com + PCIT_GIT_TOKEN: ${{ secrets.PCIT_GIT_TOKEN }} + PCIT_USERNAME: khs1994 + PCIT_MESSAGE: Sync from khs1994-docker/lnmp@${{github.sha}} by PCIT + PCIT_KEEP_HISTORY: "true" + steps: + - uses: actions/checkout@main + with: + fetch-depth: 2 + - name: sync-acme.sh + uses: docker://pcit/pages + env: + PCIT_EMAIL: khs1994@khs1994.com + PCIT_GIT_TOKEN: ${{ secrets.PCIT_GIT_TOKEN }} + PCIT_GIT_URL: github.com/khs1994-docker/acme-docker + PCIT_KEEP_HISTORY: "true" + PCIT_LOCAL_DIR: dockerfile/acme.sh + PCIT_MESSAGE: Sync from khs1994-docker/lnmp@${{github.sha}} by PCIT + PCIT_TARGET_BRANCH: master + PCIT_USERNAME: khs1994 + - name: sync-ci + uses: docker://pcit/pages + env: + PCIT_EMAIL: khs1994@khs1994.com + PCIT_GIT_TOKEN: ${{ secrets.PCIT_GIT_TOKEN }} + PCIT_GIT_URL: github.com/khs1994-docker/ci + PCIT_KEEP_HISTORY: "true" + PCIT_LOCAL_DIR: drone + PCIT_MESSAGE: Sync from khs1994-docker/lnmp@${{github.sha}} by PCIT + PCIT_TARGET_BRANCH: master + PCIT_USERNAME: khs1994 + - name: sync-kubernetes + uses: docker://pcit/pages + env: + PCIT_EMAIL: khs1994@khs1994.com + PCIT_GIT_TOKEN: ${{ secrets.PCIT_GIT_TOKEN }} + PCIT_GIT_URL: github.com/khs1994-docker/lnmp-k8s + PCIT_KEEP_HISTORY: "true" + PCIT_LOCAL_DIR: kubernetes + PCIT_MESSAGE: Sync from khs1994-docker/lnmp@${{github.sha}} by PCIT + PCIT_TARGET_BRANCH: master + PCIT_USERNAME: khs1994 + - name: sync-node-demo + uses: docker://pcit/pages + env: + PCIT_EMAIL: khs1994@khs1994.com + PCIT_GIT_TOKEN: ${{ secrets.PCIT_GIT_TOKEN }} + PCIT_GIT_URL: github.com/khs1994-docker/node-demo + PCIT_KEEP_HISTORY: "true" + PCIT_LOCAL_DIR: app/node-demo + PCIT_MESSAGE: Sync from khs1994-docker/lnmp@${{github.sha}} by PCIT + PCIT_TARGET_BRANCH: master + PCIT_USERNAME: khs1994 + - name: sync-php-demo + uses: docker://pcit/pages + env: + PCIT_EMAIL: khs1994@khs1994.com + PCIT_GIT_TOKEN: ${{ secrets.PCIT_GIT_TOKEN }} + PCIT_GIT_URL: github.com/khs1994-docker/php-demo + PCIT_KEEP_HISTORY: "true" + PCIT_LOCAL_DIR: app/demo + PCIT_MESSAGE: Sync from khs1994-docker/lnmp@${{github.sha}} by PCIT + PCIT_TARGET_BRANCH: master + PCIT_USERNAME: khs1994 + - name: sync-buildx + uses: docker://pcit/pages + env: + PCIT_EMAIL: khs1994@khs1994.com + PCIT_GIT_TOKEN: ${{ secrets.PCIT_GIT_TOKEN }} + PCIT_GIT_URL: github.com/docker-practice/buildx + PCIT_KEEP_HISTORY: "true" + PCIT_LOCAL_DIR: dockerfile/buildkit + PCIT_MESSAGE: commit by ci + PCIT_TARGET_BRANCH: master + PCIT_USERNAME: khs1994 + - name: sync-laravel-demo + uses: docker://pcit/pages + env: + PCIT_EMAIL: khs1994@khs1994.com + PCIT_GIT_TOKEN: ${{ secrets.PCIT_GIT_TOKEN }} + PCIT_GIT_URL: github.com/khs1994-docker/laravel-demo + PCIT_KEEP_HISTORY: "true" + PCIT_LOCAL_DIR: app/laravel-demo + PCIT_MESSAGE: Sync from khs1994-docker/lnmp@${{github.sha}} by PCIT + PCIT_TARGET_BRANCH: master + PCIT_USERNAME: khs1994 + - name: sync-kube-nginx + uses: docker://pcit/pages + env: + PCIT_EMAIL: khs1994@khs1994.com + PCIT_GIT_TOKEN: ${{ secrets.PCIT_GIT_TOKEN }} + PCIT_GIT_URL: github.com/khs1994-docker/kube-nginx + PCIT_KEEP_HISTORY: "true" + PCIT_LOCAL_DIR: kubernetes/kube-nginx + PCIT_MESSAGE: Sync from khs1994-docker/lnmp@${{github.sha}} by PCIT + PCIT_TARGET_BRANCH: master + PCIT_USERNAME: khs1994 + - name: sync-k8s-ci-demo + uses: docker://pcit/pages + env: + PCIT_EMAIL: khs1994@khs1994.com + PCIT_GIT_TOKEN: ${{ secrets.PCIT_GIT_TOKEN }} + PCIT_GIT_URL: github.com/khs1994-docker/k8s-demo + PCIT_KEEP_HISTORY: "true" + PCIT_LOCAL_DIR: kubernetes/demo/ci + PCIT_MESSAGE: Sync from khs1994-docker/lnmp@${{github.sha}} by PCIT + PCIT_TARGET_BRANCH: master + PCIT_USERNAME: khs1994 + - name: sync-docker-image-sync + uses: docker://pcit/pages + env: + PCIT_EMAIL: khs1994@khs1994.com + PCIT_GIT_TOKEN: ${{ secrets.PCIT_GIT_TOKEN }} + PCIT_GIT_URL: github.com/khs1994-docker/docker-image-sync + PCIT_KEEP_HISTORY: "true" + PCIT_LOCAL_DIR: dockerfile/sync + PCIT_MESSAGE: Sync from khs1994-docker/lnmp@${{github.sha}} by PCIT + PCIT_TARGET_BRANCH: master + PCIT_USERNAME: khs1994 + - name: sync-nginx + uses: docker://pcit/pages + env: + PCIT_EMAIL: khs1994@khs1994.com + PCIT_GIT_TOKEN: ${{ secrets.PCIT_GIT_TOKEN }} + PCIT_GIT_URL: github.com/khs1994-docker/nginx + PCIT_KEEP_HISTORY: "true" + PCIT_LOCAL_DIR: dockerfile/nginx + PCIT_MESSAGE: Sync from khs1994-docker/lnmp@${{github.sha}} by PCIT + PCIT_TARGET_BRANCH: master + PCIT_USERNAME: khs1994 + - name: sync-docker-proxy + uses: docker://pcit/pages + env: + # PCIT_EMAIL: khs1994@khs1994.com + # PCIT_GIT_TOKEN: ${{ secrets.PCIT_GIT_TOKEN }} + PCIT_GIT_URL: github.com/khs1994-docker/docker-proxy + # PCIT_KEEP_HISTORY: "true" + PCIT_LOCAL_DIR: dockerfile/docker-proxy + # PCIT_MESSAGE: Sync from khs1994-docker/lnmp@${{github.sha}} by PCIT + PCIT_TARGET_BRANCH: master + # PCIT_USERNAME: khs1994 + - name: sync-s6 + uses: docker://pcit/pages + env: + # PCIT_EMAIL: khs1994@khs1994.com + # PCIT_GIT_TOKEN: ${{ secrets.PCIT_GIT_TOKEN }} + PCIT_GIT_URL: github.com/khs1994-docker/s6 + # PCIT_KEEP_HISTORY: "true" + PCIT_LOCAL_DIR: dockerfile/s6 + # PCIT_MESSAGE: Sync from khs1994-docker/lnmp@${{github.sha}} by PCIT + PCIT_TARGET_BRANCH: master + # PCIT_USERNAME: khs1994 diff --git a/.github/workflows/sync-php.yml b/.github/workflows/sync-php.yml new file mode 100644 index 00000000..39f0c705 --- /dev/null +++ b/.github/workflows/sync-php.yml @@ -0,0 +1,33 @@ +on: + push: + # Sequence of patterns matched against refs/tags + # tags: + # - '*' + # Sequence of patterns matched against refs/heads + branches: + - 20.10-pre + # - 'releases/*' # Push events to branches matching refs/heads/releases/* + workflow_dispatch: + +name: Sync PHP + +jobs: + sync-php: + runs-on: ubuntu-latest + if: | + github.ref == 'refs/heads/20.10-pre' + steps: + - uses: actions/checkout@main + with: + fetch-depth: 2 + - name: sync-php + uses: docker://pcit/pages + env: + PCIT_EMAIL: khs1994@khs1994.com + PCIT_GIT_TOKEN: ${{ secrets.PCIT_GIT_TOKEN }} + PCIT_GIT_URL: github.com/khs1994-docker/php + PCIT_KEEP_HISTORY: "true" + PCIT_LOCAL_DIR: dockerfile/php + PCIT_MESSAGE: Sync from khs1994-docker/lnmp@${{github.sha}} by PCIT + PCIT_TARGET_BRANCH: master + PCIT_USERNAME: khs1994 diff --git a/.gitignore b/.gitignore index c5b4a052..851ef6a2 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,57 @@ .DS_Store *.log /conf.ini +/examples + +/.idea +data/logs/* +data/mysql/* +*.swp +*.pid + +conf/apache/vhosts/* +!conf/apache/vhosts/default.conf +!conf/apache/vhosts/envdev_home.conf +conf/nginx/vhosts/* +!conf/nginx/vhosts/default.conf +!conf/nginx/vhosts/envdev_home.conf +conf/ssl/* +!conf/ssl/envdev.crt +!conf/ssl/envdev.key +!conf/ssl/envdev.csr +projects/* +!projects/index.php +!projects/phpinfo.php +.env +profiles/* + +# IntelliJ project files +.idea +composer +logs/ +mysql/ +www/ +redis +!/config/nginx/conf.d/laravel.conf +/config/nginx/conf.d/* +/config/nginx/.DS_Store +/.DS_Store +.env +docker-compose.yml +www/* +!www/default +nginx/conf.d/* +!nginx/conf.d/default.conf +mysql/data +redis/data +mongodb/data +log + +.idea +.DS_Store +nohup.out +docker-compose.yml +docker-compose.yml.* +www/* +!www/localhost/ +logs/* diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 00000000..172c0a6a --- /dev/null +++ b/.travis.yml @@ -0,0 +1,30 @@ +sudo: required + +services: + - docker + +addons: + apt: + packages: + - docker-ce + +env: + DOCKER_COMPOSE_VERSION: 1.8.1 + +before_install: + - sudo rm /usr/local/bin/docker-compose + - curl -L https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` > docker-compose + - sudo mv docker-compose /usr/local/bin + - chmod +x /usr/local/bin/docker-compose + + - docker --version + - docker build -q -t vfac/envdevphpbase:7.4-fpm . + - docker run --name php7.4 -d -v $PWD:/var/www/html vfac/envdevphpbase:7.4-fpm + - docker-compose -f test/7.4/docker-compose.yml up -d + +script: + - docker exec php7.4 php -v + - docker exec php7.4 sh -c "php -v | grep 7.4" + - docker exec php7.4 sh -c "php test/test.php |grep version" + - docker exec php7.4 composer --version + - curl -s localhost:8072/test.php |grep bcmath diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 00000000..d3144327 --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,16 @@ +{ + "files.associations": { + "env-example": "dotenv", + "Dockerfile-*": "dockerfile", + "Dockerfile.*": "dockerfile", + "*.ign": "json", + "*.fcc": "yaml", + ".ini*": "ini", + }, + "files.autoSave": "onFocusChange", + "editor.fontSize": 18, + "gitlens.advanced.fileHistoryFollowsRenames": true, + "gitlens.advanced.fileHistoryShowAllBranches": true, + "gitlens.blame.heatmap.location": "left" +} + diff --git a/LICENSE b/LICENSE new file mode 100644 index 00000000..e11331c6 --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright 2016 + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. \ No newline at end of file diff --git a/README-zh.md b/README-zh.md new file mode 100644 index 00000000..749664e7 --- /dev/null +++ b/README-zh.md @@ -0,0 +1,385 @@ + +### 编辑 Docker 镜像 + +1 - 找到你想修改的镜像的 `Dockerfile` , +
+例如: `mysql` 在 `mysql/Dockerfile`. + +2 - 按你所要的编辑文件. + +3 - 重新构建容器: + +```bash +docker-compose build mysql +``` + +更多信息在容器重建中[点击这里](#Build-Re-build-Containers). + + +### 建立/重建容器 + +如果你做任何改变 `Dockerfile` 确保你运行这个命令,可以让所有修改更改生效: + +```bash +docker-compose build +``` + +选择你可以指定哪个容器重建(而不是重建所有的容器): + +```bash +docker-compose build {container-name} +``` + +如果你想重建整个容器,你可能需要使用 `--no-cache` 选项 (`docker-compose build --no-cache {container-name}`). + + +### 增加更多软件 (Docker 镜像) + +为了增加镜像(软件), 编辑 `docker-compose.yml` 添加容器细节, 你需要熟悉 [docker compose 文件语法](https://docs.docker.com/compose/compose-file/). + + +### 查看日志文件 +Nginx的日志在 `logs/nginx` 目录 + +然后查看其它容器日志(MySQL, PHP-FPM,...) 你可以运行: + +```bash +docker logs {container-name} +``` + + +### [Laravel] + + +### 从 Docker 镜像安装 Laravel + +1 - 首先你需要进入 Workspace 容器. + +2 - 安装 Laravel. + +例如 使用 Composer + +```bash +composer create-project laravel/laravel my-cool-app "5.2.*" +``` + +> 我们建议使用 `composer create-project` 替换 Laravel 安装器去安装 Laravel. + +关于更多 Laravel 安装内容请 [点击这儿](https://laravel.com/docs/master#installing-laravel). + + +3 - 编辑 `docker-compose.yml` 映射新的应用目录: +系统默认 Laradock 假定 Laravel 应用在 laradock 的父级目录中 + +更新 Laravel 应用在 `my-cool-app` 目录中, 我们需要用 `../my-cool-app/:/var/www`替换 `../:/var/www` , 如下: + +```yaml + application: + build: ./application + volumes: + - ../my-cool-app/:/var/www +``` + +4 - 进入目录下继续工作.. + +```bash +cd my-cool-app +``` + +5 - 回到 Laradock 安装步骤,看看如何编辑 `.env` 的文件。 + + +### 运行 Artisan 命令 + +你可以从 Workspace 容器运行 artisan 命令和其他终端命令 + +增加 `--user=laradock` (例如 `docker-compose exec --user=laradock workspace bash`) 作为您的主机的用户创建的文件. + + + +### 使用 Redis +1 - 首先务必用 `docker-compose up` 命令运行 (`redis`) 容器. + +```bash +docker-compose up -d redis +``` + +2 - 打开你的Laravel的 `.env` 文件 然后 配置 `redis` 的 `REDIS_HOST` + +```env +REDIS_HOST=redis +``` + +如果在你的 `.env` 文件没有找到 `REDIS_HOST` 变量。打开数据库配置文件 `config/database.php` 然后用 `redis` 替换默认 IP `127.0.0.1`,例如: + + +```php +'redis' => [ + 'cluster' => false, + 'default' => [ + 'host' => 'redis', + 'port' => 6379, + 'database' => 0, + ], +], +``` + +3 - 启用 Redis 缓存或者开启 Session 管理也在 `.env` 文件中用 `redis` 替换默认 `file` 设置 `CACHE_DRIVER` 和 `SESSION_DRIVER` + +```env +CACHE_DRIVER=redis +SESSION_DRIVER=redis +``` + +4 - 最好务必通过 Composer 安装 `predis/predis` 包 `(~1.0)`: + +```bash +composer require predis/predis:^1.0 +``` + +5 - 你可以用以下代码在 Laravel 中手动测试: + +```php +\Cache::store('redis')->put('Laradock', 'Awesome', 10); +``` + + +### 使用 Mongo + +1 - 首先在 Workspace 和 PHP-FPM 容器中安装 `mongo`: + + a) 打开 `docker-compose.yml` 文件 + b) 在 Workspace 容器中找到 `INSTALL_MONGO` 选项: + c) 设置为 `true` + d) 在 PHP-FPM 容器中找到 `INSTALL_MONGO` + e) 设置为 `true` + +相关配置项如下: + +```yml + workspace: + build: + context: ./workspace + args: + - INSTALL_MONGO=true + ... + php-fpm: + build: + context: ./php-fpm + args: + - INSTALL_MONGO=true + ... +``` + +2 - 重建 `Workspace、PHP-FPM` 容器 + +```bash +docker-compose build workspace php-fpm +``` + +3 - 使用 `docker-compose up` 命令运行 MongoDB 容器 (`mongo`) + +```bash +docker-compose up -d mongo +``` + +4 - 在 `config/database.php` 文件添加 MongoDB 的配置项: + +```php +'connections' => [ + + 'mongodb' => [ + 'driver' => 'mongodb', + 'host' => env('DB_HOST', 'localhost'), + 'port' => env('DB_PORT', 27017), + 'database' => env('DB_DATABASE', 'database'), + 'username' => '', + 'password' => '', + 'options' => [ + 'database' => '', + ] + ], + + // ... + +], +``` + +5 - 打开 Laravel 的 `.env` 文件然后更新以下字段: + +- 设置 `DB_HOST` 为 `mongo` 的主机 IP. +- 设置 `DB_PORT` 为 `27017`. +- 设置 `DB_DATABASE` 为 `database`. + + +6 - 最后务必通过 Composer 安装 `jenssegers/mongodb` 包,添加服务提供者(Laravel Service Provider) + + +```bash +composer require jenssegers/mongodb +``` + +更多细节内容 [点击这儿](https://github.com/jenssegers/laravel-mongodb#installation). + +7 - 测试: + +- 首先让你的模型继承 Mongo 的 Eloquent Model. 查看 [文档](https://github.com/jenssegers/laravel-mongodb#eloquent). +- 进入 Workspace 容器. +- 迁移数据库 `php artisan migrate`. + + +### [PHP] + + +### 安装 PHP 拓展 + +安装 PHP 扩展之前,你必须决定你是否需要 `FPM` 或 `CLI`,因为他们安装在不同的容器上,如果你需要两者,则必须编辑两个容器。 + +PHP-FPM 拓展务必安装在 `php-fpm/Dockerfile-XX`. *(用你 PHP 版本号替换 XX)*. + +PHP-CLI 拓展应该安装到 `workspace/Dockerfile`. + + +### 修改 PHP-FPM 版本 +默认运行 **PHP-FPM 7.0** 版本. + +>PHP-FPM 负责服务你的应用代码,如果你是计划运行您的应用程序在不同 PHP-FPM 版本上,则不需要更改 PHP-CLI 版本。 + +#### A) 切换版本 PHP `7.0` 到 PHP `5.6` + +1 - 打开 `docker-compose.yml`。 + +2 - 在PHP容器的 `Dockerfile-70` 文件。 + +3 - 修改版本号, 用 `Dockerfile-56` 替换 `Dockerfile-70` , 例如: + +```txt +php-fpm: + build: + context: ./php-fpm + dockerfile: Dockerfile-70 +``` + +4 - 最后重建PHP容器 + +```bash +docker-compose build php +``` + +> 更多关于PHP基础镜像, 请访问 [PHP Docker官方镜像](https://hub.docker.com/_/php/). + + +#### B) 切换版本 PHP `7.0` 或 `5.6` 到 PHP `5.5` +我们已不在本地支持 PHP5.5,但是你按照以下步骤获取: + +1 - 克隆 `https://github.com/laradock/php-fpm`. + +2 - 重命名 `Dockerfile-56` 为 `Dockerfile-55`. + +3 - 编辑文件 `FROM php:5.6-fpm` 为 `FROM php:5.5-fpm`. + +4 - 从 `Dockerfile-55` 构建镜像. + +5 - 打开 `docker-compose.yml` 文件. + +6 - 将 `php-fpm` 指向你的 `Dockerfile-55` 文件. + + + +### 修改 PHP-CLI 版本 +默认运行 **PHP-CLI 7.0** 版本 + +>说明: PHP-CLI 只用于执行 Artisan 和 Composer 命令,不服务于你的应用代码,这是 PHP-FPM 的工作,所以编辑 PHP-CLI 的版本不是很重要。 +PHP-CLI 安装在 Workspace 容器,改变 PHP-CLI 版本你需要编辑 `workspace/Dockerfile`. +现在你必须手动修改 PHP-FPM 的 `Dockerfile` 或者创建一个新的。 (可以考虑贡献功能). + + +### 安装 xDebug + +1 - 首先在 Workspace 和 PHP-FPM 容器安装 `xDebug`: + + a) 打开 `docker-compose.yml` 文件 + b) 在 Workspace 容器中找到 `INSTALL_XDEBUG` 选项 + c) 改为 `true` + d) 在 PHP-FPM 容器中找到 `INSTALL_XDEBUG ` 选项 + e) 改为 `true` + +例如: + +```yml + workspace: + build: + context: ./workspace + args: + - INSTALL_XDEBUG=true + ... + php-fpm: + build: + context: ./php-fpm + args: + - INSTALL_XDEBUG=true + ... +``` + +2 - 重建容器 `docker-compose build workspace php-fpm` + + +### [Misc] + + +### 使用自定义域名 (替换 Docker 的 IP) + +假定你的自定义域名是 `laravel.test` + +1 - 打开 `/etc/hosts` 文件添加以下内容,映射你的 localhost 地址 `127.0.0.1` 为 `laravel.test` 域名 +```bash +127.0.0.1 laravel.test +``` + +2 - 打开你的浏览器访问 `{http://laravel.test}` + +你可以在 nginx 配置文件自定义服务器名称,如下: + +```conf +server_name laravel.test; +``` + + +### 安装全局 Composer 命令 + +为启用全局 Composer Install 在容器构建中允许你安装 composer 的依赖,然后构建完成后就是可用的。 + +1 - 打开 `docker-compose.yml` 文件 + +2 - 在 Workspace 容器找到 `COMPOSER_GLOBAL_INSTALL` 选项并设置为 `true` + +例如: + +```yml + workspace: + build: + context: ./workspace + args: + - COMPOSER_GLOBAL_INSTALL=true + ... +``` +3 - 现在特价你的依赖关系到 `workspace/composer.json` + +4 - 重建 Workspace 容器 `docker-compose build workspace` + + +### 安装 Prestissimo + +[Prestissimo](https://github.com/hirak/prestissimo) 是一个平行安装功能的 composer 插件。 + +1 - 在安装期间,使全局 Composer Install 正在运行: + + 点击这个 [启用全局 Composer 构建安装](#Enable-Global-Composer-Build-Install) 然后继续步骤1、2. + +2 - 添加 prestissimo 依赖到 Composer: + +a - 现在打开 `workspace/composer.json` 文件 + +b - 添加 `"hirak/prestissimo": "^0.3"` 依赖 + +c - 重建 Workspace 容器 `docker-compose build workspace` diff --git a/README.md b/README.md index d84a795b..df8ce970 100755 --- a/README.md +++ b/README.md @@ -1,40 +1,449 @@ ### Xiekers Docker Images Repo! +## Wait for add Project +- [Gitpod](https://github.com/gitpod-io/gitpod) +- [Theia](https://github.com/eclipse-theia/theia) +- [Code Server](https://github.com/cdr/code-server) +- [Eclipse Che](https://github.com/eclipse/che) +- [Codiad](https://github.com/Codiad/Codiad) +- [C9](https://github.com/c9/core) # Debian stretch(9) -``` -Buildbot ---> Archlinux aur Build Bot -golang ---> go language support environment -h5ai ---> online file view -java ---> java(8) language support environment. -nextcloud ---> an open source, self-hosted file share and communication platform, like owncloud. -owncloud ---> an open source, self-hosted file sync and share app platform. -php7 ---> php(7) language support environment running in alpine include nginx php7! -rsync ---> an open source utility that provides fast incremental file transfer. -sshd ---> support remote access via ssh ,running in debian buster -ttyd ---> Share your terminal over the web -``` - -### Run +## TODO +- go +- go env configure +- base Centos or redhat + - almalinux + - cloudlinux +### Run ``` $ run shadowsocks -docker run -d -p 6443:6443 -e PASSWORD=passwd registry.cn-hongkong.aliyuncs.com/imxieke/shadowsocks +docker run -d -p 6443:6443 -e PASSWORD=passwd registry.cn-hongkong.aliyuncs.com/imxieke/shadowsocks ``` ``` docker run -d -p 3308:3306 -e MYSQL_ROOT_PASSWORD=19960318 registry.cn-hongkong.aliyuncs.com/imxieke/mysql:latest --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci ``` -### Linux - alpine A minimal Linux - amazonlinux Amazon Distribution,Base RHEL - archlinux A simple, lightweight distribution - debian Debian is a Linux distribution that's composed entirely of free and open-source software. - deepin a beautiful open source GNU/Linux, Base Debian - ubuntu Ubuntu is a Debian-based Linux operating system based on free software. #### images/name/Dockerfile is latest version image #### images/name/Dockerfile.dev is dev version image + +## Dockenv +> 一键开箱即用 Docker 环境 + +## 一键运行 +`docker-compose up -d` +inotify-tools +phpRedisAdmin +Aerospike 高可用的 K-V类型的Nosql数据库 + +https://github.com/mozilla/geckodriver + +# TODO ADD Dockerfile +geth +openethereum +opensuuse +fedora + +## TODO +- 将 Nginx 配置 文件 氛围 main sec cache 等多个 + +## Feature +- https/http2 +Kibana、Logstash、phpMyAdmin、phpRedisAdmin、AdminMongo +## 组件 +- PHP + - amqp apcu apcu_bc bcmatch bz2 curl calendar cmark dba dom enchant exif fpm gd + - mbstring mongodb mysql mysqli + - opcache openssl phpunit pod_mysql redis redis rdkafka + - soap swoole uuid xdebug xhprof xmlrpc xsl yaml zip + - zookeeper +decimal exif ffi gd gettext gmagick +gmp grpc http igbinary imagick imap interbase intl +ldap mailparse mcrypt memcache memcached mongo mongodb +msgpack mssql mysql mysqli oauth odbc opcache opencensus +parallel* pcntl pcov pdo_dblib pdo_firebird pdo_mysql +pdo_odbc pdo_pgsql pdo_sqlsrv pgsql propro protobuf pspell pthreads* raphf rdkafka recode redis shmop snmp snuffleupagus soap sockets solr sqlsrv ssh2 sybase_ct sysvmsg sysvsem sysvshm tdlib* tidy timezonedb uopz uuid wddx +- composer +- npm +- inotify-tools +- https://github.com/mongo-express/mongo-express monog webui + +#### 安装扩展 +- `docker-php-ext-install -h` 查看可以安装的扩展 +- 快速安装扩展命令 `install-php-extensions apcu` +- `docker-php-ext-enable -h` 启用扩展 + +### 统一设置 **.test** 域名到本地 + +1. `brew install dnsmasq` +2. `/usr/local/etc/dnsmasq.conf` 里面配置 ` address=/.test/127.0.0.1` +3. Create a dns resolver: + ```bash + sudo mkdir -v /etc/resolver + sudo bash -c 'echo "nameserver 127.0.0.1" > /etc/resolver/test' + ``` + +## 常见问题 +- 忽略版本问题 +`--ignore-platform-reqs` + +- 加入`docker`用户组 +`sudo gpasswd -a ${USER} docker` + +- 进入容器 +```sh +docker exec -it php /bin/sh +install-php-extensions apcu +``` +- 容器内的php如何连接宿主机MySQL +1.宿主机执行`ifconfig docker0`得到`inet`就是要连接的`ip`地址 +```sh +$ ifconfig docker0 +docker0: flags=4099 mtu 1500 + inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255 + ... +``` +2.运行宿主机Mysql命令行 +```mysql + mysql>GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '123456' WITH GRANT OPTION; + mysql>flush privileges; +// 其中各字符的含义: +// *.* 对任意数据库任意表有效 +// "root" "123456" 是数据库用户名和密码 +// '%' 允许访问数据库的IP地址,%意思是任意IP,也可以指定IP +// flush privileges 刷新权限信息 +``` + +-连接MySQL和Redis服务器 +这要分两种情况, + +第一种情况,在**PHP代码中**。 +```php +// 连接MySQL +$dbh = new PDO('mysql:host=mysql;dbname=mysql', 'root', '123456'); + +// 连接Redis +$redis = new Redis(); +$redis->connect('redis', 6379); +``` +因为容器与容器是`expose`端口联通的,而且在同一个`networks`下,所以连接的`host`参数直接用容器名称,`port`参数就是容器内部的端口。更多请参考[《docker-compose ports和expose的区别》](https://www.awaimai.com/2138.html)。 + +第二种情况,**在主机中**通过**命令行**或者**Navicat**等工具连接。主机要连接mysql和redis的话,要求容器必须经过`ports`把端口映射到主机了。以 mysql 为例,`docker-compose.yml`文件中有这样的`ports`配置:`3306:3306`,就是主机的3306和容器的3306端口形成了映射,所以我们可以这样连接: +```bash +$ mysql -h127.0.0.1 -uroot -p123456 -P3306 +$ redis-cli -h127.0.0.1 +``` +这里`host`参数不能用localhost是因为它默认是通过sock文件与mysql通信,而容器与主机文件系统已经隔离,所以需要通过TCP方式连接,所以需要指定IP。 + +- 查看docker网络 +```sh +ifconfig docker0 +``` +- Docker使用cron定时任务 +[Docker使用cron定时任务](https://www.awaimai.com/2615.html) + +另外一种,在docker主机上面运行也是可以的. +``` +dphp +crontab -e +#每分钟执行 +* * * * * php /www/localhost/index.php +#或者直接创建一个每分钟执行的sh文件即可 +mkdir -p /etc/periodic/1min +crontab -e +* * * * * /etc/periodic/1min +$cat < /etc/periodic/1min/foo +> #!/bin/sh +> echo "Hello, world" +> EOF +chmod a+x /etc/periodic/1min/foo +#这样就可以直接输出 +``` + +- Docker容器时间 +容器时间在.env文件中配置`TZ`变量,所有支持的时区请看[时区列表·维基百科](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones)或者[PHP所支持的时区列表·PHP官网](https://www.php.net/manual/zh/timezones.php)。 + +- 重启 Nginx +```bash +$ docker exec -it nginx nginx -s reload +``` +- PHP-FPM日志 +大部分情况下,PHP-FPM的日志都会输出到Nginx的日志中,所以不需要额外配置。 + +另外,建议直接在PHP中打开错误日志: +```php +error_reporting(E_ALL); +ini_set('error_reporting', 'on'); +ini_set('display_errors', 'on'); +``` + +如果确实需要,可按一下步骤开启(在容器中)。 + +1. 进入容器,创建日志文件并修改权限: + ```bash + $ docker exec -it php /bin/sh + $ mkdir /var/log/php + $ cd /var/log/php + $ touch php-fpm.error.log + $ chmod a+w php-fpm.error.log + ``` +2. 主机上打开并修改PHP-FPM的配置文件`conf/php-fpm.conf`,找到如下一行,删除注释,并改值为: + ``` + php_admin_value[error_log] = /var/log/php/php-fpm.error.log + ``` +3. 重启PHP-FPM容器。 + +- MySQL日志 +因为MySQL容器中的MySQL使用的是`mysql`用户启动,它无法自行在`/var/log`下的增加日志文件。所以,我们把MySQL的日志放在与data一样的目录,即项目的`mysql`目录下,对应容器中的`/var/lib/mysql/`目录。 +```bash +slow-query-log-file = /var/lib/mysql/mysql.slow.log +log-error = /var/lib/mysql/mysql.error.log +``` +以上是mysql.conf中的日志文件的配置。 + +- Nginx日志 +Nginx日志是我们用得最多的日志,所以我们单独放在根目录`log`下。 + +`log`会目录映射Nginx容器的`/var/log/nginx`目录,所以在Nginx配置文件中,需要输出log的位置,我们需要配置到`/var/log/nginx`目录,如: +``` +error_log /var/log/nginx/nginx.localhost.error.log warn; +``` + +这里两个`nginx`,第一个是容器名,第二个是容器中的`nginx`程序。 + +- 本地项目,通过域名访问不解析问题 + + > 目前通过在 **php容器内**,修改 /etc/hosts 解决 + > + > ```bash + > docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' nginx # 首先在宿主机中获取 nginx 容器 ip + > docker exec -it php bash # 进入php容器 + > echo '第一步中返回的ip domain.test' >> /etc/hosts + > ``` + +```SHELL + +sudo docker run --rm -ti -p 80:80 -p 3306:3306 --name debian_php_dev_env \ +     -v {CODE_PATH}:/var/www/{PROJECT_NAME} \ +     -v {NGINX_SERVER_CONFIG_FILE}:/etc/nginx/sites-enabled/default \ +     -v {SUPERVISOR_CONFIG_FILE}:/etc/supervisor/conf.d/{CONFIG_NAME}.conf \ +      kikiyao/debian_php_dev_env start +``` +## Env +- Web Server + - [Apache](https://httpd.apache.org) + - [Canndy](https://caddyserver.com) + - [Nginx](http://nginx.org) + - [LightHttp](https://www.lighttpd.net) + - Openresty + - Tengine +- SQL + - [MYSQL](https://www.mysql.com) + - [MariaDB](https://mariadb.org) + - [SQLite](https://www.sqlite.org) + - [PostGreSQL](https://www.postgresql.org) + - [MongoDB](https://www.mongodb.com) +- Mysql Manage + - [PHPMyAdmin](https://www.phpmyadmin.net) + - [Adminer](https://www.adminer.org) +- NOSQL + - [Redis](https://redis.io) + - [Memcached](https://memcached.org) +- Message Queue (Broker) + - [RabbitMQ](https://www.rabbitmq.com) + - [beanstalkd](https://beanstalkd.github.io) + - [Apache Kafka](http://kafka.apache.org) +- full-text search engine + - [elastic](https://www.elastic.co) +- Editor + - [Vim](https://www.vim.org) + - [NeoVim](https://neovim.io) + - [Atom](https://atom.io) + - [Sublime Text](https://www.sublimetext.com) + - [Visual Studio Code](https://code.visualstudio.com) +- Version Control + - [Git](https://git-scm.com) +- Version Repo + - [Github](https://github.com) + - [BitBucket](https://bitbucket.org) + - [Gitlab](https://about.gitlab.com) + - [Azure](https://dev.azure.com) +- 守护进程 + - superviosr + + + + +提供PHP CLI模式独立运行模式参考:`call-websockt` 与 `php-superviosr`。`call-websockt` 是基于[workman](http://www.workerman.net/) 的PHP Socket服务。`php-supervior` 实现基于Supervisor的队列服务。 + +## 配置 Docker +```bash +$ sudo mkdir -p /etc/docker +$ sudo tee /etc/docker/daemon.json <<-'EOF' +{ + "registry-mirrors": ["https://muehonsf.mirror.aliyuncs.com"] +} +EOF +$ sudo systemctl daemon-reload +$ sudo systemctl restart docker +``` + + +## 安装 compose +推荐[Github官网](https://github.com/docker/compose/releases)安装Docker Compose。 + +```bash +$ curl -L https://github.com/docker/compose/releases/download/1.13.0/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose + +$ chmod +x /usr/local/bin/docker-compose +``` + +2. 配置.env环境参数,一般无需修改默认参数。配置`PHP_FPM_DOMAIN` 支持Nginx容器虚拟主机互通,配置`SUPERVISOR_DOMAIN` 支持Supervisor容器项目互通。[参考这里](https://github.com/laradock/laradock/issues/435)了解容器多个项目内部通信机制。 + +3. [*] 配置定时任务容器环境参数。默认无定时任务,可以参考`php-crond/crontabs/default.example`开启定时任务。 + +```shell + $ cd php-crond/crontabs/ + $ cp default.example default +``` +4. [*] 配置Supervisor后台进程处理任务。默认无后台进程处理,参考`php-supervisor/supervisor/default.conf.example` 配置多进程任务。 + + ```shell + $ cd php-supervisor/supervisor + $ cp default.conf.example default.conf + ``` + +### Docker常用命令 +```shell +# 删除所有容器 +docker rm -f $(docker ps -aq) +# 删除所有镜像 +docker rmi $(docker images -q) +``` + +## 学习文档 +[Docker 配置详解](https://www.jianshu.com/p/2217cfed29d7) + +[Docker 入门教程](http://www.ruanyifeng.com/blog/2018/02/docker-tutorial.html) + +[Docker 微服务教程](http://www.ruanyifeng.com/blog/2018/02/docker-wordpress-tutorial.html) + +*/1 * * * * /cron-shell/backup.sh + + +## Nginx Modules +- https://www.nginx.com/resources/wiki/modules/ +- https://docs.nginx.com/nginx/admin-guide/dynamic-modules/dynamic-modules/ + +### 使用 + +**服务管理** + +```bash +# MySQL +systemctl {start,stop,status,restart} mysqld.service + +# MariaDB +systemctl {start,stop,status,restart} mariadb.service + +# PHP +systemctl {start,stop,status,restart} php-fpm.service + +# Nginx +systemctl {start,stop,status,restart,reload} nginx.service +``` + +**站点管理** + +```bash +# 列表 +service vhost list + +# 启动(重启)、停止 +service vhost {start,stop} [] + +# 新增、编辑 +service vhost {add, edit} [] [] [] [] [] + +# 删除 +service vhost del [] +``` + +参数说明 + +- `start` 启动、重启 +- `stop` 停止 +- `add` 新增 +- `edit` 编辑 +- `del` 删除 +- `` 站点标识,默认:`domain` +- `` 域名列表,使用 `,` 隔开,默认:`domain.com,www.domain.com` +- `` 首页文件,依次生效,默认:`index.html,index.htm,index.php` +- `` 伪静态规则文件,保存在 `/etc/nginx/rewrite/`,默认:`nomal.conf` +- `` 是否支持子目录绑定,`on` 或者 `off`,默认 `off` + +示例 + +```bash +# 启动或重启所有站点 +service vhost start + +# 停止所有站点 +service vhost stop + +# 列出所有站点 +service vhost list + +# 添加一个标识为 `mysite`,域名为 `mysite.com` 的站点 +service vhost add mysite mysite.com + +# 启动或重启标识为 `mysite` 的站点 +service vhost start mysite + +# 停止标识为 `mysite` 的站点 +service vhost stop mysite + +# 编辑标识为 `mysite` 的站点 +service vhost edit mysite + +# 删除标识为 `mysite` 的站点 +service vhost del mysite +``` + +**备份** + +```bash +# 新建一个备份 +service vbackup start + +# 删除一个备份 +service vbackup del [.tar.gz] + +# 列出所有备份 +service vbackup list +``` + +### 协议 + +The MIT License (MIT) + + +* * * * * php /var/www/laravel/artisan schedule:run >> /dev/null 2>&1 +* docker-compose exec --user=laradock workspace bash +* /usr/sbin/init +* /usr/sbin/php-fpm -c /etc/php.ini -y /etc/php-fpm.conf + + +## Alpine Version PHP Version +3.8 5.6.40 +3.9 7.2.33 +3.10 7.3.14 +3.11 7.3.22 +3.12 7.3.25 +edge 7.4.13 +edge 8.0.0 diff --git a/_config.yml b/_config.yml deleted file mode 100644 index c4192631..00000000 --- a/_config.yml +++ /dev/null @@ -1 +0,0 @@ -theme: jekyll-theme-cayman \ No newline at end of file diff --git a/bin/dockone b/bin/dockone index 94282ac0..c60be791 100755 --- a/bin/dockone +++ b/bin/dockone @@ -49,82 +49,3 @@ elif [[ $(cat ${USERHOME}/.dockone/location | grep US) != '' ]]; then # PREFIX="imxieke" PREFIX="registry.cn-hongkong.aliyuncs.com/imxieke" fi - -function usage() -{ - echo " Docker Build Tool -/-----------------------------------\\ -| build image name tag | -| push image name tag | -| pull image name tag | -\\-----------------------------------/" -} - -function build() -{ - if [[ ! -d "$IMG_DIR/$2" ]]; then - echo "Catelog $2 or Dockerfile Not Exist" - exit 1 - fi - - cd "$IMG_DIR/$2" - if [[ $3 != '' ]]; then - if [[ $3 == 'latest' ]]; then - time docker $1 --no-cache -t ${PREFIX}/$2:latest . - else - time docker $1 --no-cache -t ${PREFIX}/$2:$3 --file=Dockerfile.$3 . - fi - else - time docker $1 --no-cache -t ${PREFIX}/$2:latest . - fi -} - -function push() -{ - # echo $1 $2 $3 $4 $5 $6 - - if [[ $3 != '' ]]; then - if [[ $3 == 'latest' ]]; then - time docker push ${PREFIX}/$2:latest - else - time docker push ${PREFIX}/$2:$3 - fi - elif [[ $3 == '' ]]; then - time docker push ${PREFIX}/$2:latest - fi -} - -function pull() -{ - if [[ $image != '' ]]; then - if [[ $tag != '' ]]; then - docker pull ${PREFIX}/$image:$tag - else - docker pull ${PREFIX}/$image:latest - fi - else - usage - fi -} - -case $1 in - build) - build $1 $2 $3 $4 $5 $6 - ;; - - push) - push $1 $2 $3 $4 $5 $6 - ;; - - pull) - pull $1 $2 $3 $4 $5 $6 - ;; - prefix | -prefix | --prefix) - echo ${PREFIX} - ;; - help | -help | --help ) - usage - ;; - * ) - usage -esac \ No newline at end of file diff --git a/bin/git b/bin/git new file mode 100755 index 00000000..0599deab --- /dev/null +++ b/bin/git @@ -0,0 +1,35 @@ +#!/bin/sh + +CURRENTPATH=$(dirname "${0}"); +export $(grep -v '^#' $CURRENTPATH/../.env | xargs) +export USER_ID=$(id -u) +export GROUP_ID=$(id -g) + +if [ "${LANGUAGE_SERVER}" = "php" ]; then + docker run \ + --rm \ + -i \ + --network=host \ + -v "$PWD":"$PWD":ro \ + -v $(realpath ~/.ssh):"/root/.ssh" \ + -v $(realpath ~/.ssh):"/home/vfac/.ssh" \ + -w $PWD \ + -u $USER_ID:$GROUP_ID \ + vfac/envdevjs:${PHP_VERSION} \ + git "$@" +fi +if [ "${LANGUAGE_SERVER}" = "node" ]; then + docker exec \ + --rm \ + -i \ + --network=host \ + -v "$PWD":"$PWD":ro \ + -v $(realpath ~/.ssh):"/root/.ssh" \ + -v $(realpath ~/.ssh):"/home/vfac/.ssh" \ + -w $PWD \ + -u $USER_ID:$GROUP_ID \ + vfac/envdevnodebase:${NODE_VERSION} \ + git "$@" +fi + +exit $? \ No newline at end of file diff --git a/bin/grunt b/bin/grunt new file mode 100755 index 00000000..567bc297 --- /dev/null +++ b/bin/grunt @@ -0,0 +1,35 @@ +#!/bin/sh + +CURRENTPATH=$(dirname "${0}"); +export $(grep -v '^#' $CURRENTPATH/../.env | xargs) +export USER_ID=$(id -u) +export GROUP_ID=$(id -g) + +if [ "${LANGUAGE_SERVER}" = "php" ]; then + docker run \ + --rm \ + -i \ + --network=host \ + -v "$PWD":"$PWD":ro \ + -v $(realpath ~/.ssh):"/root/.ssh" \ + -v $(realpath ~/.ssh):"/home/vfac/.ssh" \ + -w $PWD \ + -u $USER_ID:$GROUP_ID \ + vfac/envdevjs:${PHP_VERSION} \ + grunt "$@" +fi +if [ "${LANGUAGE_SERVER}" = "node" ]; then + docker exec \ + --rm \ + -i \ + --network=host \ + -v "$PWD":"$PWD":ro \ + -v $(realpath ~/.ssh):"/root/.ssh" \ + -v $(realpath ~/.ssh):"/home/vfac/.ssh" \ + -w $PWD \ + -u $USER_ID:$GROUP_ID \ + vfac/envdevnodebase:${NODE_VERSION} \ + grunt "$@" +fi + +exit $? \ No newline at end of file diff --git a/bin/gulp b/bin/gulp new file mode 100755 index 00000000..9783205b --- /dev/null +++ b/bin/gulp @@ -0,0 +1,34 @@ +#!/bin/sh + +CURRENTPATH=$(dirname "${0}"); +export $(grep -v '^#' $CURRENTPATH/../.env | xargs) +export USER_ID=$(id -u) +export GROUP_ID=$(id -g) + +if [ "${LANGUAGE_SERVER}" = "php" ]; then + docker run \ + --rm \ + -i \ + --network=host \ + -v "$PWD":"$PWD":ro \ + -v $(realpath ~/.ssh):"/root/.ssh" \ + -v $(realpath ~/.ssh):"/home/vfac/.ssh" \ + -w $PWD \ + -u $USER_ID:$GROUP_ID \ + vfac/envdevjs:${PHP_VERSION} \ + gulp "$@" +fi +if [ "${LANGUAGE_SERVER}" = "node" ]; then + docker exec \ + --rm \ + -i \ + --network=host \ + -v "$PWD":"$PWD":ro \ + -v $(realpath ~/.ssh):"/root/.ssh" \ + -v $(realpath ~/.ssh):"/home/vfac/.ssh" \ + -w $PWD \ + -u $USER_ID:$GROUP_ID \ + vfac/envdevnodebase:${NODE_VERSION} \ + gulp "$@" +fi +exit $? \ No newline at end of file diff --git a/bin/node b/bin/node new file mode 100755 index 00000000..1e2f2272 --- /dev/null +++ b/bin/node @@ -0,0 +1,35 @@ +#!/bin/sh + +CURRENTPATH=$(dirname "${0}"); +export $(grep -v '^#' $CURRENTPATH/../.env | xargs) +export USER_ID=$(id -u) +export GROUP_ID=$(id -g) + +if [ "${LANGUAGE_SERVER}" = "php" ]; then + docker run \ + --rm \ + -i \ + --network=host \ + -v "$PWD":"$PWD":ro \ + -v $(realpath ~/.ssh):"/root/.ssh" \ + -v $(realpath ~/.ssh):"/home/vfac/.ssh" \ + -w $PWD \ + -u $USER_ID:$GROUP_ID \ + vfac/envdevjs:${PHP_VERSION} \ + node "$@" +fi +if [ "${LANGUAGE_SERVER}" = "node" ]; then + docker exec \ + --rm \ + -i \ + --network=host \ + -v "$PWD":"$PWD":ro \ + -v $(realpath ~/.ssh):"/root/.ssh" \ + -v $(realpath ~/.ssh):"/home/vfac/.ssh" \ + -w $PWD \ + -u $USER_ID:$GROUP_ID \ + vfac/envdevnodebase:${NODE_VERSION} \ + node "$@" +fi + +exit $? \ No newline at end of file diff --git a/bin/npm b/bin/npm new file mode 100755 index 00000000..a3a567e6 --- /dev/null +++ b/bin/npm @@ -0,0 +1,34 @@ +#!/bin/sh + +CURRENTPATH=$(dirname "${0}"); +export $(grep -v '^#' $CURRENTPATH/../.env | xargs) +export USER_ID=$(id -u) +export GROUP_ID=$(id -g) + +if [ "${LANGUAGE_SERVER}" = "php" ]; then + docker run \ + --rm \ + -i \ + --network=host \ + -v "$PWD":"$PWD":ro \ + -v $(realpath ~/.ssh):"/root/.ssh" \ + -v $(realpath ~/.ssh):"/home/vfac/.ssh" \ + -w $PWD \ + -u $USER_ID:$GROUP_ID \ + vfac/envdevjs:${PHP_VERSION} \ + npm "$@" +fi +if [ "${LANGUAGE_SERVER}" = "node" ]; then + docker exec \ + --rm \ + -i \ + --network=host \ + -v "$PWD":"$PWD":ro \ + -v $(realpath ~/.ssh):"/root/.ssh" \ + -v $(realpath ~/.ssh):"/home/vfac/.ssh" \ + -w $PWD \ + -u $USER_ID:$GROUP_ID \ + vfac/envdevnodebase:${NODE_VERSION} \ + npm "$@" +fi +exit $? \ No newline at end of file diff --git a/bin/php b/bin/php new file mode 100755 index 00000000..c7d8d53d --- /dev/null +++ b/bin/php @@ -0,0 +1,14 @@ +#!/bin/sh + +CURRENTPATH=$(dirname "${0}"); +export $(grep -v '^#' $CURRENTPATH/../.env | xargs) + +docker run \ + --rm \ + -i \ + --network=host \ + -v "$PWD":"$PWD":ro \ + vfac/envdevjs:${BASE_VERSION} \ + php "$@" + +exit $? \ No newline at end of file diff --git a/bin/tool b/bin/tool index 4c203a4f..a9f226fb 100755 --- a/bin/tool +++ b/bin/tool @@ -1,6 +1,6 @@ #!/usr/bin/env sh -# Config +# Config PRIFIX="registry.cn-hongkong.aliyuncs.com/imxieke/" action=$1 @@ -91,8 +91,8 @@ function usage() { echo " Docker Running Tool /-----------------------------------\\ -| run image name tag -| has name tag : check image exist +| run image name tag +| has name tag : check image exist \\-----------------------------------/" } @@ -106,4 +106,4 @@ case $1 in * ) usage ;; -esac \ No newline at end of file +esac diff --git a/bin/tsc b/bin/tsc new file mode 100755 index 00000000..50dc8d46 --- /dev/null +++ b/bin/tsc @@ -0,0 +1,35 @@ +#!/bin/sh + +CURRENTPATH=$(dirname "${0}"); +export $(grep -v '^#' $CURRENTPATH/../.env | xargs) +export USER_ID=$(id -u) +export GROUP_ID=$(id -g) + +if [ "${LANGUAGE_SERVER}" = "php" ]; then + docker run \ + --rm \ + -i \ + --network=host \ + -v "$PWD":"$PWD":ro \ + -v $(realpath ~/.ssh):"/root/.ssh" \ + -v $(realpath ~/.ssh):"/home/vfac/.ssh" \ + -w $PWD \ + -u $USER_ID:$GROUP_ID \ + vfac/envdevjs:${PHP_VERSION} \ + tsc "$@" +fi +if [ "${LANGUAGE_SERVER}" = "node" ]; then + docker exec \ + --rm \ + -i \ + --network=host \ + -v "$PWD":"$PWD":ro \ + -v $(realpath ~/.ssh):"/root/.ssh" \ + -v $(realpath ~/.ssh):"/home/vfac/.ssh" \ + -w $PWD \ + -u $USER_ID:$GROUP_ID \ + vfac/envdevnodebase:${NODE_VERSION} \ + tsc "$@" +fi + +exit $? \ No newline at end of file diff --git a/bin/yarn b/bin/yarn new file mode 100755 index 00000000..5378252a --- /dev/null +++ b/bin/yarn @@ -0,0 +1,34 @@ +#!/bin/sh + +CURRENTPATH=$(dirname "${0}"); +export $(grep -v '^#' $CURRENTPATH/../.env | xargs) +export USER_ID=$(id -u) +export GROUP_ID=$(id -g) + +if [ "${LANGUAGE_SERVER}" = "php" ]; then + docker run \ + --rm \ + -i \ + --network=host \ + -v "$PWD":"$PWD":ro \ + -v $(realpath ~/.ssh):"/root/.ssh" \ + -v $(realpath ~/.ssh):"/home/vfac/.ssh" \ + -w $PWD \ + -u $USER_ID:$GROUP_ID \ + vfac/envdevjs:${PHP_VERSION} \ + yarn "$@" +fi +if [ "${LANGUAGE_SERVER}" = "node" ]; then + docker exec \ + --rm \ + -i \ + --network=host \ + -v "$PWD":"$PWD":ro \ + -v $(realpath ~/.ssh):"/root/.ssh" \ + -v $(realpath ~/.ssh):"/home/vfac/.ssh" \ + -w $PWD \ + -u $USER_ID:$GROUP_ID \ + vfac/envdevnodebase:${NODE_VERSION} \ + yarn "$@" +fi +exit $? \ No newline at end of file diff --git a/compose/1.yml b/compose/1.yml new file mode 100644 index 00000000..6292a38e --- /dev/null +++ b/compose/1.yml @@ -0,0 +1,50 @@ +version: "3" +services: + web: + image: nginx:latest + container_name: nginx + restart: always + ports: + - "80:80" + volumes: + - ./project:/var/www/html/project + - ./nginx/default.conf:/etc/nginx/conf.d/default.conf + - ./log/nginx:/var/log/nginx + networks: + - web-server + php: + build: ./php/ + container_name: php-72 + restart: always + ports: + - "9000:9000" + volumes: + - ./project:/var/www/html/project + - ./php:/usr/local/etc/php + networks: + - web-server + mysql: + image: mysql:5.7 + container_name: mysql-57 + restart: always + ports: + - "3306:3306" + volumes: + - ./mysql:/var/lib/mysql + environment: + - TZ=Asia/Shanghai + - MYSQL_ROOT_PASSWORD=123456 + command: --character-set-server=utf8mb4 --collation-server=utf8mb4_general_ci + networks: + - web-server + redis: + image: redis:latest + container_name: redis + restart: always + ports: + - "6379:6379" + volumes: + - ./redis/redis.conf:/usr/local/etc/redis/redis.conf + command: redis-server /usr/local/etc/redis/redis.conf +networks: + web-server: diff --git a/docker-compose.yml b/compose/10.yml similarity index 100% rename from docker-compose.yml rename to compose/10.yml diff --git a/images/cmdide/docker-compose.yml b/compose/11.yml similarity index 100% rename from images/cmdide/docker-compose.yml rename to compose/11.yml diff --git a/compose/2.yml b/compose/2.yml new file mode 100644 index 00000000..cb42706b --- /dev/null +++ b/compose/2.yml @@ -0,0 +1,99 @@ +version: '2' +services: + workspace: + build: + context: ./workspace + volumes_from: + - volumes_source + - volumes_data + tty: true + + memcached: + build: + context: ./memcached + container_name: memcached + volumes_from: + - volumes_data + +# redis: +# build: +# context: ./redis +# volumes_from: +# - volumes_data +# ports: +# - 6379:6379 +# + mysql: + build: + context: ./mysql + ports: + - "3306:3306" + volumes_from: + - volumes_data + environment: + MYSQL_DATABASE: topone4tvs + MYSQL_USER: topone4tvs + MYSQL_PASSWORD: chenbowen + MYSQL_ROOT_PASSWORD: chenbowen + + php: + build: + context: ./php + links: + - workspace + - memcached + #- redis + #- mysql + volumes_from: + - volumes_source + + php7: + image: dev-php7-v1 + build: + context: ./php7 + args: + - LOCAL_IP_ADD=10.10.111.152 + links: + - workspace + - memcached + #- redis + #- mysql + volumes_from: + - volumes_source + - volumes_data + + nginx: + build: + context: ./nginx + args: + - PHP_UPSTREAM=php7 + links: + - php7 + volumes_from: + - volumes_source + - volumes_data + ports: + - "80:80" + - "443:443" + - "8080:8080" + - "8888:8888" + - "9090:9090" +### Application Code Container ###################### + + volumes_source: + image: tianon/true + volumes: + - /private/var/www:/private/var/www + +### Databases Data Container ################################ + + volumes_data: + image: tianon/true + volumes: + - ./data/nginx:/data/nginx + - ./data/logs:/data/logs + - ./data/mysql:/data/mysql + - ./data/mongodb:/data/mongodb + - ./data/memcached:/data/memcached + - ./data/redis:/data/redis + - ./data/sessions:/data/sessions diff --git a/compose/3.yml b/compose/3.yml new file mode 100644 index 00000000..cdbc0700 --- /dev/null +++ b/compose/3.yml @@ -0,0 +1,97 @@ +version: "3.0" + +services: + + nginx: + container_name: lnmp-nginx + build: + context: ./nginx + ports: + - 80:80 + - 443:443 + volumes: + - ./nginx/nginx.conf:/etc/nginx/nginx.conf + - ./nginx/sites:/etc/nginx/conf.d + - ./nginx/ssl:/etc/nginx/ssl + - ${WEB_ROOT_PATH}:/var/www + depends_on: + - php-fpm + - mysql + + php-fpm: + container_name: lnmp-php-pfm + build: + context: ./php-fpm + args: + - PHP_VERSION=${PHP_VERSION} + - INSTALL_PCNTL=${PHP_INSTALL_PCNTL} + - INSTALL_OPCACHE=${PHP_INSTALL_OPCACHE} + - INSTALL_ZIP=${PHP_INSTALL_ZIP} + - INSTALL_REDIS=${PHP_INSTALL_REDIS} + - INSTALL_REDIS_VERSION=${PHP_INSTALL_REDIS_VERSION} + - INSTALL_MONGODB=${PHP_INSTALL_MONGODB} + - INSTALL_MONGODB_VERSION=${PHP_INSTALL_MONGODB_VERSION} + - INSTALL_MEMCACHED=${PHP_INSTALL_MEMCACHED} + - INSTALL_MEMCACHED_VERSION=${PHP_INSTALL_MEMCACHED_VERSION} + - INSTALL_SWOOLE=${PHP_INSTALL_SWOOLE} + - INSTALL_SWOOLE_VERSION=${PHP_INSTALL_SWOOLE_VERSION} + - INSTALL_XUNSEARCH=${PHP_INSTALL_XUNSEARCH} + - INSTALL_COMPOSER=${PHP_INSTALL_COMPOSER} + ports: + - 9000:9000 + volumes: + - ./php-fpm/conf-${PHP_VERSION}/php.ini:/usr/local/etc/php/php.ini + - ./php-fpm/conf-${PHP_VERSION}/php-fpm.conf:/usr/local/etc/php-fpm.conf + - ./php-fpm/conf-${PHP_VERSION}/php-fpm.d:/usr/local/etc/php-fpm.d + - ${WEB_ROOT_PATH}:/var/www + + mysql: + container_name: lnmp-mysql + build: + context: ./mysql + args: + - MYSQL_VERSION=${MYSQL_VERSION} + ports: + - ${MYSQL_PORT}:3306 + volumes: + - ./mysql/data:/var/lib/mysql + command: --default-authentication-plugin=mysql_native_password + restart: always + environment: + - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} + + mongo: + container_name: lnmp-mongo + build: + context: ./mongo + args: + - MONGO_VERSION=${MONGO_VERSION} + ports: + - ${MONGO_PORT}:27017 + volumes: + - ./mongo/data:/data/db + restart: always + environment: + MONGO_INITDB_ROOT_USERNAME: ${MONGO_ROOT_USERNAME} + MONGO_INITDB_ROOT_PASSWORD: ${MONGO_ROOT_PASSWORD} + + redis: + container_name: lnmp-redis + build: + context: ./redis + args: + - REDIS_VERSION=${REDIS_VERSION} + ports: + - ${REDIS_PORT}:6379 + volumes: + - ./redis/data:/data + restart: always + + memcached: + container_name: lnmp-memcached + build: + context: ./memcached + args: + - MEMCACHED_VERSION=${MEMCACHED_VERSION} + ports: + - ${MEMCACHED_PORT}:11211 \ No newline at end of file diff --git a/compose/4.yml b/compose/4.yml new file mode 100644 index 00000000..0f92ec9d --- /dev/null +++ b/compose/4.yml @@ -0,0 +1,56 @@ +version: '3' + +services: + + mysql: + # 此处以container模式设置网络,此模式下msyql与php服务使用同一个网卡,以实现localhost/127.0.0.1内循环 + # 此模式下不可与ports端口转发参数共同使用 + network_mode: "service:php" + env_file: + - .env + image: mysql:${MYSQL_VERSION} + container_name: lnmpr-mysql + # ports: + # - ${MYSQL_PORT_LOCAL}:${MYSQL_PORT_DOCKER} + environment: + - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} + + redis: + network_mode: "service:php" + env_file: + - .env + image: redis:${REDIS_VERSION} + container_name: lnmpr-redis + # ports: + # - ${REDIS_PORT_LOCAL}:${REDIS_PORT_DOCKER} + + php: + env_file: + - .env + # image: php:${PHP_VERSION} + build: + context: ./php + dockerfile: Dockerfile + args: + php_version: ${PHP_VERSION} + container_name: lnmpr-php + volumes: + - ${PHP_WORK_DIR_LOCAL}:${PHP_WORK_DIR_DOCKER} + ports: + - ${PHP_PORT_LOCAL}:${PHP_PORT_DOCKER} + # depends_on: + # - mysql + # - redis + + nginx: + env_file: + - .env + image: nginx:${NGINX_VERSION} + container_name: lnmpr-nginx + volumes: + - ${NGINX_WORK_DIR_LOCAL}:${NGINX_WORK_DIR_DOCKER} + - ${NGINX_CONF_LOCAL}:${NGINX_CONF_DOCKER} + ports: + - ${NGINX_PORT_LOCAL}:${NGINX_PORT_DOCKER} + depends_on: + - php \ No newline at end of file diff --git a/compose/5.yml b/compose/5.yml new file mode 100644 index 00000000..a3685079 --- /dev/null +++ b/compose/5.yml @@ -0,0 +1,49 @@ +version: "2" +services: + # Nginx 1.11.10: https://hub.docker.com/_/nginx/ + web: + image: nginx:1.11.10 + ports: + - 8080:80 + depends_on: + - php + # 同 php 一起共享 ./apps 目录 + volumes_from: + - php + # 创建一个数据卷,由 ./images/nginx/config => /etc/nginx/conf.d + volumes: + - ./images/nginx/config:/etc/nginx/conf.d:ro + + # PHP 7.1-fpm: https://hub.docker.com/_/php/ + php: + # image: php:7.1-fpm + build: + context: ./images/php + dockerfile: Dockerfile + volumes: + - ./apps:/mnt/apps + + # MySQL 5.7: https://hub.docker.com/_/mysql/ + database: + image: mysql:5.7 + # 设置 3306 端口映射以便远程连接 + ports: + - 3306:3306 + # 配置一些环境变量,具体的环境变量细节可以访问上面的网址查看 + environment: + MYSQL_ROOT_PASSWORD: "root" + MYSQL_USER: "dailybird" + MYSQL_PASSWORD: "dailybirdo" + volumes: + - ./database:/var/lib/mysql + + # 用于 Git,Composer 等工具 + console: + build: + context: ./images/console + dockerfile: Dockerfile + volumes_from: + - php + tty: true + + diff --git a/compose/6.yml b/compose/6.yml new file mode 100644 index 00000000..68f4be17 --- /dev/null +++ b/compose/6.yml @@ -0,0 +1,90 @@ +version: '3' + +services: + cgi: + container_name: cgi + build: ./docker/files/cgi + tty: true + restart: always + expose: + - "9000" + volumes: + - ./www:/data/www + - ./docker/log/cgi:/var/log/php-fpm + depends_on: + - mysql + - redis + links: + - mysql:mysql + - redis:redis + proxy: + container_name: proxy + build: ./docker/files/proxy + tty: true + restart: always + ports: + - "80:80" + - "443:443" + volumes: + - ./www:/data/www + - ./docker/config/proxy/conf.d:/etc/nginx/conf.d + - ./docker/log/proxy:/var/log/nginx + depends_on: + - cgi + links: + - cgi + mysql: + container_name: mysql + image: daocloud.io/library/mysql:5.6 + restart: always + expose: + - "3306" + ports: + - "3306:3306" + volumes: + - ./docker/data/mysql:/var/lib/mysql + environment: + - MYSQL_ROOT_PASSWORD=root + - MYSQL_DATABASE=yii2 + redis: + container_name: redis + image: daocloud.io/library/redis + restart: always + expose: + - "6379" + ports: + - "6379:6379" + volumes: + - ./docker/data/redis:/data + command: redis-server --appendonly yes + phpmyadmin: + container_name: phpmyadmin + image: daocloud.io/daocloud/phpmyadmin + expose: + - '80' + ports: + - "8080:80" + environment: + - PMA_ARBITRARY=0 + - PMA_HOST=mysql + # 如果取消下面两行注释, phpmyadmin就不用输入用户名和密码, 可以直接登录 + # - PMA_USER=root + # - PMA_PASSWORD=root + depends_on: + - mysql + links: + - mysql:mysql + phpredisadmin: + container_name: phpredisadmin + image: erikdubbelboer/phpredisadmin + expose: + - '80' + ports: + - "8081:80" + environment: + - REDIS_1_HOST=redis + - REDIS_1_NAME=redis + depends_on: + - redis + links: + - redis:redis diff --git a/compose/7.yml b/compose/7.yml new file mode 100644 index 00000000..34dc2af7 --- /dev/null +++ b/compose/7.yml @@ -0,0 +1,114 @@ +version: '3.1' + +services: +### Nginx Server Container ############################# + nginx: + build: ./build/nginx + privileged: true + ports: + - "${NGINX_HOST_HTTP_PORT}:80" + - "${NGINX_HOST_HTTPS_PORT}:443" + links: + - "php72" + - "php56" + volumes: + # Nginx默认配置文件 + - ./build/nginx/nginx.conf:/etc/nginx/nginx.conf + # 配置虚拟主机 + - ./vhost/:/etc/nginx/conf.d/ + # Nginx访问路径 + - ./www/:/var/www/ + # Nginx访问路径 + - ./logs/nginx/:/var/log/nginx/ + +### PHP Container ############################# + php72: + build: ./build/php72 + privileged: true + ports: + - "9007:9000" + links: + - "mysql" + - "redis" + volumes: + # 映射访问地址 + - ./www/:/var/www/ + php56: + build: ./build/php56 + privileged: true + ports: + - "9056:9000" + links: + - "mysql" + volumes: + - ./www/:/var/www/ +### MYSQL Container ############################# + mysql: + build: + context: ./build/mysql + dockerfile: Dockerfile + args: + - MYSQL_VERSION=${MYSQL_VERSION} + restart: always + command: + - --character-set-server=utf8mb4 + - --collation-server=utf8mb4_unicode_ci + privileged: true + ports: + - "${MYSQL_HOST_PORT}:3306" + volumes: + - ./data/mysql:/var/lib/mysql + - ./data/backup_mysql/:/data/backup/db + - ./logs/mysql/:/var/log/mysql + environment: + - MYSQL_DATABASE=${MYSQL_DATABASE} + - MYSQL_USER=${MYSQL_USER} + - MYSQL_PASSWORD=${MYSQL_PASSWORD} + - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} + - TZ=${WORKSPACE_TIMEZONE} + +### PostgreSQL Container #################################### + +# postgres: +# build: ./build/postgresql +# ports: +# - "5432:5432" +# volumes: +# - ./data/postgresql:/var/lib/postgresql/data +# environment: +# - POSTGRES_DB=default +# - POSTGRES_USER=default +# - POSTGRES_PASSWORD=kfkdock + +### Redis Container ############################# + + redis: + build: ./build/redis + privileged: true + ports: + - "6379:6379" + volumes: + - ./data/redis:/data + - ./logs/redis:/var/log/redis + +### Mongo Container ############################# + +# mongo: +# build: ./build/mongo +# privileged: true +# ports: +# - "27017:27017" +# volumes: +# - ./data/mongo:/data/db + +### Node Container ############################# + +# node: +# build: ./build/node +# privileged: true +# ports: +# - "8080:8080" +# volumes: +# - ./www/:/var/www/ +#networks: +# lnmp: \ No newline at end of file diff --git a/compose/8.yml b/compose/8.yml new file mode 100644 index 00000000..6ef4df82 --- /dev/null +++ b/compose/8.yml @@ -0,0 +1,38 @@ +version: '2' + +services: + example-db: + container_name: example-db + image: mariadb:latest + volumes: + - ./db:/var/lib/mysql + environment: + - MYSQL_ROOT_PASSWORD=examplerootpassword + - MYSQL_DATABASE=example + - MYSQL_USER=example + - MYSQL_PASSWORD=examplepassword + restart: always + + example-db-backup: + container_name: example-db-backup + image: tiredofit/db-backup + links: + - example-db + volumes: + - ./backups:/backup + - ./post-script.sh:/assets/custom-scripts/post-script.sh + environment: + - DB_TYPE=mariadb + - DB_HOST=example-db + - DB_NAME=example + - DB_USER=example + - DB_PASS="examplepassword" + - DB_DUMP_FREQ=1440 + - DB_DUMP_BEGIN=0000 + - DB_CLEANUP_TIME=8640 + - MD5=TRUE + - COMPRESSION=XZ + - SPLIT_DB=FALSE + restart: always + + diff --git a/compose/9.yml b/compose/9.yml new file mode 100644 index 00000000..962a7104 --- /dev/null +++ b/compose/9.yml @@ -0,0 +1,29 @@ +version: "3.5" + +services: +networks: + net-default: + driver: bridge + ipam: + driver: default + config: + - subnet: 10.0.0.0/24 + +nginx: + #其他配置... + networks: + net-default: + ipv4_address: 10.0.0.10 + + php54: + #其他配置... + extra_hosts: + - "project.com:10.0.0.10" + networks: + - net-default + + php: + build: + context: . + ports: + - 127.0.0.1:9001:9000 diff --git a/compose/apm-server-compose.yml b/compose/apm-server-compose.yml new file mode 100644 index 00000000..3a29b2fa --- /dev/null +++ b/compose/apm-server-compose.yml @@ -0,0 +1,9 @@ +version: '2' + +services: + apm: + image: docker.elastic.co/apm/apm-server:6.4.3 + ports: + - 8200:8200 + volumes: + - ../docker-compose_data/apm-server/config/apm-server.yml:/usr/share/apm-server/apm-server.yml \ No newline at end of file diff --git a/compose/aria2.yml b/compose/aria2.yml new file mode 100644 index 00000000..e92be6d9 --- /dev/null +++ b/compose/aria2.yml @@ -0,0 +1,17 @@ +version: '3' +services: + aria2: + image: registry.baidubce.com/mirrors/aria2:latest + container_name: aria2 + ports: + - "6800:6800" + - "6801:6801" + - "6802-6999:6802-6999" + volumes: + - $HOME/Downloads:/data/downloads + - /Users/imxieke/Code/Project/dockenv/images/aria2/conf:/etc/aria2c + environment: + ARIA2_PORT: 6800 + RPC_SECRET: haspwd + WEBUI_PORT: 6801 + DHT_PORT: "6802-6999" diff --git a/compose/container_scanning_all_arch.yml b/compose/container_scanning_all_arch.yml new file mode 100644 index 00000000..df9e67ee --- /dev/null +++ b/compose/container_scanning_all_arch.yml @@ -0,0 +1,74 @@ +container_scanning amd64: + stage: test + image: yobasystems/alpine-docker + allow_failure: true + tags: + - security + services: + - yobasystems/alpine-docker:dind + variables: + DOCKER_DRIVER: overlay2 + CLAIR_HOST: $CLAIR_URL + script: + - apk add -U wget ca-certificates + - docker pull $DOCKER_REGISTRY_DOCKERHUB_REPO:amd64 + - wget https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64 + - mv clair-scanner_linux_amd64 clair-scanner + - chmod +x clair-scanner + - touch clair-whitelist.yml + - retries=0 + - echo "Waiting for clair daemon to start" + - ./clair-scanner -c ${CLAIR_HOST} --ip $(hostname -i) -r gl-container-scanning-report-amd64.json -l clair.log -w clair-whitelist.yml $DOCKER_REGISTRY_DOCKERHUB_REPO:amd64 || true + artifacts: + reports: + container_scanning: gl-sast-container-report-amd64.json + +container_scanning arm32v7: + stage: test + image: yobasystems/alpine-docker + allow_failure: true + tags: + - security + services: + - yobasystems/alpine-docker:dind + variables: + DOCKER_DRIVER: overlay2 + CLAIR_HOST: $CLAIR_URL + script: + - apk add -U wget ca-certificates + - docker pull $DOCKER_REGISTRY_DOCKERHUB_REPO:arm32v7 + - wget https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64 + - mv clair-scanner_linux_amd64 clair-scanner + - chmod +x clair-scanner + - touch clair-whitelist.yml + - retries=0 + - echo "Waiting for clair daemon to start" + - ./clair-scanner -c ${CLAIR_HOST} --ip $(hostname -i) -r gl-container-scanning-report-arm32v7.json -l clair.log -w clair-whitelist.yml $DOCKER_REGISTRY_DOCKERHUB_REPO:arm32v7 || true + artifacts: + reports: + container_scanning: gl-sast-container-report-arm32v7.json + +container_scanning arm64v8: + stage: test + image: yobasystems/alpine-docker + allow_failure: true + tags: + - security + services: + - yobasystems/alpine-docker:dind + variables: + DOCKER_DRIVER: overlay2 + CLAIR_HOST: $CLAIR_URL + script: + - apk add -U wget ca-certificates + - docker pull $DOCKER_REGISTRY_DOCKERHUB_REPO:arm64v8 + - wget https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64 + - mv clair-scanner_linux_amd64 clair-scanner + - chmod +x clair-scanner + - touch clair-whitelist.yml + - retries=0 + - echo "Waiting for clair daemon to start" + - ./clair-scanner -c ${CLAIR_HOST} --ip $(hostname -i) -r gl-container-scanning-report-arm64v8.json -l clair.log -w clair-whitelist.yml $DOCKER_REGISTRY_DOCKERHUB_REPO:arm64v8 || true + artifacts: + reports: + container_scanning: gl-sast-container-report-arm64v8.json diff --git a/compose/docker-compose-10.yml b/compose/docker-compose-10.yml new file mode 100644 index 00000000..a04055a7 --- /dev/null +++ b/compose/docker-compose-10.yml @@ -0,0 +1,76 @@ +version: '3' + +services: + + nginx: + build: + context: ./nginx + ports: + - "${HTTP_PORT}:80" + - "${HTTPS_PORT}:443" + volumes: + - ${CODE_BASE_DIR}:/var/www + + php: + build: + context: ./php-fpm + args: + - PHP_VERSION=${PHP_VERSION} + volumes: + - ${CODE_BASE_DIR}:/var/www + + mysql: + container_name: mysql + build: + context: ./mysql + args: + - MYSQL_VERSION=${MYSQL_VERSION} + environment: + - MYSQL_DATABASE=${MYSQL_DATABASE} + - MYSQL_USER=${MYSQL_USER} + - MYSQL_PASSWORD=${MYSQL_PASSWORD} + - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} + - TZ=${WORKSPACE_TIMEZONE} + volumes: + - ${DATA_PATH_HOST}/mysql:/var/lib/mysql + - ${MYSQL_ENTRYPOINT_INITDB}:/docker-entrypoint-initdb.d + ports: + - "${MYSQL_PORT}:3306" + + redis: + container_name: redis + image: redis + ports: + - "${REDIS_PORT}:6379" + volumes: + - ${DATA_PATH_HOST}/redis:/data + + workspace: + container_name: workspace + build: + context: ./workspace + args: + - PHP_VERSION=${PHP_VERSION} + - NODE_VERSION=${NODE_VERSION} + - USER_LOGIN=${USER_LOGIN} + - USER_PASSWORD=${USER_PASSWORD} + - SET_USER_PASSWORD=${SET_USER_PASSWORD} + ports: + - "${SSH_PORT}:22" + volumes: + - ${CODE_BASE_DIR}:/var/www + tty: true + + phpmyadmin: + image: phpmyadmin/phpmyadmin:latest + container_name: phpmyadmin + environment: + - PMA_HOST=mysql + - PMA_PORT=${MYSQL_PORT} + depends_on: + - mysql + restart: always + ports: + - "${PHPMYADMIN_PORT}:80" + volumes: + - /sessions \ No newline at end of file diff --git a/compose/docker-compose-8.yml b/compose/docker-compose-8.yml new file mode 100644 index 00000000..7aedd4e5 --- /dev/null +++ b/compose/docker-compose-8.yml @@ -0,0 +1,97 @@ +version: '3' + +services: + + nginx: + image: nginx:alpine + ports: + - "80:80" + - "8080:8080" + - "443:443" + volumes: + - ${WORKSPACES}:/var/www/html/:rw,cached + - ./conf/nginx/conf.d:/etc/nginx/conf.d/:ro,cached + - ./conf/nginx/nginx.conf:/etc/nginx/nginx.conf:ro,cached + - ./log/nginx/:/var/log/nginx/:rw,cached + links: + - php72:fpm72 + - php56:fpm56 + environment: + - TZ=Asia/Shanghai + networks: + docker_net: + ipv4_address: ${NGINX_IP} + + php72: + build: ./php/php72/ + expose: + - "9000" + volumes: + - ${WORKSPACES}:/var/www/html/:rw,cached + - ./conf/php/php72.ini:/usr/local/etc/php/php.ini:ro,cached + - ./conf/php/php-fpm.d/www72.conf:/usr/local/etc/php-fpm.d/www.conf:rw,cached + - ./log/php-fpm/:/var/log/php-fpm/:rw,cached + links: + - mysql:mysql + - redis:redis + networks: + docker_net: + ipv4_address: ${PHP72_IP} + + php56: + build: ./php/php56/ + expose: + - "9000" + volumes: + - ${WORKSPACES}:/var/www/html/:rw,cached + - ./conf/php/php56.ini:/usr/local/etc/php/php.ini:ro,cached + - ./conf/php/php-fpm.d/www56.conf:/usr/local/etc/php-fpm.d/www.conf:rw,cached + - ./log/php-fpm/:/var/log/php-fpm/:rw,cached + links: + - mysql:mysql + - redis:redis + networks: + docker_net: + ipv4_address: ${PHP56_IP} + + mysql: + image: mysql:5.6 + ports: + - "3306:3306" + volumes: + - ./conf/mysql/my.cnf:/etc/mysql/my.cnf:ro,cached + - ./mysql/:/var/lib/mysql/:rw,cached + - ./log/mysql/:/var/log/mysql/:rw,cached + environment: + MYSQL_ROOT_PASSWORD: "123456" + networks: + docker_net: + ipv4_address: ${MYSQL_IP} + + redis: + image: redis:latest + ports: + - "6379:6379" + networks: + docker_net: + ipv4_address: ${REDIS_IP} + + portainer: + image: portainer/portainer:latest + ports: + - "9000:9000" + volumes: + - /var/run/docker.sock:/var/run/docker.sock:cached + - ./portainer/:/data:cached + networks: + docker_net: + ipv4_address: ${PORTAINER_IP} + +networks: + docker_net: + driver: bridge + ipam: + driver: default + config: + - + subnet: "${DOCKER_SUBNET}" \ No newline at end of file diff --git a/compose/docker-compose-9.yml b/compose/docker-compose-9.yml new file mode 100644 index 00000000..5a0ba69a --- /dev/null +++ b/compose/docker-compose-9.yml @@ -0,0 +1,141 @@ +version: '2.1' +services: + ### Nginx Web Container ####################################### + nginx: + build: ./nginx + container_name: lnmp-nginx + ports: + - "80:80" + - "443:443" + #source code container + volumes_from: + - www + volumes: + - "./nginx/logs:/var/log/nginx" + - "./nginx/socket:/var/run" + links: + - php-fpm:php-fpm + networks: + web_server_network: + ipv4_address: ${NGINX_WEB_SERVER_IP} + + ### PHP-FPM Container ####################################### + php-fpm: + image: bravist/php-fpm-alpine-aliyun-app:1.17 + container_name: lnmp-php-fpm + #source code container + volumes_from: + - www + volumes: + - "./nginx/logs/php-fpm:/usr/local/var/log/php7" + - "./nginx/socket:/var/run" + links: + - mariadb + - redis + #https://github.com/laradock/laradock/issues/435 + extra_hosts: + - "${PHP_FPM_DOMAIN}:${NGINX_WEB_SERVER_IP}" + - "${PHP_FPM_DOMAIN2}:${NGINX_WEB_SERVER_IP}" + - "${PHP_FPM_DOMAIN3}:${NGINX_WEB_SERVER_IP}" + - "${PHP_FPM_DOMAIN4}:${NGINX_WEB_SERVER_IP}" + - "${PHP_FPM_DOMAIN5}:${NGINX_WEB_SERVER_IP}" + - "${PHP_FPM_DOMAIN6}:${NGINX_WEB_SERVER_IP}" + env_file: + - .env + networks: + - web_server_network + + ### PHP-SUPERVISOR Container ####################################### + php-supervisor: + build: ./php-supervisor + container_name: lnmp-php-supervisor + volumes: + - ./php-supervisor/supervisor/log:/var/log/supervisor + - ./php-supervisor/supervisor:/etc/supervisor/conf.d + volumes_from: + - www + links: + - mariadb + - redis + extra_hosts: + - "${SUPERVISOR_DOMAIN}:${NGINX_WEB_SERVER_IP}" + - "${SUPERVISOR_DOMAIN2}:${NGINX_WEB_SERVER_IP}" + - "${SUPERVISOR_DOMAIN3}:${NGINX_WEB_SERVER_IP}" + - "${SUPERVISOR_DOMAIN4}:${NGINX_WEB_SERVER_IP}" + - "${SUPERVISOR_DOMAIN5}:${NGINX_WEB_SERVER_IP}" + - "${SUPERVISOR_DOMAIN6}:${NGINX_WEB_SERVER_IP}" + env_file: + - .env + networks: + - web_server_network + + ### CALL-WEBSOCKET Container ####################################### + call-websocket: + build: ./call-websocket + container_name: lnmp-call-websocket + volumes_from: + - www + ports: + - "8190:8190" + - "8191:8191" + networks: + - web_server_network + + ### PHP-CROND Container ####################################### + php-crond: + build: ./php-crond + container_name: lnmp-php-crond + volumes_from: + - "www" + volumes: + - "./php-crond/crontabs:/var/log/cron" + networks: + - web_server_network + + ### MariaDB Container ####################################### + # MariaDB - One of the most popular database servers. Made by the original developers of MySQL. Guaranteed to stay open source. + mariadb: + image: mariadb:10.2 + container_name: lnmp-mariadb + ports: + - "3306:3306" + volumes: + # NOTE: your data will be stored in ./mysql + - ./mariadb/data/mysql:/var/lib/mysql + environment: + - MYSQL_DATABASE=mysql + - MYSQL_USER=developer + - MYSQL_PASSWORD=developer + - MYSQL_ROOT_PASSWORD=developer + networks: + - web_server_network + + ### REDIS Container ####################################### + redis: + build: ./redis + container_name: lnmp-redis + ports: + - "6379:6379" + volumes: + - "./redis/data:/data" + environment: + - REDIS_PASSWORD=developer + networks: + - web_server_network + + ### Web-Root Container ####################################### + www: + image: tianon/true + container_name: lnmp-www + volumes: + - ./www:/usr/share/nginx/html + +### Networks Setup ############################################ +networks: + web_server_network: + driver: bridge + ipam: + driver: default + config: + - subnet: "${WEB_SERVER_SUBNET}" + gateway: "${WEB_SERVER_GATEWAY}" diff --git a/compose/docker-compose-sync.yml b/compose/docker-compose-sync.yml new file mode 100644 index 00000000..dfa72351 --- /dev/null +++ b/compose/docker-compose-sync.yml @@ -0,0 +1,102 @@ +version: '3' + +services: + + nginx: + image: nginx:alpine + ports: + - "80:80" + - "8080:8080" + - "443:443" + volumes: + - www-docker-sync:/var/www/html/:rw + - ./conf/nginx/conf.d:/etc/nginx/conf.d/:ro + - ./conf/nginx/nginx.conf:/etc/nginx/nginx.conf:ro + - ./log/nginx/:/var/log/nginx/:rw + links: + - php72:fpm72 + - php56:fpm56 + environment: + - TZ=Asia/Shanghai + networks: + docker_net: + ipv4_address: ${NGINX_IP} + + php72: + build: ./php/php72/ + expose: + - "9000" + volumes: + - www-docker-sync:/var/www/html/:rw + - ./conf/php/php72.ini:/usr/local/etc/php/php.ini:ro + - ./conf/php/php-fpm.d/www72.conf:/usr/local/etc/php-fpm.d/www.conf:rw + - ./log/php-fpm/:/var/log/php-fpm/:rw + links: + - mysql:mysql + - redis:redis + networks: + docker_net: + ipv4_address: ${PHP72_IP} + + php56: + build: ./php/php56/ + expose: + - "9000" + volumes: + - www-docker-sync:/var/www/html/:rw + - ./conf/php/php56.ini:/usr/local/etc/php/php.ini:ro + - ./conf/php/php-fpm.d/www56.conf:/usr/local/etc/php-fpm.d/www.conf:rw + - ./log/php-fpm/:/var/log/php-fpm/:rw + links: + - mysql:mysql + - redis:redis + networks: + docker_net: + ipv4_address: ${PHP56_IP} + + mysql: + image: mysql:5.6 + ports: + - "3306:3306" + volumes: + - ./conf/mysql/my.cnf:/etc/mysql/my.cnf:ro + - ./mysql/:/var/lib/mysql/:rw + - ./log/mysql/:/var/log/mysql/:rw + environment: + MYSQL_ROOT_PASSWORD: "123456" + networks: + docker_net: + ipv4_address: ${MYSQL_IP} + + redis: + image: redis:latest + ports: + - "6379:6379" + networks: + docker_net: + ipv4_address: ${REDIS_IP} + + portainer: + image: portainer/portainer:latest + ports: + - "9000:9000" + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - ./portainer/:/data + networks: + docker_net: + ipv4_address: ${PORTAINER_IP} + +volumes: + www-docker-sync: + external: true + + +networks: + docker_net: + driver: bridge + ipam: + driver: default + config: + - + subnet: "${DOCKER_SUBNET}" \ No newline at end of file diff --git a/compose/docker-compose.laradock.yml b/compose/docker-compose.laradock.yml new file mode 100644 index 00000000..eabce3e4 --- /dev/null +++ b/compose/docker-compose.laradock.yml @@ -0,0 +1,1819 @@ +version: '3' + +networks: + frontend: + driver: ${NETWORKS_DRIVER} + backend: + driver: ${NETWORKS_DRIVER} + +volumes: + mysql: + driver: ${VOLUMES_DRIVER} + percona: + driver: ${VOLUMES_DRIVER} + mssql: + driver: ${VOLUMES_DRIVER} + postgres: + driver: ${VOLUMES_DRIVER} + memcached: + driver: ${VOLUMES_DRIVER} + redis: + driver: ${VOLUMES_DRIVER} + neo4j: + driver: ${VOLUMES_DRIVER} + mariadb: + driver: ${VOLUMES_DRIVER} + mongo: + driver: ${VOLUMES_DRIVER} + minio: + driver: ${VOLUMES_DRIVER} + rethinkdb: + driver: ${VOLUMES_DRIVER} + phpmyadmin: + driver: ${VOLUMES_DRIVER} + adminer: + driver: ${VOLUMES_DRIVER} + aerospike: + driver: ${VOLUMES_DRIVER} + caddy: + driver: ${VOLUMES_DRIVER} + meilisearch: + driver: ${VOLUMES_DRIVER} + elasticsearch: + driver: ${VOLUMES_DRIVER} + mosquitto: + driver: ${VOLUMES_DRIVER} + confluence: + driver: ${VOLUMES_DRIVER} + sonarqube: + driver: ${VOLUMES_DRIVER} + cassandra: + driver: ${VOLUMES_DRIVER} + graylog: + driver: ${VOLUMES_DRIVER} + docker-in-docker: + driver: ${VOLUMES_DRIVER} + +services: + +### Workspace Utilities ################################## + workspace: + build: + context: ./workspace + args: + - CHANGE_SOURCE=${CHANGE_SOURCE} + - SHELL_OH_MY_ZSH=${SHELL_OH_MY_ZSH} + - SHELL_OH_MY_ZSH_AUTOSUGESTIONS=${SHELL_OH_MY_ZSH_AUTOSUGESTIONS} + - SHELL_OH_MY_ZSH_ALIASES=${SHELL_OH_MY_ZSH_ALIASES} + - UBUNTU_SOURCE=${UBUNTU_SOURCE} + - BASE_IMAGE_TAG_PREFIX=${WORKSPACE_BASE_IMAGE_TAG_PREFIX} + - LARADOCK_PHP_VERSION=${PHP_VERSION} + - LARADOCK_PHALCON_VERSION=${PHALCON_VERSION} + - INSTALL_SUBVERSION=${WORKSPACE_INSTALL_SUBVERSION} + - INSTALL_BZ2=${WORKSPACE_INSTALL_BZ2} + - INSTALL_GMP=${WORKSPACE_INSTALL_GMP} + - INSTALL_XDEBUG=${WORKSPACE_INSTALL_XDEBUG} + - INSTALL_PCOV=${WORKSPACE_INSTALL_PCOV} + - INSTALL_PHPDBG=${WORKSPACE_INSTALL_PHPDBG} + - INSTALL_BLACKFIRE=${INSTALL_BLACKFIRE} + - INSTALL_SSH2=${WORKSPACE_INSTALL_SSH2} + - INSTALL_SOAP=${WORKSPACE_INSTALL_SOAP} + - INSTALL_XSL=${WORKSPACE_INSTALL_XSL} + - INSTALL_LDAP=${WORKSPACE_INSTALL_LDAP} + - INSTALL_SMB=${WORKSPACE_INSTALL_SMB} + - INSTALL_IMAP=${WORKSPACE_INSTALL_IMAP} + - INSTALL_MONGO=${WORKSPACE_INSTALL_MONGO} + - INSTALL_AMQP=${WORKSPACE_INSTALL_AMQP} + - INSTALL_CASSANDRA=${WORKSPACE_INSTALL_CASSANDRA} + - INSTALL_GEARMAN=${WORKSPACE_INSTALL_GEARMAN} + - INSTALL_PHPREDIS=${WORKSPACE_INSTALL_PHPREDIS} + - INSTALL_MSSQL=${WORKSPACE_INSTALL_MSSQL} + - NVM_NODEJS_ORG_MIRROR=${WORKSPACE_NVM_NODEJS_ORG_MIRROR} + - INSTALL_NODE=${WORKSPACE_INSTALL_NODE} + - NPM_REGISTRY=${WORKSPACE_NPM_REGISTRY} + - INSTALL_PNPM=${WORKSPACE_INSTALL_PNPM} + - INSTALL_YARN=${WORKSPACE_INSTALL_YARN} + - INSTALL_NPM_GULP=${WORKSPACE_INSTALL_NPM_GULP} + - INSTALL_NPM_BOWER=${WORKSPACE_INSTALL_NPM_BOWER} + - INSTALL_NPM_VUE_CLI=${WORKSPACE_INSTALL_NPM_VUE_CLI} + - INSTALL_NPM_ANGULAR_CLI=${WORKSPACE_INSTALL_NPM_ANGULAR_CLI} + - INSTALL_DRUSH=${WORKSPACE_INSTALL_DRUSH} + - INSTALL_WP_CLI=${WORKSPACE_INSTALL_WP_CLI} + - INSTALL_DRUPAL_CONSOLE=${WORKSPACE_INSTALL_DRUPAL_CONSOLE} + - INSTALL_AEROSPIKE=${WORKSPACE_INSTALL_AEROSPIKE} + - INSTALL_OCI8=${WORKSPACE_INSTALL_OCI8} + - INSTALL_V8JS=${WORKSPACE_INSTALL_V8JS} + - COMPOSER_GLOBAL_INSTALL=${WORKSPACE_COMPOSER_GLOBAL_INSTALL} + - COMPOSER_AUTH=${WORKSPACE_COMPOSER_AUTH} + - COMPOSER_REPO_PACKAGIST=${WORKSPACE_COMPOSER_REPO_PACKAGIST} + - INSTALL_WORKSPACE_SSH=${WORKSPACE_INSTALL_WORKSPACE_SSH} + - INSTALL_LARAVEL_ENVOY=${WORKSPACE_INSTALL_LARAVEL_ENVOY} + - INSTALL_LARAVEL_INSTALLER=${WORKSPACE_INSTALL_LARAVEL_INSTALLER} + - INSTALL_DEPLOYER=${WORKSPACE_INSTALL_DEPLOYER} + - INSTALL_PRESTISSIMO=${WORKSPACE_INSTALL_PRESTISSIMO} + - INSTALL_LINUXBREW=${WORKSPACE_INSTALL_LINUXBREW} + - INSTALL_MC=${WORKSPACE_INSTALL_MC} + - INSTALL_SYMFONY=${WORKSPACE_INSTALL_SYMFONY} + - INSTALL_PYTHON=${WORKSPACE_INSTALL_PYTHON} + - INSTALL_PYTHON3=${WORKSPACE_INSTALL_PYTHON3} + - INSTALL_IMAGE_OPTIMIZERS=${WORKSPACE_INSTALL_IMAGE_OPTIMIZERS} + - INSTALL_IMAGEMAGICK=${WORKSPACE_INSTALL_IMAGEMAGICK} + - INSTALL_TERRAFORM=${WORKSPACE_INSTALL_TERRAFORM} + - INSTALL_DUSK_DEPS=${WORKSPACE_INSTALL_DUSK_DEPS} + - INSTALL_PG_CLIENT=${WORKSPACE_INSTALL_PG_CLIENT} + - INSTALL_PHALCON=${WORKSPACE_INSTALL_PHALCON} + - INSTALL_SWOOLE=${WORKSPACE_INSTALL_SWOOLE} + - INSTALL_TAINT=${WORKSPACE_INSTALL_TAINT} + - INSTALL_LIBPNG=${WORKSPACE_INSTALL_LIBPNG} + - INSTALL_GRAPHVIZ=${WORKSPACE_INSTALL_GRAPHVIZ} + - INSTALL_IONCUBE=${WORKSPACE_INSTALL_IONCUBE} + - INSTALL_MYSQL_CLIENT=${WORKSPACE_INSTALL_MYSQL_CLIENT} + - INSTALL_PING=${WORKSPACE_INSTALL_PING} + - INSTALL_SSHPASS=${WORKSPACE_INSTALL_SSHPASS} + - INSTALL_INOTIFY=${WORKSPACE_INSTALL_INOTIFY} + - INSTALL_FSWATCH=${WORKSPACE_INSTALL_FSWATCH} + - INSTALL_AST=${WORKSPACE_INSTALL_AST} + - INSTALL_YAML=${WORKSPACE_INSTALL_YAML} + - INSTALL_RDKAFKA=${WORKSPACE_INSTALL_RDKAFKA} + - INSTALL_MAILPARSE=${WORKSPACE_INSTALL_MAILPARSE} + - INSTALL_GIT_PROMPT=${WORKSPACE_INSTALL_GIT_PROMPT} + - INSTALL_XMLRPC=${WORKSPACE_INSTALL_XMLRPC} + - PUID=${WORKSPACE_PUID} + - PGID=${WORKSPACE_PGID} + - CHROME_DRIVER_VERSION=${WORKSPACE_CHROME_DRIVER_VERSION} + - NODE_VERSION=${WORKSPACE_NODE_VERSION} + - YARN_VERSION=${WORKSPACE_YARN_VERSION} + - DRUSH_VERSION=${WORKSPACE_DRUSH_VERSION} + - AST_VERSION=${WORKSPACE_AST_VERSION} + - TZ=${WORKSPACE_TIMEZONE} + - BLACKFIRE_CLIENT_ID=${BLACKFIRE_CLIENT_ID} + - BLACKFIRE_CLIENT_TOKEN=${BLACKFIRE_CLIENT_TOKEN} + - INSTALL_POWERLINE=${WORKSPACE_INSTALL_POWERLINE} + - INSTALL_SUPERVISOR=${WORKSPACE_INSTALL_SUPERVISOR} + - INSTALL_FFMPEG=${WORKSPACE_INSTALL_FFMPEG} + - INSTALL_AUDIOWAVEFORM=${WORKSPACE_INSTALL_AUDIOWAVEFORM} + - INSTALL_WKHTMLTOPDF=${WORKSPACE_INSTALL_WKHTMLTOPDF} + - INSTALL_GNU_PARALLEL=${WORKSPACE_INSTALL_GNU_PARALLEL} + - INSTALL_LNAV=${WORKSPACE_INSTALL_LNAV} + - INSTALL_PROTOC=${WORKSPACE_INSTALL_PROTOC} + - PROTOC_VERSION=${WORKSPACE_PROTOC_VERSION} + - http_proxy + - https_proxy + - no_proxy + volumes: + - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}${APP_CODE_CONTAINER_FLAG} + - docker-in-docker:/certs/client + - ./php-worker/supervisord.d:/etc/supervisord.d + extra_hosts: + - "dockerhost:${DOCKER_HOST_IP}" + ports: + - "${WORKSPACE_SSH_PORT}:22" + - "${WORKSPACE_BROWSERSYNC_HOST_PORT}:3000" + - "${WORKSPACE_BROWSERSYNC_UI_HOST_PORT}:3001" + - "${WORKSPACE_VUE_CLI_SERVE_HOST_PORT}:8080" + - "${WORKSPACE_VUE_CLI_UI_HOST_PORT}:8000" + - "${WORKSPACE_ANGULAR_CLI_SERVE_HOST_PORT}:4200" + tty: true + environment: + - PHP_IDE_CONFIG=${PHP_IDE_CONFIG} + - DOCKER_HOST=tcp://docker-in-docker:2376 + - DOCKER_TLS_VERIFY=1 + - DOCKER_TLS_CERTDIR=/certs + - DOCKER_CERT_PATH=/certs/client + networks: + - frontend + - backend + links: + - docker-in-docker + +### PHP-FPM ############################################## + php-fpm: + build: + context: ./php-fpm + args: + - CHANGE_SOURCE=${CHANGE_SOURCE} + - BASE_IMAGE_TAG_PREFIX=${PHP_FPM_BASE_IMAGE_TAG_PREFIX} + - LARADOCK_PHP_VERSION=${PHP_VERSION} + - LARADOCK_PHALCON_VERSION=${PHALCON_VERSION} + - INSTALL_BZ2=${PHP_FPM_INSTALL_BZ2} + - INSTALL_GMP=${PHP_FPM_INSTALL_GMP} + - INSTALL_XDEBUG=${PHP_FPM_INSTALL_XDEBUG} + - INSTALL_PCOV=${PHP_FPM_INSTALL_PCOV} + - INSTALL_PHPDBG=${PHP_FPM_INSTALL_PHPDBG} + - INSTALL_BLACKFIRE=${INSTALL_BLACKFIRE} + - INSTALL_SSH2=${PHP_FPM_INSTALL_SSH2} + - INSTALL_SOAP=${PHP_FPM_INSTALL_SOAP} + - INSTALL_XSL=${PHP_FPM_INSTALL_XSL} + - INSTALL_SMB=${PHP_FPM_INSTALL_SMB} + - INSTALL_IMAP=${PHP_FPM_INSTALL_IMAP} + - INSTALL_MONGO=${PHP_FPM_INSTALL_MONGO} + - INSTALL_AMQP=${PHP_FPM_INSTALL_AMQP} + - INSTALL_CASSANDRA=${PHP_FPM_INSTALL_CASSANDRA} + - INSTALL_GEARMAN=${PHP_FPM_INSTALL_GEARMAN} + - INSTALL_MSSQL=${PHP_FPM_INSTALL_MSSQL} + - INSTALL_BCMATH=${PHP_FPM_INSTALL_BCMATH} + - INSTALL_PHPREDIS=${PHP_FPM_INSTALL_PHPREDIS} + - INSTALL_MEMCACHED=${PHP_FPM_INSTALL_MEMCACHED} + - INSTALL_OPCACHE=${PHP_FPM_INSTALL_OPCACHE} + - INSTALL_EXIF=${PHP_FPM_INSTALL_EXIF} + - INSTALL_AEROSPIKE=${PHP_FPM_INSTALL_AEROSPIKE} + - INSTALL_OCI8=${PHP_FPM_INSTALL_OCI8} + - INSTALL_MYSQLI=${PHP_FPM_INSTALL_MYSQLI} + - INSTALL_PGSQL=${PHP_FPM_INSTALL_PGSQL} + - INSTALL_PG_CLIENT=${PHP_FPM_INSTALL_PG_CLIENT} + - INSTALL_POSTGIS=${PHP_FPM_INSTALL_POSTGIS} + - INSTALL_INTL=${PHP_FPM_INSTALL_INTL} + - INSTALL_GHOSTSCRIPT=${PHP_FPM_INSTALL_GHOSTSCRIPT} + - INSTALL_LDAP=${PHP_FPM_INSTALL_LDAP} + - INSTALL_PHALCON=${PHP_FPM_INSTALL_PHALCON} + - INSTALL_SWOOLE=${PHP_FPM_INSTALL_SWOOLE} + - INSTALL_TAINT=${PHP_FPM_INSTALL_TAINT} + - INSTALL_IMAGE_OPTIMIZERS=${PHP_FPM_INSTALL_IMAGE_OPTIMIZERS} + - INSTALL_IMAGEMAGICK=${PHP_FPM_INSTALL_IMAGEMAGICK} + - INSTALL_CALENDAR=${PHP_FPM_INSTALL_CALENDAR} + - INSTALL_FAKETIME=${PHP_FPM_INSTALL_FAKETIME} + - INSTALL_IONCUBE=${PHP_FPM_INSTALL_IONCUBE} + - INSTALL_APCU=${PHP_FPM_INSTALL_APCU} + - INSTALL_CACHETOOL=${PHP_FPM_INSTALL_CACHETOOL} + - INSTALL_YAML=${PHP_FPM_INSTALL_YAML} + - INSTALL_RDKAFKA=${PHP_FPM_INSTALL_RDKAFKA} + - INSTALL_GETTEXT=${PHP_FPM_INSTALL_GETTEXT} + - INSTALL_ADDITIONAL_LOCALES=${PHP_FPM_INSTALL_ADDITIONAL_LOCALES} + - INSTALL_MYSQL_CLIENT=${PHP_FPM_INSTALL_MYSQL_CLIENT} + - INSTALL_PING=${PHP_FPM_INSTALL_PING} + - INSTALL_SSHPASS=${PHP_FPM_INSTALL_SSHPASS} + - INSTALL_MAILPARSE=${PHP_FPM_INSTALL_MAILPARSE} + - INSTALL_PCNTL=${PHP_FPM_INSTALL_PCNTL} + - ADDITIONAL_LOCALES=${PHP_FPM_ADDITIONAL_LOCALES} + - INSTALL_FFMPEG=${PHP_FPM_FFMPEG} + - INSTALL_AUDIOWAVEFORM=${PHP_FPM_AUDIOWAVEFORM} + - INSTALL_WKHTMLTOPDF=${PHP_FPM_INSTALL_WKHTMLTOPDF} + - INSTALL_XHPROF=${PHP_FPM_INSTALL_XHPROF} + - INSTALL_XMLRPC=${PHP_FPM_INSTALL_XMLRPC} + - DOWNGRADE_OPENSSL_TLS_AND_SECLEVEL=${PHP_DOWNGRADE_OPENSSL_TLS_AND_SECLEVEL} + - PUID=${PHP_FPM_PUID} + - PGID=${PHP_FPM_PGID} + - LOCALE=${PHP_FPM_DEFAULT_LOCALE} + - http_proxy + - https_proxy + - no_proxy + volumes: + - ./php-fpm/php${PHP_VERSION}.ini:/usr/local/etc/php/php.ini + - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}${APP_CODE_CONTAINER_FLAG} + - docker-in-docker:/certs/client + expose: + - "9000" + extra_hosts: + - "dockerhost:${DOCKER_HOST_IP}" + environment: + - PHP_IDE_CONFIG=${PHP_IDE_CONFIG} + - DOCKER_HOST=tcp://docker-in-docker:2376 + - DOCKER_TLS_VERIFY=1 + - DOCKER_TLS_CERTDIR=/certs + - DOCKER_CERT_PATH=/certs/client + - FAKETIME=${PHP_FPM_FAKETIME} + depends_on: + - workspace + networks: + - backend + links: + - docker-in-docker + +### PHP Worker ############################################ + php-worker: + build: + context: ./php-worker + args: + - CHANGE_SOURCE=${CHANGE_SOURCE} + - LARADOCK_PHP_VERSION=${PHP_VERSION} + - PHALCON_VERSION=${PHALCON_VERSION} + - INSTALL_BZ2=${PHP_WORKER_INSTALL_BZ2} + - INSTALL_GD=${PHP_WORKER_INSTALL_GD} + - INSTALL_IMAGEMAGICK=${PHP_WORKER_INSTALL_IMAGEMAGICK} + - INSTALL_GMP=${PHP_WORKER_INSTALL_GMP} + - INSTALL_PGSQL=${PHP_WORKER_INSTALL_PGSQL} + - INSTALL_BCMATH=${PHP_WORKER_INSTALL_BCMATH} + - INSTALL_OCI8=${PHP_WORKER_INSTALL_OCI8} + - INSTALL_PHALCON=${PHP_WORKER_INSTALL_PHALCON} + - INSTALL_SOAP=${PHP_WORKER_INSTALL_SOAP} + - INSTALL_ZIP_ARCHIVE=${PHP_WORKER_INSTALL_ZIP_ARCHIVE} + - INSTALL_MYSQL_CLIENT=${PHP_WORKER_INSTALL_MYSQL_CLIENT} + - INSTALL_AMQP=${PHP_WORKER_INSTALL_AMQP} + - INSTALL_CASSANDRA=${PHP_WORKER_INSTALL_CASSANDRA} + - INSTALL_GEARMAN=${PHP_WORKER_INSTALL_GEARMAN} + - INSTALL_GHOSTSCRIPT=${PHP_WORKER_INSTALL_GHOSTSCRIPT} + - INSTALL_SWOOLE=${PHP_WORKER_INSTALL_SWOOLE} + - INSTALL_TAINT=${PHP_WORKER_INSTALL_TAINT} + - INSTALL_FFMPEG=${PHP_WORKER_INSTALL_FFMPEG} + - INSTALL_AUDIOWAVEFORM=${PHP_WORKER_INSTALL_AUDIOWAVEFORM} + - INSTALL_REDIS=${PHP_WORKER_INSTALL_REDIS} + - INSTALL_IMAP=${PHP_WORKER_INSTALL_IMAP} + - INSTALL_XMLRPC=${PHP_WORKER_INSTALL_XMLRPC} + - PUID=${PHP_WORKER_PUID} + - PGID=${PHP_WORKER_PGID} + volumes: + - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}${APP_CODE_CONTAINER_FLAG} + - ./php-worker/supervisord.d:/etc/supervisord.d + depends_on: + - workspace + extra_hosts: + - "dockerhost:${DOCKER_HOST_IP}" + networks: + - backend +### Laravel Horizon ############################################ + laravel-horizon: + build: + context: ./laravel-horizon + args: + - CHANGE_SOURCE=${CHANGE_SOURCE} + - LARADOCK_PHP_VERSION=${PHP_VERSION} + - INSTALL_BZ2=${LARAVEL_HORIZON_INSTALL_BZ2} + - INSTALL_GD=${LARAVEL_HORIZON_INSTALL_GD} + - INSTALL_GMP=${LARAVEL_HORIZON_INSTALL_GMP} + - INSTALL_IMAGEMAGICK=${LARAVEL_HORIZON_INSTALL_IMAGEMAGICK} + - INSTALL_PGSQL=${PHP_FPM_INSTALL_PGSQL} + - INSTALL_ZIP_ARCHIVE=${LARAVEL_HORIZON_INSTALL_ZIP_ARCHIVE} + - INSTALL_BCMATH=${PHP_FPM_INSTALL_BCMATH} + - INSTALL_MEMCACHED=${PHP_FPM_INSTALL_MEMCACHED} + - INSTALL_SOCKETS=${LARAVEL_HORIZON_INSTALL_SOCKETS} + - INSTALL_YAML=${LARAVEL_HORIZON_INSTALL_YAML} + - INSTALL_CASSANDRA=${PHP_FPM_INSTALL_CASSANDRA} + - INSTALL_PHPREDIS=${LARAVEL_HORIZON_INSTALL_PHPREDIS} + - INSTALL_MONGO=${LARAVEL_HORIZON_INSTALL_MONGO} + - INSTALL_FFMPEG=${LARAVEL_HORIZON_INSTALL_FFMPEG} + - INSTALL_AUDIOWAVEFORM=${LARAVEL_HORIZON_INSTALL_AUDIOWAVEFORM} + - PUID=${LARAVEL_HORIZON_PUID} + - PGID=${LARAVEL_HORIZON_PGID} + volumes: + - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER} + - ./laravel-horizon/supervisord.d:/etc/supervisord.d + depends_on: + - workspace + extra_hosts: + - "dockerhost:${DOCKER_HOST_IP}" + networks: + - backend + +### NGINX Server ######################################### + nginx: + build: + context: ./nginx + args: + - CHANGE_SOURCE=${CHANGE_SOURCE} + - PHP_UPSTREAM_CONTAINER=${NGINX_PHP_UPSTREAM_CONTAINER} + - PHP_UPSTREAM_PORT=${NGINX_PHP_UPSTREAM_PORT} + - http_proxy + - https_proxy + - no_proxy + volumes: + - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}${APP_CODE_CONTAINER_FLAG} + - ${NGINX_HOST_LOG_PATH}:/var/log/nginx + - ${NGINX_SITES_PATH}:/etc/nginx/sites-available + - ${NGINX_SSL_PATH}:/etc/nginx/ssl + ports: + - "${NGINX_HOST_HTTP_PORT}:80" + - "${NGINX_HOST_HTTPS_PORT}:443" + - "${VARNISH_BACKEND_PORT}:81" + depends_on: + - php-fpm + networks: + - frontend + - backend + +### Blackfire ######################################## + blackfire: + image: blackfire/blackfire + environment: + - BLACKFIRE_SERVER_ID=${BLACKFIRE_SERVER_ID} + - BLACKFIRE_SERVER_TOKEN=${BLACKFIRE_SERVER_TOKEN} + depends_on: + - php-fpm + networks: + - backend + +### Apache Server ######################################## + apache2: + build: + context: ./apache2 + args: + - PHP_UPSTREAM_CONTAINER=${APACHE_PHP_UPSTREAM_CONTAINER} + - PHP_UPSTREAM_PORT=${APACHE_PHP_UPSTREAM_PORT} + - PHP_UPSTREAM_TIMEOUT=${APACHE_PHP_UPSTREAM_TIMEOUT} + - DOCUMENT_ROOT=${APACHE_DOCUMENT_ROOT} + - APACHE_INSTALL_HTTP2=${APACHE_INSTALL_HTTP2} + volumes: + - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}${APP_CODE_CONTAINER_FLAG} + - ${APACHE_HOST_LOG_PATH}:/var/log/apache2 + - ${APACHE_SITES_PATH}:/etc/apache2/sites-available + ports: + - "${APACHE_HOST_HTTP_PORT}:80" + - "${APACHE_HOST_HTTPS_PORT}:443" + depends_on: + - php-fpm + networks: + - frontend + - backend + +### HHVM ################################################# + hhvm: + build: ./hhvm + volumes: + - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}${APP_CODE_CONTAINER_FLAG} + expose: + - "9000" + depends_on: + - workspace + networks: + - frontend + - backend + +### Minio ################################################ + minio: + build: ./minio + volumes: + - ${DATA_PATH_HOST}/minio/data:/export + - ${DATA_PATH_HOST}/minio/config:/root/.minio + ports: + - "${MINIO_PORT}:9000" + environment: + - MINIO_ACCESS_KEY=access + - MINIO_SECRET_KEY=secretkey + networks: + - frontend + - backend + +### MySQL ################################################ + mysql: + build: + context: ./mysql + args: + - MYSQL_VERSION=${MYSQL_VERSION} + environment: + - MYSQL_DATABASE=${MYSQL_DATABASE} + - MYSQL_USER=${MYSQL_USER} + - MYSQL_PASSWORD=${MYSQL_PASSWORD} + - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} + - TZ=${WORKSPACE_TIMEZONE} + volumes: + - ${DATA_PATH_HOST}/mysql:/var/lib/mysql + - ${MYSQL_ENTRYPOINT_INITDB}:/docker-entrypoint-initdb.d + ports: + - "${MYSQL_PORT}:3306" + networks: + - backend + +### Percona ################################################ + percona: + build: + context: ./percona + environment: + - MYSQL_DATABASE=${PERCONA_DATABASE} + - MYSQL_USER=${PERCONA_USER} + - MYSQL_PASSWORD=${PERCONA_PASSWORD} + - MYSQL_ROOT_PASSWORD=${PERCONA_ROOT_PASSWORD} + volumes: + - ${DATA_PATH_HOST}/percona:/var/lib/mysql + - ${PERCONA_ENTRYPOINT_INITDB}:/docker-entrypoint-initdb.d + ports: + - "${PERCONA_PORT}:3306" + networks: + - backend + +### MSSQL ################################################ + mssql: + build: + context: ./mssql + environment: + - MSSQL_PID=Express + - MSSQL_DATABASE=${MSSQL_DATABASE} + - SA_PASSWORD=${MSSQL_PASSWORD} + - ACCEPT_EULA=Y + volumes: + - ${DATA_PATH_HOST}/mssql:/var/opt/mssql + ports: + - "${MSSQL_PORT}:1433" + networks: + - backend + +### MariaDB ############################################## + mariadb: + build: + context: ./mariadb + args: + - http_proxy + - https_proxy + - no_proxy + - MARIADB_VERSION=${MARIADB_VERSION} + volumes: + - ${DATA_PATH_HOST}/mariadb:/var/lib/mysql + - ${MARIADB_ENTRYPOINT_INITDB}:/docker-entrypoint-initdb.d + ports: + - "${MARIADB_PORT}:3306" + environment: + - TZ=${WORKSPACE_TIMEZONE} + - MYSQL_DATABASE=${MARIADB_DATABASE} + - MYSQL_USER=${MARIADB_USER} + - MYSQL_PASSWORD=${MARIADB_PASSWORD} + - MYSQL_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD} + networks: + - backend + +### PostgreSQL ########################################### + postgres: + build: + context: ./postgres + args: + - POSTGRES_VERSION=${POSTGRES_VERSION} + volumes: + - ${DATA_PATH_HOST}/postgres:/var/lib/postgresql/data + - ${POSTGRES_ENTRYPOINT_INITDB}:/docker-entrypoint-initdb.d + ports: + - "${POSTGRES_PORT}:5432" + environment: + - POSTGRES_DB=${POSTGRES_DB} + - POSTGRES_USER=${POSTGRES_USER} + - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} + - GITLAB_POSTGRES_INIT=${GITLAB_POSTGRES_INIT} + - GITLAB_POSTGRES_USER=${GITLAB_POSTGRES_USER} + - GITLAB_POSTGRES_PASSWORD=${GITLAB_POSTGRES_PASSWORD} + - GITLAB_POSTGRES_DB=${GITLAB_POSTGRES_DB} + - JUPYTERHUB_POSTGRES_INIT=${JUPYTERHUB_POSTGRES_INIT} + - JUPYTERHUB_POSTGRES_USER=${JUPYTERHUB_POSTGRES_USER} + - JUPYTERHUB_POSTGRES_PASSWORD=${JUPYTERHUB_POSTGRES_PASSWORD} + - JUPYTERHUB_POSTGRES_DB=${JUPYTERHUB_POSTGRES_DB} + - SONARQUBE_POSTGRES_INIT=${SONARQUBE_POSTGRES_INIT} + - SONARQUBE_POSTGRES_DB=${SONARQUBE_POSTGRES_DB} + - SONARQUBE_POSTGRES_USER=${SONARQUBE_POSTGRES_USER} + - SONARQUBE_POSTGRES_PASSWORD=${SONARQUBE_POSTGRES_PASSWORD} + - POSTGRES_CONFLUENCE_INIT=${CONFLUENCE_POSTGRES_INIT} + - POSTGRES_CONFLUENCE_DB=${CONFLUENCE_POSTGRES_DB} + - POSTGRES_CONFLUENCE_USER=${CONFLUENCE_POSTGRES_USER} + - POSTGRES_CONFLUENCE_PASSWORD=${CONFLUENCE_POSTGRES_PASSWORD} + networks: + - backend + +### PostgreSQL PostGis ################################### + postgres-postgis: + build: ./postgres-postgis + volumes: + - ${DATA_PATH_HOST}/postgres:/var/lib/postgresql/data + ports: + - "${POSTGRES_PORT}:5432" + environment: + - POSTGRES_DB=${POSTGRES_DB} + - POSTGRES_USER=${POSTGRES_USER} + - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} + networks: + - backend + +### Neo4j ################################################ + neo4j: + build: ./neo4j + ports: + - "7474:7474" + - "1337:1337" + environment: + - NEO4J_AUTH=default:secret + volumes: + - ${DATA_PATH_HOST}/neo4j:/var/lib/neo4j/data + networks: + - backend + +### MongoDB ############################################## + mongo: + build: ./mongo + ports: + - "${MONGODB_PORT}:27017" + volumes: + - ${DATA_PATH_HOST}/mongo:/data/db + - ${DATA_PATH_HOST}/mongo_config:/data/configdb + networks: + - backend + +### RethinkDB ############################################## + rethinkdb: + build: ./rethinkdb + ports: + - "${RETHINKDB_PORT}:8080" + volumes: + - ${DATA_PATH_HOST}/rethinkdb:/data/rethinkdb_data + networks: + - backend + +### Redis ################################################ + redis: + build: ./redis + volumes: + - ${DATA_PATH_HOST}/redis:/data + ports: + - "${REDIS_PORT}:6379" + networks: + - backend + +### Redis Cluster ########################################## + redis-cluster: + build: ./redis-cluster + ports: + - "${REDIS_CLUSTER_PORT_RANGE}:7000-7005" + networks: + - backend + +### ZooKeeper ######################################### + zookeeper: + build: ./zookeeper + volumes: + - ${DATA_PATH_HOST}/zookeeper/data:/data + - ${DATA_PATH_HOST}/zookeeper/datalog:/datalog + ports: + - "${ZOOKEEPER_PORT}:2181" + networks: + - backend + +### Aerospike ########################################## + aerospike: + build: ./aerospike + volumes: + - workspace + - ${DATA_PATH_HOST}/aerospike:/opt/aerospike/data + ports: + - "${AEROSPIKE_SERVICE_PORT}:3000" + - "${AEROSPIKE_FABRIC_PORT}:3001" + - "${AEROSPIKE_HEARTBEAT_PORT}:3002" + - "${AEROSPIKE_INFO_PORT}:3003" + environment: + - STORAGE_GB=${AEROSPIKE_STORAGE_GB} + - MEM_GB=${AEROSPIKE_MEM_GB} + - NAMESPACE=${AEROSPIKE_NAMESPACE} + networks: + - backend + +### Memcached ############################################ + memcached: + build: ./memcached + volumes: + - ${DATA_PATH_HOST}/memcached:/var/lib/memcached + ports: + - "${MEMCACHED_HOST_PORT}:11211" + depends_on: + - php-fpm + networks: + - backend + +### Beanstalkd ########################################### + beanstalkd: + build: ./beanstalkd + ports: + - "${BEANSTALKD_HOST_PORT}:11300" + privileged: true + depends_on: + - php-fpm + networks: + - backend + +### SQS ############################################# + sqs: + build: ./sqs + ports: + - "${SQS_NODE_HOST_PORT}:9324" + - "${SQS_MANAGEMENT_HTTP_HOST_PORT}:9325" + privileged: true + hostname: laradock-sqs + volumes: + - ${DATA_PATH_HOST}/sqs:/opt/custom + networks: + - frontend + - backend + +### RabbitMQ ############################################# + rabbitmq: + build: ./rabbitmq + ports: + - "${RABBITMQ_NODE_HOST_PORT}:5672" + - "${RABBITMQ_MANAGEMENT_HTTP_HOST_PORT}:15672" + - "${RABBITMQ_MANAGEMENT_HTTPS_HOST_PORT}:15671" + privileged: true + environment: + - RABBITMQ_DEFAULT_USER=${RABBITMQ_DEFAULT_USER} + - RABBITMQ_DEFAULT_PASS=${RABBITMQ_DEFAULT_PASS} + hostname: laradock-rabbitmq + volumes: + - ${DATA_PATH_HOST}/rabbitmq:/var/lib/rabbitmq + depends_on: + - php-fpm + networks: + - backend + +### Cassandra ############################################ + cassandra: + build: ./cassandra + ports: + - "${CASSANDRA_TRANSPORT_PORT_NUMBER}:7000" + - "${CASSANDRA_JMX_PORT_NUMBER}:7199" + - "${CASSANDRA_CQL_PORT_NUMBER}:9042" + privileged: true + environment: + - CASSANDRA_VERSION=${CASSANDRA_VERSION} + - CASSANDRA_TRANSPORT_PORT_NUMBER=${CASSANDRA_TRANSPORT_PORT_NUMBER} + - CASSANDRA_JMX_PORT_NUMBER=${CASSANDRA_JMX_PORT_NUMBER} + - CASSANDRA_CQL_PORT_NUMBER=${CASSANDRA_CQL_PORT_NUMBER} + - CASSANDRA_USER=${CASSANDRA_USER} + - CASSANDRA_PASSWORD_SEEDER=${CASSANDRA_PASSWORD_SEEDER} + - CASSANDRA_PASSWORD=${CASSANDRA_PASSWORD} + - CASSANDRA_NUM_TOKENS=${CASSANDRA_NUM_TOKENS} + - CASSANDRA_HOST=${CASSANDRA_HOST} + - CASSANDRA_CLUSTER_NAME=${CASSANDRA_CLUSTER_NAME} + - CASSANDRA_SEEDS=${CASSANDRA_SEEDS} + - CASSANDRA_ENDPOINT_SNITCH=${CASSANDRA_ENDPOINT_SNITCH} + - CASSANDRA_ENABLE_RPC=${CASSANDRA_ENABLE_RPC} + - CASSANDRA_DATACENTER=${CASSANDRA_DATACENTER} + - CASSANDRA_RACK=${CASSANDRA_RACK} + hostname: laradock-cassandra + volumes: + - ${DATA_PATH_HOST}/cassandra:/var/lib/cassandra + depends_on: + - php-fpm + networks: + - backend + +### Gearman ############################################ + gearman: + build: ./gearman + ports: + - "${GEARMAN_PORT}:4730" + privileged: true + environment: + - GEARMAN_VERSION=${GEARMAN_VERSION} + - GEARMAN_VERBOSE=${GEARMAN_VERBOSE} + - GEARMAN_QUEUE_TYPE=${GEARMAN_QUEUE_TYPE} + - GEARMAN_THREADS=${GEARMAN_THREADS} + - GEARMAN_BACKLOG=${GEARMAN_BACKLOG} + - GEARMAN_FILE_DESCRIPTORS=${GEARMAN_FILE_DESCRIPTORS} + - GEARMAN_JOB_RETRIES=${GEARMAN_JOB_RETRIES} + - GEARMAN_ROUND_ROBIN=${GEARMAN_ROUND_ROBIN} + - GEARMAN_WORKER_WAKEUP=${GEARMAN_WORKER_WAKEUP} + - GEARMAN_KEEPALIVE=${GEARMAN_KEEPALIVE} + - GEARMAN_KEEPALIVE_IDLE=${GEARMAN_KEEPALIVE_IDLE} + - GEARMAN_KEEPALIVE_INTERVAL=${GEARMAN_KEEPALIVE_INTERVAL} + - GEARMAN_KEEPALIVE_COUNT=${GEARMAN_KEEPALIVE_COUNT} + - GEARMAN_MYSQL_HOST=${GEARMAN_MYSQL_HOST} + - GEARMAN_MYSQL_PORT=${GEARMAN_MYSQL_PORT} + - GEARMAN_MYSQL_USER=${GEARMAN_MYSQL_USER} + - GEARMAN_MYSQL_PASSWORD=${GEARMAN_MYSQL_PASSWORD} + - GEARMAN_MYSQL_PASSWORD_FILE=${GEARMAN_MYSQL_PASSWORD_FILE} + - GEARMAN_MYSQL_DB=${GEARMAN_MYSQL_DB} + - GEARMAN_MYSQL_TABLE=${GEARMAN_MYSQL_TABLE} + hostname: laradock-gearman + depends_on: + - php-fpm + networks: + - backend + +### Beanstalkd Console ################################### + beanstalkd-console: + build: ./beanstalkd-console + ports: + - "${BEANSTALKD_CONSOLE_HOST_PORT}:2080" + depends_on: + - beanstalkd + networks: + - backend + +### Caddy Server ######################################### + caddy: + build: ./caddy + volumes: + - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}${APP_CODE_CONTAINER_FLAG} + - ${CADDY_CONFIG_PATH}:/etc/caddy + - ${CADDY_HOST_LOG_PATH}:/var/log/caddy + - ${DATA_PATH_HOST}:/root/.caddy + ports: + - "${CADDY_HOST_HTTP_PORT}:80" + - "${CADDY_HOST_HTTPS_PORT}:443" + depends_on: + - php-fpm + networks: + - frontend + - backend + +### phpMyAdmin ########################################### + phpmyadmin: + build: ./phpmyadmin + environment: + - PMA_ARBITRARY=1 + - MYSQL_USER=${PMA_USER} + - MYSQL_PASSWORD=${PMA_PASSWORD} + - MYSQL_ROOT_PASSWORD=${PMA_ROOT_PASSWORD} + ports: + - "${PMA_PORT}:80" + depends_on: + - "${PMA_DB_ENGINE}" + networks: + - frontend + - backend + +### Adminer ########################################### + adminer: + build: + context: ./adminer + args: + - INSTALL_MSSQL=${ADM_INSTALL_MSSQL} + environment: + - ADMINER_PLUGINS=${ADM_PLUGINS} + - ADMINER_DESIGN=${ADM_DESIGN} + - ADMINER_DEFAULT_SERVER=${ADM_DEFAULT_SERVER} + ports: + - "${ADM_PORT}:8080" + depends_on: + - php-fpm + networks: + - frontend + - backend + +### pgAdmin ############################################## + pgadmin: + image: dpage/pgadmin4:latest + environment: + - "PGADMIN_DEFAULT_EMAIL=${PGADMIN_DEFAULT_EMAIL}" + - "PGADMIN_DEFAULT_PASSWORD=${PGADMIN_DEFAULT_PASSWORD}" + ports: + - "${PGADMIN_PORT}:80" + volumes: + - ${DATA_PATH_HOST}/pgadmin:/var/lib/pgadmin + depends_on: + - postgres + networks: + - frontend + - backend + +### MeiliSearch ########################################## + meilisearch: + image: getmeili/meilisearch:latest + volumes: + - ${DATA_PATH_HOST}/meilisearch:/var/lib/meilisearch + ports: + - "${MEILISEARCH_HOST_PORT}:7700" + networks: + - frontend + - backend + +### ElasticSearch ######################################## + elasticsearch: + build: + context: ./elasticsearch + args: + - ELK_VERSION=${ELK_VERSION} + volumes: + - elasticsearch:/usr/share/elasticsearch/data + environment: + - cluster.name=laradock-cluster + - node.name=laradock-node + - bootstrap.memory_lock=true + - "ES_JAVA_OPTS=-Xms512m -Xmx512m" + - cluster.initial_master_nodes=laradock-node + ulimits: + memlock: + soft: -1 + hard: -1 + nofile: + soft: 65536 + hard: 65536 + ports: + - "${ELASTICSEARCH_HOST_HTTP_PORT}:9200" + - "${ELASTICSEARCH_HOST_TRANSPORT_PORT}:9300" + depends_on: + - php-fpm + networks: + - frontend + - backend + +### Logstash ############################################## + logstash: + build: + context: ./logstash + args: + - ELK_VERSION=${ELK_VERSION} + volumes: + - './logstash/config/logstash.yml:/usr/share/logstash/config/logstash.yml' + - './logstash/pipeline:/usr/share/logstash/pipeline' + ports: + - '5001:5001' + environment: + LS_JAVA_OPTS: '-Xmx1g -Xms1g' + env_file: + - .env + networks: + - frontend + - backend + depends_on: + - elasticsearch + +### Kibana ############################################## + kibana: + build: + context: ./kibana + args: + - ELK_VERSION=${ELK_VERSION} + ports: + - "${KIBANA_HTTP_PORT}:5601" + depends_on: + - elasticsearch + networks: + - frontend + - backend + +### Dejavu ############################################## + dejavu: + build: + context: ./dejavu + ports: + - "${DEJAVU_HTTP_PORT}:1358" + depends_on: + - elasticsearch + networks: + - frontend + - backend + +### Certbot ######################################### + certbot: + build: + context: ./certbot + volumes: + - ./data/certbot/certs/:/var/certs + - ./certbot/letsencrypt/:/var/www/letsencrypt + environment: + - CN="fake.domain.com" + - EMAIL="fake.email@gmail.com" + networks: + - frontend + +### MailCatcher ################################################ + mailcatcher: + build: ./mailcatcher + ports: + - "1025:1025" + - "1080:1080" + networks: + - frontend + - backend + +### Mailhog ################################################ + mailhog: + build: ./mailhog + ports: + - "1025:1025" + - "8025:8025" + networks: + - frontend + - backend + +### MailDev ############################################## + maildev: + build: ./maildev + ports: + - "${MAILDEV_HTTP_PORT}:80" + - "${MAILDEV_SMTP_PORT}:25" + networks: + - frontend + - backend + +### Selenium ############################################### + selenium: + build: ./selenium + ports: + - "${SELENIUM_PORT}:4444" + volumes: + - /dev/shm:/dev/shm + networks: + - frontend + +### Varnish ########################################## + proxy: + container_name: proxy + build: ./varnish + expose: + - ${VARNISH_PORT} + environment: + - VARNISH_CONFIG=${VARNISH_CONFIG} + - CACHE_SIZE=${VARNISH_PROXY1_CACHE_SIZE} + - VARNISHD_PARAMS=${VARNISHD_PARAMS} + - VARNISH_PORT=${VARNISH_PORT} + - BACKEND_HOST=${VARNISH_PROXY1_BACKEND_HOST} + - BACKEND_PORT=${VARNISH_BACKEND_PORT} + - VARNISH_SERVER=${VARNISH_PROXY1_SERVER} + ports: + - "${VARNISH_PORT}:${VARNISH_PORT}" + links: + - workspace + networks: + - frontend + + proxy2: + container_name: proxy2 + build: ./varnish + expose: + - ${VARNISH_PORT} + environment: + - VARNISH_CONFIG=${VARNISH_CONFIG} + - CACHE_SIZE=${VARNISH_PROXY2_CACHE_SIZE} + - VARNISHD_PARAMS=${VARNISHD_PARAMS} + - VARNISH_PORT=${VARNISH_PORT} + - BACKEND_HOST=${VARNISH_PROXY2_BACKEND_HOST} + - BACKEND_PORT=${VARNISH_BACKEND_PORT} + - VARNISH_SERVER=${VARNISH_PROXY2_SERVER} + ports: + - "${VARNISH_PORT}:${VARNISH_PORT}" + links: + - workspace + networks: + - frontend + +### HAProxy #################################### + haproxy: + build: ./haproxy + ports: + - "${HAPROXY_HOST_HTTP_PORT}:8085" + volumes: + - /var/run/docker.sock:/var/run/docker.sock + links: + - proxy + - proxy2 + +### Jenkins ################################################### + jenkins: + build: ./jenkins + environment: + JAVA_OPTS: "-Djava.awt.headless=true" + ports: + - "${JENKINS_HOST_SLAVE_AGENT_PORT}:50000" + - "${JENKINS_HOST_HTTP_PORT}:8080" + privileged: true + volumes: + - ${JENKINS_HOME}:/var/jenkins_home + - /var/run/docker.sock:/var/run/docker.sock + networks: + - frontend + - backend + +### Grafana ################################################ + grafana: + build: + context: ./grafana + volumes: + - ${DATA_PATH_HOST}/grafana:/var/lib/grafana + ports: + - "${GRAFANA_PORT}:3000" + networks: + - backend + +### Graylog ####################################### + graylog: + build: ./graylog + environment: + - GRAYLOG_PASSWORD_SECRET=${GRAYLOG_PASSWORD} + - GRAYLOG_ROOT_PASSWORD_SHA2=${GRAYLOG_SHA256_PASSWORD} + - GRAYLOG_HTTP_EXTERNAL_URI=http://127.0.0.1:${GRAYLOG_PORT}/ + links: + - mongo + - elasticsearch + depends_on: + - mongo + - elasticsearch + ports: + # Graylog web interface and REST API + - ${GRAYLOG_PORT}:9000 + # Syslog TCP + - ${GRAYLOG_SYSLOG_TCP_PORT}:514 + # Syslog UDP + - ${GRAYLOG_SYSLOG_UDP_PORT}:514/udp + # GELF TCP + - ${GRAYLOG_GELF_TCP_PORT}:12201 + # GELF UDP + - ${GRAYLOG_GELF_UDP_PORT}:12201/udp + user: graylog + volumes: + - ${DATA_PATH_HOST}/graylog:/usr/share/graylog/data + networks: + - backend + +### Laravel Echo Server ####################################### + laravel-echo-server: + build: + context: ./laravel-echo-server + args: + - CHANGE_SOURCE=${CHANGE_SOURCE} + volumes: + - ./laravel-echo-server/laravel-echo-server.json:/app/laravel-echo-server.json:ro + ports: + - "${LARAVEL_ECHO_SERVER_PORT}:6001" + links: + - redis + networks: + - frontend + - backend + +### Solr ################################################ + solr: + build: + context: ./solr + args: + - SOLR_VERSION=${SOLR_VERSION} + - SOLR_DATAIMPORTHANDLER_MYSQL=${SOLR_DATAIMPORTHANDLER_MYSQL} + - SOLR_DATAIMPORTHANDLER_MSSQL=${SOLR_DATAIMPORTHANDLER_MSSQL} + volumes: + - ${DATA_PATH_HOST}/solr:/opt/solr/server/solr/mycores + ports: + - "${SOLR_PORT}:8983" + networks: + - backend + +### Thumbor ######################################### + thumbor: + build: ./thumbor + volumes: + - ${DATA_PATH_HOST}/thumbor/data:/data + - ${DATA_PATH_HOST}/thumbor/data:/logs + ports: + - "${THUMBOR_PORT}:8000" + environment: + - THUMBOR_LOG_FORMAT=${THUMBOR_LOG_FORMAT} + - THUMBOR_LOG_DATE_FORMAT=${THUMBOR_LOG_DATE_FORMAT} + - MAX_WIDTH=${MAX_WIDTH} + - MAX_HEIGHT=${MAX_HEIGHT} + - MIN_WIDTH=${MIN_WIDTH} + - MIN_HEIGHT=${MIN_HEIGHT} + - ALLOWED_SOURCES=${ALLOWED_SOURCES} + - QUALITY=${QUALITY} + - WEBP_QUALITY=${WEBP_QUALITY} + - PNG_COMPRESSION_LEVEL=${PNG_COMPRESSION_LEVEL} + - AUTO_WEBP=${AUTO_WEBP} + - MAX_AGE=${MAX_AGE} + - MAX_AGE_TEMP_IMAGE=${MAX_AGE_TEMP_IMAGE} + - RESPECT_ORIENTATION=${RESPECT_ORIENTATION} + - IGNORE_SMART_ERRORS=${IGNORE_SMART_ERRORS} + - PRESERVE_EXIF_INFO=${PRESERVE_EXIF_INFO} + - ALLOW_ANIMATED_GIFS=${ALLOW_ANIMATED_GIFS} + - USE_GIFSICLE_ENGINE=${USE_GIFSICLE_ENGINE} + - USE_BLACKLIST=${USE_BLACKLIST} + - LOADER=${LOADER} + - STORAGE=${STORAGE} + - AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} + - AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} + - RESULT_STORAGE=${RESULT_STORAGE} + - ENGINE=${ENGINE} + - SECURITY_KEY=${SECURITY_KEY} + - ALLOW_UNSAFE_URL=${ALLOW_UNSAFE_URL} + - ALLOW_OLD_URLS=${ALLOW_OLD_URLS} + - FILE_LOADER_ROOT_PATH=${FILE_LOADER_ROOT_PATH} + - HTTP_LOADER_CONNECT_TIMEOUT=${HTTP_LOADER_CONNECT_TIMEOUT} + - HTTP_LOADER_REQUEST_TIMEOUT=${HTTP_LOADER_REQUEST_TIMEOUT} + - HTTP_LOADER_FOLLOW_REDIRECTS=${HTTP_LOADER_FOLLOW_REDIRECTS} + - HTTP_LOADER_MAX_REDIRECTS=${HTTP_LOADER_MAX_REDIRECTS} + - HTTP_LOADER_FORWARD_USER_AGENT=${HTTP_LOADER_FORWARD_USER_AGENT} + - HTTP_LOADER_DEFAULT_USER_AGENT=${HTTP_LOADER_DEFAULT_USER_AGENT} + - HTTP_LOADER_PROXY_HOST=${HTTP_LOADER_PROXY_HOST} + - HTTP_LOADER_PROXY_PORT=${HTTP_LOADER_PROXY_PORT} + - HTTP_LOADER_PROXY_USERNAME=${HTTP_LOADER_PROXY_USERNAME} + - HTTP_LOADER_PROXY_PASSWORD=${HTTP_LOADER_PROXY_PASSWORD} + - HTTP_LOADER_CA_CERTS=${HTTP_LOADER_CA_CERTS} + - HTTP_LOADER_VALIDATE_CERTS=${HTTP_LOADER_VALIDATE_CERTS} + - HTTP_LOADER_CLIENT_KEY=${HTTP_LOADER_CLIENT_KEY} + - HTTP_LOADER_CLIENT_CERT=${HTTP_LOADER_CLIENT_CERT} + - HTTP_LOADER_CURL_ASYNC_HTTP_CLIENT=${HTTP_LOADER_CURL_ASYNC_HTTP_CLIENT} + - STORAGE_EXPIRATION_SECONDS=${STORAGE_EXPIRATION_SECONDS} + - STORES_CRYPTO_KEY_FOR_EACH_IMAGE=${STORES_CRYPTO_KEY_FOR_EACH_IMAGE} + - FILE_STORAGE_ROOT_PATH=${FILE_STORAGE_ROOT_PATH} + - UPLOAD_MAX_SIZE=${UPLOAD_MAX_SIZE} + - UPLOAD_ENABLED=${UPLOAD_ENABLED} + - UPLOAD_PHOTO_STORAGE=${UPLOAD_PHOTO_STORAGE} + - UPLOAD_DELETE_ALLOWED=${UPLOAD_DELETE_ALLOWED} + - UPLOAD_PUT_ALLOWED=${UPLOAD_PUT_ALLOWED} + - UPLOAD_DEFAULT_FILENAME=${UPLOAD_DEFAULT_FILENAME} + - MONGO_STORAGE_SERVER_HOST=${MONGO_STORAGE_SERVER_HOST} + - MONGO_STORAGE_SERVER_PORT=${MONGO_STORAGE_SERVER_PORT} + - MONGO_STORAGE_SERVER_DB=${MONGO_STORAGE_SERVER_DB} + - MONGO_STORAGE_SERVER_COLLECTION=${MONGO_STORAGE_SERVER_COLLECTION} + - REDIS_STORAGE_SERVER_HOST=${REDIS_STORAGE_SERVER_HOST} + - REDIS_STORAGE_SERVER_PORT=${REDIS_STORAGE_SERVER_PORT} + - REDIS_STORAGE_SERVER_DB=${REDIS_STORAGE_SERVER_DB} + - REDIS_STORAGE_SERVER_PASSWORD=${REDIS_STORAGE_SERVER_PASSWORD} + - REDIS_RESULT_STORAGE_SERVER_HOST=${REDIS_RESULT_STORAGE_SERVER_HOST} + - REDIS_RESULT_STORAGE_SERVER_PORT=${REDIS_RESULT_STORAGE_SERVER_PORT} + - REDIS_RESULT_STORAGE_SERVER_DB=${REDIS_RESULT_STORAGE_SERVER_DB} + - REDIS_RESULT_STORAGE_SERVER_PASSWORD=${REDIS_RESULT_STORAGE_SERVER_PASSWORD} + - MEMCACHE_STORAGE_SERVERS=${MEMCACHE_STORAGE_SERVERS} + - MIXED_STORAGE_FILE_STORAGE=${MIXED_STORAGE_FILE_STORAGE} + - MIXED_STORAGE_CRYPTO_STORAGE=${MIXED_STORAGE_CRYPTO_STORAGE} + - MIXED_STORAGE_DETECTOR_STORAGE=${MIXED_STORAGE_DETECTOR_STORAGE} + - META_CALLBACK_NAME=${META_CALLBACK_NAME} + - DETECTORS=${DETECTORS} + - FACE_DETECTOR_CASCADE_FILE=${FACE_DETECTOR_CASCADE_FILE} + - OPTIMIZERS=${OPTIMIZERS} + - JPEGTRAN_PATH=${JPEGTRAN_PATH} + - PROGRESSIVE_JPEG=${PROGRESSIVE_JPEG} + - RESULT_STORAGE_EXPIRATION_SECONDS=${RESULT_STORAGE_EXPIRATION_SECONDS} + - RESULT_STORAGE_FILE_STORAGE_ROOT_PATH=${RESULT_STORAGE_FILE_STORAGE_ROOT_PATH} + - RESULT_STORAGE_STORES_UNSAFE=${RESULT_STORAGE_STORES_UNSAFE} + - REDIS_QUEUE_SERVER_HOST=${REDIS_QUEUE_SERVER_HOST} + - REDIS_QUEUE_SERVER_PORT=${REDIS_QUEUE_SERVER_PORT} + - REDIS_QUEUE_SERVER_DB=${REDIS_QUEUE_SERVER_DB} + - REDIS_QUEUE_SERVER_PASSWORD=${REDIS_QUEUE_SERVER_PASSWORD} + - SQS_QUEUE_KEY_ID=${SQS_QUEUE_KEY_ID} + - SQS_QUEUE_KEY_SECRET=${SQS_QUEUE_KEY_SECRET} + - SQS_QUEUE_REGION=${SQS_QUEUE_REGION} + - USE_CUSTOM_ERROR_HANDLING=${USE_CUSTOM_ERROR_HANDLING} + - ERROR_HANDLER_MODULE=${ERROR_HANDLER_MODULE} + - ERROR_FILE_LOGGER=${ERROR_FILE_LOGGER} + - ERROR_FILE_NAME_USE_CONTEXT=${ERROR_FILE_NAME_USE_CONTEXT} + - SENTRY_DSN_URL=${SENTRY_DSN_URL} + - TC_AWS_REGION=${TC_AWS_REGION} + - TC_AWS_ENDPOINT=${TC_AWS_ENDPOINT} + - TC_AWS_STORAGE_BUCKET=${TC_AWS_STORAGE_BUCKET} + - TC_AWS_STORAGE_ROOT_PATH=${TC_AWS_STORAGE_ROOT_PATH} + - TC_AWS_LOADER_BUCKET=${TC_AWS_LOADER_BUCKET} + - TC_AWS_LOADER_ROOT_PATH=${TC_AWS_LOADER_ROOT_PATH} + - TC_AWS_RESULT_STORAGE_BUCKET=${TC_AWS_RESULT_STORAGE_BUCKET} + - TC_AWS_RESULT_STORAGE_ROOT_PATH=${TC_AWS_RESULT_STORAGE_ROOT_PATH} + - TC_AWS_STORAGE_SSE=${TC_AWS_STORAGE_SSE} + - TC_AWS_STORAGE_RRS=${TC_AWS_STORAGE_RRS} + - TC_AWS_ENABLE_HTTP_LOADER=${TC_AWS_ENABLE_HTTP_LOADER} + - TC_AWS_ALLOWED_BUCKETS=${TC_AWS_ALLOWED_BUCKETS} + - TC_AWS_STORE_METADATA=${TC_AWS_STORE_METADATA} + networks: + - frontend + - backend + +### AWS EB-CLI ################################################ + aws: + build: + context: ./aws-eb-cli + volumes: + - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}${APP_CODE_CONTAINER_FLAG} + depends_on: + - workspace + tty: true + +### Portainer ################################################ + portainer: + build: + context: ./portainer + volumes: + - ${DATA_PATH_HOST}/portainer_data:/data + - /var/run/docker.sock:/var/run/docker.sock + extra_hosts: + - "dockerhost:${DOCKER_HOST_IP}" + ports: + - 9010:9000 + networks: + - backend + +### Gitlab ################################################ + gitlab: + build: + context: ./gitlab + environment: + GITLAB_OMNIBUS_CONFIG: | + external_url '${GITLAB_DOMAIN_NAME}' + redis['enable'] = false + nginx['listen_https'] = false + nginx['listen_port'] = 80 + nginx['custom_gitlab_server_config'] = "set_real_ip_from 172.0.0.0/8;\nreal_ip_header X-Real-IP;\nreal_ip_recursive on;" + postgresql['enable'] = false + gitlab_rails['trusted_proxies'] = ['caddy','nginx','apache2'] + gitlab_rails['redis_host'] = 'redis' + gitlab_rails['redis_database'] = 8 + gitlab_rails['db_host'] = '${GITLAB_POSTGRES_HOST}' + gitlab_rails['db_username'] = '${GITLAB_POSTGRES_USER}' + gitlab_rails['db_password'] = '${GITLAB_POSTGRES_PASSWORD}' + gitlab_rails['db_database'] = '${GITLAB_POSTGRES_DB}' + gitlab_rails['initial_root_password'] = '${GITLAB_ROOT_PASSWORD}' + gitlab_rails['gitlab_shell_ssh_port'] = ${GITLAB_HOST_SSH_PORT} + volumes: + - ${DATA_PATH_HOST}/gitlab/config:/etc/gitlab + - ${DATA_PATH_HOST}/gitlab/data:/var/opt/gitlab + - ${GITLAB_HOST_LOG_PATH}:/var/log/gitlab + ports: + - "${GITLAB_HOST_HTTP_PORT}:80" + - "${GITLAB_HOST_HTTPS_PORT}:443" + - "${GITLAB_HOST_SSH_PORT}:22" + networks: + - backend + depends_on: + - redis + - postgres + gitlab-runner: + image: gitlab/gitlab-runner:latest + environment: + - CI_SERVER_URL=${GITLAB_CI_SERVER_URL} + - REGISTRATION_TOKEN=${GITLAB_RUNNER_REGISTRATION_TOKEN} + - RUNNER_NAME=${COMPOSE_PROJECT_NAME}-runner + - REGISTER_NON_INTERACTIVE=${GITLAB_REGISTER_NON_INTERACTIVE} + - RUNNER_EXECUTOR=shell + volumes: + - ${DATA_PATH_HOST}/gitlab/runner:/etc/gitlab-runner + - /var/run/docker.sock:/var/run/docker.sock:rw + +### JupyterHub ######################################### + jupyterhub: + build: + context: ./jupyterhub + depends_on: + - postgres + - jupyterhub-user + volumes: + - /var/run/docker.sock:/var/run/docker.sock:rw + - ${DATA_PATH_HOST}/jupyterhub/:/data + - ${JUPYTERHUB_CUSTOM_CONFIG}:/jupyterhub_config.py + - ${JUPYTERHUB_USER_DATA}:/user-data + - ${JUPYTERHUB_USER_LIST}:/userlist + networks: + - backend + ports: + - "${JUPYTERHUB_PORT}:80" + environment: + - TERM=xterm + - JUPYTERHUB_USER_DATA=${JUPYTERHUB_USER_DATA} + - JUPYTERHUB_POSTGRES_DB=${JUPYTERHUB_POSTGRES_DB} + - JUPYTERHUB_POSTGRES_USER=${JUPYTERHUB_POSTGRES_USER} + - JUPYTERHUB_POSTGRES_HOST=${JUPYTERHUB_POSTGRES_HOST} + - JUPYTERHUB_POSTGRES_PASSWORD=${JUPYTERHUB_POSTGRES_PASSWORD} + - JUPYTERHUB_OAUTH_CALLBACK_URL=${JUPYTERHUB_OAUTH_CALLBACK_URL} + - JUPYTERHUB_OAUTH_CLIENT_ID=${JUPYTERHUB_OAUTH_CLIENT_ID} + - JUPYTERHUB_OAUTH_CLIENT_SECRET=${JUPYTERHUB_OAUTH_CLIENT_SECRET} + - JUPYTERHUB_LOCAL_NOTEBOOK_IMAGE=${COMPOSE_PROJECT_NAME}_jupyterhub-user + - JUPYTERHUB_ENABLE_NVIDIA=${JUPYTERHUB_ENABLE_NVIDIA} + jupyterhub-user: + build: + context: ./jupyterhub + dockerfile: Dockerfile.user + command: ["sh", "-c", "echo \"build only\""] + +### IPython ######################################### + ipython-controller: + build: + context: ./ipython + dockerfile: Dockerfile.controller + networks: + - backend + extra_hosts: + - "laradock-ipython:${LARADOCK_IPYTHON_CONTROLLER_IP}" + ports: + - "33327-33338:33327-33338" + ipython-engine: + build: + context: ./ipython + dockerfile: Dockerfile.engine + networks: + - backend + extra_hosts: + - "laradock-ipython:${LARADOCK_IPYTHON_CONTROLLER_IP}" + +### Docker-in-Docker ################################################ + docker-in-docker: + image: docker:19.03-dind + environment: + DOCKER_TLS_SAN: DNS:docker-in-docker + privileged: true + volumes: + - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER} + - docker-in-docker:/certs/client + expose: + - 2375 + networks: + - backend + +### NetData ################################################ + netdata: + image: netdata/netdata:latest + cap_add: + - SYS_PTRACE + volumes: + - /proc:/host/proc:ro + - /sys:/host/sys:ro + - /var/run/docker.sock:/var/run/docker.sock:ro + ports: + - "${NETDATA_PORT}:19999" + networks: + - backend + +### REDISWEBUI ################################################ + redis-webui: + build: + context: ./redis-webui + environment: + - ADMIN_USER=${REDIS_WEBUI_USERNAME} + - ADMIN_PASS=${REDIS_WEBUI_PASSWORD} + - REDIS_1_HOST=${REDIS_WEBUI_CONNECT_HOST} + - REDIS_1_PORT=${REDIS_WEBUI_CONNECT_PORT} + networks: + - backend + ports: + - "${REDIS_WEBUI_PORT}:80" + depends_on: + - redis + +### MongoWebUI ################################################ + mongo-webui: + build: + context: ./mongo-webui + environment: + - ROOT_URL=${MONGO_WEBUI_ROOT_URL} + - MONGO_URL=${MONGO_WEBUI_MONGO_URL} + - INSTALL_MONGO=${MONGO_WEBUI_INSTALL_MONGO} + volumes: + - ${DATA_PATH_HOST}/mongo-webui:/data/db + ports: + - "${MONGO_WEBUI_PORT}:3000" + networks: + - backend + depends_on: + - mongo + +### Metabase ################################################# + metabase: + image: metabase/metabase:latest + environment: + - MB_DB_FILE=/metabase-data/${METABASE_DB_FILE} + ports: + - ${METABASE_PORT}:3000 + volumes: + - ${DATA_PATH_HOST}/metabase-data:/metabase-data + networks: + - backend + +### IDE-THEIA ################################################ + ide-theia: + build: + context: ./ide-theia + volumes: + - ${APP_CODE_PATH_HOST}:/home/project + ports: + - "${IDE_THEIA_PORT}:3000" + networks: + - backend + +### IDE-WEBIDE ################################################ + ide-webide: + build: + context: ./ide-webide + volumes: + - ${DATA_PATH_HOST}/ide/webide/ide.db:/root/.coding-ide/ide.db + ports: + - "${IDE_WEBIDE_PORT}:8080" + networks: + - backend + +### IDE-CODIAD ################################################ + ide-codiad: + build: + context: ./ide-codiad + environment: + - APP_CODE_PATH_CONTAINER=${APP_CODE_PATH_CONTAINER} + - TZ=${WORKSPACE_TIMEZONE} + - PGID=1000 + - PUID=1000 + volumes: + - /etc/localtime:/etc/localtime:ro + - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER} + - ${DATA_PATH_HOST}/ide/codiad:/config + ports: + - "${IDE_CODIAD_PORT}:80" + networks: + - backend + +### IDE-ICECODER ################################################ + ide-icecoder: + build: + context: ./ide-icecoder + environment: + - DOCUMENT_ROOT=${APP_CODE_PATH_CONTAINER} + - TZ=${WORKSPACE_TIMEZONE} + - PGID=1000 + - PUID=1000 + volumes: + - /etc/localtime:/etc/localtime:ro + - ${APP_CODE_PATH_HOST}:/home/laradock/ICEcoder/dev + ports: + - "${IDE_ICECODER_PORT}:8080" + networks: + - backend + +### DOCKER-REGISTRY ################################################ + docker-registry: + build: + context: ./docker-registry + volumes: + - /etc/localtime:/etc/localtime:ro + - ${DATA_PATH_HOST}/docker-registry:/var/lib/registry + ports: + - "${DOCKER_REGISTRY_PORT}:5000" + networks: + - backend + +### DOCKER-WEB-UI ################################################ + docker-web-ui: + build: + context: ./docker-web-ui + environment: + - TZ=${WORKSPACE_TIMEZONE} + - ENV_DOCKER_REGISTRY_HOST=${DOCKER_WEBUI_REGISTRY_HOST} + - ENV_DOCKER_REGISTRY_PORT=${DOCKER_WEBUI_REGISTRY_PORT} + - ENV_DOCKER_REGISTRY_USE_SSL=${DOCKER_REGISTRY_USE_SSL} + - ENV_MODE_BROWSE_ONLY=${DOCKER_REGISTRY_BROWSE_ONLY} + volumes: + - /etc/localtime:/etc/localtime:ro + ports: + - "${DOCKER_WEBUI_PORT}:80" + networks: + - frontend + - backend + +### MAILU ################################################ + mailu: + image: mailu/admin:${MAILU_VERSION} + volumes: + - "${DATA_PATH_HOST}/mailu/data:/data" + - "${DATA_PATH_HOST}/mailu/dkim:/dkim" + - "${DATA_PATH_HOST}/mailu/webmail:/webmail" + - /var/run/docker.sock:/var/run/docker.sock:ro + depends_on: + - mailu-front + - mailu-imap + - mailu-smtp + - mailu-antispam + - mailu-antivirus + - mailu-webdav + - mailu-admin + - mailu-webmail + - mailu-fetchmail + command: ["sh", "-c", "echo ${MAILU_INIT_ADMIN_USERNAME}@${MAILU_DOMAIN} ${MAILU_INIT_ADMIN_PASSWORD} ;python manage.py advertise ; python manage.py db upgrade ; python manage.py admin ${MAILU_INIT_ADMIN_USERNAME} ${MAILU_DOMAIN} ${MAILU_INIT_ADMIN_PASSWORD} || true;sed -i -- \"s/= Off/= On/g\" /webmail/_data_/_default_/configs/config.ini || true;if grep -Fq \"registration_link_url\" /webmail/_data_/_default_/configs/config.ini;then echo Already set!;else echo \"\" >> /webmail/_data_/_default_/configs/config.ini; echo \"[login]\" >> /webmail/_data_/_default_/configs/config.ini;echo \"registration_link_url = '${MAILU_WEBSITE}${MAILU_WEB_ADMIN}/ui/user/signup'\" >> /webmail/_data_/_default_/configs/config.ini;fi"] + networks: + - backend + mailu-front: + image: mailu/nginx:${MAILU_VERSION} + environment: + - ADMIN=${MAILU_ADMIN} + - WEB_ADMIN=${MAILU_WEB_ADMIN} + - WEB_WEBMAIL=${MAILU_WEB_WEBMAIL} + - WEBDAV=${MAILU_WEBDAV} + - HOSTNAMES=${MAILU_HOSTNAMES} + - TLS_FLAVOR=${MAILU_TLS_FLAVOR} + - MESSAGE_SIZE_LIMIT=${MAILU_MESSAGE_SIZE_LIMIT} + ports: + - "${MAILU_HTTP_PORT}:80" + - "${MAILU_HTTPS_PORT}:443" + - "110:110" + - "143:143" + - "993:993" + - "995:995" + - "25:25" + - "465:465" + - "587:587" + volumes: + - "${DATA_PATH_HOST}/mailu/certs:/certs" + networks: + backend: + aliases: + - front + mailu-imap: + image: mailu/dovecot:${MAILU_VERSION} + environment: + - DOMAIN=${MAILU_DOMAIN} + - HOSTNAMES=${MAILU_HOSTNAMES} + - POSTMASTER=${MAILU_POSTMASTER} + - WEBMAIL=${MAILU_WEBMAIL} + - RECIPIENT_DELIMITER=${MAILU_RECIPIENT_DELIMITER} + volumes: + - "${DATA_PATH_HOST}/mailu/data:/data" + - "${DATA_PATH_HOST}/mailu/mail:/mail" + - "${DATA_PATH_HOST}/mailu/overrides:/overrides" + depends_on: + - mailu-front + networks: + backend: + aliases: + - imap + mailu-smtp: + image: mailu/postfix:${MAILU_VERSION} + environment: + - DOMAIN=${MAILU_DOMAIN} + - HOSTNAMES=${MAILU_HOSTNAMES} + - RELAYHOST=${MAILU_RELAYHOST} + - RELAYNETS=${MAILU_RELAYNETS} + - RECIPIENT_DELIMITER=${MAILU_RECIPIENT_DELIMITER} + - MESSAGE_SIZE_LIMIT=${MAILU_MESSAGE_SIZE_LIMIT} + volumes: + - "${DATA_PATH_HOST}/mailu/data:/data" + - "${DATA_PATH_HOST}/mailu/overrides:/overrides" + depends_on: + - mailu-front + networks: + backend: + aliases: + - smtp + mailu-antispam: + image: mailu/rspamd:${MAILU_VERSION} + volumes: + - "${DATA_PATH_HOST}/mailu/filter:/var/lib/rspamd" + - "${DATA_PATH_HOST}/mailu/dkim:/dkim" + - "${DATA_PATH_HOST}/mailu/overrides/rspamd:/etc/rspamd/override.d" + depends_on: + - mailu-front + networks: + backend: + aliases: + - antispam + mailu-antivirus: + image: mailu/clamav:${MAILU_VERSION} + volumes: + - "${DATA_PATH_HOST}/mailu/filter:/data" + networks: + backend: + aliases: + - antivirus + mailu-webdav: + image: mailu/${MAILU_WEBDAV}:${MAILU_VERSION} + volumes: + - "${DATA_PATH_HOST}/mailu/dav:/data" + networks: + backend: + aliases: + - webdav + mailu-admin: + image: mailu/admin:${MAILU_VERSION} + environment: + - DOMAIN=${MAILU_DOMAIN} + - HOSTNAMES=${MAILU_HOSTNAMES} + - POSTMASTER=${MAILU_POSTMASTER} + - SECRET_KEY=${MAILU_SECRET_KEY} + - AUTH_RATELIMIT=${MAILU_AUTH_RATELIMIT} + - TLS_FLAVOR=${MAILU_TLS_FLAVOR} + - DISABLE_STATISTICS=${MAILU_DISABLE_STATISTICS} + - DMARC_RUA=${MAILU_DMARC_RUA} + - DMARC_RUF=${MAILU_DMARC_RUF} + - WELCOME=${MAILU_WELCOME} + - WELCOME_SUBJECT=${MAILU_WELCOME_SUBJECT} + - WELCOME_BODY=${MAILU_WELCOME_BODY} + - WEB_ADMIN=${MAILU_WEB_ADMIN} + - WEB_WEBMAIL=${MAILU_WEB_WEBMAIL} + - WEBSITE=${MAILU_WEBSITE} + - WEBMAIL=${MAILU_WEBMAIL} + - SITENAME=${MAILU_SITENAME} + - PASSWORD_SCHEME=${MAILU_PASSWORD_SCHEME} + - RECAPTCHA_PUBLIC_KEY=${MAILU_RECAPTCHA_PUBLIC_KEY} + - RECAPTCHA_PRIVATE_KEY=${MAILU_RECAPTCHA_PRIVATE_KEY} + volumes: + - "${DATA_PATH_HOST}/mailu/data:/data" + - "${DATA_PATH_HOST}/mailu/dkim:/dkim" + - /var/run/docker.sock:/var/run/docker.sock:ro + depends_on: + - redis + networks: + backend: + aliases: + - admin + mailu-webmail: + image: "mailu/${MAILU_WEBMAIL}:${MAILU_VERSION}" + volumes: + - "${DATA_PATH_HOST}/mailu/webmail:/data" + networks: + backend: + aliases: + - webmail + mailu-fetchmail: + image: mailu/fetchmail:${MAILU_VERSION} + environment: + - FETCHMAIL_DELAY=${MAILU_FETCHMAIL_DELAY} + volumes: + - "${DATA_PATH_HOST}/mailu/data:/data" + networks: + backend: + aliases: + - fetchmail + +### TRAEFIK ######################################### + traefik: + build: + context: ./traefik + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - ./traefik/data:/data + command: + - "--api" + - "--providers.docker.exposedbydefault=false" + - "--accesslog.filepath=/data/access.log" + # entrypoints + - "--entrypoints.http.address=:${TRAEFIK_HOST_HTTP_PORT}" + - "--entrypoints.http.http.redirections.entrypoint.to=https" + - "--entrypoints.https.address=:${TRAEFIK_HOST_HTTPS_PORT}" + - "--entrypoints.traefik.address=:${TRAEFIK_DASHBOARD_PORT}" + # certificatesresolvers + - "--certificatesresolvers.letsencrypt.acme.email=${ACME_EMAIL}" + - "--certificatesresolvers.letsencrypt.acme.storage=/data/acme.json" + - "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=http" + ports: + - "${TRAEFIK_HOST_HTTP_PORT}:${TRAEFIK_HOST_HTTP_PORT}" + - "${TRAEFIK_HOST_HTTPS_PORT}:${TRAEFIK_HOST_HTTPS_PORT}" + - "${TRAEFIK_DASHBOARD_PORT}:${TRAEFIK_DASHBOARD_PORT}" + networks: + - frontend + - backend + labels: + - "traefik.enable=true" + - "traefik.http.routers.traefik.rule=Host(`${ACME_DOMAIN}`)" + - "traefik.http.routers.traefik.entrypoints=traefik" + - "traefik.http.routers.traefik.service=api@internal" + - "traefik.http.routers.traefik.middlewares=access-auth" + - "traefik.http.routers.traefik.tls.certresolver=letsencrypt" + - "traefik.http.middlewares.access-auth.basicauth.realm=Login Required" + - "traefik.http.middlewares.access-auth.basicauth.users=${TRAEFIK_DASHBOARD_USER}" + +### MOSQUITTO Broker ######################################### + mosquitto: + build: + context: ./mosquitto + volumes: + - ${DATA_PATH_HOST}/mosquitto/data:/mosquitto/data + ports: + - "${MOSQUITTO_PORT}:9001" + networks: + - frontend + - backend + +### COUCHDB ################################################### + couchdb: + build: + context: ./couchdb + volumes: + - ${DATA_PATH_HOST}/couchdb/data:/opt/couchdb/data + ports: + - "${COUCHDB_PORT}:5984" + networks: + - backend + +### Manticore Search ########################################### + manticore: + build: + context: ./manticore + volumes: + - ${MANTICORE_CONFIG_PATH}:/etc/sphinxsearch + - ${DATA_PATH_HOST}/manticore/data:/var/lib/manticore/data + - ${DATA_PATH_HOST}/manticore/log:/var/log/manticore + ports: + - "${MANTICORE_API_PORT}:9312" + - "${MANTICORE_SPHINXQL_PORT}:9306" + - "${MANTICORE_HTTP_PORT}:9308" + networks: + - backend + +### SONARQUBE ################################################ + sonarqube: + build: + context: ./sonarqube + hostname: "${SONARQUBE_HOSTNAME}" + volumes: + - ${DATA_PATH_HOST}/sonarqube/conf:/opt/sonarqube/conf + - ${DATA_PATH_HOST}/sonarqube/data:/opt/sonarqube/data + - ${DATA_PATH_HOST}/sonarqube/logs:/opt/sonarqube/logs + - ${DATA_PATH_HOST}/sonarqube/extensions:/opt/sonarqube/extensions + - ${DATA_PATH_HOST}/sonarqube/plugins:/opt/sonarqube/lib/bundled-plugins + ports: + - ${SONARQUBE_PORT}:9000 + depends_on: + - postgres + environment: + - sonar.jdbc.username=${SONARQUBE_POSTGRES_USER} + - sonar.jdbc.password=${SONARQUBE_POSTGRES_PASSWORD} + - sonar.jdbc.url=jdbc:postgresql://${SONARQUBE_POSTGRES_HOST}:5432/${SONARQUBE_POSTGRES_DB} + networks: + - backend + - frontend + +### CONFLUENCE ################################################ + confluence: + container_name: Confluence + image: atlassian/confluence-server:${CONFLUENCE_VERSION} + restart: always + ports: + - "${CONFLUENCE_HOST_HTTP_PORT}:8090" + networks: + - frontend + - backend + depends_on: + - postgres + volumes: + - ${DATA_PATH_HOST}/Confluence:/var/atlassian/application-data + +### tomcat #################################################### + tomcat: + container_name: tomcat + image: tomcat:${TOMCAT_VERSION} + ports: + - "${TOMCAT_HOST_HTTP_PORT}:8080" + networks: + - frontend + - backend + volumes: + - ${DATA_PATH_HOST}/tomcat/webapps:/usr/local/tomcat/webapps + - ${DATA_PATH_HOST}/tomcat/logs:/usr/local/tomcat/logs + # restart: always + diff --git a/compose/docker-composer-2.yml b/compose/docker-composer-2.yml new file mode 100644 index 00000000..b216a9dc --- /dev/null +++ b/compose/docker-composer-2.yml @@ -0,0 +1,97 @@ +version: "3" +services: + php72: + build: + context: . + args: + PHP_VERSION: 7.2 + container_name: php72 + restart: always + working_dir: /var/www + volumes: + - ~/.ssh:/root/.ssh/ + - ${WEB_ROOT}:/var/www:cached + - ${COMPOSER}/php72:/root/.composer/ + - ${PHP72_INI}:/usr/local/etc/php/php.ini + environment: + TZ: "$TZ" + WEB_ENV: "local" # 信用飞项目使用 + ports: # hexo 需要 4000 端口 + - 4000:4000 + extra_hosts: + - fund-api.test:172.20.128.2 + - xyf-pay-system.test:172.20.128.2 + - shoufuyou-pay-gateway.test:172.20.128.2 + - xyf-middleground-system.test:172.20.128.2 + networks: + static-network: + + # php73: + # build: + # context: . + # args: + # PHP_VERSION: 7.3 + # container_name: php73 + # restart: always + # working_dir: /var/www + # volumes: + # - ${WEB_ROOT}:/var/www + # - ${COMPOSER}/php73:/root/.composer/ + # - ${PHP73_INI}:/usr/local/etc/php/php.ini + # environment: + # TZ: "$TZ" + # ports: + # - 9501:9501 + # networks: + # static-network: + + nginx: + image: nginx:alpine + container_name: nginx + restart: always + volumes: + - ${WEB_ROOT}:/var/www:cached # 需要和 php 的目录一致 + - ${NGINX_CONF}:/etc/nginx/conf.d # nginx 配置 + - ${LOG}/nginx:/var/log/nginx/ # nginx 日志 + ports: + - ${NGINX_PORT}:80 + environment: + TZ: "$TZ" + networks: + static-network: + ipv4_address: 172.20.128.2 + + mysql: + image: mysql:${MYSQL_VERSION} + container_name: mysql + volumes: + - ${MYSQL_DATA}:/var/lib/mysql + restart: always + environment: + MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD} + MYSQL_USER: ${MYSQL_USER} + MYSQL_PASSWORD: ${MYSQL_PASSWORD} + TZ: "$TZ" + ports: + - ${MYSQL_PORT}:3306 + networks: + static-network: + + redis: + image: redis:${REDIS_VERSION} + container_name: redis + restart: always + volumes: + - ${REDIS_DATA}:/data + - ${REDIS_CONF}:/usr/local/etc/redis/redis.conf + ports: + - ${REDIS_PORT}:6379 + command: [ redis-server, "/usr/local/etc/redis/redis.conf" ] + networks: + static-network: + +networks: + static-network: + ipam: + config: + - subnet: 172.20.0.0/16 \ No newline at end of file diff --git a/compose/docker-composer-3.yml b/compose/docker-composer-3.yml new file mode 100644 index 00000000..708954e6 --- /dev/null +++ b/compose/docker-composer-3.yml @@ -0,0 +1,81 @@ +version: '3' +services: + app: + cap_add: + - SYS_PTRACE +# image: zdzserver/lnmp-app # 使用已有的镜像(快速) +# build: # 自己构建(php安装扩展越多,越慢) +# context: . +# args: +# TZ: ${TZ} +# ALPINE_REPOSITORIES: ${ALPINE_REPOSITORIES} +# PHP_VERSION: ${PHP_VERSION:-7.4.3} +# PHP_EXTENSIONS: ${PHP_EXTENSIONS}} + ports: + - 80:80 + - 433:433 + restart: always + volumes: + - ${WEB_DIR:-/srv/www}:/srv/www + - ./php/php.ini:/usr/local/etc/php/conf.d/my.ini + - ./php/php-fpm.conf:/usr/local/etc/php-fpm.d/zz-docker.conf + - ./nginx/conf.d:/etc/nginx/conf.d/ + - ./nginx/nginx.conf:/etc/nginx/nginx.conf + - ./nginx/extend:/etc/nginx/extend + - ./log/php:/var/log/php + - ./log/nginx:/var/log/nginx + networks: + - default + mysql: + image: mysql:${MYSQL_IMAGE_VERSION:-latest} + ports: + - 3306:3306 + restart: always + volumes: + - ./mysql/conf/mysql.cnf:/etc/mysql/conf.d/mysql.cnf:ro + - ./log/mysql:/var/log/mysql/:rw + - ./mysql/data:/var/lib/mysql/:rw + environment: + MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD} + TZ: ${TZ} + networks: + - default + redis: + image: redis:${REDIS_IMAGE_VERSION:-latest} + ports: + - 6379:6379 + restart: always + volumes: + - ./redis/data:/data:rw + - ./redis/conf/redis.conf:/etc/redis.conf:ro + - ./log/redis:/var/log/redis + command: ["redis-server", "/etc/redis.conf"] + networks: + - default + environment: + TZ: ${TZ} + mongo: + image: mongo:${MONGO_IMAGE_VERSION:-latest} + ports: + - 27017:27017 + restart: always + volumes: + - ./mongo/conf/mongod.yml:/etc/mongod.conf:rw + - ./log/mongo:/var/log/mongo + environment: + TZ: ${TZ} + MONGO_INITDB_ROOT_USERNAME: ${MONGO_INITDB_ROOT_USERNAME} + MONGO_INITDB_ROOT_PASSWORD: ${MONGO_INITDB_ROOT_PASSWORD} + # 配置文件 换行符不能是CRLF和CR + command: mongod --config /etc/mongod.conf + networks: + - default + mongo-express: + image: mongo-express:${MONGO_EXPRESS_IMAGE_VERSION:-latest} + ports: + - 8081:8081 + environment: + ME_CONFIG_MONGODB_ADMINUSERNAME: ${MONGO_INITDB_ROOT_USERNAME} + ME_CONFIG_MONGODB_ADMINPASSWORD: ${MONGO_INITDB_ROOT_PASSWORD} + networks: + - default \ No newline at end of file diff --git a/compose/docker-composer-4.yml b/compose/docker-composer-4.yml new file mode 100644 index 00000000..2ba30c9b --- /dev/null +++ b/compose/docker-composer-4.yml @@ -0,0 +1,329 @@ +version: "3" +services: + nginx: + build: + context: ./services/nginx + args: + NGINX_VERSION: nginx:${NGINX_VERSION} + CONTAINER_PACKAGE_URL: ${CONTAINER_PACKAGE_URL} + NGINX_INSTALL_APPS: ${NGINX_INSTALL_APPS} + container_name: nginx + ports: + - "${NGINX_HTTP_HOST_PORT}:80" + - "${NGINX_HTTPS_HOST_PORT}:443" + volumes: + - ${SOURCE_DIR}:/www/:rw + - ${NGINX_SSL_CERTIFICATE_DIR}:/ssl:rw + - ${NGINX_CONFD_DIR}:/etc/nginx/conf.d/:rw + - ${NGINX_CONF_FILE}:/etc/nginx/nginx.conf:ro + - ${NGINX_FASTCGI_PHP_CONF}:/etc/nginx/fastcgi-php.conf:ro + - ${NGINX_FASTCGI_PARAMS}:/etc/nginx/fastcgi_params:ro + - ${NGINX_LOG_DIR}:/var/log/nginx/:rw + environment: + TZ: "$TZ" + restart: always + networks: + - default + + php: + build: + context: ./services/php + args: + PHP_VERSION: php:${PHP_VERSION}-fpm-alpine + CONTAINER_PACKAGE_URL: ${CONTAINER_PACKAGE_URL} + PHP_EXTENSIONS: ${PHP_EXTENSIONS} + TZ: "$TZ" + container_name: php + expose: + - 9501 + extra_hosts: + - "www.site1.com:172.17.0.1" + volumes: + - ${SOURCE_DIR}:/www/:rw + - ${PHP_PHP_CONF_FILE}:/usr/local/etc/php/php.ini:ro + - ${PHP_FPM_CONF_FILE}:/usr/local/etc/php-fpm.d/www.conf:rw + - ${PHP_LOG_DIR}:/var/log/php + - ${DATA_DIR}/composer:/tmp/composer + restart: always + cap_add: + - SYS_PTRACE + networks: + - default + +# php56: +# build: +# context: ./services/php +# args: +# PHP_VERSION: php:${PHP56_VERSION}-fpm-alpine +# CONTAINER_PACKAGE_URL: ${CONTAINER_PACKAGE_URL} +# PHP_EXTENSIONS: ${PHP56_EXTENSIONS} +# TZ: "$TZ" +# container_name: php56 +# expose: +# - 9501 +# volumes: +# - ${SOURCE_DIR}:/www/:rw +# - ${PHP56_PHP_CONF_FILE}:/usr/local/etc/php/php.ini:ro +# - ${PHP56_FPM_CONF_FILE}:/usr/local/etc/php-fpm.d/www.conf:rw +# - ${PHP56_LOG_DIR}:/var/log/php +# - ${DATA_DIR}/composer:/tmp/composer +# restart: always +# cap_add: +# - SYS_PTRACE +# networks: +# - default + +# php54: +# build: +# context: ./services/php54 +# args: +# PHP_VERSION: php:${PHP54_VERSION}-fpm +# CONTAINER_PACKAGE_URL: ${CONTAINER_PACKAGE_URL} +# PHP_EXTENSIONS: ${PHP54_EXTENSIONS} +# TZ: "$TZ" +# container_name: php54 +# volumes: +# - ${SOURCE_DIR}:/www/:rw +# - ${PHP54_PHP_CONF_FILE}:/usr/local/etc/php/php.ini:ro +# - ${PHP54_FPM_CONF_FILE}:/usr/local/etc/php-fpm.d/www.conf:rw +# - ${PHP54_LOG_DIR}:/var/log/php +# - ${DATA_DIR}/composer:/tmp/composer +# restart: always +# cap_add: +# - SYS_PTRACE +# networks: +# - default + + mysql: + image: mysql:${MYSQL_VERSION} + container_name: mysql + ports: + - "${MYSQL_HOST_PORT}:3306" + volumes: + - ${MYSQL_CONF_FILE}:/etc/mysql/conf.d/mysql.cnf:ro + - ${DATA_DIR}/mysql:/var/lib/mysql/:rw + restart: always + networks: + - default + environment: + MYSQL_ROOT_PASSWORD: "${MYSQL_ROOT_PASSWORD}" + TZ: "$TZ" + +# mysql5: +# image: mysql:${MYSQL5_VERSION} +# container_name: mysql5 +# ports: +# - "${MYSQL5_HOST_PORT}:3306" +# volumes: +# - ${MYSQL5_CONF_FILE}:/etc/mysql/conf.d/mysql.cnf:ro +# - ${DATA_DIR}/mysql5:/var/lib/mysql/:rw +# restart: always +# networks: +# - default +# environment: +# MYSQL_ROOT_PASSWORD: "${MYSQL5_ROOT_PASSWORD}" +# TZ: "$TZ" + +# openresty: +# image: openresty/openresty:${OPENRESTY_VERSION} +# container_name: openresty +# ports: +# - "${OPENRESTY_HTTP_HOST_PORT}:80" +# - "${OPENRESTY_HTTPS_HOST_PORT}:443" +# volumes: +# - ${SOURCE_DIR}:/www/:rw +# - ${OPENRESTY_CONFD_DIR}:/etc/nginx/conf.d/:ro +# - ${OPENRESTY_SSL_CERTIFICATE_DIR}:/ssl:rw +# - ${OPENRESTY_CONF_FILE}:/usr/local/openresty/nginx/conf/nginx.conf:ro +# - ${OPENRESTY_FASTCGI_PHP_CONF}:/usr/local/openresty/nginx/conf/fastcgi-php.conf:ro +# - ${OPENRESTY_CONF_FASTCGIPARAMS_FILE}:/usr/local/openresty/nginx/conf/fastcgi_params:ro +# - ${OPENRESTY_LOG_DIR}:/var/log/nginx/:rw +# environment: +# TZ: "$TZ" +# networks: +# - default + +# redis: +# image: redis:${REDIS_VERSION} +# container_name: redis +# ports: +# - "${REDIS_HOST_PORT}:6379" +# volumes: +# - ${REDIS_CONF_FILE}:/etc/redis.conf:ro +# - ${DATA_DIR}/redis:/data/:rw +# restart: always +# entrypoint: ["redis-server", "/etc/redis.conf"] +# environment: +# TZ: "$TZ" +# networks: +# - default + +# memcached: +# image: memcached:${MEMCACHED_VERSION} +# container_name: memcached +# ports: +# - "${MEMCACHED_HOST_PORT}:11211" +# environment: +# MEMCACHED_CACHE_SIZE: "${MEMCACHED_CACHE_SIZE}" +# networks: +# - default + +# rabbitmq: +# image: rabbitmq:${RABBITMQ_VERSION} +# container_name: rabbitmq +# restart: always +# ports: +# - "${RABBITMQ_HOST_PORT_C}:5672" +# - "${RABBITMQ_HOST_PORT_S}:15672" +# environment: +# TZ: "$TZ" +# RABBITMQ_DEFAULT_USER: "${RABBITMQ_DEFAULT_USER}" +# RABBITMQ_DEFAULT_PASS: "${RABBITMQ_DEFAULT_PASS}" +# networks: +# - default + +# phpmyadmin: +# image: phpmyadmin/phpmyadmin:latest +# container_name: phpmyadmin +# ports: +# - "${PHPMYADMIN_HOST_PORT}:80" +# volumes: +# - ${PHPMYADMIN_USER_CONF_FILE}:/etc/phpmyadmin/config.user.inc.php:ro +# - ${PHPMYADMIN_PHP_CONF_FILE}:/usr/local/etc/php/conf.d/php-phpmyadmin.ini:ro +# networks: +# - default +# environment: +# - PMA_HOST=mysql +# - PMA_PORT=3306 +# - TZ=$TZ + +# phpredisadmin: +# image: erikdubbelboer/phpredisadmin:latest +# container_name: phpredisadmin +# ports: +# - "${REDISMYADMIN_HOST_PORT}:80" +# networks: +# - default +# environment: +# - REDIS_1_HOST=redis +# - REDIS_1_PORT=6379 +# - TZ=$TZ + +# mongodb: +# image: mongo:${MONGODB_VERSION} +# container_name: mongodb +# environment: +# MONGO_INITDB_ROOT_USERNAME: "${MONGODB_INITDB_ROOT_USERNAME}" +# MONGO_INITDB_ROOT_PASSWORD: "${MONGODB_INITDB_ROOT_PASSWORD}" +# TZ: "$TZ" +# volumes: +# - ${DATA_DIR}/mongo:/data/db:rw +# - ${DATA_DIR}/mongo_key:/mongo:rw +# ports: +# - "${MONGODB_HOST_PORT}:27017" +# networks: +# - default +# command: +# --auth + +# adminmongo: +# image: mrvautin/adminmongo +# container_name: adminmongo +# ports: +# - "${ADMINMONGO_HOST_PORT}:1234" +# environment: +# - HOST=0.0.0.0 +# - DB_HOST=mongodb +# - DB_PORT=27017 +# networks: +# - default + +# elasticsearch: +# build: +# context: ./services/elasticsearch +# args: +# ELASTICSEARCH_VERSION: ${ELASTICSEARCH_VERSION} +# ELASTICSEARCH_PLUGINS: ${ELASTICSEARCH_PLUGINS} +# container_name: elasticsearch +# environment: +# - TZ=$TZ +# - discovery.type=single-node +# - "ES_JAVA_OPTS=-Xms512m -Xmx512m" +# volumes: +# - ${DATA_DIR}/esdata:/usr/share/elasticsearch/data +# - ${ELASTICSEARCH_CONF_FILE}:/usr/share/elasticsearch/config/elasticsearch.yml +# hostname: elasticsearch +# restart: always +# ports: +# - "${ELASTICSEARCH_HOST_PORT_C}:9200" +# - "${ELASTICSEARCH_HOST_PORT_S}:9300" + +# kibana: +# image: kibana:${KIBANA_VERSION} +# container_name: kibana +# environment: +# TZ: "$TZ" +# elasticsearch.hosts: http://elasticsearch:9200 +# I18N_LOCALE: "${KIBANA_I18N_LOCALE}" +# hostname: kibana +# depends_on: +# - elasticsearch +# restart: always +# ports: +# - "${KIBANA_HOST}:5601" + +# logstash: +# image: logstash:${LOGSTASH_VERSION} +# container_name: logstash +# hostname: logstash +# restart: always +# depends_on: +# - elasticsearch +# environment: +# TZ: "$TZ" +# ports: +# - "${LOGSTASH_HOST_PORT_C}:9600" +# - "${LOGSTASH_HOST_PORT_S}:5044" + +# node: +# image: node:${NODE_VERSION} +# environment: +# - NODE_ENV=production +# volumes: +# - ${SOURCE_DIR}:/www/:rw +# expose: +# - "8081" +# networks: +# - default +# stdin_open: true +# tty: true + + +# supervisor: +# build: +# context: ./services/supervisor +# args: +# ALPINE_VERSION: alpine:${ALPINE_VERSION} +# TZ: "$TZ" +# CONTAINER_PACKAGE_URL: ${CONTAINER_PACKAGE_URL} +# container_name: supervisor +# ports: +# - "${SUPERVISOR_HOST_PORT_C}:9001" +# volumes: +# - ${SOURCE_DIR}:/www/:rw +# - ${SUPERVISOR_LOG}:/var/log/supervisor/:rw +# - ${SUPERVISOR_CONFIG}:/etc/supervisor/conf.d/:rw +# - ${SUPERVISOR_CONF_FILE}:/etc/supervisor/supervisord.conf:ro +# command: +# - /bin/sh +# - -c +# - | +# supervisord -n -c /etc/supervisor/supervisord.conf +# restart: always +# cap_add: +# - SYS_PTRACE +# networks: +# - default + +networks: + default: diff --git a/compose/docker-composer-5.yml b/compose/docker-composer-5.yml new file mode 100644 index 00000000..3e84ba3e --- /dev/null +++ b/compose/docker-composer-5.yml @@ -0,0 +1,94 @@ +version: '3' +services: + nginx: + build: + context: ./nginx + args: + NGINX_VERSION: $NGINX_VERSION + depends_on: + - php + ports: + - "80:80" + - "443:443" + volumes: + - ./www:/usr/share/nginx/html + - ./nginx/conf.d:/etc/nginx/conf.d + - ./nginx/cert:/etc/nginx/cert + - ./nginx/nginx.conf:/etc/nginx/nginx.conf + - ./nginx/log/error.log:/var/log/nginx/error.log + networks: + - frontend + restart: always + container_name: nginx + + php: + build: + context: ./php + args: + PHP_VERSION: $PHP_VERSION + SWOOLE_VERSION: $SWOOLE_VERSION + AMQP_VERSION: $AMQP_VERSION + ports: + - "9501:9501" + volumes: + - ./www:/var/www/html + - ./php/config/php.ini:/usr/local/etc/php/php.ini + - ./php/config/php-fpm.conf:/usr/local/etc/php-fpm.conf + - ./php/config/php-fpm.d:/usr/local/etc/php-fpm.d + networks: + - frontend + - backend + restart: always + container_name: php + + mysql: + build: ./mysql + ports: + - "3306:3306" + volumes: + - ./mysql/data:/var/lib/mysql + - ./mysql/my.cnf:/etc/my.cnf + environment: + MYSQL_ROOT_PASSWORD: 123456 + networks: + - backend + restart: always + container_name: mysql + + redis: + build: ./redis + ports: + - "6379:6379" + volumes: + - ./redis/redis.conf/:/usr/local/etc/redis.conf + - ./redis/data:/usr/local/redis/data + - ./redis/redis.log:/usr/local/redis/redis.log + networks: + - backend + restart: always + container_name: redis + + rabbitmq: + #容器名称 + container_name: rabbitmq + #镜像名称 + image: rabbitmq:3.8.3 + #总是重启后启动 + restart: always + #端口映射 + ports: + - 5672:5672 + - 15672:15672 + #挂载 + volumes: + - ./rabbitmq/data:/var/lib/rabbitmq + #环境变量 + environment: + - RABBITMQ_DEFAULT_USER=admin + - RABBITMQ_DEFAULT_PASS=123456 + networks: + - backend +networks: + frontend: + backend: + diff --git a/compose/docker-composer-6.yml b/compose/docker-composer-6.yml new file mode 100644 index 00000000..b46e36c3 --- /dev/null +++ b/compose/docker-composer-6.yml @@ -0,0 +1,52 @@ +# Web development environment +version: "3.6" +services: + + home: + image: vfac/envdevhome:1.2 + container_name: home + env_file: .env + volumes: + - ${PROJECTS_PATH}:${PROJECTS_PATH_DEST} + - ./version:/var/www/html/envdev/version + - ./profiles:/var/www/html/profiles + - ./conf:/envdevconf + ports: + - '1234:80' + links: + - base:base + depends_on: + - base + networks: + vfac: + ipv4_address: 172.16.238.18 + + base: + image: ${BASE_IMAGE}:${BASE_VERSION} + container_name: base + env_file: + - .env + volumes: + - ${PROJECTS_PATH}:${PROJECTS_PATH_DEST} + - ./tools/phpinfo:/var/www/html/phpinfo + - ./conf/php/php.ini:/usr/local/etc/php/php.ini + - ./outputs/profiler:/outputs/profiler + - ~/.gitconfig:/root/.gitconfig + - ~/.gitconfig:/home/vfac/.gitconfig + - ~/.ssh:/root/.ssh + - ~/.ssh:/home/vfac/.ssh + user: "${USER_ID}:${GROUP_ID}" + ports: + - '22:22' + + working_dir: ${PROJECTS_PATH_DEST} + networks: + vfac: + ipv4_address: ${BASE_STATIC_IP} + +networks: + vfac: + name: vfac + ipam: + config: + - subnet: 172.16.238.0/24 diff --git a/compose/docker-composer-7.yml b/compose/docker-composer-7.yml new file mode 100644 index 00000000..c301a58e --- /dev/null +++ b/compose/docker-composer-7.yml @@ -0,0 +1,41 @@ +version: '2' +services: + nginx: + image: "${DOCKER_USER}/lnmp-nginx:v1.2" + build: + context: . + dockerfile: Dockerfile.nginx + ports: + - "80:80" + networks: + - frontend + depends_on: + - php + php: + image: "${DOCKER_USER}/lnmp-php:v1.2" + build: + context: . + dockerfile: Dockerfile.php + networks: + - frontend + - backend + environment: + MYSQL_PASSWORD: Passw0rd + depends_on: + - mysql + mysql: + image: mysql:5.7 + volumes: + - mysql-data:/var/lib/mysql + environment: + TZ: 'Asia/Shanghai' + MYSQL_ROOT_PASSWORD: Passw0rd + command: ['mysqld', '--character-set-server=utf8'] + networks: + - backend +volumes: + mysql-data: + +networks: + frontend: + backend: diff --git a/compose/elasticsearch-compose.yml b/compose/elasticsearch-compose.yml new file mode 100644 index 00000000..389a3a10 --- /dev/null +++ b/compose/elasticsearch-compose.yml @@ -0,0 +1,53 @@ +version: '2.2' +services: + elasticsearch: + image: docker.elastic.co/elasticsearch/elasticsearch:6.4.3 + container_name: elasticsearch + environment: + - cluster.name=docker-cluster + - bootstrap.memory_lock=true + - "ES_JAVA_OPTS=-Xms512m -Xmx512m" + - "discovery.zen.ping.unicast.hosts=elasticsearch2, elasticsearch" + - script.painless.regex.enabled=true + - node.master=false + - node.data=true + ulimits: + memlock: + soft: -1 + hard: -1 + volumes: + - esdata1:/usr/share/elasticsearch/data + ports: + - 9200:9200 + networks: + - esnet + elasticsearch2: + image: docker.elastic.co/elasticsearch/elasticsearch:6.4.3 + container_name: elasticsearch2 + environment: + - cluster.name=docker-cluster + - bootstrap.memory_lock=true + - "ES_JAVA_OPTS=-Xms512m -Xmx512m" + - "discovery.zen.ping.unicast.hosts=elasticsearch, elasticsearch2" + - script.painless.regex.enabled=true + - node.master=true + - node.data=false + ulimits: + memlock: + soft: -1 + hard: -1 + volumes: + - esdata2:/usr/share/elasticsearch/data + ports: + - 9201:9200 + networks: + - esnet + +volumes: + esdata1: + driver: local + esdata2: + driver: local + +networks: + esnet: diff --git a/compose/ethereum-stack-compose.yml b/compose/ethereum-stack-compose.yml new file mode 100755 index 00000000..f696d843 --- /dev/null +++ b/compose/ethereum-stack-compose.yml @@ -0,0 +1,32 @@ +version: '2' + +services: + + ganache: + container_name: ganache + image: gengxiankun/ganache + expose: + - "7454" + ports: + - "7454:7454" + environment: + - NETWORKID=6 + - PORT=7454 + restart: always + + truffle: + container_name: truffle + image: gengxiankun/truffle + volumes: + - ../docker-compose_data/ethereum/:/data/ + working_dir: /data + links: + - ganache:ganache + restart: always + + geth: + container_name: geth + image: gengxiankun/geth + restart: always + links: + - ganache:ganache diff --git a/compose/fast.yml b/compose/fast.yml new file mode 100644 index 00000000..0406ab8c --- /dev/null +++ b/compose/fast.yml @@ -0,0 +1,89 @@ +version: '3' + +services: + cgi: + container_name: cgi + image: registry.cn-beijing.aliyuncs.com/duiying/php7.2:1.0 + tty: true + restart: always + expose: + - "9000" + volumes: + - ./www:/data/www + - ./docker/log/cgi:/var/log/php-fpm + depends_on: + - mysql + - redis + links: + - mysql:mysql + - redis:redis + proxy: + container_name: proxy + image: registry.cn-beijing.aliyuncs.com/duiying/nginx:1.0 + tty: true + restart: always + ports: + - "80:80" + - "443:443" + volumes: + - ./www:/data/www + - ./docker/config/proxy/conf.d:/etc/nginx/conf.d + - ./docker/log/proxy:/var/log/nginx + depends_on: + - cgi + links: + - cgi + mysql: + container_name: mysql + image: daocloud.io/library/mysql:5.6 + restart: always + expose: + - "3306" + ports: + - "3306:3306" + volumes: + - ./docker/data/mysql:/var/lib/mysql + environment: + - MYSQL_ROOT_PASSWORD=root + redis: + container_name: redis + image: daocloud.io/library/redis + restart: always + expose: + - "6379" + ports: + - "6379:6379" + volumes: + - ./docker/data/redis:/data + command: redis-server --appendonly yes + phpmyadmin: + container_name: phpmyadmin + image: daocloud.io/daocloud/phpmyadmin + expose: + - '80' + ports: + - "8080:80" + environment: + - PMA_ARBITRARY=0 + - PMA_HOST=mysql + # 如果取消下面两行注释, phpmyadmin就不用输入用户名和密码, 可以直接登录 + # - PMA_USER=root + # - PMA_PASSWORD=root + depends_on: + - mysql + links: + - mysql:mysql + phpredisadmin: + container_name: phpredisadmin + image: erikdubbelboer/phpredisadmin + expose: + - '80' + ports: + - "8081:80" + environment: + - REDIS_1_HOST=redis + - REDIS_1_NAME=redis + depends_on: + - redis + links: + - redis:redis diff --git a/compose/filebeat-compose.yml b/compose/filebeat-compose.yml new file mode 100644 index 00000000..b610bb0b --- /dev/null +++ b/compose/filebeat-compose.yml @@ -0,0 +1,4 @@ +version: '2.2' +services: + filebeat: + image: docker.elastic.co/beats/filebeat:6.4.3 \ No newline at end of file diff --git a/compose/kibana-compose.yml b/compose/kibana-compose.yml new file mode 100644 index 00000000..2cddb13c --- /dev/null +++ b/compose/kibana-compose.yml @@ -0,0 +1,10 @@ +version: '2.2' + +services: + kibana: + container_name: kibana + image: docker.elastic.co/kibana/kibana:6.4.3 + environment: + ELASTICSEARCH_URL: http://10.0.72.173:9200 + ports: + - 5601:5601 \ No newline at end of file diff --git a/compose/laradock.yml b/compose/laradock.yml new file mode 100644 index 00000000..55b0edbe --- /dev/null +++ b/compose/laradock.yml @@ -0,0 +1,314 @@ +version: '2' + +services: + +### Workspace Utilities Container ########################### + + workspace: + build: + context: ./workspace + args: + - INSTALL_XDEBUG=false + - INSTALL_MONGO=false + - INSTALL_NODE=true + - INSTALL_YARN=true + - INSTALL_DRUSH=false + - INSTALL_AEROSPIKE_EXTENSION=false + - COMPOSER_GLOBAL_INSTALL=false + - INSTALL_WORKSPACE_SSH=false + - PUID=1000 + - PGID=1000 + - NODE_VERSION=stable + - TZ=UTC + volumes_from: + - volumes_source + extra_hosts: + # IMPORTANT: Replace with your Docker Host IP (will be appended to /etc/hosts) + - "dockerhost:10.0.75.1" + ports: + - "22:22" + tty: true + +### PHP-FPM Container ####################################### + + php-fpm: + build: + context: ./php-fpm + args: + - INSTALL_XDEBUG=false + - INSTALL_MONGO=false + - INSTALL_ZIP_ARCHIVE=false + - INSTALL_MEMCACHED=false + - INSTALL_OPCACHE=false + - INSTALL_AEROSPIKE_EXTENSION=false + dockerfile: Dockerfile-70 + volumes_from: + - volumes_source + expose: + - "9000" + links: + - workspace + extra_hosts: + # IMPORTANT: Replace with your Docker Host IP (will be appended to /etc/hosts) + - "dockerhost:10.0.75.1" + environment: + # IMPORTANT: Set the Remote Interpreter entry matching name to `laravel` + - PHP_IDE_CONFIG="serverName=laravel" + +### Nginx Server Container ################################## + + nginx: + build: + context: ./nginx + args: + - PHP_UPSTREAM=php-fpm + volumes_from: + - volumes_source + volumes: + - ./logs/nginx/:/var/log/nginx + ports: + - "80:80" + - "443:443" + links: + - php-fpm + +### Apache Server Container ################################## + + apache2: + build: + context: ./apache2 + args: + - PHP_SOCKET="php-fpm:9000" + volumes_from: + - volumes_source + volumes: + - ./logs/apache2:/var/log/apache2 + ports: + - "80:80" + - "443:443" + links: + - php-fpm + +### HHVM Container ########################################## + + hhvm: + build: ./hhvm + volumes_from: + - volumes_source + expose: + - "9000" + links: + - workspace + +### MySQL Container ######################################### + + mysql: + build: ./mysql + volumes_from: + - volumes_data + ports: + - "3306:3306" + environment: + MYSQL_DATABASE: homestead + MYSQL_USER: homestead + MYSQL_PASSWORD: secret + MYSQL_ROOT_PASSWORD: root + +### PostgreSQL Container #################################### + + postgres: + build: ./postgres + volumes_from: + - volumes_data + ports: + - "5432:5432" + environment: + POSTGRES_DB: homestead + POSTGRES_USER: homestead + POSTGRES_PASSWORD: secret + +### MariaDB Container ####################################### + + mariadb: + build: ./mariadb + volumes_from: + - volumes_data + ports: + - "3306:3306" + environment: + MYSQL_DATABASE: homestead + MYSQL_USER: homestead + MYSQL_PASSWORD: secret + MYSQL_ROOT_PASSWORD: root + +### Neo4j Container ######################################### + + neo4j: + build: ./neo4j + ports: + - "7474:7474" + - "1337:1337" + environment: + - NEO4J_AUTH=homestead:secret + volumes_from: + - volumes_data + +### MongoDB Container ####################################### + + mongo: + build: ./mongo + ports: + - "27017:27017" + volumes_from: + - volumes_data + +### Redis Container ######################################### + + redis: + build: ./redis + volumes_from: + - volumes_data + ports: + - "6379:6379" + +### Aerospike c Container ######################################### + + aerospike: + build: ./aerospike + volumes_from: + - workspace + - volumes_data + ports: + - "3000:3000" + - "3001:3001" + - "3002:3002" + - "3003:3003" + + +### Memcached Container ##################################### + + memcached: + build: ./memcached + volumes_from: + - volumes_data + ports: + - "11211:11211" + links: + - php-fpm + +### Beanstalkd Container #################################### + + beanstalkd: + build: ./beanstalkd + ports: + - "11300:11300" + privileged: true + links: + - php-fpm + +### RabbitMQ Container #################################### + + rabbitmq: + build: ./rabbitmq + ports: + - "5672:5672" + - "15671:15671" + - "8080:15672" + privileged: true + environment: + RABBITMQ_DEFAULT_USER: guest + RABBITMQ_DEFAULT_PASS: guest + links: + - php-fpm + +### Beanstalkd Console Container ############################ + + beanstalkd-console: + build: ./beanstalkd-console + ports: + - "2080:2080" + links: + - beanstalkd + +### Caddy Server Container ################################## + + caddy: + build: ./caddy + volumes_from: + - volumes_source + - volumes_data + ports: + - "80:80" + - "443:443" + - "2015:2015" + volumes: + - ./caddy/Caddyfile:/etc/Caddyfile + - ./logs/caddy:/var/log/caddy + links: + - php-fpm + +### phpMyAdmin Container ################################## + + phpmyadmin: + build: ./phpmyadmin + environment: + PMA_ARBITRARY: 1 + MYSQL_USER: homestead + MYSQL_PASSWORD: secret + MYSQL_ROOT_PASSWORD: root + volumes_from: + - volumes_data + ports: + - "8080:80" + links: + # for mysql container + - "mysql:db" + # for mariadb container + # - "mariadb:db" + +### pgAdmin Container ################################## + + pgadmin: + build: ./pgadmin + ports: + - "5050:5050" + links: + - postgres + +### ElasticSearch Container ################################## + + elasticsearch: + build: ./elasticsearch + volumes_from: + - volumes_data + ports: + - "9200:9200" + - "9300:9300" + links: + - php-fpm + +### Laravel Application Code Container ###################### + + volumes_source: + image: tianon/true + volumes: + - ../:/var/www/laravel + + +### Databases Data Container ################################ + + volumes_data: + image: tianon/true + volumes: + - ./data/mysql:/var/lib/mysql + - ./data/postgres:/var/lib/postgresql/data + - ./data/memcached:/var/lib/memcached + - ./data/redis:/data + - ./data/neo4j:/var/lib/neo4j/data + - ./data/mongo:/data/db + - ./data/aerospike:/opt/aerospike/data + - ./data/sessions:/sessions + - ./data/caddy:/root/.caddy + - ./data/elasticsearch/data:/usr/share/elasticsearch/data + +### Add more Containers below ############################### diff --git a/compose/lnmp-stack-compose.yml b/compose/lnmp-stack-compose.yml new file mode 100755 index 00000000..cbb3cd33 --- /dev/null +++ b/compose/lnmp-stack-compose.yml @@ -0,0 +1,53 @@ +version: '2' + +services: + + mysql: + container_name: mysql + image: daocloud.io/library/mysql:5.6 + restart: always + expose: + - "3306" + ports: + - "3306:3306" + volumes: + - ../docker-compose_data/mysql/data:/data + - ../docker-compose_data/mysql/var-lib-mysql:/var/lib/mysql + working_dir: /data + environment: + - MYSQL_ROOT_PASSWORD=root + - TZ=Asia/Shanghai + restart: always + + php-fpm: + container_name: php-fpm + image: gengxiankun/php:7.1-latest + restart: always + expose: + - "9000" + volumes: + - ../docker-compose_data/php-fpm/www:/www + - ../docker-compose_data/php-fpm/log:/var/log/php-fpm + environment: + - TZ=Asia/Shanghai + working_dir: /www + links: + - mysql:mysql + + nginx: + container_name: nginx + image: gengxiankun/nginx:openresty-latest + restart: always + ports: + - "80:80" + - "443:443" + volumes: + - ../docker-compose_data/nginx/conf.d:/etc/nginx/conf.d + volumes_from: + - php-fpm + working_dir: /etc/nginx/conf.d + environment: + - TZ=Asia/Shanghai + links: + - mysql:mysql + - php-fpm:php-fpm diff --git a/compose/logstash.yml b/compose/logstash.yml new file mode 100644 index 00000000..c76e8707 --- /dev/null +++ b/compose/logstash.yml @@ -0,0 +1,9 @@ +version: '2' + +services: + logstash: + image: docker.elastic.co/logstash/logstash:6.4.3 + ports: + - 5044:5044 + volumes: + - ../docker-compose_data/logstash/:/usr/share/logstash/pipeline/ diff --git a/compose/metricbeat.yml b/compose/metricbeat.yml new file mode 100644 index 00000000..28607002 --- /dev/null +++ b/compose/metricbeat.yml @@ -0,0 +1,12 @@ +version: '2' + +services: + metricbeat: + image: docker.elastic.co/beats/metricbeat:6.4.3 + user: root + container_name: metricbeat + environment: + - setup.kibana.host= + - output.elasticsearch.hosts=["elasticsearch:9200"] + volumes: + - /var/run/docker.sock:/var/run/docker.sock:ro \ No newline at end of file diff --git a/compose/nginx-lua-compose.yml b/compose/nginx-lua-compose.yml new file mode 100755 index 00000000..bca2f663 --- /dev/null +++ b/compose/nginx-lua-compose.yml @@ -0,0 +1,50 @@ +version: '2' + +services: + + mysql: + container_name: mysql + image: daocloud.io/library/mysql + restart: always + expose: + - "3306" + ports: + - "3306:3306" + volumes: + - ../docker-compose_data/mysql/data:/data + - ../docker-compose_data/mysql/var-lib-mysql:/var/lib/mysql + working_dir: /data + environment: + - MYSQL_ROOT_PASSWORD=root + - TZ=Asia/Shanghai + restart: always + + redis: + container_name: redis + image: daocloud.io/library/redis + restart: always + expose: + - "6379" + ports: + - "6379:6379" + volumes: + - ../docker-compose_data/redis/var_lib_redis:/data + - ../docker-compose_data/redis/data:/data + command: redis-server --appendonly yes + + nginx: + container_name: nginx + build: ../openresty/ + restart: always + ports: + - "80:80" + - "443:443" + volumes: + - ../docker-compose_data/nginx/conf.d:/etc/nginx/conf.d + - ../docker-compose_data/nginx/library:/opt/openresty/library + working_dir: /etc/nginx/conf.d + environment: + - TZ=Asia/Shanghai + links: + - mysql:mysql + - redis:redis \ No newline at end of file diff --git a/compose/simplify.yml b/compose/simplify.yml new file mode 100644 index 00000000..c680fff6 --- /dev/null +++ b/compose/simplify.yml @@ -0,0 +1,58 @@ +version: '3' + +services: + cgi: + container_name: cgi + build: ./docker/files/cgi + tty: true + restart: always + expose: + - "9000" + volumes: + - ./www:/data/www + - ./docker/log/cgi:/var/log/php-fpm + depends_on: + - mysql + - redis + links: + - mysql:mysql + - redis:redis + proxy: + container_name: proxy + build: ./docker/files/proxy + tty: true + restart: always + ports: + - "80:80" + - "443:443" + volumes: + - ./www:/data/www + - ./docker/config/proxy/conf.d:/etc/nginx/conf.d + - ./docker/log/proxy:/var/log/nginx + depends_on: + - cgi + links: + - cgi + mysql: + container_name: mysql + image: daocloud.io/library/mysql:5.6 + restart: always + expose: + - "3306" + ports: + - "3306:3306" + volumes: + - ./docker/data/mysql:/var/lib/mysql + environment: + - MYSQL_ROOT_PASSWORD=root + redis: + container_name: redis + image: daocloud.io/library/redis + restart: always + expose: + - "6379" + ports: + - "6379:6379" + volumes: + - ./docker/data/redis:/data + command: redis-server --appendonly yes \ No newline at end of file diff --git a/conf/apache/httpd.conf b/conf/apache/httpd.conf new file mode 100644 index 00000000..06188364 --- /dev/null +++ b/conf/apache/httpd.conf @@ -0,0 +1,549 @@ +# +# This is the main Apache HTTP server configuration file. It contains the +# configuration directives that give the server its instructions. +# See for detailed information. +# In particular, see +# +# for a discussion of each configuration directive. +# +# Do NOT simply read the instructions in here without understanding +# what they do. They're here only as hints or reminders. If you are unsure +# consult the online docs. You have been warned. +# +# Configuration and logfile names: If the filenames you specify for many +# of the server's control files begin with "/" (or "drive:/" for Win32), the +# server will use that explicit path. If the filenames do *not* begin +# with "/", the value of ServerRoot is prepended -- so "logs/access_log" +# with ServerRoot set to "/usr/local/apache2" will be interpreted by the +# server as "/usr/local/apache2/logs/access_log", whereas "/logs/access_log" +# will be interpreted as '/logs/access_log'. + +# +# ServerRoot: The top of the directory tree under which the server's +# configuration, error, and log files are kept. +# +# Do not add a slash at the end of the directory path. If you point +# ServerRoot at a non-local disk, be sure to specify a local disk on the +# Mutex directive, if file-based mutexes are used. If you wish to share the +# same ServerRoot for multiple httpd daemons, you will need to change at +# least PidFile. +# +ServerRoot "/usr/local/apache2" + +# +# Mutex: Allows you to set the mutex mechanism and mutex file directory +# for individual mutexes, or change the global defaults +# +# Uncomment and change the directory if mutexes are file-based and the default +# mutex file directory is not on a local disk or is not appropriate for some +# other reason. +# +# Mutex default:logs + +# +# Listen: Allows you to bind Apache to specific IP addresses and/or +# ports, instead of the default. See also the +# directive. +# +# Change this to Listen on specific IP addresses as shown below to +# prevent Apache from glomming onto all bound IP addresses. +# +#Listen 12.34.56.78:80 +Listen 80 +Listen 443 +# +# Dynamic Shared Object (DSO) Support +# +# To be able to use the functionality of a module which was built as a DSO you +# have to place corresponding `LoadModule' lines at this location so the +# directives contained in it are actually available _before_ they are used. +# Statically compiled modules (those listed by `httpd -l') do not need +# to be loaded here. +# +# Example: +# LoadModule foo_module modules/mod_foo.so +# +LoadModule authn_file_module modules/mod_authn_file.so +#LoadModule authn_dbm_module modules/mod_authn_dbm.so +#LoadModule authn_anon_module modules/mod_authn_anon.so +#LoadModule authn_dbd_module modules/mod_authn_dbd.so +#LoadModule authn_socache_module modules/mod_authn_socache.so +LoadModule authn_core_module modules/mod_authn_core.so +LoadModule authz_host_module modules/mod_authz_host.so +LoadModule authz_groupfile_module modules/mod_authz_groupfile.so +LoadModule authz_user_module modules/mod_authz_user.so +#LoadModule authz_dbm_module modules/mod_authz_dbm.so +#LoadModule authz_owner_module modules/mod_authz_owner.so +#LoadModule authz_dbd_module modules/mod_authz_dbd.so +LoadModule authz_core_module modules/mod_authz_core.so +#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so +#LoadModule authnz_fcgi_module modules/mod_authnz_fcgi.so +LoadModule access_compat_module modules/mod_access_compat.so +LoadModule auth_basic_module modules/mod_auth_basic.so +#LoadModule auth_form_module modules/mod_auth_form.so +#LoadModule auth_digest_module modules/mod_auth_digest.so +#LoadModule allowmethods_module modules/mod_allowmethods.so +#LoadModule isapi_module modules/mod_isapi.so +#LoadModule file_cache_module modules/mod_file_cache.so +#LoadModule cache_module modules/mod_cache.so +#LoadModule cache_disk_module modules/mod_cache_disk.so +#LoadModule cache_socache_module modules/mod_cache_socache.so +#LoadModule socache_shmcb_module modules/mod_socache_shmcb.so +#LoadModule socache_dbm_module modules/mod_socache_dbm.so +#LoadModule socache_memcache_module modules/mod_socache_memcache.so +#LoadModule watchdog_module modules/mod_watchdog.so +#LoadModule macro_module modules/mod_macro.so +#LoadModule dbd_module modules/mod_dbd.so +#LoadModule bucketeer_module modules/mod_bucketeer.so +#LoadModule dumpio_module modules/mod_dumpio.so +#LoadModule echo_module modules/mod_echo.so +#LoadModule example_hooks_module modules/mod_example_hooks.so +#LoadModule case_filter_module modules/mod_case_filter.so +#LoadModule case_filter_in_module modules/mod_case_filter_in.so +#LoadModule example_ipc_module modules/mod_example_ipc.so +#LoadModule buffer_module modules/mod_buffer.so +#LoadModule data_module modules/mod_data.so +#LoadModule ratelimit_module modules/mod_ratelimit.so +LoadModule reqtimeout_module modules/mod_reqtimeout.so +#LoadModule ext_filter_module modules/mod_ext_filter.so +#LoadModule request_module modules/mod_request.so +#LoadModule include_module modules/mod_include.so +LoadModule filter_module modules/mod_filter.so +#LoadModule reflector_module modules/mod_reflector.so +#LoadModule substitute_module modules/mod_substitute.so +#LoadModule sed_module modules/mod_sed.so +#LoadModule charset_lite_module modules/mod_charset_lite.so +#LoadModule deflate_module modules/mod_deflate.so +#LoadModule xml2enc_module modules/mod_xml2enc.so +#LoadModule proxy_html_module modules/mod_proxy_html.so +LoadModule mime_module modules/mod_mime.so +#LoadModule ldap_module modules/mod_ldap.so +LoadModule log_config_module modules/mod_log_config.so +#LoadModule log_debug_module modules/mod_log_debug.so +#LoadModule log_forensic_module modules/mod_log_forensic.so +#LoadModule logio_module modules/mod_logio.so +#LoadModule lua_module modules/mod_lua.so +LoadModule env_module modules/mod_env.so +#LoadModule mime_magic_module modules/mod_mime_magic.so +#LoadModule cern_meta_module modules/mod_cern_meta.so +#LoadModule expires_module modules/mod_expires.so +LoadModule headers_module modules/mod_headers.so +#LoadModule ident_module modules/mod_ident.so +#LoadModule usertrack_module modules/mod_usertrack.so +#LoadModule unique_id_module modules/mod_unique_id.so +LoadModule setenvif_module modules/mod_setenvif.so +LoadModule version_module modules/mod_version.so +#LoadModule remoteip_module modules/mod_remoteip.so +LoadModule proxy_module modules/mod_proxy.so +#LoadModule proxy_connect_module modules/mod_proxy_connect.so +#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so +#LoadModule proxy_http_module modules/mod_proxy_http.so +LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so +#LoadModule proxy_scgi_module modules/mod_proxy_scgi.so +#LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so +#LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so +#LoadModule proxy_ajp_module modules/mod_proxy_ajp.so +#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so +#LoadModule proxy_express_module modules/mod_proxy_express.so +#LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so +#LoadModule session_module modules/mod_session.so +#LoadModule session_cookie_module modules/mod_session_cookie.so +#LoadModule session_crypto_module modules/mod_session_crypto.so +#LoadModule session_dbd_module modules/mod_session_dbd.so +#LoadModule slotmem_shm_module modules/mod_slotmem_shm.so +#LoadModule slotmem_plain_module modules/mod_slotmem_plain.so +LoadModule ssl_module modules/mod_ssl.so +#LoadModule optional_hook_export_module modules/mod_optional_hook_export.so +#LoadModule optional_hook_import_module modules/mod_optional_hook_import.so +#LoadModule optional_fn_import_module modules/mod_optional_fn_import.so +#LoadModule optional_fn_export_module modules/mod_optional_fn_export.so +#LoadModule dialup_module modules/mod_dialup.so +#LoadModule http2_module modules/mod_http2.so +#LoadModule proxy_http2_module modules/mod_proxy_http2.so +#LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so +#LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so +#LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so +#LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so +LoadModule unixd_module modules/mod_unixd.so +#LoadModule heartbeat_module modules/mod_heartbeat.so +#LoadModule heartmonitor_module modules/mod_heartmonitor.so +#LoadModule dav_module modules/mod_dav.so +LoadModule status_module modules/mod_status.so +LoadModule autoindex_module modules/mod_autoindex.so +#LoadModule asis_module modules/mod_asis.so +#LoadModule info_module modules/mod_info.so +#LoadModule suexec_module modules/mod_suexec.so +LoadModule mpm_event_module modules/mod_mpm_event.so + + #LoadModule cgid_module modules/mod_cgid.so + + + #LoadModule cgi_module modules/mod_cgi.so + +#LoadModule dav_fs_module modules/mod_dav_fs.so +#LoadModule dav_lock_module modules/mod_dav_lock.so +#LoadModule vhost_alias_module modules/mod_vhost_alias.so +#LoadModule negotiation_module modules/mod_negotiation.so +LoadModule dir_module modules/mod_dir.so +#LoadModule imagemap_module modules/mod_imagemap.so +#LoadModule actions_module modules/mod_actions.so +#LoadModule speling_module modules/mod_speling.so +#LoadModule userdir_module modules/mod_userdir.so +LoadModule alias_module modules/mod_alias.so +LoadModule rewrite_module modules/mod_rewrite.so + + +# +# If you wish httpd to run as a different user or group, you must run +# httpd as root initially and it will switch. +# +# User/Group: The name (or #number) of the user/group to run httpd as. +# It is usually good practice to create a dedicated user and group for +# running httpd, as with most system services. +# +User daemon +Group daemon + + + +# 'Main' server configuration +# +# The directives in this section set up the values used by the 'main' +# server, which responds to any requests that aren't handled by a +# definition. These values also provide defaults for +# any containers you may define later in the file. +# +# All of these directives may appear inside containers, +# in which case these default settings will be overridden for the +# virtual host being defined. +# + +# +# ServerAdmin: Your address, where problems with the server should be +# e-mailed. This address appears on some server-generated pages, such +# as error documents. e.g. admin@your-domain.com +# +ServerAdmin you@example.com + +# +# ServerName gives the name and port that the server uses to identify itself. +# This can often be determined automatically, but we recommend you specify +# it explicitly to prevent problems during startup. +# +# If your host doesn't have a registered DNS name, enter its IP address here. +# +#ServerName www.example.com:80 + +# +# Deny access to the entirety of your server's filesystem. You must +# explicitly permit access to web content directories in other +# blocks below. +# + + AllowOverride none + Require all denied + + +# +# Note that from this point forward you must specifically allow +# particular features to be enabled - so if something's not working as +# you might expect, make sure that you have specifically enabled it +# below. +# + +# +# DocumentRoot: The directory out of which you will serve your +# documents. By default, all requests are taken from this directory, but +# symbolic links and aliases may be used to point to other locations. +# +# DocumentRoot "/usr/local/apache2/htdocs" +# +# # +# # Possible values for the Options directive are "None", "All", +# # or any combination of: +# # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews +# # +# # Note that "MultiViews" must be named *explicitly* --- "Options All" +# # doesn't give it to you. +# # +# # The Options directive is both complicated and important. Please see +# # http://httpd.apache.org/docs/2.4/mod/core.html#options +# # for more information. +# # +# Options Indexes FollowSymLinks + +# # +# # AllowOverride controls what directives may be placed in .htaccess files. +# # It can be "All", "None", or any combination of the keywords: +# # AllowOverride FileInfo AuthConfig Limit +# # +# AllowOverride None + +# # +# # Controls who can get stuff from this server. +# # +# Require all granted +# + +# +# DirectoryIndex: sets the file that Apache will serve if a directory +# is requested. +# + + DirectoryIndex index.html index.php index + + +# +# The following lines prevent .htaccess and .htpasswd files from being +# viewed by Web clients. +# + + Require all denied + + +# +# ErrorLog: The location of the error log file. +# If you do not specify an ErrorLog directive within a +# container, error messages relating to that virtual host will be +# logged here. If you *do* define an error logfile for a +# container, that host's errors will be logged there and not here. +# +ErrorLog /proc/self/fd/2 + +# +# LogLevel: Control the number of messages logged to the error_log. +# Possible values include: debug, info, notice, warn, error, crit, +# alert, emerg. +# +LogLevel warn + + + # + # The following directives define some format nicknames for use with + # a CustomLog directive (see below). + # + LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined + LogFormat "%h %l %u %t \"%r\" %>s %b" common + + + # You need to enable mod_logio.c to use %I and %O + LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio + + + # + # The location and format of the access logfile (Common Logfile Format). + # If you do not define any access logfiles within a + # container, they will be logged here. Contrariwise, if you *do* + # define per- access logfiles, transactions will be + # logged therein and *not* in this file. + # + CustomLog /proc/self/fd/1 common + + # + # If you prefer a logfile with access, agent, and referer information + # (Combined Logfile Format) you can use the following directive. + # + #CustomLog "logs/access_log" combined + + + + # + # Redirect: Allows you to tell clients about documents that used to + # exist in your server's namespace, but do not anymore. The client + # will make a new request for the document at its new location. + # Example: + # Redirect permanent /foo http://www.example.com/bar + + # + # Alias: Maps web paths into filesystem paths and is used to + # access content that does not live under the DocumentRoot. + # Example: + # Alias /webpath /full/filesystem/path + # + # If you include a trailing / on /webpath then the server will + # require it to be present in the URL. You will also likely + # need to provide a section to allow access to + # the filesystem path. + + # + # ScriptAlias: This controls which directories contain server scripts. + # ScriptAliases are essentially the same as Aliases, except that + # documents in the target directory are treated as applications and + # run by the server when requested rather than as documents sent to the + # client. The same rules about trailing "/" apply to ScriptAlias + # directives as to Alias. + # + ScriptAlias /cgi-bin/ "/usr/local/apache2/cgi-bin/" + + + + + # + # ScriptSock: On threaded servers, designate the path to the UNIX + # socket used to communicate with the CGI daemon of mod_cgid. + # + #Scriptsock cgisock + + +# +# "/usr/local/apache2/cgi-bin" should be changed to whatever your ScriptAliased +# CGI directory exists, if you have that configured. +# + + AllowOverride None + Options None + Require all granted + + + + # + # Avoid passing HTTP_PROXY environment to CGI's on this or any proxied + # backend servers which have lingering "httpoxy" defects. + # 'Proxy' request header is undefined by the IETF, not listed by IANA + # + RequestHeader unset Proxy early + + + + # + # TypesConfig points to the file containing the list of mappings from + # filename extension to MIME-type. + # + TypesConfig conf/mime.types + + # + # AddType allows you to add to or override the MIME configuration + # file specified in TypesConfig for specific file types. + # + #AddType application/x-gzip .tgz + # + # AddEncoding allows you to have certain browsers uncompress + # information on the fly. Note: Not all browsers support this. + # + #AddEncoding x-compress .Z + #AddEncoding x-gzip .gz .tgz + # + # If the AddEncoding directives above are commented-out, then you + # probably should define those extensions to indicate media types: + # + AddType application/x-compress .Z + AddType application/x-gzip .gz .tgz + + # + # AddHandler allows you to map certain file extensions to "handlers": + # actions unrelated to filetype. These can be either built into the server + # or added with the Action directive (see below) + # + # To use CGI scripts outside of ScriptAliased directories: + # (You will also need to add "ExecCGI" to the "Options" directive.) + # + #AddHandler cgi-script .cgi + + # For type maps (negotiated resources): + #AddHandler type-map var + + # + # Filters allow you to process content before it is sent to the client. + # + # To parse .shtml files for server-side includes (SSI): + # (You will also need to add "Includes" to the "Options" directive.) + # + #AddType text/html .shtml + #AddOutputFilter INCLUDES .shtml + + +# +# The mod_mime_magic module allows the server to use various hints from the +# contents of the file itself to determine its type. The MIMEMagicFile +# directive tells the module where the hint definitions are located. +# +#MIMEMagicFile conf/magic + +# +# Customizable error responses come in three flavors: +# 1) plain text 2) local redirects 3) external redirects +# +# Some examples: +#ErrorDocument 500 "The server made a boo boo." +#ErrorDocument 404 /missing.html +#ErrorDocument 404 "/cgi-bin/missing_handler.pl" +#ErrorDocument 402 http://www.example.com/subscription_info.html +# + +# +# MaxRanges: Maximum number of Ranges in a request before +# returning the entire resource, or one of the special +# values 'default', 'none' or 'unlimited'. +# Default setting is to accept 200 Ranges. +#MaxRanges unlimited + +# +# EnableMMAP and EnableSendfile: On systems that support it, +# memory-mapping or the sendfile syscall may be used to deliver +# files. This usually improves server performance, but must +# be turned off when serving from networked-mounted +# filesystems or if support for these functions is otherwise +# broken on your system. +# Defaults: EnableMMAP On, EnableSendfile Off +# +#EnableMMAP off +#EnableSendfile on + +# Supplemental configuration +# +# The configuration files in the conf/extra/ directory can be +# included to add extra features or to modify the default configuration of +# the server, or you may simply copy their contents here and change as +# necessary. + +# Server-pool management (MPM specific) +#Include conf/extra/httpd-mpm.conf + +# Multi-language error messages +#Include conf/extra/httpd-multilang-errordoc.conf + +# Fancy directory listings +#Include conf/extra/httpd-autoindex.conf + +# Language settings +#Include conf/extra/httpd-languages.conf + +# User home directories +#Include conf/extra/httpd-userdir.conf + +# Real-time info on requests and configuration +#Include conf/extra/httpd-info.conf + +# Virtual hosts +#Include conf/extra/httpd-vhosts.conf +Include /etc/apache2/sites-enabled/*.conf + +# Local access to the Apache HTTP Server Manual +#Include conf/extra/httpd-manual.conf + +# Distributed authoring and versioning (WebDAV) +#Include conf/extra/httpd-dav.conf + +# Various default settings +#Include conf/extra/httpd-default.conf + +# Configure mod_proxy_html to understand HTML4/XHTML1 + +Include conf/extra/proxy-html.conf + + +# Secure (SSL/TLS) connections +#Include conf/extra/httpd-ssl.conf +# +# Note: The following must must be present to support +# starting without SSL on platforms with no /dev/random equivalent +# but a statically compiled-in mod_ssl. +# + +SSLRandomSeed startup builtin +SSLRandomSeed connect builtin + + + + SetHandler "proxy:fcgi://base:9000" + diff --git a/conf/apache/vhosts/default.conf b/conf/apache/vhosts/default.conf new file mode 100644 index 00000000..b75fcd39 --- /dev/null +++ b/conf/apache/vhosts/default.conf @@ -0,0 +1,19 @@ + + ServerName localhost + DocumentRoot /var/www/html/projects + + + Require all granted + Options Indexes + + + + + ServerName phpinfo.localhost + DocumentRoot /var/www/html/phpinfo + + + Require all granted + Options Indexes + + \ No newline at end of file diff --git a/conf/bashrc b/conf/bashrc new file mode 100644 index 00000000..9fc1d9df --- /dev/null +++ b/conf/bashrc @@ -0,0 +1,128 @@ +# ~/.bashrc: executed by bash(1) for non-login shells. + +# Note: PS1 and umask are already set in /etc/profile. You should not +# need this unless you want different defaults for root. +# PS1='${debian_chroot:+($debian_chroot)}\h:\w\$ ' +# umask 022 + +# You may uncomment the following lines if you want `ls' to be colorized: +export LS_OPTIONS='--color=auto' +eval "`dircolors`" +alias ls='ls $LS_OPTIONS' +alias ll='ls $LS_OPTIONS -l' +alias l='ls $LS_OPTIONS -lA' + +export EDITOR=vim +export LC_ALL=C.UTF-8 + +# Some more alias to avoid making mistakes: +# alias rm='rm -i' +# alias cp='cp -i' +# alias mv='mv -i' + + +# dnmp alias +alias dnginx='docker exec -it nginx /bin/sh' +alias dphp='docker exec -it php /bin/sh' +alias dphp56='docker exec -it php56 /bin/sh' +alias dphp54='docker exec -it php54 /bin/sh' +alias dmysql='docker exec -it mysql /bin/bash' +alias dredis='docker exec -it redis /bin/sh' + +alias dnginx='docker exec -it nginx /bin/sh' +alias dphp='docker exec -it php /bin/sh' +alias dphp56='docker exec -it php56 /bin/sh' +alias dphp54='docker exec -it php54 /bin/sh' +alias dmysql='docker exec -it mysql /bin/bash' +alias dredis='docker exec -it redis /bin/sh' + +alias dnginx='docker exec -it nginx /bin/sh' +alias dphp='docker exec -it php /bin/sh' +alias dphp56='docker exec -it php56 /bin/sh' +alias dphp54='docker exec -it php54 /bin/sh' +alias dmysql='docker exec -it mysql /bin/bash' +alias dredis='docker exec -it redis /bin/sh' + +# php7 cli +php () { + tty= + tty -s && tty=--tty + docker run \ + $tty \ + --interactive \ + --rm \ + --volume $PWD:/www:rw \ + --workdir /www \ + dnmp_php php "$@" +} + +# php5.6 cli +php56 () { + tty= + tty -s && tty=--tty + docker run \ + $tty \ + --interactive \ + --rm \ + --volume $PWD:/www:rw \ + --workdir /www \ + dnmp_php56 php "$@" +} + +# php5.4 cli +php54 () { + tty= + tty -s && tty=--tty + docker run \ + $tty \ + --interactive \ + --rm \ + --volume $PWD:/www:rw \ + --workdir /www \ + dnmp_php54 php "$@" +} + +# php7 composer +composer () { + tty= + tty -s && tty=--tty + docker run \ + $tty \ + --interactive \ + --rm \ + --user www-data:www-data \ + --volume ~/dnmp/data/composer:/tmp/composer \ + --volume $(pwd):/app \ + --workdir /app \ + dnmp_php composer "$@" +} + +# php5.6 composer +composer56 () { + tty= + tty -s && tty=--tty + docker run \ + $tty \ + --interactive \ + --rm \ + --user www-data:www-data \ + --volume ~/dnmp/data/composer:/tmp/composer \ + --volume $(pwd):/app \ + --workdir /app \ + dnmp_php56 composer "$@" +} + +# php5.4 composer +composer54 () { + tty= + tty -s && tty=--tty + docker run \ + $tty \ + --interactive \ + --rm \ + --user www-data:www-data \ + --volume ~/dnmp/data/composer:/tmp/composer \ + --volume $(pwd):/app \ + --workdir /app \ + dnmp_php54 composer "$@" +} \ No newline at end of file diff --git a/conf/elk/README.md b/conf/elk/README.md new file mode 100644 index 00000000..aa6527e3 --- /dev/null +++ b/conf/elk/README.md @@ -0,0 +1,21 @@ +当前默认的xpack配置为Trial版30天使用,密码在docker-compose的es主节点配置的 +若想要开启集群内部安全通信ssl CA认证则将es的几个yml文件的xpack注释打开,同时将trial版配置注释掉 +然后进入master节点 + +创建证书: bin/elasticsearch-certutil cert -out config/elastic-certificates.p12 -pass "" + +创建证书目录: mkdir config/certs + +mv config/elastic-*.p12 config/certs/ + +chown -R elasticsearch:root config/certs/ + +再把证书文件 certs 复制到其他节点并赋予权限。 + +重启 elasticsearch + +重置密码: bin/elasticsearch-setup-passwords interactive + +注意: filebeat.yml权限 + +重置密码: `docker-compose exec -T elasticsearch bin/elasticsearch-setup-passwords auto --batch` \ No newline at end of file diff --git a/conf/elk/elk.sh b/conf/elk/elk.sh new file mode 100644 index 00000000..64236c6d --- /dev/null +++ b/conf/elk/elk.sh @@ -0,0 +1,117 @@ +#./bin/bash +# 定义颜色 +BLUE_COLOR="\033[36m" +RED_COLOR="\033[31m" +GREEN_COLOR="\033[32m" +VIOLET_COLOR="\033[35m" +RES="\033[0m" + +echo -e "${BLUE_COLOR}# ######################################################################${RES}" +echo -e "${BLUE_COLOR}# Docker ELK Shell Script #${RES}" +echo -e "${BLUE_COLOR}# Blog: www.voocel.com #${RES}" +echo -e "${BLUE_COLOR}# Email: voocel@gmail.com #${RES}" +echo -e "${BLUE_COLOR}# ######################################################################${RES}" + +if [ "$(free -g|awk '/^Mem/{print $2-$3}')" -le 4 ];then + echo "可用内存小于4g,退出!" + exit +fi + +#优化系统 +#if [ -z "$(grep vm.max_map_count /etc/sysctl.conf)" ];then +# echo 'vm.max_map_count=655360' >>/etc/sysctl.conf +#else +# sed -i 's/vm.max_map_count.*/vm.max_map_count=655360/g' /etc/sysctl.conf +#fi +#sysctl -p + +# 创建目录 +echo -e "${BLUE_COLOR}---> create [elasticsearch]directory start.${RES}" +if [ ! -d "./elasticsearch/" ]; then +mkdir -p ./elasticsearch/master/conf ./elasticsearch/master/data ./elasticsearch/master/logs \ + ./elasticsearch/slave1/conf ./elasticsearch/slave1/data ./elasticsearch/slave1/logs \ + ./elasticsearch/slave2/conf ./elasticsearch/slave2/data ./elasticsearch/slave2/logs +fi +if [ ! -d "./escerts/" ]; then +mkdir ./escerts +fi +if [ ! -d "./logs/" ]; then +mkdir ./logs +fi + +echo -e "${RED_COLOR}---> create [kibana]directory start.${RES}" +if [ ! -d "./kibana/" ]; then +mkdir -p ./kibana/conf ./kibana/logs +fi + + echo -e "${GREEN_COLOR}---> create [logstash]directory start.${RES}" + if [ ! -d "./logstash/" ]; then + mkdir -p ./logstash/conf ./logstash/logs + fi + +echo -e "${GREEN_COLOR}---> create [filebeat]directory start.${RES}" +if [ ! -d "./filebeat/" ]; then +mkdir -p ./filebeat/conf ./filebeat/logs ./filebeat/data +fi + +echo -e "${VIOLET_COLOR}---> create [nginx]directory start.${RES}" +if [ ! -d "./nginx/" ]; then +mkdir -p ./nginx/conf ./nginx/logs ./nginx/www +fi +echo -e "${BLUE_COLOR}===> create directory success.${RES}" + +# 目录授权(data/logs 都要授读/写权限) +echo -e "${BLUE_COLOR}---> directory authorize start.${RES}" +if [ -d "./elasticsearch/" ]; then +chmod 777 ./elasticsearch/master/data/ ./elasticsearch/master/logs/ \ + ./elasticsearch/slave1/data/ ./elasticsearch/slave1/logs/ \ + ./elasticsearch/slave2/data/ ./elasticsearch/slave2/logs +fi +if [ -d "./escerts/" ]; then +chmod 777 ./escerts +fi + +if [ -d "./filebeat/" ]; then +chmod 777 ./filebeat/data/ ./filebeat/logs/ +fi +echo -e "${BLUE_COLOR}===> directory authorize success.${RES}" + +# 移动配置文件 +echo -e "${BLUE_COLOR}---> move [elasticsearch]config file start.${RES}" +if [ -f "./es-master.yml" ] && [ -f "./es-slave1.yml" ] && [ -f "./es-slave2.yml" ]; then +mv ./es-master.yml ./elasticsearch/master/conf +mv ./es-slave1.yml ./elasticsearch/slave1/conf +mv ./es-slave2.yml ./elasticsearch/slave2/conf +fi + +echo -e "${RED_COLOR}---> move [kibana]config file start.${RES}" +if [ -f "./kibana.yml" ]; then +mv ./kibana.yml ./kibana/conf +fi + + echo -e "${GREEN_COLOR}---> move [logstash]config file start.${RES}" + if [ -f "./logstash-filebeat.conf" ]; then + mv ./logstash-filebeat.conf ./logstash/conf + fi + if [ -f "./logstash.yml" ]; then + mv ./logstash.yml ./logstash/conf + chmod 777 ./logstash/conf/logstash.yml ./logstash/logs + fi + +echo -e "${GREEN_COLOR}---> move [filebeat]config file start.${RES}" +if [ -f "./filebeat.yml" ]; then +mv ./filebeat.yml ./filebeat/conf +chown root:root filebeat.yml +chmod 644 ./filebeat/filebeat.yml +fi + +echo -e "${VIOLET_COLOR}---> move [nginx]config file start.${RES}" +if [ -f "./nginx.conf" ]; then +mv ./nginx.conf ./nginx/conf +fi +echo -e "${BLUE_COLOR}===> move config files success.${RES}" +echo -e "${GREEN_COLOR}>>>>>>>>>>>>>>>>>> The End <<<<<<<<<<<<<<<<<<${RES}" + +# 部署项目 +echo -e "${BLUE_COLOR}==================> Docker deploy Start <==================${RES}" +docker-compose up --build -d \ No newline at end of file diff --git a/conf/elk/es-master.yml b/conf/elk/es-master.yml new file mode 100644 index 00000000..9e29ba9f --- /dev/null +++ b/conf/elk/es-master.yml @@ -0,0 +1,43 @@ +# 集群名称 +cluster.name: es-cluster +# 节点名称 +node.name: es-master +# 是否可以成为master节点 +node.master: true +# 是否允许该节点存储数据,默认开启 +node.data: false +# 锁住内存,不被使用到交换分区去, 生产必须为true,内存锁定检查,目的是内存地址直接映射,减少一次copy时间 +#bootstrap.memory_lock: true +# 系统过滤检查,防止数据损坏,考虑集群安全,生产设置成false +#bootstrap.system_call_filter: false +# 网络绑定 +network.host: 0.0.0.0 +# 设置对外服务的http端口 +http.port: 9200 +# 设置节点间交互的tcp端口 +transport.port: 9300 +# 集群发现 +discovery.seed_hosts: + - es-master + - es-slave1 + - es-slave2 +# 手动指定可以成为 mater 的所有节点的 name 或者 ip,这些配置将会在第一次选举中进行计算 +cluster.initial_master_nodes: + - es-master +# 支持跨域访问 +http.cors.enabled: true +http.cors.allow-origin: "*" +http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type +# 安全认证 +xpack.license.self_generated.type: trial +xpack.security.enabled: true +xpack.monitoring.collection.enabled: true + +################################ basic ssl ######################################### +# xpack.security.enabled: true +# xpack.license.self_generated.type: basic +# xpack.security.transport.ssl.enabled: true +# xpack.security.transport.ssl.verification_mode: certificate +# xpack.security.transport.ssl.keystore.path: certs/elastic-certificates.p12 +# xpack.security.transport.ssl.truststore.path: certs/elastic-certificates.p12 +#################################################################################### \ No newline at end of file diff --git a/conf/elk/es-slave1.yml b/conf/elk/es-slave1.yml new file mode 100644 index 00000000..eb858000 --- /dev/null +++ b/conf/elk/es-slave1.yml @@ -0,0 +1,41 @@ +# 集群名称 +cluster.name: es-cluster +# 节点名称 +node.name: es-slave1 +# 是否可以成为master节点 +node.master: true +# 是否允许该节点存储数据,默认开启 +node.data: true +# 锁住内存,不被使用到交换分区去 +#bootstrap.memory_lock: true +# 网络绑定 +network.host: 0.0.0.0 +# 设置对外服务的http端口 +http.port: 9201 +# 设置节点间交互的tcp端口 +#transport.port: 9301 +# 集群发现 +discovery.seed_hosts: + - es-master + - es-slave1 + - es-slave2 +# 手动指定可以成为 mater 的所有节点的 name 或者 ip,这些配置将会在第一次选举中进行计算 +cluster.initial_master_nodes: + - es-master +# 支持跨域访问 +http.cors.enabled: true +http.cors.allow-origin: "*" +http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type +# 安全认证 +xpack.license.self_generated.type: trial +xpack.security.enabled: true +xpack.monitoring.collection.enabled: true + +################################ basic ssl ######################################### +# xpack.security.enabled: true +# xpack.license.self_generated.type: basic +# xpack.security.transport.ssl.enabled: true +# xpack.security.transport.ssl.verification_mode: certificate +# xpack.security.transport.ssl.keystore.path: certs/elastic-certificates.p12 +# xpack.security.transport.ssl.truststore.path: certs/elastic-certificates.p12 +#################################################################################### \ No newline at end of file diff --git a/conf/elk/es-slave2.yml b/conf/elk/es-slave2.yml new file mode 100644 index 00000000..dd70fd4a --- /dev/null +++ b/conf/elk/es-slave2.yml @@ -0,0 +1,41 @@ +# 集群名称 +cluster.name: es-cluster +# 节点名称 +node.name: es-slave2 +# 是否可以成为master节点 +node.master: true +# 是否允许该节点存储数据,默认开启 +node.data: true +# 锁住内存,不被使用到交换分区去 +#bootstrap.memory_lock: true +# 网络绑定 +network.host: 0.0.0.0 +# 设置对外服务的http端口 +http.port: 9202 +# 设置节点间交互的tcp端口 +#transport.port: 9302 +# 集群发现 +discovery.seed_hosts: + - es-master + - es-slave1 + - es-slave2 +# 手动指定可以成为 mater 的所有节点的 name 或者 ip,这些配置将会在第一次选举中进行计算 +cluster.initial_master_nodes: + - es-master +# 支持跨域访问 +http.cors.enabled: true +http.cors.allow-origin: "*" +http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type +# 安全认证 +xpack.license.self_generated.type: trial +xpack.security.enabled: true +xpack.monitoring.collection.enabled: true + +################################ basic ssl ######################################### +# xpack.security.enabled: true +# xpack.license.self_generated.type: basic +# xpack.security.transport.ssl.enabled: true +# xpack.security.transport.ssl.verification_mode: certificate +# xpack.security.transport.ssl.keystore.path: certs/elastic-certificates.p12 +# xpack.security.transport.ssl.truststore.path: certs/elastic-certificates.p12 +#################################################################################### \ No newline at end of file diff --git a/conf/elk/filebeat.yml b/conf/elk/filebeat.yml new file mode 100644 index 00000000..c267532c --- /dev/null +++ b/conf/elk/filebeat.yml @@ -0,0 +1,54 @@ +filebeat.inputs: +- type: log + enabled: true + paths: + - /var/log/*.log + multiline.pattern: ^\[ + multiline.negate: true + multiline.match: after + fields: + log_source: nginx + +- type: log + enabled: true + paths: + # 日志文件路径列表,可用通配符,不递归 + - /var/laravellog/*.log + # - /var/log/php/php-fpm.log + # 正则表达式,匹配日记与 2020-06-01 为开头的记录为同一条日记记录。Filebeat 将所有不以 2020-06-01 开始的行与之前的行进行合并。 + multiline.pattern: '^[0-9]{4}/[0-9]{2}/[0-9]{2}' + # multiline.negate 与 multiline.match 配合使用。 multiline.pattern=^b 则以 b 开头的行是一条完整日志的开始,它和后面多个不以 b 开头的行组成一条完整日志 + multiline.negate: true + multiline.match: after + # timeout 表示超时时间,如果超过 timeout 还没有新的一行日志产生,则自动结束当前的多行、形成一条日志发出去。 + multiline.timeout: 5s + # Filebeat 以多快的频率去 prospector 指定的目录下面检测文件更新(比如是否有新增文件),如果设置为 0s,则 Filebeat 会尽可能快地感知更新(占用的 CPU 会变高)。默认是 10s。 + scan_frequency: 5s + fields: + log_source: laravel + +filebeat.config.modules: + path: ${path.config}/modules.d/*.yml + reload.enabled: false + +setup.template.settings: + index.number_of_shards: 1 + +setup.dashboards.enabled: false + +setup.kibana: + host: "http://kibana:5601" + +# 直接传输至es +#output.elasticsearch: +# hosts: ["http://es-master:9200"] +# index: "filebeat-%{[beat.version]}-%{+yyyy.MM.dd}" +# username: 'elastic' +# password: '123456' + +output.logstash: + hosts: ["logstash:5044"] + +processors: + - add_host_metadata: ~ + - add_cloud_metadata: ~ \ No newline at end of file diff --git a/conf/elk/kibana.yml b/conf/elk/kibana.yml new file mode 100644 index 00000000..02a21e53 --- /dev/null +++ b/conf/elk/kibana.yml @@ -0,0 +1,14 @@ +# 服务端口 +server.port: 5601 +# 服务IP +server.host: "0.0.0.0" +# ES +elasticsearch.hosts: ["http://es-master:9200"] +# 汉化 +i18n.locale: "zh-CN" + +xpack.monitoring.ui.container.elasticsearch.enabled: true + +# X-Pack安全凭证 +elasticsearch.username: "elastic" +elasticsearch.password: "123456" \ No newline at end of file diff --git a/conf/elk/logstash-filebeat.conf b/conf/elk/logstash-filebeat.conf new file mode 100644 index 00000000..738711c4 --- /dev/null +++ b/conf/elk/logstash-filebeat.conf @@ -0,0 +1,61 @@ +input { + # 来源beats + beats { + # 端口 + port => "5044" + } +} + +#input { + # 来源文件 +# file { +# path => ["/var/log/logstash/nginx.log"] +# start_position => "beginning" +# sincedb_path => "nul" +# type => "nginx" +# codec => "json" +# } +#} + +# 分析、过滤插件,可以多个 +filter { + if[fields][log_source] == "nginx" { + #grok{ + #match => { "message" => "%{IPORHOST:http_host} %{IPORHOST:clientip} - %{USERNAME:remote_user} \[%{HTTPDATE:timestamp}\]\"(?:%{WORD:http_verb} %{NOTSPACE:http_request}(?: HTTP/%{NUMBER:http_version})?|%{DATA:raw_http_request})\" %{NUMBER:response} (?:%{NUMBER:bytes_read}|-) %{QS:referrer} %{QS:agent} %{QS:xforwardedfor} %{NUMBER:request_time:float}"} + #} + json { + source => "message" + remove_field => "message" + } + } + if[fields][log_source] == "laravel" { + grok { + match => [ "message","\[%{TIMESTAMP_ISO8601:logtime}\] %{WORD:env}\.%{LOGLEVEL:level}\: %{GREEDYDATA:msg}" ] + } + } + geoip { + source => "clientip" + } +} + +output { + if[fields][log_source] == "nginx" { + # 输出选择elasticsearch + elasticsearch { + hosts => ["http://es-master:9200"] + index => "nginx-%{+YYYY.MM.dd}" + user => "elastic" + password => "123456" + } + } + if[fields][log_source] == "laravel" { + #if [level] == "ERROR" { + elasticsearch { + hosts => ["http://es-master:9200"] + index => "laravel-%{+YYYY.MM.dd}" + user => "elastic" + password => "123456" + } + #} + } +} \ No newline at end of file diff --git a/conf/elk/logstash.yml b/conf/elk/logstash.yml new file mode 100644 index 00000000..07b0b3ff --- /dev/null +++ b/conf/elk/logstash.yml @@ -0,0 +1,6 @@ +http.host: "0.0.0.0" +xpack.monitoring.elasticsearch.hosts: ["http://es-master:9200"] + +xpack.monitoring.enabled: true +xpack.monitoring.elasticsearch.username: "elastic" +xpack.monitoring.elasticsearch.password: "123456" \ No newline at end of file diff --git a/conf/elk/nginx.conf b/conf/elk/nginx.conf new file mode 100644 index 00000000..dc58d481 --- /dev/null +++ b/conf/elk/nginx.conf @@ -0,0 +1,53 @@ +worker_processes 1; +events { + worker_connections 1024; +} + +http { + include mime.types; + default_type application/octet-stream; + sendfile on; + keepalive_timeout 65; + + # log_format main '{"@timestamp":"$time_iso8601",' + # '"host":"$server_addr",' + # '"clientip":"$remote_addr",' + # '"size":"$body_bytes_sent",' + # '"responsetime":"$request_time",' + # '"user_agent":"$http_user_agent",' + # '"request":"$request",' + # '"request_method":"$request_method",' + # '"uri":"$uri",' + # '"domain":"$host",' + # '"xff":"$http_x_forwarded_for",' + # '"referer":"$http_referer",' + # '"status":"$status"}'; + # access_log /var/log/nginx.log main; + + # Nginx 负载均衡实现服务器的集群 + upstream spring-boot-es { + #weight 权重(数字越大,表明请求到的机会越大) + server 192.168.0.111:60 weight=5; + server 192.168.0.112:60 weight=5; + # 备份服务器 + server 192.168.0.110:60 backup; + } + + server { + listen 80; + server_name localhost; + + location / { + proxy_pass http://spring-boot-es; + proxy_set_header Host $host; + # proxy_set_header X-Forwarded-Host $server_name; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root html; + } + } +} \ No newline at end of file diff --git a/conf/mongo/conf/mongo.conf b/conf/mongo/conf/mongo.conf new file mode 100644 index 00000000..4324517a --- /dev/null +++ b/conf/mongo/conf/mongo.conf @@ -0,0 +1,43 @@ +# mongod.conf + +# for documentation of all options, see: +# http://docs.mongodb.org/manual/reference/configuration-options/ + +# Where and how to store data. +storage: + dbPath: /var/lib/mongodb + journal: + enabled: true +# engine: +# mmapv1: +# wiredTiger: + +# where to write logging data. +systemLog: + destination: file + logAppend: true + path: /var/log/mongodb/mongod.log + +# network interfaces +net: + port: 27017 + bindIp: 127.0.0.1 + + +# how the process runs +processManagement: + timeZoneInfo: /usr/share/zoneinfo + +#security: + +#operationProfiling: + +#replication: + +#sharding: + +## Enterprise-Only Options: + +#auditLog: + +#snmp: \ No newline at end of file diff --git a/conf/mongo/conf/mongod.yml b/conf/mongo/conf/mongod.yml new file mode 100644 index 00000000..355a2135 --- /dev/null +++ b/conf/mongo/conf/mongod.yml @@ -0,0 +1,44 @@ +# mongod.conf + +# for documentation of all options, see: +# http://docs.mongodb.org/manual/reference/configuration-options/ + +# Where and how to store data. +storage: + dbPath: /data/db + journal: + enabled: true + directoryPerDB: true +# engine: +# mmapv1: +# wiredTiger: + +# where to write logging data. +systemLog: + destination: file + logAppend: true + path: /var/log/mongodb/mongod.log + +# network interfaces +net: + port: 27017 + bindIp: 0.0.0.0 + + +# how the process runs +# processManagement: + +security: + authorization: enabled + +#operationProfiling: + +#replication: + +#sharding: + +## Enterprise-Only Options: + +#auditLog: + +#snmp: diff --git a/conf/nginx/cert/*.demo.com.crt b/conf/nginx/cert/*.demo.com.crt new file mode 100644 index 00000000..db69977e --- /dev/null +++ b/conf/nginx/cert/*.demo.com.crt @@ -0,0 +1,15 @@ +-----BEGIN CERTIFICATE----- +MIICVzCCAcACCQC3v37GyvPRXjANBgkqhkiG9w0BAQUFADBwMQswCQYDVQQGEwJV +UzENMAsGA1UECAwETWFyczETMBEGA1UEBwwKaVRyYW5zd2FycDETMBEGA1UECgwK +aVRyYW5zd2FycDETMBEGA1UECwwKaVRyYW5zd2FycDETMBEGA1UEAwwKKi5kZW1v +LmNvbTAeFw0xODA1MjkwODQzNDBaFw0yODA1MjYwODQzNDBaMHAxCzAJBgNVBAYT +AlVTMQ0wCwYDVQQIDARNYXJzMRMwEQYDVQQHDAppVHJhbnN3YXJwMRMwEQYDVQQK +DAppVHJhbnN3YXJwMRMwEQYDVQQLDAppVHJhbnN3YXJwMRMwEQYDVQQDDAoqLmRl +bW8uY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMAuixB7bHfFGdPdRc +1Cs4Q90tGoib2Gtm+nHawQ6ipJdldX2dQ7lGXPVVLe5rVLl6GOjywuHWia/Tscgc +ay9D11aWahXPomMYZCohvPjhogc2MsbQEjQ7grZ11qFFNbXGBfGfAkr6KCxUh1In +a7bUhtqAizh1rWk6A+6WiyC7KQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBABtUoa7Y +6ivqNvLOWCABXa4aM/bNqPnv7+dmmNp9vT6RnBwzftZQhx0e2RwUSBI+zosoKoZ2 +shOyiSObVhYg/GtgkI4rzUHiNYBtznOBz7v/KYzQ08tL0ei18xCWHxCl4TRosI3j +Qk/U1nfi1uW/Mr666/4ur/Sjh90tQluDTsy0 +-----END CERTIFICATE----- diff --git a/conf/nginx/cert/*.demo.com.csr b/conf/nginx/cert/*.demo.com.csr new file mode 100644 index 00000000..b6a2d900 --- /dev/null +++ b/conf/nginx/cert/*.demo.com.csr @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBsDCCARkCAQAwcDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBE1hcnMxEzARBgNV +BAcMCmlUcmFuc3dhcnAxEzARBgNVBAoMCmlUcmFuc3dhcnAxEzARBgNVBAsMCmlU +cmFuc3dhcnAxEzARBgNVBAMMCiouZGVtby5jb20wgZ8wDQYJKoZIhvcNAQEBBQAD +gY0AMIGJAoGBAMwC6LEHtsd8UZ091FzUKzhD3S0aiJvYa2b6cdrBDqKkl2V1fZ1D +uUZc9VUt7mtUuXoY6PLC4daJr9OxyBxrL0PXVpZqFc+iYxhkKiG8+OGiBzYyxtAS +NDuCtnXWoUU1tcYF8Z8CSvooLFSHUidrttSG2oCLOHWtaToD7paLILspAgMBAAGg +ADANBgkqhkiG9w0BAQsFAAOBgQAmnLQEU1zGQ4b7TFh1cMaxwSrJagWzcraNG5RJ +BezoGSP9xhwSniM15tVIWtv2rWKBE3uRKxvijmazEPnte2k3PAgbeeuiOXa41uMk +yYMAWvhTqGr7yKvaqpJ/B5VcfJCNNVHHGIIHcoIIMhYFAEPC9jrVtcedpEM8zzi4 +PB6aHQ== +-----END CERTIFICATE REQUEST----- diff --git a/conf/nginx/cert/*.demo.com.key b/conf/nginx/cert/*.demo.com.key new file mode 100644 index 00000000..318717a0 --- /dev/null +++ b/conf/nginx/cert/*.demo.com.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICWwIBAAKBgQDMAuixB7bHfFGdPdRc1Cs4Q90tGoib2Gtm+nHawQ6ipJdldX2d +Q7lGXPVVLe5rVLl6GOjywuHWia/Tscgcay9D11aWahXPomMYZCohvPjhogc2MsbQ +EjQ7grZ11qFFNbXGBfGfAkr6KCxUh1Ina7bUhtqAizh1rWk6A+6WiyC7KQIDAQAB +AoGAdkWxdQBN3LSb9BbmSLLQI5xkW0OoswDysw66duG5hFz7UFye6E9c2AgISsuI +Dz1dEgXi9uo4V1IXVxkYNDGHgjmSo3b4yO8s5bQYuSr2aOU6ADoUVdXPLc3uSiUy +4Ib1GTbtFiXLU7f+WppPn8LZmgXCH02or4CZZSQ2En8AGwECQQDzVTXrbdycEMc0 +h43Gv4Aw6sr9vQClMh0e4R/T4VceCfjmBhkW/zKkb7zLYNTERkWWeyDnsHk1SkYP +LgL20/vZAkEA1qGtnpQdEcpk6HCBvqAzuIpN4h4sO5XsjIeX8Beh6jFYbIqcf6ee +y5bXyy6qDhNk6YafGQ3Hm8Ilk5+3uki30QJAChd4mwD9a0OO33DXwmxixqSWMpvK +EQ/ZAVTY2xK3aDmFpxSNqdR/py4zKEQlztYTQMBuhu1cuYcRDMQdv1rfUQJAbbfM +p0oT6ipKl0AcMzR1/BpHYhYGipdDizstgoCyNqPvDd11zxQC6xQ7UBSUvglQBsjY +v9f5eDgxOVvmcgYGYQJACsatGoueTHkCe66iPE63iUDnq6jcWuH7TIFLnzHeZkgX +veLRL4cP8uFcPqfoIQWuAgfFTqjeqhEs7TyZeNzT3A== +-----END RSA PRIVATE KEY----- diff --git a/conf/nginx/cert/*.demo.com.origin.key b/conf/nginx/cert/*.demo.com.origin.key new file mode 100644 index 00000000..37837d52 --- /dev/null +++ b/conf/nginx/cert/*.demo.com.origin.key @@ -0,0 +1,18 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-CBC,38CF978F7A579F4F + +VYM3PmSOM4fk6bBpBT0c0YStQ6DNZLe6mvXmnw3W/VwMMG/kSYfY24Y29jFalfjf +YHvJarNRkmwnuCoU0Cs2/klwfmL5bbpQYPucIOHz5bS45Izv9JFeOXWrhiU4sbfc +9YSCi+2K/23M4CmVzk/zF9RQdhl6rOmvpRpGnIw/vLpLs2EFt4hqE1zROu69v5Xw +oo0+WnMuK56e/ZEol+dkHlqazhMlf2yEkLf3FUr+mHAS+TezM5bHibr5W0wcBAF2 +nEcA00Mfz7fNW1EZHRH7/0bdedW0z9ZC2WKBb5GnN+GuQkodUvQnkaGJR+txlDLZ +3/BvblUpAxVFRackSISUE+L/d0Mp7/8WmyHroGBVlvu0fhWHm6cBVL+7GDN+t1iq +lbaDvVNJaFJC1vt5sZa5Zu/irs35jD5q8a1xqhood9BpFve359w9ls/dQrn6+7q2 +u9KlZRV19FmYTP+opqY9byLkfEQEKjbNhNUC59In+HKcHKsB32phy2so0CwdFN0y +Q70/NUJ/RaQXd++rH2cvIFpyw7krx1QEtAXfdqduM+mqmBi82VjmmAy+/312HX+s +E7GepN3jpHpiKM76Ct6mCA6Cdt9fdIP4UyDtB9Mjgd/OyffWuaK+vHEmiuzsvCfU +tYdSb/ab4n96GBNPQzQou4Bdn8QA8aYAeiq2N3fZtsTOT2BuqysPLyag3Rd1pf1C +H0/fpZnqmbS0ZfOpwpTmO3pohzuaqWKpeRQoZtPOma4vVTgqhtk7ncs9a5U9VcPu +aqsXhMCEtt0en4m67NIGbGWJk5egn3gI5QVCljf8Stw= +-----END RSA PRIVATE KEY----- diff --git a/conf/nginx/cert/cert.key b/conf/nginx/cert/cert.key new file mode 100644 index 00000000..dae8ad59 --- /dev/null +++ b/conf/nginx/cert/cert.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAqdF/1OyypV999y4m3+kPut5gsg5g+VOFRiK9xZhMzzaMziHa +5DYM1vVsq8Jw3XCKb96zo7vfZZbzouuj5/CjCVIk6C5pgjDZ/D2rmCcjaqo3SKDJ +y1KimuRItiqVzkF52WIqe6XnZ8wpPUhNc620eLcbYZS60OVvnlO1PEAJ7e9UgZXR +4LpPD4Nj+tWNEgV9RIhw7OKGsB2DGohTSUbP7mQBqnelqQj3uO1mNapqGR6F/P/P +sJrsdkIBLnCHXOavycgURNNoT5kyWEunAxYkl2bMBuT345ROgpXwnlHb6qs47A5g +sPHztf6DbGqK3tp8PqUKQSccUJYrcBXWFOL5iQIDAQABAoIBAQCcdqFgLmH/CrfF +6ej5fwP2OfQ/ug3RSwnNcC8HguaqOOmM9xZ2E/LKj7/7lSBmds2meztqjawsLuP1 +5UTUbBvbd6r3neOqh5Yg2TVj8BOqsIBVU4f55P5a1iDEbwIt0pgRGWhpGpfWQ/5v +L1HlVlOksZjx1JY36F1qNFgU1jAP31+Wce3JFJ9BbOBckMUzqmRX3+c6070qzkNH +GH7txxC3DA+C9MF41Ufy4dMKT0a+w4vyD24KJzeUc/q1CRg6Zd+C1l8jQFtflGLg +GhJ1/TEmNn45qNNGocSDWHP41jO+OT0CNp3gDjZqZrnAwlF9zsNfca74LMMqK7rX +jJU2gfXtAoGBAPoaY53FrRAXaeWtXy+cOB3E5sZ5xiHOKsl/GdoXgNEW2poLZDZ1 +loBCXAlDOB5++FykaoZWe1hyAubtpu1lXo7A+mp9MxfnGAml5XIjFFeTIr3MYjkL +M5wLjVY7mJIhybxJOfSNsrUUPb7Hfl1HnSLpNT89YiBMfpGKl6LXAKhvAoGBAK3S +g+dqWg/ari+HZEnUNiI0milJemcvx/1NuqIws2lEq1lSNfSmAsEHL5gJwA7SsQFq +NKGxxqzBjh6eq43i3hQzzDWJIvjHtciCyv8al2LeNEYfcvl0r/+Q4N0pk9IEsGDo +OaaryZBgleAbOE2omp6WN7SfKjDZp3nu0pG85cmHAoGASjXGVSwwe9PWsjXNRp09 +8WdZao77gVBhVcSG8TWEHYaAerDinV4quAf4sy7k2femziZjDVVf6BB8V/UwUMSB +WC5en3Zi0LbbZRF6kXFjOdEIv/SDOJXgTG8JEws/7CxmZZ38ulnJKv3EjHU5Q4ha +Ud+M0yTtltPbwmezMrhFE7UCgYEAgC6S+O/TtIdWFlSon00wEm9qE/JMopV4zJIq +hHqXg5SRK5BVm7FkrIYpEdx21jeHMnzojSj1UuZ1cJ0f88UOciV0fTJBKObVZiUV +n6QzaURlliSQ++aR90wWluGXUbQFgaEfCor6XE7tl1NbZOFmDHbIY5lQWq/XMjLs +824yojcCgYB+e0fcxuc7sScvDCxijenBXDGUXnPhZiaozxlUnuwG9CCt2wEZttbO +6KsLb9dl+UpFAh44GGXf/A3gGj/6R3lFezVFbEjaE/u7BvT1WqBesXh3w54i7iiH +JWIZ5ft2bAIHBrd0qORIBd0Jer88+z/OnC1YCS0X77WQEhxoI74PWw== +-----END RSA PRIVATE KEY----- diff --git a/conf/nginx/cert/cert.pem b/conf/nginx/cert/cert.pem new file mode 100644 index 00000000..57924376 --- /dev/null +++ b/conf/nginx/cert/cert.pem @@ -0,0 +1,64 @@ +-----BEGIN CERTIFICATE----- +MIIFljCCBH6gAwIBAgIQQ7EBMo2RwzhQ1odM8rLrPDANBgkqhkiG9w0BAQsFADCB +lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w +HQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMR0wGwYDVQQLExREb21haW4g +VmFsaWRhdGVkIFNTTDEmMCQGA1UEAxMdU3ltYW50ZWMgQmFzaWMgRFYgU1NMIENB +IC0gRzEwHhcNMTcwNDIxMDAwMDAwWhcNMTgwNDIxMjM1OTU5WjAfMR0wGwYDVQQD +DBR3d3cuY2hlbmdodWl5b25nLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC +AQoCggEBAKnRf9TssqVfffcuJt/pD7reYLIOYPlThUYivcWYTM82jM4h2uQ2DNb1 +bKvCcN1wim/es6O732WW86Lro+fwowlSJOguaYIw2fw9q5gnI2qqN0igyctSoprk +SLYqlc5BedliKnul52fMKT1ITXOttHi3G2GUutDlb55TtTxACe3vVIGV0eC6Tw+D +Y/rVjRIFfUSIcOzihrAdgxqIU0lGz+5kAap3pakI97jtZjWqahkehfz/z7Ca7HZC +AS5wh1zmr8nIFETTaE+ZMlhLpwMWJJdmzAbk9+OUToKV8J5R2+qrOOwOYLDx87X+ +g2xqit7afD6lCkEnHFCWK3AV1hTi+YkCAwEAAaOCAlYwggJSMDEGA1UdEQQqMCiC +FHd3dy5jaGVuZ2h1aXlvbmcuY29tghBjaGVuZ2h1aXlvbmcuY29tMAkGA1UdEwQC +MAAwYQYDVR0gBFowWDBWBgZngQwBAgEwTDAjBggrBgEFBQcCARYXaHR0cHM6Ly9k +LnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGQwXaHR0cHM6Ly9kLnN5bWNiLmNv +bS9ycGEwHwYDVR0jBBgwFoAUXGGesHZBqWqqQwvhx24wKW6xzTYwDgYDVR0PAQH/ +BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBXBggrBgEFBQcB +AQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9oYy5zeW1jZC5jb20wJgYIKwYBBQUH +MAKGGmh0dHA6Ly9oYy5zeW1jYi5jb20vaGMuY3J0MIIBBAYKKwYBBAHWeQIEAgSB +9QSB8gDwAHcA3esdK3oNT6Ygi4GtgWhwfi6OnQHVXIiNPRHEzbbsvswAAAFbj1He +cgAABAMASDBGAiEAwGzW3B6efeEHpO37k/NLbKKEkDfgBSnUdteo39ZS+GYCIQD8 +dVTlZ4h3qqVhRTfuUpZVYF64fXnsCr9wzxAhmXwVbAB1AKS5CZC0GFgUh7sTosxn +cAo8NZgE+RvfuON3zQ7IDdwQAAABW49R3okAAAQDAEYwRAIgdw1UwDkRc+HCS6HT +diFJgwx2dkS6fZy76tM5WkD6/lUCIAPZD5+IAYQwE9/71b3E9SbOLTxeNToCELHz +XoJE19CyMA0GCSqGSIb3DQEBCwUAA4IBAQBrIMMj2YPFPlUGPPzAMxH+A+mjhH30 +IjJ32Bp90hwZmDVHsR+4uUJog7SQCmYqOCSy+4G1lS/uVKKXuuYvj5X6gkcUcSLC +z9R0b2YS0ddLME18JPoTz/HsfM1k/+h00gAFbJlPDspbFRsysEtGsPIVyLsnBV83 +PsX5A4GTMrWnxqrHGof62urx7BugMCgyVuSifhgkGWbkO3v7NN46ap6krkjZ5oUF +ewZFv1zwQbYaFGECLTJcA64DS13WW7i/liDbq/n7F79foAQWwmBIOpKLdzDxQpGs +0AJHDr8dY898mBzyfF4rPoPYCdO+3moTGW9gKCcoqpua7bGQ+mSgN0Nm +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFYjCCBEqgAwIBAgIQTEzYoPxP6q4VVKh/CQ7ahzANBgkqhkiG9w0BAQsFADCB +yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL +ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp +U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW +ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0 +aG9yaXR5IC0gRzUwHhcNMTYwNjA3MDAwMDAwWhcNMjYwNjA2MjM1OTU5WjCBlDEL +MAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYD +VQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMR0wGwYDVQQLExREb21haW4gVmFs +aWRhdGVkIFNTTDEmMCQGA1UEAxMdU3ltYW50ZWMgQmFzaWMgRFYgU1NMIENBIC0g +RzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkN8hYylrZCZihZgN2 +5FsiT+qfOv8rKi3MbRIsZ2TUqsS5e1eDLPXI8IP4XXUZLWt9hlqmDpqiZa5mLSBj +KDX3iWq/FaOc8l1AsbeOhr9ZESCoEorqm6S9wAL+HX7hLY/7p03SSNSAO+/gr2o7 +ciWu3jhd+H4dzGNNDN0nCuRIOX7rTGYI5mOb8QWJRC6H/3MlUYpBt9VV+l2FVNhB +LJuofF3TNJojVHximZnTEkybg/r9AZc2TkDHJX1BA6rNjXG8l5iSCL9ICJCBUPB5 +z/s3hQBQkOALXN88QTIrlj53XpWpqxYdQJrOFbtWi18WW3ZAnGAscd8vZ5UIg3KL +AmoBAgMBAAGjggF2MIIBcjASBgNVHRMBAf8ECDAGAQH/AgEAMC8GA1UdHwQoMCYw +JKAioCCGHmh0dHA6Ly9zLnN5bWNiLmNvbS9wY2EzLWc1LmNybDAOBgNVHQ8BAf8E +BAMCAQYwLgYIKwYBBQUHAQEEIjAgMB4GCCsGAQUFBzABhhJodHRwOi8vcy5zeW1j +ZC5jb20wYQYDVR0gBFowWDBWBgZngQwBAgEwTDAjBggrBgEFBQcCARYXaHR0cHM6 +Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoXaHR0cHM6Ly9kLnN5bWNi +LmNvbS9ycGEwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCkGA1UdEQQi +MCCkHjAcMRowGAYDVQQDExFTeW1hbnRlY1BLSS0yLTU1NTAdBgNVHQ4EFgQUXGGe +sHZBqWqqQwvhx24wKW6xzTYwHwYDVR0jBBgwFoAUf9Nlp8Ld7LvwMAnzQzn6Aq8z +MTMwDQYJKoZIhvcNAQELBQADggEBAGHqRXEvjeE/CpuVSPHyPKJYFsqWxP/a4quX +cRCRsy+ki4EP8qT7NfPnkEogxZvlMctHsWgdtTbp9ShXbqCnqXPCw575BZH2rEKN +xI30CWr6U47n4h2hSnaJxJeeA+xKsA1Vk4v8eLu7xwRlBwhZEsYNFAVpD3YEToek +H877QzZrZ6EdG/3Vg6sdtHDQ4i/U87syTmyM2l8vXOGIZDd1Wr6dqee2FtCfhvAc +WMbvh/J6sBOHMq0Vn5G8Tp6iUwsRlY1z7LaQKAlnlOiiZVhhe+1gvzJBHC0t+Hr2 +2YHwaoKDLhSB0F/gGkziNQ+py1hFne4MEOuvzOxJpjn0+wRIbBk= +-----END CERTIFICATE----- + diff --git a/conf/nginx/cert/envdev.crt b/conf/nginx/cert/envdev.crt new file mode 100644 index 00000000..f1eefeaf --- /dev/null +++ b/conf/nginx/cert/envdev.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICDzCCAXgCCQDcva593INAITANBgkqhkiG9w0BAQsFADBMMQswCQYDVQQGEwJG +UjETMBEGA1UECAwKU29tZS1TdGF0ZTENMAsGA1UECgwEVkZBQzEZMBcGA1UEAwwQ +ZW52ZGV2LmxvY2FsaG9zdDAeFw0xODA1MTgxMzU1NDZaFw0xOTA1MTgxMzU1NDZa +MEwxCzAJBgNVBAYTAkZSMRMwEQYDVQQIDApTb21lLVN0YXRlMQ0wCwYDVQQKDARW +RkFDMRkwFwYDVQQDDBBlbnZkZXYubG9jYWxob3N0MIGfMA0GCSqGSIb3DQEBAQUA +A4GNADCBiQKBgQCugJaBsmHXRMNayI1ZDfeSjMoK8taLKEjmz2Godc4LAzRzyRD7 +0MPYbX3LYBfTxgXh9jTUeczKWzWmcxaWUCZf/u3n7E528BNo2h3vHq8iLW6Rs6lv +qTsmbvToAB09XvX0ZbroQZc3GtSP2x20mzPdvX1D6sUrkT+TVe4UhRET+wIDAQAB +MA0GCSqGSIb3DQEBCwUAA4GBAKtmIYK73FyPWhs8GFlOwLyqZrIHTEiXOzuDoAZd +EBTGTs0uD2hRtZg+QYGa0t7ZtMng7WigkgeluSs3Oa52hN3ul4kTzPnGbMH7jC6v +Qp8FKkKA4J9KyVUitnhCjCOgxJozpUoMBTwns5eWWnuWcgYSfhRGNN8kOLT4VjW5 +C8c4 +-----END CERTIFICATE----- diff --git a/conf/nginx/cert/envdev.csr b/conf/nginx/cert/envdev.csr new file mode 100644 index 00000000..fa366bc0 --- /dev/null +++ b/conf/nginx/cert/envdev.csr @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBizCB9QIBADBMMQswCQYDVQQGEwJGUjETMBEGA1UECAwKU29tZS1TdGF0ZTEN +MAsGA1UECgwEVkZBQzEZMBcGA1UEAwwQZW52ZGV2LmxvY2FsaG9zdDCBnzANBgkq +hkiG9w0BAQEFAAOBjQAwgYkCgYEAroCWgbJh10TDWsiNWQ33kozKCvLWiyhI5s9h +qHXOCwM0c8kQ+9DD2G19y2AX08YF4fY01HnMyls1pnMWllAmX/7t5+xOdvATaNod +7x6vIi1ukbOpb6k7Jm706AAdPV719GW66EGXNxrUj9sdtJsz3b19Q+rFK5E/k1Xu +FIURE/sCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4GBAJnnODAo01hkOPfxmWPMSSM0 +dj9q7uw96FK06zOgX7rCSWFAdhHeYJR7T3BTDE8s7AFboUf64a0DvUjzstOxcEfN +tX3IJ6I5+ZKH2YqiErWsex/vXoNYAxvsK+O/zZBpqZPefDmDwJF8Igyvm9BxL21L +rv1G3OCMSXkEiCRSCYm7 +-----END CERTIFICATE REQUEST----- diff --git a/conf/nginx/cert/envdev.key b/conf/nginx/cert/envdev.key new file mode 100644 index 00000000..e3242561 --- /dev/null +++ b/conf/nginx/cert/envdev.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQCugJaBsmHXRMNayI1ZDfeSjMoK8taLKEjmz2Godc4LAzRzyRD7 +0MPYbX3LYBfTxgXh9jTUeczKWzWmcxaWUCZf/u3n7E528BNo2h3vHq8iLW6Rs6lv +qTsmbvToAB09XvX0ZbroQZc3GtSP2x20mzPdvX1D6sUrkT+TVe4UhRET+wIDAQAB +AoGAL9GO7NWcGCiAvBTvHvND34XzK9Ll1dZhO9aidU5q+vuS2RPFMqw/rsQ6T4vy +m5bNL+GPEpaZ9u3NouIw01n9Wacg6Zr+d0DZMd2NqEei8zueYcb08ju+LBCXEJ09 +vU05sd4LPnSVyMSzgBzmYHUfwxa+ZROhhGxxOx+S3arhuPkCQQDWttqeUORTsPXy +t6WWtj+WFxTyBW1XvULZw/ZriAbd0sDBNEZqjwKGLo3/scnUJknkGWdfYt711Bkw +FsQXdQRNAkEA0A5UghckX/d//kj/CCz1mUzVW9Zs2RroO7LJaASFIkIiEgO9DfsA +IXd7izBtW44m3Wcr0H8bcXkjqtoMMc49ZwJBAIn6eaTRMNlDV9oBAA1I0rXd4Vzh +9fEzM3mDf6B8ioUUAUBnGnUxr5qQ4jmVg7CsZkGJva9DdyocgY8wohS84uUCQQCE +VNkDdVy5fV53ik5MEOyVeP0r0JKi9C5J6kmYU2eqho3ND3ur7L4Ei06VFVQ5K40k +vX5suqvl3LsG7HFdLGR5AkAIRb15+VdSYLZAP8/sT/48+KPYWzsa8RrUzmd2E016 +NrjuPWtR6VYgaqYPtlDoyJNCUqsUphwquv2dXTcmbwOd +-----END RSA PRIVATE KEY----- diff --git a/conf/nginx/conf.d/app.conf.example b/conf/nginx/conf.d/app.conf.example new file mode 100644 index 00000000..a0f8357d --- /dev/null +++ b/conf/nginx/conf.d/app.conf.example @@ -0,0 +1,43 @@ +server { + + listen 80; + listen [::]:80; + + # For https + # listen 443 ssl; + # listen [::]:443 ssl ipv6only=on; + # ssl_certificate /etc/nginx/ssl/default.crt; + # ssl_certificate_key /etc/nginx/ssl/default.key; + + server_name app.test; + root /var/www/app; + index index.php index.html index.htm; + + location / { + try_files $uri $uri/ /index.php$is_args$args; + } + + location ~ \.php$ { + try_files $uri /index.php =404; + fastcgi_pass php-upstream; + fastcgi_index index.php; + fastcgi_buffers 16 16k; + fastcgi_buffer_size 32k; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + #fixes timeouts + fastcgi_read_timeout 600; + include fastcgi_params; + } + + location ~ /\.ht { + deny all; + } + + location /.well-known/acme-challenge/ { + root /var/www/letsencrypt/; + log_not_found off; + } + + error_log /var/log/nginx/app_error.log; + access_log /var/log/nginx/app_access.log; +} diff --git a/conf/nginx/conf.d/confluence.conf.example b/conf/nginx/conf.d/confluence.conf.example new file mode 100644 index 00000000..f804956b --- /dev/null +++ b/conf/nginx/conf.d/confluence.conf.example @@ -0,0 +1,43 @@ +server { + listen 80; + listen [::]:80; + server_name www.confluence-domain.com; + rewrite ^(.*) https://confluence-domain.com$1/ permanent; +} + +server { + listen 80; + listen [::]:80; + server_name confluence-domain.com; + rewrite ^(.*) https://confluence-domain.com/ permanent; +} + +server { + listen 443 ssl; + listen [::]:443 ssl; + ssl_certificate /etc/nginx/ssl/confluence-domain.com.crt; + ssl_certificate_key /etc/nginx/ssl/confluence-domain.com.key; + + server_name confluence-domain.com; + + location / { + client_max_body_size 100m; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Server $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://confluence-domain.com:8090/; + } + + location /synchrony { + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Server $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://confluence-domain.com:8090/synchrony-proxy; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + } + + error_log /var/log/nginx/bookchangerru_error.log; + access_log /var/log/nginx/bookchangerru_access.log; +} diff --git a/conf/nginx/conf.d/default.conf b/conf/nginx/conf.d/default.conf new file mode 100644 index 00000000..2f97591a --- /dev/null +++ b/conf/nginx/conf.d/default.conf @@ -0,0 +1,47 @@ +server +{ + listen 80; + server_name localhost; #server_name end + index index.html index.htm index.php; #index end + charset utf-8; + + set $subdomain ''; + root /home/wwwroot/index$subdomain; + include rewrite/nomal.conf; #rewrite end + + location ~ .*\.php$ + { + fastcgi_pass unix:/dev/shm/php-fpm-index.sock; + fastcgi_index index.php; + fastcgi_param DOCUMENT_ROOT /home/wwwroot/index$subdomain; + fastcgi_param SCRIPT_FILENAME /home/wwwroot/index$subdomain$fastcgi_script_name; + include fastcgi_params; + try_files $uri = 404; + } + + location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|mp3|wma)$ + { + expires 30d; + } + + location ~ .*\.(js|css)$ + { + expires 12h; + } + + location ~* /templates(/.*)\.(bak|html|htm|ini|old|php|tpl)$ { + allow 127.0.0.1; + deny all; + } + + location ~* \.(ftpquota|htaccess|htpasswd|asa|mdb|svn|git|hg|DS_Store|db?$ { + deny all; + } + + location ~ /node_modules/ { + deny all; + } + + access_log /var/log/nginx/index-access.log main; #access_log end + error_log /var/log/nginx/index-error.log crit; #error_log end +} diff --git a/conf/nginx/conf.d/demo.conf b/conf/nginx/conf.d/demo.conf new file mode 100644 index 00000000..303401fd --- /dev/null +++ b/conf/nginx/conf.d/demo.conf @@ -0,0 +1,236 @@ +server +{ + listen 80; + server_name localhost; + root /var/www/html/projects; + # 目录索引 + index index.php index.html index.htm; + # 自动索引目录文件 + autoindex on; + # 使用 301 强制 HTTPS + # return 301 https://$server_name$request_uri; + # rewrite conf + include /etc/nginx/conf.d/rewrite/wordpress.conf; + + if ($scheme != "https") { return 301 https://$host$request_uri; } + + charset utf-8; + client_max_body_size 100M; + fastcgi_read_timeout 1800; + + # 添加几条有关安全的响应头,与 Google+ 的配置类似 + add_header X-Frame-Options "SAMEORIGIN"; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Content-Type-Options "nosniff"; + + # redirect server error pages to the static page /50x.html + # 将 [404] 错误交给 [/index.php] 处理,表示由 Laravel 渲染美观的错误页面。 + error_page 404 /index.php; + error_page 500 502 503 504 /50x.html; + location = /50x.html + { + root /usr/share/nginx/html; + } + + + # 关闭 [/favicon.ico] 和 [/robots.txt] 的访问日志。 + # 并且即使它们不存在,也不写入错误日志。 + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + # 除符合正则表达式 [/\.(?!well-known).*] 之外的 URI,全部拒绝访问 + # 也就是说,拒绝公开以 [.] 开头的目录,[.well-known] 除外 + location ~ /.well-known {allow all;} + location ~ /\.(?!well-known).* { deny all; } + location ~ /\. { deny all; } + # deny access to .htaccess files, if Apache's document root concurs with nginx's one + location ~ /\.(ht|git|svn|env){ deny all; } + location ~ ^(.*)\/\.svn\/ { deny all; } + location ~ ^(.*)\/\.svn\/ { deny all; } + location ~ /\.(svn|git) { deny all; } + location ~ /\.(svn|git) { deny all; } + + + location ~ ^/(environments|vendor|console|common|console|tests|requirements\.php|composer\.lock|composer\.json|yii|init)/ + { + deny all; + } + + location / + { + index index.php; + try_files $uri $uri/ /index.html; + + if (!-d $request_filename) { + rewrite ^/(.+)/$ /$1 permanent; + } + + if (!-e $request_filename) + { + rewrite . /index.php last; + rewrite ^/backend(.*)$ /backend/index.php?s=$1 last; + rewrite ^/wechat(.*)$ /wechat/index.php?s=$1 last; + rewrite ^/api(.*)$ /api/index.php?s=$1 last; + rewrite ^/(.*)$ /index.php?s=$1 last; + break; + } + } + + location ~ .*\.(php|php5)?$ + { + fastcgi_pass unix:/tmp/php-cgi.sock; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + break; + } + + # location ~ .*$ + # location ~ \.php$ + # location ~ \.php$ + location ~* \.php$ + { + try_files $uri =404; + try_files $uri $uri/ /index.php$is_args$args; + + # sock mode + # fastcgi_pass unix:/var/run/php-fpm.sock; + # port mode + include fastcgi_params; + + fastcgi_index index.php; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_pass base:9000; + fastcgi_param TIDEWAYS_SAMPLERATE "25"; + fastcgi_param SCRIPT_NAME $fastcgi_script_name; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + # fastcgi_param SCRIPT_FILENAME /data/www/rageframe/web/$fastcgi_script_name; + fastcgi_param PHP_VALUE 'auto_prepend_file='; + fastcgi_param PHP_VALUE open_basedir=$document_root:/tmp/:/proc/; + fastcgi_param PHP_VALUE "auto_prepend_file=/var/www/projects/data/xhgui-master/external/header.php"; + fastcgi_param PATH_TRANSLATED /data/www/rageframe/web/$fastcgi_path_info; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + } + + #禁止访问的文件或目录 + location ~ ^/(\.user.ini|\.htaccess|\.git|\.project|LICENSE|README.md) + { + return 404; + } + + location ~* \.(bmp|swf|png|jpg|jpeg|gif|ico|mp4|flv|html|htm|svg|ttf|woff|woff2|eot)$ + { + # expires max; + expires 30d; + log_not_found off; + access_log off; + } + location ~ .*\.(js|css)?$ + { + expires 12h; + } + access_log /var/log/nginx/demo.website.com.log; + +} + +server { + + listen 80; + server_name phpinfo.localhost; + root /var/www/html/phpinfo; + index index.php; + + location ~* \.php$ + { + fastcgi_index index.php; + fastcgi_pass base:9000; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } +} + +server +{ + ssl on; + listen 443 ssl http2; + server_name 127.0.0.1 localhost www.demo.com; + root /var/www/html/demo; + + # SSL session过期时间 + ssl_session_timeout 5m; + ssl_buffer_size 1400; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2 SSLv2 SSLv3; + # 加密套件 + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; + ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5; + # 由服务器协商最佳的加密算法 + ssl_prefer_server_ciphers on; + + # 开启HSTS,并设置有效期为“15768000秒” + add_header Strict-Transport-Security max-age=15768000; + + # Session Cache,将Session缓存到服务器,这可能会占用更多的服务器资源 + ssl_session_cache builtin:1000 shared:SSL:10m; + + # OCSP Stapling开启,OCSP是用于在线查询证书吊销情况的服务,使用OCSP Stapling能将证书有效状态的信息缓存到服务器,提高TLS握手速度 + ssl_stapling on; + # OCSP Stapling验证开启 + ssl_stapling_verify on; + + # ssl on; format crt pem + ssl_certificate /etc/nginx/conf.d/certs/*.demo.com.crt; + ssl_certificate_key /etc/nginx/conf.d/certs/*.demo.com.key; + + + location ~ .*$ { + fastcgi_pass fpm72:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root/index.php; + } +} + +#laravel +server { + listen 80; + server_name laravel.cc; + + root /var/www/laravel/public; + index index.php index.html index.htm; + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + + location ~ \.php$ { + fastcgi_pass php72:9000; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + } +} + +#thinkphp +server { + listen 80; + server_name thinkphp.cc; + + root /var/www/thinkphp; + index index.php index.html index.htm; + + location / { + if (!-e $request_filename) { + rewrite ^(.*)$ /index.php?s=$1 last; + break; + } + } + + location ~ \.php$ { + fastcgi_pass php56:9000; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + } +} diff --git a/conf/nginx/conf.d/http3.conf b/conf/nginx/conf.d/http3.conf new file mode 100644 index 00000000..5534d042 --- /dev/null +++ b/conf/nginx/conf.d/http3.conf @@ -0,0 +1,130 @@ +server { + listen 80; + server_name localhost; + + return 301 https://$host$request_uri; +} + +# HTTPS server +# +server { + # Enable QUIC and HTTP/3. + listen 443 quic reuseport; + # Ensure that HTTP/2 is enabled for the server + listen 443 ssl http2; + server_name localhost; + + http2_push_preload on; + + gzip on; + gzip_http_version 1.1; + gzip_vary on; + gzip_comp_level 6; + gzip_proxied any; + gzip_types text/plain text/css application/json application/javascript application/x-javascript text/javascript; + + brotli_static on; + brotli on; + brotli_types text/plain text/css application/json application/javascript application/x-javascript text/javascript; + brotli_comp_level 4; + + # Enable TLS versions (TLSv1.3 is required for QUIC). + ssl_protocols TLSv1.2 TLSv1.3; + + ssl_certificate /etc/ssl/localhost.pem; + ssl_certificate_key /etc/ssl/private/localhost.key; + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + + # Enable TLSv1.3's 0-RTT. Use $ssl_early_data when reverse proxying to + # prevent replay attacks. + # + # @see: http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_early_data + ssl_early_data on; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # Add Alt-Svc header to negotiate HTTP/3. + add_header alt-svc 'h3-29=":443"; ma=86400'; + # Debug 0-RTT. + add_header X-Early-Data $tls1_3_early_data; + + add_header x-frame-options "deny"; + add_header Strict-Transport-Security "max-age=31536000" always; + + location / { + root /usr/share/nginx/html; + index index.html index.htm; + } +} + +map $ssl_early_data $tls1_3_early_data { + "~." $ssl_early_data; + default ""; +} +server { + listen 80; + server_name localhost; + + return 301 https://$host$request_uri; +} + +# HTTPS server +# +server { + # Enable QUIC and HTTP/3. + listen 443 quic reuseport; + # Ensure that HTTP/2 is enabled for the server + listen 443 ssl http2; + server_name localhost; + + http2_push_preload on; + + gzip on; + gzip_http_version 1.1; + gzip_vary on; + gzip_comp_level 6; + gzip_proxied any; + gzip_types text/plain text/css application/json application/javascript application/x-javascript text/javascript; + + brotli_static on; + brotli on; + brotli_types text/plain text/css application/json application/javascript application/x-javascript text/javascript; + brotli_comp_level 4; + + # Enable TLS versions (TLSv1.3 is required for QUIC). + ssl_protocols TLSv1.2 TLSv1.3; + + ssl_certificate /etc/ssl/localhost.pem; + ssl_certificate_key /etc/ssl/private/localhost.key; + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + + # Enable TLSv1.3's 0-RTT. Use $ssl_early_data when reverse proxying to + # prevent replay attacks. + # + # @see: http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_early_data + ssl_early_data on; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # Add Alt-Svc header to negotiate HTTP/3. + add_header alt-svc 'h3-29=":443"; ma=86400'; + # Debug 0-RTT. + add_header X-Early-Data $tls1_3_early_data; + + add_header x-frame-options "deny"; + add_header Strict-Transport-Security "max-age=31536000" always; + + location / { + root /usr/share/nginx/html; + index index.html index.htm; + } +} + +map $ssl_early_data $tls1_3_early_data { + "~." $ssl_early_data; + default ""; +} diff --git a/conf/nginx/conf.d/laravel.conf.example b/conf/nginx/conf.d/laravel.conf.example new file mode 100644 index 00000000..c30bf8ad --- /dev/null +++ b/conf/nginx/conf.d/laravel.conf.example @@ -0,0 +1,43 @@ +server { + + listen 80; + listen [::]:80; + + # For https + # listen 443 ssl; + # listen [::]:443 ssl ipv6only=on; + # ssl_certificate /etc/nginx/ssl/default.crt; + # ssl_certificate_key /etc/nginx/ssl/default.key; + + server_name laravel.test; + root /var/www/laravel/public; + index index.php index.html index.htm; + + location / { + try_files $uri $uri/ /index.php$is_args$args; + } + + location ~ \.php$ { + try_files $uri /index.php =404; + fastcgi_pass php-upstream; + fastcgi_index index.php; + fastcgi_buffers 16 16k; + fastcgi_buffer_size 32k; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + #fixes timeouts + fastcgi_read_timeout 600; + include fastcgi_params; + } + + location ~ /\.ht { + deny all; + } + + location /.well-known/acme-challenge/ { + root /var/www/letsencrypt/; + log_not_found off; + } + + error_log /var/log/nginx/laravel_error.log; + access_log /var/log/nginx/laravel_access.log; +} diff --git a/conf/nginx/conf.d/laravel_varnish.conf.example b/conf/nginx/conf.d/laravel_varnish.conf.example new file mode 100644 index 00000000..7d545872 --- /dev/null +++ b/conf/nginx/conf.d/laravel_varnish.conf.example @@ -0,0 +1,110 @@ +server { + listen 80; + listen [::]:80; + server_name www.laravel.test; + rewrite ^(.*) https://laravel.test$1/ permanent; +} + +server { + listen 80; + listen [::]:80; + server_name laravel.test; + rewrite ^(.*) https://laravel.test$1/ permanent; +} + +server { + listen 443 ssl ; + listen [::]:443 ssl; + ssl_certificate /etc/nginx/ssl/laravel.test.crt; + ssl_certificate_key /etc/nginx/ssl/laravel.test.key; + server_name www.laravel.test; + rewrite ^(.*) https://laravel.test$1/ permanent; +} + +server { + server_name laravel.test; + + # For https + listen 443 ssl ; + listen [::]:443 ssl; + ssl_certificate /etc/nginx/ssl/laravel.test.crt; + ssl_certificate_key /etc/nginx/ssl/laravel.test.key; + + port_in_redirect off; + + add_header Strict-Transport-Security "max-age=31536000"; + add_header X-Content-Type-Options nosniff; + + location / { + proxy_pass http://proxy:6081; + proxy_set_header Host $http_host; + proxy_set_header X-Forwarded-Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; + proxy_set_header HTTPS "on"; + proxy_redirect off; + } +} + +server { + server_name laravel.test; + + listen 81; + listen [::]:81; + + root /var/www/laravel.test/www; + + index index.php index.html index.htm; + + location / { + try_files $uri $uri/ /index.php$is_args$args; + } + + location ~ \.php$ { + fastcgi_max_temp_file_size 4m; + fastcgi_pass php-upstream; + + # Additional configs + fastcgi_pass_header Set-Cookie; + fastcgi_pass_header Cookie; + fastcgi_ignore_headers Cache-Control Expires Set-Cookie; + try_files $uri /index.php =404; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; + fastcgi_param HTTPS on; + + fastcgi_buffers 16 16k; + fastcgi_buffer_size 32k; + + fastcgi_intercept_errors on; + + #fixes timeouts + fastcgi_read_timeout 600; + include fastcgi_params; + } + + # Caching + location ~* \.(ico|jpg|webp|jpeg|gif|css|png|js|ico|bmp|zip|woff)$ { + access_log off; + log_not_found off; + add_header Pragma public; + add_header Cache-Control "public"; + expires 14d; + } + + location ~* \.(php|html)$ { + access_log on; + log_not_found on; + add_header Pragma public; + add_header Cache-Control "public"; + expires 14d; + } + + location ~ /\.ht { + deny all; + } +} diff --git a/conf/nginx/conf.d/proxy.conf b/conf/nginx/conf.d/proxy.conf new file mode 100644 index 00000000..98783a24 --- /dev/null +++ b/conf/nginx/conf.d/proxy.conf @@ -0,0 +1,11 @@ +server { + listen 80; + server_name google.examples.com; + + location / { + proxy_pass https://www.google.com; + } +} + + + diff --git a/conf/nginx/conf.d/symfony.conf.example b/conf/nginx/conf.d/symfony.conf.example new file mode 100644 index 00000000..2834d747 --- /dev/null +++ b/conf/nginx/conf.d/symfony.conf.example @@ -0,0 +1,42 @@ +server { + + listen 80; + listen [::]:80; + + # For https + # listen 443 ssl; + # listen [::]:443 ssl ipv6only=on; + # ssl_certificate /etc/nginx/ssl/default.crt; + # ssl_certificate_key /etc/nginx/ssl/default.key; + + server_name symfony.test; + root /var/www/projects/symfony/web; + index index.php index.html index.htm; + + location / { + try_files $uri @rewriteapp; + } + + # For Symfony 3 + location @rewriteapp { + rewrite ^(.*)$ /app.php/$1 last; + } + + # For Symfony 4 config + # location @rewriteapp { + # rewrite ^(.*)$ /index.php/$1 last; + # } + + location ~ ^/(app|app_dev|config|index)\.php(/|$) { + fastcgi_pass php-upstream; + fastcgi_split_path_info ^(.+\.php)(/.*)$; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + #fixes timeouts + fastcgi_read_timeout 600; + fastcgi_param HTTPS off; + } + + error_log /var/log/nginx/symfony_error.log; + access_log /var/log/nginx/symfony_access.log; +} diff --git a/conf/nginx/fastcgi.conf b/conf/nginx/fastcgi.conf new file mode 100644 index 00000000..238f7869 --- /dev/null +++ b/conf/nginx/fastcgi.conf @@ -0,0 +1,25 @@ +fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REQUEST_SCHEME $scheme; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; \ No newline at end of file diff --git a/conf/nginx/fastcgi_params b/conf/nginx/fastcgi_params new file mode 100644 index 00000000..db8f1096 --- /dev/null +++ b/conf/nginx/fastcgi_params @@ -0,0 +1,25 @@ + +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; +fastcgi_param PHP_VALUE "open_basedir=$document_root:/usr/share/pear:/usr/share/php:/etc/phpMyAdmin:/tmp:/proc"; diff --git a/conf/nginx/koi-utf b/conf/nginx/koi-utf new file mode 100644 index 00000000..d2730dd4 --- /dev/null +++ b/conf/nginx/koi-utf @@ -0,0 +1,108 @@ +# This map is not a full koi8-r <> utf8 map: it does not contain +# box-drawing and some other characters. Besides this map contains +# several koi8-u and Byelorussian letters which are not in koi8-r. +# If you need a full and standard map, use contrib/unicode2nginx/koi-utf +# map instead. + +charset_map koi8-r utf-8 { + + 80 E282AC ; # euro + + 95 E280A2 ; # bullet + + 9A C2A0 ; #   + + 9E C2B7 ; # · + + A3 D191 ; # small yo + A4 D194 ; # small Ukrainian ye + + A6 D196 ; # small Ukrainian i + A7 D197 ; # small Ukrainian yi + + AD D291 ; # small Ukrainian soft g + AE D19E ; # small Byelorussian short u + + B0 C2B0 ; # ° + + B3 D081 ; # capital YO + B4 D084 ; # capital Ukrainian YE + + B6 D086 ; # capital Ukrainian I + B7 D087 ; # capital Ukrainian YI + + B9 E28496 ; # numero sign + + BD D290 ; # capital Ukrainian soft G + BE D18E ; # capital Byelorussian short U + + BF C2A9 ; # (C) + + C0 D18E ; # small yu + C1 D0B0 ; # small a + C2 D0B1 ; # small b + C3 D186 ; # small ts + C4 D0B4 ; # small d + C5 D0B5 ; # small ye + C6 D184 ; # small f + C7 D0B3 ; # small g + C8 D185 ; # small kh + C9 D0B8 ; # small i + CA D0B9 ; # small j + CB D0BA ; # small k + CC D0BB ; # small l + CD D0BC ; # small m + CE D0BD ; # small n + CF D0BE ; # small o + + D0 D0BF ; # small p + D1 D18F ; # small ya + D2 D180 ; # small r + D3 D181 ; # small s + D4 D182 ; # small t + D5 D183 ; # small u + D6 D0B6 ; # small zh + D7 D0B2 ; # small v + D8 D18C ; # small soft sign + D9 D18B ; # small y + DA D0B7 ; # small z + DB D188 ; # small sh + DC D18D ; # small e + DD D189 ; # small shch + DE D187 ; # small ch + DF D18A ; # small hard sign + + E0 D0AE ; # capital YU + E1 D090 ; # capital A + E2 D091 ; # capital B + E3 D0A6 ; # capital TS + E4 D094 ; # capital D + E5 D095 ; # capital YE + E6 D0A4 ; # capital F + E7 D093 ; # capital G + E8 D0A5 ; # capital KH + E9 D098 ; # capital I + EA D099 ; # capital J + EB D09A ; # capital K + EC D09B ; # capital L + ED D09C ; # capital M + EE D09D ; # capital N + EF D09E ; # capital O + + F0 D09F ; # capital P + F1 D0AF ; # capital YA + F2 D0A0 ; # capital R + F3 D0A1 ; # capital S + F4 D0A2 ; # capital T + F5 D0A3 ; # capital U + F6 D096 ; # capital ZH + F7 D092 ; # capital V + F8 D0AC ; # capital soft sign + F9 D0AB ; # capital Y + FA D097 ; # capital Z + FB D0A8 ; # capital SH + FC D0AD ; # capital E + FD D0A9 ; # capital SHCH + FE D0A7 ; # capital CH + FF D0AA ; # capital hard sign +} \ No newline at end of file diff --git a/conf/nginx/koi-win b/conf/nginx/koi-win new file mode 100644 index 00000000..0cd2490c --- /dev/null +++ b/conf/nginx/koi-win @@ -0,0 +1,103 @@ + +charset_map koi8-r windows-1251 { + + 80 88 ; # euro + + 95 95 ; # bullet + + 9A A0 ; #   + + 9E B7 ; # · + + A3 B8 ; # small yo + A4 BA ; # small Ukrainian ye + + A6 B3 ; # small Ukrainian i + A7 BF ; # small Ukrainian yi + + AD B4 ; # small Ukrainian soft g + AE A2 ; # small Byelorussian short u + + B0 B0 ; # ° + + B3 A8 ; # capital YO + B4 AA ; # capital Ukrainian YE + + B6 B2 ; # capital Ukrainian I + B7 AF ; # capital Ukrainian YI + + B9 B9 ; # numero sign + + BD A5 ; # capital Ukrainian soft G + BE A1 ; # capital Byelorussian short U + + BF A9 ; # (C) + + C0 FE ; # small yu + C1 E0 ; # small a + C2 E1 ; # small b + C3 F6 ; # small ts + C4 E4 ; # small d + C5 E5 ; # small ye + C6 F4 ; # small f + C7 E3 ; # small g + C8 F5 ; # small kh + C9 E8 ; # small i + CA E9 ; # small j + CB EA ; # small k + CC EB ; # small l + CD EC ; # small m + CE ED ; # small n + CF EE ; # small o + + D0 EF ; # small p + D1 FF ; # small ya + D2 F0 ; # small r + D3 F1 ; # small s + D4 F2 ; # small t + D5 F3 ; # small u + D6 E6 ; # small zh + D7 E2 ; # small v + D8 FC ; # small soft sign + D9 FB ; # small y + DA E7 ; # small z + DB F8 ; # small sh + DC FD ; # small e + DD F9 ; # small shch + DE F7 ; # small ch + DF FA ; # small hard sign + + E0 DE ; # capital YU + E1 C0 ; # capital A + E2 C1 ; # capital B + E3 D6 ; # capital TS + E4 C4 ; # capital D + E5 C5 ; # capital YE + E6 D4 ; # capital F + E7 C3 ; # capital G + E8 D5 ; # capital KH + E9 C8 ; # capital I + EA C9 ; # capital J + EB CA ; # capital K + EC CB ; # capital L + ED CC ; # capital M + EE CD ; # capital N + EF CE ; # capital O + + F0 CF ; # capital P + F1 DF ; # capital YA + F2 D0 ; # capital R + F3 D1 ; # capital S + F4 D2 ; # capital T + F5 D3 ; # capital U + F6 C6 ; # capital ZH + F7 C2 ; # capital V + F8 DC ; # capital soft sign + F9 DB ; # capital Y + FA C7 ; # capital Z + FB D8 ; # capital SH + FC DD ; # capital E + FD D9 ; # capital SHCH + FE D7 ; # capital CH + FF DA ; # capital hard sign +} \ No newline at end of file diff --git a/conf/nginx/logrotate/nginx b/conf/nginx/logrotate/nginx new file mode 100644 index 00000000..8c89a83a --- /dev/null +++ b/conf/nginx/logrotate/nginx @@ -0,0 +1,14 @@ +/var/log/nginx/*.log { + daily + missingok + rotate 32 + compress + delaycompress + nodateext + notifempty + create 644 www-data root + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/conf/nginx/mime.types b/conf/nginx/mime.types new file mode 100644 index 00000000..62182ec5 --- /dev/null +++ b/conf/nginx/mime.types @@ -0,0 +1,97 @@ + +types { + text/html html htm shtml; + text/css css; + text/xml xml; + image/gif gif; + image/jpeg jpeg jpg; + application/javascript js; + application/atom+xml atom; + application/rss+xml rss; + + text/mathml mml; + text/plain txt; + text/vnd.sun.j2me.app-descriptor jad; + text/vnd.wap.wml wml; + text/x-component htc; + + image/png png; + image/svg+xml svg svgz; + image/tiff tif tiff; + image/vnd.wap.wbmp wbmp; + image/webp webp; + image/x-icon ico; + image/x-jng jng; + image/x-ms-bmp bmp; + + font/woff woff; + font/woff2 woff2; + + application/java-archive jar war ear; + application/json json; + application/mac-binhex40 hqx; + application/msword doc; + application/pdf pdf; + application/postscript ps eps ai; + application/rtf rtf; + application/vnd.apple.mpegurl m3u8; + application/vnd.google-earth.kml+xml kml; + application/vnd.google-earth.kmz kmz; + application/vnd.ms-excel xls; + application/vnd.ms-fontobject eot; + application/vnd.ms-powerpoint ppt; + application/vnd.oasis.opendocument.graphics odg; + application/vnd.oasis.opendocument.presentation odp; + application/vnd.oasis.opendocument.spreadsheet ods; + application/vnd.oasis.opendocument.text odt; + application/vnd.openxmlformats-officedocument.presentationml.presentation + pptx; + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet + xlsx; + application/vnd.openxmlformats-officedocument.wordprocessingml.document + docx; + application/vnd.wap.wmlc wmlc; + application/x-7z-compressed 7z; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-perl pl pm; + application/x-pilot prc pdb; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-tcl tcl tk; + application/x-x509-ca-cert der pem crt; + application/x-xpinstall xpi; + application/xhtml+xml xhtml; + application/xspf+xml xspf; + application/zip zip; + + application/octet-stream bin exe dll; + application/octet-stream deb; + application/octet-stream dmg; + application/octet-stream iso img; + application/octet-stream msi msp msm; + + audio/midi mid midi kar; + audio/mpeg mp3; + audio/ogg ogg; + audio/x-m4a m4a; + audio/x-realaudio ra; + + video/3gpp 3gpp 3gp; + video/mp2t ts; + video/mp4 mp4; + video/mpeg mpeg mpg; + video/quicktime mov; + video/webm webm; + video/x-flv flv; + video/x-m4v m4v; + video/x-mng mng; + video/x-ms-asf asx asf; + video/x-ms-wmv wmv; + video/x-msvideo avi; +} \ No newline at end of file diff --git a/conf/nginx/nginx.conf b/conf/nginx/nginx.conf new file mode 100644 index 00000000..d5a629fd --- /dev/null +++ b/conf/nginx/nginx.conf @@ -0,0 +1,102 @@ +# Recommon nginx www +user www; +daemon off; +# 一般设置为 cpu * 2 +worker_processes auto; +worker_cpu_affinity auto; +# worker_cpu_affinity 01 10 01 10; +worker_rlimit_nofile 51200; +pid /run/nginx.pid; +include /etc/nginx/modules-enabled/*.conf; + + +events +{ + use epoll; + worker_connections 1024; + multi_accept on; +} + +http +{ + # Basic Settings + charset UTF-8; + client_header_timeout 10; + client_header_buffer_size 32k; + client_max_body_size 100m; + client_body_timeout 10; + client_body_buffer_size 10m; + connection_pool_size 256; + expires 0; + keepalive_timeout 15s; + large_client_header_buffers 4 32k; + output_buffers 4 32k; + port_in_redirect off; + postpone_output 1460; + reset_timedout_connection on; + request_pool_size 32k; + sendfile on; + send_timeout 10; + server_tokens off; + tcp_nodelay on; + tcp_nopush on; + types_hash_max_size 2048; + + server_name_in_redirect off; + server_names_hash_max_size 2048; + server_names_hash_bucket_size 64; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + # SSL Settings + # Dropping SSLv3, ref: POODLE + ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + # Logging Setting + access_log on; + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"''Accept: "$http_accept" ' + 'Authorization: "$http_authorization" '; + + # options debug error warn crit (error) main access (access_log) or output to /dev/stderr /dev/stdout + access_log /var/log/nginx/access.log main; + error_log /var/log/nginx/error.log; + access_log /var/log/nginx/access.log; + + # FastCGI + fastcgi_buffers 256 16k; + fastcgi_buffer_size 128k; + fastcgi_connect_timeout 3s; + fastcgi_send_timeout 120s; + fastcgi_read_timeout 120s; + fastcgi_busy_buffers_size 256k; + fastcgi_temp_file_write_size 256k; + fastcgi_hide_header X-Powered-By; + fastcgi_intercept_errors on; + + # Disabled for issue https://github.com/laradock/laradock/issues/619 + # open_file_cache off; + open_file_cache max=10000 inactive=20s; + open_file_cache_valid 30s; + open_file_cache_min_uses 2; + open_file_cache_errors on; + + # Gzip Compression Settings + gzip on; + gzip_disable "MSIE [1-6]\.(?!.*SV1)"; + # gzip_disable "MSIE [1-6].(?!.*SV1)"; + gzip_proxied any; + gzip_vary on; + gzip_comp_level 6; + gzip_buffers 16 8k; + # version 1.0 1.1 + gzip_http_version 1.1; + gzip_min_length 256; + gzip_types text/vnd.wap.wml text/javascript text/xml text/plain text/css application/json application/javascript application/x-javascript application/xml application/xml+rss application/xhtml+xml; + ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS'; + # Virtual Host Configs + include /etc/nginx/conf.d/*.conf; +} \ No newline at end of file diff --git a/conf/nginx/rewrite/DEDECMS.conf b/conf/nginx/rewrite/DEDECMS.conf new file mode 100644 index 00000000..948cc35c --- /dev/null +++ b/conf/nginx/rewrite/DEDECMS.conf @@ -0,0 +1,10 @@ +location / { +rewrite "^/index.html$" /index.php last; +rewrite "^/list-([0-9]+)\.html$" /plus/list.php?tid=$1 last; +rewrite "^/list-([0-9]+)-([0-9]+)-([0-9]+)\.html$" /plus/list.php?tid=$1&totalresult=$2&PageNo=$3 last; +rewrite "^/view-([0-9]+)-1\.html$" /plus/view.php?arcID=$1 last; +rewrite "^/view-([0-9]+)-([0-9]+)\.html$" /plus/view.php?aid=$1&pageno=$2 last; +rewrite "^/tags.html$" /tags.php last; +rewrite "^/tag-([0-9]+)-([0-9]+)\.html$" /tags.php?/$1/$2/ last; +break; +} \ No newline at end of file diff --git a/conf/nginx/rewrite/Discuz_7.conf b/conf/nginx/rewrite/Discuz_7.conf new file mode 100644 index 00000000..65ba7c90 --- /dev/null +++ b/conf/nginx/rewrite/Discuz_7.conf @@ -0,0 +1,5 @@ +rewrite ^/archiver/((fid|tid)-[\w\-]+\.html)$ /archiver/index.php?$1 last; +rewrite ^/forum-([0-9]+)-([0-9]+)\.html$ /forumdisplay.php?fid=$1&page=$2 last; +rewrite ^/thread-([0-9]+)-([0-9]+)-([0-9]+)\.html$ /viewthread.php?tid=$1&extra=page\%3D$3&page=$2 last; +rewrite ^/space-(username|uid)-(.+)\.html$ /space.php?$1=$2 last; +rewrite ^/tag-(.+)\.html$ /tag.php?name=$1 last; \ No newline at end of file diff --git a/conf/nginx/rewrite/Discuz_X.conf b/conf/nginx/rewrite/Discuz_X.conf new file mode 100644 index 00000000..c4593234 --- /dev/null +++ b/conf/nginx/rewrite/Discuz_X.conf @@ -0,0 +1,12 @@ +location / { +rewrite ^([^\.]*)/topic-(.+)\.html$ $1/portal.php?mod=topic&topic=$2 last; +rewrite ^([^\.]*)/article-([0-9]+)-([0-9]+)\.html$ $1/portal.php?mod=view&aid=$2&page=$3 last; +rewrite ^([^\.]*)/forum-(\w+)-([0-9]+)\.html$ $1/forum.php?mod=forumdisplay&fid=$2&page=$3 last; +rewrite ^([^\.]*)/thread-([0-9]+)-([0-9]+)-([0-9]+)\.html$ $1/forum.php?mod=viewthread&tid=$2&extra=page%3D$4&page=$3 last; +rewrite ^([^\.]*)/group-([0-9]+)-([0-9]+)\.html$ $1/forum.php?mod=group&fid=$2&page=$3 last; +rewrite ^([^\.]*)/space-(username|uid)-(.+)\.html$ $1/home.php?mod=space&$2=$3 last; +rewrite ^([^\.]*)/([a-z]+)-(.+)\.html$ $1/$2.php?rewrite=$3 last; +if (!-e $request_filename) { +return 404; +} +} \ No newline at end of file diff --git a/conf/nginx/rewrite/PHPWind.conf b/conf/nginx/rewrite/PHPWind.conf new file mode 100644 index 00000000..19c9f02e --- /dev/null +++ b/conf/nginx/rewrite/PHPWind.conf @@ -0,0 +1,4 @@ +location / { +rewrite ^(.*)-htm-(.*)$ $1.php?$2 last; +rewrite ^(.*)/simple/([a-z0-9\_]+\.html)$ $1/simple/index.php?$2 last; +} \ No newline at end of file diff --git a/conf/nginx/rewrite/ecshop.conf b/conf/nginx/rewrite/ecshop.conf new file mode 100644 index 00000000..3574daa7 --- /dev/null +++ b/conf/nginx/rewrite/ecshop.conf @@ -0,0 +1,32 @@ +if (!-e $request_filename) +{ +rewrite "^/index\.html" /index.php last; +rewrite "^/category$" /index.php last; +rewrite "^/feed-c([0-9]+)\.xml$" /feed.php?cat=$1 last; +rewrite "^/feed-b([0-9]+)\.xml$" /feed.php?brand=$1 last; +rewrite "^/feed\.xml$" /feed.php last; +rewrite "^/category-([0-9]+)-b([0-9]+)-min([0-9]+)-max([0-9]+)-attr([^-]*)-([0-9]+)-(.+)-([a-zA-Z]+)(.*)\.html$" /category.php?id=$1&brand=$2&price_min=$3&price_max=$4&filter_attr=$5&page=$6&sort=$7&order=$8 last; +rewrite "^/category-([0-9]+)-b([0-9]+)-min([0-9]+)-max([0-9]+)-attr([^-]*)(.*)\.html$" /category.php?id=$1&brand=$2&price_min=$3&price_max=$4&filter_attr=$5 last; +rewrite "^/category-([0-9]+)-b([0-9]+)-([0-9]+)-(.+)-([a-zA-Z]+)(.*)\.html$" /category.php?id=$1&brand=$2&page=$3&sort=$4&order=$5 last; +rewrite "^/category-([0-9]+)-b([0-9]+)-([0-9]+)(.*)\.html$" /category.php?id=$1&brand=$2&page=$3 last; +rewrite "^/category-([0-9]+)-b([0-9]+)(.*)\.html$" /category.php?id=$1&brand=$2 last; +rewrite "^/category-([0-9]+)(.*)\.html$" /category.php?id=$1 last; +rewrite "^/goods-([0-9]+)(.*)\.html" /goods.php?id=$1 last; +rewrite "^/article_cat-([0-9]+)-([0-9]+)-(.+)-([a-zA-Z]+)(.*)\.html$" /article_cat.php?id=$1&page=$2&sort=$3&order=$4 last; +rewrite "^/article_cat-([0-9]+)-([0-9]+)(.*)\.html$" /article_cat.php?id=$1&page=$2 last; +rewrite "^/article_cat-([0-9]+)(.*)\.html$" /article_cat.php?id=$1 last; +rewrite "^/article-([0-9]+)(.*)\.html$" /article.php?id=$1 last; +rewrite "^/brand-([0-9]+)-c([0-9]+)-([0-9]+)-(.+)-([a-zA-Z]+)\.html" /brand.php?id=$1&cat=$2&page=$3&sort=$4&order=$5 last; +rewrite "^/brand-([0-9]+)-c([0-9]+)-([0-9]+)(.*)\.html" /brand.php?id=$1&cat=$2&page=$3 last; +rewrite "^/brand-([0-9]+)-c([0-9]+)(.*)\.html" /brand.php?id=$1&cat=$2 last; +rewrite "^/brand-([0-9]+)(.*)\.html" /brand.php?id=$1 last; +rewrite "^/tag-(.*)\.html" /search.php?keywords=$1 last; +rewrite "^/snatch-([0-9]+)\.html$" /snatch.php?id=$1 last; +rewrite "^/group_buy-([0-9]+)\.html$" /group_buy.php?act=view&id=$1 last; +rewrite "^/auction-([0-9]+)\.html$" /auction.php?act=view&id=$1 last; +rewrite "^/exchange-id([0-9]+)(.*)\.html$" /exchange.php?id=$1&act=view last; +rewrite "^/exchange-([0-9]+)-min([0-9]+)-max([0-9]+)-([0-9]+)-(.+)-([a-zA-Z]+)(.*)\.html$" /exchange.php?cat_id=$1&integral_min=$2&integral_max=$3&page=$4&sort=$5&order=$6 last; +rewrite ^/exchange-([0-9]+)-([0-9]+)-(.+)-([a-zA-Z]+)(.*)\.html$" /exchange.php?cat_id=$1&page=$2&sort=$3&order=$4 last; +rewrite "^/exchange-([0-9]+)-([0-9]+)(.*)\.html$" /exchange.php?cat_id=$1&page=$2 last; +rewrite "^/exchange-([0-9]+)(.*)\.html$" /exchange.php?cat_id=$1 last; +} \ No newline at end of file diff --git a/conf/nginx/rewrite/laravel.conf b/conf/nginx/rewrite/laravel.conf new file mode 100644 index 00000000..ff70f9b4 --- /dev/null +++ b/conf/nginx/rewrite/laravel.conf @@ -0,0 +1,3 @@ +location / { + try_files $uri $uri/ /index.php?$query_string; +} \ No newline at end of file diff --git a/conf/nginx/rewrite/none.conf b/conf/nginx/rewrite/none.conf new file mode 100644 index 00000000..e69de29b diff --git a/conf/nginx/rewrite/phpcms.conf b/conf/nginx/rewrite/phpcms.conf new file mode 100644 index 00000000..83a34446 --- /dev/null +++ b/conf/nginx/rewrite/phpcms.conf @@ -0,0 +1,8 @@ +location / { +rewrite ^/caipu-([0-9]+)-([0-9]+)-([0-9]+).html /index.php?m=content&c=index&a=show&catid=$1&id=$2&page=$3 last; +rewrite ^/content-([0-9]+)-([0-9]+)-([0-9]+).html /index.php?m=content&c=index&a=show&catid=$1&id=$2&page=$3 last; +rewrite ^/list-([0-9]+)-([0-9]+).html /index.php?m=content&c=index&a=lists&catid=$1&page=$2 last; +rewrite ^/tag-([^\.]*)-([0-9]+)-([0-9]+).html /index.php?m=content&c=tag&catid=$2&tag=$1&page=$3 last; +rewrite ^/comment-([0-9]+)-([0-9]+)-([0-9]+).html /index.php?m=comment&c=index&a=init&commentid=content_$1-$2-$3 last; +rewrite ^/([^\.]*).html /index.php?m=member&c=index&a=$1 last; +} \ No newline at end of file diff --git a/conf/nginx/rewrite/shopex.conf b/conf/nginx/rewrite/shopex.conf new file mode 100644 index 00000000..f57463c1 --- /dev/null +++ b/conf/nginx/rewrite/shopex.conf @@ -0,0 +1,5 @@ +location / { +if (!-e $request_filename) { +rewrite ^/(.+\.(html|xml|json|htm|php|jsp|asp|shtml))$ /index.php?$1 last; +} +} \ No newline at end of file diff --git a/conf/nginx/rewrite/thinkphp.conf b/conf/nginx/rewrite/thinkphp.conf new file mode 100644 index 00000000..47d387e5 --- /dev/null +++ b/conf/nginx/rewrite/thinkphp.conf @@ -0,0 +1,6 @@ +location / { + if (!-e $request_filename) { + rewrite ^(.*)$ /index.php?s=$1 last; + break; + } +} diff --git a/conf/nginx/rewrite/typecho.conf b/conf/nginx/rewrite/typecho.conf new file mode 100644 index 00000000..71a9fd4a --- /dev/null +++ b/conf/nginx/rewrite/typecho.conf @@ -0,0 +1,12 @@ +location / { + index index.html index.php; + if (-f $request_filename/index.html){ + rewrite (.*) $1/index.html break; + } + if (-f $request_filename/index.php){ + rewrite (.*) $1/index.php; + } + if (!-f $request_filename){ + rewrite (.*) /index.php; + } +} \ No newline at end of file diff --git a/conf/nginx/rewrite/wordpress.conf b/conf/nginx/rewrite/wordpress.conf new file mode 100644 index 00000000..37d41051 --- /dev/null +++ b/conf/nginx/rewrite/wordpress.conf @@ -0,0 +1,11 @@ +location / { + if (-f $request_filename/index.html){ + rewrite (.*) $1/index.html break; + } + if (-f $request_filename/index.php){ + rewrite (.*) $1/index.php; + } + if (!-f $request_filename){ + rewrite (.*) /index.php; + } +} \ No newline at end of file diff --git a/conf/nginx/scgi_params b/conf/nginx/scgi_params new file mode 100644 index 00000000..df545cdb --- /dev/null +++ b/conf/nginx/scgi_params @@ -0,0 +1,16 @@ +scgi_param REQUEST_METHOD $request_method; +scgi_param REQUEST_URI $request_uri; +scgi_param QUERY_STRING $query_string; +scgi_param CONTENT_TYPE $content_type; + +scgi_param DOCUMENT_URI $document_uri; +scgi_param DOCUMENT_ROOT $document_root; +scgi_param SCGI 1; +scgi_param SERVER_PROTOCOL $server_protocol; +scgi_param REQUEST_SCHEME $scheme; +scgi_param HTTPS $https if_not_empty; + +scgi_param REMOTE_ADDR $remote_addr; +scgi_param REMOTE_PORT $remote_port; +scgi_param SERVER_PORT $server_port; +scgi_param SERVER_NAME $server_name; \ No newline at end of file diff --git a/conf/nginx/uwsgi_params b/conf/nginx/uwsgi_params new file mode 100644 index 00000000..d26f2ff2 --- /dev/null +++ b/conf/nginx/uwsgi_params @@ -0,0 +1,16 @@ +uwsgi_param QUERY_STRING $query_string; +uwsgi_param REQUEST_METHOD $request_method; +uwsgi_param CONTENT_TYPE $content_type; +uwsgi_param CONTENT_LENGTH $content_length; + +uwsgi_param REQUEST_URI $request_uri; +uwsgi_param PATH_INFO $document_uri; +uwsgi_param DOCUMENT_ROOT $document_root; +uwsgi_param SERVER_PROTOCOL $server_protocol; +uwsgi_param REQUEST_SCHEME $scheme; +uwsgi_param HTTPS $https if_not_empty; + +uwsgi_param REMOTE_ADDR $remote_addr; +uwsgi_param REMOTE_PORT $remote_port; +uwsgi_param SERVER_PORT $server_port; +uwsgi_param SERVER_NAME $server_name; \ No newline at end of file diff --git a/conf/php/build/install.sh b/conf/php/build/install.sh new file mode 100644 index 00000000..371c8cb6 --- /dev/null +++ b/conf/php/build/install.sh @@ -0,0 +1,124 @@ +#!/bin/sh + +echo +echo "============================================" +echo "PHP version : ${PHP_VERSION}" +echo "Extra Extensions : ${PHP_EXTENSIONS}" +echo "Multicore Compilation : ${MC}" +echo "Work directory : ${PWD}" +echo "============================================" +echo + +if [ "${PHP_EXTENSIONS}" != "" ]; then + echo "---------- Install general dependencies ----------" + apk add --no-cache --virtual .build-deps \ + $PHPIZE_DEPS +fi + +echo "---------- Install extra dependencies ----------" + +if [ -z "${EXTENSIONS##*,bcmath,*}" ]; then + echo "---------- Install bcmath ----------" + docker-php-ext-install ${MC} bcmath +fi + +if [ -z "${EXTENSIONS##*,gd,*}" ]; then + echo "---------- Install gd ----------" + apk add --no-cache --virtual .build-gd-deps \ + freetype-dev \ + libjpeg-turbo-dev \ + libpng-dev + docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ + docker-php-ext-install ${MC} gd +fi + +if [ -z "${EXTENSIONS##*,mysqli,*}" ]; then + echo "---------- Install mysqli ----------" + docker-php-ext-install ${MC} mysqli +fi + +if [ -z "${EXTENSIONS##*,openssl,*}" ]; then + echo "---------- Install openssl ----------" + apk add --no-cache --virtual .build-openssl-deps \ + libressl-dev + +fi + +if [ -z "${EXTENSIONS##*,mongodb,*}" ]; then + echo "---------- Install mongodb ----------" + pecl install mongodb + docker-php-ext-enable mongodb +fi + + + +if [ -z "${EXTENSIONS##*,opcache,*}" ]; then + echo "---------- Install opcache ----------" + docker-php-ext-install ${MC} opcache +fi + +if [ -z "${EXTENSIONS##*,pdo_mysql,*}" ]; then + echo "---------- Install pdo_mysql ----------" + docker-php-ext-install ${MC} pdo_mysql +fi + +if [ -z "${EXTENSIONS##*,redis,*}" ]; then + echo "---------- Install redis ----------" + pecl install redis + docker-php-ext-enable redis +fi + +if [ -z "${EXTENSIONS##*,zip,*}" ]; then + echo "---------- Install zip ----------" + apk add --no-cache --virtual .build-zip-deps \ + libzip-dev + + docker-php-ext-install ${MC} zip +fi + +if [ -z "${EXTENSIONS##*,amqp,*}" ]; then + echo "---------- Install amqp ----------" + apk add --no-cache --virtual .build-amqp-deps \ + rabbitmq-c-dev + + pecl install amqp + + docker-php-ext-enable amqp +fi + +if [ -z "${EXTENSIONS##*,rdkafka,*}" ]; then + echo "---------- Install rdkafka ----------" + apk add --no-cache --virtual .build-rdkafka-deps \ + librdkafka-dev + + pecl install rdkafka + + docker-php-ext-enable rdkafka +fi + +if [ -z "${EXTENSIONS##*,swoole,*}" ]; then + echo "---------- Install swoole ----------" + pecl install swoole + + docker-php-ext-enable swoole +fi + +if [ -z "${EXTENSIONS##*,soap,*}" ]; then + echo "---------- Install soap ----------" + apk add --no-cache libxml2-dev + docker-php-ext-install ${MC} soap +fi + +if [ -z "${EXTENSIONS##*,xdebug,*}" ]; then + echo "---------- Install xdebug ----------" + pecl install xdebug + docker-php-ext-enable xdebug +fi + +echo "---------- Install Complete ---------" + +if [ "${PHP_EXTENSIONS}" != "" ]; then + echo "---------- Del build-deps ----------" + apk del .build-deps +fi + diff --git a/conf/php/extends/aerospike.ini b/conf/php/extends/aerospike.ini new file mode 100644 index 00000000..f9c8f614 --- /dev/null +++ b/conf/php/extends/aerospike.ini @@ -0,0 +1,3 @@ +extension=aerospike.so +aerospike.udf.lua_system_path=/usr/local/aerospike/lua +aerospike.udf.lua_user_path=/usr/local/aerospike/usr-lua \ No newline at end of file diff --git a/conf/php/extends/opcache.ini b/conf/php/extends/opcache.ini new file mode 100644 index 00000000..de858d0b --- /dev/null +++ b/conf/php/extends/opcache.ini @@ -0,0 +1,8 @@ +; 有关 opcache 可以参见:http://www.cnblogs.com/HD/p/4554455.html + +opcache.memory_consumption=128 +opcache.interned_strings_buffer=8 +opcache.max_accelerated_files=4000 +opcache.revalidate_freq=60 +opcache.fast_shutdown=4 +opcache.enable_cli=1 \ No newline at end of file diff --git a/conf/php/extends/xdebug.ini b/conf/php/extends/xdebug.ini new file mode 100644 index 00000000..8d789efa --- /dev/null +++ b/conf/php/extends/xdebug.ini @@ -0,0 +1,24 @@ +zend_extension=xdebug.so + +#XDebug configuration +[xdebug] +xdebug.mode=debug +xdebug.remote_autostart=on +xdebug.remote_enable=true ; 1 on true +xdebug.remote_connect_back=1 +xdebug.remote_port = 9001 +xdebug.remote_host = host.docker.internal +;xdebug.remote_log = /tmp/xdebug_err.log +xdebug.profiler_enable=0 +xdebug.profiler_enable_trigger = 1 +xdebug.profiler_output_dir = "/outputs/profiler" # Remote path +xdebug.profiler_output_name=cachegrind.out.%R # To specify witch query is the origin +xdebug.max_nesting_level=700 +xdebug.idekey=VSCODE +;xdebug.start_with_request=yes +;; mac 下使用此取代宿主机的ip地址 +; xdebug.client_host=host.docker.internal +xdebug.var_display_max_data = -1 +xdebug.var_max_depth = -1 +xdebug.var_display_max_children = -1 +xdebug.max_nesting_level = 500 \ No newline at end of file diff --git a/conf/php/php-fpm.d/72.conf b/conf/php/php-fpm.d/72.conf new file mode 100644 index 00000000..1aa4ef57 --- /dev/null +++ b/conf/php/php-fpm.d/72.conf @@ -0,0 +1,413 @@ +; Start a new pool named 'www'. +; the variable $pool can be used in any directive and will be replaced by the +; pool name ('www' here) +[www] + +; Per pool prefix +; It only applies on the following directives: +; - 'access.log' +; - 'slowlog' +; - 'listen' (unixsocket) +; - 'chroot' +; - 'chdir' +; - 'php_values' +; - 'php_admin_values' +; When not set, the global prefix (or NONE) applies instead. +; Note: This directive can also be relative to the global prefix. +; Default Value: none +;prefix = /path/to/pools/$pool + +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +user = www-data +group = www-data + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on +; a specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +listen = 127.0.0.1:9000 + +; Set listen(2) backlog. +; Default Value: 511 (-1 on FreeBSD and OpenBSD) +;listen.backlog = 511 + +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. +; Default Values: user and group are set as the running user +; mode is set to 0660 +;listen.owner = www-data +;listen.group = www-data +;listen.mode = 0660 +; When POSIX Access Control Lists are supported you can set them using +; these options, value is a comma separated list of user/group names. +; When set, listen.owner and listen.group are ignored +;listen.acl_users = +;listen.acl_groups = + +; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. +; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original +; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address +; must be separated by a comma. If this value is left blank, connections will be +; accepted from any ip address. +; Default Value: any +;listen.allowed_clients = 127.0.0.1 + +; Specify the nice(2) priority to apply to the pool processes (only if set) +; The value can vary from -19 (highest priority) to 20 (lower priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool processes will inherit the master process priority +; unless it specified otherwise +; Default Value: no set +; process.priority = -19 + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives. With this process management, there will be +; always at least 1 children. +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; ondemand - no children are created at startup. Children will be forked when +; new requests will connect. The following parameter are used: +; pm.max_children - the maximum number of children that +; can be alive at the same time. +; pm.process_idle_timeout - The number of seconds after which +; an idle process will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. The below defaults are based on a server without much resources. Don't +; forget to tweak pm.* to fit your needs. +; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' +; Note: This value is mandatory. +pm.max_children = 5 + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 +pm.start_servers = 2 + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.min_spare_servers = 1 + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.max_spare_servers = 3 + +; The number of seconds after which an idle process will be killed. +; Note: Used only when pm is set to 'ondemand' +; Default Value: 10s +;pm.process_idle_timeout = 10s; + +; The number of requests each child process should execute before respawning. +; This can be useful to work around memory leaks in 3rd party libraries. For +; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. +; Default Value: 0 +;pm.max_requests = 500 + +; The URI to view the FPM status page. If this value is not set, no URI will be +; recognized as a status page. It shows the following informations: +; pool - the name of the pool; +; process manager - static, dynamic or ondemand; +; start time - the date and time FPM has started; +; start since - number of seconds since FPM has started; +; accepted conn - the number of request accepted by the pool; +; listen queue - the number of request in the queue of pending +; connections (see backlog in listen(2)); +; max listen queue - the maximum number of requests in the queue +; of pending connections since FPM has started; +; listen queue len - the size of the socket queue of pending connections; +; idle processes - the number of idle processes; +; active processes - the number of active processes; +; total processes - the number of idle + active processes; +; max active processes - the maximum number of active processes since FPM +; has started; +; max children reached - number of times, the process limit has been reached, +; when pm tries to start more children (works only for +; pm 'dynamic' and 'ondemand'); +; Value are updated in real time. +; Example output: +; pool: www +; process manager: static +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 62636 +; accepted conn: 190460 +; listen queue: 0 +; max listen queue: 1 +; listen queue len: 42 +; idle processes: 4 +; active processes: 11 +; total processes: 15 +; max active processes: 12 +; max children reached: 0 +; +; By default the status page output is formatted as text/plain. Passing either +; 'html', 'xml' or 'json' in the query string will return the corresponding +; output syntax. Example: +; http://www.foo.bar/status +; http://www.foo.bar/status?json +; http://www.foo.bar/status?html +; http://www.foo.bar/status?xml +; +; By default the status page only outputs short status. Passing 'full' in the +; query string will also return status for each pool process. +; Example: +; http://www.foo.bar/status?full +; http://www.foo.bar/status?json&full +; http://www.foo.bar/status?html&full +; http://www.foo.bar/status?xml&full +; The Full status returns for each process: +; pid - the PID of the process; +; state - the state of the process (Idle, Running, ...); +; start time - the date and time the process has started; +; start since - the number of seconds since the process has started; +; requests - the number of requests the process has served; +; request duration - the duration in µs of the requests; +; request method - the request method (GET, POST, ...); +; request URI - the request URI with the query string; +; content length - the content length of the request (only with POST); +; user - the user (PHP_AUTH_USER) (or '-' if not set); +; script - the main script called (or '-' if not set); +; last request cpu - the %cpu the last request consumed +; it's always 0 if the process is not in Idle state +; because CPU calculation is done when the request +; processing has terminated; +; last request memory - the max amount of memory the last request consumed +; it's always 0 if the process is not in Idle state +; because memory calculation is done when the request +; processing has terminated; +; If the process is in Idle state, then informations are related to the +; last request the process has served. Otherwise informations are related to +; the current request being served. +; Example output: +; ************************ +; pid: 31330 +; state: Running +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 63087 +; requests: 12808 +; request duration: 1250261 +; request method: GET +; request URI: /test_mem.php?N=10000 +; content length: 0 +; user: - +; script: /home/fat/web/docs/php/test_mem.php +; last request cpu: 0.00 +; last request memory: 0 +; +; Note: There is a real-time FPM status monitoring sample web page available +; It's available in: /usr/local/share/php/fpm/status.html +; +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;pm.status_path = /status + +; The ping URI to call the monitoring page of FPM. If this value is not set, no +; URI will be recognized as a ping page. This could be used to test from outside +; that FPM is alive and responding, or to +; - create a graph of FPM availability (rrd or such); +; - remove a server from a group if it is not responding (load balancing); +; - trigger alerts for the operating team (24/7). +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;ping.path = /ping + +; This directive may be used to customize the response of a ping request. The +; response is formatted as text/plain with a 200 response code. +; Default Value: pong +;ping.response = pong + +; The access log file +; Default: not set +;access.log = log/$pool.access.log + +; The access log format. +; The following syntax is allowed +; %%: the '%' character +; %C: %CPU used by the request +; it can accept the following format: +; - %{user}C for user CPU only +; - %{system}C for system CPU only +; - %{total}C for user + system CPU (default) +; %d: time taken to serve the request +; it can accept the following format: +; - %{seconds}d (default) +; - %{miliseconds}d +; - %{mili}d +; - %{microseconds}d +; - %{micro}d +; %e: an environment variable (same as $_ENV or $_SERVER) +; it must be associated with embraces to specify the name of the env +; variable. Some exemples: +; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e +; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e +; %f: script filename +; %l: content-length of the request (for POST request only) +; %m: request method +; %M: peak of memory allocated by PHP +; it can accept the following format: +; - %{bytes}M (default) +; - %{kilobytes}M +; - %{kilo}M +; - %{megabytes}M +; - %{mega}M +; %n: pool name +; %o: output header +; it must be associated with embraces to specify the name of the header: +; - %{Content-Type}o +; - %{X-Powered-By}o +; - %{Transfert-Encoding}o +; - .... +; %p: PID of the child that serviced the request +; %P: PID of the parent of the child that serviced the request +; %q: the query string +; %Q: the '?' character if query string exists +; %r: the request URI (without the query string, see %q and %Q) +; %R: remote IP address +; %s: status (response code) +; %t: server time the request was received +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %T: time the log has been written (the request has finished) +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %u: remote user +; +; Default: "%R - %u %t \"%m %r\" %s" +;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +;slowlog = log/$pool.log.slow + +; The timeout for serving a single request after which a PHP backtrace will be +; dumped to the 'slowlog' file. A value of '0s' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_slowlog_timeout = 0 + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_terminate_timeout = 0 + +; Set open file descriptor rlimit. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Chroot to this directory at the start. This value must be defined as an +; absolute path. When this value is not set, chroot is not used. +; Note: you can prefix with '$prefix' to chroot to the pool prefix or one +; of its subdirectories. If the pool prefix is not set, the global prefix +; will be used instead. +; Note: chrooting is a great security feature and should be used whenever +; possible. However, all PHP paths will be relative to the chroot +; (error_log, sessions.save_path, ...). +; Default Value: not set +;chroot = + +; Chdir to this directory at the start. +; Note: relative path can be used. +; Default Value: current directory or / when chroot +;chdir = /var/www + +; Redirect worker stdout and stderr into main error log. If not set, stdout and +; stderr will be redirected to /dev/null according to FastCGI specs. +; Note: on highloaded environement, this can cause some delay in the page +; process time (several ms). +; Default Value: no +;catch_workers_output = yes + +; Clear environment in FPM workers +; Prevents arbitrary environment variables from reaching FPM worker processes +; by clearing the environment in workers before env vars specified in this +; pool configuration are added. +; Setting to "no" will make all environment variables available to PHP code +; via getenv(), $_ENV and $_SERVER. +; Default Value: yes +;clear_env = no + +; Limits the extensions of the main script FPM will allow to parse. This can +; prevent configuration mistakes on the web server side. You should only limit +; FPM to .php extensions to prevent malicious users to use other extensions to +; exectute php code. +; Note: set an empty value to allow all extensions. +; Default Value: .php +;security.limit_extensions = .php .php3 .php4 .php5 .php7 + +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from +; the current environment. +; Default Value: clean env +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /tmp +;env[TMPDIR] = /tmp +;env[TEMP] = /tmp + +; Additional php.ini defines, specific to this pool of workers. These settings +; overwrite the values previously defined in the php.ini. The directives are the +; same as the PHP SAPI: +; php_value/php_flag - you can set classic ini defines which can +; be overwritten from PHP call 'ini_set'. +; php_admin_value/php_admin_flag - these directives won't be overwritten by +; PHP call 'ini_set' +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. + +; Defining 'extension' will load the corresponding shared extension from +; extension_dir. Defining 'disable_functions' or 'disable_classes' will not +; overwrite previously defined php.ini values, but will append the new value +; instead. + +; Note: path INI options can be relative and will be expanded with the prefix +; (pool, global or /usr/local) + +; Default Value: nothing is defined by default except the values in php.ini and +; specified at startup with the -d argument +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com +;php_flag[display_errors] = off +;php_admin_value[error_log] = /var/log/fpm-php.www.log +;php_admin_flag[log_errors] = on +;php_admin_value[memory_limit] = 32M diff --git a/conf/php/php-fpm.d/Dockerfile b/conf/php/php-fpm.d/Dockerfile new file mode 100644 index 00000000..e822c41a --- /dev/null +++ b/conf/php/php-fpm.d/Dockerfile @@ -0,0 +1,179 @@ +########################################################################### +# PHP-FPM Version Of Alpine: +########################################################################### + +ARG PHP_VERSION +FROM php:${PHP_VERSION}-fpm-alpine + +LABEL maintainer="YanlongMa " + + +########################################################################### +# Alpine Aliyun Mirrors: +########################################################################### + +RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories + + +########################################################################### +# System Extensions: +########################################################################### + +RUN apk --update add \ + autoconf \ + build-base \ + linux-headers \ + libaio-dev \ + zlib-dev \ + curl \ + git \ + freetype-dev \ + libjpeg-turbo-dev \ + libmcrypt-dev \ + libpng-dev \ + libtool \ + libbz2 \ + bzip2 \ + bzip2-dev \ + libstdc++ \ + libxslt-dev \ + openldap-dev \ + imagemagick-dev \ + libzip-dev \ + make \ + zip \ + unzip \ + wget \ + libmemcached-dev + + +########################################################################### +# PHP Core Extensions: +########################################################################### + +# Core Extensions For Default Installation: +RUN docker-php-ext-install \ + bcmath \ + pdo_mysql \ + mysqli \ + sockets \ + && docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ \ + && docker-php-ext-install gd + + +# Core Extensions pcntl: +ARG INSTALL_PCNTL=false +RUN if [ ${INSTALL_PCNTL} = true ]; then \ + docker-php-ext-install pcntl \ +;fi + + +# Core Extensions opcache: +ARG INSTALL_OPCACHE=false +RUN if [ ${INSTALL_OPCACHE} = true ]; then \ + docker-php-ext-install opcache \ +;fi + + +# Core Extensions zip: +ARG INSTALL_ZIP=false +RUN if [ ${INSTALL_ZIP} = true ]; then \ + if [ ${PHP_VERSION} = "7.3" ] || [ ${PHP_VERSION} = "7.4" ]; then \ + docker-php-ext-configure zip \ + else \ + docker-php-ext-configure zip --with-libzip \ + ;fi \ + && docker-php-ext-install zip \ +;fi + + +########################################################################### +# PHP PECL Extensions: +########################################################################### + +# PECL Extensions reids: +ARG INSTALL_REDIS=false +ARG INSTALL_REDIS_VERSION +RUN if [ ${INSTALL_REDIS} = true ]; then \ + pecl install redis-${INSTALL_REDIS_VERSION} \ + && rm -rf /tmp/pear \ + && docker-php-ext-enable redis \ +;fi + + +# PECL Extensions mongodb: +ARG INSTALL_MONGODB=false +ARG INSTALL_MONGODB_VERSION +RUN if [ ${INSTALL_MONGODB} = true ]; then \ + pecl install mongodb-${INSTALL_MONGODB_VERSION} \ + && rm -rf /tmp/pear \ + && docker-php-ext-enable mongodb \ +;fi + + +# PECL Extensions memcached: +ARG INSTALL_MEMCACHED=false +ARG INSTALL_MEMCACHED_VERSION +RUN if [ ${INSTALL_MEMCACHED} = true ]; then \ + pecl install memcached-${INSTALL_MEMCACHED_VERSION} \ + && rm -rf /tmp/pear \ + && docker-php-ext-enable memcached \ +;fi + + +# PECL Extensions swoole: +ARG INSTALL_SWOOLE=false +ARG INSTALL_SWOOLE_VERSION +RUN if [ ${INSTALL_SWOOLE} = true ]; then \ + pecl install swoole-${INSTALL_SWOOLE_VERSION} \ + && rm -rf /tmp/pear \ + && docker-php-ext-enable swoole \ +;fi + + +########################################################################### +# PHP Thrid Extensions: +########################################################################### + +# Thrid Extensions Xunsearch: +ARG INSTALL_XUNSEARCH=false +RUN if [ ${INSTALL_XUNSEARCH} = true ]; then \ + curl 'http://www.xunsearch.com/scws/down/scws-1.2.3.tar.bz2' -o scws.tar.bz2 \ + && tar xvjf scws.tar.bz2 \ + && cd scws-1.2.3 \ + && ./configure --prefix=/usr/local/scws \ + && make \ + && make install \ + && cd phpext \ + && phpize \ + && ./configure --with-scws=/usr/local/scws \ + && make \ + && make install \ + && cd ../../ \ + && rm -rf scws scws-1.2.3.tar.bz2 \ + && docker-php-ext-enable scws \ + && echo "scws.default.charset = utf8" >> /usr/local/etc/php/conf.d/docker-php-ext-scws.ini \ + && echo "scws.default.fpath = /usr/local/scws/etc" >> /usr/local/etc/php/conf.d/docker-php-ext-scws.ini \ +;fi + + +# Composer: +ARG INSTALL_COMPOSER=false +RUN if [ ${INSTALL_COMPOSER} = true ]; then \ + curl -sS http://getcomposer.org/installer | php \ + && mv ./composer.phar /usr/local/bin/composer \ + && composer config -g repo.packagist composer https://mirrors.aliyun.com/composer \ +;fi + +RUN apk del build-base \ + linux-headers \ + libaio-dev \ + && rm -rf /var/cache/apk/* + + +VOLUME /var/www +WORKDIR /var/www + + +EXPOSE 9000 +CMD ["php-fpm"] \ No newline at end of file diff --git a/conf/php/php-fpm.d/conf-7.1/php-fpm.conf b/conf/php/php-fpm.d/conf-7.1/php-fpm.conf new file mode 100644 index 00000000..a446eed6 --- /dev/null +++ b/conf/php/php-fpm.d/conf-7.1/php-fpm.conf @@ -0,0 +1,125 @@ +;;;;;;;;;;;;;;;;;;;;; +; FPM Configuration ; +;;;;;;;;;;;;;;;;;;;;; + +; All relative paths in this configuration file are relative to PHP's install +; prefix (/usr/local). This prefix can be dynamically changed by using the +; '-p' argument from the command line. + +;;;;;;;;;;;;;;;;;; +; Global Options ; +;;;;;;;;;;;;;;;;;; + +[global] +; Pid file +; Note: the default prefix is /usr/local/var +; Default Value: none +;pid = run/php-fpm.pid + +; Error log file +; If it's set to "syslog", log is sent to syslogd instead of being written +; into a local file. +; Note: the default prefix is /usr/local/var +; Default Value: log/php-fpm.log +;error_log = log/php-fpm.log + +; syslog_facility is used to specify what type of program is logging the +; message. This lets syslogd specify that messages from different facilities +; will be handled differently. +; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON) +; Default Value: daemon +;syslog.facility = daemon + +; syslog_ident is prepended to every message. If you have multiple FPM +; instances running on the same server, you can change the default value +; which must suit common needs. +; Default Value: php-fpm +;syslog.ident = php-fpm + +; Log level +; Possible Values: alert, error, warning, notice, debug +; Default Value: notice +;log_level = notice + +; If this number of child processes exit with SIGSEGV or SIGBUS within the time +; interval set by emergency_restart_interval then FPM will restart. A value +; of '0' means 'Off'. +; Default Value: 0 +;emergency_restart_threshold = 0 + +; Interval of time used by emergency_restart_interval to determine when +; a graceful restart will be initiated. This can be useful to work around +; accidental corruptions in an accelerator's shared memory. +; Available Units: s(econds), m(inutes), h(ours), or d(ays) +; Default Unit: seconds +; Default Value: 0 +;emergency_restart_interval = 0 + +; Time limit for child processes to wait for a reaction on signals from master. +; Available units: s(econds), m(inutes), h(ours), or d(ays) +; Default Unit: seconds +; Default Value: 0 +;process_control_timeout = 0 + +; The maximum number of processes FPM will fork. This has been designed to control +; the global number of processes when using dynamic PM within a lot of pools. +; Use it with caution. +; Note: A value of 0 indicates no limit +; Default Value: 0 +; process.max = 128 + +; Specify the nice(2) priority to apply to the master process (only if set) +; The value can vary from -19 (highest priority) to 20 (lowest priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool process will inherit the master process priority +; unless specified otherwise +; Default Value: no set +; process.priority = -19 + +; Send FPM to background. Set to 'no' to keep FPM in foreground for debugging. +; Default Value: yes +;daemonize = yes + +; Set open file descriptor rlimit for the master process. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit for the master process. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Specify the event mechanism FPM will use. The following is available: +; - select (any POSIX os) +; - poll (any POSIX os) +; - epoll (linux >= 2.5.44) +; - kqueue (FreeBSD >= 4.1, OpenBSD >= 2.9, NetBSD >= 2.0) +; - /dev/poll (Solaris >= 7) +; - port (Solaris >= 10) +; Default Value: not set (auto detection) +;events.mechanism = epoll + +; When FPM is built with systemd integration, specify the interval, +; in seconds, between health report notification to systemd. +; Set to 0 to disable. +; Available Units: s(econds), m(inutes), h(ours) +; Default Unit: seconds +; Default value: 10 +;systemd_interval = 10 + +;;;;;;;;;;;;;;;;;;;; +; Pool Definitions ; +;;;;;;;;;;;;;;;;;;;; + +; Multiple pools of child processes may be started with different listening +; ports and different management options. The name of the pool will be +; used in logs and stats. There is no limitation on the number of pools which +; FPM can handle. Your system will tell you anyway :) + +; Include one or more files. If glob(3) exists, it is used to include a bunch of +; files from a glob(3) pattern. This directive can be used everywhere in the +; file. +; Relative path can also be used. They will be prefixed by: +; - the global prefix if it's been set (-p argument) +; - /usr/local otherwise +include=etc/php-fpm.d/*.conf diff --git a/conf/php/php-fpm.d/conf-7.1/php-fpm.d/docker.conf b/conf/php/php-fpm.d/conf-7.1/php-fpm.d/docker.conf new file mode 100644 index 00000000..67913346 --- /dev/null +++ b/conf/php/php-fpm.d/conf-7.1/php-fpm.d/docker.conf @@ -0,0 +1,11 @@ +[global] +error_log = /proc/self/fd/2 + +[www] +; if we send this to /proc/self/fd/1, it never appears +access.log = /proc/self/fd/2 + +clear_env = no + +; Ensure worker stdout and stderr are sent to the main error log. +catch_workers_output = yes diff --git a/conf/php/php-fpm.d/conf-7.1/php-fpm.d/www.conf b/conf/php/php-fpm.d/conf-7.1/php-fpm.d/www.conf new file mode 100644 index 00000000..e1dc55b4 --- /dev/null +++ b/conf/php/php-fpm.d/conf-7.1/php-fpm.d/www.conf @@ -0,0 +1,419 @@ +; Start a new pool named 'www'. +; the variable $pool can be used in any directive and will be replaced by the +; pool name ('www' here) +[www] + +; Per pool prefix +; It only applies on the following directives: +; - 'access.log' +; - 'slowlog' +; - 'listen' (unixsocket) +; - 'chroot' +; - 'chdir' +; - 'php_values' +; - 'php_admin_values' +; When not set, the global prefix (or NONE) applies instead. +; Note: This directive can also be relative to the global prefix. +; Default Value: none +;prefix = /path/to/pools/$pool + +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +user = www-data +group = www-data + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on +; a specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +listen = 127.0.0.1:9000 + +; Set listen(2) backlog. +; Default Value: 511 (-1 on FreeBSD and OpenBSD) +;listen.backlog = 511 + +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. +; Default Values: user and group are set as the running user +; mode is set to 0660 +;listen.owner = www-data +;listen.group = www-data +;listen.mode = 0660 +; When POSIX Access Control Lists are supported you can set them using +; these options, value is a comma separated list of user/group names. +; When set, listen.owner and listen.group are ignored +;listen.acl_users = +;listen.acl_groups = + +; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. +; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original +; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address +; must be separated by a comma. If this value is left blank, connections will be +; accepted from any ip address. +; Default Value: any +;listen.allowed_clients = 127.0.0.1 + +; Specify the nice(2) priority to apply to the pool processes (only if set) +; The value can vary from -19 (highest priority) to 20 (lower priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool processes will inherit the master process priority +; unless it specified otherwise +; Default Value: no set +; process.priority = -19 + +; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user +; or group is differrent than the master process user. It allows to create process +; core dump and ptrace the process for the pool user. +; Default Value: no +; process.dumpable = yes + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives. With this process management, there will be +; always at least 1 children. +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; ondemand - no children are created at startup. Children will be forked when +; new requests will connect. The following parameter are used: +; pm.max_children - the maximum number of children that +; can be alive at the same time. +; pm.process_idle_timeout - The number of seconds after which +; an idle process will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. The below defaults are based on a server without much resources. Don't +; forget to tweak pm.* to fit your needs. +; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' +; Note: This value is mandatory. +pm.max_children = 5 + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 +pm.start_servers = 2 + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.min_spare_servers = 1 + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.max_spare_servers = 3 + +; The number of seconds after which an idle process will be killed. +; Note: Used only when pm is set to 'ondemand' +; Default Value: 10s +;pm.process_idle_timeout = 10s; + +; The number of requests each child process should execute before respawning. +; This can be useful to work around memory leaks in 3rd party libraries. For +; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. +; Default Value: 0 +;pm.max_requests = 500 + +; The URI to view the FPM status page. If this value is not set, no URI will be +; recognized as a status page. It shows the following informations: +; pool - the name of the pool; +; process manager - static, dynamic or ondemand; +; start time - the date and time FPM has started; +; start since - number of seconds since FPM has started; +; accepted conn - the number of request accepted by the pool; +; listen queue - the number of request in the queue of pending +; connections (see backlog in listen(2)); +; max listen queue - the maximum number of requests in the queue +; of pending connections since FPM has started; +; listen queue len - the size of the socket queue of pending connections; +; idle processes - the number of idle processes; +; active processes - the number of active processes; +; total processes - the number of idle + active processes; +; max active processes - the maximum number of active processes since FPM +; has started; +; max children reached - number of times, the process limit has been reached, +; when pm tries to start more children (works only for +; pm 'dynamic' and 'ondemand'); +; Value are updated in real time. +; Example output: +; pool: www +; process manager: static +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 62636 +; accepted conn: 190460 +; listen queue: 0 +; max listen queue: 1 +; listen queue len: 42 +; idle processes: 4 +; active processes: 11 +; total processes: 15 +; max active processes: 12 +; max children reached: 0 +; +; By default the status page output is formatted as text/plain. Passing either +; 'html', 'xml' or 'json' in the query string will return the corresponding +; output syntax. Example: +; http://www.foo.bar/status +; http://www.foo.bar/status?json +; http://www.foo.bar/status?html +; http://www.foo.bar/status?xml +; +; By default the status page only outputs short status. Passing 'full' in the +; query string will also return status for each pool process. +; Example: +; http://www.foo.bar/status?full +; http://www.foo.bar/status?json&full +; http://www.foo.bar/status?html&full +; http://www.foo.bar/status?xml&full +; The Full status returns for each process: +; pid - the PID of the process; +; state - the state of the process (Idle, Running, ...); +; start time - the date and time the process has started; +; start since - the number of seconds since the process has started; +; requests - the number of requests the process has served; +; request duration - the duration in µs of the requests; +; request method - the request method (GET, POST, ...); +; request URI - the request URI with the query string; +; content length - the content length of the request (only with POST); +; user - the user (PHP_AUTH_USER) (or '-' if not set); +; script - the main script called (or '-' if not set); +; last request cpu - the %cpu the last request consumed +; it's always 0 if the process is not in Idle state +; because CPU calculation is done when the request +; processing has terminated; +; last request memory - the max amount of memory the last request consumed +; it's always 0 if the process is not in Idle state +; because memory calculation is done when the request +; processing has terminated; +; If the process is in Idle state, then informations are related to the +; last request the process has served. Otherwise informations are related to +; the current request being served. +; Example output: +; ************************ +; pid: 31330 +; state: Running +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 63087 +; requests: 12808 +; request duration: 1250261 +; request method: GET +; request URI: /test_mem.php?N=10000 +; content length: 0 +; user: - +; script: /home/fat/web/docs/php/test_mem.php +; last request cpu: 0.00 +; last request memory: 0 +; +; Note: There is a real-time FPM status monitoring sample web page available +; It's available in: /usr/local/share/php/fpm/status.html +; +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;pm.status_path = /status + +; The ping URI to call the monitoring page of FPM. If this value is not set, no +; URI will be recognized as a ping page. This could be used to test from outside +; that FPM is alive and responding, or to +; - create a graph of FPM availability (rrd or such); +; - remove a server from a group if it is not responding (load balancing); +; - trigger alerts for the operating team (24/7). +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;ping.path = /ping + +; This directive may be used to customize the response of a ping request. The +; response is formatted as text/plain with a 200 response code. +; Default Value: pong +;ping.response = pong + +; The access log file +; Default: not set +;access.log = log/$pool.access.log + +; The access log format. +; The following syntax is allowed +; %%: the '%' character +; %C: %CPU used by the request +; it can accept the following format: +; - %{user}C for user CPU only +; - %{system}C for system CPU only +; - %{total}C for user + system CPU (default) +; %d: time taken to serve the request +; it can accept the following format: +; - %{seconds}d (default) +; - %{miliseconds}d +; - %{mili}d +; - %{microseconds}d +; - %{micro}d +; %e: an environment variable (same as $_ENV or $_SERVER) +; it must be associated with embraces to specify the name of the env +; variable. Some exemples: +; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e +; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e +; %f: script filename +; %l: content-length of the request (for POST request only) +; %m: request method +; %M: peak of memory allocated by PHP +; it can accept the following format: +; - %{bytes}M (default) +; - %{kilobytes}M +; - %{kilo}M +; - %{megabytes}M +; - %{mega}M +; %n: pool name +; %o: output header +; it must be associated with embraces to specify the name of the header: +; - %{Content-Type}o +; - %{X-Powered-By}o +; - %{Transfert-Encoding}o +; - .... +; %p: PID of the child that serviced the request +; %P: PID of the parent of the child that serviced the request +; %q: the query string +; %Q: the '?' character if query string exists +; %r: the request URI (without the query string, see %q and %Q) +; %R: remote IP address +; %s: status (response code) +; %t: server time the request was received +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %T: time the log has been written (the request has finished) +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %u: remote user +; +; Default: "%R - %u %t \"%m %r\" %s" +;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +;slowlog = log/$pool.log.slow + +; The timeout for serving a single request after which a PHP backtrace will be +; dumped to the 'slowlog' file. A value of '0s' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_slowlog_timeout = 0 + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_terminate_timeout = 0 + +; Set open file descriptor rlimit. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Chroot to this directory at the start. This value must be defined as an +; absolute path. When this value is not set, chroot is not used. +; Note: you can prefix with '$prefix' to chroot to the pool prefix or one +; of its subdirectories. If the pool prefix is not set, the global prefix +; will be used instead. +; Note: chrooting is a great security feature and should be used whenever +; possible. However, all PHP paths will be relative to the chroot +; (error_log, sessions.save_path, ...). +; Default Value: not set +;chroot = + +; Chdir to this directory at the start. +; Note: relative path can be used. +; Default Value: current directory or / when chroot +;chdir = /var/www + +; Redirect worker stdout and stderr into main error log. If not set, stdout and +; stderr will be redirected to /dev/null according to FastCGI specs. +; Note: on highloaded environement, this can cause some delay in the page +; process time (several ms). +; Default Value: no +;catch_workers_output = yes + +; Clear environment in FPM workers +; Prevents arbitrary environment variables from reaching FPM worker processes +; by clearing the environment in workers before env vars specified in this +; pool configuration are added. +; Setting to "no" will make all environment variables available to PHP code +; via getenv(), $_ENV and $_SERVER. +; Default Value: yes +;clear_env = no + +; Limits the extensions of the main script FPM will allow to parse. This can +; prevent configuration mistakes on the web server side. You should only limit +; FPM to .php extensions to prevent malicious users to use other extensions to +; execute php code. +; Note: set an empty value to allow all extensions. +; Default Value: .php +;security.limit_extensions = .php .php3 .php4 .php5 .php7 + +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from +; the current environment. +; Default Value: clean env +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /tmp +;env[TMPDIR] = /tmp +;env[TEMP] = /tmp + +; Additional php.ini defines, specific to this pool of workers. These settings +; overwrite the values previously defined in the php.ini. The directives are the +; same as the PHP SAPI: +; php_value/php_flag - you can set classic ini defines which can +; be overwritten from PHP call 'ini_set'. +; php_admin_value/php_admin_flag - these directives won't be overwritten by +; PHP call 'ini_set' +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. + +; Defining 'extension' will load the corresponding shared extension from +; extension_dir. Defining 'disable_functions' or 'disable_classes' will not +; overwrite previously defined php.ini values, but will append the new value +; instead. + +; Note: path INI options can be relative and will be expanded with the prefix +; (pool, global or /usr/local) + +; Default Value: nothing is defined by default except the values in php.ini and +; specified at startup with the -d argument +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com +;php_flag[display_errors] = off +;php_admin_value[error_log] = /var/log/fpm-php.www.log +;php_admin_flag[log_errors] = on +;php_admin_value[memory_limit] = 32M diff --git a/conf/php/php-fpm.d/conf-7.1/php-fpm.d/zz-docker.conf b/conf/php/php-fpm.d/conf-7.1/php-fpm.d/zz-docker.conf new file mode 100644 index 00000000..e0590d8f --- /dev/null +++ b/conf/php/php-fpm.d/conf-7.1/php-fpm.d/zz-docker.conf @@ -0,0 +1,5 @@ +[global] +daemonize = no + +[www] +listen = 9000 diff --git a/conf/php/php-fpm.d/conf-7.1/php.ini b/conf/php/php-fpm.d/conf-7.1/php.ini new file mode 100644 index 00000000..0658bf89 --- /dev/null +++ b/conf/php/php-fpm.d/conf-7.1/php.ini @@ -0,0 +1,1955 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it is +; much more verbose when it comes to errors. We recommend using the +; development version only in development environments, as errors shown to +; application users can inadvertently leak otherwise secure information. + +; This is php.ini-production INI file. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT + +; html_errors +; Default Value: On +; Development Value: On +; Production value: On + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.sid_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It is +; generally recommended that should be used and that this feature +; should be disabled, as enabling it may result in issues when generating XML +; documents, however this remains supported for backward compatibility reasons. +; Note that this directive does not control the would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 4096k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +; Enables or disables the circular reference collector. +; http://php.net/zend.enable-gc +zend.enable_gc = On + +; If enabled, scripts may be written in encodings that are incompatible with +; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such +; encodings. To use this feature, mbstring extension must be enabled. +; Default: Off +;zend.multibyte = Off + +; Allows to set the default encoding for the scripts. This value will be used +; unless "declare(encoding=...)" directive appears at the top of the script. +; Only affects if zend.multibyte is set. +; Default: "" +;zend.script_encoding = + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = On + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; How many GET/POST/COOKIE input variables may be accepted +; max_input_vars = 1000 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it is automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL (Show all errors, warnings and notices including coding standards.) +; E_ALL & ~E_NOTICE (Show all errors, except for notices) +; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT +; http://php.net/error-reporting +error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; For production environments, we recommend logging errors rather than +; sending them to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = Off + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. We strongly recommend you +; set this to 'off' for production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = Off + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of formatting the +; error message as HTML for easier reading. This directive controls whether +; the error message is formatted as HTML or not. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: On +; http://php.net/html-errors +html_errors = On + +; If html_errors is set to On *and* docref_root is not empty, then PHP +; produces clickable error messages that direct to a page describing the error +; or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty, in which +; case no links to documentation are generated. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on Windows). +;error_log = syslog + +;windows.show_crt_warning +; Default value: 0 +; Development value: 0 +; Production value: 0 + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. G,P,C,E & S are abbreviations for the following respective super +; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty +; paid for the registration of these arrays and because ENV is not as commonly +; used as the others, ENV is not recommended on productions servers. You +; can still get access to the environment variables through getenv() should you +; need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P & C) should be +; registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive +; are specified in the same manner as the variables_order directive, +; EXCEPT one. Leaving this value empty will cause PHP to use the value set +; in the variables_order directive. It does not mean it will leave the super +; globals array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the ENV, REQUEST and SERVER variables are created when they're +; first used (Just In Time) instead of when the script starts. If these +; variables are not used within a script, having this directive on will result +; in a performance gain. The PHP directive register_argc_argv must be disabled +; for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Whether PHP will read the POST data. +; This option is enabled by default. +; Most likely, you won't want to disable this option globally. It causes $_POST +; and $_FILES to always be empty; the only way you will be able to read the +; POST data will be through the php://input stream wrapper. This can be useful +; to proxy requests or to process the POST data in a memory efficient fashion. +; http://php.net/enable-post-data-reading +;enable_post_data_reading = Off + +; Maximum size of POST data that PHP will accept. +; Its value may be 0 to disable the limit. It is ignored if POST data reading +; is disabled through enable_post_data_reading. +; http://php.net/post-max-size +post_max_size = 8M + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a media type using the Content-Type header. To +; disable this, simply set it to be empty. +; +; PHP's built-in default media type is set to text/html. +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to UTF-8. +; http://php.net/default-charset +default_charset = "UTF-8" + +; PHP internal character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/internal-encoding +;internal_encoding = + +; PHP input character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/input-encoding +;input_encoding = + +; PHP output character encoding is set to empty. +; If empty, default_charset is used. +; See also output_buffer. +; http://php.net/output-encoding +;output_encoding = + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +;include_path = ".:/php/includes" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Directory where the temporary files should be placed. +; Defaults to the system default (see sys_get_temp_dir) +; sys_temp_dir = "/tmp" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside +; of the web tree and people will not be able to circumvent .htaccess security. +; http://php.net/cgi.dicard-path +;cgi.discard_path=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1 + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If set to 0, PHP sends Status: header that +; is supported by Apache. When this option is set to 1, PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! +; (shebang) at the top of the running script. This line might be needed if the +; script support running both as stand-alone script and via PHP CGI<. PHP in CGI +; mode skips this line and ignores its content if this directive is turned on. +; http://php.net/cgi.check-shebang-line +;cgi.check_shebang_line=1 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = On + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5+) +; extension folders as well as the separate PECL DLL download (PHP 5+). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_ftp.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysqli.dll +;extension=php_oci8_12c.dll ; Use with Oracle Database 12c Instant Client +;extension=php_odbc.dll +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_shmop.dll + +; The MIBS data available in the PHP distribution must be installed. +; See http://www.php.net/manual/en/snmp.installation.php +;extension=php_snmp.dll + +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite3.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[CLI Server] +; Whether the CLI web server uses ANSI color coding in its terminal output. +cli_server.color = On + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +; Use of this INI entry is deprecated, use global input_encoding instead. +; If empty, default_charset or input_encoding or iconv.input_encoding is used. +; The precedence is: default_charset < intput_encoding < iconv.input_encoding +;iconv.input_encoding = + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;iconv.internal_encoding = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; If empty, default_charset or output_encoding or iconv.output_encoding is used. +; The precedence is: default_charset < output_encoding < iconv.output_encoding +; To use an output encoding conversion, iconv's output handler must be set +; otherwise output encoding conversion cannot be performed. +;iconv.output_encoding = + +[imap] +; rsh/ssh logins are disabled by default. Use this INI entry if you want to +; enable them. Note that the IMAP library does not filter mailbox names before +; passing them to rsh/ssh command, thus passing untrusted data to this function +; with rsh/ssh enabled is insecure. +;imap.enable_insecure_rsh=0 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING +;intl.use_exceptions = 0 + +[sqlite3] +; Directory pointing to SQLite3 extensions +; http://php.net/sqlite3.extension-dir +;sqlite3.extension_dir = + +; SQLite defensive mode flag (only available from SQLite 3.26+) +; When the defensive flag is enabled, language features that allow ordinary +; SQL to deliberately corrupt the database file are disabled. This forbids +; writing directly to the schema, shadow tables (eg. FTS data tables), or +; the sqlite_dbpage virtual table. +; https://www.sqlite.org/c3ref/c_dbconfig_defensive.html +; (for older SQLite versions, this flag has no use) +sqlite3.defensive = 1 + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +;Enables or disables JIT compilation of patterns. This requires the PCRE +;library to be compiled with JIT support. +;pcre.jit=1 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(). +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = Off + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = +; Log mail to syslog (Event Log on Windows). +;mail.log = syslog + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = Off + +; Records communication from all extensions using mysqlnd to the specified log +; file. +; http://php.net/mysqlnd.debug +;mysqlnd.debug = + +; Defines which queries will be logged. +; http://php.net/mysqlnd.log_mask +;mysqlnd.log_mask = 0 + +; Default size of the mysqlnd memory pool, which is used by result sets. +; http://php.net/mysqlnd.mempool_default_size +;mysqlnd.mempool_default_size = 16000 + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +; Timeout for network requests in seconds. +; http://php.net/mysqlnd.net_read_timeout +;mysqlnd.net_read_timeout = 31536000 + +; SHA-256 Authentication Plugin related. File with the MySQL server public RSA +; key. +; http://php.net/mysqlnd.sha256_server_public_key +;mysqlnd.sha256_server_public_key = + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgreSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if +; your OS has problems with many files in one directory, and is +; a more efficient layout for servers that handle many sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +;session.save_path = "/tmp" + +; Whether to use strict session mode. +; Strict session mode does not accept uninitialized session ID and regenerate +; session ID if browser sends uninitialized session ID. Strict mode protects +; applications from session fixation via session adoption vulnerability. It is +; disabled by default for maximum compatibility, but enabling it is encouraged. +; https://wiki.php.net/rfc/strict_sessions +session.use_strict_mode = 0 + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combating +; session hijacking when not specifying and managing your own session id. It is +; not the be-all and end-all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 -type f | xargs rm + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users' security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publicly accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Set session ID character length. This value could be between 22 to 256. +; Shorter length than default is supported only for compatibility reason. +; Users should use 32 or more chars. +; http://php.net/session.sid-length +; Default Value: 32 +; Development Value: 26 +; Production Value: 26 +session.sid_length = 26 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +;
is special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. tag's action attribute URL will not be modified +; unless it is specified. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=" +; Development Value: "a=href,area=href,frame=src,form=" +; Production Value: "a=href,area=href,frame=src,form=" +; http://php.net/url-rewriter.tags +session.trans_sid_tags = "a=href,area=href,frame=src,form=" + +; URL rewriter does not rewrite absolute URLs by default. +; To enable rewrites for absolute pathes, target hosts must be specified +; at RUNTIME. i.e. use ini_set() +; tags is special. PHP will check action attribute's URL regardless +; of session.trans_sid_tags setting. +; If no host is defined, HTTP_HOST will be used for allowed host. +; Example value: php.net,www.php.net,wiki.php.net +; Use "," for multiple hosts. No spaces are allowed. +; Default Value: "" +; Development Value: "" +; Production Value: "" +;session.trans_sid_hosts="" + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.sid_bits_per_character = 5 + +; Enable upload progress tracking in $_SESSION +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.enabled +;session.upload_progress.enabled = On + +; Cleanup the progress information as soon as all POST data has been read +; (i.e. upload completed). +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.cleanup +;session.upload_progress.cleanup = On + +; A prefix used for the upload progress key in $_SESSION +; Default Value: "upload_progress_" +; Development Value: "upload_progress_" +; Production Value: "upload_progress_" +; http://php.net/session.upload-progress.prefix +;session.upload_progress.prefix = "upload_progress_" + +; The index name (concatenated with the prefix) in $_SESSION +; containing the upload progress information +; Default Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Development Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Production Value: "PHP_SESSION_UPLOAD_PROGRESS" +; http://php.net/session.upload-progress.name +;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" + +; How frequently the upload progress should be updated. +; Given either in percentages (per-file), or in bytes +; Default Value: "1%" +; Development Value: "1%" +; Production Value: "1%" +; http://php.net/session.upload-progress.freq +;session.upload_progress.freq = "1%" + +; The minimum delay between updates, in seconds +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.upload-progress.min-freq +;session.upload_progress.min_freq = "1" + +; Only write session data when session data is changed. Enabled by default. +; http://php.net/session.lazy-write +;session.lazy_write = On + +[Assertion] +; Switch whether to compile assertions at all (to have no overhead at run-time) +; -1: Do not compile at all +; 0: Jump over assertion at run-time +; 1: Execute assertions +; Changing from or to a negative value is only possible in php.ini! (For turning assertions on and off at run-time, see assert.active, when zend.assertions = 1) +; Default Value: 1 +; Development Value: 1 +; Production Value: -1 +; http://php.net/zend.assertions +zend.assertions = -1 + +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Throw an AssertationException on failed assertions +; http://php.net/assert.exception +;assert.exception = On + +; Issue a PHP warning for each failed assertion. (Overridden by assert.exception if active) +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; This affects mb_send_mail() and mbstring.detect_order. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; internal/script encoding. +; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*) +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;mbstring.internal_encoding = + +; Use of this INI entry is deprecated, use global input_encoding instead. +; http input encoding. +; mbstring.encoding_traslation = On is needed to use this setting. +; If empty, default_charset or input_encoding or mbstring.input is used. +; The precedence is: default_charset < intput_encoding < mbsting.http_input +; http://php.net/mbstring.http-input +;mbstring.http_input = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; http output encoding. +; mb_output_handler must be registered as output buffer to function. +; If empty, default_charset or output_encoding or mbstring.http_output is used. +; The precedence is: default_charset < output_encoding < mbstring.http_output +; To use an output encoding conversion, mbstring's output handler must be set +; otherwise output encoding conversion cannot be performed. +; http://php.net/mbstring.http-output +;mbstring.http_output = + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; "auto" detect order is changed according to mbstring.language +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +; Default: Off +;mbstring.strict_detection = On + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 1 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +[opcache] +; Determines if Zend OPCache is enabled +;opcache.enable=1 + +; Determines if Zend OPCache is enabled for the CLI version of PHP +;opcache.enable_cli=0 + +; The OPcache shared memory storage size. +;opcache.memory_consumption=128 + +; The amount of memory for interned strings in Mbytes. +;opcache.interned_strings_buffer=8 + +; The maximum number of keys (scripts) in the OPcache hash table. +; Only numbers between 200 and 1000000 are allowed. +;opcache.max_accelerated_files=10000 + +; The maximum percentage of "wasted" memory until a restart is scheduled. +;opcache.max_wasted_percentage=5 + +; When this directive is enabled, the OPcache appends the current working +; directory to the script key, thus eliminating possible collisions between +; files with the same name (basename). Disabling the directive improves +; performance, but may break existing applications. +;opcache.use_cwd=1 + +; When disabled, you must reset the OPcache manually or restart the +; webserver for changes to the filesystem to take effect. +;opcache.validate_timestamps=1 + +; How often (in seconds) to check file timestamps for changes to the shared +; memory storage allocation. ("1" means validate once per second, but only +; once per request. "0" means always validate) +;opcache.revalidate_freq=2 + +; Enables or disables file search in include_path optimization +;opcache.revalidate_path=0 + +; If disabled, all PHPDoc comments are dropped from the code to reduce the +; size of the optimized code. +;opcache.save_comments=1 + +; If enabled, a fast shutdown sequence is used for the accelerated code +; Depending on the used Memory Manager this may cause some incompatibilities. +;opcache.fast_shutdown=0 + +; Allow file existence override (file_exists, etc.) performance feature. +;opcache.enable_file_override=0 + +; A bitmask, where each bit enables or disables the appropriate OPcache +; passes +;opcache.optimization_level=0xffffffff + +;opcache.inherited_hack=1 +;opcache.dups_fix=0 + +; The location of the OPcache blacklist file (wildcards allowed). +; Each OPcache blacklist file is a text file that holds the names of files +; that should not be accelerated. The file format is to add each filename +; to a new line. The filename may be a full path or just a file prefix +; (i.e., /var/www/x blacklists all the files and directories in /var/www +; that start with 'x'). Line starting with a ; are ignored (comments). +;opcache.blacklist_filename= + +; Allows exclusion of large files from being cached. By default all files +; are cached. +;opcache.max_file_size=0 + +; Check the cache checksum each N requests. +; The default value of "0" means that the checks are disabled. +;opcache.consistency_checks=0 + +; How long to wait (in seconds) for a scheduled restart to begin if the cache +; is not being accessed. +;opcache.force_restart_timeout=180 + +; OPcache error_log file name. Empty string assumes "stderr". +;opcache.error_log= + +; All OPcache errors go to the Web server log. +; By default, only fatal errors (level 0) or errors (level 1) are logged. +; You can also enable warnings (level 2), info messages (level 3) or +; debug messages (level 4). +;opcache.log_verbosity_level=1 + +; Preferred Shared Memory back-end. Leave empty and let the system decide. +;opcache.preferred_memory_model= + +; Protect the shared memory from unexpected writing during script execution. +; Useful for internal debugging only. +;opcache.protect_memory=0 + +; Allows calling OPcache API functions only from PHP scripts which path is +; started from specified string. The default "" means no restriction +;opcache.restrict_api= + +; Mapping base of shared memory segments (for Windows only). All the PHP +; processes have to map shared memory into the same address space. This +; directive allows to manually fix the "Unable to reattach to base address" +; errors. +;opcache.mmap_base= + +; Enables and sets the second level cache directory. +; It should improve performance when SHM memory is full, at server restart or +; SHM reset. The default "" disables file based caching. +;opcache.file_cache= + +; Enables or disables opcode caching in shared memory. +;opcache.file_cache_only=0 + +; Enables or disables checksum validation when script loaded from file cache. +;opcache.file_cache_consistency_checks=1 + +; Implies opcache.file_cache_only=1 for a certain process that failed to +; reattach to the shared memory (for Windows only). Explicitly enabled file +; cache is required. +;opcache.file_cache_fallback=1 + +; Enables or disables copying of PHP code (text segment) into HUGE PAGES. +; This should improve performance, but requires appropriate OS configuration. +;opcache.huge_code_pages=1 + +; Validate cached file permissions. +;opcache.validate_permission=0 + +; Prevent name collisions in chroot'ed environment. +;opcache.validate_root=0 + +; If specified, it produces opcode dumps for debugging different stages of +; optimizations. +;opcache.opt_debug_level=0 + +[curl] +; A default value for the CURLOPT_CAINFO option. This is required to be an +; absolute path. +;curl.cainfo = + +[openssl] +; The location of a Certificate Authority (CA) file on the local filesystem +; to use when verifying the identity of SSL/TLS peers. Most users should +; not specify a value for this directive as PHP will attempt to use the +; OS-managed cert stores in its absence. If specified, this value may still +; be overridden on a per-stream basis via the "cafile" SSL stream context +; option. +;openssl.cafile= + +; If openssl.cafile is not specified or if the CA file is not found, the +; directory pointed to by openssl.capath is searched for a suitable +; certificate. This value must be a correctly hashed certificate directory. +; Most users should not specify a value for this directive as PHP will +; attempt to use the OS-managed cert stores in its absence. If specified, +; this value may still be overridden on a per-stream basis via the "capath" +; SSL stream context option. +;openssl.capath= + +; Local Variables: +; tab-width: 4 +; End: diff --git a/conf/php/php-fpm.d/conf-7.2/php-fpm.conf b/conf/php/php-fpm.d/conf-7.2/php-fpm.conf new file mode 100644 index 00000000..a446eed6 --- /dev/null +++ b/conf/php/php-fpm.d/conf-7.2/php-fpm.conf @@ -0,0 +1,125 @@ +;;;;;;;;;;;;;;;;;;;;; +; FPM Configuration ; +;;;;;;;;;;;;;;;;;;;;; + +; All relative paths in this configuration file are relative to PHP's install +; prefix (/usr/local). This prefix can be dynamically changed by using the +; '-p' argument from the command line. + +;;;;;;;;;;;;;;;;;; +; Global Options ; +;;;;;;;;;;;;;;;;;; + +[global] +; Pid file +; Note: the default prefix is /usr/local/var +; Default Value: none +;pid = run/php-fpm.pid + +; Error log file +; If it's set to "syslog", log is sent to syslogd instead of being written +; into a local file. +; Note: the default prefix is /usr/local/var +; Default Value: log/php-fpm.log +;error_log = log/php-fpm.log + +; syslog_facility is used to specify what type of program is logging the +; message. This lets syslogd specify that messages from different facilities +; will be handled differently. +; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON) +; Default Value: daemon +;syslog.facility = daemon + +; syslog_ident is prepended to every message. If you have multiple FPM +; instances running on the same server, you can change the default value +; which must suit common needs. +; Default Value: php-fpm +;syslog.ident = php-fpm + +; Log level +; Possible Values: alert, error, warning, notice, debug +; Default Value: notice +;log_level = notice + +; If this number of child processes exit with SIGSEGV or SIGBUS within the time +; interval set by emergency_restart_interval then FPM will restart. A value +; of '0' means 'Off'. +; Default Value: 0 +;emergency_restart_threshold = 0 + +; Interval of time used by emergency_restart_interval to determine when +; a graceful restart will be initiated. This can be useful to work around +; accidental corruptions in an accelerator's shared memory. +; Available Units: s(econds), m(inutes), h(ours), or d(ays) +; Default Unit: seconds +; Default Value: 0 +;emergency_restart_interval = 0 + +; Time limit for child processes to wait for a reaction on signals from master. +; Available units: s(econds), m(inutes), h(ours), or d(ays) +; Default Unit: seconds +; Default Value: 0 +;process_control_timeout = 0 + +; The maximum number of processes FPM will fork. This has been designed to control +; the global number of processes when using dynamic PM within a lot of pools. +; Use it with caution. +; Note: A value of 0 indicates no limit +; Default Value: 0 +; process.max = 128 + +; Specify the nice(2) priority to apply to the master process (only if set) +; The value can vary from -19 (highest priority) to 20 (lowest priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool process will inherit the master process priority +; unless specified otherwise +; Default Value: no set +; process.priority = -19 + +; Send FPM to background. Set to 'no' to keep FPM in foreground for debugging. +; Default Value: yes +;daemonize = yes + +; Set open file descriptor rlimit for the master process. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit for the master process. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Specify the event mechanism FPM will use. The following is available: +; - select (any POSIX os) +; - poll (any POSIX os) +; - epoll (linux >= 2.5.44) +; - kqueue (FreeBSD >= 4.1, OpenBSD >= 2.9, NetBSD >= 2.0) +; - /dev/poll (Solaris >= 7) +; - port (Solaris >= 10) +; Default Value: not set (auto detection) +;events.mechanism = epoll + +; When FPM is built with systemd integration, specify the interval, +; in seconds, between health report notification to systemd. +; Set to 0 to disable. +; Available Units: s(econds), m(inutes), h(ours) +; Default Unit: seconds +; Default value: 10 +;systemd_interval = 10 + +;;;;;;;;;;;;;;;;;;;; +; Pool Definitions ; +;;;;;;;;;;;;;;;;;;;; + +; Multiple pools of child processes may be started with different listening +; ports and different management options. The name of the pool will be +; used in logs and stats. There is no limitation on the number of pools which +; FPM can handle. Your system will tell you anyway :) + +; Include one or more files. If glob(3) exists, it is used to include a bunch of +; files from a glob(3) pattern. This directive can be used everywhere in the +; file. +; Relative path can also be used. They will be prefixed by: +; - the global prefix if it's been set (-p argument) +; - /usr/local otherwise +include=etc/php-fpm.d/*.conf diff --git a/conf/php/php-fpm.d/conf-7.2/php-fpm.d/docker.conf b/conf/php/php-fpm.d/conf-7.2/php-fpm.d/docker.conf new file mode 100644 index 00000000..67913346 --- /dev/null +++ b/conf/php/php-fpm.d/conf-7.2/php-fpm.d/docker.conf @@ -0,0 +1,11 @@ +[global] +error_log = /proc/self/fd/2 + +[www] +; if we send this to /proc/self/fd/1, it never appears +access.log = /proc/self/fd/2 + +clear_env = no + +; Ensure worker stdout and stderr are sent to the main error log. +catch_workers_output = yes diff --git a/conf/php/php-fpm.d/conf-7.2/php-fpm.d/www.conf b/conf/php/php-fpm.d/conf-7.2/php-fpm.d/www.conf new file mode 100644 index 00000000..3377dbb6 --- /dev/null +++ b/conf/php/php-fpm.d/conf-7.2/php-fpm.d/www.conf @@ -0,0 +1,423 @@ +; Start a new pool named 'www'. +; the variable $pool can be used in any directive and will be replaced by the +; pool name ('www' here) +[www] + +; Per pool prefix +; It only applies on the following directives: +; - 'access.log' +; - 'slowlog' +; - 'listen' (unixsocket) +; - 'chroot' +; - 'chdir' +; - 'php_values' +; - 'php_admin_values' +; When not set, the global prefix (or NONE) applies instead. +; Note: This directive can also be relative to the global prefix. +; Default Value: none +;prefix = /path/to/pools/$pool + +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +user = www-data +group = www-data + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on +; a specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +listen = 127.0.0.1:9000 + +; Set listen(2) backlog. +; Default Value: 511 (-1 on FreeBSD and OpenBSD) +;listen.backlog = 511 + +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. +; Default Values: user and group are set as the running user +; mode is set to 0660 +;listen.owner = www-data +;listen.group = www-data +;listen.mode = 0660 +; When POSIX Access Control Lists are supported you can set them using +; these options, value is a comma separated list of user/group names. +; When set, listen.owner and listen.group are ignored +;listen.acl_users = +;listen.acl_groups = + +; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. +; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original +; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address +; must be separated by a comma. If this value is left blank, connections will be +; accepted from any ip address. +; Default Value: any +;listen.allowed_clients = 127.0.0.1 + +; Specify the nice(2) priority to apply to the pool processes (only if set) +; The value can vary from -19 (highest priority) to 20 (lower priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool processes will inherit the master process priority +; unless it specified otherwise +; Default Value: no set +; process.priority = -19 + +; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user +; or group is differrent than the master process user. It allows to create process +; core dump and ptrace the process for the pool user. +; Default Value: no +; process.dumpable = yes + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives. With this process management, there will be +; always at least 1 children. +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; ondemand - no children are created at startup. Children will be forked when +; new requests will connect. The following parameter are used: +; pm.max_children - the maximum number of children that +; can be alive at the same time. +; pm.process_idle_timeout - The number of seconds after which +; an idle process will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. The below defaults are based on a server without much resources. Don't +; forget to tweak pm.* to fit your needs. +; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' +; Note: This value is mandatory. +pm.max_children = 5 + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 +pm.start_servers = 2 + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.min_spare_servers = 1 + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.max_spare_servers = 3 + +; The number of seconds after which an idle process will be killed. +; Note: Used only when pm is set to 'ondemand' +; Default Value: 10s +;pm.process_idle_timeout = 10s; + +; The number of requests each child process should execute before respawning. +; This can be useful to work around memory leaks in 3rd party libraries. For +; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. +; Default Value: 0 +;pm.max_requests = 500 + +; The URI to view the FPM status page. If this value is not set, no URI will be +; recognized as a status page. It shows the following informations: +; pool - the name of the pool; +; process manager - static, dynamic or ondemand; +; start time - the date and time FPM has started; +; start since - number of seconds since FPM has started; +; accepted conn - the number of request accepted by the pool; +; listen queue - the number of request in the queue of pending +; connections (see backlog in listen(2)); +; max listen queue - the maximum number of requests in the queue +; of pending connections since FPM has started; +; listen queue len - the size of the socket queue of pending connections; +; idle processes - the number of idle processes; +; active processes - the number of active processes; +; total processes - the number of idle + active processes; +; max active processes - the maximum number of active processes since FPM +; has started; +; max children reached - number of times, the process limit has been reached, +; when pm tries to start more children (works only for +; pm 'dynamic' and 'ondemand'); +; Value are updated in real time. +; Example output: +; pool: www +; process manager: static +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 62636 +; accepted conn: 190460 +; listen queue: 0 +; max listen queue: 1 +; listen queue len: 42 +; idle processes: 4 +; active processes: 11 +; total processes: 15 +; max active processes: 12 +; max children reached: 0 +; +; By default the status page output is formatted as text/plain. Passing either +; 'html', 'xml' or 'json' in the query string will return the corresponding +; output syntax. Example: +; http://www.foo.bar/status +; http://www.foo.bar/status?json +; http://www.foo.bar/status?html +; http://www.foo.bar/status?xml +; +; By default the status page only outputs short status. Passing 'full' in the +; query string will also return status for each pool process. +; Example: +; http://www.foo.bar/status?full +; http://www.foo.bar/status?json&full +; http://www.foo.bar/status?html&full +; http://www.foo.bar/status?xml&full +; The Full status returns for each process: +; pid - the PID of the process; +; state - the state of the process (Idle, Running, ...); +; start time - the date and time the process has started; +; start since - the number of seconds since the process has started; +; requests - the number of requests the process has served; +; request duration - the duration in µs of the requests; +; request method - the request method (GET, POST, ...); +; request URI - the request URI with the query string; +; content length - the content length of the request (only with POST); +; user - the user (PHP_AUTH_USER) (or '-' if not set); +; script - the main script called (or '-' if not set); +; last request cpu - the %cpu the last request consumed +; it's always 0 if the process is not in Idle state +; because CPU calculation is done when the request +; processing has terminated; +; last request memory - the max amount of memory the last request consumed +; it's always 0 if the process is not in Idle state +; because memory calculation is done when the request +; processing has terminated; +; If the process is in Idle state, then informations are related to the +; last request the process has served. Otherwise informations are related to +; the current request being served. +; Example output: +; ************************ +; pid: 31330 +; state: Running +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 63087 +; requests: 12808 +; request duration: 1250261 +; request method: GET +; request URI: /test_mem.php?N=10000 +; content length: 0 +; user: - +; script: /home/fat/web/docs/php/test_mem.php +; last request cpu: 0.00 +; last request memory: 0 +; +; Note: There is a real-time FPM status monitoring sample web page available +; It's available in: /usr/local/share/php/fpm/status.html +; +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;pm.status_path = /status + +; The ping URI to call the monitoring page of FPM. If this value is not set, no +; URI will be recognized as a ping page. This could be used to test from outside +; that FPM is alive and responding, or to +; - create a graph of FPM availability (rrd or such); +; - remove a server from a group if it is not responding (load balancing); +; - trigger alerts for the operating team (24/7). +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;ping.path = /ping + +; This directive may be used to customize the response of a ping request. The +; response is formatted as text/plain with a 200 response code. +; Default Value: pong +;ping.response = pong + +; The access log file +; Default: not set +;access.log = log/$pool.access.log + +; The access log format. +; The following syntax is allowed +; %%: the '%' character +; %C: %CPU used by the request +; it can accept the following format: +; - %{user}C for user CPU only +; - %{system}C for system CPU only +; - %{total}C for user + system CPU (default) +; %d: time taken to serve the request +; it can accept the following format: +; - %{seconds}d (default) +; - %{miliseconds}d +; - %{mili}d +; - %{microseconds}d +; - %{micro}d +; %e: an environment variable (same as $_ENV or $_SERVER) +; it must be associated with embraces to specify the name of the env +; variable. Some exemples: +; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e +; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e +; %f: script filename +; %l: content-length of the request (for POST request only) +; %m: request method +; %M: peak of memory allocated by PHP +; it can accept the following format: +; - %{bytes}M (default) +; - %{kilobytes}M +; - %{kilo}M +; - %{megabytes}M +; - %{mega}M +; %n: pool name +; %o: output header +; it must be associated with embraces to specify the name of the header: +; - %{Content-Type}o +; - %{X-Powered-By}o +; - %{Transfert-Encoding}o +; - .... +; %p: PID of the child that serviced the request +; %P: PID of the parent of the child that serviced the request +; %q: the query string +; %Q: the '?' character if query string exists +; %r: the request URI (without the query string, see %q and %Q) +; %R: remote IP address +; %s: status (response code) +; %t: server time the request was received +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %T: time the log has been written (the request has finished) +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %u: remote user +; +; Default: "%R - %u %t \"%m %r\" %s" +;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +;slowlog = log/$pool.log.slow + +; The timeout for serving a single request after which a PHP backtrace will be +; dumped to the 'slowlog' file. A value of '0s' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_slowlog_timeout = 0 + +; Depth of slow log stack trace. +; Default Value: 20 +;request_slowlog_trace_depth = 20 + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_terminate_timeout = 0 + +; Set open file descriptor rlimit. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Chroot to this directory at the start. This value must be defined as an +; absolute path. When this value is not set, chroot is not used. +; Note: you can prefix with '$prefix' to chroot to the pool prefix or one +; of its subdirectories. If the pool prefix is not set, the global prefix +; will be used instead. +; Note: chrooting is a great security feature and should be used whenever +; possible. However, all PHP paths will be relative to the chroot +; (error_log, sessions.save_path, ...). +; Default Value: not set +;chroot = + +; Chdir to this directory at the start. +; Note: relative path can be used. +; Default Value: current directory or / when chroot +;chdir = /var/www + +; Redirect worker stdout and stderr into main error log. If not set, stdout and +; stderr will be redirected to /dev/null according to FastCGI specs. +; Note: on highloaded environement, this can cause some delay in the page +; process time (several ms). +; Default Value: no +;catch_workers_output = yes + +; Clear environment in FPM workers +; Prevents arbitrary environment variables from reaching FPM worker processes +; by clearing the environment in workers before env vars specified in this +; pool configuration are added. +; Setting to "no" will make all environment variables available to PHP code +; via getenv(), $_ENV and $_SERVER. +; Default Value: yes +;clear_env = no + +; Limits the extensions of the main script FPM will allow to parse. This can +; prevent configuration mistakes on the web server side. You should only limit +; FPM to .php extensions to prevent malicious users to use other extensions to +; execute php code. +; Note: set an empty value to allow all extensions. +; Default Value: .php +;security.limit_extensions = .php .php3 .php4 .php5 .php7 + +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from +; the current environment. +; Default Value: clean env +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /tmp +;env[TMPDIR] = /tmp +;env[TEMP] = /tmp + +; Additional php.ini defines, specific to this pool of workers. These settings +; overwrite the values previously defined in the php.ini. The directives are the +; same as the PHP SAPI: +; php_value/php_flag - you can set classic ini defines which can +; be overwritten from PHP call 'ini_set'. +; php_admin_value/php_admin_flag - these directives won't be overwritten by +; PHP call 'ini_set' +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. + +; Defining 'extension' will load the corresponding shared extension from +; extension_dir. Defining 'disable_functions' or 'disable_classes' will not +; overwrite previously defined php.ini values, but will append the new value +; instead. + +; Note: path INI options can be relative and will be expanded with the prefix +; (pool, global or /usr/local) + +; Default Value: nothing is defined by default except the values in php.ini and +; specified at startup with the -d argument +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com +;php_flag[display_errors] = off +;php_admin_value[error_log] = /var/log/fpm-php.www.log +;php_admin_flag[log_errors] = on +;php_admin_value[memory_limit] = 32M diff --git a/conf/php/php-fpm.d/conf-7.2/php-fpm.d/zz-docker.conf b/conf/php/php-fpm.d/conf-7.2/php-fpm.d/zz-docker.conf new file mode 100644 index 00000000..e0590d8f --- /dev/null +++ b/conf/php/php-fpm.d/conf-7.2/php-fpm.d/zz-docker.conf @@ -0,0 +1,5 @@ +[global] +daemonize = no + +[www] +listen = 9000 diff --git a/conf/php/php-fpm.d/conf-7.2/php.ini b/conf/php/php-fpm.d/conf-7.2/php.ini new file mode 100644 index 00000000..91c6129d --- /dev/null +++ b/conf/php/php-fpm.d/conf-7.2/php.ini @@ -0,0 +1,1938 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it is +; much more verbose when it comes to errors. We recommend using the +; development version only in development environments, as errors shown to +; application users can inadvertently leak otherwise secure information. + +; This is php.ini-production INI file. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT + +; html_errors +; Default Value: On +; Development Value: On +; Production value: On + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.sid_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It is +; generally recommended that should be used and that this feature +; should be disabled, as enabling it may result in issues when generating XML +; documents, however this remains supported for backward compatibility reasons. +; Note that this directive does not control the would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; Note: if open_basedir is set, the cache is disabled +; http://php.net/realpath-cache-size +;realpath_cache_size = 4096k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +; Enables or disables the circular reference collector. +; http://php.net/zend.enable-gc +zend.enable_gc = On + +; If enabled, scripts may be written in encodings that are incompatible with +; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such +; encodings. To use this feature, mbstring extension must be enabled. +; Default: Off +;zend.multibyte = Off + +; Allows to set the default encoding for the scripts. This value will be used +; unless "declare(encoding=...)" directive appears at the top of the script. +; Only affects if zend.multibyte is set. +; Default: "" +;zend.script_encoding = + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = On + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; How many GET/POST/COOKIE input variables may be accepted +; max_input_vars = 1000 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it is automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL (Show all errors, warnings and notices including coding standards.) +; E_ALL & ~E_NOTICE (Show all errors, except for notices) +; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT +; http://php.net/error-reporting +error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; For production environments, we recommend logging errors rather than +; sending them to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = Off + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. We strongly recommend you +; set this to 'off' for production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = Off + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; This directive is DEPRECATED. +; Default Value: Off +; Development Value: Off +; Production Value: Off +; http://php.net/track-errors +;track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of formatting the +; error message as HTML for easier reading. This directive controls whether +; the error message is formatted as HTML or not. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: On +; http://php.net/html-errors +html_errors = On + +; If html_errors is set to On *and* docref_root is not empty, then PHP +; produces clickable error messages that direct to a page describing the error +; or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty, in which +; case no links to documentation are generated. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on Windows). +;error_log = syslog + +;windows.show_crt_warning +; Default value: 0 +; Development value: 0 +; Production value: 0 + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. G,P,C,E & S are abbreviations for the following respective super +; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty +; paid for the registration of these arrays and because ENV is not as commonly +; used as the others, ENV is not recommended on productions servers. You +; can still get access to the environment variables through getenv() should you +; need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P & C) should be +; registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive +; are specified in the same manner as the variables_order directive, +; EXCEPT one. Leaving this value empty will cause PHP to use the value set +; in the variables_order directive. It does not mean it will leave the super +; globals array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the ENV, REQUEST and SERVER variables are created when they're +; first used (Just In Time) instead of when the script starts. If these +; variables are not used within a script, having this directive on will result +; in a performance gain. The PHP directive register_argc_argv must be disabled +; for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Whether PHP will read the POST data. +; This option is enabled by default. +; Most likely, you won't want to disable this option globally. It causes $_POST +; and $_FILES to always be empty; the only way you will be able to read the +; POST data will be through the php://input stream wrapper. This can be useful +; to proxy requests or to process the POST data in a memory efficient fashion. +; http://php.net/enable-post-data-reading +;enable_post_data_reading = Off + +; Maximum size of POST data that PHP will accept. +; Its value may be 0 to disable the limit. It is ignored if POST data reading +; is disabled through enable_post_data_reading. +; http://php.net/post-max-size +post_max_size = 8M + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a media type using the Content-Type header. To +; disable this, simply set it to be empty. +; +; PHP's built-in default media type is set to text/html. +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to UTF-8. +; http://php.net/default-charset +default_charset = "UTF-8" + +; PHP internal character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/internal-encoding +;internal_encoding = + +; PHP input character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/input-encoding +;input_encoding = + +; PHP output character encoding is set to empty. +; If empty, default_charset is used. +; See also output_buffer. +; http://php.net/output-encoding +;output_encoding = + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +;include_path = ".:/php/includes" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Directory where the temporary files should be placed. +; Defaults to the system default (see sys_get_temp_dir) +; sys_temp_dir = "/tmp" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside +; of the web tree and people will not be able to circumvent .htaccess security. +; http://php.net/cgi.dicard-path +;cgi.discard_path=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1 + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If set to 0, PHP sends Status: header that +; is supported by Apache. When this option is set to 1, PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! +; (shebang) at the top of the running script. This line might be needed if the +; script support running both as stand-alone script and via PHP CGI<. PHP in CGI +; mode skips this line and ignores its content if this directive is turned on. +; http://php.net/cgi.check-shebang-line +;cgi.check_shebang_line=1 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = On + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename +; +; For example: +; +; extension=mysqli +; +; When the extension library to load is not located in the default extension +; directory, You may specify an absolute path to the library file: +; +; extension=/path/to/extension/mysqli.so +; +; Note : The syntax used in previous PHP versions ('extension=.so' and +; 'extension='php_.dll') is supported for legacy reasons and may be +; deprecated in a future PHP major version. So, when it is possible, please +; move to the new ('extension=) syntax. +; +; Notes for Windows environments : +; +; - Many DLL files are located in the extensions/ (PHP 4) or ext/ (PHP 5+) +; extension folders as well as the separate PECL DLL download (PHP 5+). +; Be sure to appropriately set the extension_dir directive. +; +;extension=bz2 +;extension=curl +;extension=fileinfo +;extension=gd2 +;extension=gettext +;extension=gmp +;extension=intl +;extension=imap +;extension=interbase +;extension=ldap +;extension=mbstring +;extension=exif ; Must be after mbstring as it depends on it +;extension=mysqli +;extension=oci8_12c ; Use with Oracle Database 12c Instant Client +;extension=odbc +;extension=openssl +;extension=pdo_firebird +;extension=pdo_mysql +;extension=pdo_oci +;extension=pdo_odbc +;extension=pdo_pgsql +;extension=pdo_sqlite +;extension=pgsql +;extension=shmop + +; The MIBS data available in the PHP distribution must be installed. +; See http://www.php.net/manual/en/snmp.installation.php +;extension=snmp + +;extension=soap +;extension=sockets +;extension=sqlite3 +;extension=tidy +;extension=xmlrpc +;extension=xsl + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[CLI Server] +; Whether the CLI web server uses ANSI color coding in its terminal output. +cli_server.color = On + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +; Use of this INI entry is deprecated, use global input_encoding instead. +; If empty, default_charset or input_encoding or iconv.input_encoding is used. +; The precedence is: default_charset < intput_encoding < iconv.input_encoding +;iconv.input_encoding = + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;iconv.internal_encoding = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; If empty, default_charset or output_encoding or iconv.output_encoding is used. +; The precedence is: default_charset < output_encoding < iconv.output_encoding +; To use an output encoding conversion, iconv's output handler must be set +; otherwise output encoding conversion cannot be performed. +;iconv.output_encoding = + +[imap] +; rsh/ssh logins are disabled by default. Use this INI entry if you want to +; enable them. Note that the IMAP library does not filter mailbox names before +; passing them to rsh/ssh command, thus passing untrusted data to this function +; with rsh/ssh enabled is insecure. +;imap.enable_insecure_rsh=0 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING +;intl.use_exceptions = 0 + +[sqlite3] +; Directory pointing to SQLite3 extensions +; http://php.net/sqlite3.extension-dir +;sqlite3.extension_dir = + +; SQLite defensive mode flag (only available from SQLite 3.26+) +; When the defensive flag is enabled, language features that allow ordinary +; SQL to deliberately corrupt the database file are disabled. This forbids +; writing directly to the schema, shadow tables (eg. FTS data tables), or +; the sqlite_dbpage virtual table. +; https://www.sqlite.org/c3ref/c_dbconfig_defensive.html +; (for older SQLite versions, this flag has no use) +;sqlite3.defensive = 1 + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +;Enables or disables JIT compilation of patterns. This requires the PCRE +;library to be compiled with JIT support. +;pcre.jit=1 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(). +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = Off + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = +; Log mail to syslog (Event Log on Windows). +;mail.log = syslog + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = Off + +; Records communication from all extensions using mysqlnd to the specified log +; file. +; http://php.net/mysqlnd.debug +;mysqlnd.debug = + +; Defines which queries will be logged. +; http://php.net/mysqlnd.log_mask +;mysqlnd.log_mask = 0 + +; Default size of the mysqlnd memory pool, which is used by result sets. +; http://php.net/mysqlnd.mempool_default_size +;mysqlnd.mempool_default_size = 16000 + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +; Timeout for network requests in seconds. +; http://php.net/mysqlnd.net_read_timeout +;mysqlnd.net_read_timeout = 31536000 + +; SHA-256 Authentication Plugin related. File with the MySQL server public RSA +; key. +; http://php.net/mysqlnd.sha256_server_public_key +;mysqlnd.sha256_server_public_key = + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgreSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if +; your OS has problems with many files in one directory, and is +; a more efficient layout for servers that handle many sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +;session.save_path = "/tmp" + +; Whether to use strict session mode. +; Strict session mode does not accept uninitialized session ID and regenerate +; session ID if browser sends uninitialized session ID. Strict mode protects +; applications from session fixation via session adoption vulnerability. It is +; disabled by default for maximum compatibility, but enabling it is encouraged. +; https://wiki.php.net/rfc/strict_sessions +session.use_strict_mode = 0 + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combating +; session hijacking when not specifying and managing your own session id. It is +; not the be-all and end-all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 -type f | xargs rm + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users' security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publicly accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Set session ID character length. This value could be between 22 to 256. +; Shorter length than default is supported only for compatibility reason. +; Users should use 32 or more chars. +; http://php.net/session.sid-length +; Default Value: 32 +; Development Value: 26 +; Production Value: 26 +session.sid_length = 26 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; is special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. tag's action attribute URL will not be modified +; unless it is specified. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=" +; Development Value: "a=href,area=href,frame=src,form=" +; Production Value: "a=href,area=href,frame=src,form=" +; http://php.net/url-rewriter.tags +session.trans_sid_tags = "a=href,area=href,frame=src,form=" + +; URL rewriter does not rewrite absolute URLs by default. +; To enable rewrites for absolute pathes, target hosts must be specified +; at RUNTIME. i.e. use ini_set() +; tags is special. PHP will check action attribute's URL regardless +; of session.trans_sid_tags setting. +; If no host is defined, HTTP_HOST will be used for allowed host. +; Example value: php.net,www.php.net,wiki.php.net +; Use "," for multiple hosts. No spaces are allowed. +; Default Value: "" +; Development Value: "" +; Production Value: "" +;session.trans_sid_hosts="" + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.sid_bits_per_character = 5 + +; Enable upload progress tracking in $_SESSION +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.enabled +;session.upload_progress.enabled = On + +; Cleanup the progress information as soon as all POST data has been read +; (i.e. upload completed). +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.cleanup +;session.upload_progress.cleanup = On + +; A prefix used for the upload progress key in $_SESSION +; Default Value: "upload_progress_" +; Development Value: "upload_progress_" +; Production Value: "upload_progress_" +; http://php.net/session.upload-progress.prefix +;session.upload_progress.prefix = "upload_progress_" + +; The index name (concatenated with the prefix) in $_SESSION +; containing the upload progress information +; Default Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Development Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Production Value: "PHP_SESSION_UPLOAD_PROGRESS" +; http://php.net/session.upload-progress.name +;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" + +; How frequently the upload progress should be updated. +; Given either in percentages (per-file), or in bytes +; Default Value: "1%" +; Development Value: "1%" +; Production Value: "1%" +; http://php.net/session.upload-progress.freq +;session.upload_progress.freq = "1%" + +; The minimum delay between updates, in seconds +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.upload-progress.min-freq +;session.upload_progress.min_freq = "1" + +; Only write session data when session data is changed. Enabled by default. +; http://php.net/session.lazy-write +;session.lazy_write = On + +[Assertion] +; Switch whether to compile assertions at all (to have no overhead at run-time) +; -1: Do not compile at all +; 0: Jump over assertion at run-time +; 1: Execute assertions +; Changing from or to a negative value is only possible in php.ini! (For turning assertions on and off at run-time, see assert.active, when zend.assertions = 1) +; Default Value: 1 +; Development Value: 1 +; Production Value: -1 +; http://php.net/zend.assertions +zend.assertions = -1 + +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Throw an AssertationException on failed assertions +; http://php.net/assert.exception +;assert.exception = On + +; Issue a PHP warning for each failed assertion. (Overridden by assert.exception if active) +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; This affects mb_send_mail() and mbstring.detect_order. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; internal/script encoding. +; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*) +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;mbstring.internal_encoding = + +; Use of this INI entry is deprecated, use global input_encoding instead. +; http input encoding. +; mbstring.encoding_traslation = On is needed to use this setting. +; If empty, default_charset or input_encoding or mbstring.input is used. +; The precedence is: default_charset < intput_encoding < mbsting.http_input +; http://php.net/mbstring.http-input +;mbstring.http_input = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; http output encoding. +; mb_output_handler must be registered as output buffer to function. +; If empty, default_charset or output_encoding or mbstring.http_output is used. +; The precedence is: default_charset < output_encoding < mbstring.http_output +; To use an output encoding conversion, mbstring's output handler must be set +; otherwise output encoding conversion cannot be performed. +; http://php.net/mbstring.http-output +;mbstring.http_output = + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; "auto" detect order is changed according to mbstring.language +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +; Default: Off +;mbstring.strict_detection = On + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 1 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[dba] +;dba.default_handler= + +[opcache] +; Determines if Zend OPCache is enabled +;opcache.enable=1 + +; Determines if Zend OPCache is enabled for the CLI version of PHP +;opcache.enable_cli=0 + +; The OPcache shared memory storage size. +;opcache.memory_consumption=128 + +; The amount of memory for interned strings in Mbytes. +;opcache.interned_strings_buffer=8 + +; The maximum number of keys (scripts) in the OPcache hash table. +; Only numbers between 200 and 1000000 are allowed. +;opcache.max_accelerated_files=10000 + +; The maximum percentage of "wasted" memory until a restart is scheduled. +;opcache.max_wasted_percentage=5 + +; When this directive is enabled, the OPcache appends the current working +; directory to the script key, thus eliminating possible collisions between +; files with the same name (basename). Disabling the directive improves +; performance, but may break existing applications. +;opcache.use_cwd=1 + +; When disabled, you must reset the OPcache manually or restart the +; webserver for changes to the filesystem to take effect. +;opcache.validate_timestamps=1 + +; How often (in seconds) to check file timestamps for changes to the shared +; memory storage allocation. ("1" means validate once per second, but only +; once per request. "0" means always validate) +;opcache.revalidate_freq=2 + +; Enables or disables file search in include_path optimization +;opcache.revalidate_path=0 + +; If disabled, all PHPDoc comments are dropped from the code to reduce the +; size of the optimized code. +;opcache.save_comments=1 + +; Allow file existence override (file_exists, etc.) performance feature. +;opcache.enable_file_override=0 + +; A bitmask, where each bit enables or disables the appropriate OPcache +; passes +;opcache.optimization_level=0xffffffff + +;opcache.inherited_hack=1 +;opcache.dups_fix=0 + +; The location of the OPcache blacklist file (wildcards allowed). +; Each OPcache blacklist file is a text file that holds the names of files +; that should not be accelerated. The file format is to add each filename +; to a new line. The filename may be a full path or just a file prefix +; (i.e., /var/www/x blacklists all the files and directories in /var/www +; that start with 'x'). Line starting with a ; are ignored (comments). +;opcache.blacklist_filename= + +; Allows exclusion of large files from being cached. By default all files +; are cached. +;opcache.max_file_size=0 + +; Check the cache checksum each N requests. +; The default value of "0" means that the checks are disabled. +;opcache.consistency_checks=0 + +; How long to wait (in seconds) for a scheduled restart to begin if the cache +; is not being accessed. +;opcache.force_restart_timeout=180 + +; OPcache error_log file name. Empty string assumes "stderr". +;opcache.error_log= + +; All OPcache errors go to the Web server log. +; By default, only fatal errors (level 0) or errors (level 1) are logged. +; You can also enable warnings (level 2), info messages (level 3) or +; debug messages (level 4). +;opcache.log_verbosity_level=1 + +; Preferred Shared Memory back-end. Leave empty and let the system decide. +;opcache.preferred_memory_model= + +; Protect the shared memory from unexpected writing during script execution. +; Useful for internal debugging only. +;opcache.protect_memory=0 + +; Allows calling OPcache API functions only from PHP scripts which path is +; started from specified string. The default "" means no restriction +;opcache.restrict_api= + +; Mapping base of shared memory segments (for Windows only). All the PHP +; processes have to map shared memory into the same address space. This +; directive allows to manually fix the "Unable to reattach to base address" +; errors. +;opcache.mmap_base= + +; Enables and sets the second level cache directory. +; It should improve performance when SHM memory is full, at server restart or +; SHM reset. The default "" disables file based caching. +;opcache.file_cache= + +; Enables or disables opcode caching in shared memory. +;opcache.file_cache_only=0 + +; Enables or disables checksum validation when script loaded from file cache. +;opcache.file_cache_consistency_checks=1 + +; Implies opcache.file_cache_only=1 for a certain process that failed to +; reattach to the shared memory (for Windows only). Explicitly enabled file +; cache is required. +;opcache.file_cache_fallback=1 + +; Enables or disables copying of PHP code (text segment) into HUGE PAGES. +; This should improve performance, but requires appropriate OS configuration. +;opcache.huge_code_pages=1 + +; Validate cached file permissions. +;opcache.validate_permission=0 + +; Prevent name collisions in chroot'ed environment. +;opcache.validate_root=0 + +; If specified, it produces opcode dumps for debugging different stages of +; optimizations. +;opcache.opt_debug_level=0 + +[curl] +; A default value for the CURLOPT_CAINFO option. This is required to be an +; absolute path. +;curl.cainfo = + +[openssl] +; The location of a Certificate Authority (CA) file on the local filesystem +; to use when verifying the identity of SSL/TLS peers. Most users should +; not specify a value for this directive as PHP will attempt to use the +; OS-managed cert stores in its absence. If specified, this value may still +; be overridden on a per-stream basis via the "cafile" SSL stream context +; option. +;openssl.cafile= + +; If openssl.cafile is not specified or if the CA file is not found, the +; directory pointed to by openssl.capath is searched for a suitable +; certificate. This value must be a correctly hashed certificate directory. +; Most users should not specify a value for this directive as PHP will +; attempt to use the OS-managed cert stores in its absence. If specified, +; this value may still be overridden on a per-stream basis via the "capath" +; SSL stream context option. +;openssl.capath= + +; Local Variables: +; tab-width: 4 +; End: diff --git a/conf/php/php-fpm.d/conf-7.3/php-fpm.conf b/conf/php/php-fpm.d/conf-7.3/php-fpm.conf new file mode 100644 index 00000000..3137d24d --- /dev/null +++ b/conf/php/php-fpm.d/conf-7.3/php-fpm.conf @@ -0,0 +1,143 @@ +;;;;;;;;;;;;;;;;;;;;; +; FPM Configuration ; +;;;;;;;;;;;;;;;;;;;;; + +; All relative paths in this configuration file are relative to PHP's install +; prefix (/usr/local). This prefix can be dynamically changed by using the +; '-p' argument from the command line. + +;;;;;;;;;;;;;;;;;; +; Global Options ; +;;;;;;;;;;;;;;;;;; + +[global] +; Pid file +; Note: the default prefix is /usr/local/var +; Default Value: none +;pid = run/php-fpm.pid + +; Error log file +; If it's set to "syslog", log is sent to syslogd instead of being written +; into a local file. +; Note: the default prefix is /usr/local/var +; Default Value: log/php-fpm.log +;error_log = log/php-fpm.log + +; syslog_facility is used to specify what type of program is logging the +; message. This lets syslogd specify that messages from different facilities +; will be handled differently. +; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON) +; Default Value: daemon +;syslog.facility = daemon + +; syslog_ident is prepended to every message. If you have multiple FPM +; instances running on the same server, you can change the default value +; which must suit common needs. +; Default Value: php-fpm +;syslog.ident = php-fpm + +; Log level +; Possible Values: alert, error, warning, notice, debug +; Default Value: notice +;log_level = notice + +; Log limit on number of characters in the single line (log entry). If the +; line is over the limit, it is wrapped on multiple lines. The limit is for +; all logged characters including message prefix and suffix if present. However +; the new line character does not count into it as it is present only when +; logging to a file descriptor. It means the new line character is not present +; when logging to syslog. +; Default Value: 1024 +;log_limit = 4096 + +; Log buffering specifies if the log line is buffered which means that the +; line is written in a single write operation. If the value is false, then the +; data is written directly into the file descriptor. It is an experimental +; option that can potentionaly improve logging performance and memory usage +; for some heavy logging scenarios. This option is ignored if logging to syslog +; as it has to be always buffered. +; Default value: yes +;log_buffering = no + +; If this number of child processes exit with SIGSEGV or SIGBUS within the time +; interval set by emergency_restart_interval then FPM will restart. A value +; of '0' means 'Off'. +; Default Value: 0 +;emergency_restart_threshold = 0 + +; Interval of time used by emergency_restart_interval to determine when +; a graceful restart will be initiated. This can be useful to work around +; accidental corruptions in an accelerator's shared memory. +; Available Units: s(econds), m(inutes), h(ours), or d(ays) +; Default Unit: seconds +; Default Value: 0 +;emergency_restart_interval = 0 + +; Time limit for child processes to wait for a reaction on signals from master. +; Available units: s(econds), m(inutes), h(ours), or d(ays) +; Default Unit: seconds +; Default Value: 0 +;process_control_timeout = 0 + +; The maximum number of processes FPM will fork. This has been designed to control +; the global number of processes when using dynamic PM within a lot of pools. +; Use it with caution. +; Note: A value of 0 indicates no limit +; Default Value: 0 +; process.max = 128 + +; Specify the nice(2) priority to apply to the master process (only if set) +; The value can vary from -19 (highest priority) to 20 (lowest priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool process will inherit the master process priority +; unless specified otherwise +; Default Value: no set +; process.priority = -19 + +; Send FPM to background. Set to 'no' to keep FPM in foreground for debugging. +; Default Value: yes +;daemonize = yes + +; Set open file descriptor rlimit for the master process. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit for the master process. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Specify the event mechanism FPM will use. The following is available: +; - select (any POSIX os) +; - poll (any POSIX os) +; - epoll (linux >= 2.5.44) +; - kqueue (FreeBSD >= 4.1, OpenBSD >= 2.9, NetBSD >= 2.0) +; - /dev/poll (Solaris >= 7) +; - port (Solaris >= 10) +; Default Value: not set (auto detection) +;events.mechanism = epoll + +; When FPM is built with systemd integration, specify the interval, +; in seconds, between health report notification to systemd. +; Set to 0 to disable. +; Available Units: s(econds), m(inutes), h(ours) +; Default Unit: seconds +; Default value: 10 +;systemd_interval = 10 + +;;;;;;;;;;;;;;;;;;;; +; Pool Definitions ; +;;;;;;;;;;;;;;;;;;;; + +; Multiple pools of child processes may be started with different listening +; ports and different management options. The name of the pool will be +; used in logs and stats. There is no limitation on the number of pools which +; FPM can handle. Your system will tell you anyway :) + +; Include one or more files. If glob(3) exists, it is used to include a bunch of +; files from a glob(3) pattern. This directive can be used everywhere in the +; file. +; Relative path can also be used. They will be prefixed by: +; - the global prefix if it's been set (-p argument) +; - /usr/local otherwise +include=etc/php-fpm.d/*.conf diff --git a/conf/php/php-fpm.d/conf-7.3/php-fpm.d/docker.conf b/conf/php/php-fpm.d/conf-7.3/php-fpm.d/docker.conf new file mode 100644 index 00000000..5b0f01cf --- /dev/null +++ b/conf/php/php-fpm.d/conf-7.3/php-fpm.d/docker.conf @@ -0,0 +1,15 @@ +[global] +error_log = /proc/self/fd/2 + +; https://github.com/docker-library/php/pull/725#issuecomment-443540114 +log_limit = 8192 + +[www] +; if we send this to /proc/self/fd/1, it never appears +access.log = /proc/self/fd/2 + +clear_env = no + +; Ensure worker stdout and stderr are sent to the main error log. +catch_workers_output = yes +decorate_workers_output = no diff --git a/conf/php/php-fpm.d/conf-7.3/php-fpm.d/www.conf b/conf/php/php-fpm.d/conf-7.3/php-fpm.d/www.conf new file mode 100644 index 00000000..d5661c9e --- /dev/null +++ b/conf/php/php-fpm.d/conf-7.3/php-fpm.d/www.conf @@ -0,0 +1,430 @@ +; Start a new pool named 'www'. +; the variable $pool can be used in any directive and will be replaced by the +; pool name ('www' here) +[www] + +; Per pool prefix +; It only applies on the following directives: +; - 'access.log' +; - 'slowlog' +; - 'listen' (unixsocket) +; - 'chroot' +; - 'chdir' +; - 'php_values' +; - 'php_admin_values' +; When not set, the global prefix (or NONE) applies instead. +; Note: This directive can also be relative to the global prefix. +; Default Value: none +;prefix = /path/to/pools/$pool + +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +user = www-data +group = www-data + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on +; a specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +listen = 127.0.0.1:9000 + +; Set listen(2) backlog. +; Default Value: 511 (-1 on FreeBSD and OpenBSD) +;listen.backlog = 511 + +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. +; Default Values: user and group are set as the running user +; mode is set to 0660 +;listen.owner = www-data +;listen.group = www-data +;listen.mode = 0660 +; When POSIX Access Control Lists are supported you can set them using +; these options, value is a comma separated list of user/group names. +; When set, listen.owner and listen.group are ignored +;listen.acl_users = +;listen.acl_groups = + +; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. +; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original +; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address +; must be separated by a comma. If this value is left blank, connections will be +; accepted from any ip address. +; Default Value: any +;listen.allowed_clients = 127.0.0.1 + +; Specify the nice(2) priority to apply to the pool processes (only if set) +; The value can vary from -19 (highest priority) to 20 (lower priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool processes will inherit the master process priority +; unless it specified otherwise +; Default Value: no set +; process.priority = -19 + +; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user +; or group is differrent than the master process user. It allows to create process +; core dump and ptrace the process for the pool user. +; Default Value: no +; process.dumpable = yes + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives. With this process management, there will be +; always at least 1 children. +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; ondemand - no children are created at startup. Children will be forked when +; new requests will connect. The following parameter are used: +; pm.max_children - the maximum number of children that +; can be alive at the same time. +; pm.process_idle_timeout - The number of seconds after which +; an idle process will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. The below defaults are based on a server without much resources. Don't +; forget to tweak pm.* to fit your needs. +; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' +; Note: This value is mandatory. +pm.max_children = 5 + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 +pm.start_servers = 2 + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.min_spare_servers = 1 + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.max_spare_servers = 3 + +; The number of seconds after which an idle process will be killed. +; Note: Used only when pm is set to 'ondemand' +; Default Value: 10s +;pm.process_idle_timeout = 10s; + +; The number of requests each child process should execute before respawning. +; This can be useful to work around memory leaks in 3rd party libraries. For +; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. +; Default Value: 0 +;pm.max_requests = 500 + +; The URI to view the FPM status page. If this value is not set, no URI will be +; recognized as a status page. It shows the following informations: +; pool - the name of the pool; +; process manager - static, dynamic or ondemand; +; start time - the date and time FPM has started; +; start since - number of seconds since FPM has started; +; accepted conn - the number of request accepted by the pool; +; listen queue - the number of request in the queue of pending +; connections (see backlog in listen(2)); +; max listen queue - the maximum number of requests in the queue +; of pending connections since FPM has started; +; listen queue len - the size of the socket queue of pending connections; +; idle processes - the number of idle processes; +; active processes - the number of active processes; +; total processes - the number of idle + active processes; +; max active processes - the maximum number of active processes since FPM +; has started; +; max children reached - number of times, the process limit has been reached, +; when pm tries to start more children (works only for +; pm 'dynamic' and 'ondemand'); +; Value are updated in real time. +; Example output: +; pool: www +; process manager: static +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 62636 +; accepted conn: 190460 +; listen queue: 0 +; max listen queue: 1 +; listen queue len: 42 +; idle processes: 4 +; active processes: 11 +; total processes: 15 +; max active processes: 12 +; max children reached: 0 +; +; By default the status page output is formatted as text/plain. Passing either +; 'html', 'xml' or 'json' in the query string will return the corresponding +; output syntax. Example: +; http://www.foo.bar/status +; http://www.foo.bar/status?json +; http://www.foo.bar/status?html +; http://www.foo.bar/status?xml +; +; By default the status page only outputs short status. Passing 'full' in the +; query string will also return status for each pool process. +; Example: +; http://www.foo.bar/status?full +; http://www.foo.bar/status?json&full +; http://www.foo.bar/status?html&full +; http://www.foo.bar/status?xml&full +; The Full status returns for each process: +; pid - the PID of the process; +; state - the state of the process (Idle, Running, ...); +; start time - the date and time the process has started; +; start since - the number of seconds since the process has started; +; requests - the number of requests the process has served; +; request duration - the duration in µs of the requests; +; request method - the request method (GET, POST, ...); +; request URI - the request URI with the query string; +; content length - the content length of the request (only with POST); +; user - the user (PHP_AUTH_USER) (or '-' if not set); +; script - the main script called (or '-' if not set); +; last request cpu - the %cpu the last request consumed +; it's always 0 if the process is not in Idle state +; because CPU calculation is done when the request +; processing has terminated; +; last request memory - the max amount of memory the last request consumed +; it's always 0 if the process is not in Idle state +; because memory calculation is done when the request +; processing has terminated; +; If the process is in Idle state, then informations are related to the +; last request the process has served. Otherwise informations are related to +; the current request being served. +; Example output: +; ************************ +; pid: 31330 +; state: Running +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 63087 +; requests: 12808 +; request duration: 1250261 +; request method: GET +; request URI: /test_mem.php?N=10000 +; content length: 0 +; user: - +; script: /home/fat/web/docs/php/test_mem.php +; last request cpu: 0.00 +; last request memory: 0 +; +; Note: There is a real-time FPM status monitoring sample web page available +; It's available in: /usr/local/share/php/fpm/status.html +; +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;pm.status_path = /status + +; The ping URI to call the monitoring page of FPM. If this value is not set, no +; URI will be recognized as a ping page. This could be used to test from outside +; that FPM is alive and responding, or to +; - create a graph of FPM availability (rrd or such); +; - remove a server from a group if it is not responding (load balancing); +; - trigger alerts for the operating team (24/7). +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;ping.path = /ping + +; This directive may be used to customize the response of a ping request. The +; response is formatted as text/plain with a 200 response code. +; Default Value: pong +;ping.response = pong + +; The access log file +; Default: not set +;access.log = log/$pool.access.log + +; The access log format. +; The following syntax is allowed +; %%: the '%' character +; %C: %CPU used by the request +; it can accept the following format: +; - %{user}C for user CPU only +; - %{system}C for system CPU only +; - %{total}C for user + system CPU (default) +; %d: time taken to serve the request +; it can accept the following format: +; - %{seconds}d (default) +; - %{miliseconds}d +; - %{mili}d +; - %{microseconds}d +; - %{micro}d +; %e: an environment variable (same as $_ENV or $_SERVER) +; it must be associated with embraces to specify the name of the env +; variable. Some exemples: +; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e +; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e +; %f: script filename +; %l: content-length of the request (for POST request only) +; %m: request method +; %M: peak of memory allocated by PHP +; it can accept the following format: +; - %{bytes}M (default) +; - %{kilobytes}M +; - %{kilo}M +; - %{megabytes}M +; - %{mega}M +; %n: pool name +; %o: output header +; it must be associated with embraces to specify the name of the header: +; - %{Content-Type}o +; - %{X-Powered-By}o +; - %{Transfert-Encoding}o +; - .... +; %p: PID of the child that serviced the request +; %P: PID of the parent of the child that serviced the request +; %q: the query string +; %Q: the '?' character if query string exists +; %r: the request URI (without the query string, see %q and %Q) +; %R: remote IP address +; %s: status (response code) +; %t: server time the request was received +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %T: time the log has been written (the request has finished) +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %u: remote user +; +; Default: "%R - %u %t \"%m %r\" %s" +;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +;slowlog = log/$pool.log.slow + +; The timeout for serving a single request after which a PHP backtrace will be +; dumped to the 'slowlog' file. A value of '0s' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_slowlog_timeout = 0 + +; Depth of slow log stack trace. +; Default Value: 20 +;request_slowlog_trace_depth = 20 + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_terminate_timeout = 0 + +; Set open file descriptor rlimit. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Chroot to this directory at the start. This value must be defined as an +; absolute path. When this value is not set, chroot is not used. +; Note: you can prefix with '$prefix' to chroot to the pool prefix or one +; of its subdirectories. If the pool prefix is not set, the global prefix +; will be used instead. +; Note: chrooting is a great security feature and should be used whenever +; possible. However, all PHP paths will be relative to the chroot +; (error_log, sessions.save_path, ...). +; Default Value: not set +;chroot = + +; Chdir to this directory at the start. +; Note: relative path can be used. +; Default Value: current directory or / when chroot +;chdir = /var/www + +; Redirect worker stdout and stderr into main error log. If not set, stdout and +; stderr will be redirected to /dev/null according to FastCGI specs. +; Note: on highloaded environement, this can cause some delay in the page +; process time (several ms). +; Default Value: no +;catch_workers_output = yes + +; Decorate worker output with prefix and suffix containing information about +; the child that writes to the log and if stdout or stderr is used as well as +; log level and time. This options is used only if catch_workers_output is yes. +; Settings to "no" will output data as written to the stdout or stderr. +; Default value: yes +;decorate_workers_output = no + +; Clear environment in FPM workers +; Prevents arbitrary environment variables from reaching FPM worker processes +; by clearing the environment in workers before env vars specified in this +; pool configuration are added. +; Setting to "no" will make all environment variables available to PHP code +; via getenv(), $_ENV and $_SERVER. +; Default Value: yes +;clear_env = no + +; Limits the extensions of the main script FPM will allow to parse. This can +; prevent configuration mistakes on the web server side. You should only limit +; FPM to .php extensions to prevent malicious users to use other extensions to +; execute php code. +; Note: set an empty value to allow all extensions. +; Default Value: .php +;security.limit_extensions = .php .php3 .php4 .php5 .php7 + +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from +; the current environment. +; Default Value: clean env +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /tmp +;env[TMPDIR] = /tmp +;env[TEMP] = /tmp + +; Additional php.ini defines, specific to this pool of workers. These settings +; overwrite the values previously defined in the php.ini. The directives are the +; same as the PHP SAPI: +; php_value/php_flag - you can set classic ini defines which can +; be overwritten from PHP call 'ini_set'. +; php_admin_value/php_admin_flag - these directives won't be overwritten by +; PHP call 'ini_set' +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. + +; Defining 'extension' will load the corresponding shared extension from +; extension_dir. Defining 'disable_functions' or 'disable_classes' will not +; overwrite previously defined php.ini values, but will append the new value +; instead. + +; Note: path INI options can be relative and will be expanded with the prefix +; (pool, global or /usr/local) + +; Default Value: nothing is defined by default except the values in php.ini and +; specified at startup with the -d argument +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com +;php_flag[display_errors] = off +;php_admin_value[error_log] = /var/log/fpm-php.www.log +;php_admin_flag[log_errors] = on +;php_admin_value[memory_limit] = 32M diff --git a/conf/php/php-fpm.d/conf-7.3/php-fpm.d/www.conf.default b/conf/php/php-fpm.d/conf-7.3/php-fpm.d/www.conf.default new file mode 100644 index 00000000..d5661c9e --- /dev/null +++ b/conf/php/php-fpm.d/conf-7.3/php-fpm.d/www.conf.default @@ -0,0 +1,430 @@ +; Start a new pool named 'www'. +; the variable $pool can be used in any directive and will be replaced by the +; pool name ('www' here) +[www] + +; Per pool prefix +; It only applies on the following directives: +; - 'access.log' +; - 'slowlog' +; - 'listen' (unixsocket) +; - 'chroot' +; - 'chdir' +; - 'php_values' +; - 'php_admin_values' +; When not set, the global prefix (or NONE) applies instead. +; Note: This directive can also be relative to the global prefix. +; Default Value: none +;prefix = /path/to/pools/$pool + +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +user = www-data +group = www-data + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on +; a specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +listen = 127.0.0.1:9000 + +; Set listen(2) backlog. +; Default Value: 511 (-1 on FreeBSD and OpenBSD) +;listen.backlog = 511 + +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. +; Default Values: user and group are set as the running user +; mode is set to 0660 +;listen.owner = www-data +;listen.group = www-data +;listen.mode = 0660 +; When POSIX Access Control Lists are supported you can set them using +; these options, value is a comma separated list of user/group names. +; When set, listen.owner and listen.group are ignored +;listen.acl_users = +;listen.acl_groups = + +; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. +; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original +; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address +; must be separated by a comma. If this value is left blank, connections will be +; accepted from any ip address. +; Default Value: any +;listen.allowed_clients = 127.0.0.1 + +; Specify the nice(2) priority to apply to the pool processes (only if set) +; The value can vary from -19 (highest priority) to 20 (lower priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool processes will inherit the master process priority +; unless it specified otherwise +; Default Value: no set +; process.priority = -19 + +; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user +; or group is differrent than the master process user. It allows to create process +; core dump and ptrace the process for the pool user. +; Default Value: no +; process.dumpable = yes + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives. With this process management, there will be +; always at least 1 children. +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; ondemand - no children are created at startup. Children will be forked when +; new requests will connect. The following parameter are used: +; pm.max_children - the maximum number of children that +; can be alive at the same time. +; pm.process_idle_timeout - The number of seconds after which +; an idle process will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. The below defaults are based on a server without much resources. Don't +; forget to tweak pm.* to fit your needs. +; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' +; Note: This value is mandatory. +pm.max_children = 5 + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 +pm.start_servers = 2 + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.min_spare_servers = 1 + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.max_spare_servers = 3 + +; The number of seconds after which an idle process will be killed. +; Note: Used only when pm is set to 'ondemand' +; Default Value: 10s +;pm.process_idle_timeout = 10s; + +; The number of requests each child process should execute before respawning. +; This can be useful to work around memory leaks in 3rd party libraries. For +; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. +; Default Value: 0 +;pm.max_requests = 500 + +; The URI to view the FPM status page. If this value is not set, no URI will be +; recognized as a status page. It shows the following informations: +; pool - the name of the pool; +; process manager - static, dynamic or ondemand; +; start time - the date and time FPM has started; +; start since - number of seconds since FPM has started; +; accepted conn - the number of request accepted by the pool; +; listen queue - the number of request in the queue of pending +; connections (see backlog in listen(2)); +; max listen queue - the maximum number of requests in the queue +; of pending connections since FPM has started; +; listen queue len - the size of the socket queue of pending connections; +; idle processes - the number of idle processes; +; active processes - the number of active processes; +; total processes - the number of idle + active processes; +; max active processes - the maximum number of active processes since FPM +; has started; +; max children reached - number of times, the process limit has been reached, +; when pm tries to start more children (works only for +; pm 'dynamic' and 'ondemand'); +; Value are updated in real time. +; Example output: +; pool: www +; process manager: static +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 62636 +; accepted conn: 190460 +; listen queue: 0 +; max listen queue: 1 +; listen queue len: 42 +; idle processes: 4 +; active processes: 11 +; total processes: 15 +; max active processes: 12 +; max children reached: 0 +; +; By default the status page output is formatted as text/plain. Passing either +; 'html', 'xml' or 'json' in the query string will return the corresponding +; output syntax. Example: +; http://www.foo.bar/status +; http://www.foo.bar/status?json +; http://www.foo.bar/status?html +; http://www.foo.bar/status?xml +; +; By default the status page only outputs short status. Passing 'full' in the +; query string will also return status for each pool process. +; Example: +; http://www.foo.bar/status?full +; http://www.foo.bar/status?json&full +; http://www.foo.bar/status?html&full +; http://www.foo.bar/status?xml&full +; The Full status returns for each process: +; pid - the PID of the process; +; state - the state of the process (Idle, Running, ...); +; start time - the date and time the process has started; +; start since - the number of seconds since the process has started; +; requests - the number of requests the process has served; +; request duration - the duration in µs of the requests; +; request method - the request method (GET, POST, ...); +; request URI - the request URI with the query string; +; content length - the content length of the request (only with POST); +; user - the user (PHP_AUTH_USER) (or '-' if not set); +; script - the main script called (or '-' if not set); +; last request cpu - the %cpu the last request consumed +; it's always 0 if the process is not in Idle state +; because CPU calculation is done when the request +; processing has terminated; +; last request memory - the max amount of memory the last request consumed +; it's always 0 if the process is not in Idle state +; because memory calculation is done when the request +; processing has terminated; +; If the process is in Idle state, then informations are related to the +; last request the process has served. Otherwise informations are related to +; the current request being served. +; Example output: +; ************************ +; pid: 31330 +; state: Running +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 63087 +; requests: 12808 +; request duration: 1250261 +; request method: GET +; request URI: /test_mem.php?N=10000 +; content length: 0 +; user: - +; script: /home/fat/web/docs/php/test_mem.php +; last request cpu: 0.00 +; last request memory: 0 +; +; Note: There is a real-time FPM status monitoring sample web page available +; It's available in: /usr/local/share/php/fpm/status.html +; +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;pm.status_path = /status + +; The ping URI to call the monitoring page of FPM. If this value is not set, no +; URI will be recognized as a ping page. This could be used to test from outside +; that FPM is alive and responding, or to +; - create a graph of FPM availability (rrd or such); +; - remove a server from a group if it is not responding (load balancing); +; - trigger alerts for the operating team (24/7). +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;ping.path = /ping + +; This directive may be used to customize the response of a ping request. The +; response is formatted as text/plain with a 200 response code. +; Default Value: pong +;ping.response = pong + +; The access log file +; Default: not set +;access.log = log/$pool.access.log + +; The access log format. +; The following syntax is allowed +; %%: the '%' character +; %C: %CPU used by the request +; it can accept the following format: +; - %{user}C for user CPU only +; - %{system}C for system CPU only +; - %{total}C for user + system CPU (default) +; %d: time taken to serve the request +; it can accept the following format: +; - %{seconds}d (default) +; - %{miliseconds}d +; - %{mili}d +; - %{microseconds}d +; - %{micro}d +; %e: an environment variable (same as $_ENV or $_SERVER) +; it must be associated with embraces to specify the name of the env +; variable. Some exemples: +; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e +; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e +; %f: script filename +; %l: content-length of the request (for POST request only) +; %m: request method +; %M: peak of memory allocated by PHP +; it can accept the following format: +; - %{bytes}M (default) +; - %{kilobytes}M +; - %{kilo}M +; - %{megabytes}M +; - %{mega}M +; %n: pool name +; %o: output header +; it must be associated with embraces to specify the name of the header: +; - %{Content-Type}o +; - %{X-Powered-By}o +; - %{Transfert-Encoding}o +; - .... +; %p: PID of the child that serviced the request +; %P: PID of the parent of the child that serviced the request +; %q: the query string +; %Q: the '?' character if query string exists +; %r: the request URI (without the query string, see %q and %Q) +; %R: remote IP address +; %s: status (response code) +; %t: server time the request was received +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %T: time the log has been written (the request has finished) +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %u: remote user +; +; Default: "%R - %u %t \"%m %r\" %s" +;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +;slowlog = log/$pool.log.slow + +; The timeout for serving a single request after which a PHP backtrace will be +; dumped to the 'slowlog' file. A value of '0s' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_slowlog_timeout = 0 + +; Depth of slow log stack trace. +; Default Value: 20 +;request_slowlog_trace_depth = 20 + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_terminate_timeout = 0 + +; Set open file descriptor rlimit. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Chroot to this directory at the start. This value must be defined as an +; absolute path. When this value is not set, chroot is not used. +; Note: you can prefix with '$prefix' to chroot to the pool prefix or one +; of its subdirectories. If the pool prefix is not set, the global prefix +; will be used instead. +; Note: chrooting is a great security feature and should be used whenever +; possible. However, all PHP paths will be relative to the chroot +; (error_log, sessions.save_path, ...). +; Default Value: not set +;chroot = + +; Chdir to this directory at the start. +; Note: relative path can be used. +; Default Value: current directory or / when chroot +;chdir = /var/www + +; Redirect worker stdout and stderr into main error log. If not set, stdout and +; stderr will be redirected to /dev/null according to FastCGI specs. +; Note: on highloaded environement, this can cause some delay in the page +; process time (several ms). +; Default Value: no +;catch_workers_output = yes + +; Decorate worker output with prefix and suffix containing information about +; the child that writes to the log and if stdout or stderr is used as well as +; log level and time. This options is used only if catch_workers_output is yes. +; Settings to "no" will output data as written to the stdout or stderr. +; Default value: yes +;decorate_workers_output = no + +; Clear environment in FPM workers +; Prevents arbitrary environment variables from reaching FPM worker processes +; by clearing the environment in workers before env vars specified in this +; pool configuration are added. +; Setting to "no" will make all environment variables available to PHP code +; via getenv(), $_ENV and $_SERVER. +; Default Value: yes +;clear_env = no + +; Limits the extensions of the main script FPM will allow to parse. This can +; prevent configuration mistakes on the web server side. You should only limit +; FPM to .php extensions to prevent malicious users to use other extensions to +; execute php code. +; Note: set an empty value to allow all extensions. +; Default Value: .php +;security.limit_extensions = .php .php3 .php4 .php5 .php7 + +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from +; the current environment. +; Default Value: clean env +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /tmp +;env[TMPDIR] = /tmp +;env[TEMP] = /tmp + +; Additional php.ini defines, specific to this pool of workers. These settings +; overwrite the values previously defined in the php.ini. The directives are the +; same as the PHP SAPI: +; php_value/php_flag - you can set classic ini defines which can +; be overwritten from PHP call 'ini_set'. +; php_admin_value/php_admin_flag - these directives won't be overwritten by +; PHP call 'ini_set' +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. + +; Defining 'extension' will load the corresponding shared extension from +; extension_dir. Defining 'disable_functions' or 'disable_classes' will not +; overwrite previously defined php.ini values, but will append the new value +; instead. + +; Note: path INI options can be relative and will be expanded with the prefix +; (pool, global or /usr/local) + +; Default Value: nothing is defined by default except the values in php.ini and +; specified at startup with the -d argument +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com +;php_flag[display_errors] = off +;php_admin_value[error_log] = /var/log/fpm-php.www.log +;php_admin_flag[log_errors] = on +;php_admin_value[memory_limit] = 32M diff --git a/conf/php/php-fpm.d/conf-7.3/php-fpm.d/zz-docker.conf b/conf/php/php-fpm.d/conf-7.3/php-fpm.d/zz-docker.conf new file mode 100644 index 00000000..e0590d8f --- /dev/null +++ b/conf/php/php-fpm.d/conf-7.3/php-fpm.d/zz-docker.conf @@ -0,0 +1,5 @@ +[global] +daemonize = no + +[www] +listen = 9000 diff --git a/conf/php/php-fpm.d/conf-7.3/php.ini b/conf/php/php-fpm.d/conf-7.3/php.ini new file mode 100644 index 00000000..656ae673 --- /dev/null +++ b/conf/php/php-fpm.d/conf-7.3/php.ini @@ -0,0 +1,1949 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (usually C:\windows) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it is +; much more verbose when it comes to errors. We recommend using the +; development version only in development environments, as errors shown to +; application users can inadvertently leak otherwise secure information. + +; This is the php.ini-production INI file. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT + +; html_errors +; Default Value: On +; Development Value: On +; Production value: On + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.sid_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to an empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It is +; generally recommended that should be used and that this feature +; should be disabled, as enabling it may result in issues when generating XML +; documents, however this remains supported for backward compatibility reasons. +; Note that this directive does not control the would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; Note: if open_basedir is set, the cache is disabled +; http://php.net/realpath-cache-size +;realpath_cache_size = 4096k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +; Enables or disables the circular reference collector. +; http://php.net/zend.enable-gc +zend.enable_gc = On + +; If enabled, scripts may be written in encodings that are incompatible with +; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such +; encodings. To use this feature, mbstring extension must be enabled. +; Default: Off +;zend.multibyte = Off + +; Allows to set the default encoding for the scripts. This value will be used +; unless "declare(encoding=...)" directive appears at the top of the script. +; Only affects if zend.multibyte is set. +; Default: "" +;zend.script_encoding = + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = On + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; How many GET/POST/COOKIE input variables may be accepted +;max_input_vars = 1000 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it is automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL (Show all errors, warnings and notices including coding standards.) +; E_ALL & ~E_NOTICE (Show all errors, except for notices) +; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT +; http://php.net/error-reporting +error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; For production environments, we recommend logging errors rather than +; sending them to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = Off + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. We strongly recommend you +; set this to 'off' for production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = Off + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; This directive is DEPRECATED. +; Default Value: Off +; Development Value: Off +; Production Value: Off +; http://php.net/track-errors +;track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of formatting the +; error message as HTML for easier reading. This directive controls whether +; the error message is formatted as HTML or not. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: On +; http://php.net/html-errors +html_errors = On + +; If html_errors is set to On *and* docref_root is not empty, then PHP +; produces clickable error messages that direct to a page describing the error +; or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty, in which +; case no links to documentation are generated. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on Windows). +;error_log = syslog + +; The syslog ident is a string which is prepended to every message logged +; to syslog. Only used when error_log is set to syslog. +;syslog.ident = php + +; The syslog facility is used to specify what type of program is logging +; the message. Only used when error_log is set to syslog. +;syslog.facility = user + +; Set this to disable filtering control characters (the default). +; Some loggers only accept NVT-ASCII, others accept anything that's not +; control characters. If your logger accepts everything, then no filtering +; is needed at all. +; Allowed values are: +; ascii (all printable ASCII characters and NL) +; no-ctrl (all characters except control characters) +; all (all characters) +; http://php.net/syslog.filter +;syslog.filter = ascii + +;windows.show_crt_warning +; Default value: 0 +; Development value: 0 +; Production value: 0 + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. G,P,C,E & S are abbreviations for the following respective super +; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty +; paid for the registration of these arrays and because ENV is not as commonly +; used as the others, ENV is not recommended on productions servers. You +; can still get access to the environment variables through getenv() should you +; need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P & C) should be +; registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive +; are specified in the same manner as the variables_order directive, +; EXCEPT one. Leaving this value empty will cause PHP to use the value set +; in the variables_order directive. It does not mean it will leave the super +; globals array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the ENV, REQUEST and SERVER variables are created when they're +; first used (Just In Time) instead of when the script starts. If these +; variables are not used within a script, having this directive on will result +; in a performance gain. The PHP directive register_argc_argv must be disabled +; for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Whether PHP will read the POST data. +; This option is enabled by default. +; Most likely, you won't want to disable this option globally. It causes $_POST +; and $_FILES to always be empty; the only way you will be able to read the +; POST data will be through the php://input stream wrapper. This can be useful +; to proxy requests or to process the POST data in a memory efficient fashion. +; http://php.net/enable-post-data-reading +;enable_post_data_reading = Off + +; Maximum size of POST data that PHP will accept. +; Its value may be 0 to disable the limit. It is ignored if POST data reading +; is disabled through enable_post_data_reading. +; http://php.net/post-max-size +post_max_size = 8M + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a media type using the Content-Type header. To +; disable this, simply set it to be empty. +; +; PHP's built-in default media type is set to text/html. +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to UTF-8. +; http://php.net/default-charset +default_charset = "UTF-8" + +; PHP internal character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/internal-encoding +;internal_encoding = + +; PHP input character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/input-encoding +;input_encoding = + +; PHP output character encoding is set to empty. +; If empty, default_charset is used. +; See also output_buffer. +; http://php.net/output-encoding +;output_encoding = + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +;include_path = ".:/php/includes" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +;extension_dir = "./" +; On windows: +;extension_dir = "ext" + +; Directory where the temporary files should be placed. +; Defaults to the system default (see sys_get_temp_dir) +;sys_temp_dir = "/tmp" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside +; of the web tree and people will not be able to circumvent .htaccess security. +;cgi.discard_path=1 + +; FastCGI under IIS supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1 + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If set to 0, PHP sends Status: header that +; is supported by Apache. When this option is set to 1, PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! +; (shebang) at the top of the running script. This line might be needed if the +; script support running both as stand-alone script and via PHP CGI<. PHP in CGI +; mode skips this line and ignores its content if this directive is turned on. +; http://php.net/cgi.check-shebang-line +;cgi.check_shebang_line=1 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = On + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename +; +; For example: +; +; extension=mysqli +; +; When the extension library to load is not located in the default extension +; directory, You may specify an absolute path to the library file: +; +; extension=/path/to/extension/mysqli.so +; +; Note : The syntax used in previous PHP versions ('extension=.so' and +; 'extension='php_.dll') is supported for legacy reasons and may be +; deprecated in a future PHP major version. So, when it is possible, please +; move to the new ('extension=) syntax. +; +; Notes for Windows environments : +; +; - Many DLL files are located in the extensions/ (PHP 4) or ext/ (PHP 5+) +; extension folders as well as the separate PECL DLL download (PHP 5+). +; Be sure to appropriately set the extension_dir directive. +; +;extension=bz2 +;extension=curl +;extension=fileinfo +;extension=gd2 +;extension=gettext +;extension=gmp +;extension=intl +;extension=imap +;extension=interbase +;extension=ldap +;extension=mbstring +;extension=exif ; Must be after mbstring as it depends on it +;extension=mysqli +;extension=oci8_12c ; Use with Oracle Database 12c Instant Client +;extension=odbc +;extension=openssl +;extension=pdo_firebird +;extension=pdo_mysql +;extension=pdo_oci +;extension=pdo_odbc +;extension=pdo_pgsql +;extension=pdo_sqlite +;extension=pgsql +;extension=shmop + +; The MIBS data available in the PHP distribution must be installed. +; See http://www.php.net/manual/en/snmp.installation.php +;extension=snmp + +;extension=soap +;extension=sockets +;extension=sodium +;extension=sqlite3 +;extension=tidy +;extension=xmlrpc +;extension=xsl + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[CLI Server] +; Whether the CLI web server uses ANSI color coding in its terminal output. +cli_server.color = On + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +; Use of this INI entry is deprecated, use global input_encoding instead. +; If empty, default_charset or input_encoding or iconv.input_encoding is used. +; The precedence is: default_charset < input_encoding < iconv.input_encoding +;iconv.input_encoding = + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;iconv.internal_encoding = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; If empty, default_charset or output_encoding or iconv.output_encoding is used. +; The precedence is: default_charset < output_encoding < iconv.output_encoding +; To use an output encoding conversion, iconv's output handler must be set +; otherwise output encoding conversion cannot be performed. +;iconv.output_encoding = + +[imap] +; rsh/ssh logins are disabled by default. Use this INI entry if you want to +; enable them. Note that the IMAP library does not filter mailbox names before +; passing them to rsh/ssh command, thus passing untrusted data to this function +; with rsh/ssh enabled is insecure. +;imap.enable_insecure_rsh=0 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING +;intl.use_exceptions = 0 + +[sqlite3] +; Directory pointing to SQLite3 extensions +; http://php.net/sqlite3.extension-dir +;sqlite3.extension_dir = + +; SQLite defensive mode flag (only available from SQLite 3.26+) +; When the defensive flag is enabled, language features that allow ordinary +; SQL to deliberately corrupt the database file are disabled. This forbids +; writing directly to the schema, shadow tables (eg. FTS data tables), or +; the sqlite_dbpage virtual table. +; https://www.sqlite.org/c3ref/c_dbconfig_defensive.html +; (for older SQLite versions, this flag has no use) +;sqlite3.defensive = 1 + +[Pcre] +; PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +; PCRE library recursion limit. +; Please note that if you set this value to a high number you may consume all +; the available process stack and eventually crash PHP (due to reaching the +; stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +; Enables or disables JIT compilation of patterns. This requires the PCRE +; library to be compiled with JIT support. +;pcre.jit=1 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(). +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = Off + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = +; Log mail to syslog (Event Log on Windows). +;mail.log = syslog + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +mysqlnd.collect_memory_statistics = Off + +; Records communication from all extensions using mysqlnd to the specified log +; file. +; http://php.net/mysqlnd.debug +;mysqlnd.debug = + +; Defines which queries will be logged. +;mysqlnd.log_mask = 0 + +; Default size of the mysqlnd memory pool, which is used by result sets. +;mysqlnd.mempool_default_size = 16000 + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +;mysqlnd.net_read_buffer_size = 32768 + +; Timeout for network requests in seconds. +;mysqlnd.net_read_timeout = 31536000 + +; SHA-256 Authentication Plugin related. File with the MySQL server public RSA +; key. +;mysqlnd.sha256_server_public_key = + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgreSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if +; your OS has problems with many files in one directory, and is +; a more efficient layout for servers that handle many sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +;session.save_path = "/tmp" + +; Whether to use strict session mode. +; Strict session mode does not accept an uninitialized session ID, and +; regenerates the session ID if the browser sends an uninitialized session ID. +; Strict mode protects applications from session fixation via a session adoption +; vulnerability. It is disabled by default for maximum compatibility, but +; enabling it is encouraged. +; https://wiki.php.net/rfc/strict_sessions +session.use_strict_mode = 0 + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combating +; session hijacking when not specifying and managing your own session id. It is +; not the be-all and end-all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it +; inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Add SameSite attribute to cookie to help mitigate Cross-Site Request Forgery (CSRF/XSRF) +; Current valid values are "Lax" or "Strict" +; https://tools.ietf.org/html/draft-west-first-party-cookies-07 +session.cookie_samesite = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any given request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 100 +; when the session.gc_probability value is 1 will give you approximately a 1% chance +; the gc will run on any given request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any given request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 -type f | xargs rm + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users' security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publicly accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Set session ID character length. This value could be between 22 to 256. +; Shorter length than default is supported only for compatibility reason. +; Users should use 32 or more chars. +; http://php.net/session.sid-length +; Default Value: 32 +; Development Value: 26 +; Production Value: 26 +session.sid_length = 26 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; is special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. tag's action attribute URL will not be modified +; unless it is specified. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=" +; Development Value: "a=href,area=href,frame=src,form=" +; Production Value: "a=href,area=href,frame=src,form=" +; http://php.net/url-rewriter.tags +session.trans_sid_tags = "a=href,area=href,frame=src,form=" + +; URL rewriter does not rewrite absolute URLs by default. +; To enable rewrites for absolute paths, target hosts must be specified +; at RUNTIME. i.e. use ini_set() +; tags is special. PHP will check action attribute's URL regardless +; of session.trans_sid_tags setting. +; If no host is defined, HTTP_HOST will be used for allowed host. +; Example value: php.net,www.php.net,wiki.php.net +; Use "," for multiple hosts. No spaces are allowed. +; Default Value: "" +; Development Value: "" +; Production Value: "" +;session.trans_sid_hosts="" + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.sid_bits_per_character = 5 + +; Enable upload progress tracking in $_SESSION +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.enabled +;session.upload_progress.enabled = On + +; Cleanup the progress information as soon as all POST data has been read +; (i.e. upload completed). +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.cleanup +;session.upload_progress.cleanup = On + +; A prefix used for the upload progress key in $_SESSION +; Default Value: "upload_progress_" +; Development Value: "upload_progress_" +; Production Value: "upload_progress_" +; http://php.net/session.upload-progress.prefix +;session.upload_progress.prefix = "upload_progress_" + +; The index name (concatenated with the prefix) in $_SESSION +; containing the upload progress information +; Default Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Development Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Production Value: "PHP_SESSION_UPLOAD_PROGRESS" +; http://php.net/session.upload-progress.name +;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" + +; How frequently the upload progress should be updated. +; Given either in percentages (per-file), or in bytes +; Default Value: "1%" +; Development Value: "1%" +; Production Value: "1%" +; http://php.net/session.upload-progress.freq +;session.upload_progress.freq = "1%" + +; The minimum delay between updates, in seconds +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.upload-progress.min-freq +;session.upload_progress.min_freq = "1" + +; Only write session data when session data is changed. Enabled by default. +; http://php.net/session.lazy-write +;session.lazy_write = On + +[Assertion] +; Switch whether to compile assertions at all (to have no overhead at run-time) +; -1: Do not compile at all +; 0: Jump over assertion at run-time +; 1: Execute assertions +; Changing from or to a negative value is only possible in php.ini! (For turning assertions on and off at run-time, see assert.active, when zend.assertions = 1) +; Default Value: 1 +; Development Value: 1 +; Production Value: -1 +; http://php.net/zend.assertions +zend.assertions = -1 + +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Throw an AssertionError on failed assertions +; http://php.net/assert.exception +;assert.exception = On + +; Issue a PHP warning for each failed assertion. (Overridden by assert.exception if active) +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a component's typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; This affects mb_send_mail() and mbstring.detect_order. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; internal/script encoding. +; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*) +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;mbstring.internal_encoding = + +; Use of this INI entry is deprecated, use global input_encoding instead. +; http input encoding. +; mbstring.encoding_translation = On is needed to use this setting. +; If empty, default_charset or input_encoding or mbstring.input is used. +; The precedence is: default_charset < input_encoding < mbsting.http_input +; http://php.net/mbstring.http-input +;mbstring.http_input = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; http output encoding. +; mb_output_handler must be registered as output buffer to function. +; If empty, default_charset or output_encoding or mbstring.http_output is used. +; The precedence is: default_charset < output_encoding < mbstring.http_output +; To use an output encoding conversion, mbstring's output handler must be set +; otherwise output encoding conversion cannot be performed. +; http://php.net/mbstring.http-output +;mbstring.http_output = + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; "auto" detect order is changed according to mbstring.language +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +; Default: Off +;mbstring.strict_detection = On + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; This directive specifies maximum stack depth for mbstring regular expressions. It is similar +; to the pcre.recursion_limit for PCRE. +; Default: 100000 +;mbstring.regex_stack_limit=100000 + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 1 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[dba] +;dba.default_handler= + +[opcache] +; Determines if Zend OPCache is enabled +;opcache.enable=1 + +; Determines if Zend OPCache is enabled for the CLI version of PHP +;opcache.enable_cli=0 + +; The OPcache shared memory storage size. +;opcache.memory_consumption=128 + +; The amount of memory for interned strings in Mbytes. +;opcache.interned_strings_buffer=8 + +; The maximum number of keys (scripts) in the OPcache hash table. +; Only numbers between 200 and 1000000 are allowed. +;opcache.max_accelerated_files=10000 + +; The maximum percentage of "wasted" memory until a restart is scheduled. +;opcache.max_wasted_percentage=5 + +; When this directive is enabled, the OPcache appends the current working +; directory to the script key, thus eliminating possible collisions between +; files with the same name (basename). Disabling the directive improves +; performance, but may break existing applications. +;opcache.use_cwd=1 + +; When disabled, you must reset the OPcache manually or restart the +; webserver for changes to the filesystem to take effect. +;opcache.validate_timestamps=1 + +; How often (in seconds) to check file timestamps for changes to the shared +; memory storage allocation. ("1" means validate once per second, but only +; once per request. "0" means always validate) +;opcache.revalidate_freq=2 + +; Enables or disables file search in include_path optimization +;opcache.revalidate_path=0 + +; If disabled, all PHPDoc comments are dropped from the code to reduce the +; size of the optimized code. +;opcache.save_comments=1 + +; Allow file existence override (file_exists, etc.) performance feature. +;opcache.enable_file_override=0 + +; A bitmask, where each bit enables or disables the appropriate OPcache +; passes +;opcache.optimization_level=0x7FFFBFFF + +;opcache.dups_fix=0 + +; The location of the OPcache blacklist file (wildcards allowed). +; Each OPcache blacklist file is a text file that holds the names of files +; that should not be accelerated. The file format is to add each filename +; to a new line. The filename may be a full path or just a file prefix +; (i.e., /var/www/x blacklists all the files and directories in /var/www +; that start with 'x'). Line starting with a ; are ignored (comments). +;opcache.blacklist_filename= + +; Allows exclusion of large files from being cached. By default all files +; are cached. +;opcache.max_file_size=0 + +; Check the cache checksum each N requests. +; The default value of "0" means that the checks are disabled. +;opcache.consistency_checks=0 + +; How long to wait (in seconds) for a scheduled restart to begin if the cache +; is not being accessed. +;opcache.force_restart_timeout=180 + +; OPcache error_log file name. Empty string assumes "stderr". +;opcache.error_log= + +; All OPcache errors go to the Web server log. +; By default, only fatal errors (level 0) or errors (level 1) are logged. +; You can also enable warnings (level 2), info messages (level 3) or +; debug messages (level 4). +;opcache.log_verbosity_level=1 + +; Preferred Shared Memory back-end. Leave empty and let the system decide. +;opcache.preferred_memory_model= + +; Protect the shared memory from unexpected writing during script execution. +; Useful for internal debugging only. +;opcache.protect_memory=0 + +; Allows calling OPcache API functions only from PHP scripts which path is +; started from specified string. The default "" means no restriction +;opcache.restrict_api= + +; Mapping base of shared memory segments (for Windows only). All the PHP +; processes have to map shared memory into the same address space. This +; directive allows to manually fix the "Unable to reattach to base address" +; errors. +;opcache.mmap_base= + +; Enables and sets the second level cache directory. +; It should improve performance when SHM memory is full, at server restart or +; SHM reset. The default "" disables file based caching. +;opcache.file_cache= + +; Enables or disables opcode caching in shared memory. +;opcache.file_cache_only=0 + +; Enables or disables checksum validation when script loaded from file cache. +;opcache.file_cache_consistency_checks=1 + +; Implies opcache.file_cache_only=1 for a certain process that failed to +; reattach to the shared memory (for Windows only). Explicitly enabled file +; cache is required. +;opcache.file_cache_fallback=1 + +; Enables or disables copying of PHP code (text segment) into HUGE PAGES. +; This should improve performance, but requires appropriate OS configuration. +;opcache.huge_code_pages=1 + +; Validate cached file permissions. +;opcache.validate_permission=0 + +; Prevent name collisions in chroot'ed environment. +;opcache.validate_root=0 + +; If specified, it produces opcode dumps for debugging different stages of +; optimizations. +;opcache.opt_debug_level=0 + +[curl] +; A default value for the CURLOPT_CAINFO option. This is required to be an +; absolute path. +;curl.cainfo = + +[openssl] +; The location of a Certificate Authority (CA) file on the local filesystem +; to use when verifying the identity of SSL/TLS peers. Most users should +; not specify a value for this directive as PHP will attempt to use the +; OS-managed cert stores in its absence. If specified, this value may still +; be overridden on a per-stream basis via the "cafile" SSL stream context +; option. +;openssl.cafile= + +; If openssl.cafile is not specified or if the CA file is not found, the +; directory pointed to by openssl.capath is searched for a suitable +; certificate. This value must be a correctly hashed certificate directory. +; Most users should not specify a value for this directive as PHP will +; attempt to use the OS-managed cert stores in its absence. If specified, +; this value may still be overridden on a per-stream basis via the "capath" +; SSL stream context option. +;openssl.capath= + +; Local Variables: +; tab-width: 4 +; End: diff --git a/conf/php/php-fpm.d/conf-7.4/php-fpm.conf b/conf/php/php-fpm.d/conf-7.4/php-fpm.conf new file mode 100644 index 00000000..3137d24d --- /dev/null +++ b/conf/php/php-fpm.d/conf-7.4/php-fpm.conf @@ -0,0 +1,143 @@ +;;;;;;;;;;;;;;;;;;;;; +; FPM Configuration ; +;;;;;;;;;;;;;;;;;;;;; + +; All relative paths in this configuration file are relative to PHP's install +; prefix (/usr/local). This prefix can be dynamically changed by using the +; '-p' argument from the command line. + +;;;;;;;;;;;;;;;;;; +; Global Options ; +;;;;;;;;;;;;;;;;;; + +[global] +; Pid file +; Note: the default prefix is /usr/local/var +; Default Value: none +;pid = run/php-fpm.pid + +; Error log file +; If it's set to "syslog", log is sent to syslogd instead of being written +; into a local file. +; Note: the default prefix is /usr/local/var +; Default Value: log/php-fpm.log +;error_log = log/php-fpm.log + +; syslog_facility is used to specify what type of program is logging the +; message. This lets syslogd specify that messages from different facilities +; will be handled differently. +; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON) +; Default Value: daemon +;syslog.facility = daemon + +; syslog_ident is prepended to every message. If you have multiple FPM +; instances running on the same server, you can change the default value +; which must suit common needs. +; Default Value: php-fpm +;syslog.ident = php-fpm + +; Log level +; Possible Values: alert, error, warning, notice, debug +; Default Value: notice +;log_level = notice + +; Log limit on number of characters in the single line (log entry). If the +; line is over the limit, it is wrapped on multiple lines. The limit is for +; all logged characters including message prefix and suffix if present. However +; the new line character does not count into it as it is present only when +; logging to a file descriptor. It means the new line character is not present +; when logging to syslog. +; Default Value: 1024 +;log_limit = 4096 + +; Log buffering specifies if the log line is buffered which means that the +; line is written in a single write operation. If the value is false, then the +; data is written directly into the file descriptor. It is an experimental +; option that can potentionaly improve logging performance and memory usage +; for some heavy logging scenarios. This option is ignored if logging to syslog +; as it has to be always buffered. +; Default value: yes +;log_buffering = no + +; If this number of child processes exit with SIGSEGV or SIGBUS within the time +; interval set by emergency_restart_interval then FPM will restart. A value +; of '0' means 'Off'. +; Default Value: 0 +;emergency_restart_threshold = 0 + +; Interval of time used by emergency_restart_interval to determine when +; a graceful restart will be initiated. This can be useful to work around +; accidental corruptions in an accelerator's shared memory. +; Available Units: s(econds), m(inutes), h(ours), or d(ays) +; Default Unit: seconds +; Default Value: 0 +;emergency_restart_interval = 0 + +; Time limit for child processes to wait for a reaction on signals from master. +; Available units: s(econds), m(inutes), h(ours), or d(ays) +; Default Unit: seconds +; Default Value: 0 +;process_control_timeout = 0 + +; The maximum number of processes FPM will fork. This has been designed to control +; the global number of processes when using dynamic PM within a lot of pools. +; Use it with caution. +; Note: A value of 0 indicates no limit +; Default Value: 0 +; process.max = 128 + +; Specify the nice(2) priority to apply to the master process (only if set) +; The value can vary from -19 (highest priority) to 20 (lowest priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool process will inherit the master process priority +; unless specified otherwise +; Default Value: no set +; process.priority = -19 + +; Send FPM to background. Set to 'no' to keep FPM in foreground for debugging. +; Default Value: yes +;daemonize = yes + +; Set open file descriptor rlimit for the master process. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit for the master process. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Specify the event mechanism FPM will use. The following is available: +; - select (any POSIX os) +; - poll (any POSIX os) +; - epoll (linux >= 2.5.44) +; - kqueue (FreeBSD >= 4.1, OpenBSD >= 2.9, NetBSD >= 2.0) +; - /dev/poll (Solaris >= 7) +; - port (Solaris >= 10) +; Default Value: not set (auto detection) +;events.mechanism = epoll + +; When FPM is built with systemd integration, specify the interval, +; in seconds, between health report notification to systemd. +; Set to 0 to disable. +; Available Units: s(econds), m(inutes), h(ours) +; Default Unit: seconds +; Default value: 10 +;systemd_interval = 10 + +;;;;;;;;;;;;;;;;;;;; +; Pool Definitions ; +;;;;;;;;;;;;;;;;;;;; + +; Multiple pools of child processes may be started with different listening +; ports and different management options. The name of the pool will be +; used in logs and stats. There is no limitation on the number of pools which +; FPM can handle. Your system will tell you anyway :) + +; Include one or more files. If glob(3) exists, it is used to include a bunch of +; files from a glob(3) pattern. This directive can be used everywhere in the +; file. +; Relative path can also be used. They will be prefixed by: +; - the global prefix if it's been set (-p argument) +; - /usr/local otherwise +include=etc/php-fpm.d/*.conf diff --git a/conf/php/php-fpm.d/conf-7.4/php-fpm.d/docker.conf b/conf/php/php-fpm.d/conf-7.4/php-fpm.d/docker.conf new file mode 100644 index 00000000..5b0f01cf --- /dev/null +++ b/conf/php/php-fpm.d/conf-7.4/php-fpm.d/docker.conf @@ -0,0 +1,15 @@ +[global] +error_log = /proc/self/fd/2 + +; https://github.com/docker-library/php/pull/725#issuecomment-443540114 +log_limit = 8192 + +[www] +; if we send this to /proc/self/fd/1, it never appears +access.log = /proc/self/fd/2 + +clear_env = no + +; Ensure worker stdout and stderr are sent to the main error log. +catch_workers_output = yes +decorate_workers_output = no diff --git a/conf/php/php-fpm.d/conf-7.4/php-fpm.d/www.conf b/conf/php/php-fpm.d/conf-7.4/php-fpm.d/www.conf new file mode 100644 index 00000000..69d08be3 --- /dev/null +++ b/conf/php/php-fpm.d/conf-7.4/php-fpm.d/www.conf @@ -0,0 +1,438 @@ +; Start a new pool named 'www'. +; the variable $pool can be used in any directive and will be replaced by the +; pool name ('www' here) +[www] + +; Per pool prefix +; It only applies on the following directives: +; - 'access.log' +; - 'slowlog' +; - 'listen' (unixsocket) +; - 'chroot' +; - 'chdir' +; - 'php_values' +; - 'php_admin_values' +; When not set, the global prefix (or NONE) applies instead. +; Note: This directive can also be relative to the global prefix. +; Default Value: none +;prefix = /path/to/pools/$pool + +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +user = www-data +group = www-data + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on +; a specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +listen = 127.0.0.1:9000 + +; Set listen(2) backlog. +; Default Value: 511 (-1 on FreeBSD and OpenBSD) +;listen.backlog = 511 + +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. +; Default Values: user and group are set as the running user +; mode is set to 0660 +;listen.owner = www-data +;listen.group = www-data +;listen.mode = 0660 +; When POSIX Access Control Lists are supported you can set them using +; these options, value is a comma separated list of user/group names. +; When set, listen.owner and listen.group are ignored +;listen.acl_users = +;listen.acl_groups = + +; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. +; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original +; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address +; must be separated by a comma. If this value is left blank, connections will be +; accepted from any ip address. +; Default Value: any +;listen.allowed_clients = 127.0.0.1 + +; Specify the nice(2) priority to apply to the pool processes (only if set) +; The value can vary from -19 (highest priority) to 20 (lower priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool processes will inherit the master process priority +; unless it specified otherwise +; Default Value: no set +; process.priority = -19 + +; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user +; or group is differrent than the master process user. It allows to create process +; core dump and ptrace the process for the pool user. +; Default Value: no +; process.dumpable = yes + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives. With this process management, there will be +; always at least 1 children. +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; ondemand - no children are created at startup. Children will be forked when +; new requests will connect. The following parameter are used: +; pm.max_children - the maximum number of children that +; can be alive at the same time. +; pm.process_idle_timeout - The number of seconds after which +; an idle process will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. The below defaults are based on a server without much resources. Don't +; forget to tweak pm.* to fit your needs. +; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' +; Note: This value is mandatory. +pm.max_children = 5 + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: (min_spare_servers + max_spare_servers) / 2 +pm.start_servers = 2 + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.min_spare_servers = 1 + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.max_spare_servers = 3 + +; The number of seconds after which an idle process will be killed. +; Note: Used only when pm is set to 'ondemand' +; Default Value: 10s +;pm.process_idle_timeout = 10s; + +; The number of requests each child process should execute before respawning. +; This can be useful to work around memory leaks in 3rd party libraries. For +; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. +; Default Value: 0 +;pm.max_requests = 500 + +; The URI to view the FPM status page. If this value is not set, no URI will be +; recognized as a status page. It shows the following informations: +; pool - the name of the pool; +; process manager - static, dynamic or ondemand; +; start time - the date and time FPM has started; +; start since - number of seconds since FPM has started; +; accepted conn - the number of request accepted by the pool; +; listen queue - the number of request in the queue of pending +; connections (see backlog in listen(2)); +; max listen queue - the maximum number of requests in the queue +; of pending connections since FPM has started; +; listen queue len - the size of the socket queue of pending connections; +; idle processes - the number of idle processes; +; active processes - the number of active processes; +; total processes - the number of idle + active processes; +; max active processes - the maximum number of active processes since FPM +; has started; +; max children reached - number of times, the process limit has been reached, +; when pm tries to start more children (works only for +; pm 'dynamic' and 'ondemand'); +; Value are updated in real time. +; Example output: +; pool: www +; process manager: static +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 62636 +; accepted conn: 190460 +; listen queue: 0 +; max listen queue: 1 +; listen queue len: 42 +; idle processes: 4 +; active processes: 11 +; total processes: 15 +; max active processes: 12 +; max children reached: 0 +; +; By default the status page output is formatted as text/plain. Passing either +; 'html', 'xml' or 'json' in the query string will return the corresponding +; output syntax. Example: +; http://www.foo.bar/status +; http://www.foo.bar/status?json +; http://www.foo.bar/status?html +; http://www.foo.bar/status?xml +; +; By default the status page only outputs short status. Passing 'full' in the +; query string will also return status for each pool process. +; Example: +; http://www.foo.bar/status?full +; http://www.foo.bar/status?json&full +; http://www.foo.bar/status?html&full +; http://www.foo.bar/status?xml&full +; The Full status returns for each process: +; pid - the PID of the process; +; state - the state of the process (Idle, Running, ...); +; start time - the date and time the process has started; +; start since - the number of seconds since the process has started; +; requests - the number of requests the process has served; +; request duration - the duration in µs of the requests; +; request method - the request method (GET, POST, ...); +; request URI - the request URI with the query string; +; content length - the content length of the request (only with POST); +; user - the user (PHP_AUTH_USER) (or '-' if not set); +; script - the main script called (or '-' if not set); +; last request cpu - the %cpu the last request consumed +; it's always 0 if the process is not in Idle state +; because CPU calculation is done when the request +; processing has terminated; +; last request memory - the max amount of memory the last request consumed +; it's always 0 if the process is not in Idle state +; because memory calculation is done when the request +; processing has terminated; +; If the process is in Idle state, then informations are related to the +; last request the process has served. Otherwise informations are related to +; the current request being served. +; Example output: +; ************************ +; pid: 31330 +; state: Running +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 63087 +; requests: 12808 +; request duration: 1250261 +; request method: GET +; request URI: /test_mem.php?N=10000 +; content length: 0 +; user: - +; script: /home/fat/web/docs/php/test_mem.php +; last request cpu: 0.00 +; last request memory: 0 +; +; Note: There is a real-time FPM status monitoring sample web page available +; It's available in: /usr/local/share/php/fpm/status.html +; +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;pm.status_path = /status + +; The ping URI to call the monitoring page of FPM. If this value is not set, no +; URI will be recognized as a ping page. This could be used to test from outside +; that FPM is alive and responding, or to +; - create a graph of FPM availability (rrd or such); +; - remove a server from a group if it is not responding (load balancing); +; - trigger alerts for the operating team (24/7). +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;ping.path = /ping + +; This directive may be used to customize the response of a ping request. The +; response is formatted as text/plain with a 200 response code. +; Default Value: pong +;ping.response = pong + +; The access log file +; Default: not set +;access.log = log/$pool.access.log + +; The access log format. +; The following syntax is allowed +; %%: the '%' character +; %C: %CPU used by the request +; it can accept the following format: +; - %{user}C for user CPU only +; - %{system}C for system CPU only +; - %{total}C for user + system CPU (default) +; %d: time taken to serve the request +; it can accept the following format: +; - %{seconds}d (default) +; - %{miliseconds}d +; - %{mili}d +; - %{microseconds}d +; - %{micro}d +; %e: an environment variable (same as $_ENV or $_SERVER) +; it must be associated with embraces to specify the name of the env +; variable. Some exemples: +; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e +; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e +; %f: script filename +; %l: content-length of the request (for POST request only) +; %m: request method +; %M: peak of memory allocated by PHP +; it can accept the following format: +; - %{bytes}M (default) +; - %{kilobytes}M +; - %{kilo}M +; - %{megabytes}M +; - %{mega}M +; %n: pool name +; %o: output header +; it must be associated with embraces to specify the name of the header: +; - %{Content-Type}o +; - %{X-Powered-By}o +; - %{Transfert-Encoding}o +; - .... +; %p: PID of the child that serviced the request +; %P: PID of the parent of the child that serviced the request +; %q: the query string +; %Q: the '?' character if query string exists +; %r: the request URI (without the query string, see %q and %Q) +; %R: remote IP address +; %s: status (response code) +; %t: server time the request was received +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %T: time the log has been written (the request has finished) +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %u: remote user +; +; Default: "%R - %u %t \"%m %r\" %s" +;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +;slowlog = log/$pool.log.slow + +; The timeout for serving a single request after which a PHP backtrace will be +; dumped to the 'slowlog' file. A value of '0s' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_slowlog_timeout = 0 + +; Depth of slow log stack trace. +; Default Value: 20 +;request_slowlog_trace_depth = 20 + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_terminate_timeout = 0 + +; The timeout set by 'request_terminate_timeout' ini option is not engaged after +; application calls 'fastcgi_finish_request' or when application has finished and +; shutdown functions are being called (registered via register_shutdown_function). +; This option will enable timeout limit to be applied unconditionally +; even in such cases. +; Default Value: no +;request_terminate_timeout_track_finished = no + +; Set open file descriptor rlimit. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Chroot to this directory at the start. This value must be defined as an +; absolute path. When this value is not set, chroot is not used. +; Note: you can prefix with '$prefix' to chroot to the pool prefix or one +; of its subdirectories. If the pool prefix is not set, the global prefix +; will be used instead. +; Note: chrooting is a great security feature and should be used whenever +; possible. However, all PHP paths will be relative to the chroot +; (error_log, sessions.save_path, ...). +; Default Value: not set +;chroot = + +; Chdir to this directory at the start. +; Note: relative path can be used. +; Default Value: current directory or / when chroot +;chdir = /var/www + +; Redirect worker stdout and stderr into main error log. If not set, stdout and +; stderr will be redirected to /dev/null according to FastCGI specs. +; Note: on highloaded environement, this can cause some delay in the page +; process time (several ms). +; Default Value: no +;catch_workers_output = yes + +; Decorate worker output with prefix and suffix containing information about +; the child that writes to the log and if stdout or stderr is used as well as +; log level and time. This options is used only if catch_workers_output is yes. +; Settings to "no" will output data as written to the stdout or stderr. +; Default value: yes +;decorate_workers_output = no + +; Clear environment in FPM workers +; Prevents arbitrary environment variables from reaching FPM worker processes +; by clearing the environment in workers before env vars specified in this +; pool configuration are added. +; Setting to "no" will make all environment variables available to PHP code +; via getenv(), $_ENV and $_SERVER. +; Default Value: yes +;clear_env = no + +; Limits the extensions of the main script FPM will allow to parse. This can +; prevent configuration mistakes on the web server side. You should only limit +; FPM to .php extensions to prevent malicious users to use other extensions to +; execute php code. +; Note: set an empty value to allow all extensions. +; Default Value: .php +;security.limit_extensions = .php .php3 .php4 .php5 .php7 + +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from +; the current environment. +; Default Value: clean env +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /tmp +;env[TMPDIR] = /tmp +;env[TEMP] = /tmp + +; Additional php.ini defines, specific to this pool of workers. These settings +; overwrite the values previously defined in the php.ini. The directives are the +; same as the PHP SAPI: +; php_value/php_flag - you can set classic ini defines which can +; be overwritten from PHP call 'ini_set'. +; php_admin_value/php_admin_flag - these directives won't be overwritten by +; PHP call 'ini_set' +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. + +; Defining 'extension' will load the corresponding shared extension from +; extension_dir. Defining 'disable_functions' or 'disable_classes' will not +; overwrite previously defined php.ini values, but will append the new value +; instead. + +; Note: path INI options can be relative and will be expanded with the prefix +; (pool, global or /usr/local) + +; Default Value: nothing is defined by default except the values in php.ini and +; specified at startup with the -d argument +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com +;php_flag[display_errors] = off +;php_admin_value[error_log] = /var/log/fpm-php.www.log +;php_admin_flag[log_errors] = on +;php_admin_value[memory_limit] = 32M diff --git a/conf/php/php-fpm.d/conf-7.4/php-fpm.d/zz-docker.conf b/conf/php/php-fpm.d/conf-7.4/php-fpm.d/zz-docker.conf new file mode 100644 index 00000000..e0590d8f --- /dev/null +++ b/conf/php/php-fpm.d/conf-7.4/php-fpm.d/zz-docker.conf @@ -0,0 +1,5 @@ +[global] +daemonize = no + +[www] +listen = 9000 diff --git a/conf/php/php-fpm.d/conf-7.4/php.ini b/conf/php/php-fpm.d/conf-7.4/php.ini new file mode 100644 index 00000000..beea6b26 --- /dev/null +++ b/conf/php/php-fpm.d/conf-7.4/php.ini @@ -0,0 +1,1952 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (usually C:\windows) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it is +; much more verbose when it comes to errors. We recommend using the +; development version only in development environments, as errors shown to +; application users can inadvertently leak otherwise secure information. + +; This is the php.ini-production INI file. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.sid_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to an empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It is +; generally recommended that should be used and that this feature +; should be disabled, as enabling it may result in issues when generating XML +; documents, however this remains supported for backward compatibility reasons. +; Note that this directive does not control the would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; Note: if open_basedir is set, the cache is disabled +; http://php.net/realpath-cache-size +;realpath_cache_size = 4096k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +; Enables or disables the circular reference collector. +; http://php.net/zend.enable-gc +zend.enable_gc = On + +; If enabled, scripts may be written in encodings that are incompatible with +; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such +; encodings. To use this feature, mbstring extension must be enabled. +; Default: Off +;zend.multibyte = Off + +; Allows to set the default encoding for the scripts. This value will be used +; unless "declare(encoding=...)" directive appears at the top of the script. +; Only affects if zend.multibyte is set. +; Default: "" +;zend.script_encoding = + +; Allows to include or exclude arguments from stack traces generated for exceptions +; Default: Off +; In production, it is recommended to turn this setting on to prohibit the output +; of sensitive information in stack traces +zend.exception_ignore_args = On + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = On + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; How many GET/POST/COOKIE input variables may be accepted +;max_input_vars = 1000 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it is automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL (Show all errors, warnings and notices including coding standards.) +; E_ALL & ~E_NOTICE (Show all errors, except for notices) +; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT +; http://php.net/error-reporting +error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; For production environments, we recommend logging errors rather than +; sending them to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = Off + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. We strongly recommend you +; set this to 'off' for production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = Off + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This is only effective in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; This directive is DEPRECATED. +; Default Value: Off +; Development Value: Off +; Production Value: Off +; http://php.net/track-errors +;track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of formatting the +; error message as HTML for easier reading. This directive controls whether +; the error message is formatted as HTML or not. +; Note: This directive is hardcoded to Off for the CLI SAPI +; http://php.net/html-errors +;html_errors = On + +; If html_errors is set to On *and* docref_root is not empty, then PHP +; produces clickable error messages that direct to a page describing the error +; or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty, in which +; case no links to documentation are generated. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on Windows). +;error_log = syslog + +; The syslog ident is a string which is prepended to every message logged +; to syslog. Only used when error_log is set to syslog. +;syslog.ident = php + +; The syslog facility is used to specify what type of program is logging +; the message. Only used when error_log is set to syslog. +;syslog.facility = user + +; Set this to disable filtering control characters (the default). +; Some loggers only accept NVT-ASCII, others accept anything that's not +; control characters. If your logger accepts everything, then no filtering +; is needed at all. +; Allowed values are: +; ascii (all printable ASCII characters and NL) +; no-ctrl (all characters except control characters) +; all (all characters) +; raw (like "all", but messages are not split at newlines) +; http://php.net/syslog.filter +;syslog.filter = ascii + +;windows.show_crt_warning +; Default value: 0 +; Development value: 0 +; Production value: 0 + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. G,P,C,E & S are abbreviations for the following respective super +; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty +; paid for the registration of these arrays and because ENV is not as commonly +; used as the others, ENV is not recommended on productions servers. You +; can still get access to the environment variables through getenv() should you +; need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P & C) should be +; registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive +; are specified in the same manner as the variables_order directive, +; EXCEPT one. Leaving this value empty will cause PHP to use the value set +; in the variables_order directive. It does not mean it will leave the super +; globals array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the ENV, REQUEST and SERVER variables are created when they're +; first used (Just In Time) instead of when the script starts. If these +; variables are not used within a script, having this directive on will result +; in a performance gain. The PHP directive register_argc_argv must be disabled +; for this directive to have any effect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Whether PHP will read the POST data. +; This option is enabled by default. +; Most likely, you won't want to disable this option globally. It causes $_POST +; and $_FILES to always be empty; the only way you will be able to read the +; POST data will be through the php://input stream wrapper. This can be useful +; to proxy requests or to process the POST data in a memory efficient fashion. +; http://php.net/enable-post-data-reading +;enable_post_data_reading = Off + +; Maximum size of POST data that PHP will accept. +; Its value may be 0 to disable the limit. It is ignored if POST data reading +; is disabled through enable_post_data_reading. +; http://php.net/post-max-size +post_max_size = 8M + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a media type using the Content-Type header. To +; disable this, simply set it to be empty. +; +; PHP's built-in default media type is set to text/html. +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to UTF-8. +; http://php.net/default-charset +default_charset = "UTF-8" + +; PHP internal character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/internal-encoding +;internal_encoding = + +; PHP input character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/input-encoding +;input_encoding = + +; PHP output character encoding is set to empty. +; If empty, default_charset is used. +; See also output_buffer. +; http://php.net/output-encoding +;output_encoding = + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +;include_path = ".:/php/includes" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +;extension_dir = "./" +; On windows: +;extension_dir = "ext" + +; Directory where the temporary files should be placed. +; Defaults to the system default (see sys_get_temp_dir) +;sys_temp_dir = "/tmp" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside +; of the web tree and people will not be able to circumvent .htaccess security. +;cgi.discard_path=1 + +; FastCGI under IIS supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1 + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If set to 0, PHP sends Status: header that +; is supported by Apache. When this option is set to 1, PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! +; (shebang) at the top of the running script. This line might be needed if the +; script support running both as stand-alone script and via PHP CGI<. PHP in CGI +; mode skips this line and ignores its content if this directive is turned on. +; http://php.net/cgi.check-shebang-line +;cgi.check_shebang_line=1 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = On + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename +; +; For example: +; +; extension=mysqli +; +; When the extension library to load is not located in the default extension +; directory, You may specify an absolute path to the library file: +; +; extension=/path/to/extension/mysqli.so +; +; Note : The syntax used in previous PHP versions ('extension=.so' and +; 'extension='php_.dll') is supported for legacy reasons and may be +; deprecated in a future PHP major version. So, when it is possible, please +; move to the new ('extension=) syntax. +; +; Notes for Windows environments : +; +; - Many DLL files are located in the extensions/ (PHP 4) or ext/ (PHP 5+) +; extension folders as well as the separate PECL DLL download (PHP 5+). +; Be sure to appropriately set the extension_dir directive. +; +;extension=bz2 +;extension=curl +;extension=ffi +;extension=fileinfo +;extension=gd2 +;extension=gettext +;extension=gmp +;extension=intl +;extension=imap +;extension=ldap +;extension=mbstring +;extension=exif ; Must be after mbstring as it depends on it +;extension=mysqli +;extension=oci8_12c ; Use with Oracle Database 12c Instant Client +;extension=odbc +;extension=openssl +;extension=pdo_firebird +;extension=pdo_mysql +;extension=pdo_oci +;extension=pdo_odbc +;extension=pdo_pgsql +;extension=pdo_sqlite +;extension=pgsql +;extension=shmop + +; The MIBS data available in the PHP distribution must be installed. +; See http://www.php.net/manual/en/snmp.installation.php +;extension=snmp + +;extension=soap +;extension=sockets +;extension=sodium +;extension=sqlite3 +;extension=tidy +;extension=xmlrpc +;extension=xsl + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[CLI Server] +; Whether the CLI web server uses ANSI color coding in its terminal output. +cli_server.color = On + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +; Use of this INI entry is deprecated, use global input_encoding instead. +; If empty, default_charset or input_encoding or iconv.input_encoding is used. +; The precedence is: default_charset < input_encoding < iconv.input_encoding +;iconv.input_encoding = + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;iconv.internal_encoding = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; If empty, default_charset or output_encoding or iconv.output_encoding is used. +; The precedence is: default_charset < output_encoding < iconv.output_encoding +; To use an output encoding conversion, iconv's output handler must be set +; otherwise output encoding conversion cannot be performed. +;iconv.output_encoding = + +[imap] +; rsh/ssh logins are disabled by default. Use this INI entry if you want to +; enable them. Note that the IMAP library does not filter mailbox names before +; passing them to rsh/ssh command, thus passing untrusted data to this function +; with rsh/ssh enabled is insecure. +;imap.enable_insecure_rsh=0 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING +;intl.use_exceptions = 0 + +[sqlite3] +; Directory pointing to SQLite3 extensions +; http://php.net/sqlite3.extension-dir +;sqlite3.extension_dir = + +; SQLite defensive mode flag (only available from SQLite 3.26+) +; When the defensive flag is enabled, language features that allow ordinary +; SQL to deliberately corrupt the database file are disabled. This forbids +; writing directly to the schema, shadow tables (eg. FTS data tables), or +; the sqlite_dbpage virtual table. +; https://www.sqlite.org/c3ref/c_dbconfig_defensive.html +; (for older SQLite versions, this flag has no use) +;sqlite3.defensive = 1 + +[Pcre] +; PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +; PCRE library recursion limit. +; Please note that if you set this value to a high number you may consume all +; the available process stack and eventually crash PHP (due to reaching the +; stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +; Enables or disables JIT compilation of patterns. This requires the PCRE +; library to be compiled with JIT support. +;pcre.jit=1 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(). +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = Off + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = +; Log mail to syslog (Event Log on Windows). +;mail.log = syslog + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysqli_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysqli_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +mysqlnd.collect_memory_statistics = Off + +; Records communication from all extensions using mysqlnd to the specified log +; file. +; http://php.net/mysqlnd.debug +;mysqlnd.debug = + +; Defines which queries will be logged. +;mysqlnd.log_mask = 0 + +; Default size of the mysqlnd memory pool, which is used by result sets. +;mysqlnd.mempool_default_size = 16000 + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +;mysqlnd.net_read_buffer_size = 32768 + +; Timeout for network requests in seconds. +;mysqlnd.net_read_timeout = 31536000 + +; SHA-256 Authentication Plugin related. File with the MySQL server public RSA +; key. +;mysqlnd.sha256_server_public_key = + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgreSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if +; your OS has problems with many files in one directory, and is +; a more efficient layout for servers that handle many sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +;session.save_path = "/tmp" + +; Whether to use strict session mode. +; Strict session mode does not accept an uninitialized session ID, and +; regenerates the session ID if the browser sends an uninitialized session ID. +; Strict mode protects applications from session fixation via a session adoption +; vulnerability. It is disabled by default for maximum compatibility, but +; enabling it is encouraged. +; https://wiki.php.net/rfc/strict_sessions +session.use_strict_mode = 0 + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combating +; session hijacking when not specifying and managing your own session id. It is +; not the be-all and end-all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it +; inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Add SameSite attribute to cookie to help mitigate Cross-Site Request Forgery (CSRF/XSRF) +; Current valid values are "Lax" or "Strict" +; https://tools.ietf.org/html/draft-west-first-party-cookies-07 +session.cookie_samesite = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any given request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 100 +; when the session.gc_probability value is 1 will give you approximately a 1% chance +; the gc will run on any given request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any given request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 -type f | xargs rm + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users' security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publicly accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Set session ID character length. This value could be between 22 to 256. +; Shorter length than default is supported only for compatibility reason. +; Users should use 32 or more chars. +; http://php.net/session.sid-length +; Default Value: 32 +; Development Value: 26 +; Production Value: 26 +session.sid_length = 26 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; is special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. tag's action attribute URL will not be modified +; unless it is specified. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=" +; Development Value: "a=href,area=href,frame=src,form=" +; Production Value: "a=href,area=href,frame=src,form=" +; http://php.net/url-rewriter.tags +session.trans_sid_tags = "a=href,area=href,frame=src,form=" + +; URL rewriter does not rewrite absolute URLs by default. +; To enable rewrites for absolute paths, target hosts must be specified +; at RUNTIME. i.e. use ini_set() +; tags is special. PHP will check action attribute's URL regardless +; of session.trans_sid_tags setting. +; If no host is defined, HTTP_HOST will be used for allowed host. +; Example value: php.net,www.php.net,wiki.php.net +; Use "," for multiple hosts. No spaces are allowed. +; Default Value: "" +; Development Value: "" +; Production Value: "" +;session.trans_sid_hosts="" + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.sid_bits_per_character = 5 + +; Enable upload progress tracking in $_SESSION +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.enabled +;session.upload_progress.enabled = On + +; Cleanup the progress information as soon as all POST data has been read +; (i.e. upload completed). +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.cleanup +;session.upload_progress.cleanup = On + +; A prefix used for the upload progress key in $_SESSION +; Default Value: "upload_progress_" +; Development Value: "upload_progress_" +; Production Value: "upload_progress_" +; http://php.net/session.upload-progress.prefix +;session.upload_progress.prefix = "upload_progress_" + +; The index name (concatenated with the prefix) in $_SESSION +; containing the upload progress information +; Default Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Development Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Production Value: "PHP_SESSION_UPLOAD_PROGRESS" +; http://php.net/session.upload-progress.name +;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" + +; How frequently the upload progress should be updated. +; Given either in percentages (per-file), or in bytes +; Default Value: "1%" +; Development Value: "1%" +; Production Value: "1%" +; http://php.net/session.upload-progress.freq +;session.upload_progress.freq = "1%" + +; The minimum delay between updates, in seconds +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.upload-progress.min-freq +;session.upload_progress.min_freq = "1" + +; Only write session data when session data is changed. Enabled by default. +; http://php.net/session.lazy-write +;session.lazy_write = On + +[Assertion] +; Switch whether to compile assertions at all (to have no overhead at run-time) +; -1: Do not compile at all +; 0: Jump over assertion at run-time +; 1: Execute assertions +; Changing from or to a negative value is only possible in php.ini! (For turning assertions on and off at run-time, see assert.active, when zend.assertions = 1) +; Default Value: 1 +; Development Value: 1 +; Production Value: -1 +; http://php.net/zend.assertions +zend.assertions = -1 + +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Throw an AssertionError on failed assertions +; http://php.net/assert.exception +;assert.exception = On + +; Issue a PHP warning for each failed assertion. (Overridden by assert.exception if active) +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a component's typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; This affects mb_send_mail() and mbstring.detect_order. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; internal/script encoding. +; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*) +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;mbstring.internal_encoding = + +; Use of this INI entry is deprecated, use global input_encoding instead. +; http input encoding. +; mbstring.encoding_translation = On is needed to use this setting. +; If empty, default_charset or input_encoding or mbstring.input is used. +; The precedence is: default_charset < input_encoding < mbsting.http_input +; http://php.net/mbstring.http-input +;mbstring.http_input = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; http output encoding. +; mb_output_handler must be registered as output buffer to function. +; If empty, default_charset or output_encoding or mbstring.http_output is used. +; The precedence is: default_charset < output_encoding < mbstring.http_output +; To use an output encoding conversion, mbstring's output handler must be set +; otherwise output encoding conversion cannot be performed. +; http://php.net/mbstring.http-output +;mbstring.http_output = + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; "auto" detect order is changed according to mbstring.language +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +; Default: Off +;mbstring.strict_detection = On + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +; This directive specifies maximum stack depth for mbstring regular expressions. It is similar +; to the pcre.recursion_limit for PCRE. +; Default: 100000 +;mbstring.regex_stack_limit=100000 + +; This directive specifies maximum retry count for mbstring regular expressions. It is similar +; to the pcre.backtrack_limit for PCRE. +; Default: 1000000 +;mbstring.regex_retry_limit=1000000 + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 1 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[dba] +;dba.default_handler= + +[opcache] +; Determines if Zend OPCache is enabled +;opcache.enable=1 + +; Determines if Zend OPCache is enabled for the CLI version of PHP +;opcache.enable_cli=0 + +; The OPcache shared memory storage size. +;opcache.memory_consumption=128 + +; The amount of memory for interned strings in Mbytes. +;opcache.interned_strings_buffer=8 + +; The maximum number of keys (scripts) in the OPcache hash table. +; Only numbers between 200 and 1000000 are allowed. +;opcache.max_accelerated_files=10000 + +; The maximum percentage of "wasted" memory until a restart is scheduled. +;opcache.max_wasted_percentage=5 + +; When this directive is enabled, the OPcache appends the current working +; directory to the script key, thus eliminating possible collisions between +; files with the same name (basename). Disabling the directive improves +; performance, but may break existing applications. +;opcache.use_cwd=1 + +; When disabled, you must reset the OPcache manually or restart the +; webserver for changes to the filesystem to take effect. +;opcache.validate_timestamps=1 + +; How often (in seconds) to check file timestamps for changes to the shared +; memory storage allocation. ("1" means validate once per second, but only +; once per request. "0" means always validate) +;opcache.revalidate_freq=2 + +; Enables or disables file search in include_path optimization +;opcache.revalidate_path=0 + +; If disabled, all PHPDoc comments are dropped from the code to reduce the +; size of the optimized code. +;opcache.save_comments=1 + +; Allow file existence override (file_exists, etc.) performance feature. +;opcache.enable_file_override=0 + +; A bitmask, where each bit enables or disables the appropriate OPcache +; passes +;opcache.optimization_level=0x7FFFBFFF + +;opcache.dups_fix=0 + +; The location of the OPcache blacklist file (wildcards allowed). +; Each OPcache blacklist file is a text file that holds the names of files +; that should not be accelerated. The file format is to add each filename +; to a new line. The filename may be a full path or just a file prefix +; (i.e., /var/www/x blacklists all the files and directories in /var/www +; that start with 'x'). Line starting with a ; are ignored (comments). +;opcache.blacklist_filename= + +; Allows exclusion of large files from being cached. By default all files +; are cached. +;opcache.max_file_size=0 + +; Check the cache checksum each N requests. +; The default value of "0" means that the checks are disabled. +;opcache.consistency_checks=0 + +; How long to wait (in seconds) for a scheduled restart to begin if the cache +; is not being accessed. +;opcache.force_restart_timeout=180 + +; OPcache error_log file name. Empty string assumes "stderr". +;opcache.error_log= + +; All OPcache errors go to the Web server log. +; By default, only fatal errors (level 0) or errors (level 1) are logged. +; You can also enable warnings (level 2), info messages (level 3) or +; debug messages (level 4). +;opcache.log_verbosity_level=1 + +; Preferred Shared Memory back-end. Leave empty and let the system decide. +;opcache.preferred_memory_model= + +; Protect the shared memory from unexpected writing during script execution. +; Useful for internal debugging only. +;opcache.protect_memory=0 + +; Allows calling OPcache API functions only from PHP scripts which path is +; started from specified string. The default "" means no restriction +;opcache.restrict_api= + +; Mapping base of shared memory segments (for Windows only). All the PHP +; processes have to map shared memory into the same address space. This +; directive allows to manually fix the "Unable to reattach to base address" +; errors. +;opcache.mmap_base= + +; Facilitates multiple OPcache instances per user (for Windows only). All PHP +; processes with the same cache ID and user share an OPcache instance. +;opcache.cache_id= + +; Enables and sets the second level cache directory. +; It should improve performance when SHM memory is full, at server restart or +; SHM reset. The default "" disables file based caching. +;opcache.file_cache= + +; Enables or disables opcode caching in shared memory. +;opcache.file_cache_only=0 + +; Enables or disables checksum validation when script loaded from file cache. +;opcache.file_cache_consistency_checks=1 + +; Implies opcache.file_cache_only=1 for a certain process that failed to +; reattach to the shared memory (for Windows only). Explicitly enabled file +; cache is required. +;opcache.file_cache_fallback=1 + +; Enables or disables copying of PHP code (text segment) into HUGE PAGES. +; This should improve performance, but requires appropriate OS configuration. +;opcache.huge_code_pages=1 + +; Validate cached file permissions. +;opcache.validate_permission=0 + +; Prevent name collisions in chroot'ed environment. +;opcache.validate_root=0 + +; If specified, it produces opcode dumps for debugging different stages of +; optimizations. +;opcache.opt_debug_level=0 + +; Specifies a PHP script that is going to be compiled and executed at server +; start-up. +; http://php.net/opcache.preload +;opcache.preload= + +; Preloading code as root is not allowed for security reasons. This directive +; facilitates to let the preloading to be run as another user. +; http://php.net/opcache.preload_user +;opcache.preload_user= + +; Prevents caching files that are less than this number of seconds old. It +; protects from caching of incompletely updated files. In case all file updates +; on your site are atomic, you may increase performance by setting it to "0". +;opcache.file_update_protection=2 + +; Absolute path used to store shared lockfiles (for *nix only). +;opcache.lockfile_path=/tmp + +[curl] +; A default value for the CURLOPT_CAINFO option. This is required to be an +; absolute path. +;curl.cainfo = + +[openssl] +; The location of a Certificate Authority (CA) file on the local filesystem +; to use when verifying the identity of SSL/TLS peers. Most users should +; not specify a value for this directive as PHP will attempt to use the +; OS-managed cert stores in its absence. If specified, this value may still +; be overridden on a per-stream basis via the "cafile" SSL stream context +; option. +;openssl.cafile= + +; If openssl.cafile is not specified or if the CA file is not found, the +; directory pointed to by openssl.capath is searched for a suitable +; certificate. This value must be a correctly hashed certificate directory. +; Most users should not specify a value for this directive as PHP will +; attempt to use the OS-managed cert stores in its absence. If specified, +; this value may still be overridden on a per-stream basis via the "capath" +; SSL stream context option. +;openssl.capath= + +[ffi] +; FFI API restriction. Possibe values: +; "preload" - enabled in CLI scripts and preloaded files (default) +; "false" - always disabled +; "true" - always enabled +;ffi.enable=preload + +; List of headers files to preload, wildcard patterns allowed. +;ffi.preload= diff --git a/conf/php/php-fpm.d/php-fpm.conf b/conf/php/php-fpm.d/php-fpm.conf new file mode 100644 index 00000000..cd0072f9 --- /dev/null +++ b/conf/php/php-fpm.d/php-fpm.conf @@ -0,0 +1,38 @@ +[global] +pid = /run/php-fpm.pid +error_log = /var/log/php/php-fpm.log +log_level = warning +emergency_restart_threshold = 30 +emergency_restart_interval = 60s +process_control_timeout = 5s +daemonize = no +[www] +listen = /run/php-fpm.sock +listen.backlog = 511 +listen.owner = www-data +listen.group = www-data +listen.mode = 0666 +listen.allowed_clients = 127.0.0.1 + +user = www-data +group = www-data + +# Options static dynamic +pm = dynamic +pm.max_children = 80 +pm.start_servers = 60 +pm.min_spare_servers = 50 +pm.max_spare_servers = 80 +pm.max_requests = 2048 +pm.process_idle_timeout = 10s +pm.status_path = /php-fpm_status + +request_terminate_timeout = 120 +request_slowlog_timeout = 2 + +slowlog = /var/log/php/slow.log +rlimit_files = 51200 +rlimit_core = 0 + +catch_workers_output = yes + diff --git a/conf/php/php-fpm.d/php-fpm2.conf b/conf/php/php-fpm.d/php-fpm2.conf new file mode 100644 index 00000000..2e4c3edc --- /dev/null +++ b/conf/php/php-fpm.d/php-fpm2.conf @@ -0,0 +1,80 @@ +[global] +pid = /var/run/php-fpm.pid +error_log = /data/logs/php/php-fpm.err.log +[www] +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +user = topone4tvs +group = topone4tvs + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses on a +; specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +listen = 0.0.0.0:9000 + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives. With this process management, there will be +; always at least 1 children. +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; ondemand - no children are created at startup. Children will be forked when +; new requests will connect. The following parameter are used: +; pm.max_children - the maximum number of children that +; can be alive at the same time. +; pm.process_idle_timeout - The number of seconds after which +; an idle process will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. The below defaults are based on a server without much resources. Don't +; forget to tweak pm.* to fit your needs. +; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' +; Note: This value is mandatory. +pm.max_children = 20 + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 +pm.start_servers = 2 + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.min_spare_servers = 1 + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.max_spare_servers = 3 + +;--------------------- + +; Make specific Docker environment variables available to PHP +env[DB_1_ENV_MYSQL_DATABASE] = $DB_1_ENV_MYSQL_DATABASE +env[DB_1_ENV_MYSQL_USER] = $DB_1_ENV_MYSQL_USER +env[DB_1_ENV_MYSQL_PASSWORD] = $DB_1_ENV_MYSQL_PASSWORD + +catch_workers_output = yes diff --git a/conf/php/php-fpm.d/php-fpm3.conf b/conf/php/php-fpm.d/php-fpm3.conf new file mode 100644 index 00000000..990b4e5d --- /dev/null +++ b/conf/php/php-fpm.d/php-fpm3.conf @@ -0,0 +1,30 @@ +[global] +daemonize = no + +[www] +user = www-data +group = www-data + +listen = [::]:9000 + +pm = dynamic +;pm = static +pm.max_children = 50 +pm.start_servers = 10 +pm.min_spare_servers = 10 +pm.max_spare_servers = 30 + +clear_env = no + + +rlimit_files = 1048576 +;request_terminate_timeout = 0 +;request_slowlog_timeout = 1 +;slowlog = /data/log/php/php-slow.log + +access.format = "%t \"%m %r%Q%q\" %s %{mili}dms %{kilo}Mkb %C%%" +catch_workers_output = yes + +php_flag[display_errors] = on +;php_admin_flag[log_errors] = true +php_admin_value[date.timezone] = "Asia/Shanghai" \ No newline at end of file diff --git a/conf/php/php5.ini b/conf/php/php5.ini new file mode 100644 index 00000000..e852fbc6 --- /dev/null +++ b/conf/php/php5.ini @@ -0,0 +1,1918 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it is +; much more verbose when it comes to errors. We recommend using the +; development version only in development environments, as errors shown to +; application users can inadvertently leak otherwise secure information. + +; This is php.ini-production INI file. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT + +; html_errors +; Default Value: On +; Development Value: On +; Production value: On + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.sid_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It is +; generally recommended that should be used and that this feature +; should be disabled, as enabling it may result in issues when generating XML +; documents, however this remains supported for backward compatibility reasons. +; Note that this directive does not control the would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 4096k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +; Enables or disables the circular reference collector. +; http://php.net/zend.enable-gc +zend.enable_gc = On + +; If enabled, scripts may be written in encodings that are incompatible with +; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such +; encodings. To use this feature, mbstring extension must be enabled. +; Default: Off +;zend.multibyte = Off + +; Allows to set the default encoding for the scripts. This value will be used +; unless "declare(encoding=...)" directive appears at the top of the script. +; Only affects if zend.multibyte is set. +; Default: "" +;zend.script_encoding = + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = On + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; How many GET/POST/COOKIE input variables may be accepted +; max_input_vars = 1000 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it is automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL (Show all errors, warnings and notices including coding standards.) +; E_ALL & ~E_NOTICE (Show all errors, except for notices) +; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT +; http://php.net/error-reporting +error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; For production environments, we recommend logging errors rather than +; sending them to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = Off + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. We strongly recommend you +; set this to 'off' for production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = Off + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of formatting the +; error message as HTML for easier reading. This directive controls whether +; the error message is formatted as HTML or not. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: On +; http://php.net/html-errors +html_errors = On + +; If html_errors is set to On *and* docref_root is not empty, then PHP +; produces clickable error messages that direct to a page describing the error +; or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty, in which +; case no links to documentation are generated. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +error_log = /var/log/php-fpm/php_errors.log +; Log errors to syslog (Event Log on Windows). +;error_log = syslog + +;windows.show_crt_warning +; Default value: 0 +; Development value: 0 +; Production value: 0 + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. G,P,C,E & S are abbreviations for the following respective super +; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty +; paid for the registration of these arrays and because ENV is not as commonly +; used as the others, ENV is not recommended on productions servers. You +; can still get access to the environment variables through getenv() should you +; need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P & C) should be +; registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive +; are specified in the same manner as the variables_order directive, +; EXCEPT one. Leaving this value empty will cause PHP to use the value set +; in the variables_order directive. It does not mean it will leave the super +; globals array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the ENV, REQUEST and SERVER variables are created when they're +; first used (Just In Time) instead of when the script starts. If these +; variables are not used within a script, having this directive on will result +; in a performance gain. The PHP directive register_argc_argv must be disabled +; for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Whether PHP will read the POST data. +; This option is enabled by default. +; Most likely, you won't want to disable this option globally. It causes $_POST +; and $_FILES to always be empty; the only way you will be able to read the +; POST data will be through the php://input stream wrapper. This can be useful +; to proxy requests or to process the POST data in a memory efficient fashion. +; http://php.net/enable-post-data-reading +;enable_post_data_reading = Off + +; Maximum size of POST data that PHP will accept. +; Its value may be 0 to disable the limit. It is ignored if POST data reading +; is disabled through enable_post_data_reading. +; http://php.net/post-max-size +post_max_size = 8M + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a media type using the Content-Type header. To +; disable this, simply set it to be empty. +; +; PHP's built-in default media type is set to text/html. +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to UTF-8. +; http://php.net/default-charset +default_charset = "UTF-8" + +; PHP internal character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/internal-encoding +;internal_encoding = + +; PHP input character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/input-encoding +;input_encoding = + +; PHP output character encoding is set to empty. +; If empty, default_charset is used. +; See also output_buffer. +; http://php.net/output-encoding +;output_encoding = + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +;include_path = ".:/php/includes" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Directory where the temporary files should be placed. +; Defaults to the system default (see sys_get_temp_dir) +; sys_temp_dir = "/tmp" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside +; of the web tree and people will not be able to circumvent .htaccess security. +; http://php.net/cgi.dicard-path +;cgi.discard_path=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1 + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If set to 0, PHP sends Status: header that +; is supported by Apache. When this option is set to 1, PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! +; (shebang) at the top of the running script. This line might be needed if the +; script support running both as stand-alone script and via PHP CGI<. PHP in CGI +; mode skips this line and ignores its content if this directive is turned on. +; http://php.net/cgi.check-shebang-line +;cgi.check_shebang_line=1 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = On + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=mysqli.dll +; +; ... or under UNIX: +; +; extension=mysqli.so +; +; ... or with a path: +; +; extension=/path/to/extension/mysqli.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5+) +; extension folders as well as the separate PECL DLL download (PHP 5+). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_ftp.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysqli.dll +;extension=php_oci8_12c.dll ; Use with Oracle Database 12c Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_shmop.dll + +; The MIBS data available in the PHP distribution must be installed. +; See http://www.php.net/manual/en/snmp.installation.php +;extension=php_snmp.dll + +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite3.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[CLI Server] +; Whether the CLI web server uses ANSI color coding in its terminal output. +cli_server.color = On + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +; Use of this INI entry is deprecated, use global input_encoding instead. +; If empty, default_charset or input_encoding or iconv.input_encoding is used. +; The precedence is: default_charset < intput_encoding < iconv.input_encoding +;iconv.input_encoding = + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;iconv.internal_encoding = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; If empty, default_charset or output_encoding or iconv.output_encoding is used. +; The precedence is: default_charset < output_encoding < iconv.output_encoding +; To use an output encoding conversion, iconv's output handler must be set +; otherwise output encoding conversion cannot be performed. +;iconv.output_encoding = + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING +;intl.use_exceptions = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +;Enables or disables JIT compilation of patterns. This requires the PCRE +;library to be compiled with JIT support. +;pcre.jit=1 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(). +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = +; Log mail to syslog (Event Log on Windows). +;mail.log = syslog + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = Off + +; Records communication from all extensions using mysqlnd to the specified log +; file. +; http://php.net/mysqlnd.debug +;mysqlnd.debug = + +; Defines which queries will be logged. +; http://php.net/mysqlnd.log_mask +;mysqlnd.log_mask = 0 + +; Default size of the mysqlnd memory pool, which is used by result sets. +; http://php.net/mysqlnd.mempool_default_size +;mysqlnd.mempool_default_size = 16000 + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +; Timeout for network requests in seconds. +; http://php.net/mysqlnd.net_read_timeout +;mysqlnd.net_read_timeout = 31536000 + +; SHA-256 Authentication Plugin related. File with the MySQL server public RSA +; key. +; http://php.net/mysqlnd.sha256_server_public_key +;mysqlnd.sha256_server_public_key = + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgreSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if +; your OS has problems with many files in one directory, and is +; a more efficient layout for servers that handle many sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +;session.save_path = "/tmp" + +; Whether to use strict session mode. +; Strict session mode does not accept uninitialized session ID and regenerate +; session ID if browser sends uninitialized session ID. Strict mode protects +; applications from session fixation via session adoption vulnerability. It is +; disabled by default for maximum compatibility, but enabling it is encouraged. +; https://wiki.php.net/rfc/strict_sessions +session.use_strict_mode = 0 + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combating +; session hijacking when not specifying and managing your own session id. It is +; not the be-all and end-all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 -type f | xargs rm + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users' security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publicly accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Set session ID character length. This value could be between 22 to 256. +; Shorter length than default is supported only for compatibility reason. +; Users should use 32 or more chars. +; http://php.net/session.sid-length +; Default Value: 32 +; Development Value: 26 +; Production Value: 26 +session.sid_length = 26 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; is special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. tag's action attribute URL will not be modified +; unless it is specified. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=" +; Development Value: "a=href,area=href,frame=src,form=" +; Production Value: "a=href,area=href,frame=src,form=" +; http://php.net/url-rewriter.tags +session.trans_sid_tags = "a=href,area=href,frame=src,form=" + +; URL rewriter does not rewrite absolute URLs by default. +; To enable rewrites for absolute pathes, target hosts must be specified +; at RUNTIME. i.e. use ini_set() +; tags is special. PHP will check action attribute's URL regardless +; of session.trans_sid_tags setting. +; If no host is defined, HTTP_HOST will be used for allowed host. +; Example value: php.net,www.php.net,wiki.php.net +; Use "," for multiple hosts. No spaces are allowed. +; Default Value: "" +; Development Value: "" +; Production Value: "" +;session.trans_sid_hosts="" + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.sid_bits_per_character = 5 + +; Enable upload progress tracking in $_SESSION +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.enabled +;session.upload_progress.enabled = On + +; Cleanup the progress information as soon as all POST data has been read +; (i.e. upload completed). +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.cleanup +;session.upload_progress.cleanup = On + +; A prefix used for the upload progress key in $_SESSION +; Default Value: "upload_progress_" +; Development Value: "upload_progress_" +; Production Value: "upload_progress_" +; http://php.net/session.upload-progress.prefix +;session.upload_progress.prefix = "upload_progress_" + +; The index name (concatenated with the prefix) in $_SESSION +; containing the upload progress information +; Default Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Development Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Production Value: "PHP_SESSION_UPLOAD_PROGRESS" +; http://php.net/session.upload-progress.name +;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" + +; How frequently the upload progress should be updated. +; Given either in percentages (per-file), or in bytes +; Default Value: "1%" +; Development Value: "1%" +; Production Value: "1%" +; http://php.net/session.upload-progress.freq +;session.upload_progress.freq = "1%" + +; The minimum delay between updates, in seconds +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.upload-progress.min-freq +;session.upload_progress.min_freq = "1" + +; Only write session data when session data is changed. Enabled by default. +; http://php.net/session.lazy-write +;session.lazy_write = On + +[Assertion] +; Switch whether to compile assertions at all (to have no overhead at run-time) +; -1: Do not compile at all +; 0: Jump over assertion at run-time +; 1: Execute assertions +; Changing from or to a negative value is only possible in php.ini! (For turning assertions on and off at run-time, see assert.active, when zend.assertions = 1) +; Default Value: 1 +; Development Value: 1 +; Production Value: -1 +; http://php.net/zend.assertions +zend.assertions = -1 + +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Throw an AssertationException on failed assertions +; http://php.net/assert.exception +;assert.exception = On + +; Issue a PHP warning for each failed assertion. (Overridden by assert.exception if active) +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; This affects mb_send_mail() and mbstring.detect_order. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; internal/script encoding. +; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*) +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;mbstring.internal_encoding = + +; Use of this INI entry is deprecated, use global input_encoding instead. +; http input encoding. +; mbstring.encoding_traslation = On is needed to use this setting. +; If empty, default_charset or input_encoding or mbstring.input is used. +; The precedence is: default_charset < intput_encoding < mbsting.http_input +; http://php.net/mbstring.http-input +;mbstring.http_input = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; http output encoding. +; mb_output_handler must be registered as output buffer to function. +; If empty, default_charset or output_encoding or mbstring.http_output is used. +; The precedence is: default_charset < output_encoding < mbstring.http_output +; To use an output encoding conversion, mbstring's output handler must be set +; otherwise output encoding conversion cannot be performed. +; http://php.net/mbstring.http-output +;mbstring.http_output = + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; "auto" detect order is changed according to mbstring.language +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +; Default: Off +;mbstring.strict_detection = On + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 1 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[dba] +;dba.default_handler= + +[opcache] +; Determines if Zend OPCache is enabled +;opcache.enable=1 + +; Determines if Zend OPCache is enabled for the CLI version of PHP +;opcache.enable_cli=1 + +; The OPcache shared memory storage size. +;opcache.memory_consumption=128 + +; The amount of memory for interned strings in Mbytes. +;opcache.interned_strings_buffer=8 + +; The maximum number of keys (scripts) in the OPcache hash table. +; Only numbers between 200 and 1000000 are allowed. +;opcache.max_accelerated_files=10000 + +; The maximum percentage of "wasted" memory until a restart is scheduled. +;opcache.max_wasted_percentage=5 + +; When this directive is enabled, the OPcache appends the current working +; directory to the script key, thus eliminating possible collisions between +; files with the same name (basename). Disabling the directive improves +; performance, but may break existing applications. +;opcache.use_cwd=1 + +; When disabled, you must reset the OPcache manually or restart the +; webserver for changes to the filesystem to take effect. +;opcache.validate_timestamps=1 + +; How often (in seconds) to check file timestamps for changes to the shared +; memory storage allocation. ("1" means validate once per second, but only +; once per request. "0" means always validate) +;opcache.revalidate_freq=2 + +; Enables or disables file search in include_path optimization +;opcache.revalidate_path=0 + +; If disabled, all PHPDoc comments are dropped from the code to reduce the +; size of the optimized code. +;opcache.save_comments=1 + +; If enabled, a fast shutdown sequence is used for the accelerated code +; Depending on the used Memory Manager this may cause some incompatibilities. +;opcache.fast_shutdown=0 + +; Allow file existence override (file_exists, etc.) performance feature. +;opcache.enable_file_override=0 + +; A bitmask, where each bit enables or disables the appropriate OPcache +; passes +;opcache.optimization_level=0xffffffff + +;opcache.inherited_hack=1 +;opcache.dups_fix=0 + +; The location of the OPcache blacklist file (wildcards allowed). +; Each OPcache blacklist file is a text file that holds the names of files +; that should not be accelerated. The file format is to add each filename +; to a new line. The filename may be a full path or just a file prefix +; (i.e., /var/www/x blacklists all the files and directories in /var/www +; that start with 'x'). Line starting with a ; are ignored (comments). +;opcache.blacklist_filename= + +; Allows exclusion of large files from being cached. By default all files +; are cached. +;opcache.max_file_size=0 + +; Check the cache checksum each N requests. +; The default value of "0" means that the checks are disabled. +;opcache.consistency_checks=0 + +; How long to wait (in seconds) for a scheduled restart to begin if the cache +; is not being accessed. +;opcache.force_restart_timeout=180 + +; OPcache error_log file name. Empty string assumes "stderr". +;opcache.error_log= + +; All OPcache errors go to the Web server log. +; By default, only fatal errors (level 0) or errors (level 1) are logged. +; You can also enable warnings (level 2), info messages (level 3) or +; debug messages (level 4). +;opcache.log_verbosity_level=1 + +; Preferred Shared Memory back-end. Leave empty and let the system decide. +;opcache.preferred_memory_model= + +; Protect the shared memory from unexpected writing during script execution. +; Useful for internal debugging only. +;opcache.protect_memory=0 + +; Allows calling OPcache API functions only from PHP scripts which path is +; started from specified string. The default "" means no restriction +;opcache.restrict_api= + +; Mapping base of shared memory segments (for Windows only). All the PHP +; processes have to map shared memory into the same address space. This +; directive allows to manually fix the "Unable to reattach to base address" +; errors. +;opcache.mmap_base= + +; Enables and sets the second level cache directory. +; It should improve performance when SHM memory is full, at server restart or +; SHM reset. The default "" disables file based caching. +;opcache.file_cache= + +; Enables or disables opcode caching in shared memory. +;opcache.file_cache_only=0 + +; Enables or disables checksum validation when script loaded from file cache. +;opcache.file_cache_consistency_checks=1 + +; Implies opcache.file_cache_only=1 for a certain process that failed to +; reattach to the shared memory (for Windows only). Explicitly enabled file +; cache is required. +;opcache.file_cache_fallback=1 + +; Enables or disables copying of PHP code (text segment) into HUGE PAGES. +; This should improve performance, but requires appropriate OS configuration. +;opcache.huge_code_pages=1 + +; Validate cached file permissions. +;opcache.validate_permission=0 + +; Prevent name collisions in chroot'ed environment. +;opcache.validate_root=0 + +[curl] +; A default value for the CURLOPT_CAINFO option. This is required to be an +; absolute path. +;curl.cainfo = + +[openssl] +; The location of a Certificate Authority (CA) file on the local filesystem +; to use when verifying the identity of SSL/TLS peers. Most users should +; not specify a value for this directive as PHP will attempt to use the +; OS-managed cert stores in its absence. If specified, this value may still +; be overridden on a per-stream basis via the "cafile" SSL stream context +; option. +;openssl.cafile= + +; If openssl.cafile is not specified or if the CA file is not found, the +; directory pointed to by openssl.capath is searched for a suitable +; certificate. This value must be a correctly hashed certificate directory. +; Most users should not specify a value for this directive as PHP will +; attempt to use the OS-managed cert stores in its absence. If specified, +; this value may still be overridden on a per-stream basis via the "capath" +; SSL stream context option. +;openssl.capath= + +; Local Variables: +; tab-width: 4 +; End: diff --git a/conf/php/php7.ini b/conf/php/php7.ini new file mode 100644 index 00000000..68c78274 --- /dev/null +++ b/conf/php/php7.ini @@ -0,0 +1,2011 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it is +; much more verbose when it comes to errors. We recommend using the +; development version only in development environments, as errors shown to +; application users can inadvertently leak otherwise secure information. + +; This is php.ini-production INI file. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT + +; html_errors +; Default Value: On +; Development Value: On +; Production value: On + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.sid_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It is +; generally recommended that should be used and that this feature +; should be disabled, as enabling it may result in issues when generating XML +; documents, however this remains supported for backward compatibility reasons. +; Note that this directive does not control the would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 4096k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +; Enables or disables the circular reference collector. +; http://php.net/zend.enable-gc +zend.enable_gc = On + +; If enabled, scripts may be written in encodings that are incompatible with +; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such +; encodings. To use this feature, mbstring extension must be enabled. +; Default: Off +;zend.multibyte = Off + +; Allows to set the default encoding for the scripts. This value will be used +; unless "declare(encoding=...)" directive appears at the top of the script. +; Only affects if zend.multibyte is set. +; Default: "" +;zend.script_encoding = + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = On + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; How many GET/POST/COOKIE input variables may be accepted +; max_input_vars = 1000 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it is automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL (Show all errors, warnings and notices including coding standards.) +; E_ALL & ~E_NOTICE (Show all errors, except for notices) +; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT +; http://php.net/error-reporting +error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; For production environments, we recommend logging errors rather than +; sending them to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = Off + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. We strongly recommend you +; set this to 'off' for production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = Off + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of formatting the +; error message as HTML for easier reading. This directive controls whether +; the error message is formatted as HTML or not. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: On +; http://php.net/html-errors +html_errors = On + +; If html_errors is set to On *and* docref_root is not empty, then PHP +; produces clickable error messages that direct to a page describing the error +; or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty, in which +; case no links to documentation are generated. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +; Log errors to syslog (Event Log on Windows). +; option syslog or dir/error.log +error_log = /var/log/php_errors.log + +;windows.show_crt_warning +; Default value: 0 +; Development value: 0 +; Production value: 0 + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. G,P,C,E & S are abbreviations for the following respective super +; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty +; paid for the registration of these arrays and because ENV is not as commonly +; used as the others, ENV is not recommended on productions servers. You +; can still get access to the environment variables through getenv() should you +; need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P & C) should be +; registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive +; are specified in the same manner as the variables_order directive, +; EXCEPT one. Leaving this value empty will cause PHP to use the value set +; in the variables_order directive. It does not mean it will leave the super +; globals array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = On + +; When enabled, the ENV, REQUEST and SERVER variables are created when they're +; first used (Just In Time) instead of when the script starts. If these +; variables are not used within a script, having this directive on will result +; in a performance gain. The PHP directive register_argc_argv must be disabled +; for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Whether PHP will read the POST data. +; This option is enabled by default. +; Most likely, you won't want to disable this option globally. It causes $_POST +; and $_FILES to always be empty; the only way you will be able to read the +; POST data will be through the php://input stream wrapper. This can be useful +; to proxy requests or to process the POST data in a memory efficient fashion. +; http://php.net/enable-post-data-reading +;enable_post_data_reading = Off + +; Maximum size of POST data that PHP will accept. +; Its value may be 0 to disable the limit. It is ignored if POST data reading +; is disabled through enable_post_data_reading. +; http://php.net/post-max-size +post_max_size = 20M + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a media type using the Content-Type header. To +; disable this, simply set it to be empty. +; +; PHP's built-in default media type is set to text/html. +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to UTF-8. +; http://php.net/default-charset +default_charset = "UTF-8" + +; PHP internal character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/internal-encoding +;internal_encoding = + +; PHP input character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/input-encoding +;input_encoding = + +; PHP output character encoding is set to empty. +; If empty, default_charset is used. +; See also output_buffer. +; http://php.net/output-encoding +;output_encoding = + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +;include_path = ".:/php/includes" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Directory where the temporary files should be placed. +; Defaults to the system default (see sys_get_temp_dir) +; sys_temp_dir = "/tmp" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside +; of the web tree and people will not be able to circumvent .htaccess security. +; http://php.net/cgi.dicard-path +;cgi.discard_path=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1 + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If set to 0, PHP sends Status: header that +; is supported by Apache. When this option is set to 1, PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! +; (shebang) at the top of the running script. This line might be needed if the +; script support running both as stand-alone script and via PHP CGI<. PHP in CGI +; mode skips this line and ignores its content if this directive is turned on. +; http://php.net/cgi.check-shebang-line +;cgi.check_shebang_line=1 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 128M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = On + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5+) +; extension folders as well as the separate PECL DLL download (PHP 5+). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_ftp.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysqli.dll +;extension=php_oci8_12c.dll ; Use with Oracle Database 12c Instant Client +;extension=php_odbc.dll +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_shmop.dll + +; The MIBS data available in the PHP distribution must be installed. +; See http://www.php.net/manual/en/snmp.installation.php +;extension=php_snmp.dll + +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite3.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[CLI Server] +; Whether the CLI web server uses ANSI color coding in its terminal output. +cli_server.color = On + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +date.timezone = 'Asia/Shanghai' + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +; Use of this INI entry is deprecated, use global input_encoding instead. +; If empty, default_charset or input_encoding or iconv.input_encoding is used. +; The precedence is: default_charset < intput_encoding < iconv.input_encoding +;iconv.input_encoding = + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;iconv.internal_encoding = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; If empty, default_charset or output_encoding or iconv.output_encoding is used. +; The precedence is: default_charset < output_encoding < iconv.output_encoding +; To use an output encoding conversion, iconv's output handler must be set +; otherwise output encoding conversion cannot be performed. +;iconv.output_encoding = + +[imap] +; rsh/ssh logins are disabled by default. Use this INI entry if you want to +; enable them. Note that the IMAP library does not filter mailbox names before +; passing them to rsh/ssh command, thus passing untrusted data to this function +; with rsh/ssh enabled is insecure. +;imap.enable_insecure_rsh=0 + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING +;intl.use_exceptions = 0 + +[sqlite3] +; Directory pointing to SQLite3 extensions +; http://php.net/sqlite3.extension-dir +;sqlite3.extension_dir = + +; SQLite defensive mode flag (only available from SQLite 3.26+) +; When the defensive flag is enabled, language features that allow ordinary +; SQL to deliberately corrupt the database file are disabled. This forbids +; writing directly to the schema, shadow tables (eg. FTS data tables), or +; the sqlite_dbpage virtual table. +; https://www.sqlite.org/c3ref/c_dbconfig_defensive.html +; (for older SQLite versions, this flag has no use) +sqlite3.defensive = 1 + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +;Enables or disables JIT compilation of patterns. This requires the PCRE +;library to be compiled with JIT support. +;pcre.jit=1 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +sendmail_path = /usr/sbin/sendmail -t -i + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(). +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = +; Log mail to syslog (Event Log on Windows). +;mail.log = syslog + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatibility_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.conf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = Off + +; Records communication from all extensions using mysqlnd to the specified log +; file. +; http://php.net/mysqlnd.debug +;mysqlnd.debug = + +; Defines which queries will be logged. +; http://php.net/mysqlnd.log_mask +;mysqlnd.log_mask = 0 + +; Default size of the mysqlnd memory pool, which is used by result sets. +; http://php.net/mysqlnd.mempool_default_size +;mysqlnd.mempool_default_size = 16000 + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +; Timeout for network requests in seconds. +; http://php.net/mysqlnd.net_read_timeout +;mysqlnd.net_read_timeout = 31536000 + +; SHA-256 Authentication Plugin related. File with the MySQL server public RSA +; key. +; http://php.net/mysqlnd.sha256_server_public_key +;mysqlnd.sha256_server_public_key = + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgreSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +; session.save_handler = redis +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if +; your OS has problems with many files in one directory, and is +; a more efficient layout for servers that handle many sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +; session.save_path = "tcp://redis:6379" +session.save_path = "/var/log/php.session" + +; Whether to use strict session mode. +; Strict session mode does not accept uninitialized session ID and regenerate +; session ID if browser sends uninitialized session ID. Strict mode protects +; applications from session fixation via session adoption vulnerability. It is +; disabled by default for maximum compatibility, but enabling it is encouraged. +; https://wiki.php.net/rfc/strict_sessions +session.use_strict_mode = 0 + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combating +; session hijacking when not specifying and managing your own session id. It is +; not the be-all and end-all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 -type f | xargs rm + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users' security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publicly accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Set session ID character length. This value could be between 22 to 256. +; Shorter length than default is supported only for compatibility reason. +; Users should use 32 or more chars. +; http://php.net/session.sid-length +; Default Value: 32 +; Development Value: 26 +; Production Value: 26 +session.sid_length = 26 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; is special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. tag's action attribute URL will not be modified +; unless it is specified. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=" +; Development Value: "a=href,area=href,frame=src,form=" +; Production Value: "a=href,area=href,frame=src,form=" +; http://php.net/url-rewriter.tags +session.trans_sid_tags = "a=href,area=href,frame=src,form=fakeentry" + +; URL rewriter does not rewrite absolute URLs by default. +; To enable rewrites for absolute pathes, target hosts must be specified +; at RUNTIME. i.e. use ini_set() +; tags is special. PHP will check action attribute's URL regardless +; of session.trans_sid_tags setting. +; If no host is defined, HTTP_HOST will be used for allowed host. +; Example value: php.net,www.php.net,wiki.php.net +; Use "," for multiple hosts. No spaces are allowed. +; Default Value: "" +; Development Value: "" +; Production Value: "" +;session.trans_sid_hosts="" + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.sid_bits_per_character = 5 + +; Enable upload progress tracking in $_SESSION +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.enabled +;session.upload_progress.enabled = On + +; Cleanup the progress information as soon as all POST data has been read +; (i.e. upload completed). +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.cleanup +;session.upload_progress.cleanup = On + +; A prefix used for the upload progress key in $_SESSION +; Default Value: "upload_progress_" +; Development Value: "upload_progress_" +; Production Value: "upload_progress_" +; http://php.net/session.upload-progress.prefix +;session.upload_progress.prefix = "upload_progress_" + +; The index name (concatenated with the prefix) in $_SESSION +; containing the upload progress information +; Default Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Development Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Production Value: "PHP_SESSION_UPLOAD_PROGRESS" +; http://php.net/session.upload-progress.name +;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" + +; How frequently the upload progress should be updated. +; Given either in percentages (per-file), or in bytes +; Default Value: "1%" +; Development Value: "1%" +; Production Value: "1%" +; http://php.net/session.upload-progress.freq +;session.upload_progress.freq = "1%" + +; The minimum delay between updates, in seconds +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.upload-progress.min-freq +;session.upload_progress.min_freq = "1" + +; Only write session data when session data is changed. Enabled by default. +; http://php.net/session.lazy-write +;session.lazy_write = On +session.entropy_length = 32 +session.entropy_file = /dev/urandom +[Assertion] +; Switch whether to compile assertions at all (to have no overhead at run-time) +; -1: Do not compile at all +; 0: Jump over assertion at run-time +; 1: Execute assertions +; Changing from or to a negative value is only possible in php.ini! (For turning assertions on and off at run-time, see assert.active, when zend.assertions = 1) +; Default Value: 1 +; Development Value: 1 +; Production Value: -1 +; http://php.net/zend.assertions +zend.assertions = -1 + +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Throw an AssertationException on failed assertions +; http://php.net/assert.exception +;assert.exception = On + +; Issue a PHP warning for each failed assertion. (Overridden by assert.exception if active) +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; This affects mb_send_mail() and mbstring.detect_order. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; internal/script encoding. +; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*) +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;mbstring.internal_encoding = + +; Use of this INI entry is deprecated, use global input_encoding instead. +; http input encoding. +; mbstring.encoding_traslation = On is needed to use this setting. +; If empty, default_charset or input_encoding or mbstring.input is used. +; The precedence is: default_charset < intput_encoding < mbsting.http_input +; http://php.net/mbstring.http-input +;mbstring.http_input = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; http output encoding. +; mb_output_handler must be registered as output buffer to function. +; If empty, default_charset or output_encoding or mbstring.http_output is used. +; The precedence is: default_charset < output_encoding < mbstring.http_output +; To use an output encoding conversion, mbstring's output handler must be set +; otherwise output encoding conversion cannot be performed. +; http://php.net/mbstring.http-output +;mbstring.http_output = + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; "auto" detect order is changed according to mbstring.language +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +; Default: Off +;mbstring.strict_detection = On + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 1 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +[opcache] +; Determines if Zend OPCache is enabled +opcache.enable=1 + +; Determines if Zend OPCache is enabled for the CLI version of PHP +opcache.enable_cli=0 + +; The OPcache shared memory storage size. +;opcache.memory_consumption=128 + +; The amount of memory for interned strings in Mbytes. +;opcache.interned_strings_buffer=8 + +; The maximum number of keys (scripts) in the OPcache hash table. +; Only numbers between 200 and 1000000 are allowed. +;opcache.max_accelerated_files=10000 + +; The maximum percentage of "wasted" memory until a restart is scheduled. +;opcache.max_wasted_percentage=5 + +; When this directive is enabled, the OPcache appends the current working +; directory to the script key, thus eliminating possible collisions between +; files with the same name (basename). Disabling the directive improves +; performance, but may break existing applications. +;opcache.use_cwd=1 + +; When disabled, you must reset the OPcache manually or restart the +; webserver for changes to the filesystem to take effect. +;opcache.validate_timestamps=1 + +; How often (in seconds) to check file timestamps for changes to the shared +; memory storage allocation. ("1" means validate once per second, but only +; once per request. "0" means always validate) +;opcache.revalidate_freq=2 + +; Enables or disables file search in include_path optimization +;opcache.revalidate_path=0 + +; If disabled, all PHPDoc comments are dropped from the code to reduce the +; size of the optimized code. +;opcache.save_comments=1 + +; If enabled, a fast shutdown sequence is used for the accelerated code +; Depending on the used Memory Manager this may cause some incompatibilities. +;opcache.fast_shutdown=0 + +; Allow file existence override (file_exists, etc.) performance feature. +;opcache.enable_file_override=0 + +; A bitmask, where each bit enables or disables the appropriate OPcache +; passes +;opcache.optimization_level=0xffffffff + +;opcache.inherited_hack=1 +;opcache.dups_fix=0 + +; The location of the OPcache blacklist file (wildcards allowed). +; Each OPcache blacklist file is a text file that holds the names of files +; that should not be accelerated. The file format is to add each filename +; to a new line. The filename may be a full path or just a file prefix +; (i.e., /var/www/x blacklists all the files and directories in /var/www +; that start with 'x'). Line starting with a ; are ignored (comments). +;opcache.blacklist_filename= + +; Allows exclusion of large files from being cached. By default all files +; are cached. +;opcache.max_file_size=0 + +; Check the cache checksum each N requests. +; The default value of "0" means that the checks are disabled. +;opcache.consistency_checks=0 + +; How long to wait (in seconds) for a scheduled restart to begin if the cache +; is not being accessed. +;opcache.force_restart_timeout=180 + +; OPcache error_log file name. Empty string assumes "stderr". +;opcache.error_log= + +; All OPcache errors go to the Web server log. +; By default, only fatal errors (level 0) or errors (level 1) are logged. +; You can also enable warnings (level 2), info messages (level 3) or +; debug messages (level 4). +;opcache.log_verbosity_level=1 + +; Preferred Shared Memory back-end. Leave empty and let the system decide. +;opcache.preferred_memory_model= + +; Protect the shared memory from unexpected writing during script execution. +; Useful for internal debugging only. +;opcache.protect_memory=0 + +; Allows calling OPcache API functions only from PHP scripts which path is +; started from specified string. The default "" means no restriction +;opcache.restrict_api= + +; Mapping base of shared memory segments (for Windows only). All the PHP +; processes have to map shared memory into the same address space. This +; directive allows to manually fix the "Unable to reattach to base address" +; errors. +;opcache.mmap_base= + +; Enables and sets the second level cache directory. +; It should improve performance when SHM memory is full, at server restart or +; SHM reset. The default "" disables file based caching. +;opcache.file_cache= + +; Enables or disables opcode caching in shared memory. +;opcache.file_cache_only=0 + +; Enables or disables checksum validation when script loaded from file cache. +;opcache.file_cache_consistency_checks=1 + +; Implies opcache.file_cache_only=1 for a certain process that failed to +; reattach to the shared memory (for Windows only). Explicitly enabled file +; cache is required. +;opcache.file_cache_fallback=1 + +; Enables or disables copying of PHP code (text segment) into HUGE PAGES. +; This should improve performance, but requires appropriate OS configuration. +;opcache.huge_code_pages=1 + +; Validate cached file permissions. +;opcache.validate_permission=0 + +; Prevent name collisions in chroot'ed environment. +;opcache.validate_root=0 + +; If specified, it produces opcode dumps for debugging different stages of +; optimizations. +;opcache.opt_debug_level=0 + +[curl] +; A default value for the CURLOPT_CAINFO option. This is required to be an +; absolute path. +;curl.cainfo = + +[openssl] +; The location of a Certificate Authority (CA) file on the local filesystem +; to use when verifying the identity of SSL/TLS peers. Most users should +; not specify a value for this directive as PHP will attempt to use the +; OS-managed cert stores in its absence. If specified, this value may still +; be overridden on a per-stream basis via the "cafile" SSL stream context +; option. +;openssl.cafile= + +; If openssl.cafile is not specified or if the CA file is not found, the +; directory pointed to by openssl.capath is searched for a suitable +; certificate. This value must be a correctly hashed certificate directory. +; Most users should not specify a value for this directive as PHP will +; attempt to use the OS-managed cert stores in its absence. If specified, +; this value may still be overridden on a per-stream basis via the "capath" +; SSL stream context option. +;openssl.capath= + +; Local Variables: +; tab-width: 4 +; End: diff --git a/conf/phpMyAdmin/config.inc.php b/conf/phpMyAdmin/config.inc.php new file mode 100644 index 00000000..91966a32 --- /dev/null +++ b/conf/phpMyAdmin/config.inc.php @@ -0,0 +1,100 @@ += 4.3.0) +$cfg['Servers'][$i]['controluser'] = ''; // MySQL control user settings + // (this user must have read-only +$cfg['Servers'][$i]['controlpass'] = ''; // access to the "mysql/user" + // and "mysql/db" tables). + // The controluser is also + // used for all relational + // features (pmadb) + +$cfg['Servers'][$i]['auth_type'] = 'cookie'; // Authentication method (config, http or cookie based)? +$cfg['Servers'][$i]['user'] = ''; // MySQL user +$cfg['Servers'][$i]['password'] = ''; // MySQL password (only needed + // with 'config' auth_type) +$cfg['Servers'][$i]['only_db'] = ''; // If set to a db-name, only + // this db is displayed in left frame + // It may also be an array of db-names, where sorting order is relevant. +$cfg['Servers'][$i]['hide_db'] = ''; // Database name to be hidden from listings +$cfg['Servers'][$i]['verbose'] = ''; // Verbose name for this host - leave blank to show the hostname + +$cfg['Servers'][$i]['pmadb'] = ''; // Database used for Relation, Bookmark and PDF Features + // (see scripts/create_tables.sql) + // - leave blank for no support + // DEFAULT: 'phpmyadmin' +$cfg['Servers'][$i]['bookmarktable'] = ''; // Bookmark table + // - leave blank for no bookmark support + // DEFAULT: 'pma_bookmark' +$cfg['Servers'][$i]['relation'] = ''; // table to describe the relation between links (see doc) + // - leave blank for no relation-links support + // DEFAULT: 'pma_relation' +$cfg['Servers'][$i]['table_info'] = ''; // table to describe the display fields + // - leave blank for no display fields support + // DEFAULT: 'pma_table_info' +$cfg['Servers'][$i]['table_coords'] = ''; // table to describe the tables position for the PDF schema + // - leave blank for no PDF schema support + // DEFAULT: 'pma_table_coords' +$cfg['Servers'][$i]['pdf_pages'] = ''; // table to describe pages of relationpdf + // - leave blank if you don't want to use this + // DEFAULT: 'pma_pdf_pages' +$cfg['Servers'][$i]['column_info'] = ''; // table to store column information + // - leave blank for no column comments/mime types + // DEFAULT: 'pma_column_info' +$cfg['Servers'][$i]['history'] = ''; // table to store SQL history + // - leave blank for no SQL query history + // DEFAULT: 'pma_history' +$cfg['Servers'][$i]['verbose_check'] = TRUE; // set to FALSE if you know that your pma_* tables + // are up to date. This prevents compatibility + // checks and thereby increases performance. +$cfg['Servers'][$i]['AllowRoot'] = TRUE; // whether to allow root login +$cfg['Servers'][$i]['AllowDeny']['order'] // Host authentication order, leave blank to not use + = ''; +$cfg['Servers'][$i]['AllowDeny']['rules'] // Host authentication rules, leave blank for defaults + = array(); +$cfg['Servers'][$i]['AllowNoPassword'] // Allow logins without a password. Do not change the FALSE + = FALSE; // default unless you're running a passwordless MySQL server +$cfg['Servers'][$i]['designer_coords'] // Leave blank (default) for no Designer support, otherwise + = ''; // set to suggested 'pma_designer_coords' if really needed +$cfg['Servers'][$i]['bs_garbage_threshold'] // Blobstreaming: Recommented default value from upstream + = 50; // DEFAULT: '50' +$cfg['Servers'][$i]['bs_repository_threshold'] // Blobstreaming: Recommented default value from upstream + = '32M'; // DEFAULT: '32M' +$cfg['Servers'][$i]['bs_temp_blob_timeout'] // Blobstreaming: Recommented default value from upstream + = 600; // DEFAULT: '600' +$cfg['Servers'][$i]['bs_temp_log_threshold'] // Blobstreaming: Recommented default value from upstream + = '32M'; // DEFAULT: '32M' +/* + * End of servers configuration + */ + +/* + * Directories for saving/loading files from server + */ +$cfg['UploadDir'] = '/tmp'; +$cfg['SaveDir'] = '/tmp'; + +/* + * Disable the default warning that is displayed on the DB Details Structure + * page if any of the required Tables for the relation features is not found + */ +$cfg['PmaNoRelation_DisableWarning'] = TRUE; + +/* + * You can find more configuration options in the documentation + * in the doc/ folder or at . + */ +$cfg['VersionCheck'] = false; +?> diff --git a/conf/services/apache.yml b/conf/services/apache.yml new file mode 100644 index 00000000..0ec4f61e --- /dev/null +++ b/conf/services/apache.yml @@ -0,0 +1,20 @@ +version: "3.6" +services: + web: + image: httpd:${WEB_VERSION} + ports: + - ${WEB_PORT}:80 + - ${WEBSSL_PORT}:443 + container_name: web + volumes: + - ${PROJECTS_PATH}:${PROJECTS_PATH_DEST} + - ./tools/phpinfo:/var/www/html/phpinfo + - ./conf/ssl:/usr/local/apache2/conf/custom + - ./conf/apache/httpd.conf:/usr/local/apache2/conf/httpd.conf + - ./conf/apache/vhosts/:/etc/apache2/sites-enabled/ + links: + - base:base + - home:home + networks: + vfac: + ipv4_address: ${WEB_STATIC_IP} diff --git a/conf/services/demo.service b/conf/services/demo.service new file mode 100644 index 00000000..78cfbda5 --- /dev/null +++ b/conf/services/demo.service @@ -0,0 +1,11 @@ +[Unit] +Description=Subversion protocol daemon +After=syslog.target network.target + +[Service] +Type=forking +EnvironmentFile=/etc/sysconfig/svnserve +ExecStart=/usr/bin/svnserve --daemon --pid-file=/var/run/svnserve/svnserve.pid $OPTIONS + +[Install] +WantedBy=multi-user.target diff --git a/conf/services/elasticsearch/Dockerfile b/conf/services/elasticsearch/Dockerfile new file mode 100644 index 00000000..176f3eaa --- /dev/null +++ b/conf/services/elasticsearch/Dockerfile @@ -0,0 +1,116 @@ +ARG ELASTICSEARCH_VERSION +FROM elasticsearch:${ELASTICSEARCH_VERSION} + +ARG ELASTICSEARCH_VERSION +ARG ELASTICSEARCH_PLUGINS + +ENV PLUGINS=",${ELASTICSEARCH_PLUGINS}," + +RUN if [[ -z "${PLUGINS##*,amazon-ec2,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install amazon-ec2; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,analysis-icu,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install analysis-icu; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,analysis-kuromoji,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install analysis-kuromoji; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,analysis-nori,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install analysis-nori; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,analysis-phonetic,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install analysis-phonetic; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,analysis-smartcn,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install analysis-smartcn; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,analysis-stempel,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install analysis-stempel; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,analysis-ukrainian,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install analysis-ukrainian; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,discovery-azure-classic,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install discovery-azure-classic; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,discovery-ec2,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install discovery-ec2; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,discovery-file,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install discovery-file; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,discovery-gce,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install discovery-gce; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,google-cloud-storage,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install google-cloud-storage; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,ingest-attachment,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install ingest-attachment; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,ingest-geoip,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install ingest-geoip; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,ingest-user-agent,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install ingest-user-agent; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,mapper-murmur3,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install mapper-murmur3; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,mapper-size,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install mapper-size; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,microsoft-azure-storage,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install microsoft-azure-storage; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,qa,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install qa; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,repository-azure,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install repository-azure; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,repository-gcs,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install repository-gcs; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,repository-hdfs,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install repository-hdfs; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,repository-s3,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install repository-s3; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,store-smb,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install store-smb; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,analysis-ik,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install https://github.com/medcl/elasticsearch-analysis-ik/releases/download/v${ELASTICSEARCH_VERSION}/elasticsearch-analysis-ik-${ELASTICSEARCH_VERSION}.zip; \ + fi \ + && \ + if [[ -z "${PLUGINS##*,analysis-pinyin,*}" ]]; then \ + printf "y\n" | elasticsearch-plugin install https://github.com/medcl/elasticsearch-analysis-pinyin/releases/download/v${ELASTICSEARCH_VERSION}/elasticsearch-analysis-pinyin-${ELASTICSEARCH_VERSION}.zip; \ + fi + diff --git a/conf/services/elasticsearch/elasticsearch.yml b/conf/services/elasticsearch/elasticsearch.yml new file mode 100644 index 00000000..ee4e1667 --- /dev/null +++ b/conf/services/elasticsearch/elasticsearch.yml @@ -0,0 +1,9 @@ +cluster.name: "docker-cluster" +network.host: 0.0.0.0 + +# minimum_master_nodes need to be explicitly set when bound on a public IP +# set to 1 to allow single node clusters +# Details: https://github.com/elastic/elasticsearch/pull/17288 +discovery.zen.minimum_master_nodes: 1 + +index.analysis.analyzer.default.type: standard \ No newline at end of file diff --git a/conf/services/maildev.yml b/conf/services/maildev.yml new file mode 100644 index 00000000..34d0a32c --- /dev/null +++ b/conf/services/maildev.yml @@ -0,0 +1,15 @@ +version: "3.6" +services: + # To create email during development + maildev: + container_name: maildev + image: djfarrelly/maildev + ports: + - ${MAILDEV_PORT}:80 + - "25:25" + links: + - base:base + - home:home + networks: + vfac: + ipv4_address: ${MAILDEV_STATIC_IP} diff --git a/conf/services/mariadb.yml b/conf/services/mariadb.yml new file mode 100644 index 00000000..4ad7313e --- /dev/null +++ b/conf/services/mariadb.yml @@ -0,0 +1,38 @@ +version: "3.6" +services: + db: + image: mariadb:${DB_VERSION} + container_name: db + env_file: + - ./.env + volumes: + - dbdata_mariadb:/var/lib/mysql + - ${PROJECTS_PATH}:${PROJECTS_PATH_DEST} + ports: + - 3306:3306 + links: + - base:base + - home:home + networks: + vfac: + ipv4_address: ${DB_STATIC_IP} + aliases: + - ${CONTAINER_DB_NAME} + dbadmin: + image: phpmyadmin/phpmyadmin:${DBADMIN_VERSION} + container_name: dbadmin + ports: + - "${DBADMIN_PORT}:80" + links: + - "db:db" + depends_on: + - "db" + networks: + vfac: + ipv4_address: ${DBADMIN_STATIC_IP} +volumes: + dbdata_mariadb: + labels: + com.vfac.description: "VFAC EnvDev Database MariaDB volume" + com.vfac.owner: "VFAC" + com.vfac.url: "https://vfac.fr" diff --git a/conf/services/memcached.yml b/conf/services/memcached.yml new file mode 100644 index 00000000..5ca2b844 --- /dev/null +++ b/conf/services/memcached.yml @@ -0,0 +1,13 @@ +version: "3.6" +services: + cache: + image: memcached:${CACHE_VERSION} + ports: + - ${CACHE_PORT}:6379 + container_name: cache + links: + - base:base + - home:home + networks: + vfac: + ipv4_address: ${CACHE_STATIC_IP} diff --git a/conf/services/mongodb.yml b/conf/services/mongodb.yml new file mode 100644 index 00000000..1f6f7c8e --- /dev/null +++ b/conf/services/mongodb.yml @@ -0,0 +1,39 @@ +version: "3.6" +services: + db: + image: mongo:${DB_VERSION} + container_name: mongo + env_file: + - ./.env + volumes: + - dbdata_mongodb:/data/db + - ${PROJECTS_PATH}:${PROJECTS_PATH_DEST} + ports: + - "27017:27017" + links: + - base:base + - home:home + networks: + vfac: + ipv4_address: ${DB_STATIC_IP} + aliases: + - ${CONTAINER_DB_NAME} + dbadmin: + image: mongo-express:${DBADMIN_VERSION} + container_name: dbadmin + restart: always + ports: + - "${DBADMIN_PORT}:8081" + links: + - "db:db" + depends_on: + - "db" + networks: + vfac: + ipv4_address: ${DBADMIN_STATIC_IP} +volumes: + dbdata_mongodb: + labels: + com.vfac.description: "VFAC EnvDev Database MongoDB volume" + com.vfac.owner: "VFAC" + com.vfac.url: "https://vfac.fr" diff --git a/conf/services/mysql.yml b/conf/services/mysql.yml new file mode 100644 index 00000000..d79b9cfb --- /dev/null +++ b/conf/services/mysql.yml @@ -0,0 +1,38 @@ +version: "3.6" +services: + db: + image: mysql:${DB_VERSION} + container_name: db + env_file: + - ./.env + volumes: + - dbdata_mysql:/var/lib/mysql + - ${PROJECTS_PATH}:${PROJECTS_PATH_DEST} + ports: + - 3306:3306 + links: + - base:base + - home:home + networks: + vfac: + ipv4_address: ${DB_STATIC_IP} + aliases: + - ${CONTAINER_DB_NAME} + dbadmin: + image: phpmyadmin/phpmyadmin:${DBADMIN_VERSION} + container_name: dbadmin + ports: + - "${DBADMIN_PORT}:80" + links: + - "db:db" + depends_on: + - "db" + networks: + vfac: + ipv4_address: ${DBADMIN_STATIC_IP} +volumes: + dbdata_mysql: + labels: + com.vfac.description: "VFAC EnvDev Database MySQL volume" + com.vfac.owner: "VFAC" + com.vfac.url: "https://vfac.fr" diff --git a/conf/services/mysql5/mysql.cnf b/conf/services/mysql5/mysql.cnf new file mode 100644 index 00000000..17cb6358 --- /dev/null +++ b/conf/services/mysql5/mysql.cnf @@ -0,0 +1,29 @@ +[client] +port = 3306 +default-character-set = utf8mb4 + + +[mysqld] +user = mysql +port = 3306 +sql_mode = "" + +default-storage-engine = InnoDB +default-authentication-plugin = mysql_native_password +character-set-server = utf8mb4 +collation-server = utf8mb4_unicode_ci +init_connect = 'SET NAMES utf8mb4' + +disable-log-bin +skip-character-set-client-handshake +explicit_defaults_for_timestamp + +slow_query_log +long_query_time = 3 +slow-query-log-file = /var/lib/mysql/mysql.slow.log +log-error = /var/lib/mysql/mysql.error.log + +default-time-zone = '+8:00' + +[mysql] +default-character-set = utf8mb4 diff --git a/conf/services/nginx.yml b/conf/services/nginx.yml new file mode 100644 index 00000000..d22ef464 --- /dev/null +++ b/conf/services/nginx.yml @@ -0,0 +1,20 @@ +version: "3.6" +services: + web: + image: nginx:${WEB_VERSION} + ports: + - ${WEB_PORT}:80 + - ${WEBSSL_PORT}:443 + container_name: web + volumes: + - ./conf/nginx/vhosts:/etc/nginx/conf.d + - ./conf/nginx/nginx.conf:/etc/nginx/nginx.conf + - ./conf/ssl:/etc/nginx/ssl/ + - ${PROJECTS_PATH}:${PROJECTS_PATH_DEST} + - ./tools/phpinfo:/var/www/html/phpinfo + links: + - base:base + - home:home + networks: + vfac: + ipv4_address: ${WEB_STATIC_IP} diff --git a/conf/services/nginx/Dockerfile b/conf/services/nginx/Dockerfile new file mode 100644 index 00000000..5d3ade51 --- /dev/null +++ b/conf/services/nginx/Dockerfile @@ -0,0 +1,25 @@ +ARG NGINX_VERSION +FROM ${NGINX_VERSION} + +ARG TZ +ARG NGINX_VERSION +ARG CONTAINER_PACKAGE_URL +ARG NGINX_INSTALL_APPS + + +COPY ./initsh /usr/local/bin/ +RUN chmod 777 /usr/local/bin/initsh + + +ENV INSTALL_APPS=",${NGINX_INSTALL_APPS}," + +RUN if [ "${CONTAINER_PACKAGE_URL}" != "" ]; then \ + sed -i "s/dl-cdn.alpinelinux.org/${CONTAINER_PACKAGE_URL}/g" /etc/apk/repositories; \ + fi + +RUN if [ -z "${INSTALL_APPS##*,certbot,*}" ]; then \ + echo "---------- Install certbot ----------"; \ + apk add --no-cache certbot; \ + fi + +WORKDIR /www diff --git a/conf/services/nginx/conf.d/.gitignore b/conf/services/nginx/conf.d/.gitignore new file mode 100644 index 00000000..8fb22755 --- /dev/null +++ b/conf/services/nginx/conf.d/.gitignore @@ -0,0 +1,4 @@ +* +!.gitignore +!certs/localhost/ +!localhost.conf diff --git a/conf/services/nginx/conf.d/localhost.conf b/conf/services/nginx/conf.d/localhost.conf new file mode 100644 index 00000000..0890d75f --- /dev/null +++ b/conf/services/nginx/conf.d/localhost.conf @@ -0,0 +1,92 @@ +server { + listen 80; + server_name localhost; + root /www/htdocs; + index index.php index.html index.htm; + #charset koi7-r; + + access_log /dev/null; + #access_log /var/log/nginx/nginx.localhost.access.log main; + error_log /var/log/nginx/nginx.localhost.error.log warn; + + #error_page 403 /404.html; + + # redirect server error pages to the static page /49x.html + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } + + if ( $http_cookie ~* "(.*)$") { + set $wap_cookie $1; + } + + # pass the PHP scripts to FastCGI server listening on 126.0.0.1:9000 + location / { + if (!-e $request_filename) { + rewrite ^/(.*) /index.php/$1 last; + } + } + + location ~ [^/]\.php(/|$) { + include fastcgi-php.conf; + include fastcgi_params; + fastcgi_split_path_info ^(.+?\.php)(/.*)$; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass php:9000; + } +} + +server { + listen 80; + server_name ~^(.+)?\.dev\.oray\.com$; + set $www_root $1; + root /www/htdocs/$www_root.oray.com/public; + index index.php index.html index.htm; + #charset koi7-r; + + access_log /dev/null; + #access_log /var/log/nginx/nginx.localhost.access.log main; + error_log /var/log/nginx/nginx.localhost.error.log warn; + + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } + +# if ( $http_cookie ~* "(.*)$") { +# set $wap_cookie $1; +# } + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + location / { + if (!-e $request_filename) { + rewrite ^/(.*) /index.php/$1 last; + } + } + + location ~ [^/]\.php(/|$) { + include fastcgi-php.conf; + include fastcgi_params; + fastcgi_split_path_info ^(.+?\.php)(/.*)$; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass php:9000; + } + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + #location ~ /\.ht { + # deny all; + #} +} \ No newline at end of file diff --git a/conf/services/nginx/fastcgi-php.conf b/conf/services/nginx/fastcgi-php.conf new file mode 100644 index 00000000..68310bd3 --- /dev/null +++ b/conf/services/nginx/fastcgi-php.conf @@ -0,0 +1,14 @@ + +# regex to split $uri to $fastcgi_script_name and $fastcgi_path +fastcgi_split_path_info ^(.+\.php)(/.+)$; + +# Check that the PHP script exists before passing it +try_files $fastcgi_script_name =404; + +# Bypass the fact that try_files resets $fastcgi_path_info +# see: http://trac.nginx.org/nginx/ticket/321 +set $path_info $fastcgi_path_info; +#fastcgi_param PATH_INFO $path_info; +fastcgi_read_timeout 3600; + +fastcgi_index index.php; diff --git a/conf/services/nginx/fastcgi_params b/conf/services/nginx/fastcgi_params new file mode 100644 index 00000000..812325fa --- /dev/null +++ b/conf/services/nginx/fastcgi_params @@ -0,0 +1,26 @@ + +fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REQUEST_SCHEME $scheme; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; diff --git a/conf/services/nginx/initsh b/conf/services/nginx/initsh new file mode 100644 index 00000000..0f130c46 --- /dev/null +++ b/conf/services/nginx/initsh @@ -0,0 +1,3 @@ +#!/bin/sh + +cat /www/hosts >> /etc/hosts diff --git a/conf/services/nginx/nginx.conf b/conf/services/nginx/nginx.conf new file mode 100644 index 00000000..fabc2cb5 --- /dev/null +++ b/conf/services/nginx/nginx.conf @@ -0,0 +1,35 @@ + +user nginx; +worker_processes 1; + +pid /var/run/nginx.pid; +error_log /var/log/nginx/nginx.error.log warn; + +events { + worker_connections 1024; +} + + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /dev/null; + #access_log /var/log/dnmp/nginx.access.log main; + + # hide verson string + server_tokens off; + sendfile on; + #tcp_nopush on; + client_max_body_size 100M; + + keepalive_timeout 65; + + #gzip on; + + include /etc/nginx/conf.d/*.conf; +} diff --git a/conf/services/nginx/ssl/localhost/localhost.crt b/conf/services/nginx/ssl/localhost/localhost.crt new file mode 100644 index 00000000..cc85a447 --- /dev/null +++ b/conf/services/nginx/ssl/localhost/localhost.crt @@ -0,0 +1,15 @@ +-----BEGIN CERTIFICATE----- +MIICVTCCAb4CCQDAjEyILRN30zANBgkqhkiG9w0BAQsFADBvMQswCQYDVQQGEwJV +UzENMAsGA1UECAwETWFyczETMBEGA1UEBwwKaVRyYW5zd2FycDETMBEGA1UECgwK +aVRyYW5zd2FycDETMBEGA1UECwwKaVRyYW5zd2FycDESMBAGA1UEAwwJbG9jYWxo +b3N0MB4XDTE4MDkyNTAyMzAyNVoXDTI4MDkyMjAyMzAyNVowbzELMAkGA1UEBhMC +VVMxDTALBgNVBAgMBE1hcnMxEzARBgNVBAcMCmlUcmFuc3dhcnAxEzARBgNVBAoM +CmlUcmFuc3dhcnAxEzARBgNVBAsMCmlUcmFuc3dhcnAxEjAQBgNVBAMMCWxvY2Fs +aG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvF1hXtpa26dj8qKq4rQ8 +DYHC36UcghZp7JF8Q9M1ga4+R+M37Tt7rbkVSCbPfBYN0lGJ12CqQUye8wfJ/skr +ol7KJcyfj5Z/z3IZSLegCOkJfxF5vNKzArbb+R2+ek2WdKuTGfOdbj07y1Q52HsS +iOcrl7kUzmkYvxMEA2bqkPsCAwEAATANBgkqhkiG9w0BAQsFAAOBgQAeuljNAc0b +wNQCRRzJmfmW2I9kKGQVdHeJwzNE5D3jXlUbUXxBVpw5db548v6TSszicQV1nNav +HiRQsQIbciSdRL7JFSFBbXURVD9LYu7SjtVb5sviZht1t47OpdT/GDYDkx40I3SK +qtCcfeZ0GVupkCCZZM4C26hMZz+LVUaCmw== +-----END CERTIFICATE----- diff --git a/conf/services/nginx/ssl/localhost/localhost.key b/conf/services/nginx/ssl/localhost/localhost.key new file mode 100644 index 00000000..57855745 --- /dev/null +++ b/conf/services/nginx/ssl/localhost/localhost.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXwIBAAKBgQC8XWFe2lrbp2PyoqritDwNgcLfpRyCFmnskXxD0zWBrj5H4zft +O3utuRVIJs98Fg3SUYnXYKpBTJ7zB8n+ySuiXsolzJ+Pln/PchlIt6AI6Ql/EXm8 +0rMCttv5Hb56TZZ0q5MZ851uPTvLVDnYexKI5yuXuRTOaRi/EwQDZuqQ+wIDAQAB +AoGBALIcFiMLk1gZen+GYtFEnXgkF7FDPaagLP59PqQfhXue19M/vbU7RqIo3T/B +OvXZIK6bXRxjkfl2yuGAnvalH/Shz/YdDtwtItgyYr4rteU5wJnPijPa2ebYXxNV +wxq+9iyZs2vhhbbRGhFxREVE8iu2RnLY12CRxykGmxlWcNDZAkEA9CjA14Ym9gN/ +XwZ8PNe+a/2fe8U0O86VnanOK1G5k5dsZkOW0O/5u622rMlGJw/S+YCBJ+8sOhFL +QTxlVGPCtQJBAMV/79lWoGBGnpoB+o9lc1nBUCCxGmVzywSOrTjIquwegTvjMUUM +yoqEDWC4fNdoFtaFZ12tPk42NYC4BdbU4u8CQQCqOAdJurNK7GFOZH0VBewx6Z3Y +ckHaOEpCovGjbdSNOxJNsW1huQxIdfFXQPNxpCyX2akxqCMTUJ9AmdSjIvHJAkEA +qKajjpimwxALB8CA0krzwcWOQxx5SgEjcHTV/xN8wb0a5qUPwcM2gipZsipYkSlV +t0KcDiaOegNYlN6QPe/1CQJBALtRggJf4bMgjG9vsz/zhe9egCtuUifKfo5LLvI+ +Xua1SY6XGL0Bf8TOGaNXc6Ye9H5abp7q/bZlZ+dGgJ3SJCY= +-----END RSA PRIVATE KEY----- diff --git a/conf/services/openresty/conf.d/.gitignore b/conf/services/openresty/conf.d/.gitignore new file mode 100644 index 00000000..8fb22755 --- /dev/null +++ b/conf/services/openresty/conf.d/.gitignore @@ -0,0 +1,4 @@ +* +!.gitignore +!certs/localhost/ +!localhost.conf diff --git a/conf/services/openresty/conf.d/localhost.conf b/conf/services/openresty/conf.d/localhost.conf new file mode 100644 index 00000000..8310d143 --- /dev/null +++ b/conf/services/openresty/conf.d/localhost.conf @@ -0,0 +1,88 @@ +server { + listen 80 default; + server_name localhost; + root /www/localhost; + index index.php index.html index.htm; + #charset koi8-r; + + #access_log /dev/null; + access_log /var/log/nginx/openresty.localhost.access.log main; + error_log /var/log/nginx/openresty.localhost.error.log warn; + + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } + + # proxy the PHP scripts to Apache listening on 127.0.0.1:80 + # + #location ~ \.php$ { + # proxy_pass http://127.0.0.1; + #} + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # + location ~ \.php$ { + fastcgi_pass php:9000; + include fastcgi-php.conf; + include fastcgi_params; + } + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + #location ~ /\.ht { + # deny all; + #} +} + + +server { + listen 443 default ssl http2; + server_name localhost; + root /www/localhost; + index index.php index.html index.htm; + #charset koi8-r; + + #access_log /dev/null; + access_log /var/log/nginx/openresty.localhost.access.log main; + error_log /var/log/nginx/openresty.localhost.error.log warn; + + #error_page 404 /404.html; + + ssl_certificate /ssl/localhost/localhost.crt; + ssl_certificate_key /ssl/localhost/localhost.key; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } + + # proxy the PHP scripts to Apache listening on 127.0.0.1:80 + # + #location ~ \.php$ { + # proxy_pass http://127.0.0.1; + #} + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # + location ~ \.php$ { + fastcgi_pass php:9000; + include fastcgi-php.conf; + include fastcgi_params; + } + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + #location ~ /\.ht { + # deny all; + #} +} + diff --git a/conf/services/openresty/fastcgi-php.conf b/conf/services/openresty/fastcgi-php.conf new file mode 100644 index 00000000..a9b830ab --- /dev/null +++ b/conf/services/openresty/fastcgi-php.conf @@ -0,0 +1,14 @@ + +# regex to split $uri to $fastcgi_script_name and $fastcgi_path +fastcgi_split_path_info ^(.+?\.php)(/.*)$; + +# Check that the PHP script exists before passing it +try_files $fastcgi_script_name =404; + +# Bypass the fact that try_files resets $fastcgi_path_info +# see: http://trac.nginx.org/nginx/ticket/321 +set $path_info $fastcgi_path_info; +#fastcgi_param PATH_INFO $path_info; +fastcgi_read_timeout 3600; + +fastcgi_index index.php; diff --git a/conf/services/openresty/fastcgi_params b/conf/services/openresty/fastcgi_params new file mode 100644 index 00000000..ab5497db --- /dev/null +++ b/conf/services/openresty/fastcgi_params @@ -0,0 +1,27 @@ + +fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REQUEST_SCHEME $scheme; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; +fastcgi_param PHP_ADMIN_VALUE "open_basedir=$document_root/:/tmp/:/proc/"; diff --git a/conf/services/openresty/openresty.conf b/conf/services/openresty/openresty.conf new file mode 100644 index 00000000..8bf75f6c --- /dev/null +++ b/conf/services/openresty/openresty.conf @@ -0,0 +1,56 @@ +# nginx.conf -- docker-openresty +# +# This file is installed to: +# `/usr/local/openresty/nginx/conf/nginx.conf` +# and is the file loaded by nginx at startup, +# unless the user specifies otherwise. +# +# It tracks the upstream OpenResty's `nginx.conf`, but removes the `server` +# section and adds this directive: +# `include /etc/nginx/conf.d/*.conf;` +# +# The `docker-openresty` file `nginx.vh.default.conf` is copied to +# `/etc/nginx/conf.d/default.conf`. It contains the `server section +# of the upstream `nginx.conf`. +# +# See https://github.com/openresty/docker-openresty/blob/master/README.md#nginx-config-files +# + +#user www-data; +worker_processes 1; + +error_log /var/log/nginx/openresly.error.log warn; +#error_log logs/error.log notice; +#error_log logs/error.log info; + +#pid logs/nginx.pid; + + +events { + worker_connections 1024; +} + + +http { + include mime.types; + default_type application/octet-stream; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"' + '"$request_body" $request_time $upstream_response_time'; + + access_log logs/access.log main; + + #隐藏版本号 + server_tokens off; + sendfile on; + #tcp_nopush on; + + #keepalive_timeout 0; + keepalive_timeout 65; + + #gzip on; + + include /etc/nginx/conf.d/*.conf; +} diff --git a/conf/services/openresty/ssl/localhost/localhost.crt b/conf/services/openresty/ssl/localhost/localhost.crt new file mode 100644 index 00000000..cc85a447 --- /dev/null +++ b/conf/services/openresty/ssl/localhost/localhost.crt @@ -0,0 +1,15 @@ +-----BEGIN CERTIFICATE----- +MIICVTCCAb4CCQDAjEyILRN30zANBgkqhkiG9w0BAQsFADBvMQswCQYDVQQGEwJV +UzENMAsGA1UECAwETWFyczETMBEGA1UEBwwKaVRyYW5zd2FycDETMBEGA1UECgwK +aVRyYW5zd2FycDETMBEGA1UECwwKaVRyYW5zd2FycDESMBAGA1UEAwwJbG9jYWxo +b3N0MB4XDTE4MDkyNTAyMzAyNVoXDTI4MDkyMjAyMzAyNVowbzELMAkGA1UEBhMC +VVMxDTALBgNVBAgMBE1hcnMxEzARBgNVBAcMCmlUcmFuc3dhcnAxEzARBgNVBAoM +CmlUcmFuc3dhcnAxEzARBgNVBAsMCmlUcmFuc3dhcnAxEjAQBgNVBAMMCWxvY2Fs +aG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvF1hXtpa26dj8qKq4rQ8 +DYHC36UcghZp7JF8Q9M1ga4+R+M37Tt7rbkVSCbPfBYN0lGJ12CqQUye8wfJ/skr +ol7KJcyfj5Z/z3IZSLegCOkJfxF5vNKzArbb+R2+ek2WdKuTGfOdbj07y1Q52HsS +iOcrl7kUzmkYvxMEA2bqkPsCAwEAATANBgkqhkiG9w0BAQsFAAOBgQAeuljNAc0b +wNQCRRzJmfmW2I9kKGQVdHeJwzNE5D3jXlUbUXxBVpw5db548v6TSszicQV1nNav +HiRQsQIbciSdRL7JFSFBbXURVD9LYu7SjtVb5sviZht1t47OpdT/GDYDkx40I3SK +qtCcfeZ0GVupkCCZZM4C26hMZz+LVUaCmw== +-----END CERTIFICATE----- diff --git a/conf/services/openresty/ssl/localhost/localhost.key b/conf/services/openresty/ssl/localhost/localhost.key new file mode 100644 index 00000000..57855745 --- /dev/null +++ b/conf/services/openresty/ssl/localhost/localhost.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXwIBAAKBgQC8XWFe2lrbp2PyoqritDwNgcLfpRyCFmnskXxD0zWBrj5H4zft +O3utuRVIJs98Fg3SUYnXYKpBTJ7zB8n+ySuiXsolzJ+Pln/PchlIt6AI6Ql/EXm8 +0rMCttv5Hb56TZZ0q5MZ851uPTvLVDnYexKI5yuXuRTOaRi/EwQDZuqQ+wIDAQAB +AoGBALIcFiMLk1gZen+GYtFEnXgkF7FDPaagLP59PqQfhXue19M/vbU7RqIo3T/B +OvXZIK6bXRxjkfl2yuGAnvalH/Shz/YdDtwtItgyYr4rteU5wJnPijPa2ebYXxNV +wxq+9iyZs2vhhbbRGhFxREVE8iu2RnLY12CRxykGmxlWcNDZAkEA9CjA14Ym9gN/ +XwZ8PNe+a/2fe8U0O86VnanOK1G5k5dsZkOW0O/5u622rMlGJw/S+YCBJ+8sOhFL +QTxlVGPCtQJBAMV/79lWoGBGnpoB+o9lc1nBUCCxGmVzywSOrTjIquwegTvjMUUM +yoqEDWC4fNdoFtaFZ12tPk42NYC4BdbU4u8CQQCqOAdJurNK7GFOZH0VBewx6Z3Y +ckHaOEpCovGjbdSNOxJNsW1huQxIdfFXQPNxpCyX2akxqCMTUJ9AmdSjIvHJAkEA +qKajjpimwxALB8CA0krzwcWOQxx5SgEjcHTV/xN8wb0a5qUPwcM2gipZsipYkSlV +t0KcDiaOegNYlN6QPe/1CQJBALtRggJf4bMgjG9vsz/zhe9egCtuUifKfo5LLvI+ +Xua1SY6XGL0Bf8TOGaNXc6Ye9H5abp7q/bZlZ+dGgJ3SJCY= +-----END RSA PRIVATE KEY----- diff --git a/conf/services/php/Dockerfile b/conf/services/php/Dockerfile new file mode 100644 index 00000000..b495b986 --- /dev/null +++ b/conf/services/php/Dockerfile @@ -0,0 +1,45 @@ +ARG PHP_VERSION +FROM ${PHP_VERSION} + +ARG TZ +ARG PHP_EXTENSIONS +ARG CONTAINER_PACKAGE_URL + + +COPY ./initsh /usr/local/bin/ +RUN chmod 777 /usr/local/bin/initsh + + +RUN if [ $CONTAINER_PACKAGE_URL ] ; then sed -i "s/dl-cdn.alpinelinux.org/${CONTAINER_PACKAGE_URL}/g" /etc/apk/repositories ; fi + + +COPY ./extensions /tmp/extensions +WORKDIR /tmp/extensions +RUN chmod +x install.sh \ + && sh install.sh \ + && rm -rf /tmp/extensions + +ADD ./extensions/install-php-extensions /usr/local/bin/ + +RUN chmod uga+x /usr/local/bin/install-php-extensions + +RUN apk --no-cache add tzdata \ + && cp "/usr/share/zoneinfo/$TZ" /etc/localtime \ + && echo "$TZ" > /etc/timezone + + +# Fix: https://github.com/docker-library/php/issues/240 +RUN apk add git gnu-libiconv libstdc++ --no-cache --repository http://${CONTAINER_PACKAGE_URL}/alpine/edge/community/ --allow-untrusted +ENV LD_PRELOAD /usr/lib/preloadable_libiconv.so php + + +# Install composer and change it's cache home +RUN curl -o /usr/bin/composer https://mirrors.aliyun.com/composer/composer.phar \ + && chmod +x /usr/bin/composer +ENV COMPOSER_HOME=/tmp/composer + +# php image's www-data user uid & gid are 82, change them to 1000 (primary user) +RUN apk --no-cache add shadow && usermod -u 1000 www-data && groupmod -g 1000 www-data + + +WORKDIR /www diff --git a/conf/services/php/initsh b/conf/services/php/initsh new file mode 100644 index 00000000..0f130c46 --- /dev/null +++ b/conf/services/php/initsh @@ -0,0 +1,3 @@ +#!/bin/sh + +cat /www/hosts >> /etc/hosts diff --git a/conf/services/php/php-fpm.conf b/conf/services/php/php-fpm.conf new file mode 100644 index 00000000..3cf207e8 --- /dev/null +++ b/conf/services/php/php-fpm.conf @@ -0,0 +1,30 @@ +[global] +pid = run/php-fpm.pid +error_log = /var/log/php/php-fpm.log +log_level = notice +rlimit_files = 65535 +rlimit_core = 0 +[www] +user = www-data +group = www-data +listen = 127.0.0.1:9000 +pm = static +pm.max_children = 256 +pm.start_servers =10 +pm.min_spare_servers = 5 +pm.max_spare_servers = 35 +;pm.process_idle_timeout = 120s; +pm.max_requests = 102400 +;access.log = /usr/local/webserver/php7.2/logs/$pool.access.log +;access.format = %R - %u %t "%m %r%Q%q" [%s] %f %{mili}d %{kilo}M %C%% +slowlog = /var/log/php/$pool.log.slow +request_slowlog_timeout = 0 +request_terminate_timeout = 0 + +;chroot = /www +;chdir = /www + +env[ORACLE_HOME] = \$ORACLE_HOME +env[NLS_LANG] = \$NLS_LANG +env[APPLICATION_ENV] = development +php_flag[display_errors] = on \ No newline at end of file diff --git a/conf/services/php/php.ini b/conf/services/php/php.ini new file mode 100644 index 00000000..9345476f --- /dev/null +++ b/conf/services/php/php.ini @@ -0,0 +1,196 @@ +[PHP] +engine = On +zend.ze1_compatibility_mode = Off +short_open_tag = Off +asp_tags = Off +precision = 14 +y2k_compliance = On +output_buffering = 4096 +zlib.output_compression = Off +implicit_flush = Off +unserialize_callback_func= +serialize_precision = 100 +allow_call_time_pass_reference = Off +safe_mode = Off +safe_mode_gid = Off +safe_mode_include_dir = +safe_mode_exec_dir = +safe_mode_allowed_env_vars = PHP_ +safe_mode_protected_env_vars = LD_LIBRARY_PATH +disable_functions = +disable_classes = +expose_php = Off +max_execution_time = 180 ; Maximum execution time of each script, in seconds +max_input_time = 60 ; Maximum amount of time each script may spend parsing request data +memory_limit = 256M ; Maximum amount of memory a script may consume (128MB) +error_reporting = E_ALL & ~E_NOTICE +display_errors = On +display_startup_errors = On +log_errors = On +log_errors_max_len = 1024 +ignore_repeated_errors = Off +ignore_repeated_source = Off +report_memleaks = On +error_log=/var/log/php/php-error.log +variables_order = "GPCS" +register_globals = Off +register_argc_argv = Off +auto_globals_jit = On +post_max_size = 8M +magic_quotes_gpc = Off +magic_quotes_runtime = Off +magic_quotes_sybase = Off +auto_prepend_file = +auto_append_file = +include_path = "/www/library:/www/service:." +doc_root = +user_dir = +enable_dl = On +cgi.fix_pathinfo=0 +file_uploads = On +upload_max_filesize = 2M +allow_url_fopen = On +allow_url_include = Off +default_socket_timeout = 60 +[Date] +date.timezone = Asia/Shanghai +[Syslog] +define_syslog_variables = Off +[mail function] +SMTP = localhost +smtp_port = 25 +[SQL] +sql.safe_mode = Off +[ODBC] +odbc.allow_persistent = On +odbc.check_persistent = On +odbc.max_persistent = -1 +odbc.max_links = -1 +odbc.defaultlrl = 4096 +odbc.defaultbinmode = 1 +[MySQL] +mysql.allow_persistent = On +mysql.max_persistent = -1 +mysql.max_links = -1 +mysql.default_port = +mysql.default_socket = +mysql.default_host = +mysql.default_user = +mysql.default_password = +mysql.connect_timeout = 60 +mysql.trace_mode = Off +[MySQLi] +mysqli.max_links = -1 +mysqli.default_port = 3306 +mysqli.default_socket = +mysqli.default_host = +mysqli.default_user = +mysqli.default_pw = +mysqli.reconnect = Off +[mSQL] +msql.allow_persistent = On +msql.max_persistent = -1 +msql.max_links = -1 +[OCI8] +[PostgresSQL] +pgsql.allow_persistent = On +pgsql.auto_reset_persistent = Off +pgsql.max_persistent = -1 +pgsql.max_links = -1 +pgsql.ignore_notice = 0 +pgsql.log_notice = 0 +[Sybase] +sybase.allow_persistent = On +sybase.max_persistent = -1 +sybase.max_links = -1 +sybase.min_error_severity = 10 +sybase.min_message_severity = 10 +sybase.compatability_mode = Off +[Sybase-CT] +sybct.allow_persistent = On +sybct.max_persistent = -1 +sybct.max_links = -1 +sybct.min_server_severity = 10 +sybct.min_client_severity = 10 +[bcmath] +bcmath.scale = 0 +[Informix] +ifx.default_host = +ifx.default_user = +ifx.default_password = +ifx.allow_persistent = On +ifx.max_persistent = -1 +ifx.max_links = -1 +ifx.textasvarchar = 0 +ifx.byteasvarchar = 0 +ifx.charasvarchar = 0 +ifx.blobinfile = 0 +ifx.nullformat = 0 +[Session] +session.save_handler = memcache +session.save_path = "tcp://127.0.0.1:11311" +session.use_cookies = 1 +session.name = _s_id_ +session.auto_start = 0 +session.cookie_lifetime = 0 +session.cookie_path = / +session.cookie_domain = oray.net +session.cookie_httponly = +session.serialize_handler = php +session.gc_probability = 1 +session.gc_divisor = 1000 +session.gc_maxlifetime = 1440 +session.bug_compat_42 = 0 +session.bug_compat_warn = 1 +session.referer_check = +session.entropy_length = 0 +session.entropy_file = +session.cache_limiter = nocache +session.cache_expire = 180 +session.use_trans_sid = 0 +session.hash_function = 0 +session.hash_bits_per_character = 5 +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" +[MSSQL] +mssql.allow_persistent = On +mssql.max_persistent = -1 +mssql.max_links = -1 +mssql.min_error_severity = 10 +mssql.min_message_severity = 10 +mssql.compatability_mode = Off +mssql.connect_timeout = 20 +mssql.datetimeconvert = Off +mssql.secure_connection = Off +mssql.charset = "UTF8" +[Tidy] +tidy.clean_output = Off +[soap] +soap.wsdl_cache_enabled=1 +soap.wsdl_cache_dir="/tmp" +soap.wsdl_cache_ttl=86400 + +; extension_dir = "/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20170718/" +; extension_dir="/tmp/extensions/" +; extension = "memcache.so" +; extension = "redis.so" +; extension = "mongodb.so" +; extension = "yaf.so" +; extension = pdo_oci +extension = pdo_dblib +; extension = "swoole.so" +extension = grpc +[opcache] +; zend_extension=opcache +[XDebug] +xdebug.mode=debug +xdebug.start_with_request=yes +; xdebug.remote_enable = 1 +; xdebug.remote_handler = "dbgp" +; ; Set to host.docker.internal on Mac and Windows, otherwise, set to host real ip +; xdebug.remote_host = host.docker.internal +xdebug.client_host = 192.168.30.90 +; ;xdebug.remote_port = 9000 +; xdebug.remote_log = /var/log/php/xdebug.log +SERVER_ENV=develop +[Yaf] +yaf.use_spl_autoload=1 \ No newline at end of file diff --git a/conf/services/php54/Dockerfile b/conf/services/php54/Dockerfile new file mode 100644 index 00000000..ed93f2c3 --- /dev/null +++ b/conf/services/php54/Dockerfile @@ -0,0 +1,31 @@ +ARG PHP_VERSION +FROM ${PHP_VERSION} + +ARG TZ +ARG PHP_EXTENSIONS +ARG CONTAINER_PACKAGE_URL + + +RUN sed -i "s/httpredir.debian.org/${CONTAINER_PACKAGE_URL}/g" /etc/apt/sources.list \ + && sed -i "s/security.debian.org/${CONTAINER_PACKAGE_URL}\/debian-security/g" /etc/apt/sources.list \ + && apt-get update + + +COPY ./extensions /tmp/extensions +WORKDIR /tmp/extensions +RUN chmod +x install.sh \ + && sh install.sh \ + && rm -rf /tmp/extensions + + +# Install composer and change it's cache home +RUN curl -o /usr/bin/composer https://mirrors.aliyun.com/composer/composer.phar \ + && chmod +x /usr/bin/composer +ENV COMPOSER_HOME=/tmp/composer + + +# php image's www-data user uid & gid are 82, change them to 1000 (primary user) +RUN usermod -u 1000 www-data && groupmod -g 1000 www-data + + +WORKDIR /www diff --git a/conf/services/php54/extensions/install.sh b/conf/services/php54/extensions/install.sh new file mode 100644 index 00000000..a673bd94 --- /dev/null +++ b/conf/services/php54/extensions/install.sh @@ -0,0 +1,289 @@ +#!/bin/bash + +echo +echo "============================================" +echo "Install extensions from : install.sh" +echo "PHP version : ${PHP_VERSION}" +echo "Install extensions : ${PHP_EXTENSIONS}" +echo "Multicore compilation : ${MC}" +echo "Container package url : ${CONTAINER_PACKAGE_URL}" +echo "Work directory : ${PWD}" +echo "============================================" +echo + + +echo "---------- Install zip extension ----------" +apt-get install -y zlib1g-dev unzip +docker-php-ext-install zip + +installExtensionFromTgz() +{ + tgzName=$1 + extensionName="${tgzName%%-*}" + + mkdir ${extensionName} + tar -xf ${tgzName}.tgz -C ${extensionName} --strip-components=1 + ( cd ${extensionName} && phpize && ./configure && make ${MC} && make install ) + + docker-php-ext-enable ${extensionName} $2 +} + +export EXTENSIONS=",${PHP_EXTENSIONS}," + +if [ -z "${EXTENSIONS##*,gd,*}" ]; then + echo "---------- Install gd ----------" + apt-get install -y libfreetype6-dev libjpeg62-turbo-dev libpng-dev \ + && docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ \ + && docker-php-ext-install gd +fi + +if [ -z "${EXTENSIONS##*,pdo_mysql,*}" ]; then + echo "---------- Install pdo_mysql ----------" + docker-php-ext-install pdo_mysql +fi + +if [ -z "${EXTENSIONS##*,intl,*}" ]; then + echo "---------- Install intl ----------" + apt-get install -y libicu-dev + docker-php-ext-install intl +fi + +if [ -z "${EXTENSIONS##*,bz2,*}" ]; then + echo "---------- Install bz2 ----------" + apt-get install -y libbz2-dev + docker-php-ext-install bz2 +fi + +if [ -z "${EXTENSIONS##*,pcntl,*}" ]; then + echo "---------- Install pcntl ----------" + docker-php-ext-install pcntl +fi + +if [ -z "${EXTENSIONS##*,mysqli,*}" ]; then + echo "---------- Install mysqli ----------" + docker-php-ext-install mysqli +fi + +if [ -z "${EXTENSIONS##*,mbstring,*}" ]; then + echo "---------- Install mbstring ----------" + docker-php-ext-install mbstring +fi + +if [ -z "${EXTENSIONS##*,exif,*}" ]; then + echo "---------- Install exif ----------" + docker-php-ext-install exif +fi + +if [ -z "${EXTENSIONS##*,bcmath,*}" ]; then + echo "---------- Install bcmath ----------" + docker-php-ext-install bcmath +fi + +if [ -z "${EXTENSIONS##*,calendar,*}" ]; then + echo "---------- Install calendar ----------" + docker-php-ext-install calendar +fi + +if [ -z "${EXTENSIONS##*,sockets,*}" ]; then + echo "---------- Install sockets ----------" + docker-php-ext-install sockets +fi + +if [ -z "${EXTENSIONS##*,gettext,*}" ]; then + echo "---------- Install gettext ----------" + docker-php-ext-install gettext +fi + +if [ -z "${EXTENSIONS##*,shmop,*}" ]; then + echo "---------- Install shmop ----------" + docker-php-ext-install shmop +fi + +if [ -z "${EXTENSIONS##*,sysvmsg,*}" ]; then + echo "---------- Install sysvmsg ----------" + docker-php-ext-install sysvmsg +fi + +if [ -z "${EXTENSIONS##*,sysvsem,*}" ]; then + echo "---------- Install sysvsem ----------" + docker-php-ext-install sysvsem +fi + +if [ -z "${EXTENSIONS##*,sysvshm,*}" ]; then + echo "---------- Install sysvshm ----------" + docker-php-ext-install sysvshm +fi + +if [ -z "${EXTENSIONS##*,pdo_firebird,*}" ]; then + echo "---------- Install pdo_firebird ----------" + docker-php-ext-install pdo_firebird +fi + +if [ -z "${EXTENSIONS##*,pdo_dblib,*}" ]; then + echo "---------- Install pdo_dblib ----------" + docker-php-ext-install pdo_dblib +fi + +if [ -z "${EXTENSIONS##*,pdo_oci,*}" ]; then + echo "---------- Install pdo_oci ----------" + docker-php-ext-install pdo_oci +fi + +if [ -z "${EXTENSIONS##*,pdo_odbc,*}" ]; then + echo "---------- Install pdo_odbc ----------" + docker-php-ext-install pdo_odbc +fi + +if [ -z "${EXTENSIONS##*,pdo_pgsql,*}" ]; then + echo "---------- Install pdo_pgsql ----------" + docker-php-ext-install pdo_pgsql +fi + +if [ -z "${EXTENSIONS##*,pgsql,*}" ]; then + echo "---------- Install pgsql ----------" + docker-php-ext-install pgsql +fi + +if [ -z "${EXTENSIONS##*,oci8,*}" ]; then + echo "---------- Install oci8 ----------" + docker-php-ext-install oci8 +fi + +if [ -z "${EXTENSIONS##*,odbc,*}" ]; then + echo "---------- Install odbc ----------" + docker-php-ext-install odbc +fi + +if [ -z "${EXTENSIONS##*,dba,*}" ]; then + echo "---------- Install dba ----------" + docker-php-ext-install dba +fi + +if [ -z "${EXTENSIONS##*,interbase,*}" ]; then + echo "---------- Install interbase ----------" + docker-php-ext-install interbase +fi + +if [ -z "${EXTENSIONS##*,soap,*}" ]; then + echo "---------- Install soap ----------" + apt-get install -y libxml2-dev + docker-php-ext-install soap +fi + + +if [ -z "${EXTENSIONS##*,xsl,*}" ]; then + echo "---------- Install xsl ----------" + apt-get install -y libxml2-dev + apt-get install -y libxslt-dev + docker-php-ext-install xsl +fi + +if [ -z "${EXTENSIONS##*,xmlrpc,*}" ]; then + echo "---------- Install xmlrpc ----------" + apt-get install -y libxml2-dev + apt-get install -y libxslt-dev + docker-php-ext-install xmlrpc +fi + +if [ -z "${EXTENSIONS##*,wddx,*}" ]; then + echo "---------- Install wddx ----------" + apt-get install -y libxml2-dev + apt-get install -y libxslt-dev + docker-php-ext-install wddx +fi + +if [ -z "${EXTENSIONS##*,curl,*}" ]; then + echo "---------- Install curl ----------" + apt-get install -y curl + apt-get install -y libcurl3 + apt-get install -y libcurl4-openssl-dev + docker-php-ext-install curl +fi + +if [ -z "${EXTENSIONS##*,readline,*}" ]; then + echo "---------- Install readline ----------" + apt-get install -y libreadline-dev + docker-php-ext-install readline +fi + +if [ -z "${EXTENSIONS##*,snmp,*}" ]; then + echo "---------- Install snmp ----------" + apt-get install -y libsnmp-dev + apt-get install -y snmp + docker-php-ext-install snmp +fi + +if [ -z "${EXTENSIONS##*,pspell,*}" ]; then + echo "---------- Install pspell ----------" + apt-get install -y libpspell-dev + apt-get install -y aspell-en + docker-php-ext-install pspell +fi + +if [ -z "${EXTENSIONS##*,recode,*}" ]; then + echo "---------- Install recode ----------" + apt-get install -y librecode0 + apt-get install -y librecode-dev + docker-php-ext-install recode +fi + +if [ -z "${EXTENSIONS##*,tidy,*}" ]; then + echo "---------- Install tidy ----------" + apt-get install -y libtidy-dev + docker-php-ext-install tidy +fi + +if [ -z "${EXTENSIONS##*,gmp,*}" ]; then + echo "---------- Install gmp ----------" + apt-get install -y libgmp-dev + ln -s /usr/include/x86_64-linux-gnu/gmp.h /usr/include/gmp.h + docker-php-ext-install gmp +fi + +if [ -z "${EXTENSIONS##*,imap,*}" ]; then + echo "---------- Install imap ----------" + apt-get install -y libc-client-dev + docker-php-ext-configure imap --with-kerberos --with-imap-ssl + docker-php-ext-install imap +fi + +if [ -z "${EXTENSIONS##*,ldap,*}" ]; then + echo "---------- Install ldap ----------" + apt-get install -y libldb-dev + apt-get install -y libldap2-dev + docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu + docker-php-ext-install ldap +fi + +if [ -z "${EXTENSIONS##*,imagick,*}" ]; then + echo "---------- Install imagick ----------" + apt-get install -y libmagickwand-dev + pecl install imagick-3.4.3 + docker-php-ext-enable imagick +fi + +if [ -z "${EXTENSIONS##*,memcached,*}" ]; then + echo "---------- Install memcached ----------" + apt-get install -y libmemcached-dev + pecl install memcached-2.2.0 + docker-php-ext-enable memcached +fi + +if [ -z "${EXTENSIONS##*,sqlsrv,*}" ]; then + echo "---------- Install sqlsrv ----------" + apt-get install -y unixodbc-dev + pecl install sqlsrv + docker-php-ext-enable sqlsrv +fi + +if [ -z "${EXTENSIONS##*,pdo_sqlsrv,*}" ]; then + echo "---------- Install pdo_sqlsrv ----------" + apt-get install -y unixodbc-dev + pecl install pdo_sqlsrv + docker-php-ext-enable pdo_sqlsrv +fi + +if [ -z "${EXTENSIONS##*,redis,*}" ]; then + echo "---------- Install redis ----------" + installExtensionFromTgz redis-4.1.1 +fi diff --git a/conf/services/php54/php-fpm.conf b/conf/services/php54/php-fpm.conf new file mode 100644 index 00000000..cbe38c72 --- /dev/null +++ b/conf/services/php54/php-fpm.conf @@ -0,0 +1,423 @@ +; Start a new pool named 'www'. +; the variable $pool can be used in any directive and will be replaced by the +; pool name ('www' here) +[www] + +; Per pool prefix +; It only applies on the following directives: +; - 'access.log' +; - 'slowlog' +; - 'listen' (unixsocket) +; - 'chroot' +; - 'chdir' +; - 'php_values' +; - 'php_admin_values' +; When not set, the global prefix (or NONE) applies instead. +; Note: This directive can also be relative to the global prefix. +; Default Value: none +;prefix = /path/to/pools/$pool + +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +;user = www-data +;group = www-data + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on +; a specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +listen = 127.0.0.1:9000 + +; Set listen(2) backlog. +; Default Value: 511 (-1 on FreeBSD and OpenBSD) +;listen.backlog = 511 + +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. +; Default Values: user and group are set as the running user +; mode is set to 0660 +;listen.owner = www-data +;listen.group = www-data +;listen.mode = 0660 +; When POSIX Access Control Lists are supported you can set them using +; these options, value is a comma separated list of user/group names. +; When set, listen.owner and listen.group are ignored +;listen.acl_users = +;listen.acl_groups = + +; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. +; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original +; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address +; must be separated by a comma. If this value is left blank, connections will be +; accepted from any ip address. +; Default Value: any +;listen.allowed_clients = 127.0.0.1 + +; Specify the nice(2) priority to apply to the pool processes (only if set) +; The value can vary from -19 (highest priority) to 20 (lower priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool processes will inherit the master process priority +; unless it specified otherwise +; Default Value: no set +; process.priority = -19 + +; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user +; or group is differrent than the master process user. It allows to create process +; core dump and ptrace the process for the pool user. +; Default Value: no +; process.dumpable = yes + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives. With this process management, there will be +; always at least 1 children. +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; ondemand - no children are created at startup. Children will be forked when +; new requests will connect. The following parameter are used: +; pm.max_children - the maximum number of children that +; can be alive at the same time. +; pm.process_idle_timeout - The number of seconds after which +; an idle process will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. The below defaults are based on a server without much resources. Don't +; forget to tweak pm.* to fit your needs. +; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' +; Note: This value is mandatory. +pm.max_children = 10 + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 +pm.start_servers = 2 + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.min_spare_servers = 1 + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.max_spare_servers = 3 + +; The number of seconds after which an idle process will be killed. +; Note: Used only when pm is set to 'ondemand' +; Default Value: 10s +;pm.process_idle_timeout = 10s; + +; The number of requests each child process should execute before respawning. +; This can be useful to work around memory leaks in 3rd party libraries. For +; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. +; Default Value: 0 +;pm.max_requests = 500 + +; The URI to view the FPM status page. If this value is not set, no URI will be +; recognized as a status page. It shows the following informations: +; pool - the name of the pool; +; process manager - static, dynamic or ondemand; +; start time - the date and time FPM has started; +; start since - number of seconds since FPM has started; +; accepted conn - the number of request accepted by the pool; +; listen queue - the number of request in the queue of pending +; connections (see backlog in listen(2)); +; max listen queue - the maximum number of requests in the queue +; of pending connections since FPM has started; +; listen queue len - the size of the socket queue of pending connections; +; idle processes - the number of idle processes; +; active processes - the number of active processes; +; total processes - the number of idle + active processes; +; max active processes - the maximum number of active processes since FPM +; has started; +; max children reached - number of times, the process limit has been reached, +; when pm tries to start more children (works only for +; pm 'dynamic' and 'ondemand'); +; Value are updated in real time. +; Example output: +; pool: www +; process manager: static +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 62636 +; accepted conn: 190460 +; listen queue: 0 +; max listen queue: 1 +; listen queue len: 42 +; idle processes: 4 +; active processes: 11 +; total processes: 15 +; max active processes: 12 +; max children reached: 0 +; +; By default the status page output is formatted as text/plain. Passing either +; 'html', 'xml' or 'json' in the query string will return the corresponding +; output syntax. Example: +; http://www.foo.bar/status +; http://www.foo.bar/status?json +; http://www.foo.bar/status?html +; http://www.foo.bar/status?xml +; +; By default the status page only outputs short status. Passing 'full' in the +; query string will also return status for each pool process. +; Example: +; http://www.foo.bar/status?full +; http://www.foo.bar/status?json&full +; http://www.foo.bar/status?html&full +; http://www.foo.bar/status?xml&full +; The Full status returns for each process: +; pid - the PID of the process; +; state - the state of the process (Idle, Running, ...); +; start time - the date and time the process has started; +; start since - the number of seconds since the process has started; +; requests - the number of requests the process has served; +; request duration - the duration in µs of the requests; +; request method - the request method (GET, POST, ...); +; request URI - the request URI with the query string; +; content length - the content length of the request (only with POST); +; user - the user (PHP_AUTH_USER) (or '-' if not set); +; script - the main script called (or '-' if not set); +; last request cpu - the %cpu the last request consumed +; it's always 0 if the process is not in Idle state +; because CPU calculation is done when the request +; processing has terminated; +; last request memory - the max amount of memory the last request consumed +; it's always 0 if the process is not in Idle state +; because memory calculation is done when the request +; processing has terminated; +; If the process is in Idle state, then informations are related to the +; last request the process has served. Otherwise informations are related to +; the current request being served. +; Example output: +; ************************ +; pid: 31330 +; state: Running +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 63087 +; requests: 12808 +; request duration: 1250261 +; request method: GET +; request URI: /test_mem.php?N=10000 +; content length: 0 +; user: - +; script: /home/fat/web/docs/php/test_mem.php +; last request cpu: 0.00 +; last request memory: 0 +; +; Note: There is a real-time FPM status monitoring sample web page available +; It's available in: /usr/local/share/php/fpm/status.html +; +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;pm.status_path = /status + +; The ping URI to call the monitoring page of FPM. If this value is not set, no +; URI will be recognized as a ping page. This could be used to test from outside +; that FPM is alive and responding, or to +; - create a graph of FPM availability (rrd or such); +; - remove a server from a group if it is not responding (load balancing); +; - trigger alerts for the operating team (24/7). +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;ping.path = /ping + +; This directive may be used to customize the response of a ping request. The +; response is formatted as text/plain with a 200 response code. +; Default Value: pong +;ping.response = pong + +; The access log file +; Default: not set +;access.log = log/$pool.access.log + +; The access log format. +; The following syntax is allowed +; %%: the '%' character +; %C: %CPU used by the request +; it can accept the following format: +; - %{user}C for user CPU only +; - %{system}C for system CPU only +; - %{total}C for user + system CPU (default) +; %d: time taken to serve the request +; it can accept the following format: +; - %{seconds}d (default) +; - %{miliseconds}d +; - %{mili}d +; - %{microseconds}d +; - %{micro}d +; %e: an environment variable (same as $_ENV or $_SERVER) +; it must be associated with embraces to specify the name of the env +; variable. Some exemples: +; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e +; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e +; %f: script filename +; %l: content-length of the request (for POST request only) +; %m: request method +; %M: peak of memory allocated by PHP +; it can accept the following format: +; - %{bytes}M (default) +; - %{kilobytes}M +; - %{kilo}M +; - %{megabytes}M +; - %{mega}M +; %n: pool name +; %o: output header +; it must be associated with embraces to specify the name of the header: +; - %{Content-Type}o +; - %{X-Powered-By}o +; - %{Transfert-Encoding}o +; - .... +; %p: PID of the child that serviced the request +; %P: PID of the parent of the child that serviced the request +; %q: the query string +; %Q: the '?' character if query string exists +; %r: the request URI (without the query string, see %q and %Q) +; %R: remote IP address +; %s: status (response code) +; %t: server time the request was received +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %T: time the log has been written (the request has finished) +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %u: remote user +; +; Default: "%R - %u %t \"%m %r\" %s" +;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +slowlog = /var/log/php/fpm.slow.log + +; The timeout for serving a single request after which a PHP backtrace will be +; dumped to the 'slowlog' file. A value of '0s' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +request_slowlog_timeout = 3 + +; Depth of slow log stack trace. +; Default Value: 20 +;request_slowlog_trace_depth = 20 + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_terminate_timeout = 0 + +; Set open file descriptor rlimit. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Chroot to this directory at the start. This value must be defined as an +; absolute path. When this value is not set, chroot is not used. +; Note: you can prefix with '$prefix' to chroot to the pool prefix or one +; of its subdirectories. If the pool prefix is not set, the global prefix +; will be used instead. +; Note: chrooting is a great security feature and should be used whenever +; possible. However, all PHP paths will be relative to the chroot +; (error_log, sessions.save_path, ...). +; Default Value: not set +;chroot = + +; Chdir to this directory at the start. +; Note: relative path can be used. +; Default Value: current directory or / when chroot +;chdir = /var/www + +; Redirect worker stdout and stderr into main error log. If not set, stdout and +; stderr will be redirected to /dev/null according to FastCGI specs. +; Note: on highloaded environement, this can cause some delay in the page +; process time (several ms). +; Default Value: no +catch_workers_output = yes + +; Clear environment in FPM workers +; Prevents arbitrary environment variables from reaching FPM worker processes +; by clearing the environment in workers before env vars specified in this +; pool configuration are added. +; Setting to "no" will make all environment variables available to PHP code +; via getenv(), $_ENV and $_SERVER. +; Default Value: yes +;clear_env = no + +; Limits the extensions of the main script FPM will allow to parse. This can +; prevent configuration mistakes on the web server side. You should only limit +; FPM to .php extensions to prevent malicious users to use other extensions to +; execute php code. +; Note: set an empty value to allow all extensions. +; Default Value: .php +;security.limit_extensions = .php .php3 .php4 .php5 .php7 + +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from +; the current environment. +; Default Value: clean env +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /tmp +;env[TMPDIR] = /tmp +;env[TEMP] = /tmp + +; Additional php.ini defines, specific to this pool of workers. These settings +; overwrite the values previously defined in the php.ini. The directives are the +; same as the PHP SAPI: +; php_value/php_flag - you can set classic ini defines which can +; be overwritten from PHP call 'ini_set'. +; php_admin_value/php_admin_flag - these directives won't be overwritten by +; PHP call 'ini_set' +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. + +; Defining 'extension' will load the corresponding shared extension from +; extension_dir. Defining 'disable_functions' or 'disable_classes' will not +; overwrite previously defined php.ini values, but will append the new value +; instead. + +; Note: path INI options can be relative and will be expanded with the prefix +; (pool, global or /usr/local) + +; Default Value: nothing is defined by default except the values in php.ini and +; specified at startup with the -d argument +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com +;php_flag[display_errors] = off +;php_admin_value[error_log] = /var/log/fpm-php.www.log +;php_admin_flag[log_errors] = on +;php_admin_value[memory_limit] = 32M diff --git a/conf/services/php54/php.ini b/conf/services/php54/php.ini new file mode 100644 index 00000000..c55e0ef9 --- /dev/null +++ b/conf/services/php54/php.ini @@ -0,0 +1,1930 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it is +; much more verbose when it comes to errors. We recommend using the +; development version only in development environments, as errors shown to +; application users can inadvertently leak otherwise secure information. + +; This is php.ini-production INI file. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT + +; html_errors +; Default Value: On +; Development Value: On +; Production value: On + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.sid_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It is +; generally recommended that should be used and that this feature +; should be disabled, as enabling it may result in issues when generating XML +; documents, however this remains supported for backward compatibility reasons. +; Note that this directive does not control the would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 4096k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +; Enables or disables the circular reference collector. +; http://php.net/zend.enable-gc +zend.enable_gc = On + +; If enabled, scripts may be written in encodings that are incompatible with +; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such +; encodings. To use this feature, mbstring extension must be enabled. +; Default: Off +;zend.multibyte = Off + +; Allows to set the default encoding for the scripts. This value will be used +; unless "declare(encoding=...)" directive appears at the top of the script. +; Only affects if zend.multibyte is set. +; Default: "" +;zend.script_encoding = + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = On + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; How many GET/POST/COOKIE input variables may be accepted +; max_input_vars = 1000 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 256M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it is automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL (Show all errors, warnings and notices including coding standards.) +; E_ALL & ~E_NOTICE (Show all errors, except for notices) +; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT +; http://php.net/error-reporting +error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; For production environments, we recommend logging errors rather than +; sending them to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = Off + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. We strongly recommend you +; set this to 'off' for production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = Off + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of formatting the +; error message as HTML for easier reading. This directive controls whether +; the error message is formatted as HTML or not. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: On +; http://php.net/html-errors +html_errors = On + +; If html_errors is set to On *and* docref_root is not empty, then PHP +; produces clickable error messages that direct to a page describing the error +; or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty, in which +; case no links to documentation are generated. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on Windows). +error_log = /var/log/php/php.error.log + +;windows.show_crt_warning +; Default value: 0 +; Development value: 0 +; Production value: 0 + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. G,P,C,E & S are abbreviations for the following respective super +; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty +; paid for the registration of these arrays and because ENV is not as commonly +; used as the others, ENV is not recommended on productions servers. You +; can still get access to the environment variables through getenv() should you +; need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P & C) should be +; registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive +; are specified in the same manner as the variables_order directive, +; EXCEPT one. Leaving this value empty will cause PHP to use the value set +; in the variables_order directive. It does not mean it will leave the super +; globals array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the ENV, REQUEST and SERVER variables are created when they're +; first used (Just In Time) instead of when the script starts. If these +; variables are not used within a script, having this directive on will result +; in a performance gain. The PHP directive register_argc_argv must be disabled +; for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Whether PHP will read the POST data. +; This option is enabled by default. +; Most likely, you won't want to disable this option globally. It causes $_POST +; and $_FILES to always be empty; the only way you will be able to read the +; POST data will be through the php://input stream wrapper. This can be useful +; to proxy requests or to process the POST data in a memory efficient fashion. +; http://php.net/enable-post-data-reading +;enable_post_data_reading = Off + +; Maximum size of POST data that PHP will accept. +; Its value may be 0 to disable the limit. It is ignored if POST data reading +; is disabled through enable_post_data_reading. +; http://php.net/post-max-size +post_max_size = 100M + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a media type using the Content-Type header. To +; disable this, simply set it to be empty. +; +; PHP's built-in default media type is set to text/html. +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to UTF-8. +; http://php.net/default-charset +default_charset = "UTF-8" + +; PHP internal character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/internal-encoding +;internal_encoding = + +; PHP input character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/input-encoding +;input_encoding = + +; PHP output character encoding is set to empty. +; If empty, default_charset is used. +; See also output_buffer. +; http://php.net/output-encoding +;output_encoding = + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +;include_path = ".:/php/includes" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Directory where the temporary files should be placed. +; Defaults to the system default (see sys_get_temp_dir) +; sys_temp_dir = "/tmp" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside +; of the web tree and people will not be able to circumvent .htaccess security. +; http://php.net/cgi.dicard-path +;cgi.discard_path=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1 + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If set to 0, PHP sends Status: header that +; is supported by Apache. When this option is set to 1, PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! +; (shebang) at the top of the running script. This line might be needed if the +; script support running both as stand-alone script and via PHP CGI<. PHP in CGI +; mode skips this line and ignores its content if this directive is turned on. +; http://php.net/cgi.check-shebang-line +;cgi.check_shebang_line=1 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 50M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = On + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=mysqli.dll +; +; ... or under UNIX: +; +; extension=mysqli.so +; +; ... or with a path: +; +; extension=/path/to/extension/mysqli.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5+) +; extension folders as well as the separate PECL DLL download (PHP 5+). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_ftp.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysqli.dll +;extension=php_oci8_12c.dll ; Use with Oracle Database 12c Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_shmop.dll + +; The MIBS data available in the PHP distribution must be installed. +; See http://www.php.net/manual/en/snmp.installation.php +;extension=php_snmp.dll + +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite3.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[CLI Server] +; Whether the CLI web server uses ANSI color coding in its terminal output. +cli_server.color = On + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +date.timezone = Asia/Shanghai + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +; Use of this INI entry is deprecated, use global input_encoding instead. +; If empty, default_charset or input_encoding or iconv.input_encoding is used. +; The precedence is: default_charset < intput_encoding < iconv.input_encoding +;iconv.input_encoding = + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;iconv.internal_encoding = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; If empty, default_charset or output_encoding or iconv.output_encoding is used. +; The precedence is: default_charset < output_encoding < iconv.output_encoding +; To use an output encoding conversion, iconv's output handler must be set +; otherwise output encoding conversion cannot be performed. +;iconv.output_encoding = + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING +;intl.use_exceptions = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +;Enables or disables JIT compilation of patterns. This requires the PCRE +;library to be compiled with JIT support. +;pcre.jit=1 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(). +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = +; Log mail to syslog (Event Log on Windows). +;mail.log = syslog + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = Off + +; Records communication from all extensions using mysqlnd to the specified log +; file. +; http://php.net/mysqlnd.debug +;mysqlnd.debug = + +; Defines which queries will be logged. +; http://php.net/mysqlnd.log_mask +;mysqlnd.log_mask = 0 + +; Default size of the mysqlnd memory pool, which is used by result sets. +; http://php.net/mysqlnd.mempool_default_size +;mysqlnd.mempool_default_size = 16000 + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +; Timeout for network requests in seconds. +; http://php.net/mysqlnd.net_read_timeout +;mysqlnd.net_read_timeout = 31536000 + +; SHA-256 Authentication Plugin related. File with the MySQL server public RSA +; key. +; http://php.net/mysqlnd.sha256_server_public_key +;mysqlnd.sha256_server_public_key = + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgreSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if +; your OS has problems with many files in one directory, and is +; a more efficient layout for servers that handle many sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +;session.save_path = "/tmp" + +; Whether to use strict session mode. +; Strict session mode does not accept uninitialized session ID and regenerate +; session ID if browser sends uninitialized session ID. Strict mode protects +; applications from session fixation via session adoption vulnerability. It is +; disabled by default for maximum compatibility, but enabling it is encouraged. +; https://wiki.php.net/rfc/strict_sessions +session.use_strict_mode = 0 + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combating +; session hijacking when not specifying and managing your own session id. It is +; not the be-all and end-all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 -type f | xargs rm + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users' security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publicly accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Set session ID character length. This value could be between 22 to 256. +; Shorter length than default is supported only for compatibility reason. +; Users should use 32 or more chars. +; http://php.net/session.sid-length +; Default Value: 32 +; Development Value: 26 +; Production Value: 26 +session.sid_length = 26 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; is special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. tag's action attribute URL will not be modified +; unless it is specified. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=" +; Development Value: "a=href,area=href,frame=src,form=" +; Production Value: "a=href,area=href,frame=src,form=" +; http://php.net/url-rewriter.tags +session.trans_sid_tags = "a=href,area=href,frame=src,form=" + +; URL rewriter does not rewrite absolute URLs by default. +; To enable rewrites for absolute pathes, target hosts must be specified +; at RUNTIME. i.e. use ini_set() +; tags is special. PHP will check action attribute's URL regardless +; of session.trans_sid_tags setting. +; If no host is defined, HTTP_HOST will be used for allowed host. +; Example value: php.net,www.php.net,wiki.php.net +; Use "," for multiple hosts. No spaces are allowed. +; Default Value: "" +; Development Value: "" +; Production Value: "" +;session.trans_sid_hosts="" + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.sid_bits_per_character = 5 + +; Enable upload progress tracking in $_SESSION +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.enabled +;session.upload_progress.enabled = On + +; Cleanup the progress information as soon as all POST data has been read +; (i.e. upload completed). +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.cleanup +;session.upload_progress.cleanup = On + +; A prefix used for the upload progress key in $_SESSION +; Default Value: "upload_progress_" +; Development Value: "upload_progress_" +; Production Value: "upload_progress_" +; http://php.net/session.upload-progress.prefix +;session.upload_progress.prefix = "upload_progress_" + +; The index name (concatenated with the prefix) in $_SESSION +; containing the upload progress information +; Default Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Development Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Production Value: "PHP_SESSION_UPLOAD_PROGRESS" +; http://php.net/session.upload-progress.name +;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" + +; How frequently the upload progress should be updated. +; Given either in percentages (per-file), or in bytes +; Default Value: "1%" +; Development Value: "1%" +; Production Value: "1%" +; http://php.net/session.upload-progress.freq +;session.upload_progress.freq = "1%" + +; The minimum delay between updates, in seconds +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.upload-progress.min-freq +;session.upload_progress.min_freq = "1" + +; Only write session data when session data is changed. Enabled by default. +; http://php.net/session.lazy-write +;session.lazy_write = On + +[Assertion] +; Switch whether to compile assertions at all (to have no overhead at run-time) +; -1: Do not compile at all +; 0: Jump over assertion at run-time +; 1: Execute assertions +; Changing from or to a negative value is only possible in php.ini! (For turning assertions on and off at run-time, see assert.active, when zend.assertions = 1) +; Default Value: 1 +; Development Value: 1 +; Production Value: -1 +; http://php.net/zend.assertions +zend.assertions = -1 + +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Throw an AssertationException on failed assertions +; http://php.net/assert.exception +;assert.exception = On + +; Issue a PHP warning for each failed assertion. (Overridden by assert.exception if active) +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; This affects mb_send_mail() and mbstring.detect_order. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; internal/script encoding. +; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*) +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;mbstring.internal_encoding = + +; Use of this INI entry is deprecated, use global input_encoding instead. +; http input encoding. +; mbstring.encoding_traslation = On is needed to use this setting. +; If empty, default_charset or input_encoding or mbstring.input is used. +; The precedence is: default_charset < intput_encoding < mbsting.http_input +; http://php.net/mbstring.http-input +;mbstring.http_input = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; http output encoding. +; mb_output_handler must be registered as output buffer to function. +; If empty, default_charset or output_encoding or mbstring.http_output is used. +; The precedence is: default_charset < output_encoding < mbstring.http_output +; To use an output encoding conversion, mbstring's output handler must be set +; otherwise output encoding conversion cannot be performed. +; http://php.net/mbstring.http-output +;mbstring.http_output = + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; "auto" detect order is changed according to mbstring.language +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +; Default: Off +;mbstring.strict_detection = On + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 1 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[dba] +;dba.default_handler= + +[opcache] +; Determines if Zend OPCache is enabled +;opcache.enable=1 + +; Determines if Zend OPCache is enabled for the CLI version of PHP +;opcache.enable_cli=1 + +; The OPcache shared memory storage size. +;opcache.memory_consumption=128 + +; The amount of memory for interned strings in Mbytes. +;opcache.interned_strings_buffer=8 + +; The maximum number of keys (scripts) in the OPcache hash table. +; Only numbers between 200 and 1000000 are allowed. +;opcache.max_accelerated_files=10000 + +; The maximum percentage of "wasted" memory until a restart is scheduled. +;opcache.max_wasted_percentage=5 + +; When this directive is enabled, the OPcache appends the current working +; directory to the script key, thus eliminating possible collisions between +; files with the same name (basename). Disabling the directive improves +; performance, but may break existing applications. +;opcache.use_cwd=1 + +; When disabled, you must reset the OPcache manually or restart the +; webserver for changes to the filesystem to take effect. +;opcache.validate_timestamps=1 + +; How often (in seconds) to check file timestamps for changes to the shared +; memory storage allocation. ("1" means validate once per second, but only +; once per request. "0" means always validate) +;opcache.revalidate_freq=2 + +; Enables or disables file search in include_path optimization +;opcache.revalidate_path=0 + +; If disabled, all PHPDoc comments are dropped from the code to reduce the +; size of the optimized code. +;opcache.save_comments=1 + +; If enabled, a fast shutdown sequence is used for the accelerated code +; Depending on the used Memory Manager this may cause some incompatibilities. +;opcache.fast_shutdown=0 + +; Allow file existence override (file_exists, etc.) performance feature. +;opcache.enable_file_override=0 + +; A bitmask, where each bit enables or disables the appropriate OPcache +; passes +;opcache.optimization_level=0xffffffff + +;opcache.inherited_hack=1 +;opcache.dups_fix=0 + +; The location of the OPcache blacklist file (wildcards allowed). +; Each OPcache blacklist file is a text file that holds the names of files +; that should not be accelerated. The file format is to add each filename +; to a new line. The filename may be a full path or just a file prefix +; (i.e., /var/www/x blacklists all the files and directories in /var/www +; that start with 'x'). Line starting with a ; are ignored (comments). +;opcache.blacklist_filename= + +; Allows exclusion of large files from being cached. By default all files +; are cached. +;opcache.max_file_size=0 + +; Check the cache checksum each N requests. +; The default value of "0" means that the checks are disabled. +;opcache.consistency_checks=0 + +; How long to wait (in seconds) for a scheduled restart to begin if the cache +; is not being accessed. +;opcache.force_restart_timeout=180 + +; OPcache error_log file name. Empty string assumes "stderr". +;opcache.error_log= + +; All OPcache errors go to the Web server log. +; By default, only fatal errors (level 0) or errors (level 1) are logged. +; You can also enable warnings (level 2), info messages (level 3) or +; debug messages (level 4). +;opcache.log_verbosity_level=1 + +; Preferred Shared Memory back-end. Leave empty and let the system decide. +;opcache.preferred_memory_model= + +; Protect the shared memory from unexpected writing during script execution. +; Useful for internal debugging only. +;opcache.protect_memory=0 + +; Allows calling OPcache API functions only from PHP scripts which path is +; started from specified string. The default "" means no restriction +;opcache.restrict_api= + +; Mapping base of shared memory segments (for Windows only). All the PHP +; processes have to map shared memory into the same address space. This +; directive allows to manually fix the "Unable to reattach to base address" +; errors. +;opcache.mmap_base= + +; Enables and sets the second level cache directory. +; It should improve performance when SHM memory is full, at server restart or +; SHM reset. The default "" disables file based caching. +;opcache.file_cache= + +; Enables or disables opcode caching in shared memory. +;opcache.file_cache_only=0 + +; Enables or disables checksum validation when script loaded from file cache. +;opcache.file_cache_consistency_checks=1 + +; Implies opcache.file_cache_only=1 for a certain process that failed to +; reattach to the shared memory (for Windows only). Explicitly enabled file +; cache is required. +;opcache.file_cache_fallback=1 + +; Enables or disables copying of PHP code (text segment) into HUGE PAGES. +; This should improve performance, but requires appropriate OS configuration. +;opcache.huge_code_pages=1 + +; Validate cached file permissions. +;opcache.validate_permission=0 + +; Prevent name collisions in chroot'ed environment. +;opcache.validate_root=0 + +[curl] +; A default value for the CURLOPT_CAINFO option. This is required to be an +; absolute path. +;curl.cainfo = + +[openssl] +; The location of a Certificate Authority (CA) file on the local filesystem +; to use when verifying the identity of SSL/TLS peers. Most users should +; not specify a value for this directive as PHP will attempt to use the +; OS-managed cert stores in its absence. If specified, this value may still +; be overridden on a per-stream basis via the "cafile" SSL stream context +; option. +;openssl.cafile= + +; If openssl.cafile is not specified or if the CA file is not found, the +; directory pointed to by openssl.capath is searched for a suitable +; certificate. This value must be a correctly hashed certificate directory. +; Most users should not specify a value for this directive as PHP will +; attempt to use the OS-managed cert stores in its absence. If specified, +; this value may still be overridden on a per-stream basis via the "capath" +; SSL stream context option. +;openssl.capath= + +; Local Variables: +; tab-width: 4 +; End: + +[XDebug] +xdebug.remote_enable = 1 +xdebug.remote_handler = "dbgp" +; Set to host.docker.internal on Mac and Windows, otherwise, set to host real ip +xdebug.remote_host = host.docker.internal +;xdebug.remote_port = 9000 +xdebug.remote_log = /var/log/php/xdebug.log + +SERVER_ENV=develop + +yaf.use_spl_autoload=1 diff --git a/conf/services/php56/php-fpm.conf b/conf/services/php56/php-fpm.conf new file mode 100644 index 00000000..13183589 --- /dev/null +++ b/conf/services/php56/php-fpm.conf @@ -0,0 +1,423 @@ +; Start a new pool named 'www'. +; the variable $pool can be used in any directive and will be replaced by the +; pool name ('www' here) +[www] + +; Per pool prefix +; It only applies on the following directives: +; - 'access.log' +; - 'slowlog' +; - 'listen' (unixsocket) +; - 'chroot' +; - 'chdir' +; - 'php_values' +; - 'php_admin_values' +; When not set, the global prefix (or NONE) applies instead. +; Note: This directive can also be relative to the global prefix. +; Default Value: none +;prefix = /path/to/pools/$pool + +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +user = www-data +group = www-data + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on +; a specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +listen = 127.0.0.1:9000 + +; Set listen(2) backlog. +; Default Value: 511 (-1 on FreeBSD and OpenBSD) +;listen.backlog = 511 + +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. +; Default Values: user and group are set as the running user +; mode is set to 0660 +;listen.owner = www-data +;listen.group = www-data +;listen.mode = 0660 +; When POSIX Access Control Lists are supported you can set them using +; these options, value is a comma separated list of user/group names. +; When set, listen.owner and listen.group are ignored +;listen.acl_users = +;listen.acl_groups = + +; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. +; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original +; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address +; must be separated by a comma. If this value is left blank, connections will be +; accepted from any ip address. +; Default Value: any +;listen.allowed_clients = 127.0.0.1 + +; Specify the nice(2) priority to apply to the pool processes (only if set) +; The value can vary from -19 (highest priority) to 20 (lower priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool processes will inherit the master process priority +; unless it specified otherwise +; Default Value: no set +; process.priority = -19 + +; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user +; or group is differrent than the master process user. It allows to create process +; core dump and ptrace the process for the pool user. +; Default Value: no +; process.dumpable = yes + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives. With this process management, there will be +; always at least 1 children. +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; ondemand - no children are created at startup. Children will be forked when +; new requests will connect. The following parameter are used: +; pm.max_children - the maximum number of children that +; can be alive at the same time. +; pm.process_idle_timeout - The number of seconds after which +; an idle process will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. The below defaults are based on a server without much resources. Don't +; forget to tweak pm.* to fit your needs. +; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' +; Note: This value is mandatory. +pm.max_children = 10 + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 +pm.start_servers = 2 + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.min_spare_servers = 1 + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.max_spare_servers = 3 + +; The number of seconds after which an idle process will be killed. +; Note: Used only when pm is set to 'ondemand' +; Default Value: 10s +;pm.process_idle_timeout = 10s; + +; The number of requests each child process should execute before respawning. +; This can be useful to work around memory leaks in 3rd party libraries. For +; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. +; Default Value: 0 +;pm.max_requests = 500 + +; The URI to view the FPM status page. If this value is not set, no URI will be +; recognized as a status page. It shows the following informations: +; pool - the name of the pool; +; process manager - static, dynamic or ondemand; +; start time - the date and time FPM has started; +; start since - number of seconds since FPM has started; +; accepted conn - the number of request accepted by the pool; +; listen queue - the number of request in the queue of pending +; connections (see backlog in listen(2)); +; max listen queue - the maximum number of requests in the queue +; of pending connections since FPM has started; +; listen queue len - the size of the socket queue of pending connections; +; idle processes - the number of idle processes; +; active processes - the number of active processes; +; total processes - the number of idle + active processes; +; max active processes - the maximum number of active processes since FPM +; has started; +; max children reached - number of times, the process limit has been reached, +; when pm tries to start more children (works only for +; pm 'dynamic' and 'ondemand'); +; Value are updated in real time. +; Example output: +; pool: www +; process manager: static +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 62636 +; accepted conn: 190460 +; listen queue: 0 +; max listen queue: 1 +; listen queue len: 42 +; idle processes: 4 +; active processes: 11 +; total processes: 15 +; max active processes: 12 +; max children reached: 0 +; +; By default the status page output is formatted as text/plain. Passing either +; 'html', 'xml' or 'json' in the query string will return the corresponding +; output syntax. Example: +; http://www.foo.bar/status +; http://www.foo.bar/status?json +; http://www.foo.bar/status?html +; http://www.foo.bar/status?xml +; +; By default the status page only outputs short status. Passing 'full' in the +; query string will also return status for each pool process. +; Example: +; http://www.foo.bar/status?full +; http://www.foo.bar/status?json&full +; http://www.foo.bar/status?html&full +; http://www.foo.bar/status?xml&full +; The Full status returns for each process: +; pid - the PID of the process; +; state - the state of the process (Idle, Running, ...); +; start time - the date and time the process has started; +; start since - the number of seconds since the process has started; +; requests - the number of requests the process has served; +; request duration - the duration in µs of the requests; +; request method - the request method (GET, POST, ...); +; request URI - the request URI with the query string; +; content length - the content length of the request (only with POST); +; user - the user (PHP_AUTH_USER) (or '-' if not set); +; script - the main script called (or '-' if not set); +; last request cpu - the %cpu the last request consumed +; it's always 0 if the process is not in Idle state +; because CPU calculation is done when the request +; processing has terminated; +; last request memory - the max amount of memory the last request consumed +; it's always 0 if the process is not in Idle state +; because memory calculation is done when the request +; processing has terminated; +; If the process is in Idle state, then informations are related to the +; last request the process has served. Otherwise informations are related to +; the current request being served. +; Example output: +; ************************ +; pid: 31330 +; state: Running +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 63087 +; requests: 12808 +; request duration: 1250261 +; request method: GET +; request URI: /test_mem.php?N=10000 +; content length: 0 +; user: - +; script: /home/fat/web/docs/php/test_mem.php +; last request cpu: 0.00 +; last request memory: 0 +; +; Note: There is a real-time FPM status monitoring sample web page available +; It's available in: /usr/local/share/php/fpm/status.html +; +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;pm.status_path = /status + +; The ping URI to call the monitoring page of FPM. If this value is not set, no +; URI will be recognized as a ping page. This could be used to test from outside +; that FPM is alive and responding, or to +; - create a graph of FPM availability (rrd or such); +; - remove a server from a group if it is not responding (load balancing); +; - trigger alerts for the operating team (24/7). +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;ping.path = /ping + +; This directive may be used to customize the response of a ping request. The +; response is formatted as text/plain with a 200 response code. +; Default Value: pong +;ping.response = pong + +; The access log file +; Default: not set +;access.log = log/$pool.access.log + +; The access log format. +; The following syntax is allowed +; %%: the '%' character +; %C: %CPU used by the request +; it can accept the following format: +; - %{user}C for user CPU only +; - %{system}C for system CPU only +; - %{total}C for user + system CPU (default) +; %d: time taken to serve the request +; it can accept the following format: +; - %{seconds}d (default) +; - %{miliseconds}d +; - %{mili}d +; - %{microseconds}d +; - %{micro}d +; %e: an environment variable (same as $_ENV or $_SERVER) +; it must be associated with embraces to specify the name of the env +; variable. Some exemples: +; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e +; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e +; %f: script filename +; %l: content-length of the request (for POST request only) +; %m: request method +; %M: peak of memory allocated by PHP +; it can accept the following format: +; - %{bytes}M (default) +; - %{kilobytes}M +; - %{kilo}M +; - %{megabytes}M +; - %{mega}M +; %n: pool name +; %o: output header +; it must be associated with embraces to specify the name of the header: +; - %{Content-Type}o +; - %{X-Powered-By}o +; - %{Transfert-Encoding}o +; - .... +; %p: PID of the child that serviced the request +; %P: PID of the parent of the child that serviced the request +; %q: the query string +; %Q: the '?' character if query string exists +; %r: the request URI (without the query string, see %q and %Q) +; %R: remote IP address +; %s: status (response code) +; %t: server time the request was received +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %T: time the log has been written (the request has finished) +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %u: remote user +; +; Default: "%R - %u %t \"%m %r\" %s" +;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +slowlog = /var/log/php/fpm.slow.log + +; The timeout for serving a single request after which a PHP backtrace will be +; dumped to the 'slowlog' file. A value of '0s' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +request_slowlog_timeout = 3 + +; Depth of slow log stack trace. +; Default Value: 20 +;request_slowlog_trace_depth = 20 + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_terminate_timeout = 0 + +; Set open file descriptor rlimit. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Chroot to this directory at the start. This value must be defined as an +; absolute path. When this value is not set, chroot is not used. +; Note: you can prefix with '$prefix' to chroot to the pool prefix or one +; of its subdirectories. If the pool prefix is not set, the global prefix +; will be used instead. +; Note: chrooting is a great security feature and should be used whenever +; possible. However, all PHP paths will be relative to the chroot +; (error_log, sessions.save_path, ...). +; Default Value: not set +;chroot = + +; Chdir to this directory at the start. +; Note: relative path can be used. +; Default Value: current directory or / when chroot +;chdir = /var/www + +; Redirect worker stdout and stderr into main error log. If not set, stdout and +; stderr will be redirected to /dev/null according to FastCGI specs. +; Note: on highloaded environement, this can cause some delay in the page +; process time (several ms). +; Default Value: no +catch_workers_output = yes + +; Clear environment in FPM workers +; Prevents arbitrary environment variables from reaching FPM worker processes +; by clearing the environment in workers before env vars specified in this +; pool configuration are added. +; Setting to "no" will make all environment variables available to PHP code +; via getenv(), $_ENV and $_SERVER. +; Default Value: yes +;clear_env = no + +; Limits the extensions of the main script FPM will allow to parse. This can +; prevent configuration mistakes on the web server side. You should only limit +; FPM to .php extensions to prevent malicious users to use other extensions to +; execute php code. +; Note: set an empty value to allow all extensions. +; Default Value: .php +;security.limit_extensions = .php .php3 .php4 .php5 .php7 + +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from +; the current environment. +; Default Value: clean env +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /tmp +;env[TMPDIR] = /tmp +;env[TEMP] = /tmp + +; Additional php.ini defines, specific to this pool of workers. These settings +; overwrite the values previously defined in the php.ini. The directives are the +; same as the PHP SAPI: +; php_value/php_flag - you can set classic ini defines which can +; be overwritten from PHP call 'ini_set'. +; php_admin_value/php_admin_flag - these directives won't be overwritten by +; PHP call 'ini_set' +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. + +; Defining 'extension' will load the corresponding shared extension from +; extension_dir. Defining 'disable_functions' or 'disable_classes' will not +; overwrite previously defined php.ini values, but will append the new value +; instead. + +; Note: path INI options can be relative and will be expanded with the prefix +; (pool, global or /usr/local) + +; Default Value: nothing is defined by default except the values in php.ini and +; specified at startup with the -d argument +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com +;php_flag[display_errors] = off +;php_admin_value[error_log] = /var/log/fpm-php.www.log +;php_admin_flag[log_errors] = on +;php_admin_value[memory_limit] = 32M diff --git a/conf/services/php56/php.ini b/conf/services/php56/php.ini new file mode 100644 index 00000000..a8ad689c --- /dev/null +++ b/conf/services/php56/php.ini @@ -0,0 +1,1933 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it is +; much more verbose when it comes to errors. We recommend using the +; development version only in development environments, as errors shown to +; application users can inadvertently leak otherwise secure information. + +; This is php.ini-production INI file. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT + +; html_errors +; Default Value: On +; Development Value: On +; Production value: On + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.sid_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It is +; generally recommended that should be used and that this feature +; should be disabled, as enabling it may result in issues when generating XML +; documents, however this remains supported for backward compatibility reasons. +; Note that this directive does not control the would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 4096k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +; Enables or disables the circular reference collector. +; http://php.net/zend.enable-gc +zend.enable_gc = On + +; If enabled, scripts may be written in encodings that are incompatible with +; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such +; encodings. To use this feature, mbstring extension must be enabled. +; Default: Off +;zend.multibyte = Off + +; Allows to set the default encoding for the scripts. This value will be used +; unless "declare(encoding=...)" directive appears at the top of the script. +; Only affects if zend.multibyte is set. +; Default: "" +;zend.script_encoding = + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = On + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; How many GET/POST/COOKIE input variables may be accepted +; max_input_vars = 1000 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 256M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it is automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL (Show all errors, warnings and notices including coding standards.) +; E_ALL & ~E_NOTICE (Show all errors, except for notices) +; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT +; http://php.net/error-reporting +error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; For production environments, we recommend logging errors rather than +; sending them to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = Off + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. We strongly recommend you +; set this to 'off' for production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = Off + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of formatting the +; error message as HTML for easier reading. This directive controls whether +; the error message is formatted as HTML or not. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: On +; http://php.net/html-errors +html_errors = On + +; If html_errors is set to On *and* docref_root is not empty, then PHP +; produces clickable error messages that direct to a page describing the error +; or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty, in which +; case no links to documentation are generated. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on Windows). +error_log = /var/log/php/php.error.log + +;windows.show_crt_warning +; Default value: 0 +; Development value: 0 +; Production value: 0 + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. G,P,C,E & S are abbreviations for the following respective super +; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty +; paid for the registration of these arrays and because ENV is not as commonly +; used as the others, ENV is not recommended on productions servers. You +; can still get access to the environment variables through getenv() should you +; need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P & C) should be +; registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive +; are specified in the same manner as the variables_order directive, +; EXCEPT one. Leaving this value empty will cause PHP to use the value set +; in the variables_order directive. It does not mean it will leave the super +; globals array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the ENV, REQUEST and SERVER variables are created when they're +; first used (Just In Time) instead of when the script starts. If these +; variables are not used within a script, having this directive on will result +; in a performance gain. The PHP directive register_argc_argv must be disabled +; for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Whether PHP will read the POST data. +; This option is enabled by default. +; Most likely, you won't want to disable this option globally. It causes $_POST +; and $_FILES to always be empty; the only way you will be able to read the +; POST data will be through the php://input stream wrapper. This can be useful +; to proxy requests or to process the POST data in a memory efficient fashion. +; http://php.net/enable-post-data-reading +;enable_post_data_reading = Off + +; Maximum size of POST data that PHP will accept. +; Its value may be 0 to disable the limit. It is ignored if POST data reading +; is disabled through enable_post_data_reading. +; http://php.net/post-max-size +post_max_size = 100M + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a media type using the Content-Type header. To +; disable this, simply set it to be empty. +; +; PHP's built-in default media type is set to text/html. +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to UTF-8. +; http://php.net/default-charset +default_charset = "UTF-8" + +; PHP internal character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/internal-encoding +;internal_encoding = + +; PHP input character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/input-encoding +;input_encoding = + +; PHP output character encoding is set to empty. +; If empty, default_charset is used. +; See also output_buffer. +; http://php.net/output-encoding +;output_encoding = + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +;include_path = ".:/php/includes" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Directory where the temporary files should be placed. +; Defaults to the system default (see sys_get_temp_dir) +; sys_temp_dir = "/tmp" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside +; of the web tree and people will not be able to circumvent .htaccess security. +; http://php.net/cgi.dicard-path +;cgi.discard_path=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1 + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If set to 0, PHP sends Status: header that +; is supported by Apache. When this option is set to 1, PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! +; (shebang) at the top of the running script. This line might be needed if the +; script support running both as stand-alone script and via PHP CGI<. PHP in CGI +; mode skips this line and ignores its content if this directive is turned on. +; http://php.net/cgi.check-shebang-line +;cgi.check_shebang_line=1 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 50M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = On + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=mysqli.dll +; +; ... or under UNIX: +; +; extension=mysqli.so +; +; ... or with a path: +; +; extension=/path/to/extension/mysqli.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5+) +; extension folders as well as the separate PECL DLL download (PHP 5+). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_ftp.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysqli.dll +;extension=php_oci8_12c.dll ; Use with Oracle Database 12c Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_shmop.dll + +; The MIBS data available in the PHP distribution must be installed. +; See http://www.php.net/manual/en/snmp.installation.php +;extension=php_snmp.dll + +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite3.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[CLI Server] +; Whether the CLI web server uses ANSI color coding in its terminal output. +cli_server.color = On + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +date.timezone = Asia/Shanghai + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +; Use of this INI entry is deprecated, use global input_encoding instead. +; If empty, default_charset or input_encoding or iconv.input_encoding is used. +; The precedence is: default_charset < intput_encoding < iconv.input_encoding +;iconv.input_encoding = + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;iconv.internal_encoding = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; If empty, default_charset or output_encoding or iconv.output_encoding is used. +; The precedence is: default_charset < output_encoding < iconv.output_encoding +; To use an output encoding conversion, iconv's output handler must be set +; otherwise output encoding conversion cannot be performed. +;iconv.output_encoding = + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING +;intl.use_exceptions = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +;Enables or disables JIT compilation of patterns. This requires the PCRE +;library to be compiled with JIT support. +;pcre.jit=1 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(). +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = +; Log mail to syslog (Event Log on Windows). +;mail.log = syslog + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = Off + +; Records communication from all extensions using mysqlnd to the specified log +; file. +; http://php.net/mysqlnd.debug +;mysqlnd.debug = + +; Defines which queries will be logged. +; http://php.net/mysqlnd.log_mask +;mysqlnd.log_mask = 0 + +; Default size of the mysqlnd memory pool, which is used by result sets. +; http://php.net/mysqlnd.mempool_default_size +;mysqlnd.mempool_default_size = 16000 + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +; Timeout for network requests in seconds. +; http://php.net/mysqlnd.net_read_timeout +;mysqlnd.net_read_timeout = 31536000 + +; SHA-256 Authentication Plugin related. File with the MySQL server public RSA +; key. +; http://php.net/mysqlnd.sha256_server_public_key +;mysqlnd.sha256_server_public_key = + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgreSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if +; your OS has problems with many files in one directory, and is +; a more efficient layout for servers that handle many sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +;session.save_path = "/tmp" + +; Whether to use strict session mode. +; Strict session mode does not accept uninitialized session ID and regenerate +; session ID if browser sends uninitialized session ID. Strict mode protects +; applications from session fixation via session adoption vulnerability. It is +; disabled by default for maximum compatibility, but enabling it is encouraged. +; https://wiki.php.net/rfc/strict_sessions +session.use_strict_mode = 0 + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combating +; session hijacking when not specifying and managing your own session id. It is +; not the be-all and end-all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 -type f | xargs rm + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users' security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publicly accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Set session ID character length. This value could be between 22 to 256. +; Shorter length than default is supported only for compatibility reason. +; Users should use 32 or more chars. +; http://php.net/session.sid-length +; Default Value: 32 +; Development Value: 26 +; Production Value: 26 +session.sid_length = 26 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; is special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. tag's action attribute URL will not be modified +; unless it is specified. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=" +; Development Value: "a=href,area=href,frame=src,form=" +; Production Value: "a=href,area=href,frame=src,form=" +; http://php.net/url-rewriter.tags +session.trans_sid_tags = "a=href,area=href,frame=src,form=" + +; URL rewriter does not rewrite absolute URLs by default. +; To enable rewrites for absolute pathes, target hosts must be specified +; at RUNTIME. i.e. use ini_set() +; tags is special. PHP will check action attribute's URL regardless +; of session.trans_sid_tags setting. +; If no host is defined, HTTP_HOST will be used for allowed host. +; Example value: php.net,www.php.net,wiki.php.net +; Use "," for multiple hosts. No spaces are allowed. +; Default Value: "" +; Development Value: "" +; Production Value: "" +;session.trans_sid_hosts="" + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.sid_bits_per_character = 5 + +; Enable upload progress tracking in $_SESSION +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.enabled +;session.upload_progress.enabled = On + +; Cleanup the progress information as soon as all POST data has been read +; (i.e. upload completed). +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.cleanup +;session.upload_progress.cleanup = On + +; A prefix used for the upload progress key in $_SESSION +; Default Value: "upload_progress_" +; Development Value: "upload_progress_" +; Production Value: "upload_progress_" +; http://php.net/session.upload-progress.prefix +;session.upload_progress.prefix = "upload_progress_" + +; The index name (concatenated with the prefix) in $_SESSION +; containing the upload progress information +; Default Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Development Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Production Value: "PHP_SESSION_UPLOAD_PROGRESS" +; http://php.net/session.upload-progress.name +;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" + +; How frequently the upload progress should be updated. +; Given either in percentages (per-file), or in bytes +; Default Value: "1%" +; Development Value: "1%" +; Production Value: "1%" +; http://php.net/session.upload-progress.freq +;session.upload_progress.freq = "1%" + +; The minimum delay between updates, in seconds +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.upload-progress.min-freq +;session.upload_progress.min_freq = "1" + +; Only write session data when session data is changed. Enabled by default. +; http://php.net/session.lazy-write +;session.lazy_write = On + +[Assertion] +; Switch whether to compile assertions at all (to have no overhead at run-time) +; -1: Do not compile at all +; 0: Jump over assertion at run-time +; 1: Execute assertions +; Changing from or to a negative value is only possible in php.ini! (For turning assertions on and off at run-time, see assert.active, when zend.assertions = 1) +; Default Value: 1 +; Development Value: 1 +; Production Value: -1 +; http://php.net/zend.assertions +zend.assertions = -1 + +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Throw an AssertationException on failed assertions +; http://php.net/assert.exception +;assert.exception = On + +; Issue a PHP warning for each failed assertion. (Overridden by assert.exception if active) +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; This affects mb_send_mail() and mbstring.detect_order. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; internal/script encoding. +; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*) +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;mbstring.internal_encoding = + +; Use of this INI entry is deprecated, use global input_encoding instead. +; http input encoding. +; mbstring.encoding_traslation = On is needed to use this setting. +; If empty, default_charset or input_encoding or mbstring.input is used. +; The precedence is: default_charset < intput_encoding < mbsting.http_input +; http://php.net/mbstring.http-input +;mbstring.http_input = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; http output encoding. +; mb_output_handler must be registered as output buffer to function. +; If empty, default_charset or output_encoding or mbstring.http_output is used. +; The precedence is: default_charset < output_encoding < mbstring.http_output +; To use an output encoding conversion, mbstring's output handler must be set +; otherwise output encoding conversion cannot be performed. +; http://php.net/mbstring.http-output +;mbstring.http_output = + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; "auto" detect order is changed according to mbstring.language +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +; Default: Off +;mbstring.strict_detection = On + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 1 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[dba] +;dba.default_handler= + +[opcache] +; Determines if Zend OPCache is enabled +;opcache.enable=1 + +; Determines if Zend OPCache is enabled for the CLI version of PHP +;opcache.enable_cli=1 + +; The OPcache shared memory storage size. +;opcache.memory_consumption=128 + +; The amount of memory for interned strings in Mbytes. +;opcache.interned_strings_buffer=8 + +; The maximum number of keys (scripts) in the OPcache hash table. +; Only numbers between 200 and 1000000 are allowed. +;opcache.max_accelerated_files=10000 + +; The maximum percentage of "wasted" memory until a restart is scheduled. +;opcache.max_wasted_percentage=5 + +; When this directive is enabled, the OPcache appends the current working +; directory to the script key, thus eliminating possible collisions between +; files with the same name (basename). Disabling the directive improves +; performance, but may break existing applications. +;opcache.use_cwd=1 + +; When disabled, you must reset the OPcache manually or restart the +; webserver for changes to the filesystem to take effect. +;opcache.validate_timestamps=1 + +; How often (in seconds) to check file timestamps for changes to the shared +; memory storage allocation. ("1" means validate once per second, but only +; once per request. "0" means always validate) +;opcache.revalidate_freq=2 + +; Enables or disables file search in include_path optimization +;opcache.revalidate_path=0 + +; If disabled, all PHPDoc comments are dropped from the code to reduce the +; size of the optimized code. +;opcache.save_comments=1 + +; If enabled, a fast shutdown sequence is used for the accelerated code +; Depending on the used Memory Manager this may cause some incompatibilities. +;opcache.fast_shutdown=0 + +; Allow file existence override (file_exists, etc.) performance feature. +;opcache.enable_file_override=0 + +; A bitmask, where each bit enables or disables the appropriate OPcache +; passes +;opcache.optimization_level=0xffffffff + +;opcache.inherited_hack=1 +;opcache.dups_fix=0 + +; The location of the OPcache blacklist file (wildcards allowed). +; Each OPcache blacklist file is a text file that holds the names of files +; that should not be accelerated. The file format is to add each filename +; to a new line. The filename may be a full path or just a file prefix +; (i.e., /var/www/x blacklists all the files and directories in /var/www +; that start with 'x'). Line starting with a ; are ignored (comments). +;opcache.blacklist_filename= + +; Allows exclusion of large files from being cached. By default all files +; are cached. +;opcache.max_file_size=0 + +; Check the cache checksum each N requests. +; The default value of "0" means that the checks are disabled. +;opcache.consistency_checks=0 + +; How long to wait (in seconds) for a scheduled restart to begin if the cache +; is not being accessed. +;opcache.force_restart_timeout=180 + +; OPcache error_log file name. Empty string assumes "stderr". +;opcache.error_log= + +; All OPcache errors go to the Web server log. +; By default, only fatal errors (level 0) or errors (level 1) are logged. +; You can also enable warnings (level 2), info messages (level 3) or +; debug messages (level 4). +;opcache.log_verbosity_level=1 + +; Preferred Shared Memory back-end. Leave empty and let the system decide. +;opcache.preferred_memory_model= + +; Protect the shared memory from unexpected writing during script execution. +; Useful for internal debugging only. +;opcache.protect_memory=0 + +; Allows calling OPcache API functions only from PHP scripts which path is +; started from specified string. The default "" means no restriction +;opcache.restrict_api= + +; Mapping base of shared memory segments (for Windows only). All the PHP +; processes have to map shared memory into the same address space. This +; directive allows to manually fix the "Unable to reattach to base address" +; errors. +;opcache.mmap_base= + +; Enables and sets the second level cache directory. +; It should improve performance when SHM memory is full, at server restart or +; SHM reset. The default "" disables file based caching. +;opcache.file_cache= + +; Enables or disables opcode caching in shared memory. +;opcache.file_cache_only=0 + +; Enables or disables checksum validation when script loaded from file cache. +;opcache.file_cache_consistency_checks=1 + +; Implies opcache.file_cache_only=1 for a certain process that failed to +; reattach to the shared memory (for Windows only). Explicitly enabled file +; cache is required. +;opcache.file_cache_fallback=1 + +; Enables or disables copying of PHP code (text segment) into HUGE PAGES. +; This should improve performance, but requires appropriate OS configuration. +;opcache.huge_code_pages=1 + +; Validate cached file permissions. +;opcache.validate_permission=0 + +; Prevent name collisions in chroot'ed environment. +;opcache.validate_root=0 + +[curl] +; A default value for the CURLOPT_CAINFO option. This is required to be an +; absolute path. +;curl.cainfo = + +[openssl] +; The location of a Certificate Authority (CA) file on the local filesystem +; to use when verifying the identity of SSL/TLS peers. Most users should +; not specify a value for this directive as PHP will attempt to use the +; OS-managed cert stores in its absence. If specified, this value may still +; be overridden on a per-stream basis via the "cafile" SSL stream context +; option. +;openssl.cafile= + +; If openssl.cafile is not specified or if the CA file is not found, the +; directory pointed to by openssl.capath is searched for a suitable +; certificate. This value must be a correctly hashed certificate directory. +; Most users should not specify a value for this directive as PHP will +; attempt to use the OS-managed cert stores in its absence. If specified, +; this value may still be overridden on a per-stream basis via the "capath" +; SSL stream context option. +;openssl.capath= + +; Local Variables: +; tab-width: 4 +; End: + +[XDebug] +xdebug.remote_enable = 1 +xdebug.remote_handler = "dbgp" +; Set to host.docker.internal on Mac and Windows, otherwise, set to host real ip +xdebug.remote_host = host.docker.internal +;xdebug.remote_port = 9000 +xdebug.remote_log = /var/log/php/xdebug2.log + +SERVER_ENV=develop + +yaf.use_spl_autoload=1 + +[xhprof] +;xhprof.output_dir = /var/log/php/xhprof.log \ No newline at end of file diff --git a/conf/services/phpmyadmin/config.user.inc.php b/conf/services/phpmyadmin/config.user.inc.php new file mode 100644 index 00000000..a03877de --- /dev/null +++ b/conf/services/phpmyadmin/config.user.inc.php @@ -0,0 +1,19 @@ + /etc/timezone \ + && rm -rf /var/cache/apk/* + + +WORKDIR /www \ No newline at end of file diff --git a/conf/services/supervisor/conf.d/php-fpm.ini b/conf/services/supervisor/conf.d/php-fpm.ini new file mode 100644 index 00000000..258af29f --- /dev/null +++ b/conf/services/supervisor/conf.d/php-fpm.ini @@ -0,0 +1,20 @@ +[program:php] +command=php -m +;directory=/www/localhost/ +priority=999 ; the relative start priority (default 999) +autostart=true ; start at supervisord start (default: true) +autorestart=true ; retstart at unexpected quit (default: true) +startsecs=10 ; number of secs prog must stay running (def. 10) +startretries=3 ; max # of serial start failures (default 3) +exitcodes=0,2 ; 'expected' exit codes for process (default 0,2) +stopsignal=QUIT ; signal used to kill process (default TERM) +stopwaitsecs=10 ; max num secs to wait before SIGKILL (default 10) +user=root ; setuid to this UNIX account to run the program +log_stdout=true +log_stderr=true ; if true, log program stderr (def false) +logfile=/var/log/supervisor/php.log +logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB) +logfile_backups=10 ; # of logfile backups (default 10) +stdout_logfile_maxbytes=20MB ; stdout 日志文件大小,默认 50MB +stdout_logfile_backups=20 ; stdout 日志文件备份数 +stdout_logfile=/var/log/supervisor/php.stdout.log diff --git a/conf/services/supervisor/supervisord.conf b/conf/services/supervisor/supervisord.conf new file mode 100644 index 00000000..c444a0bc --- /dev/null +++ b/conf/services/supervisor/supervisord.conf @@ -0,0 +1,129 @@ +[unix_http_server] +file=/run/supervisord.sock ; (the path to the socket file) +;chmod=0700 ; socked file mode (default 0700) +;chown=nobody:nogroup ; socket file uid:gid owner +;username=user ; (default is no username (open server)) +;password=123 ; (default is no password (open server)) + +[inet_http_server] ; inet (TCP) server disabled by default +port=0.0.0.0:9001 ; (ip_address:port specifier, *:port for all iface) +username=user ; (default is no username (open server)) +password=123 ; (default is no password (open server)) + +[supervisord] +logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log) +;logfile_maxbytes=50MB ; (max main logfile bytes b4 rotation;default 50MB) +;logfile_backups=10 ; (num of main logfile rotation backups;default 10) +loglevel=error ; (log level;default info; others: debug,warn,trace) +pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid) +nodaemon=true ; (start in foreground if true;default false) +;minfds=1024 ; (min. avail startup file descriptors;default 1024) +;minprocs=200 ; (min. avail process descriptors;default 200) +;umask=022 ; (process file creation umask;default 022) +user=root ; (default is current user, required if root) +;identifier=supervisor ; (supervisord identifier, default is 'supervisor') +;directory=/tmp ; (default is not to cd during start) +;nocleanup=true ; (don't clean up tempfiles at start;default false) +;childlogdir=/var/log/supervisor ; ('AUTO' child log dir, default $TEMP) +;environment=KEY=value ; (key value pairs to add to environment) +;strip_ansi=false ; (strip ansi escape codes in logs; def. false) + +; the below section must remain in the config file for RPC +; (supervisorctl/web interface) to work, additional interfaces may be +; added by defining them in separate rpcinterface: sections +[rpcinterface:supervisor] +supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface + +[supervisorctl] +serverurl=unix:///run/supervisord.sock ; use a unix:// URL for a unix socket +;serverurl=http://127.0.0.1:9001 ; use an http:// url to specify an inet socket +;username=chris ; should be same as http_username if set +;password=123 ; should be same as http_password if set +;prompt=mysupervisor ; cmd line prompt (default "supervisor") +;history_file=~/.sc_history ; use readline history if available + +; The below sample program section shows all possible program subsection values, +; create one or more 'real' program: sections to be able to control them under +; supervisor. + +;[program:theprogramname] +;command=/bin/cat ; the program (relative uses PATH, can take args) +;process_name=%(program_name)s ; process_name expr (default %(program_name)s) +;numprocs=1 ; number of processes copies to start (def 1) +;directory=/tmp ; directory to cwd to before exec (def no cwd) +;umask=022 ; umask for process (default None) +;priority=999 ; the relative start priority (default 999) +;autostart=true ; start at supervisord start (default: true) +;autorestart=unexpected ; whether/when to restart (default: unexpected) +;startsecs=1 ; number of secs prog must stay running (def. 1) +;startretries=3 ; max # of serial start failures (default 3) +;exitcodes=0,2 ; 'expected' exit codes for process (default 0,2) +;stopsignal=QUIT ; signal used to kill process (default TERM) +;stopwaitsecs=10 ; max num secs to wait b4 SIGKILL (default 10) +;killasgroup=false ; SIGKILL the UNIX process group (def false) +;user=chrism ; setuid to this UNIX account to run the program +;redirect_stderr=true ; redirect proc stderr to stdout (default false) +;stdout_logfile=/a/path ; stdout log path, NONE for none; default AUTO +;stdout_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB) +;stdout_logfile_backups=10 ; # of stdout logfile backups (default 10) +;stdout_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0) +;stdout_events_enabled=false ; emit events on stdout writes (default false) +;stderr_logfile=/a/path ; stderr log path, NONE for none; default AUTO +;stderr_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB) +;stderr_logfile_backups=10 ; # of stderr logfile backups (default 10) +;stderr_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0) +;stderr_events_enabled=false ; emit events on stderr writes (default false) +;environment=A=1,B=2 ; process environment additions (def no adds) +;serverurl=AUTO ; override serverurl computation (childutils) + +; The below sample eventlistener section shows all possible +; eventlistener subsection values, create one or more 'real' +; eventlistener: sections to be able to handle event notifications +; sent by supervisor. + +;[eventlistener:theeventlistenername] +;command=/bin/eventlistener ; the program (relative uses PATH, can take args) +;process_name=%(program_name)s ; process_name expr (default %(program_name)s) +;numprocs=1 ; number of processes copies to start (def 1) +;events=EVENT ; event notif. types to subscribe to (req'd) +;buffer_size=10 ; event buffer queue size (default 10) +;directory=/tmp ; directory to cwd to before exec (def no cwd) +;umask=022 ; umask for process (default None) +;priority=-1 ; the relative start priority (default -1) +;autostart=true ; start at supervisord start (default: true) +;autorestart=unexpected ; whether/when to restart (default: unexpected) +;startsecs=1 ; number of secs prog must stay running (def. 1) +;startretries=3 ; max # of serial start failures (default 3) +;exitcodes=0,2 ; 'expected' exit codes for process (default 0,2) +;stopsignal=QUIT ; signal used to kill process (default TERM) +;stopwaitsecs=10 ; max num secs to wait b4 SIGKILL (default 10) +;killasgroup=false ; SIGKILL the UNIX process group (def false) +;user=chrism ; setuid to this UNIX account to run the program +;redirect_stderr=true ; redirect proc stderr to stdout (default false) +;stdout_logfile=/a/path ; stdout log path, NONE for none; default AUTO +;stdout_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB) +;stdout_logfile_backups=10 ; # of stdout logfile backups (default 10) +;stdout_events_enabled=false ; emit events on stdout writes (default false) +;stderr_logfile=/a/path ; stderr log path, NONE for none; default AUTO +;stderr_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB) +;stderr_logfile_backups ; # of stderr logfile backups (default 10) +;stderr_events_enabled=false ; emit events on stderr writes (default false) +;environment=A=1,B=2 ; process environment additions +;serverurl=AUTO ; override serverurl computation (childutils) + +; The below sample group section shows all possible group values, +; create one or more 'real' group: sections to create "heterogeneous" +; process groups. + +;[group:thegroupname] +;programs=progname1,progname2 ; each refers to 'x' in [program:x] definitions +;priority=999 ; the relative start priority (default 999) + +; The [include] section can just contain the "files" setting. This +; setting can list multiple files (separated by whitespace or +; newlines). It can also contain wildcards. The filenames are +; interpreted as relative to this file. Included files *cannot* +; include files themselves. + +[include] +files = /etc/supervisor/conf.d/*.ini diff --git a/conf/tmux.conf b/conf/tmux.conf new file mode 100644 index 00000000..e35fd985 --- /dev/null +++ b/conf/tmux.conf @@ -0,0 +1,11 @@ +set -g mouse on +set -g monitor-activity on +set -g visual-activity on +set-option -g display-time 1000 + +set -g status-left "#[fg=white,bg=blue] > #I < #[default] " +set -g status-right "#[fg=yellow,bright][ #[fg=cyan]#W #[fg=yellow]]#[default] #[fg=yellow,bright] %Y-%m-%d #[fg=green]%H:%M #[default]" +set -g status-style "bg=black, fg=white, bright" +set -g window-status-current-style "bg=green, fg=white, bright" +set -g pane-border-status top +set -g pane-border-format "#{pane_index}:#{pane_title}" diff --git a/conf/tmuxinator_init.yml b/conf/tmuxinator_init.yml new file mode 100644 index 00000000..4f935315 --- /dev/null +++ b/conf/tmuxinator_init.yml @@ -0,0 +1,75 @@ +# ~/.tmuxinator/init.yml + +name: init +root: /var/www + +windows: + - nginx-logs: + layout: even-horizontal + panes: + - list: + - printf '\033]2;%s\033\\' 'access-log' + - clear + - tail -n 100 -F /var/log/nginx/access.log | perl -pe 's/( 200 )|( 304 )|( 500 | 502 | 503 )/\e[1;34m$1\e[0m\e[1;33m$2\e[0m\e[1;31m$3\e[0m/gi' + - list: + - printf '\033]2;%s\033\\' 'error-log' + - clear + - tail -n 100 -F /var/log/nginx/error.log | perl -pe 's/(DEBUG)|(INFO)|(ERROR|EXCEPTION)/\e[1;34m$1\e[0m\e[1;33m$2\e[0m\e[1;31m$3\e[0m/gi' + - php-fpm-logs: + layout: even-horizontal + panes: + - list: + - printf '\033]2;%s\033\\' 'fpm-log' + - clear + - tail -n 100 -F /var/log/php-fpm.log | perl -pe 's/(NOTICE)|(STRICT)|(ERROR|EXCEPTION)/\e[1;34m$1\e[0m\e[1;33m$2\e[0m\e[1;31m$3\e[0m/gi' + - php-code-logs: + layout: even-horizontal + panes: + - list: + - printf '\033]2;%s\033\\' 'exception-log' + - clear + - tail -n 100 -F /tmp/php_exception.log | perl -pe 's/(DEBUG)|(INFO)|(ERROR|EXCEPTION)/\e[1;34m$1\e[0m\e[1;33m$2\e[0m\e[1;31m$3\e[0m/gi' + - list: + - printf '\033]2;%s\033\\' 'notice-log' + - clear + - tail -n 100 -F /tmp/php_notice.log | perl -pe 's/(DEBUG)|(INFO)|(ERROR|EXCEPTION)/\e[1;34m$1\e[0m\e[1;33m$2\e[0m\e[1;31m$3\e[0m/gi' + - list: + - printf '\033]2;%s\033\\' 'module-log' + - clear + - tail -n 100 -F /tmp/php_module.log | perl -pe 's/(DEBUG)|(INFO)|(ERROR|EXCEPTION)/\e[1;34m$1\e[0m\e[1;33m$2\e[0m\e[1;31m$3\e[0m/gi' + - mysql-logs: + layout: even-horizontal + panes: + - list: + - printf '\033]2;%s\033\\' 'error-log' + - clear + - tail -n 100 -F /var/log/mysql/error.log | perl -pe 's/(DEBUG)|(INFO)|(ERROR|EXCEPTION)/\e[1;34m$1\e[0m\e[1;33m$2\e[0m\e[1;31m$3\e[0m/gi' + - list: + - printf '\033]2;%s\033\\' 'sql-log' + - clear + - tail -n 100 -F /var/log/mysql/mysql.log | perl -pe 's/(Close stmt|Quit|Connect)|(Execute)|(ROLLBACK)/\e[1;34m$1\e[0m\e[1;33m$2\e[0m\e[1;31m$3\e[0m/gi' + - redis-logs: + layout: even-horizontal + panes: + - list: + - printf '\033]2;%s\033\\' 'redis-log' + - clear + - tail -n 100 -F /var/log/redis/redis-server.log | perl -pe 's/(DEBUG)|(INFO|WARNING)|(ERROR|EXCEPTION)/\e[1;34m$1\e[0m\e[1;33m$2\e[0m\e[1;31m$3\e[0m/gi' + - list: + - printf '\033]2;%s\033\\' 'action-log' + - clear + - redis-cli monitor | perl -pe 's/(GET|SET)|(KEYS)|(HGET|HSET)/\e[1;34m$1\e[0m\e[1;33m$2\e[0m\e[1;31m$3\e[0m/gi' + - mongodb-logs: + layout: even-horizontal + panes: + - list: + - printf '\033]2;%s\033\\' 'mongodb-log' + - clear + - tail -n 100 -F /var/log/mongodb/mongodb.log | perl -pe 's/(DEBUG)|(INFO)|(ERROR|EXCEPTION)/\e[1;34m$1\e[0m\e[1;33m$2\e[0m\e[1;31m$3\e[0m/gi' + - bash: + layout: even-horizontal + panes: + - list: + - printf '\033]2;%s\033\\' 'bash' + - cd $PRJ_HOME + - clear diff --git a/conf/voocel-docker-lnmp b/conf/voocel-docker-lnmp new file mode 160000 index 00000000..1441be39 --- /dev/null +++ b/conf/voocel-docker-lnmp @@ -0,0 +1 @@ +Subproject commit 1441be394b880e36c2e1b675fb50a8067229c38a diff --git a/conf/workspace/Dockerfile b/conf/workspace/Dockerfile new file mode 100644 index 00000000..d44aa388 --- /dev/null +++ b/conf/workspace/Dockerfile @@ -0,0 +1,215 @@ +ARG PHP_VERSION + +FROM knobik/workspace:latest-${PHP_VERSION} + +ARG PHP_VERSION + +ARG USER_LOGIN +ARG USER_PASSWORD +ARG SET_USER_PASSWORD=false +ENV SET_USER_PASSWORD ${SET_USER_PASSWORD} + +# Start as root +USER root + +# Add a non-root user to prevent files being created with root permissions on host machine. +ARG PUID=1000 +ENV PUID ${PUID} +ARG PGID=1000 +ENV PGID ${PGID} + +# always run apt update when start and after add new source list, then clean up at end. +RUN apt-get update -yqq && \ + pecl channel-update pecl.php.net && \ + groupadd -g ${PGID} ${USER_LOGIN} && \ + useradd -u ${PUID} -g ${USER_LOGIN} -m ${USER_LOGIN} -G docker_env && \ + usermod -s /bin/bash root && \ + usermod -s /bin/bash ${USER_LOGIN} + +# set user password +RUN if [ ${SET_USER_PASSWORD} = true ]; then \ + echo ${USER_LOGIN}:${USER_PASSWORD} | chpasswd \ +;fi + +# +#-------------------------------------------------------------------------- +# Mandatory Software's Installation +#-------------------------------------------------------------------------- +# +# Mandatory Software's such as ("php-cli", "git", "vim", ....) are +# installed on the base image 'knobik/workspace' image. If you want +# to add more Software's or remove existing one, you need to edit the +# base image (https://github.com/knobik/workspace). +# + +USER root + +ARG TZ=UTC +ENV TZ ${TZ} + +RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone + +########################################################################### +# Composer +########################################################################### + +USER root + +# Add the composer.json +COPY ./composer.json /home/${USER_LOGIN}/.composer/composer.json + +# Make sure that ~/.composer belongs to ${USER_LOGIN} +RUN chown -R ${USER_LOGIN}:${USER_LOGIN} /home/${USER_LOGIN}/.composer + +USER ${USER_LOGIN} + +# Check if global install need to be ran +ARG COMPOSER_GLOBAL_INSTALL=true +ENV COMPOSER_GLOBAL_INSTALL ${COMPOSER_GLOBAL_INSTALL} + +RUN if [ ${COMPOSER_GLOBAL_INSTALL} = true ]; then \ + # run the install + composer global install \ +;fi + +ARG COMPOSER_REPO_PACKAGIST +ENV COMPOSER_REPO_PACKAGIST ${COMPOSER_REPO_PACKAGIST} + +RUN if [ ${COMPOSER_REPO_PACKAGIST} ]; then \ + composer config -g repo.packagist composer ${COMPOSER_REPO_PACKAGIST} \ +;fi + +# Export composer vendor path +RUN echo "" >> ~/.bashrc && \ + echo 'export PATH="~/.composer/vendor/bin:$PATH"' >> ~/.bashrc + +########################################################################### +# Non-root user : PHPUnit path +########################################################################### + +# add ./vendor/bin to non-root user's bashrc (needed for phpunit) +USER ${USER_LOGIN} + +RUN echo "" >> ~/.bashrc && \ + echo 'export PATH="/code/vendor/bin:$PATH"' >> ~/.bashrc + +########################################################################### +# xDebug: +########################################################################### + +USER root + +ARG INSTALL_XDEBUG=true + +RUN if [ ${INSTALL_XDEBUG} = true ]; then \ + # Load the xdebug extension only with phpunit commands + apt-get install -y php${PHP_VERSION}-xdebug && \ + sed -i 's/^;//g' /etc/php/${PHP_VERSION}/cli/conf.d/20-xdebug.ini && \ + echo "alias phpunit='php -dzend_extension=xdebug.so /code/vendor/bin/phpunit'" >> ~/.bashrc \ +;fi + +########################################################################### +# ssh: +########################################################################### + +ARG INSTALL_WORKSPACE_SSH=true + +COPY insecure_id_rsa /tmp/id_rsa +COPY insecure_id_rsa.pub /tmp/id_rsa.pub + +RUN if [ ${INSTALL_WORKSPACE_SSH} = true ]; then \ + rm -f /etc/service/sshd/down && \ + cat /tmp/id_rsa.pub >> /root/.ssh/authorized_keys \ + && cat /tmp/id_rsa.pub >> /root/.ssh/id_rsa.pub \ + && cat /tmp/id_rsa >> /root/.ssh/id_rsa \ + && rm -f /tmp/id_rsa* \ + && chmod 644 /root/.ssh/authorized_keys /root/.ssh/id_rsa.pub \ + && chmod 400 /root/.ssh/id_rsa \ + && cp -rf /root/.ssh /home/${USER_LOGIN} \ + && chown -R ${USER_LOGIN}:${USER_LOGIN} /home/${USER_LOGIN}/.ssh \ +;fi + +########################################################################### +# Node / NVM: +########################################################################### + +# Check if NVM needs to be installed +ARG NODE_VERSION=node +ENV NODE_VERSION ${NODE_VERSION} +ARG INSTALL_NODE=true +ARG INSTALL_NPM_GULP=false +ARG INSTALL_NPM_BOWER=false +ARG INSTALL_NPM_VUE_CLI=false +ARG NPM_REGISTRY +ENV NPM_REGISTRY ${NPM_REGISTRY} +ENV NVM_DIR /home/${USER_LOGIN}/.nvm + +RUN if [ ${INSTALL_NODE} = true ]; then \ + # Install nvm (A Node Version Manager) + mkdir -p $NVM_DIR && \ + curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.33.11/install.sh | bash \ + && . $NVM_DIR/nvm.sh \ + && nvm install ${NODE_VERSION} \ + && nvm use ${NODE_VERSION} \ + && nvm alias ${NODE_VERSION} \ + && if [ ${NPM_REGISTRY} ]; then \ + npm config set registry ${NPM_REGISTRY} \ + ;fi \ + && if [ ${INSTALL_NPM_GULP} = true ]; then \ + npm install -g gulp \ + ;fi \ + && if [ ${INSTALL_NPM_BOWER} = true ]; then \ + npm install -g bower \ + ;fi \ + && if [ ${INSTALL_NPM_VUE_CLI} = true ]; then \ + npm install -g @vue/cli \ + ;fi \ + && ln -s `npm bin --global` /home/${USER_LOGIN}/.node-bin \ +;fi + +# Wouldn't execute when added to the RUN statement in the above block +# Source NVM when loading bash since ~/.profile isn't loaded on non-login shell +RUN if [ ${INSTALL_NODE} = true ]; then \ + echo "" >> ~/.bashrc && \ + echo 'export NVM_DIR="$HOME/.nvm"' >> ~/.bashrc && \ + echo '[ -s "$NVM_DIR/nvm.sh" ] && . "$NVM_DIR/nvm.sh" # This loads nvm' >> ~/.bashrc \ +;fi + +# Add NVM binaries to root's .bashrc +USER root + +RUN if [ ${INSTALL_NODE} = true ]; then \ + echo "" >> ~/.bashrc && \ + echo 'export NVM_DIR="/home/${USER_LOGIN}/.nvm"' >> ~/.bashrc && \ + echo '[ -s "$NVM_DIR/nvm.sh" ] && . "$NVM_DIR/nvm.sh" # This loads nvm' >> ~/.bashrc \ +;fi + +# Add PATH for node +ENV PATH $PATH:/home/${USER_LOGIN}/.node-bin + +RUN if [ ${NPM_REGISTRY} ]; then \ + . ~/.bashrc && npm config set registry ${NPM_REGISTRY} \ +;fi + + +########################################################################### +# Check PHP version: +########################################################################### + +RUN php -v | head -n 1 | grep -q "PHP ${PHP_VERSION}." + +# +#-------------------------------------------------------------------------- +# Final Touch +#-------------------------------------------------------------------------- +# + +USER root + +# Clean up +RUN apt-get clean && \ + rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* && \ + rm /var/log/lastlog /var/log/faillog + +# Set default work directory +WORKDIR /code \ No newline at end of file diff --git a/conf/workspace/insecure_id_rsa b/conf/workspace/insecure_id_rsa new file mode 100644 index 00000000..d0d941d3 --- /dev/null +++ b/conf/workspace/insecure_id_rsa @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEA9LX0DVV8VY0k+d58v+Tqe6LfhniBhBgBJ6/ZIGAFyuhqpyf9 +1Dn1ihcZeIBLrC4+IaRq0/xiVcdpyBu3fyGkYnyb57Pi2pOFo/te88j0ReeP5onO +mtDAERCR+Wkzi7kivg4Z4U1KgLeJn3R6WJgV1nUwFwwoPID+UC3RpHcS/TPhgZOL +Sog8dYUXx1fbmOnItJbKUK4Zz883li5LUwPLlmGZbrNYL90l1+s1Q9vlwevye2Wq +zXCvYh6DC3XRYIEnZxrOpDSyUHtAwMJ3HXgkIs3HV1dgPTt972mP29ANaG1MbqAo +retvQMMkPQv+9X96wUq34FEm9aTlT5oS0SQ2Xp3/zUvBSFtfeP7ubJb69bun4/4o +gmHLbdDzYNNFAJ5cm1gwyg95eXvCm5derk8Nf+QBHOlpd2gprVmKcERnrnv4Z1Mz +l6/f0o4UC3wfmQgErfNzfrtJFe54uxuf9OM9dXamcJJOsdUgM1hiZ6e+qYsHeAD9 +n7vCqjQJlrMhCGZpkeSUhkuYuLBrkhqIOq2VqKdS8CHzY3TixW7Pq5xdKDpqYGUX +qPHx/j5jpKt4h2j0L1ztwo9nedh1cbRyPp9oiow7twsxyD99b36rGSh35qKN3JBV +uMn6z3F8tIELMD49IyVCGyi2+jn7qbVLEOUr5IsFqFuIq5zt5ShfSi6N7e8CAwEA +AQKCAgA1t2M1Mhiy5uLA/re/n85hCWWrrPQxPNu0DIPK+YkL+2y9+KddWMOvZlau +/uqdhyEYXXEdy38CeV2dEYh8HbRp8hR/Dhu0A0IItvsm5GvKlIQgBQwXK8+db1e7 +uf4Yo7EeqxW/QSojiyZonDbnD6trghnmVULX1TD+BLDKO2Ett5++w9aFq9YpreeE +WKLZtCfcjGUoxK7h0QjQrKTYOjMMdawqgq/PAep2tSjiFnke0l5N/Ak8Q4ocLbpy +X5BwcKlnlpjZrr+drxCNv6JKE79K7ITfhUyY5GBGl5N+mvL2g1eNyRZk5xNq0es4 +g1OaLDuUBoTKdsXokiPMD3Ql+J7+RCoC9PuGutdCAIU2u9CoFAfKJpsKh+sGRyri +zvD5hlS31F78zif7W5ubi9supA6etJYbK+mwcDsJgmtc+q51xsH3T1ODvRcbtzvY +FE8JzuchN4aPtsY+W/waTDVDdymFvPSsYjX7Blq3fnpg2uJKtzWEIQE+rY7gC3rN +oNSE4YFbIAjTM4kIuIFnkVq3o2BmQ7WHjb3USelhFxBPJ67nBMLS3ShXLjyiu22U +8RxKcbOKpEimuCKRSVEdpsNnps3h2y8c2PPWWS7LGzAiCepLjXwqHLe4L/cvx8S9 +KZRXQneakkKToguV7N9p0O9prjJckb4jo941iaDepVZIHbuP8QKCAQEA+vABCKnn +8PA4RWixPcIybj6iQpHPzt6uZxv3il3IoY3Anm2+EHbloE9VcH3phQEAoTQsxd+k +octHHqdJi6YxOTmmsHl3jilA3kKg0A7Rin702DObC3c9VSOe7V9rizPQnFewkyDP +mpOoW3by0DYv0DFtA8zNfgSkFeqZEoBnQyMom9lBYcJ9VKriUfdCvPgh3ZV/SzEf +cp6ZtMLRvtEWzOx75cww6kLvUuUekQl/7Ubr36Oz+71B66VN59udSLYPAb+stzhb +QSU7LbNKaLlygBREqnTeXj+VCXGnrxORZS1FfqO9unbxg/FYBDBMt/2jXt6Elz62 +YgjDEtGjcTA/rQKCAQEA+aXKW6zufDG88DPsX5psl7Cu2Fwhq1j5ULGvpkuucaVs +snONmFqi4jH7LEZVjEcHg6GhDqGytaaUr1KhXVWttn0om2qZIKFg7BR7E5PR9HKu +Ig0do68pPf/5MKT6TKq1gB1l8B481dVc8tmaHjHbLz9UlIf8uLbXfP1EYyADAqJ4 +xtQNtOj7uz0k5ayIgWU6scGC3ElLTzfWusXPJyWFNV5wAtCI0Xu4U/IdNO0rLiBI +8BSC8VC4Maw/a1ZY1nliXBfjmtJ3i7A2s36+YG11vXmi2BKFXa80BM7+L9zptxf2 +Pv7H1Yvyx4bfVZ2xCTLCyjtUj4wGGkmHMTC8M0gniwKCAQBYzQYQos/Jm7jOFzZh +vI9MJC4XkLIRawwcwPDgrj+JrDg12HAiM3EfQfPiUyyIPMqUQXp2q6X++4i3eEu2 +d6GDtrseSF3emQqznLB78EKG2FadC+YaMKAruOdM6S+Nm1B/gyihaEMPWKGDfJyA +wiw5aMRDS/6MUegfOV3iBj6Eq7R7Mm7IwaLIi5B7oRyk8spJN9ZMLZ4LWcTbCvZe +qG+BJU7TC2dj/zviAeLHQK1csnRWOABBXcAuO9lN65HFYWf+Hm5oiDEC5MIEciYq +2TWDzahfCeyHPcjoBqhodGxHebXWEuvZSK4/GvEiylTb544gzG3vd+ni12bxCe7k +50YhAoIBAQCgG2r3dqYQspl49+P9wH0qn97S1eumB88FqJ99KIZ9Tlmy7Rb/ggl6 +xhFPaOBOsfMowY0YZC3IAEjVVEo3IM7i/cwAONJyMe2GGvCAMspxWudA4WaD5r+t +irAXOYdpigYTX0dUQyBDB66v9Uy5VsI6wAQPqlMzZ9g1yfyFEi+8DdUltzP/NXjU +sbcrMYbubazB+dhiTQNmj+pAKMLdWVvgSWvO8kz9BLrH47xFiGGsGHqOtqjv+RPY +j56wyVT6YCjr5UpMrfSLevzqCzwvfaQIW61LpD0yQz46Y0J0Eds2WMDNz/r7guC2 +hFJRh2vV+V8h8gEeevAjBcsViir5PKpXAoIBAQC/gAQCLbqo4FylEVST3IP8rxA5 +RGbLRDJ2j+ywEzOuy2ufGI/CfxeG/+jF5E0/uBRm8rrnMmaJaNr42hF4r5kjNM5u +ficOVucU3FluQqae73zfUFeAQBft+4tTH+sR8jo+LvEBGinW1wHv7di45I3at2HM +jMtZgWPPIqCBIay0UKysW4eEwXYC9cWg9kPcb2y56zadrKxGZqHOPezH2A1iOuzp +vw0mG0xHUY4Eg5aZxcWB1jMf7bbxTAAMxQiBnw0bPEf5zpWzeKL0obxT/NhCgmV7 +/Fqs0GCbXEEgJo0zAVemALOAYRW3pYvt8FoCOopo4ADyfmdWlAvzCy46k7Fo +-----END RSA PRIVATE KEY----- \ No newline at end of file diff --git a/conf/workspace/insecure_id_rsa.ppk b/conf/workspace/insecure_id_rsa.ppk new file mode 100644 index 00000000..408bff31 --- /dev/null +++ b/conf/workspace/insecure_id_rsa.ppk @@ -0,0 +1,46 @@ +PuTTY-User-Key-File-2: ssh-rsa +Encryption: none +Comment: imported-openssh-key +Public-Lines: 12 +AAAAB3NzaC1yc2EAAAADAQABAAACAQD0tfQNVXxVjST53ny/5Op7ot+GeIGEGAEn +r9kgYAXK6GqnJ/3UOfWKFxl4gEusLj4hpGrT/GJVx2nIG7d/IaRifJvns+Lak4Wj ++17zyPRF54/mic6a0MAREJH5aTOLuSK+DhnhTUqAt4mfdHpYmBXWdTAXDCg8gP5Q +LdGkdxL9M+GBk4tKiDx1hRfHV9uY6ci0lspQrhnPzzeWLktTA8uWYZlus1gv3SXX +6zVD2+XB6/J7ZarNcK9iHoMLddFggSdnGs6kNLJQe0DAwncdeCQizcdXV2A9O33v +aY/b0A1obUxuoCit629AwyQ9C/71f3rBSrfgUSb1pOVPmhLRJDZenf/NS8FIW194 +/u5slvr1u6fj/iiCYctt0PNg00UAnlybWDDKD3l5e8Kbl16uTw1/5AEc6Wl3aCmt +WYpwRGeue/hnUzOXr9/SjhQLfB+ZCASt83N+u0kV7ni7G5/04z11dqZwkk6x1SAz +WGJnp76piwd4AP2fu8KqNAmWsyEIZmmR5JSGS5i4sGuSGog6rZWop1LwIfNjdOLF +bs+rnF0oOmpgZReo8fH+PmOkq3iHaPQvXO3Cj2d52HVxtHI+n2iKjDu3CzHIP31v +fqsZKHfmoo3ckFW4yfrPcXy0gQswPj0jJUIbKLb6OfuptUsQ5SvkiwWoW4irnO3l +KF9KLo3t7w== +Private-Lines: 28 +AAACADW3YzUyGLLm4sD+t7+fzmEJZaus9DE827QMg8r5iQv7bL34p11Yw69mVq7+ +6p2HIRhdcR3LfwJ5XZ0RiHwdtGnyFH8OG7QDQgi2+ybka8qUhCAFDBcrz51vV7u5 +/hijsR6rFb9BKiOLJmicNucPq2uCGeZVQtfVMP4EsMo7YS23n77D1oWr1imt54RY +otm0J9yMZSjEruHRCNCspNg6Mwx1rCqCr88B6na1KOIWeR7SXk38CTxDihwtunJf +kHBwqWeWmNmuv52vEI2/okoTv0rshN+FTJjkYEaXk36a8vaDV43JFmTnE2rR6ziD +U5osO5QGhMp2xeiSI8wPdCX4nv5EKgL0+4a610IAhTa70KgUB8ommwqH6wZHKuLO +8PmGVLfUXvzOJ/tbm5uL2y6kDp60lhsr6bBwOwmCa1z6rnXGwfdPU4O9Fxu3O9gU +TwnO5yE3ho+2xj5b/BpMNUN3KYW89KxiNfsGWrd+emDa4kq3NYQhAT6tjuALes2g +1IThgVsgCNMziQi4gWeRWrejYGZDtYeNvdRJ6WEXEE8nrucEwtLdKFcuPKK7bZTx +HEpxs4qkSKa4IpFJUR2mw2emzeHbLxzY89ZZLssbMCIJ6kuNfCoct7gv9y/HxL0p +lFdCd5qSQpOiC5Xs32nQ72muMlyRviOj3jWJoN6lVkgdu4/xAAABAQD68AEIqefw +8DhFaLE9wjJuPqJCkc/O3q5nG/eKXcihjcCebb4QduWgT1VwfemFAQChNCzF36Sh +y0cep0mLpjE5OaaweXeOKUDeQqDQDtGKfvTYM5sLdz1VI57tX2uLM9CcV7CTIM+a +k6hbdvLQNi/QMW0DzM1+BKQV6pkSgGdDIyib2UFhwn1UquJR90K8+CHdlX9LMR9y +npm0wtG+0RbM7HvlzDDqQu9S5R6RCX/tRuvfo7P7vUHrpU3n251Itg8Bv6y3OFtB +JTsts0pouXKAFESqdN5eP5UJcaevE5FlLUV+o726dvGD8VgEMEy3/aNe3oSXPrZi +CMMS0aNxMD+tAAABAQD5pcpbrO58MbzwM+xfmmyXsK7YXCGrWPlQsa+mS65xpWyy +c42YWqLiMfssRlWMRweDoaEOobK1ppSvUqFdVa22fSibapkgoWDsFHsTk9H0cq4i +DR2jryk9//kwpPpMqrWAHWXwHjzV1Vzy2ZoeMdsvP1SUh/y4ttd8/URjIAMConjG +1A206Pu7PSTlrIiBZTqxwYLcSUtPN9a6xc8nJYU1XnAC0IjRe7hT8h007SsuIEjw +FILxULgxrD9rVljWeWJcF+Oa0neLsDazfr5gbXW9eaLYEoVdrzQEzv4v3Om3F/Y+ +/sfVi/LHht9VnbEJMsLKO1SPjAYaSYcxMLwzSCeLAAABAQC/gAQCLbqo4FylEVST +3IP8rxA5RGbLRDJ2j+ywEzOuy2ufGI/CfxeG/+jF5E0/uBRm8rrnMmaJaNr42hF4 +r5kjNM5uficOVucU3FluQqae73zfUFeAQBft+4tTH+sR8jo+LvEBGinW1wHv7di4 +5I3at2HMjMtZgWPPIqCBIay0UKysW4eEwXYC9cWg9kPcb2y56zadrKxGZqHOPezH +2A1iOuzpvw0mG0xHUY4Eg5aZxcWB1jMf7bbxTAAMxQiBnw0bPEf5zpWzeKL0obxT +/NhCgmV7/Fqs0GCbXEEgJo0zAVemALOAYRW3pYvt8FoCOopo4ADyfmdWlAvzCy46 +k7Fo +Private-MAC: 4ea4cef3fa63f1068dcd512c477c61dd7e85bb38 \ No newline at end of file diff --git a/conf/workspace/insecure_id_rsa.pub b/conf/workspace/insecure_id_rsa.pub new file mode 100644 index 00000000..f770fb88 --- /dev/null +++ b/conf/workspace/insecure_id_rsa.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQD0tfQNVXxVjST53ny/5Op7ot+GeIGEGAEnr9kgYAXK6GqnJ/3UOfWKFxl4gEusLj4hpGrT/GJVx2nIG7d/IaRifJvns+Lak4Wj+17zyPRF54/mic6a0MAREJH5aTOLuSK+DhnhTUqAt4mfdHpYmBXWdTAXDCg8gP5QLdGkdxL9M+GBk4tKiDx1hRfHV9uY6ci0lspQrhnPzzeWLktTA8uWYZlus1gv3SXX6zVD2+XB6/J7ZarNcK9iHoMLddFggSdnGs6kNLJQe0DAwncdeCQizcdXV2A9O33vaY/b0A1obUxuoCit629AwyQ9C/71f3rBSrfgUSb1pOVPmhLRJDZenf/NS8FIW194/u5slvr1u6fj/iiCYctt0PNg00UAnlybWDDKD3l5e8Kbl16uTw1/5AEc6Wl3aCmtWYpwRGeue/hnUzOXr9/SjhQLfB+ZCASt83N+u0kV7ni7G5/04z11dqZwkk6x1SAzWGJnp76piwd4AP2fu8KqNAmWsyEIZmmR5JSGS5i4sGuSGog6rZWop1LwIfNjdOLFbs+rnF0oOmpgZReo8fH+PmOkq3iHaPQvXO3Cj2d52HVxtHI+n2iKjDu3CzHIP31vfqsZKHfmoo3ckFW4yfrPcXy0gQswPj0jJUIbKLb6OfuptUsQ5SvkiwWoW4irnO3lKF9KLo3t7w== insecure@laradock \ No newline at end of file diff --git a/dockenv b/dockenv new file mode 100755 index 00000000..9ee77ddb --- /dev/null +++ b/dockenv @@ -0,0 +1,243 @@ +#!/usr/bin/env bash +# Docker Env +START_TIME=$(date +%s) +# https://www.docker.com/increase-rate-limits +# due to Docker rate limit , mirrors recommended +# Docker Pull Mirrors +# https://registry-1.docker.io +# index.docker.io/library/alpine +# http://f1361db2.m.daocloud.io +# https://22bvsrc3.mirror.aliyuncs.com +# https://2h3po24q.mirror.aliyuncs.com +# https://3laho3y3.mirror.aliyuncs.com +# https://3wky8dz8.mirror.aliyuncs.com +# https://ustc-edu-cn.mirror.aliyuncs.com +# http://hub-mirror.c.163.com +# docker.mirrors.ustc.edu.cn +# https://mirror.baidubce.com + +# lnmp +# php 5.6 7.2 7.3 7.4 8 +# mysql 5.7 8 +# nginx 1.18 +# groupadd www +# useradd -m -s /sbin/nologin -g www www +# mkdir -p /home/{wwwroot,userdata} +# chown -R www:www /home/wwwroot +# gcr.io/google_containers/pause-amd64:3.0 + +# sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list + +PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin +export PATH + +export PATH="/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin" +export LC_ALL=en_US.UTF-8 +export LANG=en_US.UTF-8 +export LANGUAGE=en_US.UTF-8 +export LC_CTYPE=en_US.UTF-8 + +CUR_PATH=$(cd $(dirname "${BASH_SOURCE[0]}") && pwd) +IMAGE_PATH=${CUR_PATH}/images + +# url -sS https://getcomposer.org/installer |php7 + +# /etc/php7/conf.d/20_xdebug.ini +# echo "xdebug.remote_host = ${LOCAL_IP_ADD}" >> /etc/php7/conf.d/20_xdebug.ini +# echo "xdebug.idekey = PHPSTORM" >> /etc/php7/conf.d/20_xdebug.ini +# echo "xdebug.remote_autostart = off" >> /etc/php7/conf.d/20_xdebug.ini + +# addgroup -S topone4tvs && adduser -S -G topone4tvs topone4tvs +# chown -R topone4tvs:topone4tvs /var/www/ + +# apk add openssh +# ssh-keygen -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key +# sed -i -e "s/#HostKey \/etc\/ssh\/ssh_host_rsa_key/HostKey \/etc\/ssh\/ssh_host_rsa_key/g" /etc/ssh/sshd_config +# ssh-keygen -t rsa +# touch ~/.ssh/authorized_keys + +source .env + +_red() { + printf '\033[1;31;31m%b\033[0m' "$1" +} + +_green() { + printf '\033[1;31;32m%b\033[0m' "$1" +} + +_yellow() { + printf '\033[1;31;33m%b\033[0m' "$1" +} + +_info() { + _green "[Info] " + printf -- "%s" "$1" + printf "\n" +} + +_warn() { + _yellow "[Warning] " + printf -- "%s" "$1" + printf "\n" +} + +_error() { + _red "[Error] " + printf -- "%s" "$1" + printf "\n" + exit 1 +} + +# Build Images +do_build() +{ + NAME=$2 + VERSION=$3 + cd ${IMAGE_PATH} + if [[ -d "$NAME" ]]; then + if [[ -z "${VERSION}" ]]; then + cd ${NAME} + DOCKER_BUILDKIT=0 + CMD="docker build --progress plain --no-cache -t ${DOCKER_REGISTRY_PREFIX}/${NAME}:latest ." + ${CMD} + else + cd ${NAME}/${VERSION} + DOCKER_BUILDKIT=0 + CMD="docker build --progress plain --no-cache -t ${DOCKER_REGISTRY_PREFIX}/${NAME}:$VERSION ." + ${CMD} + fi + fi +} + +# 批量构建 +do_builds() +{ + NAME=$2 + VERSION=$3 + cd ${IMAGE_PATH} + if [[ -d "$NAME" ]]; then + cd ${NAME} + for ver in $(ls); do + VERSION="${ver}" + cd "${IMAGE_PATH}/${NAME}/${VERSION}" + do_build build ${NAME} ${VERSION} + _info "${NAME}:${VERSION} Build Complete" + # CMD="docker build --no-cache -t ${DOCKER_REGISTRY_PREFIX}/${NAME}:$VERSION ." + # echo ${CMD} + done + fi +} + +# 批量上传 +do_pushs() +{ + NAME=$2 + VERSION=$3 + cd ${IMAGE_PATH} + if [[ -d "$NAME" ]]; then + cd ${NAME} + for ver in $(ls); do + VERSION="${ver}" + cd "${IMAGE_PATH}/${NAME}/${VERSION}" + do_push push ${NAME} ${VERSION} + _info "${NAME}:${VERSION} Push Complete" + done + fi +} + +do_pull() +{ + NAME=$2 + VERSION=$3 + if [[ -z "$NAME" ]]; then + echo -e "pull requires exactly 1 argument See \n'docker pull --help'." + fi + if [[ -z "$VERSION" ]]; then + VERSION="latest" + fi + CMD="docker pull ${DOCKER_REGISTRY_PREFIX}/${NAME}:${VERSION}" + ${CMD} +} + +do_run() +{ + echo '' +} + +# Push Images to Registry +do_push() +{ + NAME=$2 + VERSION=$3 + cd ${IMAGE_PATH} + if [[ -d "$NAME" ]]; then + cd ${NAME}/${VERSION} + if [[ -z "${VERSION}" ]]; then + VERSION='latest' + fi + + CMD="docker push ${DOCKER_REGISTRY_PREFIX}/${NAME}:$VERSION" + ${CMD} + fi +} + +do_login() +{ + case $1 in + 'baidu') + docker login -u -p registry.baidubce.com + ;; + 'coding') + docker login -u -p cloudflying-docker.pkg.coding.net + ;; + 'aliyun') + docker login -u -p registry.cn-hongkong.aliyuncs.com + ;; + 'tencent') + docker login -u -p ccr.ccs.tencentyun.com + ;; + *) echo 'Unknow Platform' + ;; + esac +} + +usage() +{ + echo " Docker Env Build Tool +/-----------------------------------\\ +| build image name tag | +| push image name tag | +| pull image name tag | +\\-----------------------------------/" +} + +case $1 in + build) + do_build $* + ;; + builds) + do_builds $* + ;; + run) + do_run $* + ;; + push) + do_push $* + ;; + pushs) + do_pushs $* + ;; + pull) + do_pull $* + ;; + login) + do_login $* + ;; + *) usage + ;; +esac + +END_TIME=$(date +%s) +FULL_EXEC_TIME=$(expr ${END_TIME} - ${START_TIME}) +_info "==> Total Time: ${FULL_EXEC_TIME} Second " diff --git a/docs/Help.md b/docs/Help.md new file mode 100644 index 00000000..6bd63acf --- /dev/null +++ b/docs/Help.md @@ -0,0 +1,191 @@ +## 快捷键 +``` +# 关闭容器 +docker stop 容器ID/Name +``` +## 删除容器镜像 +``` +# 删除所有容器 +sudo docker rm `sudo docker ps -a -q` + +# 删除所有的镜像 +sudo docker rmi $(docker images -q) + +# 删除docker-compose所有的镜像 +sudo docker-compose rm +``` + +## 配置XDebug +``` +# 修改 php71/xdebug.ini +xdebug.remote_host = 本机IP +``` +配置phpstrom + +```text +Run>Edit Conf +左侧添加新项目PHP Web Appliation + Name: yijiu + Server: 新建Serviers + 真实路径:Languges&..>PHP>Serviers + 新建 + Name: yijiu + Host: yijiu.cc + 选中Use path.. + 项目真实目录:/Users/kafu/kfkdock/www/AcPlatform + docker对应目录:/var/www/AcPlatform + Start URL: /admin/body/export 测试路径 + 完成。 +``` + +``` +配置端口 + Languges&..>PHP>Debug + xdebug + Debug port: 90001 + 完成。 +``` + +``` +启动调试 + Run>Debug'yijiu' +``` + + +## docker-compose.yml语法解释 + +``` +# 设置环境变量 INSTALL_XDEBUG +version: '2' +services: + php71: + build: + context: ./php71 + dockerfile: Dockerfile + args: + - INSTALL_XDEBUG=true + privileged: true + ports: + - "9071:9000" +``` + +## Dockerfile语法解释 + +``` +写入(覆盖写入) > +RUN pecl install /home/redis.tgz \ + && echo "extension=redis.so" > /usr/local/etc/php/conf.d/redis.ini +追加 >> +RUN pecl install /home/xdebug.tgz \ + && echo "[xdebug]" >> /usr/local/etc/php/conf.d/xdebug.ini \ + && echo "zend_extension=xdebug.so" >> /usr/local/etc/php/conf.d/xdebug.ini \ + +使用环境变量 +ARG INSTALL_XDEBUG=false +COPY ./ext/xdebug-2.5.5.tgz /home/xdebug.tgz +COPY xdebug.ini /usr/local/etc/php/conf.d/xdebug.ini +RUN if [ ${INSTALL_XDEBUG} = true ]; then \ + pecl install /home/xdebug.tgz \ +;fi +``` +``` +Docker 常用指令笔记 +update@20170212 + +运行 +docker run +--name 指定容器名 + +-p 指定端口映射 + +-v 挂载数据卷或者本地目录映射 :ro 挂载为只读 + +-d 后台持续运行 + +-i 交互式操作 + +-t 终端 + +-rm 容器退出后随之将其删除(与-d 冲突) + +eg: + +docker run --name ghost1 -p 80:2368 -v /c/Dev/server/blogtest2:/var/lib/ghost ghost + +docker run -it --rm ubuntu:14.04 bash + +sudo docker run ubuntu:14.04 /bin/echo 'Hello world' + +docker run --name webserver -d -p 80:80 nginx + +管理容器 +docker ps 列出正在运行的容器 +docker kill $(docker ps -q) 停止所有正在运行的容器 +docker ps -a 查看停止状态的容器 +docker start 启动一个已有容器 +docker stop 终止一个运行中的容器 +docker restart 重启某个容器 +docker rm xxxx 删除容器 -f 删除运行中的 +docker rm $(docker ps -a -q) 删除所有终止的容器 +docker logs [container id or names] 获取输出log +docker diff 容器名 查看我们定制以及修改 +docker volume ls 列出所有本机的数据卷 + +管理镜像 +docker pull [option] [url] 获取镜像 +eg: docker pull ubuntu:14.04 +docker images 列出本地镜像 +docker build -t nginx:v3 . +在当前目录构建镜像,-t 是指定镜像名称 tag + +docker rmi xxxxxx +删除本地镜像 + +docker commit 选项 容器名/id 仓库名 tag +可以把修改定制过的容器保存为镜像 + +docker images -f dangling=true +列出所有虚悬镜像(dangling image) + +docker rmi $(docker images -q -f dangling=true) +删除所有虚悬镜像 + +docker histroy 镜像名:标签 查看镜像修改的历史纪录 + +Dockerfile +COPY 原路径 目标路径 +ADD 性质基本与COPY类似,但支持自动解压 +VOLUME 可以定义匿名卷,执行时可被覆盖 +EXPOSE 声明端口 +WORKDIR 指定工作目录 +USER 指定当前用户 +HEALTHCHECK 健康检查 +ONBUILD 被作为基础镜像时才执行 + +docker-compose +-p 指定项目名称 +build 构建项目中的服务容器 --force-rm 删除构建过程中的临时容器 +--no-cache 构建过程中不使用 cache +--pull 始终通过 pull 来获取更新版本的镜像 +docker-compose kill 强制停止服务容器 +docker-compose logs 查看容器的输出 调试必备 +docker-compose pause 暂停一个服务容器 +docker-compose unpause 恢复暂停 +docker-compose port 打印某个容器端口所映射的公共端口 +docker-compose ps 列出项目中目前的所有容器 -q 只打印容器 id +docker-compose pull 拉取服务依赖的镜像 +docker-compose restart -t 指定重启前停止容器的超时默认10秒 +docker-compose rm 删除所有停止状态的容器先执行 stop +docker-compose run 指定服务上执行一个命令 +docker-compose start 启动已经存在的服务容器 +docker-compose stop +docker-compose up 自动构建、创建服务、启动服务,关联一系列,运行在前台,ctrl c 就都停止运行。如果容器已经存在,将会尝试停止容器,重新创建。如果不希望重新创建,可以 --no-recreate 就只启动处于停止状态的容器,如果只想重新部署某个服务,可以使用 +docker-compose up --no-deps -d ,不影响其所依赖的服务 +docker-compose up -d 后台启动运行,生产环境必备 + +Tips +容器在运行时,以镜像为基础层,在其上创建一个当前容器的存储层,使用 go 语言开发的应用更多的会使用 FROM scratch 来做空白镜像为基础 + +Dockerfile 中,RUN 执行命令,直接写需要在bash中执行的命令。如果每条命令都作为一个 RUN 单独存在,就相当于每个指令都建立一层,很多不需要的东西都被装进了镜像里,比如编译环境,更新的软件包等等,最终会产生出非常臃肿,非常多层的镜像,增加了构建部署的时间。也很容易出错。正确的写法是把每一大块,或者说每一个软件环境的相关命令集成在一个 RUN 里。 +``` +#### [返回](https://github.com/kfkme/kfkdock/blob/master/README.md#%E5%85%B6%E4%BB%96) \ No newline at end of file diff --git a/docs/README.md b/docs/README.md new file mode 100644 index 00000000..ae7c3582 --- /dev/null +++ b/docs/README.md @@ -0,0 +1,5 @@ +# 学习文档 + +- [如何新建一个站点](如何新建一个站点.md) +- [如何安装yaf扩展](如何安装yaf扩展.md) +- [如何安装swoole扩展](如何安装swoole扩展.md) \ No newline at end of file diff --git a/docs/TODO.md b/docs/TODO.md new file mode 100644 index 00000000..bca0d1e2 --- /dev/null +++ b/docs/TODO.md @@ -0,0 +1,6 @@ +## bug + +aria2 +PAS_SECRET 自定义 secret 无效 + +脚本一键更新 .env 内版本信息 diff --git a/docs/configuration.md b/docs/configuration.md new file mode 100644 index 00000000..0e39c0c9 --- /dev/null +++ b/docs/configuration.md @@ -0,0 +1,235 @@ +# Configuration + +## Usage + +To create a new environment, type the following command: + +```shell +make profile +``` + +To start the environment, type the following command: + +For default configuration + +```shell +make servers +``` + +For specific configuration + +```shell +make run +``` + +Several containers are created from profile configuration: + +| Description | Container's name | +| ------------------------------ | ---------------- | +| Maildev hub mail | `maildev` | +| Web server ( Apache or Nginx ) | `web` | +| PHP or Node container | `base` | +| Cache server | `cache` | +| Database server | `db` | +| Database admin tool | `dbadmin` | +| Queuer server | `queuer` | + +You can customize database container name with profile's variable `CONTAINER_DB_NAME`. By default `CONTAINER_DB_NAME` is setted to `db`. + +`composer` is available through `php` container: + +```shell +docker exec php composer -v +``` + +To open default home page in browser + +```shell +make homepage +``` + +### Hosts + +You can add your own hosts file for all your projects. + +With NGinx + +In `conf/nginx/vhosts` directory, all your `yourhost.conf` file. A default host file is available for example : `/conf/nginx/vhosts/default.conf`. + +```conf +server { + + listen 80; + server_name localhost; + root /var/www/html; + index index.php index.html index.htm; + + location ~* \.PHP$ { + fastcgi_index index.php; + fastcgi_pass base:9000; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + +} +``` + +With Apache + +In `conf/apache/vhosts` directory, all your `yourhost.conf` file. A default host file is available for example : `/conf/apache/vhosts/default.conf`. + +```conf + + ServerName localhost + DocumentRoot /var/www/html/projects + + + Require all granted + + +``` + +`/var/www/html/projects` can be defined with `PROJECTS_PATH_DEST` environment variable in profile file in `profiles` directory. + +### SSL support + +The SSL support is possible during development. To activate it on one of your vhosts, you must follow steps: + +- Create the SSL self-signed certificate + +you can use the command: + +```shell +make certificate +``` + +- Add the activation of SSL in VHost file + +On Nginx: + +```shell + listen 443 ssl; + + ssl_certificate /etc/nginx/ssl/envdev.crt; + ssl_certificate_key /etc/nginx/ssl/envdev.key; +``` + +On Apache: + +```shell + + ... + + SSLEngine on + SSLCertificateFile /usr/local/apache2/conf/custom/envdev.crt + SSLCertificateKeyFile /usr/local/apache2/conf/custom/envdev.key + + ... +``` + +where `envdev` is the name chosen during the step of the certificate creation. + +Don't forget to restart `web` container to restart the web server + +```shell +docker restart web +``` + +Tips: If you certificate is out of date, you can renew it with the command: + +```shell +make renewal +``` + +## Customization + +You can create profile file to manage applications and tools with the command: + +```shell +make profile +``` + +The following versions, paths and ports can be configured : + +| Description | Variable name | Possible values | Default | +| :------------------------------- | :----------------: | :-------------------------------------------------------------------------------------------------------------------------------------------------------------------------: | :-----------------------------: | +| Language | LANGUAGE_SERVER | `php`, `node` | N/A | +| Language Version | BASE_VERSION | `7.0-fpm`, `7.1-fpm`, `7.2-fpm`, `7.0-fpm-alpine`, `7.1-fpm-alpine`, `7.2-fpm-alpine`, `7.3-fpm`, `7.3-fpm-alpine`, `7.4-fpm`, `7.4-fpm-alpine`, `13.6`, `12.14`, `10.18` | `7.4-fpm` for PHP, `13.6` for Node | +| Language Static Container IP | BASE_STATIC_IP | 172.16.238.0/24 | 172.16.238.12 | +| Web Server type | WEB_SERVER | `nginx`, `apache` | `nginx` | +| Web Server version | WEB_VERSION | [Apache](https://hub.docker.com/r/library/httpd/tags/) / [Nginx](https://hub.docker.com/r/library/nginx/tags/) | `1.15-alpine` | +| Web Server Static Container IP | WEB_STATIC_IP | 172.16.238.0/24 | 172.16.238.14 | +| Database type | DB_SERVER | `mariadb`, `mysql`, `mongodb` | `mysql` | +| Database version | DB_VERSION | [Mysql](https://hub.docker.com/r/library/mysql/tags/) / [MariaDB](https://hub.docker.com/r/library/mariadb/tags/) / [MongoDB](https://hub.docker.com/r/library/mongo/tags/) | `5.7` | +| Database container name | CONTAINER_DB_NAME | any | `db` | +| Database Static Container IP | DB_STATIC_IP | 172.16.238.0/24 | 172.16.238.13 | +| Projects Path | PROJECTS_PATH | any | `/your/projects/directory/path` | +| Projects path destination | PROJECTS_PATH_DEST | any | `/var/www/html/projects` | +| HTTP web port | WEB_PORT | any | `80` | +| HTTPS web port | WEBSSL_PORT | any | `443` | +| MailDev port | MAILDEV_PORT | any | `1080` | +| MailDev Static Container IP | MAILDEV_STATIC_IP | 172.16.238.0/24 | 172.16.238.10 | +| DBAdmin tool port | DBADMIN_PORT | any | `9090` | +| DBAdmin version | DBADMIN_VERSION | [Phpmyadmin](https://hub.docker.com/r/phpmyadmin/phpmyadmin/tags/) / [MongoExpress](https://hub.docker.com/r/library/mongo-express/tags/) | `4.8` | +| DBAdmin Static Container IP | DBADMIN_STATIC_IP | 172.16.238.0/24 | 172.16.238.11 | +| Cache server type | CACHE_SERVER | `redis`, `memcached` | `redis` | +| Cache server port | CACHE_PORT | any | `6380` | +| Cache server version | CACHE_VERSION | any | `4.0-alpine` | +| Cache server Static Container IP | CACHE_STATIC_IP | 172.16.238.0/24 | 172.16.238.15 | +| Queuer server | QUEUER_SERVER | `rabbitmq` | `rabbitmq` | +| Queuer server port | QUEUER_PORT | any | `15672` | +| Queuer Static Container IP | QUEUER_STATIC_IP | 172.16.238.0/24 | 172.16.238.16 | + +If you access to the url `http://envdev.localhost` a page summarizes all projets and propose access link to tools (PHPMyAdmin, MailDev, PHPInfo). +This page is also available with command : + +```shell +make homepage +``` + +### Nginx configuration + +Nginx configuration file is available at `/conf/nginx/nginx.conf` to custom the web server configuration. + +### Apache configuration + +Apache configuration file is available at `/conf/apache/httpd.conf` to custom the web server configuration. + +### PHP configuration + +A custom php.ini file is available at `/conf/php/php.ini`. The default PHP configuration is with these options: + +```conf +date.timezone = Europe/Paris +display_errors=1 +error_reporting=E_ALL +log_errors = on +error_log = /var/log/php_errors.log +memory_limit = 256M +upload_max_filesize = 200M +post_max_size = 40M +``` + +### Projects configuration + +To simplify projects source sharing between containers, you can install source projects in the path define in `profiles` directory with variable `PROJECTS_PATH`. + +Naturally, you can change the default path. In this case, the default summary will not be available. + +The destination path in container is also available with variable `PROJECTS_PATH_DEST` in `profiles` directory. + +### Wrappers + +Wrappers are available in `wrappers` directory. + +They can be used, for instance, to IDE integration. + +- PHP wrapper +- Node wrapper +- Git wrapper +- Composer wrapper +- Grunt wrapper +- Gulp wrapper +- Npm wrapper +- Yarn wrapper +- Typescript wrapper diff --git a/docs/docker.md b/docs/docker.md new file mode 100644 index 00000000..fa9bebdf --- /dev/null +++ b/docs/docker.md @@ -0,0 +1,41 @@ +常用命令 + +进入容器 +``` +docker-compose exec [images] bash # 例如 docker-compose exec php-fpm bash +``` +创建并启动一个容器,在run后面加上-d参数,则会创建一个守护式容器在后台运行 + +``` +docker run +``` +查看已经创建的容器 + +``` +docker ps -a +``` +查看已经启动的容器 + +``` +docker ps -s +``` +启动容器名为con_name的容器 +``` +docker start con_name +``` +停止容器名为con_name的容器 +``` +docker stop con_name +``` +删除容器名为con_name的容器 +``` +docker rm con_name +``` +重命名一个容器 +``` +docker rename old_name new_name +``` +将终端附着到正在运行的容器名为con_name的容器的终端上面去,前提是创建该容器时指定了相应的sh +``` +docker attach con_name +``` \ No newline at end of file diff --git a/docs/error.md b/docs/error.md new file mode 100644 index 00000000..c2d4a66a --- /dev/null +++ b/docs/error.md @@ -0,0 +1,69 @@ +### 目录 + +- 安装composer时候出现错误 +- 启动后出现类似的错误 +- 修改默认数据库账号密码 +- 容器内数据库连接127.0.0.1连不上怎么办 + +### 1、安装composer时候出现错误 +``` +curl: (56) SSL read: error:00000000:lib(0):func(0):reason(0), errno 104 +``` +解决方法 + +> 网络请求问题,重新执行一下 `docker-compose up` + +### 2、启动后出现类似的错误 +``` +Removing intermediate container d91a90bb00b5 + ---> 40e52ab712e3 +Successfully built 40e52ab712e3 +Successfully tagged services_nginx:latest +Creating services_mysql-db_1 ... error +Creating services_mysql-db_1 ... +Creating services_redis-db_1 ... error + +ERROR: for services_mysql-db_1 Cannot start service mysql-db: driver failed programming external connectivity on endpoint services_mysql-db_1 (2cce096d8d21d8324c101d2bd50f8f90b55f37a253be57a4fbfc9098bcf20d61): Error starting userland proxy: listen tcp 0.0.0.0:3306: bind: address already in use + +ERROR: for services_redis-db_1 Cannot start service redis-db: driver failed programming external connectivity on endpoint services_redis-db_1 (617a4e9988ef5c3d0f74bbe4988a916d9f654d3f168bbead9451c3b97842e0bc): Error starting userland proxy: listen tcp 0.0.0.0:6379: bind: address already in use + +ERROR: for redis-db Cannot start service redis-db: driver failed programming external connectivity on endpoint services_redis-db_1 (617a4e9988ef5c3d0f74bbe4988a916d9f654d3f168bbead9451c3b97842e0bc): Error starting userland proxy: listen tcp 0.0.0.0:6379: bind: address already in use + +ERROR: for mysql-db Cannot start service mysql-db: driver failed programming external connectivity on endpoint services_mysql-db_1 (2cce096d8d21d8324c101d2bd50f8f90b55f37a253be57a4fbfc9098bcf20d61): Error starting userland proxy: listen tcp 0.0.0.0:3306: bind: address already in use +ERROR: Encountered errors while bringing up the project. +``` + +解决方法 + +> 由于映射端口冲突导致的,修改 docker-composer.yml 文件里面对应的容器映射端口,比如 3306:3306 => 3307:3306 + + +### 3、修改默认数据库账号密码 + +解决方法 + +编辑 `services\docker-compose.yml`文件在46行左右修改初始密码 +``` + MYSQL_ROOT_PASSWORD: 5eNyjNf # root密码 自行修改 + MYSQL_DATABASE: rageframe # 数据库名 + MYSQL_USER: rageframe + MYSQL_PASSWORD: 2589632147 +``` + +### 4、容器内数据库连接127.0.0.1连不上怎么办 + +解决方法 + +> 使用显示所有容器IP地址 + +``` +docker inspect --format='{{.Name}} - {{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' $(docker ps -aq) +``` +会输出如下类似的,可以看出mysql地址为172.21.0.2,redis地址为172.21.0.3 +``` +/services_nginx_1 - 172.21.0.5 +/services_php-fpm_1 - 172.21.0.4 +/services_mysql-db_1 - 172.21.0.2 +/services_redis-db_1 - 172.21.0.3 +/priceless_ptolemy - +``` \ No newline at end of file diff --git a/docs/https.md b/docs/https.md new file mode 100644 index 00000000..da10e9ea --- /dev/null +++ b/docs/https.md @@ -0,0 +1,71 @@ +# Nginx 配置 HTTPS + +Nginx 虚拟主机基本配置请参考 [Nginx 配置虚拟主机](vhost.md) 小节。 + + +## 申请 SSL 证书 + +申请 SSL 证书的平台自选,本人将申请的证书命名如下: +- laravel.local.pem +- laravel.local.key + +并将证书放到 docker-lnmp/nginx/ssl 目录下: +``` +cp -i 你的目录/laravel.local.pem 你的目录/docker-lnmp/nginx/ssl/ +cp -i 你的目录/laravel.local.key 你的目录/docker-lnmp/nginx/ssl/ +``` + + +## 添加 server 配置 + +docker-lnmp/nginx/sites/laravel.conf 文件再添加一个 server 项,配置如下: +``` +server { + + listen 443 ssl; + + server_name laravel.local; + root /var/www/laravel/public; + + index index.php index.html index.htm; + + # 将证书放到 docker-lnmp/nginx/ssl 目录下,将下面的证书改成当前域名的,路径用下面的 + ssl_certificate /etc/nginx/ssl/laravel.local.pem; + ssl_certificate_key /etc/nginx/ssl/laravel.local.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + + location / { + try_files $uri $uri/ /index.php?$query_string; + + if (!-d $request_filename) { + rewrite ^/(.+)/$ /$1 permanent; + } + + if (!-e $request_filename) { + rewrite ^/(.*)$ /index.php?/$1 last; + break; + } + } + + location ~ \.php$ { + fastcgi_pass php-fpm:9000; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + } + +} +``` + +如需将 http 请求全部跳转至 https,监听 80 的 server 添加如下配置即可: +``` +return 301 https://$server_name$request_uri; +``` + +## 重启服务 + +参照基本命令。 + diff --git a/docs/image.md b/docs/image.md new file mode 100644 index 00000000..b2adb0fb --- /dev/null +++ b/docs/image.md @@ -0,0 +1,51 @@ +## Docker Image + +## Dockerfile 介绍 +- portainer docker 容器管理 UI +- thumbor 是一个非常强大的图片处理服务,可以实现图片裁剪、缩放、滤镜,甚至是人脸识别。 +- ide-theia 运行在浏览器里的开发环境 +- Dejavu ElasticSearch Web UI +- Graylog 开源的日志聚合、分析、审计、展现和预警工具。功能上和ELK类似,但比 ELK 要简单 +- ICEcoder WebIDE +- Grafana 跨平台的开源的度量分析和可视化工具 +- Solr 独立的企业级搜索应用服务器 +- mosquitto Eclipse Mosquitto 是一个开源消息代理 +- Kibana 日志分析平台 为 Logstash 和 ElasticSearch 提供的日志分析的 Web 接口。可对日志进行搜索、可视化、分析 +- minio 分布式存储对象存储方案 +- percona 数据库 类似 Mariadb 兼容 mysql +- traefik 反向代理工具 类似 nginx +- sqs ElasticMQ server + web UI +- Cassandra 开源分布式NoSQL数据库系统 +- Manticore database designed specifically for search, including full-text search +- rethinkdb 存储 JSON 文档的分布式数据库 +- couthdb 面向文档的数据库管理系统 +- mailcatcher 抓取和查看邮件 +- jupyterhub Jupyter notebook 的多用户服务器 +- Truffle 以太坊的Solidity语言的一套开发框架 +- ganache 以太坊节点仿真环境 +- ldap LDAP容器 +- nginx-stream 支持4层转发的nginx官方版本 +- openresty 支持lua脚本的nginx容器 +- tengine 阿里开源nginx版本,支持lua +- Buildbot Archlinux aur Build Bot +- golang go language support environment +- h5ai online file view +- java java(8) language support environment. +- nextcloud an open source, self-hosted file share and communication platform, like owncloud. +- owncloud an open source, self-hosted file sync and share app platform. +- php7 php(7) language support environment running in alpine include nginx php7! +- rsync an open source utility that provides fast incremental file transfer. +- sshd support remote access via ssh ,running in debian buster +- ttyd Share your terminal over the web + +### Linux +- alpine A minimal Linux + + +- centos +- debian Debian is a Linux distribution that's composed entirely of free and open-source software. + + +- opensuse +- rhel +- ubuntu Ubuntu is a Debian-based Linux operating system based on free software. diff --git a/docs/installation.md b/docs/installation.md new file mode 100644 index 00000000..2c5be14f --- /dev/null +++ b/docs/installation.md @@ -0,0 +1,20 @@ +# Installation + +## Requirements + +Two system dependencies are required : + +- Docker +- Docker Compose + +## Installation + +```shell +git clone git@github.com:vfalies/EnvDev.git +``` + +Create a new profile to define your configuration. + +```shell +make profile +``` diff --git a/docs/nginx.md b/docs/nginx.md new file mode 100644 index 00000000..8ba38fc3 --- /dev/null +++ b/docs/nginx.md @@ -0,0 +1,47 @@ +Nginx中if语句中的判断条件 +一、if语句中的判断条件(nginx) + +1、正则表达式匹配: + +==:等值比较; +~:与指定正则表达式模式匹配时返回“真”,判断匹配与否时区分字符大小写; +~*:与指定正则表达式模式匹配时返回“真”,判断匹配与否时不区分字符大小写; +!~:与指定正则表达式模式不匹配时返回“真”,判断匹配与否时区分字符大小写; +!~*:与指定正则表达式模式不匹配时返回“真”,判断匹配与否时不区分字符大小写; + + + +2、文件及目录匹配判断: + +-f, !-f:判断指定的路径是否为存在且为文件; +-d, !-d:判断指定的路径是否为存在且为目录; +-e, !-e:判断指定的路径是否存在,文件或目录均可; +-x, !-x:判断指定路径的文件是否存在且可执行; + +有些公司可能有这样的需求,如:我的网站或者网页游戏需要更新,所有的用户或者玩家访问到的是一个停服更新页面,而本公司的IP可以访问,甚至说本公司的某个内网IP可以访问,用于确认更新成功与否,针对这个问题写了如下的访问控制规则: + +Nginx多重条件判断(只是一个简单的例子,自己可以更改或者增加更多的判断条件),下面是两个例子和写法: +1、可以作为nginx的停服更新使用,仅允许222.222.222.222或者内网的两个IP访问,其他IP都rewrite到停服页面 +Nginx.conf中加入在你项目的正确位置 +set $my_ip ''; +if ( $remote_addr = 222.222.222.222){set $my_ip 1;} #注意这里的$remote_addr如何用了负载均衡的话,这里应该是$http_x_forwarded_for +if ( $remote_addr = 192.168.1.170 ){ set $my_ip 1;} +if ( $remote_addr = 192.168.1.169 ){ set $my_ip 1;} +if ( $my_ip != 1) {rewrite ^/design/(.*)\.php$ /tingfu.html?$1&;} #将*.php转到tingfu.html + + 2、访问某个php应用的时候我只想让内部的某个IP访问,其他的IP都转到另一个PHP上。如下: +访问test.php,且IP不等222.222.222.222的跳转到55555.php: +set $test ''; +if ( $request_uri ~* /img/test.php ) { + set $test P; +} + + +if ( $http_x_forwarded_for !~* ^222\.222\.222\.222.* ) { + set $test "${test}C"; +} + + +if ( $test = PC ) { #当条件符合 访问test.php并且 ip不是222.222.222.222的 转发到55555.php +rewrite ^(.*)$ /img/55555.php permanent; +} \ No newline at end of file diff --git a/docs/presentation.md b/docs/presentation.md new file mode 100644 index 00000000..5e302244 --- /dev/null +++ b/docs/presentation.md @@ -0,0 +1,146 @@ +# Presentation + +## Environment composition + +This environment provides the following tools to develop in PHP or in NodeJS via profiles. + +### Core + +- [PHP](http://php.net) + +Available version : + + - `7.0-fpm` + - `7.1-fpm` + - `7.2-fpm` + - `7.3-fpm` + - `7.4-fpm` + - `7.0-fpm-alpine` + - `7.1-fpm-alpine` + - `7.2-fpm-alpine` + - `7.3-fpm-alpine` + - `7.4-fpm-alpine` + +Default: `7.4-fpm`. + +- [Node](https://nodejs.org/) + +Available version : + + - `10.18` + - `12.14` + - `13.6` + +Default: `13.6` + +- Database + +Two different database are available : + +- [MySQL](https://www.mysql.com) +- [MongoDB](https://www.mongodb.com) + +The database wished is configured in `.env` file. Default: `mysql` + +- Web server + +Two web server are available : + +- [Nginx](https://nginx.org) +- [Apache](https://httpd.apache.org/) + +All of them are in Alpine version. + +- Cache server + +Two cache server are available : + +- [Redis](https://redis.io/) +- [Memcached](https://memcached.org/) + +- Queuer server + +- [RabbitMQ](https://www.rabbitmq.com/) + +All of them are in Alpine version + +### Tools + +#### Database admin + +- [MongoExpress](https://github.com/mongo-express/mongo-express) : Manage Mongo database instances +- [PHPMyAdmin](https://www.phpmyadmin.net/) : Manage MySql/MariaDB database instances + +#### Mail catcher + +- [MailDev](http://danfarrelly.nyc/MailDev) : SMTP Server + Web Interface for viewing and testing emails during development + +#### Composer + +- [Composer](https://getcomposer.org) : Dependency Manager for PHP + +#### NodeJs + +- [NodeJs](https://nodejs.org/en) : JavaScript runtime + +#### Npm + +- [Npm](https://www.npmjs.com/) : Package manager + +#### Grunt + +- [Grunt](https://gruntjs.com/) : Javascript task runner + +#### Gulp + +- [Gulp](https://gulpjs.com/) : Javascript task runner + +#### Yarn + +- [Yarn](https://yarnpkg.com/en/) : Package manager + +#### Makefile + +A `Makefile` is available in command line to manage several actions. + +Type following command to display help : + +```shell +make +``` + +or + +```shell +make help +``` + +Output: + +```shell +help: Show this help +envdev: Get EnvDev version +profile: Create new profile +delete: Delete profile +run: Run a profile +servers: Start default containers +start: Start default containers +stop: Stop all running containers +certificate: Generate a SSL certificate +renewal: Renewal a knowed SSL certificate +homepage: Launch EnvDev homepage in default browser +terminal: Create a terminal on PHP container +terminalroot: Create a terminal on PHP container as root +``` + +### Optional tools + +Optional tools are available to use in EnvDev. They are not included by default but can be added easily. + +- [APIGen](https://github.com/ApiGen/ApiGen) : Documentation for your PHP project + +Image container : [`vfac/apigen`](https://hub.docker.com/r/vfac/apigen/) + +- [Deployer](https://deployer.org) : Deployment tool for PHP + +Image container : [`vfac/deployer`](https://hub.docker.com/r/vfac/deployer/) diff --git a/docs/tmp.md b/docs/tmp.md new file mode 100644 index 00000000..0f218fee --- /dev/null +++ b/docs/tmp.md @@ -0,0 +1,647 @@ +其中 `mysql` 服务中的 `image: mysql:5.7` 是表明使用的是 `mysql:5.7` 这个镜像。而 `nginx` 和 `php` 服务中的 `image` 含义更为复杂。一方面是说,要使用其中名字的镜像,另一方面,如果这个镜像不存在,则利用其下方指定的 `build` 指令进行构建。在单机环境,这里的 `image` 并非必须,只保留 `build` 就可以。但是在 Swarm 环境中,需要集群中全体主机使用同一个镜像,每个机器自己构建就不合适了,指定了 `image` 后,就可以在单机 `build` 并 `push` 到 registry,然后在集群中执行 `up` 的时候,才可以自动从 registry 下载所需镜像。 + +这里的镜像名看起来也有些不同: + +```bash +image: "${DOCKER_USER}/lnmp-nginx:v1.2" +``` + +其中的 `${DOCKER_USER}` 这种用法是环境变量替换,当存在环境变量 `DOCKER_USER` 时,将会用其值替换 `${DOCKER_USER}`。而环境变量从哪里来呢?除了在 Shell 中 `export` 对应的环境变量外,Docker Compose 还支持一个默认的环境变量文件,既 `.env` 文件。你可以在项目中看到,`docker-compose.yml` 的同级目录下,存在一个 `.env` 文件,里面定义了环境变量。 + +```bash +DOCKER_USER=twang2218 +``` + +每次执行 `docker-compose` 命令的时候,这个 `.env` 文件就会自动被加载,所以是一个用来定制 compose 文件非常方便的地方。这里我只定义了一个环境变量 `DOCKER_USER`,当然,可以继续一行一个定义更多的环境变量。 + +初次之外,还可以明确指定环境变量文件。具体的配置请查看 [`docker-compose` 官方文档](https://docs.docker.com/compose/compose-file/#envfile)。 + +## 镜像 + +### mysql 服务镜像 + +`mysql` 服务均直接使用的是 Docker 官方镜像。使用官方镜像并非意味着无法定制,Docker 官方提供的镜像,一般都具有一定的定制能力。 + +```yml + mysql: + image: mysql:5.7 + ... + environment: + TZ: 'Asia/Shanghai' + MYSQL_ROOT_PASSWORD: Passw0rd + command: ['mysqld', '--character-set-server=utf8'] + ... +``` + +在这个例子中,`mysql` 服务就通过环境变量 `MYSQL_ROOT_PASSWORD`,设定了 MySQL 数据库初始密码为 `Passw0rd`,并且通过 `TZ` 环境变量指定了国内时区。 + +并且,我重新指定了启动容器的命令,在 `command` 中,添加了额外的参数。`--character-set-server=utf8`,指定了默认字符集。 + +### nginx 服务镜像 + +`nginx` 官方镜像基本满足需求,但是我们需要添加默认网站的配置文件、以及网站页面目录。 + +```Dockerfile +FROM nginx:1.11 +ENV TZ=Asia/Shanghai +COPY ./nginx.conf /etc/nginx/conf.d/default.conf +COPY ./site /usr/share/nginx/html +``` + +镜像定制很简单,就是指定时区后,将配置文件、网站页面目录复制到指定位置。 + +### php 服务镜像 + +`php` 服务较为特殊,由于官方 `php` 镜像未提供连接 `mysql` 所需的插件,所以 `php` 服务无法直接使用官方镜像。在这里,正好用其作为例子,演示如何基于官方镜像,安装插件,定制自己所需的镜像。 + +对应的[`Dockerfile.php`](https://coding.net/u/twang2218/p/docker-lnmp/git/blob/master/Dockerfile.php): + +```Dockerfile +FROM php:7-fpm + +ENV TZ=Asia/Shanghai + +COPY sources.list /etc/apt/sources.list + +RUN set -xe \ + && echo "构建依赖" \ + && buildDeps=" \ + build-essential \ + php5-dev \ + libfreetype6-dev \ + libjpeg62-turbo-dev \ + libmcrypt-dev \ + libpng12-dev \ + " \ + && echo "运行依赖" \ + && runtimeDeps=" \ + libfreetype6 \ + libjpeg62-turbo \ + libmcrypt4 \ + libpng12-0 \ + " \ + && echo "安装 php 以及编译构建组件所需包" \ + && apt-get update \ + && apt-get install -y ${runtimeDeps} ${buildDeps} --no-install-recommends \ + && echo "编译安装 php 组件" \ + && docker-php-ext-install iconv mcrypt mysqli pdo pdo_mysql zip \ + && docker-php-ext-configure gd \ + --with-freetype-dir=/usr/include/ \ + --with-jpeg-dir=/usr/include/ \ + && docker-php-ext-install gd \ + && echo "清理" \ + && apt-get purge -y --auto-remove \ + -o APT::AutoRemove::RecommendsImportant=false \ + -o APT::AutoRemove::SuggestsImportant=false \ + $buildDeps \ + && rm -rf /var/cache/apt/* \ + && rm -rf /var/lib/apt/lists/* + +COPY ./php.conf /usr/local/etc/php/conf.d/php.conf +COPY ./site /usr/share/nginx/html +``` + +前面几行很简单,指定了基础镜像为 [`php:7-fpm`](https://hub.docker.com/_/php/),并且设定时区为中国时区,然后用[网易的 Debian 源](http://mirrors.163.com/.help/debian.html)替代默认的源,避免伟大的墙影响普通的包下载。接下来的那一个很多行的 `RUN` 需要特别的说一下。 + +初学 Docker,不少人会误以为 `Dockerfile` 等同于 Shell 脚本,于是错误的用了很多个 `RUN`,每个 `RUN` 对应一个命令。这是错误用法,会导致最终镜像极为臃肿。`Dockerfile` 是镜像定制文件,其中每一个命令都是在定义这一层该如何改变,因此应该[遵循最佳实践](https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/),将同一类的东西写入一层,并且在结束时清理任何无关的文件。 + +这一层的目的是安装、构建 PHP 插件,因此真正所需要的是构建好的插件、以及插件运行所需要的依赖库,其它任何多余的文件都不应该存在。所以,在这里可以看到,依赖部分划分为了“构建依赖”以及“运行依赖”,这样在安装后,可以把不再需要的“构建依赖”删除掉,避免因为构建而导致这层多了一些不需要的文件。 + +这里使用的是官方 `php` 镜像中所带的 `docker-php-ext-install` 来安装 php 的插件,并且在需要时,使用 `docker-php-ext-configure` 来配置构建参数。这两个脚本是官方镜像中为了帮助镜像定制所提供的,很多官方镜像都有这类为镜像定制特意制作的脚本或者程序。这也是官方镜像易于扩展复用的原因之一,他们在尽可能的帮助使用、定制镜像。 + +更多关于如何定制镜像的信息可以从 Docker Hub 官方镜像的文档中看到: + +最后的清理过程中,可以看到除了清除“构建依赖”、以及相关无用软件外,还彻底清空了 `apt` 的缓存。任何不需要的东西,都应该清理掉,确保这一层构建完毕后,仅剩所需的文件。 + +在 `Dockerfile` 的最后,复制配置文件和网页目录到指定位置。 + +## 网络 + +在这个例子中,演示了如何使用自定义网络,并利用服务名通讯。 + +首先,在 `docker-compose.yml` 文件尾部,全局 `networks` 部分定义了两个自定义网络,分别名为 `frontend`,`backend`。 + +```yml +networks: + frontend: + backend: +``` + +每个自定义网络都可以配置很多东西,包括网络所使用的驱动、网络地址范围等设置。但是,你可能会注意到这里 `frontend`、`backend` 后面是空的,这是指一切都使用默认,换句话说,在单机环境中,将意味着使用 `bridge` 驱动;而在 Swarm 环境中,使用 `overlay` 驱动,而且地址范围完全交给 Docker 引擎决定。 + +然后,在前面`services`中,每个服务下面的也有一个 `networks` 部分,这部分是用于定义这个服务要连接到哪些网络上。 + +```yml +services: + nginx: + ... + networks: + - frontend + php: + ... + networks: + - frontend + - backend + mysql: + ... + networks: + - backend + +``` + +在这个例子中, + +* `nginx` 接到了名为 `frontend` 的前端网络; +* `mysql` 接到了名为 `backend` 的后端网络; +* 而作为中间的 `php` 同时连接了 `frontend` 和 `backend` 网络上。 + +连接到同一个网络的容器,可以进行互连;而不同网络的容器则会被隔离。 +所以在这个例子中,`nginx` 可以和 `php` 服务进行互连,`php` 也可以和 `mysql` 服务互连,因为它们连接到了同一个网络中; +而 `nginx` 和 `mysql` 并不处于同一网络,所以二者无法通讯,这起到了隔离的作用。 + +处于同一网络的容器,可以使用**服务名**访问对方。比如,在这个例子中的 `./site/index.php` 里,就是使用的 `mysql` 这个服务名去连接的数据库服务器。 + +```php + +``` + +可以注意到,在这段数据库连接的代码里,数据库密码是通过环境变量,`$_ENV["MYSQL_PASSWORD"]`,读取的,因此密码并非写死于代码中。在运行时,可以通过环境变量将实际环境的密码传入容器。在这个例子里,就是在 `docker-compose.yml` 文件中指定的环境变量: + +```yml +version: '2' +services: +... + php: +... + environment: + MYSQL_PASSWORD: Passw0rd +... +``` + +关于 Docker 自定义网络,可以看一下官方文档的介绍: + + +关于在 Docker Compose 中使用自定义网络的部分,可以看官方这部分文档: + + +## 存储 + +在这三个服务中,`nginx` 和 `php` 都是无状态服务,它们都不需要本地存储。但是,`mysql` 是数据库,需要存储动态数据文件。我们知道 Docker 是要求容器存储层里不放状态,所有的状态(也就是动态的数据)的持久化都应该使用卷,在这里就是使用命名卷保存数据的。 + +```yaml +volumes: + mysql-data: +``` + +在 `docker-compose.yml` 文件的后面,有一个全局的 `volumes` 配置部分,用于定义的是命名卷,这里我们定义了一个名为 `mysql-data` 的命名卷。这里卷的定义后还可以加一些卷的参数,比如卷驱动、卷的一些配置,而这里省略,意味着都使用默认值。也就是说使用 `local` 也就是最简单的本地卷驱动,将来建立的命名卷可能会位于 `/var/lib/docker/volumes` 下,不过不需要、也不应该直接去这个位置访问其内容。 + +在 `mysql` 服务的部分,同样有一个 `volumes` 配置,这里配置的是容器运行时需要挂载什么卷、或绑定宿主的目录。在这里,我们使用了之前定义的命名卷 `mysql-data`,挂载到容器的 `/var/lib/mysql`。 + +```yaml +mysql: + image: mysql:5.7 + volumes: + - mysql-data:/var/lib/mysql +... +``` + +## 依赖 + +服务的启动顺序有时候比较关键,Compose 在这里可以提供一定程度的启动控制。比如这个例子中,我是用了依赖关系 `depends_on` 来进行配置。 + +```yml + +services: + nginx: + ... + depends_on: + - php + php: + ... + depends_on: + - mysql + mysql: + ... +``` + +在这里,`nginx` 需要使用 `php` 服务,所以这里依赖关系上设置了 `php`,而 `php` 服务则需要操作 `mysql`,所以它依赖了 `mysql`。 + +在 `docker-compose up -d` 的时候,会根据依赖控制服务间的启动顺序,对于这个例子,则会以 `mysql` → `php` → `nginx` 的顺序启动服务。 + +需要注意的是,这里的启动顺序的控制是有限度的,并非彻底等到所依赖的服务可以工作后,才会启动下一个服务。而是确定容器启动后,则开始启动下一个服务。因此,这里的顺序控制可能依旧会导致某项服务启动时,它所依赖的服务并未准备好。比如 `php` 启动后,有可能会出现 `mysql` 服务的数据库尚未初始化完。对于某些应用来说,这个控制,依旧可能导致报错说无法连接所需服务。 + +如果需要应用级别的服务依赖等待,需要在 `entrypoint.sh` 这类脚本中,加入服务等待的部分。而且,也可以通过 `restart: always` 这种设置,让应用启动过程中,如果依赖服务尚未准备好,而报错退出后,有再一次尝试的机会。 + +此外,Docker 支持健康检查,在 docker-compose.yml `v2` 的格式下,可以要求依赖条件对方服务启动完成: + +```yaml + depends_on: + condition: service_healthy +``` + +进一步信息,请参考官网文档:https://docs.docker.com/compose/compose-file/compose-file-v2/#depends_on + +# 单机操作 + +## 启动 + +```bash +docker-compose up -d +``` + +*如果构建过程中,发现镜像下载极为缓慢、甚至失败。这是伟大的墙在捣乱。你需要去配置加速器,具体文章可以参看我的 [Docker 问答录](http://blog.lab99.org/post/docker-2016-07-14-faq.html#docker-pull-hao-man-a-zen-me-ban)。* + +如果修改了配置文件,可能需要明确重新构建,可以使用命令 `docker-compose build`。 + +## 查看服务状态 + +```bash +docker-compose ps +``` + +## 查看服务日志 + +```bash +docker-compose logs +``` + +## 访问服务 + +`nginx` 将会守候 `80` 端口, + +* 如果使用的 Linux 或者 `Docker for Mac`,可以直接在本机访问 +* 如果是使用 `Docker Toolbox` 的话,则应该使用虚拟机地址,如 ,具体虚拟机地址查询使用命令 `docker-machine ip default`。 +* 如果是自己安装的 Ubuntu、CentOS 类的虚拟机,直接进虚拟机查看地址。 + +如果访问后,看到了 `成功连接 MySQL 服务器` 就说明数据库连接正常。 + + + +## 停止服务 + +```bash +docker-compose down +``` + +# Swarm 集群编排 + +在单机环境中使用容器,可能经常会用到绑定宿主目录的情况,这在开发时很方便。但是在集群环境中部署应用的时候,挂载宿主目录就变得非常不方便了。 + +在集群环境中,Swarm 可能会调度容器运行于任何一台主机上,如果一个主机失败后,可能还会再次调度到别的主机上,确保服务可以继续。在这种情况下,如果使用绑定宿主目录的形式,就必须同时在所有主机上的相同位置,事先准备好其内容,并且要保持同步。这并不是一个好的解决方案。 + +因此为了在集群环境中部署方便,比较好的做法是,将应用代码、配置文件等直接放入镜像。就如同这个例子中我们看到的 `nginx`、`php` 服务的镜像一样,在使用 `Dockerfile` 定制的过程中,将配置和应用代码放入镜像。 + +`nginx` 的服务镜像 `Dockerfile` + +```Dockerfile +... +COPY ./nginx.conf /etc/nginx/conf.d/default.conf +COPY ./site /usr/share/nginx/html +``` + +`php` 的服务镜像 `Dockerfile` + +```Dockerfile +... +COPY ./php.conf /usr/local/etc/php/conf.d/php.conf +COPY ./site /usr/share/nginx/html +``` + +Docker Swarm 目前分为两代。第一代是以容器形式运行,被称为 Docker Swarm;而第二代是自 `1.12` 以后以 `SwarmKit` 为基础集成进 `docker` 的 Swarm,被称为 Docker Swarm Mode。 + +## 一代 Swarm + +[一代 Swarm](https://docs.docker.com/swarm/) 是 Docker 团队最早的集群编排的尝试,以容器形式运行,需要外置键值库(如 etcd, consul, zookeeper),需要手动配置 `overlay` 网络。其配置比 `kubernetes` 要简单,但是相比后面的第二代来说还是稍显复杂。 + +这里提供了一个脚本,`run1.sh`,用于建立一代 Swarm,以及启动服务、横向扩展。 + +### 建立 swarm 集群 + +在安装有 `docker-machine` 以及 VirtualBox 的虚拟机上(比如装有 Docker Toolbox 的Mac/Windows),使用 `run1.sh` 脚本即可创建集群: + +```bash +./run1.sh create +``` + +### 启动 + +```bash +./run1.sh up +``` + +### 横向扩展 + +```bash +./run1.sh scale 3 5 +``` + +这里第一个参数是 nginx 容器的数量,第二个参数是 php 容器的数量。 + +### 访问服务 + +`nginx` 将会守候 80 端口。利用 `docker ps` 可以查看具体集群哪个节点在跑 nginx 以及 IP 地址。如 + +```bash +$ eval $(./run1.sh env) +$ docker ps +CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES +d85a2c26dd7d twang2218/lnmp-php:v1.2 "php-fpm" 9 minutes ago Up 9 minutes 9000/tcp node1/dockerlnmp_php_5 +c81e169c164d twang2218/lnmp-php:v1.2 "php-fpm" 9 minutes ago Up 9 minutes 9000/tcp node1/dockerlnmp_php_2 +b43de77c9340 twang2218/lnmp-php:v1.2 "php-fpm" 9 minutes ago Up 9 minutes 9000/tcp master/dockerlnmp_php_4 +fdcb718b6183 twang2218/lnmp-php:v1.2 "php-fpm" 9 minutes ago Up 9 minutes 9000/tcp node3/dockerlnmp_php_3 +764b10b17dc4 twang2218/lnmp-nginx:v1.2 "nginx -g 'daemon off" 9 minutes ago Up 9 minutes 192.168.99.104:80->80/tcp, 443/tcp master/dockerlnmp_nginx_3 +e92b34f998bf twang2218/lnmp-nginx:v1.2 "nginx -g 'daemon off" 9 minutes ago Up 9 minutes 192.168.99.106:80->80/tcp, 443/tcp node2/dockerlnmp_nginx_2 +077ee73c8148 twang2218/lnmp-nginx:v1.2 "nginx -g 'daemon off" 22 minutes ago Up 22 minutes 192.168.99.105:80->80/tcp, 443/tcp node3/dockerlnmp_nginx_1 +1931249a66c1 e8920543aee8 "php-fpm" 22 minutes ago Up 22 minutes 9000/tcp node2/dockerlnmp_php_1 +cf71bca309dd mysql:5.7 "docker-entrypoint.sh" 22 minutes ago Up 22 minutes 3306/tcp node1/dockerlnmp_mysql_1 +``` + +如这种情况,就可以使用 , , 来访问服务。 + +### 停止服务 + +```bash +./run1.sh down +``` + +### 销毁集群 + +```bash +./run1.sh remove +``` + +## 二代 Swarm (Swarm Mode) + +[二代 Swarm](https://docs.docker.com/engine/swarm/),既 Docker Swarm Mode,是自 1.12 之后引入的原生的 Docker 集群编排机制。吸取一代 Swarm 的问题,大幅改变了架构,并且大大简化了集群构建。内置了分布式数据库,不在需要配置外置键值库;内置了内核级负载均衡;内置了边界负载均衡。 + +和一代 Swarm 的例子一样,为了方便说明,这里提供了一个 `run2.sh` 来帮助建立集群、运行服务。 + +### 建立 swarm 集群 + +在安装有 `docker-machine` 以及 VirtualBox 的虚拟机上(比如装有 Docker Toolbox 的Mac/Windows),使用 `run2.sh` 脚本即可创建集群: + +```bash +./run2.sh create +``` + +*使用 Digital Ocean, AWS之类的云服务的话,就没必要本地使用 VirtualBox,不过需要事先配置好对应的 `docker-machine` 所需的环境变量。* + +### 启动 + +```bash +./run2.sh up +``` + +### 横向扩展 + +```bash +./run2.sh scale 10 5 +``` + +这里第一个参数是 nginx 容器的数量,第二个参数是 php 容器的数量。 + +### 列出服务状态 + +我们可以使用标准的命令列出所有服务以及状态: + +```bash +$ docker service ls +ID NAME REPLICAS IMAGE COMMAND +2lnqjas6rov4 mysql 1/1 mysql:5.7 mysqld --character-set-server=utf8 +ahqktnscjlkl php 5/5 twang2218/lnmp-php:v1.2 +bhoodda99ebt nginx 10/10 twang2218/lnmp-nginx:v1.2 +``` + +我们也可以通过下面的命令列出具体的每个服务对应的每个容器状态: + +```bash +$ ./run2.sh ps ++ docker service ps -f desired-state=running nginx +ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR +87xr5oa577hl9amelznpy7s7z nginx.1 twang2218/lnmp-nginx:v1.2 node2 Running Running 3 hours ago +7dwmc22qaftz0xrvijij9dnuw nginx.2 twang2218/lnmp-nginx:v1.2 node3 Running Running 22 minutes ago +00rus0xed3y851pcwkbybop80 nginx.3 twang2218/lnmp-nginx:v1.2 manager Running Running 22 minutes ago +5ypct2dnfu6ducnokdlk82dne nginx.4 twang2218/lnmp-nginx:v1.2 manager Running Running 22 minutes ago +7qshykjq8cqju0zt6yb9dkktq nginx.5 twang2218/lnmp-nginx:v1.2 node2 Running Running 22 minutes ago +e2cux4vj2femrb3wc33cvm70n nginx.6 twang2218/lnmp-nginx:v1.2 node1 Running Running 22 minutes ago +9uwbn5tm49k7vxesucym4plct nginx.7 twang2218/lnmp-nginx:v1.2 node1 Running Running 22 minutes ago +6d8v5asrqwnz03hvm2jh96rq3 nginx.8 twang2218/lnmp-nginx:v1.2 node1 Running Running 22 minutes ago +eh44qdsiv7wq8jbwh2sr30ada nginx.9 twang2218/lnmp-nginx:v1.2 node3 Running Running 22 minutes ago +51l7nirwtv4gxnzbhkx6juvko nginx.10 twang2218/lnmp-nginx:v1.2 node2 Running Running 22 minutes ago ++ docker service ps -f desired-state=running php +ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR +4o3pqdva92vjdbfygdn0agp32 php.1 twang2218/lnmp-php:v1.2 manager Running Running 3 hours ago +bf3d6g4rr8cax4wucu9lixgmh php.2 twang2218/lnmp-php:v1.2 node3 Running Running 22 minutes ago +9xq9ozbpea7evllttvyxk7qtf php.3 twang2218/lnmp-php:v1.2 manager Running Running 22 minutes ago +8umths3p8rqib0max6b6wiszv php.4 twang2218/lnmp-php:v1.2 node2 Running Running 22 minutes ago +0fxe0i1n2sp9nlvfgu4xlc0fx php.5 twang2218/lnmp-php:v1.2 node1 Running Running 22 minutes ago ++ docker service ps -f desired-state=running mysql +ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR +3ozjwfgwfcq89mu7tqzi1hqeu mysql.1 mysql:5.7 node3 Running Running 3 hours ago +``` + +### 访问服务 + +`nginx` 将会守候 80 端口,由于二代 Swarm 具有边界负载均衡 (Routing Mesh, Ingress Load balance),因此,集群内所有节点都会守护 80 端口,无论是 Manager 还是 Worker,无论是否有 `nginx` 容器在其上运行。当某个节点接到 80 端口服务请求后,会自动根据容器所在位置,利用 overlay 网络将请求转发过去。因此,访问任意节点的 80 端口都应该可以看到服务。 + +通过下面的命令可以列出所有节点,访问其中任意地址都应该可以看到应用页面: + +```bash +$ ./run2.sh nodes +manager http://192.168.99.101 +node1 http://192.168.99.103 +node2 http://192.168.99.102 +node3 http://192.168.99.104 +``` + +### 停止服务 + +```bash +./run2.sh down +``` + +### 销毁集群 + +```bash +./run2.sh remove +``` + +sudo curl -sSL https://get.daocloud.io/docker | sh + + +安装 docker compose,资料:[install-compose](https://docs.docker.com/compose/install/#install-compose) + +``` + sudo curl -L https://github.com/docker/compose/releases/download/1.18.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose + chmod +x /usr/local/bin/docker-compose) + + +## 4.管理命令 +### 4.1 服务器启动和构建命令 +如需管理服务,请在命令后面加上服务器名称,例如: +```bash +$ docker-compose up # 创建并且启动所有容器 +$ docker-compose up -d # 创建并且后台运行方式启动所有容器 +$ docker-compose up nginx php mysql # 创建并且启动nginx、php、mysql的多个容器 +$ docker-compose up -d nginx php mysql # 创建并且已后台运行的方式启动nginx、php、mysql容器 + + +$ docker-compose start php # 启动服务 +$ docker-compose stop php # 停止服务 +$ docker-compose restart php # 重启服务 +$ docker-compose build php # 构建或者重新构建服务 + +$ docker-compose rm php # 删除并且停止php容器 +$ docker-compose down # 停止并删除容器,网络,图像和挂载卷 +``` + + +Mongodb 与 adminmongo +mongodb 映射到`27017`端口 +``` +可以通过账号密码登录 +mongo --port 27017 -u 账号 -p 密码 +如果不知道密码 +你使用超级管理员账号 +use admin + +创建用户密码 +db.createUser({user: "账号",pwd: "密码",roles: [{role: "userAdminAnyDatabase", db: "admin" }]}) #对某个数据库的进行授权. + +修改数据库密码: +db.changeUserPassword("账号","密码"); + +show dbs 查看数据库 +use dbname 进入数据库 +show users 查看当前数据库用户权限 + +``` +adminmongo 端口为:`1234` 链接为: +``` +http://localhost:1234 可以登录里面查看mongodb的信息 +登录的时候需要验证链接和密码 +一般数据为: +mongodb://账号:密码@IP:27017/admin(数据库) +``` + +-mysql 設定遠端連線 +- 進入 docker mysql 容器:winpty docker exec -it mysql-57 bash +- 登入 mysql:mysql -h 127.0.0.1 -u root -p +- 給予 mysql 登入權限:GRANT ALL PRIVILGEGS ON *.* TO 'root'@'%'; +- 更新權限:FLUSH PRIVILGEGS; + +```DOCKERFILE +FROM php:7.2-fpm +ENV TZ=Asia/Taipei +RUN apt-get update \ + && apt-get install -y \ + cron \ + openssl \ + libfreetype6-dev \ + libicu-dev \ + libjpeg62-turbo-dev \ + libpng-dev \ + redis \ + git +RUN pecl install redis +RUN docker-php-ext-install \ + gd \ + mbstring \ + pdo \ + pdo_mysql +RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer +``` + + +[mysqld] +user = root +datadir = /data/mysql +port = 3306 +log-bin = /data/mysql/mysql-bin + + +; 更多配置项可见:http://php.net/manual/zh/ini.list.php + +memory_limit = 512M +post_max_size = 1024M +upload_max_filesize = 1024M + +url -sS https://getcomposer.org/installer |php7 + + +#去掉ip绑定限制 +sed -i -e "s/listen\s*=\s*127.0.0.1:9000/listen = 9000/g" /etc/php5/php-fpm.conf + +# extends +pecl install swoole +pecl install libevent + +addgroup -S topone4tvs && adduser -S -G topone4tvs topone4tvs +chown -R topone4tvs:topone4tvs /var/www/ + +apk add openssh +ssh-keygen -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key +sed -i -e "s/#HostKey \/etc\/ssh\/ssh_host_rsa_key/HostKey \/etc\/ssh\/ssh_host_rsa_key/g" /etc/ssh/sshd_config +ssh-keygen -t rsa +touch ~/.ssh/authorized_keys + + +/usr/local/etc/php/conf.d +echo "extension=apcu.so" > /usr/local/etc/php/conf.d/apcu.ini +echo "extension=ev.so" > /usr/local/etc/php/conf.d/z-ev.ini + +cp /usr/local/etc/php/php.ini-development /usr/local/etc/php/php.ini + +sed -i 's/extension_dir/;extension_dir/g' /usr/local/etc/php/php.ini +sed -i 's/;extension_dir\ =\ ".\/"/extension_dir\ =\ "\/usr\/local\/lib\/php\/extensions\/no-debug-non-zts-20190902\/"/g' /usr/local/etc/php/php.ini +sed -i 's/;extension_dir\ =\ ".\/"/extension_dir\ =\ "\/usr\/local\/lib\/php\/extensions\/no-debug-non-zts-20190902\/"/g' /usr/local/etc/php/php.ini + +/usr/local/lib/php/extensions/no-debug-non-zts-20190902/ +/usr/local/etc/php + +gnu-libiconv-dev +imap-dev +icu-dev +libzip-dev + +kldap-dev +openldap-dev + +# Install composer +RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/bin --filename=composer \ + && chmod 755 /usr/bin/composer + +# Install additional PHP libraries +RUN docker-php-ext-install bcmath pdo_mysql + +# Install libraries for compiling GD, then build it +RUN apk add --no-cache freetype libpng libjpeg-turbo freetype-dev libpng-dev libjpeg-turbo-dev \ + && docker-php-ext-install gd \ + && apk del --no-cache freetype-dev libpng-dev libjpeg-turbo-dev + +# Add ZIP archives support +RUN apk add --update --no-cache zlib-dev libzip-dev \ + && docker-php-ext-install zip + + # Install tools required for build stage +RUN apk add --update --no-cache \ + bash curl wget rsync ca-certificates openssl openssh git tzdata openntpd \ + libxrender fontconfig libc6-compat \ + mysql-client gnupg binutils-gold autoconf \ + g++ gcc gnupg libgcc linux-headers make python + + + +# Install xdebug +RUN pecl install xdebug \ + && docker-php-ext-enable xdebug + +# Enable XDebug +ADD xdebug.ini /usr/local/etc/php/conf.d/xdebug.ini + +https://dl.dropbox.com/u/5721940/vagrant-boxes/vagrant-centos-6.4-x86_64-vmware_fusion.box +http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box diff --git a/docs/vhost.md b/docs/vhost.md new file mode 100644 index 00000000..3f0f9b8b --- /dev/null +++ b/docs/vhost.md @@ -0,0 +1,51 @@ +# Nginx 配置虚拟主机 + + +## 添加域名映射 + +宿主机 /etc/hosts 文件中添加域名映射,配置如下: +``` +127.0.0.1 laravel.local +``` + + +## 添加 server 配置 + +目录 docker-lnmp/nginx/sites 下新增 laravel.conf 文件,配置如下: +``` +server { + + listen 80; + + server_name laravel.local; + root /var/www/laravel/public; + + index index.php index.html index.htm; + + location / { + try_files $uri $uri/ /index.php?$query_string; + + if (!-d $request_filename) { + rewrite ^/(.+)/$ /$1 permanent; + } + + if (!-e $request_filename) { + rewrite ^/(.*)$ /index.php?/$1 last; + break; + } + } + + location ~ \.php$ { + fastcgi_pass php-fpm:9000; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + } + +} +``` + + +## 3. 重启服务 + +参照基本命令。 diff --git "a/docs/\345\246\202\344\275\225\345\256\211\350\243\205swoole\346\211\251\345\261\225.md" "b/docs/\345\246\202\344\275\225\345\256\211\350\243\205swoole\346\211\251\345\261\225.md" new file mode 100644 index 00000000..ae1aa9d5 --- /dev/null +++ "b/docs/\345\246\202\344\275\225\345\256\211\350\243\205swoole\346\211\251\345\261\225.md" @@ -0,0 +1,33 @@ +# 如何安装swoole扩展 + +#### 如何安装swoole扩展 + +```shell +# 进入PHP容器 +[root@localhost Docker-LNMP]# docker exec -it cgi bash + +# 解决gcc版本过低的问题 +yum -y install centos-release-scl +yum -y install devtoolset-7 +scl enable devtoolset-7 bash + +# 下载、安装 +wget https://github.com/swoole/swoole-src/archive/v4.2.1.tar.gz &&\ + tar -zxvf v4.2.1.tar.gz &&\ + cd swoole-src-4.2.1 &&\ + phpize &&\ + ./configure &&\ + make && make install &&\ + sed -i '$a \\n[swoole]\nextension=swoole.so' /etc/php.ini &&\ +cd ../ && rm -rf v4.2.1.tar.gz swoole-src-4.2.1 + +# 退出PHP容器 +[root@510d01c199f5 /]# exit +exit + +# 重启PHP容器 +[root@localhost Docker-LNMP]# docker restart cgi +``` + +![swoole](https://raw.githubusercontent.com/duiying/img/master/swoole.png) + diff --git "a/docs/\345\246\202\344\275\225\345\256\211\350\243\205yaf\346\211\251\345\261\225.md" "b/docs/\345\246\202\344\275\225\345\256\211\350\243\205yaf\346\211\251\345\261\225.md" new file mode 100644 index 00000000..9f85c160 --- /dev/null +++ "b/docs/\345\246\202\344\275\225\345\256\211\350\243\205yaf\346\211\251\345\261\225.md" @@ -0,0 +1,27 @@ +# 如何安装yaf扩展 + +#### 安装yaf扩展 + +```shell +# 进入PHP容器 +[root@localhost Docker-LNMP]# docker exec -it cgi bash + +# 下载、安装 +wget http://pecl.php.net/get/yaf-3.0.8.tgz &&\ + tar -zxvf yaf-3.0.8.tgz &&\ + cd yaf-3.0.8 &&\ + phpize &&\ + ./configure &&\ + make && make install &&\ + sed -i '$a \\n[yaf]\nextension=yaf.so\nyaf.environ=product' /etc/php.ini &&\ +cd ../ && rm -rf yaf-3.0.8.tgz yaf-3.0.8 + +# 退出PHP容器 +[root@510d01c199f5 /]# exit +exit + +# 重启PHP容器 +[root@localhost Docker-LNMP]# docker restart cgi +``` + +![yaf](https://raw.githubusercontent.com/duiying/img/master/yaf.png) diff --git "a/docs/\345\246\202\344\275\225\346\226\260\345\273\272\344\270\200\344\270\252\347\253\231\347\202\271.md" "b/docs/\345\246\202\344\275\225\346\226\260\345\273\272\344\270\200\344\270\252\347\253\231\347\202\271.md" new file mode 100644 index 00000000..aee60b6a --- /dev/null +++ "b/docs/\345\246\202\344\275\225\346\226\260\345\273\272\344\270\200\344\270\252\347\253\231\347\202\271.md" @@ -0,0 +1,74 @@ +# 如何新建一个站点 + +比如部署一个Yii2项目 https://github.com/duiying/Yii2-Admin , 并且可以通过 http://frontend.yii2.test 访问 + +#### 1. 配置Nginx +```shell +# Docker-LNMP/docker/config/proxy/conf.d 目录下新建一个配置文件 yii2-docker.conf +[root@localhost Docker-LNMP]# vim docker/config/proxy/conf.d/yii2-docker.conf +``` +yii2-docker.conf 内容如下: +``` +server { + + listen 80; + + server_name frontend.yii2.test; + root /data/www/Yii2-Admin/frontend/web; + index index.php index.html index.htm; + + location / { + # Redirect everything that isn't a real file to index.php + try_files $uri $uri/ /index.php$is_args$args; + } + + # deny accessing php files for the /assets directory + location ~ ^/assets/.*\.php$ { + deny all; + } + + location ~ \.php$ { + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass cgi:9000; + try_files $uri =404; + } + + location ~* /\. { + deny all; + } + +} +``` + +#### 2. 克隆项目 +```shell +# Docker-LNMP/www 目录下安装 https://github.com/duiying/Yii2-Admin , 安装过程如下: +[root@localhost Docker-LNMP]# cd www +[root@localhost www]# ls +index.php +[root@localhost www]# git clone https://github.com/duiying/Yii2-Admin.git +[root@localhost www]# ls +index.php Yii2-Admin + +# 更改目录权限 +[root@localhost www]# chmod -R 777 Yii2-Admin/ +``` + +#### 3. 修改本地hosts + +``` +# 192.168.246.128是虚拟机IP地址 +192.168.246.128 frontend.yii2.test +``` + +#### 4. 重启Nginx +```shell +[root@localhost Docker-LNMP]# docker restart proxy +proxy +``` + +#### 5. 浏览器访问 +http://frontend.yii2.test + +![yii2-index](https://raw.githubusercontent.com/duiying/img/master/yii2-index.png) \ No newline at end of file diff --git a/images/aerospike/Dockerfile b/images/aerospike/Dockerfile new file mode 100644 index 00000000..16dd5bbe --- /dev/null +++ b/images/aerospike/Dockerfile @@ -0,0 +1,8 @@ +FROM alpine:edge +LABEL maintainer="Mahmoud Zalt " + +RUN apk add --no-cache beanstalkd + +EXPOSE 11300 +# /etc/aerospike/aerospike.conf +ENTRYPOINT ["/usr/bin/beanstalkd"] \ No newline at end of file diff --git a/images/aerospike/aerospike.conf b/images/aerospike/aerospike.conf new file mode 100644 index 00000000..5e577759 --- /dev/null +++ b/images/aerospike/aerospike.conf @@ -0,0 +1,77 @@ +# Aerospike database configuration file. + +# This stanza must come first. +service { + user root + group root + paxos-single-replica-limit 1 # Number of nodes where the replica count is automatically reduced to 1. + pidfile /var/run/aerospike/asd.pid + service-threads 4 + transaction-queues 4 + transaction-threads-per-queue 4 + proto-fd-max 15000 +} + +logging { + + # Log file must be an absolute path. + file /var/log/aerospike/aerospike.log { + context any info + } + + # Send log messages to stdout + console { + context any critical + } +} + +network { + service { + address any + port 3000 + + # Uncomment the following to set the `access-address` parameter to the + # IP address of the Docker host. This will the allow the server to correctly + # publish the address which applications and other nodes in the cluster to + # use when addressing this node. + # access-address + } + + heartbeat { + + # mesh is used for environments that do not support multicast + mode mesh + port 3002 + + # use asinfo -v 'tip:host=;port=3002' to inform cluster of + # other mesh nodes + mesh-port 3002 + + interval 150 + timeout 10 + } + + fabric { + port 3001 + } + + info { + port 3003 + } +} + +namespace test { + replication-factor 2 + memory-size 1G + default-ttl 5d # 5 days, use 0 to never expire/evict. + + # storage-engine memory + + # To use file storage backing, comment out the line above and use the + # following lines instead. + storage-engine device { + file /opt/aerospike/data/test.dat + filesize 4G + data-in-memory true # Store data in memory in addition to file. + } +} diff --git a/images/almalinux/8.4/Dockerfile b/images/almalinux/8.4/Dockerfile new file mode 100644 index 00000000..3be95444 --- /dev/null +++ b/images/almalinux/8.4/Dockerfile @@ -0,0 +1,5 @@ +FROM almalinux:8.4 +LABEL MAINTAINER="Cloudflying" \ + MAIL="" + +CMD [ "/bash" ] diff --git a/images/almalinux/latest/Dockerfile b/images/almalinux/latest/Dockerfile new file mode 100644 index 00000000..3be95444 --- /dev/null +++ b/images/almalinux/latest/Dockerfile @@ -0,0 +1,5 @@ +FROM almalinux:8.4 +LABEL MAINTAINER="Cloudflying" \ + MAIL="" + +CMD [ "/bash" ] diff --git a/images/alpine-mariadb-amd64/Dockerfile b/images/alpine-mariadb-amd64/Dockerfile new file mode 100644 index 00000000..bd019284 --- /dev/null +++ b/images/alpine-mariadb-amd64/Dockerfile @@ -0,0 +1,34 @@ +FROM yobasystems/alpine:3.10.1-amd64 + +ARG BUILD_DATE +ARG VCS_REF + +LABEL maintainer="Dominic Taylor " \ + architecture="amd64/x86_64" \ + mariadb-version="10.3.17" \ + alpine-version="3.10.1" \ + build="12-Nov-2019" \ + org.opencontainers.image.title="alpine-mariadb" \ + org.opencontainers.image.description="MariaDB Docker image running on Alpine Linux" \ + org.opencontainers.image.authors="Dominic Taylor " \ + org.opencontainers.image.vendor="Yoba Systems" \ + org.opencontainers.image.version="v10.3.17" \ + org.opencontainers.image.url="https://hub.docker.com/r/yobasystems/alpine-mariadb/" \ + org.opencontainers.image.source="https://github.com/yobasystems/alpine-mariadb" \ + org.opencontainers.image.revision=$VCS_REF \ + org.opencontainers.image.created=$BUILD_DATE + +RUN apk add --no-cache mariadb mariadb-client mariadb-server-utils pwgen && \ + rm -f /var/cache/apk/* + +ADD alpine-mariadb-amd64/files/run.sh /scripts/run.sh +RUN mkdir /docker-entrypoint-initdb.d && \ + mkdir /scripts/pre-exec.d && \ + mkdir /scripts/pre-init.d && \ + chmod -R 755 /scripts + +EXPOSE 3306 + +VOLUME ["/var/lib/mysql"] + +ENTRYPOINT ["/scripts/run.sh"] diff --git a/images/alpine-mariadb-amd64/files/run.sh b/images/alpine-mariadb-amd64/files/run.sh new file mode 100644 index 00000000..fc7d3ea8 --- /dev/null +++ b/images/alpine-mariadb-amd64/files/run.sh @@ -0,0 +1,99 @@ +#!/bin/sh + +# execute any pre-init scripts +for i in /scripts/pre-init.d/*sh +do + if [ -e "${i}" ]; then + echo "[i] pre-init.d - processing $i" + . "${i}" + fi +done + +if [ -d "/run/mysqld" ]; then + echo "[i] mysqld already present, skipping creation" + chown -R mysql:mysql /run/mysqld +else + echo "[i] mysqld not found, creating...." + mkdir -p /run/mysqld + chown -R mysql:mysql /run/mysqld +fi + +if [ -d /var/lib/mysql/mysql ]; then + echo "[i] MySQL directory already present, skipping creation" + chown -R mysql:mysql /var/lib/mysql +else + echo "[i] MySQL data directory not found, creating initial DBs" + + chown -R mysql:mysql /var/lib/mysql + + mysql_install_db --user=mysql --ldata=/var/lib/mysql > /dev/null + + if [ "$MYSQL_ROOT_PASSWORD" = "" ]; then + MYSQL_ROOT_PASSWORD=`pwgen 16 1` + echo "[i] MySQL root Password: $MYSQL_ROOT_PASSWORD" + fi + + MYSQL_DATABASE=${MYSQL_DATABASE:-""} + MYSQL_USER=${MYSQL_USER:-""} + MYSQL_PASSWORD=${MYSQL_PASSWORD:-""} + + tfile=`mktemp` + if [ ! -f "$tfile" ]; then + return 1 + fi + + cat << EOF > $tfile +USE mysql; +FLUSH PRIVILEGES ; +GRANT ALL ON *.* TO 'root'@'%' identified by '$MYSQL_ROOT_PASSWORD' WITH GRANT OPTION ; +GRANT ALL ON *.* TO 'root'@'localhost' identified by '$MYSQL_ROOT_PASSWORD' WITH GRANT OPTION ; +SET PASSWORD FOR 'root'@'localhost'=PASSWORD('${MYSQL_ROOT_PASSWORD}') ; +DROP DATABASE IF EXISTS test ; +FLUSH PRIVILEGES ; +EOF + + if [ "$MYSQL_DATABASE" != "" ]; then + echo "[i] Creating database: $MYSQL_DATABASE" + if [ "$MYSQL_CHARSET" != "" ] && [ "$MYSQL_COLLATION" != "" ]; then + echo "[i] with character set [$MYSQL_CHARSET] and collation [$MYSQL_COLLATION]" + echo "CREATE DATABASE IF NOT EXISTS \`$MYSQL_DATABASE\` CHARACTER SET $MYSQL_CHARSET COLLATE $MYSQL_COLLATION;" >> $tfile + else + echo "[i] with character set: 'utf8' and collation: 'utf8_general_ci'" + echo "CREATE DATABASE IF NOT EXISTS \`$MYSQL_DATABASE\` CHARACTER SET utf8 COLLATE utf8_general_ci;" >> $tfile + fi + + if [ "$MYSQL_USER" != "" ]; then + echo "[i] Creating user: $MYSQL_USER with password $MYSQL_PASSWORD" + echo "GRANT ALL ON \`$MYSQL_DATABASE\`.* to '$MYSQL_USER'@'%' IDENTIFIED BY '$MYSQL_PASSWORD';" >> $tfile + fi + fi + + /usr/bin/mysqld --user=mysql --bootstrap --verbose=0 --skip-name-resolve --skip-networking=0 < $tfile + rm -f $tfile + + for f in /docker-entrypoint-initdb.d/*; do + case "$f" in + *.sql) echo "$0: running $f"; /usr/bin/mysqld --user=mysql --bootstrap --verbose=0 --skip-name-resolve --skip-networking=0 < "$f"; echo ;; + *.sql.gz) echo "$0: running $f"; gunzip -c "$f" | /usr/bin/mysqld --user=mysql --bootstrap --verbose=0 --skip-name-resolve --skip-networking=0 < "$f"; echo ;; + *) echo "$0: ignoring or entrypoint initdb empty $f" ;; + esac + echo + done + + echo + echo 'MySQL init process done. Ready for start up.' + echo + + echo "exec /usr/bin/mysqld --user=mysql --console --skip-name-resolve --skip-networking=0" "$@" +fi + +# execute any pre-exec scripts +for i in /scripts/pre-exec.d/*sh +do + if [ -e "${i}" ]; then + echo "[i] pre-exec.d - processing $i" + . ${i} + fi +done + +exec /usr/bin/mysqld --user=mysql --console --skip-name-resolve --skip-networking=0 $@ diff --git a/images/alpine/3.10/Dockerfile b/images/alpine/3.10/Dockerfile new file mode 100644 index 00000000..ad3091f1 --- /dev/null +++ b/images/alpine/3.10/Dockerfile @@ -0,0 +1,8 @@ +FROM alpine:3.10 +LABEL MAINTAINER="Cloudflying" \ + MAIL="" + +RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \ + && echo 'nameserver 8.8.8.8' > /etc/resolv.conf + +CMD [ "/bin/sh" ] diff --git a/images/alpine/3.11/Dockerfile b/images/alpine/3.11/Dockerfile new file mode 100644 index 00000000..24c03851 --- /dev/null +++ b/images/alpine/3.11/Dockerfile @@ -0,0 +1,8 @@ +FROM alpine:3.11 +LABEL MAINTAINER="Cloudflying" \ + MAIL="" + +RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \ + && echo 'nameserver 8.8.8.8' > /etc/resolv.conf + +CMD [ "/bin/sh" ] diff --git a/images/alpine/3.12/Dockerfile b/images/alpine/3.12/Dockerfile new file mode 100644 index 00000000..2189a150 --- /dev/null +++ b/images/alpine/3.12/Dockerfile @@ -0,0 +1,8 @@ +FROM alpine:3.12 +LABEL MAINTAINER="Cloudflying" \ + MAIL="" + +RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \ + && echo 'nameserver 8.8.8.8' > /etc/resolv.conf + +CMD [ "/bin/sh" ] diff --git a/images/alpine/3.13/Dockerfile b/images/alpine/3.13/Dockerfile new file mode 100644 index 00000000..a533cb8f --- /dev/null +++ b/images/alpine/3.13/Dockerfile @@ -0,0 +1,8 @@ +FROM alpine:3.13 +LABEL MAINTAINER="Cloudflying" \ + MAIL="" + +RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \ + && echo 'nameserver 223.5.5.5' > /etc/resolv.conf + +CMD [ "/bin/sh" ] diff --git a/images/alpine/3.7/Dockerfile b/images/alpine/3.7/Dockerfile new file mode 100644 index 00000000..2bbb1a2b --- /dev/null +++ b/images/alpine/3.7/Dockerfile @@ -0,0 +1,8 @@ +FROM alpine:3.7 +LABEL MAINTAINER="Cloudflying" \ + MAIL="" + +RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \ + && echo 'nameserver 8.8.8.8' > /etc/resolv.conf + +CMD [ "/bin/sh" ] diff --git a/images/alpine/3.8/Dockerfile b/images/alpine/3.8/Dockerfile new file mode 100644 index 00000000..3f4734fd --- /dev/null +++ b/images/alpine/3.8/Dockerfile @@ -0,0 +1,8 @@ +FROM alpine:3.8 +LABEL MAINTAINER="Cloudflying" \ + MAIL="" + +RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \ + && echo 'nameserver 8.8.8.8' > /etc/resolv.conf + +CMD [ "/bin/sh" ] diff --git a/images/alpine/3.9/Dockerfile b/images/alpine/3.9/Dockerfile new file mode 100644 index 00000000..be17a98c --- /dev/null +++ b/images/alpine/3.9/Dockerfile @@ -0,0 +1,8 @@ +FROM alpine:3.9 +LABEL MAINTAINER="Cloudflying" \ + MAIL="" + +RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \ + && echo 'nameserver 8.8.8.8' > /etc/resolv.conf + +CMD [ "/bin/sh" ] diff --git a/images/alpine/Dockerfile b/images/alpine/Dockerfile deleted file mode 100644 index 485c8876..00000000 --- a/images/alpine/Dockerfile +++ /dev/null @@ -1,9 +0,0 @@ -FROM alpine:edge -LABEL MAINTAINER="Cloudflying" \ - MAIL="" - -ENV PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" -RUN echo "http://mirrors.aliyun.com/alpine/edge/main" >/etc/apk/repositories \ - && echo "http://mirrors.aliyun.com/alpine/edge/community" >>/etc/apk/repositories \ - && rm -fr /var/cache/apk/* \ - && rm -fr /tmp/* diff --git a/images/alpine/Dockerfile.dev b/images/alpine/Dockerfile.dev deleted file mode 100644 index 93e0bd26..00000000 --- a/images/alpine/Dockerfile.dev +++ /dev/null @@ -1,9 +0,0 @@ -FROM registry.cn-hongkong.aliyuncs.com/imxieke/alpine:latest -LABEL MAINTAINER="Cloudflying" \ - MAIL="oss@live.hk" - -RUN apk --no-cache add bash neovim git curl wget zsh \ - gcc g++ make cmake automake autoconf luajit-dev libc-dev pcre pcre-dev \ - readline-dev openssl openssl-dev musl musl-dev - -CMD /bin/bash \ No newline at end of file diff --git a/images/alpine/README.md b/images/alpine/README.md deleted file mode 100644 index 06a91a95..00000000 --- a/images/alpine/README.md +++ /dev/null @@ -1,8 +0,0 @@ -# Alpine Linux - -### how connect to container : -``` -docker run -d --name=alpine -p 22:22 registry.cn-hongkong.aliyuncs.com/imxieke/alpine:latest -ssh root@host -p 22 -password: alpine -``` diff --git a/images/alpine/edge/Dockerfile b/images/alpine/edge/Dockerfile new file mode 100644 index 00000000..3fb3ed12 --- /dev/null +++ b/images/alpine/edge/Dockerfile @@ -0,0 +1,8 @@ +FROM alpine:edge +LABEL MAINTAINER="Cloudflying" \ + MAIL="" + +RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \ + && echo 'nameserver 8.8.8.8' > /etc/resolv.conf + +CMD [ "/bin/sh" ] diff --git a/images/android/Dockerfile b/images/android/Dockerfile new file mode 100644 index 00000000..facb0ef0 --- /dev/null +++ b/images/android/Dockerfile @@ -0,0 +1,14 @@ +FROM daocloud.io/library/centos:7.2.1511 + +RUN yum install java-1.8.0-openjdk* zip unzip which -y &&\ + yum clean all &&\ + echo "export JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.201.b09-2.el7_6.x86_64" >> /etc/profile &&\ + echo "export JRE_HOME=/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.201.b09-2.el7_6.x86_64" >> /etc/profile &&\ + echo "export CLASSPATH=.:$JAVA_HOME/jre/lib:$JAVA_HOME/lib" >> /etc/profile &&\ + echo "export PATH=$PATH:$JAVA_HOME/bin" >> /etc/profile &&\ + curl -s "https://get.sdkman.io" | bash &&\ + echo 'source "/root/.sdkman/bin/sdkman-init.sh"' >> /etc/profile &&\ + source /etc/profile &&\ + sdk install gradle + +CMD ["/usr/sbin/init"] \ No newline at end of file diff --git a/images/apache2/Dockerfile b/images/apache2/Dockerfile new file mode 100644 index 00000000..7ee9b855 --- /dev/null +++ b/images/apache2/Dockerfile @@ -0,0 +1,17 @@ +FROM webdevops/apache:ubuntu-16.04 + +MAINTAINER Eric Pfeiffer + +ARG PHP_SOCKET="php-fpm:9000" + +ENV WEB_PHP_SOCKET=$PHP_SOCKET + +ENV WEB_DOCUMENT_ROOT=/var/www/laravel/public + +EXPOSE 80 443 + +WORKDIR /var/www/laravel/public + +ENTRYPOINT ["/opt/docker/bin/entrypoint.sh"] + +CMD ["supervisord"] diff --git a/images/archlinux-vnc/Dockerfile b/images/archlinux-vnc/Dockerfile deleted file mode 100644 index 120cbaf3..00000000 --- a/images/archlinux-vnc/Dockerfile +++ /dev/null @@ -1,29 +0,0 @@ -FROM registry.cn-hongkong.aliyuncs.com/imxieke/archlinux:vncenv -LABEL MAINTAINER="Cloudflying" \ - MAIL="" -ENV HOME=/root -ENV AUTHORIZED_KEYS **None** \ - DISPLAY=:1 \ - TERM=xterm \ - VNC_PORT=5901 \ - NO_VNC_PORT=6901 \ - NO_VNC_HOME=$HOME/noVNC \ - VNC_COL_DEPTH=32 \ - VNC_RESOLUTION=1360x768 \ - VNC_PW=123456 \ - VNC_VIEW_ONLY=false - -WORKDIR /root - -ADD run.sh / - -RUN chmod +x /*.sh - -ADD conf/.xinitrc /root/.xinitrc -ADD conf/.ratpoisonrc /root/.ratpoisonrc -ADD conf/.xsession /root/.xsession -ADD conf/vnc/xstartup /root/.vnc/xstartup - -EXPOSE $VNC_PORT $NO_VNC_PORT 22 - -CMD /run.sh diff --git a/images/archlinux-vnc/conf/build.sh b/images/archlinux-vnc/conf/build.sh deleted file mode 100644 index cae08f7c..00000000 --- a/images/archlinux-vnc/conf/build.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/usr/bin/env bash - -pacman -S --noconfirm --force xorg-server xorg-apps i3-wm zsh vim git wget net-tools bzip2 python python-pip python-numpy supervisor \ - xterm gettext -pip install websocket websocketproxy -echo '#!/bin/sh' > ${HOME}/.xinitrc -echo 'exec i3' >> ${HOME}/.xinitrc \ No newline at end of file diff --git a/images/archlinux/Dockerfile b/images/archlinux/Dockerfile deleted file mode 100644 index bcefca39..00000000 --- a/images/archlinux/Dockerfile +++ /dev/null @@ -1,10 +0,0 @@ -FROM imxieke/archlinux:base -LABEL MAINTAINER="Cloudflying" \ - MAIL="" - -# RUN pacman -Syyu --force --noconfirm \ - # && pacman -Scc --noconfirm \ - # && rm -fr /var/cache/pacman/pkg/* \ - # && rm -fr /var/lib/pacman/* - -CMD /bin/bash \ No newline at end of file diff --git a/images/archlinux/Dockerfile.base b/images/archlinux/Dockerfile.base deleted file mode 100755 index 48c762e9..00000000 --- a/images/archlinux/Dockerfile.base +++ /dev/null @@ -1,26 +0,0 @@ -FROM scratch -LABEL MAINTAINER="Cloudflying" \ - MAIL="" - -ADD arch.tar / - -ENV PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" \ - LANG='en_US.UTF-8' \ - LANGUAGE='en_US:en' \ - LC_TIME='en_US.UTF-8' \ - LC_PAPER='en_US.UTF-8' \ - LC_MEASUREMENT='en_US.UTF-8' \ - TZ='Asia/Shanghai' - -RUN echo "Server = https://mirrors.ustc.edu.cn/archlinux/\$repo/os/\$arch" > /etc/pacman.d/mirrorlist \ - && rm -fr /etc/localtime \ - && ln --symbolic "/usr/share/zoneinfo/${TZ}" /etc/localtime \ - && echo "Asia/Shanghai" > /etc/timezone \ - && pacman-key --init \ - && pacman-key --populate archlinux \ - && pacman -Syyu --noconfirm \ - && pacman -Scc --noconfirm \ - && rm -fr /var/cache/pacman/pkg/* \ - && rm -fr /var/lib/pacman/* - -CMD /bin/bash \ No newline at end of file diff --git a/images/archlinux/Dockerfile.vncenv b/images/archlinux/Dockerfile.vncenv deleted file mode 100644 index a2c40a9e..00000000 --- a/images/archlinux/Dockerfile.vncenv +++ /dev/null @@ -1,18 +0,0 @@ -FROM registry.cn-hongkong.aliyuncs.com/imxieke/archlinux:latest -LABEL MAINTAINER="Cloudflying" \ - MAIL="" - -RUN pacman --noconfirm --force -Syy \ - && pacman -S --noconfirm --force archlinux-keyring \ - && pacman -S --noconfirm --force openssh sudo supervisor xorg xfce4 x11vnc xterm \ - xorg-twm xorg-xclock expect ratpoison ttf-droid ttf-dejavu \ - && rm -fr /var/cache/pacman/pkg/* \ - && pacman -Scc --noconfirm \ - && rm -fr /var/lib/pacman/* \ - && mkdir -p /var/run/sshd \ - && mkdir -p /root/.vnc \ - && sed -i "s/UsePrivilegeSeparation.*/UsePrivilegeSeparation no/g" /etc/ssh/sshd_config \ - && sed -i "s/UsePAM.*/UsePAM no/g" /etc/ssh/sshd_config \ - && sed -i "s/PermitRootLogin.*/PermitRootLogin yes/g" /etc/ssh/sshd_config \ - && ssh-keygen -A -CMD ['bash'] diff --git a/images/archlinux/Dockerfile.dev b/images/archlinux/dev/Dockerfile similarity index 81% rename from images/archlinux/Dockerfile.dev rename to images/archlinux/dev/Dockerfile index 03589a96..8fe5557b 100644 --- a/images/archlinux/Dockerfile.dev +++ b/images/archlinux/dev/Dockerfile @@ -3,7 +3,7 @@ LABEL MAINTAINER="Cloudflying" \ MAIL="" RUN pacman -Syyu --noconfirm \ - && pacman -S --noconfirm --force gcc make cmake neovim git \ + && pacman -S --noconfirm gcc make cmake neovim git \ && rm -fr /var/cache/pacman/pkg/* \ && pacman -Scc --noconfirm \ && rm -fr /var/lib/pacman/* diff --git a/images/archlinux/latest/Dockerfile b/images/archlinux/latest/Dockerfile new file mode 100644 index 00000000..400b3f7b --- /dev/null +++ b/images/archlinux/latest/Dockerfile @@ -0,0 +1,18 @@ +FROM archlinux/archlinux:latest +LABEL MAINTAINER="Cloudflying" \ + MAIL="" + +ENV PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" \ + LANG='en_US.UTF-8' \ + LANGUAGE='en_US:en' \ + LC_TIME='en_US.UTF-8' \ + LC_PAPER='en_US.UTF-8' \ + LC_MEASUREMENT='en_US.UTF-8' \ + TZ='Asia/Shanghai' + +RUN echo "Server = https://mirrors.aliyun.com/archlinux/\$repo/os/\$arch" > /etc/pacman.d/mirrorlist\ + && rm -fr /etc/localtime \ + && ln --symbolic "/usr/share/zoneinfo/${TZ}" /etc/localtime \ + && echo "Asia/Shanghai" > /etc/timezone + +CMD /bin/bash diff --git a/images/aria2/Dockerfile b/images/aria2/Dockerfile index cc1a389b..860a1d25 100644 --- a/images/aria2/Dockerfile +++ b/images/aria2/Dockerfile @@ -1,27 +1,26 @@ -FROM registry.cn-hongkong.aliyuncs.com/imxieke/alpine:latest +FROM alpine:3.12 LABEL MAINTAINER="Cloudflying" \ MAIL="oss@live.hk" -ENV ARIA2_PORT=6880 -ENV ARIA2_SECRET=aria2cpwd -ENV WEBUI_PORT=8080 +COPY conf/ /etc/aria2c/ -RUN apk add --no-cache aria2 darkhttpd && \ - mkdir -p /etc/aria2c && \ - mkdir -p /data/downloads && \ - wget https://dev.tencent.com/u/imxieke/p/packages/git/raw/master/code/aria-webui/webui.zip -O /data/webui.zip && \ - unzip /data/webui.zip -d /data/ && \ - chmod 777 -R /data/ && \ - touch /etc/aria2c/aria2c.session +RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \ + && echo 'nameserver 8.8.8.8' > /etc/resolv.conf \ + && apk add --no-cache --virtual .deps curl \ + && apk add --no-cache darkhttpd \ + && curl -L https://cloudflying-generic.pkg.coding.net/storage/mirrors/pkgs/aria2/aria2c-amd64 -o /usr/bin/aria2c \ + && chmod +x /usr/bin/aria2c \ + && mkdir -p /etc/aria2c \ + && chmod -R 777 /etc/aria2c \ + && mkdir -p /opt/ariang \ + && chmod -R 777 /opt/ariang \ + && mkdir -p /data/downloads \ + && chmod -R 777 /data/downloads \ + && cd /opt/ariang \ + && curl -L https://cloudflying-generic.pkg.coding.net/storage/mirrors/src/ariang/1.17.zip -o /opt/ariang/1.17.zip \ + && unzip 1.17.zip && rm -fr LICENSE && rm -fr 1.17.zip \ + && mv /etc/aria2c/entrypoint.sh /usr/bin/entrypoint.sh \ + && chmod +x /usr/bin/entrypoint.sh \ + && apk del .deps -ADD conf/run.sh /data/run.sh -ADD conf/aria2c.conf /etc/aria2c/aria2c.conf - -RUN chmod +x /data/*.sh && \ - chmod 777 -R /etc/aria2c/ - - -VOLUME ["/data"] -EXPOSE ${ARIA2_PORT} - -CMD ["/data/run.sh"] \ No newline at end of file +CMD ["/usr/bin/entrypoint.sh"] diff --git a/images/aria2/conf/aria2c.conf b/images/aria2/conf/aria2c.conf index e5f32030..1cd11b41 100644 --- a/images/aria2/conf/aria2c.conf +++ b/images/aria2/conf/aria2c.conf @@ -1,18 +1,3 @@ -## 文件保存相关 ## - -# 文件保存目录 -dir=/data/downloads -# 启用磁盘缓存, 0为禁用缓存, 需1.16以上版本, 默认:16M -disk-cache=32M -# 断点续传 -continue=true - -# 文件预分配方式, 能有效降低磁盘碎片, 默认:prealloc -# 预分配所需时间: none < falloc ? trunc < prealloc -# falloc和trunc则需要文件系统和内核支持 -# NTFS建议使用falloc, EXT3/4建议trunc, MAC 下需要注释此项 -file-allocation=trunc - ## 下载连接相关 ## # 最大同时下载任务数, 运行时可修改, 默认:5 @@ -21,33 +6,103 @@ max-concurrent-downloads=64 # 官方的aria2最高设置为16, 如果需要设置任意数值请重新编译aria2 max-connection-per-server=16 # 整体下载速度限制, 运行时可修改, 默认:0(不限制) -#max-overall-download-limit=0 +max-overall-download-limit=0 # 单个任务下载速度限制, 默认:0(不限制) -#max-download-limit=0 +max-download-limit=0 # 整体上传速度限制, 运行时可修改, 默认:0(不限制) -#max-overall-upload-limit=0 +max-overall-upload-limit=0 # 单个任务上传速度限制, 默认:0(不限制) -#max-upload-limit=0 +max-upload-limit=500kb +# 连接超时时间(秒)。默认:60 +connect-timeout=10 # 禁用IPv6, 默认:false # disable-ipv6=true # 禁用https证书检查 check-certificate=false -# 整体上传速度限制, 运行时可修改, 默认:0 -max-overall-upload-limit=1024kb -# 单个任务上传速度限制, 默认:0 -max-upload-limit=500kb # 连接超时时间, 默认:60 -timeout=10 +timeout=60 # 最大重试次数, 设置为0表示不限制重试次数, 默认:5 max-tries=5 # 设置重试等待的秒数, 默认:0 retry-wait=3 +# 比如此项值为 10M, 当文件为 20MB 会分成两段并使用两个来源下载, 文件为 15MB 则只使用一个来源下载。 +# 理论上值越小使用下载分段就越多,所能获得的实际线程数就越大,下载速度就越快,但受限于所下载文件服务器的策略。 # 最小文件分片大小, 添加时可指定, 取值范围1M -1024M, 默认:20M # 假定size=10M, 文件为20MiB 则使用两个来源下载; 文件为15MiB 则使用一个来源下载 -min-split-size=20M +min-split-size=50M # 单个任务最大线程数, 添加时可指定, 默认:5 # 建议同max-connection-per-server设置为相同值 split=64 +# GZip 支持,默认:false +http-accept-gzip=true +# URI 复用,默认: true +reuse-uri=false +# 禁用 netrc 支持,默认:false +no-netrc=true +# 允许覆盖,当相关控制文件(.aria2)不存在时从头开始重新下载。默认:false +allow-overwrite=false +# 文件自动重命名,此选项仅在 HTTP(S)/FTP 下载中有效。新文件名在名称之后扩展名之前加上一个点和一个数字(1..9999)。默认:true +auto-file-renaming=true +# HTTP/FTP 下载分片大小,所有分割都必须是此项值的倍数,最小值为 1M (增强版为 1K),默认:1M +piece-length=1M +# 允许分片大小变化。默认:false +# false:当分片大小与控制文件中的不同时将会中止下载 +# true:丢失部分下载进度继续下载 +allow-piece-length-change=true +# 使用 UTF-8 处理 Content-Disposition ,默认:false +content-disposition-default-utf8=true + + +## 文件保存相关 ## + +# 文件保存目录 +dir=/data/downloads +# 断点续传 +continue=true +# 始终尝试断点续传,无法断点续传则终止下载,默认:true +always-resume=false +# 不支持断点续传的 URI 数值,当 always-resume=false 时生效。 +# 达到这个数值从将头开始下载,值为 0 时所有 URI 不支持断点续传时才从头开始下载。 +max-resume-failure-tries=0 +# 文件未找到重试次数,默认:0 (禁用) +# 重试时同时会记录重试次数,所以也需要设置 max-tries 这个选项 +max-file-not-found=10 +# 获取服务器文件时间,默认:false +remote-time=true + +# 启用磁盘缓存, 0为禁用缓存, 需1.16以上版本, 默认:16M +disk-cache=32M + +## 日志设置 ## + +# 日志文件保存路径,忽略或设置为空为不保存,默认:不保存 +# log=/tmp/aria2c.log + +# 日志级别,可选 debug, info, notice, warn, error 。默认:debug +# log-level=notice + +# 控制台日志级别,可选 debug, info, notice, warn, error ,默认:notice +console-log-level=notice +# 下载进度摘要输出间隔时间(秒),0 为禁止输出。默认:60 +summary-interval=0 + +# 文件预分配方式, 能有效降低磁盘碎片, 默认:prealloc +# 预分配所需时间: none < falloc ? trunc < prealloc +# falloc和trunc则需要文件系统和内核支持 +# NTFS建议使用falloc, EXT3/4建议trunc, MAC 下需要注释此项 +# 文件预分配方式, 可选:none, prealloc, trunc, falloc, 默认:prealloc +# 预分配对于机械硬盘可有效降低磁盘碎片、提升磁盘读写性能、延长磁盘寿命。 +# 机械硬盘使用 ext4(具有扩展支持),btrfs,xfs 或 NTFS(仅 MinGW 编译版本)等文件系统建议设置为 falloc +# 若无法下载,提示 fallocate failed.cause:Operation not supported 则说明不支持,请设置为 none +# prealloc 分配速度慢, trunc 无实际作用,不推荐使用。 +# 固态硬盘不需要预分配,只建议设置为 none ,否则可能会导致双倍文件大小的数据写入,从而影响寿命。 +# file-allocation=none + +# 文件预分配大小限制。小于此选项值大小的文件不预分配空间,单位 K 或 M,默认:5M +no-file-allocation-limit=64M + +# 安静模式,禁止在控制台输出日志,默认:false +quiet=true ## 进度保存相关 ## @@ -56,7 +111,13 @@ input-file=/etc/aria2c/aria2c.session # 在Aria2退出时保存错误的、未完成的下载任务到会话文件 save-session=/etc/aria2c/aria2c.session # 定时保存会话, 0为退出时才保存, 需1.16.1以上版本, 默认:0 -save-session-interval=5 +save-session-interval=60 +# 自动保存任务进度的间隔时间(秒),0 为进程正常退出时保存,默认:60 +auto-save-interval=1 +# 强制保存,即使任务已完成也保存信息到会话文件, 默认:false +# 开启后会在任务完成后保留 .aria2 文件,文件被移除且任务存在的情况下重启后会重新下载。 +# 关闭后已完成的任务列表会在重启后清空。 +force-save=false ## RPC相关设置 ## @@ -69,22 +130,44 @@ rpc-listen-all=true # RPC端口, 仅当默认端口被占用时修改 rpc-listen-port=6800 # 设置的RPC授权令牌, v1.18.4新增功能, 取代 --rpc-user 和 --rpc-passwd 选项 -rpc-secret=aria2pwd +rpc-secret=haspwd # 启动SSL # rpc-secure=true # 证书文件, 如果启用SSL则需要配置证书文件, 例如用https连接aria2 # rpc-certificate= # rpc-private-key= -# 保存上传的种子文件 -rpc-save-upload-metadata=false +# 保存通过 WebUI(RPC) 上传的种子文件(.torrent),默认:true +# 所有涉及种子文件保存的选项都建议开启,不保存种子文件有任务丢失的风险。 +# 通过 RPC 自定义临时下载目录可能不会保存种子文件。 +rpc-save-upload-metadata=true +# RPC 最大请求大小 +rpc-max-request-size=10M + + +## 高级选项 ## + +# 启用异步 DNS 功能。默认:true +#async-dns=true + +# 指定异步 DNS 服务器列表,未指定则从 /etc/resolv.conf 中读取。 +#async-dns-server=119.29.29.29,223.5.5.5,8.8.8.8,1.1.1.1 +# 指定单个网络接口,可能的值:接口,IP地址,主机名 +# 如果接口具有多个 IP 地址,则建议指定 IP 地址。 +# 已知指定网络接口会影响依赖本地 RPC 的连接的功能场景,即通过 localhost 和 127.0.0.1 无法与 Aria2 服务端进行讯通。 +#interface= + +# 指定多个网络接口,多个值之间使用逗号(,)分隔。 +# 使用 interface 选项时会忽略此项。 +#multiple-interface ## BT/PT下载相关 ## # 当下载的是一个种子(以.torrent结尾)时, 自动开始BT任务, 默认:true +# 下载种子文件(.torrent)自动开始下载, 默认:true,可选:false|mem +# true:保存种子文件 +# false:仅下载种子文件 +# mem:将种子保存在内存中 follow-torrent=true -# 强制保存会话, 即使任务已经完成, 默认:false -# 较新的版本开启后会在任务完成后依然保留.aria2文件 -#force-save=false # 继续之前的BT任务时, 无需再次校验, 默认:false bt-seed-unverified=true # 保存磁力链接元数据为种子文件(.torrent文件), 默认:false @@ -95,41 +178,95 @@ bt-max-peers=0 # seed-time = 60 # 分离做种任务 bt-detach-seed-only=true +# 删除 BT 下载任务中未选择文件,默认:false +bt-remove-unselected-file=true +# Try to download first and last pieces of each file first. This is useful for previewing files. +bt-prioritize-piece=head=32M,tail=32M # BT监听端口, 当端口被屏蔽时使用, 默认:6881-6999 -listen-port=51413 +listen-port=6802-6999 # 单个种子最大连接数, 默认:55 -bt-max-peers=64 +bt-max-peers=0 +# 加载已保存的元数据文件(.torrent),默认:false +bt-load-saved-metadata=true +# BT最低加密等级,可选:plain(明文),arc4(加密),默认:plain +#bt-min-crypto-level=arc4 +# BT强制加密, 默认: false +# 启用后将拒绝旧的 BT 握手协议并仅使用混淆握手及加密。可以解决部分运营商对 BT 下载的封锁,且有一定的防版权投诉与迅雷吸血效果。 +# 此选项相当于后面两个选项(bt-require-crypto=true, bt-min-crypto-level=arc4)的快捷开启方式,但不会修改这两个选项的值。 +bt-force-encryption=true +# BT加密需求,默认:false 强制加密, 防迅雷必备 +# 启用后拒绝与旧的 BitTorrent 握手协议(\19BitTorrent protocol)建立连接,始终使用混淆处理握手。 +#bt-require-crypto=true # 打开DHT功能, PT需要禁用, 默认:true enable-dht=true # 打开IPv6 DHT功能, PT需要禁用 -# enable-dht6=true +enable-dht6=true # DHT网络监听端口, 默认:6881-6999 -dht-listen-port=6881-6999 +dht-listen-port=6802-6999 +# DHT(IPv4)文件 +dht-file-path=/etc/aria2c/dht.dat +# DHT(IPv6)文件 +dht-file-path6=/etc/aria2c/dht6.dat +# IPv4 DHT 网络引导节点 +dht-entry-point=dht.transmissionbt.com:6881 +# IPv6 DHT 网络引导节点 +dht-entry-point6=dht.transmissionbt.com:6881 + # 本地节点查找, PT需要禁用, 默认:false bt-enable-lpd=true # 种子交换, PT需要禁用, 默认:true enable-peer-exchange=true # 每个种子限速, 对少种的PT很有用, 默认:50K -#bt-request-peer-speed-limit=50K -# 客户端伪装, PT需要 -# peer-id-prefix=-UT341- +#bt-request-peer-speed-limit=10M +# 客户端伪装, PT需要 -UT341- -TR2770- -TR2940- peer-id-prefix=-TR2770- # user-agent=uTorrent/341(109279400)(30888) +# user agent uTorrent/341(109279400)(30888) user-agent=Transmission/2.77 +# user-agent=Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4160.0 Safari/537.36 Edg/85.0.537.0 +# BT 客户端伪装 +# PT 下载需要保持 user-agent 和 peer-agent 两个参数一致 +# 部分 PT 站对 Aria2 有特殊封禁机制,客户端伪装不一定有效,且有封禁账号的风险。 +#user-agent=qBittorrent/4.2.5 +#peer-agent=qBittorrent/4.2.5 +peer-agent=Transmission/2.94 # 当种子的分享率达到这个数时, 自动停止做种, 0为一直做种, 默认:1.0 seed-ratio=1.0 -# 强制保存会话, 话即使任务已经完成, 默认:false -# 较新的版本开启后会在任务完成后依然保留.aria2文件 -#force-save=false # BT校验相关, 默认:true -#bt-hash-check-seed=true -# 继续之前的BT任务时, 无需再次校验, 默认:false -bt-seed-unverified=true -# 保存磁力链接元数据为种子文件(.torrent文件), 默认:false -#bt-save-metadata=false -#仅下载种子文件 -bt-metadata-only=true +bt-hash-check-seed=false +# 仅下载种子文件 +bt-metadata-only=false #通过网上的种子文件下载,种子保存在内存 https://github.com/ngosang/trackerslist follow-torrent=true -bt-tracker=udp://tracker.leechers-paradise.org:6969/announce,udp://tracker.opentrackr.org:1337/announce,udp://9.rarbg.to:2710/announce,udp://9.rarbg.me:2710/announce,udp://exodus.desync.com:6969/announce,udp://retracker.lanta-net.ru:2710/announce,udp://tracker.tiny-vps.com:6969/announce,udp://open.demonii.si:1337/announce,udp://tracker.torrent.eu.org:451/announce,udp://torrentclub.tech:6969/announce,udp://open.stealth.si:80/announce,udp://denis.stalker.upeer.me:6969/announce,udp://tracker.cyberia.is:6969/announce,udp://tracker.moeking.me:6969/announce,udp://ipv4.tracker.harry.lu:80/announce,udp://tracker.openbittorrent.com:80/announce,udp://tracker3.itzmx.com:6961/announce,udp://explodie.org:6969/announce,udp://valakas.rollo.dnsabr.com:2710/announce -# aria2c --conf-path=/etc/aria2c/aria2c.conf -D \ No newline at end of file +# BT tracker 服务器连接超时时间(秒)。默认:60 +# 建立连接后,此选项无效,将使用 bt-tracker-timeout 选项的值 +bt-tracker-connect-timeout=10 +# BT tracker 服务器超时时间(秒)。默认:60 +bt-tracker-timeout=10 +# follow-torrent=mem +bt-tracker=http://1337.abcvg.info:80/announce,http://157.7.202.64:8080/announce,http://158.69.146.212:7777/announce,http://173.254.204.71:1096/announce,http://178.175.143.27:80/announce,http://178.33.73.26:2710/announce,http://182.176.139.129:6969/announce,http://185.5.97.139:8089/announce,http://185.83.215.123:6969/announce,http://188.165.253.109:1337/announce,http://194.106.216.222:80/announce,http://195.123.209.37:1337/announce,http://210.244.71.25:6969/announce,http://210.244.71.26:6969/announce,http://213.163.67.56:1337/announce,http://37.19.5.139:6969/announce,http://37.19.5.155:6881/announce,http://46.4.109.148:6969/announce,http://5.79.249.77:6969/announce,http://5.79.83.193:2710/announce,http://51.254.244.161:6969/announce,http://59.36.96.77:6969/announce,http://5rt.tace.ru:60889/announce,http://62.210.202.61:80/announce,http://74.82.52.209:6969/announce,http://78.30.254.12:2710/announce,http://80.246.243.18:6969/announce,http://81.200.2.231:80/announce,http://85.17.19.180:80/announce,http://87.110.238.140:6969/announce,http://87.248.186.252:8080/announce,http://87.253.152.137:80/announce,http://91.216.110.47:80/announce,http://91.217.91.21:3218/announce,http://91.218.230.81:6969/announce,http://93.92.64.5:80/announce,http://95.211.168.204:2710/announce,http://[2001:1b10:1000:8101:0:242:ac11:2]:6969/announce,http://[2001:470:1:189:0:1:2:3]:6969/announce,http://[2a04:ac00:1:3dd8::1:2710]:2710/announce,http://aaa.army:8866/announce,http://agusiq-torrents.pl:6969/announce,http://asnet.pw:2710/announce,http://atrack.pow7.com:80/announce,http://bobbialbano.com:6969/announce,http://bt.3kb.xyz:80/announce,http://bt.okmp3.ru:2710/announce,http://bt.pusacg.org:8080/announce,http://explodie.org:6969/announce,http://fxtt.ru:80/announce,http://h4.trakx.nibba.trade:80/announce,http://mail2.zelenaya.net:80/announce,http://milanesitracker.tekcities.com:80/announce,http://ns349743.ip-91-121-106.eu:80/announce,http://open.acgnxtracker.com:80/announce,http://open.acgtracker.com:1096/announce,http://open.lolicon.eu:7777/announce,http://open.touki.ru:80/announce.php,http://opentracker.i2p.rocks:6969/announce,http://p4p.arenabg.ch:1337/announce,http://p4p.arenabg.com:1337/announce,http://pow7.com:80/announce,http://pt.lax.mx:80/announce,http://retracker.bashtel.ru:80/announce,http://retracker.gorcomnet.ru:80/announce,http://retracker.hotplug.ru:2710/announce,http://retracker.krs-ix.ru:80/announce,http://retracker.mgts.by:80/announce,http://retracker.sevstar.net:2710/announce,http://retracker.spark-rostov.ru:80/announce,http://retracker.telecom.by:80/announce,http://rt.tace.ru:80/announce,http://secure.pow7.com:80/announce,http://share.camoe.cn:8080/announce,http://siambit.org:80/announce.php,http://t.acg.rip:6699/announce,http://t.nyaatracker.com:80/announce,http://t.overflow.biz:6969/announce,http://t1.pow7.com:80/announce,http://t2.pow7.com:80/announce,http://thetracker.org:80/announce,http://torrentclub.online:54123/announce,http://torrentsmd.com:8080/announce,http://torrentsmd.eu:8080/announce,http://torrenttracker.nwc.acsalaska.net:6969/announce,http://tr.cili001.com:8070/announce,http://tr.kxmp.cf:80/announce,http://tracker-cdn.moeking.me:2095/announce,http://tracker.aletorrenty.pl:2710/announce,http://tracker.anonwebz.xyz:8080/announce,http://tracker.birkenwald.de:6969/announce,http://tracker.bittor.pw:1337/announce,http://tracker.bittorrent.am:80/announce,http://tracker.bt4g.com:2095/announce,http://tracker.bz:80/announce,http://tracker.city9x.com:2710/announce,http://tracker.devil-torrents.pl:80/announce,http://tracker.dler.org:6969/announce,http://tracker.dutchtracking.nl:80/announce,http://tracker.edoardocolombo.eu:6969/announce,http://tracker.electro-torrent.pl:80/announce,http://tracker.ex.ua:80/announce,http://tracker.files.fm:6969/announce,http://tracker.flashtorrents.org:6969/announce,http://tracker.gbitt.info:80/announce,http://tracker.grepler.com:6969/announce,http://tracker.ipv6tracker.ru:80/announce,http://tracker.kuroy.me:5944/announce,http://tracker.lelux.fi:80/announce,http://tracker.mg64.net:6881/announce,http://tracker.moeking.me:6969/announce,http://tracker.noobsubs.net:80/announce,http://tracker.opentrackr.org:1337/announce,http://tracker.sakurato.xyz:23333/announce,http://tracker.skyts.net:6969/announce,http://tracker.sloppyta.co:80/announce,http://tracker.tfile.co:80/announce,http://tracker.tfile.me:80/announce,http://tracker.tiny-vps.com:6969/announce,http://tracker.torrentyorg.pl:80/announce,http://tracker.trackerfix.com:80/announce,http://tracker.tvunderground.org.ru:3218/announce,http://tracker.uw0.xyz:6969/announce,http://tracker.vraphim.com:6969/announce,http://tracker.yoshi210.com:6969/announce,http://tracker.zerobytes.xyz:1337/announce,http://tracker.zum.bi:6969/announce,http://tracker01.loveapp.com:6789/announce,http://tracker1.bt.moack.co.kr:80/announce,http://tracker1.itzmx.com:8080/announce,http://tracker1.wasabii.com.tw:6969/announce,http://tracker2.dler.org:80/announce,http://tracker2.itzmx.com:6961/announce,http://tracker3.itzmx.com:6961/announce,http://tracker4.itzmx.com:2710/announce,http://vpn.flying-datacenter.de:6969/announce,http://vps02.net.orel.ru:80/announce,http://www.loushao.net:8080/announce,http://www.wareztorrent.com:80/announce,https://1337.abcvg.info:443/announce,https://2.tracker.eu.org:443/announce,https://3.tracker.eu.org:443/announce,https://aaa.army:8866/announce,https://open.kickasstracker.com:443/announce,https://opentracker.acgnx.se:443/announce,https://tp.m-team.cc:443/announce.php,https://tr.ready4.icu:443/announce,https://tr.steins-gate.moe:2096/announce,https://tracker.bt-hash.com:443/announce,https://tracker.cyber-hub.net:443/announce,https://tracker.foreverpirates.co:443/announce,https://tracker.gbitt.info:443/announce,https://tracker.imgoingto.icu:443/announce,https://tracker.lelux.fi:443/announce,https://tracker.lilithraws.cf:443/announce,https://tracker.nanoha.org:443/announce,https://tracker.nitrix.me:443/announce,https://tracker.parrotsec.org:443/announce,https://tracker.sloppyta.co:443/announce,https://tracker.tamersunion.org:443/announce,https://trakx.herokuapp.com:443/announce,https://w.wwwww.wtf:443/announce,https://www.wareztorrent.com:443/announce,udp://151.80.120.114:2710/announce,udp://168.235.67.63:6969/announce,udp://178.33.73.26:2710/announce,udp://182.176.139.129:6969/announce,udp://185.5.97.139:8089/announce,udp://185.83.215.123:6969/announce,udp://185.86.149.205:1337/announce,udp://188.165.253.109:1337/announce,udp://191.101.229.236:1337/announce,udp://194.106.216.222:80/announce,udp://195.123.209.37:1337/announce,udp://195.123.209.40:80/announce,udp://208.67.16.113:8000/announce,udp://212.1.226.176:2710/announce,udp://212.47.227.58:6969/announce,udp://213.163.67.56:1337/announce,udp://37.19.5.155:2710/announce,udp://3rt.tace.ru:60889/announce,udp://46.4.109.148:6969/announce,udp://47.ip-51-68-199.eu:6969/announce,udp://5.79.249.77:6969/announce,udp://5.79.83.193:6969/announce,udp://51.254.244.161:6969/announce,udp://52.58.128.163:6969/announce,udp://62.138.0.158:6969/announce,udp://62.212.85.66:2710/announce,udp://6ahddutb1ucc3cp.ru:6969/announce,udp://6rt.tace.ru:80/announce,udp://74.82.52.209:6969/announce,udp://78.30.254.12:2710/announce,udp://85.17.19.180:80/announce,udp://89.234.156.205:80/announce,udp://9.rarbg.com:2710/announce,udp://9.rarbg.me:2710/announce,udp://9.rarbg.me:2780/announce,udp://9.rarbg.to:2710/announce,udp://9.rarbg.to:2730/announce,udp://91.216.110.52:451/announce,udp://91.218.230.81:6969/announce,udp://94.23.183.33:6969/announce,udp://95.211.168.204:2710/announce,udp://[2001:1b10:1000:8101:0:242:ac11:2]:6969/announce,udp://[2001:470:1:189:0:1:2:3]:6969/announce,udp://[2a03:7220:8083:cd00::1]:451/announce,udp://[2a04:ac00:1:3dd8::1:2710]:2710/announce,udp://[2a04:c44:e00:32e0:4cf:6aff:fe00:aa1]:6969/announce,udp://aaa.army:8866/announce,udp://adm.category5.tv:6969/announce,udp://admin.videoenpoche.info:6969/announce,udp://adminion.n-blade.ru:6969/announce,udp://anidex.moe:6969/announce,udp://api.bitumconference.ru:6969/announce,udp://aruacfilmes.com.br:6969/announce,udp://bclearning.top:6969/announce,udp://benouworldtrip.fr:6969/announce,udp://bioquantum.co.za:6969/announce,udp://bitsparadise.info:6969/announce,udp://blokas.io:6969/announce,udp://bms-hosxp.com:6969/announce,udp://bt.firebit.org:2710/announce,udp://bt1.archive.org:6969/announce,udp://bt2.3kb.xyz:6969/announce,udp://bt2.54new.com:8080/announce,udp://bt2.archive.org:6969/announce,udp://bubu.mapfactor.com:6969/announce,udp://camera.lei001.com:6969/announce,udp://cdn-1.gamecoast.org:6969/announce,udp://cdn-2.gamecoast.org:6969/announce,udp://chihaya.toss.li:9696/announce,udp://code2chicken.nl:6969/announce,udp://concen.org:6969/announce,udp://cutiegirl.ru:6969/announce,udp://daveking.com:6969/announce,udp://denis.stalker.upeer.me:6969/announce,udp://discord.heihachi.pw:6969/announce,udp://dpiui.reedlan.com:6969/announce,udp://drumkitx.com:6969/announce,udp://eddie4.nl:6969/announce,udp://edu.uifr.ru:6969/announce,udp://engplus.ru:6969/announce,udp://exodus.desync.com:6969/announce,udp://fe.dealclub.de:6969/announce,udp://forever-tracker.zooki.xyz:6969/announce,udp://free-tracker.zooki.xyz:6969/announce,udp://inferno.demonoid.is:3391/announce,udp://ipv4.tracker.harry.lu:80/announce,udp://ipv6.tracker.harry.lu:80/announce,udp://ipv6.tracker.zerobytes.xyz:16661/announce,udp://johnrosen1.com:6969/announce,udp://kanal-4.de:6969/announce,udp://line-net.ru:6969/announce,udp://ln.mtahost.co:6969/announce,udp://mail.realliferpg.de:6969/announce,udp://mgtracker.org:2710/announce,udp://movies.zsw.ca:6969/announce,udp://mts.tvbit.co:6969/announce,udp://nagios.tks.sumy.ua:80/announce,udp://ns-1.x-fins.com:6969/announce,udp://ns389251.ovh.net:6969/announce,udp://open.demonii.com:1337/announce,udp://open.demonii.si:1337/announce,udp://open.lolicon.eu:7777/announce,udp://open.stealth.si:80/announce,udp://opentor.org:2710/announce,udp://opentracker.i2p.rocks:6969/announce,udp://p4p.arenabg.ch:1337/announce,udp://public-tracker.zooki.xyz:6969/announce,udp://public.popcorn-tracker.org:6969/announce,udp://public.publictracker.xyz:6969/announce,udp://retracker.hotplug.ru:2710/announce,udp://retracker.lanta-net.ru:2710/announce,udp://retracker.netbynet.ru:2710/announce,udp://retracker.nts.su:2710/announce,udp://retracker.sevstar.net:2710/announce,udp://sd-161673.dedibox.fr:6969/announce,udp://shadowshq.eddie4.nl:6969/announce,udp://shadowshq.yi.org:6969/announce,udp://storage.groupees.com:6969/announce,udp://t1.leech.ie:1337/announce,udp://t2.leech.ie:1337/announce,udp://t3.leech.ie:1337/announce,udp://teamspeak.value-wolf.org:6969/announce,udp://thetracker.org:80/announce,udp://torrent.tdjs.tech:6969/announce,udp://torrentclub.online:54123/announce,udp://tr.bangumi.moe:6969/announce,udp://tr.cili001.com:8070/announce,udp://tr2.ysagin.top:2710/announce,udp://tracker-udp.gbitt.info:80/announce,udp://tracker-v6.zooki.xyz:6969/announce,udp://tracker.0x.tf:6969/announce,udp://tracker.aletorrenty.pl:2710/announce,udp://tracker.altrosky.nl:6969/announce,udp://tracker.army:6969/announce,udp://tracker.beeimg.com:6969/announce,udp://tracker.birkenwald.de:6969/announce,udp://tracker.bittor.pw:1337/announce,udp://tracker.coppersurfer.tk:6969/announce,udp://tracker.cyberia.is:6969/announce,udp://tracker.dler.org:6969/announce,udp://tracker.ds.is:6969/announce,udp://tracker.e-utp.net:6969/announce,udp://tracker.eddie4.nl:6969/announce,udp://tracker.ex.ua:80/announce,udp://tracker.filemail.com:6969/announce,udp://tracker.flashtorrents.org:6969/announce,udp://tracker.fortu.io:6969/announce,udp://tracker.grepler.com:6969/announce,udp://tracker.kali.org:6969/announce,udp://tracker.kuroy.me:5944/announce,udp://tracker.leechers-paradise.org:6969/announce,udp://tracker.lelux.fi:6969/announce,udp://tracker.moeking.me:6969/announce,udp://tracker.open-internet.nl:6969/announce,udp://tracker.opentrackr.org:1337/announce,udp://tracker.piratepublic.com:1337/announce,udp://tracker.publictracker.xyz:6969/announce,udp://tracker.shkinev.me:6969/announce,udp://tracker.sigterm.xyz:6969/announce,udp://tracker.skyts.net:6969/announce,udp://tracker.swateam.org.uk:2710/announce,udp://tracker.tiny-vps.com:6969/announce,udp://tracker.torrent.eu.org:451/announce,udp://tracker.tvunderground.org.ru:3218/announce,udp://tracker.uw0.xyz:6969/announce,udp://tracker.v6speed.org:6969/announce,udp://tracker.yoshi210.com:6969/announce,udp://tracker.zemoj.com:6969/announce,udp://tracker.zerobytes.xyz:1337/announce,udp://tracker.zum.bi:6969/announce,udp://tracker0.ufibox.com:6969/announce,udp://tracker1.bt.moack.co.kr:80/announce,udp://tracker1.itzmx.com:8080/announce,udp://tracker2.christianbro.pw:6969/announce,udp://tracker2.dler.org:80/announce,udp://tracker2.indowebster.com:6969/announce,udp://tracker2.itzmx.com:6961/announce,udp://tracker3.itzmx.com:6961/announce,udp://tracker4.itzmx.com:2710/announce,udp://u.wwwww.wtf:1/announce,udp://udp-tracker.shittyurl.org:6969/announce,udp://us-tracker.publictracker.xyz:6969/announce,udp://valakas.rollo.dnsabr.com:2710/announce,udp://vibe.community:6969/announce,udp://wassermann.online:6969/announce,udp://www.loushao.net:8080/announce,udp://z.mercax.com:53/announce,udp://zephir.monocul.us:6969/announce,udp://zer0day.ch:1337/announce,udp://zer0day.to:1337/announce,udp://9.rarbg.com:2710/announce,udp://tracker.skyts.net:6969/announce,udp://tracker.safe.moe:6969/announce,udp://tracker.piratepublic.com:1337/announce,udp://tracker.pirateparty.gr:6969/announce,udp://tracker.coppersurfer.tk:6969/announce,udp://tracker.leechers-paradise.org:6969/announce,udp://allesanddro.de:1337/announce,udp://p4p.arenabg.com:1337/announce,udp://tracker.opentrackr.org:1337/announce,udp://public.popcorn-tracker.org:6969/announce,udp://wambo.club:1337/announce,udp://trackerxyz.tk:1337/announce,udp://tracker4.itzmx.com:2710/announce,udp://tracker2.christianbro.pw:6969/announce,udp://tracker1.xku.tv:6969/announce,udp://tracker1.wasabii.com.tw:6969/announce,udp://tracker.zer0day.to:1337/announce + +## 执行额外命令 ## + +# 下载停止后执行的命令 +# 从 正在下载 到 删除、错误、完成 时触发。暂停被标记为未开始下载,故与此项无关。 +#on-download-stop=/root/.aria2/delete.sh + +# 下载完成后执行的命令 +# 此项未定义则执行 下载停止后执行的命令 (on-download-stop) +#on-download-complete=/root/.aria2/clean.sh + +# 下载错误后执行的命令 +# 此项未定义则执行 下载停止后执行的命令 (on-download-stop) +#on-download-error= + +# 下载暂停后执行的命令 +#on-download-pause= + +# 下载开始后执行的命令 +#on-download-start= + +# BT 下载完成后执行的命令 +#on-bt-download-complete= + +# sudo -Hu www aria2c --conf-path=/etc/aria2c/aria2c.conf -D diff --git a/images/aria2/conf/aria2c.session b/images/aria2/conf/aria2c.session new file mode 100644 index 00000000..e69de29b diff --git a/images/aria2/conf/aria2c.torrents.conf b/images/aria2/conf/aria2c.torrents.conf new file mode 100755 index 00000000..7def83a0 --- /dev/null +++ b/images/aria2/conf/aria2c.torrents.conf @@ -0,0 +1,252 @@ +## 文件保存相关 ## + +# 文件保存目录 +dir=/mnt/data/Downloads/torrents + +# 启用磁盘缓存, 0为禁用缓存, 需1.16以上版本, 默认:16M +disk-cache=32M + +# 文件预分配方式, 能有效降低磁盘碎片, 默认:prealloc +# 预分配所需时间: none < falloc ? trunc < prealloc +# falloc和trunc则需要文件系统和内核支持 +# NTFS建议使用falloc, EXT3/4建议trunc, MAC 下需要注释此项 +# 文件预分配方式, 可选:none, prealloc, trunc, falloc, 默认:prealloc +# 预分配对于机械硬盘可有效降低磁盘碎片、提升磁盘读写性能、延长磁盘寿命。 +# 机械硬盘使用 ext4(具有扩展支持),btrfs,xfs 或 NTFS(仅 MinGW 编译版本)等文件系统建议设置为 falloc +# 若无法下载,提示 fallocate failed.cause:Operation not supported 则说明不支持,请设置为 none +# prealloc 分配速度慢, trunc 无实际作用,不推荐使用。 +# 固态硬盘不需要预分配,只建议设置为 none ,否则可能会导致双倍文件大小的数据写入,从而影响寿命。 +file-allocation=none +# 文件预分配大小限制。小于此选项值大小的文件不预分配空间,单位 K 或 M,默认:5M +no-file-allocation-limit=64M + +## 下载连接相关 ## +# 断点续传 +continue=true +# 始终尝试断点续传,无法断点续传则终止下载,默认:true +always-resume=false +# 文件未找到重试次数,默认:0 (禁用) +# 重试时同时会记录重试次数,所以也需要设置 max-tries 这个选项 +max-file-not-found=10 +# 最大同时下载任务数, 运行时可修改, 默认:5 +max-concurrent-downloads=64 +# 同一服务器连接数, 添加时可指定, 默认:1 +# 官方的aria2最高设置为16, 如果需要设置任意数值请重新编译aria2 +max-connection-per-server=16 +# 整体下载速度限制, 运行时可修改, 默认:0(不限制) +#max-overall-download-limit=0 +# 单个任务下载速度限制, 默认:0(不限制) +#max-download-limit=0 +# 禁用IPv6, 默认:false +# disable-ipv6=true +# 禁用https证书检查 +check-certificate=false +# 整体上传速度限制, 运行时可修改, 默认:0 +# 设置过低可能影响 BT 下载速度 +max-overall-upload-limit=0 +# 单个任务上传速度限制, 默认:0 +max-upload-limit=0 +# 连接超时时间, 默认:60 +timeout=10 +# 连接超时时间(秒)。默认:60 +connect-timeout=10 +# 最大重试次数, 设置为0表示不限制重试次数, 默认:5 +max-tries=5 +# 设置重试等待的秒数, 默认:0 +retry-wait=3 +# 最小文件分片大小, 添加时可指定, 取值范围1M -1024M, 默认:20M +# 假定size=10M, 文件为20MiB 则使用两个来源下载; 文件为15MiB 则使用一个来源下载 +min-split-size=5M +# HTTP/FTP 下载分片大小,所有分割都必须是此项值的倍数,最小值为 1M (增强版为 1K),默认:1M +piece-length=1M +# 允许分片大小变化。默认:false +# false:当分片大小与控制文件中的不同时将会中止下载 +# true:丢失部分下载进度继续下载 +allow-piece-length-change=true +# 单个任务最大线程数, 添加时可指定, 默认:5 +# 建议同max-connection-per-server设置为相同值 +split=64 +# GZip 支持,默认:false +http-accept-gzip=true +# URI 复用,默认: true +reuse-uri=false +# 禁用 netrc 支持,默认:false +no-netrc=true +# 允许覆盖,当相关控制文件(.aria2)不存在时从头开始重新下载。默认:false +allow-overwrite=true +# 文件自动重命名,此选项仅在 HTTP(S)/FTP 下载中有效。新文件名在名称之后扩展名之前加上一个点和一个数字(1..9999)。默认:true +auto-file-renaming=true + +# 使用 UTF-8 处理 Content-Disposition ,默认:false +content-disposition-default-utf8=true + +## 进度保存相关 ## + +# 从会话文件中读取下载任务 +input-file=/mnt/data/app/aria2c/aria2c.torrents.session +# 在Aria2退出时保存错误的、未完成的下载任务到会话文件 +save-session=/mnt/data/app/aria2c/aria2c.torrents.session +# 定时保存会话, 0为退出时才保存, 需1.16.1以上版本, 默认:0 +save-session-interval=60 +# 自动保存任务进度的间隔时间(秒),0 为进程正常退出时保存,默认:60 +auto-save-interval=1 +# 强制保存,即使任务已完成也保存信息到会话文件, 默认:false +# 开启后会在任务完成后保留 .aria2 文件,文件被移除且任务存在的情况下重启后会重新下载。 +# 关闭后已完成的任务列表会在重启后清空。 +force-save=false + +## RPC相关设置 ## + +# 启用RPC, 默认:false +enable-rpc=true +# 允许所有来源, 默认:false +rpc-allow-origin-all=true +# 允许外部访问, 默认:false +rpc-listen-all=true +# RPC端口, 仅当默认端口被占用时修改 +rpc-listen-port=6801 +# 设置的RPC授权令牌, v1.18.4新增功能, 取代 --rpc-user 和 --rpc-passwd 选项 +rpc-secret=xiaoke +# 启动SSL +# rpc-secure=true +# 证书文件, 如果启用SSL则需要配置证书文件, 例如用https连接aria2 +# rpc-certificate= +# rpc-private-key= +# 保存通过 WebUI(RPC) 上传的种子文件(.torrent),默认:true +# 所有涉及种子文件保存的选项都建议开启,不保存种子文件有任务丢失的风险。 +# 通过 RPC 自定义临时下载目录可能不会保存种子文件。 +rpc-save-upload-metadata=true +# RPC 最大请求大小 +rpc-max-request-size=10M + +## BT/PT下载相关 ## + +# 当下载的是一个种子(以.torrent结尾)时, 自动开始BT任务, 默认:true +# 下载种子文件(.torrent)自动开始下载, 默认:true,可选:false|mem +# true:保存种子文件 +# false:仅下载种子文件 +# mem:将种子保存在内存中 +follow-torrent=false +# 强制保存会话, 即使任务已经完成, 默认:false +# 较新的版本开启后会在任务完成后依然保留.aria2文件 +#force-save=false +# 继续之前的BT任务时, 无需再次校验, 默认:false +bt-seed-unverified=true +# 保存磁力链接元数据为种子文件(.torrent文件), 默认:false +bt-save-metadata=true +# 加载已保存的元数据文件(.torrent),默认:false +bt-load-saved-metadata=true +# 单个种子最大连接数, 默认:55 0表示不限制 +bt-max-peers=0 +# 最小做种时间, 单位:分 +# seed-time = 60 +# 分离做种任务 +bt-detach-seed-only=true +# BT监听端口, 当端口被屏蔽时使用, 默认:6881-6999 +listen-port=7881-7998 +# Try to download first and last pieces of each file first. This is useful for previewing files. +bt-prioritize-piece=head +# 删除 BT 下载任务中未选择文件,默认:false +bt-remove-unselected-file=true +# BT加密需求,默认:false +# 启用后拒绝与旧的 BitTorrent 握手协议(\19BitTorrent protocol)建立连接,始终使用混淆处理握手。 +#bt-require-crypto=true + +# BT最低加密等级,可选:plain(明文),arc4(加密),默认:plain +#bt-min-crypto-level=arc4 +# BT强制加密, 默认: false +# 启用后将拒绝旧的 BT 握手协议并仅使用混淆握手及加密。可以解决部分运营商对 BT 下载的封锁,且有一定的防版权投诉与迅雷吸血效果。 +# 此选项相当于后面两个选项(bt-require-crypto=true, bt-min-crypto-level=arc4)的快捷开启方式,但不会修改这两个选项的值。 +bt-force-encryption=false +# 打开DHT功能, PT需要禁用, 默认:true +enable-dht=true +# 打开IPv6 DHT功能, PT需要禁用 +enable-dht6=true + +# DHT网络监听端口, 默认:6881-6999 +dht-listen-port=7881-7999 +# DHT(IPv4)文件 +dht-file-path=/mnt/data/app/aria2c/dht.dat +# DHT(IPv6)文件 +dht-file-path6=/mnt/data/app/aria2c/dht6.dat +# IPv4 DHT 网络引导节点 +dht-entry-point=dht.transmissionbt.com:6881 +# IPv6 DHT 网络引导节点 +dht-entry-point6=dht.transmissionbt.com:6881 + +# 本地节点查找, PT需要禁用, 默认:false +bt-enable-lpd=true +# 种子交换, PT需要禁用, 默认:true +enable-peer-exchange=true +# 每个种子限速, 对少种的PT很有用, 默认:50K +# bt-request-peer-speed-limit=10M +# 客户端伪装, PT需要 -UT341- -TR2770- -TR2940- +peer-id-prefix=-TR2770- +# user-agent=uTorrent/341(109279400)(30888) +user-agent=Transmission/2.77 +# user-agent=Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4160.0 Safari/537.36 Edg/85.0.537.0 + +# BT 客户端伪装 +# PT 下载需要保持 user-agent 和 peer-agent 两个参数一致 +# 部分 PT 站对 Aria2 有特殊封禁机制,客户端伪装不一定有效,且有封禁账号的风险。 +#user-agent=qBittorrent/4.2.5 +#peer-agent=qBittorrent/4.2.5 +peer-agent=Transmission/2.94 + +## 日志设置 ## + +# 日志文件保存路径,忽略或设置为空为不保存,默认:不保存 +log=/mnt/data/app/aria2c/aria2c.log + +# 日志级别,可选 debug, info, notice, warn, error 。默认:debug +log-level=notice + +# 控制台日志级别,可选 debug, info, notice, warn, error ,默认:notice +console-log-level=notice + +# 安静模式,禁止在控制台输出日志,默认:false +quiet=false + +# 当种子的分享率达到这个数时, 自动停止做种, 0为一直做种, 默认:1.0 +# 强烈建议您将此选项设置为大于等于 1.0 +seed-ratio=1.0 +# 强制保存会话, 话即使任务已经完成, 默认:false +# 较新的版本开启后会在任务完成后依然保留.aria2文件 +#force-save=false +# BT校验相关, 默认:true +bt-hash-check-seed=false +#仅下载种子文件 +bt-metadata-only=true +# BT tracker 服务器超时时间(秒)。默认:60 +bt-tracker-timeout=10 +# BT tracker 服务器连接超时时间(秒)。默认:60 +# 建立连接后,此选项无效,将使用 bt-tracker-timeout 选项的值 +bt-tracker-connect-timeout=10 + + +## 执行额外命令 ## + +# 下载停止后执行的命令 +# 从 正在下载 到 删除、错误、完成 时触发。暂停被标记为未开始下载,故与此项无关。 +#on-download-stop=/root/.aria2/delete.sh + +# 下载完成后执行的命令 +# 此项未定义则执行 下载停止后执行的命令 (on-download-stop) +#on-download-complete=/root/.aria2/clean.sh + +# 下载错误后执行的命令 +# 此项未定义则执行 下载停止后执行的命令 (on-download-stop) +#on-download-error= + +# 下载暂停后执行的命令 +#on-download-pause= + +# 下载开始后执行的命令 +#on-download-start= + +# BT 下载完成后执行的命令 +#on-bt-download-complete= + +#通过网上的种子文件下载,种子保存在内存 https://github.com/ngosang/trackerslist + +bt-tracker=http://1337.abcvg.info:80/announce,http://157.7.202.64:8080/announce,http://158.69.146.212:7777/announce,http://173.254.204.71:1096/announce,http://178.175.143.27:80/announce,http://178.33.73.26:2710/announce,http://182.176.139.129:6969/announce,http://185.5.97.139:8089/announce,http://185.83.215.123:6969/announce,http://188.165.253.109:1337/announce,http://194.106.216.222:80/announce,http://195.123.209.37:1337/announce,http://210.244.71.25:6969/announce,http://210.244.71.26:6969/announce,http://213.163.67.56:1337/announce,http://37.19.5.139:6969/announce,http://37.19.5.155:6881/announce,http://46.4.109.148:6969/announce,http://5.79.249.77:6969/announce,http://5.79.83.193:2710/announce,http://51.254.244.161:6969/announce,http://59.36.96.77:6969/announce,http://5rt.tace.ru:60889/announce,http://62.210.202.61:80/announce,http://74.82.52.209:6969/announce,http://78.30.254.12:2710/announce,http://80.246.243.18:6969/announce,http://81.200.2.231:80/announce,http://85.17.19.180:80/announce,http://87.110.238.140:6969/announce,http://87.248.186.252:8080/announce,http://87.253.152.137:80/announce,http://91.216.110.47:80/announce,http://91.217.91.21:3218/announce,http://91.218.230.81:6969/announce,http://93.92.64.5:80/announce,http://95.211.168.204:2710/announce,http://[2001:1b10:1000:8101:0:242:ac11:2]:6969/announce,http://[2001:470:1:189:0:1:2:3]:6969/announce,http://[2a04:ac00:1:3dd8::1:2710]:2710/announce,http://aaa.army:8866/announce,http://agusiq-torrents.pl:6969/announce,http://asnet.pw:2710/announce,http://atrack.pow7.com:80/announce,http://bobbialbano.com:6969/announce,http://bt.3kb.xyz:80/announce,http://bt.okmp3.ru:2710/announce,http://bt.pusacg.org:8080/announce,http://explodie.org:6969/announce,http://fxtt.ru:80/announce,http://h4.trakx.nibba.trade:80/announce,http://mail2.zelenaya.net:80/announce,http://milanesitracker.tekcities.com:80/announce,http://ns349743.ip-91-121-106.eu:80/announce,http://open.acgnxtracker.com:80/announce,http://open.acgtracker.com:1096/announce,http://open.lolicon.eu:7777/announce,http://open.touki.ru:80/announce.php,http://opentracker.i2p.rocks:6969/announce,http://p4p.arenabg.ch:1337/announce,http://p4p.arenabg.com:1337/announce,http://pow7.com:80/announce,http://pt.lax.mx:80/announce,http://retracker.bashtel.ru:80/announce,http://retracker.gorcomnet.ru:80/announce,http://retracker.hotplug.ru:2710/announce,http://retracker.krs-ix.ru:80/announce,http://retracker.mgts.by:80/announce,http://retracker.sevstar.net:2710/announce,http://retracker.spark-rostov.ru:80/announce,http://retracker.telecom.by:80/announce,http://rt.tace.ru:80/announce,http://secure.pow7.com:80/announce,http://share.camoe.cn:8080/announce,http://siambit.org:80/announce.php,http://t.acg.rip:6699/announce,http://t.nyaatracker.com:80/announce,http://t.overflow.biz:6969/announce,http://t1.pow7.com:80/announce,http://t2.pow7.com:80/announce,http://thetracker.org:80/announce,http://torrentclub.online:54123/announce,http://torrentsmd.com:8080/announce,http://torrentsmd.eu:8080/announce,http://torrenttracker.nwc.acsalaska.net:6969/announce,http://tr.cili001.com:8070/announce,http://tr.kxmp.cf:80/announce,http://tracker-cdn.moeking.me:2095/announce,http://tracker.aletorrenty.pl:2710/announce,http://tracker.anonwebz.xyz:8080/announce,http://tracker.birkenwald.de:6969/announce,http://tracker.bittor.pw:1337/announce,http://tracker.bittorrent.am:80/announce,http://tracker.bt4g.com:2095/announce,http://tracker.bz:80/announce,http://tracker.city9x.com:2710/announce,http://tracker.devil-torrents.pl:80/announce,http://tracker.dler.org:6969/announce,http://tracker.dutchtracking.nl:80/announce,http://tracker.edoardocolombo.eu:6969/announce,http://tracker.electro-torrent.pl:80/announce,http://tracker.ex.ua:80/announce,http://tracker.files.fm:6969/announce,http://tracker.flashtorrents.org:6969/announce,http://tracker.gbitt.info:80/announce,http://tracker.grepler.com:6969/announce,http://tracker.ipv6tracker.ru:80/announce,http://tracker.kuroy.me:5944/announce,http://tracker.lelux.fi:80/announce,http://tracker.mg64.net:6881/announce,http://tracker.moeking.me:6969/announce,http://tracker.noobsubs.net:80/announce,http://tracker.opentrackr.org:1337/announce,http://tracker.sakurato.xyz:23333/announce,http://tracker.skyts.net:6969/announce,http://tracker.sloppyta.co:80/announce,http://tracker.tfile.co:80/announce,http://tracker.tfile.me:80/announce,http://tracker.tiny-vps.com:6969/announce,http://tracker.torrentyorg.pl:80/announce,http://tracker.trackerfix.com:80/announce,http://tracker.tvunderground.org.ru:3218/announce,http://tracker.uw0.xyz:6969/announce,http://tracker.vraphim.com:6969/announce,http://tracker.yoshi210.com:6969/announce,http://tracker.zerobytes.xyz:1337/announce,http://tracker.zum.bi:6969/announce,http://tracker01.loveapp.com:6789/announce,http://tracker1.bt.moack.co.kr:80/announce,http://tracker1.itzmx.com:8080/announce,http://tracker1.wasabii.com.tw:6969/announce,http://tracker2.dler.org:80/announce,http://tracker2.itzmx.com:6961/announce,http://tracker3.itzmx.com:6961/announce,http://tracker4.itzmx.com:2710/announce,http://vpn.flying-datacenter.de:6969/announce,http://vps02.net.orel.ru:80/announce,http://www.loushao.net:8080/announce,http://www.wareztorrent.com:80/announce,https://1337.abcvg.info:443/announce,https://2.tracker.eu.org:443/announce,https://3.tracker.eu.org:443/announce,https://aaa.army:8866/announce,https://open.kickasstracker.com:443/announce,https://opentracker.acgnx.se:443/announce,https://tp.m-team.cc:443/announce.php,https://tr.ready4.icu:443/announce,https://tr.steins-gate.moe:2096/announce,https://tracker.bt-hash.com:443/announce,https://tracker.cyber-hub.net:443/announce,https://tracker.foreverpirates.co:443/announce,https://tracker.gbitt.info:443/announce,https://tracker.imgoingto.icu:443/announce,https://tracker.lelux.fi:443/announce,https://tracker.lilithraws.cf:443/announce,https://tracker.nanoha.org:443/announce,https://tracker.nitrix.me:443/announce,https://tracker.parrotsec.org:443/announce,https://tracker.sloppyta.co:443/announce,https://tracker.tamersunion.org:443/announce,https://trakx.herokuapp.com:443/announce,https://w.wwwww.wtf:443/announce,https://www.wareztorrent.com:443/announce,udp://151.80.120.114:2710/announce,udp://168.235.67.63:6969/announce,udp://178.33.73.26:2710/announce,udp://182.176.139.129:6969/announce,udp://185.5.97.139:8089/announce,udp://185.83.215.123:6969/announce,udp://185.86.149.205:1337/announce,udp://188.165.253.109:1337/announce,udp://191.101.229.236:1337/announce,udp://194.106.216.222:80/announce,udp://195.123.209.37:1337/announce,udp://195.123.209.40:80/announce,udp://208.67.16.113:8000/announce,udp://212.1.226.176:2710/announce,udp://212.47.227.58:6969/announce,udp://213.163.67.56:1337/announce,udp://37.19.5.155:2710/announce,udp://3rt.tace.ru:60889/announce,udp://46.4.109.148:6969/announce,udp://47.ip-51-68-199.eu:6969/announce,udp://5.79.249.77:6969/announce,udp://5.79.83.193:6969/announce,udp://51.254.244.161:6969/announce,udp://52.58.128.163:6969/announce,udp://62.138.0.158:6969/announce,udp://62.212.85.66:2710/announce,udp://6ahddutb1ucc3cp.ru:6969/announce,udp://6rt.tace.ru:80/announce,udp://74.82.52.209:6969/announce,udp://78.30.254.12:2710/announce,udp://85.17.19.180:80/announce,udp://89.234.156.205:80/announce,udp://9.rarbg.com:2710/announce,udp://9.rarbg.me:2710/announce,udp://9.rarbg.me:2780/announce,udp://9.rarbg.to:2710/announce,udp://9.rarbg.to:2730/announce,udp://91.216.110.52:451/announce,udp://91.218.230.81:6969/announce,udp://94.23.183.33:6969/announce,udp://95.211.168.204:2710/announce,udp://[2001:1b10:1000:8101:0:242:ac11:2]:6969/announce,udp://[2001:470:1:189:0:1:2:3]:6969/announce,udp://[2a03:7220:8083:cd00::1]:451/announce,udp://[2a04:ac00:1:3dd8::1:2710]:2710/announce,udp://[2a04:c44:e00:32e0:4cf:6aff:fe00:aa1]:6969/announce,udp://aaa.army:8866/announce,udp://adm.category5.tv:6969/announce,udp://admin.videoenpoche.info:6969/announce,udp://adminion.n-blade.ru:6969/announce,udp://anidex.moe:6969/announce,udp://api.bitumconference.ru:6969/announce,udp://aruacfilmes.com.br:6969/announce,udp://bclearning.top:6969/announce,udp://benouworldtrip.fr:6969/announce,udp://bioquantum.co.za:6969/announce,udp://bitsparadise.info:6969/announce,udp://blokas.io:6969/announce,udp://bms-hosxp.com:6969/announce,udp://bt.firebit.org:2710/announce,udp://bt1.archive.org:6969/announce,udp://bt2.3kb.xyz:6969/announce,udp://bt2.54new.com:8080/announce,udp://bt2.archive.org:6969/announce,udp://bubu.mapfactor.com:6969/announce,udp://camera.lei001.com:6969/announce,udp://cdn-1.gamecoast.org:6969/announce,udp://cdn-2.gamecoast.org:6969/announce,udp://chihaya.toss.li:9696/announce,udp://code2chicken.nl:6969/announce,udp://concen.org:6969/announce,udp://cutiegirl.ru:6969/announce,udp://daveking.com:6969/announce,udp://denis.stalker.upeer.me:6969/announce,udp://discord.heihachi.pw:6969/announce,udp://dpiui.reedlan.com:6969/announce,udp://drumkitx.com:6969/announce,udp://eddie4.nl:6969/announce,udp://edu.uifr.ru:6969/announce,udp://engplus.ru:6969/announce,udp://exodus.desync.com:6969/announce,udp://fe.dealclub.de:6969/announce,udp://forever-tracker.zooki.xyz:6969/announce,udp://free-tracker.zooki.xyz:6969/announce,udp://inferno.demonoid.is:3391/announce,udp://ipv4.tracker.harry.lu:80/announce,udp://ipv6.tracker.harry.lu:80/announce,udp://ipv6.tracker.zerobytes.xyz:16661/announce,udp://johnrosen1.com:6969/announce,udp://kanal-4.de:6969/announce,udp://line-net.ru:6969/announce,udp://ln.mtahost.co:6969/announce,udp://mail.realliferpg.de:6969/announce,udp://mgtracker.org:2710/announce,udp://movies.zsw.ca:6969/announce,udp://mts.tvbit.co:6969/announce,udp://nagios.tks.sumy.ua:80/announce,udp://ns-1.x-fins.com:6969/announce,udp://ns389251.ovh.net:6969/announce,udp://open.demonii.com:1337/announce,udp://open.demonii.si:1337/announce,udp://open.lolicon.eu:7777/announce,udp://open.stealth.si:80/announce,udp://opentor.org:2710/announce,udp://opentracker.i2p.rocks:6969/announce,udp://p4p.arenabg.ch:1337/announce,udp://public-tracker.zooki.xyz:6969/announce,udp://public.popcorn-tracker.org:6969/announce,udp://public.publictracker.xyz:6969/announce,udp://retracker.hotplug.ru:2710/announce,udp://retracker.lanta-net.ru:2710/announce,udp://retracker.netbynet.ru:2710/announce,udp://retracker.nts.su:2710/announce,udp://retracker.sevstar.net:2710/announce,udp://sd-161673.dedibox.fr:6969/announce,udp://shadowshq.eddie4.nl:6969/announce,udp://shadowshq.yi.org:6969/announce,udp://storage.groupees.com:6969/announce,udp://t1.leech.ie:1337/announce,udp://t2.leech.ie:1337/announce,udp://t3.leech.ie:1337/announce,udp://teamspeak.value-wolf.org:6969/announce,udp://thetracker.org:80/announce,udp://torrent.tdjs.tech:6969/announce,udp://torrentclub.online:54123/announce,udp://tr.bangumi.moe:6969/announce,udp://tr.cili001.com:8070/announce,udp://tr2.ysagin.top:2710/announce,udp://tracker-udp.gbitt.info:80/announce,udp://tracker-v6.zooki.xyz:6969/announce,udp://tracker.0x.tf:6969/announce,udp://tracker.aletorrenty.pl:2710/announce,udp://tracker.altrosky.nl:6969/announce,udp://tracker.army:6969/announce,udp://tracker.beeimg.com:6969/announce,udp://tracker.birkenwald.de:6969/announce,udp://tracker.bittor.pw:1337/announce,udp://tracker.coppersurfer.tk:6969/announce,udp://tracker.cyberia.is:6969/announce,udp://tracker.dler.org:6969/announce,udp://tracker.ds.is:6969/announce,udp://tracker.e-utp.net:6969/announce,udp://tracker.eddie4.nl:6969/announce,udp://tracker.ex.ua:80/announce,udp://tracker.filemail.com:6969/announce,udp://tracker.flashtorrents.org:6969/announce,udp://tracker.fortu.io:6969/announce,udp://tracker.grepler.com:6969/announce,udp://tracker.kali.org:6969/announce,udp://tracker.kuroy.me:5944/announce,udp://tracker.leechers-paradise.org:6969/announce,udp://tracker.lelux.fi:6969/announce,udp://tracker.moeking.me:6969/announce,udp://tracker.open-internet.nl:6969/announce,udp://tracker.opentrackr.org:1337/announce,udp://tracker.piratepublic.com:1337/announce,udp://tracker.publictracker.xyz:6969/announce,udp://tracker.shkinev.me:6969/announce,udp://tracker.sigterm.xyz:6969/announce,udp://tracker.skyts.net:6969/announce,udp://tracker.swateam.org.uk:2710/announce,udp://tracker.tiny-vps.com:6969/announce,udp://tracker.torrent.eu.org:451/announce,udp://tracker.tvunderground.org.ru:3218/announce,udp://tracker.uw0.xyz:6969/announce,udp://tracker.v6speed.org:6969/announce,udp://tracker.yoshi210.com:6969/announce,udp://tracker.zemoj.com:6969/announce,udp://tracker.zerobytes.xyz:1337/announce,udp://tracker.zum.bi:6969/announce,udp://tracker0.ufibox.com:6969/announce,udp://tracker1.bt.moack.co.kr:80/announce,udp://tracker1.itzmx.com:8080/announce,udp://tracker2.christianbro.pw:6969/announce,udp://tracker2.dler.org:80/announce,udp://tracker2.indowebster.com:6969/announce,udp://tracker2.itzmx.com:6961/announce,udp://tracker3.itzmx.com:6961/announce,udp://tracker4.itzmx.com:2710/announce,udp://u.wwwww.wtf:1/announce,udp://udp-tracker.shittyurl.org:6969/announce,udp://us-tracker.publictracker.xyz:6969/announce,udp://valakas.rollo.dnsabr.com:2710/announce,udp://vibe.community:6969/announce,udp://wassermann.online:6969/announce,udp://www.loushao.net:8080/announce,udp://z.mercax.com:53/announce,udp://zephir.monocul.us:6969/announce,udp://zer0day.ch:1337/announce,udp://zer0day.to:1337/announce diff --git a/images/aria2/conf/build.sh b/images/aria2/conf/build.sh new file mode 100755 index 00000000..bd2ac92e --- /dev/null +++ b/images/aria2/conf/build.sh @@ -0,0 +1,101 @@ +#!/usr/bin/env bash + + +USER='www' +VERSION=$(bin/aria2c -v | grep 'aria2 version' | awk -F ' ' '{print $3}') +CONF=`pwd`/aria2c.conf + +# 检查环境 不足则补充 +env() +{ + BIT=$(getconf LONG_BIT) + USER_EXIST=$(grep '^www:' /etc/passwd) # 为空则不存在 + if [[ -z ${USER_EXIST} ]]; then + useradd ${USER} + fi +} + + +clear_env() +{ + if [[ -z $(command -v sudo) ]]; then + echo ' command sudo not found' + fi + + if [[ -z $(command -v curl) ]]; then + echo ' command curl not found' + fi + + userdel ${USER} +} + +do_start() +{ + CMD="sudo -Hu ${USER} bin/aria2c --conf-path=${CONF} -D >> aria2c.run.log" + ${CMD} + + PID=$(ps -aux | grep -v grep | grep aria2c | awk -F ' ' '{print $2}') + if [[ ! -z ${PID} ]]; then + echo "==> Aria2c is start complete pid: ${PID}" + fi +} + +do_stop() +{ + echo "==> Aria2c is running Stop it now" + PID=$(ps -aux | grep -v grep | grep aria2c | awk -F ' ' '{print $2}') + + if [[ -z ${PID} ]]; then + echo "==> Aria2c is running, pid: ${PID} , Stop it Now" + fi + kill -9 ${PID} +} + +do_reload() +{ + do_stop + do_start +} + +# 更新 aria2c 依赖的数据 +do_update() +{ + TRACKERS=$(curl -sL https://cdn.jsdelivr.net/gh/XIU2/TrackersListCollection@master/all_aria2.txt) + sed -i "/^bt-tracker=/d" ${CONF} + echo " +bt-tracker=${TRACKERS}" >> ${CONF} + echo "Update Tracker Complete" +} + +usage(){ +echo "Aria Command Line Helper +" + +} + +do_get_hash() +{ + CMD="bin/aria2c --bt-metadata-only=true --bt-save-metadata=true --bt-tracker=http://1337.abcvg.info:80/announce,http://157.7.202.64:8080/announce,http://158.69.146.212:7777/announce,http://173.254.204.71:1096/announce,http://178.175.143.27:80/announce,http://178.33.73.26:2710/announce,http://182.176.139.129:6969/announce,http://185.5.97.139:8089/announce,http://185.83.215.123:6969/announce,http://188.165.253.109:1337/announce,http://194.106.216.222:80/announce,http://195.123.209.37:1337/announce,http://210.244.71.25:6969/announce,http://210.244.71.26:6969/announce,http://213.163.67.56:1337/announce,http://37.19.5.139:6969/announce,http://37.19.5.155:6881/announce,http://46.4.109.148:6969/announce,http://5.79.249.77:6969/announce,http://5.79.83.193:2710/announce,http://51.254.244.161:6969/announce,http://59.36.96.77:6969/announce,http://5rt.tace.ru:60889/announce,http://62.210.202.61:80/announce,http://74.82.52.209:6969/announce,http://78.30.254.12:2710/announce,http://80.246.243.18:6969/announce,http://81.200.2.231:80/announce,http://85.17.19.180:80/announce,http://87.110.238.140:6969/announce,http://87.248.186.252:8080/announce,http://87.253.152.137:80/announce,http://91.216.110.47:80/announce,http://91.217.91.21:3218/announce,http://91.218.230.81:6969/announce,http://93.92.64.5:80/announce,http://95.211.168.204:2710/announce,http://[2001:1b10:1000:8101:0:242:ac11:2]:6969/announce,http://[2001:470:1:189:0:1:2:3]:6969/announce,http://[2a04:ac00:1:3dd8::1:2710]:2710/announce,http://aaa.army:8866/announce,http://agusiq-torrents.pl:6969/announce,http://asnet.pw:2710/announce,http://atrack.pow7.com:80/announce,http://bobbialbano.com:6969/announce,http://bt.3kb.xyz:80/announce,http://bt.okmp3.ru:2710/announce,http://bt.pusacg.org:8080/announce,http://explodie.org:6969/announce,http://fxtt.ru:80/announce,http://h4.trakx.nibba.trade:80/announce,http://mail2.zelenaya.net:80/announce,http://milanesitracker.tekcities.com:80/announce,http://ns349743.ip-91-121-106.eu:80/announce,http://open.acgnxtracker.com:80/announce,http://open.acgtracker.com:1096/announce,http://open.lolicon.eu:7777/announce,http://open.touki.ru:80/announce.php,http://opentracker.i2p.rocks:6969/announce,http://p4p.arenabg.ch:1337/announce,http://p4p.arenabg.com:1337/announce,http://pow7.com:80/announce,http://pt.lax.mx:80/announce,http://retracker.bashtel.ru:80/announce,http://retracker.gorcomnet.ru:80/announce,http://retracker.hotplug.ru:2710/announce,http://retracker.krs-ix.ru:80/announce,http://retracker.mgts.by:80/announce,http://retracker.sevstar.net:2710/announce,http://retracker.spark-rostov.ru:80/announce,http://retracker.telecom.by:80/announce,http://rt.tace.ru:80/announce,http://secure.pow7.com:80/announce,http://share.camoe.cn:8080/announce,http://siambit.org:80/announce.php,http://t.acg.rip:6699/announce,http://t.nyaatracker.com:80/announce,http://t.overflow.biz:6969/announce,http://t1.pow7.com:80/announce,http://t2.pow7.com:80/announce,http://thetracker.org:80/announce,http://torrentclub.online:54123/announce,http://torrentsmd.com:8080/announce,http://torrentsmd.eu:8080/announce,http://torrenttracker.nwc.acsalaska.net:6969/announce,http://tr.cili001.com:8070/announce,http://tr.kxmp.cf:80/announce,http://tracker-cdn.moeking.me:2095/announce,http://tracker.aletorrenty.pl:2710/announce,http://tracker.anonwebz.xyz:8080/announce,http://tracker.birkenwald.de:6969/announce,http://tracker.bittor.pw:1337/announce,http://tracker.bittorrent.am:80/announce,http://tracker.bt4g.com:2095/announce,http://tracker.bz:80/announce,http://tracker.city9x.com:2710/announce,http://tracker.devil-torrents.pl:80/announce,http://tracker.dler.org:6969/announce,http://tracker.dutchtracking.nl:80/announce,http://tracker.edoardocolombo.eu:6969/announce,http://tracker.electro-torrent.pl:80/announce,http://tracker.ex.ua:80/announce,http://tracker.files.fm:6969/announce,http://tracker.flashtorrents.org:6969/announce,http://tracker.gbitt.info:80/announce,http://tracker.grepler.com:6969/announce,http://tracker.ipv6tracker.ru:80/announce,http://tracker.kuroy.me:5944/announce,http://tracker.lelux.fi:80/announce,http://tracker.mg64.net:6881/announce,http://tracker.moeking.me:6969/announce,http://tracker.noobsubs.net:80/announce,http://tracker.opentrackr.org:1337/announce,http://tracker.sakurato.xyz:23333/announce,http://tracker.skyts.net:6969/announce,http://tracker.sloppyta.co:80/announce,http://tracker.tfile.co:80/announce,http://tracker.tfile.me:80/announce,http://tracker.tiny-vps.com:6969/announce,http://tracker.torrentyorg.pl:80/announce,http://tracker.trackerfix.com:80/announce,http://tracker.tvunderground.org.ru:3218/announce,http://tracker.uw0.xyz:6969/announce,http://tracker.vraphim.com:6969/announce,http://tracker.yoshi210.com:6969/announce,http://tracker.zerobytes.xyz:1337/announce,http://tracker.zum.bi:6969/announce,http://tracker01.loveapp.com:6789/announce,http://tracker1.bt.moack.co.kr:80/announce,http://tracker1.itzmx.com:8080/announce,http://tracker1.wasabii.com.tw:6969/announce,http://tracker2.dler.org:80/announce,http://tracker2.itzmx.com:6961/announce,http://tracker3.itzmx.com:6961/announce,http://tracker4.itzmx.com:2710/announce,http://vpn.flying-datacenter.de:6969/announce,http://vps02.net.orel.ru:80/announce,http://www.loushao.net:8080/announce,http://www.wareztorrent.com:80/announce,https://1337.abcvg.info:443/announce,https://2.tracker.eu.org:443/announce,https://3.tracker.eu.org:443/announce,https://aaa.army:8866/announce,https://open.kickasstracker.com:443/announce,https://opentracker.acgnx.se:443/announce,https://tp.m-team.cc:443/announce.php,https://tr.ready4.icu:443/announce,https://tr.steins-gate.moe:2096/announce,https://tracker.bt-hash.com:443/announce,https://tracker.cyber-hub.net:443/announce,https://tracker.foreverpirates.co:443/announce,https://tracker.gbitt.info:443/announce,https://tracker.imgoingto.icu:443/announce,https://tracker.lelux.fi:443/announce,https://tracker.lilithraws.cf:443/announce,https://tracker.nanoha.org:443/announce,https://tracker.nitrix.me:443/announce,https://tracker.parrotsec.org:443/announce,https://tracker.sloppyta.co:443/announce,https://tracker.tamersunion.org:443/announce,https://trakx.herokuapp.com:443/announce,https://w.wwwww.wtf:443/announce,https://www.wareztorrent.com:443/announce,udp://151.80.120.114:2710/announce,udp://168.235.67.63:6969/announce,udp://178.33.73.26:2710/announce,udp://182.176.139.129:6969/announce,udp://185.5.97.139:8089/announce,udp://185.83.215.123:6969/announce,udp://185.86.149.205:1337/announce,udp://188.165.253.109:1337/announce,udp://191.101.229.236:1337/announce,udp://194.106.216.222:80/announce,udp://195.123.209.37:1337/announce,udp://195.123.209.40:80/announce,udp://208.67.16.113:8000/announce,udp://212.1.226.176:2710/announce,udp://212.47.227.58:6969/announce,udp://213.163.67.56:1337/announce,udp://37.19.5.155:2710/announce,udp://3rt.tace.ru:60889/announce,udp://46.4.109.148:6969/announce,udp://47.ip-51-68-199.eu:6969/announce,udp://5.79.249.77:6969/announce,udp://5.79.83.193:6969/announce,udp://51.254.244.161:6969/announce,udp://52.58.128.163:6969/announce,udp://62.138.0.158:6969/announce,udp://62.212.85.66:2710/announce,udp://6ahddutb1ucc3cp.ru:6969/announce,udp://6rt.tace.ru:80/announce,udp://74.82.52.209:6969/announce,udp://78.30.254.12:2710/announce,udp://85.17.19.180:80/announce,udp://89.234.156.205:80/announce,udp://9.rarbg.com:2710/announce,udp://9.rarbg.me:2710/announce,udp://9.rarbg.me:2780/announce,udp://9.rarbg.to:2710/announce,udp://9.rarbg.to:2730/announce,udp://91.216.110.52:451/announce,udp://91.218.230.81:6969/announce,udp://94.23.183.33:6969/announce,udp://95.211.168.204:2710/announce,udp://[2001:1b10:1000:8101:0:242:ac11:2]:6969/announce,udp://[2001:470:1:189:0:1:2:3]:6969/announce,udp://[2a03:7220:8083:cd00::1]:451/announce,udp://[2a04:ac00:1:3dd8::1:2710]:2710/announce,udp://[2a04:c44:e00:32e0:4cf:6aff:fe00:aa1]:6969/announce,udp://aaa.army:8866/announce,udp://adm.category5.tv:6969/announce,udp://admin.videoenpoche.info:6969/announce,udp://adminion.n-blade.ru:6969/announce,udp://anidex.moe:6969/announce,udp://api.bitumconference.ru:6969/announce,udp://aruacfilmes.com.br:6969/announce,udp://bclearning.top:6969/announce,udp://benouworldtrip.fr:6969/announce,udp://bioquantum.co.za:6969/announce,udp://bitsparadise.info:6969/announce,udp://blokas.io:6969/announce,udp://bms-hosxp.com:6969/announce,udp://bt.firebit.org:2710/announce,udp://bt1.archive.org:6969/announce,udp://bt2.3kb.xyz:6969/announce,udp://bt2.54new.com:8080/announce,udp://bt2.archive.org:6969/announce,udp://bubu.mapfactor.com:6969/announce,udp://camera.lei001.com:6969/announce,udp://cdn-1.gamecoast.org:6969/announce,udp://cdn-2.gamecoast.org:6969/announce,udp://chihaya.toss.li:9696/announce,udp://code2chicken.nl:6969/announce,udp://concen.org:6969/announce,udp://cutiegirl.ru:6969/announce,udp://daveking.com:6969/announce,udp://denis.stalker.upeer.me:6969/announce,udp://discord.heihachi.pw:6969/announce,udp://dpiui.reedlan.com:6969/announce,udp://drumkitx.com:6969/announce,udp://eddie4.nl:6969/announce,udp://edu.uifr.ru:6969/announce,udp://engplus.ru:6969/announce,udp://exodus.desync.com:6969/announce,udp://fe.dealclub.de:6969/announce,udp://forever-tracker.zooki.xyz:6969/announce,udp://free-tracker.zooki.xyz:6969/announce,udp://inferno.demonoid.is:3391/announce,udp://ipv4.tracker.harry.lu:80/announce,udp://ipv6.tracker.harry.lu:80/announce,udp://ipv6.tracker.zerobytes.xyz:16661/announce,udp://johnrosen1.com:6969/announce,udp://kanal-4.de:6969/announce,udp://line-net.ru:6969/announce,udp://ln.mtahost.co:6969/announce,udp://mail.realliferpg.de:6969/announce,udp://mgtracker.org:2710/announce,udp://movies.zsw.ca:6969/announce,udp://mts.tvbit.co:6969/announce,udp://nagios.tks.sumy.ua:80/announce,udp://ns-1.x-fins.com:6969/announce,udp://ns389251.ovh.net:6969/announce,udp://open.demonii.com:1337/announce,udp://open.demonii.si:1337/announce,udp://open.lolicon.eu:7777/announce,udp://open.stealth.si:80/announce,udp://opentor.org:2710/announce,udp://opentracker.i2p.rocks:6969/announce,udp://p4p.arenabg.ch:1337/announce,udp://public-tracker.zooki.xyz:6969/announce,udp://public.popcorn-tracker.org:6969/announce,udp://public.publictracker.xyz:6969/announce,udp://retracker.hotplug.ru:2710/announce,udp://retracker.lanta-net.ru:2710/announce,udp://retracker.netbynet.ru:2710/announce,udp://retracker.nts.su:2710/announce,udp://retracker.sevstar.net:2710/announce,udp://sd-161673.dedibox.fr:6969/announce,udp://shadowshq.eddie4.nl:6969/announce,udp://shadowshq.yi.org:6969/announce,udp://storage.groupees.com:6969/announce,udp://t1.leech.ie:1337/announce,udp://t2.leech.ie:1337/announce,udp://t3.leech.ie:1337/announce,udp://teamspeak.value-wolf.org:6969/announce,udp://thetracker.org:80/announce,udp://torrent.tdjs.tech:6969/announce,udp://torrentclub.online:54123/announce,udp://tr.bangumi.moe:6969/announce,udp://tr.cili001.com:8070/announce,udp://tr2.ysagin.top:2710/announce,udp://tracker-udp.gbitt.info:80/announce,udp://tracker-v6.zooki.xyz:6969/announce,udp://tracker.0x.tf:6969/announce,udp://tracker.aletorrenty.pl:2710/announce,udp://tracker.altrosky.nl:6969/announce,udp://tracker.army:6969/announce,udp://tracker.beeimg.com:6969/announce,udp://tracker.birkenwald.de:6969/announce,udp://tracker.bittor.pw:1337/announce,udp://tracker.coppersurfer.tk:6969/announce,udp://tracker.cyberia.is:6969/announce,udp://tracker.dler.org:6969/announce,udp://tracker.ds.is:6969/announce,udp://tracker.e-utp.net:6969/announce,udp://tracker.eddie4.nl:6969/announce,udp://tracker.ex.ua:80/announce,udp://tracker.filemail.com:6969/announce,udp://tracker.flashtorrents.org:6969/announce,udp://tracker.fortu.io:6969/announce,udp://tracker.grepler.com:6969/announce,udp://tracker.kali.org:6969/announce,udp://tracker.kuroy.me:5944/announce,udp://tracker.leechers-paradise.org:6969/announce,udp://tracker.lelux.fi:6969/announce,udp://tracker.moeking.me:6969/announce,udp://tracker.open-internet.nl:6969/announce,udp://tracker.opentrackr.org:1337/announce,udp://tracker.piratepublic.com:1337/announce,udp://tracker.publictracker.xyz:6969/announce,udp://tracker.shkinev.me:6969/announce,udp://tracker.sigterm.xyz:6969/announce,udp://tracker.skyts.net:6969/announce,udp://tracker.swateam.org.uk:2710/announce,udp://tracker.tiny-vps.com:6969/announce,udp://tracker.torrent.eu.org:451/announce,udp://tracker.tvunderground.org.ru:3218/announce,udp://tracker.uw0.xyz:6969/announce,udp://tracker.v6speed.org:6969/announce,udp://tracker.yoshi210.com:6969/announce,udp://tracker.zemoj.com:6969/announce,udp://tracker.zerobytes.xyz:1337/announce,udp://tracker.zum.bi:6969/announce,udp://tracker0.ufibox.com:6969/announce,udp://tracker1.bt.moack.co.kr:80/announce,udp://tracker1.itzmx.com:8080/announce,udp://tracker2.christianbro.pw:6969/announce,udp://tracker2.dler.org:80/announce,udp://tracker2.indowebster.com:6969/announce,udp://tracker2.itzmx.com:6961/announce,udp://tracker3.itzmx.com:6961/announce,udp://tracker4.itzmx.com:2710/announce,udp://u.wwwww.wtf:1/announce,udp://udp-tracker.shittyurl.org:6969/announce,udp://us-tracker.publictracker.xyz:6969/announce,udp://valakas.rollo.dnsabr.com:2710/announce,udp://vibe.community:6969/announce,udp://wassermann.online:6969/announce,udp://www.loushao.net:8080/announce,udp://z.mercax.com:53/announce,udp://zephir.monocul.us:6969/announce,udp://zer0day.ch:1337/announce,udp://zer0day.to:1337/announce magnet:?xt=urn:btih:"$1 + $CMD +} + +case $1 in + r|-r|run) + do_start + ;; + reload) + do_reload + ;; + stop) + do_stop + ;; + u|-u|update) + do_update + ;; + -d|get-hash) + do_get_hash $2 + ;; + *|help) + usage + ;; +esac \ No newline at end of file diff --git a/images/aria2/conf/delete.sh b/images/aria2/conf/delete.sh new file mode 100644 index 00000000..caf6b0ce --- /dev/null +++ b/images/aria2/conf/delete.sh @@ -0,0 +1,21 @@ +#!/bin/bash +filePath=$3 +relativePath=${filepath#./downloads/} +topPath=./downloads/${relativePath%%/*} # It will be the path of folder when it has multiple files, otherwise it will be the same as file path. + +LIGHT_GREEN_FONT_PREFIX="\033[1;32m" +FONT_COLOR_SUFFIX="\033[0m" +INFO="[${LIGHT_GREEN_FONT_PREFIX}INFO${FONT_COLOR_SUFFIX}]" + +echo -e "$(date +"%m/%d %H:%M:%S") ${INFO} Download error or stop, start deleting files..." + +if [ $2 -eq 0 ]; then + exit 0 +elif [ -e "${filePath}.aria2" ]; then + rm -vf "${filePath}.aria2" "${filePath}" +elif [ -e "${topPath}.aria2" ]; then + rm -vrf "${topPath}.aria2" "${topPath}" +fi +find "${topPath}" ! -path "${topPath}" -depth -type d -empty -exec rm -vrf {} \; + +echo -e "$(date +"%m/%d %H:%M:%S") ${INFO} Download error or stop, start deleting files finish" diff --git a/images/aria2/conf/dht.dat b/images/aria2/conf/dht.dat new file mode 100644 index 0000000000000000000000000000000000000000..11dec6e857553f2a3406f0f518ea1a74c0f7eb09 GIT binary patch literal 5488 zcmaLbdpuNW9{})~ahq`&j5}jy7{)C#!x)T)*^x`8~c;j zF#eh2{V{T3J1b#Ns^d!VYpL_kX&sR>f`QLp!yJ_3=8jjg%>AvmAz?;ZX0lX8?`IGwUv;ThcB%JjPu6@F0=lBGx$7=xYk{H#O>n|^MZK=VzD`#h0CtnDwAMg(=yA+w!!<}$sT&O?3 z*fm$!nmo(h^sJrVn<-ayMBt8zX29LmyJyaS9lF@H?Pb5J_wyimr1jmExm6Z6Q?+{q z+=;jFUgz|pxqVlAGG^Y9?kH3CZ6s=gsw&~~hw89-{ebF|we!23f*0#L+ zq*_W?MBfifbW2uhU1l z>WE{b6Q>INr*;)Kn!w!y>t}B_$ALS@tCOA_y0#|#pCJ|X7D}mH&&8TP z1{XanLmCiuJ0;GawO+@f#Gbg>Vme*%*lh1_;J(zgwpZM*`T*`AuTJ`3bB7#$$1V+w zbLB<<_0qyEe*~0}y7eC`j7rpz21K3oghS@v`*?o!=f!Y(b@FePN)i8p`%g^DPyidbcCY1V=l8;)8-&f&F7H7F%@qT>kxq!)g7W;`>!eMwOHIx=)Hz=ng&c=M zm|5tu=27w`>g(}un3oE2jToko<4$QFM7p}#J%%Vwn-Q*9K}~ZWWgc7t>S=9z9qvGX zHlVD7_w1=MvPYCRVLY8>Ga<)sW#zz~sJN~+?abnQV(q2tY@#vchTU3L{*ZHIs;Vt? zU2GIbRxD&!Xhq=hPA=ylhufyeH4yL~#@n zmnp=StNBtcf^ipk$w{7?FY~3Ywq-SnqnS0?Ynhs{b}8?F3OPcPUev;TL6V~d(u#3Q zLbOll)-(S#;0{2J&*i!G2tp9b?YKL#aVh~Xo}7;>VWk`u`ja@;m$*1~)-l9L|NiUVbvHAFmf zJvW27X2|K6ld6zTh|6k28W4&7)f*VE2wU`yn~M4&C#%e-FLY<0qqx-u{p=6COl>?S z1N4g;hB=9JjpLCDD9(@2DJY-{SvV#vxQ6#YM5O4#$k{kkgCA@Wszk4X>GjXJXr^70C3&zLT^9JN-KGsf1 zC&cxkjl(ut1!pzGjI@vOpFbey=w|J{&~30nspl5U5yBWPRDtYJvI26HXpCT?OO@=T zNGndH74Vj;9dc|i=m+_`!g0b6(KSlf-&64k^1KXIV^hCtk2-ELi6)4RzNbUE{b2<@_>u z2s-FS^E~L@x`q>wqeYS|;STgm+*6c%n*?uUYcV?PW)%xMHpkUi*7aaLQwf#Rfaenx3vt;f`}<&;Nx3OiMU~!YlJpXC#Fw&?x1lfjgt!`% z{crG$W{`c8X|2w;90pjg8Gc&H$b60CKgFZeGn0SR=nZp)gq%)1%^vB5xFeDk z4rvEBu#cG9Y3*U^m}QG0hZ!eS!`;^n@jYno4?_pa)`uJ!XwXt_JltnI^}82qzX9CU ztaB?tb#7gm%U#@Rk2;31;qJU|O@5i=q=2mFQ0NHv)WmI7;st{skt{*| zJF8o-;O^x7ngP^&q4(DN*9Tj!K2>zpEWo#fy!z8lxC@$WXrr4UbAf1x7{21#;N_4| zg>45O>pRvY(OVJwEwjK%PG7P^A?=WwKi@HsG;+v3$&>XcS<`FIm$K82(M*HNX<7ofFLm|7xJ{_-d$av+&{OqK42nkJ(HBm)H4FkX z;4b9X&^9zTT%@q0$Hg{mKeiRyWYWa=dvgyWAH!_Jz|UFWFCnktZtdhtT-R%=UH1?+SZuFiH6u8qpLAl`uP4(br)jBUorp9ElkD6` zJ4~)>92=fDAN0Gnk8(S!+Cw-K4oXO!_s`?}0BHcD!_#^uAu43~Cih1|lJ_sJt;ece z;Ld{+x84wCT^hEO5v9w9wi&XO+1mIVg(vAtS{0rOmnT zuOE#lg}X!>QSLN;alWy;1ONB`FI~jlq-eogMS78{Rao}a)Nj-6_mhcGAZu4iumYCLC8T}^X3#$!co1+ zK1H^KUem3)SqvOXnOA@(59}dqQ1%>S4@EfOX=C)Ibm8emu}{rpN$r}%`^R6>a~NKx zq)=ILu>A2zil(}>zCziG-T?!*$xo62nVDvX`MoZ3RqQQD_I+xopG$vl<7Hn zG^o`E{LIv^*#I;y^N;)8$oh5Nl?{Uj8rd_vwZMR|Zzw&7hIq;{K!GQBjks{{j&0R6 zKNkY+Y-Gg7n#zZr8*j|_Y%Z9$rRT6r*&tsg;ZLOVYCIbD|tOo4BIFVEw7&(&J}RuzP7O_KqE;q{j#Iqq(cDw0iuUS;ZTv?umu44 z&E?a|`x9w3bI^gdul)A*!=c)Y78l%hdB!odJguJ ziK)pEw!sg=O)$$UiAgAgxp}laa`# zZ}q;})TCX~tjHYggUeSr$~?#^ii2&GhZdKy_67e$sAH)}NqWy&Bk6Fi>~v1}1B8=j zaRL0;PI=e{fSnT(mys#wYm!n!_LnZ|X*a&E-;$C${~P`S;c%$6f*6@;KpjU3-vNz# z|1-26Xah*l)&Gh^{>G{AwolCAS^=12>5{Umc*b?F1#N|vU4Fsm zB*-u?p&|BV0e7J>Y!3cUOkE5b(fh8kSqY!GjGC=@k?$ivG>J}6DS+!k`e9`}{LY7M zl!w;u3%Mv__)Nr3uCN0x>)so<#d8}{M;HT#TKqTaR`YD(m@xO>$d*0sas%F9??3lY z@c6<5SG>xJ6dvsG1Ce>Y*EuTA=m##rrIhyNY&J>J)lJ(evP3ZFz3j&1U#$h(5e|o9 zNvt7>W}x@)INq!_60^txmjbY;%&KEYr^4^Ex{kZ)RMau7mgC?IW$BNh(?*oN)j#6H#wqi(zpoO1@*s5 zAtCy@vAfxBh_h+dePras0`_0q2<>)kB9qKcKM)^-ODTSydrI(YK6fq2cwff6^}L_< z`l<@pPV-F?(rzS03g!8f<+e*vQph+ET&8PNB6dz?Td*I8P;3syo7PADBJtB zFxcSwZ6rSzYXnQjc7)wIKL?erXE_q~^*LJzgC1pGVp9C6UF95q@2+J~X~QA76o4iC zklzwvHZ9ooT;M@2!qLXsc|X`r^AqNN@LN*HExDSuk6iSq7Ql#(bQxRa&!$ZpcwbuD zz%cJ(nR#^9+EoAtW*aieS7-q7^M^nCP?}+>T5H3bqL`55Du0!qQP&Ve56g<0Q;mkQ zj5P8m7jLMD)3}}C(AcLa+t%SDL#18ojim;AE9RYu9bxHry z2D?dN&5CdT+*i@FboF>t6Dpu%#(ijvbP;*y~wqDKVp7OE7j zM;6cf$i9!R6jaQgX7Cfs%=SGg)?3xoT%$nd;Njjc7^c)VweJbdP1gLheCzHlKW@#K~9&nMUjF8yWGjwt>gSjAiJ%NFv^g9dh z*OA3cos;aET6#1NV%~=Ts@a)_Cl4N!IHt7jbKQska-gHkvixxH`SzFH$7r0kP^Dw_ zZ0B1JW^m%O^bG6S!F+n|-#Gv_Q8v{8dYMms14N5H`+1#ao>l`ln~OW|uJ3t-HGoTy zxWMO4C|!ymP;>K9aG&2aP49qO)LCU8;sM(T_s9J=F+yi2ZqRdBz!U%mKX(g!tx{Q| z?8;2z^nE{d_JwB&B!rWV?jXbXgU7p*3gx_+ zQBEd(^Eph@v+6H!$S?5XaW4AN66Jr(X_JyETrmF1ZZyuT zO6;QGmx;i!4Y_7z?~k=PglwYMLqlQ#))QwzXKfjoRDT|iteZqH#nhO!Ps%J=v&<^p z_Ed*mQuLqWqdTfqr~$2Md+ySDkYm9xbg{od0^B|&!HiGE6&78 zP!cyTV_raLZ;pXWDe-i19lv%o#!y|`qExTMi^tP8(i*lS@x(GK)LLes)c8-C<#DKF zMbh+KlnYOP5C606N7_6TaQqChX&)CoN7;XRn4cQk2ipKZJ*RQOnODvoecEX$D>mtL zN4u@KvX2e^0@0)RxsS=o8(`@1iDib&9PKag!ZrZ-Y3E{Mz-xZ{Cu#!qP14ubUXAAz zi`&4ku2A71{8jLJdCsL-9h9jba-A(B3y`vOOUwyuN;x$Xn(ua8HCzhc+u1b@bB%Cxjr}zE zlA5;p+RyYj*p9T163<&8dPbL^)#EN^_AF~vPdk%0xYSiQwZLWBJS1F$1vNy^!Q*{z zq9I5QoFJ2oVhvU~!|6fh*I0*aQPn%al{3ZbMy@b$l=dk}O=M8p7qD*ADrcc!K zV)eae?&?BQ|8VMG?Pa^e!ZgNqR%uACa=r_8_2rYB4%dl&WOiov7EPvZZjtuE z>)*kAAMoJlWxl*KUcsx}@WXKaF;VMux1EA_OgKa8W*F`@k^y ztK4tvnUA;L?JRK%^9)~}bZ~8BxUa*Zq61YkB|x3cpLC_~$(3a4Y7F;70!j3OVoCf# zw=K);!=076ca0d@2c+^@Id*CtDnFv%QR~XJs`q4ETIRTnP)a+mLtbjPbbulsJtq%D zfk^?%rS9WNU)A56%xQTRcFj5bw7H%_ZQF~~tuGoQwkb{1bCi420yN8FK5V00Z^*3b z6}Fua{iId0X}V*`iGL}XE0$q?!GSu;m1%#~vof)qvyMf>Gd$E9nn&r7g$3NZ;0DO$~6+F z?%FB+5T38t`k>%)hj72O`C#+N&4WX8^c)&>@9pD%V+Vd))gxTum{Yr-;2xfMk5%ZD zdMfKydJfLB`u$nJAAgBV%1TgJ;e_29A0jV}eZpQ0_nH zMyPKTKZD!aK1>}h+B4TRH?sVhd*MMdTtbTr#M&4OR7T`Y$H^oaap_gPD6vuXiL18` zTKx1X|26wX^JyAAhl7}Z0-WII6%~Lwackv`7+&Gq`H9nCTp8RIBJlL-E@Vd0bMpVA z9tJW7n{N}(UaxJqV9Hm|mXY*NFQWY8EA?sA(7HE|Nl|b8A26{o_5);UipIJC{in7U zo;zu&(%Kg>qGhzzIQN@{rCivAF9FyuD$)CiW&%@PBBh|Nxxlw=bkcB@tNfn>eH3&$h=iv5< zbeHH}J=eF(=Y%j}mGelRoY6SkR-xTvQRLP3?EYG3dX92$!w!1FgUWCx$wEOxNvoXQ zoXVp(QS4}K(|VuXO{1u3>K!7|?>Lk)=W(`9Fj}b{7hZj_^!+oqR!Uw+Sc=Fy1*9}+ zd<^ORTaB43%AjUE!ohxuMR;0_E$!MQT=*$|RS&PhRWG_#tnBB{1MOn#%(rkw!1d8M z_Gmd!b{oCxl{=wC_v!iT!f+`?FS3hh{=y`tioBOOTXr<1_Fbz#Y)3fC`p}#lT>@=w z>?M=j&PdVbrAW=5W4m4pRvRaN%ih9t=L*4sI@%Bpz7O$Z4tg;6Z0)w`_pE)!PH?TT zo?d^}!7Bm>M_Mbq&Nd49&wBrc?Fa|&Lzp89`NxiRlSzk^JZbHVdXug2nO);66q;Wm zDkYdQ%{#@wf#D~-Z$UN`2VH3IJT^o-Z${-+IdkO{ydPiejMwpszkCbtz`&s(6%-K6 zKye=u*vw|WkUVxK#cP6&%R z!=unVkY0Nt+nIVYq-&r0Y`%k~rTKoJl;@}jaq8_TB`#51W?FT8!}W3P^O$$u$uj-T z)QBM*254K^OS=Jy@%Mg_7sXF0zlB>t;VPRo%sQ3Zf>_?JudQf7>E%0#!FGhB><4XG zh4A2S7}vSZk+~|``QeYzCk-96RtKt2 z(YiNE{$Mre_27O7Y%kDTv=`(s;bN=j{@5o)35q-MsO3cEqj8)ZhBi5fkSj|RdMjYovt5Qe^D=Bl;zH5evYq&pu%|eT{QRBB z0L{<%Em`T<+ZFmkBqdj6rSoHxo($({G|IWpGY77T@^@9r+o0UaJ2Cp^t{=6bzpYXe zDl=Q_f>;*{6W|g$J@wg$;Q;D>=_;QRlGn?eMZb0jZNcTJ>3(*JHU5Rc-(c9kQ1gu4 zZ2yYNYMw3geF#4(lBj)r{onqx;vRP2ZoFbRSD_)1Lbvo^Amj3V$u`r_b7s_C7y!Qp z2P0fGaeK$4(zlZ>%G6G^raxxz6G#=rM)HOXXEa<>zzycm{Jd^qYNpboG#%yF>j7Dp zrM>taK+nPZki9m>Bmd9OPywe`txHc`hh=I4muu>pamwEG9DMI>DF>v4{~ULCyEJNv z?^>zhx1&xg%bb( literal 0 HcmV?d00001 diff --git a/images/aria2/conf/docker-entrypoint.sh b/images/aria2/conf/docker-entrypoint.sh deleted file mode 100644 index 406c6baf..00000000 --- a/images/aria2/conf/docker-entrypoint.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/usr/bin/env sh - -COPY docker-entrypoint.sh /usr/local/bin/ -ENTRYPOINT ["docker-entrypoint.sh"] - -tail -f /var/log/auth.log \ No newline at end of file diff --git a/images/aria2/conf/entrypoint.sh b/images/aria2/conf/entrypoint.sh new file mode 100644 index 00000000..7d072d85 --- /dev/null +++ b/images/aria2/conf/entrypoint.sh @@ -0,0 +1,35 @@ +#!/usr/bin/env sh +ARIA2_CONF='/etc/aria2c/aria2c.conf' +if [[ -z "${ARIA2_PORT}" ]]; then + ARIA2_PORT=6800 +fi + +if [[ -z "${WEBUI_PORT}" ]]; then + WEBUI_PORT=6801 +fi + +if [[ -z "${DHT_PORT}" ]]; then + DHT_PORT='6802:6999' +fi + +if [[ -z "${RPC_SECRET}" ]]; then + RPC_SECRET='haspwd' +fi + +sed -i "s/ARIA2_PORT/${ARIA2_PORT}/g" ${ARIA2_CONF} +sed -i "s/RPC_SECRET/${RPC_SECRET}/g" ${ARIA2_CONF} +sed -i "s/DHT_PORT/${DHT_PORT}/g" ${ARIA2_CONF} + +aria2c --conf-path=/etc/aria2c/aria2c.conf -D +darkhttpd /opt/ariang --port ${WEBUI_PORT} --daemon >>/dev/null +echo -e " + Welcome to Aria2c Container is Running + +Aria2 Port : 127.0.0.1:${ARIA2_PORT} +WEBUI Port : 127.0.0.1:${WEBUI_PORT} +RPC Secret : ${RPC_SECRET} + +" > /tmp/welcome.log + + +tail -f /tmp/welcome.log diff --git a/images/aria2/conf/on-complete.sh b/images/aria2/conf/on-complete.sh new file mode 100644 index 00000000..3ff1e105 --- /dev/null +++ b/images/aria2/conf/on-complete.sh @@ -0,0 +1,29 @@ +#!/bin/bash + +filePath=$3 +relativePath=${filepath#./downloads/} +topPath=./downloads/${relativePath%%/*} # It will be the path of folder when it has multiple files, otherwise it will be the same as file path. + +LIGHT_GREEN_FONT_PREFIX="\033[1;32m" +FONT_COLOR_SUFFIX="\033[0m" +INFO="[${LIGHT_GREEN_FONT_PREFIX}INFO${FONT_COLOR_SUFFIX}]" + +echo -e "$(date +"%m/%d %H:%M:%S") ${INFO} Delete .aria2 file ..." + +if [ $2 -eq 0 ]; then + exit 0 +elif [ -e "${filepath}.aria2" ]; then + rm -vf "${filepath}.aria2" +elif [ -e "${topPath}.aria2" ]; then + rm -vf "${topPath}.aria2" +fi +echo -e "$(date +"%m/%d %H:%M:%S") ${INFO} Delete .aria2 file finish" +echo "$(($(cat numUpload)+1))" > numUpload # Plus 1 + +if [[ $2 -eq 1 ]]; then # single file + rclone -v --config="rclone.conf" copy "$3" "DRIVE:$RCLONE_DESTINATION" 2>&1 +elif [[ $2 -gt 1 ]]; then # multiple file + rclone -v --config="rclone.conf" copy "$topPath" "DRIVE:$RCLONE_DESTINATION/${relativePath%%/*}" +fi + +echo "$(($(cat numUpload)-1))" > numUpload # Minus 1 diff --git a/images/aria2/conf/on-delete.sh b/images/aria2/conf/on-delete.sh new file mode 100755 index 00000000..0aa56199 --- /dev/null +++ b/images/aria2/conf/on-delete.sh @@ -0,0 +1,81 @@ +#!/usr/bin/env bash +# +# Copyright (c) 2018-2020 P3TERX +# +# This is free software, licensed under the MIT License. +# See /LICENSE for more information. +# +# https://github.com/P3TERX/aria2.conf +# File name:delete.sh +# Description: Delete files after Aria2 download error or task removed +# Version: 3.0 +# + +CHECK_CORE_FILE() { + CORE_FILE="$(dirname $0)/core" + if [[ -f "${CORE_FILE}" ]]; then + . "${CORE_FILE}" + else + echo "!!! core file does not exist !!!" + exit 1 + fi +} + +CHECK_RPC_CONECTION() { + READ_ARIA2_CONF + if [[ "${RPC_SECRET}" ]]; then + RPC_PAYLOAD='{"jsonrpc":"2.0","method":"aria2.getVersion","id":"P3TERX","params":["token:'${RPC_SECRET}'"]}' + else + RPC_PAYLOAD='{"jsonrpc":"2.0","method":"aria2.getVersion","id":"P3TERX"}' + fi + (curl "${RPC_ADDRESS}" -fsSd "${RPC_PAYLOAD}" || curl "https://${RPC_ADDRESS}" -kfsSd "${RPC_PAYLOAD}") >/dev/null +} + +DELETE_ON_STOP() { + if [[ "${TASK_STATUS}" = "error" && "${DELETE_ON_ERROR}" = "true" ]] || [[ "${TASK_STATUS}" = "removed" && "${DELETE_ON_REMOVED}" = "true" ]]; then + if [[ -f "${TASK_PATH}.aria2" ]]; then + echo -e "$(DATE_TIME) ${INFO} Download task ${TASK_STATUS}, deleting files..." + rm -vrf "${TASK_PATH}.aria2" "${TASK_PATH}" + else + [[ -e "${TASK_PATH}" ]] && + echo -e "$(DATE_TIME) ${WARRING} Skip delete. Download completed files: ${TASK_PATH}" || + echo -e "$(DATE_TIME) ${WARRING} Skip delete. File does not exist: ${TASK_PATH}" + fi + else + echo -e "$(DATE_TIME) ${WARRING} Skip delete. Task status invalid: ${TASK_STATUS}" + fi +} + +DELETE_ON_UNKNOWN() { + if [[ -f "${FILE_PATH}.aria2" ]]; then + echo -e "$(DATE_TIME) ${INFO} Download task force removed, deleting files..." + rm -vrf "${FILE_PATH}.aria2" "${FILE_PATH}" + else + [[ -e "${FILE_PATH}" ]] && + echo -e "$(DATE_TIME) ${WARRING} Skip delete. Download completed files: ${FILE_PATH}" || + echo -e "$(DATE_TIME) ${WARRING} Skip delete. File does not exist: ${FILE_PATH}" + fi +} + +DELETE_FILE() { + if GET_TASK_INFO; then + GET_DOWNLOAD_DIR + GET_TASK_STATUS + CONVERSION_PATH + DELETE_ON_STOP + DELETE_DOT_TORRENT + DELETE_EMPTY_DIR + elif CHECK_RPC_CONECTION && [[ "${DELETE_ON_UNKNOWN}" = "true" && ${FILE_NUM} -eq 1 ]]; then + DELETE_ON_UNKNOWN + else + echo -e "$(DATE_TIME) ${ERROR} Aria2 RPC interface error!" + exit 1 + fi +} + +CHECK_CORE_FILE "$@" +CHECK_PARAMETER "$@" +CHECK_FILE_NUM +CHECK_SCRIPT_CONF +DELETE_FILE +exit 0 diff --git a/images/aria2/conf/on-move.sh b/images/aria2/conf/on-move.sh new file mode 100755 index 00000000..ee1e961d --- /dev/null +++ b/images/aria2/conf/on-move.sh @@ -0,0 +1,81 @@ +#!/usr/bin/env bash +# +# Copyright (c) 2018-2020 P3TERX +# +# This is free software, licensed under the MIT License. +# See /LICENSE for more information. +# +# https://github.com/P3TERX/aria2.conf +# File name:move.sh +# Description: Move files after Aria2 download is complete +# Version: 3.0 +# + +CHECK_CORE_FILE() { + CORE_FILE="$(dirname $0)/core" + if [[ -f "${CORE_FILE}" ]]; then + . "${CORE_FILE}" + else + echo "!!! core file does not exist !!!" + exit 1 + fi +} + +TASK_INFO() { + echo -e " +-------------------------- [${YELLOW_FONT_PREFIX}Task Infomation${FONT_COLOR_SUFFIX}] -------------------------- +${LIGHT_PURPLE_FONT_PREFIX}Task GID:${FONT_COLOR_SUFFIX} ${TASK_GID} +${LIGHT_PURPLE_FONT_PREFIX}Number of Files:${FONT_COLOR_SUFFIX} ${FILE_NUM} +${LIGHT_PURPLE_FONT_PREFIX}First File Path:${FONT_COLOR_SUFFIX} ${FILE_PATH} +${LIGHT_PURPLE_FONT_PREFIX}Task File Name:${FONT_COLOR_SUFFIX} ${TASK_FILE_NAME} +${LIGHT_PURPLE_FONT_PREFIX}Task Path:${FONT_COLOR_SUFFIX} ${TASK_PATH} +${LIGHT_PURPLE_FONT_PREFIX}Aria2 Download Directory:${FONT_COLOR_SUFFIX} ${ARIA2_DOWNLOAD_DIR} +${LIGHT_PURPLE_FONT_PREFIX}Custom Download Directory:${FONT_COLOR_SUFFIX} ${DOWNLOAD_DIR} +${LIGHT_PURPLE_FONT_PREFIX}Source Path:${FONT_COLOR_SUFFIX} ${SOURCE_PATH} +${LIGHT_PURPLE_FONT_PREFIX}Destination Path:${FONT_COLOR_SUFFIX} ${DEST_PATH} +${LIGHT_PURPLE_FONT_PREFIX}.aria2 File Path:${FONT_COLOR_SUFFIX} ${DOT_ARIA2_FILE} +-------------------------- [${YELLOW_FONT_PREFIX}Task Infomation${FONT_COLOR_SUFFIX}] -------------------------- +" +} + +OUTPUT_MOVE_LOG() { + LOG="${MOVE_LOG}" + LOG_PATH="${MOVE_LOG_PATH}" + OUTPUT_LOG +} + +DEFINITION_PATH() { + SOURCE_PATH="${TASK_PATH}" + if [[ "${DOWNLOAD_DIR}" != "${ARIA2_DOWNLOAD_DIR}" && "${DOWNLOAD_DIR}" =~ "${ARIA2_DOWNLOAD_DIR}" ]]; then + DEST_PATH="${DEST_DIR}${DEST_PATH_SUFFIX%/*}" + else + DEST_PATH="${DEST_DIR}" + fi +} + +MOVE_FILE() { + echo -e "$(DATE_TIME) ${INFO} Start move files ..." + TASK_INFO + mkdir -p "${DEST_PATH}" + mv -vf "${SOURCE_PATH}" "${DEST_PATH}" + MOVE_EXIT_CODE=$? + if [ ${MOVE_EXIT_CODE} -eq 0 ]; then + MOVE_LOG="$(DATE_TIME) ${INFO} Move done: ${SOURCE_PATH} -> ${DEST_PATH}" + else + MOVE_LOG="$(DATE_TIME) ${ERROR} Move failed: ${SOURCE_PATH}" + fi + OUTPUT_MOVE_LOG + DELETE_EMPTY_DIR +} + +CHECK_CORE_FILE "$@" +CHECK_PARAMETER "$@" +CHECK_FILE_NUM +CHECK_SCRIPT_CONF +GET_TASK_INFO +GET_DOWNLOAD_DIR +CONVERSION_PATH +DEFINITION_PATH +CLEAN_UP +MOVE_FILE +exit 0 diff --git a/images/aria2/conf/run.sh b/images/aria2/conf/run.sh deleted file mode 100644 index 774f21b6..00000000 --- a/images/aria2/conf/run.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/usr/bin/env sh - -sed -i "s/6800/${ARIA2_PORT}/g" /etc/aria2c/aria2c.conf -sed -i "s/aria2pwd/${ARIA2_SECRET}/g" /etc/aria2c/aria2c.conf - -aria2c --conf-path=/etc/aria2c/aria2c.conf -D -darkhttpd /data/ --port ${WEBUI_PORT} \ No newline at end of file diff --git a/images/aria2/docker-compose.yml b/images/aria2/docker-compose.yml deleted file mode 100644 index eba8aed6..00000000 --- a/images/aria2/docker-compose.yml +++ /dev/null @@ -1,23 +0,0 @@ -version: '3' -services: - redis: - image: registry.cn-hongkong.aliyuncs.com/imxieke/aria2:latest - ports: - - "6800:6800/tcp" - - "8080:8080/tcp" - volumes: - - $HOME/Downloads:/downloads - environment: - ARIA2_PORT: 6800 - ARIA2_SECRET: aria2pwd - WEBUI_PORT: 8080 - restart: on-failur - deploy: - resources: - limits: - cpus: "0.5" - memory: 512M - restart_policy: - condition: on-failure - max_attempts: 3 - delay: 10s \ No newline at end of file diff --git a/images/beanstalkd-console/Dockerfile b/images/beanstalkd-console/Dockerfile new file mode 100644 index 00000000..1a768bd0 --- /dev/null +++ b/images/beanstalkd-console/Dockerfile @@ -0,0 +1,17 @@ +FROM php:latest + +LABEL maintainer="Mahmoud Zalt " + +RUN apt-get update && apt-get install -y curl + +RUN curl -sL https://github.com/ptrofimov/beanstalk_console/archive/master.tar.gz | tar xvz -C /tmp +RUN mv /tmp/beanstalk_console-master /source + +RUN apt-get remove --purge -y curl && \ + apt-get autoclean && \ + apt-get clean && \ + rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + +EXPOSE 2080 + +CMD bash -c 'BEANSTALK_SERVERS=$BEANSTALKD_PORT_11300_TCP_ADDR:11300 php -S 0.0.0.0:2080 -t /source/public' diff --git a/images/beanstalkd/Dockerfile b/images/beanstalkd/Dockerfile new file mode 100644 index 00000000..ea1f87a8 --- /dev/null +++ b/images/beanstalkd/Dockerfile @@ -0,0 +1,16 @@ +FROM phusion/baseimage:latest + +MAINTAINER Mahmoud Zalt + +ENV DEBIAN_FRONTEND noninteractive +ENV PATH /usr/local/rvm/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + +RUN apt-get update +RUN apt-get install -y beanstalkd +RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + +VOLUME /var/lib/beanstalkd/data + +EXPOSE 11300 + +CMD ["/usr/bin/beanstalkd"] \ No newline at end of file diff --git a/images/boxs/Dockerfile b/images/boxs/Dockerfile new file mode 100644 index 00000000..4768d6ac --- /dev/null +++ b/images/boxs/Dockerfile @@ -0,0 +1,51 @@ +FROM registry.cn-hongkong.aliyuncs.com/imxieke/ubuntu:20.04 +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +ADD script/bootstrap.sh /usr/bin/boxs +ADD conf.d/.zshrc /tmp/.zshrc + +# COPY ./unity/supervisor.conf /etc/supervisor/conf.d/ +# COPY ./unity/xsession ${HOME}/.xsession +# COPY ./unity/startup.sh /bin/startup.sh +# COPY ./unity/unity.sh ${SHELL_DIR}/ + +# ADD ./xfce/ $HOME/ +# ADD ./script $STARTUPDIR + +# ADD conf/.xinitrc /root/.xinitrc +# ADD conf/.ratpoisonrc /root/.ratpoisonrc +# ADD conf/.xsession /root/.xsession +# ADD conf/vnc/xstartup /root/.vnc/xstartup + +ENV USER="boxs" \ + PASSWD="boxs" \ + AUTHORIZED_KEYS='**None**' \ + HOME_DIR=/home/$USER \ + DEBIAN_FRONTEND=noninteractive \ + TERM=xterm \ + NO_VNC_HOME=/opt/noVNC \ + VNC_COL_DEPTH=24 \ + VNC_RESOLUTION=1360x768 \ + VNC_PW=boxs \ + VNC_VIEW_ONLY=false \ + DISPLAY=:1 \ + VNC_PORT=5901 \ + NO_VNC_PORT=6901 \ + NO_VNC_HOME=/home/ubuntu/.noVNC \ + INST_SCRIPTS=/home/ubuntu/install \ + STARTUPDIR=/startup + +RUN chmod +x /usr/bin/boxs && bash /usr/bin/boxs + +USER ${USER} +WORKDIR ${HOME_DIR} + +# VOLUME ['/var/www'] +# VOLUME ['/etc/nginx/conf.d/'] +EXPOSE 22 80 443 6080 ${VNC_PORT} ${NO_VNC_PORT} + +CMD ['/bin/zsh'] +CMD ["/bin/bash", "/bin/startup.sh"] +ENTRYPOINT ["/bin/bash", "/bin/startup.sh"] +CMD ["--wait"] diff --git a/images/boxs/README.md b/images/boxs/README.md new file mode 100644 index 00000000..0aaad35e --- /dev/null +++ b/images/boxs/README.md @@ -0,0 +1,107 @@ +## About + +## Feature +- Web Server + - [Nginx](https://github.com/nginx/nginx) + - [OpenRestry](https://github.com/openresty/openresty) + -[Tengine](https://github.com/alibaba/tengine) +- Nginx Module + - https://github.com/arut/nginx-rtmp-module + - https://github.com/openresty/lua-nginx-module + - https://github.com/openresty/lua-upstream-nginx-module + - https://github.com/openresty/stream-lua-nginx-module + - https://github.com/openresty/meta-lua-nginx-module + - https://github.com/wandenberg/nginx-push-stream-module + - https://github.com/winshining/nginx-http-flv-module + - https://github.com/weibocom/nginx-upsync-module + - https://github.com/yaoweibin/nginx_tcp_proxy_module + - https://github.com/google/ngx_brotli + - https://github.com/kaltura/nginx-vod-module + - https://github.com/FRiCKLE/ngx_cache_purge + - https://github.com/chobits/ngx_http_proxy_connect_module + - https://github.com/fdintino/nginx-upload-module + - https://github.com/leev/ngx_http_geoip2_module + - https://github.com/FRiCKLE/ngx_postgres + - https://github.com/arut/nginx-ts-module + - https://github.com/arut/nginx-dav-ext-module + - https://github.com/rryqszq4/ngx_php7 + - https://github.com/oupula/ngx_image_thumb + - https://github.com/alibaba/nginx-tfs + - https://github.com/alibaba/nginx-http-sysguard + - https://github.com/evansun922/nginx-quic + - https://github.com/alibaba/nginx-http-user-agent + - https://github.com/winshining/nginx-http-flv-module + - https://github.com/arut/nginx-mtask-module + - https://github.com/rryqszq4/ngx_sqlite + - https://github.com/arut/nginx-dlna-module + - https://github.com/arut/nginx-mysql-hsock-module + - https://github.com/arut/nginx-let-module + - https://github.com/rryqszq4/ngx_python + - https://github.com/hongzhidao/nginx-upload-module + - https://github.com/alibaba/nginx-backtrace + - https://github.com/google/nginx-sxg-module + - https://github.com/FRiCKLE/ngx_supervisord + - https://github.com/alibaba/nginx-http-slice + - https://github.com/arut/nginx-mysql-module + - https://github.com/arut/nginx-python-module + - https://github.com/FRiCKLE/ngx_slowfs_cache + - https://github.com/replay/ngx_http_consistent_hash + - https://github.com/alibaba/nginx-http-footer-filter + - https://github.com/zls0424/ngx_req_status + - https://github.com/qieangel2013/ngx-fastdfs + - https://github.com/TeslaGov/ngx-http-auth-jwt-module + - https://github.com/alibaba/nginx-http-concat + - https://github.com/arut/nginx-live-module + - https://github.com/yaoweibin/ngx_http_substitutions_filter_module + - https://github.com/beyondblog/ngx_lua_google_auth + - https://github.com/PhillipTaylor/ngx_http_knock_module +- Nginx Waf + - https://github.com/nbs-system/naxsi + - https://github.com/loveshell/ngx_lua_waf + - https://github.com/gsdu8g9/waf-nginx-module + - https://github.com/oneinstack/ngx_lua_waf + - https://github.com/taihedeveloper/ngx_lua_waf + - +- oh-my-zsh +- neovim +- tools + - [x] jq + - [x] bat +- golang +- nodejs +- python +- ruby +- rust +- dotnet +- code-server (VSCode Web Version) +- openssh +- vnc + - novnc + - Desktop + - cinnamon + - gnome + - kde-plasma-desktop + - ubuntu-desktop + - ubuntu-unity-desktop + - kubuntu-desktop + - lubuntu-desktop + - xubuntu-desktop + - mate-desktop + - plasma-desktop kde + - ros-desktop unknow + - ukui-desktop-environment + - xfce4 + - lxde + - lxqt +- and more ... + +# Mirrors + +## TODO +- 修改 /etc/update-motd.d ssh 登陆欢迎信息 +- fix PATH +- ngrok in docker + +## Packages + +## help diff --git a/images/ubuntu/README.unity.md b/images/boxs/README.unity.md similarity index 100% rename from images/ubuntu/README.unity.md rename to images/boxs/README.unity.md diff --git a/images/boxs/app b/images/boxs/app new file mode 160000 index 00000000..b84ab15a --- /dev/null +++ b/images/boxs/app @@ -0,0 +1 @@ +Subproject commit b84ab15aac2b42e24f5c23a43914e87e37035200 diff --git a/images/boxs/conf.d/1/50-motd-news b/images/boxs/conf.d/1/50-motd-news new file mode 100755 index 00000000..4b0b56a7 --- /dev/null +++ b/images/boxs/conf.d/1/50-motd-news @@ -0,0 +1,146 @@ +#!/bin/sh +# +# 50-motd-news - print the live news from the Ubuntu wire +# Copyright (C) 2016-2020 Canonical Ltd. +# Copyright (C) 2016-2017 Dustin Kirkland +# +# Authors: Dustin Kirkland +# Steve Langasek +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +############################################################################## +# This program could be rewritten in C or Golang for faster performance. +# Or it could be rewritten in Python or another higher level language +# for more modularity. +# However, I've insisted on shell here for transparency! +# - Dustin +############################################################################## + +# Source the local configuration +[ -r /etc/default/motd-news ] && . /etc/default/motd-news + +# Exit immediately, unless we're enabled +# This makes this script very easy to disable in /etc/default/motd-news configuration +[ "$ENABLED" = "1" ] || exit 0 + +# Ensure sane defaults +[ -n "$URLS" ] || URLS="https://motd.ubuntu.com" +[ -n "$WAIT" ] || WAIT=5 +[ -n "$CACHE" ] || CACHE="/var/cache/motd-news" +[ "$1" = "--force" ] && FORCED=1 + +# Ensure we print safely, maximum of the first 10 lines, +# maximum of the first 80 chars per line, no control chars +safe_print() { + cat "$1" | head -n 10 | tr -d '\000-\011\013\014\016-\037' | cut -c -80 +} + + +# If we're not forcing an update, and we have a cached motd-news file, +# then just print it and exit as quickly as possible, for login performance. +# Note that systemd should keep this cache file up to date, asynchronously +if [ "$FORCED" != "1" ]; then + if [ -r $CACHE ]; then + echo + safe_print $CACHE + elif [ "$(id -u)" -eq 0 ]; then + : > $CACHE + fi + exit 0 +fi + +# If we've made it here, we've been given the --force argument, +# probably from the systemd motd-news.service. Let's update... + +# Abort early if wget is missing +[ -x /usr/bin/wget ] || exit 0 + +# Generate our temp files, clean up when done +NEWS=$(mktemp) || exit 1 +ERR=$(mktemp) || exit 1 +CLOUD=$(mktemp) || exit 1 +trap "rm -f $NEWS $ERR $CLOUD" HUP INT QUIT ILL TRAP KILL BUS TERM + +# Construct a user agent, similar to Firefox/Chrome/Safari/IE to +# ensure a proper, tailored, accurate message of the day + +# wget browser version, for debug purposes +wget_ver="$(dpkg -l wget | awk '$1 == "ii" { print($3); exit(0); }')" + +# Distribution version, for messages releated to this Ubuntu release +. /etc/lsb-release +lsb=$(echo "$DISTRIB_DESCRIPTION" | sed -e "s/ /\//g") +codename="$DISTRIB_CODENAME" + +# Kernel version and CPU type, for messages related to a particular revision or hardware +platform="$(uname -o)/$(uname -r)/$(uname -m)" +arch="$(uname -m)" +cpu="$(grep -m1 "^model name" /proc/cpuinfo | sed -e "s/.*: //" -e "s:\s\+:/:g")" +cloud_id="unknown" +if [ -x /usr/bin/cloud-id ]; then + /usr/bin/cloud-id > "$CLOUD" 2>/dev/null + if [ "$?" -eq "0" ]; then + # sanitize it a bit, just in case + cloud_id=$(cut -c -40 "${CLOUD}" | tr -c -d '[:alnum:]') + if [ -z "${cloud_id}" ]; then + cloud_id="unknown" + fi + fi +fi + +# Piece together the user agent +USER_AGENT="wget/$wget_ver $lsb $platform $cpu cloud_id/$cloud_id" + +# Loop over any configured URLs +for u in $URLS; do + # Ensure https:// protocol, for security reasons + case $u in + https://*) + true + ;; + https://motd.ubuntu.com) + u="$u/$codename/$arch" + ;; + *) + continue + ;; + esac + # If we're forced, set the wait to much higher (1 minute) + [ "$FORCED" = "1" ] && WAIT=60 + # Fetch and print the news motd + result=0 + not_found_is_ok=0 + wget --timeout "$WAIT" -U "$USER_AGENT" -O- --content-on-error "$u" >"$NEWS" 2>"$ERR" || result=$? + # from wget's manpage: 8 Server issued an error response. + if [ $result -eq 8 ]; then + if grep -q "ERROR 404" "$ERR"; then + # The server's 404 document is the generic, non cloud-specific, motd-news + # content present in the index.txt file + not_found_is_ok=1 + fi + fi + if [ $result -eq 0 ] || [ $not_found_is_ok -eq 1 ]; then + echo + # At most, 10 lines of text, remove control characters, print at most 80 characters per line + safe_print "$NEWS" + # Try to update the cache + safe_print "$NEWS" 2>/dev/null >$CACHE || true + else + : > "$CACHE" + fi +done +rm -f "$NEWS" "$ERR" "$CLOUD" +exit 0 diff --git a/images/boxs/conf.d/1/60-unminimize b/images/boxs/conf.d/1/60-unminimize new file mode 100755 index 00000000..7f1d44ec --- /dev/null +++ b/images/boxs/conf.d/1/60-unminimize @@ -0,0 +1,9 @@ +#!/bin/sh +# +# This file is not managed by a package. If you no longer want to +# see this message you can safely remove the file. +echo "" +echo "This system has been minimized by removing packages and content that are" +echo "not required on a system that users do not log into." +echo "" +echo "To restore this content, you can run the 'unminimize' command." diff --git a/images/cmdide/conf.d/default.conf b/images/boxs/conf.d/default.conf similarity index 100% rename from images/cmdide/conf.d/default.conf rename to images/boxs/conf.d/default.conf diff --git a/images/ubuntu/xfce/.config/background.jpg b/images/boxs/conf.d/desktop/xfce/.config/background.jpg similarity index 100% rename from images/ubuntu/xfce/.config/background.jpg rename to images/boxs/conf.d/desktop/xfce/.config/background.jpg diff --git a/images/ubuntu/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-desktop.xml b/images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-desktop.xml similarity index 100% rename from images/ubuntu/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-desktop.xml rename to images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-desktop.xml diff --git a/images/ubuntu/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-keyboard-shortcuts.xml b/images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-keyboard-shortcuts.xml similarity index 100% rename from images/ubuntu/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-keyboard-shortcuts.xml rename to images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-keyboard-shortcuts.xml diff --git a/images/ubuntu/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml b/images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml similarity index 100% rename from images/ubuntu/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml rename to images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml diff --git a/images/ubuntu/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfwm4.xml b/images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfwm4.xml similarity index 100% rename from images/ubuntu/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfwm4.xml rename to images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfwm4.xml diff --git a/images/ubuntu/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xsettings.xml b/images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xsettings.xml similarity index 100% rename from images/ubuntu/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xsettings.xml rename to images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xsettings.xml diff --git a/images/ubuntu/xfce/Desktop/.firefox.desktop b/images/boxs/conf.d/desktop/xfce/Desktop/.firefox.desktop similarity index 100% rename from images/ubuntu/xfce/Desktop/.firefox.desktop rename to images/boxs/conf.d/desktop/xfce/Desktop/.firefox.desktop diff --git a/images/ubuntu/xfce/Desktop/chromium-browser.desktop b/images/boxs/conf.d/desktop/xfce/Desktop/chromium-browser.desktop similarity index 100% rename from images/ubuntu/xfce/Desktop/chromium-browser.desktop rename to images/boxs/conf.d/desktop/xfce/Desktop/chromium-browser.desktop diff --git a/images/cmdide/conf.d/index.php b/images/boxs/conf.d/index.php similarity index 98% rename from images/cmdide/conf.d/index.php rename to images/boxs/conf.d/index.php index 558541c9..802f3433 100644 --- a/images/cmdide/conf.d/index.php +++ b/images/boxs/conf.d/index.php @@ -1,23 +1,6 @@ &1 | grep -q OpenSSH ) 2>/dev/null || exit 0 + +umask 022 + +if test -f /etc/default/ssh; then + . /etc/default/ssh +fi + +. /lib/lsb/init-functions + +if [ -n "$2" ]; then + SSHD_OPTS="$SSHD_OPTS $2" +fi + +# Are we running from init? +run_by_init() { + ([ "$previous" ] && [ "$runlevel" ]) || [ "$runlevel" = S ] +} + +check_for_no_start() { + # forget it if we're trying to start, and /etc/ssh/sshd_not_to_be_run exists + if [ -e /etc/ssh/sshd_not_to_be_run ]; then + if [ "$1" = log_end_msg ]; then + log_end_msg 0 || true + fi + if ! run_by_init; then + log_action_msg "OpenBSD Secure Shell server not in use (/etc/ssh/sshd_not_to_be_run)" || true + fi + exit 0 + fi +} + +check_dev_null() { + if [ ! -c /dev/null ]; then + if [ "$1" = log_end_msg ]; then + log_end_msg 1 || true + fi + if ! run_by_init; then + log_action_msg "/dev/null is not a character device!" || true + fi + exit 1 + fi +} + +check_privsep_dir() { + # Create the PrivSep empty dir if necessary + if [ ! -d /run/sshd ]; then + mkdir /run/sshd + chmod 0755 /run/sshd + fi +} + +check_config() { + if [ ! -e /etc/ssh/sshd_not_to_be_run ]; then + /usr/sbin/sshd $SSHD_OPTS -t || exit 1 + fi +} + +export PATH="${PATH:+$PATH:}/usr/sbin:/sbin" + +case "$1" in + start) + check_privsep_dir + check_for_no_start + check_dev_null + log_daemon_msg "Starting OpenBSD Secure Shell server" "sshd" || true + if start-stop-daemon --start --quiet --oknodo --chuid 0:0 --pidfile /run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then + log_end_msg 0 || true + else + log_end_msg 1 || true + fi + ;; + stop) + log_daemon_msg "Stopping OpenBSD Secure Shell server" "sshd" || true + if start-stop-daemon --stop --quiet --oknodo --pidfile /run/sshd.pid --exec /usr/sbin/sshd; then + log_end_msg 0 || true + else + log_end_msg 1 || true + fi + ;; + + reload|force-reload) + check_for_no_start + check_config + log_daemon_msg "Reloading OpenBSD Secure Shell server's configuration" "sshd" || true + if start-stop-daemon --stop --signal 1 --quiet --oknodo --pidfile /run/sshd.pid --exec /usr/sbin/sshd; then + log_end_msg 0 || true + else + log_end_msg 1 || true + fi + ;; + + restart) + check_privsep_dir + check_config + log_daemon_msg "Restarting OpenBSD Secure Shell server" "sshd" || true + start-stop-daemon --stop --quiet --oknodo --retry 30 --pidfile /run/sshd.pid --exec /usr/sbin/sshd + check_for_no_start log_end_msg + check_dev_null log_end_msg + if start-stop-daemon --start --quiet --oknodo --chuid 0:0 --pidfile /run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then + log_end_msg 0 || true + else + log_end_msg 1 || true + fi + ;; + + try-restart) + check_privsep_dir + check_config + log_daemon_msg "Restarting OpenBSD Secure Shell server" "sshd" || true + RET=0 + start-stop-daemon --stop --quiet --retry 30 --pidfile /run/sshd.pid --exec /usr/sbin/sshd || RET="$?" + case $RET in + 0) + # old daemon stopped + check_for_no_start log_end_msg + check_dev_null log_end_msg + if start-stop-daemon --start --quiet --oknodo --chuid 0:0 --pidfile /run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then + log_end_msg 0 || true + else + log_end_msg 1 || true + fi + ;; + 1) + # daemon not running + log_progress_msg "(not running)" || true + log_end_msg 0 || true + ;; + *) + # failed to stop + log_progress_msg "(failed to stop)" || true + log_end_msg 1 || true + ;; + esac + ;; + + status) + status_of_proc -p /run/sshd.pid /usr/sbin/sshd sshd && exit 0 || exit $? + ;; + + *) + log_action_msg "Usage: /etc/init.d/ssh {start|stop|reload|force-reload|restart|try-restart|status}" || true + exit 1 +esac + +exit 0 \ No newline at end of file diff --git a/images/boxs/conf.d/landscape-sysinfo.py b/images/boxs/conf.d/landscape-sysinfo.py new file mode 100644 index 00000000..9db55ef5 --- /dev/null +++ b/images/boxs/conf.d/landscape-sysinfo.py @@ -0,0 +1,22 @@ +#!/usr/bin/python3 +import sys, os + +try: + if os.path.dirname(os.path.abspath(sys.argv[0])) == os.path.abspath("scripts"): + sys.path.insert(0, "./") + else: + from landscape.lib.warning import hide_warnings + hide_warnings() + + from twisted.internet import reactor + + from landscape.sysinfo.deployment import run +except ImportError: + # For some reasons the libraries are not importable for now. We are + # probably during an upgrade procedure, so let's exit, expecting the + # dependencies to be fixed at next run. + sys.exit(2) + + +if __name__ == "__main__": + run(sys.argv[1:], reactor) \ No newline at end of file diff --git a/images/cmdide/conf.d/letsencrypt-renew b/images/boxs/conf.d/letsencrypt-renew similarity index 100% rename from images/cmdide/conf.d/letsencrypt-renew rename to images/boxs/conf.d/letsencrypt-renew diff --git a/images/cmdide/conf.d/letsencrypt-setup b/images/boxs/conf.d/letsencrypt-setup similarity index 100% rename from images/cmdide/conf.d/letsencrypt-setup rename to images/boxs/conf.d/letsencrypt-setup diff --git a/images/boxs/conf.d/motd.sh b/images/boxs/conf.d/motd.sh new file mode 100644 index 00000000..83381fc3 --- /dev/null +++ b/images/boxs/conf.d/motd.sh @@ -0,0 +1,21 @@ +#!/bin/sh + +[ -r /etc/lsb-release ] && . /etc/lsb-release +[ -r /etc/lsb-release ] && . /usr/lib/os-release + +if [ -z "$DISTRIB_DESCRIPTION" ] && [ -x /usr/bin/lsb_release ]; then + # Fall back to using the very slow lsb_release utility + DISTRIB_DESCRIPTION=$(lsb_release -s -d) +fi + +printf "Welcome to %s (%s %s %s)\n" "$DISTRIB_DESCRIPTION" "$(uname -o)" "$(uname -r)" "$(uname -m)" + +printf "\n" +printf " * Documentation: https://help.ubuntu.com\n" +printf " * Management: https://landscape.canonical.com\n" +printf " * Support: https://ubuntu.com/advantage\n" + + # System load: 1.0 Processes: 135 + # Usage of /: 51.9% of 49.15GB Users logged in: 1 + # Memory usage: 28% IP address for eth0: 10.0.0.16 + # Swap usage: 39% IP address for docker0: 172.17.0.1 \ No newline at end of file diff --git a/images/boxs/conf.d/motd/50-landscape-sysinfo b/images/boxs/conf.d/motd/50-landscape-sysinfo new file mode 100644 index 00000000..b1573ab3 --- /dev/null +++ b/images/boxs/conf.d/motd/50-landscape-sysinfo @@ -0,0 +1,14 @@ +#!/bin/sh +cores=$(grep -c ^processor /proc/cpuinfo 2>/dev/null) +[ "$cores" -eq "0" ] && cores=1 +threshold="${cores:-1}.0" +if [ $(echo "`cut -f1 -d ' ' /proc/loadavg` < $threshold" | bc) -eq 1 ]; then + echo + echo -n " System information as of " + /bin/date + echo + /usr/bin/landscape-sysinfo +else + echo + echo " System information disabled due to load higher than $threshold" +fi \ No newline at end of file diff --git a/images/boxs/conf.d/motd/50-motd-news b/images/boxs/conf.d/motd/50-motd-news new file mode 100755 index 00000000..08d7f0dc --- /dev/null +++ b/images/boxs/conf.d/motd/50-motd-news @@ -0,0 +1,135 @@ +#!/bin/sh +# +# 50-motd-news - print the live news from the Ubuntu wire +# Copyright (C) 2016-2017 Canonical Ltd. +# Copyright (C) 2016-2017 Dustin Kirkland +# +# Authors: Dustin Kirkland +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +############################################################################## +# This program could be rewritten in C or Golang for faster performance. +# Or it could be rewritten in Python or another higher level language +# for more modularity. +# However, I've insisted on shell here for transparency! +# - Dustin +############################################################################## + +# Source the local configuration +[ -r /etc/default/motd-news ] && . /etc/default/motd-news + +# Exit immediately, unless we're enabled +# This makes this script very easy to disable in /etc/default/motd-news configuration +[ "$ENABLED" = "1" ] || exit 0 + +# Ensure sane defaults +[ -n "$URLS" ] || URLS="https://motd.ubuntu.com" +[ -n "$WAIT" ] || WAIT=5 +[ -n "$CACHE" ] || CACHE="/var/cache/motd-news" +[ "$1" = "--force" ] && FORCED=1 + +# Ensure we print safely, maximum of the first 10 lines, +# maximum of the first 80 chars per line, no control chars +safe_print() { + cat "$1" | head -n 10 | tr -d '\000-\011\013\014\016-\037' | cut -c -80 +} + + +# If we're not forcing an update, and we have a cached motd-news file, +# then just print it and exit as quickly as possible, for login performance. +# Note that systemd should keep this cache file up to date, asynchronously +if [ "$FORCED" != "1" ]; then + if [ -r $CACHE ]; then + echo + safe_print $CACHE + else + : > $CACHE + fi + exit 0 +fi + +# If we've made it here, we've been given the --force argument, +# probably from the systemd motd-news.service. Let's update... + +# Generate our temp files, clean up when done +NEWS=$(mktemp) || exit 1 +ERR=$(mktemp) || exit 1 +CLOUD=$(mktemp) || exit 1 +trap "rm -f $NEWS $ERR $CLOUD" HUP INT QUIT ILL TRAP KILL BUS TERM + +# Construct a user agent, similar to Firefox/Chrome/Safari/IE to +# ensure a proper, tailored, accurate message of the day + +# Curl browser version, for debug purposes +curl_ver="$(dpkg -l curl | awk '$1 == "ii" { print($3); exit(0); }')" + +# Distribution version, for messages releated to this Ubuntu release +. /etc/lsb-release +lsb=$(echo "$DISTRIB_DESCRIPTION" | sed -e "s/ /\//g") +codename="$DISTRIB_CODENAME" + +# Kernel version and CPU type, for messages related to a particular revision or hardware +platform="$(uname -o)/$(uname -r)/$(uname -m)" +arch="$(uname -m)" +cpu="$(grep -m1 "^model name" /proc/cpuinfo | sed -e "s/.*: //" -e "s:\s\+:/:g")" +cloud_id="unknown" +if [ -x /usr/bin/cloud-id ]; then + /usr/bin/cloud-id > "$CLOUD" 2>/dev/null + if [ $? -eq 0 ]; then + # sanitize it a bit, just in case + cloud_id=$(cut -c -40 "${CLOUD}" | tr -c -d '[:alnum:]') + if [ -z "${cloud_id}" ]; then + cloud_id="unknown" + fi + fi +fi + +# Some messages may only be pertinent before or after some amount of uptime +read up idle < /proc/uptime +uptime="uptime/$up/$idle" + +# Piece together the user agent +USER_AGENT="curl/$curl_ver $lsb $platform $cpu $uptime cloud_id/$cloud_id" + +# Loop over any configured URLs +for u in $URLS; do + # Ensure https:// protocol, for security reasons + case $u in + https://*) + true + ;; + https://motd.ubuntu.com) + u="$u/$codename/$arch" + ;; + *) + continue + ;; + esac + # If we're forced, set the wait to much higher (1 minute) + [ "$FORCED" = "1" ] && WAIT=60 + # Fetch and print the news motd + if curl --connect-timeout "$WAIT" --max-time "$WAIT" -A "$USER_AGENT" -o- "$u" >"$NEWS" 2>"$ERR"; then + echo + # At most, 10 lines of text, remove control characters, print at most 80 characters per line + safe_print "$NEWS" + # Try to update the cache + safe_print "$NEWS" 2>/dev/null >$CACHE || true + else + : > "$CACHE" + fi +done +rm -f "$NEWS" "$ERR" "$CLOUD" +exit 0 diff --git a/images/boxs/conf.d/motd/80-esm b/images/boxs/conf.d/motd/80-esm new file mode 100755 index 00000000..08576213 --- /dev/null +++ b/images/boxs/conf.d/motd/80-esm @@ -0,0 +1,24 @@ +#!/bin/sh + +SERIES=$(lsb_release -cs) +DESCRIPTION=$(lsb_release -ds) + +[ "$SERIES" = "precise" ] || exit 0 + +[ -x /usr/bin/ubuntu-advantage ] || exit 0 + +if ubuntu-advantage is-esm-enabled; then + cat </dev/null | sort -r) || true +echo diff --git a/images/boxs/conf.d/motd/98-fsck-at-reboot b/images/boxs/conf.d/motd/98-fsck-at-reboot new file mode 100755 index 00000000..e5ec39e5 --- /dev/null +++ b/images/boxs/conf.d/motd/98-fsck-at-reboot @@ -0,0 +1,5 @@ +#!/bin/sh + +if [ -x /usr/lib/update-notifier/update-motd-fsck-at-reboot ]; then + exec /usr/lib/update-notifier/update-motd-fsck-at-reboot +fi \ No newline at end of file diff --git a/images/boxs/conf.d/motd/98-reboot-required b/images/boxs/conf.d/motd/98-reboot-required new file mode 100755 index 00000000..e86de0ba --- /dev/null +++ b/images/boxs/conf.d/motd/98-reboot-required @@ -0,0 +1,5 @@ +#!/bin/sh + +if [ -x /usr/lib/update-notifier/update-motd-reboot-required ]; then + exec /usr/lib/update-notifier/update-motd-reboot-required +fi \ No newline at end of file diff --git a/images/cmdide/alpine/nginx.conf b/images/boxs/conf.d/nginx.2.conf similarity index 100% rename from images/cmdide/alpine/nginx.conf rename to images/boxs/conf.d/nginx.2.conf diff --git a/images/cmdide/conf.d/nginx.conf b/images/boxs/conf.d/nginx.conf similarity index 100% rename from images/cmdide/conf.d/nginx.conf rename to images/boxs/conf.d/nginx.conf diff --git a/images/boxs/conf.d/nginx.conf.d/LICENSE b/images/boxs/conf.d/nginx.conf.d/LICENSE new file mode 100644 index 00000000..f288702d --- /dev/null +++ b/images/boxs/conf.d/nginx.conf.d/LICENSE @@ -0,0 +1,674 @@ + GNU GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The GNU General Public License is a free, copyleft license for +software and other kinds of works. + + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +the GNU General Public License is intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. We, the Free Software Foundation, use the +GNU General Public License for most of our software; it applies also to +any other work released this way by its authors. You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + + To protect your rights, we need to prevent others from denying you +these rights or asking you to surrender the rights. Therefore, you have +certain responsibilities if you distribute copies of the software, or if +you modify it: responsibilities to respect the freedom of others. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must pass on to the recipients the same +freedoms that you received. You must make sure that they, too, receive +or can get the source code. And you must show them these terms so they +know their rights. + + Developers that use the GNU GPL protect your rights with two steps: +(1) assert copyright on the software, and (2) offer you this License +giving you legal permission to copy, distribute and/or modify it. + + For the developers' and authors' protection, the GPL clearly explains +that there is no warranty for this free software. For both users' and +authors' sake, the GPL requires that modified versions be marked as +changed, so that their problems will not be attributed erroneously to +authors of previous versions. + + Some devices are designed to deny users access to install or run +modified versions of the software inside them, although the manufacturer +can do so. This is fundamentally incompatible with the aim of +protecting users' freedom to change the software. The systematic +pattern of such abuse occurs in the area of products for individuals to +use, which is precisely where it is most unacceptable. Therefore, we +have designed this version of the GPL to prohibit the practice for those +products. If such problems arise substantially in other domains, we +stand ready to extend this provision to those domains in future versions +of the GPL, as needed to protect the freedom of users. + + Finally, every program is threatened constantly by software patents. +States should not allow patents to restrict development and use of +software on general-purpose computers, but in those that do, we wish to +avoid the special danger that patents applied to a free program could +make it effectively proprietary. To prevent this, the GPL assures that +patents cannot be used to render the program non-free. + + The precise terms and conditions for copying, distribution and +modification follow. + + TERMS AND CONDITIONS + + 0. Definitions. + + "This License" refers to version 3 of the GNU General Public License. + + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + + A "covered work" means either the unmodified Program or a work based +on the Program. + + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + + 1. Source Code. + + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + + The Corresponding Source for a work in source code form is that +same work. + + 2. Basic Permissions. + + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Use with the GNU Affero General Public License. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU Affero General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the special requirements of the GNU Affero General Public License, +section 13, concerning interaction through a network will apply to the +combination as such. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +state the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . + +Also add information on how to contact you by electronic and paper mail. + + If the program does terminal interaction, make it output a short +notice like this when it starts in an interactive mode: + + Copyright (C) + This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, your program's commands +might be different; for a GUI interface, you would use an "about box". + + You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU GPL, see +. + + The GNU General Public License does not permit incorporating your program +into proprietary programs. If your program is a subroutine library, you +may consider it more useful to permit linking proprietary applications with +the library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. But first, please read +. diff --git a/images/boxs/conf.d/nginx.conf.d/README.md b/images/boxs/conf.d/nginx.conf.d/README.md new file mode 100644 index 00000000..0c60eb54 --- /dev/null +++ b/images/boxs/conf.d/nginx.conf.d/README.md @@ -0,0 +1,19 @@ +# nginx-conf + +We open source our NGINX conf. You can help us improve our service by contributing the conf. Also, we welcome you can build your own FastGit. + +## Filename rule + +[site_url].conf + +## Quick install + +Caution, till now, quick install **only supports Debian 10**. + +You can also take a try if you want to deploy FastGit on any system which uses APT as its package management tool (e.g., Ubuntu). +But we have no guarantee that the script will work properly. + +```bash +wget https://raw.githubusercontent.com/FastGitORG/nginx-conf/master/install-debian10.sh +sudo bash install-debian10.sh +``` diff --git a/images/boxs/conf.d/nginx.conf.d/anti-floc.conf b/images/boxs/conf.d/nginx.conf.d/anti-floc.conf new file mode 100644 index 00000000..fa8fb81c --- /dev/null +++ b/images/boxs/conf.d/nginx.conf.d/anti-floc.conf @@ -0,0 +1,2 @@ +# /etc/nginx/snippets/anti-floc.conf +add_header Permissions-Policy interest-cohort=(); \ No newline at end of file diff --git a/images/boxs/conf.d/nginx.conf.d/archive.fastgit.org.conf b/images/boxs/conf.d/nginx.conf.d/archive.fastgit.org.conf new file mode 100644 index 00000000..6aad19c1 --- /dev/null +++ b/images/boxs/conf.d/nginx.conf.d/archive.fastgit.org.conf @@ -0,0 +1,71 @@ +upstream GithubArchive { + server github.com:443; + keepalive 32; +} + +server { + listen 443 ssl http2; + server_name archive.fastgit.org; + root /www/wwwroot/fg; + index index.html; + + ssl_stapling on; + ssl_stapling_verify on; + ssl_trusted_certificate /var/www/cert/fg.pem; + + ssl_certificate /var/www/cert/fg.pem; + ssl_certificate_key /var/www/cert/fg.key; + + # Run following command & set permission before configuring + # curl https://ssl-config.mozilla.org/ffdhe2048.txt > /var/lib/nginx/dhparam.pem + ssl_dhparam /var/lib/nginx/dhparam.pem; + + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; + ssl_prefer_server_ciphers off; + + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 10m; + ssl_session_tickets off; + + error_page 497 https://$host$request_uri; + + include /etc/nginx/snippets/anti-floc.conf; + + # SSL + location ~ \.well-known{ + allow all; + } + + location / { + + } + + location ~ ^/[^/]+/[^/]+/releases(/latest)?/download/ { + return 301 https://download.fastgit.org$request_uri; + } + + location ~ ^/[^/]+/[^/]+/archive/ { + recursive_error_pages on; + proxy_pass https://GithubArchive; + proxy_intercept_errors on; + error_page 301 302 307 = @handle_redirect; + } + + location @handle_redirect { + resolver 8.8.8.8; + recursive_error_pages on; + set $saved_redirect_location '$upstream_http_location'; + proxy_pass $saved_redirect_location; + proxy_intercept_errors on; + error_page 301 302 307 = @handle_redirect; + } + + # Block search engine + if ($http_user_agent ~* "qihoobot|Baiduspider|Bingbot|Googlebot|Googlebot-Mobile|Googlebot-Image|Mediapartners-Google|Adsbot-Google|Feedfetcher-Google|Yahoo! Slurp|Yahoo! Slurp China|YoudaoBot|Sosospider|Sogou spider|Sogou web spider|MSNBot|ia_archiver|Tomato Bot") { + return 403; + } + + access_log /www/wwwlogs/archive.fastgit.org.log; + error_log /www/wwwlogs/archive.fastgit.org.error.log; +} diff --git a/images/boxs/conf.d/nginx.conf.d/assets.fastgit.org.conf b/images/boxs/conf.d/nginx.conf.d/assets.fastgit.org.conf new file mode 100644 index 00000000..5abab9b7 --- /dev/null +++ b/images/boxs/conf.d/nginx.conf.d/assets.fastgit.org.conf @@ -0,0 +1,81 @@ +server { + listen 443 ssl http2; + server_name assets.fastgit.org; + root /www/wwwroot/fg; + + ssl_stapling on; + ssl_stapling_verify on; + ssl_trusted_certificate /var/www/cert/fg.pem; + + ssl_certificate /var/www/cert/fg.pem; + ssl_certificate_key /var/www/cert/fg.key; + + # Run following command & set permission before configuring + # curl https://ssl-config.mozilla.org/ffdhe2048.txt > /var/lib/nginx/dhparam.pem + ssl_dhparam /var/lib/nginx/dhparam.pem; + + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; + ssl_prefer_server_ciphers off; + + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 60m; + ssl_session_tickets off; + + error_page 497 https://$host$request_uri; + + include /etc/nginx/snippets/anti-floc.conf; + + # SSL + location ~ \.well-known { + allow all; + } + + # Fuck Search Engine + location /robots.txt { + allow all; + } + + #PROXY-START/ + location ~* \.(php|jsp|cgi|asp|aspx)$ + { + proxy_pass https://github.githubassets.com; + proxy_set_header Host github.githubassets.com; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header REMOTE-HOST $remote_addr; + } + + location / + { + proxy_pass https://github.githubassets.com; + proxy_set_header Host github.githubassets.com; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header REMOTE-HOST $remote_addr; + add_header X-Cache $upstream_cache_status; + proxy_ignore_headers Set-Cookie Cache-Control expires; + # proxy_cache cache_one; + proxy_cache_key $host$uri$is_args$args; + proxy_cache_valid 200 304 301 302 480m; + expires 12h; + } + + # Block search engine + # if ($http_user_agent ~* "qihoobot|Baiduspider|Bingbot|Googlebot|Googlebot-Mobile|Googlebot-Image|Mediapartners-Google|Adsbot-Google|Feedfetcher-Google|Yahoo! Slurp|Yahoo! Slurp China|YoudaoBot|Sosospider|Sogou spider|Sogou web spider|MSNBot|ia_archiver|Tomato Bot") + # { + # return 403; + # } + + # Anti Agent Bot DDoS + # If behind CDN, use folloing commented code + # if ($http_x_forwarded_for != $remote_addr) { + # return 503; + # } + if ($proxy_add_x_forwarded_for != $remote_addr) { + return 503; + } + + access_log /www/wwwlogs/assets.fastgit.org.log; + error_log /www/wwwlogs/assets.fastgit.org.error.log; +} diff --git a/images/boxs/conf.d/nginx.conf.d/download.fastgit.org.conf b/images/boxs/conf.d/nginx.conf.d/download.fastgit.org.conf new file mode 100644 index 00000000..92077cf1 --- /dev/null +++ b/images/boxs/conf.d/nginx.conf.d/download.fastgit.org.conf @@ -0,0 +1,73 @@ +upstream GithubDownload { + server github.com:443; + keepalive 32; +} + +server { + listen 443 ssl http2; + server_name download.fastgit.org; + root /www/wwwroot/fg; + index index.html; + + ssl_stapling on; + ssl_stapling_verify on; + ssl_trusted_certificate /var/www/cert/fg.pem; + + ssl_certificate /var/www/cert/fg.pem; + ssl_certificate_key /var/www/cert/fg.key; + + # Run following command & set permission before configuring + # curl https://ssl-config.mozilla.org/ffdhe2048.txt > /var/lib/nginx/dhparam.pem + ssl_dhparam /var/lib/nginx/dhparam.pem; + + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; + ssl_prefer_server_ciphers off; + + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 10m; + ssl_session_tickets off; + + error_page 497 https://$host$request_uri; + + include /etc/nginx/snippets/anti-floc.conf; + + # SSL + location ~ \.well-known{ + allow all; + } + + location / { + + } + + location ~ ^/[^/]+/[^/]+/releases(/latest)?/download/ { + proxy_cache_valid 206 120m; + proxy_cache_valid 200 120m; + recursive_error_pages on; + proxy_pass https://GithubDownload; + proxy_intercept_errors on; + error_page 301 302 307 = @handle_redirect; + } + + location ~ ^/[^/]+/[^/]+/archive/ { + return 301 https://archive.fastgit.org$request_uri; + } + + location @handle_redirect { + resolver 8.8.8.8; + recursive_error_pages on; + set $saved_redirect_location '$upstream_http_location'; + proxy_pass $saved_redirect_location; + proxy_intercept_errors on; + error_page 301 302 307 = @handle_redirect; + } + + # Block search engine + if ($http_user_agent ~* "qihoobot|Baiduspider|Bingbot|Googlebot|Googlebot-Mobile|Googlebot-Image|Mediapartners-Google|Adsbot-Google|Feedfetcher-Google|Yahoo! Slurp|Yahoo! Slurp China|YoudaoBot|Sosospider|Sogou spider|Sogou web spider|MSNBot|ia_archiver|Tomato Bot") { + return 403; + } + + access_log /www/wwwlogs/download.fastgit.org.log; + error_log /www/wwwlogs/download.fastgit.org.error.log; +} diff --git a/images/boxs/conf.d/nginx.conf.d/fastgit.org.conf b/images/boxs/conf.d/nginx.conf.d/fastgit.org.conf new file mode 100644 index 00000000..538ab84d --- /dev/null +++ b/images/boxs/conf.d/nginx.conf.d/fastgit.org.conf @@ -0,0 +1,38 @@ +server { + listen 80; + listen [::]:80; + listen 443 ssl http2; + + server_name fastgit.org; + root /www/wwwroot/fgorg; + index index.html; + + ssl_stapling on; + ssl_stapling_verify on; + ssl_trusted_certificate /var/www/cert/fg.pem; + + ssl_certificate /var/www/cert/fg.pem; + ssl_certificate_key /var/www/cert/fg.key; + + # Run following command & set permission before configuring + # curl https://ssl-config.mozilla.org/ffdhe2048.txt > /var/lib/nginx/dhparam.pem + ssl_dhparam /var/lib/nginx/dhparam.pem; + + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; + ssl_prefer_server_ciphers off; + + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 60m; + ssl_session_tickets off; + + include /etc/nginx/snippets/anti-floc.conf; + + location / { + try_files $uri $uri/ =404; + } + + access_log /www/wwwlogs/fastgit.org.log; + error_log /www/wwwlogs/fastgit.org.error.log; + +} diff --git a/images/boxs/conf.d/nginx.conf.d/hub.fastgit.org.conf b/images/boxs/conf.d/nginx.conf.d/hub.fastgit.org.conf new file mode 100644 index 00000000..bd617566 --- /dev/null +++ b/images/boxs/conf.d/nginx.conf.d/hub.fastgit.org.conf @@ -0,0 +1,109 @@ +upstream github { + server github.com:443; + keepalive 32; +} + +server { + listen 443 ssl http2; + server_name hub.fastgit.org; + root /www/wwwroot/fg; + + ssl_stapling on; + ssl_stapling_verify on; + ssl_trusted_certificate /var/www/cert/fg.pem; + + ssl_certificate /var/www/cert/fg.pem; + ssl_certificate_key /var/www/cert/fg.key; + + # Run following command & set permission before configuring + # curl https://ssl-config.mozilla.org/ffdhe2048.txt > /var/lib/nginx/dhparam.pem + ssl_dhparam /var/lib/nginx/dhparam.pem; + + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; + ssl_prefer_server_ciphers off; + + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 60m; + ssl_session_tickets off; + + client_max_body_size 2G; + error_page 497 https://$host$request_uri; + + include /etc/nginx/snippets/anti-floc.conf; + + # SSL + location ~ \.well-known { + allow all; + } + + # releases download + location ~ ^/[^/]+/[^/]+/releases/download/ { + return 301 https://download.fastgit.org$request_uri; + } + + # archive download + location ~ ^/[^/]+/[^/]+/archive/ { + return 301 https://archive.fastgit.org$request_uri; + } + + # Fuck Search Engine + location /robots.txt { + allow all; + } + + location / { + proxy_hide_header referrer-policy; + proxy_hide_header content-security-policy; + proxy_hide_header Strict-Transport-Security; + proxy_hide_header set-cookie; + proxy_hide_header x-pjax-url; + + proxy_set_header Host github.com; + proxy_set_header Accept-Encoding ""; + #proxy_set_header Connection ""; + + add_header x-pjax-url "https://hub.fastgit.org$request_uri"; + add_header X-FastGit-Node "azure-ea-0"; + + proxy_http_version 1.1; + proxy_connect_timeout 10s; + proxy_read_timeout 10s; + + # Not supported when installed from Debian source + # proxy_socket_keepalive on; + + sub_filter "\"https://raw.githubusercontent.com" "\"https://raw.fastgit.org"; + sub_filter "\"https://github.com" "\"https://hub.fastgit.org"; + sub_filter "\"https://github.githubassets.com" "\"https://assets.fastgit.org"; + sub_filter "\"https://github.githubassets.com" "\"https://assets.fastgit.org"; + sub_filter "https://customer-stories-feed.github.com" "https://customer-stories-feed.fastgit.org"; + sub_filter_once off; + + proxy_redirect https://github.com https://hub.fastgit.org; + proxy_redirect https://raw.githubusercontent.com https://raw.fastgit.org; + proxy_redirect https://github.githubassets.com https://assets.fastgit.org; + proxy_redirect https://customer-stories-feed.github.com https://customer-stories-feed.fastgit.org; + proxy_redirect https://codeload.github.com https://codeload.fastgit.org; + + proxy_pass https://github; + } + + # Block search engine + # if ($http_user_agent ~* "qihoobot|Baiduspider|Bingbot|Googlebot|Googlebot-Mobile|Googlebot-Image|Mediapartners-Google|Adsbot-Google|Feedfetcher-Google|Yahoo! Slurp|Yahoo! Slurp China|YoudaoBot|Sosospider|Sogou spider|Sogou web spider|MSNBot|ia_archiver|Tomato Bot") + # { + # return 403; + # } + + # Anti Agent Bot DDoS + # If behind CDN, use folloing commented code + # if ($http_x_forwarded_for != $remote_addr) { + # return 503; + # } + if ($proxy_add_x_forwarded_for != $remote_addr) { + return 503; + } + + access_log /www/wwwlogs/hub.fastgit.org.log; + error_log /www/wwwlogs/hub.fastgit.org.error.log; +} diff --git a/images/boxs/conf.d/nginx.conf.d/install-debian10.sh b/images/boxs/conf.d/nginx.conf.d/install-debian10.sh new file mode 100644 index 00000000..5f39cccd --- /dev/null +++ b/images/boxs/conf.d/nginx.conf.d/install-debian10.sh @@ -0,0 +1,97 @@ +#!/bin/bash +# Only support Debian 10 + +if [ `whoami` != "root" ]; then + echo "sudo or root is required!" + exit 1 +fi + +if [ ! -f "/etc/debian_version" ]; then + echo "Boss, do you want to try debian?" + exit 1 +fi + +read -r -p "Install FastGit.org front? [Y/n] " input + +case $input in + [yY][eE][sS]|[yY]) + echo "You selected install" + ;; + + [nN][oO]|[nN]) + echo "You selected no install" + ;; + + *) + echo "Invalid input..." + exit 1 + ;; +esac + +echo "[I] Basic operations" +apt update +apt install curl wget nano -y + +echo "[I] Install Nginx & git" +apt install nginx -y +apt install git -y + +echo "[I] I love NGINX" +systemctl enable nginx +systemctl start nginx +systemctl stop nginx + +echo "[I] Install dhparam" +curl https://ssl-config.mozilla.org/ffdhe2048.txt > /var/lib/nginx/dhparam.pem +chmod +r /var/lib/nginx/dhparam.pem + +echo "[I] Download confs" +mkdir fastgit-tmp +cd fastgit-tmp +git clone https://github.com/FastGitORG/nginx-conf --depth=1 + +echo "[I] Install confs" +cd nginx-conf + +cp *.conf /etc/nginx/sites-enabled +mv /etc/nginx/sites-enabled/anti-floc.conf /etc/nginx/snippets/anti-floc.conf + +mkdir -p /www/wwwroot/fg +mkdir -p /www/wwwlogs +cp robots.txt /www/wwwroot/fg +echo "OK!" > /www/wwwroot/fg/index.html + +echo "[I] Process FastGit.org index.html" +case $input in + [yY][eE][sS]|[yY]) + git clone "https://github.com/FastGitORG/www" /www/wwwroot/fgorg + rm -rf /www/wwwroot/fgorg/.git + rm -rf /www/wwwroot/fgorg/README.md + rm -rf /www/wwwroot/fgorg/LICENSE + ;; + + [nN][oO]|[nN]) + rm -f /etc/nginx/sites-enabled/fastgit.org.conf + ;; +esac + +echo "[I] Clean tmp" +cd .. +rm -fR nginx-conf +cd .. +rm -fR fastgit-tmp + +mkdir -p /var/www/cert/ + +echo "Please delete this line, enter certification here, and save" > /var/www/cert/fg.pem +nano /var/www/cert/fg.pem + +echo "Please delete this line, enter private key here, and save" > /var/www/cert/fg.key +nano /var/www/cert/fg.key + +nginx -t + +systemctl start nginx +systemctl reload nginx + +echo "Enjoy! :D" diff --git a/images/boxs/conf.d/nginx.conf.d/raw.fastgit.org.conf b/images/boxs/conf.d/nginx.conf.d/raw.fastgit.org.conf new file mode 100644 index 00000000..0cfc228d --- /dev/null +++ b/images/boxs/conf.d/nginx.conf.d/raw.fastgit.org.conf @@ -0,0 +1,99 @@ +upstream rawgithub { + server raw.githubusercontent.com:443; + keepalive 32; +} + +server { + listen 443 ssl http2; + server_name raw.fastgit.org; + root /www/wwwroot/fg; + + ssl_stapling on; + ssl_stapling_verify on; + ssl_trusted_certificate /var/www/cert/fg.pem; + + ssl_certificate /var/www/cert/fg.pem; + ssl_certificate_key /var/www/cert/fg.key; + + # Run following command & set permission before configuring + # curl https://ssl-config.mozilla.org/ffdhe2048.txt > /var/lib/nginx/dhparam.pem + ssl_dhparam /var/lib/nginx/dhparam.pem; + + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; + ssl_prefer_server_ciphers off; + + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 10m; + ssl_session_tickets off; + + error_page 497 https://$host$request_uri; + + include /etc/nginx/snippets/anti-floc.conf; + + # SSL + location ~ \.well-known { + allow all; + } + + # Fuck Search Engine + location /robots.txt { + allow all; + } + + location / { + valid_referers none blocked *.fastgit.org raw.githubusercontent.com github.com; + if ($invalid_referer){ + return 403; + } + proxy_hide_header content-security-policy; + proxy_hide_header Strict-Transport-Security; + proxy_hide_header set-cookie; + proxy_hide_header x-pjax-url; + + proxy_set_header Host raw.githubusercontent.com; + proxy_set_header Accept-Encoding ""; + # proxy_set_header Connection ""; + + add_header X-FastGit-Node "dogyun-de-1"; + + proxy_http_version 1.1; + proxy_connect_timeout 5s; + proxy_read_timeout 5s; + + proxy_pass https://rawgithub; + } + + #location ~ .*\.(jpg|jpeg|gif|png|js|css)$ + #{ + # valid_referers none blocked *.fastgit.org raw.githubusercontent.com github.com; + # if ($invalid_referer){ + # return 403; + # } + # proxy_hide_header content-security-policy; + # proxy_hide_header Strict-Transport-Security; + # proxy_hide_header set-cookie; + # proxy_hide_header x-pjax-url; + # + # proxy_set_header Host raw.githubusercontent.com; + # proxy_set_header Accept-Encoding ""; + # #proxy_set_header Connection ""; + # + # add_header x-fastgit-node "dogyun-de-1"; + # + # proxy_http_version 1.1; + # proxy_connect_timeout 5s; + # proxy_read_timeout 5s; + # + # proxy_pass https://rawgithub; + #} + + # Block search engine + # if ($http_user_agent ~* "qihoobot|Baiduspider|Googlebot|Googlebot-Mobile|Googlebot-Image|Mediapartners-Google|Adsbot-Google|Feedfetcher-Google|Yahoo! Slurp|Yahoo! Slurp China|YoudaoBot|Sosospider|Sogou spider|Sogou web spider|MSNBot|ia_archiver|Tomato Bot") + # { + # return 403; + # } + + access_log /www/wwwlogs/raw.fastgit.org.log; + error_log /www/wwwlogs/raw.fastgit.org.error.log; +} diff --git a/images/boxs/conf.d/nginx.conf.d/robots.txt b/images/boxs/conf.d/nginx.conf.d/robots.txt new file mode 100644 index 00000000..c6742d8a --- /dev/null +++ b/images/boxs/conf.d/nginx.conf.d/robots.txt @@ -0,0 +1,2 @@ +User-Agent: * +Disallow: / diff --git a/images/boxs/conf.d/nginx/google.nginx.conf b/images/boxs/conf.d/nginx/google.nginx.conf new file mode 100644 index 00000000..9514f49c --- /dev/null +++ b/images/boxs/conf.d/nginx/google.nginx.conf @@ -0,0 +1,26 @@ +server { + server_name www.example.com; + + location / { + proxy_pass https://www.google.com/; + + proxy_redirect https://www.google.com/ /; + # proxy_redirect off; + proxy_cookie_domain google.com www.example.com; + + proxy_set_header Host "www.google.com"; + proxy_set_header Referer https://www.google.com; + proxy_set_header Accept-Encoding ""; + proxy_set_header Accept-Language "en-US"; + proxy_set_header User-Agent $http_user_agent; + + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; + + subs_filter http://www.google.com http://www.example.com; + subs_filter https://www.google.com http://www.example.com; + sub_filter_once off; + # 这里替换网页中的链接,因为我们的镜像站是http的,所以上面顺便把协议也一起替换了 + } +} diff --git a/images/boxs/conf.d/nginx/google2.nginx.conf b/images/boxs/conf.d/nginx/google2.nginx.conf new file mode 100644 index 00000000..ae2ced0a --- /dev/null +++ b/images/boxs/conf.d/nginx/google2.nginx.conf @@ -0,0 +1,35 @@ +server { + listen 443 ssl http2; + #listen [::]:443 ssl http2; + server_name 反代玉米; + + ssl_certificate /usr/local/nginx/conf/ssl/反代玉米证书.cer; + ssl_certificate_key /usr/local/nginx/conf/ssl/反代玉米证书.key; + ssl_session_timeout 5m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + ssl_ciphers "TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5"; + ssl_session_cache builtin:1000 shared:SSL:10m; + # openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048 + ssl_dhparam /usr/local/nginx/conf/ssl/dhparam.pem; + + location / { + proxy_pass https://www.google.com; + proxy_redirect off; + sub_filter_once off; + sub_filter "www.google.com" "反代玉米"; + proxy_set_header Host "www.google.com"; + proxy_set_header Referer $http_referer; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header User-Agent $http_user_agent; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; + proxy_set_header Accept-Encoding ""; + proxy_set_header Accept-Language "zh-CN"; + proxy_cookie_domain www.google.com 反代玉米; + proxy_set_header Cookie "PREF=ID=047808f19f6de346:U=0f62f33dd8549d11:FF=2:LD=en-US:NW=1:TM=1325338577:LM=1332142444:GM=1:SG=2:S=rE0SyJh2W1IQ-Maw"; + } + + access_log /root/log/google.log; + error_log /root/log/google_error.log; +} diff --git a/images/boxs/conf.d/nginx/gravatar.conf b/images/boxs/conf.d/nginx/gravatar.conf new file mode 100644 index 00000000..6b525653 --- /dev/null +++ b/images/boxs/conf.d/nginx/gravatar.conf @@ -0,0 +1,44 @@ +proxy_cache_path /tmp/cache levels=1:2 keys_zone=gravatar:50m inactive=30m max_size=50m; +server { + listen 80; + listen 443 ssl http2; + server_name gravatar.moeelf.com; + + ssl_protocols TLSv1.2; + ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS'; + + add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"; + + ssl_prefer_server_ciphers on; + ssl_session_timeout 10m; + ssl_session_cache builtin:1000 shared:SSL:10m; + ssl_buffer_size 1400; + + ssl_certificate /etc/nginx/ssl/moeelf.com/fullchain.cer; + ssl_certificate_key /etc/nginx/ssl/moeelf.com/gravatar.moeelf.com.key; + + location / { + proxy_pass https://secure.gravatar.com/; + + proxy_redirect off; + + # 向源站传送主机头、客户端真实 IP 等特定信息。 + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Accept-Encoding ""; + + # 指定缓存使用的空间。 + proxy_cache gravatar; + # 指定缓存使用的 key 值,方便定位清除缓存。 + proxy_cache_key $scheme$host$request_uri; + + # 指定对 200、301 或者 302 等有效代码缓存的时间长度,特定参数 any 表示对任何响应都缓存一定时间长度。 + proxy_cache_valid 200 304 7d; + proxy_cache_valid 301 24h; + proxy_cache_valid 500 502 503 504 0s; + proxy_cache_valid any 1d; + } + +} diff --git a/images/boxs/conf.d/nginx/sni-host.conf b/images/boxs/conf.d/nginx/sni-host.conf new file mode 100644 index 00000000..f14b2a27 --- /dev/null +++ b/images/boxs/conf.d/nginx/sni-host.conf @@ -0,0 +1,26 @@ +server { + listen 65531 ssl http2 reuseport; + server_name web1.moeelf.com; + + ssl_certificate /etc/nginx/ssl/web1.moeelf.com/fullchain.cer; + ssl_certificate_key /etc/nginx/ssl/web1.moeelf.com/web1.moeelf.com.key; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE; + ssl_prefer_server_ciphers on; + + #log_format stream '$remote_addr [$time_local] [$ssl_preread_server_name] [$route] $status $bytes_sent $bytes_received $session_time'; + access_log /var/log/nginx/web1.moeelf.com.log; +} +server { + listen 65532 ssl http2 reuseport; + server_name web2.moeelf.com; + + ssl_certificate /etc/nginx/ssl/web2.moeelf.com/fullchain.cer; + ssl_certificate_key /etc/nginx/ssl/web2.moeelf.com/web2.moeelf.com.key; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE; + ssl_prefer_server_ciphers on; + + #log_format stream '$remote_addr [$time_local] [$ssl_preread_server_name] [$route] $status $bytes_sent $bytes_received $session_time'; + access_log /var/log/nginx/web2.moeelf.com.log; +} diff --git a/images/boxs/conf.d/nginx/sni.nginx.conf b/images/boxs/conf.d/nginx/sni.nginx.conf new file mode 100644 index 00000000..a73e2c6a --- /dev/null +++ b/images/boxs/conf.d/nginx/sni.nginx.conf @@ -0,0 +1,26 @@ +stream { + map $ssl_preread_server_name $upstream { + web1.moeelf.com web1; + web2.moeelf.com web2; + default web; + } + + log_format stream '$remote_addr [$time_local] [$ssl_preread_server_name] [$upstream] $status $bytes_sent $bytes_received $session_time'; + access_log /var/log/nginx/stream.log stream; + + upstream web1 { + server web1:65531; + } + upstream web2 { + server web2:65532; + } + upstream web { + server nginx:4433; + } + server { + listen 443 reuseport; + listen [::]:443 reuseport; + proxy_pass $upstream; + ssl_preread on; + } +} diff --git a/images/boxs/conf.d/notifier/usr/lib/update-notifier/apt-cdrom-check b/images/boxs/conf.d/notifier/usr/lib/update-notifier/apt-cdrom-check new file mode 100755 index 00000000..a6b2e914 --- /dev/null +++ b/images/boxs/conf.d/notifier/usr/lib/update-notifier/apt-cdrom-check @@ -0,0 +1,93 @@ +#!/bin/sh +# +# helper to check if we actually have an ubuntu CD +# +# Returncode: +# 0 - no ubuntu CD +# 1 - CD with packages +# 2 - dist-upgrader CD +# 3 - aptoncd media +# (if the returncodes change, make sure to update src/cdroms.c) +# + +mount_point="$1" +aptoncd_file="$mount_point/aptoncd.info" + +# sanity checks +if [ -z "$mount_point" ]; then + exit 0 +fi + +if [ -f "$aptoncd_file" ]; then + exit 3 +fi + +if [ ! -d "$mount_point/ubuntu" ] && [ ! -f "$mount_point/cdromupgrade" ]; then + exit 0 +fi + +# check if there are "Packages" files on the cd (and ignore the +# debian-installer dir) +find "$mount_point/dists/" -name "Packages.gz" | grep -q -v debian-installer + +# 1 means "no lines were selected" in grep (no Packages file but the +# debian-installer ones) +if [ $? -eq 1 ]; then + exit 0 +fi + +# get some apt-config vars +label_start=0 +cdrom_id="" + +apt_dir="/" +apt_state_dir="var/lib/apt/" +apt_cdrom_list="cdrom.list" +eval $(apt-config shell apt_dir Dir \ + apt_state_dir Dir::State \ + apt_cdrom_list Dir::State::cdroms) + + + +# identifying ... [afkdsjaf] line +line=$(apt-cdrom -d="$1" -m ident|grep "\[.*\]") + +# remove the stuff before "Identifying... [dasjflkd]" -> "dasjflkd" +line=${line%]*} +cdrom_id=${line#*\[} + +if [ -z "$cdrom_id" ]; then + # something bad happened here, we return "not yet scanned" as + # fallback (because we are cheap) + return 1 +fi + +# [cdrom-id] -> cdrom-id +if grep -s -q "$cdrom_id" $apt_dir$apt_state_dir$apt_cdrom_list; then + # already in sources.list, ignore + exit 0 +fi + +# so this is a CD we don't know yet and it has packages. good! +THIS_VERSION=$(lsb_release -sr) +VERSION_ON_MEDIA=$(awk {'print $2'} "$mount_point/.disk/info") + +# now check if it contains a signed dist-upgrader +for d in "$mount_point"/dists/*/main/dist-upgrader/binary-all/; do + if [ -d "$d" ]; then + # ok, we have one, now check the authentication + GPG="gpgv --ignore-time-conflict --keyring /etc/apt/trusted.gpg" + if $GPG "$d/"*.tar.gz.gpg "$d"/*.tar.gz; then + # verified ok, we have a valid upgrader, if it was not ok, the + # fallback to the end is ok because we still have packages on it + if dpkg --compare-versions "$THIS_VERSION" lt "$VERSION_ON_MEDIA"; then + exit 2 + fi + fi + fi +done + +# we got an ubuntu CD with packages +if dpkg --compare-versions "$THIS_VERSION" lt "$VERSION_ON_MEDIA"; then + exit 1 +fi diff --git a/images/boxs/conf.d/notifier/usr/lib/update-notifier/apt-check b/images/boxs/conf.d/notifier/usr/lib/update-notifier/apt-check new file mode 120000 index 00000000..7ca7279b --- /dev/null +++ b/images/boxs/conf.d/notifier/usr/lib/update-notifier/apt-check @@ -0,0 +1 @@ +apt_check.py \ No newline at end of file diff --git a/images/boxs/conf.d/notifier/usr/lib/update-notifier/apt_check.py b/images/boxs/conf.d/notifier/usr/lib/update-notifier/apt_check.py new file mode 100755 index 00000000..100faacc --- /dev/null +++ b/images/boxs/conf.d/notifier/usr/lib/update-notifier/apt_check.py @@ -0,0 +1,214 @@ +#!/usr/bin/python3 + + +# nice apt-get -s -o Debug::NoLocking=true upgrade | grep ^Inst + +import apt +import apt_pkg +import os +import sys +from optparse import OptionParser +import gettext +import subprocess + +SYNAPTIC_PINFILE = "/var/lib/synaptic/preferences" +DISTRO = subprocess.check_output( + ["lsb_release", "-c", "-s"], + universal_newlines=True).strip() + + +def _(msg): + return gettext.dgettext("update-notifier", msg) + + +def _handleException(type, value, tb): + sys.stderr.write("E: " + _("Unknown Error: '%s' (%s)") % (type, value)) + sys.exit(-1) + + +def clean(cache, depcache): + " unmark (clean) all changes from the given depcache " + # mvo: looping is too inefficient with the new auto-mark code + # for pkg in cache.Packages: + # depcache.MarkKeep(pkg) + depcache.init() + + +def saveDistUpgrade(cache, depcache): + """ this function mimics a upgrade but will never remove anything """ + depcache.upgrade(True) + if depcache.del_count > 0: + clean(cache, depcache) + depcache.upgrade() + + +def isSecurityUpgrade(ver): + " check if the given version is a security update (or masks one) " + security_pockets = [("Ubuntu", "%s-security" % DISTRO), + ("gNewSense", "%s-security" % DISTRO), + ("Debian", "%s-updates" % DISTRO)] + for (file, index) in ver.file_list: + for origin, archive in security_pockets: + if (file.archive == archive and file.origin == origin): + return True + return False + + +def write_package_names(outstream, cache, depcache): + " write out package names that change to outstream " + pkgs = [pkg for pkg in cache.packages if depcache.marked_install(pkg) or + depcache.marked_upgrade(pkg)] + outstream.write("\n".join([p.name for p in pkgs])) + + +def write_human_readable_summary(outstream, upgrades, security_updates): + " write out human summary summary to outstream " + outstream.write(gettext.dngettext("update-notifier", + "%i package can be updated.", + "%i packages can be updated.", + upgrades) % upgrades) + outstream.write("\n") + outstream.write(gettext.dngettext("update-notifier", + "%i update is a security update.", + "%i updates are security updates.", + security_updates) % security_updates) + outstream.write("\n") + + +def init(): + " init the system, be nice " + # FIXME: do a ionice here too? + os.nice(19) + apt_pkg.init() + + +def run(options=None): + + # we are run in "are security updates installed automatically?" + # question mode + if options.security_updates_unattended: + res = apt_pkg.config.find_i("APT::Periodic::Unattended-Upgrade", 0) + # print(res) + sys.exit(res) + + # get caches + try: + cache = apt_pkg.Cache(apt.progress.base.OpProgress()) + except SystemError as e: + sys.stderr.write("E: " + _("Error: Opening the cache (%s)") % e) + sys.exit(-1) + depcache = apt_pkg.DepCache(cache) + + # read the synaptic pins too + if os.path.exists(SYNAPTIC_PINFILE): + depcache.read_pinfile(SYNAPTIC_PINFILE) + depcache.init() + + if depcache.broken_count > 0: + sys.stderr.write("E: " + _("Error: BrokenCount > 0")) + sys.exit(-1) + + # do the upgrade (not dist-upgrade!) + try: + saveDistUpgrade(cache, depcache) + except SystemError as e: + sys.stderr.write("E: " + _("Error: Marking the upgrade (%s)") % e) + sys.exit(-1) + + # analyze the ugprade + upgrades = 0 + security_updates = 0 + + # we need another cache that has more pkg details + with apt.Cache() as aptcache: + for pkg in cache.packages: + # skip packages that are not marked upgraded/installed + if not (depcache.marked_install(pkg) or + depcache.marked_upgrade(pkg)): + continue + # check if this is really a upgrade or a false positive + # (workaround for ubuntu #7907) + inst_ver = pkg.current_ver + cand_ver = depcache.get_candidate_ver(pkg) + if cand_ver == inst_ver: + continue + # check for security upgrades + if isSecurityUpgrade(cand_ver): + upgrades += 1 + security_updates += 1 + continue + + # check to see if the update is a phased one + try: + from UpdateManager.Core.UpdateList import UpdateList + ul = UpdateList(None) + ignored = ul._is_ignored_phased_update( + aptcache[pkg.get_fullname()]) + if ignored: + depcache.mark_keep(pkg) + continue + except ImportError: + pass + + upgrades = upgrades + 1 + + # now check for security updates that are masked by a + # candidate version from another repo (-proposed or -updates) + for ver in pkg.version_list: + if (inst_ver and apt_pkg.version_compare(ver.ver_str, + inst_ver.ver_str) <= + 0): + # print("skipping '%s' " % ver.VerStr) + continue + if isSecurityUpgrade(ver): + security_updates += 1 + break + + # print the number of upgrades + if options and options.show_package_names: + write_package_names(sys.stderr, cache, depcache) + elif options and options.readable_output: + write_human_readable_summary(sys.stdout, upgrades, security_updates) + else: + # print the number of regular upgrades and the number of + # security upgrades + sys.stderr.write("%s;%s" % (upgrades, security_updates)) + + # return the number of upgrades (if its used as a module) + return(upgrades, security_updates) + + +if __name__ == "__main__": + # setup a exception handler to make sure that uncaught stuff goes + # to the notifier + sys.excepthook = _handleException + + # gettext + APP = "update-notifier" + DIR = "/usr/share/locale" + gettext.bindtextdomain(APP, DIR) + gettext.textdomain(APP) + + # check arguments + parser = OptionParser() + parser.add_option("-p", + "--package-names", + action="store_true", + dest="show_package_names", + help=_("Show the packages that are " + "going to be installed/upgraded")) + parser.add_option("", + "--human-readable", + action="store_true", + dest="readable_output", + help=_("Show human readable output on stdout")) + parser.add_option("", + "--security-updates-unattended", + action="store_true", + help=_("Return the time in days when security updates " + "are installed unattended (0 means disabled)")) + (options, args) = parser.parse_args() + + # run it + init() + run(options) diff --git a/images/boxs/conf.d/notifier/usr/lib/update-notifier/backend_helper.py b/images/boxs/conf.d/notifier/usr/lib/update-notifier/backend_helper.py new file mode 100755 index 00000000..a67244d5 --- /dev/null +++ b/images/boxs/conf.d/notifier/usr/lib/update-notifier/backend_helper.py @@ -0,0 +1,168 @@ +#!/usr/bin/python3 + +import argparse +import logging +import os +import subprocess +import sys + +HAVE_APTDAEMON = False +try: + import aptdaemon.gtk3widgets + HAVE_APTDAEMON = True +except ImportError: + pass + + +# show updates +def show_updates(): + """ show updates using update-manager """ + cmd = ["update-manager", "--no-update"] + res = subprocess.call(cmd) + return (res == 0) + + +# install all updates +def _install_all_updates_aptdaemon(): + from gi.repository import Gtk + from aptdaemon import client, enums + from aptdaemon.gtk3widgets import AptProgressDialog + client = client.AptClient() + trans = client.upgrade_system(safe_mode=True) + dia = AptProgressDialog(trans) + dia.connect("finished", Gtk.main_quit) + dia.run() + Gtk.main() + return trans.exit == enums.EXIT_SUCCESS + + +def _install_all_updates_synaptic(): + cmd = ["/usr/bin/synaptic-pkexec", + "--dist-upgrade-mode", + "--non-interactive", + "--hide-main-window", + "-o", "Synaptic::AskRelated=true", + ] + return subprocess.call(cmd) + + +def install_all_updates(): + """ install all updates either with synaptic or aptdaemon """ + if HAVE_APTDAEMON: + return _install_all_updates_aptdaemon() + else: + return _install_all_updates_synaptic() + + +# check updates +def _check_updates_aptdaemon(): + from gi.repository import Gtk + from aptdaemon import client, enums + from aptdaemon.gtk3widgets import AptProgressDialog + client = client.AptClient() + trans = client.update_cache() + dia = AptProgressDialog(trans) + dia.connect("finished", Gtk.main_quit) + dia.run() + Gtk.main() + return trans.exit == enums.EXIT_SUCCESS + + +def _check_updates_gtk(): + cmd = ["/usr/bin/synaptic-pkexec", + "--update-at-startup", + "--non-interactive", + "--hide-main-window", + ] + subprocess.call(cmd) + + +def check_updates(): + """ check for updates either with aptdaemon or synaptic """ + if HAVE_APTDAEMON: + return _check_updates_aptdaemon() + else: + return _check_updates_gtk() + + +# start packagemanager +def start_packagemanager(): + if os.path.exists("/usr/bin/synaptic-pkexec"): + cmd = ["/usr/bin/synaptic-pkexec"] + return subprocess.call(cmd) + elif os.path.exists("/usr/bin/software-center"): + return subprocess.call(["/usr/bin/software-center"]) + else: + logging.error("neither synaptic nor software-center installed") + + +# add cdrom +def _add_cdrom_sp(mount_path): + from gi.repository import Gtk + import dbus + import dbus.mainloop.glib + bus = dbus.SystemBus(mainloop=dbus.mainloop.glib.DBusGMainLoop()) + proxy = bus.get_object("com.ubuntu.SoftwareProperties", "/") + backend = dbus.Interface(proxy, "com.ubuntu.SoftwareProperties") + backend.AddCdromSource() + backend.connect_to_signal( + "SourcesListModified", Gtk.main_quit) + backend.connect_to_signal( + "CdromScanFailed", Gtk.main_quit) + Gtk.main() + if os.path.exists("/usr/bin/software-center"): + subprocess.call(["/usr/bin/software-center"]) + + +def _add_cdrom_synaptic(mount_path): + cmd = ["/usr/bin/synaptic-pkexec", "--add-cdrom", mount_path] + return subprocess.call(cmd) + + +def add_cdrom(mount_path): + if os.path.exists("/usr/bin/synaptic-pkexec"): + _add_cdrom_synaptic(mount_path) + else: + _add_cdrom_sp(mount_path) + + +if __name__ == "__main__": + + parser = argparse.ArgumentParser( + description='backend helper for update-notifier') + parser.add_argument( + '--debug', default=False, action="store_true", + help='extra debug output') + subparser = parser.add_subparsers(title="Commands") + # show_update - update-manager + command = subparser.add_parser("show_updates") + command.set_defaults(command="show_updates") + # install_all - synaptic/aptdaemon install noninteractivly + command = subparser.add_parser("install_all_updates") + command.set_defaults(command="install_all_updates") + # check_updates - synaptic --reload/aptdaemon reload + command = subparser.add_parser("check_updates") + command.set_defaults(command="check_updates") + # start_pkgmanager + command = subparser.add_parser("start_packagemanager") + command.set_defaults(command="start_packagemanager") + # add_cdrom + command = subparser.add_parser("add_cdrom") + command.add_argument("mount_path") + command.set_defaults(command="add_cdrom") + + args = parser.parse_args() + if args.debug: + logging.basicConfig(level=logging.DEBUG) + else: + logging.basicConfig(level=logging.INFO) + + func_name = args.command + f_kwargs = {} + f = globals()[func_name] + if args.command == "add_cdrom": + f_kwargs["mount_path"] = args.mount_path + res = f(**f_kwargs) + + if not res: + sys.exit(1) diff --git a/images/boxs/conf.d/notifier/usr/lib/update-notifier/cddistupgrader b/images/boxs/conf.d/notifier/usr/lib/update-notifier/cddistupgrader new file mode 100755 index 00000000..75db2940 --- /dev/null +++ b/images/boxs/conf.d/notifier/usr/lib/update-notifier/cddistupgrader @@ -0,0 +1,31 @@ +#!/bin/sh +# + +CDROM_MOUNT="$1" + +for d in "$CDROM_MOUNT"/dists/*/main/dist-upgrader/binary-all/; do + if [ -d "$d" ]; then + UPGRADER_DIR="$d" + break + fi +done + +TAR=$(basename "$UPGRADER_DIR"/*.tar.gz) +CODENAME=${TAR%.tar.gz} + +# get a tempdir +TMPDIR=$(mktemp -t -d distupgrade.XXXXXX) +cd $TMPDIR + +# extract the tar +tar xzf "$UPGRADER_DIR"/"$TAR" + +# apply any patches needed before running the upgrade +for apatch in /usr/share/update-notifier/upgrader-patches/*.diff; do + if patch --dry-run < "$apatch"; then + patch < "$apatch" + fi +done + +# run it +"$TMPDIR"/"$CODENAME" --cdrom "$CDROM_MOUNT" diff --git a/images/boxs/conf.d/notifier/usr/lib/update-notifier/package-data-downloader b/images/boxs/conf.d/notifier/usr/lib/update-notifier/package-data-downloader new file mode 100755 index 00000000..f7d85660 --- /dev/null +++ b/images/boxs/conf.d/notifier/usr/lib/update-notifier/package-data-downloader @@ -0,0 +1,337 @@ +#!/usr/bin/python3 +# -*- coding: utf-8 -*- +"""Process new requests to download per-package data""" +# Copyright (C) 2012 Canonical Ltd +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of version 3 of the GNU General Public License as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +import glob +import os +import sys +import subprocess +import traceback +import debian.deb822 +import string +import debconf +from datetime import datetime + +# avoid hanging forever (LP: #1243090) +import socket +socket.setdefaulttimeout(60) + + +DATADIR = "/usr/share/package-data-downloads/" +STAMPDIR = "/var/lib/update-notifier/package-data-downloads/" +NOTIFIER_SOURCE_FILE = \ + "/usr/share/update-notifier/package-data-downloads-failed" +NOTIFIER_FILE = "/var/lib/update-notifier/user.d/data-downloads-failed" +NOTIFIER_PERMANENT_SOURCE_FILE = NOTIFIER_SOURCE_FILE + '-permanently' +NOTIFIER_PERMANENT_FILE = NOTIFIER_FILE + '-permanently' + +failures = [] +permanent_failures = [] + + +def create_or_update_stampfile(file): + """Create or update the indicated stampfile, and remove failure flags""" + + try: + with open(file, 'w'): + pass + # Ignore errors + except Exception: + traceback.print_exc(file=sys.stderr) + + os.utime(file, None) + + for ext in ('.failed', '.permanent-failure'): + if os.path.exists(file + ext): + os.unlink(file + ext) + + +def mark_hook_failed(hook_name, permanent=False): + """Create a stampfile recording that a hook failed + + We create separate stampfiles for failed hooks so we can + keep track of how long the hook has been failing and if the failure + should be considered permanent.""" + + if permanent: + filename = hook_name + '.permanent-failure' + else: + filename = hook_name + '.failed' + + failure_file = os.path.join(STAMPDIR, filename) + try: + with open(failure_file, 'w'): + pass + + # Ignore errors + except Exception: + traceback.print_exc(file=sys.stderr) + + for ext in ('', '.failed', '.permanent-failure'): + stampfile = hook_name + ext + if filename != stampfile \ + and os.path.exists(os.path.join(STAMPDIR, stampfile)): + os.unlink(os.path.join(STAMPDIR, stampfile)) + + +def hook_is_permanently_failed(hook_name): + """Check if this hook has been marked as permanently failing. + + If so, don't raise any more errors about it.""" + + failure_file = os.path.join(STAMPDIR, hook_name + '.permanent-failure') + return os.path.exists(failure_file) + + +def hook_aged_out(hook_name): + """Check if this hook has been failing consistently for >= 3 days""" + + failure_file = os.path.join(STAMPDIR, hook_name + '.failed') + try: + hook_date = datetime.fromtimestamp(os.stat(failure_file).st_ctime) + cur_time = datetime.now() + d = cur_time - hook_date + if d.days >= 3: + return True + except OSError: + pass + except Exception: + traceback.print_exc(file=sys.stderr) + return False + + +def record_failure(hook): + """Record that the named hook has failed""" + if hook_aged_out(hook): + permanent_failures.append(hook) + else: + failures.append(hook) + + +def existing_permanent_failures(): + """Return the list of all previously recorded permanent failures""" + + files = glob.glob(os.path.join(STAMPDIR, "*.permanent-failure")) + return [os.path.splitext(os.path.basename(path))[0] for path in files] + + +def trigger_update_notifier(failures, permanent=False): + """Tell update-notifier that there were failed packages""" + + try: + if permanent: + with open(NOTIFIER_PERMANENT_SOURCE_FILE, 'r', + encoding='utf-8') as f: + input = f.read() + output_file = open(NOTIFIER_PERMANENT_FILE, 'w', encoding='utf-8') + else: + with open(NOTIFIER_SOURCE_FILE, 'r', encoding='utf-8') as f: + input = f.read() + output_file = open(NOTIFIER_FILE, 'w', encoding='utf-8') + except Exception: + # Things failed and we can't even notify about it. Break the + # trigger so that there's some error propagation, even if not + # the most pleasant sort. + traceback.print_exc(file=sys.stderr) + sys.exit(1) + + packages = [os.path.basename(failure) for failure in failures] + output_file.write( + string.Template(input).substitute( + {'packages': ", ".join(packages)})) + output_file.close() + + +def get_hook_file_names(): + res = [] + for relfile in os.listdir(DATADIR): + # ignore files ending in .dpkg-* + if (os.path.splitext(relfile)[1] and + os.path.splitext(relfile)[1].startswith(".dpkg")): + continue + res.append(relfile) + return res + + +# we use apt-helper here as this gives us the exact same proxy behavior +# as apt-get itself (environment/apt-config proxy settings/autodiscover) +def download_file(uri, sha256_hashsum): + """Download a URI and checks the given hashsum using apt-helper + + Returns: path to the downloaded file or None + """ + download_dir = os.path.join(STAMPDIR, "partial") + dest_file = os.path.join(download_dir, os.path.basename(uri)) + ret = subprocess.call( + ["/usr/lib/apt/apt-helper", + "download-file", uri, dest_file, "SHA256:" + sha256_hashsum]) + if ret != 0: + if os.path.exists(dest_file): + os.remove(dest_file) + return None + return dest_file + + +def print_maybe(*args, **kwargs): + """Version of print() that ignores failure""" + try: + print(*args, **kwargs) + except OSError: + pass + + +def process_download_requests(): + """Process requests to download package data files + + Iterate over /usr/share/package-data-downloads and download any + package data specified in the contained file, then hand off to + the indicated handler for further processing. + + Successful downloads are recorded in + /var/lib/update-notifier/package-data-downloads to avoid unnecessary + repeat handling. + + Failed downloads are reported to the user via the + update-notifier interface.""" + + # Iterate through all the available hooks. If we get a failure + # processing any of them (download failure, checksum failure, or + # failure to run the hook script), record it but continue processing + # the rest of the hooks since some of them may succeed. + for relfile in get_hook_file_names(): + + stampfile = os.path.join(STAMPDIR, relfile) + file = os.path.join(DATADIR, relfile) + try: + if not os.path.exists(NOTIFIER_FILE) and \ + not os.path.exists(NOTIFIER_PERMANENT_FILE): + hook_date = os.stat(file).st_mtime + stamp_date = os.stat(stampfile).st_mtime + if hook_date < stamp_date: + continue + elif os.path.exists(stampfile): + continue + + except Exception as e: + if not isinstance(e, OSError): + traceback.print_exc(file=sys.stderr) + + hook = debian.deb822.Deb822() + files = [] + sums = [] + for para in hook.iter_paragraphs(open(file)): + if 'Script' in para: + if not files: + record_failure(relfile) + break + command = [para['Script']] + + if 'Should-Download' in para: + db = debconf.DebconfCommunicator('update-notifier') + try: + should = db.get(para['Should-Download']) + if should == "false": + # Do nothing with this file. + break + except (DebconfError, KeyError): + pass + finally: + db.shutdown() + + print_maybe("%s: processing..." % (relfile)) + + # Download each file and verify the sum + try: + downloaded = set() + for i in range(len(files)): + print_maybe("%s: downloading %s" % (relfile, files[i])) + dest_file = download_file(files[i], sums[i]) + if dest_file: + command.append(dest_file) + downloaded.add(dest_file) + else: + record_failure(relfile) + break + if relfile in failures + permanent_failures: + break + + sys.stdout.flush() + result = subprocess.call(command) + if result: + # There's no sense redownloading if the script fails + permanent_failures.append(relfile) + else: + create_or_update_stampfile(stampfile) + # cleanup + for f in downloaded: + os.remove(f) + break + except Exception: + traceback.print_exc(file=sys.stderr) + + record_failure(relfile) + # The 'script' is always the last stanza + break + + # Not in a 'script' stanza, so we should have some urls + try: + files.append(para['Url']) + sums.append(para['Sha256']) + except Exception as e: + print_maybe("%s: Error processing!" % (relfile)) + if not isinstance(e, KeyError): + traceback.print_exc(file=sys.stderr) + record_failure(relfile) + break + + previous_failures = existing_permanent_failures() + + # We only report about "permanent" failures when there are new ones, + # but we want the whole list of permanently-failing hooks so when + # we clobber the update-notifier file we don't lose information the + # user may not have seen yet + if permanent_failures: + new_failures = False + for failure in permanent_failures: + if failure not in previous_failures: + mark_hook_failed(failure, permanent=True) + previous_failures.append(failure) + new_failures = True + if new_failures: + trigger_update_notifier(previous_failures, permanent=True) + # 2016-09-19 14:36 reset the list of permanent_failures as it caused + # tests not to be idempotent + permanent_failures.clear() + if not previous_failures and os.path.exists(NOTIFIER_PERMANENT_FILE): + os.unlink(NOTIFIER_PERMANENT_FILE) + + # Filter out new failure reports for permanently-failed packages + our_failures = [x for x in failures if x not in previous_failures] + # 2016-09-19 14:36 reset the list of permanent_failures as it caused + # tests not to be idempotent + failures.clear() + + if our_failures: + for failure in our_failures: + mark_hook_failed(failure) + trigger_update_notifier(our_failures) + elif os.path.exists(NOTIFIER_FILE): + os.unlink(NOTIFIER_FILE) + + +if __name__ == "__main__": + process_download_requests() diff --git a/images/boxs/conf.d/notifier/usr/lib/update-notifier/package-system-locked b/images/boxs/conf.d/notifier/usr/lib/update-notifier/package-system-locked new file mode 100755 index 00000000..53e3ccab --- /dev/null +++ b/images/boxs/conf.d/notifier/usr/lib/update-notifier/package-system-locked @@ -0,0 +1,16 @@ +#!/bin/sh +# check if package system is locked +# return 0 if unlocked, 2 if locked, 1 on error +set -e + +for f in /var/lib/dpkg/lock /var/cache/apt/archives/lock \ + /var/lib/apt/lists/lock /run/unattended-upgrades.lock; do + [ -e $f ] || continue + + # fuser succeeds if there is at least one user + if fuser $f; then + exit 2 + fi +done + +exit 0 diff --git a/images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-fsck-at-reboot b/images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-fsck-at-reboot new file mode 100755 index 00000000..74585a88 --- /dev/null +++ b/images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-fsck-at-reboot @@ -0,0 +1,81 @@ +#!/bin/sh +# Authors: +# Mads Chr. Olesen +# Kees Cook +set -e + +# poor mans force +if [ "$1" = "--force" ]; then + NEEDS_FSCK_CHECK=yes +fi + +# check time when we did the last check +stamp="/var/lib/update-notifier/fsck-at-reboot" +if [ -e "$stamp" ]; then + stampt=$(stat -c %Y $stamp) +else + stampt=0 +fi + +# check time when we last booted +last_boot=$(date -d "now - $(awk '{print $1}' /proc/uptime) seconds" +%s) + +now=$(date +%s) +if [ $(($stampt + 3600)) -lt $now ] || [ $stampt -gt $now ] \ + || [ $stampt -lt $last_boot ] +then + #echo $stampt $now need update + NEEDS_FSCK_CHECK=yes +fi + +# output something for update-motd +if [ -n "$NEEDS_FSCK_CHECK" ]; then + { + check_occur_any= + + ext_partitions=$(mount | awk '$5 ~ /^ext(2|3|4)$/ { print $1 }') + for part in $ext_partitions; do + dumpe2fs_out=$(dumpe2fs -h $part 2>/dev/null) + mount_count=$(echo "$dumpe2fs_out" | grep "^Mount count:"|cut -d':' -f 2-) + if [ -z "$mount_count" ]; then mount_count=0; fi + max_mount_count=$(echo "$dumpe2fs_out" | grep "^Maximum mount count:"|cut -d':' -f 2-) + if [ -z "$max_mount_count" ]; then max_mount_count=0; fi + check_interval=$(echo "$dumpe2fs_out" | grep "^Check interval:" | cut -d':' -f 2- | cut -d'(' -f 1) + if [ -z "$check_interval" ]; then check_interval=0; fi + next_check_date=$(echo "$dumpe2fs_out" | grep "^Next check after:" | cut -d':' -f 2-) + if [ -z "$next_check_interval" ]; then next_check_interval=0; fi + next_check_tstamp=$(date -d "$next_check_date" +%s) + + #echo "next_check_date=\"$next_check_date\" next_check_tstamp=\"$next_check_tstamp\"" + #echo "part=\"$part\" mount_count=\"$mount_count\" / max=\"$max_mount_count\" " + + check_occur= + # Check based on mount counts? + if [ "$max_mount_count" -gt 0 -a \ + "$mount_count" -ge "$max_mount_count" ]; then + check_occur=yes + fi + # Check based on time passed? + if [ "$check_interval" -gt 0 -a \ + "$next_check_tstamp" -lt "$now" ]; then + check_occur=yes + fi + if [ -n "$check_occur" ]; then + check_occur_any=yes + mountpoint=$(mount | grep "^$part" | cut -d ' ' -f 3) + pass=$(grep -v '^#' /etc/fstab | tr -s ' ' '\t' | cut -s -f 2,6 | grep -w "$mountpoint" | cut -f 2) + if [ "$pass" = "0" ]; then + echo "*** $part should be checked for errors ***" + else + echo "*** $part will be checked for errors at next reboot ***" + fi + fi + done + if [ -n "$check_occur_any" ]; then + echo "" + fi + } > $stamp +fi + +# output what we have (either cached or newly generated) +cat $stamp diff --git a/images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-hwe-eol b/images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-hwe-eol new file mode 100755 index 00000000..02fca8f0 --- /dev/null +++ b/images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-hwe-eol @@ -0,0 +1,60 @@ +#!/bin/sh -e +# +# helper for update-motd + + +# poor mans force +if [ "$1" = "--force" ]; then + NEED_EOL_CHECK=yes +else + NEED_EOL_CHECK=no +fi + +# check time when we did the last update check +stamp="/var/lib/update-notifier/hwe-eol" + +# get list dir +StateDir="/var/lib/apt/" +ListDir="lists/" +eval "$(apt-config shell StateDir Dir::State)" +eval "$(apt-config shell ListDir Dir::State::Lists)" + +# get dpkg status file +DpkgStatus="/var/lib/dpkg/status" +eval "$(apt-config shell DpkgStatus Dir::State::status)" + +# get sources.list file +EtcDir="etc/apt/" +SourceList="sources.list" +eval "$(apt-config shell EtcDir Dir::Etc)" +eval "$(apt-config shell SourceList Dir::Etc::sourcelist)" + +# let the actual update be asynchronous to avoid stalling apt-get +cleanup() { rm -f "$tmpfile"; } + +# check if we have a list file or sources.list that needs checking +if [ -e "$stamp" ]; then + if [ "$(find "/$StateDir/$ListDir" "/$EtcDir/$SourceList" "/$DpkgStatus" -type f -newer "$stamp" -print -quit)" ]; then + NEED_EOL_CHECK=yes + fi +else + if [ "$(find "/$StateDir/$ListDir" "/$EtcDir/$SourceList" -type f -print -quit)" ]; then + NEED_EOL_CHECK=yes + fi +fi + +tmpfile="" +trap cleanup EXIT +tmpfile=$(mktemp -p $(dirname "$stamp")) + +# output something for update-motd +if [ "$NEED_EOL_CHECK" = "yes" ]; then + { + # the script may exit with status 10 when a HWE update is needed + /usr/bin/hwe-support-status || true + } > "$tmpfile" + mv "$tmpfile" "$stamp" +fi + +# output what we have (either cached or newly generated) +cat "$stamp" diff --git a/images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-reboot-required b/images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-reboot-required new file mode 100755 index 00000000..c3cfad8b --- /dev/null +++ b/images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-reboot-required @@ -0,0 +1,7 @@ +#!/bin/sh -e +# +# helper for update-motd + +if [ -f /var/run/reboot-required ]; then + cat /var/run/reboot-required +fi diff --git a/images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-updates-available b/images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-updates-available new file mode 100755 index 00000000..7528b505 --- /dev/null +++ b/images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-updates-available @@ -0,0 +1,59 @@ +#!/bin/sh -e +# +# helper for update-motd + + +# poor mans force +if [ "$1" = "--force" ]; then + NEED_UPDATE_CHECK=yes +else + NEED_UPDATE_CHECK=no +fi + +# check time when we did the last update check +stamp="/var/lib/update-notifier/updates-available" + +# get list dir +StateDir="/var/lib/apt/" +ListDir="lists/" +eval "$(apt-config shell StateDir Dir::State)" +eval "$(apt-config shell ListDir Dir::State::Lists)" + +# get dpkg status file +DpkgStatus="/var/lib/dpkg/status" +eval "$(apt-config shell DpkgStatus Dir::State::status)" + +# get sources.list file +EtcDir="etc/apt/" +SourceList="sources.list" +eval "$(apt-config shell EtcDir Dir::Etc)" +eval "$(apt-config shell SourceList Dir::Etc::sourcelist)" + +# let the actual update be asynchronous to avoid stalling apt-get +cleanup() { rm -f "$tmpfile"; } + +# check if we have a list file or sources.list that needs checking +if [ -e "$stamp" ]; then + if [ "$(find "/$StateDir/$ListDir" "/$EtcDir/$SourceList" "/$DpkgStatus" -type f -newer "$stamp" -print -quit)" ]; then + NEED_UPDATE_CHECK=yes + fi +else + if [ "$(find "/$StateDir/$ListDir" "/$EtcDir/$SourceList" -type f -print -quit)" ]; then + NEED_UPDATE_CHECK=yes + fi +fi + +tmpfile="" +trap cleanup EXIT +tmpfile=$(mktemp -p $(dirname "$stamp")) + +# output something for update-motd +if [ "$NEED_UPDATE_CHECK" = "yes" ]; then + { + + echo "" + /usr/lib/update-notifier/apt-check --human-readable + echo "" + } > "$tmpfile" + mv "$tmpfile" "$stamp" +fi diff --git a/images/cmdide/conf.d/php.ini b/images/boxs/conf.d/php.ini similarity index 100% rename from images/cmdide/conf.d/php.ini rename to images/boxs/conf.d/php.ini diff --git a/images/boxs/conf.d/supervisor-novnc.conf b/images/boxs/conf.d/supervisor-novnc.conf new file mode 100644 index 00000000..cf37d962 --- /dev/null +++ b/images/boxs/conf.d/supervisor-novnc.conf @@ -0,0 +1,9 @@ +[program:vncserver] +command=vncserver -geometry 1600x900 :1 +user=ubuntu + +[program:noVNC] +command=/opt/noVNC/utils/launch.sh --vnc localhost:5901 +user=ubuntu +stdout_logfile=/var/log/novnc.log +redirect_stderr=true \ No newline at end of file diff --git a/images/archlinux-vnc/supervisord.conf b/images/boxs/conf.d/supervisord.conf similarity index 100% rename from images/archlinux-vnc/supervisord.conf rename to images/boxs/conf.d/supervisord.conf diff --git a/images/panel/Dockerfile.bt b/images/boxs/panel/Dockerfile.bt similarity index 100% rename from images/panel/Dockerfile.bt rename to images/boxs/panel/Dockerfile.bt diff --git a/images/panel/Dockerfile.bt6 b/images/boxs/panel/Dockerfile.bt6 similarity index 100% rename from images/panel/Dockerfile.bt6 rename to images/boxs/panel/Dockerfile.bt6 diff --git a/images/panel/scripts/bt6.sh b/images/boxs/panel/scripts/bt6.sh similarity index 100% rename from images/panel/scripts/bt6.sh rename to images/boxs/panel/scripts/bt6.sh diff --git a/images/panel/scripts/install-bt.sh b/images/boxs/panel/scripts/install-bt.sh similarity index 100% rename from images/panel/scripts/install-bt.sh rename to images/boxs/panel/scripts/install-bt.sh diff --git a/images/boxs/script/bootstrap.sh b/images/boxs/script/bootstrap.sh new file mode 100644 index 00000000..8265bb77 --- /dev/null +++ b/images/boxs/script/bootstrap.sh @@ -0,0 +1,278 @@ +#!/usr/bon/env bash +export PATH="/bin:/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin:~/bin:~/.bin" + +USER="boxs" +PASSWD="boxs" +HOME_DIR=/home/$USER + +[ "$(id -u)" != '0' ] && echo 'use root user please' && exit + +sapt(){ apt install --no-install-recommends -y $@;} +runs(){ sudo -u "${USER}" $@;} + +_do_install() +{ + # fix depends + [[ -z "$(ls -lha /var/lib/apt/lists/ | grep 'dists')" ]] && apt update -y --fix-missing + + # System base functions + sapt tzdata lsb-release apt-transport-https apt-utils locales ca-certificates supervisor systemctl + + # Tools + if [[ -z "$(command -v nvim)" ]]; then + sapt sudo zsh neovim jq htop git bat net-tools whois neofetch screen screenfetch tree psutils \ + iproute2 telnet curl wget axel openssh-client openssh-server less iftop ncdu openssl expect + fi + + # Compress Package + sapt unar bzip2 unzip unrar + + # php7.4 + sapt php7.4-bcmath php7.4-bz2 php7.4-cli php7.4-common php7.4-curl php7.4-dba php7.4-enchant php7.4-gd php7.4-gmp php7.4-imap \ + php7.4-intl php7.4-json php7.4-ldap php7.4-mbstring php7.4-mysql php7.4-odbc php7.4-pgsql php7.4-pspell php7.4-readline \ + php7.4-snmp php7.4-soap php7.4-sqlite3 php7.4-tidy php7.4-xml php7.4-xmlrpc php7.4-xsl php7.4-zip + + + # Python + if [[ -z "$(command -v pip)" ]]; then + sapt python3-pip python3 python2 + fi +} + +_do_install_dev() +{ + sapt gcc make cmake autoconf automake +} + +_do_install_dotnet() +{ + # install dotnet + if [[ -z "$(command -v dotnet)" ]]; then + wget https://packages.microsoft.com/config/ubuntu/$(lsb_release -sr)/packages-microsoft-prod.deb -o /tmp/dotnet.deb + dpkg -i /tmp/dotnet.deb && rm -fr /tmp/dotnet.deb + apt update && sapt dotnet-sdk-5.0 + fi +} + +_config_vnc() +{ + # python-numpy websockify require + # sapt libnss-wrapper gettext python-numpy + # pip install numpy + # sapt chromium-browser chromium-browser-l10n chromium-codecs-ffmpeg ttf-wqy-zenhei + # spat xfce4 xfce4-terminal xterm + # apt purge -y pm-utils xscreensaver* + + if [[ ! -d '/opt/noVNC' ]]; then + git clone --depth 1 https://github.com/novnc/noVNC.git /opt/noVNC + fi + + if [[ ! -d '/opt/websockify' ]]; then + git clone --depth 1 https://github.com/novnc/websockify.git /opt/websockify + fi + + runs mkdir -p $HOME_DIR/.vnc + echo '$PASSWD' | runs vncpasswd -f > $HOME_DIR/.vnc/passwd + chmod 600 $HOME_DIR/.vnc/passwd + touch $HOME_DIR/.Xresources + +} + +# Config Server Env +_do_install_srv() +{ + wget -qO- https://get.docker.com/ | sh + sudo usermod -aG docker $USER +} + +_install_desktop_unity() +{ + sapt ttf-dejavu ttf-wqy-zenhei ttf-wqy-microhei + sapt xterm + sapt ubuntu-desktop unity-lens-applications gnome-panel metacity libtasn1-3-bin libglu1-mesa mate-terminal \ + fonts-liberation language-pack-zh-hans fonts-droid-fallback fonts-arphic-ukai \ + fonts-arphic-uming xfonts-wqy libxss1 xdg-utils libtasn1-3-bin libglu1-mesa + sapt xorg xfce4 x11vnc xorg-twm xorg-xclock ratpoison + sapt xorg-server xorg-apps i3-wm zsh vim git wget net-tools bzip2 python python-pip python-numpy supervisor \ + xterm gettext + pip install websocket websocketproxy + + echo '#!/bin/sh' > ${HOME}/.xinitrc + echo 'exec i3' >> ${HOME}/.xinitrc +} + +_do_install_gui_pkg() +{ + ls . + # sublime text gedit + # https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb +} + +# Config System Env +_config_env() +{ + # Config Default Timezone + rm -fr /etc/localtime + rm -fr /etc/timezone + ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime + echo "Asia/Shanghai" > /etc/timezone + + # Config User + if [[ -z "$(grep ${USER} /etc/sudoers)" ]]; then + echo 'a' + if [[ -z "$(grep ${USER} /etc/sudoers)" ]]; then + useradd -d /home/${USER} -m -s /bin/zsh ${USER} + echo "${USER}:${PASSWD}" | chpasswd + echo "root:${PASSWD}" | chpasswd + echo "${USER} ALL=(ALL:ALL) NOPASSWD: ALL" >> /etc/sudoers + fi + fi +} + +_config_ohmyzsh() +{ + # Oh my zsh + if [[ -n "$(command -v zsh)" ]]; then + if [[ ! -d "${HOME_DIR}/.oh-my-zsh" ]]; then + echo ' Config oh my zsh' + echo "Cloning oh my zsh to ${HOME_DIR}" + #sh -c "$(curl -fsSL https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh)" + runs git clone --depth=1 https://gitee.com/mirr/oh-my-zsh.git ${HOME_DIR}/.oh-my-zsh + runs cp ${HOME_DIR}/.oh-my-zsh/templates/zshrc.zsh-template ${HOME_DIR}/.zshrc + runs sed -i 's/robbyrussell/strug/g' ${HOME_DIR}/.zshrc + # cp /tmp/.zshrc ${HOME_DIR}/.zshrc + # chmod 777 ${HOME_DIR}/.zshrc + # runs chown ${USER}:${USER} ${HOME_DIR}/.zshrc + fi + fi +} + +_config_pkg() +{ + + # PHP + if [[ -n "$(command -v php)" ]] && [ -z "$(command -v composer)" ] ; then + curl -sL https://mirrors.cloud.tencent.com/composer/composer.phar -o /usr/local/bin/composer + runs chmod +x /usr/local/bin/composer + fi + + # Software source + [ -n "$(command -v pip)" ] && runs pip config set global.index-url https://mirrors.ustc.edu.cn/pypi/web/simple + [ -n "$(command -v pip2)" ] && runs pip2 config set global.index-url https://mirrors.ustc.edu.cn/pypi/web/simple + [ -n "$(command -v pip3)" ] && runs pip3 config set global.index-url https://mirrors.ustc.edu.cn/pypi/web/simple + [ -n "$(command -v composer)" ] && runs composer config -g repos.packagist composer https://mirrors.cloud.tencent.com/composer/ + [ -n "$(command -v npm)" ] && runs npm config set registry https://registry.npm.taobao.org + [ -n "$(command -v gem)" ] && runs gem sources -a https://gems.ruby-china.com + + # Config pip + [[ -n "$(command -v pip)" ]] && [[ -z "$(pip list | grep pip-search)" ]] && pip install pip-search + + # Config Neovim + [[ -n "$(command -v pip)" ]] && [[ -z "$(pip list | grep neovim)" ]] && pip install neovim +} + +_config_sshd() +{ + sed -i "s/UsePrivilegeSeparation.*/UsePrivilegeSeparation no/g" /etc/ssh/sshd_config + sed -i "s/UsePAM.*/UsePAM no/g" /etc/ssh/sshd_config + sed -i "s/PermitRootLogin.*/PermitRootLogin no/g" /etc/ssh/sshd_config + ssh-keygen -A +} + +_node_env() +{ + # nodejs + [ -z "$(command -v npm)" ] && sapt nodejs npm + + # Config node tools + [ -n "$(command -v npm)" ] && [ -z "$(command -v yarn)" ] && npm i -g yarn bower +} + +_do_default_env() +{ + # 先安装配置所需环境 + _do_install + _config_env + _config_ohmyzsh + _config_pkg + _do_clear +} + +_do_check_env() +{ + echo "==> check env start <==" + echo "==> check user ..." + if [ -n "$(grep ${USER} /etc/passwd)" ];then + echo "User: ${USER} Added" + else + echo "User: ${USER} Not found" + fi + + if [[ -d "${HOME_DIR}/.oh-my-zsh" ]]; then + echo "oh my zsh Added" + else + echo "oh my zsh Not found" + fi +} + +_do_sshd() +{ + mkdir -p /run/sshd + + if [[ ${ENABLE_SSHD} == "true" ]]; then + echo "======================================================================" + echo "You can now connect to this container via SSH using: " + echo " ssh ${USER}@HOST -p port " + echo "Enter the ${USER} password => '${PASSWD}' when prompted " + echo "Please remember to change the above password as soon as possible! " + echo "======================================================================" + echo " Boxs ssh is Running " + echo "======================================================================" + exec /usr/sbin/sshd -D -e + fi +} + +_do_run_vnc() +{ + /opt/noVNC/utils/launch.sh --vnc 0.0.0.0:5901 +} + +_do_clear() +{ + ## Clean Container + apt autoremove -y + apt-get clean all + rm -fr /var/lib/apt/lists/* + rm -fr /tmp/* +} + +if [[ -n "$1" ]]; then + case $1 in + install ) + _do_install $@ + ;; + node) + _node_env + ;; + config_vnc) + _config_vnc + ;; + clear ) + _do_clear + ;; + check) + _do_check_env $@ + ;; + *|-h|--help ) + echo " Boxs Env Config + +" + ;; + esac +else + _do_default_env +fi + +## Fix environment +# https://github.com/knownsec/ksubdomain +# ln -s /lib/libpcap.so.1.10.0 /lib/libpcap.so.0.8 diff --git a/images/cmdide/script/build.sh b/images/boxs/script/build.sh similarity index 84% rename from images/cmdide/script/build.sh rename to images/boxs/script/build.sh index c5e17766..04f2d0d4 100644 --- a/images/cmdide/script/build.sh +++ b/images/boxs/script/build.sh @@ -1,13 +1,5 @@ #!/usr/bin/env bash -if [[ ${USER} == "" ]]; then - USER="cmdide" -fi - -if [[ ${PASSWD} = "" ]]; then - PASSWD="cmdide" -fi - build(){ apt update -y --fix-missing apt install -y --no-install-recommends openssh-server openssh-sftp-server pwgen supervisor sudo git zsh neovim wget curl unzip whois \ @@ -15,18 +7,6 @@ build(){ beanstalkd net-tools apt-transport-https make cmake g++ software-properties-common } -# Set $USER and root user Password -user(){ - USER=$1 - PASSWD=$2 - useradd -d /home/${USER} -m -s /bin/zsh ${USER} - echo "${USER}:${PASSWD}" | chpasswd - echo "root:${PASSWD}" | chpasswd - echo "${USER} ALL=(ALL:ALL) NOPASSWD: ALL" >> /etc/sudoers - chmod -R 755 $HOME_DIR - chown -R ${USER}:${USER} $HOME_DIR -} - # Permision for remote connect Container via ssh sshd(){ HOME_DIR=$1 @@ -95,7 +75,7 @@ set_php(){ # WordPress Cli wget https://coding.net/u/imxieke/p/attachment/git/raw/master/pkgs/wp-cli.phar -O /bin/wp-cli chmod +x /bin/composer - + #Adminer php mysql manager mkdir -p /var/www/tools wget https://coding.net/u/imxieke/p/attachment/git/raw/master/code/adminer-4.6.3.php -O /var/www/tools/adminer.php @@ -111,18 +91,6 @@ mailhog(){ chmod +x /usr/local/bin/mailhog } -webeditor(){ - NAME="kodexplorer" - VER="4.35" - mkdir -p /var/www/ide - cd /var/www/ide - wget https://mirrors.cs.edu.rs/PHP/${NAME}${VER}.zip - unzip ${NAME}${VER}.zip - rm -fr ${NAME}${VER}.zip - chmod 755 -R /var/www - chown www-data:www-data -R /var/www -} - clean_env(){ USER=$1 HOME_DIR=$2 @@ -148,4 +116,4 @@ install_ext(){ clean_env ${USER} ${HOME_DIR} } -install_ext ${USER} ${PASSWD} ${HOME_DIR} \ No newline at end of file +install_ext ${USER} ${PASSWD} ${HOME_DIR} diff --git a/images/boxs/script/entrypoint.sh b/images/boxs/script/entrypoint.sh new file mode 100644 index 00000000..8900d844 --- /dev/null +++ b/images/boxs/script/entrypoint.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env bash +### + # @Author: Cloudflying + # @Date: 2021-07-07 23:25:27 + # @LastEditTime: 2021-07-07 23:25:28 + # @LastEditors: Cloudflying + # @Description: + # @FilePath: /dockenv/images/boxs/script/entrypoint.sh +### diff --git a/images/ubuntu/script/startup.sh b/images/boxs/script/startup.sh similarity index 100% rename from images/ubuntu/script/startup.sh rename to images/boxs/script/startup.sh diff --git a/images/ubuntu/script/build.sh b/images/boxs/script/vnc.sh similarity index 100% rename from images/ubuntu/script/build.sh rename to images/boxs/script/vnc.sh diff --git a/images/ubuntu/script/wm_startup.sh b/images/boxs/script/wm_startup.sh similarity index 100% rename from images/ubuntu/script/wm_startup.sh rename to images/boxs/script/wm_startup.sh diff --git a/images/ubuntu/unity/startup.sh b/images/boxs/unity/startup.sh similarity index 71% rename from images/ubuntu/unity/startup.sh rename to images/boxs/unity/startup.sh index c9e36440..9cacc4a5 100644 --- a/images/ubuntu/unity/startup.sh +++ b/images/boxs/unity/startup.sh @@ -4,9 +4,9 @@ echo "=> Set vnc password" if [ ! -f $HOME/.vnc/passwd ] ; then echo "$USER:$PASSWD" | chpasswd # Set up vncserver - su $USER -c "mkdir $HOME/.vnc \ - && echo '$PASSWD' | vncpasswd -f > $HOME/.vnc/passwd \ - && chmod 600 $HOME/.vnc/passwd && touch $HOME/.Xresources" + su $USER -c "mkdir $HOME/.vnc + echo '$PASSWD' | vncpasswd -f > $HOME/.vnc/passwd + chmod 600 $HOME/.vnc/passwd && touch $HOME/.Xresources" chown -R $USER:$USER $HOME else VNC_PID=`find $HOME/.vnc -name '*.pid'` diff --git a/images/ubuntu/unity/startup_bak.sh b/images/boxs/unity/startup_bak.sh similarity index 100% rename from images/ubuntu/unity/startup_bak.sh rename to images/boxs/unity/startup_bak.sh diff --git a/images/ubuntu/unity/unity.sh b/images/boxs/unity/unity.sh similarity index 100% rename from images/ubuntu/unity/unity.sh rename to images/boxs/unity/unity.sh diff --git a/images/ubuntu/unity/xfce_startup.sh b/images/boxs/unity/xfce_startup.sh similarity index 100% rename from images/ubuntu/unity/xfce_startup.sh rename to images/boxs/unity/xfce_startup.sh diff --git a/images/archlinux-vnc/conf/.ratpoisonrc b/images/boxs/vnc/conf/.ratpoisonrc similarity index 100% rename from images/archlinux-vnc/conf/.ratpoisonrc rename to images/boxs/vnc/conf/.ratpoisonrc diff --git a/images/archlinux-vnc/conf/.xinitrc b/images/boxs/vnc/conf/.xinitrc similarity index 100% rename from images/archlinux-vnc/conf/.xinitrc rename to images/boxs/vnc/conf/.xinitrc diff --git a/images/archlinux-vnc/conf/.xsession b/images/boxs/vnc/conf/.xsession similarity index 100% rename from images/archlinux-vnc/conf/.xsession rename to images/boxs/vnc/conf/.xsession diff --git a/images/archlinux-vnc/conf/vnc/xstartup b/images/boxs/vnc/conf/vnc/xstartup similarity index 100% rename from images/archlinux-vnc/conf/vnc/xstartup rename to images/boxs/vnc/conf/vnc/xstartup diff --git a/images/archlinux-vnc/run.sh b/images/boxs/vnc/run.sh similarity index 100% rename from images/archlinux-vnc/run.sh rename to images/boxs/vnc/run.sh diff --git a/images/boxs/workspace/Dockerfile b/images/boxs/workspace/Dockerfile new file mode 100644 index 00000000..0043dd80 --- /dev/null +++ b/images/boxs/workspace/Dockerfile @@ -0,0 +1,1534 @@ +# +#-------------------------------------------------------------------------- +# Image Setup +#-------------------------------------------------------------------------- +# +# To edit the 'workspace' base Image, visit its repository on Github +# https://github.com/Laradock/workspace +# +# To change its version, see the available Tags on the Docker Hub: +# https://hub.docker.com/r/laradock/workspace/tags/ +# +# Note: Base Image name format {image-tag}-{php-version} +# + +ARG LARADOCK_PHP_VERSION +ARG BASE_IMAGE_TAG_PREFIX=latest +FROM laradock/workspace:${BASE_IMAGE_TAG_PREFIX}-${LARADOCK_PHP_VERSION} + +LABEL maintainer="Mahmoud Zalt " + +ARG LARADOCK_PHP_VERSION + +# Set Environment Variables +ENV DEBIAN_FRONTEND noninteractive + +# If you're in China, or you need to change sources, will be set CHANGE_SOURCE to true in .env. + +ARG CHANGE_SOURCE=false +RUN if [ ${CHANGE_SOURCE} = true ]; then \ + # Change application source from deb.debian.org to aliyun source + sed -i 's/deb.debian.org/mirrors.tuna.tsinghua.edu.cn/' /etc/apt/sources.list && \ + sed -i 's/security.debian.org/mirrors.tuna.tsinghua.edu.cn/' /etc/apt/sources.list && \ + sed -i 's/security-cdn.debian.org/mirrors.tuna.tsinghua.edu.cn/' /etc/apt/sources.list \ +;fi + +# Start as root +USER root + +########################################################################### +# Laradock non-root user: +########################################################################### + +# Add a non-root user to prevent files being created with root permissions on host machine. +ARG PUID=1000 +ENV PUID ${PUID} +ARG PGID=1000 +ENV PGID ${PGID} + +ARG CHANGE_SOURCE=false +ARG UBUNTU_SOURCE +COPY ./sources.sh /tmp/sources.sh + +RUN if [ ${CHANGE_SOURCE} = true ]; then \ + chmod +x /tmp/sources.sh && \ + /bin/sh -c /tmp/sources.sh && \ + rm -rf /tmp/sources.sh \ +;fi + +# always run apt update when start and after add new source list, then clean up at end. +RUN set -xe; \ + apt-get update -yqq && \ + pecl channel-update pecl.php.net && \ + groupadd -g ${PGID} laradock && \ + useradd -u ${PUID} -g laradock -m laradock -G docker_env && \ + usermod -p "*" laradock -s /bin/bash && \ + apt-get install -yqq \ + apt-utils \ + # + #-------------------------------------------------------------------------- + # Mandatory Software's Installation + #-------------------------------------------------------------------------- + # + # Mandatory Software's such as ("php-cli", "git", "vim", ....) are + # installed on the base image 'laradock/workspace' image. If you want + # to add more Software's or remove existing one, you need to edit the + # base image (https://github.com/Laradock/workspace). + # + # next lines are here because there is no auto build on dockerhub see https://github.com/laradock/laradock/pull/1903#issuecomment-463142846 + libzip-dev zip unzip \ + # Install the zip extension + php${LARADOCK_PHP_VERSION}-zip \ + # nasm + nasm && \ + php -m | grep -q 'zip' + +# +#-------------------------------------------------------------------------- +# Optional Software's Installation +#-------------------------------------------------------------------------- +# +# Optional Software's will only be installed if you set them to `true` +# in the `docker-compose.yml` before the build. +# Example: +# - INSTALL_NODE=false +# - ... +# + +########################################################################### +# Set Timezone +########################################################################### + +ARG TZ=UTC +ENV TZ ${TZ} + +RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone + +########################################################################### +# User Aliases +########################################################################### + +USER root + +COPY ./aliases.sh /root/aliases.sh +COPY ./aliases.sh /home/laradock/aliases.sh + +RUN sed -i 's/\r//' /root/aliases.sh && \ + sed -i 's/\r//' /home/laradock/aliases.sh && \ + chown laradock:laradock /home/laradock/aliases.sh && \ + echo "" >> ~/.bashrc && \ + echo "# Load Custom Aliases" >> ~/.bashrc && \ + echo "source ~/aliases.sh" >> ~/.bashrc && \ + echo "" >> ~/.bashrc + +USER laradock + +RUN echo "" >> ~/.bashrc && \ + echo "# Load Custom Aliases" >> ~/.bashrc && \ + echo "source ~/aliases.sh" >> ~/.bashrc && \ + echo "" >> ~/.bashrc + +########################################################################### +# Composer: +########################################################################### + +USER root + +# Add the composer.json +COPY ./composer.json /home/laradock/.composer/composer.json + +# Add the auth.json for magento 2 credentials +COPY ./auth.json /home/laradock/.composer/auth.json + +# Make sure that ~/.composer belongs to laradock +RUN chown -R laradock:laradock /home/laradock/.composer + +# Export composer vendor path +RUN echo "" >> ~/.bashrc && \ + echo 'export PATH="$HOME/.composer/vendor/bin:$PATH"' >> ~/.bashrc + +USER laradock + +# Check if global install need to be ran +ARG COMPOSER_GLOBAL_INSTALL=false +ENV COMPOSER_GLOBAL_INSTALL ${COMPOSER_GLOBAL_INSTALL} + +RUN if [ ${COMPOSER_GLOBAL_INSTALL} = true ]; then \ + # run the install + composer global install \ +;fi + +# Check if auth file is disabled +ARG COMPOSER_AUTH=false +ENV COMPOSER_AUTH ${COMPOSER_AUTH} + +RUN if [ ${COMPOSER_AUTH} = false ]; then \ + # remove the file + rm /home/laradock/.composer/auth.json \ +;fi + +ARG COMPOSER_REPO_PACKAGIST +ENV COMPOSER_REPO_PACKAGIST ${COMPOSER_REPO_PACKAGIST} + +RUN if [ ${COMPOSER_REPO_PACKAGIST} ]; then \ + composer config -g repo.packagist composer ${COMPOSER_REPO_PACKAGIST} \ +;fi + +# Export composer vendor path +RUN echo "" >> ~/.bashrc && \ + echo 'export PATH="~/.composer/vendor/bin:$PATH"' >> ~/.bashrc + +########################################################################### +# Non-root user : PHPUnit path +########################################################################### + +# add ./vendor/bin to non-root user's bashrc (needed for phpunit) +USER laradock + +RUN echo "" >> ~/.bashrc && \ + echo 'export PATH="/var/www/vendor/bin:$PATH"' >> ~/.bashrc + +########################################################################### +# Crontab +########################################################################### + +USER root + +COPY ./crontab /etc/cron.d + +RUN chmod -R 644 /etc/cron.d + +########################################################################### +# Drush: +########################################################################### + +# Deprecated install of Drush 8 and earlier versions. +# Drush 9 and up require Drush to be listed as a composer dependency of your site. + +USER root + +ARG INSTALL_DRUSH=false +ARG DRUSH_VERSION +ENV DRUSH_VERSION ${DRUSH_VERSION} + +RUN if [ ${INSTALL_DRUSH} = true ]; then \ + apt-get -y install mysql-client && \ + # Install Drush with the phar file. + curl -fsSL -o /usr/local/bin/drush https://github.com/drush-ops/drush/releases/download/${DRUSH_VERSION}/drush.phar | bash && \ + chmod +x /usr/local/bin/drush && \ + drush core-status \ +;fi + +########################################################################### +# WP CLI: +########################################################################### + +# The command line interface for WordPress + +USER root + +ARG INSTALL_WP_CLI=false + +RUN if [ ${INSTALL_WP_CLI} = true ]; then \ + curl -fsSL -o /usr/local/bin/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar | bash && \ + chmod +x /usr/local/bin/wp \ +;fi + +########################################################################### +# BZ2: +########################################################################### + +ARG INSTALL_BZ2=false +RUN if [ ${INSTALL_BZ2} = true ]; then \ + apt-get -y install php${LARADOCK_PHP_VERSION}-bz2 \ +;fi + +########################################################################### +# GMP (GNU Multiple Precision): +########################################################################### + +USER root + +ARG INSTALL_GMP=false +ARG PHP_VERSION=${LARADOCK_PHP_VERSION} + +RUN if [ ${INSTALL_GMP} = true ]; then \ + # Install the PHP GMP extension + apt-get -y install php${LARADOCK_PHP_VERSION}-gmp \ +;fi + +########################################################################### +# SSH2: +########################################################################### + +USER root + +ARG INSTALL_SSH2=false + +RUN if [ ${INSTALL_SSH2} = true ]; then \ + # Install the PHP SSH2 extension + apt-get -y install libssh2-1-dev php${LARADOCK_PHP_VERSION}-ssh2 \ +;fi + +########################################################################### +# SOAP: +########################################################################### + +USER root + +ARG INSTALL_SOAP=false + +RUN if [ ${INSTALL_SOAP} = true ]; then \ + # Install the PHP SOAP extension + apt-get -y install libxml2-dev php${LARADOCK_PHP_VERSION}-soap \ +;fi + +########################################################################### +# XSL: +########################################################################### + +USER root + +ARG INSTALL_XSL=false + +RUN if [ ${INSTALL_XSL} = true ]; then \ + # Install the PHP XSL extension + apt-get -y install libxslt-dev php${LARADOCK_PHP_VERSION}-xsl \ +;fi + + +########################################################################### +# LDAP: +########################################################################### + +ARG INSTALL_LDAP=false + +RUN if [ ${INSTALL_LDAP} = true ]; then \ + apt-get install -y libldap2-dev && \ + apt-get install -y php${LARADOCK_PHP_VERSION}-ldap \ +;fi + +########################################################################### +# SMB: +########################################################################### + +ARG INSTALL_SMB=false + +RUN if [ ${INSTALL_SMB} = true ]; then \ + apt-get install -y smbclient php-smbclient coreutils \ +;fi + +########################################################################### +# IMAP: +########################################################################### + +ARG INSTALL_IMAP=false + +RUN if [ ${INSTALL_IMAP} = true ]; then \ + apt-get install -y php${LARADOCK_PHP_VERSION}-imap \ +;fi + +########################################################################### +# Subversion: +########################################################################### + +USER root + +ARG INSTALL_SUBVERSION=false + +RUN if [ ${INSTALL_SUBVERSION} = true ]; then \ + apt-get install -y subversion \ +;fi + + +########################################################################### +# xDebug: +########################################################################### + +USER root + +ARG INSTALL_XDEBUG=false + +RUN if [ ${INSTALL_XDEBUG} = true ]; then \ + # Load the xdebug extension only with phpunit commands + apt-get install -y php${LARADOCK_PHP_VERSION}-xdebug && \ + sed -i 's/^;//g' /etc/php/${LARADOCK_PHP_VERSION}/cli/conf.d/20-xdebug.ini \ +;fi + +# ADD for REMOTE debugging +COPY ./xdebug.ini /etc/php/${LARADOCK_PHP_VERSION}/cli/conf.d/xdebug.ini + +RUN sed -i "s/xdebug.remote_autostart=0/xdebug.remote_autostart=1/" /etc/php/${LARADOCK_PHP_VERSION}/cli/conf.d/xdebug.ini && \ + sed -i "s/xdebug.remote_enable=0/xdebug.remote_enable=1/" /etc/php/${LARADOCK_PHP_VERSION}/cli/conf.d/xdebug.ini && \ + sed -i "s/xdebug.cli_color=0/xdebug.cli_color=1/" /etc/php/${LARADOCK_PHP_VERSION}/cli/conf.d/xdebug.ini + +########################################################################### +# pcov: +########################################################################### + +USER root + +ARG INSTALL_PCOV=false + +RUN if [ ${INSTALL_PCOV} = true ]; then \ + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "7" ]; then \ + if [ $(php -r "echo PHP_MINOR_VERSION;") != "0" ]; then \ + pecl install pcov && \ + echo "extension=pcov.so" >> /etc/php/${LARADOCK_PHP_VERSION}/cli/php.ini && \ + echo "pcov.enabled" >> /etc/php/${LARADOCK_PHP_VERSION}/cli/php.ini \ + ;fi \ + ;fi \ +;fi + + +########################################################################### +# Phpdbg: +########################################################################### + +USER root + +ARG INSTALL_PHPDBG=false + +RUN if [ ${INSTALL_PHPDBG} = true ]; then \ + # Load the xdebug extension only with phpunit commands + apt-get install -y --force-yes php${LARADOCK_PHP_VERSION}-phpdbg \ +;fi + +########################################################################### +# Blackfire: +########################################################################### + +ARG INSTALL_BLACKFIRE=false +ARG BLACKFIRE_CLIENT_ID +ENV BLACKFIRE_CLIENT_ID ${BLACKFIRE_CLIENT_ID} +ARG BLACKFIRE_CLIENT_TOKEN +ENV BLACKFIRE_CLIENT_TOKEN ${BLACKFIRE_CLIENT_TOKEN} + +RUN if [ ${INSTALL_XDEBUG} = false -a ${INSTALL_BLACKFIRE} = true ]; then \ + curl -L https://packages.blackfire.io/gpg.key | apt-key add - && \ + echo "deb http://packages.blackfire.io/debian any main" | tee /etc/apt/sources.list.d/blackfire.list && \ + apt-get update -yqq && \ + apt-get install blackfire-agent \ +;fi + +########################################################################### +# ssh: +########################################################################### + +ARG INSTALL_WORKSPACE_SSH=false + +COPY insecure_id_rsa /tmp/id_rsa +COPY insecure_id_rsa.pub /tmp/id_rsa.pub + +RUN if [ ${INSTALL_WORKSPACE_SSH} = true ]; then \ + rm -f /etc/service/sshd/down && \ + cat /tmp/id_rsa.pub >> /root/.ssh/authorized_keys \ + && cat /tmp/id_rsa.pub >> /root/.ssh/id_rsa.pub \ + && cat /tmp/id_rsa >> /root/.ssh/id_rsa \ + && rm -f /tmp/id_rsa* \ + && chmod 644 /root/.ssh/authorized_keys /root/.ssh/id_rsa.pub \ + && chmod 400 /root/.ssh/id_rsa \ + && cp -rf /root/.ssh /home/laradock \ + && chown -R laradock:laradock /home/laradock/.ssh \ +;fi + +########################################################################### +# MongoDB: +########################################################################### + +ARG INSTALL_MONGO=false + +RUN if [ ${INSTALL_MONGO} = true ]; then \ + # Install the mongodb extension + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "5" ]; then \ + pecl install mongo && \ + echo "extension=mongo.so" >> /etc/php/${LARADOCK_PHP_VERSION}/mods-available/mongo.ini && \ + ln -s /etc/php/${LARADOCK_PHP_VERSION}/mods-available/mongo.ini /etc/php/${LARADOCK_PHP_VERSION}/cli/conf.d/30-mongo.ini \ + ;fi && \ + pecl install mongodb && \ + echo "extension=mongodb.so" >> /etc/php/${LARADOCK_PHP_VERSION}/mods-available/mongodb.ini && \ + ln -s /etc/php/${LARADOCK_PHP_VERSION}/mods-available/mongodb.ini /etc/php/${LARADOCK_PHP_VERSION}/cli/conf.d/30-mongodb.ini \ +;fi + +########################################################################### +# AMQP: +########################################################################### + +ARG INSTALL_AMQP=false + +RUN if [ ${INSTALL_AMQP} = true ]; then \ + apt-get install librabbitmq-dev -y && \ + pecl -q install amqp && \ + echo "extension=amqp.so" >> /etc/php/${LARADOCK_PHP_VERSION}/mods-available/amqp.ini && \ + ln -s /etc/php/${LARADOCK_PHP_VERSION}/mods-available/amqp.ini /etc/php/${LARADOCK_PHP_VERSION}/cli/conf.d/30-amqp.ini \ +;fi + +########################################################################### +# CASSANDRA: +########################################################################### + +ARG INSTALL_CASSANDRA=false + +RUN if [ ${INSTALL_CASSANDRA} = true ]; then \ + apt-get install libgmp-dev -y && \ + curl https://downloads.datastax.com/cpp-driver/ubuntu/18.04/dependencies/libuv/v1.28.0/libuv1-dev_1.28.0-1_amd64.deb -o libuv1-dev.deb && \ + curl https://downloads.datastax.com/cpp-driver/ubuntu/18.04/dependencies/libuv/v1.28.0/libuv1_1.28.0-1_amd64.deb -o libuv1.deb && \ + curl https://downloads.datastax.com/cpp-driver/ubuntu/18.04/cassandra/v2.12.0/cassandra-cpp-driver-dev_2.12.0-1_amd64.deb -o cassandra-cpp-driver-dev.deb && \ + curl https://downloads.datastax.com/cpp-driver/ubuntu/18.04/cassandra/v2.12.0/cassandra-cpp-driver_2.12.0-1_amd64.deb -o cassandra-cpp-driver.deb && \ + dpkg -i libuv1.deb && \ + dpkg -i libuv1-dev.deb && \ + dpkg -i cassandra-cpp-driver.deb && \ + dpkg -i cassandra-cpp-driver-dev.deb && \ + rm libuv1.deb libuv1-dev.deb cassandra-cpp-driver-dev.deb cassandra-cpp-driver.deb && \ + cd /usr/src && \ + git clone https://github.com/datastax/php-driver.git && \ + cd /usr/src/php-driver/ext && \ + phpize && \ + mkdir /usr/src/php-driver/build && \ + cd /usr/src/php-driver/build && \ + ../ext/configure > /dev/null && \ + make clean >/dev/null && \ + make >/dev/null 2>&1 && \ + make install && \ + echo "extension=cassandra.so" >> /etc/php/${LARADOCK_PHP_VERSION}/mods-available/cassandra.ini && \ + ln -s /etc/php/${LARADOCK_PHP_VERSION}/mods-available/cassandra.ini /etc/php/${LARADOCK_PHP_VERSION}/cli/conf.d/30-cassandra.ini \ +;fi + +########################################################################### +# Gearman: +########################################################################### + +ARG INSTALL_GEARMAN=false + +RUN if [ ${INSTALL_GEARMAN} = true ]; then \ + add-apt-repository -y ppa:ondrej/pkg-gearman && \ + apt-get update && \ + apt-get install php-gearman -y \ +;fi + +########################################################################### +# PHP REDIS EXTENSION +########################################################################### + +ARG INSTALL_PHPREDIS=false + +RUN if [ ${INSTALL_PHPREDIS} = true ]; then \ + apt-get update -yqq && \ + apt-get install -yqq php-redis \ +;fi + +########################################################################### +# Swoole EXTENSION +########################################################################### + +ARG INSTALL_SWOOLE=false + +RUN if [ ${INSTALL_SWOOLE} = true ]; then \ + # Install Php Swoole Extension + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "5" ]; then \ + pecl -q install swoole-2.0.10; \ + else \ + if [ $(php -r "echo PHP_MINOR_VERSION;") = "0" ]; then \ + pecl install swoole-2.2.0; \ + else \ + pecl install swoole; \ + fi \ + fi && \ + echo "extension=swoole.so" >> /etc/php/${LARADOCK_PHP_VERSION}/mods-available/swoole.ini && \ + ln -s /etc/php/${LARADOCK_PHP_VERSION}/mods-available/swoole.ini /etc/php/${LARADOCK_PHP_VERSION}/cli/conf.d/20-swoole.ini \ + && php -m | grep -q 'swoole' \ +;fi + +########################################################################### +# Taint EXTENSION +########################################################################### + +ARG INSTALL_TAINT=false + +RUN if [ "${INSTALL_TAINT}" = true ]; then \ + # Install Php TAINT Extension + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "7" ]; then \ + pecl install taint && \ + echo "extension=taint.so" >> /etc/php/${LARADOCK_PHP_VERSION}/mods-available/taint.ini && \ + ln -s /etc/php/${LARADOCK_PHP_VERSION}/mods-available/taint.ini /etc/php/${LARADOCK_PHP_VERSION}/cli/conf.d/20-taint.ini && \ + php -m | grep -q 'taint'; \ + fi \ +;fi + +########################################################################### +# Libpng16 EXTENSION +########################################################################### + +ARG INSTALL_LIBPNG=false + +RUN if [ ${INSTALL_LIBPNG} = true ]; then \ + apt-get update && \ + apt-get install libpng16-16 \ +;fi + +########################################################################### +# Inotify EXTENSION: +########################################################################### + +ARG INSTALL_INOTIFY=false + +RUN if [ ${INSTALL_INOTIFY} = true ]; then \ + pecl -q install inotify && \ + echo "extension=inotify.so" >> /etc/php/${LARADOCK_PHP_VERSION}/mods-available/inotify.ini && \ + ln -s /etc/php/${LARADOCK_PHP_VERSION}/mods-available/inotify.ini /etc/php/${LARADOCK_PHP_VERSION}/cli/conf.d/20-inotify.ini \ +;fi + +########################################################################### +# AST EXTENSION +########################################################################### + +ARG INSTALL_AST=false +ARG AST_VERSION=1.0.3 +ENV AST_VERSION ${AST_VERSION} + +RUN if [ ${INSTALL_AST} = true ]; then \ + # AST extension requires PHP 7.0.0 or newer + if [ $(php -r "echo PHP_MAJOR_VERSION;") != "5" ]; then \ + # Install AST extension + printf "\n" | pecl -q install ast-${AST_VERSION} && \ + echo "extension=ast.so" >> /etc/php/${LARADOCK_PHP_VERSION}/mods-available/ast.ini && \ + phpenmod -v ${LARADOCK_PHP_VERSION} -s cli ast \ + ;fi \ +;fi + +########################################################################### +# fswatch +########################################################################### + +ARG INSTALL_FSWATCH=false + +RUN if [ ${INSTALL_FSWATCH} = true ]; then \ + apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 47FE03C1 \ + && add-apt-repository -y ppa:hadret/fswatch \ + || apt-get update -yqq \ + && apt-get -y install fswatch \ +;fi + +########################################################################### + +# GraphViz extension +########################################################################### + +ARG INSTALL_GRAPHVIZ=false + +RUN if [ ${INSTALL_GRAPHVIZ} = true ]; then \ + apt-get update && \ + apt-get install -y graphviz \ +;fi + +# IonCube Loader +########################################################################### + +ARG INSTALL_IONCUBE=false + +RUN if [ ${INSTALL_IONCUBE} = true ]; then \ + # Install the php ioncube loader + curl -L -o /tmp/ioncube_loaders_lin_x86-64.tar.gz https://downloads.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz \ + && tar zxpf /tmp/ioncube_loaders_lin_x86-64.tar.gz -C /tmp \ + && mv /tmp/ioncube/ioncube_loader_lin_${LARADOCK_PHP_VERSION}.so $(php -r "echo ini_get('extension_dir');")/ioncube_loader.so \ + && echo "zend_extension=ioncube_loader.so" >> /etc/php/${LARADOCK_PHP_VERSION}/mods-available/0ioncube.ini \ + && rm -rf /tmp/ioncube* \ +;fi + +########################################################################### +# Drupal Console: +########################################################################### + +USER root + +ARG INSTALL_DRUPAL_CONSOLE=false + +RUN if [ ${INSTALL_DRUPAL_CONSOLE} = true ]; then \ + apt-get -y install mysql-client && \ + curl https://drupalconsole.com/installer -L -o drupal.phar && \ + mv drupal.phar /usr/local/bin/drupal && \ + chmod +x /usr/local/bin/drupal \ +;fi + +USER laradock + +########################################################################### +# Node / NVM: +########################################################################### + +# Check if NVM needs to be installed +ARG NODE_VERSION=node +ENV NODE_VERSION ${NODE_VERSION} +ARG INSTALL_NODE=false +ARG INSTALL_NPM_GULP=false +ARG INSTALL_NPM_BOWER=false +ARG INSTALL_NPM_VUE_CLI=false +ARG INSTALL_NPM_ANGULAR_CLI=false +ARG NPM_REGISTRY +ENV NPM_REGISTRY ${NPM_REGISTRY} +ENV NVM_DIR /home/laradock/.nvm +ARG NVM_NODEJS_ORG_MIRROR +ENV NVM_NODEJS_ORG_MIRROR ${NVM_NODEJS_ORG_MIRROR} + +RUN if [ ${INSTALL_NODE} = true ]; then \ + # Install nvm (A Node Version Manager) + mkdir -p $NVM_DIR && \ + curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.33.11/install.sh | bash \ + && . $NVM_DIR/nvm.sh \ + && nvm install ${NODE_VERSION} \ + && nvm use ${NODE_VERSION} \ + && nvm alias ${NODE_VERSION} \ + && if [ ${NPM_REGISTRY} ]; then \ + npm config set registry ${NPM_REGISTRY} \ + ;fi \ + && if [ ${INSTALL_NPM_GULP} = true ]; then \ + npm install -g gulp \ + ;fi \ + && if [ ${INSTALL_NPM_BOWER} = true ]; then \ + npm install -g bower \ + ;fi \ + && if [ ${INSTALL_NPM_VUE_CLI} = true ]; then \ + npm install -g @vue/cli \ + ;fi \ + && if [ ${INSTALL_NPM_ANGULAR_CLI} = true ]; then \ + npm install -g @angular/cli \ + ;fi \ + && ln -s `npm bin --global` /home/laradock/.node-bin \ +;fi + +# Wouldn't execute when added to the RUN statement in the above block +# Source NVM when loading bash since ~/.profile isn't loaded on non-login shell +RUN if [ ${INSTALL_NODE} = true ]; then \ + echo "" >> ~/.bashrc && \ + echo 'export NVM_DIR="$HOME/.nvm"' >> ~/.bashrc && \ + echo '[ -s "$NVM_DIR/nvm.sh" ] && . "$NVM_DIR/nvm.sh" # This loads nvm' >> ~/.bashrc \ +;fi + +# Add NVM binaries to root's .bashrc +USER root + +RUN if [ ${INSTALL_NODE} = true ]; then \ + echo "" >> ~/.bashrc && \ + echo 'export NVM_DIR="/home/laradock/.nvm"' >> ~/.bashrc && \ + echo '[ -s "$NVM_DIR/nvm.sh" ] && . "$NVM_DIR/nvm.sh" # This loads nvm' >> ~/.bashrc \ +;fi + +# Add PATH for node +ENV PATH $PATH:/home/laradock/.node-bin + +# Make it so the node modules can be executed with 'docker-compose exec' +# We'll create symbolic links into '/usr/local/bin'. +RUN if [ ${INSTALL_NODE} = true ]; then \ + find $NVM_DIR -type f -name node -exec ln -s {} /usr/local/bin/node \; && \ + NODE_MODS_DIR="$NVM_DIR/versions/node/$(node -v)/lib/node_modules" && \ + ln -s $NODE_MODS_DIR/bower/bin/bower /usr/local/bin/bower && \ + ln -s $NODE_MODS_DIR/gulp/bin/gulp.js /usr/local/bin/gulp && \ + ln -s $NODE_MODS_DIR/npm/bin/npm-cli.js /usr/local/bin/npm && \ + ln -s $NODE_MODS_DIR/npm/bin/npx-cli.js /usr/local/bin/npx && \ + ln -s $NODE_MODS_DIR/vue-cli/bin/vue /usr/local/bin/vue && \ + ln -s $NODE_MODS_DIR/vue-cli/bin/vue-init /usr/local/bin/vue-init && \ + ln -s $NODE_MODS_DIR/vue-cli/bin/vue-list /usr/local/bin/vue-list \ +;fi + +RUN if [ ${NPM_REGISTRY} ]; then \ + . ~/.bashrc && npm config set registry ${NPM_REGISTRY} \ +;fi + + +########################################################################### +# PNPM: +########################################################################### + +USER laradock + +ARG INSTALL_PNPM=false + +RUN if [ ${INSTALL_PNPM} = true ]; then \ + npx pnpm add -g pnpm \ +;fi + + +########################################################################### +# YARN: +########################################################################### + +USER laradock + +ARG INSTALL_YARN=false +ARG YARN_VERSION=latest +ENV YARN_VERSION ${YARN_VERSION} + +RUN if [ ${INSTALL_YARN} = true ]; then \ + [ -s "$NVM_DIR/nvm.sh" ] && . "$NVM_DIR/nvm.sh" && \ + if [ ${YARN_VERSION} = "latest" ]; then \ + curl -o- -L https://yarnpkg.com/install.sh | bash; \ + else \ + curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version ${YARN_VERSION}; \ + fi && \ + echo "" >> ~/.bashrc && \ + echo 'export PATH="$HOME/.yarn/bin:$PATH"' >> ~/.bashrc \ +;fi + +# Add YARN binaries to root's .bashrc +USER root + +RUN if [ ${INSTALL_YARN} = true ]; then \ + echo "" >> ~/.bashrc && \ + echo 'export YARN_DIR="/home/laradock/.yarn"' >> ~/.bashrc && \ + echo 'export PATH="$YARN_DIR/bin:$PATH"' >> ~/.bashrc \ +;fi + +# Add PATH for YARN +ENV PATH $PATH:/home/laradock/.yarn/bin + +########################################################################### +# PHP Aerospike: +########################################################################### + +USER root + +ARG INSTALL_AEROSPIKE=false + +RUN set -xe; \ + if [ ${INSTALL_AEROSPIKE} = true ]; then \ + # Fix dependencies for PHPUnit within aerospike extension + apt-get -y install sudo wget && \ + # Install the php aerospike extension + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "5" ]; then \ + curl -L -o /tmp/aerospike-client-php.tar.gz https://github.com/aerospike/aerospike-client-php5/archive/master.tar.gz; \ + else \ + curl -L -o /tmp/aerospike-client-php.tar.gz https://github.com/aerospike/aerospike-client-php/archive/master.tar.gz; \ + fi \ + && mkdir -p /tmp/aerospike-client-php \ + && tar -C /tmp/aerospike-client-php -zxvf /tmp/aerospike-client-php.tar.gz --strip 1 \ + && \ + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "5" ]; then \ + ( \ + cd /tmp/aerospike-client-php/src/aerospike \ + && phpize \ + && ./build.sh \ + && make install \ + ) \ + else \ + ( \ + cd /tmp/aerospike-client-php/src \ + && phpize \ + && ./build.sh \ + && make install \ + ) \ + fi \ + && rm /tmp/aerospike-client-php.tar.gz \ + && echo 'extension=aerospike.so' >> /etc/php/${LARADOCK_PHP_VERSION}/cli/conf.d/aerospike.ini \ + && echo 'aerospike.udf.lua_system_path=/usr/local/aerospike/lua' >> /etc/php/${LARADOCK_PHP_VERSION}/cli/conf.d/aerospike.ini \ + && echo 'aerospike.udf.lua_user_path=/usr/local/aerospike/usr-lua' >> /etc/php/${LARADOCK_PHP_VERSION}/cli/conf.d/aerospike.ini \ + ;fi + +########################################################################### +# PHP OCI8: +########################################################################### + +USER root +ARG INSTALL_OCI8=false + +ENV LD_LIBRARY_PATH="/opt/oracle/instantclient_12_1" +ENV OCI_HOME="/opt/oracle/instantclient_12_1" +ENV OCI_LIB_DIR="/opt/oracle/instantclient_12_1" +ENV OCI_INCLUDE_DIR="/opt/oracle/instantclient_12_1/sdk/include" +ENV OCI_VERSION=12 + +RUN if [ ${INSTALL_OCI8} = true ]; then \ + # Install wget + apt-get update && apt-get install --no-install-recommends -y wget \ + # Install Oracle Instantclient + && mkdir /opt/oracle \ + && cd /opt/oracle \ + && wget https://github.com/diogomascarenha/oracle-instantclient/raw/master/instantclient-basic-linux.x64-12.1.0.2.0.zip \ + && wget https://github.com/diogomascarenha/oracle-instantclient/raw/master/instantclient-sdk-linux.x64-12.1.0.2.0.zip \ + && unzip /opt/oracle/instantclient-basic-linux.x64-12.1.0.2.0.zip -d /opt/oracle \ + && unzip /opt/oracle/instantclient-sdk-linux.x64-12.1.0.2.0.zip -d /opt/oracle \ + && ln -s /opt/oracle/instantclient_12_1/libclntsh.so.12.1 /opt/oracle/instantclient_12_1/libclntsh.so \ + && ln -s /opt/oracle/instantclient_12_1/libclntshcore.so.12.1 /opt/oracle/instantclient_12_1/libclntshcore.so \ + && ln -s /opt/oracle/instantclient_12_1/libocci.so.12.1 /opt/oracle/instantclient_12_1/libocci.so \ + && rm -rf /opt/oracle/*.zip \ + # Install PHP extensions deps + && apt-get update \ + && apt-get install --no-install-recommends -y \ + libaio-dev && \ + # Install PHP extensions + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "5" ]; then \ + echo 'instantclient,/opt/oracle/instantclient_12_1/' | pecl install oci8-2.0.10; \ + else \ + echo 'instantclient,/opt/oracle/instantclient_12_1/' | pecl install oci8; \ + fi \ + && echo "extension=oci8.so" >> /etc/php/${LARADOCK_PHP_VERSION}/cli/php.ini \ + && php -m | grep -q 'oci8' \ +;fi + +########################################################################### +# PHP V8JS: +########################################################################### + +USER root + +ARG INSTALL_V8JS=false + +RUN set -xe; \ + if [ ${INSTALL_V8JS} = true ]; then \ + add-apt-repository -y ppa:pinepain/libv8-archived \ + && apt-get update -yqq \ + && apt-get install -y libv8-5.4 && \ + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "5" ]; then \ + pecl install v8js-0.6.4; \ + else \ + pecl install v8js; \ + fi \ + && echo "extension=v8js.so" >> /etc/php/${LARADOCK_PHP_VERSION}/cli/php.ini \ + && php -m | grep -q 'v8js' \ + ;fi + +########################################################################### +# Laravel Envoy: +########################################################################### + +USER laradock + +ARG INSTALL_LARAVEL_ENVOY=false + +RUN if [ ${INSTALL_LARAVEL_ENVOY} = true ]; then \ + # Install the Laravel Envoy + composer global require "laravel/envoy=~2.0" \ +;fi + +########################################################################### +# Laravel Installer: +########################################################################### + +USER laradock + +ARG INSTALL_LARAVEL_INSTALLER=false + +RUN if [ ${INSTALL_LARAVEL_INSTALLER} = true ]; then \ + # Install the Laravel Installer + composer global require "laravel/installer" \ +;fi + +USER root + +ARG COMPOSER_REPO_PACKAGIST +ENV COMPOSER_REPO_PACKAGIST ${COMPOSER_REPO_PACKAGIST} + +RUN if [ ${COMPOSER_REPO_PACKAGIST} ]; then \ + composer config -g repo.packagist composer ${COMPOSER_REPO_PACKAGIST} \ +;fi + +########################################################################### +# Deployer: +########################################################################### + +USER root + +ARG INSTALL_DEPLOYER=false + +RUN if [ ${INSTALL_DEPLOYER} = true ]; then \ + # Install the Deployer + # Using Phar as currently there is no support for laravel 4 from composer version + # Waiting to be resolved on https://github.com/deployphp/deployer/issues/1552 + curl -LO https://deployer.org/deployer.phar && \ + mv deployer.phar /usr/local/bin/dep && \ + chmod +x /usr/local/bin/dep \ +;fi + +########################################################################### +# Prestissimo: +########################################################################### +USER laradock + +ARG INSTALL_PRESTISSIMO=false + +RUN if [ ${INSTALL_PRESTISSIMO} = true ]; then \ + # Install Prestissimo + composer global require "hirak/prestissimo" \ +;fi + +########################################################################### +# Linuxbrew: +########################################################################### + +USER root + +ARG INSTALL_LINUXBREW=false + +RUN if [ ${INSTALL_LINUXBREW} = true ]; then \ + # Preparation + apt-get upgrade -y && \ + apt-get install -y build-essential make cmake scons curl git \ + ruby autoconf automake autoconf-archive \ + gettext libtool flex bison \ + libbz2-dev libcurl4-openssl-dev \ + libexpat-dev libncurses-dev && \ + # Install the Linuxbrew + git clone --depth=1 https://github.com/Homebrew/linuxbrew.git ~/.linuxbrew && \ + echo "" >> ~/.bashrc && \ + echo 'export PKG_CONFIG_PATH"=/usr/local/lib/pkgconfig:/usr/local/lib64/pkgconfig:/usr/lib64/pkgconfig:/usr/lib/pkgconfig:/usr/lib/x86_64-linux-gnu/pkgconfig:/usr/lib64/pkgconfig:/usr/share/pkgconfig:$PKG_CONFIG_PATH"' >> ~/.bashrc && \ + # Setup linuxbrew + echo 'export LINUXBREWHOME="$HOME/.linuxbrew"' >> ~/.bashrc && \ + echo 'export PATH="$LINUXBREWHOME/bin:$PATH"' >> ~/.bashrc && \ + echo 'export MANPATH="$LINUXBREWHOME/man:$MANPATH"' >> ~/.bashrc && \ + echo 'export PKG_CONFIG_PATH="$LINUXBREWHOME/lib64/pkgconfig:$LINUXBREWHOME/lib/pkgconfig:$PKG_CONFIG_PATH"' >> ~/.bashrc && \ + echo 'export LD_LIBRARY_PATH="$LINUXBREWHOME/lib64:$LINUXBREWHOME/lib:$LD_LIBRARY_PATH"' >> ~/.bashrc \ +;fi + +########################################################################### +# SQL SERVER: +########################################################################### + +ARG INSTALL_MSSQL=false + +RUN set -eux; \ + if [ ${INSTALL_MSSQL} = true ]; then \ + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "5" ]; then \ + apt-get -y install php5.6-sybase freetds-bin freetds-common libsybdb5 \ + && php -m | grep -q 'mssql' \ + && php -m | grep -q 'pdo_dblib' \ + ;else \ + ########################################################################### + # The following steps were taken from + # https://github.com/Microsoft/msphpsql/wiki/Install-and-configuration + ########################################################################### + curl https://packages.microsoft.com/keys/microsoft.asc | apt-key add - && \ + curl https://packages.microsoft.com/config/ubuntu/16.04/prod.list > /etc/apt/sources.list.d/mssql-release.list && \ + apt-get update -yqq && \ + ACCEPT_EULA=Y apt-get install -y msodbcsql17 mssql-tools unixodbc unixodbc-dev libgss3 odbcinst locales && \ + ln -sfn /opt/mssql-tools/bin/sqlcmd /usr/bin/sqlcmd && \ + ln -sfn /opt/mssql-tools/bin/bcp /usr/bin/bcp && \ + echo "en_US.UTF-8 UTF-8" > /etc/locale.gen && \ + locale-gen && \ + if [ $(php -r "echo PHP_VERSION_ID - PHP_RELEASE_VERSION;") = "70000" ]; then \ + pecl install sqlsrv-5.3.0 pdo_sqlsrv-5.3.0 \ + ;elif [ $(php -r "echo PHP_VERSION_ID - PHP_RELEASE_VERSION;") = "70100" ]; then \ + pecl install sqlsrv-5.6.1 pdo_sqlsrv-5.6.1 \ + ;else \ + pecl install sqlsrv pdo_sqlsrv \ + ;fi && \ + echo "extension=sqlsrv.so" > /etc/php/${LARADOCK_PHP_VERSION}/cli/conf.d/20-sqlsrv.ini && \ + echo "extension=pdo_sqlsrv.so" > /etc/php/${LARADOCK_PHP_VERSION}/cli/conf.d/20-pdo_sqlsrv.ini \ + && php -m | grep -q 'sqlsrv' \ + && php -m | grep -q 'pdo_sqlsrv' \ + ;fi \ + ;fi + +########################################################################### +# Minio: +########################################################################### + +USER root + +COPY mc/config.json /root/.mc/config.json + +ARG INSTALL_MC=false + +RUN if [ ${INSTALL_MC} = true ]; then\ + curl -fsSL -o /usr/local/bin/mc https://dl.minio.io/client/mc/release/linux-amd64/mc && \ + chmod +x /usr/local/bin/mc \ +;fi + +########################################################################### +# Image optimizers: +########################################################################### + +USER root + +ARG INSTALL_IMAGE_OPTIMIZERS=false + +RUN if [ ${INSTALL_IMAGE_OPTIMIZERS} = true ]; then \ + apt-get install -y jpegoptim optipng pngquant gifsicle && \ + if [ ${INSTALL_NODE} = true ]; then \ + exec bash && . ~/.bashrc && npm install -g svgo \ + ;fi\ +;fi + +USER laradock + +########################################################################### +# Symfony: +########################################################################### + +USER root + +ARG INSTALL_SYMFONY=false + +RUN if [ ${INSTALL_SYMFONY} = true ]; then \ + mkdir -p /usr/local/bin \ + && curl -LsS https://symfony.com/installer -o /usr/local/bin/symfony \ + && chmod a+x /usr/local/bin/symfony \ + # Symfony 3 alias + && echo 'alias dev="php bin/console -e=dev"' >> ~/.bashrc \ + && echo 'alias prod="php bin/console -e=prod"' >> ~/.bashrc \ + # Symfony 2 alias + # && echo 'alias dev="php app/console -e=dev"' >> ~/.bashrc \ + # && echo 'alias prod="php app/console -e=prod"' >> ~/.bashrc \ +;fi + +########################################################################### +# PYTHON2: +########################################################################### + +ARG INSTALL_PYTHON=false + +RUN if [ ${INSTALL_PYTHON} = true ]; then \ + apt-get -y install python python-pip python-dev build-essential \ + && python -m pip install --upgrade pip \ + && python -m pip install --upgrade virtualenv \ +;fi + +########################################################################### +# PYTHON3: +########################################################################### + +ARG INSTALL_PYTHON3=false + +RUN if [ ${INSTALL_PYTHON3} = true ]; then \ + apt-get -y install python3 python3-pip python3-dev build-essential \ + && python3 -m pip install --upgrade --force-reinstall pip \ + && python3 -m pip install --upgrade virtualenv \ +;fi + +########################################################################### +# POWERLINE: +########################################################################### + +USER root +ARG INSTALL_POWERLINE=false + +RUN if [ ${INSTALL_POWERLINE} = true ]; then \ + if [ ${INSTALL_PYTHON} = true ]; then \ + python -m pip install --upgrade powerline-status && \ + echo "" >> /etc/bash.bashrc && \ + echo ". /usr/local/lib/python2.7/dist-packages/powerline/bindings/bash/powerline.sh" >> /etc/bash.bashrc \ + ;fi \ +;fi + +########################################################################### +# SUPERVISOR: +########################################################################### +ARG INSTALL_SUPERVISOR=false + +RUN if [ ${INSTALL_SUPERVISOR} = true ]; then \ + if [ ${INSTALL_PYTHON} = true ]; then \ + python -m pip install --upgrade supervisor && \ + echo_supervisord_conf > /etc/supervisord.conf && \ + sed -i 's/\;\[include\]/\[include\]/g' /etc/supervisord.conf && \ + sed -i 's/\;files\s.*/files = supervisord.d\/*.conf/g' /etc/supervisord.conf \ + ;fi \ +;fi + +USER laradock + +########################################################################### +# ImageMagick: +########################################################################### + +USER root + +ARG INSTALL_IMAGEMAGICK=false + +RUN if [ ${INSTALL_IMAGEMAGICK} = true ]; then \ + apt-get install -y imagemagick php-imagick \ +;fi + +########################################################################### +# Terraform: +########################################################################### + +USER root + +ARG INSTALL_TERRAFORM=false + +RUN if [ ${INSTALL_TERRAFORM} = true ]; then \ + apt-get -y install sudo wget unzip \ + && wget https://releases.hashicorp.com/terraform/0.10.6/terraform_0.10.6_linux_amd64.zip \ + && unzip terraform_0.10.6_linux_amd64.zip \ + && mv terraform /usr/local/bin \ + && rm terraform_0.10.6_linux_amd64.zip \ +;fi +########################################################################### +# pgsql client +########################################################################### + +USER root + +ARG INSTALL_PG_CLIENT=false + +RUN if [ ${INSTALL_PG_CLIENT} = true ]; then \ + # Install the pgsql client + apt-get install wget \ + && wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - \ + && echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" | tee /etc/apt/sources.list.d/pgdg.list \ + && apt-get update \ + && apt-get -y install postgresql-client-12 \ +;fi + +########################################################################### +# Dusk Dependencies: +########################################################################### + +USER root + +ARG CHROME_DRIVER_VERSION=stable +ENV CHROME_DRIVER_VERSION ${CHROME_DRIVER_VERSION} +ARG INSTALL_DUSK_DEPS=false + +RUN if [ ${INSTALL_DUSK_DEPS} = true ]; then \ + apt-get -y install zip wget unzip xdg-utils \ + libxpm4 libxrender1 libgtk2.0-0 libnss3 libgconf-2-4 xvfb \ + gtk2-engines-pixbuf xfonts-cyrillic xfonts-100dpi xfonts-75dpi \ + xfonts-base xfonts-scalable x11-apps \ + && wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb \ + && dpkg -i --force-depends google-chrome-stable_current_amd64.deb \ + && apt-get -y -f install \ + && dpkg -i --force-depends google-chrome-stable_current_amd64.deb \ + && rm google-chrome-stable_current_amd64.deb \ + && wget https://chromedriver.storage.googleapis.com/${CHROME_DRIVER_VERSION}/chromedriver_linux64.zip \ + && unzip chromedriver_linux64.zip \ + && mv chromedriver /usr/local/bin/ \ + && rm chromedriver_linux64.zip \ +;fi + +########################################################################### +# Phalcon: +########################################################################### + +ARG INSTALL_PHALCON=false +ARG LARADOCK_PHALCON_VERSION +ENV LARADOCK_PHALCON_VERSION ${LARADOCK_PHALCON_VERSION} + +RUN if [ $INSTALL_PHALCON = true ]; then \ + apt-get update && apt-get install -y unzip libpcre3-dev gcc make re2c git automake autoconf\ + && git clone https://github.com/jbboehr/php-psr.git \ + && cd php-psr \ + && phpize \ + && ./configure \ + && make \ + && make test \ + && make install \ + && curl -L -o /tmp/cphalcon.zip https://github.com/phalcon/cphalcon/archive/v${LARADOCK_PHALCON_VERSION}.zip \ + && unzip -d /tmp/ /tmp/cphalcon.zip \ + && cd /tmp/cphalcon-${LARADOCK_PHALCON_VERSION}/build \ + && ./install \ + && echo "extension=psr.so" >> /etc/php/${LARADOCK_PHP_VERSION}/mods-available/phalcon.ini \ + && echo "extension=phalcon.so" >> /etc/php/${LARADOCK_PHP_VERSION}/mods-available/phalcon.ini \ + && ln -s /etc/php/${LARADOCK_PHP_VERSION}/mods-available/phalcon.ini /etc/php/${LARADOCK_PHP_VERSION}/cli/conf.d/30-phalcon.ini \ + && rm -rf /tmp/cphalcon* \ +;fi + +########################################################################### +# MySQL Client: +########################################################################### + +USER root + +ARG INSTALL_MYSQL_CLIENT=false + +RUN if [ ${INSTALL_MYSQL_CLIENT} = true ]; then \ + apt-get update -yqq && \ + apt-get -y install mysql-client \ +;fi + +########################################################################### +# ping: +########################################################################### + +USER root + +ARG INSTALL_PING=false + +RUN if [ ${INSTALL_PING} = true ]; then \ + apt-get update -yqq && \ + apt-get -y install inetutils-ping \ +;fi + +########################################################################### +# sshpass: +########################################################################### + +USER root + +ARG INSTALL_SSHPASS=false + +RUN if [ ${INSTALL_SSHPASS} = true ]; then \ + apt-get update -yqq && \ + apt-get -y install sshpass \ +;fi + +########################################################################### +# YAML: extension for PHP-CLI +########################################################################### + +USER root + +ARG INSTALL_YAML=false + +RUN if [ ${INSTALL_YAML} = true ]; then \ + apt-get install libyaml-dev -y ; \ + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "5" ]; then \ + pecl install -a yaml-1.3.2; \ + else \ + pecl install yaml; \ + fi && \ + echo "extension=yaml.so" >> /etc/php/${LARADOCK_PHP_VERSION}/mods-available/yaml.ini && \ + ln -s /etc/php/${LARADOCK_PHP_VERSION}/mods-available/yaml.ini /etc/php/${LARADOCK_PHP_VERSION}/cli/conf.d/35-yaml.ini \ +;fi + +########################################################################### +# RDKAFKA: +########################################################################### + +ARG INSTALL_RDKAFKA=false + +RUN if [ ${INSTALL_RDKAFKA} = true ]; then \ + apt-get install -y librdkafka-dev && \ + pecl install rdkafka && \ + echo "extension=rdkafka.so" >> /etc/php/${LARADOCK_PHP_VERSION}/mods-available/rdkafka.ini && \ + ln -s /etc/php/${LARADOCK_PHP_VERSION}/mods-available/rdkafka.ini /etc/php/${LARADOCK_PHP_VERSION}/cli/conf.d/20-rdkafka.ini \ + && php -m | grep -q 'rdkafka' \ +;fi + +########################################################################### +# FFMpeg: +########################################################################### + +USER root + +ARG INSTALL_FFMPEG=false + +RUN if [ ${INSTALL_FFMPEG} = true ]; then \ + apt-get -y install ffmpeg \ +;fi + + +########################################################################### +# BBC Audio Waveform Image Generator: +########################################################################### + +USER root + +ARG INSTALL_AUDIOWAVEFORM=false + +RUN if [ ${INSTALL_AUDIOWAVEFORM} = true ]; then \ + apt-get -y install git wget make cmake gcc g++ libmad0-dev libid3tag0-dev libsndfile1-dev libgd-dev libboost-filesystem-dev libboost-program-options-dev libboost-regex-dev \ + && git clone https://github.com/bbc/audiowaveform.git \ + && cd audiowaveform \ + && wget https://github.com/google/googletest/archive/release-1.10.0.tar.gz \ + && tar xzf release-1.10.0.tar.gz \ + && ln -s googletest-release-1.10.0/googletest googletest \ + && ln -s googletest-release-1.10.0/googlemock googlemock \ + && mkdir build \ + && cd build \ + && cmake .. \ + && make \ + && make install \ +;fi + +##################################### +# wkhtmltopdf: +##################################### + +USER root + +ARG INSTALL_WKHTMLTOPDF=false + +RUN if [ ${INSTALL_WKHTMLTOPDF} = true ]; then \ + apt-get install -y \ + libxrender1 \ + libfontconfig1 \ + libx11-dev \ + libjpeg62 \ + libxtst6 \ + fontconfig \ + libjpeg-turbo8-dev \ + xfonts-base \ + xfonts-75dpi \ + wget \ + && wget https://github.com/wkhtmltopdf/packaging/releases/download/0.12.6-1/wkhtmltox_0.12.6-1.bionic_amd64.deb \ + && dpkg -i wkhtmltox_0.12.6-1.bionic_amd64.deb \ + && apt -f install \ +;fi + +########################################################################### +# Mailparse extension: +########################################################################### + +ARG INSTALL_MAILPARSE=false + +RUN if [ ${INSTALL_MAILPARSE} = true ]; then \ + apt-get install -yqq php-mailparse \ +;fi + +########################################################################### +# GNU Parallel: +########################################################################### + +USER root + +ARG INSTALL_GNU_PARALLEL=false + +RUN if [ ${INSTALL_GNU_PARALLEL} = true ]; then \ + apt-get -y install parallel \ +;fi + +########################################################################### +# Bash Git Prompt +########################################################################### + +ARG INSTALL_GIT_PROMPT=false + +COPY git-prompt.sh /tmp/git-prompt + +RUN if [ ${INSTALL_GIT_PROMPT} = true ]; then \ + git clone https://github.com/magicmonty/bash-git-prompt.git /root/.bash-git-prompt --depth=1 && \ + cat /tmp/git-prompt >> /root/.bashrc && \ + rm /tmp/git-prompt \ +;fi + +########################################################################### +# XMLRPC: +########################################################################### + +ARG INSTALL_XMLRPC=false + +RUN if [ ${INSTALL_XMLRPC} = true ]; then \ + docker-php-ext-install xmlrpc \ +;fi + +########################################################################### +# Lnav: +########################################################################### + +ARG INSTALL_LNAV=false + +RUN if [ ${INSTALL_LNAV} = true ]; then \ + apt-get install -y lnav \ +;fi + +########################################################################### +# Protoc: +########################################################################### + +ARG INSTALL_PROTOC=false +ARG PROTOC_VERSION + +RUN if [ ${INSTALL_PROTOC} = true ]; then \ + if [ ${PROTOC_VERSION} = "latest" ]; then \ + REAL_PROTOC_VERSION=$(curl -s https://api.github.com/repos/protocolbuffers/protobuf/releases/latest | \ + sed -nr 's/.*"tag_name":\s?"v(.+?)".*/\1/p'); \ + else \ + REAL_PROTOC_VERSION=${PROTOC_VERSION}; \ + fi && \ + PROTOC_ZIP=protoc-${REAL_PROTOC_VERSION}-linux-x86_64.zip; \ + curl -L -o /tmp/protoc.zip https://github.com/protocolbuffers/protobuf/releases/download/v${REAL_PROTOC_VERSION}/${PROTOC_ZIP} && \ + unzip -q -o /tmp/protoc.zip -d /usr/local bin/protoc && \ + unzip -q -o /tmp/protoc.zip -d /usr/local 'include/*' && \ + rm -f /tmp/protoc.zip && \ + chmod +x /usr/local/bin/protoc && \ + chmod -R +r /usr/local/include/google \ +;fi + +########################################################################### +# Check PHP version: +########################################################################### + +RUN set -xe; php -v | head -n 1 | grep -q "PHP ${LARADOCK_PHP_VERSION}." + +########################################################################### +# Oh My ZSH! +########################################################################### + +USER root + +ARG SHELL_OH_MY_ZSH=false +RUN if [ ${SHELL_OH_MY_ZSH} = true ]; then \ + apt install -y zsh \ +;fi + +ARG SHELL_OH_MY_ZSH_AUTOSUGESTIONS=false +ARG SHELL_OH_MY_ZSH_ALIASES=false + +USER laradock +RUN if [ ${SHELL_OH_MY_ZSH} = true ]; then \ + sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh) --keep-zshrc" && \ + sed -i -r 's/^plugins=\(.*?\)$/plugins=(laravel5)/' /home/laradock/.zshrc && \ + echo '\n\ +bindkey "^[OB" down-line-or-search\n\ +bindkey "^[OC" forward-char\n\ +bindkey "^[OD" backward-char\n\ +bindkey "^[OF" end-of-line\n\ +bindkey "^[OH" beginning-of-line\n\ +bindkey "^[[1~" beginning-of-line\n\ +bindkey "^[[3~" delete-char\n\ +bindkey "^[[4~" end-of-line\n\ +bindkey "^[[5~" up-line-or-history\n\ +bindkey "^[[6~" down-line-or-history\n\ +bindkey "^?" backward-delete-char\n' >> /home/laradock/.zshrc && \ + if [ ${SHELL_OH_MY_ZSH_AUTOSUGESTIONS} = true ]; then \ + sh -c "git clone https://github.com/zsh-users/zsh-autosuggestions /home/laradock/.oh-my-zsh/custom/plugins/zsh-autosuggestions" && \ + sed -i 's~plugins=(~plugins=(zsh-autosuggestions ~g' /home/laradock/.zshrc && \ + sed -i '1iZSH_AUTOSUGGEST_BUFFER_MAX_SIZE=20' /home/laradock/.zshrc && \ + sed -i '1iZSH_AUTOSUGGEST_STRATEGY=(history completion)' /home/laradock/.zshrc && \ + sed -i '1iZSH_AUTOSUGGEST_USE_ASYNC=1' /home/laradock/.zshrc && \ + sed -i '1iTERM=xterm-256color' /home/laradock/.zshrc \ + ;fi && \ + if [ ${SHELL_OH_MY_ZSH_ALIASES} = true ]; then \ + echo "" >> /home/laradock/.zshrc && \ + echo "# Load Custom Aliases" >> /home/laradock/.zshrc && \ + echo "source /home/laradock/aliases.sh" >> /home/laradock/.zshrc && \ + echo "" >> /home/laradock/.zshrc \ + ;fi \ +;fi + +USER root + +########################################################################### +# ZSH User Aliases +########################################################################### + +USER root + +COPY ./aliases.sh /root/aliases.sh +COPY ./aliases.sh /home/laradock/aliases.sh + +RUN if [ ${SHELL_OH_MY_ZSH} = true ]; then \ + sed -i 's/\r//' /root/aliases.sh && \ + sed -i 's/\r//' /home/laradock/aliases.sh && \ + chown laradock:laradock /home/laradock/aliases.sh && \ + echo "" >> ~/.zshrc && \ + echo "# Load Custom Aliases" >> ~/.zshrc && \ + echo "source ~/aliases.sh" >> ~/.zshrc && \ + echo "" >> ~/.zshrc \ +;fi + +USER laradock + +RUN if [ ${SHELL_OH_MY_ZSH} = true ]; then \ + echo "" >> ~/.zshrc && \ + echo "# Load Custom Aliases" >> ~/.zshrc && \ + echo "source ~/aliases.sh" >> ~/.zshrc && \ + echo "" >> ~/.zshrc \ +;fi + +USER root + +# +#-------------------------------------------------------------------------- +# Final Touch +#-------------------------------------------------------------------------- +# + +USER root + +# Clean up +RUN apt-get clean && \ + rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* && \ + rm /var/log/lastlog /var/log/faillog + +# Set default work directory +WORKDIR /var/www diff --git a/images/boxs/workspace/aerospike.ini b/images/boxs/workspace/aerospike.ini new file mode 100644 index 00000000..f9c8f614 --- /dev/null +++ b/images/boxs/workspace/aerospike.ini @@ -0,0 +1,3 @@ +extension=aerospike.so +aerospike.udf.lua_system_path=/usr/local/aerospike/lua +aerospike.udf.lua_user_path=/usr/local/aerospike/usr-lua \ No newline at end of file diff --git a/images/boxs/workspace/aliases.sh b/images/boxs/workspace/aliases.sh new file mode 100644 index 00000000..0bf50731 --- /dev/null +++ b/images/boxs/workspace/aliases.sh @@ -0,0 +1,151 @@ +#! /bin/bash + +# Colors used for status updates +ESC_SEQ="\x1b[" +COL_RESET=$ESC_SEQ"39;49;00m" +COL_RED=$ESC_SEQ"31;01m" +COL_GREEN=$ESC_SEQ"32;01m" +COL_YELLOW=$ESC_SEQ"33;01m" +COL_BLUE=$ESC_SEQ"34;01m" +COL_MAGENTA=$ESC_SEQ"35;01m" +COL_CYAN=$ESC_SEQ"36;01m" + +# Detect which `ls` flavor is in use +if ls --color > /dev/null 2>&1; then # GNU `ls` + colorflag="--color" + export LS_COLORS='no=00:fi=00:di=01;31:ln=01;36:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.gz=01;31:*.bz2=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.avi=01;35:*.fli=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.ogg=01;35:*.mp3=01;35:*.wav=01;35:' +else # macOS `ls` + colorflag="-G" + export LSCOLORS='BxBxhxDxfxhxhxhxhxcxcx' +fi + +# List all files colorized in long format +#alias l="ls -lF ${colorflag}" +### MEGA: I want l and la ti return hisdden files +alias l="ls -laF ${colorflag}" + +# List all files colorized in long format, including dot files +alias la="ls -laF ${colorflag}" + +# List only directories +alias lsd="ls -lF ${colorflag} | grep --color=never '^d'" + +# Always use color output for `ls` +alias ls="command ls ${colorflag}" + +# Commonly Used Aliases +alias ..="cd .." +alias ...="cd ../.." +alias ....="cd ../../.." +alias .....="cd ../../../.." +alias ~="cd ~" # `cd` is probably faster to type though +alias -- -="cd -" +alias home="cd ~" + +alias h="history" +alias j="jobs" +alias e='exit' +alias c="clear" +alias cla="clear && ls -la" +alias cll="clear && ls -l" +alias cls="clear && ls" +alias code="cd /var/www" +alias ea="vi ~/aliases.sh" + +# Always enable colored `grep` output +# Note: `GREP_OPTIONS="--color=auto"` is deprecated, hence the alias usage. +alias grep='grep --color=auto' +alias fgrep='fgrep --color=auto' +alias egrep='egrep --color=auto' + +alias art="php artisan" +alias artisan="php artisan" +alias cdump="composer dump-autoload -o" +alias composer:dump="composer dump-autoload -o" +alias db:reset="php artisan migrate:reset && php artisan migrate --seed" +alias dusk="php artisan dusk" +alias fresh="php artisan migrate:fresh" +alias migrate="php artisan migrate" +alias refresh="php artisan migrate:refresh" +alias rollback="php artisan migrate:rollback" +alias seed="php artisan db:seed" +alias serve="php artisan serve --quiet &" + +alias phpunit="./vendor/bin/phpunit" +alias pu="phpunit" +alias puf="phpunit --filter" +alias pud='phpunit --debug' + +alias cc='codecept' +alias ccb='codecept build' +alias ccr='codecept run' +alias ccu='codecept run unit' +alias ccf='codecept run functional' + +alias g="gulp" +alias npm-global="npm list -g --depth 0" +alias ra="reload" +alias reload="source ~/.aliases && echo \"$COL_GREEN ==> Aliases Reloaded... $COL_RESET \n \"" +alias run="npm run" +alias tree="xtree" + +# Xvfb +alias xvfb="Xvfb -ac :0 -screen 0 1024x768x16 &" + +# requires installation of 'https://www.npmjs.com/package/npms-cli' +alias npms="npms search" +# requires installation of 'https://www.npmjs.com/package/package-menu-cli' +alias pm="package-menu" +# requires installation of 'https://www.npmjs.com/package/pkg-version-cli' +alias pv="package-version" +# requires installation of 'https://github.com/sindresorhus/latest-version-cli' +alias lv="latest-version" + +# git aliases +alias gaa="git add ." +alias gd="git --no-pager diff" +alias git-revert="git reset --hard && git clean -df" +alias gs="git status" +alias whoops="git reset --hard && git clean -df" +alias glog="git log --oneline --decorate --graph" +alias gloga="git log --oneline --decorate --graph --all" +alias gsh="git show" +alias grb="git rebase -i" +alias gbr="git branch" +alias gc="git commit" +alias gck="git checkout" + +# Create a new directory and enter it +function mkd() { + mkdir -p "$@" && cd "$@" +} + +function md() { + mkdir -p "$@" && cd "$@" +} + +function xtree { + find ${1:-.} -print | sed -e 's;[^/]*/;|____;g;s;____|; |;g' +} + +# `tre` is a shorthand for `tree` with hidden files and color enabled, ignoring +# the `.git` directory, listing directories first. The output gets piped into +# `less` with options to preserve color and line numbers, unless the output is +# small enough for one screen. +function tre() { + tree -aC -I '.git|node_modules|bower_components' --dirsfirst "$@" | less -FRNX; +} + +# Determine size of a file or total size of a directory +function fs() { + if du -b /dev/null > /dev/null 2>&1; then + local arg=-sbh; + else + local arg=-sh; + fi + if [[ -n "$@" ]]; then + du $arg -- "$@"; + else + du $arg .[^.]* ./*; + fi; +} diff --git a/images/boxs/workspace/crontab/laradock b/images/boxs/workspace/crontab/laradock new file mode 100644 index 00000000..d21529bf --- /dev/null +++ b/images/boxs/workspace/crontab/laradock @@ -0,0 +1 @@ +* * * * * laradock /usr/bin/php /var/www/artisan schedule:run >> /dev/null 2>&1 diff --git a/images/boxs/workspace/insecure_id_rsa b/images/boxs/workspace/insecure_id_rsa new file mode 100644 index 00000000..98337448 --- /dev/null +++ b/images/boxs/workspace/insecure_id_rsa @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEA9LX0DVV8VY0k+d58v+Tqe6LfhniBhBgBJ6/ZIGAFyuhqpyf9 +1Dn1ihcZeIBLrC4+IaRq0/xiVcdpyBu3fyGkYnyb57Pi2pOFo/te88j0ReeP5onO +mtDAERCR+Wkzi7kivg4Z4U1KgLeJn3R6WJgV1nUwFwwoPID+UC3RpHcS/TPhgZOL +Sog8dYUXx1fbmOnItJbKUK4Zz883li5LUwPLlmGZbrNYL90l1+s1Q9vlwevye2Wq +zXCvYh6DC3XRYIEnZxrOpDSyUHtAwMJ3HXgkIs3HV1dgPTt972mP29ANaG1MbqAo +retvQMMkPQv+9X96wUq34FEm9aTlT5oS0SQ2Xp3/zUvBSFtfeP7ubJb69bun4/4o +gmHLbdDzYNNFAJ5cm1gwyg95eXvCm5derk8Nf+QBHOlpd2gprVmKcERnrnv4Z1Mz +l6/f0o4UC3wfmQgErfNzfrtJFe54uxuf9OM9dXamcJJOsdUgM1hiZ6e+qYsHeAD9 +n7vCqjQJlrMhCGZpkeSUhkuYuLBrkhqIOq2VqKdS8CHzY3TixW7Pq5xdKDpqYGUX +qPHx/j5jpKt4h2j0L1ztwo9nedh1cbRyPp9oiow7twsxyD99b36rGSh35qKN3JBV +uMn6z3F8tIELMD49IyVCGyi2+jn7qbVLEOUr5IsFqFuIq5zt5ShfSi6N7e8CAwEA +AQKCAgA1t2M1Mhiy5uLA/re/n85hCWWrrPQxPNu0DIPK+YkL+2y9+KddWMOvZlau +/uqdhyEYXXEdy38CeV2dEYh8HbRp8hR/Dhu0A0IItvsm5GvKlIQgBQwXK8+db1e7 +uf4Yo7EeqxW/QSojiyZonDbnD6trghnmVULX1TD+BLDKO2Ett5++w9aFq9YpreeE +WKLZtCfcjGUoxK7h0QjQrKTYOjMMdawqgq/PAep2tSjiFnke0l5N/Ak8Q4ocLbpy +X5BwcKlnlpjZrr+drxCNv6JKE79K7ITfhUyY5GBGl5N+mvL2g1eNyRZk5xNq0es4 +g1OaLDuUBoTKdsXokiPMD3Ql+J7+RCoC9PuGutdCAIU2u9CoFAfKJpsKh+sGRyri +zvD5hlS31F78zif7W5ubi9supA6etJYbK+mwcDsJgmtc+q51xsH3T1ODvRcbtzvY +FE8JzuchN4aPtsY+W/waTDVDdymFvPSsYjX7Blq3fnpg2uJKtzWEIQE+rY7gC3rN +oNSE4YFbIAjTM4kIuIFnkVq3o2BmQ7WHjb3USelhFxBPJ67nBMLS3ShXLjyiu22U +8RxKcbOKpEimuCKRSVEdpsNnps3h2y8c2PPWWS7LGzAiCepLjXwqHLe4L/cvx8S9 +KZRXQneakkKToguV7N9p0O9prjJckb4jo941iaDepVZIHbuP8QKCAQEA+vABCKnn +8PA4RWixPcIybj6iQpHPzt6uZxv3il3IoY3Anm2+EHbloE9VcH3phQEAoTQsxd+k +octHHqdJi6YxOTmmsHl3jilA3kKg0A7Rin702DObC3c9VSOe7V9rizPQnFewkyDP +mpOoW3by0DYv0DFtA8zNfgSkFeqZEoBnQyMom9lBYcJ9VKriUfdCvPgh3ZV/SzEf +cp6ZtMLRvtEWzOx75cww6kLvUuUekQl/7Ubr36Oz+71B66VN59udSLYPAb+stzhb +QSU7LbNKaLlygBREqnTeXj+VCXGnrxORZS1FfqO9unbxg/FYBDBMt/2jXt6Elz62 +YgjDEtGjcTA/rQKCAQEA+aXKW6zufDG88DPsX5psl7Cu2Fwhq1j5ULGvpkuucaVs +snONmFqi4jH7LEZVjEcHg6GhDqGytaaUr1KhXVWttn0om2qZIKFg7BR7E5PR9HKu +Ig0do68pPf/5MKT6TKq1gB1l8B481dVc8tmaHjHbLz9UlIf8uLbXfP1EYyADAqJ4 +xtQNtOj7uz0k5ayIgWU6scGC3ElLTzfWusXPJyWFNV5wAtCI0Xu4U/IdNO0rLiBI +8BSC8VC4Maw/a1ZY1nliXBfjmtJ3i7A2s36+YG11vXmi2BKFXa80BM7+L9zptxf2 +Pv7H1Yvyx4bfVZ2xCTLCyjtUj4wGGkmHMTC8M0gniwKCAQBYzQYQos/Jm7jOFzZh +vI9MJC4XkLIRawwcwPDgrj+JrDg12HAiM3EfQfPiUyyIPMqUQXp2q6X++4i3eEu2 +d6GDtrseSF3emQqznLB78EKG2FadC+YaMKAruOdM6S+Nm1B/gyihaEMPWKGDfJyA +wiw5aMRDS/6MUegfOV3iBj6Eq7R7Mm7IwaLIi5B7oRyk8spJN9ZMLZ4LWcTbCvZe +qG+BJU7TC2dj/zviAeLHQK1csnRWOABBXcAuO9lN65HFYWf+Hm5oiDEC5MIEciYq +2TWDzahfCeyHPcjoBqhodGxHebXWEuvZSK4/GvEiylTb544gzG3vd+ni12bxCe7k +50YhAoIBAQCgG2r3dqYQspl49+P9wH0qn97S1eumB88FqJ99KIZ9Tlmy7Rb/ggl6 +xhFPaOBOsfMowY0YZC3IAEjVVEo3IM7i/cwAONJyMe2GGvCAMspxWudA4WaD5r+t +irAXOYdpigYTX0dUQyBDB66v9Uy5VsI6wAQPqlMzZ9g1yfyFEi+8DdUltzP/NXjU +sbcrMYbubazB+dhiTQNmj+pAKMLdWVvgSWvO8kz9BLrH47xFiGGsGHqOtqjv+RPY +j56wyVT6YCjr5UpMrfSLevzqCzwvfaQIW61LpD0yQz46Y0J0Eds2WMDNz/r7guC2 +hFJRh2vV+V8h8gEeevAjBcsViir5PKpXAoIBAQC/gAQCLbqo4FylEVST3IP8rxA5 +RGbLRDJ2j+ywEzOuy2ufGI/CfxeG/+jF5E0/uBRm8rrnMmaJaNr42hF4r5kjNM5u +ficOVucU3FluQqae73zfUFeAQBft+4tTH+sR8jo+LvEBGinW1wHv7di45I3at2HM +jMtZgWPPIqCBIay0UKysW4eEwXYC9cWg9kPcb2y56zadrKxGZqHOPezH2A1iOuzp +vw0mG0xHUY4Eg5aZxcWB1jMf7bbxTAAMxQiBnw0bPEf5zpWzeKL0obxT/NhCgmV7 +/Fqs0GCbXEEgJo0zAVemALOAYRW3pYvt8FoCOopo4ADyfmdWlAvzCy46k7Fo +-----END RSA PRIVATE KEY----- diff --git a/images/boxs/workspace/insecure_id_rsa.ppk b/images/boxs/workspace/insecure_id_rsa.ppk new file mode 100644 index 00000000..0c29627d --- /dev/null +++ b/images/boxs/workspace/insecure_id_rsa.ppk @@ -0,0 +1,46 @@ +PuTTY-User-Key-File-2: ssh-rsa +Encryption: none +Comment: imported-openssh-key +Public-Lines: 12 +AAAAB3NzaC1yc2EAAAADAQABAAACAQD0tfQNVXxVjST53ny/5Op7ot+GeIGEGAEn +r9kgYAXK6GqnJ/3UOfWKFxl4gEusLj4hpGrT/GJVx2nIG7d/IaRifJvns+Lak4Wj ++17zyPRF54/mic6a0MAREJH5aTOLuSK+DhnhTUqAt4mfdHpYmBXWdTAXDCg8gP5Q +LdGkdxL9M+GBk4tKiDx1hRfHV9uY6ci0lspQrhnPzzeWLktTA8uWYZlus1gv3SXX +6zVD2+XB6/J7ZarNcK9iHoMLddFggSdnGs6kNLJQe0DAwncdeCQizcdXV2A9O33v +aY/b0A1obUxuoCit629AwyQ9C/71f3rBSrfgUSb1pOVPmhLRJDZenf/NS8FIW194 +/u5slvr1u6fj/iiCYctt0PNg00UAnlybWDDKD3l5e8Kbl16uTw1/5AEc6Wl3aCmt +WYpwRGeue/hnUzOXr9/SjhQLfB+ZCASt83N+u0kV7ni7G5/04z11dqZwkk6x1SAz +WGJnp76piwd4AP2fu8KqNAmWsyEIZmmR5JSGS5i4sGuSGog6rZWop1LwIfNjdOLF +bs+rnF0oOmpgZReo8fH+PmOkq3iHaPQvXO3Cj2d52HVxtHI+n2iKjDu3CzHIP31v +fqsZKHfmoo3ckFW4yfrPcXy0gQswPj0jJUIbKLb6OfuptUsQ5SvkiwWoW4irnO3l +KF9KLo3t7w== +Private-Lines: 28 +AAACADW3YzUyGLLm4sD+t7+fzmEJZaus9DE827QMg8r5iQv7bL34p11Yw69mVq7+ +6p2HIRhdcR3LfwJ5XZ0RiHwdtGnyFH8OG7QDQgi2+ybka8qUhCAFDBcrz51vV7u5 +/hijsR6rFb9BKiOLJmicNucPq2uCGeZVQtfVMP4EsMo7YS23n77D1oWr1imt54RY +otm0J9yMZSjEruHRCNCspNg6Mwx1rCqCr88B6na1KOIWeR7SXk38CTxDihwtunJf +kHBwqWeWmNmuv52vEI2/okoTv0rshN+FTJjkYEaXk36a8vaDV43JFmTnE2rR6ziD +U5osO5QGhMp2xeiSI8wPdCX4nv5EKgL0+4a610IAhTa70KgUB8ommwqH6wZHKuLO +8PmGVLfUXvzOJ/tbm5uL2y6kDp60lhsr6bBwOwmCa1z6rnXGwfdPU4O9Fxu3O9gU +TwnO5yE3ho+2xj5b/BpMNUN3KYW89KxiNfsGWrd+emDa4kq3NYQhAT6tjuALes2g +1IThgVsgCNMziQi4gWeRWrejYGZDtYeNvdRJ6WEXEE8nrucEwtLdKFcuPKK7bZTx +HEpxs4qkSKa4IpFJUR2mw2emzeHbLxzY89ZZLssbMCIJ6kuNfCoct7gv9y/HxL0p +lFdCd5qSQpOiC5Xs32nQ72muMlyRviOj3jWJoN6lVkgdu4/xAAABAQD68AEIqefw +8DhFaLE9wjJuPqJCkc/O3q5nG/eKXcihjcCebb4QduWgT1VwfemFAQChNCzF36Sh +y0cep0mLpjE5OaaweXeOKUDeQqDQDtGKfvTYM5sLdz1VI57tX2uLM9CcV7CTIM+a +k6hbdvLQNi/QMW0DzM1+BKQV6pkSgGdDIyib2UFhwn1UquJR90K8+CHdlX9LMR9y +npm0wtG+0RbM7HvlzDDqQu9S5R6RCX/tRuvfo7P7vUHrpU3n251Itg8Bv6y3OFtB +JTsts0pouXKAFESqdN5eP5UJcaevE5FlLUV+o726dvGD8VgEMEy3/aNe3oSXPrZi +CMMS0aNxMD+tAAABAQD5pcpbrO58MbzwM+xfmmyXsK7YXCGrWPlQsa+mS65xpWyy +c42YWqLiMfssRlWMRweDoaEOobK1ppSvUqFdVa22fSibapkgoWDsFHsTk9H0cq4i +DR2jryk9//kwpPpMqrWAHWXwHjzV1Vzy2ZoeMdsvP1SUh/y4ttd8/URjIAMConjG +1A206Pu7PSTlrIiBZTqxwYLcSUtPN9a6xc8nJYU1XnAC0IjRe7hT8h007SsuIEjw +FILxULgxrD9rVljWeWJcF+Oa0neLsDazfr5gbXW9eaLYEoVdrzQEzv4v3Om3F/Y+ +/sfVi/LHht9VnbEJMsLKO1SPjAYaSYcxMLwzSCeLAAABAQC/gAQCLbqo4FylEVST +3IP8rxA5RGbLRDJ2j+ywEzOuy2ufGI/CfxeG/+jF5E0/uBRm8rrnMmaJaNr42hF4 +r5kjNM5uficOVucU3FluQqae73zfUFeAQBft+4tTH+sR8jo+LvEBGinW1wHv7di4 +5I3at2HMjMtZgWPPIqCBIay0UKysW4eEwXYC9cWg9kPcb2y56zadrKxGZqHOPezH +2A1iOuzpvw0mG0xHUY4Eg5aZxcWB1jMf7bbxTAAMxQiBnw0bPEf5zpWzeKL0obxT +/NhCgmV7/Fqs0GCbXEEgJo0zAVemALOAYRW3pYvt8FoCOopo4ADyfmdWlAvzCy46 +k7Fo +Private-MAC: 4ea4cef3fa63f1068dcd512c477c61dd7e85bb38 diff --git a/images/boxs/workspace/insecure_id_rsa.pub b/images/boxs/workspace/insecure_id_rsa.pub new file mode 100644 index 00000000..d612ec1a --- /dev/null +++ b/images/boxs/workspace/insecure_id_rsa.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQD0tfQNVXxVjST53ny/5Op7ot+GeIGEGAEnr9kgYAXK6GqnJ/3UOfWKFxl4gEusLj4hpGrT/GJVx2nIG7d/IaRifJvns+Lak4Wj+17zyPRF54/mic6a0MAREJH5aTOLuSK+DhnhTUqAt4mfdHpYmBXWdTAXDCg8gP5QLdGkdxL9M+GBk4tKiDx1hRfHV9uY6ci0lspQrhnPzzeWLktTA8uWYZlus1gv3SXX6zVD2+XB6/J7ZarNcK9iHoMLddFggSdnGs6kNLJQe0DAwncdeCQizcdXV2A9O33vaY/b0A1obUxuoCit629AwyQ9C/71f3rBSrfgUSb1pOVPmhLRJDZenf/NS8FIW194/u5slvr1u6fj/iiCYctt0PNg00UAnlybWDDKD3l5e8Kbl16uTw1/5AEc6Wl3aCmtWYpwRGeue/hnUzOXr9/SjhQLfB+ZCASt83N+u0kV7ni7G5/04z11dqZwkk6x1SAzWGJnp76piwd4AP2fu8KqNAmWsyEIZmmR5JSGS5i4sGuSGog6rZWop1LwIfNjdOLFbs+rnF0oOmpgZReo8fH+PmOkq3iHaPQvXO3Cj2d52HVxtHI+n2iKjDu3CzHIP31vfqsZKHfmoo3ckFW4yfrPcXy0gQswPj0jJUIbKLb6OfuptUsQ5SvkiwWoW4irnO3lKF9KLo3t7w== insecure@laradock diff --git a/images/boxs/workspace/mc/config.json b/images/boxs/workspace/mc/config.json new file mode 100644 index 00000000..706c7c12 --- /dev/null +++ b/images/boxs/workspace/mc/config.json @@ -0,0 +1,29 @@ +{ + "version": "8", + "hosts": { + "gcs": { + "url": "https://storage.googleapis.com", + "accessKey": "YOUR-ACCESS-KEY-HERE", + "secretKey": "YOUR-SECRET-KEY-HERE", + "api": "S3v2" + }, + "minio": { + "url": "http://minio:9000", + "accessKey": "access", + "secretKey": "secretkey", + "api": "S3v4" + }, + "play": { + "url": "https://play.minio.io:9000", + "accessKey": "Q3AM3UQ867SPQQA43P2F", + "secretKey": "zuf+tfteSlswRu7BJ86wekitnifILbZam1KYY3TG", + "api": "S3v4" + }, + "s3": { + "url": "https://s3.amazonaws.com", + "accessKey": "YOUR-ACCESS-KEY-HERE", + "secretKey": "YOUR-SECRET-KEY-HERE", + "api": "S3v4" + } + } +} diff --git a/images/boxs/workspace/sources.sh b/images/boxs/workspace/sources.sh new file mode 100755 index 00000000..eef06706 --- /dev/null +++ b/images/boxs/workspace/sources.sh @@ -0,0 +1,83 @@ +#!/bin/bash + +set -xe; + +if type "tee" 2>/dev/null && [ -n "${UBUNTU_SOURCE}" ]; then + SOURCE_PATH="/etc/apt/sources.list" + cp ${SOURCE_PATH} ${SOURCE_PATH}.bak && rm -rf ${SOURCE_PATH} + case "${UBUNTU_SOURCE}" in + "aliyun") + tee ${SOURCE_PATH} <<-'EOF' +deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse +deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse +deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse +deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse +deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse +deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse +deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse +deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse +deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse +deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse +EOF +;; + "zju") + tee ${SOURCE_PATH} <<-'EOF' +deb http://mirrors.zju.edu.cn/ubuntu/ bionic main multiverse restricted universe +deb http://mirrors.zju.edu.cn/ubuntu/ bionic-backports main multiverse restricted universe +deb http://mirrors.zju.edu.cn/ubuntu/ bionic-proposed main multiverse restricted universe +deb http://mirrors.zju.edu.cn/ubuntu/ bionic-security main multiverse restricted universe +deb http://mirrors.zju.edu.cn/ubuntu/ bionic-updates main multiverse restricted universe +deb-src http://mirrors.zju.edu.cn/ubuntu/ bionic main multiverse restricted universe +deb-src http://mirrors.zju.edu.cn/ubuntu/ bionic-backports main multiverse restricted universe +deb-src http://mirrors.zju.edu.cn/ubuntu/ bionic-proposed main multiverse restricted universe +deb-src http://mirrors.zju.edu.cn/ubuntu/ bionic-security main multiverse restricted universe +deb-src http://mirrors.zju.edu.cn/ubuntu/ bionic-updates main multiverse restricted universe +EOF +;; + "tsinghua") + tee ${SOURCE_PATH} <<-'EOF' +deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic main restricted universe multiverse +deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic main restricted universe multiverse +deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-updates main restricted universe multiverse +deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-updates main restricted universe multiverse +deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-backports main restricted universe multiverse +deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-backports main restricted universe multiverse +deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-security main restricted universe multiverse +deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-security main restricted universe multiverse +deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-proposed main restricted universe multiverse +deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-proposed main restricted universe multiverse +EOF +;; + "163") + tee ${SOURCE_PATH} <<-'EOF' +deb http://mirrors.163.com/ubuntu/ bionic main restricted universe multiverse +deb http://mirrors.163.com/ubuntu/ bionic-security main restricted universe multiverse +deb http://mirrors.163.com/ubuntu/ bionic-updates main restricted universe multiverse +deb http://mirrors.163.com/ubuntu/ bionic-proposed main restricted universe multiverse +deb http://mirrors.163.com/ubuntu/ bionic-backports main restricted universe multiverse +deb-src http://mirrors.163.com/ubuntu/ bionic main restricted universe multiverse +deb-src http://mirrors.163.com/ubuntu/ bionic-security main restricted universe multiverse +deb-src http://mirrors.163.com/ubuntu/ bionic-updates main restricted universe multiverse +deb-src http://mirrors.163.com/ubuntu/ bionic-proposed main restricted universe multiverse +deb-src http://mirrors.163.com/ubuntu/ bionic-backports main restricted universe multiverse +EOF +;; + "ustc") + tee ${SOURCE_PATH} <<-'EOF' +deb https://mirrors.ustc.edu.cn/ubuntu/ bionic main restricted universe multiverse +deb-src https://mirrors.ustc.edu.cn/ubuntu/ bionic main restricted universe multiverse +deb https://mirrors.ustc.edu.cn/ubuntu/ bionic-updates main restricted universe multiverse +deb-src https://mirrors.ustc.edu.cn/ubuntu/ bionic-updates main restricted universe multiverse +deb https://mirrors.ustc.edu.cn/ubuntu/ bionic-backports main restricted universe multiverse +deb-src https://mirrors.ustc.edu.cn/ubuntu/ bionic-backports main restricted universe multiverse +deb https://mirrors.ustc.edu.cn/ubuntu/ bionic-security main restricted universe multiverse +deb-src https://mirrors.ustc.edu.cn/ubuntu/ bionic-security main restricted universe multiverse +deb https://mirrors.ustc.edu.cn/ubuntu/ bionic-proposed main restricted universe multiverse +deb-src https://mirrors.ustc.edu.cn/ubuntu/ bionic-proposed main restricted universe multiverse +EOF +;; + *) + echo "Please check whether there is aliyun|zju|tsinghua|163|ustc in the parameter" + exit 1;; + esac +fi \ No newline at end of file diff --git a/images/boxs/workspace/xdebug.ini b/images/boxs/workspace/xdebug.ini new file mode 100644 index 00000000..ba50bb85 --- /dev/null +++ b/images/boxs/workspace/xdebug.ini @@ -0,0 +1,19 @@ +; NOTE: The actual debug.so extention is NOT SET HERE but rather (/usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini) + +xdebug.remote_host="host.docker.internal" +xdebug.remote_connect_back=0 +xdebug.remote_port=9000 +xdebug.idekey=PHPSTORM + +xdebug.remote_autostart=0 +xdebug.remote_enable=0 +xdebug.cli_color=0 +xdebug.profiler_enable=0 +xdebug.profiler_output_dir="~/xdebug/phpstorm/tmp/profiling" + +xdebug.remote_handler=dbgp +xdebug.remote_mode=req + +xdebug.var_display_max_children=-1 +xdebug.var_display_max_data=-1 +xdebug.var_display_max_depth=-1 diff --git a/images/buildbot/Dockerfile b/images/buildbot/Dockerfile deleted file mode 100644 index f8fdfc05..00000000 --- a/images/buildbot/Dockerfile +++ /dev/null @@ -1,23 +0,0 @@ -FROM imxieke/archlinux:latest -LABEL MAINTAINER="Cloudflying" \ - MAIL="" - -ADD run.sh / -RUN chmod +x /*.sh - -ENV AUTHORIZED_KEYS **None** - -RUN pacman --noconfirm --force -Syyu \ - && pacman -S --noconfirm --force sed shadow openssh sudo \ - && pacman -Scc --noconfirm \ - && rm -fr /var/cache/pacman/pkg/* \ - && rm -fr /var/lib/pacman/* \ - && mkdir -p /var/run/sshd \ - && sed -i "s/UsePrivilegeSeparation.*/UsePrivilegeSeparation no/g" /etc/ssh/sshd_config \ - && sed -i "s/UsePAM.*/UsePAM no/g" /etc/ssh/sshd_config \ - && sed -i "s/PermitRootLogin.*/PermitRootLogin yes/g" /etc/ssh/sshd_config \ - && ssh-keygen -A - -EXPOSE 22 80 - -CMD /run.sh \ No newline at end of file diff --git a/images/buildbot/init.sh b/images/buildbot/init.sh deleted file mode 100644 index 9159e41f..00000000 --- a/images/buildbot/init.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/usr/bin/env bash - -pacman -Syy --noconfirm -pacman -S --noconfirm git vim grep \ No newline at end of file diff --git a/images/buildbot/run.sh b/images/buildbot/run.sh deleted file mode 100644 index c67e437d..00000000 --- a/images/buildbot/run.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash - -USER="buildbot" -PASS="buildbot" -useradd -d /home/$USER -m $USER -s /bin/bash -echo "$USER:$PASS" |chpasswd -echo "root:$PASS" | chpasswd -echo "$USER ALL=NOPASSWD: ALL" >>/etc/sudoers -echo "======================================================================" -echo "You can now connect to this container via SSH using: " -echo " ssh $USER@HOST -p port " -echo "Enter the $USER password '$PASS' when prompted " -echo "Please remember to change the above password as soon as possible! " -echo "======================================================================" -echo " Archlinux Build Bot is Running " -echo "======================================================================" - -exec /usr/sbin/sshd -D -e \ No newline at end of file diff --git a/images/caddy/Caddyfile b/images/caddy/Caddyfile new file mode 100644 index 00000000..bbd19aa4 --- /dev/null +++ b/images/caddy/Caddyfile @@ -0,0 +1,69 @@ +# Docs: https://caddyserver.com/docs/caddyfile +0.0.0.0:80 +root /var/www/laravel/public +fastcgi / php-fpm:9000 php { + index index.php +} +rewrite { + r .* + ext / + to /index.php?{query} +} +gzip +browse +log /var/log/caddy/access.log +errors /var/log/caddy/error.log +# Uncomment to enable TLS (HTTPS) +# Change the first list to listen on port 443 when enabling TLS +#tls self_signed + +0.0.0.0:80 { + root /var/www/public + fastcgi / php-fpm:9000 php { + index index.php + } + + # To handle .html extensions with laravel change ext to + # ext / .html + + rewrite { + to {path} {path}/ /index.php?{query} + } + gzip + browse + log /var/log/caddy/access.log + errors /var/log/caddy/error.log + # Uncomment to enable TLS (HTTPS) + # Change the first list to listen on port 443 when enabling TLS + #tls self_signed + + # To use Lets encrpt tls with a DNS provider uncomment these + # lines and change the provider as required + #tls { + # dns cloudflare + #} +} + +laradock1.demo:80 { + root /var/www/public + # Create a Webhook in git. + #git { + #repo https://github.com/xxx/xxx + # path /home/xxx + # #interval 60 + # hook webhook laradock + # hook_type generic + #} + +} + +laradock2.demo:80 { + # Create a Proxy and cors. + #proxy domain.com + #cors +} + +laradock3.demo:80 { + import authlist.conf + root /var/www/public +} \ No newline at end of file diff --git a/images/caddy/Dockerfile b/images/caddy/Dockerfile new file mode 100644 index 00000000..3685d8a7 --- /dev/null +++ b/images/caddy/Dockerfile @@ -0,0 +1,24 @@ +FROM alpine:3.4 + +MAINTAINER Eric Pfeiffer + +ENV caddy_version=0.9.1 + +LABEL caddy_version="$caddy_version" architecture="amd64" + +RUN apk update \ + && apk upgrade \ + && apk add tar curl + +RUN curl --silent --show-error --fail --location \ + --header "Accept: application/tar+gzip, application/x-gzip, application/octet-stream" -o - \ + "https://github.com/mholt/caddy/releases/download/v$caddy_version/caddy_linux_amd64.tar.gz" \ + | tar --no-same-owner -C /usr/bin/ -xz caddy_linux_amd64 \ + && mv /usr/bin/caddy_linux_amd64 /usr/bin/caddy \ + && chmod 0755 /usr/bin/caddy + +EXPOSE 80 443 2015 + +WORKDIR /var/www/laravel/public +# CMD ["--conf", "/etc/caddy/Caddyfile", "--log", "stdout", "--agree=true"] +CMD ["/usr/bin/caddy", "-conf", "/etc/Caddyfile"] diff --git a/images/caddy/authlist.conf b/images/caddy/authlist.conf new file mode 100644 index 00000000..7b2831b8 --- /dev/null +++ b/images/caddy/authlist.conf @@ -0,0 +1 @@ +basicauth / dockenv dockenv \ No newline at end of file diff --git a/images/centos/7.0/Dockerfile b/images/centos/7.0/Dockerfile new file mode 100644 index 00000000..86a0c05c --- /dev/null +++ b/images/centos/7.0/Dockerfile @@ -0,0 +1,3 @@ +FROM centos:7.0.1406 + +CMD [ "/bin/bash" ] diff --git a/images/centos/7.1/Dockerfile b/images/centos/7.1/Dockerfile new file mode 100644 index 00000000..d2e30f93 --- /dev/null +++ b/images/centos/7.1/Dockerfile @@ -0,0 +1,3 @@ +FROM centos:7.1.1503 + +CMD [ "/bin/bash" ] diff --git a/images/centos/7.2/Dockerfile b/images/centos/7.2/Dockerfile new file mode 100644 index 00000000..217254d1 --- /dev/null +++ b/images/centos/7.2/Dockerfile @@ -0,0 +1,3 @@ +FROM centos:7.2.1511 + +CMD [ "/bin/bash" ] diff --git a/images/centos/7.3/Dockerfile b/images/centos/7.3/Dockerfile new file mode 100644 index 00000000..ee66fc46 --- /dev/null +++ b/images/centos/7.3/Dockerfile @@ -0,0 +1,3 @@ +FROM centos:7.3.1611 + +CMD [ "/bin/bash" ] diff --git a/images/centos/7.4/Dockerfile b/images/centos/7.4/Dockerfile new file mode 100644 index 00000000..b8c11be8 --- /dev/null +++ b/images/centos/7.4/Dockerfile @@ -0,0 +1,3 @@ +FROM centos:7.4.1708 + +CMD [ "/bin/bash" ] diff --git a/images/centos/7.5/Dockerfile b/images/centos/7.5/Dockerfile new file mode 100644 index 00000000..14606631 --- /dev/null +++ b/images/centos/7.5/Dockerfile @@ -0,0 +1,3 @@ +FROM centos:7.5.1804 + +CMD [ "/bin/bash" ] diff --git a/images/centos/7.6/Dockerfile b/images/centos/7.6/Dockerfile new file mode 100644 index 00000000..f03f273f --- /dev/null +++ b/images/centos/7.6/Dockerfile @@ -0,0 +1,3 @@ +FROM centos:7.6.1810 + +CMD [ "/bin/bash" ] diff --git a/images/centos/7.7/Dockerfile b/images/centos/7.7/Dockerfile new file mode 100644 index 00000000..4875e728 --- /dev/null +++ b/images/centos/7.7/Dockerfile @@ -0,0 +1,3 @@ +FROM centos:7.7.1908 + +CMD [ "/bin/bash" ] diff --git a/images/centos/7.8/Dockerfile b/images/centos/7.8/Dockerfile new file mode 100644 index 00000000..4b3a3c30 --- /dev/null +++ b/images/centos/7.8/Dockerfile @@ -0,0 +1,3 @@ +FROM centos:7.8.2003 + +CMD [ "/bin/bash" ] diff --git a/images/centos/7.9/Dockerfile b/images/centos/7.9/Dockerfile new file mode 100644 index 00000000..ccd3813b --- /dev/null +++ b/images/centos/7.9/Dockerfile @@ -0,0 +1,3 @@ +FROM centos:7.9.2009 + +CMD [ "/bin/bash" ] diff --git a/images/centos/8.1/Dockerfile b/images/centos/8.1/Dockerfile new file mode 100644 index 00000000..60c03068 --- /dev/null +++ b/images/centos/8.1/Dockerfile @@ -0,0 +1,3 @@ +FROM centos:8.1.1911 + +CMD [ "/bin/bash" ] diff --git a/images/centos/8.2/Dockerfile b/images/centos/8.2/Dockerfile new file mode 100644 index 00000000..fb7a2ce7 --- /dev/null +++ b/images/centos/8.2/Dockerfile @@ -0,0 +1,3 @@ +FROM centos:8.2.2004 + +CMD [ "/bin/bash" ] diff --git a/images/centos/8.3/Dockerfile b/images/centos/8.3/Dockerfile new file mode 100644 index 00000000..13564a79 --- /dev/null +++ b/images/centos/8.3/Dockerfile @@ -0,0 +1,3 @@ +FROM centos:8.3.2011 + +CMD [ "/bin/bash" ] diff --git a/images/certbot/Dockerfile b/images/certbot/Dockerfile new file mode 100644 index 00000000..3d67cd66 --- /dev/null +++ b/images/certbot/Dockerfile @@ -0,0 +1,10 @@ +FROM phusion/baseimage:bionic-1.0.0 + +LABEL maintainer="Mahmoud Zalt " + +COPY run-certbot.sh /root/certbot/run-certbot.sh + +RUN apt-get update +RUN apt-get install -y letsencrypt + +ENTRYPOINT bash -c "bash /root/certbot/run-certbot.sh && sleep infinity" diff --git a/images/certbot/letsencrypt/.gitkeep b/images/certbot/letsencrypt/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/images/certbot/letsencrypt/.well-known/.gitkeep b/images/certbot/letsencrypt/.well-known/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/images/certbot/run-certbot.sh b/images/certbot/run-certbot.sh new file mode 100644 index 00000000..c66ba2c5 --- /dev/null +++ b/images/certbot/run-certbot.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +letsencrypt certonly --webroot -w /var/www/letsencrypt -d "$CN" --agree-tos --email "$EMAIL" --non-interactive --text + +cp /etc/letsencrypt/archive/"$CN"/cert1.pem /var/certs/"$CN"-cert1.pem +cp /etc/letsencrypt/archive/"$CN"/privkey1.pem /var/certs/"$CN"-privkey1.pem + diff --git a/images/cloudlinux/8/Dockerfile b/images/cloudlinux/8/Dockerfile new file mode 100644 index 00000000..baf02af0 --- /dev/null +++ b/images/cloudlinux/8/Dockerfile @@ -0,0 +1,5 @@ +FROM ezamriy/cloudlinux-8:latest +LABEL MAINTAINER="Cloudflying" \ + MAIL="" + +CMD [ "/bash" ] diff --git a/images/cloudlinux/latest/Dockerfile b/images/cloudlinux/latest/Dockerfile new file mode 100644 index 00000000..3be95444 --- /dev/null +++ b/images/cloudlinux/latest/Dockerfile @@ -0,0 +1,5 @@ +FROM almalinux:8.4 +LABEL MAINTAINER="Cloudflying" \ + MAIL="" + +CMD [ "/bash" ] diff --git a/images/cmdide/Dockerfile b/images/cmdide/Dockerfile deleted file mode 100644 index 787af75b..00000000 --- a/images/cmdide/Dockerfile +++ /dev/null @@ -1,27 +0,0 @@ -FROM imxieke/php:multiple -LABEL MAINTAINER="Cloudflying" \ - MAIL="oss@live.hk" - -ADD script/build.sh /bin/build.sh -ADD script/cmdide.sh /bin/cmdide -ADD script/run.sh /bin/run.sh - -ENV RUN_MODE="local" -ENV USER "cmdide" -ENV PASSWD "cmdide" -ENV AUTHORIZED_KEYS **None** -ENV HOME_DIR=/home/$USER - -RUN chmod +x /build.sh \ - && chmod +x /bin/cmdide \ - && chmod +x /bin/run.sh \ - && bash /build.sh - -USER ${USER} -WORKDIR ${HOME_DIR} - -VOLUME ['/var/www'] -VOLUME ['/etc/nginx/conf.d/'] -EXPOSE 22 80 443 - -CMD /bin/run.sh \ No newline at end of file diff --git a/images/cmdide/Dockerfile.alpine b/images/cmdide/Dockerfile.alpine deleted file mode 100644 index 787af75b..00000000 --- a/images/cmdide/Dockerfile.alpine +++ /dev/null @@ -1,27 +0,0 @@ -FROM imxieke/php:multiple -LABEL MAINTAINER="Cloudflying" \ - MAIL="oss@live.hk" - -ADD script/build.sh /bin/build.sh -ADD script/cmdide.sh /bin/cmdide -ADD script/run.sh /bin/run.sh - -ENV RUN_MODE="local" -ENV USER "cmdide" -ENV PASSWD "cmdide" -ENV AUTHORIZED_KEYS **None** -ENV HOME_DIR=/home/$USER - -RUN chmod +x /build.sh \ - && chmod +x /bin/cmdide \ - && chmod +x /bin/run.sh \ - && bash /build.sh - -USER ${USER} -WORKDIR ${HOME_DIR} - -VOLUME ['/var/www'] -VOLUME ['/etc/nginx/conf.d/'] -EXPOSE 22 80 443 - -CMD /bin/run.sh \ No newline at end of file diff --git a/images/cmdide/Dockerfile.debian9 b/images/cmdide/Dockerfile.debian9 deleted file mode 100644 index c5ae36f0..00000000 --- a/images/cmdide/Dockerfile.debian9 +++ /dev/null @@ -1,11 +0,0 @@ -FROM registry.cn-hongkong.aliyuncs.com/imxieke/debian:9.9 -LABEL MAINTAINER="Cloudflying" \ - MAIL="oss@live.hk" - -RUN apt update -y && \ - apt install -y build-essential git curl wget jq make gcc g++ perl libperl-dev libtool - -USER ${USER} -WORKDIR ${HOME} -EXPOSE 80 -CMD ["/bin/sh"] diff --git a/images/cmdide/Dockerfile.php b/images/cmdide/Dockerfile.php deleted file mode 100644 index 23e666a8..00000000 --- a/images/cmdide/Dockerfile.php +++ /dev/null @@ -1,19 +0,0 @@ -FROM registry.cn-hongkong.aliyuncs.com/imxieke/alpine:latest -LABEL MAINTAINER="Cloudflying" \ - MAIL="oss@live.hk" - -ENV USER=laravel \ - PASSWD=laravel -ENV HOME=/home/${USER} -ADD script/laravel-alpine.sh /tmp/build.sh -ADD script/alpine-runenv.sh /bin/runenv - -RUN chmod +x /tmp/build.sh \ - && chmod +x /bin/runenv \ - && sh /tmp/build.sh \ - && rm -fr /tmp/* - -USER ${USER} -WORKDIR ${HOME} -EXPOSE 80 -CMD ["/bin/sh"] diff --git a/images/cmdide/Dockerfile.php-ext b/images/cmdide/Dockerfile.php-ext deleted file mode 100644 index 1d0ed07a..00000000 --- a/images/cmdide/Dockerfile.php-ext +++ /dev/null @@ -1,38 +0,0 @@ -FROM imxieke/debian:latest - -LABEL MAINTAINER="Sky" \ - MAIL="Sky@gfw.party" - -WORKDIR /var/wwww -ENV HOME_DIR=/home/dev/ -RUN sed -i 's/deb.debian.org/mirrors.ustc.edu.cn/g' /etc/apt/sources.list \ - && apt update \ - && apt install -y --no-install-recommends nginx php-fpm php-dev php-gd php-zip php-bz2 php-cli php-console-commandline php-curl php-dompdf php-geoip php-gnupg php-imagick php-imap php-intl php-json php-libsodium php-mail php-mbstring php-mcrypt php-memcache php-memcached php-mongodb php-mysql php-odbc php-pclzip php-pear php-pgsql php-radius php-redis php-readline php-sqlite3 neovim git composer zsh make g++ wget sudo \ - && rm -fr /etc/nginx/nginx.conf \ - && mkdir - p /run/nginx/ \ - && rm -fr /etc/nginx/conf.d/* \ - && chmod 777 -R /var/www \ - && rm -fr /etc/php7/php.ini \ - && pecl install swoole \ - && pecl install rar \ - && rm -fr /tmp/pear/* \ - && wget https://github.com/imxieke/ext-storage/raw/master/modules/ioncube_loader_lin_7.0.so -O /usr/lib/php/20151012/ioncube.so \ - && echo "extension=rar.so" > /etc/php/7.0/cli/conf.d/rar.ini \ - && echo "extension=swoole.so" > /etc/php/7.0/cli/conf.d/swoole.ini \ - && git clone --depth=1 https://github.com/robbyrussell/oh-my-zsh.git ${HOME_DIR}/.oh-my-zsh \ - && cp ${HOME_DIR}/.oh-my-zsh/templates/zshrc.zsh-template ${HOME_DIR}/.zshrc \ - && chsh -s /bin/zsh \ - && useradd -d /home/dev -m -s /bin/zsh dev \ - && echo "dev:123456" | chpasswd \ - && echo "dev ALL=(ALL:ALL) ALL " >> /etc/sudoers \ - && apt autoremove -y \ - && apt-get clean all \ - && rm -fr /var/lib/apt/lists/* - -ADD conf.d/nginx.conf /etc/nginx/ -ADD conf.d/default.conf /etc/nginx/conf.d/ -ADD conf.d/php.ini /etc/php7/ -ADD conf.d/index.php /var/www -USER dev -EXPOSE 80 -CMD service nginx start && service php7.0-fpm start \ No newline at end of file diff --git a/images/cmdide/Dockerfile.tomcat7 b/images/cmdide/Dockerfile.tomcat7 deleted file mode 100644 index dc023707..00000000 --- a/images/cmdide/Dockerfile.tomcat7 +++ /dev/null @@ -1,33 +0,0 @@ -# Ubuntu 14.04 -# Java 7 and Tomcat 7 -FROM imxieke/ubuntu:trusty -LABEL MAINTAINER="Cloudflying" \ - MAIL="oss@live.hk" - -# Default to UTF-8 file.encoding -ENV LANG C.UTF-8 - -RUN apt update -y \ - && apt-get install -y --no-install-recommends \ - bzip2 \ - unzip \ - xz-utils \ - openssh-server \ - pwgen \ - openjdk-7-jdk \ - tomcat7 \ - && echo "########## Config sshd #################" \ - && mkdir -p /var/run/sshd \ - && sed -i "s/UsePrivilegeSeparation.*/UsePrivilegeSeparation no/g" /etc/ssh/sshd_config \ - && sed -i "s/UsePAM.*/UsePAM no/g" /etc/ssh/sshd_config \ - && sed -i "s/PermitRootLogin.*/PermitRootLogin yes/g" /etc/ssh/sshd_config \ - && echo "#########Clearn Environment###########" \ - && apt-get autoremove -y --purge \ - && rm -rf /var/lib/apt/lists/* - -ADD script/run.sh /run.sh -RUN chmod +x /*.sh -ENV AUTHORIZED_KEYS **None** - -EXPOSE 22 80 81 8080 8888 -CMD ["/run.sh"] \ No newline at end of file diff --git a/images/cmdide/script/alpine-runenv.sh b/images/cmdide/script/alpine-runenv.sh deleted file mode 100644 index bdcf18bc..00000000 --- a/images/cmdide/script/alpine-runenv.sh +++ /dev/null @@ -1,159 +0,0 @@ -#!/usr/bin/env sh -set -e -description="Cmdide Run env Script" -ngx_cmd="/usr/sbin/nginx" -php_cmd="/usr/sbin/php-fpm7" -ngx_pid=$(ps -a | grep nginx | grep master | awk '{print $1}') -php_pid=$(ps -a | grep php | grep master | awk '{print $1}') - -if [ $(id -u) -ne '0' ]; then - echo " * Require Root User To Execute, Please" - exit 1 -fi - -if [[ ! -z "$2" ]]; then - if [ "$2" != "nginx" ] && [ "$2" != "php" ] ; then - echo "Service $2 not found" - exit - fi -fi - -nginx_status() -{ - if [ ! -z $ngx_pid ]; then - echo "* Status: Nginx is Running " - else - echo "* Status: Nginx Stopped" - fi -} - -nginx_start() -{ - if [[ -f "/sbin/start-stop-daemon" ]]; then - /sbin/start-stop-daemon -x ${ngx_cmd} - echo "* Status: Nginx is Running" - else - exec ${ngx_cmd} - echo "* Status: Nginx is Running" - fi -} - -nginx_stop() -{ - if [ -z $ngx_pid ]; then - echo "* Status: Nginx has Stopped" - else - kill $ngx_pid - echo "* Status: Nginx Stopped Success" - fi -} - -nginx_reload() -{ - if [ -z $ngx_pid ]; then - echo "* Status: Nginx has Stopped, Enable it to reload" - else - nginx -s reload - echo "* Status: Nginx reload Success" - fi -} - -nginx_restart() -{ - if [ -z $ngx_pid ]; then - echo "* Status: Nginx has Stopped, Enable it to reload" - else - kill $ngx_pid - nginx_start - echo "* Status: Nginx restart Success" - fi -} - -php_status() -{ - if [ ! -z $php_pid ]; then - echo "* Status: PHP-FPM is Running " - else - echo "* Status: PHP-FPM Stopped" - fi -} - -php_start() -{ - if [[ -f "/sbin/start-stop-daemon" ]]; then - /sbin/start-stop-daemon -x ${php_cmd} - echo "* Status: Nginx is Running" - else - exec ${php_cmd} - echo "* Status: Nginx is Running" - fi -} - -php_stop() -{ - if [ -z $php_pid ]; then - echo "* Status: Nginx has Stopped" - else - kill $php_pid - echo "* Status: Nginx Stopped Success" - fi -} - -php_reload() -{ - if [ -z $php_pid ]; then - echo "* Status: Nginx has Stopped, Enable it to reload" - else - nginx -s reload - echo "* Status: Nginx reload Success" - fi -} - -php_restart() -{ - if [ -z $php_pid ]; then - echo "* Status: Nginx has Stopped, Enable it to reload" - else - kill $php_pid - nginx_start - echo "* Status: Nginx restart Success" - fi -} - -help() -{ - echo "Usage: [options] status | stop | start | restart | reload - -Options: - -s, status --status set xtrace when running the script - -k, start --start show what would be done - -x, stop --stop only run commands when started - -r, restart --restart only run commands when stopped - -l, reload --reload ignore dependencies - -h, help --help Display this help output -" -} - -case $1 in - status | -s | --status ) - ${2}_status - ;; - start | -k | --start ) - ${2}_start - ;; - stop | -x | --stop ) - ${2}_stop - ;; - restart | -r | --restart ) - ${2}_restart - ;; - reload | -l | --reload ) - ${2}_reload - ;; - help | -h | --help ) - help - ;; - * ) - echo "* $1 Command error - type help or -h to View help" -esac diff --git a/images/cmdide/script/cmdide.sh b/images/cmdide/script/cmdide.sh deleted file mode 100644 index 145fe9b3..00000000 --- a/images/cmdide/script/cmdide.sh +++ /dev/null @@ -1,63 +0,0 @@ -#!/us/bin/env bash -FILE="/tmp/cmdide.status" -DAEMON=/bin/nginx -NAME=cmdide -DESC=cmdide - -function is_root(){ - if [[ `id -u ` != 0 ]]; then - echo \ -"\$:~ $0: Error Tips: - Permission Denied, Please Using Root User or 'sudo' - Current User: `whoami` " -exit - fi -} - -is_root - -case $1 in - status ) - cat ${FILE} - ;; - - start ) - service nginx start - service php7.3-fpm start - service php7.2-fpm start - service php7.1-fpm start - service php7.0-fpm start - echo "Cmdide is Running" > ${FILE} - ;; - - stop ) - service nginx stop - service php7.3-fpm stop - service php7.2-fpm stop - service php7.1-fpm stop - service php7.0-fpm stop - echo "Cmdide is Stop" > ${FILE} - ;; - - reload ) - service nginx reload - service php7.3-fpm reload - service php7.2-fpm reload - service php7.1-fpm reload - service php7.0-fpm reload - echo "Cmdide is Running" > ${FILE} - ;; - - reload ) - service nginx restart - service php7.3-fpm restart - service php7.2-fpm restart - service php7.1-fpm restart - service php7.0-fpm restart - echo "Cmdide is Running" > ${FILE} - ;; - - * ) - echo "Usage: $NAME {start|stop|restart|reload|force-reload|status|configtest|rotate|upgrade}" - ;; -esac \ No newline at end of file diff --git a/images/cmdide/script/laravel-alpine.sh b/images/cmdide/script/laravel-alpine.sh deleted file mode 100644 index 0a8d8eb4..00000000 --- a/images/cmdide/script/laravel-alpine.sh +++ /dev/null @@ -1,61 +0,0 @@ -#!/usr/bin/env sh - -echo "=> Insatll Depends and tools " -apk add --no-cache shadow sudo neovim git zsh wget curl jq openssl - -echo "=> Insatll Nginx Web Server " -apk add --no-cache nginx nginx-mod-rtmp nginx-mod-http-cache-purge - -echo "=> Insatll PHP Run Environment " -apk add --no-cache php7-fpm php7-openssl \ - php7-mysqli php7-intl php7-openssl php7-dba php7-pear php7-tokenizer \ - php7-gmp php7-pdo_mysql php7-xsl php7-pecl-event php7-embed php7-ftp \ - php7-mysqlnd php7-enchant php7-pspell php7-snmp php7-pcntl \ - php7-fileinfo php7-mbstring php7-dev php7-xmlrpc php7-xmlreader php7-apcu \ - php7-pdo_sqlite php7-exif php7-recode php7-opcache php7-ldap php7-posix \ - php7-session php7-gd php7-gettext php7-mailparse php7-json php7-xml php7-iconv \ - php7-sysvshm php7-curl php7-shmop php7-odbc php7-phar php7-pdo_pgsql php7-imap \ - php7-pdo_dblib php7-pgsql php7-pdo_odbc php7-zip php7-ctype php7-sqlite3 \ - php7-mcrypt php7-bcmath php7-calendar php7-tidy php7-dom php7-sockets php7-zmq \ - php7-memcached php7-soap php7-sysvmsg php7-zlib php7-pdo php7-bz2 \ - php7-simplexml php7-xmlwriter php7-pecl-redis \ - php7-pecl-yaml php7-pecl-mongodb php7-pecl-mcrypt php7-pecl-memcached composer - -# echo "=> Clean Cache And Package" -# rm -fr /var/cache/apk/* - -# Config Nginx -mkdir -p /run/nginx -mkdir -p /var/log/nginx -mkdir -p /var/lib/nginx/logs/ - -# Create Volume Mount Point -mkdir -p /code - -# Create nginx vhost Config directory -mkdir -p /etc/nginx/vhost.d -Remove Default Vhost config -# -rm -fr /etc/nginx/conf.d/default.conf - -touch /run/nginx/nginx.pid -touch /var/lib/nginx/logs/access.log -touch /var/lib/nginx/logs/error.log - -chown -R nginx:nginx /run/nginx -chown -R nginx:nginx /var/log/nginx -chown -R nginx:nginx /var/lib/nginx -echo "=> Create User ${USER} And Change Password" -useradd -d /home/${USER} -m -s /bin/sh ${USER} -echo "${USER}:${PASSWD}" | chpasswd -echo "${USER} ALL=(ALL:ALL) NOPASSWD: ALL" >> /etc/sudoers -echo '=> Config oh my zsh' -echo "=> Cloning oh my zsh to $HOME" -git clone --depth=1 https://git.dev.tencent.com/imxieke/ohmyzsh.git ${HOME}/.oh-my-zsh -cp ${HOME}/.oh-my-zsh/templates/zshrc.zsh-template ${HOME}/.zshrc -chown -R ${USER}:${USER} ${HOME} -sed -i "s/${USER}:\/bin\/sh/${USER}:\/bin\/zsh/g" /etc/passwd -sed -i "s/robbyrussell/strug/g" ${HOME}/.zshrc - -echo "=> Set Composer Registry" -sudo -Hu ${USER} composer config -g repo.packagist composer https://packagist.laravel-china.org diff --git a/images/cmdide/script/run.sh b/images/cmdide/script/run.sh deleted file mode 100644 index 07c2725e..00000000 --- a/images/cmdide/script/run.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/bash - -#RUN_MODE local remote - -if [[ ${USER} == "" ]]; then - USER="cmdide" -fi - -if [[ ${PASSWD} = "" ]]; then - PASSWD="cmdide" -fi - -if [[ ${USER} != "cmdide" ]]; then - useradd -d /home/${USER} -m -s /bin/zsh ${USER} - echo "${USER}:${PASSWD}" | chpasswd - echo "${USER} ALL=(ALL:ALL) NOPASSWD: ALL" >> /etc/sudoers - chmod -R 755 $HOME_DIR - chown -R ${USER}:${USER} $HOME_DIR -fi - -if [[ ${RUN_MODE} == "" || ${RUN_MODE} == "local" ]]; then - exit 0 -fi - -if [[ ${RUN_MODE} == "remote" ]]; then - echo "======================================================================" - echo "You can now connect to this container via SSH using: " - echo " ssh ${USER}@HOST -p port " - echo "Enter the ${USER} password => '${PASSWD}' when prompted " - echo "Please remember to change the above password as soon as possible! " - echo "======================================================================" - echo " Cmdide is Running " - echo "======================================================================" - exec sudo /usr/sbin/sshd -D -e -fi diff --git a/images/cmdide/script/tomcat-run.sh b/images/cmdide/script/tomcat-run.sh deleted file mode 100644 index a5ced5f6..00000000 --- a/images/cmdide/script/tomcat-run.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash - -USER="devenv" -PASS="devenv" -useradd -d /home/$USER -m $USER -s /bin/bash -echo "$USER:$PASS" |chpasswd -echo "root:$PASS" | chpasswd -echo "$USER ALL=NOPASSWD: ALL" >>/etc/sudoers -echo "======================================================================" -echo "You can now connect to this container via SSH using: " -echo " ssh $USER@HOST -p port " -echo "Enter the $USER password '$PASS' when prompted " -echo "Please remember to change the above password as soon as possible! " -echo "======================================================================" -echo " Devenv is Running " -echo "======================================================================" - -exec /usr/sbin/sshd -D -e \ No newline at end of file diff --git a/images/debian/Dockerfile.8.11 b/images/debian/Dockerfile.8.11 deleted file mode 100644 index c795a9b9..00000000 --- a/images/debian/Dockerfile.8.11 +++ /dev/null @@ -1,12 +0,0 @@ -# Debian Jessie (8) -FROM debian:8.11 -LABEL MAINTAINER="Cloudflying" \ - MAIL="oss@live.hk" - -ENV DEBIAN_FRONTEND noninteractive \ - PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" - -RUN sed -i 's/deb.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list \ - && sed -i 's/security.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list - -CMD ['/bin/bash'] diff --git a/images/debian/Dockerfile.9.9 b/images/debian/Dockerfile.9.9 deleted file mode 100644 index cd8a99db..00000000 --- a/images/debian/Dockerfile.9.9 +++ /dev/null @@ -1,12 +0,0 @@ -# Debian Jessie (8) -FROM debian:9.9 -LABEL MAINTAINER="Cloudflying" \ - MAIL="oss@live.hk" - -ENV DEBIAN_FRONTEND noninteractive \ - PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" - -RUN sed -i 's/deb.debian.org/mirrors.ustc.edu.cn/g' /etc/apt/sources.list \ - && sed -i 's/security.debian.org/mirrors.ustc.edu.cn/g' /etc/apt/sources.list - -CMD ['/bin/bash'] diff --git a/images/debian/Dockerfile.dev b/images/debian/Dockerfile.dev deleted file mode 100644 index ec58410a..00000000 --- a/images/debian/Dockerfile.dev +++ /dev/null @@ -1,17 +0,0 @@ -FROM debian:buster -LABEL MAINTAINER=Sky \ - MAIL= - -ENV DEBIAN_FRONTEND noninteractive \ - PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" - -RUN sed -i 's/deb.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list \ - && sed -i 's/deb\ http:\/\/security/#deb\ http:\/\/security/g' /etc/apt/sources.list \ - && apt update \ - && apt upgrade -y \ - && apt install -y gcc git neovim make cmake autoconf automake python python3 python-pip python3-pip \ - && apt autoremove -y \ - && apt-get clean all \ - && rm -fr /var/lib/apt/lists/* - -CMD ['/bin/bash'] diff --git a/images/debian/bullseye/Dockerfile b/images/debian/bullseye/Dockerfile new file mode 100644 index 00000000..06f6a576 --- /dev/null +++ b/images/debian/bullseye/Dockerfile @@ -0,0 +1,12 @@ +# Debian Bullseye (11) +FROM debian:bullseye +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +ENV DEBIAN_FRONTEND noninteractive \ + PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" + +RUN sed -i 's/deb.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list \ + && sed -i 's/security.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list + +CMD ['/bin/bash'] diff --git a/images/debian/Dockerfile.buster b/images/debian/buster/Dockerfile similarity index 96% rename from images/debian/Dockerfile.buster rename to images/debian/buster/Dockerfile index cbb7f2a6..36742ba7 100644 --- a/images/debian/Dockerfile.buster +++ b/images/debian/buster/Dockerfile @@ -1,12 +1,12 @@ -# Debian Buster (10) -FROM debian:buster -LABEL MAINTAINER="Cloudflying" \ - MAIL="oss@live.hk" - -ENV DEBIAN_FRONTEND noninteractive \ - PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" - -RUN sed -i 's/deb.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list \ - && sed -i 's/security.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list - -CMD ['/bin/bash'] +# Debian Buster (10) +FROM debian:buster +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +ENV DEBIAN_FRONTEND noninteractive \ + PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" + +RUN sed -i 's/deb.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list \ + && sed -i 's/security.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list + +CMD ['/bin/bash'] diff --git a/images/debian/Dockerfile.jessie b/images/debian/jessie/Dockerfile similarity index 96% rename from images/debian/Dockerfile.jessie rename to images/debian/jessie/Dockerfile index dc731496..ed3af248 100644 --- a/images/debian/Dockerfile.jessie +++ b/images/debian/jessie/Dockerfile @@ -1,12 +1,12 @@ -# Debian Jessie (8) -FROM debian:jessie -LABEL MAINTAINER="Cloudflying" \ - MAIL="oss@live.hk" - -ENV DEBIAN_FRONTEND noninteractive \ - PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" - -RUN sed -i 's/deb.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list \ - && sed -i 's/security.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list - -CMD ['/bin/bash'] +# Debian Jessie (8) +FROM debian:jessie +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +ENV DEBIAN_FRONTEND noninteractive \ + PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" + +RUN sed -i 's/deb.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list \ + && sed -i 's/security.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list + +CMD ['/bin/bash'] diff --git a/images/debian/Dockerfile b/images/debian/latest/Dockerfile similarity index 97% rename from images/debian/Dockerfile rename to images/debian/latest/Dockerfile index 2d490f4e..b767d5d8 100644 --- a/images/debian/Dockerfile +++ b/images/debian/latest/Dockerfile @@ -1,11 +1,11 @@ -FROM debian:latest -LABEL MAINTAINER="Cloudflying" \ - MAIL="oss@live.hk" - -ENV DEBIAN_FRONTEND noninteractive \ - PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" - -RUN sed -i 's/deb.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list \ - && sed -i 's/security.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list - -CMD ['/bin/bash'] +FROM debian:latest +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +ENV DEBIAN_FRONTEND noninteractive \ + PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" + +RUN sed -i 's/deb.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list \ + && sed -i 's/security.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list + +CMD ['/bin/bash'] diff --git a/images/debian/Dockerfile.stretch b/images/debian/stretch/Dockerfile similarity index 96% rename from images/debian/Dockerfile.stretch rename to images/debian/stretch/Dockerfile index 6944d30a..c7b5422f 100644 --- a/images/debian/Dockerfile.stretch +++ b/images/debian/stretch/Dockerfile @@ -1,12 +1,12 @@ -# Debian stretch (9) -FROM debian:stretch -LABEL MAINTAINER="Cloudflying" \ - MAIL="oss@live.hk" - -ENV DEBIAN_FRONTEND noninteractive \ - PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" - -RUN sed -i 's/deb.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list \ - && sed -i 's/security.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list - -CMD ['/bin/bash'] +# Debian stretch (9) +FROM debian:stretch +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +ENV DEBIAN_FRONTEND noninteractive \ + PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" + +RUN sed -i 's/deb.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list \ + && sed -i 's/security.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list + +CMD ['/bin/bash'] diff --git a/images/debian/Dockerfile.wheezy b/images/debian/wheezy/Dockerfile similarity index 96% rename from images/debian/Dockerfile.wheezy rename to images/debian/wheezy/Dockerfile index 79748253..7bc94762 100644 --- a/images/debian/Dockerfile.wheezy +++ b/images/debian/wheezy/Dockerfile @@ -1,12 +1,12 @@ -# Debian Wheezy (7) -FROM debian:wheezy -LABEL MAINTAINER="Cloudflying" \ - MAIL="oss@live.hk" - -ENV DEBIAN_FRONTEND noninteractive \ - PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" - -RUN sed -i 's/deb.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list \ - && sed -i 's/security.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list - -CMD ['/bin/bash'] +# Debian Wheezy (7) +FROM debian:wheezy +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +ENV DEBIAN_FRONTEND noninteractive \ + PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" + +RUN sed -i 's/deb.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list \ + && sed -i 's/security.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list + +CMD ['/bin/bash'] diff --git a/images/dotnet/Dockerfile b/images/dotnet/Dockerfile new file mode 100644 index 00000000..e69de29b diff --git a/images/elasticsearch/Dockerfile b/images/elasticsearch/Dockerfile new file mode 100644 index 00000000..053a7fd1 --- /dev/null +++ b/images/elasticsearch/Dockerfile @@ -0,0 +1,3 @@ +FROM elasticsearch:latest + +EXPOSE 9200 9300 diff --git a/images/gentoo/Dockerfile b/images/gentoo/Dockerfile new file mode 100644 index 00000000..9a11c0be --- /dev/null +++ b/images/gentoo/Dockerfile @@ -0,0 +1 @@ +FROM gentoo/stage3 diff --git a/images/gitbook/Dockerfile b/images/gitbook/Dockerfile new file mode 100644 index 00000000..415068db --- /dev/null +++ b/images/gitbook/Dockerfile @@ -0,0 +1,20 @@ +FROM daocloud.io/library/centos:7.2.1511 + +ARG VERSION=3.2.1 + +RUN yum install -y epel-release &&\ + rpm -ivh https://kojipkgs.fedoraproject.org/packages/http-parser/2.7.1/3.el7/x86_64/http-parser-2.7.1-3.el7.x86_64.rpm &&\ + yum -y install nodejs openssl &&\ + npm set registry https://registry.npm.taobao.org &&\ + npm set disturl https://npm.taobao.org/dist &&\ + npm cache clean &&\ + yum clean all + +RUN npm install gitbook-cli -g &&\ + gitbook fetch ${VERSION} + +WORKDIR /srv/gitbook + +EXPOSE 4000 35729 + +CMD gitbook serve \ No newline at end of file diff --git a/images/golang/Dockerfile b/images/go/Dockerfile similarity index 91% rename from images/golang/Dockerfile rename to images/go/Dockerfile index fc036479..f27de7fa 100644 --- a/images/golang/Dockerfile +++ b/images/go/Dockerfile @@ -13,7 +13,7 @@ RUN apk update && \ mkdir -p "$GOPATH/src" "$GOPATH/bin" "${GOPATH}}/pkg" \ && chmod -R 777 "$GOPATH" \ && rm -fr /var/cache/apk/* \ - && rm -fr /tmp/* + && rm -fr /tmp/* WORKDIR $GOPATH -CMD [ "/bin/sh" ] \ No newline at end of file +CMD [ "/bin/sh" ] diff --git a/images/haproxy/Dockerfile b/images/haproxy/Dockerfile new file mode 100644 index 00000000..c614892d --- /dev/null +++ b/images/haproxy/Dockerfile @@ -0,0 +1,5 @@ +FROM dockercloud/haproxy:latest + +LABEL maintainer="ZeroC0D3 Team" + +EXPOSE 80 diff --git a/images/hubot/Dockerfile b/images/hubot/Dockerfile new file mode 100644 index 00000000..5a3f3152 --- /dev/null +++ b/images/hubot/Dockerfile @@ -0,0 +1,12 @@ +FROM daocloud.io/library/centos:7.2.1511 + +RUN yum install -y epel-release &&\ + rpm -ivh https://kojipkgs.fedoraproject.org/packages/http-parser/2.7.1/3.el7/x86_64/http-parser-2.7.1-3.el7.x86_64.rpm &&\ + yum -y install nodejs openssl &&\ + npm set registry https://registry.npm.taobao.org &&\ + npm set disturl https://npm.taobao.org/dist &&\ + npm cache clean &&\ + yum clean all + +RUN npm install -g yo generator-hubot &&\ + mkdir hubot && cd hubot \ No newline at end of file diff --git a/images/java/Dockerfile b/images/java/Dockerfile deleted file mode 100644 index 34f2e919..00000000 --- a/images/java/Dockerfile +++ /dev/null @@ -1,8 +0,0 @@ -FROM registry.cn-hongkong.aliyuncs.com/imxieke/alpine:latest - -LABEL MAINTAINER="Sky" \ - MAIL="Sky@gfw.party" - -RUN apk add --no-cache openjdk8-jre - -CMD [ "/bin/sh" ] \ No newline at end of file diff --git a/images/java/Dockerfile.7 b/images/java/Dockerfile.7 deleted file mode 100644 index d38b3f58..00000000 --- a/images/java/Dockerfile.7 +++ /dev/null @@ -1,8 +0,0 @@ -FROM registry.cn-hongkong.aliyuncs.com/imxieke/alpine:latest - -LABEL MAINTAINER="Sky" \ - MAIL="Sky@gfw.party" - -RUN apk add --no-cache openjdk7-jre - -CMD [ "/bin/sh" ] \ No newline at end of file diff --git a/images/java/Dockerfile.8 b/images/java/Dockerfile.8 deleted file mode 100644 index 34f2e919..00000000 --- a/images/java/Dockerfile.8 +++ /dev/null @@ -1,8 +0,0 @@ -FROM registry.cn-hongkong.aliyuncs.com/imxieke/alpine:latest - -LABEL MAINTAINER="Sky" \ - MAIL="Sky@gfw.party" - -RUN apk add --no-cache openjdk8-jre - -CMD [ "/bin/sh" ] \ No newline at end of file diff --git a/images/java/README.md b/images/java/README.md deleted file mode 100644 index 7eb8b1fa..00000000 --- a/images/java/README.md +++ /dev/null @@ -1,3 +0,0 @@ -# Java - -> java jre 7 and 8 \ No newline at end of file diff --git a/images/kali/Dockerfile b/images/kali/Dockerfile new file mode 100644 index 00000000..f6f7e032 --- /dev/null +++ b/images/kali/Dockerfile @@ -0,0 +1,3 @@ +FROM kalilinux/kali-rolling:latest + +CMD [ "/bin/bash" ] diff --git a/images/laradock-workspace b/images/laradock-workspace new file mode 160000 index 00000000..3c81ada9 --- /dev/null +++ b/images/laradock-workspace @@ -0,0 +1 @@ +Subproject commit 3c81ada9512acdfc3e1139469ca1ac22cbb1436d diff --git a/images/laravel-echo-server/Dockerfile b/images/laravel-echo-server/Dockerfile new file mode 100644 index 00000000..26a64c1a --- /dev/null +++ b/images/laravel-echo-server/Dockerfile @@ -0,0 +1,30 @@ +FROM node:alpine + +# Create app directory +RUN mkdir -p /usr/src/app +WORKDIR /usr/src/app + +# Install app dependencies +COPY package.json /usr/src/app/ + +# If you're in China, or you need to change sources, will be set CHANGE_SOURCE to true in .env. + +ARG CHANGE_SOURCE=false +RUN if [ ${CHANGE_SOURCE} = true ]; then \ + # Change application source from dl-cdn.alpinelinux.org to aliyun source + sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/' /etc/apk/repositories \ +;fi + +RUN apk add --update \ + python \ + python-dev \ + py-pip \ + build-base + +RUN npm install + +# Bundle app source +COPY laravel-echo-server.json /usr/src/app/laravel-echo-server.json + +EXPOSE 3000 +CMD [ "npm", "start", "--force" ] diff --git a/images/laravel-echo-server/laravel-echo-server.json b/images/laravel-echo-server/laravel-echo-server.json new file mode 100644 index 00000000..0a98ef90 --- /dev/null +++ b/images/laravel-echo-server/laravel-echo-server.json @@ -0,0 +1,19 @@ +{ + "authHost": "localhost", + "authEndpoint": "/broadcasting/auth", + "clients": [], + "database": "redis", + "databaseConfig": { + "redis": { + "port": "6379", + "host": "redis" + } + }, + "devMode": true, + "host": null, + "port": "6001", + "protocol": "http", + "socketio": {}, + "sslCertPath": "", + "sslKeyPath": "" +} \ No newline at end of file diff --git a/images/laravel-echo-server/package.json b/images/laravel-echo-server/package.json new file mode 100644 index 00000000..4e8d6c1f --- /dev/null +++ b/images/laravel-echo-server/package.json @@ -0,0 +1,12 @@ +{ + "name": "laravel-echo-server-docker", + "description": "Docker container for running laravel-echo-server", + "version": "0.0.1", + "license": "MIT", + "dependencies": { + "laravel-echo-server": "^1.5.0" + }, + "scripts": { + "start": "laravel-echo-server start" + } +} diff --git a/images/laravel-horizon/Dockerfile b/images/laravel-horizon/Dockerfile new file mode 100644 index 00000000..38b2a695 --- /dev/null +++ b/images/laravel-horizon/Dockerfile @@ -0,0 +1,268 @@ +# +#-------------------------------------------------------------------------- +# Image Setup +#-------------------------------------------------------------------------- +# + +ARG LARADOCK_PHP_VERSION +FROM php:${LARADOCK_PHP_VERSION}-alpine + +LABEL maintainer="Mahmoud Zalt " + +ARG LARADOCK_PHP_VERSION + +# If you're in China, or you need to change sources, will be set CHANGE_SOURCE to true in .env. + +ARG CHANGE_SOURCE=false +RUN if [ ${CHANGE_SOURCE} = true ]; then \ + # Change application source from dl-cdn.alpinelinux.org to aliyun source + sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/' /etc/apk/repositories \ +;fi + +RUN apk --update add wget \ + curl \ + git \ + build-base \ + libmemcached-dev \ + libmcrypt-dev \ + libxml2-dev \ + zlib-dev \ + autoconf \ + cyrus-sasl-dev \ + libgsasl-dev \ + supervisor \ + oniguruma-dev \ + procps + +RUN docker-php-ext-install mysqli mbstring pdo pdo_mysql tokenizer xml pcntl +RUN pecl channel-update pecl.php.net && pecl install memcached mcrypt-1.0.1 mongodb && docker-php-ext-enable memcached mongodb + +# Add a non-root user to help install ffmpeg: +ARG PUID=1000 +ENV PUID ${PUID} +ARG PGID=1000 +ENV PGID ${PGID} + +RUN addgroup -g ${PGID} laradock && \ + adduser -D -G laradock -u ${PUID} laradock + +#Install BZ2: +ARG INSTALL_BZ2=false +RUN if [ ${INSTALL_BZ2} = true ]; then \ + apk --update add bzip2-dev; \ + docker-php-ext-install bz2 \ +;fi + +#Install GD package: +ARG INSTALL_GD=false +RUN if [ ${INSTALL_GD} = true ]; then \ + apk add --update --no-cache freetype-dev libjpeg-turbo-dev jpeg-dev libpng-dev; \ + docker-php-ext-configure gd --with-freetype-dir=/usr/lib/ --with-jpeg-dir=/usr/lib/ --with-png-dir=/usr/lib/ && \ + docker-php-ext-install gd \ +;fi + +#Install GMP package: +ARG INSTALL_GMP=false +RUN if [ ${INSTALL_GMP} = true ]; then \ + apk add --update --no-cache gmp gmp-dev; \ + docker-php-ext-install gmp \ +;fi + +#Install ImageMagick package: +ARG INSTALL_IMAGEMAGICK=false +RUN set -eux; \ + if [ ${INSTALL_IMAGEMAGICK} = true ]; then \ + apk add --update --no-cache imagemagick-dev; \ + pecl install imagick; \ + docker-php-ext-enable imagick; \ + php -m | grep -q 'imagick'; \ + fi + +#Install BCMath package: +ARG INSTALL_BCMATH=false +RUN if [ ${INSTALL_BCMATH} = true ]; then \ + docker-php-ext-install bcmath \ + ;fi + +#Install Sockets package: +ARG INSTALL_SOCKETS=false +RUN if [ ${INSTALL_SOCKETS} = true ]; then \ + docker-php-ext-install sockets \ + ;fi + +# Install PostgreSQL drivers: +ARG INSTALL_PGSQL=false +RUN if [ ${INSTALL_PGSQL} = true ]; then \ + apk --update add postgresql-dev \ + && docker-php-ext-install pdo_pgsql \ + ;fi + +# Install ZipArchive: +ARG INSTALL_ZIP_ARCHIVE=false +RUN set -eux; \ + if [ ${INSTALL_ZIP_ARCHIVE} = true ]; then \ + apk --update add libzip-dev && \ + if [ ${LARADOCK_PHP_VERSION} = "7.3" ] || [ ${LARADOCK_PHP_VERSION} = "7.4" ]; then \ + docker-php-ext-configure zip; \ + else \ + docker-php-ext-configure zip --with-libzip; \ + fi && \ + # Install the zip extension + docker-php-ext-install zip \ +;fi + +# Install PhpRedis package: +ARG INSTALL_PHPREDIS=false +RUN if [ ${INSTALL_PHPREDIS} = true ]; then \ + # Install Php Redis Extension + printf "\n" | pecl install -o -f redis \ + && rm -rf /tmp/pear \ + && docker-php-ext-enable redis \ +;fi + +ARG INSTALL_FFMPEG=false +RUN if [ ${INSTALL_FFMPEG} = true ]; then \ + # Add ffmpeg to horizon + apk add ffmpeg \ +;fi + +# Install BBC Audio Waveform Image Generator: +ARG INSTALL_AUDIOWAVEFORM=false +RUN if [ ${INSTALL_AUDIOWAVEFORM} = true ]; then \ + apk add git make cmake gcc g++ libmad-dev libid3tag-dev libsndfile-dev gd-dev boost-dev libgd libpng-dev zlib-dev \ + && apk add autoconf automake libtool gettext \ + && wget https://github.com/xiph/flac/archive/1.3.3.tar.gz \ + && tar xzf 1.3.3.tar.gz \ + && cd flac-1.3.3 \ + && ./autogen.sh \ + && ./configure --enable-shared=no \ + && make \ + && make install \ + && cd .. \ + && git clone https://github.com/bbc/audiowaveform.git \ + && cd audiowaveform \ + && wget https://github.com/google/googletest/archive/release-1.10.0.tar.gz \ + && tar xzf release-1.10.0.tar.gz \ + && ln -s googletest-release-1.10.0/googletest googletest \ + && ln -s googletest-release-1.10.0/googlemock googlemock \ + && mkdir build \ + && cd build \ + && cmake .. \ + && make \ + && make install \ +;fi + + +# Install Cassandra drivers: +ARG INSTALL_CASSANDRA=false +RUN if [ ${INSTALL_CASSANDRA} = true ]; then \ + apk --update add cassandra-cpp-driver \ + ;fi + +WORKDIR /usr/src +RUN if [ ${INSTALL_CASSANDRA} = true ]; then \ + git clone https://github.com/datastax/php-driver.git \ + && cd php-driver/ext \ + && phpize \ + && mkdir -p /usr/src/php-driver/build \ + && cd /usr/src/php-driver/build \ + && ../ext/configure > /dev/null \ + && make clean >/dev/null \ + && make >/dev/null 2>&1 \ + && make install \ + && docker-php-ext-enable cassandra \ +;fi + +# Install MongoDB drivers: +ARG INSTALL_MONGO=false +RUN if [ ${INSTALL_MONGO} = true ]; then \ + pecl install mongodb \ + && docker-php-ext-enable mongodb \ + ;fi + +########################################################################### +# YAML: extension +########################################################################### + +ARG INSTALL_YAML=false + +RUN if [ ${INSTALL_YAML} = true ]; then \ + apk --update add -U --no-cache --virtual temp yaml-dev \ + && apk add --no-cache yaml \ + && docker-php-source extract \ + && pecl channel-update pecl.php.net \ + && pecl install yaml \ + && docker-php-ext-enable yaml \ + && pecl clear-cache \ + && docker-php-source delete \ + && apk del temp \ +;fi + + +########################################################################### +# PHP Memcached: +########################################################################### + +ARG INSTALL_MEMCACHED=false + +RUN if [ ${INSTALL_MEMCACHED} = true ]; then \ + # Install the php memcached extension + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "5" ]; then \ + curl -L -o /tmp/memcached.tar.gz "https://github.com/php-memcached-dev/php-memcached/archive/2.2.0.tar.gz"; \ + else \ + curl -L -o /tmp/memcached.tar.gz "https://github.com/php-memcached-dev/php-memcached/archive/v3.1.3.tar.gz"; \ + fi \ + && mkdir -p memcached \ + && tar -C memcached -zxvf /tmp/memcached.tar.gz --strip 1 \ + && ( \ + cd memcached \ + && phpize \ + && ./configure \ + && make -j$(nproc) \ + && make install \ + ) \ + && rm -r memcached \ + && rm /tmp/memcached.tar.gz \ + && docker-php-ext-enable memcached \ + ;fi + +RUN rm /var/cache/apk/* \ + && mkdir -p /var/www + +# +#-------------------------------------------------------------------------- +# Optional Supervisord Configuration +#-------------------------------------------------------------------------- +# +# Modify the ./supervisor.conf file to match your App's requirements. +# Make sure you rebuild your container with every change. +# + +COPY supervisord.conf /etc/supervisord.conf + +ENTRYPOINT ["/usr/bin/supervisord", "-n", "-c", "/etc/supervisord.conf"] + +# +#-------------------------------------------------------------------------- +# Optional Software's Installation +#-------------------------------------------------------------------------- +# +# If you need to modify this image, feel free to do it right here. +# +# -- Your awesome modifications go here -- # + +# +#-------------------------------------------------------------------------- +# Check PHP version +#-------------------------------------------------------------------------- +# + +RUN php -v | head -n 1 | grep -q "PHP ${PHP_VERSION}." + +# +#-------------------------------------------------------------------------- +# Final Touch +#-------------------------------------------------------------------------- +# + +WORKDIR /etc/supervisor/conf.d/ diff --git a/images/laravel-horizon/supervisord.conf b/images/laravel-horizon/supervisord.conf new file mode 100644 index 00000000..203f0148 --- /dev/null +++ b/images/laravel-horizon/supervisord.conf @@ -0,0 +1,10 @@ +[supervisord] +nodaemon=true +[supervisorctl] +[inet_http_server] +port = 127.0.0.1:9001 +[rpcinterface:supervisor] +supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface + +[include] +files = supervisord.d/*.conf \ No newline at end of file diff --git a/images/laravel-horizon/supervisord.d/.gitignore b/images/laravel-horizon/supervisord.d/.gitignore new file mode 100644 index 00000000..fee92170 --- /dev/null +++ b/images/laravel-horizon/supervisord.d/.gitignore @@ -0,0 +1 @@ +*.conf diff --git a/images/laravel-horizon/supervisord.d/laravel-horizon.conf.example b/images/laravel-horizon/supervisord.d/laravel-horizon.conf.example new file mode 100644 index 00000000..f664320a --- /dev/null +++ b/images/laravel-horizon/supervisord.d/laravel-horizon.conf.example @@ -0,0 +1,7 @@ +[program:laravel-horizon] +process_name=%(program_name)s_%(process_num)02d +user=laradock +command=php /var/www/artisan horizon +autostart=true +autorestart=true +redirect_stderr=true diff --git a/images/ldap/Dockerfile b/images/ldap/Dockerfile new file mode 100644 index 00000000..690456ca --- /dev/null +++ b/images/ldap/Dockerfile @@ -0,0 +1,12 @@ +FROM centos:7.2.1511 + +RUN groupadd ldap &&\ + useradd -g ldap ldap &&\ + yum install -y openldap openldap-clients openldap-servers migrationtools pam_ldap python-ldap &&\ + yum clean all + +COPY docker-entrypoint.sh /usr/local/bin/ + +EXPOSE 389 + +CMD ["docker-entrypoint.sh"] \ No newline at end of file diff --git a/images/ldap/README.md b/images/ldap/README.md new file mode 100644 index 00000000..45ba5b11 --- /dev/null +++ b/images/ldap/README.md @@ -0,0 +1,18 @@ +# LDAP + +## build +```bash +docker build -t ldap dockerfiles/ldap/ +``` + +## run +```bash +docker run -d \ + -p 389:389 \ + -e LDAP_DOMAIN= \ + -e LDAP_COM= \ + -e LDAP_MANAGER= \ + -e LDAP_PASSWD= \ + --name ldap \ + ldap +``` \ No newline at end of file diff --git a/images/ldap/docker-entrypoint.sh b/images/ldap/docker-entrypoint.sh new file mode 100755 index 00000000..5af35049 --- /dev/null +++ b/images/ldap/docker-entrypoint.sh @@ -0,0 +1,70 @@ +#!/bin/bash +# auther: ge2x3k2@gmail.com +# Usage: +# docker run -d \ +# -p 389:389 \ +# -e LDAP_DOMAIN= \ +# -e LDAP_COM= \ +# -e LDAP_MANAGER= \ +# -e LDAP_PASSWD= \ +# --name ldap \ +# ldap + +set -x + +#配置ldap +sed -i "s/dc=my-domain/dc=${LDAP_DOMAIN}/g" /etc/openldap/slapd.d/cn\=config/olcDatabase\=\{2\}hdb.ldif +sed -i "s/dc=com/dc=${LDAP_COM}/g" /etc/openldap/slapd.d/cn\=config/olcDatabase\=\{2\}hdb.ldif +sed -i "s/cn=Manager/cn=${LDAP_MANAGER}/g" /etc/openldap/slapd.d/cn\=config/olcDatabase\=\{2\}hdb.ldif +ldap_passwd=$(slappasswd -s ${LDAP_PASSWD}) +sed -i "$ aolcRootPW: ${ldap_passwd}" /etc/openldap/slapd.d/cn\=config/olcDatabase\=\{2\}hdb.ldif + +sed -i "s/cn=Manager,dc=my-domain,dc=com/cn=${LDAP_MANAGER},dc=${LDAP_DOMAIN},dc=${LDAP_COM}/g" /etc/openldap/slapd.d/cn\=config/olcDatabase\=\{1\}monitor.ldif + +#设置ldap用户、用户组权限 +chown -R ldap.ldap /var/lib/ldap +slaptest -u + +#启动ldap +/usr/sbin/slapd -h "ldapi:/// ldap://" -u ldap + +#设置ldap默认数据库 +cd /etc/openldap/schema/ +ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f /etc/openldap/schema/cosine.ldif +ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f /etc/openldap/schema/nis.ldif +ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f /etc/openldap/schema/collective.ldif +ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f /etc/openldap/schema/corba.ldif +ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f /etc/openldap/schema/core.ldif +ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f /etc/openldap/schema/duaconf.ldif +ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f /etc/openldap/schema/dyngroup.ldif +ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f /etc/openldap/schema/inetorgperson.ldif +ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f /etc/openldap/schema/java.ldif +ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f /etc/openldap/schema/misc.ldif +ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f /etc/openldap/schema/openldap.ldif +ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f /etc/openldap/schema/pmi.ldif +ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f /etc/openldap/schema/ppolicy.ldif + +cd /usr/share/migrationtools/ +sed -i "71 s/padl.com/${LDAP_DOMAIN}.${LDAP_COM}/g" migrate_common.ph +sed -i "74 s/dc=padl\,dc=com/dc=${LDAP_DOMAIN}\,dc=${LDAP_COM}/g" migrate_common.ph +sed -i "90 s/0/1/g" migrate_common.ph +./migrate_base.pl >/root/base.ldif +ldapadd -x -w ${LDAP_PASSWD} -D "cn=${LDAP_MANAGER},dc=${LDAP_DOMAIN},dc=${LDAP_COM}" -f /root/base.ldif + +sleep 5 +ldapmodify -Q -Y EXTERNAL -H ldapi:/// <> ~/.docker/config.json' + - echo "$CI_JOB_TOKEN" | docker login -u gitlab-ci-token "$DOCKER_REGISTRY" --password-stdin + - docker pull $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:amd64 + - docker pull $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:arm32v7 + - docker pull $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:arm64v8 + - docker manifest create $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:latest $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:amd64 $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:arm32v7 $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:arm64v8 + - docker manifest annotate $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:latest $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:amd64 --os linux --arch amd64 + - docker manifest annotate $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:latest $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:arm32v7 --os linux --arch arm + - docker manifest annotate $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:latest $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:arm64v8 --os linux --arch arm64 + - docker manifest push $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:latest + +dockerhub manifest creation: + image: yobasystems/alpine-docker:dind + stage: manifest + tags: + - amd64 + script: + - mkdir /root/.docker + - 'echo -e "{\n \"experimental\": \"enabled\"\n}\n" >> ~/.docker/config.json' + - echo "$DOCKERHUB_PASSWORD" | docker login -u "$DOCKERHUB_USERNAME" --password-stdin + - docker pull $DOCKER_REGISTRY_DOCKERHUB_REPO:amd64 + - docker pull $DOCKER_REGISTRY_DOCKERHUB_REPO:arm32v7 + - docker pull $DOCKER_REGISTRY_DOCKERHUB_REPO:arm64v8 + - docker manifest create $DOCKER_REGISTRY_DOCKERHUB_REPO:latest $DOCKER_REGISTRY_DOCKERHUB_REPO:amd64 $DOCKER_REGISTRY_DOCKERHUB_REPO:arm32v7 $DOCKER_REGISTRY_DOCKERHUB_REPO:arm64v8 + - docker manifest annotate $DOCKER_REGISTRY_DOCKERHUB_REPO:latest $DOCKER_REGISTRY_DOCKERHUB_REPO:amd64 --os linux --arch amd64 + - docker manifest annotate $DOCKER_REGISTRY_DOCKERHUB_REPO:latest $DOCKER_REGISTRY_DOCKERHUB_REPO:arm32v7 --os linux --arch arm + - docker manifest annotate $DOCKER_REGISTRY_DOCKERHUB_REPO:latest $DOCKER_REGISTRY_DOCKERHUB_REPO:arm64v8 --os linux --arch arm64 + - docker manifest push $DOCKER_REGISTRY_DOCKERHUB_REPO:latest + +gitlab version manifest creation: + image: yobasystems/alpine-docker:dind + stage: manifest + tags: + - amd64 + script: + - mkdir /root/.docker + - 'echo -e "{\n \"experimental\": \"enabled\"\n}\n" >> ~/.docker/config.json' + - echo "$CI_JOB_TOKEN" | docker login -u gitlab-ci-token "$DOCKER_REGISTRY" --password-stdin + - docker pull $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:10.4.15-amd64 + - docker pull $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:10.4.15-arm32v7 + - docker pull $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:10.4.15-arm64v8 + - docker manifest create $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:10.4.15 $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:10.4.15-amd64 $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:10.4.15-arm32v7 $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:10.4.15-arm64v8 + - docker manifest annotate $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:10.4.15 $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:10.4.15-amd64 --os linux --arch amd64 + - docker manifest annotate $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:10.4.15 $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:10.4.15-arm32v7 --os linux --arch arm + - docker manifest annotate $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:10.4.15 $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:10.4.15-arm64v8 --os linux --arch arm64 + - docker manifest push $DOCKER_REGISTRY/$DOCKER_REGISTRY_REPO:10.4.15 + +dockerhub version manifest creation: + image: yobasystems/alpine-docker:dind + stage: manifest + tags: + - amd64 + script: + - mkdir /root/.docker + - 'echo -e "{\n \"experimental\": \"enabled\"\n}\n" >> ~/.docker/config.json' + - echo "$DOCKERHUB_PASSWORD" | docker login -u "$DOCKERHUB_USERNAME" --password-stdin + - docker pull $DOCKER_REGISTRY_DOCKERHUB_REPO:10.4.15-amd64 + - docker pull $DOCKER_REGISTRY_DOCKERHUB_REPO:10.4.15-arm32v7 + - docker pull $DOCKER_REGISTRY_DOCKERHUB_REPO:10.4.15-arm64v8 + - docker manifest create $DOCKER_REGISTRY_DOCKERHUB_REPO:10.4.15 $DOCKER_REGISTRY_DOCKERHUB_REPO:10.4.15-amd64 $DOCKER_REGISTRY_DOCKERHUB_REPO:10.4.15-arm32v7 $DOCKER_REGISTRY_DOCKERHUB_REPO:10.4.15-arm64v8 + - docker manifest annotate $DOCKER_REGISTRY_DOCKERHUB_REPO:10.4.15 $DOCKER_REGISTRY_DOCKERHUB_REPO:10.4.15-amd64 --os linux --arch amd64 + - docker manifest annotate $DOCKER_REGISTRY_DOCKERHUB_REPO:10.4.15 $DOCKER_REGISTRY_DOCKERHUB_REPO:10.4.15-arm32v7 --os linux --arch arm + - docker manifest annotate $DOCKER_REGISTRY_DOCKERHUB_REPO:10.4.15 $DOCKER_REGISTRY_DOCKERHUB_REPO:10.4.15-arm64v8 --os linux --arch arm64 + - docker manifest push $DOCKER_REGISTRY_DOCKERHUB_REPO:10.4.15 diff --git a/images/mariadb/Dockerfile b/images/mariadb/Dockerfile index e5cbea72..96b6e0dc 100644 --- a/images/mariadb/Dockerfile +++ b/images/mariadb/Dockerfile @@ -52,4 +52,4 @@ VOLUME /var/lib/mysql ENTRYPOINT ["/bin/entrypoint.sh"] EXPOSE 3306 -CMD ["mysqld"] \ No newline at end of file +CMD ["mysqld"] diff --git a/images/mariadb/Dockerfile.10.4 b/images/mariadb/Dockerfile.10.4 index e5cbea72..96b6e0dc 100644 --- a/images/mariadb/Dockerfile.10.4 +++ b/images/mariadb/Dockerfile.10.4 @@ -52,4 +52,4 @@ VOLUME /var/lib/mysql ENTRYPOINT ["/bin/entrypoint.sh"] EXPOSE 3306 -CMD ["mysqld"] \ No newline at end of file +CMD ["mysqld"] diff --git a/images/mariadb/README.md b/images/mariadb/README.md new file mode 100644 index 00000000..5ee1bc8a --- /dev/null +++ b/images/mariadb/README.md @@ -0,0 +1,223 @@ +# MariaDB Docker image running on Alpine Linux + +[![Docker Automated build](https://img.shields.io/docker/automated/yobasystems/alpine-mariadb.svg?style=for-the-badge&logo=docker)](https://hub.docker.com/r/yobasystems/alpine-mariadb/) +[![Docker Pulls](https://img.shields.io/docker/pulls/yobasystems/alpine-mariadb.svg?style=for-the-badge&logo=docker)](https://hub.docker.com/r/yobasystems/alpine-mariadb/) +[![Docker Stars](https://img.shields.io/docker/stars/yobasystems/alpine-mariadb.svg?style=for-the-badge&logo=docker)](https://hub.docker.com/r/yobasystems/alpine-mariadb/) + +[![Alpine Version](https://img.shields.io/badge/Alpine%20version-v3.12.0-green.svg?style=for-the-badge&logo=alpine-linux)](https://alpinelinux.org/) +[![MariaDB Version](https://img.shields.io/badge/Mariadb%20version-v10.4.15-green.svg?style=for-the-badge&logo=mariadb)](https://mariadb.org/) + + +This Docker image [(yobasystems/alpine-mariadb)](https://hub.docker.com/r/yobasystems/alpine-mariadb/) is based on the minimal [Alpine Linux](https://alpinelinux.org/) with [MariaDB v10.4.15](https://mariadb.org/) (MySQL Compatible) database server. + +##### Alpine Version 3.12.0 (Released May 29, 2020) +##### MariaDB Version 10.4.15 + +---- + +## What is Alpine Linux? +Alpine Linux is a Linux distribution built around musl libc and BusyBox. The image is only 5 MB in size and has access to a package repository that is much more complete than other BusyBox based images. This makes Alpine Linux a great image base for utilities and even production applications. Read more about Alpine Linux here and you can see how their mantra fits in right at home with Docker images. + +## What is MariaDB? +MariaDB Server is one of the most popular database servers in the world. It’s made by the original developers of MySQL and guaranteed to stay open source. Notable users include Wikipedia, WordPress.com and Google. + +MariaDB turns data into structured information in a wide array of applications, ranging from banking to websites. It is an enhanced, drop-in replacement for MySQL. MariaDB is used because it is fast, scalable and robust, with a rich ecosystem of storage engines, plugins and many other tools make it very versatile for a wide variety of use cases. + +MariaDB is developed as open source software and as a relational database it provides an SQL interface for accessing data. The latest versions of MariaDB also include GIS and JSON features. + +## Features + +* Minimal size only, minimal layers +* Memory usage is minimal on a simple install. +* MariaDB the MySQL replacement + + +## Architectures + +* ```:amd64```, ```:x86_64``` - 64 bit Intel/AMD (x86_64/amd64) +* ```:arm64v8```, ```:aarch64``` - 64 bit ARM (ARMv8/aarch64) +* ```:arm32v7```, ```:armhf``` - 32 bit ARM (ARMv7/armhf) + +##### PLEASE CHECK TAGS BELOW FOR SUPPORTED ARCHITECTURES, THE ABOVE IS A LIST OF EXPLANATION + +## Tags + +* ```:latest``` latest branch based (Automatic Architecture Selection) +* ```:master``` master branch usually inline with latest +* ```:amd64```, ```:x86_64``` amd64 based on latest tag but amd64 architecture +* ```:aarch64```, ```:arm64v8``` Armv8 based on latest tag but arm64 architecture +* ```:armhf```, ```:arm32v7``` Armv7 based on latest tag but arm32 architecture + +## Layers & Sizes + +![Version](https://img.shields.io/badge/version-amd64-blue.svg?style=for-the-badge) +![MicroBadger Layers (tag)](https://img.shields.io/microbadger/layers/yobasystems/alpine-mariadb/amd64.svg?style=for-the-badge) +![MicroBadger Size (tag)](https://img.shields.io/microbadger/image-size/yobasystems/alpine-mariadb/amd64.svg?style=for-the-badge) + +![Version](https://img.shields.io/badge/version-aarch64-blue.svg?style=for-the-badge) +![MicroBadger Layers (tag)](https://img.shields.io/microbadger/layers/yobasystems/alpine-mariadb/aarch64.svg?style=for-the-badge) +![MicroBadger Size (tag)](https://img.shields.io/microbadger/image-size/yobasystems/alpine-mariadb/aarch64.svg?style=for-the-badge) + +![Version](https://img.shields.io/badge/version-armhf-blue.svg?style=for-the-badge) +![MicroBadger Layers (tag)](https://img.shields.io/microbadger/layers/yobasystems/alpine-mariadb/armhf.svg?style=for-the-badge) +![MicroBadger Size (tag)](https://img.shields.io/microbadger/image-size/yobasystems/alpine-mariadb/armhf.svg?style=for-the-badge) + + +## Volume structure + +* `/var/lib/mysql`: Database files +* `/var/lib/mysql/mysql-bin`: MariaDB logs + + +## Environment Variables: + +### Main Mariadb parameters: +* `MYSQL_DATABASE`: specify the name of the database +* `MYSQL_USER`: specify the User for the database +* `MYSQL_PASSWORD`: specify the User password for the database +* `MYSQL_ROOT_PASSWORD`: specify the root password for Mariadb +* `MYSQL_CHARSET`: default charset (utf8) for Mariadb +* `MYSQL_COLLATION`: default collation (utf8_general_ci) for Mariadb + + +#### List of Character Sets & information + +When setting charset, also make sure to choose a collation otherwise it will be the default. + +``` ++----------+-----------------------------+---------------------+--------+ +| Charset | Description | Default collation | Maxlen | ++----------+-----------------------------+---------------------+--------+ +| big5 | Big5 Traditional Chinese | big5_chinese_ci | 2 | +| dec8 | DEC West European | dec8_swedish_ci | 1 | +| cp850 | DOS West European | cp850_general_ci | 1 | +| hp8 | HP West European | hp8_english_ci | 1 | +| koi8r | KOI8-R Relcom Russian | koi8r_general_ci | 1 | +| latin1 | cp1252 West European | latin1_swedish_ci | 1 | +| latin2 | ISO 8859-2 Central European | latin2_general_ci | 1 | +| swe7 | 7bit Swedish | swe7_swedish_ci | 1 | +| ascii | US ASCII | ascii_general_ci | 1 | +| ujis | EUC-JP Japanese | ujis_japanese_ci | 3 | +| sjis | Shift-JIS Japanese | sjis_japanese_ci | 2 | +| hebrew | ISO 8859-8 Hebrew | hebrew_general_ci | 1 | +| tis620 | TIS620 Thai | tis620_thai_ci | 1 | +| euckr | EUC-KR Korean | euckr_korean_ci | 2 | +| koi8u | KOI8-U Ukrainian | koi8u_general_ci | 1 | +| gb2312 | GB2312 Simplified Chinese | gb2312_chinese_ci | 2 | +| greek | ISO 8859-7 Greek | greek_general_ci | 1 | +| cp1250 | Windows Central European | cp1250_general_ci | 1 | +| gbk | GBK Simplified Chinese | gbk_chinese_ci | 2 | +| latin5 | ISO 8859-9 Turkish | latin5_turkish_ci | 1 | +| armscii8 | ARMSCII-8 Armenian | armscii8_general_ci | 1 | +| utf8 | UTF-8 Unicode | utf8_general_ci | 3 | +| ucs2 | UCS-2 Unicode | ucs2_general_ci | 2 | +| cp866 | DOS Russian | cp866_general_ci | 1 | +| keybcs2 | DOS Kamenicky Czech-Slovak | keybcs2_general_ci | 1 | +| macce | Mac Central European | macce_general_ci | 1 | +| macroman | Mac West European | macroman_general_ci | 1 | +| cp852 | DOS Central European | cp852_general_ci | 1 | +| latin7 | ISO 8859-13 Baltic | latin7_general_ci | 1 | +| utf8mb4 | UTF-8 Unicode | utf8mb4_general_ci | 4 | +| cp1251 | Windows Cyrillic | cp1251_general_ci | 1 | +| utf16 | UTF-16 Unicode | utf16_general_ci | 4 | +| utf16le | UTF-16LE Unicode | utf16le_general_ci | 4 | +| cp1256 | Windows Arabic | cp1256_general_ci | 1 | +| cp1257 | Windows Baltic | cp1257_general_ci | 1 | +| utf32 | UTF-32 Unicode | utf32_general_ci | 4 | +| binary | Binary pseudo charset | binary | 1 | +| geostd8 | GEOSTD8 Georgian | geostd8_general_ci | 1 | +| cp932 | SJIS for Windows Japanese | cp932_japanese_ci | 2 | +| eucjpms | UJIS for Windows Japanese | eucjpms_japanese_ci | 3 | ++----------+-----------------------------+---------------------+--------+ +``` + +> https://mariadb.org/ + +## Creating an instance + + +```bash +docker run -it --name mysql -p 3306:3306 -v /var/lib/mysql:/var/lib/mysql -e MYSQL_DATABASE=wordpressdb -e MYSQL_USER=wordpressuser -e MYSQL_PASSWORD=hguyFt6S95dgfR4ryb -e MYSQL_ROOT_PASSWORD=hguyFtgfR4r9R4r76 yobasystems/alpine-mariadb + +``` + +It will create a new db, and set mysql root password (default is RaNd0MpA$$W0Rd generated by pwgen) unless the data already exists. + +### Configuration without a cnf file +Many configuration options can be passed as flags to mysqld. This will give you the flexibility to customise the container without needing a .cnf file. For example, if you want to change the default encoding and collation for all tables to use UTF-8 (utf8mb4) just run the following: + +```bash +docker run --name some-mariadb -e MYSQL_ROOT_PASSWORD=my-secret-pw -d yobasystems/alpine-mariadb --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci +``` + +command: + - --character-set-server=utf8 + - --collation-server=utf8_bin + - --explicit-defaults-for-timestamp=1 + +### Configuration file location +The configuration file is located; + + - /etc/my.cnf + - /etc/my.cnf.d/mariadb-server.cnf + +### Initialising a fresh instance +When a container is started for the first time, a new database with the specified name will be created and initialised with the provided configuration variables. Furthermore, it will execute files with extensions .sh, .sql and .sql.gz that are found in /docker-entrypoint-initdb.d. Files will be executed in alphabetical order. You can easily populate your mariadb services by mounting a SQL dump into that directory and provide custom images with contributed data. SQL files will be imported by default to the database specified by the MYSQL_DATABASE variable. + + +## Docker Compose example: + +##### (Please pass your own credentials or let them be generated automatically, don't use these ones for production!!) + +```yalm +mysql: + image: yobasystems/alpine-mariadb + environment: + MYSQL_ROOT_PASSWORD: hguyFtgfR4r9R4r76 + MYSQL_DATABASE: wordpressdb + MYSQL_USER: wordpressuser + MYSQL_PASSWORD: hguyFt6S95dgfR4ryb + expose: + - "3306" + volumes: + - /data/example/mysql:/var/lib/mysql + restart: always +``` + +## Source Repositories + +* [Github - yobasystems/alpine-mariadb](https://github.com/yobasystems/alpine-mariadb) + +* [Gitlab - yobasystems/alpine-mariadb](https://gitlab.com/yobasystems/alpine-mariadb) + +* [Bitbucket - yobasystems/alpine-mariadb](https://bitbucket.org/yobasystems/alpine-mariadb/) + + +## Container Registries + +* [Dockerhub - yobasystems/alpine-mariadb](https://hub.docker.com/r/yobasystems/alpine-mariadb/) + +* [Quay.io - yobasystems/alpine-mariadb](https://quay.io/repository/yobasystems/alpine-mariadb) + + +## Links + +* [Yoba Systems](https://www.yobasystems.co.uk/) + +* [Github - Yoba Systems](https://github.com/yobasystems/) + +* [Dockerhub - Yoba Systems](https://hub.docker.com/u/yobasystems/) + +* [Quay.io - Yoba Systems](https://quay.io/organization/yobasystems) + +* [Maintainer - Dominic Taylor](https://github.com/dominictayloruk) + +## Donation + +[![BMAC](https://img.shields.io/badge/BUY%20ME%20A%20COFFEE-£5-blue.svg?style=for-the-badge&logo=buy-me-a-coffee)](https://www.buymeacoffee.com/dominictayloruk?new=1) + +[![BITCOIN](https://img.shields.io/badge/BTC-bc1ql0heex0jxh0yj5cucc83a3x6c6rxuq6x9zk07g-blue.svg?style=for-the-badge&logo=bitcoin)](bitcoin:bc1ql0heex0jxh0yj5cucc83a3x6c6rxuq6x9zk07g) + +[![ETHEREUM](https://img.shields.io/badge/ETH-0x6b707391c60d50E4E414a143446C0b8eF9A2d1c4-blue.svg?style=for-the-badge&logo=ethereum)](https://etherscan.io/address/dominictaylor.eth) + +[![STELLAR](https://img.shields.io/badge/XLM-GAREZZW36KF2IT2EJW6LG5HH4XT3QIMWCHMCGEBC6V3AP3EFJCORRZIY-blue.svg?style=for-the-badge&logo=stellar)](https://keybase.io/dominictayloruk) diff --git a/images/mariadb/alpine-mariadb-aarch64/Dockerfile b/images/mariadb/alpine-mariadb-aarch64/Dockerfile new file mode 100644 index 00000000..ef8d4e1f --- /dev/null +++ b/images/mariadb/alpine-mariadb-aarch64/Dockerfile @@ -0,0 +1,34 @@ +FROM yobasystems/alpine:3.12.0-aarch64 + +ARG BUILD_DATE +ARG VCS_REF + +LABEL maintainer="Dominic Taylor " \ + architecture="arm64v8/aarch64" \ + mariadb-version="10.4.15" \ + alpine-version="3.12.0" \ + build="14-Oct-2020" \ + org.opencontainers.image.title="alpine-mariadb" \ + org.opencontainers.image.description="MariaDB Docker image running on Alpine Linux" \ + org.opencontainers.image.authors="Dominic Taylor " \ + org.opencontainers.image.vendor="Yoba Systems" \ + org.opencontainers.image.version="v10.4.15" \ + org.opencontainers.image.url="https://hub.docker.com/r/yobasystems/alpine-mariadb/" \ + org.opencontainers.image.source="https://github.com/yobasystems/alpine-mariadb" \ + org.opencontainers.image.revision=$VCS_REF \ + org.opencontainers.image.created=$BUILD_DATE + +RUN apk add --no-cache mariadb mariadb-client mariadb-server-utils pwgen && \ + rm -f /var/cache/apk/* + +ADD files/run.sh /scripts/run.sh +RUN mkdir /docker-entrypoint-initdb.d && \ + mkdir /scripts/pre-exec.d && \ + mkdir /scripts/pre-init.d && \ + chmod -R 755 /scripts + +EXPOSE 3306 + +VOLUME ["/var/lib/mysql"] + +ENTRYPOINT ["/scripts/run.sh"] diff --git a/images/mariadb/alpine-mariadb-aarch64/files/run.sh b/images/mariadb/alpine-mariadb-aarch64/files/run.sh new file mode 100644 index 00000000..fc7d3ea8 --- /dev/null +++ b/images/mariadb/alpine-mariadb-aarch64/files/run.sh @@ -0,0 +1,99 @@ +#!/bin/sh + +# execute any pre-init scripts +for i in /scripts/pre-init.d/*sh +do + if [ -e "${i}" ]; then + echo "[i] pre-init.d - processing $i" + . "${i}" + fi +done + +if [ -d "/run/mysqld" ]; then + echo "[i] mysqld already present, skipping creation" + chown -R mysql:mysql /run/mysqld +else + echo "[i] mysqld not found, creating...." + mkdir -p /run/mysqld + chown -R mysql:mysql /run/mysqld +fi + +if [ -d /var/lib/mysql/mysql ]; then + echo "[i] MySQL directory already present, skipping creation" + chown -R mysql:mysql /var/lib/mysql +else + echo "[i] MySQL data directory not found, creating initial DBs" + + chown -R mysql:mysql /var/lib/mysql + + mysql_install_db --user=mysql --ldata=/var/lib/mysql > /dev/null + + if [ "$MYSQL_ROOT_PASSWORD" = "" ]; then + MYSQL_ROOT_PASSWORD=`pwgen 16 1` + echo "[i] MySQL root Password: $MYSQL_ROOT_PASSWORD" + fi + + MYSQL_DATABASE=${MYSQL_DATABASE:-""} + MYSQL_USER=${MYSQL_USER:-""} + MYSQL_PASSWORD=${MYSQL_PASSWORD:-""} + + tfile=`mktemp` + if [ ! -f "$tfile" ]; then + return 1 + fi + + cat << EOF > $tfile +USE mysql; +FLUSH PRIVILEGES ; +GRANT ALL ON *.* TO 'root'@'%' identified by '$MYSQL_ROOT_PASSWORD' WITH GRANT OPTION ; +GRANT ALL ON *.* TO 'root'@'localhost' identified by '$MYSQL_ROOT_PASSWORD' WITH GRANT OPTION ; +SET PASSWORD FOR 'root'@'localhost'=PASSWORD('${MYSQL_ROOT_PASSWORD}') ; +DROP DATABASE IF EXISTS test ; +FLUSH PRIVILEGES ; +EOF + + if [ "$MYSQL_DATABASE" != "" ]; then + echo "[i] Creating database: $MYSQL_DATABASE" + if [ "$MYSQL_CHARSET" != "" ] && [ "$MYSQL_COLLATION" != "" ]; then + echo "[i] with character set [$MYSQL_CHARSET] and collation [$MYSQL_COLLATION]" + echo "CREATE DATABASE IF NOT EXISTS \`$MYSQL_DATABASE\` CHARACTER SET $MYSQL_CHARSET COLLATE $MYSQL_COLLATION;" >> $tfile + else + echo "[i] with character set: 'utf8' and collation: 'utf8_general_ci'" + echo "CREATE DATABASE IF NOT EXISTS \`$MYSQL_DATABASE\` CHARACTER SET utf8 COLLATE utf8_general_ci;" >> $tfile + fi + + if [ "$MYSQL_USER" != "" ]; then + echo "[i] Creating user: $MYSQL_USER with password $MYSQL_PASSWORD" + echo "GRANT ALL ON \`$MYSQL_DATABASE\`.* to '$MYSQL_USER'@'%' IDENTIFIED BY '$MYSQL_PASSWORD';" >> $tfile + fi + fi + + /usr/bin/mysqld --user=mysql --bootstrap --verbose=0 --skip-name-resolve --skip-networking=0 < $tfile + rm -f $tfile + + for f in /docker-entrypoint-initdb.d/*; do + case "$f" in + *.sql) echo "$0: running $f"; /usr/bin/mysqld --user=mysql --bootstrap --verbose=0 --skip-name-resolve --skip-networking=0 < "$f"; echo ;; + *.sql.gz) echo "$0: running $f"; gunzip -c "$f" | /usr/bin/mysqld --user=mysql --bootstrap --verbose=0 --skip-name-resolve --skip-networking=0 < "$f"; echo ;; + *) echo "$0: ignoring or entrypoint initdb empty $f" ;; + esac + echo + done + + echo + echo 'MySQL init process done. Ready for start up.' + echo + + echo "exec /usr/bin/mysqld --user=mysql --console --skip-name-resolve --skip-networking=0" "$@" +fi + +# execute any pre-exec scripts +for i in /scripts/pre-exec.d/*sh +do + if [ -e "${i}" ]; then + echo "[i] pre-exec.d - processing $i" + . ${i} + fi +done + +exec /usr/bin/mysqld --user=mysql --console --skip-name-resolve --skip-networking=0 $@ diff --git a/images/mariadb/alpine-mariadb-amd64/Dockerfile b/images/mariadb/alpine-mariadb-amd64/Dockerfile new file mode 100644 index 00000000..486e37e3 --- /dev/null +++ b/images/mariadb/alpine-mariadb-amd64/Dockerfile @@ -0,0 +1,34 @@ +FROM yobasystems/alpine:3.12.0-amd64 + +ARG BUILD_DATE +ARG VCS_REF + +LABEL maintainer="Dominic Taylor " \ + architecture="amd64/x86_64" \ + mariadb-version="10.4.15" \ + alpine-version="3.12.0" \ + build="14-Oct-2020" \ + org.opencontainers.image.title="alpine-mariadb" \ + org.opencontainers.image.description="MariaDB Docker image running on Alpine Linux" \ + org.opencontainers.image.authors="Dominic Taylor " \ + org.opencontainers.image.vendor="Yoba Systems" \ + org.opencontainers.image.version="v10.4.15" \ + org.opencontainers.image.url="https://hub.docker.com/r/yobasystems/alpine-mariadb/" \ + org.opencontainers.image.source="https://github.com/yobasystems/alpine-mariadb" \ + org.opencontainers.image.revision=$VCS_REF \ + org.opencontainers.image.created=$BUILD_DATE + +RUN apk add --no-cache mariadb mariadb-client mariadb-server-utils pwgen && \ + rm -f /var/cache/apk/* + +ADD files/run.sh /scripts/run.sh +RUN mkdir /docker-entrypoint-initdb.d && \ + mkdir /scripts/pre-exec.d && \ + mkdir /scripts/pre-init.d && \ + chmod -R 755 /scripts + +EXPOSE 3306 + +VOLUME ["/var/lib/mysql"] + +ENTRYPOINT ["/scripts/run.sh"] diff --git a/images/mariadb/alpine-mariadb-amd64/files/run.sh b/images/mariadb/alpine-mariadb-amd64/files/run.sh new file mode 100644 index 00000000..fc7d3ea8 --- /dev/null +++ b/images/mariadb/alpine-mariadb-amd64/files/run.sh @@ -0,0 +1,99 @@ +#!/bin/sh + +# execute any pre-init scripts +for i in /scripts/pre-init.d/*sh +do + if [ -e "${i}" ]; then + echo "[i] pre-init.d - processing $i" + . "${i}" + fi +done + +if [ -d "/run/mysqld" ]; then + echo "[i] mysqld already present, skipping creation" + chown -R mysql:mysql /run/mysqld +else + echo "[i] mysqld not found, creating...." + mkdir -p /run/mysqld + chown -R mysql:mysql /run/mysqld +fi + +if [ -d /var/lib/mysql/mysql ]; then + echo "[i] MySQL directory already present, skipping creation" + chown -R mysql:mysql /var/lib/mysql +else + echo "[i] MySQL data directory not found, creating initial DBs" + + chown -R mysql:mysql /var/lib/mysql + + mysql_install_db --user=mysql --ldata=/var/lib/mysql > /dev/null + + if [ "$MYSQL_ROOT_PASSWORD" = "" ]; then + MYSQL_ROOT_PASSWORD=`pwgen 16 1` + echo "[i] MySQL root Password: $MYSQL_ROOT_PASSWORD" + fi + + MYSQL_DATABASE=${MYSQL_DATABASE:-""} + MYSQL_USER=${MYSQL_USER:-""} + MYSQL_PASSWORD=${MYSQL_PASSWORD:-""} + + tfile=`mktemp` + if [ ! -f "$tfile" ]; then + return 1 + fi + + cat << EOF > $tfile +USE mysql; +FLUSH PRIVILEGES ; +GRANT ALL ON *.* TO 'root'@'%' identified by '$MYSQL_ROOT_PASSWORD' WITH GRANT OPTION ; +GRANT ALL ON *.* TO 'root'@'localhost' identified by '$MYSQL_ROOT_PASSWORD' WITH GRANT OPTION ; +SET PASSWORD FOR 'root'@'localhost'=PASSWORD('${MYSQL_ROOT_PASSWORD}') ; +DROP DATABASE IF EXISTS test ; +FLUSH PRIVILEGES ; +EOF + + if [ "$MYSQL_DATABASE" != "" ]; then + echo "[i] Creating database: $MYSQL_DATABASE" + if [ "$MYSQL_CHARSET" != "" ] && [ "$MYSQL_COLLATION" != "" ]; then + echo "[i] with character set [$MYSQL_CHARSET] and collation [$MYSQL_COLLATION]" + echo "CREATE DATABASE IF NOT EXISTS \`$MYSQL_DATABASE\` CHARACTER SET $MYSQL_CHARSET COLLATE $MYSQL_COLLATION;" >> $tfile + else + echo "[i] with character set: 'utf8' and collation: 'utf8_general_ci'" + echo "CREATE DATABASE IF NOT EXISTS \`$MYSQL_DATABASE\` CHARACTER SET utf8 COLLATE utf8_general_ci;" >> $tfile + fi + + if [ "$MYSQL_USER" != "" ]; then + echo "[i] Creating user: $MYSQL_USER with password $MYSQL_PASSWORD" + echo "GRANT ALL ON \`$MYSQL_DATABASE\`.* to '$MYSQL_USER'@'%' IDENTIFIED BY '$MYSQL_PASSWORD';" >> $tfile + fi + fi + + /usr/bin/mysqld --user=mysql --bootstrap --verbose=0 --skip-name-resolve --skip-networking=0 < $tfile + rm -f $tfile + + for f in /docker-entrypoint-initdb.d/*; do + case "$f" in + *.sql) echo "$0: running $f"; /usr/bin/mysqld --user=mysql --bootstrap --verbose=0 --skip-name-resolve --skip-networking=0 < "$f"; echo ;; + *.sql.gz) echo "$0: running $f"; gunzip -c "$f" | /usr/bin/mysqld --user=mysql --bootstrap --verbose=0 --skip-name-resolve --skip-networking=0 < "$f"; echo ;; + *) echo "$0: ignoring or entrypoint initdb empty $f" ;; + esac + echo + done + + echo + echo 'MySQL init process done. Ready for start up.' + echo + + echo "exec /usr/bin/mysqld --user=mysql --console --skip-name-resolve --skip-networking=0" "$@" +fi + +# execute any pre-exec scripts +for i in /scripts/pre-exec.d/*sh +do + if [ -e "${i}" ]; then + echo "[i] pre-exec.d - processing $i" + . ${i} + fi +done + +exec /usr/bin/mysqld --user=mysql --console --skip-name-resolve --skip-networking=0 $@ diff --git a/images/mariadb/alpine-mariadb-armhf/Dockerfile b/images/mariadb/alpine-mariadb-armhf/Dockerfile new file mode 100644 index 00000000..8584e8f7 --- /dev/null +++ b/images/mariadb/alpine-mariadb-armhf/Dockerfile @@ -0,0 +1,34 @@ +FROM yobasystems/alpine:3.12.0-armhf + +ARG BUILD_DATE +ARG VCS_REF + +LABEL maintainer="Dominic Taylor " \ + architecture="arm32v7/armhf" \ + mariadb-version="10.4.15" \ + alpine-version="3.12.0" \ + build="14-Oct-2020" \ + org.opencontainers.image.title="alpine-mariadb" \ + org.opencontainers.image.description="MariaDB Docker image running on Alpine Linux" \ + org.opencontainers.image.authors="Dominic Taylor " \ + org.opencontainers.image.vendor="Yoba Systems" \ + org.opencontainers.image.version="v10.4.15" \ + org.opencontainers.image.url="https://hub.docker.com/r/yobasystems/alpine-mariadb/" \ + org.opencontainers.image.source="https://github.com/yobasystems/alpine-mariadb" \ + org.opencontainers.image.revision=$VCS_REF \ + org.opencontainers.image.created=$BUILD_DATE + +RUN apk add --no-cache mariadb mariadb-client mariadb-server-utils pwgen && \ + rm -f /var/cache/apk/* + +ADD files/run.sh /scripts/run.sh +RUN mkdir /docker-entrypoint-initdb.d && \ + mkdir /scripts/pre-exec.d && \ + mkdir /scripts/pre-init.d && \ + chmod -R 755 /scripts + +EXPOSE 3306 + +VOLUME ["/var/lib/mysql"] + +ENTRYPOINT ["/scripts/run.sh"] diff --git a/images/mariadb/alpine-mariadb-armhf/files/run.sh b/images/mariadb/alpine-mariadb-armhf/files/run.sh new file mode 100644 index 00000000..fc7d3ea8 --- /dev/null +++ b/images/mariadb/alpine-mariadb-armhf/files/run.sh @@ -0,0 +1,99 @@ +#!/bin/sh + +# execute any pre-init scripts +for i in /scripts/pre-init.d/*sh +do + if [ -e "${i}" ]; then + echo "[i] pre-init.d - processing $i" + . "${i}" + fi +done + +if [ -d "/run/mysqld" ]; then + echo "[i] mysqld already present, skipping creation" + chown -R mysql:mysql /run/mysqld +else + echo "[i] mysqld not found, creating...." + mkdir -p /run/mysqld + chown -R mysql:mysql /run/mysqld +fi + +if [ -d /var/lib/mysql/mysql ]; then + echo "[i] MySQL directory already present, skipping creation" + chown -R mysql:mysql /var/lib/mysql +else + echo "[i] MySQL data directory not found, creating initial DBs" + + chown -R mysql:mysql /var/lib/mysql + + mysql_install_db --user=mysql --ldata=/var/lib/mysql > /dev/null + + if [ "$MYSQL_ROOT_PASSWORD" = "" ]; then + MYSQL_ROOT_PASSWORD=`pwgen 16 1` + echo "[i] MySQL root Password: $MYSQL_ROOT_PASSWORD" + fi + + MYSQL_DATABASE=${MYSQL_DATABASE:-""} + MYSQL_USER=${MYSQL_USER:-""} + MYSQL_PASSWORD=${MYSQL_PASSWORD:-""} + + tfile=`mktemp` + if [ ! -f "$tfile" ]; then + return 1 + fi + + cat << EOF > $tfile +USE mysql; +FLUSH PRIVILEGES ; +GRANT ALL ON *.* TO 'root'@'%' identified by '$MYSQL_ROOT_PASSWORD' WITH GRANT OPTION ; +GRANT ALL ON *.* TO 'root'@'localhost' identified by '$MYSQL_ROOT_PASSWORD' WITH GRANT OPTION ; +SET PASSWORD FOR 'root'@'localhost'=PASSWORD('${MYSQL_ROOT_PASSWORD}') ; +DROP DATABASE IF EXISTS test ; +FLUSH PRIVILEGES ; +EOF + + if [ "$MYSQL_DATABASE" != "" ]; then + echo "[i] Creating database: $MYSQL_DATABASE" + if [ "$MYSQL_CHARSET" != "" ] && [ "$MYSQL_COLLATION" != "" ]; then + echo "[i] with character set [$MYSQL_CHARSET] and collation [$MYSQL_COLLATION]" + echo "CREATE DATABASE IF NOT EXISTS \`$MYSQL_DATABASE\` CHARACTER SET $MYSQL_CHARSET COLLATE $MYSQL_COLLATION;" >> $tfile + else + echo "[i] with character set: 'utf8' and collation: 'utf8_general_ci'" + echo "CREATE DATABASE IF NOT EXISTS \`$MYSQL_DATABASE\` CHARACTER SET utf8 COLLATE utf8_general_ci;" >> $tfile + fi + + if [ "$MYSQL_USER" != "" ]; then + echo "[i] Creating user: $MYSQL_USER with password $MYSQL_PASSWORD" + echo "GRANT ALL ON \`$MYSQL_DATABASE\`.* to '$MYSQL_USER'@'%' IDENTIFIED BY '$MYSQL_PASSWORD';" >> $tfile + fi + fi + + /usr/bin/mysqld --user=mysql --bootstrap --verbose=0 --skip-name-resolve --skip-networking=0 < $tfile + rm -f $tfile + + for f in /docker-entrypoint-initdb.d/*; do + case "$f" in + *.sql) echo "$0: running $f"; /usr/bin/mysqld --user=mysql --bootstrap --verbose=0 --skip-name-resolve --skip-networking=0 < "$f"; echo ;; + *.sql.gz) echo "$0: running $f"; gunzip -c "$f" | /usr/bin/mysqld --user=mysql --bootstrap --verbose=0 --skip-name-resolve --skip-networking=0 < "$f"; echo ;; + *) echo "$0: ignoring or entrypoint initdb empty $f" ;; + esac + echo + done + + echo + echo 'MySQL init process done. Ready for start up.' + echo + + echo "exec /usr/bin/mysqld --user=mysql --console --skip-name-resolve --skip-networking=0" "$@" +fi + +# execute any pre-exec scripts +for i in /scripts/pre-exec.d/*sh +do + if [ -e "${i}" ]; then + echo "[i] pre-exec.d - processing $i" + . ${i} + fi +done + +exec /usr/bin/mysqld --user=mysql --console --skip-name-resolve --skip-networking=0 $@ diff --git a/images/memcached/Dockerfile b/images/memcached/Dockerfile index 4683ab15..577c47bc 100644 --- a/images/memcached/Dockerfile +++ b/images/memcached/Dockerfile @@ -1,57 +1,7 @@ -FROM registry.cn-hongkong.aliyuncs.com/imxieke/alpine:latest -LABEL MAINTAINER="Cloudflying" \ - MAIL="" - -ENV MEMCACHED_VERSION 1.5.12 -ENV MEMCACHED_SHA1 f67096ba64b0c47668bcad5b680010c4f8987d4c - -# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added -RUN set -x ; \ - addgroup -g 11211 memcache && adduser -D -u 11211 -G memcache memcache ; \ - apk add --no-cache --virtual .build-deps \ - ca-certificates \ - coreutils \ - cyrus-sasl-dev \ - dpkg-dev dpkg \ - gcc \ - libc-dev \ - libevent-dev \ - libressl \ - linux-headers \ - make \ - perl \ - perl-utils \ - tar \ - wget \ - \ - && wget -O memcached.tar.gz "https://qcloud.coding.net/u/imxieke/p/Collect/git/blob/master/src/memcached-$MEMCACHED_VERSION.tar.gz" \ - && echo "$MEMCACHED_SHA1 memcached.tar.gz" | sha1sum -c - \ - && mkdir -p /usr/src/memcached \ - && tar -xzf memcached.tar.gz -C /usr/src/memcached --strip-components=1 \ - && rm memcached.tar.gz \ - && cd /usr/src/memcached \ - && gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \ - && ./configure \ - --build="$gnuArch" \ - --enable-sasl \ - $enableExtstore \ - && make -j "$(nproc)" \ -# TODO https://github.com/memcached/memcached/issues/382 "t/chunked-extstore.t is flaky on arm32v6" - && make test \ - && make install \ - \ - && cd / && rm -rf /usr/src/memcached \ - \ - && runDeps="$( \ - scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \ - | tr ',' '\n' \ - | sort -u \ - | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ - )" \ - && apk add --virtual .memcached-rundeps $runDeps \ - && apk del .build-deps \ - && rm -fr /var/cache/apk/* - -USER memcache -EXPOSE 11211 -CMD ["memcached"] \ No newline at end of file +FROM memcached:latest +LABEL MAINTAINER="Cloudflying" \ + MAIL="" + +USER memcache +EXPOSE 11211 +CMD ["memcached", "-m", "32"] diff --git a/images/memcached/README.md b/images/memcached/README.md deleted file mode 100644 index 9931520a..00000000 --- a/images/memcached/README.md +++ /dev/null @@ -1,2 +0,0 @@ -## Memcached ->Free & open source, high-performance, distributed memory object caching system \ No newline at end of file diff --git a/images/mongo-webui/Dockerfile b/images/mongo-webui/Dockerfile new file mode 100644 index 00000000..16a5beae --- /dev/null +++ b/images/mongo-webui/Dockerfile @@ -0,0 +1,3 @@ +FROM mongoclient/mongoclient + +LABEL maintainer="ahkui " diff --git a/images/mongo/Dockerfile b/images/mongo/Dockerfile new file mode 100644 index 00000000..99f4619e --- /dev/null +++ b/images/mongo/Dockerfile @@ -0,0 +1,12 @@ +FROM mongo:latest +LABEL maintainer="Mahmoud Zalt " + +#COPY mongo.conf /usr/local/etc/mongo/mongo.conf + +VOLUME /data/db /data/configdb + +EXPOSE 27017 +CMD ["mongod"] + +FROM mongo:latest + diff --git a/images/mongodb/Dockerfile b/images/mongodb/Dockerfile index 469d4aae..08c3fb65 100644 --- a/images/mongodb/Dockerfile +++ b/images/mongodb/Dockerfile @@ -1,17 +1,17 @@ -FROM registry.cn-hongkong.aliyuncs.com/imxieke/alpine:latest -LABEL MAINTAINER="Cloudflying" \ - MAIL="" - -# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added -RUN apk add --no-cache mongodb \ - && mkdir -p /data/db /data/configdb \ - && chown -R mongodb:mongodb /data/db /data/configdb - -USER mongodb - -VOLUME /data/db /data/configdb - -# 28017 Monitor Page -EXPOSE 27017 28017 - +FROM registry.cn-hongkong.aliyuncs.com/imxieke/alpine:latest +LABEL MAINTAINER="Cloudflying" \ + MAIL="" + +# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added +RUN apk add --no-cache mongodb \ + && mkdir -p /data/db /data/configdb \ + && chown -R mongodb:mongodb /data/db /data/configdb + +USER mongodb + +VOLUME /data/db /data/configdb + +# 28017 Monitor Page +EXPOSE 27017 28017 + CMD [ "mongod", "--bind_ip", "0.0.0.0" ] \ No newline at end of file diff --git a/images/mssql/Dockerfile b/images/mssql/Dockerfile new file mode 100644 index 00000000..c777500e --- /dev/null +++ b/images/mssql/Dockerfile @@ -0,0 +1,10 @@ +FROM mcr.microsoft.com/mssql/server:2017-latest-ubuntu + +ENV MSSQL_PID=Express +ENV MSSQL_DATABASE=$MSSQL_DATABASE +ENV ACCEPT_EULA=Y +ENV SA_PASSWORD=$MSSQL_PASSWORD + +VOLUME /var/opt/mssql + +EXPOSE 1433 diff --git a/images/nginx/1.18.0/Dockerfile b/images/nginx/1.18.0/Dockerfile new file mode 100644 index 00000000..4f712a8f --- /dev/null +++ b/images/nginx/1.18.0/Dockerfile @@ -0,0 +1,18 @@ +FROM nginx:1.18.0-alpine-perl +LABEL MAINTAINER="Cloudflying" \ + MAIL="" + +# 更改权限 +RUN mkdir /var/www \ + && chown -R www-data.www-data /var/www/ /var/log/nginx/ + +# 设置时区 && 同步时间 +ENV TZ=Asia/Shanghai +RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone + +# mount nginx log +VOLUME /var/log/nginx + +WORKDIR /usr/share/nginx/html +EXPOSE 80 443 8080 8888 9090 +CMD ["nginx", "-g", "daemon off;"] diff --git a/images/nginx/1.19.6/Dockerfile b/images/nginx/1.19.6/Dockerfile new file mode 100644 index 00000000..e2bcdbea --- /dev/null +++ b/images/nginx/1.19.6/Dockerfile @@ -0,0 +1,18 @@ +FROM nginx:1.19.6-alpine-perl +LABEL MAINTAINER="Cloudflying" \ + MAIL="" + +# 更改权限 +RUN mkdir /var/www \ + && chown -R www-data.www-data /var/www/ /var/log/nginx/ + +# 设置时区 && 同步时间 +ENV TZ=Asia/Shanghai +RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone + +# mount nginx log +VOLUME /var/log/nginx + +WORKDIR /usr/share/nginx/html +EXPOSE 80 443 8080 8888 9090 +CMD ["nginx", "-g", "daemon off;"] diff --git a/images/nginx/Dockerfile b/images/nginx/Dockerfile deleted file mode 100644 index d5485863..00000000 --- a/images/nginx/Dockerfile +++ /dev/null @@ -1,8 +0,0 @@ -FROM registry.cn-hongkong.aliyuncs.com/imxieke/alpine:latest -LABEL MAINTAINER="Cloudflying" \ - MAIL="" - -RUN apk add --no-cache nginx - -EXPOSE 80 443 -CMD ["nginx", "-g", "daemon off;"] \ No newline at end of file diff --git a/images/nginx/Dockerfile.lograte b/images/nginx/Dockerfile.lograte new file mode 100644 index 00000000..e51879c8 --- /dev/null +++ b/images/nginx/Dockerfile.lograte @@ -0,0 +1,44 @@ +FROM nginx:alpine + +LABEL maintainer="Mahmoud Zalt " + +COPY nginx.conf /etc/nginx/ + +# If you're in China, or you need to change sources, will be set CHANGE_SOURCE to true in .env. + +ARG CHANGE_SOURCE=false +RUN if [ ${CHANGE_SOURCE} = true ]; then \ + # Change application source from dl-cdn.alpinelinux.org to aliyun source + sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/' /etc/apk/repositories \ +;fi + +RUN apk update \ + && apk upgrade \ + && apk --update add logrotate \ + && apk add --no-cache openssl \ + && apk add --no-cache bash + +RUN apk add --no-cache curl + +RUN set -x ; \ + addgroup -g 82 -S www-data ; \ + adduser -u 82 -D -S -G www-data www-data && exit 0 ; exit 1 + +ARG PHP_UPSTREAM_CONTAINER=php-fpm +ARG PHP_UPSTREAM_PORT=9000 + +# Create 'messages' file used from 'logrotate' +RUN touch /var/log/messages + +# Copy 'logrotate' config file +COPY logrotate/nginx /etc/logrotate.d/ + +# Set upstream conf and remove the default conf +RUN echo "upstream php-upstream { server ${PHP_UPSTREAM_CONTAINER}:${PHP_UPSTREAM_PORT}; }" > /etc/nginx/conf.d/upstream.conf \ + && rm /etc/nginx/conf.d/default.conf + +ADD ./startup.sh /opt/startup.sh +RUN sed -i 's/\r//g' /opt/startup.sh +CMD ["/bin/bash", "/opt/startup.sh"] + +EXPOSE 80 81 443 diff --git a/images/nginx/Dockerfile.nginx-http3 b/images/nginx/Dockerfile.nginx-http3 new file mode 100644 index 00000000..c2b62e92 --- /dev/null +++ b/images/nginx/Dockerfile.nginx-http3 @@ -0,0 +1,235 @@ +################################################## +# Nginx with Quiche (HTTP/3), Brotli, Headers More +# modules. +################################################## + +FROM alpine:edge AS builder + +LABEL maintainer="Ranadeep Polavarapu " + +ENV NGINX_VERSION 1.19.5 +ENV NGX_BROTLI_COMMIT 9aec15e2aa6feea2113119ba06460af70ab3ea62 +ENV PCRE_VERSION 8.44 +ENV ZLIB_VERSION 1.2.11 + +RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ + && CONFIG="\ + --prefix=/etc/nginx \ + --sbin-path=/usr/sbin/nginx \ + --modules-path=/usr/lib/nginx/modules \ + --conf-path=/etc/nginx/nginx.conf \ + --error-log-path=/var/log/nginx/error.log \ + --http-log-path=/var/log/nginx/access.log \ + --pid-path=/var/run/nginx.pid \ + --lock-path=/var/run/nginx.lock \ + --http-client-body-temp-path=/var/cache/nginx/client_temp \ + --http-proxy-temp-path=/var/cache/nginx/proxy_temp \ + --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \ + --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \ + --http-scgi-temp-path=/var/cache/nginx/scgi_temp \ + --user=nginx \ + --group=nginx \ + --with-pcre=/usr/src/pcre-${PCRE_VERSION} \ + --with-pcre-jit \ + --with-zlib=/usr/src/zlib-${ZLIB_VERSION} \ + --with-http_ssl_module \ + --with-http_realip_module \ + --with-http_addition_module \ + --with-http_sub_module \ + --with-http_dav_module \ + --with-http_flv_module \ + --with-http_mp4_module \ + --with-http_gunzip_module \ + --with-http_gzip_static_module \ + --with-http_random_index_module \ + --with-http_secure_link_module \ + --with-http_stub_status_module \ + --with-http_auth_request_module \ + --with-http_xslt_module=dynamic \ + --with-http_image_filter_module=dynamic \ + --with-http_geoip_module=dynamic \ + --with-http_perl_module=dynamic \ + --with-threads \ + --with-stream \ + --with-stream_ssl_module \ + --with-stream_ssl_preread_module \ + --with-stream_realip_module \ + --with-stream_geoip_module=dynamic \ + --with-http_slice_module \ + --with-mail \ + --with-mail_ssl_module \ + --with-compat \ + --with-file-aio \ + --with-http_v2_module \ + --with-http_v3_module \ + --with-openssl=/usr/src/quiche/deps/boringssl \ + --with-quiche=/usr/src/quiche \ + --add-module=/usr/src/ngx_brotli \ + --add-module=/usr/src/headers-more-nginx-module \ + --add-module=/usr/src/njs/nginx \ + --add-module=/usr/src/nginx_cookie_flag_module \ + --with-cc-opt=-Wno-error \ + " \ + && addgroup -S nginx \ + && adduser -D -S -h /var/cache/nginx -s /sbin/nologin -G nginx nginx \ + && apk update \ + && apk upgrade \ + && apk add --no-cache ca-certificates \ + && update-ca-certificates \ + && apk add --no-cache --virtual .build-deps \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + pcre-dev \ + zlib-dev \ + linux-headers \ + curl \ + gnupg \ + libxslt-dev \ + gd-dev \ + geoip-dev \ + perl-dev \ + && apk add --no-cache --virtual .brotli-build-deps \ + autoconf \ + libtool \ + automake \ + git \ + g++ \ + cmake \ + go \ + perl \ + rust \ + cargo \ + patch \ + && mkdir -p /usr/src \ + && cd /usr/src \ + && git clone --depth=1 --recursive --shallow-submodules https://github.com/google/ngx_brotli \ + && cd ngx_brotli \ + && git checkout -b $NGX_BROTLI_COMMIT \ + && cd .. \ + && wget -qO- https://ftp.pcre.org/pub/pcre/pcre-${PCRE_VERSION}.tar.gz | tar zxvf - \ + && wget -qO- http://zlib.net/zlib-${ZLIB_VERSION}.tar.gz | tar zxvf - \ + && git clone --depth=1 --recursive https://github.com/openresty/headers-more-nginx-module \ + && git clone --depth=1 --recursive https://github.com/nginx/njs \ + && git clone --depth=1 --recursive https://github.com/AirisX/nginx_cookie_flag_module \ + && git clone --depth=1 --recursive https://github.com/cloudflare/quiche \ + && curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \ + && curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc -o nginx.tar.gz.asc \ + && export GNUPGHOME="$(mktemp -d)" \ + && found=''; \ + for server in \ + ha.pool.sks-keyservers.net \ + hkp://keyserver.ubuntu.com:80 \ + hkp://p80.pool.sks-keyservers.net:80 \ + pgp.mit.edu \ + ; do \ + echo "Fetching GPG key $GPG_KEYS from $server"; \ + gpg --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$GPG_KEYS" && found=yes && break; \ + done; \ + test -z "$found" && echo >&2 "error: failed to fetch GPG key $GPG_KEYS" && exit 1; \ + gpg --batch --verify nginx.tar.gz.asc nginx.tar.gz \ + && rm -rf "$GNUPGHOME" nginx.tar.gz.asc \ + && mkdir -p /usr/src \ + && tar -zxC /usr/src -f nginx.tar.gz \ + && rm nginx.tar.gz \ + && cd /usr/src/nginx-$NGINX_VERSION \ + && patch -p01 < /usr/src/quiche/extras/nginx/nginx-1.16.patch \ + && ./configure $CONFIG --with-debug --build="pcre-${PCRE_VERSION} zlib-${ZLIB_VERSION} quiche-$(git --git-dir=/usr/src/quiche/.git rev-parse --short HEAD) ngx_brotli-$(git --git-dir=/usr/src/ngx_brotli/.git rev-parse --short HEAD) headers-more-nginx-module-$(git --git-dir=/usr/src/headers-more-nginx-module/.git rev-parse --short HEAD) njs-$(git --git-dir=/usr/src/njs/.git rev-parse --short HEAD) nginx_cookie_flag_module-$(git --git-dir=/usr/src/nginx_cookie_flag_module/.git rev-parse --short HEAD)" \ + && make -j$(getconf _NPROCESSORS_ONLN) \ + && mv objs/nginx objs/nginx-debug \ + && mv objs/ngx_http_xslt_filter_module.so objs/ngx_http_xslt_filter_module-debug.so \ + && mv objs/ngx_http_image_filter_module.so objs/ngx_http_image_filter_module-debug.so \ + && mv objs/ngx_http_geoip_module.so objs/ngx_http_geoip_module-debug.so \ + && mv objs/ngx_http_perl_module.so objs/ngx_http_perl_module-debug.so \ + && mv objs/ngx_stream_geoip_module.so objs/ngx_stream_geoip_module-debug.so \ + && ./configure $CONFIG --build="pcre-${PCRE_VERSION} zlib-${ZLIB_VERSION} quiche-$(git --git-dir=/usr/src/quiche/.git rev-parse --short HEAD) ngx_brotli-$(git --git-dir=/usr/src/ngx_brotli/.git rev-parse --short HEAD) headers-more-nginx-module-$(git --git-dir=/usr/src/headers-more-nginx-module/.git rev-parse --short HEAD) njs-$(git --git-dir=/usr/src/njs/.git rev-parse --short HEAD) nginx_cookie_flag_module-$(git --git-dir=/usr/src/nginx_cookie_flag_module/.git rev-parse --short HEAD)" \ + && make -j$(getconf _NPROCESSORS_ONLN) \ + && make install \ + && rm -rf /etc/nginx/html/ \ + && mkdir /etc/nginx/conf.d/ \ + && mkdir -p /usr/share/nginx/html/ \ + && install -m644 html/index.html /usr/share/nginx/html/ \ + && install -m644 html/50x.html /usr/share/nginx/html/ \ + && install -m755 objs/nginx-debug /usr/sbin/nginx-debug \ + && install -m755 objs/ngx_http_xslt_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_xslt_filter_module-debug.so \ + && install -m755 objs/ngx_http_image_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_image_filter_module-debug.so \ + && install -m755 objs/ngx_http_geoip_module-debug.so /usr/lib/nginx/modules/ngx_http_geoip_module-debug.so \ + && install -m755 objs/ngx_http_perl_module-debug.so /usr/lib/nginx/modules/ngx_http_perl_module-debug.so \ + && install -m755 objs/ngx_stream_geoip_module-debug.so /usr/lib/nginx/modules/ngx_stream_geoip_module-debug.so \ + && ln -s ../../usr/lib/nginx/modules /etc/nginx/modules \ + && strip /usr/sbin/nginx* \ + && strip /usr/lib/nginx/modules/*.so \ + && rm -rf /usr/src/nginx-$NGINX_VERSION \ + && rm -rf /usr/src/ngx_brotli \ + && rm -rf /usr/src/headers-more-nginx-module \ + && rm -rf /usr/src/njs \ + && rm -rf /usr/src/nginx_cookie_flag_module \ + && rm -rf /usr/src/quiche \ + \ + # Bring in gettext so we can get `envsubst`, then throw + # the rest away. To do this, we need to install `gettext` + # then move `envsubst` out of the way so `gettext` can + # be deleted completely, then move `envsubst` back. + && apk add --no-cache --virtual .gettext gettext \ + && mv /usr/bin/envsubst /tmp/ \ + \ + && runDeps="$( \ + scanelf --needed --nobanner /usr/sbin/nginx /usr/lib/nginx/modules/*.so /tmp/envsubst \ + | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ + | sort -u \ + | xargs -r apk info --installed \ + | sort -u \ + )" \ + && apk add --no-cache --virtual .nginx-rundeps $runDeps \ + && apk del .build-deps \ + && apk del .brotli-build-deps \ + && apk del .gettext \ + && mv /tmp/envsubst /usr/local/bin/ + +# Create self-signed certificate +RUN apk add openssl \ + && openssl req -x509 -newkey rsa:4096 -nodes -keyout /etc/ssl/private/localhost.key -out /etc/ssl/localhost.pem -days 365 -sha256 -subj '/CN=localhost' + +FROM alpine:latest + +COPY --from=builder /usr/sbin/nginx /usr/sbin/nginx-debug /usr/sbin/ +COPY --from=builder /usr/lib/nginx /usr/lib/ +COPY --from=builder /usr/share/nginx/html/* /usr/share/nginx/html/ +COPY --from=builder /etc/nginx/* /etc/nginx/ +COPY --from=builder /usr/local/bin/envsubst /usr/local/bin/ +COPY --from=builder /etc/ssl/private/localhost.key /etc/ssl/private/ +COPY --from=builder /etc/ssl/localhost.pem /etc/ssl/ + +RUN \ + # Bring in tzdata so users could set the timezones through the environment + # variables + apk add --no-cache tzdata \ + \ + && apk add --no-cache \ + pcre \ + libgcc \ + libintl \ + && addgroup -S nginx \ + && adduser -D -S -h /var/cache/nginx -s /sbin/nologin -G nginx nginx \ + # forward request and error logs to docker log collector + && mkdir -p /var/log/nginx \ + && touch /var/log/nginx/access.log /var/log/nginx/error.log \ + && chown nginx: /var/log/nginx/access.log /var/log/nginx/error.log \ + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log + +# Recommended nginx configuration. Please copy the config you wish to use. +# COPY nginx.conf /etc/nginx/ +# COPY h3.nginx.conf /etc/nginx/conf.d/ + +STOPSIGNAL SIGTERM + +CMD ["nginx", "-g", "daemon off;"] + +# Build-time metadata as defined at http://label-schema.org +ARG VCS_REF + +LABEL org.label-schema.build-date=$BUILD_DATE \ + org.label-schema.vcs-ref=$VCS_REF \ + org.label-schema.vcs-url="https://github.com/RanadeepPolavarapu/docker-nginx-http3.git" diff --git a/images/nginx/conf.d/.gitignore b/images/nginx/conf.d/.gitignore new file mode 100644 index 00000000..a419c76c --- /dev/null +++ b/images/nginx/conf.d/.gitignore @@ -0,0 +1,4 @@ +# 忽略这个文件夹的改动 +* +!.gitignore +!default.conf \ No newline at end of file diff --git a/images/nginx/conf.d/default.conf b/images/nginx/conf.d/default.conf new file mode 100644 index 00000000..315007ee --- /dev/null +++ b/images/nginx/conf.d/default.conf @@ -0,0 +1,59 @@ +server { + listen 80; + + server_name localhost; + root /var/www; + index index.php index.html index.htm; + + #access_log /var/log/nginx/log/host.access.log main; + + location / { + try_files $uri $uri/ /index.php$is_args$query_string; + } + + error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + #fastcgi_pass unix:/var/run/php-fpm.sock; + fastcgi_pass php-upstream; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param SCRIPT_NAME $fastcgi_script_name; + fastcgi_index index.php; + include fastcgi_params; + } + + location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ + { + expires 30d; + } + + location ~ .*\.(js|css)?$ + { + expires 2h; + } + + location ~ /.well-known { + allow all; + } + + location ~ /\. + { + deny all; + } + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + location ~ /\.ht { + deny all; + } +} \ No newline at end of file diff --git a/images/nginx/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh b/images/nginx/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh new file mode 100755 index 00000000..9585152b --- /dev/null +++ b/images/nginx/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh @@ -0,0 +1,61 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +ME=$(basename $0) +DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" + +# check if we have ipv6 available +if [ ! -f "/proc/net/if_inet6" ]; then + echo >&3 "$ME: info: ipv6 not available" + exit 0 +fi + +if [ ! -f "/$DEFAULT_CONF_FILE" ]; then + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE is not a file or does not exist" + exit 0 +fi + +# check if the file can be modified, e.g. not on a r/o filesystem +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: info: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } + +# check if the file is already modified, e.g. on a container restart +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } + +if [ -f "/etc/os-release" ]; then + . /etc/os-release +else + echo >&3 "$ME: info: can not guess the operating system" + exit 0 +fi + +echo >&3 "$ME: info: Getting the checksum of /$DEFAULT_CONF_FILE" + +case "$ID" in + "debian") + CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" + exit 0 + } + ;; + "alpine") + CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" + exit 0 + } + ;; + *) + echo >&3 "$ME: info: Unsupported distribution" + exit 0 + ;; +esac + +# enable ipv6 on default.conf listen sockets +sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE + +echo >&3 "$ME: info: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" + +exit 0 diff --git a/images/nginx/mainline/alpine-perl/20-envsubst-on-templates.sh b/images/nginx/mainline/alpine-perl/20-envsubst-on-templates.sh new file mode 100755 index 00000000..4f330295 --- /dev/null +++ b/images/nginx/mainline/alpine-perl/20-envsubst-on-templates.sh @@ -0,0 +1,32 @@ +#!/bin/sh + +set -e + +ME=$(basename $0) + +auto_envsubst() { + local template_dir="${NGINX_ENVSUBST_TEMPLATE_DIR:-/etc/nginx/templates}" + local suffix="${NGINX_ENVSUBST_TEMPLATE_SUFFIX:-.template}" + local output_dir="${NGINX_ENVSUBST_OUTPUT_DIR:-/etc/nginx/conf.d}" + + local template defined_envs relative_path output_path subdir + defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) + [ -d "$template_dir" ] || return 0 + if [ ! -w "$output_dir" ]; then + echo >&3 "$ME: ERROR: $template_dir exists, but $output_dir is not writable" + return 0 + fi + find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do + relative_path="${template#$template_dir/}" + output_path="$output_dir/${relative_path%$suffix}" + subdir=$(dirname "$relative_path") + # create a subdirectory where the template file exists + mkdir -p "$output_dir/$subdir" + echo >&3 "$ME: Running envsubst on $template to $output_path" + envsubst "$defined_envs" < "$template" > "$output_path" + done +} + +auto_envsubst + +exit 0 diff --git a/images/nginx/mainline/alpine-perl/Dockerfile b/images/nginx/mainline/alpine-perl/Dockerfile new file mode 100644 index 00000000..53269308 --- /dev/null +++ b/images/nginx/mainline/alpine-perl/Dockerfile @@ -0,0 +1,125 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "update.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# +FROM alpine:3.12 + +LABEL maintainer="NGINX Docker Maintainers " + +ENV NGINX_VERSION 1.19.6 +ENV NJS_VERSION 0.5.0 +ENV PKG_RELEASE 1 + +RUN set -x \ +# create nginx user/group first, to be consistent throughout docker variants + && addgroup -g 101 -S nginx \ + && adduser -S -D -H -u 101 -h /var/cache/nginx -s /sbin/nologin -G nginx -g nginx nginx \ + && apkArch="$(cat /etc/apk/arch)" \ + && nginxPackages=" \ + nginx=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-xslt=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-geoip=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-image-filter=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-perl=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-r${PKG_RELEASE} \ + " \ + && case "$apkArch" in \ + x86_64) \ +# arches officially built by upstream + set -x \ + && KEY_SHA512="e7fa8303923d9b95db37a77ad46c68fd4755ff935d0a534d26eba83de193c76166c68bfe7f65471bf8881004ef4aa6df3e34689c305662750c0172fca5d8552a *stdin" \ + && apk add --no-cache --virtual .cert-deps \ + openssl \ + && wget -O /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub \ + && if [ "$(openssl rsa -pubin -in /tmp/nginx_signing.rsa.pub -text -noout | openssl sha512 -r)" = "$KEY_SHA512" ]; then \ + echo "key verification succeeded!"; \ + mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/; \ + else \ + echo "key verification failed!"; \ + exit 1; \ + fi \ + && apk del .cert-deps \ + && apk add -X "https://nginx.org/packages/mainline/alpine/v$(egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release)/main" --no-cache $nginxPackages \ + ;; \ + *) \ +# we're on an architecture upstream doesn't officially build for +# let's build binaries from the published packaging sources + set -x \ + && tempDir="$(mktemp -d)" \ + && chown nobody:nobody $tempDir \ + && apk add --no-cache --virtual .build-deps \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + pcre-dev \ + zlib-dev \ + linux-headers \ + libxslt-dev \ + gd-dev \ + geoip-dev \ + perl-dev \ + libedit-dev \ + mercurial \ + bash \ + alpine-sdk \ + findutils \ + && su nobody -s /bin/sh -c " \ + export HOME=${tempDir} \ + && cd ${tempDir} \ + && hg clone https://hg.nginx.org/pkg-oss \ + && cd pkg-oss \ + && hg up ${NGINX_VERSION}-${PKG_RELEASE} \ + && cd alpine \ + && make all \ + && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ + && abuild-sign -k ${tempDir}/.abuild/abuild-key.rsa ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz \ + " \ + && cp ${tempDir}/.abuild/abuild-key.rsa.pub /etc/apk/keys/ \ + && apk del .build-deps \ + && apk add -X ${tempDir}/packages/alpine/ --no-cache $nginxPackages \ + ;; \ + esac \ +# if we have leftovers from building, let's purge them (including extra, unnecessary build deps) + && if [ -n "$tempDir" ]; then rm -rf "$tempDir"; fi \ + && if [ -n "/etc/apk/keys/abuild-key.rsa.pub" ]; then rm -f /etc/apk/keys/abuild-key.rsa.pub; fi \ + && if [ -n "/etc/apk/keys/nginx_signing.rsa.pub" ]; then rm -f /etc/apk/keys/nginx_signing.rsa.pub; fi \ +# Bring in gettext so we can get `envsubst`, then throw +# the rest away. To do this, we need to install `gettext` +# then move `envsubst` out of the way so `gettext` can +# be deleted completely, then move `envsubst` back. + && apk add --no-cache --virtual .gettext gettext \ + && mv /usr/bin/envsubst /tmp/ \ + \ + && runDeps="$( \ + scanelf --needed --nobanner /tmp/envsubst \ + | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ + | sort -u \ + | xargs -r apk info --installed \ + | sort -u \ + )" \ + && apk add --no-cache $runDeps \ + && apk del .gettext \ + && mv /tmp/envsubst /usr/local/bin/ \ +# Bring in tzdata so users could set the timezones through the environment +# variables + && apk add --no-cache tzdata \ +# Bring in curl and ca-certificates to make registering on DNS SD easier + && apk add --no-cache curl ca-certificates \ +# forward request and error logs to docker log collector + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log \ +# create a docker-entrypoint.d directory + && mkdir /docker-entrypoint.d + +COPY docker-entrypoint.sh / +COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d +COPY 20-envsubst-on-templates.sh /docker-entrypoint.d +ENTRYPOINT ["/docker-entrypoint.sh"] + +EXPOSE 80 + +STOPSIGNAL SIGQUIT + +CMD ["nginx", "-g", "daemon off;"] diff --git a/images/nginx/mainline/alpine-perl/docker-entrypoint.sh b/images/nginx/mainline/alpine-perl/docker-entrypoint.sh new file mode 100755 index 00000000..88732541 --- /dev/null +++ b/images/nginx/mainline/alpine-perl/docker-entrypoint.sh @@ -0,0 +1,38 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +if [ -z "${NGINX_ENTRYPOINT_QUIET_LOGS:-}" ]; then + exec 3>&1 +else + exec 3>/dev/null +fi + +if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then + echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" + + echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" + find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + case "$f" in + *.sh) + if [ -x "$f" ]; then + echo >&3 "$0: Launching $f"; + "$f" + else + # warn on shell scripts without exec bit + echo >&3 "$0: Ignoring $f, not executable"; + fi + ;; + *) echo >&3 "$0: Ignoring $f";; + esac + done + + echo >&3 "$0: Configuration complete; ready for start up" + else + echo >&3 "$0: No files found in /docker-entrypoint.d/, skipping configuration" + fi +fi + +exec "$@" diff --git a/images/nginx/mainline/alpine/10-listen-on-ipv6-by-default.sh b/images/nginx/mainline/alpine/10-listen-on-ipv6-by-default.sh new file mode 100755 index 00000000..9585152b --- /dev/null +++ b/images/nginx/mainline/alpine/10-listen-on-ipv6-by-default.sh @@ -0,0 +1,61 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +ME=$(basename $0) +DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" + +# check if we have ipv6 available +if [ ! -f "/proc/net/if_inet6" ]; then + echo >&3 "$ME: info: ipv6 not available" + exit 0 +fi + +if [ ! -f "/$DEFAULT_CONF_FILE" ]; then + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE is not a file or does not exist" + exit 0 +fi + +# check if the file can be modified, e.g. not on a r/o filesystem +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: info: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } + +# check if the file is already modified, e.g. on a container restart +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } + +if [ -f "/etc/os-release" ]; then + . /etc/os-release +else + echo >&3 "$ME: info: can not guess the operating system" + exit 0 +fi + +echo >&3 "$ME: info: Getting the checksum of /$DEFAULT_CONF_FILE" + +case "$ID" in + "debian") + CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" + exit 0 + } + ;; + "alpine") + CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" + exit 0 + } + ;; + *) + echo >&3 "$ME: info: Unsupported distribution" + exit 0 + ;; +esac + +# enable ipv6 on default.conf listen sockets +sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE + +echo >&3 "$ME: info: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" + +exit 0 diff --git a/images/nginx/mainline/alpine/20-envsubst-on-templates.sh b/images/nginx/mainline/alpine/20-envsubst-on-templates.sh new file mode 100755 index 00000000..4f330295 --- /dev/null +++ b/images/nginx/mainline/alpine/20-envsubst-on-templates.sh @@ -0,0 +1,32 @@ +#!/bin/sh + +set -e + +ME=$(basename $0) + +auto_envsubst() { + local template_dir="${NGINX_ENVSUBST_TEMPLATE_DIR:-/etc/nginx/templates}" + local suffix="${NGINX_ENVSUBST_TEMPLATE_SUFFIX:-.template}" + local output_dir="${NGINX_ENVSUBST_OUTPUT_DIR:-/etc/nginx/conf.d}" + + local template defined_envs relative_path output_path subdir + defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) + [ -d "$template_dir" ] || return 0 + if [ ! -w "$output_dir" ]; then + echo >&3 "$ME: ERROR: $template_dir exists, but $output_dir is not writable" + return 0 + fi + find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do + relative_path="${template#$template_dir/}" + output_path="$output_dir/${relative_path%$suffix}" + subdir=$(dirname "$relative_path") + # create a subdirectory where the template file exists + mkdir -p "$output_dir/$subdir" + echo >&3 "$ME: Running envsubst on $template to $output_path" + envsubst "$defined_envs" < "$template" > "$output_path" + done +} + +auto_envsubst + +exit 0 diff --git a/images/nginx/mainline/alpine/Dockerfile b/images/nginx/mainline/alpine/Dockerfile new file mode 100644 index 00000000..deafec08 --- /dev/null +++ b/images/nginx/mainline/alpine/Dockerfile @@ -0,0 +1,124 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "update.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# +FROM alpine:3.12 + +LABEL maintainer="NGINX Docker Maintainers " + +ENV NGINX_VERSION 1.19.6 +ENV NJS_VERSION 0.5.0 +ENV PKG_RELEASE 1 + +RUN set -x \ +# create nginx user/group first, to be consistent throughout docker variants + && addgroup -g 101 -S nginx \ + && adduser -S -D -H -u 101 -h /var/cache/nginx -s /sbin/nologin -G nginx -g nginx nginx \ + && apkArch="$(cat /etc/apk/arch)" \ + && nginxPackages=" \ + nginx=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-xslt=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-geoip=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-image-filter=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-r${PKG_RELEASE} \ + " \ + && case "$apkArch" in \ + x86_64) \ +# arches officially built by upstream + set -x \ + && KEY_SHA512="e7fa8303923d9b95db37a77ad46c68fd4755ff935d0a534d26eba83de193c76166c68bfe7f65471bf8881004ef4aa6df3e34689c305662750c0172fca5d8552a *stdin" \ + && apk add --no-cache --virtual .cert-deps \ + openssl \ + && wget -O /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub \ + && if [ "$(openssl rsa -pubin -in /tmp/nginx_signing.rsa.pub -text -noout | openssl sha512 -r)" = "$KEY_SHA512" ]; then \ + echo "key verification succeeded!"; \ + mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/; \ + else \ + echo "key verification failed!"; \ + exit 1; \ + fi \ + && apk del .cert-deps \ + && apk add -X "https://nginx.org/packages/mainline/alpine/v$(egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release)/main" --no-cache $nginxPackages \ + ;; \ + *) \ +# we're on an architecture upstream doesn't officially build for +# let's build binaries from the published packaging sources + set -x \ + && tempDir="$(mktemp -d)" \ + && chown nobody:nobody $tempDir \ + && apk add --no-cache --virtual .build-deps \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + pcre-dev \ + zlib-dev \ + linux-headers \ + libxslt-dev \ + gd-dev \ + geoip-dev \ + perl-dev \ + libedit-dev \ + mercurial \ + bash \ + alpine-sdk \ + findutils \ + && su nobody -s /bin/sh -c " \ + export HOME=${tempDir} \ + && cd ${tempDir} \ + && hg clone https://hg.nginx.org/pkg-oss \ + && cd pkg-oss \ + && hg up ${NGINX_VERSION}-${PKG_RELEASE} \ + && cd alpine \ + && make all \ + && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ + && abuild-sign -k ${tempDir}/.abuild/abuild-key.rsa ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz \ + " \ + && cp ${tempDir}/.abuild/abuild-key.rsa.pub /etc/apk/keys/ \ + && apk del .build-deps \ + && apk add -X ${tempDir}/packages/alpine/ --no-cache $nginxPackages \ + ;; \ + esac \ +# if we have leftovers from building, let's purge them (including extra, unnecessary build deps) + && if [ -n "$tempDir" ]; then rm -rf "$tempDir"; fi \ + && if [ -n "/etc/apk/keys/abuild-key.rsa.pub" ]; then rm -f /etc/apk/keys/abuild-key.rsa.pub; fi \ + && if [ -n "/etc/apk/keys/nginx_signing.rsa.pub" ]; then rm -f /etc/apk/keys/nginx_signing.rsa.pub; fi \ +# Bring in gettext so we can get `envsubst`, then throw +# the rest away. To do this, we need to install `gettext` +# then move `envsubst` out of the way so `gettext` can +# be deleted completely, then move `envsubst` back. + && apk add --no-cache --virtual .gettext gettext \ + && mv /usr/bin/envsubst /tmp/ \ + \ + && runDeps="$( \ + scanelf --needed --nobanner /tmp/envsubst \ + | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ + | sort -u \ + | xargs -r apk info --installed \ + | sort -u \ + )" \ + && apk add --no-cache $runDeps \ + && apk del .gettext \ + && mv /tmp/envsubst /usr/local/bin/ \ +# Bring in tzdata so users could set the timezones through the environment +# variables + && apk add --no-cache tzdata \ +# Bring in curl and ca-certificates to make registering on DNS SD easier + && apk add --no-cache curl ca-certificates \ +# forward request and error logs to docker log collector + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log \ +# create a docker-entrypoint.d directory + && mkdir /docker-entrypoint.d + +COPY docker-entrypoint.sh / +COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d +COPY 20-envsubst-on-templates.sh /docker-entrypoint.d +ENTRYPOINT ["/docker-entrypoint.sh"] + +EXPOSE 80 + +STOPSIGNAL SIGQUIT + +CMD ["nginx", "-g", "daemon off;"] diff --git a/images/nginx/mainline/alpine/docker-entrypoint.sh b/images/nginx/mainline/alpine/docker-entrypoint.sh new file mode 100755 index 00000000..88732541 --- /dev/null +++ b/images/nginx/mainline/alpine/docker-entrypoint.sh @@ -0,0 +1,38 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +if [ -z "${NGINX_ENTRYPOINT_QUIET_LOGS:-}" ]; then + exec 3>&1 +else + exec 3>/dev/null +fi + +if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then + echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" + + echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" + find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + case "$f" in + *.sh) + if [ -x "$f" ]; then + echo >&3 "$0: Launching $f"; + "$f" + else + # warn on shell scripts without exec bit + echo >&3 "$0: Ignoring $f, not executable"; + fi + ;; + *) echo >&3 "$0: Ignoring $f";; + esac + done + + echo >&3 "$0: Configuration complete; ready for start up" + else + echo >&3 "$0: No files found in /docker-entrypoint.d/, skipping configuration" + fi +fi + +exec "$@" diff --git a/images/nginx/mainline/debian-perl/10-listen-on-ipv6-by-default.sh b/images/nginx/mainline/debian-perl/10-listen-on-ipv6-by-default.sh new file mode 100755 index 00000000..9585152b --- /dev/null +++ b/images/nginx/mainline/debian-perl/10-listen-on-ipv6-by-default.sh @@ -0,0 +1,61 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +ME=$(basename $0) +DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" + +# check if we have ipv6 available +if [ ! -f "/proc/net/if_inet6" ]; then + echo >&3 "$ME: info: ipv6 not available" + exit 0 +fi + +if [ ! -f "/$DEFAULT_CONF_FILE" ]; then + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE is not a file or does not exist" + exit 0 +fi + +# check if the file can be modified, e.g. not on a r/o filesystem +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: info: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } + +# check if the file is already modified, e.g. on a container restart +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } + +if [ -f "/etc/os-release" ]; then + . /etc/os-release +else + echo >&3 "$ME: info: can not guess the operating system" + exit 0 +fi + +echo >&3 "$ME: info: Getting the checksum of /$DEFAULT_CONF_FILE" + +case "$ID" in + "debian") + CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" + exit 0 + } + ;; + "alpine") + CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" + exit 0 + } + ;; + *) + echo >&3 "$ME: info: Unsupported distribution" + exit 0 + ;; +esac + +# enable ipv6 on default.conf listen sockets +sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE + +echo >&3 "$ME: info: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" + +exit 0 diff --git a/images/nginx/mainline/debian-perl/20-envsubst-on-templates.sh b/images/nginx/mainline/debian-perl/20-envsubst-on-templates.sh new file mode 100755 index 00000000..4f330295 --- /dev/null +++ b/images/nginx/mainline/debian-perl/20-envsubst-on-templates.sh @@ -0,0 +1,32 @@ +#!/bin/sh + +set -e + +ME=$(basename $0) + +auto_envsubst() { + local template_dir="${NGINX_ENVSUBST_TEMPLATE_DIR:-/etc/nginx/templates}" + local suffix="${NGINX_ENVSUBST_TEMPLATE_SUFFIX:-.template}" + local output_dir="${NGINX_ENVSUBST_OUTPUT_DIR:-/etc/nginx/conf.d}" + + local template defined_envs relative_path output_path subdir + defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) + [ -d "$template_dir" ] || return 0 + if [ ! -w "$output_dir" ]; then + echo >&3 "$ME: ERROR: $template_dir exists, but $output_dir is not writable" + return 0 + fi + find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do + relative_path="${template#$template_dir/}" + output_path="$output_dir/${relative_path%$suffix}" + subdir=$(dirname "$relative_path") + # create a subdirectory where the template file exists + mkdir -p "$output_dir/$subdir" + echo >&3 "$ME: Running envsubst on $template to $output_path" + envsubst "$defined_envs" < "$template" > "$output_path" + done +} + +auto_envsubst + +exit 0 diff --git a/images/nginx/mainline/debian-perl/Dockerfile b/images/nginx/mainline/debian-perl/Dockerfile new file mode 100644 index 00000000..1f818c94 --- /dev/null +++ b/images/nginx/mainline/debian-perl/Dockerfile @@ -0,0 +1,116 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "update.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# +FROM debian:buster-slim + +LABEL maintainer="NGINX Docker Maintainers " + +ENV NGINX_VERSION 1.19.6 +ENV NJS_VERSION 0.5.0 +ENV PKG_RELEASE 1~buster + +RUN set -x \ +# create nginx user/group first, to be consistent throughout docker variants + && addgroup --system --gid 101 nginx \ + && adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos "nginx user" --shell /bin/false --uid 101 nginx \ + && apt-get update \ + && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 ca-certificates \ + && \ + NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ + found=''; \ + for server in \ + ha.pool.sks-keyservers.net \ + hkp://keyserver.ubuntu.com:80 \ + hkp://p80.pool.sks-keyservers.net:80 \ + pgp.mit.edu \ + ; do \ + echo "Fetching GPG key $NGINX_GPGKEY from $server"; \ + apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break; \ + done; \ + test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \ + apt-get remove --purge --auto-remove -y gnupg1 && rm -rf /var/lib/apt/lists/* \ + && dpkgArch="$(dpkg --print-architecture)" \ + && nginxPackages=" \ + nginx=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-xslt=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-geoip=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-perl=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-njs=${NGINX_VERSION}+${NJS_VERSION}-${PKG_RELEASE} \ + " \ + && case "$dpkgArch" in \ + amd64|i386|arm64) \ +# arches officialy built by upstream + echo "deb https://nginx.org/packages/mainline/debian/ buster nginx" >> /etc/apt/sources.list.d/nginx.list \ + && apt-get update \ + ;; \ + *) \ +# we're on an architecture upstream doesn't officially build for +# let's build binaries from the published source packages + echo "deb-src https://nginx.org/packages/mainline/debian/ buster nginx" >> /etc/apt/sources.list.d/nginx.list \ + \ +# new directory for storing sources and .deb files + && tempDir="$(mktemp -d)" \ + && chmod 777 "$tempDir" \ +# (777 to ensure APT's "_apt" user can access it too) + \ +# save list of currently-installed packages so build dependencies can be cleanly removed later + && savedAptMark="$(apt-mark showmanual)" \ + \ +# build .deb files from upstream's source packages (which are verified by apt-get) + && apt-get update \ + && apt-get build-dep -y $nginxPackages \ + && ( \ + cd "$tempDir" \ + && DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \ + apt-get source --compile $nginxPackages \ + ) \ +# we don't remove APT lists here because they get re-downloaded and removed later + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies +# (which is done after we install the built packages so we don't have to redownload any overlapping dependencies) + && apt-mark showmanual | xargs apt-mark auto > /dev/null \ + && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } \ + \ +# create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be) + && ls -lAFh "$tempDir" \ + && ( cd "$tempDir" && dpkg-scanpackages . > Packages ) \ + && grep '^Package: ' "$tempDir/Packages" \ + && echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list \ +# work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes") +# Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied) +# ... +# E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied) + && apt-get -o Acquire::GzipIndexes=false update \ + ;; \ + esac \ + \ + && apt-get install --no-install-recommends --no-install-suggests -y \ + $nginxPackages \ + gettext-base \ + curl \ + && apt-get remove --purge --auto-remove -y && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ + \ +# if we have leftovers from building, let's purge them (including extra, unnecessary build deps) + && if [ -n "$tempDir" ]; then \ + apt-get purge -y --auto-remove \ + && rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \ + fi \ +# forward request and error logs to docker log collector + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log \ +# create a docker-entrypoint.d directory + && mkdir /docker-entrypoint.d + +COPY docker-entrypoint.sh / +COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d +COPY 20-envsubst-on-templates.sh /docker-entrypoint.d +ENTRYPOINT ["/docker-entrypoint.sh"] + +EXPOSE 80 + +STOPSIGNAL SIGQUIT + +CMD ["nginx", "-g", "daemon off;"] diff --git a/images/nginx/mainline/debian-perl/docker-entrypoint.sh b/images/nginx/mainline/debian-perl/docker-entrypoint.sh new file mode 100755 index 00000000..88732541 --- /dev/null +++ b/images/nginx/mainline/debian-perl/docker-entrypoint.sh @@ -0,0 +1,38 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +if [ -z "${NGINX_ENTRYPOINT_QUIET_LOGS:-}" ]; then + exec 3>&1 +else + exec 3>/dev/null +fi + +if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then + echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" + + echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" + find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + case "$f" in + *.sh) + if [ -x "$f" ]; then + echo >&3 "$0: Launching $f"; + "$f" + else + # warn on shell scripts without exec bit + echo >&3 "$0: Ignoring $f, not executable"; + fi + ;; + *) echo >&3 "$0: Ignoring $f";; + esac + done + + echo >&3 "$0: Configuration complete; ready for start up" + else + echo >&3 "$0: No files found in /docker-entrypoint.d/, skipping configuration" + fi +fi + +exec "$@" diff --git a/images/nginx/mainline/debian/10-listen-on-ipv6-by-default.sh b/images/nginx/mainline/debian/10-listen-on-ipv6-by-default.sh new file mode 100755 index 00000000..9585152b --- /dev/null +++ b/images/nginx/mainline/debian/10-listen-on-ipv6-by-default.sh @@ -0,0 +1,61 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +ME=$(basename $0) +DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" + +# check if we have ipv6 available +if [ ! -f "/proc/net/if_inet6" ]; then + echo >&3 "$ME: info: ipv6 not available" + exit 0 +fi + +if [ ! -f "/$DEFAULT_CONF_FILE" ]; then + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE is not a file or does not exist" + exit 0 +fi + +# check if the file can be modified, e.g. not on a r/o filesystem +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: info: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } + +# check if the file is already modified, e.g. on a container restart +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } + +if [ -f "/etc/os-release" ]; then + . /etc/os-release +else + echo >&3 "$ME: info: can not guess the operating system" + exit 0 +fi + +echo >&3 "$ME: info: Getting the checksum of /$DEFAULT_CONF_FILE" + +case "$ID" in + "debian") + CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" + exit 0 + } + ;; + "alpine") + CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" + exit 0 + } + ;; + *) + echo >&3 "$ME: info: Unsupported distribution" + exit 0 + ;; +esac + +# enable ipv6 on default.conf listen sockets +sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE + +echo >&3 "$ME: info: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" + +exit 0 diff --git a/images/nginx/mainline/debian/20-envsubst-on-templates.sh b/images/nginx/mainline/debian/20-envsubst-on-templates.sh new file mode 100755 index 00000000..4f330295 --- /dev/null +++ b/images/nginx/mainline/debian/20-envsubst-on-templates.sh @@ -0,0 +1,32 @@ +#!/bin/sh + +set -e + +ME=$(basename $0) + +auto_envsubst() { + local template_dir="${NGINX_ENVSUBST_TEMPLATE_DIR:-/etc/nginx/templates}" + local suffix="${NGINX_ENVSUBST_TEMPLATE_SUFFIX:-.template}" + local output_dir="${NGINX_ENVSUBST_OUTPUT_DIR:-/etc/nginx/conf.d}" + + local template defined_envs relative_path output_path subdir + defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) + [ -d "$template_dir" ] || return 0 + if [ ! -w "$output_dir" ]; then + echo >&3 "$ME: ERROR: $template_dir exists, but $output_dir is not writable" + return 0 + fi + find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do + relative_path="${template#$template_dir/}" + output_path="$output_dir/${relative_path%$suffix}" + subdir=$(dirname "$relative_path") + # create a subdirectory where the template file exists + mkdir -p "$output_dir/$subdir" + echo >&3 "$ME: Running envsubst on $template to $output_path" + envsubst "$defined_envs" < "$template" > "$output_path" + done +} + +auto_envsubst + +exit 0 diff --git a/images/nginx/mainline/debian/Dockerfile b/images/nginx/mainline/debian/Dockerfile new file mode 100644 index 00000000..43d69701 --- /dev/null +++ b/images/nginx/mainline/debian/Dockerfile @@ -0,0 +1,115 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "update.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# +FROM debian:buster-slim + +LABEL maintainer="NGINX Docker Maintainers " + +ENV NGINX_VERSION 1.19.6 +ENV NJS_VERSION 0.5.0 +ENV PKG_RELEASE 1~buster + +RUN set -x \ +# create nginx user/group first, to be consistent throughout docker variants + && addgroup --system --gid 101 nginx \ + && adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos "nginx user" --shell /bin/false --uid 101 nginx \ + && apt-get update \ + && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 ca-certificates \ + && \ + NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ + found=''; \ + for server in \ + ha.pool.sks-keyservers.net \ + hkp://keyserver.ubuntu.com:80 \ + hkp://p80.pool.sks-keyservers.net:80 \ + pgp.mit.edu \ + ; do \ + echo "Fetching GPG key $NGINX_GPGKEY from $server"; \ + apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break; \ + done; \ + test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \ + apt-get remove --purge --auto-remove -y gnupg1 && rm -rf /var/lib/apt/lists/* \ + && dpkgArch="$(dpkg --print-architecture)" \ + && nginxPackages=" \ + nginx=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-xslt=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-geoip=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-njs=${NGINX_VERSION}+${NJS_VERSION}-${PKG_RELEASE} \ + " \ + && case "$dpkgArch" in \ + amd64|i386|arm64) \ +# arches officialy built by upstream + echo "deb https://nginx.org/packages/mainline/debian/ buster nginx" >> /etc/apt/sources.list.d/nginx.list \ + && apt-get update \ + ;; \ + *) \ +# we're on an architecture upstream doesn't officially build for +# let's build binaries from the published source packages + echo "deb-src https://nginx.org/packages/mainline/debian/ buster nginx" >> /etc/apt/sources.list.d/nginx.list \ + \ +# new directory for storing sources and .deb files + && tempDir="$(mktemp -d)" \ + && chmod 777 "$tempDir" \ +# (777 to ensure APT's "_apt" user can access it too) + \ +# save list of currently-installed packages so build dependencies can be cleanly removed later + && savedAptMark="$(apt-mark showmanual)" \ + \ +# build .deb files from upstream's source packages (which are verified by apt-get) + && apt-get update \ + && apt-get build-dep -y $nginxPackages \ + && ( \ + cd "$tempDir" \ + && DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \ + apt-get source --compile $nginxPackages \ + ) \ +# we don't remove APT lists here because they get re-downloaded and removed later + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies +# (which is done after we install the built packages so we don't have to redownload any overlapping dependencies) + && apt-mark showmanual | xargs apt-mark auto > /dev/null \ + && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } \ + \ +# create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be) + && ls -lAFh "$tempDir" \ + && ( cd "$tempDir" && dpkg-scanpackages . > Packages ) \ + && grep '^Package: ' "$tempDir/Packages" \ + && echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list \ +# work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes") +# Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied) +# ... +# E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied) + && apt-get -o Acquire::GzipIndexes=false update \ + ;; \ + esac \ + \ + && apt-get install --no-install-recommends --no-install-suggests -y \ + $nginxPackages \ + gettext-base \ + curl \ + && apt-get remove --purge --auto-remove -y && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ + \ +# if we have leftovers from building, let's purge them (including extra, unnecessary build deps) + && if [ -n "$tempDir" ]; then \ + apt-get purge -y --auto-remove \ + && rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \ + fi \ +# forward request and error logs to docker log collector + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log \ +# create a docker-entrypoint.d directory + && mkdir /docker-entrypoint.d + +COPY docker-entrypoint.sh / +COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d +COPY 20-envsubst-on-templates.sh /docker-entrypoint.d +ENTRYPOINT ["/docker-entrypoint.sh"] + +EXPOSE 80 + +STOPSIGNAL SIGQUIT + +CMD ["nginx", "-g", "daemon off;"] diff --git a/images/nginx/mainline/debian/docker-entrypoint.sh b/images/nginx/mainline/debian/docker-entrypoint.sh new file mode 100755 index 00000000..88732541 --- /dev/null +++ b/images/nginx/mainline/debian/docker-entrypoint.sh @@ -0,0 +1,38 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +if [ -z "${NGINX_ENTRYPOINT_QUIET_LOGS:-}" ]; then + exec 3>&1 +else + exec 3>/dev/null +fi + +if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then + echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" + + echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" + find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + case "$f" in + *.sh) + if [ -x "$f" ]; then + echo >&3 "$0: Launching $f"; + "$f" + else + # warn on shell scripts without exec bit + echo >&3 "$0: Ignoring $f, not executable"; + fi + ;; + *) echo >&3 "$0: Ignoring $f";; + esac + done + + echo >&3 "$0: Configuration complete; ready for start up" + else + echo >&3 "$0: No files found in /docker-entrypoint.d/, skipping configuration" + fi +fi + +exec "$@" diff --git a/images/nginx/nginx-http3 b/images/nginx/nginx-http3 new file mode 160000 index 00000000..a457a555 --- /dev/null +++ b/images/nginx/nginx-http3 @@ -0,0 +1 @@ +Subproject commit a457a555daea3349d0164556e231409fd6c663b9 diff --git a/images/nginx/stable/alpine-perl/10-listen-on-ipv6-by-default.sh b/images/nginx/stable/alpine-perl/10-listen-on-ipv6-by-default.sh new file mode 100755 index 00000000..9585152b --- /dev/null +++ b/images/nginx/stable/alpine-perl/10-listen-on-ipv6-by-default.sh @@ -0,0 +1,61 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +ME=$(basename $0) +DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" + +# check if we have ipv6 available +if [ ! -f "/proc/net/if_inet6" ]; then + echo >&3 "$ME: info: ipv6 not available" + exit 0 +fi + +if [ ! -f "/$DEFAULT_CONF_FILE" ]; then + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE is not a file or does not exist" + exit 0 +fi + +# check if the file can be modified, e.g. not on a r/o filesystem +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: info: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } + +# check if the file is already modified, e.g. on a container restart +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } + +if [ -f "/etc/os-release" ]; then + . /etc/os-release +else + echo >&3 "$ME: info: can not guess the operating system" + exit 0 +fi + +echo >&3 "$ME: info: Getting the checksum of /$DEFAULT_CONF_FILE" + +case "$ID" in + "debian") + CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" + exit 0 + } + ;; + "alpine") + CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" + exit 0 + } + ;; + *) + echo >&3 "$ME: info: Unsupported distribution" + exit 0 + ;; +esac + +# enable ipv6 on default.conf listen sockets +sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE + +echo >&3 "$ME: info: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" + +exit 0 diff --git a/images/nginx/stable/alpine-perl/20-envsubst-on-templates.sh b/images/nginx/stable/alpine-perl/20-envsubst-on-templates.sh new file mode 100755 index 00000000..4f330295 --- /dev/null +++ b/images/nginx/stable/alpine-perl/20-envsubst-on-templates.sh @@ -0,0 +1,32 @@ +#!/bin/sh + +set -e + +ME=$(basename $0) + +auto_envsubst() { + local template_dir="${NGINX_ENVSUBST_TEMPLATE_DIR:-/etc/nginx/templates}" + local suffix="${NGINX_ENVSUBST_TEMPLATE_SUFFIX:-.template}" + local output_dir="${NGINX_ENVSUBST_OUTPUT_DIR:-/etc/nginx/conf.d}" + + local template defined_envs relative_path output_path subdir + defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) + [ -d "$template_dir" ] || return 0 + if [ ! -w "$output_dir" ]; then + echo >&3 "$ME: ERROR: $template_dir exists, but $output_dir is not writable" + return 0 + fi + find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do + relative_path="${template#$template_dir/}" + output_path="$output_dir/${relative_path%$suffix}" + subdir=$(dirname "$relative_path") + # create a subdirectory where the template file exists + mkdir -p "$output_dir/$subdir" + echo >&3 "$ME: Running envsubst on $template to $output_path" + envsubst "$defined_envs" < "$template" > "$output_path" + done +} + +auto_envsubst + +exit 0 diff --git a/images/nginx/stable/alpine-perl/Dockerfile b/images/nginx/stable/alpine-perl/Dockerfile new file mode 100644 index 00000000..d86c2ccd --- /dev/null +++ b/images/nginx/stable/alpine-perl/Dockerfile @@ -0,0 +1,125 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "update.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# +FROM alpine:3.11 + +LABEL maintainer="NGINX Docker Maintainers " + +ENV NGINX_VERSION 1.18.0 +ENV NJS_VERSION 0.4.4 +ENV PKG_RELEASE 2 + +RUN set -x \ +# create nginx user/group first, to be consistent throughout docker variants + && addgroup -g 101 -S nginx \ + && adduser -S -D -H -u 101 -h /var/cache/nginx -s /sbin/nologin -G nginx -g nginx nginx \ + && apkArch="$(cat /etc/apk/arch)" \ + && nginxPackages=" \ + nginx=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-xslt=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-geoip=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-image-filter=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-perl=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-r${PKG_RELEASE} \ + " \ + && case "$apkArch" in \ + x86_64) \ +# arches officially built by upstream + set -x \ + && KEY_SHA512="e7fa8303923d9b95db37a77ad46c68fd4755ff935d0a534d26eba83de193c76166c68bfe7f65471bf8881004ef4aa6df3e34689c305662750c0172fca5d8552a *stdin" \ + && apk add --no-cache --virtual .cert-deps \ + openssl \ + && wget -O /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub \ + && if [ "$(openssl rsa -pubin -in /tmp/nginx_signing.rsa.pub -text -noout | openssl sha512 -r)" = "$KEY_SHA512" ]; then \ + echo "key verification succeeded!"; \ + mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/; \ + else \ + echo "key verification failed!"; \ + exit 1; \ + fi \ + && apk del .cert-deps \ + && apk add -X "https://nginx.org/packages/alpine/v$(egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release)/main" --no-cache $nginxPackages \ + ;; \ + *) \ +# we're on an architecture upstream doesn't officially build for +# let's build binaries from the published packaging sources + set -x \ + && tempDir="$(mktemp -d)" \ + && chown nobody:nobody $tempDir \ + && apk add --no-cache --virtual .build-deps \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + pcre-dev \ + zlib-dev \ + linux-headers \ + libxslt-dev \ + gd-dev \ + geoip-dev \ + perl-dev \ + libedit-dev \ + mercurial \ + bash \ + alpine-sdk \ + findutils \ + && su nobody -s /bin/sh -c " \ + export HOME=${tempDir} \ + && cd ${tempDir} \ + && hg clone https://hg.nginx.org/pkg-oss \ + && cd pkg-oss \ + && hg up ${NGINX_VERSION}-${PKG_RELEASE} \ + && cd alpine \ + && make all \ + && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ + && abuild-sign -k ${tempDir}/.abuild/abuild-key.rsa ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz \ + " \ + && cp ${tempDir}/.abuild/abuild-key.rsa.pub /etc/apk/keys/ \ + && apk del .build-deps \ + && apk add -X ${tempDir}/packages/alpine/ --no-cache $nginxPackages \ + ;; \ + esac \ +# if we have leftovers from building, let's purge them (including extra, unnecessary build deps) + && if [ -n "$tempDir" ]; then rm -rf "$tempDir"; fi \ + && if [ -n "/etc/apk/keys/abuild-key.rsa.pub" ]; then rm -f /etc/apk/keys/abuild-key.rsa.pub; fi \ + && if [ -n "/etc/apk/keys/nginx_signing.rsa.pub" ]; then rm -f /etc/apk/keys/nginx_signing.rsa.pub; fi \ +# Bring in gettext so we can get `envsubst`, then throw +# the rest away. To do this, we need to install `gettext` +# then move `envsubst` out of the way so `gettext` can +# be deleted completely, then move `envsubst` back. + && apk add --no-cache --virtual .gettext gettext \ + && mv /usr/bin/envsubst /tmp/ \ + \ + && runDeps="$( \ + scanelf --needed --nobanner /tmp/envsubst \ + | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ + | sort -u \ + | xargs -r apk info --installed \ + | sort -u \ + )" \ + && apk add --no-cache $runDeps \ + && apk del .gettext \ + && mv /tmp/envsubst /usr/local/bin/ \ +# Bring in tzdata so users could set the timezones through the environment +# variables + && apk add --no-cache tzdata \ +# Bring in curl and ca-certificates to make registering on DNS SD easier + && apk add --no-cache curl ca-certificates \ +# forward request and error logs to docker log collector + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log \ +# create a docker-entrypoint.d directory + && mkdir /docker-entrypoint.d + +COPY docker-entrypoint.sh / +COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d +COPY 20-envsubst-on-templates.sh /docker-entrypoint.d +ENTRYPOINT ["/docker-entrypoint.sh"] + +EXPOSE 80 + +STOPSIGNAL SIGQUIT + +CMD ["nginx", "-g", "daemon off;"] diff --git a/images/nginx/stable/alpine-perl/docker-entrypoint.sh b/images/nginx/stable/alpine-perl/docker-entrypoint.sh new file mode 100755 index 00000000..88732541 --- /dev/null +++ b/images/nginx/stable/alpine-perl/docker-entrypoint.sh @@ -0,0 +1,38 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +if [ -z "${NGINX_ENTRYPOINT_QUIET_LOGS:-}" ]; then + exec 3>&1 +else + exec 3>/dev/null +fi + +if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then + echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" + + echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" + find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + case "$f" in + *.sh) + if [ -x "$f" ]; then + echo >&3 "$0: Launching $f"; + "$f" + else + # warn on shell scripts without exec bit + echo >&3 "$0: Ignoring $f, not executable"; + fi + ;; + *) echo >&3 "$0: Ignoring $f";; + esac + done + + echo >&3 "$0: Configuration complete; ready for start up" + else + echo >&3 "$0: No files found in /docker-entrypoint.d/, skipping configuration" + fi +fi + +exec "$@" diff --git a/images/nginx/stable/alpine/10-listen-on-ipv6-by-default.sh b/images/nginx/stable/alpine/10-listen-on-ipv6-by-default.sh new file mode 100755 index 00000000..9585152b --- /dev/null +++ b/images/nginx/stable/alpine/10-listen-on-ipv6-by-default.sh @@ -0,0 +1,61 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +ME=$(basename $0) +DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" + +# check if we have ipv6 available +if [ ! -f "/proc/net/if_inet6" ]; then + echo >&3 "$ME: info: ipv6 not available" + exit 0 +fi + +if [ ! -f "/$DEFAULT_CONF_FILE" ]; then + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE is not a file or does not exist" + exit 0 +fi + +# check if the file can be modified, e.g. not on a r/o filesystem +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: info: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } + +# check if the file is already modified, e.g. on a container restart +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } + +if [ -f "/etc/os-release" ]; then + . /etc/os-release +else + echo >&3 "$ME: info: can not guess the operating system" + exit 0 +fi + +echo >&3 "$ME: info: Getting the checksum of /$DEFAULT_CONF_FILE" + +case "$ID" in + "debian") + CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" + exit 0 + } + ;; + "alpine") + CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" + exit 0 + } + ;; + *) + echo >&3 "$ME: info: Unsupported distribution" + exit 0 + ;; +esac + +# enable ipv6 on default.conf listen sockets +sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE + +echo >&3 "$ME: info: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" + +exit 0 diff --git a/images/nginx/stable/alpine/20-envsubst-on-templates.sh b/images/nginx/stable/alpine/20-envsubst-on-templates.sh new file mode 100755 index 00000000..4f330295 --- /dev/null +++ b/images/nginx/stable/alpine/20-envsubst-on-templates.sh @@ -0,0 +1,32 @@ +#!/bin/sh + +set -e + +ME=$(basename $0) + +auto_envsubst() { + local template_dir="${NGINX_ENVSUBST_TEMPLATE_DIR:-/etc/nginx/templates}" + local suffix="${NGINX_ENVSUBST_TEMPLATE_SUFFIX:-.template}" + local output_dir="${NGINX_ENVSUBST_OUTPUT_DIR:-/etc/nginx/conf.d}" + + local template defined_envs relative_path output_path subdir + defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) + [ -d "$template_dir" ] || return 0 + if [ ! -w "$output_dir" ]; then + echo >&3 "$ME: ERROR: $template_dir exists, but $output_dir is not writable" + return 0 + fi + find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do + relative_path="${template#$template_dir/}" + output_path="$output_dir/${relative_path%$suffix}" + subdir=$(dirname "$relative_path") + # create a subdirectory where the template file exists + mkdir -p "$output_dir/$subdir" + echo >&3 "$ME: Running envsubst on $template to $output_path" + envsubst "$defined_envs" < "$template" > "$output_path" + done +} + +auto_envsubst + +exit 0 diff --git a/images/nginx/stable/alpine/Dockerfile b/images/nginx/stable/alpine/Dockerfile new file mode 100644 index 00000000..bd34cfb1 --- /dev/null +++ b/images/nginx/stable/alpine/Dockerfile @@ -0,0 +1,124 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "update.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# +FROM alpine:3.11 + +LABEL maintainer="NGINX Docker Maintainers " + +ENV NGINX_VERSION 1.18.0 +ENV NJS_VERSION 0.4.4 +ENV PKG_RELEASE 2 + +RUN set -x \ +# create nginx user/group first, to be consistent throughout docker variants + && addgroup -g 101 -S nginx \ + && adduser -S -D -H -u 101 -h /var/cache/nginx -s /sbin/nologin -G nginx -g nginx nginx \ + && apkArch="$(cat /etc/apk/arch)" \ + && nginxPackages=" \ + nginx=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-xslt=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-geoip=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-image-filter=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-r${PKG_RELEASE} \ + " \ + && case "$apkArch" in \ + x86_64) \ +# arches officially built by upstream + set -x \ + && KEY_SHA512="e7fa8303923d9b95db37a77ad46c68fd4755ff935d0a534d26eba83de193c76166c68bfe7f65471bf8881004ef4aa6df3e34689c305662750c0172fca5d8552a *stdin" \ + && apk add --no-cache --virtual .cert-deps \ + openssl \ + && wget -O /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub \ + && if [ "$(openssl rsa -pubin -in /tmp/nginx_signing.rsa.pub -text -noout | openssl sha512 -r)" = "$KEY_SHA512" ]; then \ + echo "key verification succeeded!"; \ + mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/; \ + else \ + echo "key verification failed!"; \ + exit 1; \ + fi \ + && apk del .cert-deps \ + && apk add -X "https://nginx.org/packages/alpine/v$(egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release)/main" --no-cache $nginxPackages \ + ;; \ + *) \ +# we're on an architecture upstream doesn't officially build for +# let's build binaries from the published packaging sources + set -x \ + && tempDir="$(mktemp -d)" \ + && chown nobody:nobody $tempDir \ + && apk add --no-cache --virtual .build-deps \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + pcre-dev \ + zlib-dev \ + linux-headers \ + libxslt-dev \ + gd-dev \ + geoip-dev \ + perl-dev \ + libedit-dev \ + mercurial \ + bash \ + alpine-sdk \ + findutils \ + && su nobody -s /bin/sh -c " \ + export HOME=${tempDir} \ + && cd ${tempDir} \ + && hg clone https://hg.nginx.org/pkg-oss \ + && cd pkg-oss \ + && hg up ${NGINX_VERSION}-${PKG_RELEASE} \ + && cd alpine \ + && make all \ + && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ + && abuild-sign -k ${tempDir}/.abuild/abuild-key.rsa ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz \ + " \ + && cp ${tempDir}/.abuild/abuild-key.rsa.pub /etc/apk/keys/ \ + && apk del .build-deps \ + && apk add -X ${tempDir}/packages/alpine/ --no-cache $nginxPackages \ + ;; \ + esac \ +# if we have leftovers from building, let's purge them (including extra, unnecessary build deps) + && if [ -n "$tempDir" ]; then rm -rf "$tempDir"; fi \ + && if [ -n "/etc/apk/keys/abuild-key.rsa.pub" ]; then rm -f /etc/apk/keys/abuild-key.rsa.pub; fi \ + && if [ -n "/etc/apk/keys/nginx_signing.rsa.pub" ]; then rm -f /etc/apk/keys/nginx_signing.rsa.pub; fi \ +# Bring in gettext so we can get `envsubst`, then throw +# the rest away. To do this, we need to install `gettext` +# then move `envsubst` out of the way so `gettext` can +# be deleted completely, then move `envsubst` back. + && apk add --no-cache --virtual .gettext gettext \ + && mv /usr/bin/envsubst /tmp/ \ + \ + && runDeps="$( \ + scanelf --needed --nobanner /tmp/envsubst \ + | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ + | sort -u \ + | xargs -r apk info --installed \ + | sort -u \ + )" \ + && apk add --no-cache $runDeps \ + && apk del .gettext \ + && mv /tmp/envsubst /usr/local/bin/ \ +# Bring in tzdata so users could set the timezones through the environment +# variables + && apk add --no-cache tzdata \ +# Bring in curl and ca-certificates to make registering on DNS SD easier + && apk add --no-cache curl ca-certificates \ +# forward request and error logs to docker log collector + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log \ +# create a docker-entrypoint.d directory + && mkdir /docker-entrypoint.d + +COPY docker-entrypoint.sh / +COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d +COPY 20-envsubst-on-templates.sh /docker-entrypoint.d +ENTRYPOINT ["/docker-entrypoint.sh"] + +EXPOSE 80 + +STOPSIGNAL SIGQUIT + +CMD ["nginx", "-g", "daemon off;"] diff --git a/images/nginx/stable/alpine/docker-entrypoint.sh b/images/nginx/stable/alpine/docker-entrypoint.sh new file mode 100755 index 00000000..88732541 --- /dev/null +++ b/images/nginx/stable/alpine/docker-entrypoint.sh @@ -0,0 +1,38 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +if [ -z "${NGINX_ENTRYPOINT_QUIET_LOGS:-}" ]; then + exec 3>&1 +else + exec 3>/dev/null +fi + +if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then + echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" + + echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" + find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + case "$f" in + *.sh) + if [ -x "$f" ]; then + echo >&3 "$0: Launching $f"; + "$f" + else + # warn on shell scripts without exec bit + echo >&3 "$0: Ignoring $f, not executable"; + fi + ;; + *) echo >&3 "$0: Ignoring $f";; + esac + done + + echo >&3 "$0: Configuration complete; ready for start up" + else + echo >&3 "$0: No files found in /docker-entrypoint.d/, skipping configuration" + fi +fi + +exec "$@" diff --git a/images/nginx/stable/debian-perl/10-listen-on-ipv6-by-default.sh b/images/nginx/stable/debian-perl/10-listen-on-ipv6-by-default.sh new file mode 100755 index 00000000..9585152b --- /dev/null +++ b/images/nginx/stable/debian-perl/10-listen-on-ipv6-by-default.sh @@ -0,0 +1,61 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +ME=$(basename $0) +DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" + +# check if we have ipv6 available +if [ ! -f "/proc/net/if_inet6" ]; then + echo >&3 "$ME: info: ipv6 not available" + exit 0 +fi + +if [ ! -f "/$DEFAULT_CONF_FILE" ]; then + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE is not a file or does not exist" + exit 0 +fi + +# check if the file can be modified, e.g. not on a r/o filesystem +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: info: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } + +# check if the file is already modified, e.g. on a container restart +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } + +if [ -f "/etc/os-release" ]; then + . /etc/os-release +else + echo >&3 "$ME: info: can not guess the operating system" + exit 0 +fi + +echo >&3 "$ME: info: Getting the checksum of /$DEFAULT_CONF_FILE" + +case "$ID" in + "debian") + CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" + exit 0 + } + ;; + "alpine") + CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" + exit 0 + } + ;; + *) + echo >&3 "$ME: info: Unsupported distribution" + exit 0 + ;; +esac + +# enable ipv6 on default.conf listen sockets +sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE + +echo >&3 "$ME: info: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" + +exit 0 diff --git a/images/nginx/stable/debian-perl/20-envsubst-on-templates.sh b/images/nginx/stable/debian-perl/20-envsubst-on-templates.sh new file mode 100755 index 00000000..4f330295 --- /dev/null +++ b/images/nginx/stable/debian-perl/20-envsubst-on-templates.sh @@ -0,0 +1,32 @@ +#!/bin/sh + +set -e + +ME=$(basename $0) + +auto_envsubst() { + local template_dir="${NGINX_ENVSUBST_TEMPLATE_DIR:-/etc/nginx/templates}" + local suffix="${NGINX_ENVSUBST_TEMPLATE_SUFFIX:-.template}" + local output_dir="${NGINX_ENVSUBST_OUTPUT_DIR:-/etc/nginx/conf.d}" + + local template defined_envs relative_path output_path subdir + defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) + [ -d "$template_dir" ] || return 0 + if [ ! -w "$output_dir" ]; then + echo >&3 "$ME: ERROR: $template_dir exists, but $output_dir is not writable" + return 0 + fi + find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do + relative_path="${template#$template_dir/}" + output_path="$output_dir/${relative_path%$suffix}" + subdir=$(dirname "$relative_path") + # create a subdirectory where the template file exists + mkdir -p "$output_dir/$subdir" + echo >&3 "$ME: Running envsubst on $template to $output_path" + envsubst "$defined_envs" < "$template" > "$output_path" + done +} + +auto_envsubst + +exit 0 diff --git a/images/nginx/stable/debian-perl/Dockerfile b/images/nginx/stable/debian-perl/Dockerfile new file mode 100644 index 00000000..9998d132 --- /dev/null +++ b/images/nginx/stable/debian-perl/Dockerfile @@ -0,0 +1,116 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "update.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# +FROM debian:buster-slim + +LABEL maintainer="NGINX Docker Maintainers " + +ENV NGINX_VERSION 1.18.0 +ENV NJS_VERSION 0.4.4 +ENV PKG_RELEASE 2~buster + +RUN set -x \ +# create nginx user/group first, to be consistent throughout docker variants + && addgroup --system --gid 101 nginx \ + && adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos "nginx user" --shell /bin/false --uid 101 nginx \ + && apt-get update \ + && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 ca-certificates \ + && \ + NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ + found=''; \ + for server in \ + ha.pool.sks-keyservers.net \ + hkp://keyserver.ubuntu.com:80 \ + hkp://p80.pool.sks-keyservers.net:80 \ + pgp.mit.edu \ + ; do \ + echo "Fetching GPG key $NGINX_GPGKEY from $server"; \ + apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break; \ + done; \ + test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \ + apt-get remove --purge --auto-remove -y gnupg1 && rm -rf /var/lib/apt/lists/* \ + && dpkgArch="$(dpkg --print-architecture)" \ + && nginxPackages=" \ + nginx=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-xslt=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-geoip=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-perl=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-${PKG_RELEASE} \ + " \ + && case "$dpkgArch" in \ + amd64|i386|arm64) \ +# arches officialy built by upstream + echo "deb https://nginx.org/packages/debian/ buster nginx" >> /etc/apt/sources.list.d/nginx.list \ + && apt-get update \ + ;; \ + *) \ +# we're on an architecture upstream doesn't officially build for +# let's build binaries from the published source packages + echo "deb-src https://nginx.org/packages/debian/ buster nginx" >> /etc/apt/sources.list.d/nginx.list \ + \ +# new directory for storing sources and .deb files + && tempDir="$(mktemp -d)" \ + && chmod 777 "$tempDir" \ +# (777 to ensure APT's "_apt" user can access it too) + \ +# save list of currently-installed packages so build dependencies can be cleanly removed later + && savedAptMark="$(apt-mark showmanual)" \ + \ +# build .deb files from upstream's source packages (which are verified by apt-get) + && apt-get update \ + && apt-get build-dep -y $nginxPackages \ + && ( \ + cd "$tempDir" \ + && DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \ + apt-get source --compile $nginxPackages \ + ) \ +# we don't remove APT lists here because they get re-downloaded and removed later + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies +# (which is done after we install the built packages so we don't have to redownload any overlapping dependencies) + && apt-mark showmanual | xargs apt-mark auto > /dev/null \ + && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } \ + \ +# create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be) + && ls -lAFh "$tempDir" \ + && ( cd "$tempDir" && dpkg-scanpackages . > Packages ) \ + && grep '^Package: ' "$tempDir/Packages" \ + && echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list \ +# work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes") +# Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied) +# ... +# E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied) + && apt-get -o Acquire::GzipIndexes=false update \ + ;; \ + esac \ + \ + && apt-get install --no-install-recommends --no-install-suggests -y \ + $nginxPackages \ + gettext-base \ + curl \ + && apt-get remove --purge --auto-remove -y && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ + \ +# if we have leftovers from building, let's purge them (including extra, unnecessary build deps) + && if [ -n "$tempDir" ]; then \ + apt-get purge -y --auto-remove \ + && rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \ + fi \ +# forward request and error logs to docker log collector + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log \ +# create a docker-entrypoint.d directory + && mkdir /docker-entrypoint.d + +COPY docker-entrypoint.sh / +COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d +COPY 20-envsubst-on-templates.sh /docker-entrypoint.d +ENTRYPOINT ["/docker-entrypoint.sh"] + +EXPOSE 80 + +STOPSIGNAL SIGQUIT + +CMD ["nginx", "-g", "daemon off;"] diff --git a/images/nginx/stable/debian-perl/docker-entrypoint.sh b/images/nginx/stable/debian-perl/docker-entrypoint.sh new file mode 100755 index 00000000..88732541 --- /dev/null +++ b/images/nginx/stable/debian-perl/docker-entrypoint.sh @@ -0,0 +1,38 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +if [ -z "${NGINX_ENTRYPOINT_QUIET_LOGS:-}" ]; then + exec 3>&1 +else + exec 3>/dev/null +fi + +if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then + echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" + + echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" + find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + case "$f" in + *.sh) + if [ -x "$f" ]; then + echo >&3 "$0: Launching $f"; + "$f" + else + # warn on shell scripts without exec bit + echo >&3 "$0: Ignoring $f, not executable"; + fi + ;; + *) echo >&3 "$0: Ignoring $f";; + esac + done + + echo >&3 "$0: Configuration complete; ready for start up" + else + echo >&3 "$0: No files found in /docker-entrypoint.d/, skipping configuration" + fi +fi + +exec "$@" diff --git a/images/nginx/stable/debian/10-listen-on-ipv6-by-default.sh b/images/nginx/stable/debian/10-listen-on-ipv6-by-default.sh new file mode 100755 index 00000000..9585152b --- /dev/null +++ b/images/nginx/stable/debian/10-listen-on-ipv6-by-default.sh @@ -0,0 +1,61 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +ME=$(basename $0) +DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" + +# check if we have ipv6 available +if [ ! -f "/proc/net/if_inet6" ]; then + echo >&3 "$ME: info: ipv6 not available" + exit 0 +fi + +if [ ! -f "/$DEFAULT_CONF_FILE" ]; then + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE is not a file or does not exist" + exit 0 +fi + +# check if the file can be modified, e.g. not on a r/o filesystem +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: info: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } + +# check if the file is already modified, e.g. on a container restart +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } + +if [ -f "/etc/os-release" ]; then + . /etc/os-release +else + echo >&3 "$ME: info: can not guess the operating system" + exit 0 +fi + +echo >&3 "$ME: info: Getting the checksum of /$DEFAULT_CONF_FILE" + +case "$ID" in + "debian") + CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" + exit 0 + } + ;; + "alpine") + CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" + exit 0 + } + ;; + *) + echo >&3 "$ME: info: Unsupported distribution" + exit 0 + ;; +esac + +# enable ipv6 on default.conf listen sockets +sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE + +echo >&3 "$ME: info: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" + +exit 0 diff --git a/images/nginx/stable/debian/20-envsubst-on-templates.sh b/images/nginx/stable/debian/20-envsubst-on-templates.sh new file mode 100755 index 00000000..4f330295 --- /dev/null +++ b/images/nginx/stable/debian/20-envsubst-on-templates.sh @@ -0,0 +1,32 @@ +#!/bin/sh + +set -e + +ME=$(basename $0) + +auto_envsubst() { + local template_dir="${NGINX_ENVSUBST_TEMPLATE_DIR:-/etc/nginx/templates}" + local suffix="${NGINX_ENVSUBST_TEMPLATE_SUFFIX:-.template}" + local output_dir="${NGINX_ENVSUBST_OUTPUT_DIR:-/etc/nginx/conf.d}" + + local template defined_envs relative_path output_path subdir + defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) + [ -d "$template_dir" ] || return 0 + if [ ! -w "$output_dir" ]; then + echo >&3 "$ME: ERROR: $template_dir exists, but $output_dir is not writable" + return 0 + fi + find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do + relative_path="${template#$template_dir/}" + output_path="$output_dir/${relative_path%$suffix}" + subdir=$(dirname "$relative_path") + # create a subdirectory where the template file exists + mkdir -p "$output_dir/$subdir" + echo >&3 "$ME: Running envsubst on $template to $output_path" + envsubst "$defined_envs" < "$template" > "$output_path" + done +} + +auto_envsubst + +exit 0 diff --git a/images/nginx/stable/debian/Dockerfile b/images/nginx/stable/debian/Dockerfile new file mode 100644 index 00000000..a4b6b7f0 --- /dev/null +++ b/images/nginx/stable/debian/Dockerfile @@ -0,0 +1,115 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "update.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# +FROM debian:buster-slim + +LABEL maintainer="NGINX Docker Maintainers " + +ENV NGINX_VERSION 1.18.0 +ENV NJS_VERSION 0.4.4 +ENV PKG_RELEASE 2~buster + +RUN set -x \ +# create nginx user/group first, to be consistent throughout docker variants + && addgroup --system --gid 101 nginx \ + && adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos "nginx user" --shell /bin/false --uid 101 nginx \ + && apt-get update \ + && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 ca-certificates \ + && \ + NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ + found=''; \ + for server in \ + ha.pool.sks-keyservers.net \ + hkp://keyserver.ubuntu.com:80 \ + hkp://p80.pool.sks-keyservers.net:80 \ + pgp.mit.edu \ + ; do \ + echo "Fetching GPG key $NGINX_GPGKEY from $server"; \ + apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break; \ + done; \ + test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \ + apt-get remove --purge --auto-remove -y gnupg1 && rm -rf /var/lib/apt/lists/* \ + && dpkgArch="$(dpkg --print-architecture)" \ + && nginxPackages=" \ + nginx=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-xslt=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-geoip=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-${PKG_RELEASE} \ + " \ + && case "$dpkgArch" in \ + amd64|i386|arm64) \ +# arches officialy built by upstream + echo "deb https://nginx.org/packages/debian/ buster nginx" >> /etc/apt/sources.list.d/nginx.list \ + && apt-get update \ + ;; \ + *) \ +# we're on an architecture upstream doesn't officially build for +# let's build binaries from the published source packages + echo "deb-src https://nginx.org/packages/debian/ buster nginx" >> /etc/apt/sources.list.d/nginx.list \ + \ +# new directory for storing sources and .deb files + && tempDir="$(mktemp -d)" \ + && chmod 777 "$tempDir" \ +# (777 to ensure APT's "_apt" user can access it too) + \ +# save list of currently-installed packages so build dependencies can be cleanly removed later + && savedAptMark="$(apt-mark showmanual)" \ + \ +# build .deb files from upstream's source packages (which are verified by apt-get) + && apt-get update \ + && apt-get build-dep -y $nginxPackages \ + && ( \ + cd "$tempDir" \ + && DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \ + apt-get source --compile $nginxPackages \ + ) \ +# we don't remove APT lists here because they get re-downloaded and removed later + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies +# (which is done after we install the built packages so we don't have to redownload any overlapping dependencies) + && apt-mark showmanual | xargs apt-mark auto > /dev/null \ + && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } \ + \ +# create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be) + && ls -lAFh "$tempDir" \ + && ( cd "$tempDir" && dpkg-scanpackages . > Packages ) \ + && grep '^Package: ' "$tempDir/Packages" \ + && echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list \ +# work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes") +# Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied) +# ... +# E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied) + && apt-get -o Acquire::GzipIndexes=false update \ + ;; \ + esac \ + \ + && apt-get install --no-install-recommends --no-install-suggests -y \ + $nginxPackages \ + gettext-base \ + curl \ + && apt-get remove --purge --auto-remove -y && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ + \ +# if we have leftovers from building, let's purge them (including extra, unnecessary build deps) + && if [ -n "$tempDir" ]; then \ + apt-get purge -y --auto-remove \ + && rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \ + fi \ +# forward request and error logs to docker log collector + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log \ +# create a docker-entrypoint.d directory + && mkdir /docker-entrypoint.d + +COPY docker-entrypoint.sh / +COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d +COPY 20-envsubst-on-templates.sh /docker-entrypoint.d +ENTRYPOINT ["/docker-entrypoint.sh"] + +EXPOSE 80 + +STOPSIGNAL SIGQUIT + +CMD ["nginx", "-g", "daemon off;"] diff --git a/images/nginx/stable/debian/docker-entrypoint.sh b/images/nginx/stable/debian/docker-entrypoint.sh new file mode 100755 index 00000000..88732541 --- /dev/null +++ b/images/nginx/stable/debian/docker-entrypoint.sh @@ -0,0 +1,38 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +if [ -z "${NGINX_ENTRYPOINT_QUIET_LOGS:-}" ]; then + exec 3>&1 +else + exec 3>/dev/null +fi + +if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then + echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" + + echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" + find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + case "$f" in + *.sh) + if [ -x "$f" ]; then + echo >&3 "$0: Launching $f"; + "$f" + else + # warn on shell scripts without exec bit + echo >&3 "$0: Ignoring $f, not executable"; + fi + ;; + *) echo >&3 "$0: Ignoring $f";; + esac + done + + echo >&3 "$0: Configuration complete; ready for start up" + else + echo >&3 "$0: No files found in /docker-entrypoint.d/, skipping configuration" + fi +fi + +exec "$@" diff --git a/images/openresty/Dockerfile b/images/openresty/Dockerfile new file mode 100644 index 00000000..74c918f5 --- /dev/null +++ b/images/openresty/Dockerfile @@ -0,0 +1,165 @@ +# Dockerfile - alpine +# https://github.com/openresty/docker-openresty + +ARG RESTY_IMAGE_BASE="alpine" +ARG RESTY_IMAGE_TAG="3.12" + +FROM ${RESTY_IMAGE_BASE}:${RESTY_IMAGE_TAG} + +LABEL maintainer="Evan Wies " + +# Docker Build Arguments +ARG RESTY_IMAGE_BASE="alpine" +ARG RESTY_IMAGE_TAG="3.12" +ARG RESTY_VERSION="1.19.3.1" +ARG RESTY_OPENSSL_VERSION="1.1.1i" +ARG RESTY_OPENSSL_PATCH_VERSION="1.1.1f" +ARG RESTY_OPENSSL_URL_BASE="https://www.openssl.org/source" +ARG RESTY_PCRE_VERSION="8.44" +ARG RESTY_J="1" +ARG RESTY_CONFIG_OPTIONS="\ + --with-compat \ + --with-file-aio \ + --with-http_addition_module \ + --with-http_auth_request_module \ + --with-http_dav_module \ + --with-http_flv_module \ + --with-http_geoip_module=dynamic \ + --with-http_gunzip_module \ + --with-http_gzip_static_module \ + --with-http_image_filter_module=dynamic \ + --with-http_mp4_module \ + --with-http_random_index_module \ + --with-http_realip_module \ + --with-http_secure_link_module \ + --with-http_slice_module \ + --with-http_ssl_module \ + --with-http_stub_status_module \ + --with-http_sub_module \ + --with-http_v2_module \ + --with-http_xslt_module=dynamic \ + --with-ipv6 \ + --with-mail \ + --with-mail_ssl_module \ + --with-md5-asm \ + --with-pcre-jit \ + --with-sha1-asm \ + --with-stream \ + --with-stream_ssl_module \ + --with-threads \ + " +ARG RESTY_CONFIG_OPTIONS_MORE="" +ARG RESTY_LUAJIT_OPTIONS="--with-luajit-xcflags='-DLUAJIT_NUMMODE=2 -DLUAJIT_ENABLE_LUA52COMPAT'" + +ARG RESTY_ADD_PACKAGE_BUILDDEPS="" +ARG RESTY_ADD_PACKAGE_RUNDEPS="" +ARG RESTY_EVAL_PRE_CONFIGURE="" +ARG RESTY_EVAL_POST_MAKE="" + +# These are not intended to be user-specified +ARG _RESTY_CONFIG_DEPS="--with-pcre \ + --with-cc-opt='-DNGX_LUA_ABORT_AT_PANIC -I/usr/local/openresty/pcre/include -I/usr/local/openresty/openssl/include' \ + --with-ld-opt='-L/usr/local/openresty/pcre/lib -L/usr/local/openresty/openssl/lib -Wl,-rpath,/usr/local/openresty/pcre/lib:/usr/local/openresty/openssl/lib' \ + " + +LABEL resty_image_base="${RESTY_IMAGE_BASE}" +LABEL resty_image_tag="${RESTY_IMAGE_TAG}" +LABEL resty_version="${RESTY_VERSION}" +LABEL resty_openssl_version="${RESTY_OPENSSL_VERSION}" +LABEL resty_openssl_patch_version="${RESTY_OPENSSL_PATCH_VERSION}" +LABEL resty_openssl_url_base="${RESTY_OPENSSL_URL_BASE}" +LABEL resty_pcre_version="${RESTY_PCRE_VERSION}" +LABEL resty_config_options="${RESTY_CONFIG_OPTIONS}" +LABEL resty_config_options_more="${RESTY_CONFIG_OPTIONS_MORE}" +LABEL resty_config_deps="${_RESTY_CONFIG_DEPS}" +LABEL resty_add_package_builddeps="${RESTY_ADD_PACKAGE_BUILDDEPS}" +LABEL resty_add_package_rundeps="${RESTY_ADD_PACKAGE_RUNDEPS}" +LABEL resty_eval_pre_configure="${RESTY_EVAL_PRE_CONFIGURE}" +LABEL resty_eval_post_make="${RESTY_EVAL_POST_MAKE}" + + +RUN apk add --no-cache --virtual .build-deps \ + build-base \ + coreutils \ + curl \ + gd-dev \ + geoip-dev \ + libxslt-dev \ + linux-headers \ + make \ + perl-dev \ + readline-dev \ + zlib-dev \ + ${RESTY_ADD_PACKAGE_BUILDDEPS} \ + && apk add --no-cache \ + gd \ + geoip \ + libgcc \ + libxslt \ + zlib \ + ${RESTY_ADD_PACKAGE_RUNDEPS} \ + && cd /tmp \ + && if [ -n "${RESTY_EVAL_PRE_CONFIGURE}" ]; then eval $(echo ${RESTY_EVAL_PRE_CONFIGURE}); fi \ + && cd /tmp \ + && curl -fSL "${RESTY_OPENSSL_URL_BASE}/openssl-${RESTY_OPENSSL_VERSION}.tar.gz" -o openssl-${RESTY_OPENSSL_VERSION}.tar.gz \ + && tar xzf openssl-${RESTY_OPENSSL_VERSION}.tar.gz \ + && cd openssl-${RESTY_OPENSSL_VERSION} \ + && if [ $(echo ${RESTY_OPENSSL_VERSION} | cut -c 1-5) = "1.1.1" ] ; then \ + echo 'patching OpenSSL 1.1.1 for OpenResty' \ + && curl -s https://raw.githubusercontent.com/openresty/openresty/master/patches/openssl-${RESTY_OPENSSL_PATCH_VERSION}-sess_set_get_cb_yield.patch | patch -p1 ; \ + fi \ + && if [ $(echo ${RESTY_OPENSSL_VERSION} | cut -c 1-5) = "1.1.0" ] ; then \ + echo 'patching OpenSSL 1.1.0 for OpenResty' \ + && curl -s https://raw.githubusercontent.com/openresty/openresty/ed328977028c3ec3033bc25873ee360056e247cd/patches/openssl-1.1.0j-parallel_build_fix.patch | patch -p1 \ + && curl -s https://raw.githubusercontent.com/openresty/openresty/master/patches/openssl-${RESTY_OPENSSL_PATCH_VERSION}-sess_set_get_cb_yield.patch | patch -p1 ; \ + fi \ + && ./config \ + no-threads shared zlib -g \ + enable-ssl3 enable-ssl3-method \ + --prefix=/usr/local/openresty/openssl \ + --libdir=lib \ + -Wl,-rpath,/usr/local/openresty/openssl/lib \ + && make -j${RESTY_J} \ + && make -j${RESTY_J} install_sw \ + && cd /tmp \ + && curl -fSL https://ftp.pcre.org/pub/pcre/pcre-${RESTY_PCRE_VERSION}.tar.gz -o pcre-${RESTY_PCRE_VERSION}.tar.gz \ + && tar xzf pcre-${RESTY_PCRE_VERSION}.tar.gz \ + && cd /tmp/pcre-${RESTY_PCRE_VERSION} \ + && ./configure \ + --prefix=/usr/local/openresty/pcre \ + --disable-cpp \ + --enable-jit \ + --enable-utf \ + --enable-unicode-properties \ + && make -j${RESTY_J} \ + && make -j${RESTY_J} install \ + && cd /tmp \ + && curl -fSL https://openresty.org/download/openresty-${RESTY_VERSION}.tar.gz -o openresty-${RESTY_VERSION}.tar.gz \ + && tar xzf openresty-${RESTY_VERSION}.tar.gz \ + && cd /tmp/openresty-${RESTY_VERSION} \ + && eval ./configure -j${RESTY_J} ${_RESTY_CONFIG_DEPS} ${RESTY_CONFIG_OPTIONS} ${RESTY_CONFIG_OPTIONS_MORE} ${RESTY_LUAJIT_OPTIONS} \ + && make -j${RESTY_J} \ + && make -j${RESTY_J} install \ + && cd /tmp \ + && if [ -n "${RESTY_EVAL_POST_MAKE}" ]; then eval $(echo ${RESTY_EVAL_POST_MAKE}); fi \ + && rm -rf \ + openssl-${RESTY_OPENSSL_VERSION}.tar.gz openssl-${RESTY_OPENSSL_VERSION} \ + pcre-${RESTY_PCRE_VERSION}.tar.gz pcre-${RESTY_PCRE_VERSION} \ + openresty-${RESTY_VERSION}.tar.gz openresty-${RESTY_VERSION} \ + && apk del .build-deps \ + && mkdir -p /var/run/openresty \ + && ln -sf /dev/stdout /usr/local/openresty/nginx/logs/access.log \ + && ln -sf /dev/stderr /usr/local/openresty/nginx/logs/error.log + +# Add additional binaries into PATH for convenience +ENV PATH=$PATH:/usr/local/openresty/luajit/bin:/usr/local/openresty/nginx/sbin:/usr/local/openresty/bin + +# Copy nginx configuration files +COPY nginx.conf /usr/local/openresty/nginx/conf/nginx.conf +COPY nginx.vh.default.conf /etc/nginx/conf.d/default.conf + +CMD ["/usr/local/openresty/bin/openresty", "-g", "daemon off;"] + +# Use SIGQUIT instead of default SIGTERM to cleanly drain requests +# See https://github.com/openresty/docker-openresty/blob/master/README.md#tips--pitfalls +STOPSIGNAL SIGQUIT \ No newline at end of file diff --git a/images/openresty/Dockerfile.1.17.8.1 b/images/openresty/Dockerfile.1.17.8.1 new file mode 100644 index 00000000..cfef001f --- /dev/null +++ b/images/openresty/Dockerfile.1.17.8.1 @@ -0,0 +1,167 @@ +# Dockerfile - alpine +# https://github.com/openresty/docker-openresty + +ARG RESTY_IMAGE_BASE="alpine" +ARG RESTY_IMAGE_TAG="3.11" + +FROM ${RESTY_IMAGE_BASE}:${RESTY_IMAGE_TAG} + +LABEL maintainer="Evan Wies " + +# Docker Build Arguments +ARG RESTY_IMAGE_BASE="alpine" +ARG RESTY_IMAGE_TAG="3.11" +ARG RESTY_VERSION="1.17.8.1" +ARG RESTY_OPENSSL_VERSION="1.1.1g" +ARG RESTY_OPENSSL_PATCH_VERSION="1.1.1f" +ARG RESTY_OPENSSL_URL_BASE="https://www.openssl.org/source" +ARG RESTY_PCRE_VERSION="8.44" +ARG RESTY_J="1" +ARG RESTY_CONFIG_OPTIONS="\ + --with-compat \ + --with-file-aio \ + --with-http_addition_module \ + --with-http_auth_request_module \ + --with-http_dav_module \ + --with-http_flv_module \ + --with-http_geoip_module=dynamic \ + --with-http_gunzip_module \ + --with-http_gzip_static_module \ + --with-http_image_filter_module=dynamic \ + --with-http_mp4_module \ + --with-http_random_index_module \ + --with-http_realip_module \ + --with-http_secure_link_module \ + --with-http_slice_module \ + --with-http_ssl_module \ + --with-http_stub_status_module \ + --with-http_sub_module \ + --with-http_v2_module \ + --with-http_xslt_module=dynamic \ + --with-ipv6 \ + --with-mail \ + --with-mail_ssl_module \ + --with-md5-asm \ + --with-pcre-jit \ + --with-sha1-asm \ + --with-stream \ + --with-stream_ssl_module \ + --with-openssl-opt=enable-tls1_3 \ + --with-threads \ + " +ARG RESTY_CONFIG_OPTIONS_MORE="" +ARG RESTY_LUAJIT_OPTIONS="--with-luajit-xcflags='-DLUAJIT_NUMMODE=2 -DLUAJIT_ENABLE_LUA52COMPAT'" + +ARG RESTY_ADD_PACKAGE_BUILDDEPS="" +ARG RESTY_ADD_PACKAGE_RUNDEPS="" +ARG RESTY_EVAL_PRE_CONFIGURE="" +ARG RESTY_EVAL_POST_MAKE="" + +# These are not intended to be user-specified +ARG _RESTY_CONFIG_DEPS="--with-pcre \ + --with-cc-opt='-DNGX_LUA_ABORT_AT_PANIC -I/usr/local/openresty/pcre/include -I/usr/local/openresty/openssl/include' \ + --with-ld-opt='-L/usr/local/openresty/pcre/lib -L/usr/local/openresty/openssl/lib -Wl,-rpath,/usr/local/openresty/pcre/lib:/usr/local/openresty/openssl/lib' \ + " + +LABEL resty_image_base="${RESTY_IMAGE_BASE}" +LABEL resty_image_tag="${RESTY_IMAGE_TAG}" +LABEL resty_version="${RESTY_VERSION}" +LABEL resty_openssl_version="${RESTY_OPENSSL_VERSION}" +LABEL resty_openssl_patch_version="${RESTY_OPENSSL_PATCH_VERSION}" +LABEL resty_openssl_url_base="${RESTY_OPENSSL_URL_BASE}" +LABEL resty_pcre_version="${RESTY_PCRE_VERSION}" +LABEL resty_config_options="${RESTY_CONFIG_OPTIONS}" +LABEL resty_config_options_more="${RESTY_CONFIG_OPTIONS_MORE}" +LABEL resty_config_deps="${_RESTY_CONFIG_DEPS}" +LABEL resty_add_package_builddeps="${RESTY_ADD_PACKAGE_BUILDDEPS}" +LABEL resty_add_package_rundeps="${RESTY_ADD_PACKAGE_RUNDEPS}" +LABEL resty_eval_pre_configure="${RESTY_EVAL_PRE_CONFIGURE}" +LABEL resty_eval_post_make="${RESTY_EVAL_POST_MAKE}" + + +RUN apk add --no-cache --virtual .build-deps \ + build-base \ + coreutils \ + curl \ + gd-dev \ + geoip-dev \ + libxslt-dev \ + linux-headers \ + make \ + perl-dev \ + readline-dev \ + zlib-dev \ + ${RESTY_ADD_PACKAGE_BUILDDEPS} \ + && apk add --no-cache \ + gd \ + geoip \ + libgcc \ + libxslt \ + zlib \ + ${RESTY_ADD_PACKAGE_RUNDEPS} \ + && cd /tmp \ + && if [ -n "${RESTY_EVAL_PRE_CONFIGURE}" ]; then eval $(echo ${RESTY_EVAL_PRE_CONFIGURE}); fi \ + && cd /tmp \ + && curl -fSL "${RESTY_OPENSSL_URL_BASE}/openssl-${RESTY_OPENSSL_VERSION}.tar.gz" -o openssl-${RESTY_OPENSSL_VERSION}.tar.gz \ + && tar xzf openssl-${RESTY_OPENSSL_VERSION}.tar.gz \ + && cd openssl-${RESTY_OPENSSL_VERSION} \ + && if [ $(echo ${RESTY_OPENSSL_VERSION} | cut -c 1-5) = "1.1.1" ] ; then \ + echo 'patching OpenSSL 1.1.1 for OpenResty' \ + && curl -s https://raw.githubusercontent.com/openresty/openresty/master/patches/openssl-${RESTY_OPENSSL_PATCH_VERSION}-sess_set_get_cb_yield.patch | patch -p1 ; \ + fi \ + && if [ $(echo ${RESTY_OPENSSL_VERSION} | cut -c 1-5) = "1.1.0" ] ; then \ + echo 'patching OpenSSL 1.1.0 for OpenResty' \ + && curl -s https://raw.githubusercontent.com/openresty/openresty/ed328977028c3ec3033bc25873ee360056e247cd/patches/openssl-1.1.0j-parallel_build_fix.patch | patch -p1 \ + && curl -s https://raw.githubusercontent.com/openresty/openresty/master/patches/openssl-${RESTY_OPENSSL_PATCH_VERSION}-sess_set_get_cb_yield.patch | patch -p1 ; \ + fi \ + && ./config \ + no-threads shared zlib -g \ + enable-ssl3 enable-ssl3-method \ + --prefix=/usr/local/openresty/openssl \ + --libdir=lib \ + -Wl,-rpath,/usr/local/openresty/openssl/lib \ + && make -j${RESTY_J} \ + && make -j${RESTY_J} install_sw \ + && cd /tmp \ + && curl -fSL https://ftp.pcre.org/pub/pcre/pcre-${RESTY_PCRE_VERSION}.tar.gz -o pcre-${RESTY_PCRE_VERSION}.tar.gz \ + && tar xzf pcre-${RESTY_PCRE_VERSION}.tar.gz \ + && cd /tmp/pcre-${RESTY_PCRE_VERSION} \ + && ./configure \ + --prefix=/usr/local/openresty/pcre \ + --disable-cpp \ + --enable-jit \ + --enable-utf \ + --enable-unicode-properties \ + && make -j${RESTY_J} \ + && make -j${RESTY_J} install \ + && cd /tmp \ + && curl -fSL https://openresty.org/download/openresty-${RESTY_VERSION}.tar.gz -o openresty-${RESTY_VERSION}.tar.gz \ + && tar xzf openresty-${RESTY_VERSION}.tar.gz \ + && cd /tmp/openresty-${RESTY_VERSION} \ + && eval ./configure -j${RESTY_J} ${_RESTY_CONFIG_DEPS} ${RESTY_CONFIG_OPTIONS} ${RESTY_CONFIG_OPTIONS_MORE} ${RESTY_LUAJIT_OPTIONS} \ + && make -j${RESTY_J} \ + && make -j${RESTY_J} install \ + && cd /tmp \ + && if [ -n "${RESTY_EVAL_POST_MAKE}" ]; then eval $(echo ${RESTY_EVAL_POST_MAKE}); fi \ + && rm -rf \ + openssl-${RESTY_OPENSSL_VERSION}.tar.gz openssl-${RESTY_OPENSSL_VERSION} \ + pcre-${RESTY_PCRE_VERSION}.tar.gz pcre-${RESTY_PCRE_VERSION} \ + openresty-${RESTY_VERSION}.tar.gz openresty-${RESTY_VERSION} \ + && apk del .build-deps \ + && mkdir -p /var/run/openresty \ + && ln -sf /dev/stdout /usr/local/openresty/nginx/logs/access.log \ + && ln -sf /dev/stderr /usr/local/openresty/nginx/logs/error.log + +# Add additional binaries into PATH for convenience +ENV PATH=$PATH:/usr/local/openresty/luajit/bin:/usr/local/openresty/nginx/sbin:/usr/local/openresty/bin + +# Copy nginx configuration files +COPY /openresty/nginx.conf /usr/local/openresty/nginx/conf/nginx.conf +COPY /openresty/nginx-waf.conf /usr/local/openresty/nginx/conf/nginx-waf.conf +COPY /openresty/nginx.vh.default.conf /etc/nginx/conf.d/default.conf + +CMD ["/usr/local/openresty/bin/openresty", "-g", "daemon off;"] + +# Use SIGQUIT instead of default SIGTERM to cleanly drain requests +# See https://github.com/openresty/docker-openresty/blob/master/README.md#tips--pitfalls +STOPSIGNAL SIGQUIT diff --git a/images/openresty/nginx-waf.conf b/images/openresty/nginx-waf.conf new file mode 100644 index 00000000..3efcedac --- /dev/null +++ b/images/openresty/nginx-waf.conf @@ -0,0 +1,88 @@ +# nginx.conf -- docker-openresty +# +# This file is installed to: +# `/usr/local/openresty/nginx/conf/nginx.conf` +# and is the file loaded by nginx at startup, +# unless the user specifies otherwise. +# +# It tracks the upstream OpenResty's `nginx.conf`, but removes the `server` +# section and adds this directive: +# `include /etc/nginx/conf.d/*.conf;` +# +# The `docker-openresty` file `nginx.vh.default.conf` is copied to +# `/etc/nginx/conf.d/default.conf`. It contains the `server section +# of the upstream `nginx.conf`. +# +# See https://github.com/openresty/docker-openresty/blob/master/README.md#nginx-config-files +# + +#user nobody; +worker_processes 2; + +#error_log logs/error.log; +#error_log logs/error.log notice; +#error_log logs/error.log info; + +#pid logs/nginx.pid; + + +events { + worker_connections 102400; +} + + +http { + include mime.types; + default_type application/octet-stream; + + #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + # '$status $body_bytes_sent "$http_referer" ' + # '"$http_user_agent" "$http_x_forwarded_for"'; + +lua_package_path "/usr/local/openresty/lualib/?.lua;/waf/?.lua"; +lua_shared_dict limit 50m; +lua_shared_dict iplimit 20m; +init_by_lua_file /waf/wafinit.lua; +access_by_lua_file /waf/wafindex.lua; +# + +log_format access '$remote_addr - $remote_user [$time_local] $http_host $request_method "$uri" "$query_string" ' + '$status $body_bytes_sent "$http_referer" $upstream_status $upstream_addr $request_time $upstream_response_time ' + '"$http_user_agent" "$http_x_forwarded_for"' ; + +log_format main '$remote_addr - $remote_user [$time_local] "$request" $http_host ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for" ' + '"$upstream_addr" "$upstream_status" $upstream_cache_status "$upstream_http_content_type" "$upstream_response_time" > $request_time'; + + +upstream php5 { + server 127.0.0.1:9001; +} +upstream php7 { + server 127.0.0.1:9002; +} +upstream php7a { + server 127.0.0.1:9000; +} + + #access_log logs/access.log main; + + # See Move default writable paths to a dedicated directory (#119) + # https://github.com/openresty/docker-openresty/issues/119 + client_body_temp_path /var/run/openresty/nginx-client-body; + proxy_temp_path /var/run/openresty/nginx-proxy; + fastcgi_temp_path /var/run/openresty/nginx-fastcgi; + uwsgi_temp_path /var/run/openresty/nginx-uwsgi; + scgi_temp_path /var/run/openresty/nginx-scgi; + + sendfile on; + #tcp_nopush on; + + #keepalive_timeout 0; + keepalive_timeout 65; + + #gzip on; + + include /etc/nginx/conf.d/*.conf; +} diff --git a/images/openresty/nginx.conf b/images/openresty/nginx.conf new file mode 100644 index 00000000..45e90384 --- /dev/null +++ b/images/openresty/nginx.conf @@ -0,0 +1,88 @@ +# nginx.conf -- docker-openresty +# +# This file is installed to: +# `/usr/local/openresty/nginx/conf/nginx.conf` +# and is the file loaded by nginx at startup, +# unless the user specifies otherwise. +# +# It tracks the upstream OpenResty's `nginx.conf`, but removes the `server` +# section and adds this directive: +# `include /etc/nginx/conf.d/*.conf;` +# +# The `docker-openresty` file `nginx.vh.default.conf` is copied to +# `/etc/nginx/conf.d/default.conf`. It contains the `server section +# of the upstream `nginx.conf`. +# +# See https://github.com/openresty/docker-openresty/blob/master/README.md#nginx-config-files +# + +#user nobody; +worker_processes 2; + +#error_log logs/error.log; +#error_log logs/error.log notice; +#error_log logs/error.log info; + +#pid logs/nginx.pid; + + +events { + worker_connections 102400; +} + + +http { + include mime.types; + default_type application/octet-stream; + + #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + # '$status $body_bytes_sent "$http_referer" ' + # '"$http_user_agent" "$http_x_forwarded_for"'; + +#lua_package_path "/usr/local/openresty/lualib/?.lua;/waf/?.lua"; +##lua_shared_dict limit 50m; +##lua_shared_dict iplimit 20m; +##init_by_lua_file /waf/wafinit.lua; +##access_by_lua_file /waf/wafindex.lua; +# + +log_format access '$remote_addr - $remote_user [$time_local] $http_host $request_method "$uri" "$query_string" ' + '$status $body_bytes_sent "$http_referer" $upstream_status $upstream_addr $request_time $upstream_response_time ' + '"$http_user_agent" "$http_x_forwarded_for"' ; + +log_format main '$remote_addr - $remote_user [$time_local] "$request" $http_host ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for" ' + '"$upstream_addr" "$upstream_status" $upstream_cache_status "$upstream_http_content_type" "$upstream_response_time" > $request_time'; + + +upstream php5 { + server 127.0.0.1:9001; +} +upstream php7 { + server 127.0.0.1:9002; +} +upstream php7a { + server 127.0.0.1:9000; +} + + #access_log logs/access.log main; + + # See Move default writable paths to a dedicated directory (#119) + # https://github.com/openresty/docker-openresty/issues/119 + client_body_temp_path /var/run/openresty/nginx-client-body; + proxy_temp_path /var/run/openresty/nginx-proxy; + fastcgi_temp_path /var/run/openresty/nginx-fastcgi; + uwsgi_temp_path /var/run/openresty/nginx-uwsgi; + scgi_temp_path /var/run/openresty/nginx-scgi; + + sendfile on; + #tcp_nopush on; + + #keepalive_timeout 0; + keepalive_timeout 65; + + #gzip on; + + include /etc/nginx/conf.d/*.conf; +} diff --git a/images/openresty/nginx.vh.default.conf b/images/openresty/nginx.vh.default.conf new file mode 100644 index 00000000..3ad95722 --- /dev/null +++ b/images/openresty/nginx.vh.default.conf @@ -0,0 +1,58 @@ +# nginx.vh.default.conf -- docker-openresty +# +# This file is installed to: +# `/etc/nginx/conf.d/default.conf` +# +# It tracks the `server` section of the upstream OpenResty's `nginx.conf`. +# +# This config (and any other configs in `etc/nginx/conf.d/`) is loaded by +# default by the `include` directive in `/usr/local/openresty/nginx/conf/nginx.conf`. +# +# See https://github.com/openresty/docker-openresty/blob/master/README.md#nginx-config-files +# + + +server { + listen 80; + server_name localhost; + + #charset koi8-r; + #access_log /var/log/nginx/host.access.log main; + + location / { + root /usr/local/openresty/nginx/html; + index index.html index.htm; + } + + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/local/openresty/nginx/html; + } + + # proxy the PHP scripts to Apache listening on 127.0.0.1:80 + # + #location ~ \.php$ { + # proxy_pass http://127.0.0.1; + #} + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # + #location ~ \.php$ { + # root /usr/local/openresty/nginx/html; + # fastcgi_pass 127.0.0.1:9000; + # fastcgi_index index.php; + # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; + # include fastcgi_params; + #} + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + #location ~ /\.ht { + # deny all; + #} +} diff --git a/images/opensuse/Dockerfile b/images/opensuse/Dockerfile deleted file mode 100644 index 61a81173..00000000 --- a/images/opensuse/Dockerfile +++ /dev/null @@ -1,3 +0,0 @@ -FROM opensuse:latest - -CMD ["/bin/sh"] \ No newline at end of file diff --git a/images/opensuse/Dockerfile.leap b/images/opensuse/Dockerfile.leap deleted file mode 100644 index 2b55e2fd..00000000 --- a/images/opensuse/Dockerfile.leap +++ /dev/null @@ -1,3 +0,0 @@ -FROM opensuse:leap - -CMD ["/bin/sh"] \ No newline at end of file diff --git a/images/opensuse/Dockerfile.tumbleweed b/images/opensuse/Dockerfile.tumbleweed deleted file mode 100644 index bd57a169..00000000 --- a/images/opensuse/Dockerfile.tumbleweed +++ /dev/null @@ -1,3 +0,0 @@ -FROM opensuse:tumbleweed - -CMD ["/bin/sh"] \ No newline at end of file diff --git a/images/opensuse/latest/Dockerfile b/images/opensuse/latest/Dockerfile new file mode 100644 index 00000000..00e22f0c --- /dev/null +++ b/images/opensuse/latest/Dockerfile @@ -0,0 +1,5 @@ +FROM opensuse:latest +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +CMD ['/bin/bash'] diff --git a/images/opensuse/leap/Dockerfile b/images/opensuse/leap/Dockerfile new file mode 100644 index 00000000..8f745ae7 --- /dev/null +++ b/images/opensuse/leap/Dockerfile @@ -0,0 +1,5 @@ +FROM opensuse:leap +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +CMD ['/bin/bash'] diff --git a/images/opensuse/tumbleweed/Dockerfile b/images/opensuse/tumbleweed/Dockerfile new file mode 100644 index 00000000..a0248e72 --- /dev/null +++ b/images/opensuse/tumbleweed/Dockerfile @@ -0,0 +1,5 @@ +FROM opensuse:tumbleweed +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +CMD ['/bin/bash'] diff --git a/images/percona/Dockerfile b/images/percona/Dockerfile new file mode 100644 index 00000000..3d3fd6d3 --- /dev/null +++ b/images/percona/Dockerfile @@ -0,0 +1,11 @@ +FROM percona:5.7 + +LABEL maintainer="DTUNES " + +RUN chown -R mysql:root /var/lib/mysql/ + +COPY my.cnf /etc/mysql/conf.d/my.cnf + +CMD ["mysqld"] + +EXPOSE 3306 diff --git a/images/percona/docker-entrypoint-initdb.d/.gitignore b/images/percona/docker-entrypoint-initdb.d/.gitignore new file mode 100644 index 00000000..d1b811b7 --- /dev/null +++ b/images/percona/docker-entrypoint-initdb.d/.gitignore @@ -0,0 +1 @@ +*.sql diff --git a/images/percona/docker-entrypoint-initdb.d/createdb.sql.example b/images/percona/docker-entrypoint-initdb.d/createdb.sql.example new file mode 100644 index 00000000..82d4f4cf --- /dev/null +++ b/images/percona/docker-entrypoint-initdb.d/createdb.sql.example @@ -0,0 +1,28 @@ +### +### Copy createdb.sql.example to createdb.sql +### then uncomment then set database name and username to create you need databases +# +# example: .env MYSQL_USER=appuser and need db name is myshop_db +# +# CREATE DATABASE IF NOT EXISTS `myshop_db` ; +# GRANT ALL ON `myshop_db`.* TO 'appuser'@'%' ; +# +### +### this sql script is auto run when percona container start and $DATA_PATH_HOST/percona not exists. +### +### if your $DATA_PATH_HOST/percona is exists and you do not want to delete it, you can run by manual execution: +### +### docker-compose exec percona bash +### mysql -u root -p < /docker-entrypoint-initdb.d/createdb.sql +### + +#CREATE DATABASE IF NOT EXISTS `dev_db_1` COLLATE 'utf8_general_ci' ; +#GRANT ALL ON `dev_db_1`.* TO 'homestead'@'%' ; + +#CREATE DATABASE IF NOT EXISTS `dev_db_2` COLLATE 'utf8_general_ci' ; +#GRANT ALL ON `dev_db_2`.* TO 'homestead'@'%' ; + +#CREATE DATABASE IF NOT EXISTS `dev_db_3` COLLATE 'utf8_general_ci' ; +#GRANT ALL ON `dev_db_3`.* TO 'homestead'@'%' ; + +FLUSH PRIVILEGES ; diff --git a/images/percona/my.cnf b/images/percona/my.cnf new file mode 100644 index 00000000..06595ca5 --- /dev/null +++ b/images/percona/my.cnf @@ -0,0 +1,9 @@ +# The MySQL Client configuration file. +# +# For explanations see +# http://dev.mysql.com/doc/mysql/en/server-system-variables.html + +[mysql] + +[mysqld] +sql-mode="STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION" diff --git a/images/pgadmin/Dockerfile b/images/pgadmin/Dockerfile new file mode 100644 index 00000000..2d34c22b --- /dev/null +++ b/images/pgadmin/Dockerfile @@ -0,0 +1,5 @@ +FROM fenglc/pgadmin4 + +MAINTAINER Bo-Yi Wu + +EXPOSE 5050 diff --git a/images/php-crond/Dockerfile b/images/php-crond/Dockerfile new file mode 100644 index 00000000..61e7bbbc --- /dev/null +++ b/images/php-crond/Dockerfile @@ -0,0 +1,14 @@ +FROM bravist/php-cli-alpine-aliyun-app:1.13 + +COPY ./crontabs/default /var/spool/cron/crontabs/ + +RUN cat /var/spool/cron/crontabs/default >> /var/spool/cron/crontabs/root + +WORKDIR /var/spool/cron/crontabs + +RUN mkdir -p /var/log/cron \ + && touch /var/log/cron/cron.log + +VOLUME /var/log/cron + +CMD ["/usr/sbin/crond", "-f", "-L", "/var/log/cron/cron.log"] diff --git a/images/php-crond/crontabs/.gitignore b/images/php-crond/crontabs/.gitignore new file mode 100644 index 00000000..4befd603 --- /dev/null +++ b/images/php-crond/crontabs/.gitignore @@ -0,0 +1,3 @@ +* +!.gitignore +!default.example \ No newline at end of file diff --git a/images/php-crond/crontabs/default.example b/images/php-crond/crontabs/default.example new file mode 100644 index 00000000..66bd0d2a --- /dev/null +++ b/images/php-crond/crontabs/default.example @@ -0,0 +1,3 @@ +# do daily/weekly/monthly maintenance +# min hour day month weekday command +# * * * * * php /path/to/artisan schedule:run >> /dev/null 2>&1 \ No newline at end of file diff --git a/images/php-fpm/Dockerfile b/images/php-fpm/Dockerfile new file mode 100644 index 00000000..1837b452 --- /dev/null +++ b/images/php-fpm/Dockerfile @@ -0,0 +1,1005 @@ +# +#-------------------------------------------------------------------------- +# Image Setup +#-------------------------------------------------------------------------- +# +# To edit the 'php-fpm' base Image, visit its repository on Github +# https://github.com/Laradock/php-fpm +# +# To change its version, see the available Tags on the Docker Hub: +# https://hub.docker.com/r/laradock/php-fpm/tags/ +# +# Note: Base Image name format {image-tag}-{php-version} +# + +ARG LARADOCK_PHP_VERSION +ARG BASE_IMAGE_TAG_PREFIX=latest +FROM laradock/php-fpm:${BASE_IMAGE_TAG_PREFIX}-${LARADOCK_PHP_VERSION} + +LABEL maintainer="Mahmoud Zalt " + +ARG LARADOCK_PHP_VERSION + +# Set Environment Variables +ENV DEBIAN_FRONTEND noninteractive + +# If you're in China, or you need to change sources, will be set CHANGE_SOURCE to true in .env. + +ARG CHANGE_SOURCE=false +RUN if [ ${CHANGE_SOURCE} = true ]; then \ + # Change application source from deb.debian.org to aliyun source + sed -i 's/deb.debian.org/mirrors.aliyun.com/' /etc/apt/sources.list && \ + sed -i 's/security.debian.org/mirrors.aliyun.com/' /etc/apt/sources.list && \ + sed -i 's/security-cdn.debian.org/mirrors.aliyun.com/' /etc/apt/sources.list \ +;fi + +# always run apt update when start and after add new source list, then clean up at end. +RUN set -xe; \ + apt-get update -yqq && \ + pecl channel-update pecl.php.net && \ + apt-get install -yqq \ + apt-utils \ + # + #-------------------------------------------------------------------------- + # Mandatory Software's Installation + #-------------------------------------------------------------------------- + # + # Mandatory Software's such as ("mcrypt", "pdo_mysql", "libssl-dev", ....) + # are installed on the base image 'laradock/php-fpm' image. If you want + # to add more Software's or remove existing one, you need to edit the + # base image (https://github.com/Laradock/php-fpm). + # + # next lines are here becase there is no auto build on dockerhub see https://github.com/laradock/laradock/pull/1903#issuecomment-463142846 + libzip-dev zip unzip && \ + if [ ${LARADOCK_PHP_VERSION} = "7.3" ] || [ ${LARADOCK_PHP_VERSION} = "7.4" ]; then \ + docker-php-ext-configure zip; \ + else \ + docker-php-ext-configure zip --with-libzip; \ + fi && \ + # Install the zip extension + docker-php-ext-install zip && \ + php -m | grep -q 'zip' + +# +#-------------------------------------------------------------------------- +# Optional Software's Installation +#-------------------------------------------------------------------------- +# +# Optional Software's will only be installed if you set them to `true` +# in the `docker-compose.yml` before the build. +# Example: +# - INSTALL_SOAP=true +# + +########################################################################### +# BZ2: +########################################################################### + +ARG INSTALL_BZ2=false +RUN if [ ${INSTALL_BZ2} = true ]; then \ + apt-get -y install libbz2-dev; \ + docker-php-ext-install bz2 \ +;fi + +########################################################################### +# GMP (GNU Multiple Precision): +########################################################################### + +ARG INSTALL_GMP=false + +RUN if [ ${INSTALL_GMP} = true ]; then \ + # Install the GMP extension + apt-get install -y libgmp-dev && \ + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "5" ]; then \ + ln -s /usr/include/x86_64-linux-gnu/gmp.h /usr/include/gmp.h \ + ;fi && \ + docker-php-ext-install gmp \ +;fi + +########################################################################### +# SSH2: +########################################################################### + +ARG INSTALL_SSH2=false + +RUN if [ ${INSTALL_SSH2} = true ]; then \ + # Install the ssh2 extension + apt-get -y install libssh2-1-dev && \ + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "5" ]; then \ + pecl install -a ssh2-0.13; \ + else \ + pecl install -a ssh2-1.2; \ + fi && \ + docker-php-ext-enable ssh2 \ +;fi + +########################################################################### +# libfaketime: +########################################################################### + +USER root + +ARG INSTALL_FAKETIME=false + +RUN if [ ${INSTALL_FAKETIME} = true ]; then \ + apt-get install -y libfaketime \ +;fi + +########################################################################### +# SOAP: +########################################################################### + +ARG INSTALL_SOAP=false + +RUN if [ ${INSTALL_SOAP} = true ]; then \ + # Install the soap extension + rm /etc/apt/preferences.d/no-debian-php && \ + apt-get -y install libxml2-dev php-soap && \ + docker-php-ext-install soap \ +;fi + +########################################################################### +# XSL: +########################################################################### + +ARG INSTALL_XSL=false + +RUN if [ ${INSTALL_XSL} = true ]; then \ + # Install the xsl extension + apt-get -y install libxslt-dev && \ + docker-php-ext-install xsl \ +;fi + +########################################################################### +# pgsql +########################################################################### + +ARG INSTALL_PGSQL=false + +RUN if [ ${INSTALL_PGSQL} = true ]; then \ + # Install the pgsql extension + docker-php-ext-install pgsql \ +;fi + +########################################################################### +# pgsql client +########################################################################### + +ARG INSTALL_PG_CLIENT=false +ARG INSTALL_POSTGIS=false + +RUN if [ ${INSTALL_PG_CLIENT} = true ]; then \ + # Create folders if not exists (https://github.com/tianon/docker-brew-debian/issues/65) + mkdir -p /usr/share/man/man1 && \ + mkdir -p /usr/share/man/man7 && \ + # Install the pgsql client + apt-get install -y postgresql-client && \ + if [ ${INSTALL_POSTGIS} = true ]; then \ + apt-get install -y postgis; \ + fi \ +;fi + +########################################################################### +# xDebug: +########################################################################### + +ARG INSTALL_XDEBUG=false + +RUN if [ ${INSTALL_XDEBUG} = true ]; then \ + # Install the xdebug extension + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "5" ]; then \ + pecl install xdebug-2.5.5; \ + else \ + if [ $(php -r "echo PHP_MINOR_VERSION;") = "0" ]; then \ + pecl install xdebug-2.9.0; \ + else \ + pecl install xdebug; \ + fi \ + fi && \ + docker-php-ext-enable xdebug \ +;fi + +# Copy xdebug configuration for remote debugging +COPY ./xdebug.ini /usr/local/etc/php/conf.d/xdebug.ini + +RUN sed -i "s/xdebug.remote_autostart=0/xdebug.remote_autostart=1/" /usr/local/etc/php/conf.d/xdebug.ini && \ + sed -i "s/xdebug.remote_enable=0/xdebug.remote_enable=1/" /usr/local/etc/php/conf.d/xdebug.ini && \ + sed -i "s/xdebug.cli_color=0/xdebug.cli_color=1/" /usr/local/etc/php/conf.d/xdebug.ini + +########################################################################### +# pcov: +########################################################################### + +USER root + +ARG INSTALL_PCOV=false + +RUN if [ ${INSTALL_PCOV} = true ]; then \ + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "7" ]; then \ + if [ $(php -r "echo PHP_MINOR_VERSION;") != "0" ]; then \ + pecl install pcov && \ + docker-php-ext-enable pcov \ + ;fi \ + ;fi \ +;fi + +########################################################################### +# Phpdbg: +########################################################################### + +ARG INSTALL_PHPDBG=false + +RUN if [ ${INSTALL_PHPDBG} = true ]; then \ + # Load the xdebug extension only with phpunit commands + apt-get install -y --force-yes php${LARADOCK_PHP_VERSION}-phpdbg \ +;fi + +########################################################################### +# Blackfire: +########################################################################### + +ARG INSTALL_BLACKFIRE=false + +RUN if [ ${INSTALL_XDEBUG} = false -a ${INSTALL_BLACKFIRE} = true ]; then \ + version=$(php -r "echo PHP_MAJOR_VERSION.PHP_MINOR_VERSION;") \ + && curl -A "Docker" -o /tmp/blackfire-probe.tar.gz -D - -L -s https://blackfire.io/api/v1/releases/probe/php/linux/amd64/$version \ + && tar zxpf /tmp/blackfire-probe.tar.gz -C /tmp \ + && mv /tmp/blackfire-*.so $(php -r "echo ini_get('extension_dir');")/blackfire.so \ + && printf "extension=blackfire.so\nblackfire.agent_socket=tcp://blackfire:8707\n" > $PHP_INI_DIR/conf.d/blackfire.ini \ +;fi + +########################################################################### +# PHP REDIS EXTENSION +########################################################################### + +ARG INSTALL_PHPREDIS=false + +RUN if [ ${INSTALL_PHPREDIS} = true ]; then \ + # Install Php Redis Extension + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "5" ]; then \ + pecl install -o -f redis-4.3.0; \ + else \ + pecl install -o -f redis; \ + fi \ + && rm -rf /tmp/pear \ + && docker-php-ext-enable redis \ +;fi + +########################################################################### +# Swoole EXTENSION +########################################################################### + +ARG INSTALL_SWOOLE=false + +RUN if [ ${INSTALL_SWOOLE} = true ]; then \ + # Install Php Swoole Extension + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "5" ]; then \ + pecl install swoole-2.0.10; \ + else \ + if [ $(php -r "echo PHP_MINOR_VERSION;") = "0" ]; then \ + pecl install swoole-2.2.0; \ + else \ + pecl install swoole; \ + fi \ + fi && \ + docker-php-ext-enable swoole \ + && php -m | grep -q 'swoole' \ +;fi + +########################################################################### +# Taint EXTENSION +########################################################################### + +ARG INSTALL_TAINT=false + +RUN if [ ${INSTALL_TAINT} = true ]; then \ + # Install Php TAINT Extension + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "7" ]; then \ + pecl install taint && \ + docker-php-ext-enable taint && \ + php -m | grep -q 'taint'; \ + fi \ +;fi + +########################################################################### +# MongoDB: +########################################################################### + +ARG INSTALL_MONGO=false + +RUN if [ ${INSTALL_MONGO} = true ]; then \ + # Install the mongodb extension + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "5" ]; then \ + pecl install mongo && \ + docker-php-ext-enable mongo \ + ;fi && \ + pecl install mongodb && \ + docker-php-ext-enable mongodb \ +;fi + +########################################################################### +# Xhprof: +########################################################################### + +ARG INSTALL_XHPROF=false + +RUN if [ ${INSTALL_XHPROF} = true ]; then \ + # Install the php xhprof extension + if [ $(php -r "echo PHP_MAJOR_VERSION;") = 7 ]; then \ + curl -L -o /tmp/xhprof.tar.gz "https://github.com/tideways/php-xhprof-extension/archive/v5.0.1.tar.gz"; \ + else \ + curl -L -o /tmp/xhprof.tar.gz "https://codeload.github.com/phacility/xhprof/tar.gz/master"; \ + fi \ + && mkdir -p xhprof \ + && tar -C xhprof -zxvf /tmp/xhprof.tar.gz --strip 1 \ + && ( \ + cd xhprof \ + && phpize \ + && ./configure \ + && make \ + && make install \ + ) \ + && rm -r xhprof \ + && rm /tmp/xhprof.tar.gz \ +;fi + +COPY ./xhprof.ini /usr/local/etc/php/conf.d + +RUN if [ ${INSTALL_XHPROF} = false ]; then \ + rm /usr/local/etc/php/conf.d/xhprof.ini \ +;fi + +########################################################################### +# AMQP: +########################################################################### + +ARG INSTALL_AMQP=false + +RUN if [ ${INSTALL_AMQP} = true ]; then \ + # download and install manually, to make sure it's compatible with ampq installed by pecl later + # install cmake first + apt-get -y install cmake && \ + curl -L -o /tmp/rabbitmq-c.tar.gz https://github.com/alanxz/rabbitmq-c/archive/master.tar.gz && \ + mkdir -p rabbitmq-c && \ + tar -C rabbitmq-c -zxvf /tmp/rabbitmq-c.tar.gz --strip 1 && \ + cd rabbitmq-c/ && \ + mkdir _build && cd _build/ && \ + cmake .. && \ + cmake --build . --target install && \ + # Install the amqp extension + pecl install amqp && \ + docker-php-ext-enable amqp && \ + # Install the sockets extension + docker-php-ext-install sockets \ +;fi + +########################################################################### +# GEARMAN: +########################################################################### + +ARG INSTALL_GEARMAN=false + +RUN if [ ${INSTALL_GEARMAN} = true ]; then \ + apt-get -y install libgearman-dev && \ + cd /tmp && \ + curl -L https://github.com/wcgallego/pecl-gearman/archive/gearman-2.0.5.zip -O && \ + unzip gearman-2.0.5.zip && \ + mv pecl-gearman-gearman-2.0.5 pecl-gearman && \ + cd /tmp/pecl-gearman && \ + phpize && \ + ./configure && \ + make -j$(nproc) && \ + make install && \ + cd / && \ + rm /tmp/gearman-2.0.5.zip && \ + rm -r /tmp/pecl-gearman && \ + docker-php-ext-enable gearman \ +;fi + +########################################################################### +# pcntl +########################################################################### + +ARG INSTALL_PCNTL=false +RUN if [ ${INSTALL_PCNTL} = true ]; then \ + # Installs pcntl, helpful for running Horizon + docker-php-ext-install pcntl \ +;fi + +########################################################################### +# bcmath: +########################################################################### + +ARG INSTALL_BCMATH=false + +RUN if [ ${INSTALL_BCMATH} = true ]; then \ + # Install the bcmath extension + docker-php-ext-install bcmath \ +;fi + +########################################################################### +# PHP Memcached: +########################################################################### + +ARG INSTALL_MEMCACHED=false + +RUN if [ ${INSTALL_MEMCACHED} = true ]; then \ + # Install the php memcached extension + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "5" ]; then \ + pecl install memcached-2.2.0; \ + else \ + pecl install memcached-3.1.3; \ + fi \ + && docker-php-ext-enable memcached \ +;fi + +########################################################################### +# Exif: +########################################################################### + +ARG INSTALL_EXIF=false + +RUN if [ ${INSTALL_EXIF} = true ]; then \ + # Enable Exif PHP extentions requirements + docker-php-ext-install exif \ +;fi + +########################################################################### +# PHP Aerospike: +########################################################################### + +USER root + +ARG INSTALL_AEROSPIKE=false + +RUN set -xe; \ + if [ ${INSTALL_AEROSPIKE} = true ]; then \ + # Fix dependencies for PHPUnit within aerospike extension + apt-get -y install sudo wget && \ + # Install the php aerospike extension + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "5" ]; then \ + curl -L -o /tmp/aerospike-client-php.tar.gz https://github.com/aerospike/aerospike-client-php5/archive/master.tar.gz; \ + else \ + curl -L -o /tmp/aerospike-client-php.tar.gz https://github.com/aerospike/aerospike-client-php/archive/master.tar.gz; \ + fi \ + && mkdir -p /tmp/aerospike-client-php \ + && tar -C /tmp/aerospike-client-php -zxvf /tmp/aerospike-client-php.tar.gz --strip 1 \ + && \ + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "5" ]; then \ + ( \ + cd /tmp/aerospike-client-php/src/aerospike \ + && phpize \ + && ./build.sh \ + && make install \ + ) \ + else \ + ( \ + cd /tmp/aerospike-client-php/src \ + && phpize \ + && ./build.sh \ + && make install \ + ) \ + fi \ + && rm /tmp/aerospike-client-php.tar.gz \ + && docker-php-ext-enable aerospike \ +;fi + +########################################################################### +# PHP OCI8: +########################################################################### + +ARG INSTALL_OCI8=false + +ENV LD_LIBRARY_PATH="/opt/oracle/instantclient_12_1" +ENV OCI_HOME="/opt/oracle/instantclient_12_1" +ENV OCI_LIB_DIR="/opt/oracle/instantclient_12_1" +ENV OCI_INCLUDE_DIR="/opt/oracle/instantclient_12_1/sdk/include" +ENV OCI_VERSION=12 + +RUN if [ ${INSTALL_OCI8} = true ]; then \ + # Install wget + apt-get update && apt-get install --no-install-recommends -y wget \ + # Install Oracle Instantclient + && mkdir /opt/oracle \ + && cd /opt/oracle \ + && wget https://github.com/diogomascarenha/oracle-instantclient/raw/master/instantclient-basic-linux.x64-12.1.0.2.0.zip \ + && wget https://github.com/diogomascarenha/oracle-instantclient/raw/master/instantclient-sdk-linux.x64-12.1.0.2.0.zip \ + && unzip /opt/oracle/instantclient-basic-linux.x64-12.1.0.2.0.zip -d /opt/oracle \ + && unzip /opt/oracle/instantclient-sdk-linux.x64-12.1.0.2.0.zip -d /opt/oracle \ + && ln -s /opt/oracle/instantclient_12_1/libclntsh.so.12.1 /opt/oracle/instantclient_12_1/libclntsh.so \ + && ln -s /opt/oracle/instantclient_12_1/libclntshcore.so.12.1 /opt/oracle/instantclient_12_1/libclntshcore.so \ + && ln -s /opt/oracle/instantclient_12_1/libocci.so.12.1 /opt/oracle/instantclient_12_1/libocci.so \ + && rm -rf /opt/oracle/*.zip \ + # Install PHP extensions deps + && apt-get update \ + && apt-get install --no-install-recommends -y \ + libaio-dev \ + freetds-dev && \ + # Install PHP extensions + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "5" ]; then \ + echo 'instantclient,/opt/oracle/instantclient_12_1/' | pecl install oci8-2.0.10; \ + else \ + echo 'instantclient,/opt/oracle/instantclient_12_1/' | pecl install oci8; \ + fi \ + && docker-php-ext-configure pdo_oci --with-pdo-oci=instantclient,/opt/oracle/instantclient_12_1,12.1 \ + && docker-php-ext-configure pdo_dblib --with-libdir=/lib/x86_64-linux-gnu \ + && docker-php-ext-install \ + pdo_oci \ + && docker-php-ext-enable \ + oci8 \ + ;fi + +########################################################################### +# IonCube Loader: +########################################################################### + +ARG INSTALL_IONCUBE=false + +RUN if [ ${INSTALL_IONCUBE} = true ]; then \ + # Install the php ioncube loader + curl -L -o /tmp/ioncube_loaders_lin_x86-64.tar.gz https://downloads.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz \ + && tar zxpf /tmp/ioncube_loaders_lin_x86-64.tar.gz -C /tmp \ + && mv /tmp/ioncube/ioncube_loader_lin_${LARADOCK_PHP_VERSION}.so $(php -r "echo ini_get('extension_dir');")/ioncube_loader.so \ + && printf "zend_extension=ioncube_loader.so\n" > $PHP_INI_DIR/conf.d/0ioncube.ini \ + && rm -rf /tmp/ioncube* \ +;fi + +########################################################################### +# Opcache: +########################################################################### + +ARG INSTALL_OPCACHE=false + +RUN if [ ${INSTALL_OPCACHE} = true ]; then \ + docker-php-ext-install opcache \ +;fi + +# Copy opcache configration +COPY ./opcache.ini /usr/local/etc/php/conf.d/opcache.ini + +########################################################################### +# Mysqli Modifications: +########################################################################### + +ARG INSTALL_MYSQLI=false + +RUN if [ ${INSTALL_MYSQLI} = true ]; then \ + docker-php-ext-install mysqli \ +;fi + + +########################################################################### +# Human Language and Character Encoding Support: +########################################################################### + +ARG INSTALL_INTL=false + +RUN if [ ${INSTALL_INTL} = true ]; then \ + # Install intl and requirements + apt-get install -y zlib1g-dev libicu-dev g++ && \ + docker-php-ext-configure intl && \ + docker-php-ext-install intl \ +;fi + +########################################################################### +# GHOSTSCRIPT: +########################################################################### + +ARG INSTALL_GHOSTSCRIPT=false + +RUN if [ ${INSTALL_GHOSTSCRIPT} = true ]; then \ + # Install the ghostscript extension + # for PDF editing + apt-get install -y \ + poppler-utils \ + ghostscript \ +;fi + +########################################################################### +# LDAP: +########################################################################### + +ARG INSTALL_LDAP=false + +RUN if [ ${INSTALL_LDAP} = true ]; then \ + apt-get install -y libldap2-dev && \ + docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu/ && \ + docker-php-ext-install ldap \ +;fi + +########################################################################### +# SQL SERVER: +########################################################################### + +ARG INSTALL_MSSQL=false + +RUN set -eux; \ + if [ ${INSTALL_MSSQL} = true ]; then \ + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "5" ]; then \ + apt-get -y install freetds-dev libsybdb5 \ + && ln -s /usr/lib/x86_64-linux-gnu/libsybdb.so /usr/lib/libsybdb.so \ + && docker-php-ext-install mssql pdo_dblib \ + && php -m | grep -q 'mssql' \ + && php -m | grep -q 'pdo_dblib' \ + ;else \ + ########################################################################### + # Ref from https://github.com/Microsoft/msphpsql/wiki/Dockerfile-for-adding-pdo_sqlsrv-and-sqlsrv-to-official-php-image + ########################################################################### + # Add Microsoft repo for Microsoft ODBC Driver 13 for Linux + apt-get install -y apt-transport-https gnupg \ + && curl https://packages.microsoft.com/keys/microsoft.asc | apt-key add - \ + && curl https://packages.microsoft.com/config/debian/9/prod.list > /etc/apt/sources.list.d/mssql-release.list \ + && apt-get update -yqq \ + # Install Dependencies + && ACCEPT_EULA=Y apt-get install -y unixodbc unixodbc-dev libgss3 odbcinst msodbcsql17 locales \ + && echo "en_US.UTF-8 UTF-8" > /etc/locale.gen \ + # link local aliases + && ln -sfn /etc/locale.alias /usr/share/locale/locale.alias \ + && locale-gen \ + # Install pdo_sqlsrv and sqlsrv from PECL. Replace pdo_sqlsrv-4.1.8preview with preferred version. + && if [ $(php -r "echo PHP_MINOR_VERSION;") = "0" ]; then \ + pecl install pdo_sqlsrv-5.3.0 sqlsrv-5.3.0 \ + ;else \ + pecl install pdo_sqlsrv sqlsrv \ + ;fi \ + && docker-php-ext-enable pdo_sqlsrv sqlsrv \ + && php -m | grep -q 'pdo_sqlsrv' \ + && php -m | grep -q 'sqlsrv' \ + ;fi \ + ;fi + +########################################################################### +# Image optimizers: +########################################################################### + +USER root + +ARG INSTALL_IMAGE_OPTIMIZERS=false + +RUN if [ ${INSTALL_IMAGE_OPTIMIZERS} = true ]; then \ + apt-get install -y jpegoptim optipng pngquant gifsicle \ +;fi + +########################################################################### +# ImageMagick: +########################################################################### + +USER root + +ARG INSTALL_IMAGEMAGICK=false + +RUN if [ ${INSTALL_IMAGEMAGICK} = true ]; then \ + apt-get install -y libmagickwand-dev imagemagick && \ + pecl install imagick && \ + docker-php-ext-enable imagick \ +;fi + +########################################################################### +# SMB: +########################################################################### + +ARG INSTALL_SMB=false + +RUN if [ ${INSTALL_SMB} = true ]; then \ + apt-get install -y smbclient php-smbclient coreutils \ +;fi + +########################################################################### +# IMAP: +########################################################################### + +ARG INSTALL_IMAP=false + +RUN if [ ${INSTALL_IMAP} = true ]; then \ + apt-get install -y libc-client-dev libkrb5-dev && \ + docker-php-ext-configure imap --with-kerberos --with-imap-ssl && \ + docker-php-ext-install imap \ +;fi + +########################################################################### +# Calendar: +########################################################################### + +USER root + +ARG INSTALL_CALENDAR=false + +RUN if [ ${INSTALL_CALENDAR} = true ]; then \ + docker-php-ext-configure calendar && \ + docker-php-ext-install calendar \ +;fi + +########################################################################### +# Phalcon: +########################################################################### + +ARG INSTALL_PHALCON=false +ARG LARADOCK_PHALCON_VERSION +ENV LARADOCK_PHALCON_VERSION ${LARADOCK_PHALCON_VERSION} + +# Copy phalcon configration +COPY ./phalcon.ini /usr/local/etc/php/conf.d/phalcon.ini.disable + +RUN if [ $INSTALL_PHALCON = true ]; then \ + apt-get update && apt-get install -y unzip libpcre3-dev gcc make re2c git automake autoconf\ + && git clone https://github.com/jbboehr/php-psr.git \ + && cd php-psr \ + && phpize \ + && ./configure \ + && make \ + && make test \ + && make install \ + && curl -L -o /tmp/cphalcon.zip https://github.com/phalcon/cphalcon/archive/v${LARADOCK_PHALCON_VERSION}.zip \ + && unzip -d /tmp/ /tmp/cphalcon.zip \ + && cd /tmp/cphalcon-${LARADOCK_PHALCON_VERSION}/build \ + && ./install \ + && mv /usr/local/etc/php/conf.d/phalcon.ini.disable /usr/local/etc/php/conf.d/phalcon.ini \ + && rm -rf /tmp/cphalcon* \ +;fi + +########################################################################### +# APCU: +########################################################################### + +ARG INSTALL_APCU=false + +RUN if [ ${INSTALL_APCU} = true ]; then \ + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "5" ]; then \ + pecl install -a apcu-4.0.11; \ + else \ + pecl install apcu; \ + fi && \ + docker-php-ext-enable apcu \ +;fi + +########################################################################### +# YAML: +########################################################################### + +USER root + +ARG INSTALL_YAML=false + +RUN if [ ${INSTALL_YAML} = true ]; then \ + apt-get install libyaml-dev -y ; \ + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "5" ]; then \ + pecl install -a yaml-1.3.2; \ + else \ + pecl install yaml; \ + fi && \ + docker-php-ext-enable yaml \ +;fi + +########################################################################### +# RDKAFKA: +########################################################################### + +ARG INSTALL_RDKAFKA=false + +RUN if [ ${INSTALL_RDKAFKA} = true ]; then \ + apt-get install -y librdkafka-dev && \ + pecl install rdkafka && \ + docker-php-ext-enable rdkafka \ +;fi + +########################################################################### +# GETTEXT: +########################################################################### + +ARG INSTALL_GETTEXT=false + +RUN if [ ${INSTALL_GETTEXT} = true ]; then \ + apt-get install -y zlib1g-dev libicu-dev g++ libpq-dev libssl-dev gettext && \ + docker-php-ext-install gettext \ +;fi + +########################################################################### +# Install additional locales: +########################################################################### + +ARG INSTALL_ADDITIONAL_LOCALES=false +ARG ADDITIONAL_LOCALES + +RUN if [ ${INSTALL_ADDITIONAL_LOCALES} = true ]; then \ + apt-get install -y locales \ + && echo '' >> /usr/share/locale/locale.alias \ + && temp="${ADDITIONAL_LOCALES%\"}" \ + && temp="${temp#\"}" \ + && for i in ${temp}; do sed -i "/$i/s/^#//g" /etc/locale.gen; done \ + && locale-gen \ +;fi + +########################################################################### +# MySQL Client: +########################################################################### + +USER root + +ARG INSTALL_MYSQL_CLIENT=false + +RUN if [ ${INSTALL_MYSQL_CLIENT} = true ]; then \ + apt-get -y install default-mysql-client \ +;fi + +########################################################################### +# ping: +########################################################################### + +USER root + +ARG INSTALL_PING=false + +RUN if [ ${INSTALL_PING} = true ]; then \ + apt-get -y install inetutils-ping \ +;fi + +########################################################################### +# sshpass: +########################################################################### + +USER root + +ARG INSTALL_SSHPASS=false + +RUN if [ ${INSTALL_SSHPASS} = true ]; then \ + apt-get -y install sshpass \ +;fi + +########################################################################### +# FFMPEG: +########################################################################### + +USER root + +ARG INSTALL_FFMPEG=false + +RUN if [ ${INSTALL_FFMPEG} = true ]; then \ + apt-get -y install ffmpeg \ +;fi + +########################################################################### +# BBC Audio Waveform Image Generator: +########################################################################### + +USER root + +ARG INSTALL_AUDIOWAVEFORM=false + +RUN if [ ${INSTALL_AUDIOWAVEFORM} = true ]; then \ + apt-get -y install git wget make cmake gcc g++ libmad0-dev libid3tag0-dev libsndfile1-dev libgd-dev libboost-filesystem-dev libboost-program-options-dev libboost-regex-dev \ + && git clone https://github.com/bbc/audiowaveform.git \ + && cd audiowaveform \ + && wget https://github.com/google/googletest/archive/release-1.10.0.tar.gz \ + && tar xzf release-1.10.0.tar.gz \ + && ln -s googletest-release-1.10.0/googletest googletest \ + && ln -s googletest-release-1.10.0/googlemock googlemock \ + && mkdir build \ + && cd build \ + && cmake .. \ + && make \ + && make install \ +;fi + + +##################################### +# wkhtmltopdf: +##################################### + +USER root + +ARG INSTALL_WKHTMLTOPDF=false + +RUN if [ ${INSTALL_WKHTMLTOPDF} = true ]; then \ + apt-get install -y \ + libxrender1 \ + libfontconfig1 \ + libx11-dev \ + libjpeg62 \ + libxtst6 \ + fontconfig \ + libjpeg62-turbo \ + xfonts-base \ + xfonts-75dpi \ + wget \ + && wget https://github.com/wkhtmltopdf/packaging/releases/download/0.12.6-1/wkhtmltox_0.12.6-1.stretch_amd64.deb \ + && dpkg -i wkhtmltox_0.12.6-1.stretch_amd64.deb \ + && apt -f install \ +;fi + +########################################################################### +# Mailparse extension: +########################################################################### + +ARG INSTALL_MAILPARSE=false + +RUN if [ ${INSTALL_MAILPARSE} = true ]; then \ + # Install mailparse extension + printf "\n" | pecl install -o -f mailparse \ + && rm -rf /tmp/pear \ + && docker-php-ext-enable mailparse \ +;fi + +########################################################################### +# CacheTool: +########################################################################### + +ARG INSTALL_CACHETOOL=false + +RUN if [ ${INSTALL_CACHETOOL} = true ]; then \ + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "7" ] && [ $(php -r "echo PHP_MINOR_VERSION;") -ge 1 ]; then \ + curl -sO http://gordalina.github.io/cachetool/downloads/cachetool.phar; \ + else \ + curl http://gordalina.github.io/cachetool/downloads/cachetool-3.2.1.phar -o cachetool.phar; \ + fi && \ + chmod +x cachetool.phar && \ + mv cachetool.phar /usr/local/bin/cachetool \ +;fi + +########################################################################### +# XMLRPC: +########################################################################### + +ARG INSTALL_XMLRPC=false + +RUN if [ ${INSTALL_XMLRPC} = true ]; then \ + docker-php-ext-install xmlrpc \ +;fi + +########################################################################### +# Downgrade Openssl: +########################################################################### + +ARG DOWNGRADE_OPENSSL_TLS_AND_SECLEVEL=false + +RUN if [ ${DOWNGRADE_OPENSSL_TLS_AND_SECLEVEL} = true ]; then \ + sed -i 's,^\(MinProtocol[ ]*=\).*,\1'TLSv1.2',g' /etc/ssl/openssl.cnf \ + && \ + sed -i 's,^\(CipherString[ ]*=\).*,\1'DEFAULT@SECLEVEL=1',g' /etc/ssl/openssl.cnf\ +;fi + +########################################################################### +# Check PHP version: +########################################################################### + +RUN set -xe; php -v | head -n 1 | grep -q "PHP ${LARADOCK_PHP_VERSION}." + +# +#-------------------------------------------------------------------------- +# Final Touch +#-------------------------------------------------------------------------- +# + +COPY ./laravel.ini /usr/local/etc/php/conf.d +COPY ./xlaravel.pool.conf /usr/local/etc/php-fpm.d/ + +USER root + +# Clean up +RUN apt-get clean && \ + rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* && \ + rm /var/log/lastlog /var/log/faillog + +# Configure non-root user. +ARG PUID=1000 +ENV PUID ${PUID} +ARG PGID=1000 +ENV PGID ${PGID} + +RUN groupmod -o -g ${PGID} www-data && \ + usermod -o -u ${PUID} -g www-data www-data + +# Adding the faketime library to the preload file needs to be done last +# otherwise it will preload it for all commands that follow in this file +RUN if [ ${INSTALL_FAKETIME} = true ]; then \ + echo "/usr/lib/x86_64-linux-gnu/faketime/libfaketime.so.1" > /etc/ld.so.preload \ +;fi + +# Configure locale. +ARG LOCALE=POSIX +ENV LC_ALL ${LOCALE} + +WORKDIR /var/www + +CMD ["php-fpm"] + +EXPOSE 9000 diff --git a/images/php-fpm/aerospike.ini b/images/php-fpm/aerospike.ini new file mode 100644 index 00000000..f9c8f614 --- /dev/null +++ b/images/php-fpm/aerospike.ini @@ -0,0 +1,3 @@ +extension=aerospike.so +aerospike.udf.lua_system_path=/usr/local/aerospike/lua +aerospike.udf.lua_user_path=/usr/local/aerospike/usr-lua \ No newline at end of file diff --git a/images/php-fpm/laravel.ini b/images/php-fpm/laravel.ini new file mode 100644 index 00000000..d491643b --- /dev/null +++ b/images/php-fpm/laravel.ini @@ -0,0 +1,16 @@ +date.timezone=UTC +display_errors=Off +log_errors=On + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 256M +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 20M +; Sets max size of post data allowed. +; http://php.net/post-max-size +post_max_size = 20M +max_execution_time=600 +default_socket_timeout=3600 +request_terminate_timeout=600 diff --git a/images/php-fpm/mysql.ini b/images/php-fpm/mysql.ini new file mode 100644 index 00000000..c2e55f71 --- /dev/null +++ b/images/php-fpm/mysql.ini @@ -0,0 +1,58 @@ +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + diff --git a/images/php-fpm/opcache.ini b/images/php-fpm/opcache.ini new file mode 100644 index 00000000..bf3d08e3 --- /dev/null +++ b/images/php-fpm/opcache.ini @@ -0,0 +1,9 @@ +; NOTE: The actual opcache.so extention is NOT SET HERE but rather (/usr/local/etc/php/conf.d/docker-php-ext-opcache.ini) + +opcache.enable=1 +opcache.memory_consumption=256 +opcache.use_cwd=0 +opcache.max_file_size=0 +opcache.max_accelerated_files=30000 +opcache.validate_timestamps=1 +opcache.revalidate_freq=0 diff --git a/images/php-fpm/phalcon.ini b/images/php-fpm/phalcon.ini new file mode 100644 index 00000000..a5013838 --- /dev/null +++ b/images/php-fpm/phalcon.ini @@ -0,0 +1,2 @@ +extension=psr.so +extension=phalcon.so \ No newline at end of file diff --git a/images/php-fpm/php5.6.ini b/images/php-fpm/php5.6.ini new file mode 100644 index 00000000..c644bee6 --- /dev/null +++ b/images/php-fpm/php5.6.ini @@ -0,0 +1,2030 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it is +; much more verbose when it comes to errors. We recommend using the +; development version only in development environments, as errors shown to +; application users can inadvertently leak otherwise secure information. + +; This is php.ini-development INI file. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT + +; html_errors +; Default Value: On +; Development Value: On +; Production value: On + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.hash_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; url_rewriter.tags +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It is +; generally recommended that should be used and that this feature +; should be disabled, as enabling it may result in issues when generating XML +; documents, however this remains supported for backward compatibility reasons. +; Note that this directive does not control the tags. +; http://php.net/asp-tags +asp_tags = Off + +; The number of significant digits displayed in floating point numbers. +; http://php.net/precision +precision = 14 + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; Turning on this setting and managing its maximum buffer size can yield some +; interesting side-effects depending on your application and web server. +; You may be able to send headers and cookies after you've already sent output +; through print or echo. You also may see performance benefits if your server is +; emitting less packets due to buffered output versus PHP streaming the output +; as it gets it. On production servers, 4096 bytes is a good setting for performance +; reasons. +; Note: Output buffering can also be controlled via Output Buffering Control +; functions. +; Possible Values: +; On = Enabled and buffer is unlimited. (Use with caution) +; Off = Disabled +; Integer = Enables the buffer and sets its maximum size in bytes. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 +; http://php.net/output-buffering +output_buffering = 4096 + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +; http://php.net/output-handler +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few hundreds bytes each as a result of +; compression. If you prefer a larger chunk size for better +; performance, enable output_buffering in addition. +; Note: You need to use zlib.output_handler instead of the standard +; output_handler, or otherwise the output will be corrupted. +; http://php.net/zlib.output-compression +zlib.output_compression = Off + +; http://php.net/zlib.output-compression-level +;zlib.output_compression_level = -1 + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +; http://php.net/zlib.output-handler +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +; http://php.net/implicit-flush +; Note: This directive is hardcoded to On for the CLI SAPI +implicit_flush = Off + +; The unserialize callback function will be called (with the undefined class' +; name as parameter), if the unserializer finds an undefined class +; which should be instantiated. A warning appears if the specified function is +; not defined, or if the function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func = + +; When floats & doubles are serialized store serialize_precision significant +; digits after the floating point. The default value ensures that when floats +; are decoded with unserialize, the data will remain the same. +serialize_precision = 17 + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. +; http://php.net/open-basedir +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. +; http://php.net/disable-functions +disable_functions = + +; This directive allows you to disable certain classes for security reasons. +; It receives a comma-delimited list of class names. +; http://php.net/disable-classes +disable_classes = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 16k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +; Enables or disables the circular reference collector. +; http://php.net/zend.enable-gc +zend.enable_gc = On + +; If enabled, scripts may be written in encodings that are incompatible with +; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such +; encodings. To use this feature, mbstring extension must be enabled. +; Default: Off +;zend.multibyte = Off + +; Allows to set the default encoding for the scripts. This value will be used +; unless "declare(encoding=...)" directive appears at the top of the script. +; Only affects if zend.multibyte is set. +; Default: "" +;zend.script_encoding = + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = On + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 30 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 60 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; How many GET/POST/COOKIE input variables may be accepted +; max_input_vars = 1000 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it is automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL (Show all errors, warnings and notices including coding standards.) +; E_ALL & ~E_NOTICE (Show all errors, except for notices) +; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT +; http://php.net/error-reporting +error_reporting = E_ALL + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; For production environments, we recommend logging errors rather than +; sending them to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = On + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. We strongly recommend you +; set this to 'off' for production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = On + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = On + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of formatting the +; error message as HTML for easier reading. This directive controls whether +; the error message is formatted as HTML or not. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: On +; http://php.net/html-errors +html_errors = On + +; If html_errors is set to On *and* docref_root is not empty, then PHP +; produces clickable error messages that direct to a page describing the error +; or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty, in which +; case no links to documentation are generated. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on Windows). +;error_log = syslog + +;windows.show_crt_warning +; Default value: 0 +; Development value: 0 +; Production value: 0 + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. G,P,C,E & S are abbreviations for the following respective super +; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty +; paid for the registration of these arrays and because ENV is not as commonly +; used as the others, ENV is not recommended on productions servers. You +; can still get access to the environment variables through getenv() should you +; need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P & C) should be +; registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive +; are specified in the same manner as the variables_order directive, +; EXCEPT one. Leaving this value empty will cause PHP to use the value set +; in the variables_order directive. It does not mean it will leave the super +; globals array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the ENV, REQUEST and SERVER variables are created when they're +; first used (Just In Time) instead of when the script starts. If these +; variables are not used within a script, having this directive on will result +; in a performance gain. The PHP directive register_argc_argv must be disabled +; for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Whether PHP will read the POST data. +; This option is enabled by default. +; Most likely, you won't want to disable this option globally. It causes $_POST +; and $_FILES to always be empty; the only way you will be able to read the +; POST data will be through the php://input stream wrapper. This can be useful +; to proxy requests or to process the POST data in a memory efficient fashion. +; http://php.net/enable-post-data-reading +;enable_post_data_reading = Off + +; Maximum size of POST data that PHP will accept. +; Its value may be 0 to disable the limit. It is ignored if POST data reading +; is disabled through enable_post_data_reading. +; http://php.net/post-max-size +post_max_size = 8M + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a media type using the Content-Type header. To +; disable this, simply set it to be empty. +; +; PHP's built-in default media type is set to text/html. +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to UTF-8. +; http://php.net/default-charset +default_charset = "UTF-8" + +; PHP internal character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/internal-encoding +;internal_encoding = + +; PHP input character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/input-encoding +;input_encoding = + +; PHP output character encoding is set to empty. +; If empty, default_charset is used. +; See also output_buffer. +; http://php.net/output-encoding +;output_encoding = + +; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is +; to disable this feature and it will be removed in a future version. +; If post reading is disabled through enable_post_data_reading, +; $HTTP_RAW_POST_DATA is *NOT* populated. +; http://php.net/always-populate-raw-post-data +;always_populate_raw_post_data = -1 + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +;include_path = ".:/php/includes" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Directory where the temporary files should be placed. +; Defaults to the system default (see sys_get_temp_dir) +; sys_temp_dir = "/tmp" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside +; of the web tree and people will not be able to circumvent .htaccess security. +; http://php.net/cgi.dicard-path +;cgi.discard_path=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1 + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If set to 0, PHP sends Status: header that +; is supported by Apache. When this option is set to 1, PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! +; (shebang) at the top of the running script. This line might be needed if the +; script support running both as stand-alone script and via PHP CGI<. PHP in CGI +; mode skips this line and ignores its content if this directive is turned on. +; http://php.net/cgi.check-shebang-line +;cgi.check_shebang_line=1 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = On + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; ... or with a path: +; +; extension=/path/to/extension/msql.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) +; extension folders as well as the separate PECL DLL download (PHP 5). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysql.dll +;extension=php_mysqli.dll +;extension=php_oci8_12c.dll ; Use with Oracle Database 12c Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_shmop.dll + +; The MIBS data available in the PHP distribution must be installed. +; See http://www.php.net/manual/en/snmp.installation.php +;extension=php_snmp.dll + +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite3.dll +;extension=php_sybase_ct.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[CLI Server] +; Whether the CLI web server uses ANSI color coding in its terminal output. +cli_server.color = On + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +; Use of this INI entry is deprecated, use global input_encoding instead. +; If empty, default_charset or input_encoding or iconv.input_encoding is used. +; The precedence is: default_charset < intput_encoding < iconv.input_encoding +;iconv.input_encoding = + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;iconv.internal_encoding = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; If empty, default_charset or output_encoding or iconv.output_encoding is used. +; The precedence is: default_charset < output_encoding < iconv.output_encoding +; To use an output encoding conversion, iconv's output handler must be set +; otherwise output encoding conversion cannot be performed. +;iconv.output_encoding = + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING +;intl.use_exceptions = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(). +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = +; Log mail to syslog (Event Log on Windows). +;mail.log = syslog + +[SQL] +; http://php.net/sql.safe-mode +sql.safe_mode = Off + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQL] +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysql.allow_local_infile +mysql.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysql.allow-persistent +mysql.allow_persistent = On + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysql.cache_size +mysql.cache_size = 2000 + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysql.max-persistent +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/mysql.max-links +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysql.default-port +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysql.default-socket +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-host +mysql.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysql.default-user +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysql.default-password +mysql.default_password = + +; Maximum time (in seconds) for connect timeout. -1 means no limit +; http://php.net/mysql.connect-timeout +mysql.connect_timeout = 60 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Errors will be displayed. +; http://php.net/mysql.trace-mode +mysql.trace_mode = Off + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = On + +; Records communication from all extensions using mysqlnd to the specified log +; file. +; http://php.net/mysqlnd.debug +;mysqlnd.debug = + +; Defines which queries will be logged. +; http://php.net/mysqlnd.log_mask +;mysqlnd.log_mask = 0 + +; Default size of the mysqlnd memory pool, which is used by result sets. +; http://php.net/mysqlnd.mempool_default_size +;mysqlnd.mempool_default_size = 16000 + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +; Timeout for network requests in seconds. +; http://php.net/mysqlnd.net_read_timeout +;mysqlnd.net_read_timeout = 31536000 + +; SHA-256 Authentication Plugin related. File with the MySQL server public RSA +; key. +; http://php.net/mysqlnd.sha256_server_public_key +;mysqlnd.sha256_server_public_key = + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgreSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[Sybase-CT] +; Allow or prevent persistent links. +; http://php.net/sybct.allow-persistent +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/sybct.max-persistent +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/sybct.max-links +sybct.max_links = -1 + +; Minimum server message severity to display. +; http://php.net/sybct.min-server-severity +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +; http://php.net/sybct.min-client-severity +sybct.min_client_severity = 10 + +; Set per-context timeout +; http://php.net/sybct.timeout +;sybct.timeout= + +;sybct.packet_size + +; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. +; Default: one minute +;sybct.login_timeout= + +; The name of the host you claim to be connecting from, for display by sp_who. +; Default: none +;sybct.hostname= + +; Allows you to define how often deadlocks are to be retried. -1 means "forever". +; Default: 0 +;sybct.deadlock_retry_count= + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if +; your OS has problems with many files in one directory, and is +; a more efficient layout for servers that handle many sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use strict session mode. +; Strict session mode does not accept uninitialized session ID and regenerate +; session ID if browser sends uninitialized session ID. Strict mode protects +; applications from session fixation via session adoption vulnerability. It is +; disabled by default for maximum compatibility, but enabling it is encouraged. +; https://wiki.php.net/rfc/strict_sessions +session.use_strict_mode = 0 + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combating +; session hijacking when not specifying and managing your own session id. It is +; not the be-all and end-all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 -type f | xargs rm + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; How many bytes to read from the file. +; http://php.net/session.entropy-length +;session.entropy_length = 32 + +; Specified here to create the session id. +; http://php.net/session.entropy-file +; Defaults to /dev/urandom +; On systems that don't have /dev/urandom but do have /dev/arandom, this will default to /dev/arandom +; If neither are found at compile time, the default is no entropy file. +; On windows, setting the entropy_length setting will activate the +; Windows random source (using the CryptoAPI) +;session.entropy_file = /dev/urandom + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users' security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publicly accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Select a hash function for use in generating session ids. +; Possible Values +; 0 (MD5 128 bits) +; 1 (SHA-1 160 bits) +; This option may also be set to the name of any hash function supported by +; the hash extension. A list of available hashes is returned by the hash_algos() +; function. +; http://php.net/session.hash-function +session.hash_function = 0 + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.hash_bits_per_character = 5 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=,fieldset=" +; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" +; http://php.net/url-rewriter.tags +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +; Enable upload progress tracking in $_SESSION +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.enabled +;session.upload_progress.enabled = On + +; Cleanup the progress information as soon as all POST data has been read +; (i.e. upload completed). +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.cleanup +;session.upload_progress.cleanup = On + +; A prefix used for the upload progress key in $_SESSION +; Default Value: "upload_progress_" +; Development Value: "upload_progress_" +; Production Value: "upload_progress_" +; http://php.net/session.upload-progress.prefix +;session.upload_progress.prefix = "upload_progress_" + +; The index name (concatenated with the prefix) in $_SESSION +; containing the upload progress information +; Default Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Development Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Production Value: "PHP_SESSION_UPLOAD_PROGRESS" +; http://php.net/session.upload-progress.name +;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" + +; How frequently the upload progress should be updated. +; Given either in percentages (per-file), or in bytes +; Default Value: "1%" +; Development Value: "1%" +; Production Value: "1%" +; http://php.net/session.upload-progress.freq +;session.upload_progress.freq = "1%" + +; The minimum delay between updates, in seconds +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.upload-progress.min-freq +;session.upload_progress.min_freq = "1" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatibility mode with old versions of PHP 3.0. +mssql.compatibility_mode = Off + +; Connect timeout +;mssql.connect_timeout = 5 + +; Query timeout +;mssql.timeout = 60 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Specify how datetime and datetim4 columns are returned +; On => Returns data converted to SQL server settings +; Off => Returns values as YYYY-MM-DD hh:mm:ss +;mssql.datetimeconvert = On + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. -1 = library default +; msdlib defaults to 25 +; FreeTDS defaults to 4096 +;mssql.max_procs = -1 + +; Specify client character set. +; If empty or not set the client charset from freetds.conf is used +; This is only used when compiled with FreeTDS +;mssql.charset = "ISO-8859-1" + +[Assertion] +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Issue a PHP warning for each failed assertion. +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; This affects mb_send_mail() and mbstrig.detect_order. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; internal/script encoding. +; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*) +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;mbstring.internal_encoding = + +; Use of this INI entry is deprecated, use global input_encoding instead. +; http input encoding. +; mbstring.encoding_traslation = On is needed to use this setting. +; If empty, default_charset or input_encoding or mbstring.input is used. +; The precedence is: default_charset < intput_encoding < mbsting.http_input +; http://php.net/mbstring.http-input +;mbstring.http_input = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; http output encoding. +; mb_output_handler must be registered as output buffer to function. +; If empty, default_charset or output_encoding or mbstring.http_output is used. +; The precedence is: default_charset < output_encoding < mbstring.http_output +; To use an output encoding conversion, mbstring's output handler must be set +; otherwise output encoding conversion cannot be performed. +; http://php.net/mbstring.http-output +;mbstring.http_output = + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; "auto" detect order is changed according to mbstring.language +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +; Default: Off +;mbstring.strict_detection = On + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 0 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[mcrypt] +; For more information about mcrypt settings see http://php.net/mcrypt-module-open + +; Directory where to load mcrypt algorithms +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.algorithms_dir= + +; Directory where to load mcrypt modes +; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) +;mcrypt.modes_dir= + +[dba] +;dba.default_handler= + +[opcache] +; Determines if Zend OPCache is enabled +;opcache.enable=0 + +; Determines if Zend OPCache is enabled for the CLI version of PHP +;opcache.enable_cli=0 + +; The OPcache shared memory storage size. +;opcache.memory_consumption=64 + +; The amount of memory for interned strings in Mbytes. +;opcache.interned_strings_buffer=4 + +; The maximum number of keys (scripts) in the OPcache hash table. +; Only numbers between 200 and 100000 are allowed. +;opcache.max_accelerated_files=2000 + +; The maximum percentage of "wasted" memory until a restart is scheduled. +;opcache.max_wasted_percentage=5 + +; When this directive is enabled, the OPcache appends the current working +; directory to the script key, thus eliminating possible collisions between +; files with the same name (basename). Disabling the directive improves +; performance, but may break existing applications. +;opcache.use_cwd=1 + +; When disabled, you must reset the OPcache manually or restart the +; webserver for changes to the filesystem to take effect. +;opcache.validate_timestamps=1 + +; How often (in seconds) to check file timestamps for changes to the shared +; memory storage allocation. ("1" means validate once per second, but only +; once per request. "0" means always validate) +;opcache.revalidate_freq=2 + +; Enables or disables file search in include_path optimization +;opcache.revalidate_path=0 + +; If disabled, all PHPDoc comments are dropped from the code to reduce the +; size of the optimized code. +;opcache.save_comments=1 + +; If disabled, PHPDoc comments are not loaded from SHM, so "Doc Comments" +; may be always stored (save_comments=1), but not loaded by applications +; that don't need them anyway. +;opcache.load_comments=1 + +; If enabled, a fast shutdown sequence is used for the accelerated code +;opcache.fast_shutdown=0 + +; Allow file existence override (file_exists, etc.) performance feature. +;opcache.enable_file_override=0 + +; A bitmask, where each bit enables or disables the appropriate OPcache +; passes +;opcache.optimization_level=0xffffffff + +;opcache.inherited_hack=1 +;opcache.dups_fix=0 + +; The location of the OPcache blacklist file (wildcards allowed). +; Each OPcache blacklist file is a text file that holds the names of files +; that should not be accelerated. The file format is to add each filename +; to a new line. The filename may be a full path or just a file prefix +; (i.e., /var/www/x blacklists all the files and directories in /var/www +; that start with 'x'). Line starting with a ; are ignored (comments). +;opcache.blacklist_filename= + +; Allows exclusion of large files from being cached. By default all files +; are cached. +;opcache.max_file_size=0 + +; Check the cache checksum each N requests. +; The default value of "0" means that the checks are disabled. +;opcache.consistency_checks=0 + +; How long to wait (in seconds) for a scheduled restart to begin if the cache +; is not being accessed. +;opcache.force_restart_timeout=180 + +; OPcache error_log file name. Empty string assumes "stderr". +;opcache.error_log= + +; All OPcache errors go to the Web server log. +; By default, only fatal errors (level 0) or errors (level 1) are logged. +; You can also enable warnings (level 2), info messages (level 3) or +; debug messages (level 4). +;opcache.log_verbosity_level=1 + +; Preferred Shared Memory back-end. Leave empty and let the system decide. +;opcache.preferred_memory_model= + +; Protect the shared memory from unexpected writing during script execution. +; Useful for internal debugging only. +;opcache.protect_memory=0 + +; Validate cached file permissions. +; opcache.validate_permission=0 + +; Prevent name collisions in chroot'ed environment. +; opcache.validate_root=0 + +[curl] +; A default value for the CURLOPT_CAINFO option. This is required to be an +; absolute path. +;curl.cainfo = + +[openssl] +; The location of a Certificate Authority (CA) file on the local filesystem +; to use when verifying the identity of SSL/TLS peers. Most users should +; not specify a value for this directive as PHP will attempt to use the +; OS-managed cert stores in its absence. If specified, this value may still +; be overridden on a per-stream basis via the "cafile" SSL stream context +; option. +;openssl.cafile= + +; If openssl.cafile is not specified or if the CA file is not found, the +; directory pointed to by openssl.capath is searched for a suitable +; certificate. This value must be a correctly hashed certificate directory. +; Most users should not specify a value for this directive as PHP will +; attempt to use the OS-managed cert stores in its absence. If specified, +; this value may still be overridden on a per-stream basis via the "capath" +; SSL stream context option. +;openssl.capath= + +; Local Variables: +; tab-width: 4 +; End: diff --git a/images/php-fpm/php7.0.ini b/images/php-fpm/php7.0.ini new file mode 100644 index 00000000..9bf5f6ce --- /dev/null +++ b/images/php-fpm/php7.0.ini @@ -0,0 +1,1918 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it is +; much more verbose when it comes to errors. We recommend using the +; development version only in development environments, as errors shown to +; application users can inadvertently leak otherwise secure information. + +; This is php.ini-production INI file. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT + +; html_errors +; Default Value: On +; Development Value: On +; Production value: On + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.sid_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It is +; generally recommended that should be used and that this feature +; should be disabled, as enabling it may result in issues when generating XML +; documents, however this remains supported for backward compatibility reasons. +; Note that this directive does not control the would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 4096k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +; Enables or disables the circular reference collector. +; http://php.net/zend.enable-gc +zend.enable_gc = On + +; If enabled, scripts may be written in encodings that are incompatible with +; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such +; encodings. To use this feature, mbstring extension must be enabled. +; Default: Off +;zend.multibyte = Off + +; Allows to set the default encoding for the scripts. This value will be used +; unless "declare(encoding=...)" directive appears at the top of the script. +; Only affects if zend.multibyte is set. +; Default: "" +;zend.script_encoding = + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = On + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 600 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 120 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; How many GET/POST/COOKIE input variables may be accepted +; max_input_vars = 1000 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 256M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it is automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL (Show all errors, warnings and notices including coding standards.) +; E_ALL & ~E_NOTICE (Show all errors, except for notices) +; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT +; http://php.net/error-reporting +error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; For production environments, we recommend logging errors rather than +; sending them to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = Off + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. We strongly recommend you +; set this to 'off' for production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = Off + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of formatting the +; error message as HTML for easier reading. This directive controls whether +; the error message is formatted as HTML or not. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: On +; http://php.net/html-errors +html_errors = On + +; If html_errors is set to On *and* docref_root is not empty, then PHP +; produces clickable error messages that direct to a page describing the error +; or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty, in which +; case no links to documentation are generated. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on Windows). +;error_log = syslog + +;windows.show_crt_warning +; Default value: 0 +; Development value: 0 +; Production value: 0 + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. G,P,C,E & S are abbreviations for the following respective super +; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty +; paid for the registration of these arrays and because ENV is not as commonly +; used as the others, ENV is not recommended on productions servers. You +; can still get access to the environment variables through getenv() should you +; need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P & C) should be +; registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive +; are specified in the same manner as the variables_order directive, +; EXCEPT one. Leaving this value empty will cause PHP to use the value set +; in the variables_order directive. It does not mean it will leave the super +; globals array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the ENV, REQUEST and SERVER variables are created when they're +; first used (Just In Time) instead of when the script starts. If these +; variables are not used within a script, having this directive on will result +; in a performance gain. The PHP directive register_argc_argv must be disabled +; for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Whether PHP will read the POST data. +; This option is enabled by default. +; Most likely, you won't want to disable this option globally. It causes $_POST +; and $_FILES to always be empty; the only way you will be able to read the +; POST data will be through the php://input stream wrapper. This can be useful +; to proxy requests or to process the POST data in a memory efficient fashion. +; http://php.net/enable-post-data-reading +;enable_post_data_reading = Off + +; Maximum size of POST data that PHP will accept. +; Its value may be 0 to disable the limit. It is ignored if POST data reading +; is disabled through enable_post_data_reading. +; http://php.net/post-max-size +post_max_size = 8M + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a media type using the Content-Type header. To +; disable this, simply set it to be empty. +; +; PHP's built-in default media type is set to text/html. +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to UTF-8. +; http://php.net/default-charset +default_charset = "UTF-8" + +; PHP internal character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/internal-encoding +;internal_encoding = + +; PHP input character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/input-encoding +;input_encoding = + +; PHP output character encoding is set to empty. +; If empty, default_charset is used. +; See also output_buffer. +; http://php.net/output-encoding +;output_encoding = + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +;include_path = ".:/php/includes" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Directory where the temporary files should be placed. +; Defaults to the system default (see sys_get_temp_dir) +; sys_temp_dir = "/tmp" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside +; of the web tree and people will not be able to circumvent .htaccess security. +; http://php.net/cgi.dicard-path +;cgi.discard_path=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1 + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If set to 0, PHP sends Status: header that +; is supported by Apache. When this option is set to 1, PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! +; (shebang) at the top of the running script. This line might be needed if the +; script support running both as stand-alone script and via PHP CGI<. PHP in CGI +; mode skips this line and ignores its content if this directive is turned on. +; http://php.net/cgi.check-shebang-line +;cgi.check_shebang_line=1 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = On + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=mysqli.dll +; +; ... or under UNIX: +; +; extension=mysqli.so +; +; ... or with a path: +; +; extension=/path/to/extension/mysqli.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5+) +; extension folders as well as the separate PECL DLL download (PHP 5+). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_ftp.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysqli.dll +;extension=php_oci8_12c.dll ; Use with Oracle Database 12c Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_shmop.dll + +; The MIBS data available in the PHP distribution must be installed. +; See http://www.php.net/manual/en/snmp.installation.php +;extension=php_snmp.dll + +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite3.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[CLI Server] +; Whether the CLI web server uses ANSI color coding in its terminal output. +cli_server.color = On + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +; Use of this INI entry is deprecated, use global input_encoding instead. +; If empty, default_charset or input_encoding or iconv.input_encoding is used. +; The precedence is: default_charset < intput_encoding < iconv.input_encoding +;iconv.input_encoding = + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;iconv.internal_encoding = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; If empty, default_charset or output_encoding or iconv.output_encoding is used. +; The precedence is: default_charset < output_encoding < iconv.output_encoding +; To use an output encoding conversion, iconv's output handler must be set +; otherwise output encoding conversion cannot be performed. +;iconv.output_encoding = + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING +;intl.use_exceptions = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +;Enables or disables JIT compilation of patterns. This requires the PCRE +;library to be compiled with JIT support. +;pcre.jit=1 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(). +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = +; Log mail to syslog (Event Log on Windows). +;mail.log = syslog + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = Off + +; Records communication from all extensions using mysqlnd to the specified log +; file. +; http://php.net/mysqlnd.debug +;mysqlnd.debug = + +; Defines which queries will be logged. +; http://php.net/mysqlnd.log_mask +;mysqlnd.log_mask = 0 + +; Default size of the mysqlnd memory pool, which is used by result sets. +; http://php.net/mysqlnd.mempool_default_size +;mysqlnd.mempool_default_size = 16000 + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +; Timeout for network requests in seconds. +; http://php.net/mysqlnd.net_read_timeout +;mysqlnd.net_read_timeout = 31536000 + +; SHA-256 Authentication Plugin related. File with the MySQL server public RSA +; key. +; http://php.net/mysqlnd.sha256_server_public_key +;mysqlnd.sha256_server_public_key = + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgreSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if +; your OS has problems with many files in one directory, and is +; a more efficient layout for servers that handle many sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use strict session mode. +; Strict session mode does not accept uninitialized session ID and regenerate +; session ID if browser sends uninitialized session ID. Strict mode protects +; applications from session fixation via session adoption vulnerability. It is +; disabled by default for maximum compatibility, but enabling it is encouraged. +; https://wiki.php.net/rfc/strict_sessions +session.use_strict_mode = 0 + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combating +; session hijacking when not specifying and managing your own session id. It is +; not the be-all and end-all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 -type f | xargs rm + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users' security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publicly accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Set session ID character length. This value could be between 22 to 256. +; Shorter length than default is supported only for compatibility reason. +; Users should use 32 or more chars. +; http://php.net/session.sid-length +; Default Value: 32 +; Development Value: 26 +; Production Value: 26 +session.sid_length = 26 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; is special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. tag's action attribute URL will not be modified +; unless it is specified. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=" +; Development Value: "a=href,area=href,frame=src,form=" +; Production Value: "a=href,area=href,frame=src,form=" +; http://php.net/url-rewriter.tags +session.trans_sid_tags = "a=href,area=href,frame=src,form=" + +; URL rewriter does not rewrite absolute URLs by default. +; To enable rewrites for absolute pathes, target hosts must be specified +; at RUNTIME. i.e. use ini_set() +; tags is special. PHP will check action attribute's URL regardless +; of session.trans_sid_tags setting. +; If no host is defined, HTTP_HOST will be used for allowed host. +; Example value: php.net,www.php.net,wiki.php.net +; Use "," for multiple hosts. No spaces are allowed. +; Default Value: "" +; Development Value: "" +; Production Value: "" +;session.trans_sid_hosts="" + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.sid_bits_per_character = 5 + +; Enable upload progress tracking in $_SESSION +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.enabled +;session.upload_progress.enabled = On + +; Cleanup the progress information as soon as all POST data has been read +; (i.e. upload completed). +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.cleanup +;session.upload_progress.cleanup = On + +; A prefix used for the upload progress key in $_SESSION +; Default Value: "upload_progress_" +; Development Value: "upload_progress_" +; Production Value: "upload_progress_" +; http://php.net/session.upload-progress.prefix +;session.upload_progress.prefix = "upload_progress_" + +; The index name (concatenated with the prefix) in $_SESSION +; containing the upload progress information +; Default Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Development Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Production Value: "PHP_SESSION_UPLOAD_PROGRESS" +; http://php.net/session.upload-progress.name +;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" + +; How frequently the upload progress should be updated. +; Given either in percentages (per-file), or in bytes +; Default Value: "1%" +; Development Value: "1%" +; Production Value: "1%" +; http://php.net/session.upload-progress.freq +;session.upload_progress.freq = "1%" + +; The minimum delay between updates, in seconds +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.upload-progress.min-freq +;session.upload_progress.min_freq = "1" + +; Only write session data when session data is changed. Enabled by default. +; http://php.net/session.lazy-write +;session.lazy_write = On + +[Assertion] +; Switch whether to compile assertions at all (to have no overhead at run-time) +; -1: Do not compile at all +; 0: Jump over assertion at run-time +; 1: Execute assertions +; Changing from or to a negative value is only possible in php.ini! (For turning assertions on and off at run-time, see assert.active, when zend.assertions = 1) +; Default Value: 1 +; Development Value: 1 +; Production Value: -1 +; http://php.net/zend.assertions +zend.assertions = -1 + +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Throw an AssertationException on failed assertions +; http://php.net/assert.exception +;assert.exception = On + +; Issue a PHP warning for each failed assertion. (Overridden by assert.exception if active) +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; This affects mb_send_mail() and mbstring.detect_order. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; internal/script encoding. +; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*) +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;mbstring.internal_encoding = + +; Use of this INI entry is deprecated, use global input_encoding instead. +; http input encoding. +; mbstring.encoding_traslation = On is needed to use this setting. +; If empty, default_charset or input_encoding or mbstring.input is used. +; The precedence is: default_charset < intput_encoding < mbsting.http_input +; http://php.net/mbstring.http-input +;mbstring.http_input = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; http output encoding. +; mb_output_handler must be registered as output buffer to function. +; If empty, default_charset or output_encoding or mbstring.http_output is used. +; The precedence is: default_charset < output_encoding < mbstring.http_output +; To use an output encoding conversion, mbstring's output handler must be set +; otherwise output encoding conversion cannot be performed. +; http://php.net/mbstring.http-output +;mbstring.http_output = + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; "auto" detect order is changed according to mbstring.language +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +; Default: Off +;mbstring.strict_detection = On + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 1 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[dba] +;dba.default_handler= + +[opcache] +; Determines if Zend OPCache is enabled +;opcache.enable=1 + +; Determines if Zend OPCache is enabled for the CLI version of PHP +;opcache.enable_cli=1 + +; The OPcache shared memory storage size. +;opcache.memory_consumption=128 + +; The amount of memory for interned strings in Mbytes. +;opcache.interned_strings_buffer=8 + +; The maximum number of keys (scripts) in the OPcache hash table. +; Only numbers between 200 and 1000000 are allowed. +;opcache.max_accelerated_files=10000 + +; The maximum percentage of "wasted" memory until a restart is scheduled. +;opcache.max_wasted_percentage=5 + +; When this directive is enabled, the OPcache appends the current working +; directory to the script key, thus eliminating possible collisions between +; files with the same name (basename). Disabling the directive improves +; performance, but may break existing applications. +;opcache.use_cwd=1 + +; When disabled, you must reset the OPcache manually or restart the +; webserver for changes to the filesystem to take effect. +;opcache.validate_timestamps=1 + +; How often (in seconds) to check file timestamps for changes to the shared +; memory storage allocation. ("1" means validate once per second, but only +; once per request. "0" means always validate) +;opcache.revalidate_freq=2 + +; Enables or disables file search in include_path optimization +;opcache.revalidate_path=0 + +; If disabled, all PHPDoc comments are dropped from the code to reduce the +; size of the optimized code. +;opcache.save_comments=1 + +; If enabled, a fast shutdown sequence is used for the accelerated code +; Depending on the used Memory Manager this may cause some incompatibilities. +;opcache.fast_shutdown=0 + +; Allow file existence override (file_exists, etc.) performance feature. +;opcache.enable_file_override=0 + +; A bitmask, where each bit enables or disables the appropriate OPcache +; passes +;opcache.optimization_level=0xffffffff + +;opcache.inherited_hack=1 +;opcache.dups_fix=0 + +; The location of the OPcache blacklist file (wildcards allowed). +; Each OPcache blacklist file is a text file that holds the names of files +; that should not be accelerated. The file format is to add each filename +; to a new line. The filename may be a full path or just a file prefix +; (i.e., /var/www/x blacklists all the files and directories in /var/www +; that start with 'x'). Line starting with a ; are ignored (comments). +;opcache.blacklist_filename= + +; Allows exclusion of large files from being cached. By default all files +; are cached. +;opcache.max_file_size=0 + +; Check the cache checksum each N requests. +; The default value of "0" means that the checks are disabled. +;opcache.consistency_checks=0 + +; How long to wait (in seconds) for a scheduled restart to begin if the cache +; is not being accessed. +;opcache.force_restart_timeout=180 + +; OPcache error_log file name. Empty string assumes "stderr". +;opcache.error_log= + +; All OPcache errors go to the Web server log. +; By default, only fatal errors (level 0) or errors (level 1) are logged. +; You can also enable warnings (level 2), info messages (level 3) or +; debug messages (level 4). +;opcache.log_verbosity_level=1 + +; Preferred Shared Memory back-end. Leave empty and let the system decide. +;opcache.preferred_memory_model= + +; Protect the shared memory from unexpected writing during script execution. +; Useful for internal debugging only. +;opcache.protect_memory=0 + +; Allows calling OPcache API functions only from PHP scripts which path is +; started from specified string. The default "" means no restriction +;opcache.restrict_api= + +; Mapping base of shared memory segments (for Windows only). All the PHP +; processes have to map shared memory into the same address space. This +; directive allows to manually fix the "Unable to reattach to base address" +; errors. +;opcache.mmap_base= + +; Enables and sets the second level cache directory. +; It should improve performance when SHM memory is full, at server restart or +; SHM reset. The default "" disables file based caching. +;opcache.file_cache= + +; Enables or disables opcode caching in shared memory. +;opcache.file_cache_only=0 + +; Enables or disables checksum validation when script loaded from file cache. +;opcache.file_cache_consistency_checks=1 + +; Implies opcache.file_cache_only=1 for a certain process that failed to +; reattach to the shared memory (for Windows only). Explicitly enabled file +; cache is required. +;opcache.file_cache_fallback=1 + +; Enables or disables copying of PHP code (text segment) into HUGE PAGES. +; This should improve performance, but requires appropriate OS configuration. +;opcache.huge_code_pages=1 + +; Validate cached file permissions. +;opcache.validate_permission=0 + +; Prevent name collisions in chroot'ed environment. +;opcache.validate_root=0 + +[curl] +; A default value for the CURLOPT_CAINFO option. This is required to be an +; absolute path. +;curl.cainfo = + +[openssl] +; The location of a Certificate Authority (CA) file on the local filesystem +; to use when verifying the identity of SSL/TLS peers. Most users should +; not specify a value for this directive as PHP will attempt to use the +; OS-managed cert stores in its absence. If specified, this value may still +; be overridden on a per-stream basis via the "cafile" SSL stream context +; option. +;openssl.cafile= + +; If openssl.cafile is not specified or if the CA file is not found, the +; directory pointed to by openssl.capath is searched for a suitable +; certificate. This value must be a correctly hashed certificate directory. +; Most users should not specify a value for this directive as PHP will +; attempt to use the OS-managed cert stores in its absence. If specified, +; this value may still be overridden on a per-stream basis via the "capath" +; SSL stream context option. +;openssl.capath= + +; Local Variables: +; tab-width: 4 +; End: diff --git a/images/php-fpm/php7.1.ini b/images/php-fpm/php7.1.ini new file mode 100644 index 00000000..9bf5f6ce --- /dev/null +++ b/images/php-fpm/php7.1.ini @@ -0,0 +1,1918 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it is +; much more verbose when it comes to errors. We recommend using the +; development version only in development environments, as errors shown to +; application users can inadvertently leak otherwise secure information. + +; This is php.ini-production INI file. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT + +; html_errors +; Default Value: On +; Development Value: On +; Production value: On + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.sid_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It is +; generally recommended that should be used and that this feature +; should be disabled, as enabling it may result in issues when generating XML +; documents, however this remains supported for backward compatibility reasons. +; Note that this directive does not control the would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 4096k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +; Enables or disables the circular reference collector. +; http://php.net/zend.enable-gc +zend.enable_gc = On + +; If enabled, scripts may be written in encodings that are incompatible with +; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such +; encodings. To use this feature, mbstring extension must be enabled. +; Default: Off +;zend.multibyte = Off + +; Allows to set the default encoding for the scripts. This value will be used +; unless "declare(encoding=...)" directive appears at the top of the script. +; Only affects if zend.multibyte is set. +; Default: "" +;zend.script_encoding = + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = On + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 600 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 120 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; How many GET/POST/COOKIE input variables may be accepted +; max_input_vars = 1000 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 256M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it is automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL (Show all errors, warnings and notices including coding standards.) +; E_ALL & ~E_NOTICE (Show all errors, except for notices) +; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT +; http://php.net/error-reporting +error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; For production environments, we recommend logging errors rather than +; sending them to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = Off + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. We strongly recommend you +; set this to 'off' for production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = Off + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of formatting the +; error message as HTML for easier reading. This directive controls whether +; the error message is formatted as HTML or not. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: On +; http://php.net/html-errors +html_errors = On + +; If html_errors is set to On *and* docref_root is not empty, then PHP +; produces clickable error messages that direct to a page describing the error +; or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty, in which +; case no links to documentation are generated. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on Windows). +;error_log = syslog + +;windows.show_crt_warning +; Default value: 0 +; Development value: 0 +; Production value: 0 + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. G,P,C,E & S are abbreviations for the following respective super +; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty +; paid for the registration of these arrays and because ENV is not as commonly +; used as the others, ENV is not recommended on productions servers. You +; can still get access to the environment variables through getenv() should you +; need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P & C) should be +; registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive +; are specified in the same manner as the variables_order directive, +; EXCEPT one. Leaving this value empty will cause PHP to use the value set +; in the variables_order directive. It does not mean it will leave the super +; globals array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the ENV, REQUEST and SERVER variables are created when they're +; first used (Just In Time) instead of when the script starts. If these +; variables are not used within a script, having this directive on will result +; in a performance gain. The PHP directive register_argc_argv must be disabled +; for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Whether PHP will read the POST data. +; This option is enabled by default. +; Most likely, you won't want to disable this option globally. It causes $_POST +; and $_FILES to always be empty; the only way you will be able to read the +; POST data will be through the php://input stream wrapper. This can be useful +; to proxy requests or to process the POST data in a memory efficient fashion. +; http://php.net/enable-post-data-reading +;enable_post_data_reading = Off + +; Maximum size of POST data that PHP will accept. +; Its value may be 0 to disable the limit. It is ignored if POST data reading +; is disabled through enable_post_data_reading. +; http://php.net/post-max-size +post_max_size = 8M + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a media type using the Content-Type header. To +; disable this, simply set it to be empty. +; +; PHP's built-in default media type is set to text/html. +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to UTF-8. +; http://php.net/default-charset +default_charset = "UTF-8" + +; PHP internal character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/internal-encoding +;internal_encoding = + +; PHP input character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/input-encoding +;input_encoding = + +; PHP output character encoding is set to empty. +; If empty, default_charset is used. +; See also output_buffer. +; http://php.net/output-encoding +;output_encoding = + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +;include_path = ".:/php/includes" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Directory where the temporary files should be placed. +; Defaults to the system default (see sys_get_temp_dir) +; sys_temp_dir = "/tmp" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside +; of the web tree and people will not be able to circumvent .htaccess security. +; http://php.net/cgi.dicard-path +;cgi.discard_path=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1 + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If set to 0, PHP sends Status: header that +; is supported by Apache. When this option is set to 1, PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! +; (shebang) at the top of the running script. This line might be needed if the +; script support running both as stand-alone script and via PHP CGI<. PHP in CGI +; mode skips this line and ignores its content if this directive is turned on. +; http://php.net/cgi.check-shebang-line +;cgi.check_shebang_line=1 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = On + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=mysqli.dll +; +; ... or under UNIX: +; +; extension=mysqli.so +; +; ... or with a path: +; +; extension=/path/to/extension/mysqli.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5+) +; extension folders as well as the separate PECL DLL download (PHP 5+). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_ftp.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysqli.dll +;extension=php_oci8_12c.dll ; Use with Oracle Database 12c Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_shmop.dll + +; The MIBS data available in the PHP distribution must be installed. +; See http://www.php.net/manual/en/snmp.installation.php +;extension=php_snmp.dll + +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite3.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[CLI Server] +; Whether the CLI web server uses ANSI color coding in its terminal output. +cli_server.color = On + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +; Use of this INI entry is deprecated, use global input_encoding instead. +; If empty, default_charset or input_encoding or iconv.input_encoding is used. +; The precedence is: default_charset < intput_encoding < iconv.input_encoding +;iconv.input_encoding = + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;iconv.internal_encoding = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; If empty, default_charset or output_encoding or iconv.output_encoding is used. +; The precedence is: default_charset < output_encoding < iconv.output_encoding +; To use an output encoding conversion, iconv's output handler must be set +; otherwise output encoding conversion cannot be performed. +;iconv.output_encoding = + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING +;intl.use_exceptions = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +;Enables or disables JIT compilation of patterns. This requires the PCRE +;library to be compiled with JIT support. +;pcre.jit=1 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(). +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = +; Log mail to syslog (Event Log on Windows). +;mail.log = syslog + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = Off + +; Records communication from all extensions using mysqlnd to the specified log +; file. +; http://php.net/mysqlnd.debug +;mysqlnd.debug = + +; Defines which queries will be logged. +; http://php.net/mysqlnd.log_mask +;mysqlnd.log_mask = 0 + +; Default size of the mysqlnd memory pool, which is used by result sets. +; http://php.net/mysqlnd.mempool_default_size +;mysqlnd.mempool_default_size = 16000 + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +; Timeout for network requests in seconds. +; http://php.net/mysqlnd.net_read_timeout +;mysqlnd.net_read_timeout = 31536000 + +; SHA-256 Authentication Plugin related. File with the MySQL server public RSA +; key. +; http://php.net/mysqlnd.sha256_server_public_key +;mysqlnd.sha256_server_public_key = + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgreSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if +; your OS has problems with many files in one directory, and is +; a more efficient layout for servers that handle many sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use strict session mode. +; Strict session mode does not accept uninitialized session ID and regenerate +; session ID if browser sends uninitialized session ID. Strict mode protects +; applications from session fixation via session adoption vulnerability. It is +; disabled by default for maximum compatibility, but enabling it is encouraged. +; https://wiki.php.net/rfc/strict_sessions +session.use_strict_mode = 0 + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combating +; session hijacking when not specifying and managing your own session id. It is +; not the be-all and end-all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 -type f | xargs rm + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users' security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publicly accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Set session ID character length. This value could be between 22 to 256. +; Shorter length than default is supported only for compatibility reason. +; Users should use 32 or more chars. +; http://php.net/session.sid-length +; Default Value: 32 +; Development Value: 26 +; Production Value: 26 +session.sid_length = 26 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; is special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. tag's action attribute URL will not be modified +; unless it is specified. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=" +; Development Value: "a=href,area=href,frame=src,form=" +; Production Value: "a=href,area=href,frame=src,form=" +; http://php.net/url-rewriter.tags +session.trans_sid_tags = "a=href,area=href,frame=src,form=" + +; URL rewriter does not rewrite absolute URLs by default. +; To enable rewrites for absolute pathes, target hosts must be specified +; at RUNTIME. i.e. use ini_set() +; tags is special. PHP will check action attribute's URL regardless +; of session.trans_sid_tags setting. +; If no host is defined, HTTP_HOST will be used for allowed host. +; Example value: php.net,www.php.net,wiki.php.net +; Use "," for multiple hosts. No spaces are allowed. +; Default Value: "" +; Development Value: "" +; Production Value: "" +;session.trans_sid_hosts="" + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.sid_bits_per_character = 5 + +; Enable upload progress tracking in $_SESSION +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.enabled +;session.upload_progress.enabled = On + +; Cleanup the progress information as soon as all POST data has been read +; (i.e. upload completed). +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.cleanup +;session.upload_progress.cleanup = On + +; A prefix used for the upload progress key in $_SESSION +; Default Value: "upload_progress_" +; Development Value: "upload_progress_" +; Production Value: "upload_progress_" +; http://php.net/session.upload-progress.prefix +;session.upload_progress.prefix = "upload_progress_" + +; The index name (concatenated with the prefix) in $_SESSION +; containing the upload progress information +; Default Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Development Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Production Value: "PHP_SESSION_UPLOAD_PROGRESS" +; http://php.net/session.upload-progress.name +;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" + +; How frequently the upload progress should be updated. +; Given either in percentages (per-file), or in bytes +; Default Value: "1%" +; Development Value: "1%" +; Production Value: "1%" +; http://php.net/session.upload-progress.freq +;session.upload_progress.freq = "1%" + +; The minimum delay between updates, in seconds +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.upload-progress.min-freq +;session.upload_progress.min_freq = "1" + +; Only write session data when session data is changed. Enabled by default. +; http://php.net/session.lazy-write +;session.lazy_write = On + +[Assertion] +; Switch whether to compile assertions at all (to have no overhead at run-time) +; -1: Do not compile at all +; 0: Jump over assertion at run-time +; 1: Execute assertions +; Changing from or to a negative value is only possible in php.ini! (For turning assertions on and off at run-time, see assert.active, when zend.assertions = 1) +; Default Value: 1 +; Development Value: 1 +; Production Value: -1 +; http://php.net/zend.assertions +zend.assertions = -1 + +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Throw an AssertationException on failed assertions +; http://php.net/assert.exception +;assert.exception = On + +; Issue a PHP warning for each failed assertion. (Overridden by assert.exception if active) +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; This affects mb_send_mail() and mbstring.detect_order. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; internal/script encoding. +; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*) +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;mbstring.internal_encoding = + +; Use of this INI entry is deprecated, use global input_encoding instead. +; http input encoding. +; mbstring.encoding_traslation = On is needed to use this setting. +; If empty, default_charset or input_encoding or mbstring.input is used. +; The precedence is: default_charset < intput_encoding < mbsting.http_input +; http://php.net/mbstring.http-input +;mbstring.http_input = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; http output encoding. +; mb_output_handler must be registered as output buffer to function. +; If empty, default_charset or output_encoding or mbstring.http_output is used. +; The precedence is: default_charset < output_encoding < mbstring.http_output +; To use an output encoding conversion, mbstring's output handler must be set +; otherwise output encoding conversion cannot be performed. +; http://php.net/mbstring.http-output +;mbstring.http_output = + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; "auto" detect order is changed according to mbstring.language +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +; Default: Off +;mbstring.strict_detection = On + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 1 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[dba] +;dba.default_handler= + +[opcache] +; Determines if Zend OPCache is enabled +;opcache.enable=1 + +; Determines if Zend OPCache is enabled for the CLI version of PHP +;opcache.enable_cli=1 + +; The OPcache shared memory storage size. +;opcache.memory_consumption=128 + +; The amount of memory for interned strings in Mbytes. +;opcache.interned_strings_buffer=8 + +; The maximum number of keys (scripts) in the OPcache hash table. +; Only numbers between 200 and 1000000 are allowed. +;opcache.max_accelerated_files=10000 + +; The maximum percentage of "wasted" memory until a restart is scheduled. +;opcache.max_wasted_percentage=5 + +; When this directive is enabled, the OPcache appends the current working +; directory to the script key, thus eliminating possible collisions between +; files with the same name (basename). Disabling the directive improves +; performance, but may break existing applications. +;opcache.use_cwd=1 + +; When disabled, you must reset the OPcache manually or restart the +; webserver for changes to the filesystem to take effect. +;opcache.validate_timestamps=1 + +; How often (in seconds) to check file timestamps for changes to the shared +; memory storage allocation. ("1" means validate once per second, but only +; once per request. "0" means always validate) +;opcache.revalidate_freq=2 + +; Enables or disables file search in include_path optimization +;opcache.revalidate_path=0 + +; If disabled, all PHPDoc comments are dropped from the code to reduce the +; size of the optimized code. +;opcache.save_comments=1 + +; If enabled, a fast shutdown sequence is used for the accelerated code +; Depending on the used Memory Manager this may cause some incompatibilities. +;opcache.fast_shutdown=0 + +; Allow file existence override (file_exists, etc.) performance feature. +;opcache.enable_file_override=0 + +; A bitmask, where each bit enables or disables the appropriate OPcache +; passes +;opcache.optimization_level=0xffffffff + +;opcache.inherited_hack=1 +;opcache.dups_fix=0 + +; The location of the OPcache blacklist file (wildcards allowed). +; Each OPcache blacklist file is a text file that holds the names of files +; that should not be accelerated. The file format is to add each filename +; to a new line. The filename may be a full path or just a file prefix +; (i.e., /var/www/x blacklists all the files and directories in /var/www +; that start with 'x'). Line starting with a ; are ignored (comments). +;opcache.blacklist_filename= + +; Allows exclusion of large files from being cached. By default all files +; are cached. +;opcache.max_file_size=0 + +; Check the cache checksum each N requests. +; The default value of "0" means that the checks are disabled. +;opcache.consistency_checks=0 + +; How long to wait (in seconds) for a scheduled restart to begin if the cache +; is not being accessed. +;opcache.force_restart_timeout=180 + +; OPcache error_log file name. Empty string assumes "stderr". +;opcache.error_log= + +; All OPcache errors go to the Web server log. +; By default, only fatal errors (level 0) or errors (level 1) are logged. +; You can also enable warnings (level 2), info messages (level 3) or +; debug messages (level 4). +;opcache.log_verbosity_level=1 + +; Preferred Shared Memory back-end. Leave empty and let the system decide. +;opcache.preferred_memory_model= + +; Protect the shared memory from unexpected writing during script execution. +; Useful for internal debugging only. +;opcache.protect_memory=0 + +; Allows calling OPcache API functions only from PHP scripts which path is +; started from specified string. The default "" means no restriction +;opcache.restrict_api= + +; Mapping base of shared memory segments (for Windows only). All the PHP +; processes have to map shared memory into the same address space. This +; directive allows to manually fix the "Unable to reattach to base address" +; errors. +;opcache.mmap_base= + +; Enables and sets the second level cache directory. +; It should improve performance when SHM memory is full, at server restart or +; SHM reset. The default "" disables file based caching. +;opcache.file_cache= + +; Enables or disables opcode caching in shared memory. +;opcache.file_cache_only=0 + +; Enables or disables checksum validation when script loaded from file cache. +;opcache.file_cache_consistency_checks=1 + +; Implies opcache.file_cache_only=1 for a certain process that failed to +; reattach to the shared memory (for Windows only). Explicitly enabled file +; cache is required. +;opcache.file_cache_fallback=1 + +; Enables or disables copying of PHP code (text segment) into HUGE PAGES. +; This should improve performance, but requires appropriate OS configuration. +;opcache.huge_code_pages=1 + +; Validate cached file permissions. +;opcache.validate_permission=0 + +; Prevent name collisions in chroot'ed environment. +;opcache.validate_root=0 + +[curl] +; A default value for the CURLOPT_CAINFO option. This is required to be an +; absolute path. +;curl.cainfo = + +[openssl] +; The location of a Certificate Authority (CA) file on the local filesystem +; to use when verifying the identity of SSL/TLS peers. Most users should +; not specify a value for this directive as PHP will attempt to use the +; OS-managed cert stores in its absence. If specified, this value may still +; be overridden on a per-stream basis via the "cafile" SSL stream context +; option. +;openssl.cafile= + +; If openssl.cafile is not specified or if the CA file is not found, the +; directory pointed to by openssl.capath is searched for a suitable +; certificate. This value must be a correctly hashed certificate directory. +; Most users should not specify a value for this directive as PHP will +; attempt to use the OS-managed cert stores in its absence. If specified, +; this value may still be overridden on a per-stream basis via the "capath" +; SSL stream context option. +;openssl.capath= + +; Local Variables: +; tab-width: 4 +; End: diff --git a/images/php-fpm/php7.2.ini b/images/php-fpm/php7.2.ini new file mode 100644 index 00000000..9bf5f6ce --- /dev/null +++ b/images/php-fpm/php7.2.ini @@ -0,0 +1,1918 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it is +; much more verbose when it comes to errors. We recommend using the +; development version only in development environments, as errors shown to +; application users can inadvertently leak otherwise secure information. + +; This is php.ini-production INI file. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT + +; html_errors +; Default Value: On +; Development Value: On +; Production value: On + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.sid_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It is +; generally recommended that should be used and that this feature +; should be disabled, as enabling it may result in issues when generating XML +; documents, however this remains supported for backward compatibility reasons. +; Note that this directive does not control the would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 4096k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +; Enables or disables the circular reference collector. +; http://php.net/zend.enable-gc +zend.enable_gc = On + +; If enabled, scripts may be written in encodings that are incompatible with +; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such +; encodings. To use this feature, mbstring extension must be enabled. +; Default: Off +;zend.multibyte = Off + +; Allows to set the default encoding for the scripts. This value will be used +; unless "declare(encoding=...)" directive appears at the top of the script. +; Only affects if zend.multibyte is set. +; Default: "" +;zend.script_encoding = + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = On + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 600 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 120 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; How many GET/POST/COOKIE input variables may be accepted +; max_input_vars = 1000 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 256M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it is automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL (Show all errors, warnings and notices including coding standards.) +; E_ALL & ~E_NOTICE (Show all errors, except for notices) +; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT +; http://php.net/error-reporting +error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; For production environments, we recommend logging errors rather than +; sending them to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = Off + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. We strongly recommend you +; set this to 'off' for production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = Off + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of formatting the +; error message as HTML for easier reading. This directive controls whether +; the error message is formatted as HTML or not. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: On +; http://php.net/html-errors +html_errors = On + +; If html_errors is set to On *and* docref_root is not empty, then PHP +; produces clickable error messages that direct to a page describing the error +; or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty, in which +; case no links to documentation are generated. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on Windows). +;error_log = syslog + +;windows.show_crt_warning +; Default value: 0 +; Development value: 0 +; Production value: 0 + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. G,P,C,E & S are abbreviations for the following respective super +; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty +; paid for the registration of these arrays and because ENV is not as commonly +; used as the others, ENV is not recommended on productions servers. You +; can still get access to the environment variables through getenv() should you +; need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P & C) should be +; registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive +; are specified in the same manner as the variables_order directive, +; EXCEPT one. Leaving this value empty will cause PHP to use the value set +; in the variables_order directive. It does not mean it will leave the super +; globals array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the ENV, REQUEST and SERVER variables are created when they're +; first used (Just In Time) instead of when the script starts. If these +; variables are not used within a script, having this directive on will result +; in a performance gain. The PHP directive register_argc_argv must be disabled +; for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Whether PHP will read the POST data. +; This option is enabled by default. +; Most likely, you won't want to disable this option globally. It causes $_POST +; and $_FILES to always be empty; the only way you will be able to read the +; POST data will be through the php://input stream wrapper. This can be useful +; to proxy requests or to process the POST data in a memory efficient fashion. +; http://php.net/enable-post-data-reading +;enable_post_data_reading = Off + +; Maximum size of POST data that PHP will accept. +; Its value may be 0 to disable the limit. It is ignored if POST data reading +; is disabled through enable_post_data_reading. +; http://php.net/post-max-size +post_max_size = 8M + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a media type using the Content-Type header. To +; disable this, simply set it to be empty. +; +; PHP's built-in default media type is set to text/html. +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to UTF-8. +; http://php.net/default-charset +default_charset = "UTF-8" + +; PHP internal character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/internal-encoding +;internal_encoding = + +; PHP input character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/input-encoding +;input_encoding = + +; PHP output character encoding is set to empty. +; If empty, default_charset is used. +; See also output_buffer. +; http://php.net/output-encoding +;output_encoding = + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +;include_path = ".:/php/includes" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Directory where the temporary files should be placed. +; Defaults to the system default (see sys_get_temp_dir) +; sys_temp_dir = "/tmp" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside +; of the web tree and people will not be able to circumvent .htaccess security. +; http://php.net/cgi.dicard-path +;cgi.discard_path=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1 + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If set to 0, PHP sends Status: header that +; is supported by Apache. When this option is set to 1, PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! +; (shebang) at the top of the running script. This line might be needed if the +; script support running both as stand-alone script and via PHP CGI<. PHP in CGI +; mode skips this line and ignores its content if this directive is turned on. +; http://php.net/cgi.check-shebang-line +;cgi.check_shebang_line=1 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = On + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=mysqli.dll +; +; ... or under UNIX: +; +; extension=mysqli.so +; +; ... or with a path: +; +; extension=/path/to/extension/mysqli.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5+) +; extension folders as well as the separate PECL DLL download (PHP 5+). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_ftp.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysqli.dll +;extension=php_oci8_12c.dll ; Use with Oracle Database 12c Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_shmop.dll + +; The MIBS data available in the PHP distribution must be installed. +; See http://www.php.net/manual/en/snmp.installation.php +;extension=php_snmp.dll + +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite3.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[CLI Server] +; Whether the CLI web server uses ANSI color coding in its terminal output. +cli_server.color = On + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +; Use of this INI entry is deprecated, use global input_encoding instead. +; If empty, default_charset or input_encoding or iconv.input_encoding is used. +; The precedence is: default_charset < intput_encoding < iconv.input_encoding +;iconv.input_encoding = + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;iconv.internal_encoding = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; If empty, default_charset or output_encoding or iconv.output_encoding is used. +; The precedence is: default_charset < output_encoding < iconv.output_encoding +; To use an output encoding conversion, iconv's output handler must be set +; otherwise output encoding conversion cannot be performed. +;iconv.output_encoding = + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING +;intl.use_exceptions = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +;Enables or disables JIT compilation of patterns. This requires the PCRE +;library to be compiled with JIT support. +;pcre.jit=1 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(). +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = +; Log mail to syslog (Event Log on Windows). +;mail.log = syslog + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = Off + +; Records communication from all extensions using mysqlnd to the specified log +; file. +; http://php.net/mysqlnd.debug +;mysqlnd.debug = + +; Defines which queries will be logged. +; http://php.net/mysqlnd.log_mask +;mysqlnd.log_mask = 0 + +; Default size of the mysqlnd memory pool, which is used by result sets. +; http://php.net/mysqlnd.mempool_default_size +;mysqlnd.mempool_default_size = 16000 + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +; Timeout for network requests in seconds. +; http://php.net/mysqlnd.net_read_timeout +;mysqlnd.net_read_timeout = 31536000 + +; SHA-256 Authentication Plugin related. File with the MySQL server public RSA +; key. +; http://php.net/mysqlnd.sha256_server_public_key +;mysqlnd.sha256_server_public_key = + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgreSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if +; your OS has problems with many files in one directory, and is +; a more efficient layout for servers that handle many sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use strict session mode. +; Strict session mode does not accept uninitialized session ID and regenerate +; session ID if browser sends uninitialized session ID. Strict mode protects +; applications from session fixation via session adoption vulnerability. It is +; disabled by default for maximum compatibility, but enabling it is encouraged. +; https://wiki.php.net/rfc/strict_sessions +session.use_strict_mode = 0 + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combating +; session hijacking when not specifying and managing your own session id. It is +; not the be-all and end-all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 -type f | xargs rm + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users' security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publicly accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Set session ID character length. This value could be between 22 to 256. +; Shorter length than default is supported only for compatibility reason. +; Users should use 32 or more chars. +; http://php.net/session.sid-length +; Default Value: 32 +; Development Value: 26 +; Production Value: 26 +session.sid_length = 26 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; is special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. tag's action attribute URL will not be modified +; unless it is specified. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=" +; Development Value: "a=href,area=href,frame=src,form=" +; Production Value: "a=href,area=href,frame=src,form=" +; http://php.net/url-rewriter.tags +session.trans_sid_tags = "a=href,area=href,frame=src,form=" + +; URL rewriter does not rewrite absolute URLs by default. +; To enable rewrites for absolute pathes, target hosts must be specified +; at RUNTIME. i.e. use ini_set() +; tags is special. PHP will check action attribute's URL regardless +; of session.trans_sid_tags setting. +; If no host is defined, HTTP_HOST will be used for allowed host. +; Example value: php.net,www.php.net,wiki.php.net +; Use "," for multiple hosts. No spaces are allowed. +; Default Value: "" +; Development Value: "" +; Production Value: "" +;session.trans_sid_hosts="" + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.sid_bits_per_character = 5 + +; Enable upload progress tracking in $_SESSION +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.enabled +;session.upload_progress.enabled = On + +; Cleanup the progress information as soon as all POST data has been read +; (i.e. upload completed). +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.cleanup +;session.upload_progress.cleanup = On + +; A prefix used for the upload progress key in $_SESSION +; Default Value: "upload_progress_" +; Development Value: "upload_progress_" +; Production Value: "upload_progress_" +; http://php.net/session.upload-progress.prefix +;session.upload_progress.prefix = "upload_progress_" + +; The index name (concatenated with the prefix) in $_SESSION +; containing the upload progress information +; Default Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Development Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Production Value: "PHP_SESSION_UPLOAD_PROGRESS" +; http://php.net/session.upload-progress.name +;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" + +; How frequently the upload progress should be updated. +; Given either in percentages (per-file), or in bytes +; Default Value: "1%" +; Development Value: "1%" +; Production Value: "1%" +; http://php.net/session.upload-progress.freq +;session.upload_progress.freq = "1%" + +; The minimum delay between updates, in seconds +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.upload-progress.min-freq +;session.upload_progress.min_freq = "1" + +; Only write session data when session data is changed. Enabled by default. +; http://php.net/session.lazy-write +;session.lazy_write = On + +[Assertion] +; Switch whether to compile assertions at all (to have no overhead at run-time) +; -1: Do not compile at all +; 0: Jump over assertion at run-time +; 1: Execute assertions +; Changing from or to a negative value is only possible in php.ini! (For turning assertions on and off at run-time, see assert.active, when zend.assertions = 1) +; Default Value: 1 +; Development Value: 1 +; Production Value: -1 +; http://php.net/zend.assertions +zend.assertions = -1 + +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Throw an AssertationException on failed assertions +; http://php.net/assert.exception +;assert.exception = On + +; Issue a PHP warning for each failed assertion. (Overridden by assert.exception if active) +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; This affects mb_send_mail() and mbstring.detect_order. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; internal/script encoding. +; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*) +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;mbstring.internal_encoding = + +; Use of this INI entry is deprecated, use global input_encoding instead. +; http input encoding. +; mbstring.encoding_traslation = On is needed to use this setting. +; If empty, default_charset or input_encoding or mbstring.input is used. +; The precedence is: default_charset < intput_encoding < mbsting.http_input +; http://php.net/mbstring.http-input +;mbstring.http_input = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; http output encoding. +; mb_output_handler must be registered as output buffer to function. +; If empty, default_charset or output_encoding or mbstring.http_output is used. +; The precedence is: default_charset < output_encoding < mbstring.http_output +; To use an output encoding conversion, mbstring's output handler must be set +; otherwise output encoding conversion cannot be performed. +; http://php.net/mbstring.http-output +;mbstring.http_output = + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; "auto" detect order is changed according to mbstring.language +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +; Default: Off +;mbstring.strict_detection = On + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 1 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[dba] +;dba.default_handler= + +[opcache] +; Determines if Zend OPCache is enabled +;opcache.enable=1 + +; Determines if Zend OPCache is enabled for the CLI version of PHP +;opcache.enable_cli=1 + +; The OPcache shared memory storage size. +;opcache.memory_consumption=128 + +; The amount of memory for interned strings in Mbytes. +;opcache.interned_strings_buffer=8 + +; The maximum number of keys (scripts) in the OPcache hash table. +; Only numbers between 200 and 1000000 are allowed. +;opcache.max_accelerated_files=10000 + +; The maximum percentage of "wasted" memory until a restart is scheduled. +;opcache.max_wasted_percentage=5 + +; When this directive is enabled, the OPcache appends the current working +; directory to the script key, thus eliminating possible collisions between +; files with the same name (basename). Disabling the directive improves +; performance, but may break existing applications. +;opcache.use_cwd=1 + +; When disabled, you must reset the OPcache manually or restart the +; webserver for changes to the filesystem to take effect. +;opcache.validate_timestamps=1 + +; How often (in seconds) to check file timestamps for changes to the shared +; memory storage allocation. ("1" means validate once per second, but only +; once per request. "0" means always validate) +;opcache.revalidate_freq=2 + +; Enables or disables file search in include_path optimization +;opcache.revalidate_path=0 + +; If disabled, all PHPDoc comments are dropped from the code to reduce the +; size of the optimized code. +;opcache.save_comments=1 + +; If enabled, a fast shutdown sequence is used for the accelerated code +; Depending on the used Memory Manager this may cause some incompatibilities. +;opcache.fast_shutdown=0 + +; Allow file existence override (file_exists, etc.) performance feature. +;opcache.enable_file_override=0 + +; A bitmask, where each bit enables or disables the appropriate OPcache +; passes +;opcache.optimization_level=0xffffffff + +;opcache.inherited_hack=1 +;opcache.dups_fix=0 + +; The location of the OPcache blacklist file (wildcards allowed). +; Each OPcache blacklist file is a text file that holds the names of files +; that should not be accelerated. The file format is to add each filename +; to a new line. The filename may be a full path or just a file prefix +; (i.e., /var/www/x blacklists all the files and directories in /var/www +; that start with 'x'). Line starting with a ; are ignored (comments). +;opcache.blacklist_filename= + +; Allows exclusion of large files from being cached. By default all files +; are cached. +;opcache.max_file_size=0 + +; Check the cache checksum each N requests. +; The default value of "0" means that the checks are disabled. +;opcache.consistency_checks=0 + +; How long to wait (in seconds) for a scheduled restart to begin if the cache +; is not being accessed. +;opcache.force_restart_timeout=180 + +; OPcache error_log file name. Empty string assumes "stderr". +;opcache.error_log= + +; All OPcache errors go to the Web server log. +; By default, only fatal errors (level 0) or errors (level 1) are logged. +; You can also enable warnings (level 2), info messages (level 3) or +; debug messages (level 4). +;opcache.log_verbosity_level=1 + +; Preferred Shared Memory back-end. Leave empty and let the system decide. +;opcache.preferred_memory_model= + +; Protect the shared memory from unexpected writing during script execution. +; Useful for internal debugging only. +;opcache.protect_memory=0 + +; Allows calling OPcache API functions only from PHP scripts which path is +; started from specified string. The default "" means no restriction +;opcache.restrict_api= + +; Mapping base of shared memory segments (for Windows only). All the PHP +; processes have to map shared memory into the same address space. This +; directive allows to manually fix the "Unable to reattach to base address" +; errors. +;opcache.mmap_base= + +; Enables and sets the second level cache directory. +; It should improve performance when SHM memory is full, at server restart or +; SHM reset. The default "" disables file based caching. +;opcache.file_cache= + +; Enables or disables opcode caching in shared memory. +;opcache.file_cache_only=0 + +; Enables or disables checksum validation when script loaded from file cache. +;opcache.file_cache_consistency_checks=1 + +; Implies opcache.file_cache_only=1 for a certain process that failed to +; reattach to the shared memory (for Windows only). Explicitly enabled file +; cache is required. +;opcache.file_cache_fallback=1 + +; Enables or disables copying of PHP code (text segment) into HUGE PAGES. +; This should improve performance, but requires appropriate OS configuration. +;opcache.huge_code_pages=1 + +; Validate cached file permissions. +;opcache.validate_permission=0 + +; Prevent name collisions in chroot'ed environment. +;opcache.validate_root=0 + +[curl] +; A default value for the CURLOPT_CAINFO option. This is required to be an +; absolute path. +;curl.cainfo = + +[openssl] +; The location of a Certificate Authority (CA) file on the local filesystem +; to use when verifying the identity of SSL/TLS peers. Most users should +; not specify a value for this directive as PHP will attempt to use the +; OS-managed cert stores in its absence. If specified, this value may still +; be overridden on a per-stream basis via the "cafile" SSL stream context +; option. +;openssl.cafile= + +; If openssl.cafile is not specified or if the CA file is not found, the +; directory pointed to by openssl.capath is searched for a suitable +; certificate. This value must be a correctly hashed certificate directory. +; Most users should not specify a value for this directive as PHP will +; attempt to use the OS-managed cert stores in its absence. If specified, +; this value may still be overridden on a per-stream basis via the "capath" +; SSL stream context option. +;openssl.capath= + +; Local Variables: +; tab-width: 4 +; End: diff --git a/images/php-fpm/php7.3.ini b/images/php-fpm/php7.3.ini new file mode 100644 index 00000000..9bf5f6ce --- /dev/null +++ b/images/php-fpm/php7.3.ini @@ -0,0 +1,1918 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it is +; much more verbose when it comes to errors. We recommend using the +; development version only in development environments, as errors shown to +; application users can inadvertently leak otherwise secure information. + +; This is php.ini-production INI file. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT + +; html_errors +; Default Value: On +; Development Value: On +; Production value: On + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.sid_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It is +; generally recommended that should be used and that this feature +; should be disabled, as enabling it may result in issues when generating XML +; documents, however this remains supported for backward compatibility reasons. +; Note that this directive does not control the would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 4096k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +; Enables or disables the circular reference collector. +; http://php.net/zend.enable-gc +zend.enable_gc = On + +; If enabled, scripts may be written in encodings that are incompatible with +; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such +; encodings. To use this feature, mbstring extension must be enabled. +; Default: Off +;zend.multibyte = Off + +; Allows to set the default encoding for the scripts. This value will be used +; unless "declare(encoding=...)" directive appears at the top of the script. +; Only affects if zend.multibyte is set. +; Default: "" +;zend.script_encoding = + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = On + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 600 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 120 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; How many GET/POST/COOKIE input variables may be accepted +; max_input_vars = 1000 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 256M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it is automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL (Show all errors, warnings and notices including coding standards.) +; E_ALL & ~E_NOTICE (Show all errors, except for notices) +; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT +; http://php.net/error-reporting +error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; For production environments, we recommend logging errors rather than +; sending them to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = Off + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. We strongly recommend you +; set this to 'off' for production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = Off + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of formatting the +; error message as HTML for easier reading. This directive controls whether +; the error message is formatted as HTML or not. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: On +; http://php.net/html-errors +html_errors = On + +; If html_errors is set to On *and* docref_root is not empty, then PHP +; produces clickable error messages that direct to a page describing the error +; or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty, in which +; case no links to documentation are generated. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on Windows). +;error_log = syslog + +;windows.show_crt_warning +; Default value: 0 +; Development value: 0 +; Production value: 0 + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. G,P,C,E & S are abbreviations for the following respective super +; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty +; paid for the registration of these arrays and because ENV is not as commonly +; used as the others, ENV is not recommended on productions servers. You +; can still get access to the environment variables through getenv() should you +; need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P & C) should be +; registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive +; are specified in the same manner as the variables_order directive, +; EXCEPT one. Leaving this value empty will cause PHP to use the value set +; in the variables_order directive. It does not mean it will leave the super +; globals array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the ENV, REQUEST and SERVER variables are created when they're +; first used (Just In Time) instead of when the script starts. If these +; variables are not used within a script, having this directive on will result +; in a performance gain. The PHP directive register_argc_argv must be disabled +; for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Whether PHP will read the POST data. +; This option is enabled by default. +; Most likely, you won't want to disable this option globally. It causes $_POST +; and $_FILES to always be empty; the only way you will be able to read the +; POST data will be through the php://input stream wrapper. This can be useful +; to proxy requests or to process the POST data in a memory efficient fashion. +; http://php.net/enable-post-data-reading +;enable_post_data_reading = Off + +; Maximum size of POST data that PHP will accept. +; Its value may be 0 to disable the limit. It is ignored if POST data reading +; is disabled through enable_post_data_reading. +; http://php.net/post-max-size +post_max_size = 8M + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a media type using the Content-Type header. To +; disable this, simply set it to be empty. +; +; PHP's built-in default media type is set to text/html. +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to UTF-8. +; http://php.net/default-charset +default_charset = "UTF-8" + +; PHP internal character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/internal-encoding +;internal_encoding = + +; PHP input character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/input-encoding +;input_encoding = + +; PHP output character encoding is set to empty. +; If empty, default_charset is used. +; See also output_buffer. +; http://php.net/output-encoding +;output_encoding = + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +;include_path = ".:/php/includes" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Directory where the temporary files should be placed. +; Defaults to the system default (see sys_get_temp_dir) +; sys_temp_dir = "/tmp" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside +; of the web tree and people will not be able to circumvent .htaccess security. +; http://php.net/cgi.dicard-path +;cgi.discard_path=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1 + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If set to 0, PHP sends Status: header that +; is supported by Apache. When this option is set to 1, PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! +; (shebang) at the top of the running script. This line might be needed if the +; script support running both as stand-alone script and via PHP CGI<. PHP in CGI +; mode skips this line and ignores its content if this directive is turned on. +; http://php.net/cgi.check-shebang-line +;cgi.check_shebang_line=1 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = On + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=mysqli.dll +; +; ... or under UNIX: +; +; extension=mysqli.so +; +; ... or with a path: +; +; extension=/path/to/extension/mysqli.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5+) +; extension folders as well as the separate PECL DLL download (PHP 5+). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_ftp.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysqli.dll +;extension=php_oci8_12c.dll ; Use with Oracle Database 12c Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_shmop.dll + +; The MIBS data available in the PHP distribution must be installed. +; See http://www.php.net/manual/en/snmp.installation.php +;extension=php_snmp.dll + +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite3.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[CLI Server] +; Whether the CLI web server uses ANSI color coding in its terminal output. +cli_server.color = On + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +; Use of this INI entry is deprecated, use global input_encoding instead. +; If empty, default_charset or input_encoding or iconv.input_encoding is used. +; The precedence is: default_charset < intput_encoding < iconv.input_encoding +;iconv.input_encoding = + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;iconv.internal_encoding = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; If empty, default_charset or output_encoding or iconv.output_encoding is used. +; The precedence is: default_charset < output_encoding < iconv.output_encoding +; To use an output encoding conversion, iconv's output handler must be set +; otherwise output encoding conversion cannot be performed. +;iconv.output_encoding = + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING +;intl.use_exceptions = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +;Enables or disables JIT compilation of patterns. This requires the PCRE +;library to be compiled with JIT support. +;pcre.jit=1 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(). +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = +; Log mail to syslog (Event Log on Windows). +;mail.log = syslog + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = Off + +; Records communication from all extensions using mysqlnd to the specified log +; file. +; http://php.net/mysqlnd.debug +;mysqlnd.debug = + +; Defines which queries will be logged. +; http://php.net/mysqlnd.log_mask +;mysqlnd.log_mask = 0 + +; Default size of the mysqlnd memory pool, which is used by result sets. +; http://php.net/mysqlnd.mempool_default_size +;mysqlnd.mempool_default_size = 16000 + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +; Timeout for network requests in seconds. +; http://php.net/mysqlnd.net_read_timeout +;mysqlnd.net_read_timeout = 31536000 + +; SHA-256 Authentication Plugin related. File with the MySQL server public RSA +; key. +; http://php.net/mysqlnd.sha256_server_public_key +;mysqlnd.sha256_server_public_key = + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgreSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if +; your OS has problems with many files in one directory, and is +; a more efficient layout for servers that handle many sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use strict session mode. +; Strict session mode does not accept uninitialized session ID and regenerate +; session ID if browser sends uninitialized session ID. Strict mode protects +; applications from session fixation via session adoption vulnerability. It is +; disabled by default for maximum compatibility, but enabling it is encouraged. +; https://wiki.php.net/rfc/strict_sessions +session.use_strict_mode = 0 + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combating +; session hijacking when not specifying and managing your own session id. It is +; not the be-all and end-all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 -type f | xargs rm + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users' security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publicly accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Set session ID character length. This value could be between 22 to 256. +; Shorter length than default is supported only for compatibility reason. +; Users should use 32 or more chars. +; http://php.net/session.sid-length +; Default Value: 32 +; Development Value: 26 +; Production Value: 26 +session.sid_length = 26 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; is special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. tag's action attribute URL will not be modified +; unless it is specified. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=" +; Development Value: "a=href,area=href,frame=src,form=" +; Production Value: "a=href,area=href,frame=src,form=" +; http://php.net/url-rewriter.tags +session.trans_sid_tags = "a=href,area=href,frame=src,form=" + +; URL rewriter does not rewrite absolute URLs by default. +; To enable rewrites for absolute pathes, target hosts must be specified +; at RUNTIME. i.e. use ini_set() +; tags is special. PHP will check action attribute's URL regardless +; of session.trans_sid_tags setting. +; If no host is defined, HTTP_HOST will be used for allowed host. +; Example value: php.net,www.php.net,wiki.php.net +; Use "," for multiple hosts. No spaces are allowed. +; Default Value: "" +; Development Value: "" +; Production Value: "" +;session.trans_sid_hosts="" + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.sid_bits_per_character = 5 + +; Enable upload progress tracking in $_SESSION +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.enabled +;session.upload_progress.enabled = On + +; Cleanup the progress information as soon as all POST data has been read +; (i.e. upload completed). +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.cleanup +;session.upload_progress.cleanup = On + +; A prefix used for the upload progress key in $_SESSION +; Default Value: "upload_progress_" +; Development Value: "upload_progress_" +; Production Value: "upload_progress_" +; http://php.net/session.upload-progress.prefix +;session.upload_progress.prefix = "upload_progress_" + +; The index name (concatenated with the prefix) in $_SESSION +; containing the upload progress information +; Default Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Development Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Production Value: "PHP_SESSION_UPLOAD_PROGRESS" +; http://php.net/session.upload-progress.name +;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" + +; How frequently the upload progress should be updated. +; Given either in percentages (per-file), or in bytes +; Default Value: "1%" +; Development Value: "1%" +; Production Value: "1%" +; http://php.net/session.upload-progress.freq +;session.upload_progress.freq = "1%" + +; The minimum delay between updates, in seconds +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.upload-progress.min-freq +;session.upload_progress.min_freq = "1" + +; Only write session data when session data is changed. Enabled by default. +; http://php.net/session.lazy-write +;session.lazy_write = On + +[Assertion] +; Switch whether to compile assertions at all (to have no overhead at run-time) +; -1: Do not compile at all +; 0: Jump over assertion at run-time +; 1: Execute assertions +; Changing from or to a negative value is only possible in php.ini! (For turning assertions on and off at run-time, see assert.active, when zend.assertions = 1) +; Default Value: 1 +; Development Value: 1 +; Production Value: -1 +; http://php.net/zend.assertions +zend.assertions = -1 + +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Throw an AssertationException on failed assertions +; http://php.net/assert.exception +;assert.exception = On + +; Issue a PHP warning for each failed assertion. (Overridden by assert.exception if active) +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; This affects mb_send_mail() and mbstring.detect_order. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; internal/script encoding. +; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*) +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;mbstring.internal_encoding = + +; Use of this INI entry is deprecated, use global input_encoding instead. +; http input encoding. +; mbstring.encoding_traslation = On is needed to use this setting. +; If empty, default_charset or input_encoding or mbstring.input is used. +; The precedence is: default_charset < intput_encoding < mbsting.http_input +; http://php.net/mbstring.http-input +;mbstring.http_input = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; http output encoding. +; mb_output_handler must be registered as output buffer to function. +; If empty, default_charset or output_encoding or mbstring.http_output is used. +; The precedence is: default_charset < output_encoding < mbstring.http_output +; To use an output encoding conversion, mbstring's output handler must be set +; otherwise output encoding conversion cannot be performed. +; http://php.net/mbstring.http-output +;mbstring.http_output = + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; "auto" detect order is changed according to mbstring.language +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +; Default: Off +;mbstring.strict_detection = On + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 1 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[dba] +;dba.default_handler= + +[opcache] +; Determines if Zend OPCache is enabled +;opcache.enable=1 + +; Determines if Zend OPCache is enabled for the CLI version of PHP +;opcache.enable_cli=1 + +; The OPcache shared memory storage size. +;opcache.memory_consumption=128 + +; The amount of memory for interned strings in Mbytes. +;opcache.interned_strings_buffer=8 + +; The maximum number of keys (scripts) in the OPcache hash table. +; Only numbers between 200 and 1000000 are allowed. +;opcache.max_accelerated_files=10000 + +; The maximum percentage of "wasted" memory until a restart is scheduled. +;opcache.max_wasted_percentage=5 + +; When this directive is enabled, the OPcache appends the current working +; directory to the script key, thus eliminating possible collisions between +; files with the same name (basename). Disabling the directive improves +; performance, but may break existing applications. +;opcache.use_cwd=1 + +; When disabled, you must reset the OPcache manually or restart the +; webserver for changes to the filesystem to take effect. +;opcache.validate_timestamps=1 + +; How often (in seconds) to check file timestamps for changes to the shared +; memory storage allocation. ("1" means validate once per second, but only +; once per request. "0" means always validate) +;opcache.revalidate_freq=2 + +; Enables or disables file search in include_path optimization +;opcache.revalidate_path=0 + +; If disabled, all PHPDoc comments are dropped from the code to reduce the +; size of the optimized code. +;opcache.save_comments=1 + +; If enabled, a fast shutdown sequence is used for the accelerated code +; Depending on the used Memory Manager this may cause some incompatibilities. +;opcache.fast_shutdown=0 + +; Allow file existence override (file_exists, etc.) performance feature. +;opcache.enable_file_override=0 + +; A bitmask, where each bit enables or disables the appropriate OPcache +; passes +;opcache.optimization_level=0xffffffff + +;opcache.inherited_hack=1 +;opcache.dups_fix=0 + +; The location of the OPcache blacklist file (wildcards allowed). +; Each OPcache blacklist file is a text file that holds the names of files +; that should not be accelerated. The file format is to add each filename +; to a new line. The filename may be a full path or just a file prefix +; (i.e., /var/www/x blacklists all the files and directories in /var/www +; that start with 'x'). Line starting with a ; are ignored (comments). +;opcache.blacklist_filename= + +; Allows exclusion of large files from being cached. By default all files +; are cached. +;opcache.max_file_size=0 + +; Check the cache checksum each N requests. +; The default value of "0" means that the checks are disabled. +;opcache.consistency_checks=0 + +; How long to wait (in seconds) for a scheduled restart to begin if the cache +; is not being accessed. +;opcache.force_restart_timeout=180 + +; OPcache error_log file name. Empty string assumes "stderr". +;opcache.error_log= + +; All OPcache errors go to the Web server log. +; By default, only fatal errors (level 0) or errors (level 1) are logged. +; You can also enable warnings (level 2), info messages (level 3) or +; debug messages (level 4). +;opcache.log_verbosity_level=1 + +; Preferred Shared Memory back-end. Leave empty and let the system decide. +;opcache.preferred_memory_model= + +; Protect the shared memory from unexpected writing during script execution. +; Useful for internal debugging only. +;opcache.protect_memory=0 + +; Allows calling OPcache API functions only from PHP scripts which path is +; started from specified string. The default "" means no restriction +;opcache.restrict_api= + +; Mapping base of shared memory segments (for Windows only). All the PHP +; processes have to map shared memory into the same address space. This +; directive allows to manually fix the "Unable to reattach to base address" +; errors. +;opcache.mmap_base= + +; Enables and sets the second level cache directory. +; It should improve performance when SHM memory is full, at server restart or +; SHM reset. The default "" disables file based caching. +;opcache.file_cache= + +; Enables or disables opcode caching in shared memory. +;opcache.file_cache_only=0 + +; Enables or disables checksum validation when script loaded from file cache. +;opcache.file_cache_consistency_checks=1 + +; Implies opcache.file_cache_only=1 for a certain process that failed to +; reattach to the shared memory (for Windows only). Explicitly enabled file +; cache is required. +;opcache.file_cache_fallback=1 + +; Enables or disables copying of PHP code (text segment) into HUGE PAGES. +; This should improve performance, but requires appropriate OS configuration. +;opcache.huge_code_pages=1 + +; Validate cached file permissions. +;opcache.validate_permission=0 + +; Prevent name collisions in chroot'ed environment. +;opcache.validate_root=0 + +[curl] +; A default value for the CURLOPT_CAINFO option. This is required to be an +; absolute path. +;curl.cainfo = + +[openssl] +; The location of a Certificate Authority (CA) file on the local filesystem +; to use when verifying the identity of SSL/TLS peers. Most users should +; not specify a value for this directive as PHP will attempt to use the +; OS-managed cert stores in its absence. If specified, this value may still +; be overridden on a per-stream basis via the "cafile" SSL stream context +; option. +;openssl.cafile= + +; If openssl.cafile is not specified or if the CA file is not found, the +; directory pointed to by openssl.capath is searched for a suitable +; certificate. This value must be a correctly hashed certificate directory. +; Most users should not specify a value for this directive as PHP will +; attempt to use the OS-managed cert stores in its absence. If specified, +; this value may still be overridden on a per-stream basis via the "capath" +; SSL stream context option. +;openssl.capath= + +; Local Variables: +; tab-width: 4 +; End: diff --git a/images/php-fpm/php7.4.ini b/images/php-fpm/php7.4.ini new file mode 100644 index 00000000..9bf5f6ce --- /dev/null +++ b/images/php-fpm/php7.4.ini @@ -0,0 +1,1918 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it is +; much more verbose when it comes to errors. We recommend using the +; development version only in development environments, as errors shown to +; application users can inadvertently leak otherwise secure information. + +; This is php.ini-production INI file. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT + +; html_errors +; Default Value: On +; Development Value: On +; Production value: On + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.sid_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It is +; generally recommended that should be used and that this feature +; should be disabled, as enabling it may result in issues when generating XML +; documents, however this remains supported for backward compatibility reasons. +; Note that this directive does not control the would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 4096k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +; Enables or disables the circular reference collector. +; http://php.net/zend.enable-gc +zend.enable_gc = On + +; If enabled, scripts may be written in encodings that are incompatible with +; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such +; encodings. To use this feature, mbstring extension must be enabled. +; Default: Off +;zend.multibyte = Off + +; Allows to set the default encoding for the scripts. This value will be used +; unless "declare(encoding=...)" directive appears at the top of the script. +; Only affects if zend.multibyte is set. +; Default: "" +;zend.script_encoding = + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = On + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 600 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 120 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; How many GET/POST/COOKIE input variables may be accepted +; max_input_vars = 1000 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 256M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it is automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL (Show all errors, warnings and notices including coding standards.) +; E_ALL & ~E_NOTICE (Show all errors, except for notices) +; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT +; http://php.net/error-reporting +error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; For production environments, we recommend logging errors rather than +; sending them to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = Off + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. We strongly recommend you +; set this to 'off' for production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = Off + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of formatting the +; error message as HTML for easier reading. This directive controls whether +; the error message is formatted as HTML or not. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: On +; http://php.net/html-errors +html_errors = On + +; If html_errors is set to On *and* docref_root is not empty, then PHP +; produces clickable error messages that direct to a page describing the error +; or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty, in which +; case no links to documentation are generated. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on Windows). +;error_log = syslog + +;windows.show_crt_warning +; Default value: 0 +; Development value: 0 +; Production value: 0 + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. G,P,C,E & S are abbreviations for the following respective super +; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty +; paid for the registration of these arrays and because ENV is not as commonly +; used as the others, ENV is not recommended on productions servers. You +; can still get access to the environment variables through getenv() should you +; need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P & C) should be +; registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive +; are specified in the same manner as the variables_order directive, +; EXCEPT one. Leaving this value empty will cause PHP to use the value set +; in the variables_order directive. It does not mean it will leave the super +; globals array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the ENV, REQUEST and SERVER variables are created when they're +; first used (Just In Time) instead of when the script starts. If these +; variables are not used within a script, having this directive on will result +; in a performance gain. The PHP directive register_argc_argv must be disabled +; for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Whether PHP will read the POST data. +; This option is enabled by default. +; Most likely, you won't want to disable this option globally. It causes $_POST +; and $_FILES to always be empty; the only way you will be able to read the +; POST data will be through the php://input stream wrapper. This can be useful +; to proxy requests or to process the POST data in a memory efficient fashion. +; http://php.net/enable-post-data-reading +;enable_post_data_reading = Off + +; Maximum size of POST data that PHP will accept. +; Its value may be 0 to disable the limit. It is ignored if POST data reading +; is disabled through enable_post_data_reading. +; http://php.net/post-max-size +post_max_size = 8M + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a media type using the Content-Type header. To +; disable this, simply set it to be empty. +; +; PHP's built-in default media type is set to text/html. +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to UTF-8. +; http://php.net/default-charset +default_charset = "UTF-8" + +; PHP internal character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/internal-encoding +;internal_encoding = + +; PHP input character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/input-encoding +;input_encoding = + +; PHP output character encoding is set to empty. +; If empty, default_charset is used. +; See also output_buffer. +; http://php.net/output-encoding +;output_encoding = + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +;include_path = ".:/php/includes" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Directory where the temporary files should be placed. +; Defaults to the system default (see sys_get_temp_dir) +; sys_temp_dir = "/tmp" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside +; of the web tree and people will not be able to circumvent .htaccess security. +; http://php.net/cgi.dicard-path +;cgi.discard_path=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1 + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If set to 0, PHP sends Status: header that +; is supported by Apache. When this option is set to 1, PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! +; (shebang) at the top of the running script. This line might be needed if the +; script support running both as stand-alone script and via PHP CGI<. PHP in CGI +; mode skips this line and ignores its content if this directive is turned on. +; http://php.net/cgi.check-shebang-line +;cgi.check_shebang_line=1 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = On + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=mysqli.dll +; +; ... or under UNIX: +; +; extension=mysqli.so +; +; ... or with a path: +; +; extension=/path/to/extension/mysqli.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5+) +; extension folders as well as the separate PECL DLL download (PHP 5+). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_ftp.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysqli.dll +;extension=php_oci8_12c.dll ; Use with Oracle Database 12c Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_shmop.dll + +; The MIBS data available in the PHP distribution must be installed. +; See http://www.php.net/manual/en/snmp.installation.php +;extension=php_snmp.dll + +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite3.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[CLI Server] +; Whether the CLI web server uses ANSI color coding in its terminal output. +cli_server.color = On + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +; Use of this INI entry is deprecated, use global input_encoding instead. +; If empty, default_charset or input_encoding or iconv.input_encoding is used. +; The precedence is: default_charset < intput_encoding < iconv.input_encoding +;iconv.input_encoding = + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;iconv.internal_encoding = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; If empty, default_charset or output_encoding or iconv.output_encoding is used. +; The precedence is: default_charset < output_encoding < iconv.output_encoding +; To use an output encoding conversion, iconv's output handler must be set +; otherwise output encoding conversion cannot be performed. +;iconv.output_encoding = + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING +;intl.use_exceptions = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +;Enables or disables JIT compilation of patterns. This requires the PCRE +;library to be compiled with JIT support. +;pcre.jit=1 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(). +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = +; Log mail to syslog (Event Log on Windows). +;mail.log = syslog + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = Off + +; Records communication from all extensions using mysqlnd to the specified log +; file. +; http://php.net/mysqlnd.debug +;mysqlnd.debug = + +; Defines which queries will be logged. +; http://php.net/mysqlnd.log_mask +;mysqlnd.log_mask = 0 + +; Default size of the mysqlnd memory pool, which is used by result sets. +; http://php.net/mysqlnd.mempool_default_size +;mysqlnd.mempool_default_size = 16000 + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +; Timeout for network requests in seconds. +; http://php.net/mysqlnd.net_read_timeout +;mysqlnd.net_read_timeout = 31536000 + +; SHA-256 Authentication Plugin related. File with the MySQL server public RSA +; key. +; http://php.net/mysqlnd.sha256_server_public_key +;mysqlnd.sha256_server_public_key = + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgreSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if +; your OS has problems with many files in one directory, and is +; a more efficient layout for servers that handle many sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use strict session mode. +; Strict session mode does not accept uninitialized session ID and regenerate +; session ID if browser sends uninitialized session ID. Strict mode protects +; applications from session fixation via session adoption vulnerability. It is +; disabled by default for maximum compatibility, but enabling it is encouraged. +; https://wiki.php.net/rfc/strict_sessions +session.use_strict_mode = 0 + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combating +; session hijacking when not specifying and managing your own session id. It is +; not the be-all and end-all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 -type f | xargs rm + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users' security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publicly accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Set session ID character length. This value could be between 22 to 256. +; Shorter length than default is supported only for compatibility reason. +; Users should use 32 or more chars. +; http://php.net/session.sid-length +; Default Value: 32 +; Development Value: 26 +; Production Value: 26 +session.sid_length = 26 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; is special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. tag's action attribute URL will not be modified +; unless it is specified. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=" +; Development Value: "a=href,area=href,frame=src,form=" +; Production Value: "a=href,area=href,frame=src,form=" +; http://php.net/url-rewriter.tags +session.trans_sid_tags = "a=href,area=href,frame=src,form=" + +; URL rewriter does not rewrite absolute URLs by default. +; To enable rewrites for absolute pathes, target hosts must be specified +; at RUNTIME. i.e. use ini_set() +; tags is special. PHP will check action attribute's URL regardless +; of session.trans_sid_tags setting. +; If no host is defined, HTTP_HOST will be used for allowed host. +; Example value: php.net,www.php.net,wiki.php.net +; Use "," for multiple hosts. No spaces are allowed. +; Default Value: "" +; Development Value: "" +; Production Value: "" +;session.trans_sid_hosts="" + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.sid_bits_per_character = 5 + +; Enable upload progress tracking in $_SESSION +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.enabled +;session.upload_progress.enabled = On + +; Cleanup the progress information as soon as all POST data has been read +; (i.e. upload completed). +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.cleanup +;session.upload_progress.cleanup = On + +; A prefix used for the upload progress key in $_SESSION +; Default Value: "upload_progress_" +; Development Value: "upload_progress_" +; Production Value: "upload_progress_" +; http://php.net/session.upload-progress.prefix +;session.upload_progress.prefix = "upload_progress_" + +; The index name (concatenated with the prefix) in $_SESSION +; containing the upload progress information +; Default Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Development Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Production Value: "PHP_SESSION_UPLOAD_PROGRESS" +; http://php.net/session.upload-progress.name +;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" + +; How frequently the upload progress should be updated. +; Given either in percentages (per-file), or in bytes +; Default Value: "1%" +; Development Value: "1%" +; Production Value: "1%" +; http://php.net/session.upload-progress.freq +;session.upload_progress.freq = "1%" + +; The minimum delay between updates, in seconds +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.upload-progress.min-freq +;session.upload_progress.min_freq = "1" + +; Only write session data when session data is changed. Enabled by default. +; http://php.net/session.lazy-write +;session.lazy_write = On + +[Assertion] +; Switch whether to compile assertions at all (to have no overhead at run-time) +; -1: Do not compile at all +; 0: Jump over assertion at run-time +; 1: Execute assertions +; Changing from or to a negative value is only possible in php.ini! (For turning assertions on and off at run-time, see assert.active, when zend.assertions = 1) +; Default Value: 1 +; Development Value: 1 +; Production Value: -1 +; http://php.net/zend.assertions +zend.assertions = -1 + +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Throw an AssertationException on failed assertions +; http://php.net/assert.exception +;assert.exception = On + +; Issue a PHP warning for each failed assertion. (Overridden by assert.exception if active) +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; This affects mb_send_mail() and mbstring.detect_order. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; internal/script encoding. +; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*) +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;mbstring.internal_encoding = + +; Use of this INI entry is deprecated, use global input_encoding instead. +; http input encoding. +; mbstring.encoding_traslation = On is needed to use this setting. +; If empty, default_charset or input_encoding or mbstring.input is used. +; The precedence is: default_charset < intput_encoding < mbsting.http_input +; http://php.net/mbstring.http-input +;mbstring.http_input = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; http output encoding. +; mb_output_handler must be registered as output buffer to function. +; If empty, default_charset or output_encoding or mbstring.http_output is used. +; The precedence is: default_charset < output_encoding < mbstring.http_output +; To use an output encoding conversion, mbstring's output handler must be set +; otherwise output encoding conversion cannot be performed. +; http://php.net/mbstring.http-output +;mbstring.http_output = + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; "auto" detect order is changed according to mbstring.language +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +; Default: Off +;mbstring.strict_detection = On + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 1 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[dba] +;dba.default_handler= + +[opcache] +; Determines if Zend OPCache is enabled +;opcache.enable=1 + +; Determines if Zend OPCache is enabled for the CLI version of PHP +;opcache.enable_cli=1 + +; The OPcache shared memory storage size. +;opcache.memory_consumption=128 + +; The amount of memory for interned strings in Mbytes. +;opcache.interned_strings_buffer=8 + +; The maximum number of keys (scripts) in the OPcache hash table. +; Only numbers between 200 and 1000000 are allowed. +;opcache.max_accelerated_files=10000 + +; The maximum percentage of "wasted" memory until a restart is scheduled. +;opcache.max_wasted_percentage=5 + +; When this directive is enabled, the OPcache appends the current working +; directory to the script key, thus eliminating possible collisions between +; files with the same name (basename). Disabling the directive improves +; performance, but may break existing applications. +;opcache.use_cwd=1 + +; When disabled, you must reset the OPcache manually or restart the +; webserver for changes to the filesystem to take effect. +;opcache.validate_timestamps=1 + +; How often (in seconds) to check file timestamps for changes to the shared +; memory storage allocation. ("1" means validate once per second, but only +; once per request. "0" means always validate) +;opcache.revalidate_freq=2 + +; Enables or disables file search in include_path optimization +;opcache.revalidate_path=0 + +; If disabled, all PHPDoc comments are dropped from the code to reduce the +; size of the optimized code. +;opcache.save_comments=1 + +; If enabled, a fast shutdown sequence is used for the accelerated code +; Depending on the used Memory Manager this may cause some incompatibilities. +;opcache.fast_shutdown=0 + +; Allow file existence override (file_exists, etc.) performance feature. +;opcache.enable_file_override=0 + +; A bitmask, where each bit enables or disables the appropriate OPcache +; passes +;opcache.optimization_level=0xffffffff + +;opcache.inherited_hack=1 +;opcache.dups_fix=0 + +; The location of the OPcache blacklist file (wildcards allowed). +; Each OPcache blacklist file is a text file that holds the names of files +; that should not be accelerated. The file format is to add each filename +; to a new line. The filename may be a full path or just a file prefix +; (i.e., /var/www/x blacklists all the files and directories in /var/www +; that start with 'x'). Line starting with a ; are ignored (comments). +;opcache.blacklist_filename= + +; Allows exclusion of large files from being cached. By default all files +; are cached. +;opcache.max_file_size=0 + +; Check the cache checksum each N requests. +; The default value of "0" means that the checks are disabled. +;opcache.consistency_checks=0 + +; How long to wait (in seconds) for a scheduled restart to begin if the cache +; is not being accessed. +;opcache.force_restart_timeout=180 + +; OPcache error_log file name. Empty string assumes "stderr". +;opcache.error_log= + +; All OPcache errors go to the Web server log. +; By default, only fatal errors (level 0) or errors (level 1) are logged. +; You can also enable warnings (level 2), info messages (level 3) or +; debug messages (level 4). +;opcache.log_verbosity_level=1 + +; Preferred Shared Memory back-end. Leave empty and let the system decide. +;opcache.preferred_memory_model= + +; Protect the shared memory from unexpected writing during script execution. +; Useful for internal debugging only. +;opcache.protect_memory=0 + +; Allows calling OPcache API functions only from PHP scripts which path is +; started from specified string. The default "" means no restriction +;opcache.restrict_api= + +; Mapping base of shared memory segments (for Windows only). All the PHP +; processes have to map shared memory into the same address space. This +; directive allows to manually fix the "Unable to reattach to base address" +; errors. +;opcache.mmap_base= + +; Enables and sets the second level cache directory. +; It should improve performance when SHM memory is full, at server restart or +; SHM reset. The default "" disables file based caching. +;opcache.file_cache= + +; Enables or disables opcode caching in shared memory. +;opcache.file_cache_only=0 + +; Enables or disables checksum validation when script loaded from file cache. +;opcache.file_cache_consistency_checks=1 + +; Implies opcache.file_cache_only=1 for a certain process that failed to +; reattach to the shared memory (for Windows only). Explicitly enabled file +; cache is required. +;opcache.file_cache_fallback=1 + +; Enables or disables copying of PHP code (text segment) into HUGE PAGES. +; This should improve performance, but requires appropriate OS configuration. +;opcache.huge_code_pages=1 + +; Validate cached file permissions. +;opcache.validate_permission=0 + +; Prevent name collisions in chroot'ed environment. +;opcache.validate_root=0 + +[curl] +; A default value for the CURLOPT_CAINFO option. This is required to be an +; absolute path. +;curl.cainfo = + +[openssl] +; The location of a Certificate Authority (CA) file on the local filesystem +; to use when verifying the identity of SSL/TLS peers. Most users should +; not specify a value for this directive as PHP will attempt to use the +; OS-managed cert stores in its absence. If specified, this value may still +; be overridden on a per-stream basis via the "cafile" SSL stream context +; option. +;openssl.cafile= + +; If openssl.cafile is not specified or if the CA file is not found, the +; directory pointed to by openssl.capath is searched for a suitable +; certificate. This value must be a correctly hashed certificate directory. +; Most users should not specify a value for this directive as PHP will +; attempt to use the OS-managed cert stores in its absence. If specified, +; this value may still be overridden on a per-stream basis via the "capath" +; SSL stream context option. +;openssl.capath= + +; Local Variables: +; tab-width: 4 +; End: diff --git a/images/php-fpm/xdebug b/images/php-fpm/xdebug new file mode 100755 index 00000000..8adb807b --- /dev/null +++ b/images/php-fpm/xdebug @@ -0,0 +1,101 @@ +#! /bin/bash + +# NOTE: At the moment, this has only been confirmed to work with PHP 7 + + +# Grab full name of php-fpm container +PHP_FPM_CONTAINER=$(docker ps | grep php-fpm | awk '{print $1}') + + +# Grab OS type +if [[ "$(uname)" == "Darwin" ]]; then + OS_TYPE="OSX" +else + OS_TYPE=$(expr substr $(uname -s) 1 5) +fi + + +xdebug_status () +{ + echo 'xDebug status' + + # If running on Windows, need to prepend with winpty :( + if [[ $OS_TYPE == "MINGW" ]]; then + winpty docker exec -it $PHP_FPM_CONTAINER bash -c 'php -v' + + else + docker exec -it $PHP_FPM_CONTAINER bash -c 'php -v' + fi + +} + + +xdebug_start () +{ + echo 'Start xDebug' + + # And uncomment line with xdebug extension, thus enabling it + ON_CMD="sed -i 's/^;zend_extension=/zend_extension=/g' \ + /usr/local/etc/php/conf.d/xdebug.ini" + + + # If running on Windows, need to prepend with winpty :( + if [[ $OS_TYPE == "MINGW" ]]; then + winpty docker exec -it $PHP_FPM_CONTAINER bash -c "${ON_CMD}" + docker restart $PHP_FPM_CONTAINER + winpty docker exec -it $PHP_FPM_CONTAINER bash -c 'php -v' + + else + docker exec -it $PHP_FPM_CONTAINER bash -c "${ON_CMD}" + docker restart $PHP_FPM_CONTAINER + docker exec -it $PHP_FPM_CONTAINER bash -c 'php -v' + fi +} + + +xdebug_stop () +{ + echo 'Stop xDebug' + + # Comment out xdebug extension line + OFF_CMD="sed -i 's/^zend_extension=/;zend_extension=/g' /usr/local/etc/php/conf.d/xdebug.ini" + + + # If running on Windows, need to prepend with winpty :( + if [[ $OS_TYPE == "MINGW" ]]; then + # This is the equivalent of: + # winpty docker exec -it laradock_php-fpm_1 bash -c 'bla bla bla' + # Thanks to @michaelarnauts at https://github.com/docker/compose/issues/593 + winpty docker exec -it $PHP_FPM_CONTAINER bash -c "${OFF_CMD}" + docker restart $PHP_FPM_CONTAINER + #docker-compose restart php-fpm + winpty docker exec -it $PHP_FPM_CONTAINER bash -c 'php -v' + + else + docker exec -it $PHP_FPM_CONTAINER bash -c "${OFF_CMD}" + # docker-compose restart php-fpm + docker restart $PHP_FPM_CONTAINER + docker exec -it $PHP_FPM_CONTAINER bash -c 'php -v' + fi +} + + +case $@ in + stop|STOP) + xdebug_stop + ;; + start|START) + xdebug_start + ;; + status|STATUS) + xdebug_status + ;; + *) + echo "xDebug [Stop | Start | Status] in the ${PHP_FPM_CONTAINER} container." + echo "xDebug must have already been installed." + echo "Usage:" + echo " .php-fpm/xdebug stop|start|status" + +esac + +exit 1 diff --git a/images/php-fpm/xdebug.ini b/images/php-fpm/xdebug.ini new file mode 100644 index 00000000..ba50bb85 --- /dev/null +++ b/images/php-fpm/xdebug.ini @@ -0,0 +1,19 @@ +; NOTE: The actual debug.so extention is NOT SET HERE but rather (/usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini) + +xdebug.remote_host="host.docker.internal" +xdebug.remote_connect_back=0 +xdebug.remote_port=9000 +xdebug.idekey=PHPSTORM + +xdebug.remote_autostart=0 +xdebug.remote_enable=0 +xdebug.cli_color=0 +xdebug.profiler_enable=0 +xdebug.profiler_output_dir="~/xdebug/phpstorm/tmp/profiling" + +xdebug.remote_handler=dbgp +xdebug.remote_mode=req + +xdebug.var_display_max_children=-1 +xdebug.var_display_max_data=-1 +xdebug.var_display_max_depth=-1 diff --git a/images/php-fpm/xhprof.ini b/images/php-fpm/xhprof.ini new file mode 100644 index 00000000..2a62fedb --- /dev/null +++ b/images/php-fpm/xhprof.ini @@ -0,0 +1,8 @@ +[xhprof] +; extension=xhprof.so +extension=tideways_xhprof.so +xhprof.output_dir=/var/www/xhprof +; no need to autoload, control in the program +tideways.auto_prepend_library=0 +; set default rate +tideways.sample_rate=100 \ No newline at end of file diff --git a/images/php-fpm/xlaravel.pool.conf b/images/php-fpm/xlaravel.pool.conf new file mode 100644 index 00000000..ab2a4f1f --- /dev/null +++ b/images/php-fpm/xlaravel.pool.conf @@ -0,0 +1,76 @@ +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +user = www-data +group = www-data + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses on a +; specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +listen = 0.0.0.0:9000 + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives. With this process management, there will be +; always at least 1 children. +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; ondemand - no children are created at startup. Children will be forked when +; new requests will connect. The following parameter are used: +; pm.max_children - the maximum number of children that +; can be alive at the same time. +; pm.process_idle_timeout - The number of seconds after which +; an idle process will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. The below defaults are based on a server without much resources. Don't +; forget to tweak pm.* to fit your needs. +; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' +; Note: This value is mandatory. +pm.max_children = 20 + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 +pm.start_servers = 2 + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.min_spare_servers = 1 + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.max_spare_servers = 3 + +;--------------------- + +; Make specific Docker environment variables available to PHP +env[DB_1_ENV_MYSQL_DATABASE] = $DB_1_ENV_MYSQL_DATABASE +env[DB_1_ENV_MYSQL_USER] = $DB_1_ENV_MYSQL_USER +env[DB_1_ENV_MYSQL_PASSWORD] = $DB_1_ENV_MYSQL_PASSWORD + +catch_workers_output = yes diff --git a/images/php-supervisor/Dockerfile b/images/php-supervisor/Dockerfile new file mode 100644 index 00000000..5396b487 --- /dev/null +++ b/images/php-supervisor/Dockerfile @@ -0,0 +1,16 @@ +FROM bravist/php-cli-alpine-aliyun-app:1.13 + +MAINTAINER bravist + +RUN apk update \ + && apk upgrade \ + && apk add supervisor \ + && rm -rf /var/cache/apk/* + +# Define mountable directories. +VOLUME ["/etc/supervisor/conf.d", "/var/log/supervisor/"] + +# Define working directory. +WORKDIR /etc/supervisor/conf.d + +CMD ["supervisord", "--nodaemon", "--configuration", "/etc/supervisor/conf.d/supervisord.conf"] diff --git a/images/php-supervisor/supervisor/.gitignore b/images/php-supervisor/supervisor/.gitignore new file mode 100644 index 00000000..e5c534ef --- /dev/null +++ b/images/php-supervisor/supervisor/.gitignore @@ -0,0 +1,4 @@ +* +!.gitignore +!cron.conf +!supervisord.conf \ No newline at end of file diff --git a/images/php-supervisor/supervisor/supervisord.conf b/images/php-supervisor/supervisor/supervisord.conf new file mode 100644 index 00000000..053c8773 --- /dev/null +++ b/images/php-supervisor/supervisor/supervisord.conf @@ -0,0 +1,15 @@ +[supervisord] +nodaemon=true +logfile=/var/log/supervisord.log +pidfile=/var/run/supervisord.pid + +loglevel=error + +[program:fpm] +command=/usr/sbin/php-fpm7 -R --nodaemonize + +[program:ssh] +command=/usr/sbin/sshd -D + +[include] +files = /etc/supervisor/conf.d/*.conf \ No newline at end of file diff --git a/images/php-worker/Dockerfile b/images/php-worker/Dockerfile new file mode 100644 index 00000000..084e2dd2 --- /dev/null +++ b/images/php-worker/Dockerfile @@ -0,0 +1,370 @@ +# +#-------------------------------------------------------------------------- +# Image Setup +#-------------------------------------------------------------------------- +# + +ARG LARADOCK_PHP_VERSION +FROM php:${LARADOCK_PHP_VERSION}-alpine + +LABEL maintainer="Mahmoud Zalt " + +ARG LARADOCK_PHP_VERSION + +# If you're in China, or you need to change sources, will be set CHANGE_SOURCE to true in .env. + +ARG CHANGE_SOURCE=false +RUN if [ ${CHANGE_SOURCE} = true ]; then \ + # Change application source from dl-cdn.alpinelinux.org to aliyun source + sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/' /etc/apk/repositories \ +;fi + +RUN apk --update add wget \ + curl \ + git \ + build-base \ + libmemcached-dev \ + libmcrypt-dev \ + libxml2-dev \ + pcre-dev \ + zlib-dev \ + autoconf \ + cyrus-sasl-dev \ + libgsasl-dev \ + oniguruma-dev \ + openssl \ + openssl-dev \ + supervisor + +RUN docker-php-ext-install mysqli mbstring pdo pdo_mysql tokenizer xml pcntl +RUN if [ $(php -r "echo PHP_MAJOR_VERSION;") = "5" ]; then \ + pecl channel-update pecl.php.net && pecl install memcached-2.2.0 mcrypt-1.0.1 mongodb && docker-php-ext-enable memcached mongodb \ +;else \ + pecl channel-update pecl.php.net && pecl install memcached mcrypt-1.0.1 mongodb && docker-php-ext-enable memcached mongodb \ +;fi + +# Add a non-root user: +ARG PUID=1000 +ENV PUID ${PUID} +ARG PGID=1000 +ENV PGID ${PGID} + +RUN addgroup -g ${PGID} laradock && \ + adduser -D -G laradock -u ${PUID} laradock + +#Install BZ2: +ARG INSTALL_BZ2=false +RUN if [ ${INSTALL_BZ2} = true ]; then \ + apk --update add bzip2-dev; \ + docker-php-ext-install bz2; \ +fi + +#Install GD package: +ARG INSTALL_GD=false +RUN if [ ${INSTALL_GD} = true ]; then \ + apk add --update --no-cache freetype-dev libjpeg-turbo-dev jpeg-dev libpng-dev; \ + docker-php-ext-configure gd --with-freetype-dir=/usr/lib/ --with-jpeg-dir=/usr/lib/ --with-png-dir=/usr/lib/ && \ + docker-php-ext-install gd \ +;fi + +#Install ImageMagick: +ARG INSTALL_IMAGEMAGICK=false +RUN if [ ${INSTALL_IMAGEMAGICK} = true ]; then \ + apk add --update imagemagick-dev imagemagick; \ + pecl install imagick; \ + docker-php-ext-enable imagick \ +;fi + +#Install GMP package: +ARG INSTALL_GMP=false +RUN if [ ${INSTALL_GMP} = true ]; then \ + apk add --update --no-cache gmp gmp-dev \ + && docker-php-ext-install gmp \ +;fi + +#Install SOAP package: +ARG INSTALL_SOAP=false +RUN if [ ${INSTALL_SOAP} = true ]; then \ + docker-php-ext-install soap \ +;fi + +#Install BCMath package: +ARG INSTALL_BCMATH=false +RUN if [ ${INSTALL_BCMATH} = true ]; then \ + docker-php-ext-install bcmath \ +;fi + +########################################################################### +# PHP OCI8: +########################################################################### + +ARG INSTALL_OCI8=false + +ENV LD_LIBRARY_PATH="/usr/local/instantclient" +ENV ORACLE_HOME="/usr/local/instantclient" + +RUN if [ ${INSTALL_OCI8} = true ] && [ $(php -r "echo PHP_MAJOR_VERSION;") = "7" ]; then \ + apk add make php7-pear php7-dev gcc musl-dev libnsl libaio poppler-utils libzip-dev zip unzip libaio-dev freetds-dev && \ + ## Download and unarchive Instant Client v11 + curl -o /tmp/basic.zip https://raw.githubusercontent.com/bumpx/oracle-instantclient/master/instantclient-basic-linux.x64-11.2.0.4.0.zip && \ + curl -o /tmp/sdk.zip https://raw.githubusercontent.com/bumpx/oracle-instantclient/master/instantclient-sdk-linux.x64-11.2.0.4.0.zip && \ + curl -o /tmp/sqlplus.zip https://raw.githubusercontent.com/bumpx/oracle-instantclient/master/instantclient-sqlplus-linux.x64-11.2.0.4.0.zip && \ + unzip -d /usr/local/ /tmp/basic.zip && \ + unzip -d /usr/local/ /tmp/sdk.zip && \ + unzip -d /usr/local/ /tmp/sqlplus.zip \ + ## Links are required for older SDKs + && ln -s /usr/local/instantclient_11_2 ${ORACLE_HOME} && \ + ln -s ${ORACLE_HOME}/libclntsh.so.* ${ORACLE_HOME}/libclntsh.so && \ + ln -s ${ORACLE_HOME}/libocci.so.* ${ORACLE_HOME}/libocci.so && \ + ln -s ${ORACLE_HOME}/lib* /usr/lib && \ + ln -s ${ORACLE_HOME}/sqlplus /usr/bin/sqlplus &&\ + ln -s /usr/lib/libnsl.so.2.0.0 /usr/lib/libnsl.so.1 && \ + ## Build OCI8 with PECL + echo "instantclient,${ORACLE_HOME}" | pecl install oci8 && \ + echo 'extension=oci8.so' > /etc/php7/conf.d/30-oci8.ini \ + # Clean up + apk del php7-pear php7-dev gcc musl-dev && \ + rm -rf /tmp/*.zip /tmp/pear/ && \ + docker-php-ext-configure pdo_oci --with-pdo-oci=instantclient,/usr/local/instantclient \ + && docker-php-ext-configure pdo_dblib --with-libdir=/lib \ + && docker-php-ext-install pdo_oci \ + && docker-php-ext-enable oci8 \ + && docker-php-ext-install zip && \ + # Install the zip extension + docker-php-ext-configure zip && \ + php -m | grep -q 'zip' \ +;fi + +# Install PostgreSQL drivers: +ARG INSTALL_PGSQL=false +RUN if [ ${INSTALL_PGSQL} = true ]; then \ + apk --update add postgresql-dev \ + && docker-php-ext-install pdo_pgsql \ +;fi + +# Install ZipArchive: +ARG INSTALL_ZIP_ARCHIVE=false +RUN set -eux; \ + if [ ${INSTALL_ZIP_ARCHIVE} = true ]; then \ + apk --update add libzip-dev && \ + if [ ${LARADOCK_PHP_VERSION} = "7.3" ] || [ ${LARADOCK_PHP_VERSION} = "7.4" ]; then \ + docker-php-ext-configure zip; \ + else \ + docker-php-ext-configure zip --with-libzip; \ + fi && \ + # Install the zip extension + docker-php-ext-install zip \ +;fi + +# Install MySQL Client: +ARG INSTALL_MYSQL_CLIENT=false +RUN if [ ${INSTALL_MYSQL_CLIENT} = true ]; then \ + apk --update add mysql-client \ +;fi + +# Install FFMPEG: +ARG INSTALL_FFMPEG=false +RUN if [ ${INSTALL_FFMPEG} = true ]; then \ + apk --update add ffmpeg \ +;fi + +# Install BBC Audio Waveform Image Generator: +ARG INSTALL_AUDIOWAVEFORM=false +RUN if [ ${INSTALL_AUDIOWAVEFORM} = true ]; then \ + apk add git make cmake gcc g++ libmad-dev libid3tag-dev libsndfile-dev gd-dev boost-dev libgd libpng-dev zlib-dev \ + && apk add autoconf automake libtool gettext \ + && wget https://github.com/xiph/flac/archive/1.3.3.tar.gz \ + && tar xzf 1.3.3.tar.gz \ + && cd flac-1.3.3 \ + && ./autogen.sh \ + && ./configure --enable-shared=no \ + && make \ + && make install \ + && cd .. \ + && git clone https://github.com/bbc/audiowaveform.git \ + && cd audiowaveform \ + && wget https://github.com/google/googletest/archive/release-1.10.0.tar.gz \ + && tar xzf release-1.10.0.tar.gz \ + && ln -s googletest-release-1.10.0/googletest googletest \ + && ln -s googletest-release-1.10.0/googlemock googlemock \ + && mkdir build \ + && cd build \ + && cmake .. \ + && make \ + && make install \ +;fi + + +# Install AMQP: +ARG INSTALL_AMQP=false + +RUN if [ ${INSTALL_AMQP} = true ]; then \ + apk --update add rabbitmq-c rabbitmq-c-dev && \ + pecl install amqp && \ + docker-php-ext-enable amqp && \ + docker-php-ext-install sockets \ +;fi + +# Install Gearman: +ARG INSTALL_GEARMAN=false + +RUN if [ ${INSTALL_GEARMAN} = true ]; then \ + sed -i "\$ahttp://dl-cdn.alpinelinux.org/alpine/edge/main" /etc/apk/repositories && \ + sed -i "\$ahttp://dl-cdn.alpinelinux.org/alpine/edge/community" /etc/apk/repositories && \ + sed -i "\$ahttp://dl-cdn.alpinelinux.org/alpine/edge/testing" /etc/apk/repositories && \ + apk --update add php7-gearman && \ + sh -c 'echo "extension=/usr/lib/php7/modules/gearman.so" > /usr/local/etc/php/conf.d/gearman.ini' \ +;fi + +# Install Cassandra drivers: +ARG INSTALL_CASSANDRA=false +RUN if [ ${INSTALL_CASSANDRA} = true ]; then \ + apk --update add cassandra-cpp-driver \ + ;fi + +WORKDIR /usr/src +RUN if [ ${INSTALL_CASSANDRA} = true ]; then \ + git clone https://github.com/datastax/php-driver.git \ + && cd php-driver/ext \ + && phpize \ + && mkdir -p /usr/src/php-driver/build \ + && cd /usr/src/php-driver/build \ + && ../ext/configure --with-php-config=/usr/bin/php-config7.1 > /dev/null \ + && make clean >/dev/null \ + && make >/dev/null 2>&1 \ + && make install \ + && docker-php-ext-enable cassandra \ +;fi + +# Install Phalcon ext +ARG INSTALL_PHALCON=false +ARG PHALCON_VERSION +ENV PHALCON_VERSION ${PHALCON_VERSION} + +RUN if [ $INSTALL_PHALCON = true ]; then \ + apk --update add unzip gcc make re2c bash\ + && git clone https://github.com/jbboehr/php-psr.git \ + && cd php-psr \ + && phpize \ + && ./configure \ + && make \ + && make test \ + && make install \ + && curl -L -o /tmp/cphalcon.zip https://github.com/phalcon/cphalcon/archive/v${PHALCON_VERSION}.zip \ + && unzip -d /tmp/ /tmp/cphalcon.zip \ + && cd /tmp/cphalcon-${PHALCON_VERSION}/build \ + && ./install \ + && rm -rf /tmp/cphalcon* \ +;fi + +ARG INSTALL_GHOSTSCRIPT=false +RUN if [ $INSTALL_GHOSTSCRIPT = true ]; then \ + apk --update add ghostscript \ +;fi + +# Install Redis package: +ARG INSTALL_REDIS=false +RUN if [ ${INSTALL_REDIS} = true ]; then \ + # Install Redis Extension + printf "\n" | pecl install -o -f redis \ + && rm -rf /tmp/pear \ + && docker-php-ext-enable redis \ +;fi + +########################################################################### +# Swoole EXTENSION +########################################################################### + +ARG INSTALL_SWOOLE=false + +RUN if [ ${INSTALL_SWOOLE} = true ]; then \ + # Install Php Swoole Extension + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "5" ]; then \ + pecl -q install swoole-2.0.10; \ + else \ + if [ $(php -r "echo PHP_MINOR_VERSION;") = "0" ]; then \ + pecl install swoole-2.2.0; \ + else \ + pecl install swoole; \ + fi \ + fi \ + && docker-php-ext-enable swoole \ +;fi + +########################################################################### +# Taint EXTENSION +########################################################################### + +ARG INSTALL_TAINT=false + +RUN if [ ${INSTALL_TAINT} = true ]; then \ + # Install Php TAINT Extension + if [ $(php -r "echo PHP_MAJOR_VERSION;") = "7" ]; then \ + pecl install taint; \ + fi && \ + docker-php-ext-enable taint \ +;fi + +########################################################################### +# Imap EXTENSION +########################################################################### + +ARG INSTALL_IMAP=false + +RUN if [ ${INSTALL_IMAP} = true ]; then \ + apk add --update imap-dev openssl-dev && \ + docker-php-ext-configure imap --with-imap --with-imap-ssl && \ + docker-php-ext-install imap \ +;fi + +########################################################################### +# XMLRPC: +########################################################################### + +ARG INSTALL_XMLRPC=false + +RUN if [ ${INSTALL_XMLRPC} = true ]; then \ + docker-php-ext-install xmlrpc \ +;fi + +# +#-------------------------------------------------------------------------- +# Optional Supervisord Configuration +#-------------------------------------------------------------------------- +# +# Modify the ./supervisor.conf file to match your App's requirements. +# Make sure you rebuild your container with every change. +# + +COPY supervisord.conf /etc/supervisord.conf + +ENTRYPOINT ["/usr/bin/supervisord", "-n", "-c", "/etc/supervisord.conf"] + +# +#-------------------------------------------------------------------------- +# Optional Software's Installation +#-------------------------------------------------------------------------- +# +# If you need to modify this image, feel free to do it right here. +# + # -- Your awesome modifications go here -- # + +# +#-------------------------------------------------------------------------- +# Check PHP version +#-------------------------------------------------------------------------- +# + +RUN php -v | head -n 1 | grep -q "PHP ${PHP_VERSION}." + +# +#-------------------------------------------------------------------------- +# Final Touch +#-------------------------------------------------------------------------- +# + +# Clean up +RUN rm /var/cache/apk/* \ + && mkdir -p /var/www + +WORKDIR /etc/supervisor/conf.d/ diff --git a/images/php-worker/supervisord.conf b/images/php-worker/supervisord.conf new file mode 100644 index 00000000..203f0148 --- /dev/null +++ b/images/php-worker/supervisord.conf @@ -0,0 +1,10 @@ +[supervisord] +nodaemon=true +[supervisorctl] +[inet_http_server] +port = 127.0.0.1:9001 +[rpcinterface:supervisor] +supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface + +[include] +files = supervisord.d/*.conf \ No newline at end of file diff --git a/images/php-worker/supervisord.d/.gitignore b/images/php-worker/supervisord.d/.gitignore new file mode 100644 index 00000000..fee92170 --- /dev/null +++ b/images/php-worker/supervisord.d/.gitignore @@ -0,0 +1 @@ +*.conf diff --git a/images/php-worker/supervisord.d/laravel-scheduler.conf.example b/images/php-worker/supervisord.d/laravel-scheduler.conf.example new file mode 100644 index 00000000..0e83f878 --- /dev/null +++ b/images/php-worker/supervisord.d/laravel-scheduler.conf.example @@ -0,0 +1,8 @@ +[program:laravel-scheduler] +process_name=%(program_name)s_%(process_num)02d +command=/bin/sh -c "while [ true ]; do (php /var/www/artisan schedule:run --verbose --no-interaction &); sleep 60; done" +autostart=true +autorestart=true +numprocs=1 +user=laradock +redirect_stderr=true diff --git a/images/php-worker/supervisord.d/laravel-worker.conf.example b/images/php-worker/supervisord.d/laravel-worker.conf.example new file mode 100644 index 00000000..06401183 --- /dev/null +++ b/images/php-worker/supervisord.d/laravel-worker.conf.example @@ -0,0 +1,8 @@ +[program:laravel-worker] +process_name=%(program_name)s_%(process_num)02d +command=php /var/www/artisan queue:work --sleep=3 --tries=3 --daemon +autostart=true +autorestart=true +numprocs=8 +user=laradock +redirect_stderr=true diff --git a/images/php/56/Dockerfile b/images/php/56/Dockerfile new file mode 100644 index 00000000..dfe41847 --- /dev/null +++ b/images/php/56/Dockerfile @@ -0,0 +1,22 @@ +FROM registry.cn-hongkong.aliyuncs.com/imxieke/alpine:3.7 + +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +# conflict php7-pecl-gmagick php7-pecl-imagick + +RUN apk add --no-cache php5 php5-bcmath php5-bz2 php5-calendar php5-cli php5-ctype php5-curl php5-dba php5-dbg php5-dev php5-dom \ + php5-enchant php5-exif php5-fpm php5-ftp php5-gd php5-gettext php5-gmp php5-iconv php5-imap php5-intl php5-json php5-ldap \ + php5-mcrypt php5-mssql php5-mysql php5-mysqli php5-odbc php5-openssl php5-pcntl php5-pdo php5-pdo_dblib php5-pdo_mysql \ + php5-pdo_odbc php5-pdo_pgsql php5-pdo_sqlite php5-pear php5-pgsql php5-phar php5-posix php5-pspell php5-shmop php5-snmp \ + php5-soap php5-sockets php5-sqlite3 php5-sysvmsg php5-sysvsem php5-sysvshm php5-wddx php5-xml php5-xmlreader php5-xmlrpc \ + php5-xsl php5-zip php5-zlib \ + && mv /usr/bin/php5 /usr/bin/php \ + && mv /usr/bin/phpize5 /usr/bin/phpize \ + && mv /usr/bin/php-fpm5 /usr/bin/php-fpm \ + && wget https://mirrors.cloud.tencent.com/composer/composer.phar -O /usr/bin/composer \ + && chmod +x /usr/bin/composer \ + && composer config -g repos.packagist composer https://mirrors.cloud.tencent.com/composer + + +WORKDIR /app \ No newline at end of file diff --git a/images/php/71/Dockerfile b/images/php/71/Dockerfile new file mode 100644 index 00000000..c50ea6f2 --- /dev/null +++ b/images/php/71/Dockerfile @@ -0,0 +1,16 @@ +FROM registry.cn-hongkong.aliyuncs.com/imxieke/alpine:3.7 + +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +RUN apk add --no-cache php7 php7-amqp php7-bcmath php7-bz2 php7-calendar php7-ctype php7-curl php7-dba php7-dev php7-dom \ + php7-enchant php7-exif php7-fileinfo php7-fpm php7-ftp php7-gd php7-gettext php7-gmp php7-iconv php7-imagick \ + php7-imagick-dev php7-imap php7-intl php7-json php7-ldap php7-mbstring php7-mcrypt php7-memcached php7-mysqli \ + php7-mysqlnd php7-oauth php7-odbc php7-openssl php7-pcntl php7-pdo php7-pdo_dblib php7-pdo_mysql php7-pdo_odbc \ + php7-pdo_pgsql php7-pdo_sqlite php7-pear php7-pgsql php7-phar php7-posix php7-pspell php7-recode php7-redis \ + php7-session php7-shmop php7-simplexml php7-snmp php7-soap php7-sockets php7-sqlite3 php7-ssh2 php7-sysvmsg \ + php7-sysvsem php7-sysvshm php7-tidy php7-tokenizer php7-wddx php7-xml php7-xmlreader php7-xmlrpc php7-xmlwriter \ + php7-xsl php7-zip php7-zmq composer \ + && composer config -g repos.packagist composer https://mirrors.cloud.tencent.com/composer + +WORKDIR /app \ No newline at end of file diff --git a/images/php/72/Dockerfile b/images/php/72/Dockerfile new file mode 100644 index 00000000..c1f7895b --- /dev/null +++ b/images/php/72/Dockerfile @@ -0,0 +1,18 @@ +FROM registry.cn-hongkong.aliyuncs.com/imxieke/alpine:3.9 + +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +# conflict php7-pecl-gmagick php7-pecl-imagick + +RUN apk add --no-cache php7 php7-bcmath php7-bz2 php7-calendar php7-ctype php7-curl php7-dba php7-dev php7-dom php7-exif \ + php7-fileinfo php7-fpm php7-ftp php7-gd php7-gettext php7-gmp php7-iconv php7-imap php7-intl php7-json php7-ldap \ + php7-mbstring php7-mysqli php7-mysqlnd php7-openssl php7-pcntl php7-pdo php7-pdo_dblib php7-pdo_mysql php7-pdo_odbc \ + php7-pdo_pgsql php7-pdo_sqlite php7-pear php7-pecl-amqp php7-pecl-event \ + php7-pecl-imagick php7-pecl-imagick-dev php7-pecl-mcrypt php7-pecl-memcached php7-pecl-mongodb php7-recode \ + php7-session php7-shmop php7-simplexml php7-snmp php7-soap php7-sockets php7-sodium php7-sqlite3 php7-sysvmsg \ + php7-sysvsem php7-sysvshm php7-tidy php7-tokenizer php7-wddx php7-xml php7-xmlreader php7-xmlrpc php7-xmlwriter \ + php7-xsl php7-zip composer \ + && composer config -g repos.packagist composer https://mirrors.cloud.tencent.com/composer + +WORKDIR /app \ No newline at end of file diff --git a/images/php/73/Dockerfile b/images/php/73/Dockerfile new file mode 100644 index 00000000..7852d330 --- /dev/null +++ b/images/php/73/Dockerfile @@ -0,0 +1,20 @@ +FROM registry.cn-hongkong.aliyuncs.com/imxieke/alpine:3.12 + +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +# conflict php7-pecl-gmagick php7-pecl-imagick + +RUN apk add --no-cache php7 php7-bcmath php7-brotli php7-bz2 php7-calendar php7-cgi php7-ctype php7-curl php7-dba php7-dbg \ + php7-dev php7-dbg php7-dom php7-enchant php7-exif php7-fileinfo php7-fpm php7-ftp php7-gd php7-gettext php7-gmp \ + php7-iconv php7-imap php7-intl php7-json php7-ldap php7-maxminddb php7-mbstring php7-mysqli php7-mysqlnd php7-odbc \ + php7-openssl php7-pcntl php7-pdo php7-pdo_dblib php7-pdo_mysql php7-pdo_pgsql php7-pdo_sqlite php7-pear \ + php7-pecl-amqp php7-pecl-event php7-pecl-igbinary php7-pecl-imagick php7-pecl-imagick-dev php7-pecl-mcrypt \ + php7-pecl-memcache php7-pecl-memcached php7-pecl-msgpack php7-pecl-oauth php7-pecl-protobuf php7-pecl-psr \ + php7-pecl-redis php7-pecl-uuid php7-pecl-xdebug php7-pecl-xhprof php7-pecl-yaml php7-pecl-zmq php7-pgsql php7-phar \ + php7-phpdbg php7-posix php7-pspell php7-recode php7-session php7-shmop php7-simplexml php7-snmp php7-soap \ + php7-sockets php7-sodium php7-sqlite3 php7-sysvmsg php7-sysvsem php7-sysvshm php7-tidy php7-tokenizer php7-wddx \ + php7-xml php7-xmlreader php7-xmlrpc php7-xmlwriter php7-xsl php7-zip composer \ + && composer config -g repos.packagist composer https://mirrors.cloud.tencent.com/composer + +WORKDIR /app \ No newline at end of file diff --git a/images/php/74/Dockerfile b/images/php/74/Dockerfile new file mode 100644 index 00000000..87126c50 --- /dev/null +++ b/images/php/74/Dockerfile @@ -0,0 +1,20 @@ +FROM registry.cn-hongkong.aliyuncs.com/imxieke/alpine:3.13 + +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +# conflict php7-pecl-gmagick php7-pecl-imagick + +RUN echo 'nameserver 223.5.5.5' > /etc/resolv.conf \ + && apk add --no-cache php7 php7-bcmath php7-brotli php7-bz2 php7-calendar php7-ctype php7-curl php7-dba php7-dev php7-dom \ + php7-embed php7-enchant php7-exif php7-fileinfo php7-fpm php7-ftp php7-gd php7-gettext php7-gmp php7-iconv php7-imap php7-intl \ + php7-json php7-ldap php7-mbstring php7-mysqli php7-mysqlnd php7-odbc php7-openssl php7-pcntl php7-pdo php7-pdo_dblib \ + php7-pdo_mysql php7-pdo_odbc php7-pdo_pgsql php7-pdo_sqlite php7-pear php7-pecl-amqp php7-pecl-event php7-pecl-imagick \ + php7-pecl-imagick-dev php7-pecl-maxminddb php7-pecl-mcrypt php7-pecl-memcache php7-pecl-memcached php7-pecl-mongodb \ + php7-pecl-msgpack php7-pecl-protobuf php7-pecl-psr php7-pecl-redis php7-pecl-yaml php7-pecl-zmq php7-pgsql php7-phar \ + php7-posix php7-pspell php7-session php7-shmop php7-simplexml php7-snmp php7-soap php7-sockets php7-sodium php7-sqlite3 \ + php7-static php7-sysvmsg php7-sysvsem php7-sysvshm php7-tidy php7-tokenizer php7-xml php7-xmlreader php7-xmlrpc \ + php7-xmlwriter php7-xsl php7-zip composer \ + && composer config -g repos.packagist composer https://mirrors.cloud.tencent.com/composer + +WORKDIR /app \ No newline at end of file diff --git a/images/php/8/Dockerfile b/images/php/8/Dockerfile new file mode 100644 index 00000000..c0a93aa3 --- /dev/null +++ b/images/php/8/Dockerfile @@ -0,0 +1,19 @@ +FROM registry.cn-hongkong.aliyuncs.com/imxieke/alpine:3.13 + +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +# conflict php7-pecl-gmagick php7-pecl-imagick + +RUN echo 'nameserver 223.5.5.5' > /etc/resolv.conf \ + && apk add --no-cache php8 php8-bcmath php8-brotli php8-bz2 php8-calendar php8-ctype php8-curl php8-dba php8-dev php8-dom \ + php8-embed php8-enchant php8-exif php8-fileinfo php8-fpm php8-ftp php8-gd php8-gettext php8-gmp php8-iconv php8-imap php8-intl \ + php8-ldap php8-mbstring php8-mysqli php8-mysqlnd php8-odbc php8-openssl php8-pcntl php8-pdo php8-pdo_dblib php8-pdo_mysql \ + php8-pdo_odbc php8-pdo_pgsql php8-pdo_sqlite php8-pear php8-pecl-event php8-pecl-imagick php8-pecl-imagick-dev \ + php8-pecl-maxminddb php8-pecl-mcrypt php8-pecl-memcache php8-pecl-memcached php8-pecl-mongodb php8-pecl-msgpack php8-pecl-redis \ + php8-pecl-yaml php8-pgsql php8-phar php8-phpdbg php8-posix php8-pspell php8-session php8-shmop php8-simplexml php8-snmp \ + php8-soap php8-sockets php8-sodium php8-sqlite3 php8-sysvmsg php8-sysvsem php8-sysvshm php8-tidy php8-tokenizer php8-xml \ + php8-xmlreader php8-xmlwriter php8-xsl php8-zip composer \ + && composer config -g repos.packagist composer https://mirrors.cloud.tencent.com/composer + +WORKDIR /app \ No newline at end of file diff --git a/images/php/Dockerfile b/images/php/Dockerfile deleted file mode 100644 index 65d2f0dd..00000000 --- a/images/php/Dockerfile +++ /dev/null @@ -1,17 +0,0 @@ -FROM registry.cn-hongkong.aliyuncs.com/imxieke/ubuntu:bionic - -LABEL DEBIAN_FRONTEND noninteractive\ - MAINTAINER="Cloudflying" \ - MAIL="oss@live.hk" - -ADD script/build.sh /tmp/build.sh -ADD script/tz.php /var/www/index.php -ADD conf/nginx.conf /etc/nginx/ -ADD conf/default.conf /etc/nginx/conf.d/ - -RUN sed -i 's/archive.ubuntu.com/mirrors.ustc.edu.cn/g' /etc/apt/sources.list \ - && chmod +x /tmp/build.sh \ - && bash /tmp/build.sh - -EXPOSE 80 443 -CMD /bin/phpenv \ No newline at end of file diff --git a/images/php/Dockerfile.multiple b/images/php/Dockerfile.multiple deleted file mode 100644 index 472515a7..00000000 --- a/images/php/Dockerfile.multiple +++ /dev/null @@ -1,16 +0,0 @@ -FROM imxieke/ubuntu:bionic - -LABEL MAINTAINER="Cloudflying" \ - MAIL="oss@live.hk" - -ADD script/env.sh /bin/env.sh -ADD script/start.sh /bin/start.sh -ADD conf.d/index.php /var/www/ -RUN sed -i 's/archive.ubuntu.com/mirrors.ustc.edu.cn/g' /etc/apt/sources.list \ - && chmod +x /bin/env.sh \ - && chmod +x /bin/start.sh \ - && bash /bin/env.sh - -ADD conf.d/*.example /etc/nginx/conf.d/ -EXPOSE 80 443 -CMD /bin/start.sh \ No newline at end of file diff --git a/images/php/README.md b/images/php/README.md index 598349e1..ea110c33 100644 --- a/images/php/README.md +++ b/images/php/README.md @@ -17,6 +17,9 @@ Ubuntu: # PHP 7.2 +# php 7.3 +php 7.3 + composer + #feature * swoole diff --git a/images/php/php-fpm/Dockerfile-56 b/images/php/php-fpm/Dockerfile-56 new file mode 100644 index 00000000..7644304e --- /dev/null +++ b/images/php/php-fpm/Dockerfile-56 @@ -0,0 +1,137 @@ +# +#-------------------------------------------------------------------------- +# Image Setup +#-------------------------------------------------------------------------- +# +# To edit the 'php-fpm' base Image, visit its repository on Github +# https://github.com/LaraDock/php-fpm +# +# To change its version, see the available Tags on the Docker Hub: +# https://hub.docker.com/r/laradock/php-fpm/tags/ +# + +FROM laradock/php-fpm:5.6--1.2 + +MAINTAINER Mahmoud Zalt + +# +#-------------------------------------------------------------------------- +# Mandatory Software's Installation +#-------------------------------------------------------------------------- +# +# Mandatory Software's such as ("mcrypt", "pdo_mysql", "libssl-dev", ....) +# are installed on the base image 'laradock/php-fpm' image. If you want +# to add more Software's or remove existing one, you need to edit the +# base image (https://github.com/LaraDock/php-fpm). +# + +# +#-------------------------------------------------------------------------- +# Optional Software's Installation +#-------------------------------------------------------------------------- +# +# Optional Software's will only be installed if you set them to `true` +# in the `docker-compose.yml` before the build. +# Example: +# - INSTALL_ZIP_ARCHIVE=true +# + +##################################### +# xDebug: +##################################### + +ARG INSTALL_XDEBUG=true +RUN if [ ${INSTALL_XDEBUG} = true ]; then \ + # Install the xdebug extension + pecl install xdebug && \ + docker-php-ext-enable xdebug \ +;fi + +# Copy xdebug configration for remote debugging +COPY ./xdebug.ini /usr/local/etc/php/conf.d/xdebug.ini + +##################################### +# MongoDB: +##################################### + +ARG INSTALL_MONGO=true +RUN if [ ${INSTALL_MONGO} = true ]; then \ + # Install the mongodb extension + pecl install mongodb && \ + docker-php-ext-enable mongodb \ +;fi + +##################################### +# ZipArchive: +##################################### + +ARG INSTALL_ZIP_ARCHIVE=true +RUN if [ ${INSTALL_ZIP_ARCHIVE} = true ]; then \ + # Install the zip extension + pecl install zip && \ + docker-php-ext-enable zip \ +;fi + +##################################### +# PHP Memcached: +##################################### + +ARG INSTALL_MEMCACHED=true +RUN if [ ${INSTALL_MEMCACHED} = true ]; then \ + # Install the php memcached extension + pecl install memcached && \ + docker-php-ext-enable memcached \ +;fi + +##################################### +# PHP Aerospike: +##################################### + +ARG INSTALL_AEROSPIKE_EXTENSION=true +ENV INSTALL_AEROSPIKE_EXTENSION ${INSTALL_AEROSPIKE_EXTENSION} +# Copy aerospike configration for remote debugging +COPY ./aerospike.ini /usr/local/etc/php/conf.d/aerospike.ini +RUN if [ ${INSTALL_AEROSPIKE_EXTENSION} = true ]; then \ + # Install the php aerospike extension + curl -L -o /tmp/aerospike-client-php.tar.gz "https://github.com/luciano-jr/aerospike-client-php/archive/master.tar.gz" \ + && mkdir -p aerospike-client-php \ + && tar -C aerospike-client-php -zxvf /tmp/aerospike-client-php.tar.gz --strip 1 \ + && ( \ + cd aerospike-client-php/src/aerospike \ + && phpize \ + && ./build.sh \ + && make install \ + ) \ + && rm /tmp/aerospike-client-php.tar.gz \ +;fi + +##################################### +# Opcache: +##################################### +ARG INSTALL_OPCACHE=true +RUN if [ ${INSTALL_OPCACHE} = true ]; then \ + docker-php-ext-install opcache && \ + docker-php-ext-enable opcache \ +;fi + +# Copy opcache configration +COPY ./opcache.ini /usr/local/etc/php/conf.d/opcache.ini + +# +#-------------------------------------------------------------------------- +# Final Touch +#-------------------------------------------------------------------------- +# + +ADD ./laravel.ini /usr/local/etc/php/conf.d +ADD ./laravel.pool.conf /usr/local/etc/php-fpm.d/ + +RUN rm -r /var/lib/apt/lists/* + +RUN usermod -u 1000 www-data + +WORKDIR /var/www/laravel + +CMD ["php-fpm"] + +EXPOSE 9000 diff --git a/images/php/php-fpm/Dockerfile-70 b/images/php/php-fpm/Dockerfile-70 new file mode 100644 index 00000000..af858569 --- /dev/null +++ b/images/php/php-fpm/Dockerfile-70 @@ -0,0 +1,149 @@ +# +#-------------------------------------------------------------------------- +# Image Setup +#-------------------------------------------------------------------------- +# +# To edit the 'php-fpm' base Image, visit its repository on Github +# https://github.com/LaraDock/php-fpm +# +# To change its version, see the available Tags on the Docker Hub: +# https://hub.docker.com/r/laradock/php-fpm/tags/ +# + +FROM laradock/php-fpm:7.0--1.2 + +MAINTAINER Mahmoud Zalt + +# +#-------------------------------------------------------------------------- +# Mandatory Software's Installation +#-------------------------------------------------------------------------- +# +# Mandatory Software's such as ("mcrypt", "pdo_mysql", "libssl-dev", ....) +# are installed on the base image 'laradock/php-fpm' image. If you want +# to add more Software's or remove existing one, you need to edit the +# base image (https://github.com/LaraDock/php-fpm). +# + +# +#-------------------------------------------------------------------------- +# Optional Software's Installation +#-------------------------------------------------------------------------- +# +# Optional Software's will only be installed if you set them to `true` +# in the `docker-compose.yml` before the build. +# Example: +# - INSTALL_ZIP_ARCHIVE=true +# + +##################################### +# xDebug: +##################################### + +ARG INSTALL_XDEBUG=true +RUN if [ ${INSTALL_XDEBUG} = true ]; then \ + # Install the xdebug extension + pecl install xdebug && \ + docker-php-ext-enable xdebug \ +;fi + +# Copy xdebug configration for remote debugging +COPY ./xdebug.ini /usr/local/etc/php/conf.d/xdebug.ini + +##################################### +# MongoDB: +##################################### + +ARG INSTALL_MONGO=true +RUN if [ ${INSTALL_MONGO} = true ]; then \ + # Install the mongodb extension + pecl install mongodb && \ + docker-php-ext-enable mongodb \ +;fi + +##################################### +# ZipArchive: +##################################### + +ARG INSTALL_ZIP_ARCHIVE=true +RUN if [ ${INSTALL_ZIP_ARCHIVE} = true ]; then \ + # Install the zip extension + pecl install zip && \ + docker-php-ext-enable zip \ +;fi + +##################################### +# PHP Memcached: +##################################### + +ARG INSTALL_MEMCACHED=true +RUN if [ ${INSTALL_MEMCACHED} = true ]; then \ + # Install the php memcached extension + curl -L -o /tmp/memcached.tar.gz "https://github.com/php-memcached-dev/php-memcached/archive/php7.tar.gz" \ + && mkdir -p memcached \ + && tar -C memcached -zxvf /tmp/memcached.tar.gz --strip 1 \ + && ( \ + cd memcached \ + && phpize \ + && ./configure \ + && make -j$(nproc) \ + && make install \ + ) \ + && rm -r memcached \ + && rm /tmp/memcached.tar.gz \ + && docker-php-ext-enable memcached \ +;fi + +##################################### +# PHP Aerospike: +##################################### + +ARG INSTALL_AEROSPIKE_EXTENSION=true +ENV INSTALL_AEROSPIKE_EXTENSION ${INSTALL_AEROSPIKE_EXTENSION} +# Copy aerospike configration for remote debugging +COPY ./aerospike.ini /usr/local/etc/php/conf.d/aerospike.ini +RUN if [ ${INSTALL_AEROSPIKE_EXTENSION} = true ]; then \ + # Install the php aerospike extension + curl -L -o /tmp/aerospike-client-php.tar.gz "https://github.com/luciano-jr/aerospike-client-php/archive/master.tar.gz" \ + && mkdir -p aerospike-client-php \ + && tar -C aerospike-client-php -zxvf /tmp/aerospike-client-php.tar.gz --strip 1 \ + && ( \ + cd aerospike-client-php/src/aerospike \ + && phpize \ + && ./build.sh \ + && make install \ + ) \ + && rm /tmp/aerospike-client-php.tar.gz \ +;fi + +##################################### +# Opcache: +##################################### +ARG INSTALL_OPCACHE=true +RUN if [ ${INSTALL_OPCACHE} = true ]; then \ + docker-php-ext-install opcache && \ + docker-php-ext-enable opcache \ +;fi + +# Copy opcache configration +COPY ./opcache.ini /usr/local/etc/php/conf.d/opcache.ini + + +# +#-------------------------------------------------------------------------- +# Final Touch +#-------------------------------------------------------------------------- +# + +ADD ./laravel.ini /usr/local/etc/php/conf.d +ADD ./laravel.pool.conf /usr/local/etc/php-fpm.d/ + +RUN rm -r /var/lib/apt/lists/* + +RUN usermod -u 1000 www-data + +WORKDIR /var/www/laravel + +CMD ["php-fpm"] + +EXPOSE 9000 diff --git a/images/php/php-fpm/aerospike.ini b/images/php/php-fpm/aerospike.ini new file mode 100644 index 00000000..f9c8f614 --- /dev/null +++ b/images/php/php-fpm/aerospike.ini @@ -0,0 +1,3 @@ +extension=aerospike.so +aerospike.udf.lua_system_path=/usr/local/aerospike/lua +aerospike.udf.lua_user_path=/usr/local/aerospike/usr-lua \ No newline at end of file diff --git a/images/php/php-fpm/laravel.ini b/images/php/php-fpm/laravel.ini new file mode 100644 index 00000000..486a2cab --- /dev/null +++ b/images/php/php-fpm/laravel.ini @@ -0,0 +1,13 @@ +date.timezone=UTC +display_errors=Off +log_errors=On + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 128M +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 20M +; Sets max size of post data allowed. +; http://php.net/post-max-size +post_max_size = 20M diff --git a/images/php/php-fpm/laravel.pool.conf b/images/php/php-fpm/laravel.pool.conf new file mode 100644 index 00000000..ab2a4f1f --- /dev/null +++ b/images/php/php-fpm/laravel.pool.conf @@ -0,0 +1,76 @@ +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +user = www-data +group = www-data + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses on a +; specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +listen = 0.0.0.0:9000 + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives. With this process management, there will be +; always at least 1 children. +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; ondemand - no children are created at startup. Children will be forked when +; new requests will connect. The following parameter are used: +; pm.max_children - the maximum number of children that +; can be alive at the same time. +; pm.process_idle_timeout - The number of seconds after which +; an idle process will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. The below defaults are based on a server without much resources. Don't +; forget to tweak pm.* to fit your needs. +; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' +; Note: This value is mandatory. +pm.max_children = 20 + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 +pm.start_servers = 2 + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.min_spare_servers = 1 + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.max_spare_servers = 3 + +;--------------------- + +; Make specific Docker environment variables available to PHP +env[DB_1_ENV_MYSQL_DATABASE] = $DB_1_ENV_MYSQL_DATABASE +env[DB_1_ENV_MYSQL_USER] = $DB_1_ENV_MYSQL_USER +env[DB_1_ENV_MYSQL_PASSWORD] = $DB_1_ENV_MYSQL_PASSWORD + +catch_workers_output = yes diff --git a/images/php/php-fpm/opcache.ini b/images/php/php-fpm/opcache.ini new file mode 100644 index 00000000..af946ef5 --- /dev/null +++ b/images/php/php-fpm/opcache.ini @@ -0,0 +1,7 @@ +extension=opcache.so +opcache.enable="0" +opcache.memory_consumption="256" +opcache.use_cwd="0" +opcache.fast_shutdown="1" +opcache.max_file_size="0" +opcache.validate_timestamps="0" diff --git a/images/php/php-fpm/xdebug.ini b/images/php/php-fpm/xdebug.ini new file mode 100644 index 00000000..06eef4a9 --- /dev/null +++ b/images/php/php-fpm/xdebug.ini @@ -0,0 +1,12 @@ +; NOTE: The actual debug.so extention is NOT SET HERE but rather (/usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini) + +xdebug.remote_autostart=1 +xdebug.remote_enable=1 +xdebug.remote_connect_back=1 +xdebug.cli_color=1 +xdebug.remote_handler=dbgp +xdebug.remote_mode=req + +xdebug.remote_port=9000 +xdebug.remote_host=dockerhost +xdebug.idekey=PHPSTORM diff --git a/images/php/php56/Dockerfile b/images/php/php56/Dockerfile new file mode 100644 index 00000000..d66a6cd7 --- /dev/null +++ b/images/php/php56/Dockerfile @@ -0,0 +1,69 @@ +FROM php:5.6-fpm + +RUN echo "deb http://mirrors.aliyun.com/debian/ stretch main non-free contrib" > /etc/apt/sources.list \ + && echo "deb-src http://mirrors.aliyun.com/debian/ stretch main non-free contrib" >> /etc/apt/sources.list \ + && echo "deb http://mirrors.aliyun.com/debian-security stretch/updates main" >> /etc/apt/sources.list \ + && echo "deb-src http://mirrors.aliyun.com/debian-security stretch/updates main" >> /etc/apt/sources.list \ + && echo "deb http://mirrors.aliyun.com/debian/ stretch-updates main non-free contrib" >> /etc/apt/sources.list \ + && echo "deb-src http://mirrors.aliyun.com/debian/ stretch-updates main non-free contrib" >> /etc/apt/sources.list \ + && echo "deb http://mirrors.aliyun.com/debian/ stretch-backports main non-free contrib" >> /etc/apt/sources.list \ + && echo "deb-src http://mirrors.aliyun.com/debian/ stretch-backports main non-free contrib" >> /etc/apt/sources.list + + +# 复制时区配置 +ENV TZ=Asia/Shanghai +RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone + +# 安装基础 +RUN apt-get update \ + && apt-get install -y --no-install-recommends \ + curl \ + iputils-ping \ + libicu-dev \ + libmemcached-dev \ + libz-dev \ + libpq-dev \ + libjpeg-dev \ + libpng-dev \ + libfreetype6-dev \ + libssl-dev \ + libmcrypt-dev \ + libxml2-dev \ + libbz2-dev \ + libjpeg62-turbo-dev \ + curl \ + git \ + subversion \ + && rm -rf /var/lib/apt/lists/* + + +# 安装PHP插件 +RUN docker-php-ext-install \ + bcmath \ + intl \ + mbstring \ + mysqli \ + pcntl \ + pdo_mysql \ + pdo_pgsql \ + soap \ + sockets \ + zip \ + && docker-php-ext-configure gd \ + --enable-gd-native-ttf \ + --with-jpeg-dir=/usr/lib \ + --with-freetype-dir=/usr/include/freetype2 && \ + docker-php-ext-install gd \ + && docker-php-ext-install opcache \ + && docker-php-ext-enable opcache + + +# Short open tags fix - another Symfony requirements +COPY ./custom-php.ini /usr/local/etc/php/conf.d/custom-php.ini + + + +RUN chown -R www-data:www-data /var/www/ + + +WORKDIR /var/www \ No newline at end of file diff --git a/images/php/php56/custom-php.ini b/images/php/php56/custom-php.ini new file mode 100644 index 00000000..641d3e75 --- /dev/null +++ b/images/php/php56/custom-php.ini @@ -0,0 +1,230 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +engine = On +short_open_tag = Off +asp_tags = Off +precision = 14 +output_buffering = 4096 + +zlib.output_compression = Off + +implicit_flush = Off +unserialize_callback_func = +serialize_precision = 17 +disable_functions = +disable_classes = + +zend.enable_gc = On + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +expose_php = On + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +max_execution_time = 60 +max_input_time = 60 +max_input_vars = 1000 +memory_limit = -1 + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT +display_errors = Off +display_startup_errors = Off +log_errors = On +log_errors_max_len = 1024 +ignore_repeated_errors = Off +ignore_repeated_source = Off +report_memleaks = On +track_errors = Off +html_errors = On + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +variables_order = "GPCS" +request_order = "GP" +register_argc_argv = Off +auto_globals_jit = On + +post_max_size = 32M +auto_prepend_file = +auto_append_file = + +default_mimetype = "text/html" +always_populate_raw_post_data = -1 + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +doc_root = +user_dir = + +enable_dl = Off + +realpath_cache_size = 4096K +realpath_cache_ttl = 600 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +file_uploads = On +upload_max_filesize = 64M +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +allow_url_fopen = On +allow_url_include = Off + +default_socket_timeout = 60 + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[CLI Server] +cli_server.color = On + +[Date] +date.timezone = UTC + +[Pdo_mysql] +pdo_mysql.cache_size = 2000 +pdo_mysql.default_socket= + +[mail function] +; For Win32 only. +SMTP = localhost +smtp_port = 25 + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +sendmail_path = /usr/sbin/sendmail -t -i + +mail.add_x_header = On + +[SQL] +sql.safe_mode = Off + +[ODBC] +odbc.allow_persistent = On +odbc.check_persistent = On +odbc.max_persistent = -1 +odbc.max_links = -1 +odbc.defaultlrl = 4096 +odbc.defaultbinmode = 1 + +[MySQL] +mysql.allow_local_infile = On +mysql.allow_persistent = On +mysql.cache_size = 2000 +mysql.max_persistent = -1 +mysql.max_links = -1 +mysql.default_port = +mysql.default_socket = +mysql.default_host = +mysql.default_user = +mysql.default_password = +mysql.connect_timeout = 60 +mysql.trace_mode = Off + +[MySQLi] +mysqli.max_persistent = -1 +mysqli.allow_persistent = On +mysqli.max_links = -1 +mysqli.cache_size = 2000 +mysqli.default_port = 3306 +mysqli.default_socket = +mysqli.default_host = +mysqli.default_user = +mysqli.default_pw = +mysqli.reconnect = Off + +[mysqlnd] +mysqlnd.collect_statistics = On +mysqlnd.collect_memory_statistics = Off + +[PostgreSQL] +pgsql.allow_persistent = On +pgsql.auto_reset_persistent = Off +pgsql.max_persistent = -1 +pgsql.max_links = -1 +pgsql.ignore_notice = 0 +pgsql.log_notice = 0 + +[bcmath] +bcmath.scale = 0 + +[Session] +session.save_handler = files +session.save_path = +session.use_cookies = 1 +session.use_only_cookies = 1 +session.name = PHPSESSID +session.auto_start = 0 + +session.cookie_lifetime = 0 +session.cookie_path = / +session.cookie_domain = +session.cookie_httponly = + +session.serialize_handler = php + +session.gc_probability = 1 +session.gc_divisor = 1000 +session.gc_maxlifetime = 1440 + +session.bug_compat_42 = Off +session.bug_compat_warn = Off +session.referer_check = + +session.cache_limiter = nocache +session.cache_expire = 180 + +session.use_trans_sid = 0 + +session.hash_function = 0 +session.hash_bits_per_character = 5 + +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +mssql.allow_persistent = On +mssql.max_persistent = -1 +mssql.max_links = -1 +mssql.min_error_severity = 10 +mssql.min_message_severity = 10 +mssql.compatability_mode = Off +mssql.secure_connection = Off + +[Tidy] +tidy.clean_output = Off + +[soap] +soap.wsdl_cache_enabled=1 +soap.wsdl_cache_dir="/tmp" +soap.wsdl_cache_ttl=86400 +soap.wsdl_cache_limit = 5 + +[ldap] +ldap.max_links = -1 + + +[Opcache] +opcache.max_accelerated_files = 20000 \ No newline at end of file diff --git a/images/php/php56/opcache.ini b/images/php/php56/opcache.ini new file mode 100644 index 00000000..6854939d --- /dev/null +++ b/images/php/php56/opcache.ini @@ -0,0 +1,9 @@ +; NOTE: The actual opcache.so extention is NOT SET HERE but rather (/usr/local/etc/php/conf.d/docker-php-ext-opcache.ini) + +opcache.enable="1" +opcache.memory_consumption="256" +opcache.use_cwd="0" +opcache.max_file_size="0" +opcache.max_accelerated_files = 30000 +opcache.validate_timestamps="1" +opcache.revalidate_freq="0" \ No newline at end of file diff --git a/images/php/php56/timezone.ini b/images/php/php56/timezone.ini new file mode 100644 index 00000000..8c3e0b24 --- /dev/null +++ b/images/php/php56/timezone.ini @@ -0,0 +1,4 @@ +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +date.timezone = Asia/Shanghai \ No newline at end of file diff --git a/images/php/php56/xdebug.ini b/images/php/php56/xdebug.ini new file mode 100644 index 00000000..c5c91258 --- /dev/null +++ b/images/php/php56/xdebug.ini @@ -0,0 +1,16 @@ +[xdebug] +zend_extension="xdebug.so" +;是否开启调试内容 +xdebug.remote_enable=1 +;调试插件dbgp +xdebug.remote_handler=dbgp +;远程调试的端口(默认9000) +xdebug.remote_port=9001 +;是否开启远程调试自动启动 +xdebug.remote_autostart=1 +xdebug.remote_connect_back=0 +;IDE Key +xdebug.idekey=PHPSTORM +;允许调试的客户端IP +xdebug.remote_host=192.168.1.100 +xdebug.remote_log=/tmp/xdebug.log \ No newline at end of file diff --git a/images/php/php72/Dockerfile b/images/php/php72/Dockerfile new file mode 100644 index 00000000..442987e8 --- /dev/null +++ b/images/php/php72/Dockerfile @@ -0,0 +1,209 @@ +FROM php:7.2.19-fpm + +RUN echo "deb http://mirrors.aliyun.com/debian/ stretch main non-free contrib" > /etc/apt/sources.list \ + && echo "deb-src http://mirrors.aliyun.com/debian/ stretch main non-free contrib" >> /etc/apt/sources.list \ + && echo "deb http://mirrors.aliyun.com/debian-security stretch/updates main" >> /etc/apt/sources.list \ + && echo "deb-src http://mirrors.aliyun.com/debian-security stretch/updates main" >> /etc/apt/sources.list \ + && echo "deb http://mirrors.aliyun.com/debian/ stretch-updates main non-free contrib" >> /etc/apt/sources.list \ + && echo "deb-src http://mirrors.aliyun.com/debian/ stretch-updates main non-free contrib" >> /etc/apt/sources.list \ + && echo "deb http://mirrors.aliyun.com/debian/ stretch-backports main non-free contrib" >> /etc/apt/sources.list \ + && echo "deb-src http://mirrors.aliyun.com/debian/ stretch-backports main non-free contrib" >> /etc/apt/sources.list + + +# 复制时区配置 +ENV TZ=Asia/Shanghai +RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone + +# 安装基础 +RUN apt-get update \ + && apt-get install -y --no-install-recommends \ + curl \ + sudo \ + iputils-ping \ + libicu-dev \ + libmemcached-dev \ + libz-dev \ + libpq-dev \ + libjpeg-dev \ + libpng-dev \ + libfreetype6-dev \ + libssl-dev \ + libmcrypt-dev \ + libxml2-dev \ + libbz2-dev \ + libjpeg62-turbo-dev \ + git \ + vim \ + wget \ + net-tools \ + zip \ + unzip \ + openssh-server \ + openssh-client \ + subversion \ + && rm -rf /var/lib/apt/lists/* + + +# 安装PHP插件 +RUN docker-php-ext-configure bcmath --enable-bcmath \ + && docker-php-ext-configure pcntl --enable-pcntl \ + && docker-php-ext-configure pdo_mysql --with-pdo-mysql \ + && docker-php-ext-configure pdo_pgsql --with-pgsql \ + && docker-php-ext-configure mbstring --enable-mbstring \ + && docker-php-ext-install \ + bcmath \ + intl \ + mbstring \ + mysqli \ + pcntl \ + pdo_mysql \ + pdo_pgsql \ + sockets \ + zip \ + && docker-php-ext-configure gd \ + --enable-gd-native-ttf \ + --with-jpeg-dir=/usr/lib \ + --with-freetype-dir=/usr/include/freetype2 && \ + docker-php-ext-install gd \ + && docker-php-ext-install opcache \ + && docker-php-ext-enable opcache + + +# PHP.INI +COPY ./php72.ini /usr/local/etc/php/conf.d/custom-php.ini + +## AST +#RUN git clone https://github.com/nikic/php-ast /usr/src/php/ext/ast/ && \ +# docker-php-ext-configure ast && \ +# docker-php-ext-install ast + +# ICU - intl requirements for Symfony +# Debian is out of date, and Symfony expects the latest - so build from source, unless a better alternative exists(?) +#RUN curl -sS -o /tmp/icu.tar.gz -L http://download.icu-project.org/files/icu4c/58.2/icu4c-58_2-src.tgz \ +# && tar -zxf /tmp/icu.tar.gz -C /tmp \ +# && cd /tmp/icu/source \ +# && ./configure --prefix=/usr/local \ +# && make \ +# && make install + +#RUN docker-php-ext-configure intl --with-icu-dir=/usr/local \ +# && docker-php-ext-install intl + +# 安装 gcc4.9.0(swoole需要4.4版本以上)(系统默认装了6.3.0 所以这里注释掉了) +#RUN cd /tmp \ +# && wget ftp://ftp.gnu.org/gnu/gcc/gcc-4.9.0/gcc-4.9.0.tar.gz \ +# && tar xvf gcc-4.9.0.tar.gz \ +# && cd gcc-4.9.0 \ +# && ./contrib/download_prerequisites \ +# && ./configure --enable-checking=release --enable-languages=c,c++ --disable-multilib \ +# && make -j2 && make install \ +# && mv /usr/bin/gcc /usr/bin/gcc-old \ +# && ln -s /usr/local/bin/gcc /usr/bin/gcc \ +# && rm -rf /tmp/gcc-4.9.0 \ +# && rm /tmp/gcc-4.9.0.tar.gz + + +# 安装 cmake-3.15.2(swoole需要2.4版本以上) +RUN cd /tmp \ + && wget https://github.com/Kitware/CMake/releases/download/v3.15.2/cmake-3.15.2.tar.gz \ + && tar xvf cmake-3.15.2.tar.gz \ + && cd cmake-3.15.2 \ + && ./bootstrap \ + && make -j8 && make install \ + && rm -rf /tmp/cmake-3.15.2 \ + && rm /tmp/cmake-3.15.2.tar.gz + + + +# 安装 Redis 扩展 +RUN cd /tmp \ + && wget https://github.com/edtechd/phpredis/archive/php7.zip \ + && unzip php7.zip \ + && cd phpredis-php7 \ + && phpize \ + && ./configure --with-php-config=/usr/local/bin/php-config \ + && make && make install \ + && echo "extension=redis.so" > /usr/local/etc/php/conf.d/redis.ini \ + && rm -rf /tmp/phpredis-php7 \ + && rm /tmp/php7.zip + +# 安装 PHP Memcached 扩展 +#RUN curl -L -o /tmp/memcached.tar.gz "https://github.com/php-memcached-dev/php-memcached/archive/php7.tar.gz" \ +# && mkdir -p memcached \ +# && tar -C memcached -zxvf /tmp/memcached.tar.gz --strip 1 \ +# && ( \ +# cd memcached \ +# && phpize \ +# && ./configure \ +# && make -j$(nproc) \ +# && make install \ +# ) \ +# && rm -r memcached \ +# && rm /tmp/memcached.tar.gz \ +# && docker-php-ext-enable memcached + +# 安装 Swoole +RUN cd /tmp \ + && wget https://pecl.php.net/get/swoole-4.4.3.tgz \ + && tar zxvf swoole-4.4.3.tgz \ + && cd swoole-4.4.3 \ + && phpize \ + && ./configure --enable-coroutine --enable-openssl --enable-http2 --enable-async-redis --enable-sockets --enable-mysqlnd -with-php-config=/usr/local/bin/php-config \ + && make && make install \ + && echo "extension=swoole.so" > /usr/local/etc/php/conf.d/swoole.ini \ + && rm -rf /tmp/swoole-4.4.3 \ + && rm /tmp/swoole-4.4.3.tgz + + +# 安装 xDebug 插件 +#RUN curl -fsSL 'https://xdebug.org/files/xdebug-2.6.1.tgz' -o xdebug.tar.gz \ +# && mkdir -p xdebug \ +# && tar -xf xdebug.tar.gz -C xdebug --strip-components=1 \ +# && rm xdebug.tar.gz \ +# && ( \ +# cd xdebug \ +# && phpize \ +# && ./configure --enable-xdebug \ +# && make -j$(nproc) \ +# && make install \ +# ) \ +# && rm -r xdebug \ +# && docker-php-ext-enable xdebug +##配置 debugger +#RUN echo "xdebug.enable=1" >> /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini +#RUN echo "xdebug.remote_enable=1" >> /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini +#RUN echo "xdebug.remote_host=192.168.1.2" >> /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini +#RUN echo "xdebug.remote_port=9003" >> /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini +#RUN echo "xdebug.idekey=PHPSTORM" >> /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini + +# 安装 PHP MongoDB 扩展 +#RUN pecl install mongodb && \ +# docker-php-ext-enable mongodb + +# 安装 Composer +ENV COMPOSER_HOME /var/www/.composer +RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/bin --filename=composer +RUN composer config -g repo.packagist composer https://mirrors.aliyun.com/composer/ \ + && composer self-update + +RUN chown -R www-data:www-data /var/www/ + +# 用户公钥 + +#RUN mkdir /root/.ssh \ +# && chown -R www-data:www-data /root/.ssh +# RUN sudo ssh-keygen -t rsa -C "kfkdock" -f ~/.ssh/id_dsa +#RUN ssh-keygen -t rsa -C "kfkdock" -f /root/.ssh/id_rsa + + +# 部署公钥 +#RUN mkdir /var/www/.ssh \ +# && chown -R www-data:www-data /var/www/.ssh +#RUN sudo -Hu www-data ssh-keygen -t rsa -f /var/www/.ssh/id_rsa + + + +RUN mkdir -p $COMPOSER_HOME/cache + +VOLUME $COMPOSER_HOME +WORKDIR /var/www \ No newline at end of file diff --git a/images/php/php72/opcache.ini b/images/php/php72/opcache.ini new file mode 100644 index 00000000..6854939d --- /dev/null +++ b/images/php/php72/opcache.ini @@ -0,0 +1,9 @@ +; NOTE: The actual opcache.so extention is NOT SET HERE but rather (/usr/local/etc/php/conf.d/docker-php-ext-opcache.ini) + +opcache.enable="1" +opcache.memory_consumption="256" +opcache.use_cwd="0" +opcache.max_file_size="0" +opcache.max_accelerated_files = 30000 +opcache.validate_timestamps="1" +opcache.revalidate_freq="0" \ No newline at end of file diff --git a/images/php/php72/php71.ini b/images/php/php72/php71.ini new file mode 100644 index 00000000..80f20803 --- /dev/null +++ b/images/php/php72/php71.ini @@ -0,0 +1,232 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +engine = On +short_open_tag = On +asp_tags = Off +precision = 14 +output_buffering = 4096 + +zlib.output_compression = Off + +implicit_flush = Off +unserialize_callback_func = +serialize_precision = 17 +disable_functions = +disable_classes = + +zend.enable_gc = On + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +expose_php = On + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +max_execution_time = 60 +max_input_time = 60 +max_input_vars = 1000 +memory_limit = -1 + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT +display_errors = Off +display_startup_errors = Off +log_errors = On +log_errors_max_len = 1024 +ignore_repeated_errors = Off +ignore_repeated_source = Off +report_memleaks = On +track_errors = Off +html_errors = On + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +variables_order = "GPCS" +request_order = "GP" +register_argc_argv = Off +auto_globals_jit = On + +post_max_size = 32M +auto_prepend_file = +auto_append_file = + +default_mimetype = "text/html" +always_populate_raw_post_data = -1 + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +doc_root = +user_dir = + +enable_dl = Off + +realpath_cache_size = 4096K +realpath_cache_ttl = 600 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +file_uploads = On +upload_max_filesize = 64M +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +allow_url_fopen = On +allow_url_include = Off + +default_socket_timeout = 60 + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[CLI Server] +cli_server.color = On + +[Date] +date.timezone = UTC + +[Pdo_mysql] +pdo_mysql.cache_size = 2000 +pdo_mysql.default_socket= + +[mail function] +; For Win32 only. +SMTP = localhost +smtp_port = 25 + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +sendmail_path = /usr/sbin/sendmail -t -i + +mail.add_x_header = On + +[SQL] +sql.safe_mode = Off + +[ODBC] +odbc.allow_persistent = On +odbc.check_persistent = On +odbc.max_persistent = -1 +odbc.max_links = -1 +odbc.defaultlrl = 4096 +odbc.defaultbinmode = 1 + +[MySQL] +mysql.allow_local_infile = On +mysql.allow_persistent = On +mysql.cache_size = 2000 +mysql.max_persistent = -1 +mysql.max_links = -1 +mysql.default_port = +mysql.default_socket = +mysql.default_host = +mysql.default_user = +mysql.default_password = +mysql.connect_timeout = 60 +mysql.trace_mode = Off + +[MySQLi] +mysqli.max_persistent = -1 +mysqli.allow_persistent = On +mysqli.max_links = -1 +mysqli.cache_size = 2000 +mysqli.default_port = 3306 +mysqli.default_socket = +mysqli.default_host = +mysqli.default_user = +mysqli.default_pw = +mysqli.reconnect = Off + +[mysqlnd] +mysqlnd.collect_statistics = On +mysqlnd.collect_memory_statistics = Off + +[PostgreSQL] +pgsql.allow_persistent = On +pgsql.auto_reset_persistent = Off +pgsql.max_persistent = -1 +pgsql.max_links = -1 +pgsql.ignore_notice = 0 +pgsql.log_notice = 0 + +[bcmath] +bcmath.scale = 0 + +[Session] +session.save_handler = files +session.save_path = +session.use_cookies = 1 +session.use_only_cookies = 1 +session.name = PHPSESSID +session.auto_start = 0 + +session.cookie_lifetime = 0 +session.cookie_path = / +session.cookie_domain = +session.cookie_httponly = + +session.serialize_handler = php + +session.gc_probability = 1 +session.gc_divisor = 1000 +session.gc_maxlifetime = 1440 + +session.bug_compat_42 = Off +session.bug_compat_warn = Off +session.referer_check = + +session.cache_limiter = nocache +session.cache_expire = 180 + +session.use_trans_sid = 0 + +session.hash_function = 0 +session.hash_bits_per_character = 5 + +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +mssql.allow_persistent = On +mssql.max_persistent = -1 +mssql.max_links = -1 +mssql.min_error_severity = 10 +mssql.min_message_severity = 10 +mssql.compatability_mode = Off +mssql.secure_connection = Off + +[Tidy] +tidy.clean_output = Off + +[soap] +soap.wsdl_cache_enabled=1 +soap.wsdl_cache_dir="/tmp" +soap.wsdl_cache_ttl=86400 +soap.wsdl_cache_limit = 5 + +[ldap] +ldap.max_links = -1 + + +[Opcache] +opcache.max_accelerated_files = 20000 + +; extension=mongodb.so \ No newline at end of file diff --git a/images/php/php72/php72.ini b/images/php/php72/php72.ini new file mode 100644 index 00000000..53ed17b6 --- /dev/null +++ b/images/php/php72/php72.ini @@ -0,0 +1,1918 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About php.ini ; +;;;;;;;;;;;;;;;;;;; +; PHP's initialization file, generally called php.ini, is responsible for +; configuring many of the aspects of PHP's behavior. + +; PHP attempts to find and load this configuration from a number of locations. +; The following is a summary of its search order: +; 1. SAPI module specific location. +; 2. The PHPRC environment variable. (As of PHP 5.2.0) +; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) +; 4. Current working directory (except CLI) +; 5. The web server's directory (for SAPI modules), or directory of PHP +; (otherwise in Windows) +; 6. The directory from the --with-config-file-path compile time option, or the +; Windows directory (C:\windows or C:\winnt) +; See the PHP docs for more specific information. +; http://php.net/configuration.file + +; The syntax of the file is extremely simple. Whitespace and lines +; beginning with a semicolon are silently ignored (as you probably guessed). +; Section headers (e.g. [Foo]) are also silently ignored, even though +; they might mean something in the future. + +; Directives following the section heading [PATH=/www/mysite] only +; apply to PHP files in the /www/mysite directory. Directives +; following the section heading [HOST=www.example.com] only apply to +; PHP files served from www.example.com. Directives set in these +; special sections cannot be overridden by user-defined INI files or +; at runtime. Currently, [PATH=] and [HOST=] sections only work under +; CGI/FastCGI. +; http://php.net/ini.sections + +; Directives are specified using the following syntax: +; directive = value +; Directive names are *case sensitive* - foo=bar is different from FOO=bar. +; Directives are variables used to configure PHP or PHP extensions. +; There is no name validation. If PHP can't find an expected +; directive because it is not set or is mistyped, a default value will be used. + +; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one +; of the INI constants (On, Off, True, False, Yes, No and None) or an expression +; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a +; previously set variable or directive (e.g. ${foo}) + +; Expressions in the INI file are limited to bitwise operators and parentheses: +; | bitwise OR +; ^ bitwise XOR +; & bitwise AND +; ~ bitwise NOT +; ! boolean NOT + +; Boolean flags can be turned on using the values 1, On, True or Yes. +; They can be turned off using the values 0, Off, False or No. + +; An empty string can be denoted by simply not writing anything after the equal +; sign, or by using the None keyword: + +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' + +; If you use constants in your value, and these constants belong to a +; dynamically loaded extension (either a PHP extension or a Zend extension), +; you may only use these constants *after* the line that loads the extension. + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it is +; much more verbose when it comes to errors. We recommend using the +; development version only in development environments, as errors shown to +; application users can inadvertently leak otherwise secure information. + +; This is php.ini-production INI file. + +;;;;;;;;;;;;;;;;;;; +; Quick Reference ; +;;;;;;;;;;;;;;;;;;; +; The following are all the settings which are different in either the production +; or development versions of the INIs with respect to PHP's default behavior. +; Please see the actual settings later in the document for more details as to why +; we recommend these changes in PHP's behavior. + +; display_errors +; Default Value: On +; Development Value: On +; Production Value: Off + +; display_startup_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; error_reporting +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT + +; html_errors +; Default Value: On +; Development Value: On +; Production value: On + +; log_errors +; Default Value: Off +; Development Value: On +; Production Value: On + +; max_input_time +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) + +; output_buffering +; Default Value: Off +; Development Value: 4096 +; Production Value: 4096 + +; register_argc_argv +; Default Value: On +; Development Value: Off +; Production Value: Off + +; request_order +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" + +; session.gc_divisor +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 + +; session.sid_bits_per_character +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 + +; short_open_tag +; Default Value: On +; Development Value: Off +; Production Value: Off + +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + +; variables_order +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS" + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" +;user_ini.filename = ".user.ini" + +; To disable this feature set this option to empty value +;user_ini.filename = + +; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +; http://php.net/engine +engine = On + +; This directive determines whether or not PHP will recognize code between +; tags as PHP source which should be processed as such. It is +; generally recommended that should be used and that this feature +; should be disabled, as enabling it may result in issues when generating XML +; documents, however this remains supported for backward compatibility reasons. +; Note that this directive does not control the would work. +; http://php.net/syntax-highlighting +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.default = #0000BB +;highlight.html = #000000 + +; If enabled, the request will be allowed to complete even if the user aborts +; the request. Consider enabling it if executing long requests, which may end up +; being interrupted by the user or a browser timing out. PHP's default behavior +; is to disable this feature. +; http://php.net/ignore-user-abort +;ignore_user_abort = On + +; Determines the size of the realpath cache to be used by PHP. This value should +; be increased on systems where PHP opens many files to reflect the quantity of +; the file operations performed. +; http://php.net/realpath-cache-size +;realpath_cache_size = 4096k + +; Duration of time, in seconds for which to cache realpath information for a given +; file or directory. For systems with rarely changing files, consider increasing this +; value. +; http://php.net/realpath-cache-ttl +;realpath_cache_ttl = 120 + +; Enables or disables the circular reference collector. +; http://php.net/zend.enable-gc +zend.enable_gc = On + +; If enabled, scripts may be written in encodings that are incompatible with +; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such +; encodings. To use this feature, mbstring extension must be enabled. +; Default: Off +;zend.multibyte = Off + +; Allows to set the default encoding for the scripts. This value will be used +; unless "declare(encoding=...)" directive appears at the top of the script. +; Only affects if zend.multibyte is set. +; Default: "" +;zend.script_encoding = + +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; + +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +; http://php.net/expose-php +expose_php = On + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +; Maximum execution time of each script, in seconds +; http://php.net/max-execution-time +; Note: This directive is hardcoded to 0 for the CLI SAPI +max_execution_time = 600 + +; Maximum amount of time each script may spend parsing request data. It's a good +; idea to limit this time on productions servers in order to eliminate unexpectedly +; long running scripts. +; Note: This directive is hardcoded to -1 for the CLI SAPI +; Default Value: -1 (Unlimited) +; Development Value: 60 (60 seconds) +; Production Value: 60 (60 seconds) +; http://php.net/max-input-time +max_input_time = 120 + +; Maximum input variable nesting level +; http://php.net/max-input-nesting-level +;max_input_nesting_level = 64 + +; How many GET/POST/COOKIE input variables may be accepted +; max_input_vars = 1000 + +; Maximum amount of memory a script may consume (128MB) +; http://php.net/memory-limit +memory_limit = 256M + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; This directive informs PHP of which errors, warnings and notices you would like +; it to take action for. The recommended way of setting values for this +; directive is through the use of the error level constants and bitwise +; operators. The error level constants are below here for convenience as well as +; some common settings and their meanings. +; By default, PHP is set to take action on all errors, notices and warnings EXCEPT +; those related to E_NOTICE and E_STRICT, which together cover best practices and +; recommended coding standards in PHP. For performance reasons, this is the +; recommend error reporting setting. Your production server shouldn't be wasting +; resources complaining about best practices and coding standards. That's what +; development servers and development settings are for. +; Note: The php.ini-development file has this setting as E_ALL. This +; means it pretty much reports everything which is exactly what you want during +; development and early testing. +; +; Error Level Constants: +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0) +; E_ERROR - fatal run-time errors +; E_RECOVERABLE_ERROR - almost fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it is automatically initialized to an +; empty string) +; E_STRICT - run-time notices, enable to have PHP suggest changes +; to your code which will ensure the best interoperability +; and forward compatibility of your code +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; E_DEPRECATED - warn about code that will not work in future versions +; of PHP +; E_USER_DEPRECATED - user-generated deprecation warnings +; +; Common Values: +; E_ALL (Show all errors, warnings and notices including coding standards.) +; E_ALL & ~E_NOTICE (Show all errors, except for notices) +; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.) +; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Development Value: E_ALL +; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT +; http://php.net/error-reporting +error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT + +; This directive controls whether or not and where PHP will output errors, +; notices and warnings too. Error output is very useful during development, but +; it could be very dangerous in production environments. Depending on the code +; which is triggering the error, sensitive information could potentially leak +; out of your application such as database usernames and passwords or worse. +; For production environments, we recommend logging errors rather than +; sending them to STDOUT. +; Possible Values: +; Off = Do not display any errors +; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) +; On or stdout = Display errors to STDOUT +; Default Value: On +; Development Value: On +; Production Value: Off +; http://php.net/display-errors +display_errors = Off + +; The display of errors which occur during PHP's startup sequence are handled +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. We strongly recommend you +; set this to 'off' for production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/display-startup-errors +display_startup_errors = Off + +; Besides displaying errors, PHP can also log errors to locations such as a +; server-specific log, STDERR, or a location specified by the error_log +; directive found below. While errors should not be displayed on productions +; servers they should still be monitored and logging is a great way to do that. +; Default Value: Off +; Development Value: On +; Production Value: On +; http://php.net/log-errors +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +; http://php.net/log-errors-max-len +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line unless ignore_repeated_source is set true. +; http://php.net/ignore-repeated-errors +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; source lines. +; http://php.net/ignore-repeated-source +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +; http://php.net/report-memleaks +report_memleaks = On + +; This setting is on by default. +;report_zend_debug = 0 + +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; Default Value: Off +; Development Value: On +; Production Value: Off +; http://php.net/track-errors +track_errors = Off + +; Turn off normal error reporting and emit XML-RPC error XML +; http://php.net/xmlrpc-errors +;xmlrpc_errors = 0 + +; An XML-RPC faultCode +;xmlrpc_error_number = 0 + +; When PHP displays or logs an error, it has the capability of formatting the +; error message as HTML for easier reading. This directive controls whether +; the error message is formatted as HTML or not. +; Note: This directive is hardcoded to Off for the CLI SAPI +; Default Value: On +; Development Value: On +; Production value: On +; http://php.net/html-errors +html_errors = On + +; If html_errors is set to On *and* docref_root is not empty, then PHP +; produces clickable error messages that direct to a page describing the error +; or function causing the error in detail. +; You can download a copy of the PHP manual from http://php.net/docs +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. PHP's default behavior is to leave these settings empty, in which +; case no links to documentation are generated. +; Note: Never use this feature for production boxes. +; http://php.net/docref-root +; Examples +;docref_root = "/phpmanual/" + +; http://php.net/docref-ext +;docref_ext = .html + +; String to output before an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-prepend-string +; Example: +;error_prepend_string = "" + +; String to output after an error message. PHP's default behavior is to leave +; this setting blank. +; http://php.net/error-append-string +; Example: +;error_append_string = "" + +; Log errors to specified file. PHP's default behavior is to leave this value +; empty. +; http://php.net/error-log +; Example: +;error_log = php_errors.log +; Log errors to syslog (Event Log on Windows). +;error_log = syslog + +;windows.show_crt_warning +; Default value: 0 +; Development value: 0 +; Production value: 0 + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; + +; The separator used in PHP generated URLs to separate arguments. +; PHP's default setting is "&". +; http://php.net/arg-separator.output +; Example: +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; PHP's default setting is "&". +; NOTE: Every character in this directive is considered as separator! +; http://php.net/arg-separator.input +; Example: +;arg_separator.input = ";&" + +; This directive determines which super global arrays are registered when PHP +; starts up. G,P,C,E & S are abbreviations for the following respective super +; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty +; paid for the registration of these arrays and because ENV is not as commonly +; used as the others, ENV is not recommended on productions servers. You +; can still get access to the environment variables through getenv() should you +; need to. +; Default Value: "EGPCS" +; Development Value: "GPCS" +; Production Value: "GPCS"; +; http://php.net/variables-order +variables_order = "GPCS" + +; This directive determines which super global data (G,P & C) should be +; registered into the super global array REQUEST. If so, it also determines +; the order in which that data is registered. The values for this directive +; are specified in the same manner as the variables_order directive, +; EXCEPT one. Leaving this value empty will cause PHP to use the value set +; in the variables_order directive. It does not mean it will leave the super +; globals array REQUEST empty. +; Default Value: None +; Development Value: "GP" +; Production Value: "GP" +; http://php.net/request-order +request_order = "GP" + +; This directive determines whether PHP registers $argv & $argc each time it +; runs. $argv contains an array of all the arguments passed to PHP when a script +; is invoked. $argc contains an integer representing the number of arguments +; that were passed when the script was invoked. These arrays are extremely +; useful when running scripts from the command line. When this directive is +; enabled, registering these variables consumes CPU cycles and memory each time +; a script is executed. For performance reasons, this feature should be disabled +; on production servers. +; Note: This directive is hardcoded to On for the CLI SAPI +; Default Value: On +; Development Value: Off +; Production Value: Off +; http://php.net/register-argc-argv +register_argc_argv = Off + +; When enabled, the ENV, REQUEST and SERVER variables are created when they're +; first used (Just In Time) instead of when the script starts. If these +; variables are not used within a script, having this directive on will result +; in a performance gain. The PHP directive register_argc_argv must be disabled +; for this directive to have any affect. +; http://php.net/auto-globals-jit +auto_globals_jit = On + +; Whether PHP will read the POST data. +; This option is enabled by default. +; Most likely, you won't want to disable this option globally. It causes $_POST +; and $_FILES to always be empty; the only way you will be able to read the +; POST data will be through the php://input stream wrapper. This can be useful +; to proxy requests or to process the POST data in a memory efficient fashion. +; http://php.net/enable-post-data-reading +;enable_post_data_reading = Off + +; Maximum size of POST data that PHP will accept. +; Its value may be 0 to disable the limit. It is ignored if POST data reading +; is disabled through enable_post_data_reading. +; http://php.net/post-max-size +post_max_size = 8M + +; Automatically add files before PHP document. +; http://php.net/auto-prepend-file +auto_prepend_file = + +; Automatically add files after PHP document. +; http://php.net/auto-append-file +auto_append_file = + +; By default, PHP will output a media type using the Content-Type header. To +; disable this, simply set it to be empty. +; +; PHP's built-in default media type is set to text/html. +; http://php.net/default-mimetype +default_mimetype = "text/html" + +; PHP's default character set is set to UTF-8. +; http://php.net/default-charset +default_charset = "UTF-8" + +; PHP internal character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/internal-encoding +;internal_encoding = + +; PHP input character encoding is set to empty. +; If empty, default_charset is used. +; http://php.net/input-encoding +;input_encoding = + +; PHP output character encoding is set to empty. +; If empty, default_charset is used. +; See also output_buffer. +; http://php.net/output-encoding +;output_encoding = + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +;include_path = ".:/php/includes" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" +; +; PHP's default setting for include_path is ".;/path/to/php/pear" +; http://php.net/include-path + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +; http://php.net/doc-root +doc_root = + +; The directory under which PHP opens the script using /~username used only +; if nonempty. +; http://php.net/user-dir +user_dir = + +; Directory in which the loadable extensions (modules) reside. +; http://php.net/extension-dir +; extension_dir = "./" +; On windows: +; extension_dir = "ext" + +; Directory where the temporary files should be placed. +; Defaults to the system default (see sys_get_temp_dir) +; sys_temp_dir = "/tmp" + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +; http://php.net/enable-dl +enable_dl = Off + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 + +; if cgi.nph is enabled it will force cgi to always sent Status: 200 with +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = + +; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's +; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok +; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting +; of zero causes PHP to behave as before. Default is 1. You should fix your scripts +; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo +;cgi.fix_pathinfo=1 + +; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside +; of the web tree and people will not be able to circumvent .htaccess security. +; http://php.net/cgi.dicard-path +;cgi.discard_path=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1 + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If set to 0, PHP sends Status: header that +; is supported by Apache. When this option is set to 1, PHP will send +; RFC2616 compliant header. +; Default is zero. +; http://php.net/cgi.rfc2616-headers +;cgi.rfc2616_headers = 0 + +; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! +; (shebang) at the top of the running script. This line might be needed if the +; script support running both as stand-alone script and via PHP CGI<. PHP in CGI +; mode skips this line and ignores its content if this directive is turned on. +; http://php.net/cgi.check-shebang-line +;cgi.check_shebang_line=1 + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +; http://php.net/file-uploads +file_uploads = On + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +; http://php.net/upload-tmp-dir +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +; http://php.net/upload-max-filesize +upload_max_filesize = 2M + +; Maximum number of files that can be uploaded via a single request +max_file_uploads = 20 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-fopen +allow_url_fopen = On + +; Whether to allow include/require to open URLs (like http:// or ftp://) as files. +; http://php.net/allow-url-include +allow_url_include = Off + +; Define the anonymous ftp password (your email address). PHP's default setting +; for this is empty. +; http://php.net/from +;from="john@doe.com" + +; Define the User-Agent string. PHP's default setting for this is empty. +; http://php.net/user-agent +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +; http://php.net/default-socket-timeout +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; http://php.net/auto-detect-line-endings +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; + +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=mysqli.dll +; +; ... or under UNIX: +; +; extension=mysqli.so +; +; ... or with a path: +; +; extension=/path/to/extension/mysqli.so +; +; If you only provide the name of the extension, PHP will look for it in its +; default extension directory. +; +; Windows Extensions +; Note that ODBC support is built in, so no dll is needed for it. +; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5+) +; extension folders as well as the separate PECL DLL download (PHP 5+). +; Be sure to appropriately set the extension_dir directive. +; +;extension=php_bz2.dll +;extension=php_curl.dll +;extension=php_fileinfo.dll +;extension=php_ftp.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_gmp.dll +;extension=php_intl.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_exif.dll ; Must be after mbstring as it depends on it +;extension=php_mysqli.dll +;extension=php_oci8_12c.dll ; Use with Oracle Database 12c Instant Client +;extension=php_openssl.dll +;extension=php_pdo_firebird.dll +;extension=php_pdo_mysql.dll +;extension=php_pdo_oci.dll +;extension=php_pdo_odbc.dll +;extension=php_pdo_pgsql.dll +;extension=php_pdo_sqlite.dll +;extension=php_pgsql.dll +;extension=php_shmop.dll + +; The MIBS data available in the PHP distribution must be installed. +; See http://www.php.net/manual/en/snmp.installation.php +;extension=php_snmp.dll + +;extension=php_soap.dll +;extension=php_sockets.dll +;extension=php_sqlite3.dll +;extension=php_tidy.dll +;extension=php_xmlrpc.dll +;extension=php_xsl.dll + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[CLI Server] +; Whether the CLI web server uses ANSI color coding in its terminal output. +cli_server.color = On + +[Date] +; Defines the default timezone used by the date functions +; http://php.net/date.timezone +;date.timezone = + +; http://php.net/date.default-latitude +;date.default_latitude = 31.7667 + +; http://php.net/date.default-longitude +;date.default_longitude = 35.2333 + +; http://php.net/date.sunrise-zenith +;date.sunrise_zenith = 90.583333 + +; http://php.net/date.sunset-zenith +;date.sunset_zenith = 90.583333 + +[filter] +; http://php.net/filter.default +;filter.default = unsafe_raw + +; http://php.net/filter.default-flags +;filter.default_flags = + +[iconv] +; Use of this INI entry is deprecated, use global input_encoding instead. +; If empty, default_charset or input_encoding or iconv.input_encoding is used. +; The precedence is: default_charset < intput_encoding < iconv.input_encoding +;iconv.input_encoding = + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;iconv.internal_encoding = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; If empty, default_charset or output_encoding or iconv.output_encoding is used. +; The precedence is: default_charset < output_encoding < iconv.output_encoding +; To use an output encoding conversion, iconv's output handler must be set +; otherwise output encoding conversion cannot be performed. +;iconv.output_encoding = + +[intl] +;intl.default_locale = +; This directive allows you to produce PHP errors when some error +; happens within intl functions. The value is the level of the error produced. +; Default is 0, which does not produce any errors. +;intl.error_level = E_WARNING +;intl.use_exceptions = 0 + +[sqlite3] +;sqlite3.extension_dir = + +[Pcre] +;PCRE library backtracking limit. +; http://php.net/pcre.backtrack-limit +;pcre.backtrack_limit=100000 + +;PCRE library recursion limit. +;Please note that if you set this value to a high number you may consume all +;the available process stack and eventually crash PHP (due to reaching the +;stack size limit imposed by the Operating System). +; http://php.net/pcre.recursion-limit +;pcre.recursion_limit=100000 + +;Enables or disables JIT compilation of patterns. This requires the PCRE +;library to be compiled with JIT support. +;pcre.jit=1 + +[Pdo] +; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" +; http://php.net/pdo-odbc.connection-pooling +;pdo_odbc.connection_pooling=strict + +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/pdo_mysql.cache_size +pdo_mysql.cache_size = 2000 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/pdo_mysql.default-socket +pdo_mysql.default_socket= + +[Phar] +; http://php.net/phar.readonly +;phar.readonly = On + +; http://php.net/phar.require-hash +;phar.require_hash = On + +;phar.cache_list = + +[mail function] +; For Win32 only. +; http://php.net/smtp +SMTP = localhost +; http://php.net/smtp-port +smtp_port = 25 + +; For Win32 only. +; http://php.net/sendmail-from +;sendmail_from = me@example.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +; http://php.net/sendmail-path +;sendmail_path = + +; Force the addition of the specified parameters to be passed as extra parameters +; to the sendmail binary. These parameters will always replace the value of +; the 5th parameter to mail(). +;mail.force_extra_parameters = + +; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; The path to a log file that will log all mail() calls. Log entries include +; the full path of the script, line number, To address and headers. +;mail.log = +; Log mail to syslog (Event Log on Windows). +;mail.log = syslog + +[ODBC] +; http://php.net/odbc.default-db +;odbc.default_db = Not yet implemented + +; http://php.net/odbc.default-user +;odbc.default_user = Not yet implemented + +; http://php.net/odbc.default-pw +;odbc.default_pw = Not yet implemented + +; Controls the ODBC cursor model. +; Default: SQL_CURSOR_STATIC (default). +;odbc.default_cursortype + +; Allow or prevent persistent links. +; http://php.net/odbc.allow-persistent +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +; http://php.net/odbc.check-persistent +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/odbc.max-persistent +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +; http://php.net/odbc.max-links +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +; http://php.net/odbc.defaultlrl +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of odbc.defaultlrl and odbc.defaultbinmode +; http://php.net/odbc.defaultbinmode +odbc.defaultbinmode = 1 + +;birdstep.max_links = -1 + +[Interbase] +; Allow or prevent persistent links. +ibase.allow_persistent = 1 + +; Maximum number of persistent links. -1 means no limit. +ibase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ibase.max_links = -1 + +; Default database name for ibase_connect(). +;ibase.default_db = + +; Default username for ibase_connect(). +;ibase.default_user = + +; Default password for ibase_connect(). +;ibase.default_password = + +; Default charset for ibase_connect(). +;ibase.default_charset = + +; Default timestamp format. +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" + +; Default date format. +ibase.dateformat = "%Y-%m-%d" + +; Default time format. +ibase.timeformat = "%H:%M:%S" + +[MySQLi] + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/mysqli.max-persistent +mysqli.max_persistent = -1 + +; Allow accessing, from PHP's perspective, local files with LOAD DATA statements +; http://php.net/mysqli.allow_local_infile +;mysqli.allow_local_infile = On + +; Allow or prevent persistent links. +; http://php.net/mysqli.allow-persistent +mysqli.allow_persistent = On + +; Maximum number of links. -1 means no limit. +; http://php.net/mysqli.max-links +mysqli.max_links = -1 + +; If mysqlnd is used: Number of cache slots for the internal result set cache +; http://php.net/mysqli.cache_size +mysqli.cache_size = 2000 + +; Default port number for mysqli_connect(). If unset, mysqli_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +; http://php.net/mysqli.default-port +mysqli.default_port = 3306 + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +; http://php.net/mysqli.default-socket +mysqli.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-host +mysqli.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +; http://php.net/mysqli.default-user +mysqli.default_user = + +; Default password for mysqli_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +; http://php.net/mysqli.default-pw +mysqli.default_pw = + +; Allow or prevent reconnect +mysqli.reconnect = Off + +[mysqlnd] +; Enable / Disable collection of general statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_statistics +mysqlnd.collect_statistics = On + +; Enable / Disable collection of memory usage statistics by mysqlnd which can be +; used to tune and monitor MySQL operations. +; http://php.net/mysqlnd.collect_memory_statistics +mysqlnd.collect_memory_statistics = Off + +; Records communication from all extensions using mysqlnd to the specified log +; file. +; http://php.net/mysqlnd.debug +;mysqlnd.debug = + +; Defines which queries will be logged. +; http://php.net/mysqlnd.log_mask +;mysqlnd.log_mask = 0 + +; Default size of the mysqlnd memory pool, which is used by result sets. +; http://php.net/mysqlnd.mempool_default_size +;mysqlnd.mempool_default_size = 16000 + +; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. +; http://php.net/mysqlnd.net_cmd_buffer_size +;mysqlnd.net_cmd_buffer_size = 2048 + +; Size of a pre-allocated buffer used for reading data sent by the server in +; bytes. +; http://php.net/mysqlnd.net_read_buffer_size +;mysqlnd.net_read_buffer_size = 32768 + +; Timeout for network requests in seconds. +; http://php.net/mysqlnd.net_read_timeout +;mysqlnd.net_read_timeout = 31536000 + +; SHA-256 Authentication Plugin related. File with the MySQL server public RSA +; key. +; http://php.net/mysqlnd.sha256_server_public_key +;mysqlnd.sha256_server_public_key = + +[OCI8] + +; Connection: Enables privileged connections using external +; credentials (OCI_SYSOPER, OCI_SYSDBA) +; http://php.net/oci8.privileged-connect +;oci8.privileged_connect = Off + +; Connection: The maximum number of persistent OCI8 connections per +; process. Using -1 means no limit. +; http://php.net/oci8.max-persistent +;oci8.max_persistent = -1 + +; Connection: The maximum number of seconds a process is allowed to +; maintain an idle persistent connection. Using -1 means idle +; persistent connections will be maintained forever. +; http://php.net/oci8.persistent-timeout +;oci8.persistent_timeout = -1 + +; Connection: The number of seconds that must pass before issuing a +; ping during oci_pconnect() to check the connection validity. When +; set to 0, each oci_pconnect() will cause a ping. Using -1 disables +; pings completely. +; http://php.net/oci8.ping-interval +;oci8.ping_interval = 60 + +; Connection: Set this to a user chosen connection class to be used +; for all pooled server requests with Oracle 11g Database Resident +; Connection Pooling (DRCP). To use DRCP, this value should be set to +; the same string for all web servers running the same application, +; the database pool must be configured, and the connection string must +; specify to use a pooled server. +;oci8.connection_class = + +; High Availability: Using On lets PHP receive Fast Application +; Notification (FAN) events generated when a database node fails. The +; database must also be configured to post FAN events. +;oci8.events = Off + +; Tuning: This option enables statement caching, and specifies how +; many statements to cache. Using 0 disables statement caching. +; http://php.net/oci8.statement-cache-size +;oci8.statement_cache_size = 20 + +; Tuning: Enables statement prefetching and sets the default number of +; rows that will be fetched automatically after statement execution. +; http://php.net/oci8.default-prefetch +;oci8.default_prefetch = 100 + +; Compatibility. Using On means oci_close() will not close +; oci_connect() and oci_new_connect() connections. +; http://php.net/oci8.old-oci-close-semantics +;oci8.old_oci_close_semantics = Off + +[PostgreSQL] +; Allow or prevent persistent links. +; http://php.net/pgsql.allow-persistent +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +; http://php.net/pgsql.auto-reset-persistent +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +; http://php.net/pgsql.max-persistent +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +; http://php.net/pgsql.max-links +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +; http://php.net/pgsql.ignore-notice +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Notice message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +; http://php.net/pgsql.log-notice +pgsql.log_notice = 0 + +[bcmath] +; Number of decimal digits for all bcmath functions. +; http://php.net/bcmath.scale +bcmath.scale = 0 + +[browscap] +; http://php.net/browscap +;browscap = extra/browscap.ini + +[Session] +; Handler used to store/retrieve data. +; http://php.net/session.save-handler +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +; +; The path can be defined as: +; +; session.save_path = "N;/path" +; +; where N is an integer. Instead of storing all the session files in +; /path, what this will do is use subdirectories N-levels deep, and +; store the session data in those directories. This is useful if +; your OS has problems with many files in one directory, and is +; a more efficient layout for servers that handle many sessions. +; +; NOTE 1: PHP will not create this directory structure automatically. +; You can use the script in the ext/session dir for that purpose. +; NOTE 2: See the section on garbage collection below if you choose to +; use subdirectories for session storage +; +; The file storage module creates files using mode 600 by default. +; You can change that by using +; +; session.save_path = "N;MODE;/path" +; +; where MODE is the octal representation of the mode. Note that this +; does not overwrite the process's umask. +; http://php.net/session.save-path +session.save_path = "/tmp" + +; Whether to use strict session mode. +; Strict session mode does not accept uninitialized session ID and regenerate +; session ID if browser sends uninitialized session ID. Strict mode protects +; applications from session fixation via session adoption vulnerability. It is +; disabled by default for maximum compatibility, but enabling it is encouraged. +; https://wiki.php.net/rfc/strict_sessions +session.use_strict_mode = 0 + +; Whether to use cookies. +; http://php.net/session.use-cookies +session.use_cookies = 1 + +; http://php.net/session.cookie-secure +;session.cookie_secure = + +; This option forces PHP to fetch and use a cookie for storing and maintaining +; the session id. We encourage this operation as it's very helpful in combating +; session hijacking when not specifying and managing your own session id. It is +; not the be-all and end-all of session hijacking defense, but it's a good start. +; http://php.net/session.use-only-cookies +session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +; http://php.net/session.name +session.name = PHPSESSID + +; Initialize session on request startup. +; http://php.net/session.auto-start +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +; http://php.net/session.cookie-lifetime +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +; http://php.net/session.cookie-path +session.cookie_path = / + +; The domain for which the cookie is valid. +; http://php.net/session.cookie-domain +session.cookie_domain = + +; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; http://php.net/session.cookie-httponly +session.cookie_httponly = + +; Handler used to serialize data. php is the standard serializer of PHP. +; http://php.net/session.serialize-handler +session.serialize_handler = php + +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.gc-probability +session.gc_probability = 1 + +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any give request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any give request. For high volume production servers, +; this is a more efficient approach. +; Default Value: 100 +; Development Value: 1000 +; Production Value: 1000 +; http://php.net/session.gc-divisor +session.gc_divisor = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +; http://php.net/session.gc-maxlifetime +session.gc_maxlifetime = 1440 + +; NOTE: If you are using the subdirectory option for storing session files +; (see session.save_path above), then garbage collection does *not* +; happen automatically. You will need to do your own garbage +; collection through a shell script, cron entry, or some other method. +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; find /path/to/sessions -cmin +24 -type f | xargs rm + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +; http://php.net/session.referer-check +session.referer_check = + +; Set to {nocache,private,public,} to determine HTTP caching aspects +; or leave this empty to avoid sending anti-caching headers. +; http://php.net/session.cache-limiter +session.cache_limiter = nocache + +; Document expires after n minutes. +; http://php.net/session.cache-expire +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users' security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publicly accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +; http://php.net/session.use-trans-sid +session.use_trans_sid = 0 + +; Set session ID character length. This value could be between 22 to 256. +; Shorter length than default is supported only for compatibility reason. +; Users should use 32 or more chars. +; http://php.net/session.sid-length +; Default Value: 32 +; Development Value: 26 +; Production Value: 26 +session.sid_length = 26 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; is special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. tag's action attribute URL will not be modified +; unless it is specified. +; Note that all valid entries require a "=", even if no value follows. +; Default Value: "a=href,area=href,frame=src,form=" +; Development Value: "a=href,area=href,frame=src,form=" +; Production Value: "a=href,area=href,frame=src,form=" +; http://php.net/url-rewriter.tags +session.trans_sid_tags = "a=href,area=href,frame=src,form=" + +; URL rewriter does not rewrite absolute URLs by default. +; To enable rewrites for absolute pathes, target hosts must be specified +; at RUNTIME. i.e. use ini_set() +; tags is special. PHP will check action attribute's URL regardless +; of session.trans_sid_tags setting. +; If no host is defined, HTTP_HOST will be used for allowed host. +; Example value: php.net,www.php.net,wiki.php.net +; Use "," for multiple hosts. No spaces are allowed. +; Default Value: "" +; Development Value: "" +; Production Value: "" +;session.trans_sid_hosts="" + +; Define how many bits are stored in each character when converting +; the binary hash data to something readable. +; Possible values: +; 4 (4 bits: 0-9, a-f) +; 5 (5 bits: 0-9, a-v) +; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") +; Default Value: 4 +; Development Value: 5 +; Production Value: 5 +; http://php.net/session.hash-bits-per-character +session.sid_bits_per_character = 5 + +; Enable upload progress tracking in $_SESSION +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.enabled +;session.upload_progress.enabled = On + +; Cleanup the progress information as soon as all POST data has been read +; (i.e. upload completed). +; Default Value: On +; Development Value: On +; Production Value: On +; http://php.net/session.upload-progress.cleanup +;session.upload_progress.cleanup = On + +; A prefix used for the upload progress key in $_SESSION +; Default Value: "upload_progress_" +; Development Value: "upload_progress_" +; Production Value: "upload_progress_" +; http://php.net/session.upload-progress.prefix +;session.upload_progress.prefix = "upload_progress_" + +; The index name (concatenated with the prefix) in $_SESSION +; containing the upload progress information +; Default Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Development Value: "PHP_SESSION_UPLOAD_PROGRESS" +; Production Value: "PHP_SESSION_UPLOAD_PROGRESS" +; http://php.net/session.upload-progress.name +;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" + +; How frequently the upload progress should be updated. +; Given either in percentages (per-file), or in bytes +; Default Value: "1%" +; Development Value: "1%" +; Production Value: "1%" +; http://php.net/session.upload-progress.freq +;session.upload_progress.freq = "1%" + +; The minimum delay between updates, in seconds +; Default Value: 1 +; Development Value: 1 +; Production Value: 1 +; http://php.net/session.upload-progress.min-freq +;session.upload_progress.min_freq = "1" + +; Only write session data when session data is changed. Enabled by default. +; http://php.net/session.lazy-write +;session.lazy_write = On + +[Assertion] +; Switch whether to compile assertions at all (to have no overhead at run-time) +; -1: Do not compile at all +; 0: Jump over assertion at run-time +; 1: Execute assertions +; Changing from or to a negative value is only possible in php.ini! (For turning assertions on and off at run-time, see assert.active, when zend.assertions = 1) +; Default Value: 1 +; Development Value: 1 +; Production Value: -1 +; http://php.net/zend.assertions +zend.assertions = -1 + +; Assert(expr); active by default. +; http://php.net/assert.active +;assert.active = On + +; Throw an AssertationException on failed assertions +; http://php.net/assert.exception +;assert.exception = On + +; Issue a PHP warning for each failed assertion. (Overridden by assert.exception if active) +; http://php.net/assert.warning +;assert.warning = On + +; Don't bail out by default. +; http://php.net/assert.bail +;assert.bail = Off + +; User-function to be called if an assertion fails. +; http://php.net/assert.callback +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + +[COM] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +; http://php.net/com.typelib-file +;com.typelib_file = + +; allow Distributed-COM calls +; http://php.net/com.allow-dcom +;com.allow_dcom = true + +; autoregister constants of a components typlib on com_load() +; http://php.net/com.autoregister-typelib +;com.autoregister_typelib = true + +; register constants casesensitive +; http://php.net/com.autoregister-casesensitive +;com.autoregister_casesensitive = false + +; show warnings on duplicate constant registrations +; http://php.net/com.autoregister-verbose +;com.autoregister_verbose = true + +; The default character set code-page to use when passing strings to and from COM objects. +; Default: system ANSI code page +;com.code_page= + +[mbstring] +; language for internal character representation. +; This affects mb_send_mail() and mbstring.detect_order. +; http://php.net/mbstring.language +;mbstring.language = Japanese + +; Use of this INI entry is deprecated, use global internal_encoding instead. +; internal/script encoding. +; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*) +; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. +; The precedence is: default_charset < internal_encoding < iconv.internal_encoding +;mbstring.internal_encoding = + +; Use of this INI entry is deprecated, use global input_encoding instead. +; http input encoding. +; mbstring.encoding_traslation = On is needed to use this setting. +; If empty, default_charset or input_encoding or mbstring.input is used. +; The precedence is: default_charset < intput_encoding < mbsting.http_input +; http://php.net/mbstring.http-input +;mbstring.http_input = + +; Use of this INI entry is deprecated, use global output_encoding instead. +; http output encoding. +; mb_output_handler must be registered as output buffer to function. +; If empty, default_charset or output_encoding or mbstring.http_output is used. +; The precedence is: default_charset < output_encoding < mbstring.http_output +; To use an output encoding conversion, mbstring's output handler must be set +; otherwise output encoding conversion cannot be performed. +; http://php.net/mbstring.http-output +;mbstring.http_output = + +; enable automatic encoding translation according to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +; http://php.net/mbstring.encoding-translation +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; "auto" detect order is changed according to mbstring.language +; http://php.net/mbstring.detect-order +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +; http://php.net/mbstring.substitute-character +;mbstring.substitute_character = none + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +; Default: Off +;mbstring.strict_detection = On + +; This directive specifies the regex pattern of content types for which mb_output_handler() +; is activated. +; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) +;mbstring.http_output_conv_mimetype= + +[gd] +; Tell the jpeg decode to ignore warnings and try to create +; a gd image. The warning will then be displayed as notices +; disabled by default +; http://php.net/gd.jpeg-ignore-warning +;gd.jpeg_ignore_warning = 1 + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +; http://php.net/exif.encode-unicode +;exif.encode_unicode = ISO-8859-15 + +; http://php.net/exif.decode-unicode-motorola +;exif.decode_unicode_motorola = UCS-2BE + +; http://php.net/exif.decode-unicode-intel +;exif.decode_unicode_intel = UCS-2LE + +; http://php.net/exif.encode-jis +;exif.encode_jis = + +; http://php.net/exif.decode-jis-motorola +;exif.decode_jis_motorola = JIS + +; http://php.net/exif.decode-jis-intel +;exif.decode_jis_intel = JIS + +[Tidy] +; The path to a default tidy configuration file to use when using tidy +; http://php.net/tidy.default-config +;tidy.default_config = /usr/local/lib/php/default.tcfg + +; Should tidy clean and repair output automatically? +; WARNING: Do not use this option if you are generating non-html content +; such as dynamic images +; http://php.net/tidy.clean-output +tidy.clean_output = Off + +[soap] +; Enables or disables WSDL caching feature. +; http://php.net/soap.wsdl-cache-enabled +soap.wsdl_cache_enabled=1 + +; Sets the directory name where SOAP extension will put cache files. +; http://php.net/soap.wsdl-cache-dir +soap.wsdl_cache_dir="/tmp" + +; (time to live) Sets the number of second while cached file will be used +; instead of original one. +; http://php.net/soap.wsdl-cache-ttl +soap.wsdl_cache_ttl=86400 + +; Sets the size of the cache limit. (Max. number of WSDL files to cache) +soap.wsdl_cache_limit = 5 + +[sysvshm] +; A default size of the shared memory segment +;sysvshm.init_mem = 10000 + +[ldap] +; Sets the maximum number of open links or -1 for unlimited. +ldap.max_links = -1 + +[dba] +;dba.default_handler= + +[opcache] +; Determines if Zend OPCache is enabled +;opcache.enable=1 + +; Determines if Zend OPCache is enabled for the CLI version of PHP +;opcache.enable_cli=1 + +; The OPcache shared memory storage size. +;opcache.memory_consumption=128 + +; The amount of memory for interned strings in Mbytes. +;opcache.interned_strings_buffer=8 + +; The maximum number of keys (scripts) in the OPcache hash table. +; Only numbers between 200 and 1000000 are allowed. +;opcache.max_accelerated_files=10000 + +; The maximum percentage of "wasted" memory until a restart is scheduled. +;opcache.max_wasted_percentage=5 + +; When this directive is enabled, the OPcache appends the current working +; directory to the script key, thus eliminating possible collisions between +; files with the same name (basename). Disabling the directive improves +; performance, but may break existing applications. +;opcache.use_cwd=1 + +; When disabled, you must reset the OPcache manually or restart the +; webserver for changes to the filesystem to take effect. +;opcache.validate_timestamps=1 + +; How often (in seconds) to check file timestamps for changes to the shared +; memory storage allocation. ("1" means validate once per second, but only +; once per request. "0" means always validate) +;opcache.revalidate_freq=2 + +; Enables or disables file search in include_path optimization +;opcache.revalidate_path=0 + +; If disabled, all PHPDoc comments are dropped from the code to reduce the +; size of the optimized code. +;opcache.save_comments=1 + +; If enabled, a fast shutdown sequence is used for the accelerated code +; Depending on the used Memory Manager this may cause some incompatibilities. +;opcache.fast_shutdown=0 + +; Allow file existence override (file_exists, etc.) performance feature. +;opcache.enable_file_override=0 + +; A bitmask, where each bit enables or disables the appropriate OPcache +; passes +;opcache.optimization_level=0xffffffff + +;opcache.inherited_hack=1 +;opcache.dups_fix=0 + +; The location of the OPcache blacklist file (wildcards allowed). +; Each OPcache blacklist file is a text file that holds the names of files +; that should not be accelerated. The file format is to add each filename +; to a new line. The filename may be a full path or just a file prefix +; (i.e., /var/www/x blacklists all the files and directories in /var/www +; that start with 'x'). Line starting with a ; are ignored (comments). +;opcache.blacklist_filename= + +; Allows exclusion of large files from being cached. By default all files +; are cached. +;opcache.max_file_size=0 + +; Check the cache checksum each N requests. +; The default value of "0" means that the checks are disabled. +;opcache.consistency_checks=0 + +; How long to wait (in seconds) for a scheduled restart to begin if the cache +; is not being accessed. +;opcache.force_restart_timeout=180 + +; OPcache error_log file name. Empty string assumes "stderr". +;opcache.error_log= + +; All OPcache errors go to the Web server log. +; By default, only fatal errors (level 0) or errors (level 1) are logged. +; You can also enable warnings (level 2), info messages (level 3) or +; debug messages (level 4). +;opcache.log_verbosity_level=1 + +; Preferred Shared Memory back-end. Leave empty and let the system decide. +;opcache.preferred_memory_model= + +; Protect the shared memory from unexpected writing during script execution. +; Useful for internal debugging only. +;opcache.protect_memory=0 + +; Allows calling OPcache API functions only from PHP scripts which path is +; started from specified string. The default "" means no restriction +;opcache.restrict_api= + +; Mapping base of shared memory segments (for Windows only). All the PHP +; processes have to map shared memory into the same address space. This +; directive allows to manually fix the "Unable to reattach to base address" +; errors. +;opcache.mmap_base= + +; Enables and sets the second level cache directory. +; It should improve performance when SHM memory is full, at server restart or +; SHM reset. The default "" disables file based caching. +;opcache.file_cache= + +; Enables or disables opcode caching in shared memory. +;opcache.file_cache_only=0 + +; Enables or disables checksum validation when script loaded from file cache. +;opcache.file_cache_consistency_checks=1 + +; Implies opcache.file_cache_only=1 for a certain process that failed to +; reattach to the shared memory (for Windows only). Explicitly enabled file +; cache is required. +;opcache.file_cache_fallback=1 + +; Enables or disables copying of PHP code (text segment) into HUGE PAGES. +; This should improve performance, but requires appropriate OS configuration. +;opcache.huge_code_pages=1 + +; Validate cached file permissions. +;opcache.validate_permission=0 + +; Prevent name collisions in chroot'ed environment. +;opcache.validate_root=0 + +[curl] +; A default value for the CURLOPT_CAINFO option. This is required to be an +; absolute path. +;curl.cainfo = + +[openssl] +; The location of a Certificate Authority (CA) file on the local filesystem +; to use when verifying the identity of SSL/TLS peers. Most users should +; not specify a value for this directive as PHP will attempt to use the +; OS-managed cert stores in its absence. If specified, this value may still +; be overridden on a per-stream basis via the "cafile" SSL stream context +; option. +;openssl.cafile= + +; If openssl.cafile is not specified or if the CA file is not found, the +; directory pointed to by openssl.capath is searched for a suitable +; certificate. This value must be a correctly hashed certificate directory. +; Most users should not specify a value for this directive as PHP will +; attempt to use the OS-managed cert stores in its absence. If specified, +; this value may still be overridden on a per-stream basis via the "capath" +; SSL stream context option. +;openssl.capath= + +; Local Variables: +; tab-width: 4 +; End: diff --git a/images/php/php72/sources.list b/images/php/php72/sources.list new file mode 100644 index 00000000..4cf49767 --- /dev/null +++ b/images/php/php72/sources.list @@ -0,0 +1,8 @@ +deb http://mirrors.aliyun.com/debian/ stretch main non-free contrib +deb-src http://mirrors.aliyun.com/debian/ stretch main non-free contrib +deb http://mirrors.aliyun.com/debian-security stretch/updates main +deb-src http://mirrors.aliyun.com/debian-security stretch/updates main +deb http://mirrors.aliyun.com/debian/ stretch-updates main non-free contrib +deb-src http://mirrors.aliyun.com/debian/ stretch-updates main non-free contrib +deb http://mirrors.aliyun.com/debian/ stretch-backports main non-free contrib +deb-src http://mirrors.aliyun.com/debian/ stretch-backports main non-free contrib \ No newline at end of file diff --git a/images/php/php72/xdebug.ini b/images/php/php72/xdebug.ini new file mode 100644 index 00000000..83de9994 --- /dev/null +++ b/images/php/php72/xdebug.ini @@ -0,0 +1,15 @@ +[xdebug] +zend_extension="xdebug.so" +;是否开启调试内容 +xdebug.remote_enable=1 +;调试插件dbgp +xdebug.remote_handler=dbgp +;远程调试的端口(默认9000) +xdebug.remote_port=9003 +;是否开启远程调试自动启动 +xdebug.remote_autostart=1 +xdebug.remote_connect_back=0 +;IDE Key +xdebug.idekey=PHPSTORM +;允许调试的客户端IP +xdebug.remote_host=192.168.1.2 \ No newline at end of file diff --git a/images/phpmyadmin/Dockerfile b/images/phpmyadmin/Dockerfile new file mode 100644 index 00000000..ebd8efd4 --- /dev/null +++ b/images/phpmyadmin/Dockerfile @@ -0,0 +1,14 @@ +FROM phpmyadmin/phpmyadmin + +LABEL maintainer="Bo-Yi Wu " + +# Add volume for sessions to allow session persistence +VOLUME /sessions + +RUN echo '' >> /usr/local/etc/php/conf.d/php-phpmyadmin.ini \ + && echo '[PHP]' >> /usr/local/etc/php/conf.d/php-phpmyadmin.ini \ + && echo 'post_max_size = 2G' >> /usr/local/etc/php/conf.d/php-phpmyadmin.ini \ + && echo 'upload_max_filesize = 2G' >> /usr/local/etc/php/conf.d/php-phpmyadmin.ini + +# We expose phpMyAdmin on port 80 +EXPOSE 80 diff --git a/images/portainer/Dockerfile b/images/portainer/Dockerfile new file mode 100644 index 00000000..c044f0d8 --- /dev/null +++ b/images/portainer/Dockerfile @@ -0,0 +1,3 @@ +FROM portainer/portainer + +LABEL maintainer="luciano@lucianojr.com.br" diff --git a/images/postgres/Dockerfile b/images/postgres/Dockerfile new file mode 100644 index 00000000..3a9d887f --- /dev/null +++ b/images/postgres/Dockerfile @@ -0,0 +1,4 @@ +FROM postgres:latest + +CMD ["postgres"] +EXPOSE 5432 \ No newline at end of file diff --git a/images/postgres/docker-entrypoint-initdb.d/.gitignore b/images/postgres/docker-entrypoint-initdb.d/.gitignore new file mode 100644 index 00000000..a56b450c --- /dev/null +++ b/images/postgres/docker-entrypoint-initdb.d/.gitignore @@ -0,0 +1,5 @@ +*.sh +!init_gitlab_db.sh +!init_jupyterhub_db.sh +!init_sonarqube_db.sh +!init_confluence_db.sh \ No newline at end of file diff --git a/images/postgres/docker-entrypoint-initdb.d/createdb.sh.example b/images/postgres/docker-entrypoint-initdb.d/createdb.sh.example new file mode 100644 index 00000000..822c7dee --- /dev/null +++ b/images/postgres/docker-entrypoint-initdb.d/createdb.sh.example @@ -0,0 +1,33 @@ +#!/bin/bash +# +# Copy createdb.sh.example to createdb.sh +# then uncomment then set database name and username to create you need databases +# +# example: .env POSTGRES_USER=appuser and need db name is myshop_db +# +# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL +# CREATE USER myuser WITH PASSWORD 'mypassword'; +# CREATE DATABASE myshop_db; +# GRANT ALL PRIVILEGES ON DATABASE myshop_db TO myuser; +# EOSQL +# +# this sh script will auto run when the postgres container starts and the $DATA_PATH_HOST/postgres not found. +# +# +# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL +# CREATE USER db1 WITH PASSWORD 'db1'; +# CREATE DATABASE db1; +# GRANT ALL PRIVILEGES ON DATABASE db1 TO db1; +# EOSQL +# +# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL +# CREATE USER db2 WITH PASSWORD 'db2'; +# CREATE DATABASE db2; +# GRANT ALL PRIVILEGES ON DATABASE db2 TO db2; +# EOSQL +# +# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL +# CREATE USER db3 WITH PASSWORD 'db3'; +# CREATE DATABASE db3; +# GRANT ALL PRIVILEGES ON DATABASE db3 TO db3; +# EOSQL diff --git a/images/postgres/docker-entrypoint-initdb.d/init_confluence_db.sh b/images/postgres/docker-entrypoint-initdb.d/init_confluence_db.sh new file mode 100644 index 00000000..aa744a1b --- /dev/null +++ b/images/postgres/docker-entrypoint-initdb.d/init_confluence_db.sh @@ -0,0 +1,44 @@ +#!/bin/bash +# +# Copy createdb.sh.example to createdb.sh +# then uncomment then set database name and username to create you need databases +# +# example: .env POSTGRES_USER=appuser and need db name is myshop_db +# +# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL +# CREATE USER myuser WITH PASSWORD 'mypassword'; +# CREATE DATABASE myshop_db; +# GRANT ALL PRIVILEGES ON DATABASE myshop_db TO myuser; +# EOSQL +# +# this sh script will auto run when the postgres container starts and the $DATA_PATH_HOST/postgres not found. +# +# +# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL +# CREATE USER db1 WITH PASSWORD 'db1'; +# CREATE DATABASE db1; +# GRANT ALL PRIVILEGES ON DATABASE db1 TO db1; +# EOSQL +# +# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL +# CREATE USER db2 WITH PASSWORD 'db2'; +# CREATE DATABASE db2; +# GRANT ALL PRIVILEGES ON DATABASE db2 TO db2; +# EOSQL +# +# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL +# CREATE USER db3 WITH PASSWORD 'db3'; +# CREATE DATABASE db3; +# GRANT ALL PRIVILEGES ON DATABASE db3 TO db3; +# EOSQL +# +### default database and user for confluence ############################################## +if [ "$CONFLUENCE_POSTGRES_INIT" == 'true' ]; then + psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL + CREATE USER $POSTGRES_CONFLUENCE_USER WITH PASSWORD '$POSTGRES_CONFLUENCE_PASSWORD'; + CREATE DATABASE $POSTGRES_CONFLUENCE_DB; + GRANT ALL PRIVILEGES ON DATABASE $POSTGRES_CONFLUENCE_DB TO $POSTGRES_CONFLUENCE_USER; + ALTER ROLE $POSTGRES_CONFLUENCE_USER CREATEROLE SUPERUSER; + EOSQL + echo +fi diff --git a/images/postgres/docker-entrypoint-initdb.d/init_gitlab_db.sh b/images/postgres/docker-entrypoint-initdb.d/init_gitlab_db.sh new file mode 100644 index 00000000..4f4267df --- /dev/null +++ b/images/postgres/docker-entrypoint-initdb.d/init_gitlab_db.sh @@ -0,0 +1,44 @@ +#!/bin/bash +# +# Copy createdb.sh.example to createdb.sh +# then uncomment then set database name and username to create you need databases +# +# example: .env POSTGRES_USER=appuser and need db name is myshop_db +# +# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL +# CREATE USER myuser WITH PASSWORD 'mypassword'; +# CREATE DATABASE myshop_db; +# GRANT ALL PRIVILEGES ON DATABASE myshop_db TO myuser; +# EOSQL +# +# this sh script will auto run when the postgres container starts and the $DATA_PATH_HOST/postgres not found. +# +# +# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL +# CREATE USER db1 WITH PASSWORD 'db1'; +# CREATE DATABASE db1; +# GRANT ALL PRIVILEGES ON DATABASE db1 TO db1; +# EOSQL +# +# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL +# CREATE USER db2 WITH PASSWORD 'db2'; +# CREATE DATABASE db2; +# GRANT ALL PRIVILEGES ON DATABASE db2 TO db2; +# EOSQL +# +# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL +# CREATE USER db3 WITH PASSWORD 'db3'; +# CREATE DATABASE db3; +# GRANT ALL PRIVILEGES ON DATABASE db3 TO db3; +# EOSQL +# +### default database and user for gitlab ############################################## +if [ "$GITLAB_POSTGRES_INIT" == 'true' ]; then + psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL + CREATE USER $GITLAB_POSTGRES_USER WITH PASSWORD '$GITLAB_POSTGRES_PASSWORD'; + CREATE DATABASE $GITLAB_POSTGRES_DB; + GRANT ALL PRIVILEGES ON DATABASE $GITLAB_POSTGRES_DB TO $GITLAB_POSTGRES_USER; + ALTER ROLE $GITLAB_POSTGRES_USER CREATEROLE SUPERUSER; + EOSQL + echo +fi \ No newline at end of file diff --git a/images/postgres/docker-entrypoint-initdb.d/init_jupyterhub_db.sh b/images/postgres/docker-entrypoint-initdb.d/init_jupyterhub_db.sh new file mode 100644 index 00000000..c3869795 --- /dev/null +++ b/images/postgres/docker-entrypoint-initdb.d/init_jupyterhub_db.sh @@ -0,0 +1,44 @@ +#!/bin/bash +# +# Copy createdb.sh.example to createdb.sh +# then uncomment then set database name and username to create you need databases +# +# example: .env POSTGRES_USER=appuser and need db name is myshop_db +# +# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL +# CREATE USER myuser WITH PASSWORD 'mypassword'; +# CREATE DATABASE myshop_db; +# GRANT ALL PRIVILEGES ON DATABASE myshop_db TO myuser; +# EOSQL +# +# this sh script will auto run when the postgres container starts and the $DATA_PATH_HOST/postgres not found. +# +# +# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL +# CREATE USER db1 WITH PASSWORD 'db1'; +# CREATE DATABASE db1; +# GRANT ALL PRIVILEGES ON DATABASE db1 TO db1; +# EOSQL +# +# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL +# CREATE USER db2 WITH PASSWORD 'db2'; +# CREATE DATABASE db2; +# GRANT ALL PRIVILEGES ON DATABASE db2 TO db2; +# EOSQL +# +# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL +# CREATE USER db3 WITH PASSWORD 'db3'; +# CREATE DATABASE db3; +# GRANT ALL PRIVILEGES ON DATABASE db3 TO db3; +# EOSQL +# +### default database and user for jupyterhub ############################################## +if [ "$JUPYTERHUB_POSTGRES_INIT" == 'true' ]; then + psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL + CREATE USER $JUPYTERHUB_POSTGRES_USER WITH PASSWORD '$JUPYTERHUB_POSTGRES_PASSWORD'; + CREATE DATABASE $JUPYTERHUB_POSTGRES_DB; + GRANT ALL PRIVILEGES ON DATABASE $JUPYTERHUB_POSTGRES_DB TO $JUPYTERHUB_POSTGRES_USER; + ALTER ROLE $JUPYTERHUB_POSTGRES_USER CREATEROLE SUPERUSER; + EOSQL + echo +fi diff --git a/images/postgres/docker-entrypoint-initdb.d/init_sonarqube_db.sh b/images/postgres/docker-entrypoint-initdb.d/init_sonarqube_db.sh new file mode 100644 index 00000000..fea961de --- /dev/null +++ b/images/postgres/docker-entrypoint-initdb.d/init_sonarqube_db.sh @@ -0,0 +1,44 @@ +#!/bin/bash +# +# Copy createdb.sh.example to createdb.sh +# then uncomment then set database name and username to create you need databases +# +# example: .env POSTGRES_USER=appuser and need db name is myshop_db +# +# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL +# CREATE USER myuser WITH PASSWORD 'mypassword'; +# CREATE DATABASE myshop_db; +# GRANT ALL PRIVILEGES ON DATABASE myshop_db TO myuser; +# EOSQL +# +# this sh script will auto run when the postgres container starts and the $DATA_PATH_HOST/postgres not found. +# +# +# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL +# CREATE USER db1 WITH PASSWORD 'db1'; +# CREATE DATABASE db1; +# GRANT ALL PRIVILEGES ON DATABASE db1 TO db1; +# EOSQL +# +# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL +# CREATE USER db2 WITH PASSWORD 'db2'; +# CREATE DATABASE db2; +# GRANT ALL PRIVILEGES ON DATABASE db2 TO db2; +# EOSQL +# +# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL +# CREATE USER db3 WITH PASSWORD 'db3'; +# CREATE DATABASE db3; +# GRANT ALL PRIVILEGES ON DATABASE db3 TO db3; +# EOSQL +# +### default database and user for gitlab ############################################## +if [ "$SONARQUBE_POSTGRES_INIT" == 'true' ]; then + psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL + CREATE USER $SONARQUBE_POSTGRES_USER WITH PASSWORD '$SONARQUBE_POSTGRES_PASSWORD'; + CREATE DATABASE $SONARQUBE_POSTGRES_DB; + GRANT ALL PRIVILEGES ON DATABASE $SONARQUBE_POSTGRES_DB TO $SONARQUBE_POSTGRES_USER; + ALTER ROLE $SONARQUBE_POSTGRES_USER CREATEROLE SUPERUSER; + EOSQL + echo +fi diff --git a/images/rabbitmq/Dockerfile b/images/rabbitmq/Dockerfile new file mode 100644 index 00000000..9b5dd1b4 --- /dev/null +++ b/images/rabbitmq/Dockerfile @@ -0,0 +1,11 @@ +FROM rabbitmq:alpine +LABEL maintainer="Mahmoud Zalt " + +RUN rabbitmq-plugins enable --offline rabbitmq_management + +EXPOSE 4369 5671 5672 15671 15672 25672 + + + + + diff --git a/images/redis-cluster/5.0/Dockerfile b/images/redis-cluster/5.0/Dockerfile new file mode 100644 index 00000000..dbb1407b --- /dev/null +++ b/images/redis-cluster/5.0/Dockerfile @@ -0,0 +1,10 @@ +FROM bitnami/redis-cluster:5.0 + +LABEL MAINTAINER="Cloudflying" \ + MAIL="" + +EXPOSE 6379 + +USER 1001 +ENTRYPOINT [ "/opt/bitnami/scripts/redis-cluster/entrypoint.sh" ] +CMD [ "/opt/bitnami/scripts/redis-cluster/run.sh" ] diff --git a/images/redis-cluster/6.0/Dockerfile b/images/redis-cluster/6.0/Dockerfile new file mode 100644 index 00000000..6df61710 --- /dev/null +++ b/images/redis-cluster/6.0/Dockerfile @@ -0,0 +1,10 @@ +FROM bitnami/redis-cluster:6.0 + +LABEL MAINTAINER="Cloudflying" \ + MAIL="" + +EXPOSE 6379 + +USER 1001 +ENTRYPOINT [ "/opt/bitnami/scripts/redis-cluster/entrypoint.sh" ] +CMD [ "/opt/bitnami/scripts/redis-cluster/run.sh" ] diff --git a/images/redis-cluster/6.2/Dockerfile b/images/redis-cluster/6.2/Dockerfile new file mode 100644 index 00000000..c0cab923 --- /dev/null +++ b/images/redis-cluster/6.2/Dockerfile @@ -0,0 +1,10 @@ +FROM bitnami/redis-cluster:6.2 + +LABEL MAINTAINER="Cloudflying" \ + MAIL="" + +EXPOSE 6379 + +USER 1001 +ENTRYPOINT [ "/opt/bitnami/scripts/redis-cluster/entrypoint.sh" ] +CMD [ "/opt/bitnami/scripts/redis-cluster/run.sh" ] diff --git a/images/redis-webui/Dockerfile b/images/redis-webui/Dockerfile new file mode 100644 index 00000000..fb026acb --- /dev/null +++ b/images/redis-webui/Dockerfile @@ -0,0 +1,3 @@ +FROM erikdubbelboer/phpredisadmin + +LABEL maintainer="ahkui " diff --git a/images/redis/Dockerfile b/images/redis/Dockerfile deleted file mode 100644 index cb8678be..00000000 --- a/images/redis/Dockerfile +++ /dev/null @@ -1,47 +0,0 @@ -FROM registry.cn-hongkong.aliyuncs.com/imxieke/alpine:latest -LABEL MAINTAINER="Cloudflying" \ - MAIL="" - -ENV REDIS_VERSION=5.0.1 \ - REDIS_DOWNLOAD_URL=https://qcloud.coding.net/u/imxieke/p/Collect/git/raw/master/src/redis-5.0.1.tar.gz \ - REDIS_DOWNLOAD_SHA=82a67c0eec97f9ad379384c30ec391b269e17a3e4596393c808f02db7595abcb - -# for redis-sentinel see: http://redis.io/topics/sentinel -# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added -RUN addgroup -S redis && adduser -S -G redis redis ; \ - apk add --no-cache tzdata ; \ - apk add --no-cache --virtual .build-deps coreutils gcc jemalloc-dev linux-headers make musl-dev ; \ - wget -O redis.tar.gz "$REDIS_DOWNLOAD_URL"; \ - echo "$REDIS_DOWNLOAD_SHA *redis.tar.gz" | sha256sum -c -; \ - mkdir -p /usr/src/redis; \ - tar -xzf redis.tar.gz -C /usr/src/redis --strip-components=1; \ - rm redis.tar.gz; \ - # disable Redis protected mode [1] as it is unnecessary in context of Docker - # (ports are not automatically exposed when running inside Docker, but rather explicitly by specifying -p / -P) - # [1]: https://github.com/antirez/redis/commit/edd4d555df57dc84265fdfb4ef59a4678832f6da - grep -q '^#define CONFIG_DEFAULT_PROTECTED_MODE 1$' /usr/src/redis/src/server.h; \ - sed -ri 's!^(#define CONFIG_DEFAULT_PROTECTED_MODE) 1$!\1 0!' /usr/src/redis/src/server.h; \ - grep -q '^#define CONFIG_DEFAULT_PROTECTED_MODE 0$' /usr/src/redis/src/server.h; \ - # for future reference, we modify this directly in the source instead of just supplying a default configuration flag because apparently "if you specify any argument to redis-server, [it assumes] you are going to specify everything" - # see also https://github.com/docker-library/redis/issues/4#issuecomment-50780840 - # (more exactly, this makes sure the default behavior of "save on SIGTERM" stays functional by default) - make -C /usr/src/redis -j "$(nproc)"; \ - make -C /usr/src/redis install; \ - rm -r /usr/src/redis; \ - runDeps="$( \ - scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \ - | tr ',' '\n' \ - | sort -u \ - | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ - )"; \ - apk add --virtual .redis-rundeps $runDeps; \ - apk del .build-deps; \ - mkdir /data && chown -R redis:redis /data ; \ - rm -fr /var/cache/apk/* - -USER redis -VOLUME /data -WORKDIR /data - -EXPOSE 6379 -CMD ["redis-server"] \ No newline at end of file diff --git a/images/redis/Dockerfile.4 b/images/redis/Dockerfile.4 deleted file mode 100644 index 7e022a47..00000000 --- a/images/redis/Dockerfile.4 +++ /dev/null @@ -1,47 +0,0 @@ -FROM registry.cn-hongkong.aliyuncs.com/imxieke/alpine:latest -LABEL MAINTAINER="Cloudflying" \ - MAIL="" - -ENV REDIS_VERSION=4.0.11 \ - REDIS_DOWNLOAD_URL=https://qcloud.coding.net/u/imxieke/p/Collect/git/raw/master/src/redis-4.0.11.tar.gz \ - REDIS_DOWNLOAD_SHA=fc53e73ae7586bcdacb4b63875d1ff04f68c5474c1ddeda78f00e5ae2eed1bbb - -# for redis-sentinel see: http://redis.io/topics/sentinel -# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added -RUN addgroup -S redis && adduser -S -G redis redis ; \ - apk add --no-cache tzdata ; \ - apk add --no-cache --virtual .build-deps coreutils gcc jemalloc-dev linux-headers make musl-dev ; \ - wget -O redis.tar.gz "$REDIS_DOWNLOAD_URL"; \ - echo "$REDIS_DOWNLOAD_SHA *redis.tar.gz" | sha256sum -c -; \ - mkdir -p /usr/src/redis; \ - tar -xzf redis.tar.gz -C /usr/src/redis --strip-components=1; \ - rm redis.tar.gz; \ - # disable Redis protected mode [1] as it is unnecessary in context of Docker - # (ports are not automatically exposed when running inside Docker, but rather explicitly by specifying -p / -P) - # [1]: https://github.com/antirez/redis/commit/edd4d555df57dc84265fdfb4ef59a4678832f6da - grep -q '^#define CONFIG_DEFAULT_PROTECTED_MODE 1$' /usr/src/redis/src/server.h; \ - sed -ri 's!^(#define CONFIG_DEFAULT_PROTECTED_MODE) 1$!\1 0!' /usr/src/redis/src/server.h; \ - grep -q '^#define CONFIG_DEFAULT_PROTECTED_MODE 0$' /usr/src/redis/src/server.h; \ - # for future reference, we modify this directly in the source instead of just supplying a default configuration flag because apparently "if you specify any argument to redis-server, [it assumes] you are going to specify everything" - # see also https://github.com/docker-library/redis/issues/4#issuecomment-50780840 - # (more exactly, this makes sure the default behavior of "save on SIGTERM" stays functional by default) - make -C /usr/src/redis -j "$(nproc)"; \ - make -C /usr/src/redis install; \ - rm -r /usr/src/redis; \ - runDeps="$( \ - scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \ - | tr ',' '\n' \ - | sort -u \ - | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ - )"; \ - apk add --virtual .redis-rundeps $runDeps; \ - apk del .build-deps; \ - mkdir /data && chown -R redis:redis /data ; \ - rm -fr /var/cache/apk/* - -USER redis -VOLUME /data -WORKDIR /data - -EXPOSE 6379 -CMD ["redis-server"] \ No newline at end of file diff --git a/images/redis/README.md b/images/redis/README.md index a6a07a45..752e293c 100644 --- a/images/redis/README.md +++ b/images/redis/README.md @@ -1,2 +1,32 @@ # Redis ->Redis is an open source key-value store that functions as a data structure server. \ No newline at end of file +> Redis is an open source key-value store that functions as a data structure server. + +### start a redis instance + +`$ docker run --name some-redis -d redis` + +### start with persistent storage +`$ docker run --name some-redis -d redis redis-server --appendonly yes` +> If persistence is enabled, data is stored in the VOLUME /data, which can be used with --volumes-from some-volume-container or -v /docker/host/dir:/data (see docs.docker volumes). + +> For more about Redis Persistence, see http://redis.io/topics/persistence. + +### connecting via redis-cli +`$ docker run -it --network some-network --rm redis redis-cli -h some-redis` + +Additionally, If you want to use your own redis.conf ... +You can create your own Dockerfile that adds a redis.conf from the context into /data/, like so. +```Dockerfile +FROM redis +COPY redis.conf /usr/local/etc/redis/redis.conf +CMD [ "redis-server", "/usr/local/etc/redis/redis.conf" ] +``` + +Alternatively, you can specify something along the same lines with docker run options. + +`$ docker run -v /myredis/conf:/usr/local/etc/redis --name myredis redis redis-server /usr/local/etc/redis/redis.conf` + + +> Where /myredis/conf/ is a local directory containing your redis.conf file. Using this method means that there is no need for you to have a Dockerfile for your redis container. + +The mapped directory should be writable, as depending on the configuration and mode of operation, Redis may need to create additional configuration files or rewrite existing ones. diff --git a/images/rhel/6/Dockerfile b/images/rhel/6/Dockerfile new file mode 100644 index 00000000..d458e3f9 --- /dev/null +++ b/images/rhel/6/Dockerfile @@ -0,0 +1,5 @@ +FROM registry.access.redhat.com/rhel6:latest +LABEL MAINTAINER="Cloudflying" \ + MAIL="" + +CMD ['/usr/bin/bash'] diff --git a/images/rhel/7/Dockerfile b/images/rhel/7/Dockerfile new file mode 100644 index 00000000..1c49eb0e --- /dev/null +++ b/images/rhel/7/Dockerfile @@ -0,0 +1,5 @@ +FROM registry.access.redhat.com/rhel7:latest +LABEL MAINTAINER="Cloudflying" \ + MAIL="" + +CMD ['/usr/bin/bash'] diff --git a/images/rhel/8/Dockerfile b/images/rhel/8/Dockerfile new file mode 100644 index 00000000..d7032da5 --- /dev/null +++ b/images/rhel/8/Dockerfile @@ -0,0 +1,5 @@ +FROM registry.access.redhat.com/ubi8:latest +LABEL MAINTAINER="Cloudflying" \ + MAIL="" + +CMD ['/usr/bin/bash'] diff --git a/images/rhel/minimal/Dockerfile b/images/rhel/minimal/Dockerfile new file mode 100644 index 00000000..c2ba239f --- /dev/null +++ b/images/rhel/minimal/Dockerfile @@ -0,0 +1,5 @@ +FROM registry.access.redhat.com/rhel-minimal:latest +LABEL MAINTAINER="Cloudflying" \ + MAIL="" + +CMD ['/usr/bin/bash'] diff --git a/images/seedbox/Dockerfile b/images/seedbox/Dockerfile new file mode 100644 index 00000000..860a1d25 --- /dev/null +++ b/images/seedbox/Dockerfile @@ -0,0 +1,26 @@ +FROM alpine:3.12 +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +COPY conf/ /etc/aria2c/ + +RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \ + && echo 'nameserver 8.8.8.8' > /etc/resolv.conf \ + && apk add --no-cache --virtual .deps curl \ + && apk add --no-cache darkhttpd \ + && curl -L https://cloudflying-generic.pkg.coding.net/storage/mirrors/pkgs/aria2/aria2c-amd64 -o /usr/bin/aria2c \ + && chmod +x /usr/bin/aria2c \ + && mkdir -p /etc/aria2c \ + && chmod -R 777 /etc/aria2c \ + && mkdir -p /opt/ariang \ + && chmod -R 777 /opt/ariang \ + && mkdir -p /data/downloads \ + && chmod -R 777 /data/downloads \ + && cd /opt/ariang \ + && curl -L https://cloudflying-generic.pkg.coding.net/storage/mirrors/src/ariang/1.17.zip -o /opt/ariang/1.17.zip \ + && unzip 1.17.zip && rm -fr LICENSE && rm -fr 1.17.zip \ + && mv /etc/aria2c/entrypoint.sh /usr/bin/entrypoint.sh \ + && chmod +x /usr/bin/entrypoint.sh \ + && apk del .deps + +CMD ["/usr/bin/entrypoint.sh"] diff --git a/images/seedbox/README.md b/images/seedbox/README.md new file mode 100644 index 00000000..8c7258da --- /dev/null +++ b/images/seedbox/README.md @@ -0,0 +1,13 @@ +rtorrent | rutorrent | flood | transmission | qbittorrent + deluge | mktorrent | ffmpeg | filebrowser | linuxrar + + + +## Tools +- https://github.com/mescon/Muximux php manage tools +- glances, plexPy monitoring tools + +## Trackerlist +- https://ngosang.github.io/trackerslist/ +- https://trackerslist.com +- https://newtrackon.com \ No newline at end of file diff --git a/images/seedbox/conf/aria2c.conf b/images/seedbox/conf/aria2c.conf new file mode 100644 index 00000000..1cd11b41 --- /dev/null +++ b/images/seedbox/conf/aria2c.conf @@ -0,0 +1,272 @@ +## 下载连接相关 ## + +# 最大同时下载任务数, 运行时可修改, 默认:5 +max-concurrent-downloads=64 +# 同一服务器连接数, 添加时可指定, 默认:1 +# 官方的aria2最高设置为16, 如果需要设置任意数值请重新编译aria2 +max-connection-per-server=16 +# 整体下载速度限制, 运行时可修改, 默认:0(不限制) +max-overall-download-limit=0 +# 单个任务下载速度限制, 默认:0(不限制) +max-download-limit=0 +# 整体上传速度限制, 运行时可修改, 默认:0(不限制) +max-overall-upload-limit=0 +# 单个任务上传速度限制, 默认:0(不限制) +max-upload-limit=500kb +# 连接超时时间(秒)。默认:60 +connect-timeout=10 +# 禁用IPv6, 默认:false +# disable-ipv6=true +# 禁用https证书检查 +check-certificate=false +# 连接超时时间, 默认:60 +timeout=60 +# 最大重试次数, 设置为0表示不限制重试次数, 默认:5 +max-tries=5 +# 设置重试等待的秒数, 默认:0 +retry-wait=3 +# 比如此项值为 10M, 当文件为 20MB 会分成两段并使用两个来源下载, 文件为 15MB 则只使用一个来源下载。 +# 理论上值越小使用下载分段就越多,所能获得的实际线程数就越大,下载速度就越快,但受限于所下载文件服务器的策略。 +# 最小文件分片大小, 添加时可指定, 取值范围1M -1024M, 默认:20M +# 假定size=10M, 文件为20MiB 则使用两个来源下载; 文件为15MiB 则使用一个来源下载 +min-split-size=50M +# 单个任务最大线程数, 添加时可指定, 默认:5 +# 建议同max-connection-per-server设置为相同值 +split=64 +# GZip 支持,默认:false +http-accept-gzip=true +# URI 复用,默认: true +reuse-uri=false +# 禁用 netrc 支持,默认:false +no-netrc=true +# 允许覆盖,当相关控制文件(.aria2)不存在时从头开始重新下载。默认:false +allow-overwrite=false +# 文件自动重命名,此选项仅在 HTTP(S)/FTP 下载中有效。新文件名在名称之后扩展名之前加上一个点和一个数字(1..9999)。默认:true +auto-file-renaming=true +# HTTP/FTP 下载分片大小,所有分割都必须是此项值的倍数,最小值为 1M (增强版为 1K),默认:1M +piece-length=1M +# 允许分片大小变化。默认:false +# false:当分片大小与控制文件中的不同时将会中止下载 +# true:丢失部分下载进度继续下载 +allow-piece-length-change=true +# 使用 UTF-8 处理 Content-Disposition ,默认:false +content-disposition-default-utf8=true + + +## 文件保存相关 ## + +# 文件保存目录 +dir=/data/downloads +# 断点续传 +continue=true +# 始终尝试断点续传,无法断点续传则终止下载,默认:true +always-resume=false +# 不支持断点续传的 URI 数值,当 always-resume=false 时生效。 +# 达到这个数值从将头开始下载,值为 0 时所有 URI 不支持断点续传时才从头开始下载。 +max-resume-failure-tries=0 +# 文件未找到重试次数,默认:0 (禁用) +# 重试时同时会记录重试次数,所以也需要设置 max-tries 这个选项 +max-file-not-found=10 +# 获取服务器文件时间,默认:false +remote-time=true + +# 启用磁盘缓存, 0为禁用缓存, 需1.16以上版本, 默认:16M +disk-cache=32M + +## 日志设置 ## + +# 日志文件保存路径,忽略或设置为空为不保存,默认:不保存 +# log=/tmp/aria2c.log + +# 日志级别,可选 debug, info, notice, warn, error 。默认:debug +# log-level=notice + +# 控制台日志级别,可选 debug, info, notice, warn, error ,默认:notice +console-log-level=notice +# 下载进度摘要输出间隔时间(秒),0 为禁止输出。默认:60 +summary-interval=0 + +# 文件预分配方式, 能有效降低磁盘碎片, 默认:prealloc +# 预分配所需时间: none < falloc ? trunc < prealloc +# falloc和trunc则需要文件系统和内核支持 +# NTFS建议使用falloc, EXT3/4建议trunc, MAC 下需要注释此项 +# 文件预分配方式, 可选:none, prealloc, trunc, falloc, 默认:prealloc +# 预分配对于机械硬盘可有效降低磁盘碎片、提升磁盘读写性能、延长磁盘寿命。 +# 机械硬盘使用 ext4(具有扩展支持),btrfs,xfs 或 NTFS(仅 MinGW 编译版本)等文件系统建议设置为 falloc +# 若无法下载,提示 fallocate failed.cause:Operation not supported 则说明不支持,请设置为 none +# prealloc 分配速度慢, trunc 无实际作用,不推荐使用。 +# 固态硬盘不需要预分配,只建议设置为 none ,否则可能会导致双倍文件大小的数据写入,从而影响寿命。 +# file-allocation=none + +# 文件预分配大小限制。小于此选项值大小的文件不预分配空间,单位 K 或 M,默认:5M +no-file-allocation-limit=64M + +# 安静模式,禁止在控制台输出日志,默认:false +quiet=true + +## 进度保存相关 ## + +# 从会话文件中读取下载任务 +input-file=/etc/aria2c/aria2c.session +# 在Aria2退出时保存错误的、未完成的下载任务到会话文件 +save-session=/etc/aria2c/aria2c.session +# 定时保存会话, 0为退出时才保存, 需1.16.1以上版本, 默认:0 +save-session-interval=60 +# 自动保存任务进度的间隔时间(秒),0 为进程正常退出时保存,默认:60 +auto-save-interval=1 +# 强制保存,即使任务已完成也保存信息到会话文件, 默认:false +# 开启后会在任务完成后保留 .aria2 文件,文件被移除且任务存在的情况下重启后会重新下载。 +# 关闭后已完成的任务列表会在重启后清空。 +force-save=false + +## RPC相关设置 ## + +# 启用RPC, 默认:false +enable-rpc=true +# 允许所有来源, 默认:false +rpc-allow-origin-all=true +# 允许外部访问, 默认:false +rpc-listen-all=true +# RPC端口, 仅当默认端口被占用时修改 +rpc-listen-port=6800 +# 设置的RPC授权令牌, v1.18.4新增功能, 取代 --rpc-user 和 --rpc-passwd 选项 +rpc-secret=haspwd +# 启动SSL +# rpc-secure=true +# 证书文件, 如果启用SSL则需要配置证书文件, 例如用https连接aria2 +# rpc-certificate= +# rpc-private-key= +# 保存通过 WebUI(RPC) 上传的种子文件(.torrent),默认:true +# 所有涉及种子文件保存的选项都建议开启,不保存种子文件有任务丢失的风险。 +# 通过 RPC 自定义临时下载目录可能不会保存种子文件。 +rpc-save-upload-metadata=true +# RPC 最大请求大小 +rpc-max-request-size=10M + + +## 高级选项 ## + +# 启用异步 DNS 功能。默认:true +#async-dns=true + +# 指定异步 DNS 服务器列表,未指定则从 /etc/resolv.conf 中读取。 +#async-dns-server=119.29.29.29,223.5.5.5,8.8.8.8,1.1.1.1 +# 指定单个网络接口,可能的值:接口,IP地址,主机名 +# 如果接口具有多个 IP 地址,则建议指定 IP 地址。 +# 已知指定网络接口会影响依赖本地 RPC 的连接的功能场景,即通过 localhost 和 127.0.0.1 无法与 Aria2 服务端进行讯通。 +#interface= + +# 指定多个网络接口,多个值之间使用逗号(,)分隔。 +# 使用 interface 选项时会忽略此项。 +#multiple-interface + +## BT/PT下载相关 ## + +# 当下载的是一个种子(以.torrent结尾)时, 自动开始BT任务, 默认:true +# 下载种子文件(.torrent)自动开始下载, 默认:true,可选:false|mem +# true:保存种子文件 +# false:仅下载种子文件 +# mem:将种子保存在内存中 +follow-torrent=true +# 继续之前的BT任务时, 无需再次校验, 默认:false +bt-seed-unverified=true +# 保存磁力链接元数据为种子文件(.torrent文件), 默认:false +bt-save-metadata=true +# 单个种子最大连接数, 默认:55 0表示不限制 +bt-max-peers=0 +# 最小做种时间, 单位:分 +# seed-time = 60 +# 分离做种任务 +bt-detach-seed-only=true +# 删除 BT 下载任务中未选择文件,默认:false +bt-remove-unselected-file=true +# Try to download first and last pieces of each file first. This is useful for previewing files. +bt-prioritize-piece=head=32M,tail=32M +# BT监听端口, 当端口被屏蔽时使用, 默认:6881-6999 +listen-port=6802-6999 +# 单个种子最大连接数, 默认:55 +bt-max-peers=0 +# 加载已保存的元数据文件(.torrent),默认:false +bt-load-saved-metadata=true +# BT最低加密等级,可选:plain(明文),arc4(加密),默认:plain +#bt-min-crypto-level=arc4 +# BT强制加密, 默认: false +# 启用后将拒绝旧的 BT 握手协议并仅使用混淆握手及加密。可以解决部分运营商对 BT 下载的封锁,且有一定的防版权投诉与迅雷吸血效果。 +# 此选项相当于后面两个选项(bt-require-crypto=true, bt-min-crypto-level=arc4)的快捷开启方式,但不会修改这两个选项的值。 +bt-force-encryption=true +# BT加密需求,默认:false 强制加密, 防迅雷必备 +# 启用后拒绝与旧的 BitTorrent 握手协议(\19BitTorrent protocol)建立连接,始终使用混淆处理握手。 +#bt-require-crypto=true +# 打开DHT功能, PT需要禁用, 默认:true +enable-dht=true +# 打开IPv6 DHT功能, PT需要禁用 +enable-dht6=true +# DHT网络监听端口, 默认:6881-6999 +dht-listen-port=6802-6999 +# DHT(IPv4)文件 +dht-file-path=/etc/aria2c/dht.dat +# DHT(IPv6)文件 +dht-file-path6=/etc/aria2c/dht6.dat +# IPv4 DHT 网络引导节点 +dht-entry-point=dht.transmissionbt.com:6881 +# IPv6 DHT 网络引导节点 +dht-entry-point6=dht.transmissionbt.com:6881 + +# 本地节点查找, PT需要禁用, 默认:false +bt-enable-lpd=true +# 种子交换, PT需要禁用, 默认:true +enable-peer-exchange=true +# 每个种子限速, 对少种的PT很有用, 默认:50K +#bt-request-peer-speed-limit=10M +# 客户端伪装, PT需要 -UT341- -TR2770- -TR2940- +peer-id-prefix=-TR2770- +# user-agent=uTorrent/341(109279400)(30888) +# user agent uTorrent/341(109279400)(30888) +user-agent=Transmission/2.77 +# user-agent=Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4160.0 Safari/537.36 Edg/85.0.537.0 +# BT 客户端伪装 +# PT 下载需要保持 user-agent 和 peer-agent 两个参数一致 +# 部分 PT 站对 Aria2 有特殊封禁机制,客户端伪装不一定有效,且有封禁账号的风险。 +#user-agent=qBittorrent/4.2.5 +#peer-agent=qBittorrent/4.2.5 +peer-agent=Transmission/2.94 +# 当种子的分享率达到这个数时, 自动停止做种, 0为一直做种, 默认:1.0 +seed-ratio=1.0 +# BT校验相关, 默认:true +bt-hash-check-seed=false +# 仅下载种子文件 +bt-metadata-only=false +#通过网上的种子文件下载,种子保存在内存 https://github.com/ngosang/trackerslist +follow-torrent=true +# BT tracker 服务器连接超时时间(秒)。默认:60 +# 建立连接后,此选项无效,将使用 bt-tracker-timeout 选项的值 +bt-tracker-connect-timeout=10 +# BT tracker 服务器超时时间(秒)。默认:60 +bt-tracker-timeout=10 +# follow-torrent=mem +bt-tracker=http://1337.abcvg.info:80/announce,http://157.7.202.64:8080/announce,http://158.69.146.212:7777/announce,http://173.254.204.71:1096/announce,http://178.175.143.27:80/announce,http://178.33.73.26:2710/announce,http://182.176.139.129:6969/announce,http://185.5.97.139:8089/announce,http://185.83.215.123:6969/announce,http://188.165.253.109:1337/announce,http://194.106.216.222:80/announce,http://195.123.209.37:1337/announce,http://210.244.71.25:6969/announce,http://210.244.71.26:6969/announce,http://213.163.67.56:1337/announce,http://37.19.5.139:6969/announce,http://37.19.5.155:6881/announce,http://46.4.109.148:6969/announce,http://5.79.249.77:6969/announce,http://5.79.83.193:2710/announce,http://51.254.244.161:6969/announce,http://59.36.96.77:6969/announce,http://5rt.tace.ru:60889/announce,http://62.210.202.61:80/announce,http://74.82.52.209:6969/announce,http://78.30.254.12:2710/announce,http://80.246.243.18:6969/announce,http://81.200.2.231:80/announce,http://85.17.19.180:80/announce,http://87.110.238.140:6969/announce,http://87.248.186.252:8080/announce,http://87.253.152.137:80/announce,http://91.216.110.47:80/announce,http://91.217.91.21:3218/announce,http://91.218.230.81:6969/announce,http://93.92.64.5:80/announce,http://95.211.168.204:2710/announce,http://[2001:1b10:1000:8101:0:242:ac11:2]:6969/announce,http://[2001:470:1:189:0:1:2:3]:6969/announce,http://[2a04:ac00:1:3dd8::1:2710]:2710/announce,http://aaa.army:8866/announce,http://agusiq-torrents.pl:6969/announce,http://asnet.pw:2710/announce,http://atrack.pow7.com:80/announce,http://bobbialbano.com:6969/announce,http://bt.3kb.xyz:80/announce,http://bt.okmp3.ru:2710/announce,http://bt.pusacg.org:8080/announce,http://explodie.org:6969/announce,http://fxtt.ru:80/announce,http://h4.trakx.nibba.trade:80/announce,http://mail2.zelenaya.net:80/announce,http://milanesitracker.tekcities.com:80/announce,http://ns349743.ip-91-121-106.eu:80/announce,http://open.acgnxtracker.com:80/announce,http://open.acgtracker.com:1096/announce,http://open.lolicon.eu:7777/announce,http://open.touki.ru:80/announce.php,http://opentracker.i2p.rocks:6969/announce,http://p4p.arenabg.ch:1337/announce,http://p4p.arenabg.com:1337/announce,http://pow7.com:80/announce,http://pt.lax.mx:80/announce,http://retracker.bashtel.ru:80/announce,http://retracker.gorcomnet.ru:80/announce,http://retracker.hotplug.ru:2710/announce,http://retracker.krs-ix.ru:80/announce,http://retracker.mgts.by:80/announce,http://retracker.sevstar.net:2710/announce,http://retracker.spark-rostov.ru:80/announce,http://retracker.telecom.by:80/announce,http://rt.tace.ru:80/announce,http://secure.pow7.com:80/announce,http://share.camoe.cn:8080/announce,http://siambit.org:80/announce.php,http://t.acg.rip:6699/announce,http://t.nyaatracker.com:80/announce,http://t.overflow.biz:6969/announce,http://t1.pow7.com:80/announce,http://t2.pow7.com:80/announce,http://thetracker.org:80/announce,http://torrentclub.online:54123/announce,http://torrentsmd.com:8080/announce,http://torrentsmd.eu:8080/announce,http://torrenttracker.nwc.acsalaska.net:6969/announce,http://tr.cili001.com:8070/announce,http://tr.kxmp.cf:80/announce,http://tracker-cdn.moeking.me:2095/announce,http://tracker.aletorrenty.pl:2710/announce,http://tracker.anonwebz.xyz:8080/announce,http://tracker.birkenwald.de:6969/announce,http://tracker.bittor.pw:1337/announce,http://tracker.bittorrent.am:80/announce,http://tracker.bt4g.com:2095/announce,http://tracker.bz:80/announce,http://tracker.city9x.com:2710/announce,http://tracker.devil-torrents.pl:80/announce,http://tracker.dler.org:6969/announce,http://tracker.dutchtracking.nl:80/announce,http://tracker.edoardocolombo.eu:6969/announce,http://tracker.electro-torrent.pl:80/announce,http://tracker.ex.ua:80/announce,http://tracker.files.fm:6969/announce,http://tracker.flashtorrents.org:6969/announce,http://tracker.gbitt.info:80/announce,http://tracker.grepler.com:6969/announce,http://tracker.ipv6tracker.ru:80/announce,http://tracker.kuroy.me:5944/announce,http://tracker.lelux.fi:80/announce,http://tracker.mg64.net:6881/announce,http://tracker.moeking.me:6969/announce,http://tracker.noobsubs.net:80/announce,http://tracker.opentrackr.org:1337/announce,http://tracker.sakurato.xyz:23333/announce,http://tracker.skyts.net:6969/announce,http://tracker.sloppyta.co:80/announce,http://tracker.tfile.co:80/announce,http://tracker.tfile.me:80/announce,http://tracker.tiny-vps.com:6969/announce,http://tracker.torrentyorg.pl:80/announce,http://tracker.trackerfix.com:80/announce,http://tracker.tvunderground.org.ru:3218/announce,http://tracker.uw0.xyz:6969/announce,http://tracker.vraphim.com:6969/announce,http://tracker.yoshi210.com:6969/announce,http://tracker.zerobytes.xyz:1337/announce,http://tracker.zum.bi:6969/announce,http://tracker01.loveapp.com:6789/announce,http://tracker1.bt.moack.co.kr:80/announce,http://tracker1.itzmx.com:8080/announce,http://tracker1.wasabii.com.tw:6969/announce,http://tracker2.dler.org:80/announce,http://tracker2.itzmx.com:6961/announce,http://tracker3.itzmx.com:6961/announce,http://tracker4.itzmx.com:2710/announce,http://vpn.flying-datacenter.de:6969/announce,http://vps02.net.orel.ru:80/announce,http://www.loushao.net:8080/announce,http://www.wareztorrent.com:80/announce,https://1337.abcvg.info:443/announce,https://2.tracker.eu.org:443/announce,https://3.tracker.eu.org:443/announce,https://aaa.army:8866/announce,https://open.kickasstracker.com:443/announce,https://opentracker.acgnx.se:443/announce,https://tp.m-team.cc:443/announce.php,https://tr.ready4.icu:443/announce,https://tr.steins-gate.moe:2096/announce,https://tracker.bt-hash.com:443/announce,https://tracker.cyber-hub.net:443/announce,https://tracker.foreverpirates.co:443/announce,https://tracker.gbitt.info:443/announce,https://tracker.imgoingto.icu:443/announce,https://tracker.lelux.fi:443/announce,https://tracker.lilithraws.cf:443/announce,https://tracker.nanoha.org:443/announce,https://tracker.nitrix.me:443/announce,https://tracker.parrotsec.org:443/announce,https://tracker.sloppyta.co:443/announce,https://tracker.tamersunion.org:443/announce,https://trakx.herokuapp.com:443/announce,https://w.wwwww.wtf:443/announce,https://www.wareztorrent.com:443/announce,udp://151.80.120.114:2710/announce,udp://168.235.67.63:6969/announce,udp://178.33.73.26:2710/announce,udp://182.176.139.129:6969/announce,udp://185.5.97.139:8089/announce,udp://185.83.215.123:6969/announce,udp://185.86.149.205:1337/announce,udp://188.165.253.109:1337/announce,udp://191.101.229.236:1337/announce,udp://194.106.216.222:80/announce,udp://195.123.209.37:1337/announce,udp://195.123.209.40:80/announce,udp://208.67.16.113:8000/announce,udp://212.1.226.176:2710/announce,udp://212.47.227.58:6969/announce,udp://213.163.67.56:1337/announce,udp://37.19.5.155:2710/announce,udp://3rt.tace.ru:60889/announce,udp://46.4.109.148:6969/announce,udp://47.ip-51-68-199.eu:6969/announce,udp://5.79.249.77:6969/announce,udp://5.79.83.193:6969/announce,udp://51.254.244.161:6969/announce,udp://52.58.128.163:6969/announce,udp://62.138.0.158:6969/announce,udp://62.212.85.66:2710/announce,udp://6ahddutb1ucc3cp.ru:6969/announce,udp://6rt.tace.ru:80/announce,udp://74.82.52.209:6969/announce,udp://78.30.254.12:2710/announce,udp://85.17.19.180:80/announce,udp://89.234.156.205:80/announce,udp://9.rarbg.com:2710/announce,udp://9.rarbg.me:2710/announce,udp://9.rarbg.me:2780/announce,udp://9.rarbg.to:2710/announce,udp://9.rarbg.to:2730/announce,udp://91.216.110.52:451/announce,udp://91.218.230.81:6969/announce,udp://94.23.183.33:6969/announce,udp://95.211.168.204:2710/announce,udp://[2001:1b10:1000:8101:0:242:ac11:2]:6969/announce,udp://[2001:470:1:189:0:1:2:3]:6969/announce,udp://[2a03:7220:8083:cd00::1]:451/announce,udp://[2a04:ac00:1:3dd8::1:2710]:2710/announce,udp://[2a04:c44:e00:32e0:4cf:6aff:fe00:aa1]:6969/announce,udp://aaa.army:8866/announce,udp://adm.category5.tv:6969/announce,udp://admin.videoenpoche.info:6969/announce,udp://adminion.n-blade.ru:6969/announce,udp://anidex.moe:6969/announce,udp://api.bitumconference.ru:6969/announce,udp://aruacfilmes.com.br:6969/announce,udp://bclearning.top:6969/announce,udp://benouworldtrip.fr:6969/announce,udp://bioquantum.co.za:6969/announce,udp://bitsparadise.info:6969/announce,udp://blokas.io:6969/announce,udp://bms-hosxp.com:6969/announce,udp://bt.firebit.org:2710/announce,udp://bt1.archive.org:6969/announce,udp://bt2.3kb.xyz:6969/announce,udp://bt2.54new.com:8080/announce,udp://bt2.archive.org:6969/announce,udp://bubu.mapfactor.com:6969/announce,udp://camera.lei001.com:6969/announce,udp://cdn-1.gamecoast.org:6969/announce,udp://cdn-2.gamecoast.org:6969/announce,udp://chihaya.toss.li:9696/announce,udp://code2chicken.nl:6969/announce,udp://concen.org:6969/announce,udp://cutiegirl.ru:6969/announce,udp://daveking.com:6969/announce,udp://denis.stalker.upeer.me:6969/announce,udp://discord.heihachi.pw:6969/announce,udp://dpiui.reedlan.com:6969/announce,udp://drumkitx.com:6969/announce,udp://eddie4.nl:6969/announce,udp://edu.uifr.ru:6969/announce,udp://engplus.ru:6969/announce,udp://exodus.desync.com:6969/announce,udp://fe.dealclub.de:6969/announce,udp://forever-tracker.zooki.xyz:6969/announce,udp://free-tracker.zooki.xyz:6969/announce,udp://inferno.demonoid.is:3391/announce,udp://ipv4.tracker.harry.lu:80/announce,udp://ipv6.tracker.harry.lu:80/announce,udp://ipv6.tracker.zerobytes.xyz:16661/announce,udp://johnrosen1.com:6969/announce,udp://kanal-4.de:6969/announce,udp://line-net.ru:6969/announce,udp://ln.mtahost.co:6969/announce,udp://mail.realliferpg.de:6969/announce,udp://mgtracker.org:2710/announce,udp://movies.zsw.ca:6969/announce,udp://mts.tvbit.co:6969/announce,udp://nagios.tks.sumy.ua:80/announce,udp://ns-1.x-fins.com:6969/announce,udp://ns389251.ovh.net:6969/announce,udp://open.demonii.com:1337/announce,udp://open.demonii.si:1337/announce,udp://open.lolicon.eu:7777/announce,udp://open.stealth.si:80/announce,udp://opentor.org:2710/announce,udp://opentracker.i2p.rocks:6969/announce,udp://p4p.arenabg.ch:1337/announce,udp://public-tracker.zooki.xyz:6969/announce,udp://public.popcorn-tracker.org:6969/announce,udp://public.publictracker.xyz:6969/announce,udp://retracker.hotplug.ru:2710/announce,udp://retracker.lanta-net.ru:2710/announce,udp://retracker.netbynet.ru:2710/announce,udp://retracker.nts.su:2710/announce,udp://retracker.sevstar.net:2710/announce,udp://sd-161673.dedibox.fr:6969/announce,udp://shadowshq.eddie4.nl:6969/announce,udp://shadowshq.yi.org:6969/announce,udp://storage.groupees.com:6969/announce,udp://t1.leech.ie:1337/announce,udp://t2.leech.ie:1337/announce,udp://t3.leech.ie:1337/announce,udp://teamspeak.value-wolf.org:6969/announce,udp://thetracker.org:80/announce,udp://torrent.tdjs.tech:6969/announce,udp://torrentclub.online:54123/announce,udp://tr.bangumi.moe:6969/announce,udp://tr.cili001.com:8070/announce,udp://tr2.ysagin.top:2710/announce,udp://tracker-udp.gbitt.info:80/announce,udp://tracker-v6.zooki.xyz:6969/announce,udp://tracker.0x.tf:6969/announce,udp://tracker.aletorrenty.pl:2710/announce,udp://tracker.altrosky.nl:6969/announce,udp://tracker.army:6969/announce,udp://tracker.beeimg.com:6969/announce,udp://tracker.birkenwald.de:6969/announce,udp://tracker.bittor.pw:1337/announce,udp://tracker.coppersurfer.tk:6969/announce,udp://tracker.cyberia.is:6969/announce,udp://tracker.dler.org:6969/announce,udp://tracker.ds.is:6969/announce,udp://tracker.e-utp.net:6969/announce,udp://tracker.eddie4.nl:6969/announce,udp://tracker.ex.ua:80/announce,udp://tracker.filemail.com:6969/announce,udp://tracker.flashtorrents.org:6969/announce,udp://tracker.fortu.io:6969/announce,udp://tracker.grepler.com:6969/announce,udp://tracker.kali.org:6969/announce,udp://tracker.kuroy.me:5944/announce,udp://tracker.leechers-paradise.org:6969/announce,udp://tracker.lelux.fi:6969/announce,udp://tracker.moeking.me:6969/announce,udp://tracker.open-internet.nl:6969/announce,udp://tracker.opentrackr.org:1337/announce,udp://tracker.piratepublic.com:1337/announce,udp://tracker.publictracker.xyz:6969/announce,udp://tracker.shkinev.me:6969/announce,udp://tracker.sigterm.xyz:6969/announce,udp://tracker.skyts.net:6969/announce,udp://tracker.swateam.org.uk:2710/announce,udp://tracker.tiny-vps.com:6969/announce,udp://tracker.torrent.eu.org:451/announce,udp://tracker.tvunderground.org.ru:3218/announce,udp://tracker.uw0.xyz:6969/announce,udp://tracker.v6speed.org:6969/announce,udp://tracker.yoshi210.com:6969/announce,udp://tracker.zemoj.com:6969/announce,udp://tracker.zerobytes.xyz:1337/announce,udp://tracker.zum.bi:6969/announce,udp://tracker0.ufibox.com:6969/announce,udp://tracker1.bt.moack.co.kr:80/announce,udp://tracker1.itzmx.com:8080/announce,udp://tracker2.christianbro.pw:6969/announce,udp://tracker2.dler.org:80/announce,udp://tracker2.indowebster.com:6969/announce,udp://tracker2.itzmx.com:6961/announce,udp://tracker3.itzmx.com:6961/announce,udp://tracker4.itzmx.com:2710/announce,udp://u.wwwww.wtf:1/announce,udp://udp-tracker.shittyurl.org:6969/announce,udp://us-tracker.publictracker.xyz:6969/announce,udp://valakas.rollo.dnsabr.com:2710/announce,udp://vibe.community:6969/announce,udp://wassermann.online:6969/announce,udp://www.loushao.net:8080/announce,udp://z.mercax.com:53/announce,udp://zephir.monocul.us:6969/announce,udp://zer0day.ch:1337/announce,udp://zer0day.to:1337/announce,udp://9.rarbg.com:2710/announce,udp://tracker.skyts.net:6969/announce,udp://tracker.safe.moe:6969/announce,udp://tracker.piratepublic.com:1337/announce,udp://tracker.pirateparty.gr:6969/announce,udp://tracker.coppersurfer.tk:6969/announce,udp://tracker.leechers-paradise.org:6969/announce,udp://allesanddro.de:1337/announce,udp://p4p.arenabg.com:1337/announce,udp://tracker.opentrackr.org:1337/announce,udp://public.popcorn-tracker.org:6969/announce,udp://wambo.club:1337/announce,udp://trackerxyz.tk:1337/announce,udp://tracker4.itzmx.com:2710/announce,udp://tracker2.christianbro.pw:6969/announce,udp://tracker1.xku.tv:6969/announce,udp://tracker1.wasabii.com.tw:6969/announce,udp://tracker.zer0day.to:1337/announce + +## 执行额外命令 ## + +# 下载停止后执行的命令 +# 从 正在下载 到 删除、错误、完成 时触发。暂停被标记为未开始下载,故与此项无关。 +#on-download-stop=/root/.aria2/delete.sh + +# 下载完成后执行的命令 +# 此项未定义则执行 下载停止后执行的命令 (on-download-stop) +#on-download-complete=/root/.aria2/clean.sh + +# 下载错误后执行的命令 +# 此项未定义则执行 下载停止后执行的命令 (on-download-stop) +#on-download-error= + +# 下载暂停后执行的命令 +#on-download-pause= + +# 下载开始后执行的命令 +#on-download-start= + +# BT 下载完成后执行的命令 +#on-bt-download-complete= + +# sudo -Hu www aria2c --conf-path=/etc/aria2c/aria2c.conf -D diff --git a/images/seedbox/conf/aria2c.session b/images/seedbox/conf/aria2c.session new file mode 100644 index 00000000..e69de29b diff --git a/images/seedbox/conf/aria2c.torrents.conf b/images/seedbox/conf/aria2c.torrents.conf new file mode 100755 index 00000000..7def83a0 --- /dev/null +++ b/images/seedbox/conf/aria2c.torrents.conf @@ -0,0 +1,252 @@ +## 文件保存相关 ## + +# 文件保存目录 +dir=/mnt/data/Downloads/torrents + +# 启用磁盘缓存, 0为禁用缓存, 需1.16以上版本, 默认:16M +disk-cache=32M + +# 文件预分配方式, 能有效降低磁盘碎片, 默认:prealloc +# 预分配所需时间: none < falloc ? trunc < prealloc +# falloc和trunc则需要文件系统和内核支持 +# NTFS建议使用falloc, EXT3/4建议trunc, MAC 下需要注释此项 +# 文件预分配方式, 可选:none, prealloc, trunc, falloc, 默认:prealloc +# 预分配对于机械硬盘可有效降低磁盘碎片、提升磁盘读写性能、延长磁盘寿命。 +# 机械硬盘使用 ext4(具有扩展支持),btrfs,xfs 或 NTFS(仅 MinGW 编译版本)等文件系统建议设置为 falloc +# 若无法下载,提示 fallocate failed.cause:Operation not supported 则说明不支持,请设置为 none +# prealloc 分配速度慢, trunc 无实际作用,不推荐使用。 +# 固态硬盘不需要预分配,只建议设置为 none ,否则可能会导致双倍文件大小的数据写入,从而影响寿命。 +file-allocation=none +# 文件预分配大小限制。小于此选项值大小的文件不预分配空间,单位 K 或 M,默认:5M +no-file-allocation-limit=64M + +## 下载连接相关 ## +# 断点续传 +continue=true +# 始终尝试断点续传,无法断点续传则终止下载,默认:true +always-resume=false +# 文件未找到重试次数,默认:0 (禁用) +# 重试时同时会记录重试次数,所以也需要设置 max-tries 这个选项 +max-file-not-found=10 +# 最大同时下载任务数, 运行时可修改, 默认:5 +max-concurrent-downloads=64 +# 同一服务器连接数, 添加时可指定, 默认:1 +# 官方的aria2最高设置为16, 如果需要设置任意数值请重新编译aria2 +max-connection-per-server=16 +# 整体下载速度限制, 运行时可修改, 默认:0(不限制) +#max-overall-download-limit=0 +# 单个任务下载速度限制, 默认:0(不限制) +#max-download-limit=0 +# 禁用IPv6, 默认:false +# disable-ipv6=true +# 禁用https证书检查 +check-certificate=false +# 整体上传速度限制, 运行时可修改, 默认:0 +# 设置过低可能影响 BT 下载速度 +max-overall-upload-limit=0 +# 单个任务上传速度限制, 默认:0 +max-upload-limit=0 +# 连接超时时间, 默认:60 +timeout=10 +# 连接超时时间(秒)。默认:60 +connect-timeout=10 +# 最大重试次数, 设置为0表示不限制重试次数, 默认:5 +max-tries=5 +# 设置重试等待的秒数, 默认:0 +retry-wait=3 +# 最小文件分片大小, 添加时可指定, 取值范围1M -1024M, 默认:20M +# 假定size=10M, 文件为20MiB 则使用两个来源下载; 文件为15MiB 则使用一个来源下载 +min-split-size=5M +# HTTP/FTP 下载分片大小,所有分割都必须是此项值的倍数,最小值为 1M (增强版为 1K),默认:1M +piece-length=1M +# 允许分片大小变化。默认:false +# false:当分片大小与控制文件中的不同时将会中止下载 +# true:丢失部分下载进度继续下载 +allow-piece-length-change=true +# 单个任务最大线程数, 添加时可指定, 默认:5 +# 建议同max-connection-per-server设置为相同值 +split=64 +# GZip 支持,默认:false +http-accept-gzip=true +# URI 复用,默认: true +reuse-uri=false +# 禁用 netrc 支持,默认:false +no-netrc=true +# 允许覆盖,当相关控制文件(.aria2)不存在时从头开始重新下载。默认:false +allow-overwrite=true +# 文件自动重命名,此选项仅在 HTTP(S)/FTP 下载中有效。新文件名在名称之后扩展名之前加上一个点和一个数字(1..9999)。默认:true +auto-file-renaming=true + +# 使用 UTF-8 处理 Content-Disposition ,默认:false +content-disposition-default-utf8=true + +## 进度保存相关 ## + +# 从会话文件中读取下载任务 +input-file=/mnt/data/app/aria2c/aria2c.torrents.session +# 在Aria2退出时保存错误的、未完成的下载任务到会话文件 +save-session=/mnt/data/app/aria2c/aria2c.torrents.session +# 定时保存会话, 0为退出时才保存, 需1.16.1以上版本, 默认:0 +save-session-interval=60 +# 自动保存任务进度的间隔时间(秒),0 为进程正常退出时保存,默认:60 +auto-save-interval=1 +# 强制保存,即使任务已完成也保存信息到会话文件, 默认:false +# 开启后会在任务完成后保留 .aria2 文件,文件被移除且任务存在的情况下重启后会重新下载。 +# 关闭后已完成的任务列表会在重启后清空。 +force-save=false + +## RPC相关设置 ## + +# 启用RPC, 默认:false +enable-rpc=true +# 允许所有来源, 默认:false +rpc-allow-origin-all=true +# 允许外部访问, 默认:false +rpc-listen-all=true +# RPC端口, 仅当默认端口被占用时修改 +rpc-listen-port=6801 +# 设置的RPC授权令牌, v1.18.4新增功能, 取代 --rpc-user 和 --rpc-passwd 选项 +rpc-secret=xiaoke +# 启动SSL +# rpc-secure=true +# 证书文件, 如果启用SSL则需要配置证书文件, 例如用https连接aria2 +# rpc-certificate= +# rpc-private-key= +# 保存通过 WebUI(RPC) 上传的种子文件(.torrent),默认:true +# 所有涉及种子文件保存的选项都建议开启,不保存种子文件有任务丢失的风险。 +# 通过 RPC 自定义临时下载目录可能不会保存种子文件。 +rpc-save-upload-metadata=true +# RPC 最大请求大小 +rpc-max-request-size=10M + +## BT/PT下载相关 ## + +# 当下载的是一个种子(以.torrent结尾)时, 自动开始BT任务, 默认:true +# 下载种子文件(.torrent)自动开始下载, 默认:true,可选:false|mem +# true:保存种子文件 +# false:仅下载种子文件 +# mem:将种子保存在内存中 +follow-torrent=false +# 强制保存会话, 即使任务已经完成, 默认:false +# 较新的版本开启后会在任务完成后依然保留.aria2文件 +#force-save=false +# 继续之前的BT任务时, 无需再次校验, 默认:false +bt-seed-unverified=true +# 保存磁力链接元数据为种子文件(.torrent文件), 默认:false +bt-save-metadata=true +# 加载已保存的元数据文件(.torrent),默认:false +bt-load-saved-metadata=true +# 单个种子最大连接数, 默认:55 0表示不限制 +bt-max-peers=0 +# 最小做种时间, 单位:分 +# seed-time = 60 +# 分离做种任务 +bt-detach-seed-only=true +# BT监听端口, 当端口被屏蔽时使用, 默认:6881-6999 +listen-port=7881-7998 +# Try to download first and last pieces of each file first. This is useful for previewing files. +bt-prioritize-piece=head +# 删除 BT 下载任务中未选择文件,默认:false +bt-remove-unselected-file=true +# BT加密需求,默认:false +# 启用后拒绝与旧的 BitTorrent 握手协议(\19BitTorrent protocol)建立连接,始终使用混淆处理握手。 +#bt-require-crypto=true + +# BT最低加密等级,可选:plain(明文),arc4(加密),默认:plain +#bt-min-crypto-level=arc4 +# BT强制加密, 默认: false +# 启用后将拒绝旧的 BT 握手协议并仅使用混淆握手及加密。可以解决部分运营商对 BT 下载的封锁,且有一定的防版权投诉与迅雷吸血效果。 +# 此选项相当于后面两个选项(bt-require-crypto=true, bt-min-crypto-level=arc4)的快捷开启方式,但不会修改这两个选项的值。 +bt-force-encryption=false +# 打开DHT功能, PT需要禁用, 默认:true +enable-dht=true +# 打开IPv6 DHT功能, PT需要禁用 +enable-dht6=true + +# DHT网络监听端口, 默认:6881-6999 +dht-listen-port=7881-7999 +# DHT(IPv4)文件 +dht-file-path=/mnt/data/app/aria2c/dht.dat +# DHT(IPv6)文件 +dht-file-path6=/mnt/data/app/aria2c/dht6.dat +# IPv4 DHT 网络引导节点 +dht-entry-point=dht.transmissionbt.com:6881 +# IPv6 DHT 网络引导节点 +dht-entry-point6=dht.transmissionbt.com:6881 + +# 本地节点查找, PT需要禁用, 默认:false +bt-enable-lpd=true +# 种子交换, PT需要禁用, 默认:true +enable-peer-exchange=true +# 每个种子限速, 对少种的PT很有用, 默认:50K +# bt-request-peer-speed-limit=10M +# 客户端伪装, PT需要 -UT341- -TR2770- -TR2940- +peer-id-prefix=-TR2770- +# user-agent=uTorrent/341(109279400)(30888) +user-agent=Transmission/2.77 +# user-agent=Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4160.0 Safari/537.36 Edg/85.0.537.0 + +# BT 客户端伪装 +# PT 下载需要保持 user-agent 和 peer-agent 两个参数一致 +# 部分 PT 站对 Aria2 有特殊封禁机制,客户端伪装不一定有效,且有封禁账号的风险。 +#user-agent=qBittorrent/4.2.5 +#peer-agent=qBittorrent/4.2.5 +peer-agent=Transmission/2.94 + +## 日志设置 ## + +# 日志文件保存路径,忽略或设置为空为不保存,默认:不保存 +log=/mnt/data/app/aria2c/aria2c.log + +# 日志级别,可选 debug, info, notice, warn, error 。默认:debug +log-level=notice + +# 控制台日志级别,可选 debug, info, notice, warn, error ,默认:notice +console-log-level=notice + +# 安静模式,禁止在控制台输出日志,默认:false +quiet=false + +# 当种子的分享率达到这个数时, 自动停止做种, 0为一直做种, 默认:1.0 +# 强烈建议您将此选项设置为大于等于 1.0 +seed-ratio=1.0 +# 强制保存会话, 话即使任务已经完成, 默认:false +# 较新的版本开启后会在任务完成后依然保留.aria2文件 +#force-save=false +# BT校验相关, 默认:true +bt-hash-check-seed=false +#仅下载种子文件 +bt-metadata-only=true +# BT tracker 服务器超时时间(秒)。默认:60 +bt-tracker-timeout=10 +# BT tracker 服务器连接超时时间(秒)。默认:60 +# 建立连接后,此选项无效,将使用 bt-tracker-timeout 选项的值 +bt-tracker-connect-timeout=10 + + +## 执行额外命令 ## + +# 下载停止后执行的命令 +# 从 正在下载 到 删除、错误、完成 时触发。暂停被标记为未开始下载,故与此项无关。 +#on-download-stop=/root/.aria2/delete.sh + +# 下载完成后执行的命令 +# 此项未定义则执行 下载停止后执行的命令 (on-download-stop) +#on-download-complete=/root/.aria2/clean.sh + +# 下载错误后执行的命令 +# 此项未定义则执行 下载停止后执行的命令 (on-download-stop) +#on-download-error= + +# 下载暂停后执行的命令 +#on-download-pause= + +# 下载开始后执行的命令 +#on-download-start= + +# BT 下载完成后执行的命令 +#on-bt-download-complete= + +#通过网上的种子文件下载,种子保存在内存 https://github.com/ngosang/trackerslist + +bt-tracker=http://1337.abcvg.info:80/announce,http://157.7.202.64:8080/announce,http://158.69.146.212:7777/announce,http://173.254.204.71:1096/announce,http://178.175.143.27:80/announce,http://178.33.73.26:2710/announce,http://182.176.139.129:6969/announce,http://185.5.97.139:8089/announce,http://185.83.215.123:6969/announce,http://188.165.253.109:1337/announce,http://194.106.216.222:80/announce,http://195.123.209.37:1337/announce,http://210.244.71.25:6969/announce,http://210.244.71.26:6969/announce,http://213.163.67.56:1337/announce,http://37.19.5.139:6969/announce,http://37.19.5.155:6881/announce,http://46.4.109.148:6969/announce,http://5.79.249.77:6969/announce,http://5.79.83.193:2710/announce,http://51.254.244.161:6969/announce,http://59.36.96.77:6969/announce,http://5rt.tace.ru:60889/announce,http://62.210.202.61:80/announce,http://74.82.52.209:6969/announce,http://78.30.254.12:2710/announce,http://80.246.243.18:6969/announce,http://81.200.2.231:80/announce,http://85.17.19.180:80/announce,http://87.110.238.140:6969/announce,http://87.248.186.252:8080/announce,http://87.253.152.137:80/announce,http://91.216.110.47:80/announce,http://91.217.91.21:3218/announce,http://91.218.230.81:6969/announce,http://93.92.64.5:80/announce,http://95.211.168.204:2710/announce,http://[2001:1b10:1000:8101:0:242:ac11:2]:6969/announce,http://[2001:470:1:189:0:1:2:3]:6969/announce,http://[2a04:ac00:1:3dd8::1:2710]:2710/announce,http://aaa.army:8866/announce,http://agusiq-torrents.pl:6969/announce,http://asnet.pw:2710/announce,http://atrack.pow7.com:80/announce,http://bobbialbano.com:6969/announce,http://bt.3kb.xyz:80/announce,http://bt.okmp3.ru:2710/announce,http://bt.pusacg.org:8080/announce,http://explodie.org:6969/announce,http://fxtt.ru:80/announce,http://h4.trakx.nibba.trade:80/announce,http://mail2.zelenaya.net:80/announce,http://milanesitracker.tekcities.com:80/announce,http://ns349743.ip-91-121-106.eu:80/announce,http://open.acgnxtracker.com:80/announce,http://open.acgtracker.com:1096/announce,http://open.lolicon.eu:7777/announce,http://open.touki.ru:80/announce.php,http://opentracker.i2p.rocks:6969/announce,http://p4p.arenabg.ch:1337/announce,http://p4p.arenabg.com:1337/announce,http://pow7.com:80/announce,http://pt.lax.mx:80/announce,http://retracker.bashtel.ru:80/announce,http://retracker.gorcomnet.ru:80/announce,http://retracker.hotplug.ru:2710/announce,http://retracker.krs-ix.ru:80/announce,http://retracker.mgts.by:80/announce,http://retracker.sevstar.net:2710/announce,http://retracker.spark-rostov.ru:80/announce,http://retracker.telecom.by:80/announce,http://rt.tace.ru:80/announce,http://secure.pow7.com:80/announce,http://share.camoe.cn:8080/announce,http://siambit.org:80/announce.php,http://t.acg.rip:6699/announce,http://t.nyaatracker.com:80/announce,http://t.overflow.biz:6969/announce,http://t1.pow7.com:80/announce,http://t2.pow7.com:80/announce,http://thetracker.org:80/announce,http://torrentclub.online:54123/announce,http://torrentsmd.com:8080/announce,http://torrentsmd.eu:8080/announce,http://torrenttracker.nwc.acsalaska.net:6969/announce,http://tr.cili001.com:8070/announce,http://tr.kxmp.cf:80/announce,http://tracker-cdn.moeking.me:2095/announce,http://tracker.aletorrenty.pl:2710/announce,http://tracker.anonwebz.xyz:8080/announce,http://tracker.birkenwald.de:6969/announce,http://tracker.bittor.pw:1337/announce,http://tracker.bittorrent.am:80/announce,http://tracker.bt4g.com:2095/announce,http://tracker.bz:80/announce,http://tracker.city9x.com:2710/announce,http://tracker.devil-torrents.pl:80/announce,http://tracker.dler.org:6969/announce,http://tracker.dutchtracking.nl:80/announce,http://tracker.edoardocolombo.eu:6969/announce,http://tracker.electro-torrent.pl:80/announce,http://tracker.ex.ua:80/announce,http://tracker.files.fm:6969/announce,http://tracker.flashtorrents.org:6969/announce,http://tracker.gbitt.info:80/announce,http://tracker.grepler.com:6969/announce,http://tracker.ipv6tracker.ru:80/announce,http://tracker.kuroy.me:5944/announce,http://tracker.lelux.fi:80/announce,http://tracker.mg64.net:6881/announce,http://tracker.moeking.me:6969/announce,http://tracker.noobsubs.net:80/announce,http://tracker.opentrackr.org:1337/announce,http://tracker.sakurato.xyz:23333/announce,http://tracker.skyts.net:6969/announce,http://tracker.sloppyta.co:80/announce,http://tracker.tfile.co:80/announce,http://tracker.tfile.me:80/announce,http://tracker.tiny-vps.com:6969/announce,http://tracker.torrentyorg.pl:80/announce,http://tracker.trackerfix.com:80/announce,http://tracker.tvunderground.org.ru:3218/announce,http://tracker.uw0.xyz:6969/announce,http://tracker.vraphim.com:6969/announce,http://tracker.yoshi210.com:6969/announce,http://tracker.zerobytes.xyz:1337/announce,http://tracker.zum.bi:6969/announce,http://tracker01.loveapp.com:6789/announce,http://tracker1.bt.moack.co.kr:80/announce,http://tracker1.itzmx.com:8080/announce,http://tracker1.wasabii.com.tw:6969/announce,http://tracker2.dler.org:80/announce,http://tracker2.itzmx.com:6961/announce,http://tracker3.itzmx.com:6961/announce,http://tracker4.itzmx.com:2710/announce,http://vpn.flying-datacenter.de:6969/announce,http://vps02.net.orel.ru:80/announce,http://www.loushao.net:8080/announce,http://www.wareztorrent.com:80/announce,https://1337.abcvg.info:443/announce,https://2.tracker.eu.org:443/announce,https://3.tracker.eu.org:443/announce,https://aaa.army:8866/announce,https://open.kickasstracker.com:443/announce,https://opentracker.acgnx.se:443/announce,https://tp.m-team.cc:443/announce.php,https://tr.ready4.icu:443/announce,https://tr.steins-gate.moe:2096/announce,https://tracker.bt-hash.com:443/announce,https://tracker.cyber-hub.net:443/announce,https://tracker.foreverpirates.co:443/announce,https://tracker.gbitt.info:443/announce,https://tracker.imgoingto.icu:443/announce,https://tracker.lelux.fi:443/announce,https://tracker.lilithraws.cf:443/announce,https://tracker.nanoha.org:443/announce,https://tracker.nitrix.me:443/announce,https://tracker.parrotsec.org:443/announce,https://tracker.sloppyta.co:443/announce,https://tracker.tamersunion.org:443/announce,https://trakx.herokuapp.com:443/announce,https://w.wwwww.wtf:443/announce,https://www.wareztorrent.com:443/announce,udp://151.80.120.114:2710/announce,udp://168.235.67.63:6969/announce,udp://178.33.73.26:2710/announce,udp://182.176.139.129:6969/announce,udp://185.5.97.139:8089/announce,udp://185.83.215.123:6969/announce,udp://185.86.149.205:1337/announce,udp://188.165.253.109:1337/announce,udp://191.101.229.236:1337/announce,udp://194.106.216.222:80/announce,udp://195.123.209.37:1337/announce,udp://195.123.209.40:80/announce,udp://208.67.16.113:8000/announce,udp://212.1.226.176:2710/announce,udp://212.47.227.58:6969/announce,udp://213.163.67.56:1337/announce,udp://37.19.5.155:2710/announce,udp://3rt.tace.ru:60889/announce,udp://46.4.109.148:6969/announce,udp://47.ip-51-68-199.eu:6969/announce,udp://5.79.249.77:6969/announce,udp://5.79.83.193:6969/announce,udp://51.254.244.161:6969/announce,udp://52.58.128.163:6969/announce,udp://62.138.0.158:6969/announce,udp://62.212.85.66:2710/announce,udp://6ahddutb1ucc3cp.ru:6969/announce,udp://6rt.tace.ru:80/announce,udp://74.82.52.209:6969/announce,udp://78.30.254.12:2710/announce,udp://85.17.19.180:80/announce,udp://89.234.156.205:80/announce,udp://9.rarbg.com:2710/announce,udp://9.rarbg.me:2710/announce,udp://9.rarbg.me:2780/announce,udp://9.rarbg.to:2710/announce,udp://9.rarbg.to:2730/announce,udp://91.216.110.52:451/announce,udp://91.218.230.81:6969/announce,udp://94.23.183.33:6969/announce,udp://95.211.168.204:2710/announce,udp://[2001:1b10:1000:8101:0:242:ac11:2]:6969/announce,udp://[2001:470:1:189:0:1:2:3]:6969/announce,udp://[2a03:7220:8083:cd00::1]:451/announce,udp://[2a04:ac00:1:3dd8::1:2710]:2710/announce,udp://[2a04:c44:e00:32e0:4cf:6aff:fe00:aa1]:6969/announce,udp://aaa.army:8866/announce,udp://adm.category5.tv:6969/announce,udp://admin.videoenpoche.info:6969/announce,udp://adminion.n-blade.ru:6969/announce,udp://anidex.moe:6969/announce,udp://api.bitumconference.ru:6969/announce,udp://aruacfilmes.com.br:6969/announce,udp://bclearning.top:6969/announce,udp://benouworldtrip.fr:6969/announce,udp://bioquantum.co.za:6969/announce,udp://bitsparadise.info:6969/announce,udp://blokas.io:6969/announce,udp://bms-hosxp.com:6969/announce,udp://bt.firebit.org:2710/announce,udp://bt1.archive.org:6969/announce,udp://bt2.3kb.xyz:6969/announce,udp://bt2.54new.com:8080/announce,udp://bt2.archive.org:6969/announce,udp://bubu.mapfactor.com:6969/announce,udp://camera.lei001.com:6969/announce,udp://cdn-1.gamecoast.org:6969/announce,udp://cdn-2.gamecoast.org:6969/announce,udp://chihaya.toss.li:9696/announce,udp://code2chicken.nl:6969/announce,udp://concen.org:6969/announce,udp://cutiegirl.ru:6969/announce,udp://daveking.com:6969/announce,udp://denis.stalker.upeer.me:6969/announce,udp://discord.heihachi.pw:6969/announce,udp://dpiui.reedlan.com:6969/announce,udp://drumkitx.com:6969/announce,udp://eddie4.nl:6969/announce,udp://edu.uifr.ru:6969/announce,udp://engplus.ru:6969/announce,udp://exodus.desync.com:6969/announce,udp://fe.dealclub.de:6969/announce,udp://forever-tracker.zooki.xyz:6969/announce,udp://free-tracker.zooki.xyz:6969/announce,udp://inferno.demonoid.is:3391/announce,udp://ipv4.tracker.harry.lu:80/announce,udp://ipv6.tracker.harry.lu:80/announce,udp://ipv6.tracker.zerobytes.xyz:16661/announce,udp://johnrosen1.com:6969/announce,udp://kanal-4.de:6969/announce,udp://line-net.ru:6969/announce,udp://ln.mtahost.co:6969/announce,udp://mail.realliferpg.de:6969/announce,udp://mgtracker.org:2710/announce,udp://movies.zsw.ca:6969/announce,udp://mts.tvbit.co:6969/announce,udp://nagios.tks.sumy.ua:80/announce,udp://ns-1.x-fins.com:6969/announce,udp://ns389251.ovh.net:6969/announce,udp://open.demonii.com:1337/announce,udp://open.demonii.si:1337/announce,udp://open.lolicon.eu:7777/announce,udp://open.stealth.si:80/announce,udp://opentor.org:2710/announce,udp://opentracker.i2p.rocks:6969/announce,udp://p4p.arenabg.ch:1337/announce,udp://public-tracker.zooki.xyz:6969/announce,udp://public.popcorn-tracker.org:6969/announce,udp://public.publictracker.xyz:6969/announce,udp://retracker.hotplug.ru:2710/announce,udp://retracker.lanta-net.ru:2710/announce,udp://retracker.netbynet.ru:2710/announce,udp://retracker.nts.su:2710/announce,udp://retracker.sevstar.net:2710/announce,udp://sd-161673.dedibox.fr:6969/announce,udp://shadowshq.eddie4.nl:6969/announce,udp://shadowshq.yi.org:6969/announce,udp://storage.groupees.com:6969/announce,udp://t1.leech.ie:1337/announce,udp://t2.leech.ie:1337/announce,udp://t3.leech.ie:1337/announce,udp://teamspeak.value-wolf.org:6969/announce,udp://thetracker.org:80/announce,udp://torrent.tdjs.tech:6969/announce,udp://torrentclub.online:54123/announce,udp://tr.bangumi.moe:6969/announce,udp://tr.cili001.com:8070/announce,udp://tr2.ysagin.top:2710/announce,udp://tracker-udp.gbitt.info:80/announce,udp://tracker-v6.zooki.xyz:6969/announce,udp://tracker.0x.tf:6969/announce,udp://tracker.aletorrenty.pl:2710/announce,udp://tracker.altrosky.nl:6969/announce,udp://tracker.army:6969/announce,udp://tracker.beeimg.com:6969/announce,udp://tracker.birkenwald.de:6969/announce,udp://tracker.bittor.pw:1337/announce,udp://tracker.coppersurfer.tk:6969/announce,udp://tracker.cyberia.is:6969/announce,udp://tracker.dler.org:6969/announce,udp://tracker.ds.is:6969/announce,udp://tracker.e-utp.net:6969/announce,udp://tracker.eddie4.nl:6969/announce,udp://tracker.ex.ua:80/announce,udp://tracker.filemail.com:6969/announce,udp://tracker.flashtorrents.org:6969/announce,udp://tracker.fortu.io:6969/announce,udp://tracker.grepler.com:6969/announce,udp://tracker.kali.org:6969/announce,udp://tracker.kuroy.me:5944/announce,udp://tracker.leechers-paradise.org:6969/announce,udp://tracker.lelux.fi:6969/announce,udp://tracker.moeking.me:6969/announce,udp://tracker.open-internet.nl:6969/announce,udp://tracker.opentrackr.org:1337/announce,udp://tracker.piratepublic.com:1337/announce,udp://tracker.publictracker.xyz:6969/announce,udp://tracker.shkinev.me:6969/announce,udp://tracker.sigterm.xyz:6969/announce,udp://tracker.skyts.net:6969/announce,udp://tracker.swateam.org.uk:2710/announce,udp://tracker.tiny-vps.com:6969/announce,udp://tracker.torrent.eu.org:451/announce,udp://tracker.tvunderground.org.ru:3218/announce,udp://tracker.uw0.xyz:6969/announce,udp://tracker.v6speed.org:6969/announce,udp://tracker.yoshi210.com:6969/announce,udp://tracker.zemoj.com:6969/announce,udp://tracker.zerobytes.xyz:1337/announce,udp://tracker.zum.bi:6969/announce,udp://tracker0.ufibox.com:6969/announce,udp://tracker1.bt.moack.co.kr:80/announce,udp://tracker1.itzmx.com:8080/announce,udp://tracker2.christianbro.pw:6969/announce,udp://tracker2.dler.org:80/announce,udp://tracker2.indowebster.com:6969/announce,udp://tracker2.itzmx.com:6961/announce,udp://tracker3.itzmx.com:6961/announce,udp://tracker4.itzmx.com:2710/announce,udp://u.wwwww.wtf:1/announce,udp://udp-tracker.shittyurl.org:6969/announce,udp://us-tracker.publictracker.xyz:6969/announce,udp://valakas.rollo.dnsabr.com:2710/announce,udp://vibe.community:6969/announce,udp://wassermann.online:6969/announce,udp://www.loushao.net:8080/announce,udp://z.mercax.com:53/announce,udp://zephir.monocul.us:6969/announce,udp://zer0day.ch:1337/announce,udp://zer0day.to:1337/announce diff --git a/images/seedbox/conf/build.sh b/images/seedbox/conf/build.sh new file mode 100755 index 00000000..bd2ac92e --- /dev/null +++ b/images/seedbox/conf/build.sh @@ -0,0 +1,101 @@ +#!/usr/bin/env bash + + +USER='www' +VERSION=$(bin/aria2c -v | grep 'aria2 version' | awk -F ' ' '{print $3}') +CONF=`pwd`/aria2c.conf + +# 检查环境 不足则补充 +env() +{ + BIT=$(getconf LONG_BIT) + USER_EXIST=$(grep '^www:' /etc/passwd) # 为空则不存在 + if [[ -z ${USER_EXIST} ]]; then + useradd ${USER} + fi +} + + +clear_env() +{ + if [[ -z $(command -v sudo) ]]; then + echo ' command sudo not found' + fi + + if [[ -z $(command -v curl) ]]; then + echo ' command curl not found' + fi + + userdel ${USER} +} + +do_start() +{ + CMD="sudo -Hu ${USER} bin/aria2c --conf-path=${CONF} -D >> aria2c.run.log" + ${CMD} + + PID=$(ps -aux | grep -v grep | grep aria2c | awk -F ' ' '{print $2}') + if [[ ! -z ${PID} ]]; then + echo "==> Aria2c is start complete pid: ${PID}" + fi +} + +do_stop() +{ + echo "==> Aria2c is running Stop it now" + PID=$(ps -aux | grep -v grep | grep aria2c | awk -F ' ' '{print $2}') + + if [[ -z ${PID} ]]; then + echo "==> Aria2c is running, pid: ${PID} , Stop it Now" + fi + kill -9 ${PID} +} + +do_reload() +{ + do_stop + do_start +} + +# 更新 aria2c 依赖的数据 +do_update() +{ + TRACKERS=$(curl -sL https://cdn.jsdelivr.net/gh/XIU2/TrackersListCollection@master/all_aria2.txt) + sed -i "/^bt-tracker=/d" ${CONF} + echo " +bt-tracker=${TRACKERS}" >> ${CONF} + echo "Update Tracker Complete" +} + +usage(){ +echo "Aria Command Line Helper +" + +} + +do_get_hash() +{ + CMD="bin/aria2c --bt-metadata-only=true --bt-save-metadata=true --bt-tracker=http://1337.abcvg.info:80/announce,http://157.7.202.64:8080/announce,http://158.69.146.212:7777/announce,http://173.254.204.71:1096/announce,http://178.175.143.27:80/announce,http://178.33.73.26:2710/announce,http://182.176.139.129:6969/announce,http://185.5.97.139:8089/announce,http://185.83.215.123:6969/announce,http://188.165.253.109:1337/announce,http://194.106.216.222:80/announce,http://195.123.209.37:1337/announce,http://210.244.71.25:6969/announce,http://210.244.71.26:6969/announce,http://213.163.67.56:1337/announce,http://37.19.5.139:6969/announce,http://37.19.5.155:6881/announce,http://46.4.109.148:6969/announce,http://5.79.249.77:6969/announce,http://5.79.83.193:2710/announce,http://51.254.244.161:6969/announce,http://59.36.96.77:6969/announce,http://5rt.tace.ru:60889/announce,http://62.210.202.61:80/announce,http://74.82.52.209:6969/announce,http://78.30.254.12:2710/announce,http://80.246.243.18:6969/announce,http://81.200.2.231:80/announce,http://85.17.19.180:80/announce,http://87.110.238.140:6969/announce,http://87.248.186.252:8080/announce,http://87.253.152.137:80/announce,http://91.216.110.47:80/announce,http://91.217.91.21:3218/announce,http://91.218.230.81:6969/announce,http://93.92.64.5:80/announce,http://95.211.168.204:2710/announce,http://[2001:1b10:1000:8101:0:242:ac11:2]:6969/announce,http://[2001:470:1:189:0:1:2:3]:6969/announce,http://[2a04:ac00:1:3dd8::1:2710]:2710/announce,http://aaa.army:8866/announce,http://agusiq-torrents.pl:6969/announce,http://asnet.pw:2710/announce,http://atrack.pow7.com:80/announce,http://bobbialbano.com:6969/announce,http://bt.3kb.xyz:80/announce,http://bt.okmp3.ru:2710/announce,http://bt.pusacg.org:8080/announce,http://explodie.org:6969/announce,http://fxtt.ru:80/announce,http://h4.trakx.nibba.trade:80/announce,http://mail2.zelenaya.net:80/announce,http://milanesitracker.tekcities.com:80/announce,http://ns349743.ip-91-121-106.eu:80/announce,http://open.acgnxtracker.com:80/announce,http://open.acgtracker.com:1096/announce,http://open.lolicon.eu:7777/announce,http://open.touki.ru:80/announce.php,http://opentracker.i2p.rocks:6969/announce,http://p4p.arenabg.ch:1337/announce,http://p4p.arenabg.com:1337/announce,http://pow7.com:80/announce,http://pt.lax.mx:80/announce,http://retracker.bashtel.ru:80/announce,http://retracker.gorcomnet.ru:80/announce,http://retracker.hotplug.ru:2710/announce,http://retracker.krs-ix.ru:80/announce,http://retracker.mgts.by:80/announce,http://retracker.sevstar.net:2710/announce,http://retracker.spark-rostov.ru:80/announce,http://retracker.telecom.by:80/announce,http://rt.tace.ru:80/announce,http://secure.pow7.com:80/announce,http://share.camoe.cn:8080/announce,http://siambit.org:80/announce.php,http://t.acg.rip:6699/announce,http://t.nyaatracker.com:80/announce,http://t.overflow.biz:6969/announce,http://t1.pow7.com:80/announce,http://t2.pow7.com:80/announce,http://thetracker.org:80/announce,http://torrentclub.online:54123/announce,http://torrentsmd.com:8080/announce,http://torrentsmd.eu:8080/announce,http://torrenttracker.nwc.acsalaska.net:6969/announce,http://tr.cili001.com:8070/announce,http://tr.kxmp.cf:80/announce,http://tracker-cdn.moeking.me:2095/announce,http://tracker.aletorrenty.pl:2710/announce,http://tracker.anonwebz.xyz:8080/announce,http://tracker.birkenwald.de:6969/announce,http://tracker.bittor.pw:1337/announce,http://tracker.bittorrent.am:80/announce,http://tracker.bt4g.com:2095/announce,http://tracker.bz:80/announce,http://tracker.city9x.com:2710/announce,http://tracker.devil-torrents.pl:80/announce,http://tracker.dler.org:6969/announce,http://tracker.dutchtracking.nl:80/announce,http://tracker.edoardocolombo.eu:6969/announce,http://tracker.electro-torrent.pl:80/announce,http://tracker.ex.ua:80/announce,http://tracker.files.fm:6969/announce,http://tracker.flashtorrents.org:6969/announce,http://tracker.gbitt.info:80/announce,http://tracker.grepler.com:6969/announce,http://tracker.ipv6tracker.ru:80/announce,http://tracker.kuroy.me:5944/announce,http://tracker.lelux.fi:80/announce,http://tracker.mg64.net:6881/announce,http://tracker.moeking.me:6969/announce,http://tracker.noobsubs.net:80/announce,http://tracker.opentrackr.org:1337/announce,http://tracker.sakurato.xyz:23333/announce,http://tracker.skyts.net:6969/announce,http://tracker.sloppyta.co:80/announce,http://tracker.tfile.co:80/announce,http://tracker.tfile.me:80/announce,http://tracker.tiny-vps.com:6969/announce,http://tracker.torrentyorg.pl:80/announce,http://tracker.trackerfix.com:80/announce,http://tracker.tvunderground.org.ru:3218/announce,http://tracker.uw0.xyz:6969/announce,http://tracker.vraphim.com:6969/announce,http://tracker.yoshi210.com:6969/announce,http://tracker.zerobytes.xyz:1337/announce,http://tracker.zum.bi:6969/announce,http://tracker01.loveapp.com:6789/announce,http://tracker1.bt.moack.co.kr:80/announce,http://tracker1.itzmx.com:8080/announce,http://tracker1.wasabii.com.tw:6969/announce,http://tracker2.dler.org:80/announce,http://tracker2.itzmx.com:6961/announce,http://tracker3.itzmx.com:6961/announce,http://tracker4.itzmx.com:2710/announce,http://vpn.flying-datacenter.de:6969/announce,http://vps02.net.orel.ru:80/announce,http://www.loushao.net:8080/announce,http://www.wareztorrent.com:80/announce,https://1337.abcvg.info:443/announce,https://2.tracker.eu.org:443/announce,https://3.tracker.eu.org:443/announce,https://aaa.army:8866/announce,https://open.kickasstracker.com:443/announce,https://opentracker.acgnx.se:443/announce,https://tp.m-team.cc:443/announce.php,https://tr.ready4.icu:443/announce,https://tr.steins-gate.moe:2096/announce,https://tracker.bt-hash.com:443/announce,https://tracker.cyber-hub.net:443/announce,https://tracker.foreverpirates.co:443/announce,https://tracker.gbitt.info:443/announce,https://tracker.imgoingto.icu:443/announce,https://tracker.lelux.fi:443/announce,https://tracker.lilithraws.cf:443/announce,https://tracker.nanoha.org:443/announce,https://tracker.nitrix.me:443/announce,https://tracker.parrotsec.org:443/announce,https://tracker.sloppyta.co:443/announce,https://tracker.tamersunion.org:443/announce,https://trakx.herokuapp.com:443/announce,https://w.wwwww.wtf:443/announce,https://www.wareztorrent.com:443/announce,udp://151.80.120.114:2710/announce,udp://168.235.67.63:6969/announce,udp://178.33.73.26:2710/announce,udp://182.176.139.129:6969/announce,udp://185.5.97.139:8089/announce,udp://185.83.215.123:6969/announce,udp://185.86.149.205:1337/announce,udp://188.165.253.109:1337/announce,udp://191.101.229.236:1337/announce,udp://194.106.216.222:80/announce,udp://195.123.209.37:1337/announce,udp://195.123.209.40:80/announce,udp://208.67.16.113:8000/announce,udp://212.1.226.176:2710/announce,udp://212.47.227.58:6969/announce,udp://213.163.67.56:1337/announce,udp://37.19.5.155:2710/announce,udp://3rt.tace.ru:60889/announce,udp://46.4.109.148:6969/announce,udp://47.ip-51-68-199.eu:6969/announce,udp://5.79.249.77:6969/announce,udp://5.79.83.193:6969/announce,udp://51.254.244.161:6969/announce,udp://52.58.128.163:6969/announce,udp://62.138.0.158:6969/announce,udp://62.212.85.66:2710/announce,udp://6ahddutb1ucc3cp.ru:6969/announce,udp://6rt.tace.ru:80/announce,udp://74.82.52.209:6969/announce,udp://78.30.254.12:2710/announce,udp://85.17.19.180:80/announce,udp://89.234.156.205:80/announce,udp://9.rarbg.com:2710/announce,udp://9.rarbg.me:2710/announce,udp://9.rarbg.me:2780/announce,udp://9.rarbg.to:2710/announce,udp://9.rarbg.to:2730/announce,udp://91.216.110.52:451/announce,udp://91.218.230.81:6969/announce,udp://94.23.183.33:6969/announce,udp://95.211.168.204:2710/announce,udp://[2001:1b10:1000:8101:0:242:ac11:2]:6969/announce,udp://[2001:470:1:189:0:1:2:3]:6969/announce,udp://[2a03:7220:8083:cd00::1]:451/announce,udp://[2a04:ac00:1:3dd8::1:2710]:2710/announce,udp://[2a04:c44:e00:32e0:4cf:6aff:fe00:aa1]:6969/announce,udp://aaa.army:8866/announce,udp://adm.category5.tv:6969/announce,udp://admin.videoenpoche.info:6969/announce,udp://adminion.n-blade.ru:6969/announce,udp://anidex.moe:6969/announce,udp://api.bitumconference.ru:6969/announce,udp://aruacfilmes.com.br:6969/announce,udp://bclearning.top:6969/announce,udp://benouworldtrip.fr:6969/announce,udp://bioquantum.co.za:6969/announce,udp://bitsparadise.info:6969/announce,udp://blokas.io:6969/announce,udp://bms-hosxp.com:6969/announce,udp://bt.firebit.org:2710/announce,udp://bt1.archive.org:6969/announce,udp://bt2.3kb.xyz:6969/announce,udp://bt2.54new.com:8080/announce,udp://bt2.archive.org:6969/announce,udp://bubu.mapfactor.com:6969/announce,udp://camera.lei001.com:6969/announce,udp://cdn-1.gamecoast.org:6969/announce,udp://cdn-2.gamecoast.org:6969/announce,udp://chihaya.toss.li:9696/announce,udp://code2chicken.nl:6969/announce,udp://concen.org:6969/announce,udp://cutiegirl.ru:6969/announce,udp://daveking.com:6969/announce,udp://denis.stalker.upeer.me:6969/announce,udp://discord.heihachi.pw:6969/announce,udp://dpiui.reedlan.com:6969/announce,udp://drumkitx.com:6969/announce,udp://eddie4.nl:6969/announce,udp://edu.uifr.ru:6969/announce,udp://engplus.ru:6969/announce,udp://exodus.desync.com:6969/announce,udp://fe.dealclub.de:6969/announce,udp://forever-tracker.zooki.xyz:6969/announce,udp://free-tracker.zooki.xyz:6969/announce,udp://inferno.demonoid.is:3391/announce,udp://ipv4.tracker.harry.lu:80/announce,udp://ipv6.tracker.harry.lu:80/announce,udp://ipv6.tracker.zerobytes.xyz:16661/announce,udp://johnrosen1.com:6969/announce,udp://kanal-4.de:6969/announce,udp://line-net.ru:6969/announce,udp://ln.mtahost.co:6969/announce,udp://mail.realliferpg.de:6969/announce,udp://mgtracker.org:2710/announce,udp://movies.zsw.ca:6969/announce,udp://mts.tvbit.co:6969/announce,udp://nagios.tks.sumy.ua:80/announce,udp://ns-1.x-fins.com:6969/announce,udp://ns389251.ovh.net:6969/announce,udp://open.demonii.com:1337/announce,udp://open.demonii.si:1337/announce,udp://open.lolicon.eu:7777/announce,udp://open.stealth.si:80/announce,udp://opentor.org:2710/announce,udp://opentracker.i2p.rocks:6969/announce,udp://p4p.arenabg.ch:1337/announce,udp://public-tracker.zooki.xyz:6969/announce,udp://public.popcorn-tracker.org:6969/announce,udp://public.publictracker.xyz:6969/announce,udp://retracker.hotplug.ru:2710/announce,udp://retracker.lanta-net.ru:2710/announce,udp://retracker.netbynet.ru:2710/announce,udp://retracker.nts.su:2710/announce,udp://retracker.sevstar.net:2710/announce,udp://sd-161673.dedibox.fr:6969/announce,udp://shadowshq.eddie4.nl:6969/announce,udp://shadowshq.yi.org:6969/announce,udp://storage.groupees.com:6969/announce,udp://t1.leech.ie:1337/announce,udp://t2.leech.ie:1337/announce,udp://t3.leech.ie:1337/announce,udp://teamspeak.value-wolf.org:6969/announce,udp://thetracker.org:80/announce,udp://torrent.tdjs.tech:6969/announce,udp://torrentclub.online:54123/announce,udp://tr.bangumi.moe:6969/announce,udp://tr.cili001.com:8070/announce,udp://tr2.ysagin.top:2710/announce,udp://tracker-udp.gbitt.info:80/announce,udp://tracker-v6.zooki.xyz:6969/announce,udp://tracker.0x.tf:6969/announce,udp://tracker.aletorrenty.pl:2710/announce,udp://tracker.altrosky.nl:6969/announce,udp://tracker.army:6969/announce,udp://tracker.beeimg.com:6969/announce,udp://tracker.birkenwald.de:6969/announce,udp://tracker.bittor.pw:1337/announce,udp://tracker.coppersurfer.tk:6969/announce,udp://tracker.cyberia.is:6969/announce,udp://tracker.dler.org:6969/announce,udp://tracker.ds.is:6969/announce,udp://tracker.e-utp.net:6969/announce,udp://tracker.eddie4.nl:6969/announce,udp://tracker.ex.ua:80/announce,udp://tracker.filemail.com:6969/announce,udp://tracker.flashtorrents.org:6969/announce,udp://tracker.fortu.io:6969/announce,udp://tracker.grepler.com:6969/announce,udp://tracker.kali.org:6969/announce,udp://tracker.kuroy.me:5944/announce,udp://tracker.leechers-paradise.org:6969/announce,udp://tracker.lelux.fi:6969/announce,udp://tracker.moeking.me:6969/announce,udp://tracker.open-internet.nl:6969/announce,udp://tracker.opentrackr.org:1337/announce,udp://tracker.piratepublic.com:1337/announce,udp://tracker.publictracker.xyz:6969/announce,udp://tracker.shkinev.me:6969/announce,udp://tracker.sigterm.xyz:6969/announce,udp://tracker.skyts.net:6969/announce,udp://tracker.swateam.org.uk:2710/announce,udp://tracker.tiny-vps.com:6969/announce,udp://tracker.torrent.eu.org:451/announce,udp://tracker.tvunderground.org.ru:3218/announce,udp://tracker.uw0.xyz:6969/announce,udp://tracker.v6speed.org:6969/announce,udp://tracker.yoshi210.com:6969/announce,udp://tracker.zemoj.com:6969/announce,udp://tracker.zerobytes.xyz:1337/announce,udp://tracker.zum.bi:6969/announce,udp://tracker0.ufibox.com:6969/announce,udp://tracker1.bt.moack.co.kr:80/announce,udp://tracker1.itzmx.com:8080/announce,udp://tracker2.christianbro.pw:6969/announce,udp://tracker2.dler.org:80/announce,udp://tracker2.indowebster.com:6969/announce,udp://tracker2.itzmx.com:6961/announce,udp://tracker3.itzmx.com:6961/announce,udp://tracker4.itzmx.com:2710/announce,udp://u.wwwww.wtf:1/announce,udp://udp-tracker.shittyurl.org:6969/announce,udp://us-tracker.publictracker.xyz:6969/announce,udp://valakas.rollo.dnsabr.com:2710/announce,udp://vibe.community:6969/announce,udp://wassermann.online:6969/announce,udp://www.loushao.net:8080/announce,udp://z.mercax.com:53/announce,udp://zephir.monocul.us:6969/announce,udp://zer0day.ch:1337/announce,udp://zer0day.to:1337/announce magnet:?xt=urn:btih:"$1 + $CMD +} + +case $1 in + r|-r|run) + do_start + ;; + reload) + do_reload + ;; + stop) + do_stop + ;; + u|-u|update) + do_update + ;; + -d|get-hash) + do_get_hash $2 + ;; + *|help) + usage + ;; +esac \ No newline at end of file diff --git a/images/seedbox/conf/delete.sh b/images/seedbox/conf/delete.sh new file mode 100644 index 00000000..caf6b0ce --- /dev/null +++ b/images/seedbox/conf/delete.sh @@ -0,0 +1,21 @@ +#!/bin/bash +filePath=$3 +relativePath=${filepath#./downloads/} +topPath=./downloads/${relativePath%%/*} # It will be the path of folder when it has multiple files, otherwise it will be the same as file path. + +LIGHT_GREEN_FONT_PREFIX="\033[1;32m" +FONT_COLOR_SUFFIX="\033[0m" +INFO="[${LIGHT_GREEN_FONT_PREFIX}INFO${FONT_COLOR_SUFFIX}]" + +echo -e "$(date +"%m/%d %H:%M:%S") ${INFO} Download error or stop, start deleting files..." + +if [ $2 -eq 0 ]; then + exit 0 +elif [ -e "${filePath}.aria2" ]; then + rm -vf "${filePath}.aria2" "${filePath}" +elif [ -e "${topPath}.aria2" ]; then + rm -vrf "${topPath}.aria2" "${topPath}" +fi +find "${topPath}" ! -path "${topPath}" -depth -type d -empty -exec rm -vrf {} \; + +echo -e "$(date +"%m/%d %H:%M:%S") ${INFO} Download error or stop, start deleting files finish" diff --git a/images/seedbox/conf/dht.dat b/images/seedbox/conf/dht.dat new file mode 100644 index 0000000000000000000000000000000000000000..11dec6e857553f2a3406f0f518ea1a74c0f7eb09 GIT binary patch literal 5488 zcmaLbdpuNW9{})~ahq`&j5}jy7{)C#!x)T)*^x`8~c;j zF#eh2{V{T3J1b#Ns^d!VYpL_kX&sR>f`QLp!yJ_3=8jjg%>AvmAz?;ZX0lX8?`IGwUv;ThcB%JjPu6@F0=lBGx$7=xYk{H#O>n|^MZK=VzD`#h0CtnDwAMg(=yA+w!!<}$sT&O?3 z*fm$!nmo(h^sJrVn<-ayMBt8zX29LmyJyaS9lF@H?Pb5J_wyimr1jmExm6Z6Q?+{q z+=;jFUgz|pxqVlAGG^Y9?kH3CZ6s=gsw&~~hw89-{ebF|we!23f*0#L+ zq*_W?MBfifbW2uhU1l z>WE{b6Q>INr*;)Kn!w!y>t}B_$ALS@tCOA_y0#|#pCJ|X7D}mH&&8TP z1{XanLmCiuJ0;GawO+@f#Gbg>Vme*%*lh1_;J(zgwpZM*`T*`AuTJ`3bB7#$$1V+w zbLB<<_0qyEe*~0}y7eC`j7rpz21K3oghS@v`*?o!=f!Y(b@FePN)i8p`%g^DPyidbcCY1V=l8;)8-&f&F7H7F%@qT>kxq!)g7W;`>!eMwOHIx=)Hz=ng&c=M zm|5tu=27w`>g(}un3oE2jToko<4$QFM7p}#J%%Vwn-Q*9K}~ZWWgc7t>S=9z9qvGX zHlVD7_w1=MvPYCRVLY8>Ga<)sW#zz~sJN~+?abnQV(q2tY@#vchTU3L{*ZHIs;Vt? zU2GIbRxD&!Xhq=hPA=ylhufyeH4yL~#@n zmnp=StNBtcf^ipk$w{7?FY~3Ywq-SnqnS0?Ynhs{b}8?F3OPcPUev;TL6V~d(u#3Q zLbOll)-(S#;0{2J&*i!G2tp9b?YKL#aVh~Xo}7;>VWk`u`ja@;m$*1~)-l9L|NiUVbvHAFmf zJvW27X2|K6ld6zTh|6k28W4&7)f*VE2wU`yn~M4&C#%e-FLY<0qqx-u{p=6COl>?S z1N4g;hB=9JjpLCDD9(@2DJY-{SvV#vxQ6#YM5O4#$k{kkgCA@Wszk4X>GjXJXr^70C3&zLT^9JN-KGsf1 zC&cxkjl(ut1!pzGjI@vOpFbey=w|J{&~30nspl5U5yBWPRDtYJvI26HXpCT?OO@=T zNGndH74Vj;9dc|i=m+_`!g0b6(KSlf-&64k^1KXIV^hCtk2-ELi6)4RzNbUE{b2<@_>u z2s-FS^E~L@x`q>wqeYS|;STgm+*6c%n*?uUYcV?PW)%xMHpkUi*7aaLQwf#Rfaenx3vt;f`}<&;Nx3OiMU~!YlJpXC#Fw&?x1lfjgt!`% z{crG$W{`c8X|2w;90pjg8Gc&H$b60CKgFZeGn0SR=nZp)gq%)1%^vB5xFeDk z4rvEBu#cG9Y3*U^m}QG0hZ!eS!`;^n@jYno4?_pa)`uJ!XwXt_JltnI^}82qzX9CU ztaB?tb#7gm%U#@Rk2;31;qJU|O@5i=q=2mFQ0NHv)WmI7;st{skt{*| zJF8o-;O^x7ngP^&q4(DN*9Tj!K2>zpEWo#fy!z8lxC@$WXrr4UbAf1x7{21#;N_4| zg>45O>pRvY(OVJwEwjK%PG7P^A?=WwKi@HsG;+v3$&>XcS<`FIm$K82(M*HNX<7ofFLm|7xJ{_-d$av+&{OqK42nkJ(HBm)H4FkX z;4b9X&^9zTT%@q0$Hg{mKeiRyWYWa=dvgyWAH!_Jz|UFWFCnktZtdhtT-R%=UH1?+SZuFiH6u8qpLAl`uP4(br)jBUorp9ElkD6` zJ4~)>92=fDAN0Gnk8(S!+Cw-K4oXO!_s`?}0BHcD!_#^uAu43~Cih1|lJ_sJt;ece z;Ld{+x84wCT^hEO5v9w9wi&XO+1mIVg(vAtS{0rOmnT zuOE#lg}X!>QSLN;alWy;1ONB`FI~jlq-eogMS78{Rao}a)Nj-6_mhcGAZu4iumYCLC8T}^X3#$!co1+ zK1H^KUem3)SqvOXnOA@(59}dqQ1%>S4@EfOX=C)Ibm8emu}{rpN$r}%`^R6>a~NKx zq)=ILu>A2zil(}>zCziG-T?!*$xo62nVDvX`MoZ3RqQQD_I+xopG$vl<7Hn zG^o`E{LIv^*#I;y^N;)8$oh5Nl?{Uj8rd_vwZMR|Zzw&7hIq;{K!GQBjks{{j&0R6 zKNkY+Y-Gg7n#zZr8*j|_Y%Z9$rRT6r*&tsg;ZLOVYCIbD|tOo4BIFVEw7&(&J}RuzP7O_KqE;q{j#Iqq(cDw0iuUS;ZTv?umu44 z&E?a|`x9w3bI^gdul)A*!=c)Y78l%hdB!odJguJ ziK)pEw!sg=O)$$UiAgAgxp}laa`# zZ}q;})TCX~tjHYggUeSr$~?#^ii2&GhZdKy_67e$sAH)}NqWy&Bk6Fi>~v1}1B8=j zaRL0;PI=e{fSnT(mys#wYm!n!_LnZ|X*a&E-;$C${~P`S;c%$6f*6@;KpjU3-vNz# z|1-26Xah*l)&Gh^{>G{AwolCAS^=12>5{Umc*b?F1#N|vU4Fsm zB*-u?p&|BV0e7J>Y!3cUOkE5b(fh8kSqY!GjGC=@k?$ivG>J}6DS+!k`e9`}{LY7M zl!w;u3%Mv__)Nr3uCN0x>)so<#d8}{M;HT#TKqTaR`YD(m@xO>$d*0sas%F9??3lY z@c6<5SG>xJ6dvsG1Ce>Y*EuTA=m##rrIhyNY&J>J)lJ(evP3ZFz3j&1U#$h(5e|o9 zNvt7>W}x@)INq!_60^txmjbY;%&KEYr^4^Ex{kZ)RMau7mgC?IW$BNh(?*oN)j#6H#wqi(zpoO1@*s5 zAtCy@vAfxBh_h+dePras0`_0q2<>)kB9qKcKM)^-ODTSydrI(YK6fq2cwff6^}L_< z`l<@pPV-F?(rzS03g!8f<+e*vQph+ET&8PNB6dz?Td*I8P;3syo7PADBJtB zFxcSwZ6rSzYXnQjc7)wIKL?erXE_q~^*LJzgC1pGVp9C6UF95q@2+J~X~QA76o4iC zklzwvHZ9ooT;M@2!qLXsc|X`r^AqNN@LN*HExDSuk6iSq7Ql#(bQxRa&!$ZpcwbuD zz%cJ(nR#^9+EoAtW*aieS7-q7^M^nCP?}+>T5H3bqL`55Du0!qQP&Ve56g<0Q;mkQ zj5P8m7jLMD)3}}C(AcLa+t%SDL#18ojim;AE9RYu9bxHry z2D?dN&5CdT+*i@FboF>t6Dpu%#(ijvbP;*y~wqDKVp7OE7j zM;6cf$i9!R6jaQgX7Cfs%=SGg)?3xoT%$nd;Njjc7^c)VweJbdP1gLheCzHlKW@#K~9&nMUjF8yWGjwt>gSjAiJ%NFv^g9dh z*OA3cos;aET6#1NV%~=Ts@a)_Cl4N!IHt7jbKQska-gHkvixxH`SzFH$7r0kP^Dw_ zZ0B1JW^m%O^bG6S!F+n|-#Gv_Q8v{8dYMms14N5H`+1#ao>l`ln~OW|uJ3t-HGoTy zxWMO4C|!ymP;>K9aG&2aP49qO)LCU8;sM(T_s9J=F+yi2ZqRdBz!U%mKX(g!tx{Q| z?8;2z^nE{d_JwB&B!rWV?jXbXgU7p*3gx_+ zQBEd(^Eph@v+6H!$S?5XaW4AN66Jr(X_JyETrmF1ZZyuT zO6;QGmx;i!4Y_7z?~k=PglwYMLqlQ#))QwzXKfjoRDT|iteZqH#nhO!Ps%J=v&<^p z_Ed*mQuLqWqdTfqr~$2Md+ySDkYm9xbg{od0^B|&!HiGE6&78 zP!cyTV_raLZ;pXWDe-i19lv%o#!y|`qExTMi^tP8(i*lS@x(GK)LLes)c8-C<#DKF zMbh+KlnYOP5C606N7_6TaQqChX&)CoN7;XRn4cQk2ipKZJ*RQOnODvoecEX$D>mtL zN4u@KvX2e^0@0)RxsS=o8(`@1iDib&9PKag!ZrZ-Y3E{Mz-xZ{Cu#!qP14ubUXAAz zi`&4ku2A71{8jLJdCsL-9h9jba-A(B3y`vOOUwyuN;x$Xn(ua8HCzhc+u1b@bB%Cxjr}zE zlA5;p+RyYj*p9T163<&8dPbL^)#EN^_AF~vPdk%0xYSiQwZLWBJS1F$1vNy^!Q*{z zq9I5QoFJ2oVhvU~!|6fh*I0*aQPn%al{3ZbMy@b$l=dk}O=M8p7qD*ADrcc!K zV)eae?&?BQ|8VMG?Pa^e!ZgNqR%uACa=r_8_2rYB4%dl&WOiov7EPvZZjtuE z>)*kAAMoJlWxl*KUcsx}@WXKaF;VMux1EA_OgKa8W*F`@k^y ztK4tvnUA;L?JRK%^9)~}bZ~8BxUa*Zq61YkB|x3cpLC_~$(3a4Y7F;70!j3OVoCf# zw=K);!=076ca0d@2c+^@Id*CtDnFv%QR~XJs`q4ETIRTnP)a+mLtbjPbbulsJtq%D zfk^?%rS9WNU)A56%xQTRcFj5bw7H%_ZQF~~tuGoQwkb{1bCi420yN8FK5V00Z^*3b z6}Fua{iId0X}V*`iGL}XE0$q?!GSu;m1%#~vof)qvyMf>Gd$E9nn&r7g$3NZ;0DO$~6+F z?%FB+5T38t`k>%)hj72O`C#+N&4WX8^c)&>@9pD%V+Vd))gxTum{Yr-;2xfMk5%ZD zdMfKydJfLB`u$nJAAgBV%1TgJ;e_29A0jV}eZpQ0_nH zMyPKTKZD!aK1>}h+B4TRH?sVhd*MMdTtbTr#M&4OR7T`Y$H^oaap_gPD6vuXiL18` zTKx1X|26wX^JyAAhl7}Z0-WII6%~Lwackv`7+&Gq`H9nCTp8RIBJlL-E@Vd0bMpVA z9tJW7n{N}(UaxJqV9Hm|mXY*NFQWY8EA?sA(7HE|Nl|b8A26{o_5);UipIJC{in7U zo;zu&(%Kg>qGhzzIQN@{rCivAF9FyuD$)CiW&%@PBBh|Nxxlw=bkcB@tNfn>eH3&$h=iv5< zbeHH}J=eF(=Y%j}mGelRoY6SkR-xTvQRLP3?EYG3dX92$!w!1FgUWCx$wEOxNvoXQ zoXVp(QS4}K(|VuXO{1u3>K!7|?>Lk)=W(`9Fj}b{7hZj_^!+oqR!Uw+Sc=Fy1*9}+ zd<^ORTaB43%AjUE!ohxuMR;0_E$!MQT=*$|RS&PhRWG_#tnBB{1MOn#%(rkw!1d8M z_Gmd!b{oCxl{=wC_v!iT!f+`?FS3hh{=y`tioBOOTXr<1_Fbz#Y)3fC`p}#lT>@=w z>?M=j&PdVbrAW=5W4m4pRvRaN%ih9t=L*4sI@%Bpz7O$Z4tg;6Z0)w`_pE)!PH?TT zo?d^}!7Bm>M_Mbq&Nd49&wBrc?Fa|&Lzp89`NxiRlSzk^JZbHVdXug2nO);66q;Wm zDkYdQ%{#@wf#D~-Z$UN`2VH3IJT^o-Z${-+IdkO{ydPiejMwpszkCbtz`&s(6%-K6 zKye=u*vw|WkUVxK#cP6&%R z!=unVkY0Nt+nIVYq-&r0Y`%k~rTKoJl;@}jaq8_TB`#51W?FT8!}W3P^O$$u$uj-T z)QBM*254K^OS=Jy@%Mg_7sXF0zlB>t;VPRo%sQ3Zf>_?JudQf7>E%0#!FGhB><4XG zh4A2S7}vSZk+~|``QeYzCk-96RtKt2 z(YiNE{$Mre_27O7Y%kDTv=`(s;bN=j{@5o)35q-MsO3cEqj8)ZhBi5fkSj|RdMjYovt5Qe^D=Bl;zH5evYq&pu%|eT{QRBB z0L{<%Em`T<+ZFmkBqdj6rSoHxo($({G|IWpGY77T@^@9r+o0UaJ2Cp^t{=6bzpYXe zDl=Q_f>;*{6W|g$J@wg$;Q;D>=_;QRlGn?eMZb0jZNcTJ>3(*JHU5Rc-(c9kQ1gu4 zZ2yYNYMw3geF#4(lBj)r{onqx;vRP2ZoFbRSD_)1Lbvo^Amj3V$u`r_b7s_C7y!Qp z2P0fGaeK$4(zlZ>%G6G^raxxz6G#=rM)HOXXEa<>zzycm{Jd^qYNpboG#%yF>j7Dp zrM>taK+nPZki9m>Bmd9OPywe`txHc`hh=I4muu>pamwEG9DMI>DF>v4{~ULCyEJNv z?^>zhx1&xg%bb( literal 0 HcmV?d00001 diff --git a/images/seedbox/conf/entrypoint.sh b/images/seedbox/conf/entrypoint.sh new file mode 100644 index 00000000..7d072d85 --- /dev/null +++ b/images/seedbox/conf/entrypoint.sh @@ -0,0 +1,35 @@ +#!/usr/bin/env sh +ARIA2_CONF='/etc/aria2c/aria2c.conf' +if [[ -z "${ARIA2_PORT}" ]]; then + ARIA2_PORT=6800 +fi + +if [[ -z "${WEBUI_PORT}" ]]; then + WEBUI_PORT=6801 +fi + +if [[ -z "${DHT_PORT}" ]]; then + DHT_PORT='6802:6999' +fi + +if [[ -z "${RPC_SECRET}" ]]; then + RPC_SECRET='haspwd' +fi + +sed -i "s/ARIA2_PORT/${ARIA2_PORT}/g" ${ARIA2_CONF} +sed -i "s/RPC_SECRET/${RPC_SECRET}/g" ${ARIA2_CONF} +sed -i "s/DHT_PORT/${DHT_PORT}/g" ${ARIA2_CONF} + +aria2c --conf-path=/etc/aria2c/aria2c.conf -D +darkhttpd /opt/ariang --port ${WEBUI_PORT} --daemon >>/dev/null +echo -e " + Welcome to Aria2c Container is Running + +Aria2 Port : 127.0.0.1:${ARIA2_PORT} +WEBUI Port : 127.0.0.1:${WEBUI_PORT} +RPC Secret : ${RPC_SECRET} + +" > /tmp/welcome.log + + +tail -f /tmp/welcome.log diff --git a/images/seedbox/conf/on-complete.sh b/images/seedbox/conf/on-complete.sh new file mode 100644 index 00000000..3ff1e105 --- /dev/null +++ b/images/seedbox/conf/on-complete.sh @@ -0,0 +1,29 @@ +#!/bin/bash + +filePath=$3 +relativePath=${filepath#./downloads/} +topPath=./downloads/${relativePath%%/*} # It will be the path of folder when it has multiple files, otherwise it will be the same as file path. + +LIGHT_GREEN_FONT_PREFIX="\033[1;32m" +FONT_COLOR_SUFFIX="\033[0m" +INFO="[${LIGHT_GREEN_FONT_PREFIX}INFO${FONT_COLOR_SUFFIX}]" + +echo -e "$(date +"%m/%d %H:%M:%S") ${INFO} Delete .aria2 file ..." + +if [ $2 -eq 0 ]; then + exit 0 +elif [ -e "${filepath}.aria2" ]; then + rm -vf "${filepath}.aria2" +elif [ -e "${topPath}.aria2" ]; then + rm -vf "${topPath}.aria2" +fi +echo -e "$(date +"%m/%d %H:%M:%S") ${INFO} Delete .aria2 file finish" +echo "$(($(cat numUpload)+1))" > numUpload # Plus 1 + +if [[ $2 -eq 1 ]]; then # single file + rclone -v --config="rclone.conf" copy "$3" "DRIVE:$RCLONE_DESTINATION" 2>&1 +elif [[ $2 -gt 1 ]]; then # multiple file + rclone -v --config="rclone.conf" copy "$topPath" "DRIVE:$RCLONE_DESTINATION/${relativePath%%/*}" +fi + +echo "$(($(cat numUpload)-1))" > numUpload # Minus 1 diff --git a/images/seedbox/conf/on-delete.sh b/images/seedbox/conf/on-delete.sh new file mode 100755 index 00000000..0aa56199 --- /dev/null +++ b/images/seedbox/conf/on-delete.sh @@ -0,0 +1,81 @@ +#!/usr/bin/env bash +# +# Copyright (c) 2018-2020 P3TERX +# +# This is free software, licensed under the MIT License. +# See /LICENSE for more information. +# +# https://github.com/P3TERX/aria2.conf +# File name:delete.sh +# Description: Delete files after Aria2 download error or task removed +# Version: 3.0 +# + +CHECK_CORE_FILE() { + CORE_FILE="$(dirname $0)/core" + if [[ -f "${CORE_FILE}" ]]; then + . "${CORE_FILE}" + else + echo "!!! core file does not exist !!!" + exit 1 + fi +} + +CHECK_RPC_CONECTION() { + READ_ARIA2_CONF + if [[ "${RPC_SECRET}" ]]; then + RPC_PAYLOAD='{"jsonrpc":"2.0","method":"aria2.getVersion","id":"P3TERX","params":["token:'${RPC_SECRET}'"]}' + else + RPC_PAYLOAD='{"jsonrpc":"2.0","method":"aria2.getVersion","id":"P3TERX"}' + fi + (curl "${RPC_ADDRESS}" -fsSd "${RPC_PAYLOAD}" || curl "https://${RPC_ADDRESS}" -kfsSd "${RPC_PAYLOAD}") >/dev/null +} + +DELETE_ON_STOP() { + if [[ "${TASK_STATUS}" = "error" && "${DELETE_ON_ERROR}" = "true" ]] || [[ "${TASK_STATUS}" = "removed" && "${DELETE_ON_REMOVED}" = "true" ]]; then + if [[ -f "${TASK_PATH}.aria2" ]]; then + echo -e "$(DATE_TIME) ${INFO} Download task ${TASK_STATUS}, deleting files..." + rm -vrf "${TASK_PATH}.aria2" "${TASK_PATH}" + else + [[ -e "${TASK_PATH}" ]] && + echo -e "$(DATE_TIME) ${WARRING} Skip delete. Download completed files: ${TASK_PATH}" || + echo -e "$(DATE_TIME) ${WARRING} Skip delete. File does not exist: ${TASK_PATH}" + fi + else + echo -e "$(DATE_TIME) ${WARRING} Skip delete. Task status invalid: ${TASK_STATUS}" + fi +} + +DELETE_ON_UNKNOWN() { + if [[ -f "${FILE_PATH}.aria2" ]]; then + echo -e "$(DATE_TIME) ${INFO} Download task force removed, deleting files..." + rm -vrf "${FILE_PATH}.aria2" "${FILE_PATH}" + else + [[ -e "${FILE_PATH}" ]] && + echo -e "$(DATE_TIME) ${WARRING} Skip delete. Download completed files: ${FILE_PATH}" || + echo -e "$(DATE_TIME) ${WARRING} Skip delete. File does not exist: ${FILE_PATH}" + fi +} + +DELETE_FILE() { + if GET_TASK_INFO; then + GET_DOWNLOAD_DIR + GET_TASK_STATUS + CONVERSION_PATH + DELETE_ON_STOP + DELETE_DOT_TORRENT + DELETE_EMPTY_DIR + elif CHECK_RPC_CONECTION && [[ "${DELETE_ON_UNKNOWN}" = "true" && ${FILE_NUM} -eq 1 ]]; then + DELETE_ON_UNKNOWN + else + echo -e "$(DATE_TIME) ${ERROR} Aria2 RPC interface error!" + exit 1 + fi +} + +CHECK_CORE_FILE "$@" +CHECK_PARAMETER "$@" +CHECK_FILE_NUM +CHECK_SCRIPT_CONF +DELETE_FILE +exit 0 diff --git a/images/seedbox/conf/on-move.sh b/images/seedbox/conf/on-move.sh new file mode 100755 index 00000000..ee1e961d --- /dev/null +++ b/images/seedbox/conf/on-move.sh @@ -0,0 +1,81 @@ +#!/usr/bin/env bash +# +# Copyright (c) 2018-2020 P3TERX +# +# This is free software, licensed under the MIT License. +# See /LICENSE for more information. +# +# https://github.com/P3TERX/aria2.conf +# File name:move.sh +# Description: Move files after Aria2 download is complete +# Version: 3.0 +# + +CHECK_CORE_FILE() { + CORE_FILE="$(dirname $0)/core" + if [[ -f "${CORE_FILE}" ]]; then + . "${CORE_FILE}" + else + echo "!!! core file does not exist !!!" + exit 1 + fi +} + +TASK_INFO() { + echo -e " +-------------------------- [${YELLOW_FONT_PREFIX}Task Infomation${FONT_COLOR_SUFFIX}] -------------------------- +${LIGHT_PURPLE_FONT_PREFIX}Task GID:${FONT_COLOR_SUFFIX} ${TASK_GID} +${LIGHT_PURPLE_FONT_PREFIX}Number of Files:${FONT_COLOR_SUFFIX} ${FILE_NUM} +${LIGHT_PURPLE_FONT_PREFIX}First File Path:${FONT_COLOR_SUFFIX} ${FILE_PATH} +${LIGHT_PURPLE_FONT_PREFIX}Task File Name:${FONT_COLOR_SUFFIX} ${TASK_FILE_NAME} +${LIGHT_PURPLE_FONT_PREFIX}Task Path:${FONT_COLOR_SUFFIX} ${TASK_PATH} +${LIGHT_PURPLE_FONT_PREFIX}Aria2 Download Directory:${FONT_COLOR_SUFFIX} ${ARIA2_DOWNLOAD_DIR} +${LIGHT_PURPLE_FONT_PREFIX}Custom Download Directory:${FONT_COLOR_SUFFIX} ${DOWNLOAD_DIR} +${LIGHT_PURPLE_FONT_PREFIX}Source Path:${FONT_COLOR_SUFFIX} ${SOURCE_PATH} +${LIGHT_PURPLE_FONT_PREFIX}Destination Path:${FONT_COLOR_SUFFIX} ${DEST_PATH} +${LIGHT_PURPLE_FONT_PREFIX}.aria2 File Path:${FONT_COLOR_SUFFIX} ${DOT_ARIA2_FILE} +-------------------------- [${YELLOW_FONT_PREFIX}Task Infomation${FONT_COLOR_SUFFIX}] -------------------------- +" +} + +OUTPUT_MOVE_LOG() { + LOG="${MOVE_LOG}" + LOG_PATH="${MOVE_LOG_PATH}" + OUTPUT_LOG +} + +DEFINITION_PATH() { + SOURCE_PATH="${TASK_PATH}" + if [[ "${DOWNLOAD_DIR}" != "${ARIA2_DOWNLOAD_DIR}" && "${DOWNLOAD_DIR}" =~ "${ARIA2_DOWNLOAD_DIR}" ]]; then + DEST_PATH="${DEST_DIR}${DEST_PATH_SUFFIX%/*}" + else + DEST_PATH="${DEST_DIR}" + fi +} + +MOVE_FILE() { + echo -e "$(DATE_TIME) ${INFO} Start move files ..." + TASK_INFO + mkdir -p "${DEST_PATH}" + mv -vf "${SOURCE_PATH}" "${DEST_PATH}" + MOVE_EXIT_CODE=$? + if [ ${MOVE_EXIT_CODE} -eq 0 ]; then + MOVE_LOG="$(DATE_TIME) ${INFO} Move done: ${SOURCE_PATH} -> ${DEST_PATH}" + else + MOVE_LOG="$(DATE_TIME) ${ERROR} Move failed: ${SOURCE_PATH}" + fi + OUTPUT_MOVE_LOG + DELETE_EMPTY_DIR +} + +CHECK_CORE_FILE "$@" +CHECK_PARAMETER "$@" +CHECK_FILE_NUM +CHECK_SCRIPT_CONF +GET_TASK_INFO +GET_DOWNLOAD_DIR +CONVERSION_PATH +DEFINITION_PATH +CLEAN_UP +MOVE_FILE +exit 0 diff --git a/images/seedbox/conf/rtorrent.rc b/images/seedbox/conf/rtorrent.rc new file mode 100644 index 00000000..ef1602f7 --- /dev/null +++ b/images/seedbox/conf/rtorrent.rc @@ -0,0 +1,72 @@ +# This is the rtorrent configuration file installed by rtinst script - https://github.com/arakasi72/rtinst +# This file is installed to ~/.rtorrent.rc +# Enable/modify the options as needed, uncomment the options you wish to enable. +# This configuration will work with most systems, but optimal settings are dependant on specific server setup + +### Set Directories +method.insert = cfg.basedir, private|const|string, (cat,"/rtorrent/") +method.insert = cfg.watch, private|const|string, (cat,(cfg.basedir),"watch/") + +#method.insert = cfg.logs, private|const|string, (cat,(cfg.basedir),"log/") +#method.insert = cfg.logfile, private|const|string, (cat,(cfg.logs),"rtorrent-",(system.time),".log") + +session.path.set = (cat,(cfg.basedir),".session") +directory.default.set = (cat,(cfg.basedir),"download") + +schedule = watch_directory,5,5,((load.start,(cat,(cfg.watch),"*.torrent"))) + +#system.umask.set = 0000 + +### BitTorrent +# Global upload and download rate in KiB, `0` for unlimited +throttle.global_down.max_rate.set = 0 +throttle.global_up.max_rate.set = 0 + +# Maximum number of simultaneous downloads and uploads slots +throttle.max_downloads.global.set = 150 +throttle.max_uploads.global.set = 150 + +# Maximum and minimum number of peers to connect to per torrent while downloading +throttle.min_peers.normal.set = 30 +throttle.max_peers.normal.set = 150 + +# Same as above but for seeding completed torrents (seeds per torrent) +throttle.min_peers.seed.set = -1 +throttle.max_peers.seed.set = -1 + +### Networking +network.port_range.set = 51001-51250 +network.port_random.set = yes +dht.mode.set = disable +protocol.pex.set = no +trackers.use_udp.set = yes + +# network.scgi.open_port = localhost:5000 +network.scgi.open_port = 127.0.0.1:5000 +network.http.ssl_verify_peer.set = 0 +protocol.encryption.set = allow_incoming,enable_retry,prefer_plaintext + +network.max_open_files.set = 4096 +network.max_open_sockets.set = 1536 +network.http.max_open.set = 48 +network.send_buffer.size.set = 4M +network.receive_buffer.size.set = 4M + +### Memory Settings +pieces.hash.on_completion.set = no +pieces.preload.type.set = 1 +pieces.memory.max.set = 3500M + +### Logging: +# Levels = critical error warn notice info debug +# Groups = connection_* dht_* peer_* rpc_* storage_* thread_* tracker_* torrent_* +#print = (cat,"Logging to ",(cfg.logfile)) +#log.open_file = "log", (cfg.logfile) +#log.add_output = "info", "log" +#log.add_output = "tracker_debug", "log" + + +### The following line initialises rutorrent plugins without needing to open the web interface +execute = {sh,-c,/usr/bin/php /var/www/rutorrent/php/initplugins.php &} + +#EOF diff --git a/images/selenium/Dockerfile b/images/selenium/Dockerfile new file mode 100644 index 00000000..e5ab3b2c --- /dev/null +++ b/images/selenium/Dockerfile @@ -0,0 +1,5 @@ +FROM selenium/standalone-chrome + +LABEL maintainer="Edmund Luong " + +EXPOSE 4444 diff --git a/images/sshd/tools.sh b/images/sshd/tools.sh index 7c48e64c..e84113ea 100644 --- a/images/sshd/tools.sh +++ b/images/sshd/tools.sh @@ -1,29 +1,37 @@ -#!/usr/bin/env bash -PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/usr/games" -export PATH - -#Config Veriable -XCLOUD_REPO="https://git.coding.net/imxieke/XCloud.git" -XCLOUD_RUN_DIR="/var/www/html/Cloud" -TTYD_REPO="https://git.coding.net/tsl0922/ttyd.git" -#TTYD_REPO="https://github.com/tsl0922/ttyd.git" - - Install_env{ - apt-get install -y build-essential gcc g++ cpp cmake make pkg-config automake \ - autoconf libwebsockets-dev libjson-c-dev libssl-dev libjson-c2 curl unzip wget zsh vim git apt-utils apt-transport-https ca-certificates - } - - Install_ttyd{ - git clone $TTYD_REPO /tmp/ttyd - mkdir -p /tmp/ttyd/build - cd /tmp/ttyd/build - cmake .. && make && make install - cd ~ && rm -fr /tmp/ttyd - } - - - Install_XCloud{ - git clone $XCLOUD_REPO $XCLOUD_RUN_DIR && \ - chmod 777 -R $XCLOUD_RUN_DIR && \ - rm -fr /var/www/html/Cloud/.git - } \ No newline at end of file +#!/usr/bin/env bash +#!/usr/bin/env bash +### + # @Author: Cloudflying + # @Date: 2019-12-13 06:33:13 + # @LastEditTime: 2021-07-07 23:12:52 + # @LastEditors: Cloudflying + # @Description: + # @FilePath: /dockenv/images/sshd/tools.sh +### +PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/usr/games" +export PATH + +#Config Veriable +XCLOUD_REPO="https://git.coding.net/imxieke/XCloud.git" +XCLOUD_RUN_DIR="/var/www/html/Cloud" +TTYD_REPO="https://git.coding.net/tsl0922/ttyd.git" +#TTYD_REPO="https://github.com/tsl0922/ttyd.git" + + Install_env(){ + apt-get install -y build-essential gcc g++ cpp cmake make pkg-config automake autoconf libwebsockets-dev libjson-c-dev libssl-dev libjson-c2 curl unzip wget zsh vim git apt-utils apt-transport-https ca-certificates + } + + Install_ttyd(){ + git clone $TTYD_REPO /tmp/ttyd + mkdir -p /tmp/ttyd/build + cd /tmp/ttyd/build + cmake .. && make && make install + cd ~ && rm -fr /tmp/ttyd + } + + + Install_XCloud(){ + git clone $XCLOUD_REPO $XCLOUD_RUN_DIR && \ + chmod 777 -R $XCLOUD_RUN_DIR && \ + rm -fr /var/www/html/Cloud/.git + } diff --git a/images/ssr/Dockerfile b/images/ssr/Dockerfile index 040dbfd0..c542a371 100644 --- a/images/ssr/Dockerfile +++ b/images/ssr/Dockerfile @@ -1,14 +1,14 @@ -FROM imxieke/alpine:latest -LABEL MAINTAINER="Sky" \ - MAIL="Sky@gfw.party" - -ENV PORT="8838" \ - PASSWD="ssrondocker" - -RUN set -ex \ - && apk --update add --no-cache libsodium py-pip \ - && pip --no-cache-dir install https://github.com/shadowsocksr/shadowsocksr/archive/manyuser.zip - -EXPOSE ${PORT} - +FROM imxieke/alpine:latest +LABEL MAINTAINER="Sky" \ + MAIL="Sky@gfw.party" + +ENV PORT="8838" \ + PASSWD="ssrondocker" + +RUN set -ex \ + && apk --update add --no-cache libsodium py-pip \ + && pip --no-cache-dir install https://github.com/shadowsocksr/shadowsocksr/archive/manyuser.zip + +EXPOSE ${PORT} + ENTRYPOINT /usr/bin/ssserver -s 0.0.0.0 -p $PORT -k $PASSWD -m aes-256-cfb -o tls1.2_ticket_auth -O auth_sha1_v4 \ No newline at end of file diff --git a/images/ssr/README.md b/images/ssr/README.md index b7e682cd..5d65de50 100644 --- a/images/ssr/README.md +++ b/images/ssr/README.md @@ -1,34 +1,34 @@ -### SSR -``` -Usage: -docker run -d --name ssr -p 8388:8388/tcp -p 8388:8388/udp -e PASSWD=passwd -e PORT=8388 image:latest - -``` - -## Config - -config path:`/etc/shadowsocks.json` - -``` -{ -"server":"0.0.0.0", -"server_ipv6": "[::]", -"local_address":"127.0.0.1", -"local_port":1080, -"port_password":{ - "8989":"password1", - "8990":"password2", - "8991":"password3" -}, -"timeout":300, -"method":"aes-256-cfb", -"protocol": "origin", -"protocol_param": "", -"obfs": "plain", -"obfs_param": "", -"redirect": "", -"dns_ipv6": false, -"fast_open": false, -"workers": 1 -} +### SSR +``` +Usage: +docker run -d --name ssr -p 8388:8388/tcp -p 8388:8388/udp -e PASSWD=passwd -e PORT=8388 image:latest + +``` + +## Config + +config path:`/etc/shadowsocks.json` + +``` +{ +"server":"0.0.0.0", +"server_ipv6": "[::]", +"local_address":"127.0.0.1", +"local_port":1080, +"port_password":{ + "8989":"password1", + "8990":"password2", + "8991":"password3" +}, +"timeout":300, +"method":"aes-256-cfb", +"protocol": "origin", +"protocol_param": "", +"obfs": "plain", +"obfs_param": "", +"redirect": "", +"dns_ipv6": false, +"fast_open": false, +"workers": 1 +} ``` \ No newline at end of file diff --git a/images/tengine/Dockerfile b/images/tengine/Dockerfile new file mode 100644 index 00000000..2bb490c3 --- /dev/null +++ b/images/tengine/Dockerfile @@ -0,0 +1,112 @@ +FROM alpine:3.8 + +ENV TENGINE_VERSION 2.2.2 + +# Fork of https://github.com/kairyou/alpine-tengine + +ENV CONFIG "\ + --prefix=/etc/nginx \ + --sbin-path=/usr/sbin/nginx \ + --conf-path=/etc/nginx/nginx.conf \ + --error-log-path=/var/log/nginx/error.log \ + --http-log-path=/var/log/nginx/access.log \ + --pid-path=/var/run/nginx.pid \ + --lock-path=/var/run/nginx.lock \ + --http-client-body-temp-path=/var/cache/nginx/client_temp \ + --http-proxy-temp-path=/var/cache/nginx/proxy_temp \ + --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \ + --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \ + --http-scgi-temp-path=/var/cache/nginx/scgi_temp \ + --user=nginx \ + --group=nginx \ + --with-http_ssl_module \ + --with-http_realip_module \ + --with-http_addition_module \ + --with-http_sub_module \ + --with-http_dav_module \ + --with-http_flv_module \ + --with-http_mp4_module \ + --with-http_gunzip_module \ + --with-http_gzip_static_module \ + --with-http_random_index_module \ + --with-http_secure_link_module \ + --with-http_stub_status_module \ + --with-http_auth_request_module \ + --with-http_xslt_module=shared \ + --with-http_image_filter_module=shared \ + --with-http_geoip_module=shared \ + --with-threads \ + --with-http_slice_module \ + --with-mail \ + --with-mail_ssl_module \ + --with-file-aio \ + --with-http_v2_module \ + --with-http_concat_module \ + --with-http_sysguard_module \ + --with-http_dyups_module \ + " + +RUN addgroup -S nginx \ + && adduser -D -S -h /var/cache/nginx -s /sbin/nologin -G nginx nginx \ + && apk add --no-cache --virtual .build-deps \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + pcre-dev \ + zlib-dev \ + linux-headers \ + curl \ + gnupg \ + libxslt-dev \ + gd-dev \ + geoip-dev; +RUN curl -L "http://tengine.taobao.org/download/tengine-$TENGINE_VERSION.tar.gz" -o tengine.tar.gz \ + && mkdir -p /usr/src \ + && tar -zxC /usr/src -f tengine.tar.gz \ + && rm tengine.tar.gz \ + && cd /usr/src/tengine-$TENGINE_VERSION/ \ + && ./configure $CONFIG --with-debug \ + && make -j$(getconf _NPROCESSORS_ONLN) \ + && mv objs/nginx objs/nginx-debug \ + && ./configure $CONFIG \ + && make -j$(getconf _NPROCESSORS_ONLN) \ + && make install \ + && rm -rf /etc/nginx/html/ \ + && mkdir /etc/nginx/conf.d/ \ + && mkdir -p /usr/share/nginx/html/ \ + && install -m644 html/index.html /usr/share/nginx/html/ \ + && install -m644 html/50x.html /usr/share/nginx/html/ \ + && install -m755 objs/nginx-debug /usr/sbin/nginx-debug \ + && strip /usr/sbin/nginx* \ + && strip /etc/nginx/modules/*.so \ + && rm -rf /usr/src/tengine-$TENGINE_VERSION \ + \ + # Bring in gettext so we can get `envsubst`, then throw + # the rest away. To do this, we need to install `gettext` + # then move `envsubst` out of the way so `gettext` can + # be deleted completely, then move `envsubst` back. + && apk add --no-cache --virtual .gettext gettext \ + && mv /usr/bin/envsubst /tmp/ \ + \ + && runDeps="$( \ + scanelf --needed --nobanner /usr/sbin/nginx /etc/nginx/modules/*.so /tmp/envsubst \ + | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ + | sort -u \ + | xargs -r apk info --installed \ + | sort -u \ + )" \ + && apk add --no-cache --virtual .nginx-rundeps $runDeps \ + && apk del .build-deps \ + && apk del .gettext \ + && mv /tmp/envsubst /usr/local/bin/ \ + \ + # forward request and error logs to docker log collector + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log + +COPY nginx.conf /etc/nginx/nginx.conf + +EXPOSE 80 443 + +CMD ["nginx", "-g", "daemon off;"] \ No newline at end of file diff --git a/images/ubuntu/12.04/Dockerfile b/images/ubuntu/12.04/Dockerfile new file mode 100644 index 00000000..632bf61a --- /dev/null +++ b/images/ubuntu/12.04/Dockerfile @@ -0,0 +1,13 @@ +# Ubuntu 12.04 +FROM ubuntu:precise + +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +ENV PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" \ + DEBIAN_FRONTEND=noninteractive + +RUN sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list \ + && sed -i 's/deb\ http:\/\/security/#deb\ http:\/\/security/g' /etc/apt/sources.list + +CMD ['/bin/bash'] diff --git a/images/ubuntu/13.10/Dockerfile b/images/ubuntu/13.10/Dockerfile new file mode 100644 index 00000000..52bb6e96 --- /dev/null +++ b/images/ubuntu/13.10/Dockerfile @@ -0,0 +1,13 @@ +# Ubuntu 13.10 +FROM ubuntu:saucy + +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +ENV PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" \ + DEBIAN_FRONTEND=noninteractive + +RUN sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list \ + && sed -i 's/deb\ http:\/\/security/#deb\ http:\/\/security/g' /etc/apt/sources.list + +CMD ['/bin/bash'] diff --git a/images/ubuntu/Dockerfile.trusty b/images/ubuntu/14.04/Dockerfile similarity index 100% rename from images/ubuntu/Dockerfile.trusty rename to images/ubuntu/14.04/Dockerfile diff --git a/images/ubuntu/14.10/Dockerfile b/images/ubuntu/14.10/Dockerfile new file mode 100644 index 00000000..0d885215 --- /dev/null +++ b/images/ubuntu/14.10/Dockerfile @@ -0,0 +1,13 @@ +# Ubuntu 14.10 +FROM ubuntu:utopic + +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +ENV PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" +ENV DEBIAN_FRONTEND noninteractive + +RUN sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list \ + && sed -i 's/deb\ http:\/\/security/#deb\ http:\/\/security/g' /etc/apt/sources.list + +CMD ['/bin/bash'] diff --git a/images/ubuntu/15.04/Dockerfile b/images/ubuntu/15.04/Dockerfile new file mode 100644 index 00000000..c1a81f66 --- /dev/null +++ b/images/ubuntu/15.04/Dockerfile @@ -0,0 +1,13 @@ +# Ubuntu 15.04 +FROM ubuntu:vivid + +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +ENV PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" \ + DEBIAN_FRONTEND=noninteractive + +RUN sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list \ + && sed -i 's/deb\ http:\/\/security/#deb\ http:\/\/security/g' /etc/apt/sources.list + +CMD ['/bin/bash'] diff --git a/images/ubuntu/15.10/Dockerfile b/images/ubuntu/15.10/Dockerfile new file mode 100644 index 00000000..538d64cc --- /dev/null +++ b/images/ubuntu/15.10/Dockerfile @@ -0,0 +1,13 @@ +# Ubuntu 15.10 +FROM ubuntu:wily + +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +ENV PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" \ + DEBIAN_FRONTEND=noninteractive + +RUN sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list \ + && sed -i 's/deb\ http:\/\/security/#deb\ http:\/\/security/g' /etc/apt/sources.list + +CMD ['/bin/bash'] diff --git a/images/ubuntu/Dockerfile.xenial b/images/ubuntu/16.04/Dockerfile similarity index 100% rename from images/ubuntu/Dockerfile.xenial rename to images/ubuntu/16.04/Dockerfile diff --git a/images/ubuntu/16.10/Dockerfile b/images/ubuntu/16.10/Dockerfile new file mode 100644 index 00000000..dd1407ef --- /dev/null +++ b/images/ubuntu/16.10/Dockerfile @@ -0,0 +1,13 @@ +# Ubuntu 16.10 +FROM ubuntu:yakkety + +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +ENV PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" \ + DEBIAN_FRONTEND=noninteractive + +RUN sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list \ + && sed -i 's/deb\ http:\/\/security/#deb\ http:\/\/security/g' /etc/apt/sources.list + +CMD ['/bin/bash'] diff --git a/images/ubuntu/18.04/Dockerfile b/images/ubuntu/18.04/Dockerfile new file mode 100644 index 00000000..4bcd9c6b --- /dev/null +++ b/images/ubuntu/18.04/Dockerfile @@ -0,0 +1,13 @@ +# Ubuntu 18.04 +FROM ubuntu:bionic + +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +ENV PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" \ + DEBIAN_FRONTEND=noninteractive + +RUN sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list \ + && sed -i 's/deb\ http:\/\/security/#deb\ http:\/\/security/g' /etc/apt/sources.list + +CMD ['/bin/bash'] diff --git a/images/ubuntu/18.10/Dockerfile b/images/ubuntu/18.10/Dockerfile new file mode 100644 index 00000000..4adcaca4 --- /dev/null +++ b/images/ubuntu/18.10/Dockerfile @@ -0,0 +1,13 @@ +# Ubuntu 18.10 +FROM ubuntu:cosmic + +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +ENV PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" \ + DEBIAN_FRONTEND=noninteractive + +RUN sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list \ + && sed -i 's/deb\ http:\/\/security/#deb\ http:\/\/security/g' /etc/apt/sources.list + +CMD ['/bin/bash'] \ No newline at end of file diff --git a/images/ubuntu/19.04/Dockerfile b/images/ubuntu/19.04/Dockerfile new file mode 100644 index 00000000..584a5b07 --- /dev/null +++ b/images/ubuntu/19.04/Dockerfile @@ -0,0 +1,13 @@ +# Ubuntu 19.04 +FROM ubuntu:disco + +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +ENV PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" \ + DEBIAN_FRONTEND=noninteractive + +RUN sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list \ + && sed -i 's/deb\ http:\/\/security/#deb\ http:\/\/security/g' /etc/apt/sources.list + +CMD ['/bin/bash'] diff --git a/images/ubuntu/19.10/Dockerfile b/images/ubuntu/19.10/Dockerfile new file mode 100644 index 00000000..27cf2aa7 --- /dev/null +++ b/images/ubuntu/19.10/Dockerfile @@ -0,0 +1,13 @@ +# Ubuntu 19.10 +FROM ubuntu:eoan + +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +ENV PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" \ + DEBIAN_FRONTEND=noninteractive + +RUN sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list \ + && sed -i 's/deb\ http:\/\/security/#deb\ http:\/\/security/g' /etc/apt/sources.list + +CMD ['/bin/bash'] diff --git a/images/ubuntu/20.04/Dockerfile b/images/ubuntu/20.04/Dockerfile new file mode 100644 index 00000000..4c36ee85 --- /dev/null +++ b/images/ubuntu/20.04/Dockerfile @@ -0,0 +1,13 @@ +# Ubuntu 20.04 +FROM ubuntu:focal + +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +ENV PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" \ + DEBIAN_FRONTEND=noninteractive + +RUN sed -i 's/archive.ubuntu.com/mirrors.huaweicloud.com/g' /etc/apt/sources.list \ + && sed -i 's/deb\ http:\/\/security/#deb\ http:\/\/security/g' /etc/apt/sources.list + +CMD ['/bin/bash'] diff --git a/images/ubuntu/20.10/Dockerfile b/images/ubuntu/20.10/Dockerfile new file mode 100644 index 00000000..57c2eea9 --- /dev/null +++ b/images/ubuntu/20.10/Dockerfile @@ -0,0 +1,13 @@ +# Ubuntu 20.10 +FROM ubuntu:groovy + +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +ENV PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" \ + DEBIAN_FRONTEND=noninteractive + +RUN sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list \ + && sed -i 's/deb\ http:\/\/security/#deb\ http:\/\/security/g' /etc/apt/sources.list + +CMD ['/bin/bash'] diff --git a/images/ubuntu/21.04/Dockerfile b/images/ubuntu/21.04/Dockerfile new file mode 100644 index 00000000..5d642eda --- /dev/null +++ b/images/ubuntu/21.04/Dockerfile @@ -0,0 +1,13 @@ +# Ubuntu 21.04 +FROM ubuntu:21.04 + +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +ENV PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" \ + DEBIAN_FRONTEND=noninteractive + +RUN sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list \ + && sed -i 's/deb\ http:\/\/security/#deb\ http:\/\/security/g' /etc/apt/sources.list + +CMD ['/bin/bash'] diff --git a/images/ubuntu/21.10/Dockerfile b/images/ubuntu/21.10/Dockerfile new file mode 100644 index 00000000..7ea8249b --- /dev/null +++ b/images/ubuntu/21.10/Dockerfile @@ -0,0 +1,13 @@ +# Ubuntu 21.10 +FROM ubuntu:21.10 + +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +ENV PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" \ + DEBIAN_FRONTEND=noninteractive + +RUN sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list \ + && sed -i 's/deb\ http:\/\/security/#deb\ http:\/\/security/g' /etc/apt/sources.list + +CMD ['/bin/bash'] diff --git a/images/ubuntu/Dockerfile b/images/ubuntu/Dockerfile deleted file mode 100644 index b90d8924..00000000 --- a/images/ubuntu/Dockerfile +++ /dev/null @@ -1,23 +0,0 @@ -# Ubuntu 18.10 -FROM ubuntu:cosmic - -LABEL MAINTAINER="Cloudflying" \ - MAIL="oss@live.hk" - -ENV PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" \ - DEBIAN_FRONTEND=noninteractive - -RUN sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list \ - && sed -i 's/deb\ http:\/\/security/#deb\ http:\/\/security/g' /etc/apt/sources.list \ - && apt update -y --fix-missing \ - && apt upgrade -y \ - && apt install -y tzdata \ - && rm -fr /etc/localtime \ - && rm -fr /etc/timezone \ - && ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \ - && echo "Asia/Shanghai" > /etc/timezone \ - && apt autoremove -y \ - && apt-get clean all \ - && rm -fr /var/lib/apt/lists/* - -CMD ['/bin/bash'] diff --git a/images/ubuntu/Dockerfile.bionic b/images/ubuntu/Dockerfile.bionic deleted file mode 100644 index c1278430..00000000 --- a/images/ubuntu/Dockerfile.bionic +++ /dev/null @@ -1,22 +0,0 @@ -# Ubuntu 18.04 -FROM ubuntu:bionic - -LABEL MAINTAINER="Cloudflying" \ - MAIL="oss@live.hk" - -ENV PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" -ENV DEBIAN_FRONTEND noninteractive - -RUN sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list \ - && sed -i 's/deb\ http:\/\/security/#deb\ http:\/\/security/g' /etc/apt/sources.list \ - && apt update -y --fix-missing \ - && apt install -y tzdata \ - && rm -fr /etc/localtime \ - && rm -fr /etc/timezone \ - && ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \ - && echo "Asia/Shanghai" > /etc/timezone \ - && apt autoremove -y \ - && apt-get clean all \ - && rm -fr /var/lib/apt/lists/* - -CMD ['/bin/bash'] diff --git a/images/ubuntu/Dockerfile.btpanel b/images/ubuntu/Dockerfile.btpanel deleted file mode 100644 index b90d8924..00000000 --- a/images/ubuntu/Dockerfile.btpanel +++ /dev/null @@ -1,23 +0,0 @@ -# Ubuntu 18.10 -FROM ubuntu:cosmic - -LABEL MAINTAINER="Cloudflying" \ - MAIL="oss@live.hk" - -ENV PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" \ - DEBIAN_FRONTEND=noninteractive - -RUN sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list \ - && sed -i 's/deb\ http:\/\/security/#deb\ http:\/\/security/g' /etc/apt/sources.list \ - && apt update -y --fix-missing \ - && apt upgrade -y \ - && apt install -y tzdata \ - && rm -fr /etc/localtime \ - && rm -fr /etc/timezone \ - && ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \ - && echo "Asia/Shanghai" > /etc/timezone \ - && apt autoremove -y \ - && apt-get clean all \ - && rm -fr /var/lib/apt/lists/* - -CMD ['/bin/bash'] diff --git a/images/ubuntu/Dockerfile.cosmic b/images/ubuntu/Dockerfile.cosmic deleted file mode 100644 index 13796313..00000000 --- a/images/ubuntu/Dockerfile.cosmic +++ /dev/null @@ -1,22 +0,0 @@ -# Ubuntu 18.10 -FROM ubuntu:cosmic - -LABEL MAINTAINER="Cloudflying" \ - MAIL="oss@live.hk" - -ENV DEBIAN_FRONTEND noninteractive \ - PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" - -RUN sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list \ - && sed -i 's/deb\ http:\/\/security/#deb\ http:\/\/security/g' /etc/apt/sources.list \ - && apt update -y --fix-missing \ - && apt install -y tzdata \ - && rm -fr /etc/localtime \ - && rm -fr /etc/timezone \ - && ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \ - && echo "Asia/Shanghai" > /etc/timezone \ - && apt autoremove -y \ - && apt-get clean all \ - && rm -fr /var/lib/apt/lists/* - -CMD ['/bin/bash'] \ No newline at end of file diff --git a/images/ubuntu/Dockerfile.unity b/images/ubuntu/Dockerfile.unity deleted file mode 100644 index 9810f021..00000000 --- a/images/ubuntu/Dockerfile.unity +++ /dev/null @@ -1,31 +0,0 @@ -FROM registry.cn-hongkong.aliyuncs.com/imxieke/ubuntu:xenial-vncenv - -LABEL MAINTAINER="Cloudflying" \ - MAIL="oss@live.hk" - -ENV DEBIAN_FRONTEND noninteractive -ENV USER=ubuntu -ENV HOME=/home/${USER} -ENV PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" \ - PASSWD=ubuntu \ - TERM=xterm \ - NO_VNC_HOME=/opt/noVNC \ - VNC_COL_DEPTH=24 \ - VNC_RESOLUTION=1360x768 \ - VNC_PW=ubuntu \ - VNC_VIEW_ONLY=false \ - DISPLAY=:1 \ - VNC_PORT=5901 \ - NO_VNC_PORT=6901 - -COPY ./unity/startup.sh /bin/startup.sh -COPY ./unity/unity.sh tmp/ - -RUN chmod +x /tmp/unity.sh \ - && /tmp/unity.sh \ - && rm -fr /tmp/* - -WORKDIR ${HOME} -# USER ${USER} -EXPOSE 6080 ${VNC_PORT} ${NO_VNC_PORT} -CMD ["/bin/bash", "/bin/startup.sh"] \ No newline at end of file diff --git a/images/ubuntu/Dockerfile.unity.bak b/images/ubuntu/Dockerfile.unity.bak deleted file mode 100644 index f1ea8d8e..00000000 --- a/images/ubuntu/Dockerfile.unity.bak +++ /dev/null @@ -1,40 +0,0 @@ -FROM reg.qiniu.com/imxieke/ubuntu:xenial-vncenv -ENV DEBIAN_FRONTEND noninteractive -ENV MAINTAINER=Cloudflying \ - MAIL=oss@live.hk \ - USER=ubuntu \ - PASSWD=ubuntu \ - SHELL_DIR=tmp/shell \ - TERM=xterm \ - STARTUPDIR=/startup \ - INST_SCRIPTS=/home/ubuntu/install \ - NO_VNC_HOME=/home/ubuntu/.noVNC \ - DEBIAN_FRONTEND=noninteractive \ - VNC_COL_DEPTH=24 \ - VNC_RESOLUTION=1360x768 \ - VNC_PW=ubuntu \ - VNC_VIEW_ONLY=false \ - DISPLAY=:1 \ - VNC_PORT=5901 \ - NO_VNC_PORT=6901 -ENV HOME=/home/${USER} - -# COPY ./unity/supervisor.conf /etc/supervisor/conf.d/ -COPY ./unity/xsession ${HOME}/.xsession -COPY ./unity/startup.sh /bin/startup.sh -COPY ./unity/unity.sh ${SHELL_DIR}/ - -RUN apt-get update \ - && apt-get install -y --no-install-recommends ubuntu-desktop unity-lens-applications gnome-panel metacity nautilus locales gedit \ - pwgen libtasn1-3-bin libglu1-mesa \ - && apt-get autoclean \ - && apt-get autoremove \ - && rm -rf /var/lib/apt/lists/* - -RUN chmod +x ${SHELL_DIR}/unity.sh \ - && ${SHELL_DIR}/unity.sh - -USER ${USER} -EXPOSE ${VNC_PORT} ${NO_VNC_PORT} -ENTRYPOINT ["/bin/bash", "/bin/startup.sh"] -CMD ["--wait"] \ No newline at end of file diff --git a/images/ubuntu/Dockerfile.vncenv b/images/ubuntu/Dockerfile.vncenv deleted file mode 100644 index 1ad0ec8f..00000000 --- a/images/ubuntu/Dockerfile.vncenv +++ /dev/null @@ -1,20 +0,0 @@ -# Ubuntu 18.04 -# Base image for vnc -FROM registry.cn-hongkong.aliyuncs.com/imxieke/ubuntu:bionic - -LABEL MAINTAINER="Cloudflying" \ - MAIL="oss@live.hk" - -ENV PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" \ - DEBIAN_FRONTEND=noninteractive -RUN apt update -y --fix-missing \ - && apt upgrade -y \ - && apt install -y --no-install-recommends sudo apt-utils zsh vim git wget net-tools locales bzip2 apt-utils openssl ca-certificates \ - && apt install -y --no-install-recommends python-numpy supervisor xfce4 xfce4-terminal xterm libnss-wrapper gettext ttf-wqy-zenhei supervisor \ - curl chromium-browser chromium-browser-l10n chromium-codecs-ffmpeg \ - && apt-get purge -y pm-utils xscreensaver* \ - && apt autoremove -y \ - && apt-get clean all \ - && rm -fr /var/lib/apt/lists/* - -CMD ['/bin/bash'] diff --git a/images/ubuntu/Dockerfile.xenial-vncenv b/images/ubuntu/Dockerfile.xenial-vncenv deleted file mode 100644 index fe37bae0..00000000 --- a/images/ubuntu/Dockerfile.xenial-vncenv +++ /dev/null @@ -1,28 +0,0 @@ -# Ubuntu 16.04 -# Base image for vnc -FROM registry.cn-hongkong.aliyuncs.com/imxieke/ubuntu:xenial - -LABEL MAINTAINER="Cloudflying" \ - MAIL="oss@live.hk" - -ENV PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" -ENV DEBIAN_FRONTEND noninteractive -RUN apt update -y --fix-missing \ - && apt upgrade -y \ - && apt install -y --no-install-recommends sudo apt-utils ubuntu-desktop \ - unity-lens-applications gnome-panel metacity nautilus supervisor net-tools \ - wget locales curl git zsh vim pwgen libtasn1-3-bin libglu1-mesa mate-terminal \ - fonts-liberation language-pack-zh-hans fonts-droid-fallback ttf-wqy-zenhei \ - ttf-wqy-microhei fonts-arphic-ukai fonts-arphic-uming xfonts-wqy libxss1 xdg-utils \ - openssl ca-certificates \ - && wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb -O /tmp/chrome.deb \ - && dpkg -i /tmp/chrome.deb \ - && wget -qO- --no-check-certificate https://dev.tencent.com/u/imxieke/p/attachment/git/raw/master/pkgs/sublime_text_3_build_3176_x64.tar.bz2 -O /tmp/sublime.tar.gz \ - && tar -xvf /tmp/sublime.tar.gz -C /opt \ - && ln -s /opt/sublime_text_3/sublime_text /bin/subl \ - && apt autoremove -y \ - && apt-get clean all \ - && rm -fr /var/lib/apt/lists/* \ - && rm -fr /tmp/* - -CMD ['/bin/bash'] diff --git a/images/ubuntu/Dockerfile.xfce b/images/ubuntu/Dockerfile.xfce deleted file mode 100644 index ca2aada8..00000000 --- a/images/ubuntu/Dockerfile.xfce +++ /dev/null @@ -1,32 +0,0 @@ -FROM registry.cn-hongkong.aliyuncs.com/imxieke/ubuntu:vncenv -LABEL MAINTAINER=Cloudflying \ - MAIL=oss@live.hk - -ENV HOME=/home/ubuntu \ - TERM=xterm \ - STARTUPDIR=/startup \ - INST_SCRIPTS=/home/ubuntu/install \ - NO_VNC_HOME=/home/ubuntu/.noVNC \ - DEBIAN_FRONTEND=noninteractive \ - VNC_COL_DEPTH=24 \ - VNC_RESOLUTION=1360x768 \ - VNC_PW=ubuntu \ - VNC_VIEW_ONLY=false \ - DISPLAY=:1 \ - VNC_PORT=5901 \ - NO_VNC_PORT=6901 \ - USER=ubuntu \ - PASSWD=ubuntu - -ADD ./xfce/ $HOME/ -ADD ./script $STARTUPDIR - -RUN chmod +x ${STARTUPDIR}/*.sh \ - && ${STARTUPDIR}/build.sh - -USER ${USER} -WORKDIR $HOME - -EXPOSE $VNC_PORT $NO_VNC_PORT -ENTRYPOINT ["/startup/startup.sh"] -CMD ["--wait"] diff --git a/images/ubuntu/README.md b/images/ubuntu/README.md index b6544ed3..1ccba425 100644 --- a/images/ubuntu/README.md +++ b/images/ubuntu/README.md @@ -6,6 +6,41 @@ `docker run -d --name="ubuntu" --hostname="ubuntu" -p 5901:5901 -p 6901:6901 registry.cn-hongkong.aliyuncs.com/imxieke/ubuntu:unity` +4.10 Warty Warthog +5.04 Hoary Hedgehog +5.10 Breezy Badger +6.06 LTS Dapper +6.10 Edgy Eft +7.04 Feisty Fawn +7.10 Gutsy Gibbon +8.04 LTS Hardy +8.10 Intrepid Ibex +9.04 Jaunty Jackalope +9.10 Karmic Koala +10.04 LTS Lucid +10.10 Maverick Meerkat +11.04 Natty Narwhal +11.10 Oneiric Ocelot +12.04 Precise Pangolin +12.10 Quantal Quetzal +13.04 Raring Ringtail +13.10 saucy Saucy Salamander +14.04 trusty Trusty Tahr +14.10 utopic Utopic Unicorn +15.04 vivid Vivid Vervet +15.10 wily Wily Werewolf +16.04 xenial Xenial Xerus +16.10 yakkety Yakkety Yak +17.04 Zesty Zapus +17.10 Artful Aardvark +18.04 bionic Bionic Beaver +18.10 cosmic Cosmic Cuttlefish +19.04 disco Disco Dingo +19.10 eoan Eoan Ermine +20.04 focal Focal Fossa +20.10 groovy Groovy Gorilla + + ``` noVNC: ip:6901 VNC: ip:5901 diff --git a/images/ubuntu/latest/Dockerfile b/images/ubuntu/latest/Dockerfile new file mode 100644 index 00000000..035d0e9e --- /dev/null +++ b/images/ubuntu/latest/Dockerfile @@ -0,0 +1,13 @@ +# Ubuntu Latest +FROM ubuntu:latest + +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +ENV PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" \ + DEBIAN_FRONTEND=noninteractive + +RUN sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list \ + && sed -i 's/deb\ http:\/\/security/#deb\ http:\/\/security/g' /etc/apt/sources.list + +CMD ['/bin/bash'] diff --git a/images/ubuntu/script/bt.sh b/images/ubuntu/script/bt.sh deleted file mode 100644 index e4d849bf..00000000 --- a/images/ubuntu/script/bt.sh +++ /dev/null @@ -1,457 +0,0 @@ -#!/bin/bash -PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin -export PATH -LANG=en_US.UTF-8 - - -echo " -+---------------------------------------------------------------------- -| Bt-WebPanel 5.x FOR Ubuntu/Debian -+---------------------------------------------------------------------- -| Copyright © 2015-2018 BT-SOFT(http://www.bt.cn) All rights reserved. -+---------------------------------------------------------------------- -| The WebPanel URL will be http://SERVER_IP:8888 when installed. -+---------------------------------------------------------------------- -" - -if [ `whoami` != "root" ];then - echo -e "\033[31mError: Please run the script with root privileges on Ubuntu, for example: sudo bash install.sh\033[0m"; - exit; -fi - -#自动选择下载节点 -get_node_url(){ - nodes=(http://125.88.182.172:5880 http://103.224.251.67 http://128.1.164.196 http://download.bt.cn); - i=1; - - for node in ${nodes[@]}; - do - start=`date +%s.%N` - result=`curl -sS --connect-timeout 3 -m 60 $node/check.txt` - if [ $result = 'True' ];then - end=`date +%s.%N` - start_s=`echo $start | cut -d '.' -f 1` - start_ns=`echo $start | cut -d '.' -f 2` - end_s=`echo $end | cut -d '.' -f 1` - end_ns=`echo $end | cut -d '.' -f 2` - time_micro=$(( (10#$end_s-10#$start_s)*1000000 + (10#$end_ns/1000 - 10#$start_ns/1000) )) - time_ms=$(($time_micro/1000)) - values[$i]=$time_ms; - urls[$time_ms]=$node - i=$(($i+1)) - fi - done - j=5000 - for n in ${values[@]}; - do - if [ $j -gt $n ];then - j=$n - fi - done - if [ $j = 5000 ];then - NODE_URL='http://download.bt.cn'; - else - NODE_URL=${urls[$j]} - fi - -} - -echo '---------------------------------------------'; -echo "Selected download node..."; -get_node_url -download_Url=$NODE_URL -echo "Download node: $download_Url"; -echo '---------------------------------------------'; -setup_path=/www -if [ -f $setup_path/server/panel/data/port.pl ];then - port=`cat $setup_path/server/panel/data/port.pl` -else - port='8888' -fi - -echo "=>BT Panel will be install to the $setup_path directory now" -startTime=`date +%s` - -#数据盘自动分区 -fdiskP(){ - - for i in `cat /proc/partitions|grep -v name|grep -v ram|awk '{print $4}'|grep -v '^$'|grep -v '[0-9]$'|grep -e 'vd' -e 'sd' -e 'xv'`; - do - #判断/www是否被挂载 - isR=`df -P|grep $setup_path` - if [ "$isR" != "" ];then - echo 'Warning: The /www directory has been mounted.' - return; - fi - #判断是否存在未分区磁盘 - isP=`fdisk -l /dev/$i |grep -v 'bytes'|grep "$i[1-9]*"` - if [ "$isP" = "" ];then - #开始分区 - fdisk -S 56 /dev/$i << EOF -n -p -1 - - -wq -EOF - - sleep 5 - #检查是否分区成功 - checkP=`fdisk -l /dev/$i|grep "/dev/${i}1"` - if [ "$checkP" != "" ];then - #格式化分区 - mkfs.ext4 /dev/${i}1 - mkdir $setup_path - #挂载分区 - sed -i "/\/dev\/${i}1/d" /etc/fstab - echo "/dev/${i}1 $setup_path ext4 defaults 0 0" >> /etc/fstab - mount -a - df -h - fi - else - #判断是否存在Windows磁盘分区 - isN=`fdisk -l /dev/$i|grep -v 'bytes'|grep -v "NTFS"|grep -v "FAT32"` - if [ "$isN" = "" ];then - echo 'Warning: The Windows partition was detected. For your data security, Mount manually.'; - return; - fi - - #挂载已有分区 - checkR=`df -P|grep "/dev/$i"` - if [ "$checkR" = "" ];then - mkdir $setup_path - sed -i "/\/dev\/${i}1/d" /etc/fstab - echo "/dev/${i}1 $setup_path ext4 defaults 0 0" >> /etc/fstab - mount -a - df -h - fi - - #清理不可写分区 - echo 'True' > $setup_path/checkD.pl - if [ ! -f $setup_path/checkD.pl ];then - sed -i "/\/dev\/${i}1/d" /etc/fstab - mount -a - df -h - else - rm -f $setup_path/checkD.pl - fi - fi - done -} -#fdiskP - -ln -sf bash /bin/sh -apt-get install ruby -y -apt-get update -y -apt-get install lsb-release -y -#apt-get install ntp ntpdate -y -#/etc/init.d/ntp stop -#update-rc.d ntp remove -#cat >>~/.profile<&1|awk '{print $2}') -pVersion=${tmp:0:3} - -Install_setuptools() -{ - if [ ! -f "/usr/bin/easy_install" ];then - wget -O setuptools-33.1.1.zip $download_Url/install/src/setuptools-33.1.1.zip -T 10 - unzip setuptools-33.1.1.zip - rm -f setuptools-33.1.1.zip - cd setuptools-33.1.1 - python setup.py install - cd .. - rm -rf setuptools-33.1.1 - fi - - if [ ! -f "/usr/bin/easy_install" ];then - echo '================================================='; - echo -e "\033[31msetuptools installation failed. \033[0m"; - exit; - fi -} -Install_Pillow() -{ - isSetup=`python -m PIL 2>&1|grep package` - if [ "$isSetup" = "" ];then - wget -O Pillow-3.2.0.zip $download_Url/install/src/Pillow-3.2.0.zip -T 10 - unzip Pillow-3.2.0.zip - rm -f Pillow-3.2.0.zip - cd Pillow-3.2.0 - python setup.py install - cd .. - rm -rf Pillow-3.2.0 - fi - isSetup=`python -m PIL 2>&1|grep package` - if [ "$isSetup" = "" ];then - echo '================================================='; - echo -e "\033[31mPillow installation failed. \033[0m"; - exit; - fi -} - -Install_psutil() -{ - isSetup=`python -m psutil 2>&1|grep package` - if [ "$isSetup" = "" ];then - wget -O psutil-5.2.2.tar.gz $download_Url/install/src/psutil-5.2.2.tar.gz -T 10 - tar xvf psutil-5.2.2.tar.gz - rm -f psutil-5.2.2.tar.gz - cd psutil-5.2.2 - python setup.py install - cd .. - rm -rf psutil-5.2.2 - fi - isSetup=`python -m psutil 2>&1|grep package` - if [ "$isSetup" = "" ];then - echo '================================================='; - echo -e "\033[31mpsutil installation failed. \033[0m"; - exit; - fi -} - -Install_mysqldb() -{ - isSetup=`python -m MySQLdb 2>&1|grep package` - if [ "$isSetup" = "" ];then - wget -O MySQL-python-1.2.5.zip $download_Url/install/src/MySQL-python-1.2.5.zip -T 10 - unzip MySQL-python-1.2.5.zip - rm -f MySQL-python-1.2.5.zip - cd MySQL-python-1.2.5 - python setup.py install - cd .. - rm -rf MySQL-python-1.2.5 - fi - -} - -Install_chardet() -{ - isSetup=`python -m chardet 2>&1|grep package` - if [ "$isSetup" = "" ];then - wget -O chardet-2.3.0.tar.gz $download_Url/install/src/chardet-2.3.0.tar.gz -T 10 - tar xvf chardet-2.3.0.tar.gz - rm -f chardet-2.3.0.tar.gz - cd chardet-2.3.0 - python setup.py install - cd .. - rm -rf chardet-2.3.0 - fi - isSetup=`python -m chardet 2>&1|grep package` - if [ "$isSetup" = "" ];then - echo '================================================='; - echo -e "\033[31mchardet installation failed. \033[0m"; - exit; - fi -} - -Install_webpy() -{ - isSetup=`python -m web 2>&1|grep package` - if [ "$isSetup" = "" ];then - wget -O web.py-0.38.tar.gz $download_Url/install/src/web.py-0.38.tar.gz -T 10 - tar xvf web.py-0.38.tar.gz - rm -f web.py-0.38.tar.gz - cd web.py-0.38 - python setup.py install - cd .. - rm -rf web.py-0.38 - fi - - isSetup=`python -m web 2>&1|grep package` - if [ "$isSetup" = "" ];then - echo '================================================='; - echo -e "\033[31mweb.py installation failed. \033[0m"; - exit; - fi -} -pipArg='' - - -pip install setuptools -#pip install --upgrade pip $pipArg -pip install psutil chardet web.py virtualenv Pillow $pipArg - - -Install_Pillow -Install_psutil -if [ -f /www/server/mysql/bin/mysql ]; then - pip install mysql-python - Install_mysqldb -fi -Install_chardet -Install_webpy - -mkdir -p $setup_path/server/panel/logs -mkdir -p $setup_path/server/panel/vhost/apache -mkdir -p $setup_path/server/panel/vhost/nginx -mkdir -p $setup_path/server/panel/vhost/rewrite -wget -O $setup_path/server/panel/certbot-auto $download_Url/install/certbot-auto.init -T 5 -chmod +x $setup_path/server/panel/certbot-auto - - -if [ -f '/etc/init.d/bt' ];then - /etc/init.d/bt stop -fi - -mkdir -p /www/server -mkdir -p /www/wwwroot -mkdir -p /www/wwwlogs -mkdir -p /www/backup/database -mkdir -p /www/backup/site - -wget -O panel.zip $download_Url/install/src/panel.zip -T 10 -wget -O /etc/init.d/bt $download_Url/install/src/bt.init -T 10 -if [ -f "$setup_path/server/panel/data/default.db" ];then - if [ -d "/$setup_path/server/panel/old_data" ];then - rm -rf $setup_path/server/panel/old_data - fi - mkdir -p $setup_path/server/panel/old_data - mv -f $setup_path/server/panel/data/default.db $setup_path/server/panel/old_data/default.db - mv -f $setup_path/server/panel/data/system.db $setup_path/server/panel/old_data/system.db - mv -f $setup_path/server/panel/data/aliossAs.conf $setup_path/server/panel/old_data/aliossAs.conf - mv -f $setup_path/server/panel/data/qiniuAs.conf $setup_path/server/panel/old_data/qiniuAs.conf - mv -f $setup_path/server/panel/data/iplist.txt $setup_path/server/panel/old_data/iplist.txt - mv -f $setup_path/server/panel/data/port.pl $setup_path/server/panel/old_data/port.pl -fi - -unzip -o panel.zip -d $setup_path/server/ > /dev/null - -if [ -d "$setup_path/server/panel/old_data" ];then - mv -f $setup_path/server/panel/old_data/default.db $setup_path/server/panel/data/default.db - mv -f $setup_path/server/panel/old_data/system.db $setup_path/server/panel/data/system.db - mv -f $setup_path/server/panel/old_data/aliossAs.conf $setup_path/server/panel/data/aliossAs.conf - mv -f $setup_path/server/panel/old_data/qiniuAs.conf $setup_path/server/panel/data/qiniuAs.conf - mv -f $setup_path/server/panel/old_data/iplist.txt $setup_path/server/panel/data/iplist.txt - mv -f $setup_path/server/panel/old_data/port.pl $setup_path/server/panel/data/port.pl - - if [ -d "/$setup_path/server/panel/old_data" ];then - rm -rf $setup_path/server/panel/old_data - fi -fi - -rm -f panel.zip - -if [ ! -f $setup_path/server/panel/tools.py ];then - echo -e "\033[31mERROR: Failed to download, please try again!\033[0m"; - echo '============================================' - exit; -fi - -rm -f $setup_path/server/panel/class/*.pyc -rm -f $setup_path/server/panel/*.pyc -python -m compileall $setup_path/server/panel -#rm -f $setup_path/server/panel/class/*.py -#rm -f $setup_path/server/panel/*.py - -chmod 777 /tmp -chmod +x /etc/init.d/bt -update-rc.d bt defaults -chmod -R 600 $setup_path/server/panel -chmod +x $setup_path/server/panel/certbot-auto -chmod -R +x $setup_path/server/panel/script -echo "$port" > $setup_path/server/panel/data/port.pl -/etc/init.d/bt start -password=`cat /dev/urandom | head -n 16 | md5sum | head -c 8` -cd $setup_path/server/panel/ -python tools.py username -username=`python tools.pyc panel $password` -cd ~ -echo "$password" > $setup_path/server/panel/default.pl -chmod 600 $setup_path/server/panel/default.pl - -isStart=`ps aux |grep 'python main.pyc'|grep -v grep|awk '{print $2}'` -if [ "$isStart" == '' ];then - echo -e "\033[31mERROR: The BT-Panel service startup failed.\033[0m"; - echo '============================================' - exit; -fi - -if [ ! -f "/usr/bin/ufw" ];then - apt-get install -y ufw -fi - -if [ -f "/usr/sbin/ufw" ];then - ufw allow 888,20,21,22,80,$port/tcp - ufw allow 39000:40000/tcp - ufw_status=`ufw status` - echo y|ufw enable - ufw default deny - ufw reload -fi - -pip install psutil chardet web.py psutil virtualenv $pipArg -if [ ! -d '/etc/letsencrypt' ];then - - mkdir -p /var/spool/cron - if [ ! -f '/var/spool/cron/crontabs/root' ];then - echo '' > /var/spool/cron/crontabs/root - chmod 600 /var/spool/cron/crontabs/root - fi - isCron=`cat /var/spool/cron/crontabs/root|grep certbot.log` - if [ "${isCron}" == "" ];then - echo "30 2 * * * $setup_path/server/panel/certbot-auto renew >> $setup_path/server/panel/logs/certbot.log" >> /var/spool/cron/crontabs/root - chown 600 /var/spool/cron/crontabs/root - fi - service cron restart - nohup $setup_path/server/panel/certbot-auto -n > /tmp/certbot-auto.log 2>&1 & -fi -if [[ "${deepinSys}" =~ eepin ]]; then - address="localhost" -else - address=`curl -sS --connect-timeout 10 -m 60 https://www.bt.cn/Api/getIpAddress` - - if [ "$address" == '0.0.0.0' ] || [ "$address" == '' ];then - isHosts=`cat /etc/hosts|grep 'www.bt.cn'` - if [ "$isHosts" == '' ];then - echo "" >> /etc/hosts - echo "125.88.182.170 www.bt.cn" >> /etc/hosts - address=`curl -sS --connect-timeout 10 -m 60 https://www.bt.cn/Api/getIpAddress` - if [ "$address" == '' ];then - sed -i "/bt.cn/d" /etc/hosts - fi - fi - fi - - ipCheck=`python -c "import re; print re.match('^(?:[0-9]{1,3}\.){3}[0-9]{1,3}$','$address')"` - if [ "$address" == "None" ];then - address="SERVER_IP" - fi - if [ "$address" != "SERVER_IP" ];then - echo "$address" > $setup_path/server/panel/data/iplist.txt - fi -fi - -curl -sS --connect-timeout 10 -m 60 https://www.bt.cn/Api/SetupCount?type=Linux\&o=$1 > /dev/null 2>&1 -if [ $1 != "" ];then - echo $1 > /www/server/panel/data/o.pl - cd /www/server/panel - python tools.py o -fi - -echo -e "==================================================================" -echo -e "\033[32mCongratulations! Install succeeded!\033[0m" -echo -e "==================================================================" -echo -e "Bt-Panel: http://$address:$port" -echo -e "username: $username" -echo -e "password: $password" -echo -e "\033[33mWarning:\033[0m" -echo -e "\033[33mIf you cannot access the panel, \033[0m" -echo -e "\033[33mrelease the following port (8888|888|80|443|20|21) in the security group\033[0m" -echo -e "==================================================================" - -endTime=`date +%s` -((outTime=($endTime-$startTime)/60)) -echo -e "Time consumed:\033[32m $outTime \033[0mMinute!" -rm -f install.sh diff --git a/images/ubuntu/script/btpanel.sh b/images/ubuntu/script/btpanel.sh deleted file mode 100644 index bad4daa9..00000000 --- a/images/ubuntu/script/btpanel.sh +++ /dev/null @@ -1,404 +0,0 @@ - #!/bin/bash - PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin - export PATH - LANG=en_US.UTF-8 - - echo " - +---------------------------------------------------------------------- - | Bt-WebPanel 5.x FOR Ubuntu/Debian - +---------------------------------------------------------------------- - | Copyright © 2015-2018 BT-SOFT(http://www.bt.cn) All rights reserved. - +---------------------------------------------------------------------- - | The WebPanel URL will be http://SERVER_IP:8888 when installed. - +----------------------------------------------------------------------" - - if [ $(id -u) != "0" ];then - echo -e "\033[31mError: Please run the script with root privileges on Ubuntu, for example: sudo bash $0\033[0m"; - exit; - fi - - if [[ `cat /etc/issue | grep buntu` == '' ]]; then - echo "Only Support Ubuntu" - fi - - #自动选择下载节点 - get_node_url(){ - nodes=(http://125.88.182.172:5880 http://103.224.251.67 http://128.1.164.196 http://download.bt.cn); - for node in ${nodes[@]}; - do - start=`date +%s.%N` - result=`curl -sS --connect-timeout 3 -m 60 $node/check.txt` - if [ $result = 'True' ];then - end=`date +%s.%N` - start_s=`echo $start | cut -d '.' -f 1` - start_ns=`echo $start | cut -d '.' -f 2` - end_s=`echo $end | cut -d '.' -f 1` - end_ns=`echo $end | cut -d '.' -f 2` - time_micro=$(( (10#$end_s-10#$start_s)*1000000 + (10#$end_ns/1000 - 10#$start_ns/1000) )) - time_ms=$(($time_micro/1000)) - values[$i]=$time_ms; - urls[$time_ms]=$node - i=$(($i+1)) - fi - done - j=5000 - for n in ${values[@]}; - do - if [ $j -gt $n ];then - j=$n - fi - done - if [ $j = 5000 ];then - NODE_URL='http://download.bt.cn'; - else - NODE_URL=${urls[$j]} - fi - - } - - function set_pip() - { - mkdir -p ${HOME}/.pip - touch ${HOME}/.pip/pip.conf - echo "[global] - index-url=http://mirrors.aliyun.com/pypi/simple/ - - [install] - trusted-host=mirrors.aliyun.com" >${HOME}/.pip/pip.conf - } - - ln -sf bash /bin/sh - apt-get update -y - apt-get upgrade -y - apt-get install ruby -y - apt-get install lsb-release -y - apt-get install -y --no-install-recommends wget curl zip unzip vim git - apt-get install -y --no-install-recommends python python-pip python-dev python-imaging python-pil openssl libssl-dev gcc libxml2 libxml2-dev libxslt zlib1g zlib1g-dev libjpeg-dev libpng-dev lsof libpcre3 libpcre3-dev cron - set_pip - - # apt-get install -y --no-install-recommends ntp ntpdate - - #/etc/init.d/ntp stop - #update-rc.d ntp remove - #cat >>~/.profile<BT Panel will be install to the $setup_path directory now" - - startTime=`date +%s` - - tmp=$(python -V 2>&1|awk '{print $2}') - pVersion=${tmp:0:3} - - Install_setuptools() - { - if [ ! -f "/usr/bin/easy_install" ];then - wget -O setuptools-33.1.1.zip $download_Url/install/src/setuptools-33.1.1.zip -T 10 - unzip setuptools-33.1.1.zip - rm -f setuptools-33.1.1.zip - cd setuptools-33.1.1 - python setup.py install - cd .. - rm -rf setuptools-33.1.1 - fi - - if [ ! -f "/usr/bin/easy_install" ];then - echo '================================================='; - echo -e "\033[31msetuptools installation failed. \033[0m"; - exit; - fi - } - Install_Pillow() - { - isSetup=`python -m PIL 2>&1|grep package` - if [ "$isSetup" = "" ];then - wget -O Pillow-3.2.0.zip $download_Url/install/src/Pillow-3.2.0.zip -T 10 - unzip Pillow-3.2.0.zip - rm -f Pillow-3.2.0.zip - cd Pillow-3.2.0 - python setup.py install - cd .. - rm -rf Pillow-3.2.0 - fi - isSetup=`python -m PIL 2>&1|grep package` - if [ "$isSetup" = "" ];then - echo '================================================='; - echo -e "\033[31mPillow installation failed. \033[0m"; - exit; - fi - } - - Install_psutil() - { - isSetup=`python -m psutil 2>&1|grep package` - if [ "$isSetup" = "" ];then - wget -O psutil-5.2.2.tar.gz $download_Url/install/src/psutil-5.2.2.tar.gz -T 10 - tar xvf psutil-5.2.2.tar.gz - rm -f psutil-5.2.2.tar.gz - cd psutil-5.2.2 - python setup.py install - cd .. - rm -rf psutil-5.2.2 - fi - isSetup=`python -m psutil 2>&1|grep package` - if [ "$isSetup" = "" ];then - echo '================================================='; - echo -e "\033[31mpsutil installation failed. \033[0m"; - exit; - fi - } - - Install_mysqldb() - { - isSetup=`python -m MySQLdb 2>&1|grep package` - if [ "$isSetup" = "" ];then - wget -O MySQL-python-1.2.5.zip $download_Url/install/src/MySQL-python-1.2.5.zip -T 10 - unzip MySQL-python-1.2.5.zip - rm -f MySQL-python-1.2.5.zip - cd MySQL-python-1.2.5 - python setup.py install - cd .. - rm -rf MySQL-python-1.2.5 - fi - - } - - Install_chardet() - { - isSetup=`python -m chardet 2>&1|grep package` - if [ "$isSetup" = "" ];then - wget -O chardet-2.3.0.tar.gz $download_Url/install/src/chardet-2.3.0.tar.gz -T 10 - tar xvf chardet-2.3.0.tar.gz - rm -f chardet-2.3.0.tar.gz - cd chardet-2.3.0 - python setup.py install - cd .. - rm -rf chardet-2.3.0 - fi - isSetup=`python -m chardet 2>&1|grep package` - if [ "$isSetup" = "" ];then - echo '================================================='; - echo -e "\033[31mchardet installation failed. \033[0m"; - exit; - fi - } - - Install_webpy() - { - isSetup=`python -m web 2>&1|grep package` - if [ "$isSetup" = "" ];then - wget -O web.py-0.38.tar.gz $download_Url/install/src/web.py-0.38.tar.gz -T 10 - tar xvf web.py-0.38.tar.gz - rm -f web.py-0.38.tar.gz - cd web.py-0.38 - python setup.py install - cd .. - rm -rf web.py-0.38 - fi - - isSetup=`python -m web 2>&1|grep package` - if [ "$isSetup" = "" ];then - echo '================================================='; - echo -e "\033[31mweb.py installation failed. \033[0m"; - exit; - fi - } - pipArg='' - - - pip install setuptools - #pip install --upgrade pip $pipArg - pip install psutil chardet web.py virtualenv Pillow $pipArg - - Install_Pillow - Install_psutil - if [ -f /www/server/mysql/bin/mysql ]; then - pip install mysql-python - Install_mysqldb - fi - Install_chardet - Install_webpy - - mkdir -p $setup_path/server/panel/logs - mkdir -p $setup_path/server/panel/vhost/apache - mkdir -p $setup_path/server/panel/vhost/nginx - mkdir -p $setup_path/server/panel/vhost/rewrite - wget -O $setup_path/server/panel/certbot-auto $download_Url/install/certbot-auto.init -T 5 - chmod +x $setup_path/server/panel/certbot-auto - - - if [ -f '/etc/init.d/bt' ];then - /etc/init.d/bt stop - fi - - mkdir -p /www/server - mkdir -p /www/wwwroot - mkdir -p /www/wwwlogs - mkdir -p /www/backup/database - mkdir -p /www/backup/site - - wget -O panel.zip $download_Url/install/src/panel.zip -T 10 - wget -O /etc/init.d/bt $download_Url/install/src/bt.init -T 10 - if [ -f "$setup_path/server/panel/data/default.db" ];then - if [ -d "/$setup_path/server/panel/old_data" ];then - rm -rf $setup_path/server/panel/old_data - fi - mkdir -p $setup_path/server/panel/old_data - mv -f $setup_path/server/panel/data/default.db $setup_path/server/panel/old_data/default.db - mv -f $setup_path/server/panel/data/system.db $setup_path/server/panel/old_data/system.db - mv -f $setup_path/server/panel/data/aliossAs.conf $setup_path/server/panel/old_data/aliossAs.conf - mv -f $setup_path/server/panel/data/qiniuAs.conf $setup_path/server/panel/old_data/qiniuAs.conf - mv -f $setup_path/server/panel/data/iplist.txt $setup_path/server/panel/old_data/iplist.txt - mv -f $setup_path/server/panel/data/port.pl $setup_path/server/panel/old_data/port.pl - fi - - unzip -o panel.zip -d $setup_path/server/ > /dev/null - - if [ -d "$setup_path/server/panel/old_data" ];then - mv -f $setup_path/server/panel/old_data/default.db $setup_path/server/panel/data/default.db - mv -f $setup_path/server/panel/old_data/system.db $setup_path/server/panel/data/system.db - mv -f $setup_path/server/panel/old_data/aliossAs.conf $setup_path/server/panel/data/aliossAs.conf - mv -f $setup_path/server/panel/old_data/qiniuAs.conf $setup_path/server/panel/data/qiniuAs.conf - mv -f $setup_path/server/panel/old_data/iplist.txt $setup_path/server/panel/data/iplist.txt - mv -f $setup_path/server/panel/old_data/port.pl $setup_path/server/panel/data/port.pl - - if [ -d "/$setup_path/server/panel/old_data" ];then - rm -rf $setup_path/server/panel/old_data - fi - fi - - rm -f panel.zip - - if [ ! -f $setup_path/server/panel/tools.py ];then - echo -e "\033[31mERROR: Failed to download, please try again!\033[0m"; - echo '============================================' - exit; - fi - - rm -f $setup_path/server/panel/class/*.pyc - rm -f $setup_path/server/panel/*.pyc - python -m compileall $setup_path/server/panel - #rm -f $setup_path/server/panel/class/*.py - #rm -f $setup_path/server/panel/*.py - - chmod 777 /tmp - chmod +x /etc/init.d/bt - update-rc.d bt defaults - chmod -R 600 $setup_path/server/panel - chmod +x $setup_path/server/panel/certbot-auto - chmod -R +x $setup_path/server/panel/script - echo "$port" > $setup_path/server/panel/data/port.pl - /etc/init.d/bt start - # username=`python tools.pyc panel $password` - username='ubuntu' - # password=`cat /dev/urandom | head -n 16 | md5sum | head -c 8` - password='ubuntu' - cd $setup_path/server/panel/ - python tools.py username - cd ~ - echo "$password" > $setup_path/server/panel/default.pl - chmod 600 $setup_path/server/panel/default.pl - - isStart=`ps aux |grep 'python main.pyc'|grep -v grep|awk '{print $2}'` - if [ "$isStart" == '' ];then - echo -e "\033[31mERROR: The BT-Panel service startup failed.\033[0m"; - echo '============================================' - exit; - fi - - if [ ! -f "/usr/bin/ufw" ];then - apt-get install -y ufw - fi - - if [ -f "/usr/sbin/ufw" ];then - ufw allow 888,20,21,22,80,$port/tcp - ufw allow 39000:40000/tcp - ufw_status=`ufw status` - echo y|ufw enable - ufw default deny - ufw reload - fi - - pip install psutil chardet web.py psutil virtualenv $pipArg - if [ ! -d '/etc/letsencrypt' ];then - - mkdir -p /var/spool/cron - if [ ! -f '/var/spool/cron/crontabs/root' ];then - echo '' > /var/spool/cron/crontabs/root - chmod 600 /var/spool/cron/crontabs/root - fi - isCron=`cat /var/spool/cron/crontabs/root|grep certbot.log` - if [ "${isCron}" == "" ];then - echo "30 2 * * * $setup_path/server/panel/certbot-auto renew >> $setup_path/server/panel/logs/certbot.log" >> /var/spool/cron/crontabs/root - chown 600 /var/spool/cron/crontabs/root - fi - service cron restart - nohup $setup_path/server/panel/certbot-auto -n > /tmp/certbot-auto.log 2>&1 & - fi - if [[ "${deepinSys}" =~ eepin ]]; then - address="localhost" - else - address=`curl -sS --connect-timeout 10 -m 60 https://www.bt.cn/Api/getIpAddress` - - if [ "$address" == '0.0.0.0' ] || [ "$address" == '' ];then - isHosts=`cat /etc/hosts|grep 'www.bt.cn'` - if [ "$isHosts" == '' ];then - echo "" >> /etc/hosts - echo "125.88.182.170 www.bt.cn" >> /etc/hosts - address=`curl -sS --connect-timeout 10 -m 60 https://www.bt.cn/Api/getIpAddress` - if [ "$address" == '' ];then - sed -i "/bt.cn/d" /etc/hosts - fi - fi - fi - - ipCheck=`python -c "import re; print re.match('^(?:[0-9]{1,3}\.){3}[0-9]{1,3}$','$address')"` - if [ "$address" == "None" ];then - address="SERVER_IP" - fi - if [ "$address" != "SERVER_IP" ];then - echo "$address" > $setup_path/server/panel/data/iplist.txt - fi - fi - - curl -sS --connect-timeout 10 -m 60 https://www.bt.cn/Api/SetupCount?type=Linux\&o=$1 > /dev/null 2>&1 - if [ $1 != "" ];then - echo $1 > /www/server/panel/data/o.pl - cd /www/server/panel - python tools.py o - fi - - echo -e "==================================================================" - echo -e "\033[32mCongratulations! Install succeeded!\033[0m" - echo -e "==================================================================" - echo -e "Bt-Panel: http://$address:$port" - echo -e "username: $username" - echo -e "password: $password" - echo -e "\033[33mWarning:\033[0m" - echo -e "\033[33mIf you cannot access the panel, \033[0m" - echo -e "\033[33mrelease the following port (8888|888|80|443|20|21) in the security group\033[0m" - echo -e "==================================================================" - - endTime=`date +%s` - ((outTime=($endTime-$startTime)/60)) - echo -e "Time consumed:\033[32m $outTime \033[0mMinute!" - # rm -f install.sh diff --git a/images/varnish/Dockerfile b/images/varnish/Dockerfile new file mode 100644 index 00000000..3139da78 --- /dev/null +++ b/images/varnish/Dockerfile @@ -0,0 +1,21 @@ +FROM varnish:6.3 + +# Set Environment Variables +ENV DEBIAN_FRONTEND noninteractive + +# Setting Configurations +ENV VARNISH_CONFIG /etc/varnish/default.vcl +ENV CACHE_SIZE 128m +ENV VARNISHD_PARAMS -p default_ttl=3600 -p default_grace=3600 +ENV VARNISH_PORT 6081 +ENV BACKEND_HOST localhost +ENV BACKEND_PORT 80 + +COPY default.vcl /etc/varnish/default.vcl +COPY start.sh /etc/varnish/start.sh + +RUN chmod +x /etc/varnish/start.sh + +CMD ["/etc/varnish/start.sh"] + +EXPOSE 8080 diff --git a/images/varnish/default.vcl b/images/varnish/default.vcl new file mode 100644 index 00000000..9da3360c --- /dev/null +++ b/images/varnish/default.vcl @@ -0,0 +1,420 @@ +vcl 4.0; +# Based on: https://github.com/mattiasgeniar/varnish-4.0-configuration-templates/blob/master/default.vcl + +import std; +import directors; + +backend server1 { # Define one backend + .host = "${BACKEND_HOST}"; # IP or Hostname of backend + .port = "${BACKEND_PORT}"; # Port Apache or whatever is listening + .max_connections = 300; # That's it + + .probe = { + #.url = "/"; # short easy way (GET /) + # We prefer to only do a HEAD / + .request = + "HEAD / HTTP/1.1" + "Host: ${BACKEND_HOST}" + "Connection: close" + "User-Agent: Varnish Health Probe"; + + .interval = 5s; # check the health of each backend every 5 seconds + .timeout = 1s; # timing out after 1 second. + .window = 5; # If 3 out of the last 5 polls succeeded the backend is considered healthy, otherwise it will be marked as sick + .threshold = 3; + } + + .first_byte_timeout = 300s; # How long to wait before we receive a first byte from our backend? + .connect_timeout = 5s; # How long to wait for a backend connection? + .between_bytes_timeout = 2s; # How long to wait between bytes received from our backend? +} + +acl purge { + # ACL we'll use later to allow purges + "localhost"; + "127.0.0.1"; + "::1"; +} + +#acl editors { +# # ACL to honor the "Cache-Control: no-cache" header to force a refresh but only from selected IPs +# "localhost"; +# "127.0.0.1"; +# "::1"; +#} + +sub vcl_init { + # Called when VCL is loaded, before any requests pass through it. + # Typically used to initialize VMODs. + + new vdir = directors.round_robin(); + vdir.add_backend(server1); + # vdir.add_backend(servern); +} + +# This function is used when a request is send by a HTTP client (Browser) +sub vcl_recv { + # Called at the beginning of a request, after the complete request has been received and parsed. + # Its purpose is to decide whether or not to serve the request, how to do it, and, if applicable, + # which backend to use. + # also used to modify the request + + set req.backend_hint = vdir.backend(); # send all traffic to the vdir director + + # Normalize the header, remove the port (in case you're testing this on various TCP ports) + set req.http.Host = regsub(req.http.Host, ":[0-9]+", ""); + + # Remove the proxy header (see https://httpoxy.org/#mitigate-varnish) + unset req.http.proxy; + + # Normalize the query arguments + set req.url = std.querysort(req.url); + + # Allow purging + if (req.method == "PURGE") { + if (!client.ip ~ purge) { # purge is the ACL defined at the begining + # Not from an allowed IP? Then die with an error. + return (synth(405, "This IP is not allowed to send PURGE requests.")); + } + + ban("req.http.host == " + req.http.host); + # Throw a synthetic page so the request won't go to the backend. + return(synth(200, "Ban added")); + # If allowed, do a cache_lookup -> vlc_hit() or vlc_miss() + #return (purge); + } + + # Only deal with "normal" types + if (req.method != "GET" && + req.method != "HEAD" && + req.method != "PUT" && + req.method != "POST" && + req.method != "TRACE" && + req.method != "OPTIONS" && + req.method != "PATCH" && + req.method != "DELETE") { + # Non-RFC2616 or CONNECT which is weird. + return (pipe); + } + + # Implementing websocket support (https://www.varnish-cache.org/docs/4.0/users-guide/vcl-example-websockets.html) + if (req.http.Upgrade ~ "(?i)websocket") { + return (pipe); + } + + # Only cache GET or HEAD requests. This makes sure the POST requests are always passed. + if (req.method != "GET" && req.method != "HEAD") { + return (pass); + } + + # Some generic URL manipulation, useful for all templates that follow + # First remove the Google Analytics added parameters, useless for our backend + if (req.url ~ "(\?|&)(utm_source|utm_medium|utm_campaign|utm_content|gclid|cx|ie|cof|siteurl)=") { + set req.url = regsuball(req.url, "&(utm_source|utm_medium|utm_campaign|utm_content|gclid|cx|ie|cof|siteurl)=([A-z0-9_\-\.%25]+)", ""); + set req.url = regsuball(req.url, "\?(utm_source|utm_medium|utm_campaign|utm_content|gclid|cx|ie|cof|siteurl)=([A-z0-9_\-\.%25]+)", "?"); + set req.url = regsub(req.url, "\?&", "?"); + set req.url = regsub(req.url, "\?$", ""); + } + + # Strip hash, server doesn't need it. + if (req.url ~ "\#") { + set req.url = regsub(req.url, "\#.*$", ""); + } + + # Strip a trailing ? if it exists + if (req.url ~ "\?$") { + set req.url = regsub(req.url, "\?$", ""); + } + + # Some generic cookie manipulation, useful for all templates that follow + # Remove the "has_js" cookie + set req.http.Cookie = regsuball(req.http.Cookie, "has_js=[^;]+(; )?", ""); + + # Remove any Google Analytics based cookies + set req.http.Cookie = regsuball(req.http.Cookie, "__utm.=[^;]+(; )?", ""); + set req.http.Cookie = regsuball(req.http.Cookie, "_ga=[^;]+(; )?", ""); + set req.http.Cookie = regsuball(req.http.Cookie, "_gat=[^;]+(; )?", ""); + set req.http.Cookie = regsuball(req.http.Cookie, "utmctr=[^;]+(; )?", ""); + set req.http.Cookie = regsuball(req.http.Cookie, "utmcmd.=[^;]+(; )?", ""); + set req.http.Cookie = regsuball(req.http.Cookie, "utmccn.=[^;]+(; )?", ""); + + # Remove DoubleClick offensive cookies + set req.http.Cookie = regsuball(req.http.Cookie, "__gads=[^;]+(; )?", ""); + + # Remove the Quant Capital cookies (added by some plugin, all __qca) + set req.http.Cookie = regsuball(req.http.Cookie, "__qc.=[^;]+(; )?", ""); + + # Remove the AddThis cookies + set req.http.Cookie = regsuball(req.http.Cookie, "__atuv.=[^;]+(; )?", ""); + + # Remove a ";" prefix in the cookie if present + set req.http.Cookie = regsuball(req.http.Cookie, "^;\s*", ""); + + # Are there cookies left with only spaces or that are empty? + if (req.http.cookie ~ "^\s*$") { + unset req.http.cookie; + } + + if (req.http.Cache-Control ~ "(?i)no-cache") { + #if (req.http.Cache-Control ~ "(?i)no-cache" && client.ip ~ editors) { # create the acl editors if you want to restrict the Ctrl-F5 + # http://varnish.projects.linpro.no/wiki/VCLExampleEnableForceRefresh + # Ignore requests via proxy caches and badly behaved crawlers + # like msnbot that send no-cache with every request. + if (! (req.http.Via || req.http.User-Agent ~ "(?i)bot" || req.http.X-Purge)) { + #set req.hash_always_miss = true; # Doesn't seems to refresh the object in the cache + return(purge); # Couple this with restart in vcl_purge and X-Purge header to avoid loops + } + } + + # Large static files are delivered directly to the end-user without + # waiting for Varnish to fully read the file first. + # Varnish 4 fully supports Streaming, so set do_stream in vcl_backend_response() + if (req.url ~ "^[^?]*\.(7z|avi|bz2|flac|flv|gz|mka|mkv|mov|mp3|mp4|mpeg|mpg|ogg|ogm|opus|rar|tar|tgz|tbz|txz|wav|webm|xz|zip)(\?.*)?$") { + unset req.http.Cookie; + return (hash); + } + + # Remove all cookies for static files + # A valid discussion could be held on this line: do you really need to cache static files that don't cause load? Only if you have memory left. + # Sure, there's disk I/O, but chances are your OS will already have these files in their buffers (thus memory). + # Before you blindly enable this, have a read here: https://ma.ttias.be/stop-caching-static-files/ + if (req.url ~ "^[^?]*\.(7z|avi|bmp|bz2|css|csv|doc|docx|eot|flac|flv|gif|gz|ico|jpeg|jpg|js|less|mka|mkv|mov|mp3|mp4|mpeg|mpg|odt|otf|ogg|ogm|opus|pdf|png|ppt|pptx|rar|rtf|svg|svgz|swf|tar|tbz|tgz|ttf|txt|txz|wav|webm|webp|woff|woff2|xls|xlsx|xml|xz|zip)(\?.*)?$") { + unset req.http.Cookie; + return (hash); + } + + # Send Surrogate-Capability headers to announce ESI support to backend + set req.http.Surrogate-Capability = "key=ESI/1.0"; + + if (req.http.Authorization) { + # Not cacheable by default + return (pass); + } + + return (hash); +} + +sub vcl_pipe { + # Called upon entering pipe mode. + # In this mode, the request is passed on to the backend, and any further data from both the client + # and backend is passed on unaltered until either end closes the connection. Basically, Varnish will + # degrade into a simple TCP proxy, shuffling bytes back and forth. For a connection in pipe mode, + # no other VCL subroutine will ever get called after vcl_pipe. + + # Note that only the first request to the backend will have + # X-Forwarded-For set. If you use X-Forwarded-For and want to + # have it set for all requests, make sure to have: + # set bereq.http.connection = "close"; + # here. It is not set by default as it might break some broken web + # applications, like IIS with NTLM authentication. + + # set bereq.http.Connection = "Close"; + + # Implementing websocket support (https://www.varnish-cache.org/docs/4.0/users-guide/vcl-example-websockets.html) + if (req.http.upgrade) { + set bereq.http.upgrade = req.http.upgrade; + } + + return (pipe); +} + +sub vcl_pass { + # Called upon entering pass mode. In this mode, the request is passed on to the backend, and the + # backend's response is passed on to the client, but is not entered into the cache. Subsequent + # requests submitted over the same client connection are handled normally. + + # return (pass); +} + +# The data on which the hashing will take place +sub vcl_hash { + # Called after vcl_recv to create a hash value for the request. This is used as a key + # to look up the object in Varnish. + + hash_data(req.url); + + if (req.http.host) { + hash_data(req.http.host); + } else { + hash_data(server.ip); + } + + # hash cookies for requests that have them + if (req.http.Cookie) { + hash_data(req.http.Cookie); + } +} + +sub vcl_hit { + # Called when a cache lookup is successful. + + if (obj.ttl >= 0s) { + # A pure unadultered hit, deliver it + return (deliver); + } + + # https://www.varnish-cache.org/docs/trunk/users-guide/vcl-grace.html + # When several clients are requesting the same page Varnish will send one request to the backend and place the others on hold while fetching one copy from the backend. In some products this is called request coalescing and Varnish does this automatically. + # If you are serving thousands of hits per second the queue of waiting requests can get huge. There are two potential problems - one is a thundering herd problem - suddenly releasing a thousand threads to serve content might send the load sky high. Secondly - nobody likes to wait. To deal with this we can instruct Varnish to keep the objects in cache beyond their TTL and to serve the waiting requests somewhat stale content. + + # if (!std.healthy(req.backend_hint) && (obj.ttl + obj.grace > 0s)) { + # return (deliver); + # } else { + # return (fetch); + # } + + # We have no fresh fish. Lets look at the stale ones. + if (std.healthy(req.backend_hint)) { + # Backend is healthy. Limit age to 10s. + if (obj.ttl + 10s > 0s) { + #set req.http.grace = "normal(limited)"; + return (deliver); + } else { + # No candidate for grace. Fetch a fresh object. + return(miss); + } + } else { + # backend is sick - use full grace + if (obj.ttl + obj.grace > 0s) { + #set req.http.grace = "full"; + return (deliver); + } else { + # no graced object. + return (miss); + } + } + + # fetch & deliver once we get the result + return (miss); # Dead code, keep as a safeguard +} + +sub vcl_miss { + # Called after a cache lookup if the requested document was not found in the cache. Its purpose + # is to decide whether or not to attempt to retrieve the document from the backend, and which + # backend to use. + + return (fetch); +} + +# Handle the HTTP request coming from our backend +sub vcl_backend_response { + # Called after the response headers has been successfully retrieved from the backend. + + # Pause ESI request and remove Surrogate-Control header + if (beresp.http.Surrogate-Control ~ "ESI/1.0") { + unset beresp.http.Surrogate-Control; + set beresp.do_esi = true; + } + + # Enable cache for all static files + # The same argument as the static caches from above: monitor your cache size, if you get data nuked out of it, consider giving up the static file cache. + # Before you blindly enable this, have a read here: https://ma.ttias.be/stop-caching-static-files/ + if (bereq.url ~ "^[^?]*\.(7z|avi|bmp|bz2|css|csv|doc|docx|eot|flac|flv|gif|gz|ico|jpeg|jpg|js|less|mka|mkv|mov|mp3|mp4|mpeg|mpg|odt|otf|ogg|ogm|opus|pdf|png|ppt|pptx|rar|rtf|svg|svgz|swf|tar|tbz|tgz|ttf|txt|txz|wav|webm|webp|woff|woff2|xls|xlsx|xml|xz|zip)(\?.*)?$") { + unset beresp.http.set-cookie; + } + + # Large static files are delivered directly to the end-user without + # waiting for Varnish to fully read the file first. + # Varnish 4 fully supports Streaming, so use streaming here to avoid locking. + if (bereq.url ~ "^[^?]*\.(7z|avi|bz2|flac|flv|gz|mka|mkv|mov|mp3|mp4|mpeg|mpg|ogg|ogm|opus|rar|tar|tgz|tbz|txz|wav|webm|xz|zip)(\?.*)?$") { + unset beresp.http.set-cookie; + set beresp.do_stream = true; # Check memory usage it'll grow in fetch_chunksize blocks (128k by default) if the backend doesn't send a Content-Length header, so only enable it for big objects + } + + # Sometimes, a 301 or 302 redirect formed via Apache's mod_rewrite can mess with the HTTP port that is being passed along. + # This often happens with simple rewrite rules in a scenario where Varnish runs on :80 and Apache on :8080 on the same box. + # A redirect can then often redirect the end-user to a URL on :8080, where it should be :80. + # This may need finetuning on your setup. + # + # To prevent accidental replace, we only filter the 301/302 redirects for now. + if (beresp.status == 301 || beresp.status == 302) { + set beresp.http.Location = regsub(beresp.http.Location, ":[0-9]+", ""); + } + + # Set 2min cache if unset for static files + if (beresp.ttl <= 0s || beresp.http.Set-Cookie || beresp.http.Vary == "*") { + set beresp.ttl = 120s; # Important, you shouldn't rely on this, SET YOUR HEADERS in the backend + set beresp.uncacheable = true; + return (deliver); + } + + # Don't cache 50x responses + if (beresp.status == 500 || beresp.status == 502 || beresp.status == 503 || beresp.status == 504) { + return (abandon); + } + + # Allow stale content, in case the backend goes down. + # make Varnish keep all objects for 6 hours beyond their TTL + set beresp.grace = 6h; + + return (deliver); +} + +# The routine when we deliver the HTTP request to the user +# Last chance to modify headers that are sent to the client +sub vcl_deliver { + # Called before a cached object is delivered to the client. + + if (obj.hits > 0) { # Add debug header to see if it's a HIT/MISS and the number of hits, disable when not needed + set resp.http.X-Cache = "HIT"; + } else { + set resp.http.X-Cache = "MISS"; + } + + # Please note that obj.hits behaviour changed in 4.0, now it counts per objecthead, not per object + # and obj.hits may not be reset in some cases where bans are in use. See bug 1492 for details. + # So take hits with a grain of salt + set resp.http.X-Cache-Hits = obj.hits; + + # Remove some headers: PHP version + unset resp.http.X-Powered-By; + + # Remove some headers: Apache version & OS + unset resp.http.Server; + unset resp.http.X-Drupal-Cache; + unset resp.http.X-Varnish; + unset resp.http.Via; + unset resp.http.Link; + unset resp.http.X-Generator; + unset resp.http.X-Debug-Token; + unset resp.http.X-Debug-Token-Link; + set resp.http.Server = "${VARNISH_SERVER}"; + set resp.http.X-Powered-By = "MSI"; + + return (deliver); +} + +sub vcl_purge { + # Only handle actual PURGE HTTP methods, everything else is discarded + if (req.method != "PURGE") { + # restart request + set req.http.X-Purge = "Yes"; + return(restart); + } +} + +sub vcl_synth { + if (resp.status == 720) { + # We use this special error status 720 to force redirects with 301 (permanent) redirects + # To use this, call the following from anywhere in vcl_recv: return (synth(720, "http://host/new.html")); + set resp.http.Location = resp.reason; + set resp.status = 301; + return (deliver); + } elseif (resp.status == 721) { + # And we use error status 721 to force redirects with a 302 (temporary) redirect + # To use this, call the following from anywhere in vcl_recv: return (synth(720, "http://host/new.html")); + set resp.http.Location = resp.reason; + set resp.status = 302; + return (deliver); + } + + return (deliver); +} + + +sub vcl_fini { + # Called when VCL is discarded only after all requests have exited the VCL. + # Typically used to clean up VMODs. + + return (ok); +} diff --git a/images/varnish/default_wordpress.vcl b/images/varnish/default_wordpress.vcl new file mode 100644 index 00000000..a304f97d --- /dev/null +++ b/images/varnish/default_wordpress.vcl @@ -0,0 +1,243 @@ +vcl 4.1; +# Based on: https://github.com/mattiasgeniar/varnish-6.0-configuration-templates/blob/master/default.vcl + +import std; +import directors; + +backend everpracticalsolutionsServer { # Define one backend + .host = "${BACKEND_HOST}"; # IP or Hostname of backend + .port = "${BACKEND_PORT}"; # Port Apache or whatever is listening + .max_connections = 300; # That's it + + .probe = { + #.url = "/"; # short easy way (GET /) + # We prefer to only do a HEAD / + .request = + "HEAD /health_check.php HTTP/1.1" + "Host: ${BACKEND_HOST}" + "Connection: close" + "User-Agent: Varnish Health Probe"; + + .interval = 5s; # check the health of each backend every 5 seconds + .timeout = 1s; # timing out after 1 second. + .window = 5; # If 3 out of the last 5 polls succeeded the backend is considered healthy, otherwise it will be marked as sick + .threshold = 3; + } + + .first_byte_timeout = 300s; # How long to wait before we receive a first byte from our backend? + .connect_timeout = 5s; # How long to wait for a backend connection? + .between_bytes_timeout = 2s; # How long to wait between bytes received from our backend? +} + +# Only allow purging from specific IPs +acl purge { + "localhost"; + "127.0.0.1"; + "192.168.16.5"; + "192.168.16.6"; + "185.228.234.203"; +} + +# This function is used when a request is send by a HTTP client (Browser) +sub vcl_recv { + # Normalize the header, remove the port (in case you're testing this on various TCP ports) + set req.http.Host = regsub(req.http.Host, ":[0-9]+", ""); + + # Allow purging from ACL + if (req.method == "PURGE") { + # If not allowed then a error 405 is returned + if (!client.ip ~ purge) { + return(synth(405, "This IP is not allowed to send PURGE requests.")); + } + + ban("req.http.host == " + req.http.host); + # Throw a synthetic page so the request won't go to the backend. + return(synth(200, "Ban added")); + # If allowed, do a cache_lookup -> vlc_hit() or vlc_miss() + #return (purge); + } + + # Post requests will not be cached + if (req.http.Authorization || req.method == "POST") { + return (pass); + } + + # --- WordPress specific configuration + + # Did not cache the RSS feed + if (req.url ~ "/feed") { + return (pass); + } + + # Blitz hack + if (req.url ~ "/mu-.*") { + return (pass); + } + + # Did not cache the admin and login pages + if (req.url ~ "/wp-(login|admin)") { + return (pass); + } + + # Remove the "has_js" cookie + set req.http.Cookie = regsuball(req.http.Cookie, "has_js=[^;]+(; )?", ""); + + # Remove any Google Analytics based cookies + set req.http.Cookie = regsuball(req.http.Cookie, "__utm.=[^;]+(; )?", ""); + + # Remove the Quant Capital cookies (added by some plugin, all __qca) + set req.http.Cookie = regsuball(req.http.Cookie, "__qc.=[^;]+(; )?", ""); + + # Remove the wp-settings-1 cookie + set req.http.Cookie = regsuball(req.http.Cookie, "wp-settings-1=[^;]+(; )?", ""); + + # Remove the wp-settings-time-1 cookie + set req.http.Cookie = regsuball(req.http.Cookie, "wp-settings-time-1=[^;]+(; )?", ""); + + # Remove the wp test cookie + set req.http.Cookie = regsuball(req.http.Cookie, "wordpress_test_cookie=[^;]+(; )?", ""); + + # Are there cookies left with only spaces or that are empty? + if (req.http.cookie ~ "^ *$") { + unset req.http.cookie; + } + + # Cache the following files extensions + if (req.url ~ "\.(css|js|png|gif|jp(e)?g|swf|ico)") { + unset req.http.cookie; + } + + # Normalize Accept-Encoding header and compression + # https://www.varnish-cache.org/docs/3.0/tutorial/vary.html + if (req.http.Accept-Encoding) { + # Do no compress compressed files... + if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$") { + unset req.http.Accept-Encoding; + } elsif (req.http.Accept-Encoding ~ "gzip") { + set req.http.Accept-Encoding = "gzip"; + } elsif (req.http.Accept-Encoding ~ "deflate") { + set req.http.Accept-Encoding = "deflate"; + } else { + unset req.http.Accept-Encoding; + } + } + + # Check the cookies for wordpress-specific items + if (req.http.Cookie ~ "wordpress_" || req.http.Cookie ~ "comment_") { + return (pass); + } + if (!req.http.cookie) { + unset req.http.cookie; + } + + # --- End of WordPress specific configuration + + # Do not cache HTTP authentication and HTTP Cookie + if (req.http.Authorization || req.http.Cookie) { + # Not cacheable by default + return (pass); + } + + # Cache all others requests + return (hash); +} + +sub vcl_pipe { + return (pipe); +} + +sub vcl_pass { + return (fetch); +} + +# The data on which the hashing will take place +sub vcl_hash { + hash_data(req.url); + if (req.http.host) { + hash_data(req.http.host); + } else { + hash_data(server.ip); + } + + # If the client supports compression, keep that in a different cache + if (req.http.Accept-Encoding) { + hash_data(req.http.Accept-Encoding); + } + + return (lookup); +} + +# This function is used when a request is sent by our backend (Nginx server) +sub vcl_backend_response { + # Remove some headers we never want to see + unset beresp.http.Server; + unset beresp.http.X-Powered-By; + + # For static content strip all backend cookies + if (bereq.url ~ "\.(css|js|png|gif|jp(e?)g)|swf|ico") { + unset beresp.http.cookie; + } + + # Only allow cookies to be set if we're in admin area + if (beresp.http.Set-Cookie && bereq.url !~ "^/wp-(login|admin)") { + unset beresp.http.Set-Cookie; + } + + # don't cache response to posted requests or those with basic auth + if ( bereq.method == "POST" || bereq.http.Authorization ) { + set beresp.uncacheable = true; + set beresp.ttl = 120s; + return (deliver); + } + + # don't cache search results + if ( bereq.url ~ "\?s=" ){ + set beresp.uncacheable = true; + set beresp.ttl = 120s; + return (deliver); + } + + # only cache status ok + if ( beresp.status != 200 ) { + set beresp.uncacheable = true; + set beresp.ttl = 120s; + return (deliver); + } + + # A TTL of 24h + set beresp.ttl = 24h; + # Define the default grace period to serve cached content + set beresp.grace = 30s; + + return (deliver); +} + +# The routine when we deliver the HTTP request to the user +# Last chance to modify headers that are sent to the client +sub vcl_deliver { + if (obj.hits > 0) { + set resp.http.X-Cache = "cached"; + } else { + set resp.http.x-Cache = "uncached"; + } + + # Remove some headers: PHP version + unset resp.http.X-Powered-By; + + # Remove some headers: Apache version & OS + unset resp.http.Server; + + # Remove some heanders: Varnish + unset resp.http.Via; + unset resp.http.X-Varnish; + + return (deliver); +} + +sub vcl_init { + return (ok); +} + +sub vcl_fini { + return (ok); +} \ No newline at end of file diff --git a/images/varnish/start.sh b/images/varnish/start.sh new file mode 100644 index 00000000..8bdad94a --- /dev/null +++ b/images/varnish/start.sh @@ -0,0 +1,25 @@ +#!/usr/bin/env bash +set -e + +for name in BACKEND_PORT BACKEND_HOST VARNISH_SERVER +do + eval value=\$$name + sed -i "s|\${${name}}|${value}|g" /etc/varnish/default.vcl +done + +echo "exec varnishd \ + -a :$VARNISH_PORT \ + -T localhost:6082 \ + -F \ + -f $VARNISH_CONFIG \ + -s malloc,$CACHE_SIZE \ + $VARNISHD_PARAMS" + +exec bash -c \ + "exec varnishd \ + -a :$VARNISH_PORT \ + -T localhost:6082 \ + -F \ + -f $VARNISH_CONFIG \ + -s malloc,$CACHE_SIZE \ + $VARNISHD_PARAMS" diff --git a/images/vscode-remote/.devcontainer/.gitignore b/images/vscode-remote/.devcontainer/.gitignore new file mode 100644 index 00000000..9be6895b --- /dev/null +++ b/images/vscode-remote/.devcontainer/.gitignore @@ -0,0 +1,6 @@ +/* +!.gitignore +!devcontainer.json +!docker-php.ini +!.npmrc +!composer.config.json diff --git a/images/vscode-remote/.devcontainer/.npmrc b/images/vscode-remote/.devcontainer/.npmrc new file mode 100644 index 00000000..ded80919 --- /dev/null +++ b/images/vscode-remote/.devcontainer/.npmrc @@ -0,0 +1,3 @@ +registry=https://registry.npm.taobao.org +prefix=/tmp/node/npm +cache=/tmp/node/.npm diff --git a/images/vscode-remote/.devcontainer/composer.config.json b/images/vscode-remote/.devcontainer/composer.config.json new file mode 100644 index 00000000..888f9f3d --- /dev/null +++ b/images/vscode-remote/.devcontainer/composer.config.json @@ -0,0 +1,9 @@ +{ + "config": {}, + "repositories": { + "packagist": { + "type": "composer", + "url": "https://mirrors.aliyun.com/composer/" + } + } +} diff --git a/images/vscode-remote/.devcontainer/devcontainer.json b/images/vscode-remote/.devcontainer/devcontainer.json new file mode 100644 index 00000000..b92c33a1 --- /dev/null +++ b/images/vscode-remote/.devcontainer/devcontainer.json @@ -0,0 +1,43 @@ +{ + // https://code.visualstudio.com/docs/remote/containers#_devcontainerjson-reference + // fix me + "name": "php-demo", + + // The order of the files is important since later files override previous ones + "dockerComposeFile": [ + "../docker-workspace.yml" + ], + + // fix me + "service": "workspace", + "runServices": [ + "workspace" + ], + // fix me 与 docker-workspace.yml 中的路径一致 + "workspaceFolder": "/app/demo", + "shutdownAction": "stopCompose", // none stopCompose + "extensions": [ + "felixfbecker.php-debug", + "editorconfig.editorconfig" + ], + // [Optional] If you are using SSH keys w/Git, copy them and set correct permissions + // "postCreateCommand": "mkdir -p ~/.ssh && cp -r ~/.ssh-localhost/* ~/.ssh && chmod 700 ~/.ssh && chmod 600 ~/.ssh/*" + "settings": { + // If you are using an Alpine-based image, change this to /bin/ash + // "terminal.integrated.shell.linux": "/bin/bash" + }, + // "forwardPorts": [ + + // ], + // "postCreateCommand": [ + + // ], + // "initializeCommand": [ + + // ], + // "remoteEnv": { + + // }, + // "remoteUser": "", + // "devPort": 0 +} diff --git a/images/vscode-remote/.devcontainer/docker-php.ini b/images/vscode-remote/.devcontainer/docker-php.ini new file mode 100644 index 00000000..867fabb7 --- /dev/null +++ b/images/vscode-remote/.devcontainer/docker-php.ini @@ -0,0 +1,38 @@ +; +; http://www.jinbuguo.com/php/php52-ini.html +; + +error_log= /var/log/php/error.log + +; 你可以在这里自定义 php 配置 + +; extension=tideways_xhprof.so + +; opcache +; https://laravel-news.com/php-opcache-docker + +[opcache] +opcache.enable=false +; 0 means it will check on every request +; 0 is irrelevant if opcache.validate_timestamps=0 which is desirable in production +opcache.revalidate_freq=0 +opcache.validate_timestamps=1 +opcache.max_accelerated_files=10000 +opcache.memory_consumption=192 +opcache.max_wasted_percentage=10 +opcache.interned_strings_buffer=16 +opcache.fast_shutdown=1 + +; JIT +; https://wiki.php.net/rfc/jit +; opcache.jit_buffer_size=1024K +; opcache.jit=1205 +; 1235 +; opcache.jit_debug=0 +; opcache.preload=/app/symfony4.4/var/cache/development/srcApp_KernelDevelopmentDebugContainer.preload.php +; opcache.preload_user=www-data + +[xdebug] +; https://xdebug.org/docs/all_settings +; 是否启用 Xdebug 扩展,若启用取消注释即可,请仅在开发环境启用 +zend_extension=xdebug diff --git a/images/vscode-remote/README.DOCKER-DESKTOP-macOS.md b/images/vscode-remote/README.DOCKER-DESKTOP-macOS.md new file mode 100644 index 00000000..05ac6742 --- /dev/null +++ b/images/vscode-remote/README.DOCKER-DESKTOP-macOS.md @@ -0,0 +1,40 @@ +# Docker 桌面版(macOS) + vsCode 远程开发 + +1. vsCode 安装远程扩展 + +```bash +$ code --install-extension ms-vscode-remote.remote-containers +``` + +2. 新建空白文件夹或在已有项目中将 `.devcontainer` `docker-workspace.yml` 复制进来(或者执行 `$ lnmp-docker code-init`) 并根据实际进行调整。 + +**创建数据卷** + +```bash +$ docker volume create lnmp_composer-cache-data +$ docker volume create lnmp_npm-cache-data +``` + +3. 在项目文件夹下执行 `$ code .` 打开 vsCode,调整配置 + +4. 按 `F1`键(或者点击左下角【打开远程窗口】), select `Remote-Containers: Reopen in Container`,此时 vsCode 左侧文件列表为空 + +5. [vsCode 终端] `$ composer create-project --prefer-dist laravel/laravel .` 安装 Laravel,安装完毕后此时 vsCode 左侧文件列表出现文件(或者在 [vsCode 终端] git clone 已有项目) + +6. 调整 `.env` + +7. [vsCode 终端] 执行 `$ php artisan` + +8. 在 `khs1994-docker/lnmp` 中配置 NGINX,浏览器访问项目 + +**前端配置** + +9. [vsCode 终端] `$ composer require laravel/ui` `$ php artisan ui vue` + +10. [macOS 终端] `$ docker-compose -f docker-workspace.yml run --rm npm install` (或者执行 `$ lnmp-docker code-run npm install`) + +11. 参照 https://github.com/khs1994-docker/laravel-demo/tree/master/.test 将示例放入项目 + +12. [macOS 终端] 编译项目 `$ docker-compose -f docker-workspace.yml run --rm npm run dev` (或者执行 `$ lnmp-docker code-run npm run dev`) + +13. 访问 http://IP/test/view diff --git a/images/vscode-remote/README.DOCKER-DESKTOP-wsl2.md b/images/vscode-remote/README.DOCKER-DESKTOP-wsl2.md new file mode 100644 index 00000000..19a6d2a5 --- /dev/null +++ b/images/vscode-remote/README.DOCKER-DESKTOP-wsl2.md @@ -0,0 +1,15 @@ +# Docker 桌面版(Windows-WSL2) + vsCode 远程开发 + +* https://docs.docker.com/docker-for-windows/wsl/#best-practices + +参考 https://docs.lnmp.khs1994.com/laravel.html **Windows 运行 Laravel 响应缓慢的问题** 小节 vsCode 的说明 + +## 注意事项 + +项目文件存储在 WSL2 中,不存在跨主机问题,故文件性能不存在问题。 + +**缺点:** + +1. 若 WSL2 崩溃,项目文件可能丢失 + +2. WSL2 磁盘空间占用会逐步加大 diff --git a/images/vscode-remote/README.md b/images/vscode-remote/README.md new file mode 100644 index 00000000..1c09bcd7 --- /dev/null +++ b/images/vscode-remote/README.md @@ -0,0 +1,106 @@ +# Linux Docker + vsCode 远程开发 + +* https://code.visualstudio.com/docs/remote/containers + +**桌面版 Docker + vsCode 远程开发请查看对应的 README 文件。** + +> 本文件夹中的示例 一个项目配置一个 vsCode 远程开发配置文件。 + +> 或者你可以将整个 /app 作为一个项目,避免繁琐的配置。具体请参考 lnmp 根目录的 `.devcontainer` 文件夹及 `docker-workspace.yml` 文件。文档 https://docs.lnmp.khs1994.com/laravel.html + +## 说明 + +`工具链(PHP)` `vsCode Server` 位于容器, `vsCode` 位于本地 + +## 准备 + +**项目文件夹** + +1. 将 `.devcontainer` `docker-workspace.yml` 复制到 PHP 项目文件夹根目录,并作适当调整(搜索 `fix me`) + +**创建数据卷** + +```bash +$ docker volume create lnmp_composer-cache-data +$ docker volume create lnmp_npm-cache-data +``` + +**工具准备** + +2. `vsCode` 安装 `Remote Development` 扩展 + +```bash +$ code --install-extension ms-vscode-remote.remote-containers +``` + +3. 启动 `khs1994-docker/lnmp` + +```bash +$ ./lnmp-docker up +``` + +## PHP 相关的 vsCode 扩展 + +* `felixfbecker.php-debug` +* 更多扩展请查看 https://github.com/khs1994-docker/lnmp/blob/master/.devcontainer/devcontainer.json **extensions** 项 + +## 步骤 + +1. 打开 `vsCode`(`$ code`) + +2. 按 `F1`键(或者点击左下角【打开远程窗口】), select `Remote-Containers: Open Folder in Container...`. 选择项目文件夹(包含 `.devcontainer`, `docker-workspace.yml`). + +**注意事项** + +1. 扩展需要在 `远程` 安装(以前安装过的扩展在 **远程** 重新安装) + +2. 首次使用,需要初始化,请耐心等待 + +## 依赖管理(执行 composer 命令) + +**安装依赖** + +```bash +$ docker-compose -f docker-workspace.yml run --rm composer install +``` + +**安装新的依赖** + +```bash +$ docker-compose -f docker-workspace.yml run --rm composer require XXX +``` + +**升级依赖** + +```bash +$ docker-compose -f docker-workspace.yml run --rm composer update +``` + +**或者执行** + +```bash +$ lnmp-docker composer install | update | require XXX +``` + +## Xdebug + +**1. 在 `khs1994-docker/lnmp` 配置(启用) Xdebug** + +参考 https://docs.lnmp.khs1994.com/xdebug.html + +* 端口: 9003 +* 远程地址: 192.168.199.100(宿主机 IP,根据实际修改) + +* 2. [浏览器安装 `xdebug` 扩展](https://docs.lnmp.khs1994.com/xdebug.html#%e6%b5%8f%e8%a7%88%e5%99%a8%e6%89%a9%e5%b1%95) +* `vsCode` -> `运行` -> `打开配置` -> `弹出选项中选择 PHP` -> `port 改为 9003` +* `vsCode` -> `运行` -> `启动调试` -> `打断点` -> `浏览器刷新页面` -> `在 vsCode 调试` + +## 与 `khs1994-docker/lnmp` 项目关系 + +**远程开发** 启动的容器只提供开发所用的工具链,浏览器访问 PHP 项目与远程开发 **无关** + +## 功能 + +* 可以在 **终端** 直接执行命令 + +`vsCode` -> `查看` -> `终端` -> `输入所执行的命令,例如 $ php artisan` diff --git a/images/vscode-remote/docker-workspace.yml b/images/vscode-remote/docker-workspace.yml new file mode 100644 index 00000000..dac4b7d3 --- /dev/null +++ b/images/vscode-remote/docker-workspace.yml @@ -0,0 +1,98 @@ +# COMPOSE_CONVERT_WINDOWS_PATHS=1 + +version: "3.8" + +x-common: + &common + # fix me + working_dir: /app/demo + restart: "no" + +services: + workspace: + &workspace + image: khs1994/php:8.0.0-composer-alpine + networks: + - backend + volumes: + - vscode-server:/root/.vscode-server + - vscode-server-insiders:/root/.vscode-server-insiders + - vscode-phpls-cache:/root/.phpls + # fix me + # linux/macOS + - ./:/app/demo + # fix me 将依赖挂载到数据卷 + # Linux 系统请将此项注释 + # - vendor:/app/demo/vendor + + # fix me + # mutagen: 若使用 mutagen 请注释掉上方两项,取消注释下方一项 + # - /var/lib/app/demo:/app/demo + + # composer + - type: volume + source: composer-cache-data + target: /tmp/composer/cache + - type: bind + source: ./.devcontainer/composer.config.json + target: /tmp/composer/config.json + # - type: bind + # source: ./.devcontainer/composer.auth.json + # target: /tmp/composer/auth.json + + # php + - type: bind + source: ./.devcontainer/docker-php.ini + target: /usr/local/etc/php/conf.d/docker-php.ini + - ./.devcontainer/php-log:/var/log/php + + # node + # 如果你修改了 .npmrc 中的路径,请同步更改这里的数据卷映射关系 + - type: bind + source: ./.devcontainer/.npmrc + target: /usr/local/etc/npmrc + - npm-global-data:/tmp/node/npm + - npm-cache-data:/tmp/node/.npm + # 如果在 PhpStorm 中使用,无需开放端口,必须注释掉 `ports` 项 + # vsCode 运行在容器中,故必须开放 9003 供 xdebug 连接 + ports: + # xdebug port + - 9003:9003 + command: /bin/sh -c "while sleep 1000; do :; done" + environment: + APP_ENV: development + TZ: Asia/Shanghai + + composer: + << : *workspace + << : *common + image: "khs1994/php:8.0.0-composer-alpine" + command: [] # install | update + + npm: + << : *workspace + << : *common + image: node:15.3.0-alpine + entrypoint: npm + command: [] # install | "run","dev" | + +networks: + backend: + external: true + name: lnmp_backend + +volumes: + composer-cache-data: + external: true + name: lnmp_composer-cache-data + vscode-server: + vscode-server-insiders: + vscode-phpls-cache: + vendor: + # 或者复用其他数据卷 + # external: true + # name: lnmp_laravel_vendor + npm-global-data: + npm-cache-data: + external: true + name: lnmp_npm-cache-data diff --git a/index.html b/index.html deleted file mode 100644 index 1836cf5f..00000000 --- a/index.html +++ /dev/null @@ -1,23 +0,0 @@ - - - - - Dockerfile - - - -
- -

Dockerfile Home Page

-

Author: Cloudflying

-

Maintainer: Cloudflying

-

Mail:oss@live.hk

- -
- - \ No newline at end of file diff --git a/scripts/boxs.sh b/scripts/boxs.sh new file mode 100644 index 00000000..84660d60 --- /dev/null +++ b/scripts/boxs.sh @@ -0,0 +1,11 @@ +#!/usr/bin/env bash + +docker run -d \ + --name cmdide \ + --hostname cmdide \ + -p 30022:22 \ + -p 30080:80 \ + -e RUN_MODE="remote" \ + -v /Volumes/MacData/Code:/data:rw \ + -v /Volumes/MacData/Code/Devenv/Volumes/nginx:/etc/nginx/conf:rw \ + imxieke/cmdide:latest diff --git a/scripts/docker.sh b/scripts/docker.sh new file mode 100644 index 00000000..f7f9acb1 --- /dev/null +++ b/scripts/docker.sh @@ -0,0 +1,197 @@ +#!/usr/bin/env bash + +##################################### +# Swarm Mode Cluster Preparation # +##################################### + +function create_assistant() { + NAME=$1 + docker-machine create ${MACHINE_OPTS} ${NAME} + eval "$(docker-machine env ${NAME})" + HostIP="$(docker-machine ip ${NAME})" + + echo "Create a registry mirror" + docker run -d \ + -p 5000:5000 \ + -e REGISTRY_STORAGE_CACHE_BLOBDESCRIPTOR=inmemory \ + -e REGISTRY_PROXY_REMOTEURL=https://registry-1.docker.io \ + --name registry \ + registry + REGISTRY_MIRROR_OPTS="--engine-registry-mirror http://${HostIP}:5000" + export MACHINE_OPTS="${MACHINE_OPTS} ${REGISTRY_MIRROR_OPTS}" +} + +function create_manager() { + # The first argument is manager node name + NAME=$1 + # Using docker-machine create a docker host for swarm manager + docker-machine create ${MACHINE_OPTS} ${NAME} + # Load manager docker host environment + eval "$(docker-machine env ${NAME})" + # Get manager IP + ManagerIP=`docker-machine ip ${NAME}` + # Initialize a Swarm + docker swarm init --advertise-addr ${ManagerIP} + # Get Worker Token + WorkerToken=`docker swarm join-token worker | grep token | awk '{ print $2 }'` + echo "Worker's Token is: '${WorkerToken}'" + # Exports + export ManagerIP + export WorkerToken +} + +function create_node() { + # The first argument is the node name + NAME=$1 + # Using docker-machine create a docker host for swarm worker + docker-machine create ${MACHINE_OPTS} ${NAME} + # Load the worker docker host environment + eval "$(docker-machine env ${NAME})" + # Get the Worker IP + WorkerIP=`docker-machine ip ${NAME}` + # Join the Swarm as a Worker + docker swarm join \ + --token ${WorkerToken} \ + --advertise-addr ${WorkerIP} \ + ${ManagerIP}:2377 +} + +function create() { + create_assistant assistant + create_manager manager + for i in $(seq 1 ${SWARM_SIZE}) + do + create_node node${i} & + done + + wait +} + +function remove() { + for i in $(seq 1 ${SWARM_SIZE}) + do + docker-machine rm -y node${i} || true + done + docker-machine rm -y manager || true + docker-machine rm -y assistant || true +} + +############################## +# Service Management # +############################## + +function up() { + # Load '.env' environment variables + export $(cat .env | xargs) + # Load Swarm Manager docker host environment + eval "$(docker-machine env manager)" + set -xe + # Create Networks + docker network create -d overlay frontend + docker network create -d overlay backend + # Start 'mysql' Service + docker service create \ + --name mysql \ + -e TZ=Asia/Shanghai \ + -e MYSQL_ROOT_PASSWORD=Passw0rd \ + --mount src=mysql-data,dst=/var/lib/mysql \ + --network backend \ + mysql:5.7 \ + mysqld --character-set-server=utf8 + # Start 'php' Service + docker service create \ + --name php \ + -e MYSQL_PASSWORD=Passw0rd \ + --network frontend \ + --network backend \ + "${DOCKER_USER}/lnmp-php:v1.2" + # Start 'nginx' Service + docker service create \ + --name nginx \ + --network frontend \ + -p 80:80 \ + "${DOCKER_USER}/lnmp-nginx:v1.2" + # List Created Service + docker service ls +} + +function scale() { + # The first argument is 'nginx' service replica number. + NGINX_SIZE=$1 + # The second argument is 'php' service replica number. + PHP_SIZE=$2 + + # Load Swarm Manager Docker host environment + eval "$(docker-machine env manager)" + + if [ -z "${NGINX_SIZE}" ]; then + # We need at least 'nginx_size' to scale + echo "Usage: scale [php_size]"; exit 1 + else + echo "Scaling 'nginx' service to ${NGINX_SIZE} replicas ..." + docker service update \ + --replicas "${NGINX_SIZE}" \ + nginx + fi + + # We need at least 1 'php' replica. + if [ "${PHP_SIZE}" -ge 1 ]; then + echo "Scaling 'php' service to ${PHP_SIZE} replicas ..." + docker service update \ + --replicas "${PHP_SIZE}" \ + php + fi +} + +function down() { + # Load Swarm Manager Docker host environment + eval "$(docker-machine env manager)" + set -xe + # Remove services + docker service rm nginx php mysql + # Remove networks + docker network rm frontend backend +} + +function ps() { + # Load Swarm Manager Docker host environment + eval "$(docker-machine env manager)" + set -xe + # List 'nginx' service tasks + docker service ps -f desired-state=running nginx + # List 'php' service tasks + docker service ps -f desired-state=running php + # List 'mysql' service tasks + docker service ps -f desired-state=running mysql +} + +function list_nodes() { + echo "manager http://$(docker-machine ip manager)" + for i in $(seq 1 ${SWARM_SIZE}) + do + echo "node${i} http://$(docker-machine ip node${i})" + done +} + +############################## +# Entrypoint # +############################## + +function main() { + Command=$1 + shift + case "${Command}" in + create) create ;; + remove) remove ;; + up) up ;; + scale) scale "$@" ;; + env) docker-machine env manager ;; + down) down ;; + ps) ps ;; + nodes) list_nodes ;; + publish) publish ;; + *) echo "Usage: $0 "; exit 1 ;; + esac +} + +main "$@" diff --git a/scripts/entrypoint/10-listen-on-ipv6-by-default.sh b/scripts/entrypoint/10-listen-on-ipv6-by-default.sh new file mode 100755 index 00000000..9585152b --- /dev/null +++ b/scripts/entrypoint/10-listen-on-ipv6-by-default.sh @@ -0,0 +1,61 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +ME=$(basename $0) +DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" + +# check if we have ipv6 available +if [ ! -f "/proc/net/if_inet6" ]; then + echo >&3 "$ME: info: ipv6 not available" + exit 0 +fi + +if [ ! -f "/$DEFAULT_CONF_FILE" ]; then + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE is not a file or does not exist" + exit 0 +fi + +# check if the file can be modified, e.g. not on a r/o filesystem +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: info: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } + +# check if the file is already modified, e.g. on a container restart +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } + +if [ -f "/etc/os-release" ]; then + . /etc/os-release +else + echo >&3 "$ME: info: can not guess the operating system" + exit 0 +fi + +echo >&3 "$ME: info: Getting the checksum of /$DEFAULT_CONF_FILE" + +case "$ID" in + "debian") + CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" + exit 0 + } + ;; + "alpine") + CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" + exit 0 + } + ;; + *) + echo >&3 "$ME: info: Unsupported distribution" + exit 0 + ;; +esac + +# enable ipv6 on default.conf listen sockets +sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE + +echo >&3 "$ME: info: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" + +exit 0 diff --git a/scripts/entrypoint/20-envsubst-on-templates.sh b/scripts/entrypoint/20-envsubst-on-templates.sh new file mode 100755 index 00000000..4f330295 --- /dev/null +++ b/scripts/entrypoint/20-envsubst-on-templates.sh @@ -0,0 +1,32 @@ +#!/bin/sh + +set -e + +ME=$(basename $0) + +auto_envsubst() { + local template_dir="${NGINX_ENVSUBST_TEMPLATE_DIR:-/etc/nginx/templates}" + local suffix="${NGINX_ENVSUBST_TEMPLATE_SUFFIX:-.template}" + local output_dir="${NGINX_ENVSUBST_OUTPUT_DIR:-/etc/nginx/conf.d}" + + local template defined_envs relative_path output_path subdir + defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) + [ -d "$template_dir" ] || return 0 + if [ ! -w "$output_dir" ]; then + echo >&3 "$ME: ERROR: $template_dir exists, but $output_dir is not writable" + return 0 + fi + find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do + relative_path="${template#$template_dir/}" + output_path="$output_dir/${relative_path%$suffix}" + subdir=$(dirname "$relative_path") + # create a subdirectory where the template file exists + mkdir -p "$output_dir/$subdir" + echo >&3 "$ME: Running envsubst on $template to $output_path" + envsubst "$defined_envs" < "$template" > "$output_path" + done +} + +auto_envsubst + +exit 0 diff --git a/scripts/entrypoint/docker-entrypoint.sh b/scripts/entrypoint/docker-entrypoint.sh new file mode 100755 index 00000000..88732541 --- /dev/null +++ b/scripts/entrypoint/docker-entrypoint.sh @@ -0,0 +1,38 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +if [ -z "${NGINX_ENTRYPOINT_QUIET_LOGS:-}" ]; then + exec 3>&1 +else + exec 3>/dev/null +fi + +if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then + echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" + + echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" + find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + case "$f" in + *.sh) + if [ -x "$f" ]; then + echo >&3 "$0: Launching $f"; + "$f" + else + # warn on shell scripts without exec bit + echo >&3 "$0: Ignoring $f, not executable"; + fi + ;; + *) echo >&3 "$0: Ignoring $f";; + esac + done + + echo >&3 "$0: Configuration complete; ready for start up" + else + echo >&3 "$0: No files found in /docker-entrypoint.d/, skipping configuration" + fi +fi + +exec "$@" diff --git a/scripts/env.sh b/scripts/env.sh new file mode 100644 index 00000000..05ac4644 --- /dev/null +++ b/scripts/env.sh @@ -0,0 +1,140 @@ +#!/usr/bin/env bash + +PASSWORD=$(echo -n ${RANDOM} | md5sum | cut -b -16) +cpuNum=$(grep -c 'processor' < /proc/cpuinfo) + +# Base language +printf "\n> Base language: \n" +select response in PHP Node; do + if [ "$response" = "PHP" ]; then + base="php" + break + elif [ "$response" = "Node" ]; then + base="node" + break + else + echo "Incorrect choice" + fi +done + +printf "\n> ${response} version ?\n" +# Configuration if PHP Base +if [ ${base} = "php" ]; then + # PHP version + select response in 7.4 7.3 7.2 7.1 7.0 5.6; do + if [[ "$response" =~ ^(5.6|7.0|7.1|7.2|7.3|7.4)$ ]]; then + version=${response} + break + else + echo "Incorrect choice" + fi + done + + # PHP architecture + printf "\n> FPM or Alpine [FPM] ?\n" + select response in FPM Alpine; do + if [[ "$response" =~ ^(FPM|Alpine)$ ]]; then + archi=${response,,} + break + else + echo "Incorrect choice" + fi + done + + # Web server + printf "\n> Web server ?\n" + select response in Nginx Apache; do + if [[ "$response" =~ ^(Apache|Nginx)$ ]]; then + webserver=${response,,} + break + else + echo "Incorrect choice" + fi + done +fi + +# Configuration if Node Base +if [ ${base} = "node" ]; then + # Node version + select response in 13.6 12.14 10.18; do + if [[ "$response" =~ ^(13.6|12.14|10.18)$ ]]; then + version=${response} + break + else + echo "Incorrect choice" + fi + done + # Node architecture + printf "\n> Alpine version ?\n" + select response in Yes No; do + if [[ "$response" =~ ^(Yes|No)$ ]]; then + if [ "$response" = "Yes" ]; then + archi="-alpine" + else + archi="" + fi + break + else + echo "Incorrect choice" + fi + done +fi + +# Common configuration + +# Database +printf "\n> Database ?\n" +select response in MySQL MariaDB MongoDB None; do + if [[ "$response" =~ ^(MySQL|MariaDB|MongoDB|None)$ ]]; then + dbserver=${response,,} + break + else + echo "Incorrect choice" + fi +done + +# Cache server +printf "\n> Cache server ?\n" +select response in Redis MemCached None; do + if [[ "$response" =~ ^(Redis|MemCached|None)$ ]]; then + cacheserver=${response,,} + break + else + echo "Incorrect choice" + fi +done + +# Queuer server +printf "\n> Queuer server ?\n" +select response in RabbitMQ None; do + if [[ "$response" =~ ^(RabbitMQ|None)$ ]]; then + queuerserver=${response,,} + break + else + echo "Incorrect choice" + fi +done + +# Maildev +printf "\n> Mail catcher ?\n" +select response in Maildev None; do + if [[ "$response" =~ ^(Maildev|None)$ ]]; then + mailcatcher=${response,,} + break + else + echo "Incorrect choice" + fi +done + + + + + clear + echo ' _ _ _ __ __ ____ ' + echo '| | | \ | | | \/ | | _ \ ' + echo '| | | \| | | |\/| | | |_) |' + echo '| |___ | |\ | | | | | | __/ ' + echo '|_____| |_| \_| |_| |_| |_| ' + echo '' + echo -e "For more details see \033[4mhttps://git.io/lnmp\033[0m" + echo '' diff --git a/scripts/function.sh b/scripts/function.sh new file mode 100644 index 00000000..2cc79bc6 --- /dev/null +++ b/scripts/function.sh @@ -0,0 +1,416 @@ +#!/usr/bin/env bash + +## colors.sh ## a simple font colors include +## +e_error='\x1b[31;01m[error]:\x1b[0m'; # red +e_warn='\x1b[33;01m[warning]:\x1b[0m'; # yellow +e_success='\x1b[32;01m[success]:\x1b[0m'; # green +e_info='\x1b[30;01m[inform]:\x1b[0m'; # black +e_input='\x1b[34;01m[input required]:\x1b[0m'; # blue#!/bin/sh + +# Swarm Size. (default is 3) +if [ -z "${SWARM_SIZE}" ]; then + SWARM_SIZE=3 +fi + +# By default, 'virtualbox' will be used, you can set 'MACHINE_DRIVER' to override it. +if [ -z "${MACHINE_DRIVER}" ]; then + export MACHINE_DRIVER=virtualbox +fi + +# REGISTRY_MIRROR_OPTS="--engine-registry-mirror https://jxus37ac.mirror.aliyuncs.com" +INSECURE_OPTS="--engine-insecure-registry 192.168.99.0/24" +# STORAGE_OPTS="--engine-storage-driver overlay2" + +MACHINE_OPTS="${STORAGE_OPTS} ${INSECURE_OPTS} ${REGISTRY_MIRROR_OPTS}" + +# 将逗号替换为空格 +# array=${value//,/ } + +# 将字符串转为数组,数组元素会以字符串中的空格作为分割 +# array=($value) + +# 定义一个关联数组,关联数组可以用字符串作为键名,bash版本需要升级,mac默认为3.x,早已过时 +declare -A env_config + +# 读取配置文件到变量中 +readEnvFile() +{ + # 获取文件内容,并将以"#"开头的行过滤掉 + env_content=($(grep -v '^#' .env | xargs)) + + # 将.env配置文件内容读取到变量中 + for line in ${env_content[*]}; do + cell=(${line//=/ }) + env_config[${cell[0]}]=${cell[1]} + done +} + +# 获取 env 内参数 +get_env() +{ + grep NGINX_VERSION env.conf | awk -F '=' '{print $2}' +} + +# show success message +showOk(){ + echo -e "\\033[34m[OK]\\033[0m $1" +} + +# show error message +showError(){ + echo -e "\\033[31m[ERROR]\\033[0m $1" +} + +# show notice message +showNotice(){ + echo -e "\\033[36m[NOTICE]\\033[0m $1" +} + +check_env() +{ + # Root check + [[ $(id -g) != '0' ]] && die 'Script must be run as root.' +} + +gen_ssl() +{ + if [ ! -f /etc/nginx/ssl/default.crt ]; then + openssl genrsa -out "/etc/nginx/ssl/default.key" 2048 + openssl req -new -key "/etc/nginx/ssl/default.key" -out "/etc/nginx/ssl/default.csr" -subj "/CN=default/O=default/C=UK" + openssl x509 -req -days 365 -in "/etc/nginx/ssl/default.csr" -signkey "/etc/nginx/ssl/default.key" -out "/etc/nginx/ssl/default.crt" + fi +} + +gen_ssl2() +{ + # create self-signed server certificate: + + read -p "Enter your domain [www.example.com]: " DOMAIN + + echo "Create server key..." + + openssl genrsa -des3 -out $DOMAIN.key 1024 + + echo "Create server certificate signing request..." + + SUBJECT="/C=US/ST=Mars/L=iTranswarp/O=iTranswarp/OU=iTranswarp/CN=$DOMAIN" + + openssl req -new -subj $SUBJECT -key $DOMAIN.key -out $DOMAIN.csr + + echo "Remove password..." + + mv $DOMAIN.key $DOMAIN.origin.key + openssl rsa -in $DOMAIN.origin.key -out $DOMAIN.key + + echo "Sign SSL certificate..." + + openssl x509 -req -days 3650 -in $DOMAIN.csr -signkey $DOMAIN.key -out $DOMAIN.crt + + echo "Done!" +} + +# prints colored text +print_style () { + + if [ "$2" == "info" ] ; then + COLOR="96m" + elif [ "$2" == "success" ] ; then + COLOR="92m" + elif [ "$2" == "warning" ] ; then + COLOR="93m" + elif [ "$2" == "danger" ] ; then + COLOR="91m" + else #default color + COLOR="0m" + fi + + STARTCOLOR="\e[$COLOR" + ENDCOLOR="\e[0m" + + printf "$STARTCOLOR%b$ENDCOLOR" "$1" +} + +display_options () { + printf "Available options:\n"; + print_style " install" "info"; printf "\t\t Installs docker-sync gem on the host machine.\n" + print_style " up [services]" "success"; printf "\t Starts docker-sync and runs docker compose.\n" + print_style " down" "success"; printf "\t\t\t Stops containers and docker-sync.\n" + print_style " bash" "success"; printf "\t\t\t Opens bash on the workspace with user laradock.\n" + print_style " sync" "info"; printf "\t\t\t Manually triggers the synchronization of files.\n" + print_style " clean" "danger"; printf "\t\t Removes all files from docker-sync.\n" +} + +# Stop all running containers for services not defined in the Compose file + +stop_containers() { + docker-compose down --remove-orphans +} + +import_db() +{ + source colors.sh; + ## selector-db.sh ## Select the db import files + ## + echo -e "e_input where is your backup file?"; + read ": " sql_import # the selected import + # sql_import="~/Desktop/jeremy/Documents/backup.sql"; # manual override + my_db_backup="import.sh-$(date | sed -e 's/ /_/g').sql"; # just in case =] + echo "$e_info backing up existing db to: $CWD/$my_db_backup"; + read; # can always cmd-c out now + mysqldump -u root -p --all-databases > $my_db_backup; + echo "$e_info importing from $sql_import"; + read; # can always cmd-c out now + mysql -u root -p -h < $sql_import; +} + + +## draw_menu() - a function to draw the menu +# based on: Draw-box.sh by Stefano Palmeri +# found here: http://tldp.org/LDP/abs/html/colorizing.html#DRAW-BOX +## +draw_menu() +{ + #=============# + HORZ="~" + VERT="|" + CORNER_CHAR="o" + E_SIZE="increase window size" + R=2 # Row + C=3 # Column + H=10 # Height + W=70 # Width + col=1 # Color (red) + BOX_HEIGHT=`expr $H - 1` # -1 correction needed because angle char "+" + BOX_WIDTH=`expr $W - 1` #+ is a part of both box height and width. + T_ROWS=`tput lines` # Define current terminal dimension + T_COLS=`tput cols` #+ in rows and columns. + + #=============# + # will it fit? + if [ $R -lt 1 ] || [ $R -gt $T_ROWS ]|| + [ $C -lt 1 ] || [ $C -gt $T_COLS ]|| + [ `expr $R + $BOX_HEIGHT + 1` -gt $T_ROWS ]|| + [ `expr $C + $BOX_WIDTH + 1` -gt $T_COLS ]|| + [ $H -lt 1 ] || [ $W -lt 1 ]; then + echo -e "$e_error $E_SIZE"; return 0; + fi + + # Function within a function. + plot_char(){ + echo -e "\x1b[${1};${2}H"$3 + } + + # Set title color, if defined. + echo -ne "\x1b[3${col}m" + # Draw vertical lines using plot_char function. + count=1 + for (( r=$R; count<=$BOX_HEIGHT; r++)); do + plot_char $r $C $VERT; + case $count in + 1 ) echo -e " ""\x1b[01m$s_title\x1b[0m"; ;; + 2 ) echo -e " 1)import-user-files.sh"; ;; + 3 ) echo -e " 2)lamp.sh"; ;; + 4 ) echo -e " 3)dev-tools.sh"; ;; + 5 ) echo -e " 4)gui-tools.sh"; ;; + 6 ) echo -e " 5)import-db.sh"; ;; + 8 ) echo -e " *)quit"; ;; + esac + let count=count+1; + done + + count=1 + c=`expr $C + $BOX_WIDTH` + for (( r=$R; count<=$BOX_HEIGHT; r++)); do + plot_char $r $c $VERT + let count=count+1 + done + + # Draw horizontal lines using plot_char function. + count=1 + for (( c=$C; count<=$BOX_WIDTH; c++)); do + plot_char $R $c $HORZ + let count=count+1 + done + + count=1 + r=`expr $R + $BOX_HEIGHT` + for (( c=$C; count<=$BOX_WIDTH; c++)); do + plot_char $r $c $HORZ + let count=count+1 + done + + # Draw box angles. + plot_char $R $C $CORNER_CHAR + plot_char $R `expr $C + $BOX_WIDTH` $CORNER_CHAR + plot_char `expr $R + $BOX_HEIGHT` $C $CORNER_CHAR + plot_char `expr $R + $BOX_HEIGHT` `expr $C + $BOX_WIDTH` $CORNER_CHAR + # Restore old colors. + echo -ne "\x1b[0m" + # Put the prompt at bottom of the terminal. + P_ROWS=`expr $T_ROWS - 2` + echo -e "\x1b[${P_ROWS};1H" +} + +backup_www() +{ + USERNAME=root #备份的用户名 + PASSWORD=$MYSQL_ROOT_PASSWORD #备份的密码 + + DATE=`date +%Y-%m-%d` #用来做备份文件名字的一部分 + OLDDATE=`date +%Y-%m-%d -d '-10 days'` #本地保存天数 + + #创建备份的目录和文件 + DIR=/data/backup/db + + [ -d ${DIR} ] || mkdir -p ${DIR} + [ -d ${DIR}/${DATE} ] || mkdir -p ${DIR}/${DATE} + + + DBS=`mysql -u$USERNAME -p$PASSWORD -Bse "show databases"|grep -v "information_schema" |grep -v "test"` + for db_name in $DBS + do + /usr/bin/mysqldump -uroot -p"$MYSQL_ROOT_PASSWORD" $db_name > $DIR/$DATE/$db_name.sql + done + #/usr/bin/find $DIR -mtime +7 -name "data_[1-9]*" -exec rm -rf {} \; + + [ ! -d ${DIR}/${OLDDATE} ] || rm -rf ${DIR}/${OLDDATE} #保存10天 多余的删除最前边的 +} + +backup_mysql() +{ + USERNAME=root #备份的用户名 + PASSWORD=$MYSQL_ROOT_PASSWORD #备份的密码 + + DATE=`date +%Y-%m-%d` #用来做备份文件名字的一部分 + OLDDATE=`date +%Y-%m-%d -d '-10 days'` #本地保存天数 + + #创建备份的目录和文件 + DIR=/data/backup/db + + [ -d ${DIR} ] || mkdir -p ${DIR} + [ -d ${DIR}/${DATE} ] || mkdir -p ${DIR}/${DATE} + + + DBS=`mysql -u$USERNAME -p$PASSWORD -Bse "show databases"|grep -v "information_schema" |grep -v "test"` + for db_name in $DBS + do + /usr/bin/mysqldump -uroot -p"$MYSQL_ROOT_PASSWORD" $db_name > $DIR/$DATE/$db_name.sql + done + #/usr/bin/find $DIR -mtime +7 -name "data_[1-9]*" -exec rm -rf {} \; + + [ ! -d ${DIR}/${OLDDATE} ] || rm -rf ${DIR}/${OLDDATE} #保存10天 多余的删除最前边的 +} + +restore_db() +{ + #路径 + #DIR=/var/lib/mysql/backup_mysql + DIR=/data/backup/db + #还原哪天的数据 + DATE=2019-03-15 + #还原数据库的名称 + db_name=mhehewan + + /usr/bin/mysql -uroot -p"$MYSQL_ROOT_PASSWORD" $db_name < $DIR/$DATE/$db_name.sql +} + +# 给MySQL中用户授权,指定用户可远程访问 +privilegeMysqlUsers() +{ + delay=10 + echo "等待Mysql服务启动,延时"$delay"s..." + sleep "$delay"s + + # 在bash中不能加入-t参数,否则会报"the input device is not a TTY" + # 在远程服务上执行的命令块,"remot_command"可自定义 + # 必须跟在 docker exec 命令行后面 + # msyql登陆命令需要写全参数,否则会因为默认的my.conf中bind_address=127.0.0.1 + docker exec -i lnmpr-mysql bash << remot_command + mysql -hlocalhost -uroot -p${env_config[MYSQL_ROOT_PASSWORD]} --port=${env_config[MYSQL_PORT_DOCKER]} + ALTER USER 'root'@'%' IDENTIFIED WITH mysql_native_password BY '${env_config[MYSQL_ROOT_PASSWORD]}'; + CREATE USER '${env_config[DB_USERNAME]}'@'%' IDENTIFIED BY '${env_config[DB_PASSWORD]}'; + CREATE USER '${env_config[DB_USERNAME]}'@'localhost' IDENTIFIED BY '${env_config[DB_PASSWORD]}'; + ALTER USER '${env_config[DB_USERNAME]}'@'%' IDENTIFIED WITH mysql_native_password BY '${env_config[DB_PASSWORD]}'; + ALTER USER '${env_config[DB_USERNAME]}'@'localhost' IDENTIFIED WITH mysql_native_password BY '${env_config[DB_PASSWORD]}'; + GRANT ALL PRIVILEGES ON *.* TO '${env_config[DB_USERNAME]}'@'%' WITH GRANT OPTION; + GRANT ALL PRIVILEGES ON *.* TO '${env_config[DB_USERNAME]}'@'localhost' WITH GRANT OPTION; + FLUSH PRIVILEGES; + CREATE DATABASE ${env_config[DB_DATABASE]}; + exit +remot_command + + echo "MySQL用户授权完成。lnmpr服务容器已启动,您可以访问 http://localhost:${env_config[NGINX_PORT_LOCAL]} 查看" +} + + +backup_mysql_and_remove_old() +{ + # */1 * * * * /cron-shell/backup.sh + DATE=`date +%Y-%m-%d` #用来做备份文件名字的一部分 + OLDDATE=`date +%Y-%m-%d -d '-10 days'` #本地保存天数 + + #创建备份的目录和文件 + DIR=/data/backup/db + + [ -d ${DIR} ] || mkdir -p ${DIR} + [ -d ${DIR}/${DATE} ] || mkdir -p ${DIR}/${DATE} + + + DBS=`mysql -uroot -p$MYSQL_ROOT_PASSWORD -Bse "show databases"|grep -v "information_schema" |grep -v "test"` + for db_name in $DBS + do + /usr/bin/mysqldump -uroot -p"$MYSQL_ROOT_PASSWORD" $db_name > $DIR/$DATE/$db_name.sql + done + #/usr/bin/find $DIR -mtime +7 -name "data_[1-9]*" -exec rm -rf {} \; + + [ ! -d ${DIR}/${OLDDATE} ] || rm -rf ${DIR}/${OLDDATE} #保存10天 多余的删除最前边的 +} + + +backup2() +{ + #保存备份个数,备份31天数据 + number=10 + + #备份保存路径 + backup_dir=/home/data/backup_mysql/mhehewan + + #日期 + dd=`date +%Y-%m-%d-%H-%M-%S` + + #用户名 + username=root + + #密码 + password=Hengshi2019#@!123 + + #将要备份的数据库 + database_name=mhehewan + + #如果文件夹不存在则创建 + if [ ! -d $backup_dir ]; + then + mkdir -p $backup_dir; + fi + + #备份 + mysqldump --add-locks --add-drop-table --hex-blob --allow-keywords --extended-insert=false -u${username} -p${password} ${database_name} > ${backup_dir}/$database_name-$dd.sql + + #写创建备份日志 + echo "create $backup_dir/$database_name-$dd.dupm" >> $backup_dir/log.txt + + #找出需要删除的备份 + delfile=`ls -l -crt $backup_dir/*.sql | awk '{print $9 }' | head -1` + + #判断现在的备份数量是否大于$number + count=`ls -l -crt $backup_dir/*.sql | awk '{print $9 }' | wc -l` + + if [ $count -gt $number ] + then + #删除最早生成的备份,只保留number数量的备份 + rm $delfile + #写删除文件日志 + echo "delete $delfile" >> $backup_dir/log.txt + fi +} diff --git a/scripts/generate-stackbrew-library.sh b/scripts/generate-stackbrew-library.sh new file mode 100644 index 00000000..5bc0b58a --- /dev/null +++ b/scripts/generate-stackbrew-library.sh @@ -0,0 +1,102 @@ +#!/bin/bash +set -eu + +declare -A aliases +aliases=( + [mainline]='1 1.19 latest' + [stable]='1.18' +) + +self="$(basename "$BASH_SOURCE")" +cd "$(dirname "$(readlink -f "$BASH_SOURCE")")" +base=debian + +versions=( mainline stable ) + +# get the most recent commit which modified any of "$@" +fileCommit() { + git log -1 --format='format:%H' HEAD -- "$@" +} + +# get the most recent commit which modified "$1/Dockerfile" or any file COPY'd from "$1/Dockerfile" +dirCommit() { + local dir="$1"; shift + ( + cd "$dir" + fileCommit \ + Dockerfile \ + $(git show HEAD:./Dockerfile | awk ' + toupper($1) == "COPY" { + for (i = 2; i < NF; i++) { + print $i + } + } + ') + ) +} + +cat <<-EOH +# this file is generated via https://github.com/nginxinc/docker-nginx/blob/$(fileCommit "$self")/$self + +Maintainers: NGINX Docker Maintainers (@nginxinc) +GitRepo: https://github.com/nginxinc/docker-nginx.git +EOH + +# prints "$2$1$3$1...$N" +join() { + local sep="$1"; shift + local out; printf -v out "${sep//%/%%}%s" "$@" + echo "${out#$sep}" +} + +for version in "${versions[@]}"; do + commit="$(dirCommit "$version/$base")" + + fullVersion="$(git show "$commit":"$version/$base/Dockerfile" | awk '$1 == "ENV" && $2 == "NGINX_VERSION" { print $3; exit }')" + + versionAliases=( $fullVersion ) + if [ "$version" != "$fullVersion" ]; then + versionAliases+=( $version ) + fi + versionAliases+=( ${aliases[$version]:-} ) + + echo + cat <<-EOE + Tags: $(join ', ' "${versionAliases[@]}") + Architectures: amd64, arm32v5, arm32v7, arm64v8, i386, mips64le, ppc64le, s390x + GitCommit: $commit + Directory: $version/$base + EOE + + for variant in debian-perl; do + commit="$(dirCommit "$version/$variant")" + + variantAliases=( "${versionAliases[@]/%/-perl}" ) + variantAliases=( "${variantAliases[@]//latest-/}" ) + + echo + cat <<-EOE + Tags: $(join ', ' "${variantAliases[@]}") + Architectures: amd64, arm32v5, arm32v7, arm64v8, i386, mips64le, ppc64le, s390x + GitCommit: $commit + Directory: $version/$variant + EOE + done + + for variant in alpine alpine-perl; do + commit="$(dirCommit "$version/$variant")" + + variantAliases=( "${versionAliases[@]/%/-$variant}" ) + variantAliases=( "${variantAliases[@]//latest-/}" ) + + echo + cat <<-EOE + Tags: $(join ', ' "${variantAliases[@]}") + Architectures: arm64v8, arm32v6, arm32v7, ppc64le, s390x, i386, amd64 + GitCommit: $commit + Directory: $version/$variant + EOE + done + +done + diff --git a/scripts/http_website_easy_install.bash b/scripts/http_website_easy_install.bash new file mode 100644 index 00000000..1d18f521 --- /dev/null +++ b/scripts/http_website_easy_install.bash @@ -0,0 +1,90 @@ +#!/bin/bash +check_ip() { + IP_REGEX="^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$" + printf %s "$1" | tr -d '\n' | grep -Eq "$IP_REGEX" +} +PUBLIC_IP=$(dig @resolver1.opendns.com -t A -4 myip.opendns.com +short) +check_ip "$PUBLIC_IP" || PUBLIC_IP=$(wget -t 3 -T 15 -qO- http://ipv4.icanhazip.com) +check_ip "$PUBLIC_IP" || exiterr "Cannot find your server ip address" + +echo "your server ip is:${PUBLIC_IP}" +echo "please input your website domain name which has been resolved to $PUBLIC_IP" +echo "if you want to bind mutiple domain names,you can split them using space" +echo "if you want to allow any domain name to visit your website,you can leave this input empty(just carrige return)" +read -p "> " web_domains +# TODO check the domain resolve dig +short domain +web_first_domain=$(echo $web_domains|tr -s [:blank:]|cut -d ' ' -f 1) +nginx_web_config_file=$web_first_domain".conf" +nginx_web_config_domain=$web_domains +web_names=$web_domains +if [[ -z $(echo $web_domains|sed 's/ //g') ]]; then + nginx_web_config_domain=~^.*\$ + web_names=" any domain which has been resolved to this server" + nginx_web_config_file="free_domain_web.conf" +fi +echo "please input your website absolute path" +echo "if your input is not absolute path,the current directory will be preappend" +read -p "> " web_dir +if [[ ! "$web_dir" == /* ]]; then + web_dir=$(pwd)"/"$web_dir +fi +echo "your web directory will be "$web_dir +mkdir -p ${web_dir} +cur_chmod_dir=$web_dir +while [[ $cur_chmod_dir != / ]]; do + chmod o+x "$cur_chmod_dir" + cur_chmod_dir=$(dirname "$cur_chmod_dir") +done +echo "please input the nginx config dir" +echo "you can carrige return if it's default /etc/nginx" +read -p "> " nginx_config_dir +if [[ -z "$nginx_config_dir" ]]; then + nginx_config_dir=/etc/nginx +fi +echo -e "\n" +cat << EOF +your configuration are as follows + +web directory: $web_dir +web domain: $web_names +nginx config dir: $nginx_config_dir + +please input the number to confirm these information +1):confirm +2):not correct,I want to quit +EOF +read -p "> " confirm +if [[ $confirm -eq 2 ]]; then + exit 0 +fi +cat > $nginx_config_dir"/conf.d/"$nginx_web_config_file < $web_dir/index.html << EOF +generate http website succssfully
+this is the index.html of $web_names
+EOF +fi +# current_user=$USER +# current_user=$(id -un) not work for sudo +current_user=$(who am i|awk '{print $1}') +current_user_group=$(id -gn $current_user) +chown -R $current_user:$current_user_group $web_dir +chown $current_user:$current_user_group $nginx_config_dir"/conf.d/"$nginx_web_config_file +chmod -R 755 $web_dir +service nginx restart +echo -e "\n\n" +cat << EOF +generate http website succssfully +your website directory is $web_dir +your nginx config file is $nginx_config_dir/conf.d/$nginx_web_config_file +you can visit your website through $web_names +EOF diff --git a/scripts/https_website_easy_install.bash b/scripts/https_website_easy_install.bash new file mode 100644 index 00000000..f480203f --- /dev/null +++ b/scripts/https_website_easy_install.bash @@ -0,0 +1,186 @@ +#!/bin/bash +python_command='' +if command -v python > /dev/null 2>&1; then + echo 'python environment check succ..' + python_command=python +else + if command -v python3 > /dev/null 2>&1; then + echo 'your python command is python3' + python_command=python3 + else + echo 'your server has no python environment,now install python for you' + apt-get -y install python || yum -y install python + echo 'python install succ..' + python_command=python + fi +fi +if command -v openssl > /dev/null 2>&1; then + echo 'openssl check succ..' +else + echo 'no openssl,now install for you' + apt-get -y install openssl || yum -y install openssl +fi +exiterr() { + echo "Error: $1" >&2; + exit 1; +} +check_ip() { + IP_REGEX="^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$" + printf %s "$1" | tr -d '\n' | grep -Eq "$IP_REGEX" +} +PUBLIC_IP=$(dig @resolver1.opendns.com -t A -4 myip.opendns.com +short) +check_ip "$PUBLIC_IP" || PUBLIC_IP=$(wget -t 3 -T 15 -qO- http://ipv4.icanhazip.com) +check_ip "$PUBLIC_IP" || exiterr "Cannot find your server ip address" + +echo "your server ip is:${PUBLIC_IP}" +echo "please input your website domain name which has been resolved to $PUBLIC_IP" +echo "if you want to bind mutiple domain names,you can split them using space" +read -p "> " web_domains +# TODO check the domain resolve dig +short domain +domain_length=0 +sign_domain_str='' +web_first_domain=$(echo $web_domains|tr -s [:blank:]|cut -d ' ' -f 1) +nginx_web_config_file=$web_first_domain".conf" +for web_domain in ${web_domains[@]} +do + sign_domain_str=$sign_domain_str"DNS:"$web_domain"," + domain_length=$(($domain_length+1)) +done +sign_domain_str=${sign_domain_str:0:${#sign_domain_str}-1} +echo "please input your website absolute path" +echo "if your input is not absolute path,the current directory will be preappend" +read -p "> " web_dir +if [[ ! "$web_dir" == /* ]]; then + web_dir=$(pwd)"/"$web_dir +fi +echo "your web directory will be "$web_dir +echo "please input the nginx config dir" +echo "you can carrige return if it's default /etc/nginx" +read -p "> " nginx_config_dir +if [[ -z "$nginx_config_dir" ]]; then + nginx_config_dir=/etc/nginx +fi +echo -e "\n" +cat << EOF +your configuration are as follows + +web directory: $web_dir +web domain: $web_domains +nginx config dir: $nginx_config_dir + +please input the number to confirm these information +1):confirm +2):not correct,I want to quit +EOF +read -p "> " confirm +if [[ $confirm -eq 2 ]]; then + exit 0 +fi +mkdir -p ${web_dir}"/certificate/challenges" +cur_chmod_dir=$web_dir +while [[ $cur_chmod_dir != / ]]; do + chmod o+x "$cur_chmod_dir" + cur_chmod_dir=$(dirname "$cur_chmod_dir") +done +cd $web_dir"/certificate" +# Create a Let's Encrypt account private key +openssl genrsa 4096 > account.key +# generate a domain private key +openssl genrsa 4096 > domain.key +if [[ $domain_length -gt 1 ]]; then + openssl req -new -sha256 -key domain.key -subj "/" -reqexts SAN -config <(cat /etc/ssl/openssl.cnf <(printf "[SAN]\nsubjectAltName=$sign_domain_str")) > domain.csr || openssl req -new -sha256 -key domain.key -subj "/" -reqexts SAN -config <(cat /etc/pki/tls/openssl.cnf <(printf "[SAN]\nsubjectAltName=$sign_domain_str")) > domain.csr +else + openssl req -new -sha256 -key domain.key -subj "/CN=$web_domains" > domain.csr +fi +cat > $nginx_config_dir"/conf.d/"$nginx_web_config_file < ./signed.crt || exiterr "create the http website failed,please view the issue of github doc" +#NOTE: For nginx, you need to append the Let's Encrypt intermediate cert to your cert +wget --no-check-certificate https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem -O intermediate.pem +cat signed.crt intermediate.pem > chained.pem +cat > $nginx_config_dir"/conf.d/"$nginx_web_config_file < $web_dir/index.html << EOF +generate https website succssfully
+this is the index.html of $web_first_domain
+yout can visit this page from $web_domains +EOF +fi +# current_user=$USER +# current_user=$(id -un) not work for sudo +current_user=$(who am i|awk '{print $1}') +current_user_group=$(id -gn $current_user) +chown -R $current_user:$current_user_group $web_dir +chown $current_user:$current_user_group $nginx_config_dir"/conf.d/"$nginx_web_config_file +chmod -R 755 $web_dir +service nginx restart +echo -e "\n\n" +cat << EOF +generate https website succssfully +your website directory is $web_dir +your nginx config file is $nginx_config_dir/conf.d/$nginx_web_config_file +you can visit your website through these domains +EOF +for web_domain in ${web_domains[@]} +do + echo https://$web_domain +done +cat > $web_dir/certificate/renew_cert.bash < /tmp/signed.crt || exit +wget --no-check-certificate -O - https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem > intermediate.pem +cat /tmp/signed.crt intermediate.pem > $web_dir/certificate/chained.pem +service nginx reload +EOF +if command -v crontab > /dev/null 2>&1; then + echo 'crontab check succ..' +else + echo 'no crontab program,now install for you' + apt-get -y install cron || yum -y install cron +fi +# (crontab -u $current_user -l ; echo "1 1 1 * * bash $web_dir/certificate/renew_cert.bash >> /var/log/renew_cert_error.log 2 >> /var/log/renew_cert.log") | crontab -u $current_user - +random_day=$((RANDOM % (28 - 1) + 1)) +echo "1 1 "$random_day" * * root bash $web_dir/certificate/renew_cert.bash >> /var/log/renew_cert_error.log 2 >> /var/log/renew_cert.log" >> /etc/crontab +# nginx reload need root privilege,so the renew task need to be added in root's crontab +#(crontab -l; echo "1 1 1 * * bash $web_dir/certificate/renew_cert.bash > /var/log/renew_cert_stdout.log 2 > /var/log/renew_cert_stderr.log") | crontab - +echo "create renewal certificate task succ!" diff --git a/scripts/index.php b/scripts/index.php new file mode 100644 index 00000000..6820ed3c --- /dev/null +++ b/scripts/index.php @@ -0,0 +1,89 @@ +欢迎使用DNMP!'; +echo '

版本信息

'; + +echo '
    '; +echo '
  • PHP版本:', PHP_VERSION, '
    • '; +echo '
  • Nginx版本:', $_SERVER['SERVER_SOFTWARE'], '
    • '; +echo '
  • MySQL服务器版本:', getMysqlVersion(), '
    • '; +echo '
  • Redis服务器版本:', getRedisVersion(), '
    • '; +echo '
  • MongoDB服务器版本:', getMongoVersion(), '
    • '; +echo '
'; + +echo '

已安装扩展

'; +printExtensions(); + + +/** + * 获取MySQL版本 + */ +function getMysqlVersion() +{ + if (extension_loaded('PDO_MYSQL')) { + try { + $dbh = new PDO('mysql:host=mysql;dbname=mysql', 'root', '123456'); + $sth = $dbh->query('SELECT VERSION() as version'); + $info = $sth->fetch(); + } catch (PDOException $e) { + return $e->getMessage(); + } + return $info['version']; + } else { + return 'PDO_MYSQL 扩展未安装 ×'; + } +} + +/** + * 获取Redis版本 + */ +function getRedisVersion() +{ + if (extension_loaded('redis')) { + try { + $redis = new Redis(); + $redis->connect('redis', 6379); + $info = $redis->info(); + return $info['redis_version']; + } catch (Exception $e) { + return $e->getMessage(); + } + } else { + return 'Redis 扩展未安装 ×'; + } +} + +/** + * 获取MongoDB版本 + */ +function getMongoVersion() +{ + if (extension_loaded('mongodb')) { + try { + $manager = new MongoDB\Driver\Manager('mongodb://root:123456@mongodb:27017'); + $command = new MongoDB\Driver\Command(array('serverStatus' => true)); + + $cursor = $manager->executeCommand('admin', $command); + + return $cursor->toArray()[0]->version; + } catch (Exception $e) { + return $e->getMessage(); + } + } else { + return 'MongoDB 扩展未安装 ×'; + } +} + +/** + * 获取已安装扩展列表 + */ +function printExtensions() +{ + echo '
    '; + foreach (get_loaded_extensions() as $i => $name) { + echo "
  1. ", $name, '=', phpversion($name), '
    2. '; + } + echo '
'; +} diff --git a/scripts/install/build.sh b/scripts/install/build.sh new file mode 100644 index 00000000..e15390ee --- /dev/null +++ b/scripts/install/build.sh @@ -0,0 +1,275 @@ +#!/usr/bin/env bash + +# pcre + ./configure \ + --prefix=/usr/local/pcre \ + --enable-jit \ + --enable-utf \ + --enable-unicode-properties + make -j "$cpuNum" + make install + echo '/usr/local/pcre/lib' >> /etc/ld.so.conf.d/custom-libs.conf + ldconfig + +# Install Libiconv +function installLibiconv() { + cd /tmp || exit + + if [ ! -f "${libiconvVersion}.tar.gz" ] + then + showNotice "Download ${libiconvVersion} ..." + curl -O --retry 3 https://ftp.gnu.org/pub/gnu/libiconv/${libiconvVersion}.tar.gz + fi + + showNotice "$1 ${libiconvVersion} ..." + tar -zxf ${libiconvVersion}.tar.gz + + cd ${libiconvVersion} || exit + ./configure --prefix=/usr/local/libiconv + make -j "$cpuNum" + make install + echo '/usr/local/libiconv/lib' >> /etc/ld.so.conf.d/custom-libs.conf + ldconfig +} + +# Install Pcre +function installPcre() { + cd /tmp || exit + + if [ ! -f "${pcreVersion}.tar.gz" ] + then + showNotice "Download ${pcreVersion} ..." + curl -O --retry 3 https://ftp.pcre.org/pub/pcre/${pcreVersion}.tar.gz + fi + + showNotice "$1 ${pcreVersion} ..." + tar -zxf ${pcreVersion}.tar.gz -C /usr/local/src/ + + cd /usr/local/src/${pcreVersion} || exit + ./configure \ + --prefix=/usr/local/pcre \ + --enable-jit \ + --enable-utf \ + --enable-unicode-properties + make -j "$cpuNum" + make install + echo '/usr/local/pcre/lib' >> /etc/ld.so.conf.d/custom-libs.conf + ldconfig +} + +# Install Zlib +function installZlib() { + cd /tmp || exit + + if [ ! -f "${zlibVersion}.tar.gz" ] + then + showNotice "Download ${zlibVersion} ..." + curl -O --retry 3 http://zlib.net/${zlibVersion}.tar.gz + fi + + showNotice "$1 ${zlibVersion} ..." + tar -zxf ${zlibVersion}.tar.gz -C /usr/local/src/ + + cd /usr/local/src/${zlibVersion} || exit + ./configure --prefix=/usr/local/zlib + make -j "$cpuNum" + make install + echo '/usr/local/zlib/lib' >> /etc/ld.so.conf.d/custom-libs.conf + ldconfig +} + + + +# Install OpenSSL +function installOpenssl() { + cd /tmp || exit + + if [ ! -f "${opensslVersion}.tar.gz" ] + then + showNotice "Download ${opensslVersion} ..." + curl -O --retry 3 https://www.openssl.org/source/${opensslVersion}.tar.gz + fi + + showNotice "$1 ${opensslVersion} ..." + tar -zxf ${opensslVersion}.tar.gz -C /usr/local/src/ + + cd /usr/local/src/${opensslVersion} || exit + ./config --prefix=/usr/local/openssl -fPIC + make -j "$cpuNum" + make install + ln -sf /usr/local/openssl/bin/openssl /usr/bin/openssl +} + +# Install PHP +function installPhp { + cd /tmp || exit + + if [ ! -f "${phpVersion}.tar.gz" ] + then + showNotice "Download ${phpVersion} ..." + curl -O --retry 3 http://php.net/distributions/${phpVersion}.tar.gz + fi + + showNotice "$1 ${phpVersion} ..." + tar -zxf ${phpVersion}.tar.gz + + cd ${phpVersion} || exit + ./configure \ + --prefix=/usr/local/php \ + --sysconfdir=/etc/php \ + --with-config-file-path=/etc/php \ + --with-config-file-scan-dir=/etc/php/php-fpm.d \ + --with-fpm-user=www \ + --with-fpm-group=www \ + --with-curl \ + --with-mhash \ + --with-gd \ + --with-gmp \ + --with-bz2 \ + --with-recode \ + --with-readline \ + --with-gettext \ + --with-pcre-jit \ + --with-mysqli=mysqlnd \ + --with-pdo-mysql=mysqlnd \ + --with-openssl=/usr/local/openssl \ + --with-openssl-dir=/usr/local/openssl \ + --with-pcre-regex=/usr/local/pcre \ + --with-pcre-dir=/usr/local/pcre \ + --with-zlib=/usr/local/zlib \ + --with-zlib-dir=/usr/local/zlib \ + --with-iconv-dir=/usr/local/libiconv \ + --with-libxml-dir=/usr \ + --with-libzip=/usr \ + --with-gd=/usr/local/libgd \ + --with-jpeg-dir=/usr \ + --with-png-dir=/usr \ + --with-webp-dir=/usr \ + --with-xpm-dir=/usr \ + --with-freetype-dir=/usr \ + --enable-fpm \ + --enable-ftp \ + --enable-gd-jis-conv \ + --enable-calendar \ + --enable-exif \ + --enable-pcntl \ + --enable-soap \ + --enable-shmop \ + --enable-sysvmsg \ + --enable-sysvsem \ + --enable-sysvshm \ + --enable-wddx \ + --enable-inline-optimization \ + --enable-bcmath \ + --enable-mbstring \ + --enable-mbregex \ + --enable-re2c-cgoto \ + --enable-xml \ + --enable-mysqlnd \ + --enable-embedded-mysqli \ + --enable-opcache \ + --disable-fileinfo \ + --disable-debug + make -j "$cpuNum" + make install + ln -sf /usr/local/php/bin/php /usr/bin/php + ln -sf /usr/local/php/bin/phpize /usr/bin/phpize + ln -sf /usr/local/php/sbin/php-fpm /usr/bin/php-fpm + cp -v php.ini-production /etc/php/php.ini +} + +# Install Nginx +function installNginx() { + cd /tmp || exit + + if [ ! -f "${nginxVersion}.tar.gz" ] + then + showNotice "Download ${nginxVersion} ..." + curl -O --retry 3 http://nginx.org/download/${nginxVersion}.tar.gz + fi + + showNotice "$1 ${nginxVersion} ..." + tar -zxf ${nginxVersion}.tar.gz + + cd ${nginxVersion} || exit + mkdir -p /var/cache/nginx + ./configure \ + --prefix=/usr/local/nginx \ + --conf-path=/etc/nginx/nginx.conf \ + --error-log-path=/var/log/nginx/error.log \ + --http-log-path=/var/log/nginx/access.log \ + --pid-path=/var/run/nginx.pid \ + --lock-path=/var/run/nginx.lock \ + --http-client-body-temp-path=/var/cache/nginx/client_temp \ + --http-proxy-temp-path=/var/cache/nginx/proxy_temp \ + --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \ + --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \ + --http-scgi-temp-path=/var/cache/nginx/scgi_temp \ + --user=www \ + --group=www \ + --with-threads \ + --with-file-aio \ + --with-http_ssl_module \ + --with-http_v2_module \ + --with-http_realip_module \ + --with-http_addition_module \ + --with-http_geoip_module \ + --with-http_sub_module \ + --with-http_dav_module \ + --with-http_flv_module \ + --with-http_mp4_module \ + --with-http_gunzip_module \ + --with-http_gzip_static_module \ + --with-http_auth_request_module \ + --with-http_random_index_module \ + --with-http_secure_link_module \ + --with-http_degradation_module \ + --with-http_slice_module \ + --with-http_stub_status_module \ + --with-mail \ + --with-mail_ssl_module \ + --with-stream \ + --with-stream_ssl_module \ + --with-stream_realip_module \ + --with-stream_geoip_module \ + --with-stream_ssl_preread_module \ + --with-compat \ + --with-pcre-jit \ + --with-pcre=/usr/local/src/${pcreVersion} \ + --with-zlib=/usr/local/src/${zlibVersion} \ + --with-openssl=/usr/local/src/${opensslVersion} + make -j "$cpuNum" + make install + ln -sf /usr/local/nginx/sbin/nginx /usr/bin/nginx +} + +# Install Libgd +function installLibgd() { + cd /tmp || exit + + if [ ! -f "${libgdVersion}.tar.gz" ] + then + showNotice "Download ${libgdVersion} ..." + curl -O --retry 3 -L https://github.com/libgd/libgd/releases/download/${libgdVersion/lib/}/${libgdVersion}.tar.gz + fi + + showNotice "$1 ${libgdVersion} ..." + tar -zxf ${libgdVersion}.tar.gz + + cd ${libgdVersion} || exit + ./configure \ + --prefix=/usr/local/libgd \ + --with-libiconv-prefix=/usr/local/libiconv \ + --with-zlib=/usr/local/zlib \ + --with-jpeg=/usr \ + --with-png=/usr \ + --with-webp=/usr \ + --with-xpm=/usr \ + --with-freetype=/usr \ + --with-fontconfig=/usr \ + --with-tiff=/usr + make -j "$cpuNum" + make install + echo '/usr/local/libgd/lib' >> /etc/ld.so.conf.d/custom-libs.conf + ldconfig +} diff --git a/scripts/install/install-php.sh b/scripts/install/install-php.sh new file mode 100644 index 00000000..8c9cd13d --- /dev/null +++ b/scripts/install/install-php.sh @@ -0,0 +1,23 @@ +#!/usr/bin/env bash + +# drush +# extensions + +# https://github.com/aerospike/aerospike-client-php + +PHP_73_VERSION=$(curl -sL https://www.php.net | grep 'download-link' | grep 8 | awk -F '>' '{print $3}' | awk -F '<' '{print $1}') +PHP_74_VERSION=$(curl -sL https://www.php.net | grep 'download-link' | grep 74 | awk -F '>' '{print $3}' | awk -F '<' '{print $1}') +PHP_8_VERSION=$(curl -sL https://www.php.net | grep 'download-link' | grep 73 | awk -F '>' '{print $3}' | awk -F '<' '{print $1}') +echo ${PHP_73_VERSION} +echo ${PHP_74_VERSION} +echo ${PHP_8_VERSION} + +# curl -sS https://getcomposer.org/installer | php +# https://mirrors.aliyun.com/composer/composer.phar +# mv composer.phar /usr/local/bin/composer +# composer config -g repo.packagist composer https://mirrors.aliyun.com/composer/ + +# apt-get install -y --force-yes php7.0-xdebug && \ +# sed -i 's/^/;/g' /etc/php/7.0/cli/conf.d/20-xdebug.ini && \ +# echo "alias phpunit='php -dzend_extension=xdebug.so /var/www/laravel/vendor/bin/phpunit'" >> ~/.bashrc \ +# ;fi diff --git a/scripts/install/install-pkgs.sh b/scripts/install/install-pkgs.sh new file mode 100644 index 00000000..f11269b0 --- /dev/null +++ b/scripts/install/install-pkgs.sh @@ -0,0 +1,63 @@ +#!/usr/bin/env bash +export LC_ALL C.UTF-8 +DEBIAN_FRONTEND=noninteractive +TZ=Asia/Shanghai + +sudo +mysql-client # or mariadb-client +rabbitmq-c +apt-utils +beanstalkd +phpunit +inotify-tools +wget +gnupg +unzip +composer +git +vim #(neovim) +tmux # .tmux.conf +tmuxinator # ~/.tmuxinator/init.yml +supervisor + + +ln -fs /etc/nginx/sites-available/ /etc/nginx/sites-enabled/ + +echo extension=tideways_xhprof.so > /etc/php/7.4/mods-available/tideways.ini +RUN sed -i -e "s/^zlib\.output_compression\ = .*/zlib\.output_compression = \On/g" /etc/php/7.4/fpm/php.ini +RUN sed -i -e "s/^;max_input_vars\ = .*/max_input_vars\ =\ 20000/g" /etc/php/7.4/fpm/php.ini +RUN sed -i -e "s/^listen\ = .*/listen = \/var\/run\/php-fpm\.sock/g" /etc/php/7.4/fpm/pool.d/www.conf +RUN sed -i -e "s/^error_log\ = .*/error_log = \/var\/log\/php-fpm\.log/g" /etc/php/7.4/fpm/php-fpm.conf +RUN sed -i -e "s/^bind\-address/#bind\-address/g" /etc/mysql/mariadb.conf.d/50-server.cnf +RUN sed -i -e "s/^#general_log/general_log/g" /etc/mysql/mariadb.conf.d/50-server.cnf +RUN sed -i -e "s/^query_cache_limit\ .*/query_cache_limit\ =\ 0M/g" /etc/mysql/mariadb.conf.d/50-server.cnf +RUN sed -i -e "s/^query_cache_size\ .*/query_cache_size\ =\ 0M/g" /etc/mysql/mariadb.conf.d/50-server.cnf +RUN sed -i -e "s/^#BEANSTALKD_EXTRA=.*/BEANSTALKD_EXTRA=\"-z\ 524280\"/g" /etc/default/beanstalkd +RUN sed -i -e "s/'extension'.*$/'extension'\ =>\ 'tideways_xhprof',/g" /var/www/xhgui-branch/config/config.default.php + +# 设置时区 +apk --no-cache add tzdata \ +cp "/usr/share/zoneinfo/$TZ" /etc/localtime +echo "$TZ" > /etc/timezone + +curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/bin/ --filename=composer + +# Add a non-root user to prevent files being created with root permissions on host machine. +ARG PUID=1000 +ARG PGID=1000 +RUN groupadd -g $PGID laradock && \ + useradd -u $PUID -g laradock -m laradock + + +rm -f /etc/service/sshd/down && \ + cat /tmp/id_rsa.pub >> /root/.ssh/authorized_keys \ + && cat /tmp/id_rsa.pub >> /root/.ssh/id_rsa.pub \ + && cat /tmp/id_rsa >> /root/.ssh/id_rsa \ + && rm -f /tmp/id_rsa* \ + && chmod 644 /root/.ssh/authorized_keys /root/.ssh/id_rsa.pub \ + && chmod 400 /root/.ssh/id_rsa + +#RUN git clone https://github.com/gmarik/Vundle.vim.git ~/.vim/bundle/Vundle.vim +#RUN git clone https://github.com/topone4tvs/vim-php-ide-use-vundle.git +#RUN cp vim-php-ide-use-vundle.git/_vimrc ./.vimrc && rm -rf vim-php-ide-use-vundle.git +#RUN nohup vim +PluginInstall +qall > /dev/null &2>1 & \ No newline at end of file diff --git a/scripts/install/install-tengine.sh b/scripts/install/install-tengine.sh new file mode 100644 index 00000000..f862ec9a --- /dev/null +++ b/scripts/install/install-tengine.sh @@ -0,0 +1,4 @@ +#!/usr/bin/env bash +LATEST_VERSION=$(curl -s https://api.github.com/repos/alibaba/tengine/releases/latest | grep 'tag_name' | awk -F '"' '{print $4}') +# wget https://github.com/alibaba/tengine/archive/2.3.2.zip +wget https://github.com/alibaba/tengine/archive/${LATEST_VERSION}.zip \ No newline at end of file diff --git a/scripts/install/mysql.sh b/scripts/install/mysql.sh new file mode 100644 index 00000000..1a480bc5 --- /dev/null +++ b/scripts/install/mysql.sh @@ -0,0 +1,45 @@ +#!/usr/bin/env bash + +if [ -f "/data/mysql/init.lock" ]; then + echo "mysql has been initialized\n" + exec /usr/bin/mysqld --user=root --console + exit; +fi + +mysql_install_db --user=mysql +mysqld --initialize-insecure --user=mysql --explicit_defaults_for_timestamp +mysqld --initialize-insecure --user=mysql +mysql -u root -p"${mysqlPWD}" -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');DELETE FROM mysql.user WHERE User='';DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';FLUSH PRIVILEGES;" + + +mysql_install_db --user=root > /dev/null +if [ 1 -ne $? ] +then + echo "mysql start error\n" + exit +fi + +/usr/bin/mysqladmin -u root password "$MYSQL_ROOT_PASSWORD" + +tfile=`mktemp` +if [ ! -f "$tfile" ]; then + return 1 +fi + +cat << EOF > $tfile +USE mysql; +UPDATE user SET host="%" WHERE user='root' AND host='localhost'; +FLUSH PRIVILEGES; +EOF + +echo "[i] Creating database: $MYSQL_DATABASE" +echo "CREATE DATABASE IF NOT EXISTS \`$MYSQL_DATABASE\` CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;" >> $tfile + +echo "[i] Creating user: $MYSQL_USER with password $MYSQL_PASSWORD" +echo "GRANT ALL ON *.* to '$MYSQL_USER'@'%' IDENTIFIED BY '$MYSQL_PASSWORD';" >> $tfile +echo "FLUSH PRIVILEGES;" >> $tfile + +/usr/bin/mysqld --user=root --bootstrap --verbose=0 < $tfile +rm -f $tfile + +touch /data/mysql/init.lock diff --git a/scripts/install/nginx-alpine.sh b/scripts/install/nginx-alpine.sh new file mode 100644 index 00000000..a7466077 --- /dev/null +++ b/scripts/install/nginx-alpine.sh @@ -0,0 +1,25 @@ +#!/usr/bin/env bash +./configure --prefix=/usr/local/nginx \ + --user=www \ + --group=www \ + --with-http_stub_status_module \ + --with-http_v2_module \ + --with-http_ssl_module \ + --with-ipv6 \ + --with-http_gzip_static_module \ + --with-http_realip_module \ + --with-http_flv_module \ + --with-openssl=../openssl-1.0.2h \ + --with-pcre=../pcre-8.39 \ + --with-pcre-jit \ + --add-module=../ngx_cache_purge-2.3 + +./configure --prefix=/opt/verynginx/openresty \ + --user=nginx \ + --group=nginx \ + --with-http_v2_module \ + --with-http_sub_module \ + --with-http_stub_status_module \ + --with-luajit +# modules +# nginx-module-xslt nginx-module-geoip nginx-module-image-filter diff --git a/scripts/install/nginx-install.sh b/scripts/install/nginx-install.sh new file mode 100644 index 00000000..94a2dca0 --- /dev/null +++ b/scripts/install/nginx-install.sh @@ -0,0 +1,97 @@ +#!/usr/bin/env sh + +NGINX_RTMP_VERSION=1.2.1 +NGINX_HTTP_GOOGLE_FILTER_VERSION=0.2.0 + +# https://github.com/nginx/njs +# https://github.com/nginx/unit +# http://nginx.org/en/docs/njs/index.html +# https://unit.nginx.org/installation/#m_esfab5w5rpozqxdpek62zwqjbt5r9pj6y1noiorg4-packagesnginxorg +# https://hub.docker.com/_/nginx?tab=description&page=1&ordering=last_updated&name=alpine +# https://www.nginx.com/resources/wiki/modules/ +# https://github.com/search?q=nginx+module&ref=opensearch +# https://docs.nginx.com/nginx/admin-guide/dynamic-modules/dynamic-modules/ +# https://github.com/kaltura/nginx-vod-module +# https://github.com/aperezdc/ngx-fancyindex +# https://github.com/ZigzagAK/lua-shared-dict +# https://github.com/chobits/ngx_http_proxy_connect_module +# https://github.com/winshining/nginx-http-flv-module +# https://github.com/wandenberg/nginx-push-stream-module +# https://github.com/fdintino/nginx-upload-module +# https://github.com/openresty/encrypted-session-nginx-module +# https://github.com/vozlt/nginx-module-vts +# https://github.com/openresty/lua-nginx-module +# https://github.com/openresty/lua-resty-memcached +# https://github.com/openresty/lua-resty-mysql + + +apk add --no-cache \ + libaio-dev \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + pcre-dev \ + zlib-dev \ + linux-headers \ + libxslt-dev \ + gd-dev \ + geoip-dev \ + perl-dev \ + libedit-dev \ + mercurial \ + bash \ + alpine-sdk \ + findutils + +./configure --prefix=/etc/nginx \ + --sbin-path=/usr/sbin/nginx \ + --modules-path=/usr/lib/nginx/modules \ + --conf-path=/etc/nginx/nginx.conf \ + --error-log-path=/var/log/nginx/error.log \ + --http-log-path=/var/log/nginx/access.log \ + --pid-path=/var/run/nginx.pid \ + --lock-path=/var/run/nginx.lock \ + --http-client-body-temp-path=/var/cache/nginx/client_temp \ + --http-proxy-temp-path=/var/cache/nginx/proxy_temp \ + --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \ + --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \ + --http-scgi-temp-path=/var/cache/nginx/scgi_temp \ + --with-perl_modules_path=/usr/lib/perl5/vendor_perl \ + --user=nginx \ + --group=nginx \ + --with-compat \ + --with-file-aio \ + --with-threads \ + --with-http_addition_module \ + --with-http_auth_request_module \ + --with-http_dav_module \ + --with-http_degradation_module \ + --with-http_flv_module \ + --with-http_image_filter_module \ + --with-http_geoip_module \ + --with-http_gunzip_module \ + --with-http_gzip_static_module \ + --with-http_mp4_module \ + --with-http_perl_module \ + --with-http_random_index_module \ + --with-http_realip_module \ + --with-http_secure_link_module \ + --with-http_slice_module \ + --with-http_ssl_module \ + --with-http_stub_status_module \ + --with-http_sub_module \ + --with-http_xslt_module \ + --with-http_v2_module \ + --with-mail \ + --with-mail_ssl_module \ + --with-pcre \ + --with-pcre-jit \ + --with-stream \ + --with-stream_realip_module \ + --with-stream_ssl_module \ + --with-stream_ssl_preread_module \ + --with-cc-opt='-Os -fomit-frame-pointer -Wimplicit-fallthrough=0' \ + --with-ld-opt=-Wl,--as-needed \ + --add-module=../nginx-rtmp-module-${NGINX_RTMP_VERSION} + # --add-module=../ngx_http_google_filter_module-${NGINX_HTTP_GOOGLE_FILTER_VERSION} diff --git a/scripts/install/php56-alpine.sh b/scripts/install/php56-alpine.sh new file mode 100644 index 00000000..3e7d509f --- /dev/null +++ b/scripts/install/php56-alpine.sh @@ -0,0 +1,244 @@ +#!/usr/bin/env sh +# alpien 3.8 3.8 以上 不支持 php 5 +# php 5 v5.6.40-r0 + +sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories + +# https://cloudflying.coding.net/p/storage/d/mirrors/git/raw/master/php_exts/ioncube/ioncube_loader_lin_5.6.so +# https://cloudflying.coding.net/p/storage/d/mirrors/git/raw/master/php_exts/rar/rar-4.2.0.tgz +PKGS_MIRRORS_URL="https://cloudflying.coding.net/p/storage/d/mirrors/git/raw/master/php_exts" +CORES=$(grep -c 'processor' /proc/cpuinfo) +MAKE_CORES=$(expr ${CORES} \* 2) + +EXTENSION_EV_VERSION=1.0.9 +EXTENSION_MEMCACHE_VERSION=2.2.7 +EXTENSION_MEMCACHED_VERSION=2.2.0 +EXTENSION_MONGODB_VERSION=1.7.5 +EXTENSION_REDIS_VERSION=5.3.2 +EXTENSION_SWOOLE_VERSION=1.10.5 +EXTENSION_MSGPACK_VERSION=0.5.7 +EXTENSION_LIBSODIUM_VERSION=1.0.7 +EXTENSION_RAR_VERSION=4.2.0 +EXTENSION_EVENT_VERSION=3.0.2 +EXTENSION_IMAGICK_VERSION=3.4.4 + +# exit +strtoupper() +{ + echo $1 | tr '[a-z]' '[A-Z]' +} + +# from pecl query extension +install_extension() +{ + mkdir -p /tmp/build + cd /tmp/build + + NAME=$1 + if [[ -z ${NAME} ]]; then + echo "extension name param empty" + # exit 1 + fi + + if [[ "${NAME}" == 'event' || "${NAME}" == 'ev' ]]; then + if [[ -f "/etc/php5/conf.d/z-${NAME}.ini" ]]; then + break + fi + else + if [[ -f "/etc/php5/conf.d/${NAME}.ini" ]]; then + break + fi + fi + + KEY="EXTENSION_"$(strtoupper $1)"_VERSION" + VERSION=$(eval echo '$'${KEY}) + # URL="https://pecl.php.net/get/${NAME}-${VERSION}.tgz" + URL="${PKGS_MIRRORS_URL}/${NAME}/${NAME}-${VERSION}.tgz" + + if [[ -f "${NAME}-${VERSION}.tgz" ]]; then + echo "${NAME}-${VERSION}.tgz exist" + else + # Coding Not Allow CURL + # if [[ -z "$(curl -sI ${URL} | grep '200 OK')" ]]; then + # echo "${NAME} extension Not Found" + # echo $URL + # exit + # exit 1 + # fi + wget -O ${NAME}-${VERSION}.tgz ${URL} + fi + + if [[ ! -d "${NAME}-${VERSION}" ]]; then + tar -xvf ${NAME}-${VERSION}.tgz + cd ${NAME}-${VERSION} + phpize + ./configure + make -j${MAKE_CORES} + make install + if [[ "${NAME}" == 'event' || "${NAME}" == 'ev' ]]; then + echo "extension=${NAME}.so" > /etc/php5/conf.d/z-${NAME}.ini + elif [[ "${NAME}" == 'opcache' ]]; then + echo "zend_extension=${NAME}.so" > /etc/php5/conf.d/${NAME}.ini + else + echo "extension=${NAME}.so" > /etc/php5/conf.d/${NAME}.ini + fi + fi +} + +# disable PHP extension +disable_extension() +{ + NAME=$1 + if [[ -z ${NAME} ]]; then + echo "extension name param empty" + exit 1 + fi + + FILE_PATH=/etc/php5/conf.d/${NAME}.ini + + if [[ -f ${FILE_PATH} ]]; then + sed -i 's/zend/;zend/g' /etc/php5/conf.d/${NAME}.ini + sed -i 's/ext/;ext/g' /etc/php5/conf.d/${NAME}.ini + else + echo ${NAME} " extension Not Found" + fi +} + +# enable PHP extension +enable_extension() +{ + NAME=$1 + if [[ -z ${NAME} ]]; then + echo "extension name param empty" + exit 1 + fi + + FILE_PATH=/etc/php5/conf.d/${NAME}.ini + if [[ -f ${FILE_PATH} ]]; then + sed -i 's/;zend/zend/g' /etc/php5/conf.d/${NAME}.ini + sed -i 's/;ext/ext/g' /etc/php5/conf.d/${NAME}.ini + else + echo ${NAME} " extension Not Found" + fi +} + +install_ioncube() +{ + if [[ ! -f "/etc/php5/conf.d/ioncube.ini" ]]; then + wget ${PKGS_MIRRORS_URL}/"ioncube/ioncube_loader_lin_5.6.so" -O /usr/lib/php5/modules/ioncube.so + echo "zend_extension=ioncube.so" > /etc/php5/conf.d/ioncube.ini + fi +} + +# depend +if [[ -z $(command -v make) ]]; then + apk update + apk add --no-cache --virtual .build-deps \ + alpine-sdk \ + autoconf \ + libevent \ + libevent-dev \ + zlib-dev +fi + + +# runtime depend libsodium-dev imagemagick-dev libmemcached-dev +if [[ -z $(command -v php5) ]]; then + apk add --no-cache \ + libsodium-dev \ + imagemagick-dev \ + libmemcached-dev \ + php5-apcu \ + php5-bcmath \ + php5-bz2 \ + php5-calendar \ + php5-cli \ + php5-cgi \ + php5-common \ + php5-ctype \ + php5-curl \ + php5-dba \ + php5-dbg \ + php5-dev \ + php5-dom \ + php5-embed \ + php5-enchant \ + php5-exif \ + php5-fpm \ + php5-ftp \ + php5-gd \ + php5-gettext \ + php5-gmp \ + php5-iconv \ + php5-imap \ + php5-intl \ + php5-json \ + php5-ldap \ + php5-mcrypt \ + php5-mssql \ + php5-mysql \ + php5-mysqli \ + php5-odbc \ + php5-opcache \ + php5-openssl \ + php5-pcntl \ + php5-pdo \ + php5-pdo_dblib \ + php5-pdo_mysql \ + php5-pdo_odbc \ + php5-pdo_pgsql \ + php5-pdo_sqlite \ + php5-pgsql \ + php5-phar \ + php5-phpdbg \ + php5-posix \ + php5-pspell \ + php5-shmop \ + php5-snmp \ + php5-soap \ + php5-sockets \ + php5-sqlite3 \ + php5-suhosin \ + php5-sysvmsg \ + php5-sysvsem \ + php5-sysvshm \ + php5-wddx \ + php5-xml \ + php5-xmlreader \ + php5-xmlrpc \ + php5-xsl \ + php5-zip + + # add link + ln -s /usr/bin/php5 /usr/bin/php + ln -s /usr/bin/php-cgi5 /usr/bin/php-cgi + ln -s /usr/bin/php-config5 /usr/bin/php-config + ln -s /usr/bin/php-fpm5 /usr/bin/php-fpm + ln -s /usr/bin/phpdbg5 /usr/bin/phpdbg + ln -s /usr/bin/phpize5 /usr/bin/phpize +fi + +install_extension ev +install_extension rar +install_extension redis +install_extension swoole +install_extension memcache +install_extension memcached +install_extension mongodb +install_extension msgpack +install_extension libsodium +install_extension imagick +install_ioncube +disable_extension opcache +disable_extension apcu + +chmod -R 755 /usr/lib/php5/modules/ + +# Modify php.ini +sed -i 's/UTC/ASia\/Shanghai/g' /etc/php5/php.ini +sed -i 's/expose_php\ =\ On/expose_php\ =\ Off/g' /etc/php5/php.ini +sed -i 's/max_execution_time\ =\ 30/max_execution_time\ =\ 10/g' /etc/php5/php.ini +sed -i 's/max_file_uploads\ =\ 20/max_file_uploads\ =\ 50/g' /etc/php5/php.ini +sed -i 's/display_errors\ =\ Off/display_errors\ =\ On/g' /etc/php5/php.ini +display_errors = Off +apk del .build-deps diff --git a/scripts/install/php73-alpine.sh b/scripts/install/php73-alpine.sh new file mode 100644 index 00000000..2aaa8453 --- /dev/null +++ b/scripts/install/php73-alpine.sh @@ -0,0 +1,43 @@ +#!/usr/bin/env sh + +sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories + +# depend +apk add --update alpine-sdk +apk add linux-headers autoconf gcc g++ libevent libevent-dev make libuser openssh + +apk add --no-cache php7-bcmath php7-brotli php7-bz2 php7-calendar php7-cgi php7-ctype \ + php7-curl php7-dba php7-dbg php7-dev php7-embed php7-dom php7-enchant php7-exif php7-ffi php7-fileinfo \ + php7-fpm php7-ftp php7-gd php7-gettext php7-gmp php7-iconv php7-imap php7-intl php7-json php7-ldap php7-litespeed \ + php7-mbstring php7-mysqli php7-mysqlnd php7-odbc php7-opcache php7-openssl php7-pcntl php7-pdo php7-pdo_dblib \ + php7-pdo_mysql php7-pdo_odbc php7-pdo_pgsql php7-pdo_sqlite php7-pear php7-pecl-amqp php7-pecl-apcu php7-pecl-ast \ + php7-pecl-couchbase php7-pecl-event php7-pecl-gmagick php7-pecl-igbinary php7-pecl-imagick php7-pecl-imagick-dev \ + php7-pecl-lzf php7-pecl-mailparse php7-pecl-maxminddb php7-pecl-mcrypt php7-pecl-memcache php7-pecl-memcached \ + php7-pecl-mongodb php7-pecl-msgpack php7-pecl-oauth php7-pecl-protobuf php7-pecl-psr php7-pecl-redis php7-pecl-ssh2 \ + php7-pecl-timezonedb020 php7-pecl-uploadprogress php7-pecl-uploadprogress-doc php7-pecl-uuidphp7-pecl-vips \ + php7-pecl-xdebug php7-pecl-xhprof php7-pecl-xhprof-assets php7-pecl-yaml php7-pecl-zmq php7-pgsql php7-phalcon \ + php7-phar php7-phpdbg php7-posix php7-pspell php7-session php7-shmop php7-simplexml php7-snmp php7-soap php7-sockets\ + php7-sodium php7-sqlite3 php7-static php7-sysvmsg php7-sysvsem php7-sysvshm php7-tidy php7-tokenizer php7-xml \ + php7-xmlreader php7-xmlrpc php7-xmlwriter php7-xsl php7-zip + +url -sS https://getcomposer.org/installer |php7 + +# /etc/php7/conf.d/20_xdebug.ini +echo "xdebug.remote_host = ${LOCAL_IP_ADD}" >> /etc/php7/conf.d/20_xdebug.ini +echo "xdebug.idekey = PHPSTORM" >> /etc/php7/conf.d/20_xdebug.ini +echo "xdebug.remote_autostart = off" >> /etc/php7/conf.d/20_xdebug.ini + +# extends +pecl install swoole +pecl install libevent + +addgroup -S topone4tvs && adduser -S -G topone4tvs topone4tvs +chown -R topone4tvs:topone4tvs /var/www/ + +apk add openssh +ssh-keygen -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key +sed -i -e "s/#HostKey \/etc\/ssh\/ssh_host_rsa_key/HostKey \/etc\/ssh\/ssh_host_rsa_key/g" /etc/ssh/sshd_config +ssh-keygen -t rsa +touch ~/.ssh/authorized_keys + +EXPOSE 9000 diff --git a/scripts/install/php74-alpine-compile.sh b/scripts/install/php74-alpine-compile.sh new file mode 100644 index 00000000..568642a4 --- /dev/null +++ b/scripts/install/php74-alpine-compile.sh @@ -0,0 +1,116 @@ +#!/usr/bin/env sh +cd /data/build/php-7.4.13 +# https://github.com/docker-library/php/issues/272 +# -D_LARGEFILE_SOURCE and -D_FILE_OFFSET_BITS=64 (https://www.php.net/manual/en/intro.filesystem.php) +PHP_CFLAGS="-fstack-protector-strong -fpic -fpie -O2 -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64" +PHP_CPPFLAGS="$PHP_CFLAGS" +PHP_LDFLAGS="-Wl,-O1 -pie" + +export CFLAGS="$PHP_CFLAGS" \ + CPPFLAGS="$PHP_CPPFLAGS" \ + LDFLAGS="$PHP_LDFLAGS" \ + +sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories + +# Depends +if [[ -z "$(command -v make )" ]]; then + apk update + apk add --no-cache --virtual .build-deps \ + autoconf \ + alpine-sdk \ + argon2-dev \ + coreutils \ + curl-dev \ + libedit-dev \ + libevent-dev \ + libsodium-dev \ + libxml2-dev \ + linux-headers \ + oniguruma-dev \ + openssl-dev \ + sqlite-dev \ + autoconf \ + dpkg-dev \ + dpkg \ + file \ + g++ \ + gcc \ + libc-dev \ + make \ + pkgconf \ + re2c \ + bzip2-dev \ + libpng-dev \ + gmp-dev \ + aspell-dev \ + tidyhtml-dev \ + libxslt-dev \ + libzip-dev +fi + +if [[ -z "$(command -v curl )" ]]; then + apk add --no-cache \ + ca-certificates \ + curl \ + tar \ + xz \ + openssl +fi + +if [[ -z "$(grep '^www:' /etc/passwd)" ]]; then + addgroup -g 318 -S www + adduser -u 318 -D -S -G www www +fi + +ARCH="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" +mkdir -p /etc/php/conf.d + +make -j "$(nproc)" +exit +./configure \ + --build="${ARCH}" \ + --with-config-file-path="/etc/php" \ + --with-config-file-scan-dir="/etc/php/conf.d" \ + --enable-option-checking=fatal \ + --enable-bcmath \ + --enable-calendar \ + --enable-dba \ + --enable-exif \ + --enable-ftp \ + --with-gettext \ + --enable-gd \ + --with-gmp \ + --with-iconv \ + --with-imap \ + --enable-intl \ + --enable-json \ + --with-ldap \ + --with-libxml \ + --enable-mbstring \ + --with-mysqli \ + --enable-mysqlnd \ + --enable-opcache \ + --enable-pcntl \ + --with-pspell \ + --enable-shmop \ + --enable-simplexml \ + --with-snmp \ + --enable-soap \ + --enable-sockets \ + --enable-sysvmsg \ + --with-tidy \ + --enable-tokenizer \ + --with-xmlrpc \ + --with-xsl \ + --with-zip \ + --with-bz2 \ + --with-pic \ + --with-curl \ + --with-password-argon2 \ + --with-mhash \ + --with-pdo-sqlite=/usr \ + --with-libedit \ + --with-sodium=shared \ + --with-sqlite3=/usr \ + --with-openssl \ + --with-zlib diff --git a/scripts/install/php74-alpine.sh b/scripts/install/php74-alpine.sh new file mode 100644 index 00000000..25bf8e6d --- /dev/null +++ b/scripts/install/php74-alpine.sh @@ -0,0 +1,259 @@ +#!/usr/bin/env sh + +sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories + +# https://cloudflying.coding.net/p/storage/d/mirrors/git/raw/master/php_exts/ioncube/ioncube_loader_lin_5.6.so +# https://cloudflying.coding.net/p/storage/d/mirrors/git/raw/master/php_exts/rar/rar-4.2.0.tgz +PKGS_MIRRORS_URL="https://cloudflying.coding.net/p/storage/d/mirrors/git/raw/master" +PHP_INI_FILE=$(php --ini | grep 'Loaded Configuration File' | awk -F ' ' '{print $4}') +PHP_EXTENSION_CONF_DIR=$(php --ini | grep 'Scan for additional .ini files in' | awk -F ' ' '{print $7}') +PHP_EXTENSION_SO_DIR=$(php-config --extension-dir) + +PHP_VERSION=7.4.13 +EXTENSION_APCU_VERSION=5.1.19 +EXTENSION_EV_VERSION=1.0.9 +EXTENSION_MEMCACHE_VERSION=8.0 +EXTENSION_MEMCACHED_VERSION=3.1.5 +EXTENSION_MONGODB_VERSION=1.9.0 +EXTENSION_REDIS_VERSION=5.3.2 +EXTENSION_SWOOLE_VERSION=4.5.9 +EXTENSION_MSGPACK_VERSION=2.1.2 +EXTENSION_RAR_VERSION=4.2.0 +EXTENSION_EVENT_VERSION=3.0.2 +EXTENSION_IMAGICK_VERSION=3.4.4 + +# exit +strtoupper() +{ + echo $1 | tr '[a-z]' '[A-Z]' +} + +# from pecl query extension +install_extension() +{ + mkdir -p /tmp/build + cd /tmp/build + + NAME=$1 + if [[ -z ${NAME} ]]; then + echo "extension name param empty" + # exit 1 + fi + + if [[ "${NAME}" == 'event' || "${NAME}" == 'ev' ]]; then + if [[ -f "${PHP_EXTENSION_CONF_DIR}/z-${NAME}.ini" ]]; then + echo "extension ${NAME} Installed in : ${PHP_EXTENSION_CONF_DIR}/z-${NAME}.ini " + return 0 + fi + else + if [[ -f "${PHP_EXTENSION_CONF_DIR}/${NAME}.ini" ]]; then + echo "extension ${NAME} Installed in : ${PHP_EXTENSION_CONF_DIR}/${NAME}.ini" + return 0 + fi + fi + + KEY="EXTENSION_"$(strtoupper $1)"_VERSION" + VERSION=$(eval echo '$'${KEY}) + # URL="https://pecl.php.net/get/${NAME}-${VERSION}.tgz" + URL="${PKGS_MIRRORS_URL}/php_exts/${NAME}/${NAME}-${VERSION}.tgz" + + if [[ ! -f "${NAME}-${VERSION}.tgz" ]]; then + wget -O ${NAME}-${VERSION}.tgz ${URL} + fi + + if [[ ! -d "${NAME}-${VERSION}" ]]; then + tar -xvf ${NAME}-${VERSION}.tgz + fi + + cd ${NAME}-${VERSION} + phpize && ./configure && make -j "$(nproc)" && make install + + if [[ "${NAME}" == 'event' || "${NAME}" == 'ev' ]]; then + echo "extension=${NAME}.so" > ${PHP_EXTENSION_CONF_DIR}/z-${NAME}.ini + elif [[ "${NAME}" == 'opcache' ]]; then + echo "zend_extension=${NAME}.so" > ${PHP_EXTENSION_CONF_DIR}/${NAME}.ini + else + echo "extension=${NAME}.so" > ${PHP_EXTENSION_CONF_DIR}/${NAME}.ini + fi +} + +install_extension_from_src() +{ + mkdir -p /tmp/build + if [[ ! -d "/tmp/build/php-${PHP_VERSION}" ]]; then + wget ${PKGS_MIRRORS_URL}/src/php/php-${PHP_VERSION}.tar.xz + tar -xvf php-${PHP_VERSION}.tar.xz + fi + + cd /tmp/build/php-${PHP_VERSION} + + NAME=$1 + if [[ -z ${NAME} ]]; then + echo "extension name param empty" + # exit 1 + fi + + if [[ "${NAME}" == 'event' || "${NAME}" == 'ev' ]]; then + if [[ -f "${PHP_EXTENSION_CONF_DIR}/z-${NAME}.ini" ]]; then + echo "extension ${NAME} Installed in : ${PHP_EXTENSION_CONF_DIR}/z-${NAME}.ini " + return 0 + fi + else + if [[ -f "${PHP_EXTENSION_CONF_DIR}/${NAME}.ini" ]]; then + echo "extension ${NAME} Installed in : ${PHP_EXTENSION_CONF_DIR}/${NAME}.ini" + return 0 + fi + fi + + cd ext/${NAME} + + phpize && ./configure && make -j "$(nproc)" && make install + + if [[ ! -f "${PHP_EXTENSION_SO_DIR}/${NAME}.so" ]]; then + echo "Compile fail ${PHP_EXTENSION_SO_DIR}/${NAME}.so Not Found" + exit 1 + fi + + if [[ "${NAME}" == 'event' || "${NAME}" == 'ev' ]]; then + echo "extension=${NAME}.so" > ${PHP_EXTENSION_CONF_DIR}/z-${NAME}.ini + elif [[ "${NAME}" == 'opcache' ]]; then + echo ";zend_extension=${NAME}.so" > ${PHP_EXTENSION_CONF_DIR}/${NAME}.ini + else + echo "extension=${NAME}.so" > ${PHP_EXTENSION_CONF_DIR}/${NAME}.ini + fi +} + +# disable PHP extension +disable_extension() +{ + NAME=$1 + if [[ -z ${NAME} ]]; then + echo "extension name param empty" + exit 1 + fi + + FILE_PATH=${PHP_EXTENSION_CONF_DIR}/${NAME}.ini + + if [[ -f ${FILE_PATH} ]]; then + sed -i 's/zend/;zend/g' ${PHP_EXTENSION_CONF_DIR}/${NAME}.ini + sed -i 's/ext/;ext/g' ${PHP_EXTENSION_CONF_DIR}/${NAME}.ini + else + echo ${NAME} " extension Not Found" + fi +} + +# enable PHP extension +enable_extension() +{ + NAME=$1 + if [[ -z ${NAME} ]]; then + echo "extension name param empty" + exit 1 + fi + + FILE_PATH=${PHP_EXTENSION_CONF_DIR}/${NAME}.ini + if [[ -f ${FILE_PATH} ]]; then + sed -i 's/;zend/zend/g' ${PHP_EXTENSION_CONF_DIR}/${NAME}.ini + sed -i 's/;ext/ext/g' ${PHP_EXTENSION_CONF_DIR}/${NAME}.ini + else + echo ${NAME} " extension Not Found" + fi +} + +install_ioncube() +{ + if [[ ! -f "${PHP_EXTENSION_CONF_DIR}/ioncube.ini" ]]; then + wget ${PKGS_MIRRORS_URL}/"php_exts/ioncube/ioncube_loader_lin_7.4.so" -O ${PHP_EXTENSION_SO_DIR}/ioncube.so + echo "zend_extension=ioncube.so" > ${PHP_EXTENSION_CONF_DIR}/ioncube.ini + fi +} + +# depend +if [[ -z $(command -v make) ]]; then + apk update + apk add --no-cache --virtual .build-deps \ + alpine-sdk \ + autoconf \ + libevent \ + libevent-dev \ + zlib-dev \ + libsodium-dev \ + imagemagick-dev \ + libmemcached-dev \ + openssl-dev \ + zlib-dev \ + msgpack-c-dev \ + libxml2-dev \ + libzip-dev \ + bzip2-dev \ + libpng-dev \ + gmp-dev \ + gettext-dev \ + imap-dev \ + icu-dev \ + freetds-dev \ + readline-dev \ + aspell-dev \ + net-snmp-dev \ + tidyhtml-dev +fi + +# runtime depend libsodium-dev imagemagick-dev libmemcached-dev +if [[ -z $(command -v php) ]]; then + apk add --no-cache +fi + +install_extension apcu +install_extension ev +install_extension imagick +install_extension memcache +install_extension memcached +install_extension mongodb +install_extension msgpack +install_extension redis +install_extension rar +install_extension swoole +install_ioncube + +install_extension_from_src bcmath +install_extension_from_src bz2 +install_extension_from_src calendar +install_extension_from_src dba +# install_extension_from_src enchant +install_extension_from_src exif +install_extension_from_src gd +install_extension_from_src gettext +install_extension_from_src gmp +install_extension_from_src imap +install_extension_from_src intl +# install_extension_from_src ldap +install_extension_from_src mysqli +# install_extension_from_src odbc +install_extension_from_src opcache +install_extension_from_src pcntl +install_extension_from_src pdo_dblib +# install_extension_from_src pdo_pgsql +# install_extension_from_src pgsql +install_extension_from_src pspell +install_extension_from_src shmop +install_extension_from_src snmp +install_extension_from_src sockets +install_extension_from_src sysvmsg +install_extension_from_src sysvsem +install_extension_from_src sysvshm +install_extension_from_src tidy +install_extension_from_src xmlrpc +install_extension_from_src zip +disable_extension opcache +disable_extension apcu + +chmod -R 755 ${PHP_EXTENSION_SO_DIR} + +# Modify php.ini +sed -i 's/;date.timezone =/date.timezone\ =\ ASia\/Shanghai/g' ${PHP_INI_FILE} +sed -i 's/expose_php\ =\ On/expose_php\ =\ Off/g' ${PHP_EXTENSION_CONF_DIR} +sed -i 's/max_execution_time\ =\ 30/max_execution_time\ =\ 10/g' ${PHP_EXTENSION_CONF_DIR} +sed -i 's/max_file_uploads\ =\ 20/max_file_uploads\ =\ 50/g' ${PHP_EXTENSION_CONF_DIR} +sed -i 's/display_errors\ =\ Off/display_errors\ =\ On/g' ${PHP_EXTENSION_CONF_DIR} + +apk del .build-deps diff --git a/scripts/install/php8-alpine.sh b/scripts/install/php8-alpine.sh new file mode 100644 index 00000000..c750520f --- /dev/null +++ b/scripts/install/php8-alpine.sh @@ -0,0 +1,45 @@ +#!/usr/bin/env sh + +echo -e "http://dl-cdn.alpinelinux.org/alpine/v3.5/main" >> /etc/apk/repositories +echo -e "http://dl-cdn.alpinelinux.org/alpine/v3.5/community" >> /etc/apk/repositories +echo -e "http://dl-cdn.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories + +# depend +apk add --update alpine-sdk +apk add linux-headers autoconf gcc g++ libevent libevent-dev make libuser openssh + +apk add --no-cache php7-bcmath php7-brotli php7-bz2 php7-calendar php7-cgi php7-ctype \ + php7-curl php7-dba php7-dbg php7-dev php7-embed php7-dom php7-enchant php7-exif php7-ffi php7-fileinfo \ + php7-fpm php7-ftp php7-gd php7-gettext php7-gmp php7-iconv php7-imap php7-intl php7-json php7-ldap php7-litespeed \ + php7-mbstring php7-mysqli php7-mysqlnd php7-odbc php7-opcache php7-openssl php7-pcntl php7-pdo php7-pdo_dblib \ + php7-pdo_mysql php7-pdo_odbc php7-pdo_pgsql php7-pdo_sqlite php7-pear php7-pecl-amqp php7-pecl-apcu php7-pecl-ast \ + php7-pecl-couchbase php7-pecl-event php7-pecl-gmagick php7-pecl-igbinary php7-pecl-imagick php7-pecl-imagick-dev \ + php7-pecl-lzf php7-pecl-mailparse php7-pecl-maxminddb php7-pecl-mcrypt php7-pecl-memcache php7-pecl-memcached \ + php7-pecl-mongodb php7-pecl-msgpack php7-pecl-oauth php7-pecl-protobuf php7-pecl-psr php7-pecl-redis php7-pecl-ssh2 \ + php7-pecl-timezonedb020 php7-pecl-uploadprogress php7-pecl-uploadprogress-doc php7-pecl-uuidphp7-pecl-vips \ + php7-pecl-xdebug php7-pecl-xhprof php7-pecl-xhprof-assets php7-pecl-yaml php7-pecl-zmq php7-pgsql php7-phalcon \ + php7-phar php7-phpdbg php7-posix php7-pspell php7-session php7-shmop php7-simplexml php7-snmp php7-soap php7-sockets\ + php7-sodium php7-sqlite3 php7-static php7-sysvmsg php7-sysvsem php7-sysvshm php7-tidy php7-tokenizer php7-xml \ + php7-xmlreader php7-xmlrpc php7-xmlwriter php7-xsl php7-zip + +url -sS https://getcomposer.org/installer |php7 + +# /etc/php7/conf.d/20_xdebug.ini +echo "xdebug.remote_host = ${LOCAL_IP_ADD}" >> /etc/php7/conf.d/20_xdebug.ini +echo "xdebug.idekey = PHPSTORM" >> /etc/php7/conf.d/20_xdebug.ini +echo "xdebug.remote_autostart = off" >> /etc/php7/conf.d/20_xdebug.ini + +# extends +pecl install swoole +pecl install libevent + +addgroup -S topone4tvs && adduser -S -G topone4tvs topone4tvs +chown -R topone4tvs:topone4tvs /var/www/ + +apk add openssh +ssh-keygen -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key +sed -i -e "s/#HostKey \/etc\/ssh\/ssh_host_rsa_key/HostKey \/etc\/ssh\/ssh_host_rsa_key/g" /etc/ssh/sshd_config +ssh-keygen -t rsa +touch ~/.ssh/authorized_keys + +EXPOSE 9000 \ No newline at end of file diff --git a/scripts/letsencrypt b/scripts/letsencrypt new file mode 160000 index 00000000..c8be6deb --- /dev/null +++ b/scripts/letsencrypt @@ -0,0 +1 @@ +Subproject commit c8be6deb87b6c1faf6471448a163fab08409cd86 diff --git a/scripts/mysql_run.sh b/scripts/mysql_run.sh new file mode 100644 index 00000000..b1e7c3ca --- /dev/null +++ b/scripts/mysql_run.sh @@ -0,0 +1,514 @@ +#!/usr/bin/with-contenv bash + +source /assets/functions/00-container + +PROCESS_NAME="db-backup" + +date >/dev/null + +if [ "$1" != "NOW" ]; then + sleep 10 +fi + +### Sanity Test +sanity_var DB_TYPE "Database Type" +sanity_var DB_HOST "Database Host" + +### Set the Database Type +dbtype=${DB_TYPE} + +case "$dbtype" in + "couch" | "couchdb" | "COUCH" | "COUCHDB" ) + dbtype=couch + dbport=${DB_PORT:-5984} + file_env 'DB_USER' + file_env 'DB_PASS' + ;; + "influx" | "influxdb" | "INFLUX" | "INFLUXDB" ) + dbtype=influx + dbport=${DB_PORT:-8088} + file_env 'DB_USER' + file_env 'DB_PASS' + ;; + "mongo" | "mongodb" | "MONGO" | "MONGODB" ) + dbtype=mongo + dbport=${DB_PORT:-27017} + [[ ( -n "${DB_USER}" ) || ( -n "${DB_USER_FILE}" ) ]] && file_env 'DB_USER' + [[ ( -n "${DB_PASS}" ) || ( -n "${DB_PASS_FILE}" ) ]] && file_env 'DB_PASS' + ;; + "mysql" | "MYSQL" | "mariadb" | "MARIADB") + dbtype=mysql + dbport=${DB_PORT:-3306} + [[ ( -n "${DB_PASS}" ) || ( -n "${DB_PASS_FILE}" ) ]] && file_env 'DB_PASS' + ;; + "mssql" | "MSSQL" | "microsoftsql" | "MICROSOFTSQL") + dbtype=mssql + dbport=${DB_PORT:-1433} + ;; + "postgres" | "postgresql" | "pgsql" | "POSTGRES" | "POSTGRESQL" | "PGSQL" ) + dbtype=pgsql + dbport=${DB_PORT:-5432} + [[ ( -n "${DB_PASS}" ) || ( -n "${DB_PASS_FILE}" ) ]] && file_env 'DB_PASS' + ;; + "redis" | "REDIS" ) + dbtype=redis + dbport=${DB_PORT:-6379} + [[ ( -n "${DB_PASS}" || ( -n "${DB_PASS_FILE}" ) ) ]] && file_env 'DB_PASS' + ;; +esac + +### Set Defaults +BACKUP_LOCATION=${BACKUP_LOCATION:-"FILESYSTEM"} +COMPRESSION=${COMPRESSION:-GZ} +COMPRESSION_LEVEL=${COMPRESSION_LEVEL:-"3"} +DB_DUMP_BEGIN=${DB_DUMP_BEGIN:-+0} +DB_DUMP_FREQ=${DB_DUMP_FREQ:-1440} +DB_DUMP_TARGET=${DB_DUMP_TARGET:-/backup} +dbhost=${DB_HOST} +dbname=${DB_NAME} +dbpass=${DB_PASS} +dbuser=${DB_USER} +MD5=${MD5:-TRUE} +PARALLEL_COMPRESSION=${PARALLEL_COMPRESSION:-TRUE} +SIZE_VALUE=${SIZE_VALUE:-"bytes"} +SPLIT_DB=${SPLIT_DB:-FALSE} +tmpdir=/tmp/backups + +if [ "$BACKUP_TYPE" = "S3" ] || [ "$BACKUP_TYPE" = "s3" ] || [ "$BACKUP_TYPE" = "MINIO" ] || [ "$BACKUP_TYPE" = "minio" ] ; then + S3_PROTOCOL=${S3_PROTOCOL:-"https"} + sanity_var S3_HOST "S3 Host" + sanity_var S3_BUCKET "S3 Bucket" + sanity_var S3_KEY_ID "S3 Key ID" + sanity_var S3_KEY_SECRET "S3 Key Secret" + sanity_var S3_URI_STYLE "S3 URI Style (Virtualhost or Path)" + sanity_var S3_PATH "S3 Path" + file_env 'S3_KEY_ID' + file_env 'S3_KEY_SECRET' +fi + +if [ "$1" = "NOW" ]; then + DB_DUMP_BEGIN=+0 + MANUAL=TRUE +fi + +### Set Compression Options +if var_true "$PARALLEL_COMPRESSION" ; then + bzip="pbzip2 -${COMPRESSION_LEVEL}" + gzip="pigz -${COMPRESSION_LEVEL}" + xzip="pixz -${COMPRESSION_LEVEL}" + zstd="zstd --rm -${COMPRESSION_LEVEL}" +else + bzip="bzip2 -${COMPRESSION_LEVEL}" + gzip="gzip -${COMPRESSION_LEVEL}" + xzip="xz -${COMPRESSION_LEVEL} " + zstd="zstd --rm -${COMPRESSION_LEVEL}" +fi + +### Set the Database Authentication Details +case "$dbtype" in + "mongo" ) + [[ ( -n "${DB_USER}" ) ]] && MONGO_USER_STR=" --username ${dbuser}" + [[ ( -n "${DB_PASS}" ) ]] && MONGO_PASS_STR=" --password ${dbpass}" + [[ ( -n "${DB_NAME}" ) ]] && MONGO_DB_STR=" --db ${dbname}" + ;; + "mysql" ) + [[ ( -n "${DB_PASS}" ) ]] && export MYSQL_PWD=${dbpass} + ;; + "postgres" ) + [[ ( -n "${DB_PASS}" ) ]] && POSTGRES_PASS_STR="PGPASSWORD=${dbpass}" + ;; + "redis" ) + [[ ( -n "${DB_PASS}" ) ]] && REDIS_PASS_STR=" -a ${dbpass}" + ;; +esac + +### Functions +backup_couch() { + target=couch_${dbname}_${dbhost}_${now}.txt + compression + curl -X GET http://${dbhost}:${dbport}/${dbname}/_all_docs?include_docs=true ${dumpoutput} | $dumpoutput > ${tmpdir}/${target} + exit_code=$? + generate_md5 + move_backup +} + +backup_influx() { + if [ "${COMPRESSION}" = "NONE" ] || [ "${COMPRESSION}" = "none" ] || [ "${COMPRESSION}" = "FALSE" ] || [ "${COMPRESSION}" = "false" ] ; then + : + else + print_notice "Compressing InfluxDB backup with gzip" + influx_compression="-portable" + fi + for DB in $DB_NAME; do + target=influx_${DB}_${dbhost}_${now} + influxd backup ${influx_compression} -database $DB -host ${dbhost}:${dbport} ${tmpdir}/${target} + exit_code=$? + generate_md5 + move_backup + done +} + +backup_mongo() { + if [ "${COMPRESSION}" = "NONE" ] || [ "${COMPRESSION}" = "none" ] || [ "${COMPRESSION}" = "FALSE" ] || [ "${COMPRESSION}" = "false" ] ; then + target=${dbtype}_${dbname}_${dbhost}_${now}.archive + else + print_notice "Compressing MongoDB backup with gzip" + target=${dbtype}_${dbname}_${dbhost}_${now}.archivegz + mongo_compression="--gzip" + fi + mongodump --archive=${tmpdir}/${target} ${mongo_compression} --host ${dbhost} --port ${dbport} ${MONGO_USER_STR}${MONGO_PASS_STR}${MONGO_DB_STR} ${EXTRA_OPTS} + exit_code=$? + cd ${tmpdir} + generate_md5 + move_backup +} + +backup_mssql() { + target=mssql_${dbname}_${dbhost}_${now}.bak + /opt/mssql-tools/bin/sqlcmd -E -C -S ${dbhost}\,${dbport} -U ${dbuser} -P ${dbpass} –Q "BACKUP DATABASE \[${dbname}\] TO DISK = N'${tmpdir}/${target}' WITH NOFORMAT, NOINIT, NAME = '${dbname}-full', SKIP, NOREWIND, NOUNLOAD, STATS = 10" +} + +backup_mysql() { + if var_true "$SPLIT_DB" ; then + DATABASES=$(mysql -h ${dbhost} -P $dbport -u$dbuser --batch -e "SHOW DATABASES;" | grep -v Database|grep -v schema) + + for db in $DATABASES; do + if [[ "$db" != "information_schema" ]] && [[ "$db" != _* ]] ; then + print_notice "Dumping MariaDB database: $db" + target=mysql_${db}_${dbhost}_${now}.sql + compression + mysqldump --max-allowed-packet=512M -h $dbhost -P $dbport -u$dbuser ${EXTRA_OPTS} --databases $db | $dumpoutput > ${tmpdir}/${target} + exit_code=$? + generate_md5 + move_backup + fi + done + else + compression + mysqldump --max-allowed-packet=512M -A -h $dbhost -P $dbport -u$dbuser ${EXTRA_OPTS} | $dumpoutput > ${tmpdir}/${target} + exit_code=$? + generate_md5 + move_backup + fi +} + +backup_pgsql() { + if var_true $SPLIT_DB ; then + export PGPASSWORD=${dbpass} + DATABASES=$(psql -h $dbhost -U $dbuser -p ${dbport} -c 'COPY (SELECT datname FROM pg_database WHERE datistemplate = false) TO STDOUT;' ) + for db in $DATABASES; do + print_info "Dumping database: $db" + target=pgsql_${db}_${dbhost}_${now}.sql + compression + pg_dump -h ${dbhost} -p ${dbport} -U ${dbuser} $db ${EXTRA_OPTS} | $dumpoutput > ${tmpdir}/${target} + exit_code=$? + generate_md5 + move_backup + done + else + export PGPASSWORD=${dbpass} + compression + pg_dump -h ${dbhost} -U ${dbuser} -p ${dbport} ${dbname} ${EXTRA_OPTS} | $dumpoutput > ${tmpdir}/${target} + exit_code=$? + generate_md5 + move_backup + fi +} + +backup_redis() { + target=redis_${db}_${dbhost}_${now}.rdb + echo bgsave | redis-cli -h ${dbhost} -p ${dbport} ${REDIS_PASS_STR} --rdb ${tmpdir}/${target} ${EXTRA_OPTS} + print_info "Dumping Redis - Flushing Redis Cache First" + sleep 10 + try=5 + while [ $try -gt 0 ] ; do + saved=$(echo 'info Persistence' | redis-cli -h ${dbhost} -p ${dbport} ${REDIS_PASS_STR} | awk '/rdb_bgsave_in_progress:0/{print "saved"}') + ok=$(echo 'info Persistence' | redis-cli -h ${dbhost} -p ${dbport} ${REDIS_PASS_STR} | awk '/rdb_last_bgsave_status:ok/{print "ok"}') + if [[ "$saved" = "saved" ]] && [[ "$ok" = "ok" ]]; then + print_info "Redis Backup Complete" + fi + try=$((try - 1)) + print_info "Redis Busy - Waiting and retrying in 5 seconds" + sleep 5 + done + generate_md5 + compression + move_backup +} + +check_availability() { +### Set the Database Type + case "$dbtype" in + "couch" ) + COUNTER=0 + while ! (nc -z ${dbhost} ${dbport}) ; do + sleep 5 + (( COUNTER+=5 )) + print_warn "CouchDB Host '${dbhost}' is not accessible, retrying.. ($COUNTER seconds so far)" + done + ;; + "influx" ) + COUNTER=0 + while ! (nc -z ${dbhost} ${dbport}) ; do + sleep 5 + (( COUNTER+=5 )) + print_warn "InfluxDB Host '${dbhost}' is not accessible, retrying.. ($COUNTER seconds so far)" + done + ;; + "mongo" ) + COUNTER=0 + while ! (nc -z ${dbhost} ${dbport}) ; do + sleep 5 + (( COUNTER+=5 )) + print_warn "Mongo Host '${dbhost}' is not accessible, retrying.. ($COUNTER seconds so far)" + done + ;; + "mysql" ) + COUNTER=0 + while true; do + mysqlcmd='mysql -u'${dbuser}' -P '${dbport}' -h '${dbhost}' -p'${dbpass} + out="$($mysqlcmd -e "SELECT COUNT(*) FROM information_schema.FILES;" 2>&1)" + echo "$out" | grep -E "COUNT|Enter" 2>&1 > /dev/null + if [ $? -eq 0 ]; then + : + break + fi + print_warn "MySQL/MariaDB Server '${dbhost}' is not accessible, retrying.. ($COUNTER seconds so far)" + sleep 5 + (( COUNTER+=5 )) + done + ;; + "mssql" ) + COUNTER=0 + while ! (nc -z ${dbhost} ${dbport}) ; do + sleep 5 + (( COUNTER+=5 )) + print_warn "MSSQL Host '${dbhost}' is not accessible, retrying.. ($COUNTER seconds so far)" + done + ;; + "pgsql" ) + COUNTER=0 + export PGPASSWORD=${dbpass} + until pg_isready --dbname=${dbname} --host=${dbhost} --port=${dbport} --username=${dbuser} -q + do + sleep 5 + (( COUNTER+=5 )) + print_warn "Postgres Host '${dbhost}' is not accessible, retrying.. ($COUNTER seconds so far)" + done + ;; + "redis" ) + COUNTER=0 + while ! (nc -z "${dbhost}" "${dbport}") ; do + sleep 5 + (( COUNTER+=5 )) + print_warn "Redis Host '${dbhost}' is not accessible, retrying.. ($COUNTER seconds so far)" + done + ;; + esac +} + +compression() { + case "$COMPRESSION" in + "GZ" | "gz" | "gzip" | "GZIP") + print_notice "Compressing backup with gzip" + target=${target}.gz + dumpoutput="$gzip " + ;; + "BZ" | "bz" | "bzip2" | "BZIP2" | "bzip" | "BZIP" | "bz2" | "BZ2") + print_notice "Compressing backup with bzip2" + target=${target}.bz2 + dumpoutput="$bzip " + ;; + "XZ" | "xz" | "XZIP" | "xzip" ) + print_notice "Compressing backup with xzip" + target=${target}.xz + dumpoutput="$xzip " + ;; + "ZSTD" | "zstd" | "ZST" | "zst" ) + print_notice "Compressing backup with zstd" + target=${target}.zst + dumpoutput="$zstd " + ;; + "NONE" | "none" | "FALSE" | "false") + dumpoutput="cat " + ;; + esac +} + +generate_md5() { +if var_true "$MD5" ; then + print_notice "Generating MD5 for ${target}" + cd $tmpdir + md5sum "${target}" > "${target}".md5 + MD5VALUE=$(md5sum "${target}" | awk '{ print $1}') +fi +} + +move_backup() { + case "$SIZE_VALUE" in + "b" | "bytes" ) + SIZE_VALUE=1 + + ;; + "[kK]" | "[kK][bB]" | "kilobytes" | "[mM]" | "[mM][bB]" | "megabytes" ) + SIZE_VALUE="-h" + ;; + *) + SIZE_VALUE=1 + ;; + esac + if [ "$SIZE_VALUE" = "1" ] ; then + FILESIZE=$(stat -c%s "${tmpdir}/${target}") + print_notice "Backup of ${target} created with the size of ${FILESIZE} bytes" + else + FILESIZE=$(du -h "${tmpdir}/${target}" | awk '{ print $1}') + print_notice "Backup of ${target} created with the size of ${FILESIZE}" + fi + + case "${BACKUP_LOCATION}" in + "FILE" | "file" | "filesystem" | "FILESYSTEM" ) + mkdir -p "${DB_DUMP_TARGET}" + mv ${tmpdir}/*.md5 "${DB_DUMP_TARGET}"/ + mv ${tmpdir}/"${target}" "${DB_DUMP_TARGET}"/"${target}" + ;; + "S3" | "s3" | "MINIO" | "minio" ) + s3_content_type="application/octet-stream" + if [ "$S3_URI_STYLE" = "VIRTUALHOST" ] || [ "$S3_URI_STYLE" = "VHOST" ] || [ "$S3_URI_STYLE" = "virtualhost" ] || [ "$S3_URI_STYLE" = "vhost" ] ; then + s3_url="${S3_BUCKET}.${S3_HOST}" + else + s3_url="${S3_HOST}/${S3_BUCKET}" + fi + + if var_true "$MD5" ; then + s3_date="$(LC_ALL=C date -u +"%a, %d %b %Y %X %z")" + s3_md5="$(libressl md5 -binary < "${tmpdir}/${target}.md5" | base64)" + sig="$(printf "PUT\n$s3_md5\n${s3_content_type}\n$s3_date\n/$S3_BUCKET/$S3_PATH/${target}.md5" | libressl sha1 -binary -hmac "${S3_KEY_SECRET}" | base64)" + print_debug "Uploading ${target}.md5 to S3" + curl -T "${tmpdir}/${target}.md5" "${S3_PROTOCOL}"://"${s3_url}"/"${S3_PATH}"/"${target}".md5 \ + -H "Date: $date" \ + -H "Authorization: AWS ${S3_KEY_ID}:$sig" \ + -H "Content-Type: ${s3_content_type}" \ + -H "Content-MD5: ${s3_md5}" + fi + + s3_date="$(LC_ALL=C date -u +"%a, %d %b %Y %X %z")" + s3_md5="$(libressl md5 -binary < "${tmpdir}/${target}" | base64)" + sig="$(printf "PUT\n$s3_md5\n${s3_content_type}\n$s3_date\n/$S3_BUCKET/$S3_PATH/${target}" | libressl sha1 -binary -hmac "${S3_KEY_SECRET}" | base64)" + print_debug "Uploading ${target} to S3" + curl -T ${tmpdir}/"${target}" "${S3_PROTOCOL}"://"${s3_url}"/"${S3_PATH}"/"${target}" \ + -H "Date: $s3_date" \ + -H "Authorization: AWS ${S3_KEY_ID}:$sig" \ + -H "Content-Type: ${s3_content_type}" \ + -H "Content-MD5: ${s3_md5}" + + rm -rf ${tmpdir}/*.md5 + rm -rf ${tmpdir}/"${target}" + ;; + esac +} + + +### Container Startup +print_debug "Backup routines Initialized on $(date)" + +### Wait for Next time to start backup + if [ "$1" != "NOW" ]; then + current_time=$(date +"%s") + today=$(date +"%Y%m%d") + + if [[ $DB_DUMP_BEGIN =~ ^\+(.*)$ ]]; then + waittime=$(( ${BASH_REMATCH[1]} * 60 )) + else + target_time=$(date --date="${today}${DB_DUMP_BEGIN}" +"%s") + if [[ "$target_time" < "$current_time" ]]; then + target_time=$(($target_time + 24*60*60)) + fi + waittime=$(($target_time - $current_time)) + fi + + print_notice "Next Backup at $(date -d @${target_time} +"%Y-%m-%d %T %Z")" + sleep $waittime + fi + + +### Commence Backup + while true; do + # make sure the directory exists + mkdir -p $tmpdir + +### Define Target name + now=$(date +"%Y%m%d-%H%M%S") + now_time=$(date +"%H:%M:%S") + now_date=$(date +"%Y-%m-%d") + target=${dbtype}_${dbname}_${dbhost}_${now}.sql + +### Take a Dump + case "$dbtype" in + "couch" ) + check_availability + backup_couch + ;; + "influx" ) + check_availability + backup_influx + ;; + "mssql" ) + check_availability + backup_mssql + ;; + "mysql" ) + check_availability + backup_mysql + ;; + "mongo" ) + check_availability + backup_mongo + ;; + "pgsql" ) + check_availability + backup_pgsql + ;; + "redis" ) + check_availability + backup_redis + ;; + esac + +### Zabbix + if var_true "$ENABLE_ZABBIX" ; then + print_notice "Sending Backup Statistics to Zabbix" + silent zabbix_sender -c /etc/zabbix/zabbix_agentd.conf -k dbbackup.size -o "$(stat -c%s "${DB_DUMP_TARGET}"/"${target}")" + silent zabbix_sender -c /etc/zabbix/zabbix_agentd.conf -k dbbackup.datetime -o "$(date -r "${DB_DUMP_TARGET}"/"${target}" +'%s')" + fi + +### Automatic Cleanup + if [[ -n "$DB_CLEANUP_TIME" ]]; then + print_notice "Cleaning up old backups" + find "${DB_DUMP_TARGET}"/ -mmin +"${DB_CLEANUP_TIME}" -iname "*" -exec rm {} \; + fi + + if [ -n "$POST_SCRIPT" ] ; then + print_notice "Found POST_SCRIPT environment variable. Executing" + eval "${POST_SCRIPT}" + fi + +### Post Backup Custom Script Support + if [ -d /assets/custom-scripts/ ] ; then + print_notice "Found Custom Filesystem Scripts to Execute" + for f in $(find /assets/custom-scripts/ -name \*.sh -type f); do + print_notice "Running Script ${f}" + ## script EXIT_CODE DB_TYPE DB_HOST DB_NAME DATE BACKUP_FILENAME FILESIZE MD5_VALUE + chmod +x "${f}" + ${f} "${exit_code}" "${dbtype}" "${dbhost}" "${dbname}" "${now_date}" "${now_time}" "${target}" "${FILESIZE}" "${MD5VALUE}" + done + fi + + ### Go back to Sleep until next Backup time + if var_true $MANUAL ; then + exit 1; + else + sleep $(($DB_DUMP_FREQ*60)) + fi + + done +fi diff --git a/scripts/php b/scripts/php new file mode 100644 index 00000000..0175ad5d --- /dev/null +++ b/scripts/php @@ -0,0 +1,87 @@ +#!/usr/bin/env php +getMessage(); +} +*/ + + $con = new mysqli("mysql","root","123456"); + + if($con->connect_error){ + die("connect fail".$con->connect_error); + }else{ + echo "connect success!"; + } + +$redis = new Redis(); +$redis->connect('redis',6379); +$redis->set('test','hello world!'); +echo $redis->get('test'); + + +try { + echo ini_get('memory_limit') . '
'; + + $dbname = 'performance_schema'; + $username = 'root'; + $password = '123456'; + + $conn = new PDO('mysql:host=mysql:3306;dbname=' . $dbname, $username, $password); + + echo '已連接資料庫
'; + + $stmt = $conn->prepare('SELECT * FROM accounts'); + $stmt->execute(); + $stmt->setFetchMode(PDO::FETCH_ASSOC); + $result = $stmt->fetchAll(); + + foreach ($result as $key => $value) { + echo $value['USER'] . '
'; + } +} catch (PDOException $e) { + echo $e->getMessage(); +} + + +$manager = new MongoDB\Driver\Manager("mongodb://root:123456@mongo:27017"); + +// 插入数据 +$bulk = new MongoDB\Driver\BulkWrite; +$bulk->insert(['x' => 1, 'name' => '菜鸟教程', 'url' => 'http://www.runoob.com']); +$bulk->insert(['x' => 2, 'name' => 'Google', 'url' => 'http://www.google.com']); +$bulk->insert(['x' => 3, 'name' => 'taobao', 'url' => 'http://www.taobao.com']); +$result = $manager->executeBulkWrite('test-db.test-sites', $bulk); +var_dump($result); + +$pdo = new PDO('mysql:host=mysql;dbname=mysql', 'root', '123456'); +var_dump($pdo); + + +$redis = new Redis(); +$redis->connect('redis', 6379); //连接Redis +//$redis->auth('mypasswords123sdfeak'); //密码验证 +$redis->select(0); //选择数据库2 +//$redis->set( "testKey" , "Hello Redis"); //设置测试key +echo $redis->get("name"); //输出value + + +try { + $conn = new PDO('mysql:host=mysql;port=3306;dbname=mysql;charset=utf8', 'root', '123456'); +} catch (PDOException $e) { + echo 'Connection failed: ' . $e->getMessage(); +} +//$conn->exec('set names utf8'); +$sql = "SELECT * FROM `user` WHERE 1"; +$result = $conn->query($sql); +while ($rows = $result->fetch(PDO::FETCH_ASSOC)) { + echo $rows['Host'] . ' ' . $rows['User'] . "
\n"; +} \ No newline at end of file diff --git a/scripts/sec.sh b/scripts/sec.sh new file mode 100644 index 00000000..aa3a476e --- /dev/null +++ b/scripts/sec.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env bash + +# Ubuntu +# https://cdn.download.comodo.com/cis/download/installs/linux/cav-linux_x64.deb +# https://cdn.download.comodo.com/cis/download/installs/linux/cav-linux_x86.deb + +# apt install libfontconfig1 libfreetype6 libglib2.0-0 libice6 libsm6 libssl0.9.8 libx11-6 libxext6 libxrender1 + +apt install -y wget file cron diff --git a/scripts/test.php b/scripts/test.php new file mode 100644 index 00000000..648bf396 --- /dev/null +++ b/scripts/test.php @@ -0,0 +1,23 @@ +setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); + $dbh->exec('SET CHARACTER SET utf8'); + $dbh = null; +} catch (PDOException $e) { + print 'Error: ' . $e->getMessage() . '
'; + die(); +} +echo '

成功通过 PDO 连接到 MySQL 服务器

' . PHP_EOL; + +$redis = new Redis(); +$result = $redis->connect('redis', 6379); +if ($result) { + echo '

成功通过 PHP 连接到 Redis

' . PHP_EOL; +} +// $redis->auth('123456'); +$redis->set('key1', 'val1'); +echo '

Set Redis: key1 = ' . $redis->get('key1') . '

' . PHP_EOL; + +phpinfo(); diff --git a/scripts/vbackup b/scripts/vbackup new file mode 100644 index 00000000..c2290fb9 --- /dev/null +++ b/scripts/vbackup @@ -0,0 +1,56 @@ +#!/bin/bash +# +## Backup LNMP data +## +## CentOS 7 YUM Installation: Nginx 1.8/1.9 + MySQL 5.5/5.6/5.7 + PHP 5.5/5.6/7.0 +## https://github.com/maicong/LNMP +## Usage: service vbackup (start,list,del) + +# Sanity check +[ $(id -g) != "0" ] && die "Script must be run as root."; + +echo "Please loading..."; +DateTag=`hostname`-`date +%Y%m%d-%H%M%S`; + +if [ "$*" != '' ]; then + selected=$1; + backup=$2; +else + echo "Host Management please select: (1~7)" + select selected in 'start' 'list' 'del' 'exit'; do + break; + done; +fi; + +if [ "$selected" == 'start' ]; then + + [ ! -f "/usr/bin/rsync" ] && yum install -y rsync; + mkdir -p /home/backup/$DateTag/; + cd /home/backup/$DateTag/; + mkdir -p {etc,home/wwwroot}; + cp -a /etc/php* ./etc; + cp -a /etc/my* ./etc; + [ -d /etc/nginx/ ] && cp -a /etc/nginx/ ./etc + [ -d /home/userdata/ ] && cp -a /home/userdata/ ./home; + [ -d /home/wwwroot/ ] && rsync -aqP --exclude=phpMyAdmin /home/wwwroot/ ./home/wwwroot; + cd /home/backup/; + tar -h -zcvf /home/backup/$DateTag.tar.gz ./$DateTag; + rm -rf /home/backup/$DateTag; + echo "[OK] successfully backup $DateTag"; + exit; +elif [ "$selected" == 'list' ]; then + + for line in `ls /home/backup/ | egrep *.tar.gz`; do + echo $line; + done; + exit; +elif [ "$selected" == 'del' ]; then + if [ "$backup" == '' ]; then + read -p "[Notice] deleted backup name:" backup; + [ "$backup" == '' ] && echo '[error] empty backup name' && exit 1; + service vbackup del $backup; + exit 0; + fi; + [ ! -f /home/backup/$backup ] && echo "[Error] $backup not exist!" && exit 1; + rm -rf /home/backup/$backup && echo "[OK] successfully delete $backup"; +fi; diff --git a/scripts/vhost b/scripts/vhost new file mode 100644 index 00000000..e948d5ec --- /dev/null +++ b/scripts/vhost @@ -0,0 +1,298 @@ +#!/bin/bash +# +## Create a new Nginx virtual host +## +## CentOS 7 YUM Installation: Nginx 1.8/1.9 + MySQL 5.5/5.6/5.7 + PHP 5.5/5.6/7.0 +## https://github.com/maicong/LNMP +## Usage: service vhost (start,stop,list,add,edit,del,exit) + +# Sanity check +[ $(id -g) != "0" ] && die "Script must be run as root."; + +showOk(){ + echo -e "\033[34m[OK]\033[0m $1"; +} + +showError(){ + echo -e "\033[31m[ERROR]\033[0m $1"; +} + +showNotice(){ + echo -e "\033[36m[NOTICE]\033[0m $1"; +} + + +if [ "$*" != '' ]; then + selected=$1; + domain=$2; + server_name=$3; + index_name=$4; + rewrite_file=$5; + host_subdirectory=$6; +else + echo "Host Management please select: (1~7)" + select selected in 'start' 'stop' 'list' 'add' 'edit' 'del' 'exit'; do + break; + done; +fi; + +www_root=/home/wwwroot; +php_fpm_BIN=/usr/sbin/php-fpm; +php_fpm_EDIR=/etc/php-fpm.d; +php_fpm_SDIR=/etc/php-fpm.d.stop; +php_default_PID=/var/run/php-fpm/php-fpm.pid; +nginx_BIN=/usr/sbin/nginx; +nginx_CONF=/etc/nginx/nginx.conf; +nginx_EDIR=/etc/nginx/conf.d; +nginx_SDIR=/etc/nginx/conf.d.stop; +nginx_PID=/var/run/nginx.pid; + +if [ "$domain" != '' ]; then + php_fpm_PID=/var/run/php-fpm/php-fpm-${domain}.pid; + php_fpm_SOCK=/dev/shm/php-fpm-${domain}.sock; + php_fpm_ECONF=${php_fpm_EDIR}/php-${domain}.conf; + php_fpm_SCONF=${php_fpm_SDIR}/php-${domain}.conf; + nginx_ECONF=$nginx_EDIR/nginx-${domain}.conf; + nginx_SCONF=$nginx_SDIR/nginx-${domain}.conf; +fi; + +if [ "$selected" == 'list' ]; then + + for line in `ls $www_root/`; do + [ -f "$nginx_EDIR/nginx-$line.conf" ] && echo $line [Running]; + [ -f "$nginx_SDIR/nginx-$line.conf" ] && echo $line [Stop]; + done; + +elif [ "$selected" == 'add' ]; then + + if [ "$domain" == '' ]; then + read -p "[Notice] Please input domain: " domain; + [ "$domain" == '' ] && showError "empty domain" && exit 1; + service vhost add $domain; + exit 0; + fi; + + if [ "$server_name" == '' ]; then + read -p "[Notice] Please input server name (e.g: domain.com,www.domain.com): " server_name; + [ "$server_name" == '' ] && showError "empty server name" && exit 1; + service vhost add $domain $server_name; + exit 0; + fi; + + [ -f $nginx_ECONF ] || [ -f $nginx_SCONF ] && showError "${domain} is exist!" && exit 1; + + # nginx-host.conf + [ -d "$php_fpm_EDIR" ] && sock=php-fpm-$domain.sock || sock=php-fpm.sock; + cp /etc/nginx/nginx-host.conf $nginx_ECONF; + + sed -i "s#example#$domain#g" $nginx_ECONF; + sed -i "s#php-fpm.sock#$sock#g" $nginx_ECONF; + + [ "$server_name" != '' ] && [ "$server_name" != '0' ] && server_name=${server_name//,/ } && \ + sed -i "s|server_name .* #server_name end|server_name $server_name; #server_name end|" $nginx_ECONF; + + [ "$index_name" != '' ] && [ "$index_name" != '0' ] && index_name=${index_name//,/ } && \ + sed -i "s|index .* #index end|index $index_name; #index end|" $nginx_ECONF; + + [ "$rewrite_file" != '' ] && [ "$rewrite_file" != '0' ] && \ + sed -i "s|include rewrite/.*; #rewrite end|include rewrite/$rewrite_file; #rewrite end|" $nginx_ECONF; + + sed -i "/set \$subdomain \"\/\$2\"/d" $nginx_ECONF; + [ "$host_subdirectory" == 'on' ] && sed -i "/set \$subdomain/a\ \tif ( \$host ~* \"(?:(\\\w+\\\.){0,})(\\\b(?\!www\\\b)\\\w+)\\\.\\\b(?\!(com|org|gov|net|cn)\\\b)\\\w+\\\.\[a-zA-Z\]+\" ) { set \$subdomain \"\/\$2\"; }" $nginx_ECONF; + + # php-fpm + if [ -d "$php_fpm_EDIR" ];then + cp /etc/php-fpm-host.conf $php_fpm_ECONF; + sed -i "s#example#$domain#g" $php_fpm_ECONF; + fi; + + # wwwroot chroot + mkdir -p $www_root/$domain; + touch $www_root/$domain/index.html; + echo 'Welcome!' > $www_root/$domain/index.html; + + $php_fpm_BIN --fpm-config $php_fpm_ECONF; + + if [ -f $nginx_PID ]; then + kill -HUP `cat $nginx_PID`; + else + $nginx_BIN -c $nginx_CONF; + fi; + + showOk "successfully create ${domain} vhost"; + showOk "The DocumentRoot: ${www_root}/${domain}/"; + + exit; + +elif [ "$selected" == 'edit' ]; then + + [ "$domain" == '' ] && read -p "[Notice] Please input domain:" domain + [ "$domain" == '' ] && showError "empty domain" && exit 1; + + [ ! -f $nginx_ECONF ] && [ ! -f $nginx_SCONF ] && showError "${domain} not exist!" && exit 1; + [ -f $nginx_ECONF ] && host_conf_file=$nginx_ECONF || host_conf_file=$nginx_SCONF; + + [ "$server_name" == '' ] && read -p "[Notice] Please input server name (e.g: domain.com,www.domain.com). cancel edit, please input 0 : " server_name; + + [ "$index_name" == '' ] && read -p "[Notice] Please input Nginx-index file name (e.g: index.html,index.htm,index.php). cancel edit, please input 0 : " index_name; + + [ "$rewrite_file" == '' ] && read -p "[Notice] Please input Nginx-rewrite file name (e.g: nomal.conf). cancel edit, please input 0 : " rewrite_file; + + [ "$host_subdirectory" == '' ] && read -p "[Notice] Binding second-level domain? please input on OR off. cancel edit, please input 0 : " host_subdirectory; + + # nginx-host.conf + [ "$server_name" != '' ] && [ "$server_name" != '0' ] && server_name=${server_name//,/ } && \ + sed -i "s|server_name .* #server_name end|server_name $server_name; #server_name end|" $host_conf_file; + + [ "$index_name" != '' ] && [ "$index_name" != '0' ] && index_name=${index_name//,/ } && \ + sed -i "s|index .* #index end|index $index_name; #index end|" $host_conf_file; + + [ "$rewrite_file" != '' ] && [ "$rewrite_file" != '0' ] && \ + sed -i "s|include rewrite/.*; #rewrite end|include rewrite/$rewrite_file; #rewrite end|" $host_conf_file; + + sed -i "/set \$subdomain \"\/\$2\"/d" $host_conf_file; + [ "$host_subdirectory" == 'on' ] && sed -i "/set \$subdomain/a\ \tif ( \$host ~* \"(?:(\\\w+\\\.){0,})(\\\b(?\!www\\\b)\\\w+)\\\.\\\b(?\!(com|org|gov|net|cn)\\\b)\\\w+\\\.\[a-zA-Z\]+\" ) { set \$subdomain \"\/\$2\"; }" $host_conf_file; + + if [ -f $nginx_PID ]; then + kill -HUP `cat $nginx_PID`; + else + $nginx_BIN -c $nginx_CONF; + fi; + + if [ -f $php_fpm_PID ]; then + kill -QUIT `cat $php_fpm_PID`; + else + $php_fpm_BIN --fpm-config $php_fpm_ECONF; + fi; + + showOk "successfully change ${domain} vhost"; + + exit; + +elif [ "$selected" == 'start' ]; then + + if [ "$domain" == '' ]; then + showNotice "All host start..."; + for line in `ls $www_root/`; do + if [ -f "${nginx_SDIR}/nginx-${line}.conf" ]; then + service vhost start $line; + else + showError "${line} host maybe running or not exist"; + fi; + done; + exit 0; + else + [ ! -f "${nginx_SDIR}/nginx-${domain}.conf" ] \ + && [ ! -f "${nginx_EDIR}/nginx-${domain}.conf" ] \ + && showError "${domain} host not exist" && exit 1; + fi; + + [ -f $php_fpm_SCONF ] && mv -f $php_fpm_SCONF $php_fpm_ECONF; + [ -f $nginx_SCONF ] && mv -f $nginx_SCONF $nginx_ECONF; + + phpMsg=""; + nginxMsg=""; + + if [ -f $php_fpm_PID ] && [ -S $php_fpm_SOCK ]; then + kill -USR2 `cat $php_fpm_PID` && phpMsg="successfully restart ${domain} host php-fpm"; + else + pid=`ps -ef | grep $php_fpm_ECONF | grep -v grep | awk '{ print $2 }' | uniq`; + [ "$pid" != "" ] && kill -QUIT $pid; + $php_fpm_BIN --fpm-config $php_fpm_ECONF && phpMsg="successfully start ${domain} host php-fpm"; + fi; + + if [ -f $nginx_PID ] && [ $(pgrep nginx | wc -l) != "0" ]; then + kill -HUP `cat $nginx_PID` && nginxMsg="successfully restart ${domain} host nginx"; + else + $nginx_BIN -c $nginx_CONF && nginxMsg="successfully start ${domain} host nginx"; + fi; + + [ "$phpMsg" != "" ] && showOk "$phpMsg" || showError "Failed start ${domain} host php-fpm"; + [ "$nginxMsg" != "" ] && showOk "$nginxMsg" || showError "Failed start ${domain} host nginx"; + + exit; + +elif [ "$selected" == 'stop' ]; then + + if [ "$domain" == '' ]; then + showNotice "All host stop..."; + + for line in `ls $www_root/`; do + if [ -f "${nginx_EDIR}/nginx-${line}.conf" ]; then + service vhost stop $line; + else + showError "${line} host maybe stopped or not exist"; + fi; + done; + exit 0; + else + [ ! -f "${nginx_EDIR}/nginx-${domain}.conf" ] \ + && [ ! -f "${nginx_SDIR}/nginx-${domain}.conf" ] \ + && showError "${domain} host not exist" && exit 1; + fi; + + [ -f $php_fpm_ECONF ] && mv -f $php_fpm_ECONF $php_fpm_SCONF; + [ -f $nginx_ECONF ] && mv -f $nginx_ECONF $nginx_SCONF; + + if [ -f $php_fpm_PID ]; then + kill -QUIT `cat $php_fpm_PID` \ + && showOk "successfully stop ${domain} host php-fpm" \ + || showError "Failed stop ${domain} host php-fpm"; + else + showError "${domain} host php-fpm was stopped"; + fi; + + rm -f $php_fpm_SOCK; + + if [ -f $nginx_PID ]; then + kill -HUP `cat $nginx_PID` \ + && showOk "successfully stop ${domain} host nginx" \ + || showError "Failed stop ${domain} host nginx"; + else + showError "${domain} host nginx was stopped"; + fi; + + phpConfNum=`ls $php_fpm_EDIR | egrep "*.conf" | wc -l`; + nginxConfNum=`ls $nginx_EDIR | egrep "*.conf" | wc -l`; + + [ "$phpConfNum" == "0" ] && `pgrep php-fpm | xargs -r kill`; + [ "$nginxConfNum" == "0" ] && `pgrep nginx | xargs -r kill`; + + exit; + +elif [ "$selected" == 'del' ]; then + + if [ "$domain" == '' ]; then + read -p "[Notice] deleted domain:" domain; + [ "$domain" == '' ] && showError "empty domain" && exit 1; + service vhost del $domain; + exit 0; + fi; + + if [ -f $php_fpm_PID ]; then + kill -QUIT `cat $php_fpm_PID` \ + && showOk "successfully stop ${domain} host php-fpm" \ + || showError "Failed stop ${domain} host php-fpm"; + fi; + + rm -f $php_fpm_SOCK $php_fpm_ECONF $php_fpm_SCONF; + + [ ! -f $nginx_ECONF ] && [ ! -f $nginx_SCONF ] && showError "${domain} not exist!" && exit 1; + + if [ -f $nginx_PID ]; then + kill -HUP `cat $nginx_PID` \ + && showOk "successfully stop ${domain} host nginx" \ + || showError "Failed stop ${domain} host nginx"; + fi; + + rm -f $nginx_ECONF $nginx_SCONF; + + #wwwroot + read -p '[Notice] Delete the directory in wwwroot? (y/n) : ' confirmYN; + [ "$confirmYN" != 'y' ] && exit; + rm -rf $www_root/$domain && showOk "successfully delete $domain host directory"; + +else + showError "${selected} is not defined"; + exit; +fi; diff --git a/scripts/xdebug b/scripts/xdebug new file mode 100644 index 00000000..d1e75137 --- /dev/null +++ b/scripts/xdebug @@ -0,0 +1,101 @@ +#! /bin/bash + +# NOTE: At the moment, this has only been confirmed to work with PHP 7 + + +# Grab full name of php-fpm container +PHP_FPM_CONTAINER=$(docker-compose ps | grep php-fpm | cut -d" " -f 1) + + +# Grab OS type +if [[ "$(uname)" == "Darwin" ]]; then + OS_TYPE="OSX" +else + OS_TYPE=$(expr substr $(uname -s) 1 5) +fi + + +xdebug_status () +{ + echo 'xDebug status' + + # If running on Windows, need to prepend with winpty :( + if [[ $OS_TYPE == "MINGW" ]]; then + winpty docker exec -it $PHP_FPM_CONTAINER bash -c 'php -v' + + else + docker exec -it $PHP_FPM_CONTAINER bash -c 'php -v' + fi + +} + + +xdebug_start () +{ + echo 'Start xDebug' + + # And uncomment line with xdebug extension, thus enabling it + ON_CMD="sed -i 's/^;zend_extension=/zend_extension=/g' \ + /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini" + + + # If running on Windows, need to prepend with winpty :( + if [[ $OS_TYPE == "MINGW" ]]; then + winpty docker exec -it $PHP_FPM_CONTAINER bash -c "${ON_CMD}" + docker restart $PHP_FPM_CONTAINER + winpty docker exec -it $PHP_FPM_CONTAINER bash -c 'php -v' + + else + docker exec -it $PHP_FPM_CONTAINER bash -c "${ON_CMD}" + docker restart $PHP_FPM_CONTAINER + docker exec -it $PHP_FPM_CONTAINER bash -c 'php -v' + fi +} + + +xdebug_stop () +{ + echo 'Stop xDebug' + + # Comment out xdebug extension line + OFF_CMD="sed -i 's/^zend_extension=/;zend_extension=/g' /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini" + + + # If running on Windows, need to prepend with winpty :( + if [[ $OS_TYPE == "MINGW" ]]; then + # This is the equivalent of: + # winpty docker exec -it laradock_php-fpm_1 bash -c 'bla bla bla' + # Thanks to @michaelarnauts at https://github.com/docker/compose/issues/593 + winpty docker exec -it $PHP_FPM_CONTAINER bash -c "${OFF_CMD}" + docker restart $PHP_FPM_CONTAINER + #docker-compose restart php-fpm + winpty docker exec -it $PHP_FPM_CONTAINER bash -c 'php -v' + + else + docker exec -it $PHP_FPM_CONTAINER bash -c "${OFF_CMD}" + # docker-compose restart php-fpm + docker restart $PHP_FPM_CONTAINER + docker exec -it $PHP_FPM_CONTAINER bash -c 'php -v' + fi +} + + +case $@ in + stop|STOP) + xdebug_stop + ;; + start|START) + xdebug_start + ;; + status|STATUS) + xdebug_status + ;; + *) + echo "xDebug [Stop | Start | Status] in the ${PHP_FPM_CONTAINER} container." + echo "xDebug must have already been installed." + echo "Usage:" + echo " ./xdebugPhpFpm stop|start|status" + +esac + +exit 1 diff --git a/startup/boxs.sh b/startup/boxs.sh new file mode 100644 index 00000000..0d220623 --- /dev/null +++ b/startup/boxs.sh @@ -0,0 +1,13 @@ +#!/usr/bin/env bash + +docker run -it --rm \ + --name boxs \ + --hostname boxs \ + -p 10022:22 \ + -p 10080:80 \ + -p 10443:443 \ + -p 16080:6080 \ + -p 15901:5901 \ + -p 16901:6901 \ + -v ~/Code:/data:rw \ + registry.cn-hongkong.aliyuncs.com/imxieke/boxs zsh \ No newline at end of file From ed41514408ed98251bc8206bf4b4bac5a4d53b67 Mon Sep 17 00:00:00 2001 From: Cloudflying Date: Sun, 19 Sep 2021 01:23:14 +0800 Subject: [PATCH 02/50] update nginx --- images/php/74/Dockerfile | 3 +-- images/php/8/Dockerfile | 3 +-- scripts/install/nginx-install.sh | 31 ------------------------------- 3 files changed, 2 insertions(+), 35 deletions(-) diff --git a/images/php/74/Dockerfile b/images/php/74/Dockerfile index 87126c50..a088c63b 100644 --- a/images/php/74/Dockerfile +++ b/images/php/74/Dockerfile @@ -5,8 +5,7 @@ LABEL MAINTAINER="Cloudflying" \ # conflict php7-pecl-gmagick php7-pecl-imagick -RUN echo 'nameserver 223.5.5.5' > /etc/resolv.conf \ - && apk add --no-cache php7 php7-bcmath php7-brotli php7-bz2 php7-calendar php7-ctype php7-curl php7-dba php7-dev php7-dom \ +RUN apk add --no-cache php7 php7-bcmath php7-brotli php7-bz2 php7-calendar php7-ctype php7-curl php7-dba php7-dev php7-dom \ php7-embed php7-enchant php7-exif php7-fileinfo php7-fpm php7-ftp php7-gd php7-gettext php7-gmp php7-iconv php7-imap php7-intl \ php7-json php7-ldap php7-mbstring php7-mysqli php7-mysqlnd php7-odbc php7-openssl php7-pcntl php7-pdo php7-pdo_dblib \ php7-pdo_mysql php7-pdo_odbc php7-pdo_pgsql php7-pdo_sqlite php7-pear php7-pecl-amqp php7-pecl-event php7-pecl-imagick \ diff --git a/images/php/8/Dockerfile b/images/php/8/Dockerfile index c0a93aa3..ad103cad 100644 --- a/images/php/8/Dockerfile +++ b/images/php/8/Dockerfile @@ -5,8 +5,7 @@ LABEL MAINTAINER="Cloudflying" \ # conflict php7-pecl-gmagick php7-pecl-imagick -RUN echo 'nameserver 223.5.5.5' > /etc/resolv.conf \ - && apk add --no-cache php8 php8-bcmath php8-brotli php8-bz2 php8-calendar php8-ctype php8-curl php8-dba php8-dev php8-dom \ +RUN apk add --no-cache php8 php8-bcmath php8-brotli php8-bz2 php8-calendar php8-ctype php8-curl php8-dba php8-dev php8-dom \ php8-embed php8-enchant php8-exif php8-fileinfo php8-fpm php8-ftp php8-gd php8-gettext php8-gmp php8-iconv php8-imap php8-intl \ php8-ldap php8-mbstring php8-mysqli php8-mysqlnd php8-odbc php8-openssl php8-pcntl php8-pdo php8-pdo_dblib php8-pdo_mysql \ php8-pdo_odbc php8-pdo_pgsql php8-pdo_sqlite php8-pear php8-pecl-event php8-pecl-imagick php8-pecl-imagick-dev \ diff --git a/scripts/install/nginx-install.sh b/scripts/install/nginx-install.sh index 94a2dca0..7bbd1b39 100644 --- a/scripts/install/nginx-install.sh +++ b/scripts/install/nginx-install.sh @@ -60,37 +60,6 @@ apk add --no-cache \ --with-perl_modules_path=/usr/lib/perl5/vendor_perl \ --user=nginx \ --group=nginx \ - --with-compat \ - --with-file-aio \ - --with-threads \ - --with-http_addition_module \ - --with-http_auth_request_module \ - --with-http_dav_module \ - --with-http_degradation_module \ - --with-http_flv_module \ - --with-http_image_filter_module \ - --with-http_geoip_module \ - --with-http_gunzip_module \ - --with-http_gzip_static_module \ - --with-http_mp4_module \ - --with-http_perl_module \ - --with-http_random_index_module \ - --with-http_realip_module \ - --with-http_secure_link_module \ - --with-http_slice_module \ - --with-http_ssl_module \ - --with-http_stub_status_module \ - --with-http_sub_module \ - --with-http_xslt_module \ - --with-http_v2_module \ - --with-mail \ - --with-mail_ssl_module \ - --with-pcre \ - --with-pcre-jit \ - --with-stream \ - --with-stream_realip_module \ - --with-stream_ssl_module \ - --with-stream_ssl_preread_module \ --with-cc-opt='-Os -fomit-frame-pointer -Wimplicit-fallthrough=0' \ --with-ld-opt=-Wl,--as-needed \ --add-module=../nginx-rtmp-module-${NGINX_RTMP_VERSION} From 2018e7f86c3571ebbea99cb3040f00ffd621c54c Mon Sep 17 00:00:00 2001 From: Cloudflying Date: Sun, 19 Sep 2021 01:29:18 +0800 Subject: [PATCH 03/50] update nginx --- conf/voocel-docker-lnmp | 1 - images/boxs/app | 1 - images/laradock-workspace | 1 - 3 files changed, 3 deletions(-) delete mode 160000 conf/voocel-docker-lnmp delete mode 160000 images/boxs/app delete mode 160000 images/laradock-workspace diff --git a/conf/voocel-docker-lnmp b/conf/voocel-docker-lnmp deleted file mode 160000 index 1441be39..00000000 --- a/conf/voocel-docker-lnmp +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 1441be394b880e36c2e1b675fb50a8067229c38a diff --git a/images/boxs/app b/images/boxs/app deleted file mode 160000 index b84ab15a..00000000 --- a/images/boxs/app +++ /dev/null @@ -1 +0,0 @@ -Subproject commit b84ab15aac2b42e24f5c23a43914e87e37035200 diff --git a/images/laradock-workspace b/images/laradock-workspace deleted file mode 160000 index 3c81ada9..00000000 --- a/images/laradock-workspace +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 3c81ada9512acdfc3e1139469ca1ac22cbb1436d From f400e54012befddebe16c30b87152b4a4bf1e60a Mon Sep 17 00:00:00 2001 From: Cloudflying Date: Sun, 19 Sep 2021 01:31:56 +0800 Subject: [PATCH 04/50] update nginx --- images/nginx/nginx-http3 | 1 - scripts/letsencrypt | 1 - 2 files changed, 2 deletions(-) delete mode 160000 images/nginx/nginx-http3 delete mode 160000 scripts/letsencrypt diff --git a/images/nginx/nginx-http3 b/images/nginx/nginx-http3 deleted file mode 160000 index a457a555..00000000 --- a/images/nginx/nginx-http3 +++ /dev/null @@ -1 +0,0 @@ -Subproject commit a457a555daea3349d0164556e231409fd6c663b9 diff --git a/scripts/letsencrypt b/scripts/letsencrypt deleted file mode 160000 index c8be6deb..00000000 --- a/scripts/letsencrypt +++ /dev/null @@ -1 +0,0 @@ -Subproject commit c8be6deb87b6c1faf6471448a163fab08409cd86 From 1ca80e54626147ebaea2dfa70e0fcf39b5105f7c Mon Sep 17 00:00:00 2001 From: Cloudflying Date: Sun, 12 Dec 2021 15:36:41 +0800 Subject: [PATCH 05/50] filter repo backup --- .editorconfig | 5 + .gitignore | 3 +- README-zh.md | 385 ---- README.md | 176 +- compose.yml | 138 ++ compose/1.yml | 50 - compose/10.yml | 43 - compose/11.yml | 28 - compose/2.yml | 99 - compose/3.yml | 97 - compose/4.yml | 56 - compose/5.yml | 49 - compose/6.yml | 90 - compose/7.yml | 114 - compose/8.yml | 38 - compose/9.yml | 29 - compose/apm-server-compose.yml | 9 - compose/aria2.yml | 17 - compose/container_scanning_all_arch.yml | 74 - compose/docker-compose-10.yml | 76 - compose/docker-compose-8.yml | 97 - compose/docker-compose-9.yml | 141 -- compose/docker-compose-sync.yml | 102 - compose/docker-compose.laradock.yml | 1819 --------------- compose/docker-composer-2.yml | 97 - compose/docker-composer-3.yml | 81 - compose/docker-composer-4.yml | 329 --- compose/docker-composer-5.yml | 94 - compose/docker-composer-6.yml | 52 - compose/docker-composer-7.yml | 41 - compose/elasticsearch-compose.yml | 53 - compose/ethereum-stack-compose.yml | 32 - compose/fast.yml | 89 - compose/filebeat-compose.yml | 4 - compose/kibana-compose.yml | 10 - compose/laradock.yml | 314 --- compose/lnmp-stack-compose.yml | 53 - compose/logstash.yml | 9 - compose/metricbeat.yml | 12 - compose/nginx-lua-compose.yml | 50 - compose/simplify.yml | 58 - dockenv | 146 +- .../add-sites.md | 0 ...\243\205swoole\346\211\251\345\261\225.md" | 33 - ...350\243\205yaf\346\211\251\345\261\225.md" | 27 - images/aerospike/Dockerfile | 8 - images/aerospike/ce-5.3/Dockerfile | 9 + images/aerospike/ce-5.4/Dockerfile | 9 + images/aerospike/ce-5.5/Dockerfile | 9 + images/aerospike/ce-5.6/Dockerfile | 9 + images/aerospike/ce-5.7/Dockerfile | 9 + images/aerospike/ee-5.3/Dockerfile | 9 + images/aerospike/ee-5.4/Dockerfile | 9 + images/aerospike/ee-5.5/Dockerfile | 9 + images/aerospike/ee-5.6/Dockerfile | 9 + images/aerospike/ee-5.7/Dockerfile | 9 + images/aerospike/latest/Dockerfile | 11 + images/aerospike/{ => latest}/aerospike.conf | 0 images/alinux/2/Dockerfile | 3 + images/alinux/3/Dockerfile | 3 + images/alpine/3.10/Dockerfile | 3 +- images/alpine/3.11/Dockerfile | 3 +- images/alpine/3.12/Dockerfile | 3 +- images/alpine/3.13/Dockerfile | 3 +- images/alpine/3.14/Dockerfile | 7 + images/alpine/3.7/Dockerfile | 3 +- images/alpine/3.8/Dockerfile | 3 +- images/alpine/3.9/Dockerfile | 3 +- images/alpine/edge/Dockerfile | 3 +- images/archlinux/latest/Dockerfile | 2 +- images/beanstalkd/1.12/Dockerfile | 12 + images/beanstalkd/Dockerfile | 16 - images/beanstalkd/latest/Dockerfile | 12 + images/boxs/Dockerfile | 51 - images/boxs/README.md | 195 +- images/boxs/README.unity.md | 120 - images/boxs/builder/Dockerfile | 37 + images/boxs/builder/README.md | 2 + images/boxs/conf.d/1/50-motd-news | 146 -- images/boxs/conf.d/1/60-unminimize | 9 - images/boxs/conf.d/default.conf | 55 - .../desktop/xfce/.config/background.jpg | Bin 84691 -> 0 bytes .../xfce-perchannel-xml/xfce4-desktop.xml | 55 - .../xfce4-keyboard-shortcuts.xml | 172 -- .../xfce-perchannel-xml/xfce4-panel.xml | 78 - .../xfconf/xfce-perchannel-xml/xfwm4.xml | 106 - .../xfconf/xfce-perchannel-xml/xsettings.xml | 59 - .../desktop/xfce/Desktop/.firefox.desktop | 221 -- .../xfce/Desktop/chromium-browser.desktop | 298 --- images/boxs/conf.d/index.php | 1468 ------------ images/boxs/conf.d/landscape-sysinfo.py | 22 - images/boxs/conf.d/letsencrypt-renew | 13 - images/boxs/conf.d/letsencrypt-setup | 20 - images/boxs/conf.d/motd.sh | 21 - images/boxs/conf.d/motd/50-landscape-sysinfo | 14 - images/boxs/conf.d/motd/50-motd-news | 135 -- images/boxs/conf.d/motd/80-esm | 24 - images/boxs/conf.d/motd/80-livepatch | 93 - images/boxs/conf.d/motd/91-release-upgrade | 9 - images/boxs/conf.d/motd/95-hwe-eol | 5 - images/boxs/conf.d/motd/97-overlayroot | 4 - images/boxs/conf.d/motd/98-fsck-at-reboot | 5 - images/boxs/conf.d/motd/98-reboot-required | 5 - images/boxs/conf.d/nginx.2.conf | 118 - images/boxs/conf.d/nginx.conf | 62 - images/boxs/conf.d/nginx.conf.d/LICENSE | 674 ------ images/boxs/conf.d/nginx.conf.d/README.md | 19 - .../boxs/conf.d/nginx.conf.d/anti-floc.conf | 2 - .../nginx.conf.d/archive.fastgit.org.conf | 71 - .../nginx.conf.d/assets.fastgit.org.conf | 81 - .../nginx.conf.d/download.fastgit.org.conf | 73 - .../boxs/conf.d/nginx.conf.d/fastgit.org.conf | 38 - .../conf.d/nginx.conf.d/hub.fastgit.org.conf | 109 - .../conf.d/nginx.conf.d/install-debian10.sh | 97 - .../conf.d/nginx.conf.d/raw.fastgit.org.conf | 99 - images/boxs/conf.d/nginx.conf.d/robots.txt | 2 - images/boxs/conf.d/nginx/google.nginx.conf | 26 - images/boxs/conf.d/nginx/google2.nginx.conf | 35 - images/boxs/conf.d/nginx/gravatar.conf | 44 - images/boxs/conf.d/nginx/sni-host.conf | 26 - images/boxs/conf.d/nginx/sni.nginx.conf | 26 - .../usr/lib/update-notifier/apt-cdrom-check | 93 - .../usr/lib/update-notifier/apt-check | 1 - .../usr/lib/update-notifier/apt_check.py | 214 -- .../usr/lib/update-notifier/backend_helper.py | 168 -- .../usr/lib/update-notifier/cddistupgrader | 31 - .../update-notifier/package-data-downloader | 337 --- .../lib/update-notifier/package-system-locked | 16 - .../update-motd-fsck-at-reboot | 81 - .../lib/update-notifier/update-motd-hwe-eol | 60 - .../update-motd-reboot-required | 7 - .../update-motd-updates-available | 59 - images/boxs/conf.d/php.ini | 1934 ---------------- images/boxs/conf.d/{init.d => }/sshd | 0 images/boxs/conf.d/supervisor-novnc.conf | 9 - images/boxs/conf.d/supervisord.conf | 54 - images/boxs/panel/Dockerfile.bt | 13 - images/boxs/panel/Dockerfile.bt6 | 12 - images/boxs/panel/scripts/bt6.sh | 458 ---- images/boxs/panel/scripts/install-bt.sh | 431 ---- images/boxs/script/bootstrap.sh | 278 --- images/boxs/script/build.sh | 119 - images/boxs/script/entrypoint.sh | 9 - images/boxs/script/startup.sh | 115 - images/boxs/script/vnc.sh | 98 - images/boxs/script/wm_startup.sh | 14 - images/boxs/scripts/zenity-apt.sh | 534 +++++ images/boxs/scripts/zenity-gui-ssh.sh | 53 + images/boxs/sshd/Dockerfile | 36 + images/boxs/sshd/bootstrap.sh | 27 + images/boxs/unity/bootstrap.sh | 53 + images/boxs/vnc/conf/.ratpoisonrc | 1 - images/boxs/vnc/conf/.xinitrc | 6 - images/boxs/vnc/conf/.xsession | 3 - images/boxs/vnc/conf/vnc/xstartup | 11 - images/boxs/vnc/run.sh | 48 - images/boxs/workspace/Dockerfile | 1534 ------------- images/boxs/workspace/aerospike.ini | 3 - images/boxs/workspace/aliases.sh | 151 -- images/boxs/workspace/crontab/laradock | 1 - images/boxs/workspace/insecure_id_rsa | 51 - images/boxs/workspace/insecure_id_rsa.ppk | 46 - images/boxs/workspace/insecure_id_rsa.pub | 1 - images/boxs/workspace/mc/config.json | 29 - images/boxs/workspace/sources.sh | 83 - images/boxs/workspace/xdebug.ini | 19 - images/boxs/xfce-arch-base/Dockerfile | 57 + images/boxs/xfce-arch/Dockerfile | 31 + images/boxs/xfce-arch/bootstrap.sh | 30 + images/boxs/xfce-arch/conf/00-motd | 49 + images/boxs/xfce-arch/conf/bootstrap.sh | 137 ++ images/boxs/xfce-arch/conf/boxs-init.sh | 62 + images/boxs/xfce-arch/conf/entrypoint.sh | 48 + images/boxs/xfce-arch/conf/entrypoint.sh.bak | 46 + images/boxs/xfce-arch/conf/init.vim | 32 + images/boxs/xfce-arch/conf/supervisord.conf | 42 + .../boxs/xfce-arch/conf/supervisord.ini.bak | 51 + images/boxs/xfce-arch/conf/zshrc | 118 + images/boxs/xfce-base/Dockerfile | 86 + images/boxs/xfce/Dockerfile | 30 + images/boxs/xfce/conf/00-motd | 49 + images/boxs/xfce/conf/bootstrap.sh | 121 + images/boxs/xfce/conf/entrypoint.sh | 47 + images/boxs/xfce/conf/init.vim | 37 + images/boxs/xfce/conf/supervisord.conf | 105 + images/boxs/xfce/conf/zshrc | 118 + images/centos/7.0/Dockerfile | 2 +- images/centos/7.1/Dockerfile | 2 +- images/centos/7.2/Dockerfile | 2 +- images/centos/7.3/Dockerfile | 2 +- images/centos/7.4/Dockerfile | 2 +- images/centos/7.5/Dockerfile | 2 +- images/centos/7.6/Dockerfile | 2 +- images/centos/7.7/Dockerfile | 2 +- images/centos/7.8/Dockerfile | 2 +- images/centos/7.9/Dockerfile | 2 +- images/centos/8.1/Dockerfile | 2 +- images/centos/8.2/Dockerfile | 2 +- images/centos/8.3/Dockerfile | 2 +- images/centos/8.4/Dockerfile | 3 + images/centos/stream/Dockerfile | 3 + images/centos/stream8/Dockerfile | 3 + images/centos/stream9-dev/Dockerfile | 3 + images/centos/stream9/Dockerfile | 3 + images/hhvm/3.30/Dockerfile | 15 + images/hhvm/latest/Dockerfile | 15 + images/mysql/Dockerfile | 53 - images/mysql/Dockerfile.5.7.26 | 53 - images/mysql/README.md | 2 - images/mysql/conf.d/mysql.gpg | Bin 28776 -> 0 bytes images/mysql/docker-compose.yml | 17 - images/mysql/scripts/5.7.sh | 215 -- images/nginx/1.20.2/Dockerfile | 12 + images/nginx/1.20.2/build.sh | 221 ++ images/nginx/README.md | 9 + images/nginx/conf.d/.gitignore | 4 - images/nginx/conf.d/default.conf | 59 - images/nginx/latest/Dockerfile | 36 + .../10-listen-on-ipv6-by-default.sh | 61 - .../alpine-perl/20-envsubst-on-templates.sh | 32 - images/nginx/stable/alpine-perl/Dockerfile | 125 - .../stable/alpine-perl/docker-entrypoint.sh | 38 - .../alpine/10-listen-on-ipv6-by-default.sh | 61 - .../stable/alpine/20-envsubst-on-templates.sh | 32 - images/nginx/stable/alpine/Dockerfile | 124 - .../nginx/stable/alpine/docker-entrypoint.sh | 38 - .../10-listen-on-ipv6-by-default.sh | 61 - .../debian-perl/20-envsubst-on-templates.sh | 32 - images/nginx/stable/debian-perl/Dockerfile | 116 - .../stable/debian-perl/docker-entrypoint.sh | 38 - .../debian/10-listen-on-ipv6-by-default.sh | 61 - .../stable/debian/20-envsubst-on-templates.sh | 32 - images/nginx/stable/debian/Dockerfile | 115 - .../nginx/stable/debian/docker-entrypoint.sh | 38 - images/php-crond/Dockerfile | 14 - images/php-crond/crontabs/.gitignore | 3 - images/php-crond/crontabs/default.example | 3 - images/php-fpm/Dockerfile | 1005 -------- images/php-fpm/aerospike.ini | 3 - images/php-fpm/laravel.ini | 16 - images/php-fpm/mysql.ini | 58 - images/php-fpm/opcache.ini | 9 - images/php-fpm/phalcon.ini | 2 - images/php-fpm/php5.6.ini | 2030 ----------------- images/php-fpm/php7.0.ini | 1918 ---------------- images/php-fpm/php7.1.ini | 1918 ---------------- images/php-fpm/php7.2.ini | 1918 ---------------- images/php-fpm/php7.3.ini | 1918 ---------------- images/php-fpm/php7.4.ini | 1918 ---------------- images/php-fpm/xdebug | 101 - images/php-fpm/xdebug.ini | 19 - images/php-fpm/xhprof.ini | 8 - images/php-fpm/xlaravel.pool.conf | 76 - images/php-supervisor/Dockerfile | 16 - images/php-supervisor/supervisor/.gitignore | 4 - .../supervisor/supervisord.conf | 15 - images/php-worker/Dockerfile | 370 --- images/php-worker/supervisord.conf | 10 - images/php-worker/supervisord.d/.gitignore | 1 - .../laravel-scheduler.conf.example | 8 - .../supervisord.d/laravel-worker.conf.example | 8 - images/php/56/Dockerfile | 21 +- images/php/56/build.sh | 163 ++ images/php/71/Dockerfile | 18 +- images/php/72/Dockerfile | 18 +- images/php/73/Dockerfile | 24 +- images/php/74/Dockerfile | 19 +- images/php/74/build.sh | 193 ++ images/php/8/Dockerfile | 18 - images/php/80/Dockerfile | 12 + images/php/80/build.sh | 196 ++ images/php/Dockerfile.alpine | 40 - images/php/Dockerfile.alpine-cli | 28 - images/php/README.md | 499 +++- images/php/php-fpm/Dockerfile-56 | 137 -- images/php/php-fpm/Dockerfile-70 | 149 -- images/php/php-fpm/aerospike.ini | 3 - images/php/php56/Dockerfile | 69 - images/php/php56/custom-php.ini | 230 -- images/php/php56/opcache.ini | 9 - images/php/php56/timezone.ini | 4 - images/php/php56/xdebug.ini | 16 - images/php/php72/Dockerfile | 209 -- images/php/php72/opcache.ini | 9 - images/php/php72/php71.ini | 232 -- images/php/php72/php72.ini | 1918 ---------------- images/php/php72/sources.list | 8 - images/php/php72/xdebug.ini | 15 - images/php/script/build.sh | 141 -- images/rabbitmq/Dockerfile | 5 - images/redis/docker-compose.yml | 25 - images/shadowsocks/Dockerfile | 46 - images/shadowsocks/README.md | 7 + images/shadowsocks/docker-compose.yml | 9 - images/shadowsocks/latest/Dockerfile | 18 + images/shadowsocks/latest/entrypoint.sh | 5 + images/shadowsocks/latest/shadowsocks.json | 13 + images/shadowsocks/latest/ss.json | 13 + images/ssr/Dockerfile | 14 - images/ssr/README.md | 34 - images/tengine/2.3/Dockerfile | 13 + images/tengine/2.3/build.sh | 123 + images/tengine/2.3/build2.sh | 100 + images/tengine/Dockerfile | 112 - images/ubuntu/16.10/Dockerfile | 9 +- images/ubuntu/17.04/Dockerfile | 13 + images/ubuntu/17.10/Dockerfile | 14 + images/ubuntu/18.04/Dockerfile | 10 +- images/ubuntu/19.04/Dockerfile | 11 +- images/ubuntu/19.10/Dockerfile | 9 +- images/ubuntu/20.04/Dockerfile | 2 +- images/ubuntu/21.04/Dockerfile | 10 +- images/ubuntu/21.10/Dockerfile | 8 +- images/ubuntu/README.md | 29 +- images/zookeeper/3.5/Dockerfile | 12 + images/zookeeper/3.6/Dockerfile | 12 + images/zookeeper/3.7/Dockerfile | 12 + images/zookeeper/latest/Dockerfile | 12 + scripts/run_boxs_archlinux.sh | 23 + scripts/run_boxs_ubuntu.sh | 23 + startup/boxs.sh | 13 - 321 files changed, 4435 insertions(+), 34995 deletions(-) delete mode 100644 README-zh.md create mode 100644 compose.yml delete mode 100644 compose/1.yml delete mode 100644 compose/10.yml delete mode 100644 compose/11.yml delete mode 100644 compose/2.yml delete mode 100644 compose/3.yml delete mode 100644 compose/4.yml delete mode 100644 compose/5.yml delete mode 100644 compose/6.yml delete mode 100644 compose/7.yml delete mode 100644 compose/8.yml delete mode 100644 compose/9.yml delete mode 100644 compose/apm-server-compose.yml delete mode 100644 compose/aria2.yml delete mode 100644 compose/container_scanning_all_arch.yml delete mode 100644 compose/docker-compose-10.yml delete mode 100644 compose/docker-compose-8.yml delete mode 100644 compose/docker-compose-9.yml delete mode 100644 compose/docker-compose-sync.yml delete mode 100644 compose/docker-compose.laradock.yml delete mode 100644 compose/docker-composer-2.yml delete mode 100644 compose/docker-composer-3.yml delete mode 100644 compose/docker-composer-4.yml delete mode 100644 compose/docker-composer-5.yml delete mode 100644 compose/docker-composer-6.yml delete mode 100644 compose/docker-composer-7.yml delete mode 100644 compose/elasticsearch-compose.yml delete mode 100755 compose/ethereum-stack-compose.yml delete mode 100644 compose/fast.yml delete mode 100644 compose/filebeat-compose.yml delete mode 100644 compose/kibana-compose.yml delete mode 100644 compose/laradock.yml delete mode 100755 compose/lnmp-stack-compose.yml delete mode 100644 compose/logstash.yml delete mode 100644 compose/metricbeat.yml delete mode 100755 compose/nginx-lua-compose.yml delete mode 100644 compose/simplify.yml rename "docs/\345\246\202\344\275\225\346\226\260\345\273\272\344\270\200\344\270\252\347\253\231\347\202\271.md" => docs/add-sites.md (100%) delete mode 100644 "docs/\345\246\202\344\275\225\345\256\211\350\243\205swoole\346\211\251\345\261\225.md" delete mode 100644 "docs/\345\246\202\344\275\225\345\256\211\350\243\205yaf\346\211\251\345\261\225.md" delete mode 100644 images/aerospike/Dockerfile create mode 100644 images/aerospike/ce-5.3/Dockerfile create mode 100644 images/aerospike/ce-5.4/Dockerfile create mode 100644 images/aerospike/ce-5.5/Dockerfile create mode 100644 images/aerospike/ce-5.6/Dockerfile create mode 100644 images/aerospike/ce-5.7/Dockerfile create mode 100644 images/aerospike/ee-5.3/Dockerfile create mode 100644 images/aerospike/ee-5.4/Dockerfile create mode 100644 images/aerospike/ee-5.5/Dockerfile create mode 100644 images/aerospike/ee-5.6/Dockerfile create mode 100644 images/aerospike/ee-5.7/Dockerfile create mode 100644 images/aerospike/latest/Dockerfile rename images/aerospike/{ => latest}/aerospike.conf (100%) create mode 100644 images/alinux/2/Dockerfile create mode 100644 images/alinux/3/Dockerfile create mode 100644 images/alpine/3.14/Dockerfile create mode 100644 images/beanstalkd/1.12/Dockerfile delete mode 100644 images/beanstalkd/Dockerfile create mode 100644 images/beanstalkd/latest/Dockerfile delete mode 100644 images/boxs/Dockerfile delete mode 100644 images/boxs/README.unity.md create mode 100644 images/boxs/builder/Dockerfile create mode 100644 images/boxs/builder/README.md delete mode 100755 images/boxs/conf.d/1/50-motd-news delete mode 100755 images/boxs/conf.d/1/60-unminimize delete mode 100644 images/boxs/conf.d/default.conf delete mode 100644 images/boxs/conf.d/desktop/xfce/.config/background.jpg delete mode 100644 images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-desktop.xml delete mode 100644 images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-keyboard-shortcuts.xml delete mode 100644 images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml delete mode 100644 images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfwm4.xml delete mode 100644 images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xsettings.xml delete mode 100644 images/boxs/conf.d/desktop/xfce/Desktop/.firefox.desktop delete mode 100755 images/boxs/conf.d/desktop/xfce/Desktop/chromium-browser.desktop delete mode 100644 images/boxs/conf.d/index.php delete mode 100644 images/boxs/conf.d/landscape-sysinfo.py delete mode 100644 images/boxs/conf.d/letsencrypt-renew delete mode 100644 images/boxs/conf.d/letsencrypt-setup delete mode 100644 images/boxs/conf.d/motd.sh delete mode 100644 images/boxs/conf.d/motd/50-landscape-sysinfo delete mode 100755 images/boxs/conf.d/motd/50-motd-news delete mode 100755 images/boxs/conf.d/motd/80-esm delete mode 100755 images/boxs/conf.d/motd/80-livepatch delete mode 100755 images/boxs/conf.d/motd/91-release-upgrade delete mode 100755 images/boxs/conf.d/motd/95-hwe-eol delete mode 100755 images/boxs/conf.d/motd/97-overlayroot delete mode 100755 images/boxs/conf.d/motd/98-fsck-at-reboot delete mode 100755 images/boxs/conf.d/motd/98-reboot-required delete mode 100644 images/boxs/conf.d/nginx.2.conf delete mode 100644 images/boxs/conf.d/nginx.conf delete mode 100644 images/boxs/conf.d/nginx.conf.d/LICENSE delete mode 100644 images/boxs/conf.d/nginx.conf.d/README.md delete mode 100644 images/boxs/conf.d/nginx.conf.d/anti-floc.conf delete mode 100644 images/boxs/conf.d/nginx.conf.d/archive.fastgit.org.conf delete mode 100644 images/boxs/conf.d/nginx.conf.d/assets.fastgit.org.conf delete mode 100644 images/boxs/conf.d/nginx.conf.d/download.fastgit.org.conf delete mode 100644 images/boxs/conf.d/nginx.conf.d/fastgit.org.conf delete mode 100644 images/boxs/conf.d/nginx.conf.d/hub.fastgit.org.conf delete mode 100644 images/boxs/conf.d/nginx.conf.d/install-debian10.sh delete mode 100644 images/boxs/conf.d/nginx.conf.d/raw.fastgit.org.conf delete mode 100644 images/boxs/conf.d/nginx.conf.d/robots.txt delete mode 100644 images/boxs/conf.d/nginx/google.nginx.conf delete mode 100644 images/boxs/conf.d/nginx/google2.nginx.conf delete mode 100644 images/boxs/conf.d/nginx/gravatar.conf delete mode 100644 images/boxs/conf.d/nginx/sni-host.conf delete mode 100644 images/boxs/conf.d/nginx/sni.nginx.conf delete mode 100755 images/boxs/conf.d/notifier/usr/lib/update-notifier/apt-cdrom-check delete mode 120000 images/boxs/conf.d/notifier/usr/lib/update-notifier/apt-check delete mode 100755 images/boxs/conf.d/notifier/usr/lib/update-notifier/apt_check.py delete mode 100755 images/boxs/conf.d/notifier/usr/lib/update-notifier/backend_helper.py delete mode 100755 images/boxs/conf.d/notifier/usr/lib/update-notifier/cddistupgrader delete mode 100755 images/boxs/conf.d/notifier/usr/lib/update-notifier/package-data-downloader delete mode 100755 images/boxs/conf.d/notifier/usr/lib/update-notifier/package-system-locked delete mode 100755 images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-fsck-at-reboot delete mode 100755 images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-hwe-eol delete mode 100755 images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-reboot-required delete mode 100755 images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-updates-available delete mode 100644 images/boxs/conf.d/php.ini rename images/boxs/conf.d/{init.d => }/sshd (100%) delete mode 100644 images/boxs/conf.d/supervisor-novnc.conf delete mode 100644 images/boxs/conf.d/supervisord.conf delete mode 100644 images/boxs/panel/Dockerfile.bt delete mode 100644 images/boxs/panel/Dockerfile.bt6 delete mode 100644 images/boxs/panel/scripts/bt6.sh delete mode 100644 images/boxs/panel/scripts/install-bt.sh delete mode 100644 images/boxs/script/bootstrap.sh delete mode 100644 images/boxs/script/build.sh delete mode 100644 images/boxs/script/entrypoint.sh delete mode 100644 images/boxs/script/startup.sh delete mode 100644 images/boxs/script/vnc.sh delete mode 100644 images/boxs/script/wm_startup.sh create mode 100644 images/boxs/scripts/zenity-apt.sh create mode 100644 images/boxs/scripts/zenity-gui-ssh.sh create mode 100644 images/boxs/sshd/Dockerfile create mode 100644 images/boxs/sshd/bootstrap.sh create mode 100644 images/boxs/unity/bootstrap.sh delete mode 100644 images/boxs/vnc/conf/.ratpoisonrc delete mode 100644 images/boxs/vnc/conf/.xinitrc delete mode 100644 images/boxs/vnc/conf/.xsession delete mode 100644 images/boxs/vnc/conf/vnc/xstartup delete mode 100644 images/boxs/vnc/run.sh delete mode 100644 images/boxs/workspace/Dockerfile delete mode 100644 images/boxs/workspace/aerospike.ini delete mode 100644 images/boxs/workspace/aliases.sh delete mode 100644 images/boxs/workspace/crontab/laradock delete mode 100644 images/boxs/workspace/insecure_id_rsa delete mode 100644 images/boxs/workspace/insecure_id_rsa.ppk delete mode 100644 images/boxs/workspace/insecure_id_rsa.pub delete mode 100644 images/boxs/workspace/mc/config.json delete mode 100755 images/boxs/workspace/sources.sh delete mode 100644 images/boxs/workspace/xdebug.ini create mode 100644 images/boxs/xfce-arch-base/Dockerfile create mode 100644 images/boxs/xfce-arch/Dockerfile create mode 100644 images/boxs/xfce-arch/bootstrap.sh create mode 100644 images/boxs/xfce-arch/conf/00-motd create mode 100644 images/boxs/xfce-arch/conf/bootstrap.sh create mode 100644 images/boxs/xfce-arch/conf/boxs-init.sh create mode 100644 images/boxs/xfce-arch/conf/entrypoint.sh create mode 100644 images/boxs/xfce-arch/conf/entrypoint.sh.bak create mode 100644 images/boxs/xfce-arch/conf/init.vim create mode 100644 images/boxs/xfce-arch/conf/supervisord.conf create mode 100644 images/boxs/xfce-arch/conf/supervisord.ini.bak create mode 100644 images/boxs/xfce-arch/conf/zshrc create mode 100644 images/boxs/xfce-base/Dockerfile create mode 100644 images/boxs/xfce/Dockerfile create mode 100644 images/boxs/xfce/conf/00-motd create mode 100644 images/boxs/xfce/conf/bootstrap.sh create mode 100644 images/boxs/xfce/conf/entrypoint.sh create mode 100644 images/boxs/xfce/conf/init.vim create mode 100644 images/boxs/xfce/conf/supervisord.conf create mode 100644 images/boxs/xfce/conf/zshrc create mode 100644 images/centos/8.4/Dockerfile create mode 100644 images/centos/stream/Dockerfile create mode 100644 images/centos/stream8/Dockerfile create mode 100644 images/centos/stream9-dev/Dockerfile create mode 100644 images/centos/stream9/Dockerfile create mode 100644 images/hhvm/3.30/Dockerfile create mode 100644 images/hhvm/latest/Dockerfile delete mode 100644 images/mysql/Dockerfile delete mode 100644 images/mysql/Dockerfile.5.7.26 delete mode 100644 images/mysql/README.md delete mode 100644 images/mysql/conf.d/mysql.gpg delete mode 100644 images/mysql/docker-compose.yml delete mode 100644 images/mysql/scripts/5.7.sh create mode 100644 images/nginx/1.20.2/Dockerfile create mode 100644 images/nginx/1.20.2/build.sh create mode 100644 images/nginx/README.md delete mode 100644 images/nginx/conf.d/.gitignore delete mode 100644 images/nginx/conf.d/default.conf create mode 100644 images/nginx/latest/Dockerfile delete mode 100755 images/nginx/stable/alpine-perl/10-listen-on-ipv6-by-default.sh delete mode 100755 images/nginx/stable/alpine-perl/20-envsubst-on-templates.sh delete mode 100644 images/nginx/stable/alpine-perl/Dockerfile delete mode 100755 images/nginx/stable/alpine-perl/docker-entrypoint.sh delete mode 100755 images/nginx/stable/alpine/10-listen-on-ipv6-by-default.sh delete mode 100755 images/nginx/stable/alpine/20-envsubst-on-templates.sh delete mode 100644 images/nginx/stable/alpine/Dockerfile delete mode 100755 images/nginx/stable/alpine/docker-entrypoint.sh delete mode 100755 images/nginx/stable/debian-perl/10-listen-on-ipv6-by-default.sh delete mode 100755 images/nginx/stable/debian-perl/20-envsubst-on-templates.sh delete mode 100644 images/nginx/stable/debian-perl/Dockerfile delete mode 100755 images/nginx/stable/debian-perl/docker-entrypoint.sh delete mode 100755 images/nginx/stable/debian/10-listen-on-ipv6-by-default.sh delete mode 100755 images/nginx/stable/debian/20-envsubst-on-templates.sh delete mode 100644 images/nginx/stable/debian/Dockerfile delete mode 100755 images/nginx/stable/debian/docker-entrypoint.sh delete mode 100644 images/php-crond/Dockerfile delete mode 100644 images/php-crond/crontabs/.gitignore delete mode 100644 images/php-crond/crontabs/default.example delete mode 100644 images/php-fpm/Dockerfile delete mode 100644 images/php-fpm/aerospike.ini delete mode 100644 images/php-fpm/laravel.ini delete mode 100644 images/php-fpm/mysql.ini delete mode 100644 images/php-fpm/opcache.ini delete mode 100644 images/php-fpm/phalcon.ini delete mode 100644 images/php-fpm/php5.6.ini delete mode 100644 images/php-fpm/php7.0.ini delete mode 100644 images/php-fpm/php7.1.ini delete mode 100644 images/php-fpm/php7.2.ini delete mode 100644 images/php-fpm/php7.3.ini delete mode 100644 images/php-fpm/php7.4.ini delete mode 100755 images/php-fpm/xdebug delete mode 100644 images/php-fpm/xdebug.ini delete mode 100644 images/php-fpm/xhprof.ini delete mode 100644 images/php-fpm/xlaravel.pool.conf delete mode 100644 images/php-supervisor/Dockerfile delete mode 100644 images/php-supervisor/supervisor/.gitignore delete mode 100644 images/php-supervisor/supervisor/supervisord.conf delete mode 100644 images/php-worker/Dockerfile delete mode 100644 images/php-worker/supervisord.conf delete mode 100644 images/php-worker/supervisord.d/.gitignore delete mode 100644 images/php-worker/supervisord.d/laravel-scheduler.conf.example delete mode 100644 images/php-worker/supervisord.d/laravel-worker.conf.example create mode 100644 images/php/56/build.sh create mode 100644 images/php/74/build.sh delete mode 100644 images/php/8/Dockerfile create mode 100644 images/php/80/Dockerfile create mode 100644 images/php/80/build.sh delete mode 100644 images/php/Dockerfile.alpine delete mode 100644 images/php/Dockerfile.alpine-cli delete mode 100644 images/php/php-fpm/Dockerfile-56 delete mode 100644 images/php/php-fpm/Dockerfile-70 delete mode 100644 images/php/php-fpm/aerospike.ini delete mode 100644 images/php/php56/Dockerfile delete mode 100644 images/php/php56/custom-php.ini delete mode 100644 images/php/php56/opcache.ini delete mode 100644 images/php/php56/timezone.ini delete mode 100644 images/php/php56/xdebug.ini delete mode 100644 images/php/php72/Dockerfile delete mode 100644 images/php/php72/opcache.ini delete mode 100644 images/php/php72/php71.ini delete mode 100644 images/php/php72/php72.ini delete mode 100644 images/php/php72/sources.list delete mode 100644 images/php/php72/xdebug.ini delete mode 100644 images/php/script/build.sh delete mode 100644 images/redis/docker-compose.yml delete mode 100644 images/shadowsocks/Dockerfile delete mode 100644 images/shadowsocks/docker-compose.yml create mode 100644 images/shadowsocks/latest/Dockerfile create mode 100644 images/shadowsocks/latest/entrypoint.sh create mode 100644 images/shadowsocks/latest/shadowsocks.json create mode 100644 images/shadowsocks/latest/ss.json delete mode 100644 images/ssr/Dockerfile delete mode 100644 images/ssr/README.md create mode 100644 images/tengine/2.3/Dockerfile create mode 100644 images/tengine/2.3/build.sh create mode 100644 images/tengine/2.3/build2.sh delete mode 100644 images/tengine/Dockerfile create mode 100644 images/ubuntu/17.04/Dockerfile create mode 100644 images/ubuntu/17.10/Dockerfile create mode 100644 images/zookeeper/3.5/Dockerfile create mode 100644 images/zookeeper/3.6/Dockerfile create mode 100644 images/zookeeper/3.7/Dockerfile create mode 100644 images/zookeeper/latest/Dockerfile create mode 100644 scripts/run_boxs_archlinux.sh create mode 100644 scripts/run_boxs_ubuntu.sh delete mode 100644 startup/boxs.sh diff --git a/.editorconfig b/.editorconfig index 6dd4eabe..4be8bb97 100644 --- a/.editorconfig +++ b/.editorconfig @@ -13,6 +13,11 @@ trim_trailing_whitespace = true indent_size = 4 [{docker-compose.yml,package.json,.travis.yml,.pcit.yml,.drone.yml}] +indent_size = 2 +indent_style = space + +### YAML +[*.{yml,yaml}] indent_style = space indent_size = 2 diff --git a/.gitignore b/.gitignore index 851ef6a2..9e7cfa74 100644 --- a/.gitignore +++ b/.gitignore @@ -7,7 +7,8 @@ *.log /conf.ini /examples - +/tmp +/runtime /.idea data/logs/* data/mysql/* diff --git a/README-zh.md b/README-zh.md deleted file mode 100644 index 749664e7..00000000 --- a/README-zh.md +++ /dev/null @@ -1,385 +0,0 @@ - -### 编辑 Docker 镜像 - -1 - 找到你想修改的镜像的 `Dockerfile` , -
-例如: `mysql` 在 `mysql/Dockerfile`. - -2 - 按你所要的编辑文件. - -3 - 重新构建容器: - -```bash -docker-compose build mysql -``` - -更多信息在容器重建中[点击这里](#Build-Re-build-Containers). - - -### 建立/重建容器 - -如果你做任何改变 `Dockerfile` 确保你运行这个命令,可以让所有修改更改生效: - -```bash -docker-compose build -``` - -选择你可以指定哪个容器重建(而不是重建所有的容器): - -```bash -docker-compose build {container-name} -``` - -如果你想重建整个容器,你可能需要使用 `--no-cache` 选项 (`docker-compose build --no-cache {container-name}`). - - -### 增加更多软件 (Docker 镜像) - -为了增加镜像(软件), 编辑 `docker-compose.yml` 添加容器细节, 你需要熟悉 [docker compose 文件语法](https://docs.docker.com/compose/compose-file/). - - -### 查看日志文件 -Nginx的日志在 `logs/nginx` 目录 - -然后查看其它容器日志(MySQL, PHP-FPM,...) 你可以运行: - -```bash -docker logs {container-name} -``` - - -### [Laravel] - - -### 从 Docker 镜像安装 Laravel - -1 - 首先你需要进入 Workspace 容器. - -2 - 安装 Laravel. - -例如 使用 Composer - -```bash -composer create-project laravel/laravel my-cool-app "5.2.*" -``` - -> 我们建议使用 `composer create-project` 替换 Laravel 安装器去安装 Laravel. - -关于更多 Laravel 安装内容请 [点击这儿](https://laravel.com/docs/master#installing-laravel). - - -3 - 编辑 `docker-compose.yml` 映射新的应用目录: -系统默认 Laradock 假定 Laravel 应用在 laradock 的父级目录中 - -更新 Laravel 应用在 `my-cool-app` 目录中, 我们需要用 `../my-cool-app/:/var/www`替换 `../:/var/www` , 如下: - -```yaml - application: - build: ./application - volumes: - - ../my-cool-app/:/var/www -``` - -4 - 进入目录下继续工作.. - -```bash -cd my-cool-app -``` - -5 - 回到 Laradock 安装步骤,看看如何编辑 `.env` 的文件。 - - -### 运行 Artisan 命令 - -你可以从 Workspace 容器运行 artisan 命令和其他终端命令 - -增加 `--user=laradock` (例如 `docker-compose exec --user=laradock workspace bash`) 作为您的主机的用户创建的文件. - - - -### 使用 Redis -1 - 首先务必用 `docker-compose up` 命令运行 (`redis`) 容器. - -```bash -docker-compose up -d redis -``` - -2 - 打开你的Laravel的 `.env` 文件 然后 配置 `redis` 的 `REDIS_HOST` - -```env -REDIS_HOST=redis -``` - -如果在你的 `.env` 文件没有找到 `REDIS_HOST` 变量。打开数据库配置文件 `config/database.php` 然后用 `redis` 替换默认 IP `127.0.0.1`,例如: - - -```php -'redis' => [ - 'cluster' => false, - 'default' => [ - 'host' => 'redis', - 'port' => 6379, - 'database' => 0, - ], -], -``` - -3 - 启用 Redis 缓存或者开启 Session 管理也在 `.env` 文件中用 `redis` 替换默认 `file` 设置 `CACHE_DRIVER` 和 `SESSION_DRIVER` - -```env -CACHE_DRIVER=redis -SESSION_DRIVER=redis -``` - -4 - 最好务必通过 Composer 安装 `predis/predis` 包 `(~1.0)`: - -```bash -composer require predis/predis:^1.0 -``` - -5 - 你可以用以下代码在 Laravel 中手动测试: - -```php -\Cache::store('redis')->put('Laradock', 'Awesome', 10); -``` - - -### 使用 Mongo - -1 - 首先在 Workspace 和 PHP-FPM 容器中安装 `mongo`: - - a) 打开 `docker-compose.yml` 文件 - b) 在 Workspace 容器中找到 `INSTALL_MONGO` 选项: - c) 设置为 `true` - d) 在 PHP-FPM 容器中找到 `INSTALL_MONGO` - e) 设置为 `true` - -相关配置项如下: - -```yml - workspace: - build: - context: ./workspace - args: - - INSTALL_MONGO=true - ... - php-fpm: - build: - context: ./php-fpm - args: - - INSTALL_MONGO=true - ... -``` - -2 - 重建 `Workspace、PHP-FPM` 容器 - -```bash -docker-compose build workspace php-fpm -``` - -3 - 使用 `docker-compose up` 命令运行 MongoDB 容器 (`mongo`) - -```bash -docker-compose up -d mongo -``` - -4 - 在 `config/database.php` 文件添加 MongoDB 的配置项: - -```php -'connections' => [ - - 'mongodb' => [ - 'driver' => 'mongodb', - 'host' => env('DB_HOST', 'localhost'), - 'port' => env('DB_PORT', 27017), - 'database' => env('DB_DATABASE', 'database'), - 'username' => '', - 'password' => '', - 'options' => [ - 'database' => '', - ] - ], - - // ... - -], -``` - -5 - 打开 Laravel 的 `.env` 文件然后更新以下字段: - -- 设置 `DB_HOST` 为 `mongo` 的主机 IP. -- 设置 `DB_PORT` 为 `27017`. -- 设置 `DB_DATABASE` 为 `database`. - - -6 - 最后务必通过 Composer 安装 `jenssegers/mongodb` 包,添加服务提供者(Laravel Service Provider) - - -```bash -composer require jenssegers/mongodb -``` - -更多细节内容 [点击这儿](https://github.com/jenssegers/laravel-mongodb#installation). - -7 - 测试: - -- 首先让你的模型继承 Mongo 的 Eloquent Model. 查看 [文档](https://github.com/jenssegers/laravel-mongodb#eloquent). -- 进入 Workspace 容器. -- 迁移数据库 `php artisan migrate`. - - -### [PHP] - - -### 安装 PHP 拓展 - -安装 PHP 扩展之前,你必须决定你是否需要 `FPM` 或 `CLI`,因为他们安装在不同的容器上,如果你需要两者,则必须编辑两个容器。 - -PHP-FPM 拓展务必安装在 `php-fpm/Dockerfile-XX`. *(用你 PHP 版本号替换 XX)*. - -PHP-CLI 拓展应该安装到 `workspace/Dockerfile`. - - -### 修改 PHP-FPM 版本 -默认运行 **PHP-FPM 7.0** 版本. - ->PHP-FPM 负责服务你的应用代码,如果你是计划运行您的应用程序在不同 PHP-FPM 版本上,则不需要更改 PHP-CLI 版本。 - -#### A) 切换版本 PHP `7.0` 到 PHP `5.6` - -1 - 打开 `docker-compose.yml`。 - -2 - 在PHP容器的 `Dockerfile-70` 文件。 - -3 - 修改版本号, 用 `Dockerfile-56` 替换 `Dockerfile-70` , 例如: - -```txt -php-fpm: - build: - context: ./php-fpm - dockerfile: Dockerfile-70 -``` - -4 - 最后重建PHP容器 - -```bash -docker-compose build php -``` - -> 更多关于PHP基础镜像, 请访问 [PHP Docker官方镜像](https://hub.docker.com/_/php/). - - -#### B) 切换版本 PHP `7.0` 或 `5.6` 到 PHP `5.5` -我们已不在本地支持 PHP5.5,但是你按照以下步骤获取: - -1 - 克隆 `https://github.com/laradock/php-fpm`. - -2 - 重命名 `Dockerfile-56` 为 `Dockerfile-55`. - -3 - 编辑文件 `FROM php:5.6-fpm` 为 `FROM php:5.5-fpm`. - -4 - 从 `Dockerfile-55` 构建镜像. - -5 - 打开 `docker-compose.yml` 文件. - -6 - 将 `php-fpm` 指向你的 `Dockerfile-55` 文件. - - - -### 修改 PHP-CLI 版本 -默认运行 **PHP-CLI 7.0** 版本 - ->说明: PHP-CLI 只用于执行 Artisan 和 Composer 命令,不服务于你的应用代码,这是 PHP-FPM 的工作,所以编辑 PHP-CLI 的版本不是很重要。 -PHP-CLI 安装在 Workspace 容器,改变 PHP-CLI 版本你需要编辑 `workspace/Dockerfile`. -现在你必须手动修改 PHP-FPM 的 `Dockerfile` 或者创建一个新的。 (可以考虑贡献功能). - - -### 安装 xDebug - -1 - 首先在 Workspace 和 PHP-FPM 容器安装 `xDebug`: - - a) 打开 `docker-compose.yml` 文件 - b) 在 Workspace 容器中找到 `INSTALL_XDEBUG` 选项 - c) 改为 `true` - d) 在 PHP-FPM 容器中找到 `INSTALL_XDEBUG ` 选项 - e) 改为 `true` - -例如: - -```yml - workspace: - build: - context: ./workspace - args: - - INSTALL_XDEBUG=true - ... - php-fpm: - build: - context: ./php-fpm - args: - - INSTALL_XDEBUG=true - ... -``` - -2 - 重建容器 `docker-compose build workspace php-fpm` - - -### [Misc] - - -### 使用自定义域名 (替换 Docker 的 IP) - -假定你的自定义域名是 `laravel.test` - -1 - 打开 `/etc/hosts` 文件添加以下内容,映射你的 localhost 地址 `127.0.0.1` 为 `laravel.test` 域名 -```bash -127.0.0.1 laravel.test -``` - -2 - 打开你的浏览器访问 `{http://laravel.test}` - -你可以在 nginx 配置文件自定义服务器名称,如下: - -```conf -server_name laravel.test; -``` - - -### 安装全局 Composer 命令 - -为启用全局 Composer Install 在容器构建中允许你安装 composer 的依赖,然后构建完成后就是可用的。 - -1 - 打开 `docker-compose.yml` 文件 - -2 - 在 Workspace 容器找到 `COMPOSER_GLOBAL_INSTALL` 选项并设置为 `true` - -例如: - -```yml - workspace: - build: - context: ./workspace - args: - - COMPOSER_GLOBAL_INSTALL=true - ... -``` -3 - 现在特价你的依赖关系到 `workspace/composer.json` - -4 - 重建 Workspace 容器 `docker-compose build workspace` - - -### 安装 Prestissimo - -[Prestissimo](https://github.com/hirak/prestissimo) 是一个平行安装功能的 composer 插件。 - -1 - 在安装期间,使全局 Composer Install 正在运行: - - 点击这个 [启用全局 Composer 构建安装](#Enable-Global-Composer-Build-Install) 然后继续步骤1、2. - -2 - 添加 prestissimo 依赖到 Composer: - -a - 现在打开 `workspace/composer.json` 文件 - -b - 添加 `"hirak/prestissimo": "^0.3"` 依赖 - -c - 重建 Workspace 容器 `docker-compose build workspace` diff --git a/README.md b/README.md index df8ce970..3df8550d 100755 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -### Xiekers Docker Images Repo! +## Cloudflying Docker Images Repo! ## Wait for add Project - [Gitpod](https://github.com/gitpod-io/gitpod) @@ -11,13 +11,32 @@ stretch(9) ## TODO +- shadowsocks +- php leveldb extension - go - go env configure - base Centos or redhat - almalinux - cloudlinux +- tengine +- Canddy2 ### Run +## Docker Composer +- 将程序数据 配置文件 日志等目录挂载出来 +- varnish +- haproxy +- selenium +- mailhog + +# TODO ADD Dockerfile +- geth +- openethereum +- opensuuse +- fedora +- hhvm +- /Users/imxieke/.boxs/bin/all/check-person-project-git-status + ``` $ run shadowsocks docker run -d -p 6443:6443 -e PASSWORD=passwd registry.cn-hongkong.aliyuncs.com/imxieke/shadowsocks @@ -43,12 +62,6 @@ Aerospike 高可用的 K-V类型的Nosql数据库 https://github.com/mozilla/geckodriver -# TODO ADD Dockerfile -geth -openethereum -opensuuse -fedora - ## TODO - 将 Nginx 配置 文件 氛围 main sec cache 等多个 @@ -236,10 +249,8 @@ sudo docker run --rm -ti -p 80:80 -p 3306:3306 --name debian_php_dev_env \ ``` ## Env - Web Server - - [Apache](https://httpd.apache.org) - [Canndy](https://caddyserver.com) - [Nginx](http://nginx.org) - - [LightHttp](https://www.lighttpd.net) - Openresty - Tengine - SQL @@ -248,10 +259,11 @@ sudo docker run --rm -ti -p 80:80 -p 3306:3306 --name debian_php_dev_env \ - [SQLite](https://www.sqlite.org) - [PostGreSQL](https://www.postgresql.org) - [MongoDB](https://www.mongodb.com) -- Mysql Manage +- Mysql Manager - [PHPMyAdmin](https://www.phpmyadmin.net) - [Adminer](https://www.adminer.org) - NOSQL + - [Aerospike](https://aerospike.com) - [Redis](https://redis.io) - [Memcached](https://memcached.org) - Message Queue (Broker) @@ -261,14 +273,10 @@ sudo docker run --rm -ti -p 80:80 -p 3306:3306 --name debian_php_dev_env \ - full-text search engine - [elastic](https://www.elastic.co) - Editor - - [Vim](https://www.vim.org) - [NeoVim](https://neovim.io) - - [Atom](https://atom.io) - [Sublime Text](https://www.sublimetext.com) - [Visual Studio Code](https://code.visualstudio.com) -- Version Control - - [Git](https://git-scm.com) -- Version Repo +- Git Version Repo - [Github](https://github.com) - [BitBucket](https://bitbucket.org) - [Gitlab](https://about.gitlab.com) @@ -276,9 +284,6 @@ sudo docker run --rm -ti -p 80:80 -p 3306:3306 --name debian_php_dev_env \ - 守护进程 - superviosr - - - 提供PHP CLI模式独立运行模式参考:`call-websockt` 与 `php-superviosr`。`call-websockt` 是基于[workman](http://www.workerman.net/) 的PHP Socket服务。`php-supervior` 实现基于Supervisor的队列服务。 ## 配置 Docker @@ -293,19 +298,9 @@ $ sudo systemctl daemon-reload $ sudo systemctl restart docker ``` +1. 配置.env环境参数,一般无需修改默认参数。配置`PHP_FPM_DOMAIN` 支持Nginx容器虚拟主机互通,配置`SUPERVISOR_DOMAIN` 支持Supervisor容器项目互通。[参考这里](https://github.com/laradock/laradock/issues/435)了解容器多个项目内部通信机制。 -## 安装 compose -推荐[Github官网](https://github.com/docker/compose/releases)安装Docker Compose。 - -```bash -$ curl -L https://github.com/docker/compose/releases/download/1.13.0/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose - -$ chmod +x /usr/local/bin/docker-compose -``` - -2. 配置.env环境参数,一般无需修改默认参数。配置`PHP_FPM_DOMAIN` 支持Nginx容器虚拟主机互通,配置`SUPERVISOR_DOMAIN` 支持Supervisor容器项目互通。[参考这里](https://github.com/laradock/laradock/issues/435)了解容器多个项目内部通信机制。 - -3. [*] 配置定时任务容器环境参数。默认无定时任务,可以参考`php-crond/crontabs/default.example`开启定时任务。 +2. [*] 配置定时任务容器环境参数。默认无定时任务,可以参考`php-crond/crontabs/default.example`开启定时任务。 ```shell $ cd php-crond/crontabs/ @@ -313,19 +308,6 @@ $ chmod +x /usr/local/bin/docker-compose ``` 4. [*] 配置Supervisor后台进程处理任务。默认无后台进程处理,参考`php-supervisor/supervisor/default.conf.example` 配置多进程任务。 - ```shell - $ cd php-supervisor/supervisor - $ cp default.conf.example default.conf - ``` - -### Docker常用命令 -```shell -# 删除所有容器 -docker rm -f $(docker ps -aq) -# 删除所有镜像 -docker rmi $(docker images -q) -``` - ## 学习文档 [Docker 配置详解](https://www.jianshu.com/p/2217cfed29d7) @@ -333,117 +315,13 @@ docker rmi $(docker images -q) [Docker 微服务教程](http://www.ruanyifeng.com/blog/2018/02/docker-wordpress-tutorial.html) -*/1 * * * * /cron-shell/backup.sh - - -## Nginx Modules -- https://www.nginx.com/resources/wiki/modules/ -- https://docs.nginx.com/nginx/admin-guide/dynamic-modules/dynamic-modules/ - -### 使用 - -**服务管理** - -```bash -# MySQL -systemctl {start,stop,status,restart} mysqld.service - -# MariaDB -systemctl {start,stop,status,restart} mariadb.service - -# PHP -systemctl {start,stop,status,restart} php-fpm.service - -# Nginx -systemctl {start,stop,status,restart,reload} nginx.service -``` - -**站点管理** - -```bash -# 列表 -service vhost list - -# 启动(重启)、停止 -service vhost {start,stop} [] - -# 新增、编辑 -service vhost {add, edit} [] [] [] [] [] - -# 删除 -service vhost del [] -``` - -参数说明 - -- `start` 启动、重启 -- `stop` 停止 -- `add` 新增 -- `edit` 编辑 -- `del` 删除 -- `` 站点标识,默认:`domain` -- `` 域名列表,使用 `,` 隔开,默认:`domain.com,www.domain.com` -- `` 首页文件,依次生效,默认:`index.html,index.htm,index.php` -- `` 伪静态规则文件,保存在 `/etc/nginx/rewrite/`,默认:`nomal.conf` -- `` 是否支持子目录绑定,`on` 或者 `off`,默认 `off` - -示例 - -```bash -# 启动或重启所有站点 -service vhost start - -# 停止所有站点 -service vhost stop - -# 列出所有站点 -service vhost list - -# 添加一个标识为 `mysite`,域名为 `mysite.com` 的站点 -service vhost add mysite mysite.com - -# 启动或重启标识为 `mysite` 的站点 -service vhost start mysite - -# 停止标识为 `mysite` 的站点 -service vhost stop mysite - -# 编辑标识为 `mysite` 的站点 -service vhost edit mysite - -# 删除标识为 `mysite` 的站点 -service vhost del mysite -``` - -**备份** - -```bash -# 新建一个备份 -service vbackup start - -# 删除一个备份 -service vbackup del [.tar.gz] - -# 列出所有备份 -service vbackup list -``` - ### 协议 The MIT License (MIT) - +```shell * * * * * php /var/www/laravel/artisan schedule:run >> /dev/null 2>&1 * docker-compose exec --user=laradock workspace bash * /usr/sbin/init * /usr/sbin/php-fpm -c /etc/php.ini -y /etc/php-fpm.conf - - -## Alpine Version PHP Version -3.8 5.6.40 -3.9 7.2.33 -3.10 7.3.14 -3.11 7.3.22 -3.12 7.3.25 -edge 7.4.13 -edge 8.0.0 +``` diff --git a/compose.yml b/compose.yml new file mode 100644 index 00000000..90a43d6e --- /dev/null +++ b/compose.yml @@ -0,0 +1,138 @@ +version: '3' + +services: + nginx: + image: nginx:latest + container_name: nginx + restart: always + deploy: + mode: replicated + replicas: 4 + resources: + limits: + cpus: "0.5" + memory: 512M + ports: + - "80:80" + - "443:443" + volumes: + - ./runtime/log/nginx:/var/log/nginx + networks: + - boxs + + php74: + image: registry.cn-hongkong.aliyuncs.com/boxs/php:74 + container_name: php74 + restart: always + privileged: true + depends_on: + - mysql57 + ports: + - "9000:9000" + volumes: + - ./runtime/logs/php74/:/var/log/php-fpm/ + networks: + - boxs + dns: + - 223.5.5.5 + - 8.8.8.8 + + mysql57: + image: registry.cn-hongkong.aliyuncs.com/boxs/mysql:5.7 + hostname: mysql57 + container_name: mysql57 + restart: always + # Only for Container + expose: + - "3306" + ports: + - "${MYSQL57_PORT}:${MYSQL57_PORT}" + volumes: + - ./runtime/data/mysql:/var/lib/mysql + - ./runtime/logs/mysql/:/var/log/mysql + environment: + - TZ=${TIMEZONE} + - MYSQL_ROOT_PASSWORD=${MYSQL57_ROOT_PASSWORD} + - MYSQL_DATABASE=${MYSQL57_DATABASE} + - MYSQL_USER=${MYSQL57_USER} + - MYSQL_PASSWORD=${MYSQL57_PASSWORD} + command: --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci + #only for container without host + networks: + boxs: + ipv4_address: ${MYSQL57_IP} + + mysql80: + image: registry.cn-hongkong.aliyuncs.com/boxs/mysql:8.0 + hostname: mysql80 + container_name: mysql80 + restart: always + # Only for Container + expose: + - "3306" + ports: + - "${MYSQL80_PORT}:${MYSQL80_PORT}" + volumes: + - ./runtime/data/mysql80:/var/lib/mysql + - ./runtime/logs/mysql80/:/var/log/mysql + environment: + - TZ=${TIMEZONE} + - MYSQL_ROOT_PASSWORD=${MYSQL80_ROOT_PASSWORD} + - MYSQL_DATABASE=${MYSQL80_DATABASE} + - MYSQL_USER=${MYSQL80_USER} + - MYSQL_PASSWORD=${MYSQL80_PASSWORD} + command: --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci + #only for container without host + networks: + boxs: + ipv4_address: ${MYSQL80_IP} + + redis: + image: registry.cn-hongkong.aliyuncs.com/boxs/redis:6.2 + container_name: redis + hostname: redis + ports: + - "6379:6379/tcp" + networks: + boxs: + ipv4_address: ${REDIS_IP} + restart: always + volumes: + - ./runtime/conf/redis:/etc/redis + - ./runtime/data/redis:/data + - ./runtime/logs/redis:/var/log/redis + command: redis-server /etc/redis/redis.conf + + boxs: + image: registry.cn-hongkong.aliyuncs.com/imxieke/boxs:latest + hostname: boxs + container_name: boxs + volumes: + - ~/Code:/data + ports: + - "10022:22" + - "10080:80" + - "10443:443" + - "15901:5901" + - "16080:6080" + - "16901:6901" + + xfce4: + image: registry.cn-hongkong.aliyuncs.com/imxieke/boxs:xfce + hostname: xfce4 + container_name: xfce4 + privileged: true + volumes: + - ~/Code:/data + ports: + - "10022:22" + - "15901:5901" + - "16901:6901" +networks: + boxs: + driver: bridge + ipam: + driver: default + config: + - subnet: ${SUBNET_IP} + gateway: ${GATEWAY_IP} diff --git a/compose/1.yml b/compose/1.yml deleted file mode 100644 index 6292a38e..00000000 --- a/compose/1.yml +++ /dev/null @@ -1,50 +0,0 @@ -version: "3" -services: - web: - image: nginx:latest - container_name: nginx - restart: always - ports: - - "80:80" - volumes: - - ./project:/var/www/html/project - - ./nginx/default.conf:/etc/nginx/conf.d/default.conf - - ./log/nginx:/var/log/nginx - networks: - - web-server - php: - build: ./php/ - container_name: php-72 - restart: always - ports: - - "9000:9000" - volumes: - - ./project:/var/www/html/project - - ./php:/usr/local/etc/php - networks: - - web-server - mysql: - image: mysql:5.7 - container_name: mysql-57 - restart: always - ports: - - "3306:3306" - volumes: - - ./mysql:/var/lib/mysql - environment: - - TZ=Asia/Shanghai - - MYSQL_ROOT_PASSWORD=123456 - command: --character-set-server=utf8mb4 --collation-server=utf8mb4_general_ci - networks: - - web-server - redis: - image: redis:latest - container_name: redis - restart: always - ports: - - "6379:6379" - volumes: - - ./redis/redis.conf:/usr/local/etc/redis/redis.conf - command: redis-server /usr/local/etc/redis/redis.conf -networks: - web-server: diff --git a/compose/10.yml b/compose/10.yml deleted file mode 100644 index 2e843929..00000000 --- a/compose/10.yml +++ /dev/null @@ -1,43 +0,0 @@ -version: '3' -services: - - redis: - image: redis:alpine - ports: - - "6379:6379" - networks: - - frontend - deploy: - replicas: 2 - update_config: # 配置如何更新服务 - parallelism: 2 # 每次要更新的容器数量 - delay: 10s # 更新下一组容器前要等待的时间 - resources: - limits: - cpus: "0.1" - memory: 512M - restart_policy: - condition: on-failure - max_attempts: 3 - delay: 10s - mysql: - network_mode: "bridge" - environment: - MYSQL_ROOT_PASSWORD: "111111" - MYSQL_USER: 'test' - MYSQL_PASS: '111111' - image: "mysql:latest" - restart: always - volumes: - - "./db:/var/lib/mysql" - - "./conf/my.cnf:/etc/my.cnf" - - "./init:/docker-entrypoint-initdb.d/" - ports: - - "3306:3306" - -networks: - frontend: - backend: - -volumes: - db-data: diff --git a/compose/11.yml b/compose/11.yml deleted file mode 100644 index c978bfdb..00000000 --- a/compose/11.yml +++ /dev/null @@ -1,28 +0,0 @@ -version: '2' -services: - build: - build: . - - web: - images: ubuntu - links: - - mysql - ports: - - "8000:80" - environment: - DB_HOST: mysql:3306 - DB_PASSWD: root - - mysql: - images: mysql - environment: - - DB_PASSWD=root - expose: #only for container without host - - "3306" - volumes: - - /var/lib/mysql - - cache/:/tmp/cache - - ~/configs:/etc/configs/:ro - dns: - - 8.8.8.8 - - 9.9.9.9 \ No newline at end of file diff --git a/compose/2.yml b/compose/2.yml deleted file mode 100644 index cb42706b..00000000 --- a/compose/2.yml +++ /dev/null @@ -1,99 +0,0 @@ -version: '2' -services: - workspace: - build: - context: ./workspace - volumes_from: - - volumes_source - - volumes_data - tty: true - - memcached: - build: - context: ./memcached - container_name: memcached - volumes_from: - - volumes_data - -# redis: -# build: -# context: ./redis -# volumes_from: -# - volumes_data -# ports: -# - 6379:6379 -# - mysql: - build: - context: ./mysql - ports: - - "3306:3306" - volumes_from: - - volumes_data - environment: - MYSQL_DATABASE: topone4tvs - MYSQL_USER: topone4tvs - MYSQL_PASSWORD: chenbowen - MYSQL_ROOT_PASSWORD: chenbowen - - php: - build: - context: ./php - links: - - workspace - - memcached - #- redis - #- mysql - volumes_from: - - volumes_source - - php7: - image: dev-php7-v1 - build: - context: ./php7 - args: - - LOCAL_IP_ADD=10.10.111.152 - links: - - workspace - - memcached - #- redis - #- mysql - volumes_from: - - volumes_source - - volumes_data - - nginx: - build: - context: ./nginx - args: - - PHP_UPSTREAM=php7 - links: - - php7 - volumes_from: - - volumes_source - - volumes_data - ports: - - "80:80" - - "443:443" - - "8080:8080" - - "8888:8888" - - "9090:9090" -### Application Code Container ###################### - - volumes_source: - image: tianon/true - volumes: - - /private/var/www:/private/var/www - -### Databases Data Container ################################ - - volumes_data: - image: tianon/true - volumes: - - ./data/nginx:/data/nginx - - ./data/logs:/data/logs - - ./data/mysql:/data/mysql - - ./data/mongodb:/data/mongodb - - ./data/memcached:/data/memcached - - ./data/redis:/data/redis - - ./data/sessions:/data/sessions diff --git a/compose/3.yml b/compose/3.yml deleted file mode 100644 index cdbc0700..00000000 --- a/compose/3.yml +++ /dev/null @@ -1,97 +0,0 @@ -version: "3.0" - -services: - - nginx: - container_name: lnmp-nginx - build: - context: ./nginx - ports: - - 80:80 - - 443:443 - volumes: - - ./nginx/nginx.conf:/etc/nginx/nginx.conf - - ./nginx/sites:/etc/nginx/conf.d - - ./nginx/ssl:/etc/nginx/ssl - - ${WEB_ROOT_PATH}:/var/www - depends_on: - - php-fpm - - mysql - - php-fpm: - container_name: lnmp-php-pfm - build: - context: ./php-fpm - args: - - PHP_VERSION=${PHP_VERSION} - - INSTALL_PCNTL=${PHP_INSTALL_PCNTL} - - INSTALL_OPCACHE=${PHP_INSTALL_OPCACHE} - - INSTALL_ZIP=${PHP_INSTALL_ZIP} - - INSTALL_REDIS=${PHP_INSTALL_REDIS} - - INSTALL_REDIS_VERSION=${PHP_INSTALL_REDIS_VERSION} - - INSTALL_MONGODB=${PHP_INSTALL_MONGODB} - - INSTALL_MONGODB_VERSION=${PHP_INSTALL_MONGODB_VERSION} - - INSTALL_MEMCACHED=${PHP_INSTALL_MEMCACHED} - - INSTALL_MEMCACHED_VERSION=${PHP_INSTALL_MEMCACHED_VERSION} - - INSTALL_SWOOLE=${PHP_INSTALL_SWOOLE} - - INSTALL_SWOOLE_VERSION=${PHP_INSTALL_SWOOLE_VERSION} - - INSTALL_XUNSEARCH=${PHP_INSTALL_XUNSEARCH} - - INSTALL_COMPOSER=${PHP_INSTALL_COMPOSER} - ports: - - 9000:9000 - volumes: - - ./php-fpm/conf-${PHP_VERSION}/php.ini:/usr/local/etc/php/php.ini - - ./php-fpm/conf-${PHP_VERSION}/php-fpm.conf:/usr/local/etc/php-fpm.conf - - ./php-fpm/conf-${PHP_VERSION}/php-fpm.d:/usr/local/etc/php-fpm.d - - ${WEB_ROOT_PATH}:/var/www - - mysql: - container_name: lnmp-mysql - build: - context: ./mysql - args: - - MYSQL_VERSION=${MYSQL_VERSION} - ports: - - ${MYSQL_PORT}:3306 - volumes: - - ./mysql/data:/var/lib/mysql - command: --default-authentication-plugin=mysql_native_password - restart: always - environment: - - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} - - mongo: - container_name: lnmp-mongo - build: - context: ./mongo - args: - - MONGO_VERSION=${MONGO_VERSION} - ports: - - ${MONGO_PORT}:27017 - volumes: - - ./mongo/data:/data/db - restart: always - environment: - MONGO_INITDB_ROOT_USERNAME: ${MONGO_ROOT_USERNAME} - MONGO_INITDB_ROOT_PASSWORD: ${MONGO_ROOT_PASSWORD} - - redis: - container_name: lnmp-redis - build: - context: ./redis - args: - - REDIS_VERSION=${REDIS_VERSION} - ports: - - ${REDIS_PORT}:6379 - volumes: - - ./redis/data:/data - restart: always - - memcached: - container_name: lnmp-memcached - build: - context: ./memcached - args: - - MEMCACHED_VERSION=${MEMCACHED_VERSION} - ports: - - ${MEMCACHED_PORT}:11211 \ No newline at end of file diff --git a/compose/4.yml b/compose/4.yml deleted file mode 100644 index 0f92ec9d..00000000 --- a/compose/4.yml +++ /dev/null @@ -1,56 +0,0 @@ -version: '3' - -services: - - mysql: - # 此处以container模式设置网络,此模式下msyql与php服务使用同一个网卡,以实现localhost/127.0.0.1内循环 - # 此模式下不可与ports端口转发参数共同使用 - network_mode: "service:php" - env_file: - - .env - image: mysql:${MYSQL_VERSION} - container_name: lnmpr-mysql - # ports: - # - ${MYSQL_PORT_LOCAL}:${MYSQL_PORT_DOCKER} - environment: - - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} - - redis: - network_mode: "service:php" - env_file: - - .env - image: redis:${REDIS_VERSION} - container_name: lnmpr-redis - # ports: - # - ${REDIS_PORT_LOCAL}:${REDIS_PORT_DOCKER} - - php: - env_file: - - .env - # image: php:${PHP_VERSION} - build: - context: ./php - dockerfile: Dockerfile - args: - php_version: ${PHP_VERSION} - container_name: lnmpr-php - volumes: - - ${PHP_WORK_DIR_LOCAL}:${PHP_WORK_DIR_DOCKER} - ports: - - ${PHP_PORT_LOCAL}:${PHP_PORT_DOCKER} - # depends_on: - # - mysql - # - redis - - nginx: - env_file: - - .env - image: nginx:${NGINX_VERSION} - container_name: lnmpr-nginx - volumes: - - ${NGINX_WORK_DIR_LOCAL}:${NGINX_WORK_DIR_DOCKER} - - ${NGINX_CONF_LOCAL}:${NGINX_CONF_DOCKER} - ports: - - ${NGINX_PORT_LOCAL}:${NGINX_PORT_DOCKER} - depends_on: - - php \ No newline at end of file diff --git a/compose/5.yml b/compose/5.yml deleted file mode 100644 index a3685079..00000000 --- a/compose/5.yml +++ /dev/null @@ -1,49 +0,0 @@ -version: "2" -services: - # Nginx 1.11.10: https://hub.docker.com/_/nginx/ - web: - image: nginx:1.11.10 - ports: - - 8080:80 - depends_on: - - php - # 同 php 一起共享 ./apps 目录 - volumes_from: - - php - # 创建一个数据卷,由 ./images/nginx/config => /etc/nginx/conf.d - volumes: - - ./images/nginx/config:/etc/nginx/conf.d:ro - - # PHP 7.1-fpm: https://hub.docker.com/_/php/ - php: - # image: php:7.1-fpm - build: - context: ./images/php - dockerfile: Dockerfile - volumes: - - ./apps:/mnt/apps - - # MySQL 5.7: https://hub.docker.com/_/mysql/ - database: - image: mysql:5.7 - # 设置 3306 端口映射以便远程连接 - ports: - - 3306:3306 - # 配置一些环境变量,具体的环境变量细节可以访问上面的网址查看 - environment: - MYSQL_ROOT_PASSWORD: "root" - MYSQL_USER: "dailybird" - MYSQL_PASSWORD: "dailybirdo" - volumes: - - ./database:/var/lib/mysql - - # 用于 Git,Composer 等工具 - console: - build: - context: ./images/console - dockerfile: Dockerfile - volumes_from: - - php - tty: true - - diff --git a/compose/6.yml b/compose/6.yml deleted file mode 100644 index 68f4be17..00000000 --- a/compose/6.yml +++ /dev/null @@ -1,90 +0,0 @@ -version: '3' - -services: - cgi: - container_name: cgi - build: ./docker/files/cgi - tty: true - restart: always - expose: - - "9000" - volumes: - - ./www:/data/www - - ./docker/log/cgi:/var/log/php-fpm - depends_on: - - mysql - - redis - links: - - mysql:mysql - - redis:redis - proxy: - container_name: proxy - build: ./docker/files/proxy - tty: true - restart: always - ports: - - "80:80" - - "443:443" - volumes: - - ./www:/data/www - - ./docker/config/proxy/conf.d:/etc/nginx/conf.d - - ./docker/log/proxy:/var/log/nginx - depends_on: - - cgi - links: - - cgi - mysql: - container_name: mysql - image: daocloud.io/library/mysql:5.6 - restart: always - expose: - - "3306" - ports: - - "3306:3306" - volumes: - - ./docker/data/mysql:/var/lib/mysql - environment: - - MYSQL_ROOT_PASSWORD=root - - MYSQL_DATABASE=yii2 - redis: - container_name: redis - image: daocloud.io/library/redis - restart: always - expose: - - "6379" - ports: - - "6379:6379" - volumes: - - ./docker/data/redis:/data - command: redis-server --appendonly yes - phpmyadmin: - container_name: phpmyadmin - image: daocloud.io/daocloud/phpmyadmin - expose: - - '80' - ports: - - "8080:80" - environment: - - PMA_ARBITRARY=0 - - PMA_HOST=mysql - # 如果取消下面两行注释, phpmyadmin就不用输入用户名和密码, 可以直接登录 - # - PMA_USER=root - # - PMA_PASSWORD=root - depends_on: - - mysql - links: - - mysql:mysql - phpredisadmin: - container_name: phpredisadmin - image: erikdubbelboer/phpredisadmin - expose: - - '80' - ports: - - "8081:80" - environment: - - REDIS_1_HOST=redis - - REDIS_1_NAME=redis - depends_on: - - redis - links: - - redis:redis diff --git a/compose/7.yml b/compose/7.yml deleted file mode 100644 index 34dc2af7..00000000 --- a/compose/7.yml +++ /dev/null @@ -1,114 +0,0 @@ -version: '3.1' - -services: -### Nginx Server Container ############################# - nginx: - build: ./build/nginx - privileged: true - ports: - - "${NGINX_HOST_HTTP_PORT}:80" - - "${NGINX_HOST_HTTPS_PORT}:443" - links: - - "php72" - - "php56" - volumes: - # Nginx默认配置文件 - - ./build/nginx/nginx.conf:/etc/nginx/nginx.conf - # 配置虚拟主机 - - ./vhost/:/etc/nginx/conf.d/ - # Nginx访问路径 - - ./www/:/var/www/ - # Nginx访问路径 - - ./logs/nginx/:/var/log/nginx/ - -### PHP Container ############################# - php72: - build: ./build/php72 - privileged: true - ports: - - "9007:9000" - links: - - "mysql" - - "redis" - volumes: - # 映射访问地址 - - ./www/:/var/www/ - php56: - build: ./build/php56 - privileged: true - ports: - - "9056:9000" - links: - - "mysql" - volumes: - - ./www/:/var/www/ -### MYSQL Container ############################# - mysql: - build: - context: ./build/mysql - dockerfile: Dockerfile - args: - - MYSQL_VERSION=${MYSQL_VERSION} - restart: always - command: - - --character-set-server=utf8mb4 - - --collation-server=utf8mb4_unicode_ci - privileged: true - ports: - - "${MYSQL_HOST_PORT}:3306" - volumes: - - ./data/mysql:/var/lib/mysql - - ./data/backup_mysql/:/data/backup/db - - ./logs/mysql/:/var/log/mysql - environment: - - MYSQL_DATABASE=${MYSQL_DATABASE} - - MYSQL_USER=${MYSQL_USER} - - MYSQL_PASSWORD=${MYSQL_PASSWORD} - - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} - - TZ=${WORKSPACE_TIMEZONE} - -### PostgreSQL Container #################################### - -# postgres: -# build: ./build/postgresql -# ports: -# - "5432:5432" -# volumes: -# - ./data/postgresql:/var/lib/postgresql/data -# environment: -# - POSTGRES_DB=default -# - POSTGRES_USER=default -# - POSTGRES_PASSWORD=kfkdock - -### Redis Container ############################# - - redis: - build: ./build/redis - privileged: true - ports: - - "6379:6379" - volumes: - - ./data/redis:/data - - ./logs/redis:/var/log/redis - -### Mongo Container ############################# - -# mongo: -# build: ./build/mongo -# privileged: true -# ports: -# - "27017:27017" -# volumes: -# - ./data/mongo:/data/db - -### Node Container ############################# - -# node: -# build: ./build/node -# privileged: true -# ports: -# - "8080:8080" -# volumes: -# - ./www/:/var/www/ -#networks: -# lnmp: \ No newline at end of file diff --git a/compose/8.yml b/compose/8.yml deleted file mode 100644 index 6ef4df82..00000000 --- a/compose/8.yml +++ /dev/null @@ -1,38 +0,0 @@ -version: '2' - -services: - example-db: - container_name: example-db - image: mariadb:latest - volumes: - - ./db:/var/lib/mysql - environment: - - MYSQL_ROOT_PASSWORD=examplerootpassword - - MYSQL_DATABASE=example - - MYSQL_USER=example - - MYSQL_PASSWORD=examplepassword - restart: always - - example-db-backup: - container_name: example-db-backup - image: tiredofit/db-backup - links: - - example-db - volumes: - - ./backups:/backup - - ./post-script.sh:/assets/custom-scripts/post-script.sh - environment: - - DB_TYPE=mariadb - - DB_HOST=example-db - - DB_NAME=example - - DB_USER=example - - DB_PASS="examplepassword" - - DB_DUMP_FREQ=1440 - - DB_DUMP_BEGIN=0000 - - DB_CLEANUP_TIME=8640 - - MD5=TRUE - - COMPRESSION=XZ - - SPLIT_DB=FALSE - restart: always - - diff --git a/compose/9.yml b/compose/9.yml deleted file mode 100644 index 962a7104..00000000 --- a/compose/9.yml +++ /dev/null @@ -1,29 +0,0 @@ -version: "3.5" - -services: -networks: - net-default: - driver: bridge - ipam: - driver: default - config: - - subnet: 10.0.0.0/24 - -nginx: - #其他配置... - networks: - net-default: - ipv4_address: 10.0.0.10 - - php54: - #其他配置... - extra_hosts: - - "project.com:10.0.0.10" - networks: - - net-default - - php: - build: - context: . - ports: - - 127.0.0.1:9001:9000 diff --git a/compose/apm-server-compose.yml b/compose/apm-server-compose.yml deleted file mode 100644 index 3a29b2fa..00000000 --- a/compose/apm-server-compose.yml +++ /dev/null @@ -1,9 +0,0 @@ -version: '2' - -services: - apm: - image: docker.elastic.co/apm/apm-server:6.4.3 - ports: - - 8200:8200 - volumes: - - ../docker-compose_data/apm-server/config/apm-server.yml:/usr/share/apm-server/apm-server.yml \ No newline at end of file diff --git a/compose/aria2.yml b/compose/aria2.yml deleted file mode 100644 index e92be6d9..00000000 --- a/compose/aria2.yml +++ /dev/null @@ -1,17 +0,0 @@ -version: '3' -services: - aria2: - image: registry.baidubce.com/mirrors/aria2:latest - container_name: aria2 - ports: - - "6800:6800" - - "6801:6801" - - "6802-6999:6802-6999" - volumes: - - $HOME/Downloads:/data/downloads - - /Users/imxieke/Code/Project/dockenv/images/aria2/conf:/etc/aria2c - environment: - ARIA2_PORT: 6800 - RPC_SECRET: haspwd - WEBUI_PORT: 6801 - DHT_PORT: "6802-6999" diff --git a/compose/container_scanning_all_arch.yml b/compose/container_scanning_all_arch.yml deleted file mode 100644 index df9e67ee..00000000 --- a/compose/container_scanning_all_arch.yml +++ /dev/null @@ -1,74 +0,0 @@ -container_scanning amd64: - stage: test - image: yobasystems/alpine-docker - allow_failure: true - tags: - - security - services: - - yobasystems/alpine-docker:dind - variables: - DOCKER_DRIVER: overlay2 - CLAIR_HOST: $CLAIR_URL - script: - - apk add -U wget ca-certificates - - docker pull $DOCKER_REGISTRY_DOCKERHUB_REPO:amd64 - - wget https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64 - - mv clair-scanner_linux_amd64 clair-scanner - - chmod +x clair-scanner - - touch clair-whitelist.yml - - retries=0 - - echo "Waiting for clair daemon to start" - - ./clair-scanner -c ${CLAIR_HOST} --ip $(hostname -i) -r gl-container-scanning-report-amd64.json -l clair.log -w clair-whitelist.yml $DOCKER_REGISTRY_DOCKERHUB_REPO:amd64 || true - artifacts: - reports: - container_scanning: gl-sast-container-report-amd64.json - -container_scanning arm32v7: - stage: test - image: yobasystems/alpine-docker - allow_failure: true - tags: - - security - services: - - yobasystems/alpine-docker:dind - variables: - DOCKER_DRIVER: overlay2 - CLAIR_HOST: $CLAIR_URL - script: - - apk add -U wget ca-certificates - - docker pull $DOCKER_REGISTRY_DOCKERHUB_REPO:arm32v7 - - wget https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64 - - mv clair-scanner_linux_amd64 clair-scanner - - chmod +x clair-scanner - - touch clair-whitelist.yml - - retries=0 - - echo "Waiting for clair daemon to start" - - ./clair-scanner -c ${CLAIR_HOST} --ip $(hostname -i) -r gl-container-scanning-report-arm32v7.json -l clair.log -w clair-whitelist.yml $DOCKER_REGISTRY_DOCKERHUB_REPO:arm32v7 || true - artifacts: - reports: - container_scanning: gl-sast-container-report-arm32v7.json - -container_scanning arm64v8: - stage: test - image: yobasystems/alpine-docker - allow_failure: true - tags: - - security - services: - - yobasystems/alpine-docker:dind - variables: - DOCKER_DRIVER: overlay2 - CLAIR_HOST: $CLAIR_URL - script: - - apk add -U wget ca-certificates - - docker pull $DOCKER_REGISTRY_DOCKERHUB_REPO:arm64v8 - - wget https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64 - - mv clair-scanner_linux_amd64 clair-scanner - - chmod +x clair-scanner - - touch clair-whitelist.yml - - retries=0 - - echo "Waiting for clair daemon to start" - - ./clair-scanner -c ${CLAIR_HOST} --ip $(hostname -i) -r gl-container-scanning-report-arm64v8.json -l clair.log -w clair-whitelist.yml $DOCKER_REGISTRY_DOCKERHUB_REPO:arm64v8 || true - artifacts: - reports: - container_scanning: gl-sast-container-report-arm64v8.json diff --git a/compose/docker-compose-10.yml b/compose/docker-compose-10.yml deleted file mode 100644 index a04055a7..00000000 --- a/compose/docker-compose-10.yml +++ /dev/null @@ -1,76 +0,0 @@ -version: '3' - -services: - - nginx: - build: - context: ./nginx - ports: - - "${HTTP_PORT}:80" - - "${HTTPS_PORT}:443" - volumes: - - ${CODE_BASE_DIR}:/var/www - - php: - build: - context: ./php-fpm - args: - - PHP_VERSION=${PHP_VERSION} - volumes: - - ${CODE_BASE_DIR}:/var/www - - mysql: - container_name: mysql - build: - context: ./mysql - args: - - MYSQL_VERSION=${MYSQL_VERSION} - environment: - - MYSQL_DATABASE=${MYSQL_DATABASE} - - MYSQL_USER=${MYSQL_USER} - - MYSQL_PASSWORD=${MYSQL_PASSWORD} - - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} - - TZ=${WORKSPACE_TIMEZONE} - volumes: - - ${DATA_PATH_HOST}/mysql:/var/lib/mysql - - ${MYSQL_ENTRYPOINT_INITDB}:/docker-entrypoint-initdb.d - ports: - - "${MYSQL_PORT}:3306" - - redis: - container_name: redis - image: redis - ports: - - "${REDIS_PORT}:6379" - volumes: - - ${DATA_PATH_HOST}/redis:/data - - workspace: - container_name: workspace - build: - context: ./workspace - args: - - PHP_VERSION=${PHP_VERSION} - - NODE_VERSION=${NODE_VERSION} - - USER_LOGIN=${USER_LOGIN} - - USER_PASSWORD=${USER_PASSWORD} - - SET_USER_PASSWORD=${SET_USER_PASSWORD} - ports: - - "${SSH_PORT}:22" - volumes: - - ${CODE_BASE_DIR}:/var/www - tty: true - - phpmyadmin: - image: phpmyadmin/phpmyadmin:latest - container_name: phpmyadmin - environment: - - PMA_HOST=mysql - - PMA_PORT=${MYSQL_PORT} - depends_on: - - mysql - restart: always - ports: - - "${PHPMYADMIN_PORT}:80" - volumes: - - /sessions \ No newline at end of file diff --git a/compose/docker-compose-8.yml b/compose/docker-compose-8.yml deleted file mode 100644 index 7aedd4e5..00000000 --- a/compose/docker-compose-8.yml +++ /dev/null @@ -1,97 +0,0 @@ -version: '3' - -services: - - nginx: - image: nginx:alpine - ports: - - "80:80" - - "8080:8080" - - "443:443" - volumes: - - ${WORKSPACES}:/var/www/html/:rw,cached - - ./conf/nginx/conf.d:/etc/nginx/conf.d/:ro,cached - - ./conf/nginx/nginx.conf:/etc/nginx/nginx.conf:ro,cached - - ./log/nginx/:/var/log/nginx/:rw,cached - links: - - php72:fpm72 - - php56:fpm56 - environment: - - TZ=Asia/Shanghai - networks: - docker_net: - ipv4_address: ${NGINX_IP} - - php72: - build: ./php/php72/ - expose: - - "9000" - volumes: - - ${WORKSPACES}:/var/www/html/:rw,cached - - ./conf/php/php72.ini:/usr/local/etc/php/php.ini:ro,cached - - ./conf/php/php-fpm.d/www72.conf:/usr/local/etc/php-fpm.d/www.conf:rw,cached - - ./log/php-fpm/:/var/log/php-fpm/:rw,cached - links: - - mysql:mysql - - redis:redis - networks: - docker_net: - ipv4_address: ${PHP72_IP} - - php56: - build: ./php/php56/ - expose: - - "9000" - volumes: - - ${WORKSPACES}:/var/www/html/:rw,cached - - ./conf/php/php56.ini:/usr/local/etc/php/php.ini:ro,cached - - ./conf/php/php-fpm.d/www56.conf:/usr/local/etc/php-fpm.d/www.conf:rw,cached - - ./log/php-fpm/:/var/log/php-fpm/:rw,cached - links: - - mysql:mysql - - redis:redis - networks: - docker_net: - ipv4_address: ${PHP56_IP} - - mysql: - image: mysql:5.6 - ports: - - "3306:3306" - volumes: - - ./conf/mysql/my.cnf:/etc/mysql/my.cnf:ro,cached - - ./mysql/:/var/lib/mysql/:rw,cached - - ./log/mysql/:/var/log/mysql/:rw,cached - environment: - MYSQL_ROOT_PASSWORD: "123456" - networks: - docker_net: - ipv4_address: ${MYSQL_IP} - - redis: - image: redis:latest - ports: - - "6379:6379" - networks: - docker_net: - ipv4_address: ${REDIS_IP} - - portainer: - image: portainer/portainer:latest - ports: - - "9000:9000" - volumes: - - /var/run/docker.sock:/var/run/docker.sock:cached - - ./portainer/:/data:cached - networks: - docker_net: - ipv4_address: ${PORTAINER_IP} - -networks: - docker_net: - driver: bridge - ipam: - driver: default - config: - - - subnet: "${DOCKER_SUBNET}" \ No newline at end of file diff --git a/compose/docker-compose-9.yml b/compose/docker-compose-9.yml deleted file mode 100644 index 5a0ba69a..00000000 --- a/compose/docker-compose-9.yml +++ /dev/null @@ -1,141 +0,0 @@ -version: '2.1' -services: - ### Nginx Web Container ####################################### - nginx: - build: ./nginx - container_name: lnmp-nginx - ports: - - "80:80" - - "443:443" - #source code container - volumes_from: - - www - volumes: - - "./nginx/logs:/var/log/nginx" - - "./nginx/socket:/var/run" - links: - - php-fpm:php-fpm - networks: - web_server_network: - ipv4_address: ${NGINX_WEB_SERVER_IP} - - ### PHP-FPM Container ####################################### - php-fpm: - image: bravist/php-fpm-alpine-aliyun-app:1.17 - container_name: lnmp-php-fpm - #source code container - volumes_from: - - www - volumes: - - "./nginx/logs/php-fpm:/usr/local/var/log/php7" - - "./nginx/socket:/var/run" - links: - - mariadb - - redis - #https://github.com/laradock/laradock/issues/435 - extra_hosts: - - "${PHP_FPM_DOMAIN}:${NGINX_WEB_SERVER_IP}" - - "${PHP_FPM_DOMAIN2}:${NGINX_WEB_SERVER_IP}" - - "${PHP_FPM_DOMAIN3}:${NGINX_WEB_SERVER_IP}" - - "${PHP_FPM_DOMAIN4}:${NGINX_WEB_SERVER_IP}" - - "${PHP_FPM_DOMAIN5}:${NGINX_WEB_SERVER_IP}" - - "${PHP_FPM_DOMAIN6}:${NGINX_WEB_SERVER_IP}" - env_file: - - .env - networks: - - web_server_network - - ### PHP-SUPERVISOR Container ####################################### - php-supervisor: - build: ./php-supervisor - container_name: lnmp-php-supervisor - volumes: - - ./php-supervisor/supervisor/log:/var/log/supervisor - - ./php-supervisor/supervisor:/etc/supervisor/conf.d - volumes_from: - - www - links: - - mariadb - - redis - extra_hosts: - - "${SUPERVISOR_DOMAIN}:${NGINX_WEB_SERVER_IP}" - - "${SUPERVISOR_DOMAIN2}:${NGINX_WEB_SERVER_IP}" - - "${SUPERVISOR_DOMAIN3}:${NGINX_WEB_SERVER_IP}" - - "${SUPERVISOR_DOMAIN4}:${NGINX_WEB_SERVER_IP}" - - "${SUPERVISOR_DOMAIN5}:${NGINX_WEB_SERVER_IP}" - - "${SUPERVISOR_DOMAIN6}:${NGINX_WEB_SERVER_IP}" - env_file: - - .env - networks: - - web_server_network - - ### CALL-WEBSOCKET Container ####################################### - call-websocket: - build: ./call-websocket - container_name: lnmp-call-websocket - volumes_from: - - www - ports: - - "8190:8190" - - "8191:8191" - networks: - - web_server_network - - ### PHP-CROND Container ####################################### - php-crond: - build: ./php-crond - container_name: lnmp-php-crond - volumes_from: - - "www" - volumes: - - "./php-crond/crontabs:/var/log/cron" - networks: - - web_server_network - - ### MariaDB Container ####################################### - # MariaDB - One of the most popular database servers. Made by the original developers of MySQL. Guaranteed to stay open source. - mariadb: - image: mariadb:10.2 - container_name: lnmp-mariadb - ports: - - "3306:3306" - volumes: - # NOTE: your data will be stored in ./mysql - - ./mariadb/data/mysql:/var/lib/mysql - environment: - - MYSQL_DATABASE=mysql - - MYSQL_USER=developer - - MYSQL_PASSWORD=developer - - MYSQL_ROOT_PASSWORD=developer - networks: - - web_server_network - - ### REDIS Container ####################################### - redis: - build: ./redis - container_name: lnmp-redis - ports: - - "6379:6379" - volumes: - - "./redis/data:/data" - environment: - - REDIS_PASSWORD=developer - networks: - - web_server_network - - ### Web-Root Container ####################################### - www: - image: tianon/true - container_name: lnmp-www - volumes: - - ./www:/usr/share/nginx/html - -### Networks Setup ############################################ -networks: - web_server_network: - driver: bridge - ipam: - driver: default - config: - - subnet: "${WEB_SERVER_SUBNET}" - gateway: "${WEB_SERVER_GATEWAY}" diff --git a/compose/docker-compose-sync.yml b/compose/docker-compose-sync.yml deleted file mode 100644 index dfa72351..00000000 --- a/compose/docker-compose-sync.yml +++ /dev/null @@ -1,102 +0,0 @@ -version: '3' - -services: - - nginx: - image: nginx:alpine - ports: - - "80:80" - - "8080:8080" - - "443:443" - volumes: - - www-docker-sync:/var/www/html/:rw - - ./conf/nginx/conf.d:/etc/nginx/conf.d/:ro - - ./conf/nginx/nginx.conf:/etc/nginx/nginx.conf:ro - - ./log/nginx/:/var/log/nginx/:rw - links: - - php72:fpm72 - - php56:fpm56 - environment: - - TZ=Asia/Shanghai - networks: - docker_net: - ipv4_address: ${NGINX_IP} - - php72: - build: ./php/php72/ - expose: - - "9000" - volumes: - - www-docker-sync:/var/www/html/:rw - - ./conf/php/php72.ini:/usr/local/etc/php/php.ini:ro - - ./conf/php/php-fpm.d/www72.conf:/usr/local/etc/php-fpm.d/www.conf:rw - - ./log/php-fpm/:/var/log/php-fpm/:rw - links: - - mysql:mysql - - redis:redis - networks: - docker_net: - ipv4_address: ${PHP72_IP} - - php56: - build: ./php/php56/ - expose: - - "9000" - volumes: - - www-docker-sync:/var/www/html/:rw - - ./conf/php/php56.ini:/usr/local/etc/php/php.ini:ro - - ./conf/php/php-fpm.d/www56.conf:/usr/local/etc/php-fpm.d/www.conf:rw - - ./log/php-fpm/:/var/log/php-fpm/:rw - links: - - mysql:mysql - - redis:redis - networks: - docker_net: - ipv4_address: ${PHP56_IP} - - mysql: - image: mysql:5.6 - ports: - - "3306:3306" - volumes: - - ./conf/mysql/my.cnf:/etc/mysql/my.cnf:ro - - ./mysql/:/var/lib/mysql/:rw - - ./log/mysql/:/var/log/mysql/:rw - environment: - MYSQL_ROOT_PASSWORD: "123456" - networks: - docker_net: - ipv4_address: ${MYSQL_IP} - - redis: - image: redis:latest - ports: - - "6379:6379" - networks: - docker_net: - ipv4_address: ${REDIS_IP} - - portainer: - image: portainer/portainer:latest - ports: - - "9000:9000" - volumes: - - /var/run/docker.sock:/var/run/docker.sock - - ./portainer/:/data - networks: - docker_net: - ipv4_address: ${PORTAINER_IP} - -volumes: - www-docker-sync: - external: true - - -networks: - docker_net: - driver: bridge - ipam: - driver: default - config: - - - subnet: "${DOCKER_SUBNET}" \ No newline at end of file diff --git a/compose/docker-compose.laradock.yml b/compose/docker-compose.laradock.yml deleted file mode 100644 index eabce3e4..00000000 --- a/compose/docker-compose.laradock.yml +++ /dev/null @@ -1,1819 +0,0 @@ -version: '3' - -networks: - frontend: - driver: ${NETWORKS_DRIVER} - backend: - driver: ${NETWORKS_DRIVER} - -volumes: - mysql: - driver: ${VOLUMES_DRIVER} - percona: - driver: ${VOLUMES_DRIVER} - mssql: - driver: ${VOLUMES_DRIVER} - postgres: - driver: ${VOLUMES_DRIVER} - memcached: - driver: ${VOLUMES_DRIVER} - redis: - driver: ${VOLUMES_DRIVER} - neo4j: - driver: ${VOLUMES_DRIVER} - mariadb: - driver: ${VOLUMES_DRIVER} - mongo: - driver: ${VOLUMES_DRIVER} - minio: - driver: ${VOLUMES_DRIVER} - rethinkdb: - driver: ${VOLUMES_DRIVER} - phpmyadmin: - driver: ${VOLUMES_DRIVER} - adminer: - driver: ${VOLUMES_DRIVER} - aerospike: - driver: ${VOLUMES_DRIVER} - caddy: - driver: ${VOLUMES_DRIVER} - meilisearch: - driver: ${VOLUMES_DRIVER} - elasticsearch: - driver: ${VOLUMES_DRIVER} - mosquitto: - driver: ${VOLUMES_DRIVER} - confluence: - driver: ${VOLUMES_DRIVER} - sonarqube: - driver: ${VOLUMES_DRIVER} - cassandra: - driver: ${VOLUMES_DRIVER} - graylog: - driver: ${VOLUMES_DRIVER} - docker-in-docker: - driver: ${VOLUMES_DRIVER} - -services: - -### Workspace Utilities ################################## - workspace: - build: - context: ./workspace - args: - - CHANGE_SOURCE=${CHANGE_SOURCE} - - SHELL_OH_MY_ZSH=${SHELL_OH_MY_ZSH} - - SHELL_OH_MY_ZSH_AUTOSUGESTIONS=${SHELL_OH_MY_ZSH_AUTOSUGESTIONS} - - SHELL_OH_MY_ZSH_ALIASES=${SHELL_OH_MY_ZSH_ALIASES} - - UBUNTU_SOURCE=${UBUNTU_SOURCE} - - BASE_IMAGE_TAG_PREFIX=${WORKSPACE_BASE_IMAGE_TAG_PREFIX} - - LARADOCK_PHP_VERSION=${PHP_VERSION} - - LARADOCK_PHALCON_VERSION=${PHALCON_VERSION} - - INSTALL_SUBVERSION=${WORKSPACE_INSTALL_SUBVERSION} - - INSTALL_BZ2=${WORKSPACE_INSTALL_BZ2} - - INSTALL_GMP=${WORKSPACE_INSTALL_GMP} - - INSTALL_XDEBUG=${WORKSPACE_INSTALL_XDEBUG} - - INSTALL_PCOV=${WORKSPACE_INSTALL_PCOV} - - INSTALL_PHPDBG=${WORKSPACE_INSTALL_PHPDBG} - - INSTALL_BLACKFIRE=${INSTALL_BLACKFIRE} - - INSTALL_SSH2=${WORKSPACE_INSTALL_SSH2} - - INSTALL_SOAP=${WORKSPACE_INSTALL_SOAP} - - INSTALL_XSL=${WORKSPACE_INSTALL_XSL} - - INSTALL_LDAP=${WORKSPACE_INSTALL_LDAP} - - INSTALL_SMB=${WORKSPACE_INSTALL_SMB} - - INSTALL_IMAP=${WORKSPACE_INSTALL_IMAP} - - INSTALL_MONGO=${WORKSPACE_INSTALL_MONGO} - - INSTALL_AMQP=${WORKSPACE_INSTALL_AMQP} - - INSTALL_CASSANDRA=${WORKSPACE_INSTALL_CASSANDRA} - - INSTALL_GEARMAN=${WORKSPACE_INSTALL_GEARMAN} - - INSTALL_PHPREDIS=${WORKSPACE_INSTALL_PHPREDIS} - - INSTALL_MSSQL=${WORKSPACE_INSTALL_MSSQL} - - NVM_NODEJS_ORG_MIRROR=${WORKSPACE_NVM_NODEJS_ORG_MIRROR} - - INSTALL_NODE=${WORKSPACE_INSTALL_NODE} - - NPM_REGISTRY=${WORKSPACE_NPM_REGISTRY} - - INSTALL_PNPM=${WORKSPACE_INSTALL_PNPM} - - INSTALL_YARN=${WORKSPACE_INSTALL_YARN} - - INSTALL_NPM_GULP=${WORKSPACE_INSTALL_NPM_GULP} - - INSTALL_NPM_BOWER=${WORKSPACE_INSTALL_NPM_BOWER} - - INSTALL_NPM_VUE_CLI=${WORKSPACE_INSTALL_NPM_VUE_CLI} - - INSTALL_NPM_ANGULAR_CLI=${WORKSPACE_INSTALL_NPM_ANGULAR_CLI} - - INSTALL_DRUSH=${WORKSPACE_INSTALL_DRUSH} - - INSTALL_WP_CLI=${WORKSPACE_INSTALL_WP_CLI} - - INSTALL_DRUPAL_CONSOLE=${WORKSPACE_INSTALL_DRUPAL_CONSOLE} - - INSTALL_AEROSPIKE=${WORKSPACE_INSTALL_AEROSPIKE} - - INSTALL_OCI8=${WORKSPACE_INSTALL_OCI8} - - INSTALL_V8JS=${WORKSPACE_INSTALL_V8JS} - - COMPOSER_GLOBAL_INSTALL=${WORKSPACE_COMPOSER_GLOBAL_INSTALL} - - COMPOSER_AUTH=${WORKSPACE_COMPOSER_AUTH} - - COMPOSER_REPO_PACKAGIST=${WORKSPACE_COMPOSER_REPO_PACKAGIST} - - INSTALL_WORKSPACE_SSH=${WORKSPACE_INSTALL_WORKSPACE_SSH} - - INSTALL_LARAVEL_ENVOY=${WORKSPACE_INSTALL_LARAVEL_ENVOY} - - INSTALL_LARAVEL_INSTALLER=${WORKSPACE_INSTALL_LARAVEL_INSTALLER} - - INSTALL_DEPLOYER=${WORKSPACE_INSTALL_DEPLOYER} - - INSTALL_PRESTISSIMO=${WORKSPACE_INSTALL_PRESTISSIMO} - - INSTALL_LINUXBREW=${WORKSPACE_INSTALL_LINUXBREW} - - INSTALL_MC=${WORKSPACE_INSTALL_MC} - - INSTALL_SYMFONY=${WORKSPACE_INSTALL_SYMFONY} - - INSTALL_PYTHON=${WORKSPACE_INSTALL_PYTHON} - - INSTALL_PYTHON3=${WORKSPACE_INSTALL_PYTHON3} - - INSTALL_IMAGE_OPTIMIZERS=${WORKSPACE_INSTALL_IMAGE_OPTIMIZERS} - - INSTALL_IMAGEMAGICK=${WORKSPACE_INSTALL_IMAGEMAGICK} - - INSTALL_TERRAFORM=${WORKSPACE_INSTALL_TERRAFORM} - - INSTALL_DUSK_DEPS=${WORKSPACE_INSTALL_DUSK_DEPS} - - INSTALL_PG_CLIENT=${WORKSPACE_INSTALL_PG_CLIENT} - - INSTALL_PHALCON=${WORKSPACE_INSTALL_PHALCON} - - INSTALL_SWOOLE=${WORKSPACE_INSTALL_SWOOLE} - - INSTALL_TAINT=${WORKSPACE_INSTALL_TAINT} - - INSTALL_LIBPNG=${WORKSPACE_INSTALL_LIBPNG} - - INSTALL_GRAPHVIZ=${WORKSPACE_INSTALL_GRAPHVIZ} - - INSTALL_IONCUBE=${WORKSPACE_INSTALL_IONCUBE} - - INSTALL_MYSQL_CLIENT=${WORKSPACE_INSTALL_MYSQL_CLIENT} - - INSTALL_PING=${WORKSPACE_INSTALL_PING} - - INSTALL_SSHPASS=${WORKSPACE_INSTALL_SSHPASS} - - INSTALL_INOTIFY=${WORKSPACE_INSTALL_INOTIFY} - - INSTALL_FSWATCH=${WORKSPACE_INSTALL_FSWATCH} - - INSTALL_AST=${WORKSPACE_INSTALL_AST} - - INSTALL_YAML=${WORKSPACE_INSTALL_YAML} - - INSTALL_RDKAFKA=${WORKSPACE_INSTALL_RDKAFKA} - - INSTALL_MAILPARSE=${WORKSPACE_INSTALL_MAILPARSE} - - INSTALL_GIT_PROMPT=${WORKSPACE_INSTALL_GIT_PROMPT} - - INSTALL_XMLRPC=${WORKSPACE_INSTALL_XMLRPC} - - PUID=${WORKSPACE_PUID} - - PGID=${WORKSPACE_PGID} - - CHROME_DRIVER_VERSION=${WORKSPACE_CHROME_DRIVER_VERSION} - - NODE_VERSION=${WORKSPACE_NODE_VERSION} - - YARN_VERSION=${WORKSPACE_YARN_VERSION} - - DRUSH_VERSION=${WORKSPACE_DRUSH_VERSION} - - AST_VERSION=${WORKSPACE_AST_VERSION} - - TZ=${WORKSPACE_TIMEZONE} - - BLACKFIRE_CLIENT_ID=${BLACKFIRE_CLIENT_ID} - - BLACKFIRE_CLIENT_TOKEN=${BLACKFIRE_CLIENT_TOKEN} - - INSTALL_POWERLINE=${WORKSPACE_INSTALL_POWERLINE} - - INSTALL_SUPERVISOR=${WORKSPACE_INSTALL_SUPERVISOR} - - INSTALL_FFMPEG=${WORKSPACE_INSTALL_FFMPEG} - - INSTALL_AUDIOWAVEFORM=${WORKSPACE_INSTALL_AUDIOWAVEFORM} - - INSTALL_WKHTMLTOPDF=${WORKSPACE_INSTALL_WKHTMLTOPDF} - - INSTALL_GNU_PARALLEL=${WORKSPACE_INSTALL_GNU_PARALLEL} - - INSTALL_LNAV=${WORKSPACE_INSTALL_LNAV} - - INSTALL_PROTOC=${WORKSPACE_INSTALL_PROTOC} - - PROTOC_VERSION=${WORKSPACE_PROTOC_VERSION} - - http_proxy - - https_proxy - - no_proxy - volumes: - - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}${APP_CODE_CONTAINER_FLAG} - - docker-in-docker:/certs/client - - ./php-worker/supervisord.d:/etc/supervisord.d - extra_hosts: - - "dockerhost:${DOCKER_HOST_IP}" - ports: - - "${WORKSPACE_SSH_PORT}:22" - - "${WORKSPACE_BROWSERSYNC_HOST_PORT}:3000" - - "${WORKSPACE_BROWSERSYNC_UI_HOST_PORT}:3001" - - "${WORKSPACE_VUE_CLI_SERVE_HOST_PORT}:8080" - - "${WORKSPACE_VUE_CLI_UI_HOST_PORT}:8000" - - "${WORKSPACE_ANGULAR_CLI_SERVE_HOST_PORT}:4200" - tty: true - environment: - - PHP_IDE_CONFIG=${PHP_IDE_CONFIG} - - DOCKER_HOST=tcp://docker-in-docker:2376 - - DOCKER_TLS_VERIFY=1 - - DOCKER_TLS_CERTDIR=/certs - - DOCKER_CERT_PATH=/certs/client - networks: - - frontend - - backend - links: - - docker-in-docker - -### PHP-FPM ############################################## - php-fpm: - build: - context: ./php-fpm - args: - - CHANGE_SOURCE=${CHANGE_SOURCE} - - BASE_IMAGE_TAG_PREFIX=${PHP_FPM_BASE_IMAGE_TAG_PREFIX} - - LARADOCK_PHP_VERSION=${PHP_VERSION} - - LARADOCK_PHALCON_VERSION=${PHALCON_VERSION} - - INSTALL_BZ2=${PHP_FPM_INSTALL_BZ2} - - INSTALL_GMP=${PHP_FPM_INSTALL_GMP} - - INSTALL_XDEBUG=${PHP_FPM_INSTALL_XDEBUG} - - INSTALL_PCOV=${PHP_FPM_INSTALL_PCOV} - - INSTALL_PHPDBG=${PHP_FPM_INSTALL_PHPDBG} - - INSTALL_BLACKFIRE=${INSTALL_BLACKFIRE} - - INSTALL_SSH2=${PHP_FPM_INSTALL_SSH2} - - INSTALL_SOAP=${PHP_FPM_INSTALL_SOAP} - - INSTALL_XSL=${PHP_FPM_INSTALL_XSL} - - INSTALL_SMB=${PHP_FPM_INSTALL_SMB} - - INSTALL_IMAP=${PHP_FPM_INSTALL_IMAP} - - INSTALL_MONGO=${PHP_FPM_INSTALL_MONGO} - - INSTALL_AMQP=${PHP_FPM_INSTALL_AMQP} - - INSTALL_CASSANDRA=${PHP_FPM_INSTALL_CASSANDRA} - - INSTALL_GEARMAN=${PHP_FPM_INSTALL_GEARMAN} - - INSTALL_MSSQL=${PHP_FPM_INSTALL_MSSQL} - - INSTALL_BCMATH=${PHP_FPM_INSTALL_BCMATH} - - INSTALL_PHPREDIS=${PHP_FPM_INSTALL_PHPREDIS} - - INSTALL_MEMCACHED=${PHP_FPM_INSTALL_MEMCACHED} - - INSTALL_OPCACHE=${PHP_FPM_INSTALL_OPCACHE} - - INSTALL_EXIF=${PHP_FPM_INSTALL_EXIF} - - INSTALL_AEROSPIKE=${PHP_FPM_INSTALL_AEROSPIKE} - - INSTALL_OCI8=${PHP_FPM_INSTALL_OCI8} - - INSTALL_MYSQLI=${PHP_FPM_INSTALL_MYSQLI} - - INSTALL_PGSQL=${PHP_FPM_INSTALL_PGSQL} - - INSTALL_PG_CLIENT=${PHP_FPM_INSTALL_PG_CLIENT} - - INSTALL_POSTGIS=${PHP_FPM_INSTALL_POSTGIS} - - INSTALL_INTL=${PHP_FPM_INSTALL_INTL} - - INSTALL_GHOSTSCRIPT=${PHP_FPM_INSTALL_GHOSTSCRIPT} - - INSTALL_LDAP=${PHP_FPM_INSTALL_LDAP} - - INSTALL_PHALCON=${PHP_FPM_INSTALL_PHALCON} - - INSTALL_SWOOLE=${PHP_FPM_INSTALL_SWOOLE} - - INSTALL_TAINT=${PHP_FPM_INSTALL_TAINT} - - INSTALL_IMAGE_OPTIMIZERS=${PHP_FPM_INSTALL_IMAGE_OPTIMIZERS} - - INSTALL_IMAGEMAGICK=${PHP_FPM_INSTALL_IMAGEMAGICK} - - INSTALL_CALENDAR=${PHP_FPM_INSTALL_CALENDAR} - - INSTALL_FAKETIME=${PHP_FPM_INSTALL_FAKETIME} - - INSTALL_IONCUBE=${PHP_FPM_INSTALL_IONCUBE} - - INSTALL_APCU=${PHP_FPM_INSTALL_APCU} - - INSTALL_CACHETOOL=${PHP_FPM_INSTALL_CACHETOOL} - - INSTALL_YAML=${PHP_FPM_INSTALL_YAML} - - INSTALL_RDKAFKA=${PHP_FPM_INSTALL_RDKAFKA} - - INSTALL_GETTEXT=${PHP_FPM_INSTALL_GETTEXT} - - INSTALL_ADDITIONAL_LOCALES=${PHP_FPM_INSTALL_ADDITIONAL_LOCALES} - - INSTALL_MYSQL_CLIENT=${PHP_FPM_INSTALL_MYSQL_CLIENT} - - INSTALL_PING=${PHP_FPM_INSTALL_PING} - - INSTALL_SSHPASS=${PHP_FPM_INSTALL_SSHPASS} - - INSTALL_MAILPARSE=${PHP_FPM_INSTALL_MAILPARSE} - - INSTALL_PCNTL=${PHP_FPM_INSTALL_PCNTL} - - ADDITIONAL_LOCALES=${PHP_FPM_ADDITIONAL_LOCALES} - - INSTALL_FFMPEG=${PHP_FPM_FFMPEG} - - INSTALL_AUDIOWAVEFORM=${PHP_FPM_AUDIOWAVEFORM} - - INSTALL_WKHTMLTOPDF=${PHP_FPM_INSTALL_WKHTMLTOPDF} - - INSTALL_XHPROF=${PHP_FPM_INSTALL_XHPROF} - - INSTALL_XMLRPC=${PHP_FPM_INSTALL_XMLRPC} - - DOWNGRADE_OPENSSL_TLS_AND_SECLEVEL=${PHP_DOWNGRADE_OPENSSL_TLS_AND_SECLEVEL} - - PUID=${PHP_FPM_PUID} - - PGID=${PHP_FPM_PGID} - - LOCALE=${PHP_FPM_DEFAULT_LOCALE} - - http_proxy - - https_proxy - - no_proxy - volumes: - - ./php-fpm/php${PHP_VERSION}.ini:/usr/local/etc/php/php.ini - - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}${APP_CODE_CONTAINER_FLAG} - - docker-in-docker:/certs/client - expose: - - "9000" - extra_hosts: - - "dockerhost:${DOCKER_HOST_IP}" - environment: - - PHP_IDE_CONFIG=${PHP_IDE_CONFIG} - - DOCKER_HOST=tcp://docker-in-docker:2376 - - DOCKER_TLS_VERIFY=1 - - DOCKER_TLS_CERTDIR=/certs - - DOCKER_CERT_PATH=/certs/client - - FAKETIME=${PHP_FPM_FAKETIME} - depends_on: - - workspace - networks: - - backend - links: - - docker-in-docker - -### PHP Worker ############################################ - php-worker: - build: - context: ./php-worker - args: - - CHANGE_SOURCE=${CHANGE_SOURCE} - - LARADOCK_PHP_VERSION=${PHP_VERSION} - - PHALCON_VERSION=${PHALCON_VERSION} - - INSTALL_BZ2=${PHP_WORKER_INSTALL_BZ2} - - INSTALL_GD=${PHP_WORKER_INSTALL_GD} - - INSTALL_IMAGEMAGICK=${PHP_WORKER_INSTALL_IMAGEMAGICK} - - INSTALL_GMP=${PHP_WORKER_INSTALL_GMP} - - INSTALL_PGSQL=${PHP_WORKER_INSTALL_PGSQL} - - INSTALL_BCMATH=${PHP_WORKER_INSTALL_BCMATH} - - INSTALL_OCI8=${PHP_WORKER_INSTALL_OCI8} - - INSTALL_PHALCON=${PHP_WORKER_INSTALL_PHALCON} - - INSTALL_SOAP=${PHP_WORKER_INSTALL_SOAP} - - INSTALL_ZIP_ARCHIVE=${PHP_WORKER_INSTALL_ZIP_ARCHIVE} - - INSTALL_MYSQL_CLIENT=${PHP_WORKER_INSTALL_MYSQL_CLIENT} - - INSTALL_AMQP=${PHP_WORKER_INSTALL_AMQP} - - INSTALL_CASSANDRA=${PHP_WORKER_INSTALL_CASSANDRA} - - INSTALL_GEARMAN=${PHP_WORKER_INSTALL_GEARMAN} - - INSTALL_GHOSTSCRIPT=${PHP_WORKER_INSTALL_GHOSTSCRIPT} - - INSTALL_SWOOLE=${PHP_WORKER_INSTALL_SWOOLE} - - INSTALL_TAINT=${PHP_WORKER_INSTALL_TAINT} - - INSTALL_FFMPEG=${PHP_WORKER_INSTALL_FFMPEG} - - INSTALL_AUDIOWAVEFORM=${PHP_WORKER_INSTALL_AUDIOWAVEFORM} - - INSTALL_REDIS=${PHP_WORKER_INSTALL_REDIS} - - INSTALL_IMAP=${PHP_WORKER_INSTALL_IMAP} - - INSTALL_XMLRPC=${PHP_WORKER_INSTALL_XMLRPC} - - PUID=${PHP_WORKER_PUID} - - PGID=${PHP_WORKER_PGID} - volumes: - - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}${APP_CODE_CONTAINER_FLAG} - - ./php-worker/supervisord.d:/etc/supervisord.d - depends_on: - - workspace - extra_hosts: - - "dockerhost:${DOCKER_HOST_IP}" - networks: - - backend -### Laravel Horizon ############################################ - laravel-horizon: - build: - context: ./laravel-horizon - args: - - CHANGE_SOURCE=${CHANGE_SOURCE} - - LARADOCK_PHP_VERSION=${PHP_VERSION} - - INSTALL_BZ2=${LARAVEL_HORIZON_INSTALL_BZ2} - - INSTALL_GD=${LARAVEL_HORIZON_INSTALL_GD} - - INSTALL_GMP=${LARAVEL_HORIZON_INSTALL_GMP} - - INSTALL_IMAGEMAGICK=${LARAVEL_HORIZON_INSTALL_IMAGEMAGICK} - - INSTALL_PGSQL=${PHP_FPM_INSTALL_PGSQL} - - INSTALL_ZIP_ARCHIVE=${LARAVEL_HORIZON_INSTALL_ZIP_ARCHIVE} - - INSTALL_BCMATH=${PHP_FPM_INSTALL_BCMATH} - - INSTALL_MEMCACHED=${PHP_FPM_INSTALL_MEMCACHED} - - INSTALL_SOCKETS=${LARAVEL_HORIZON_INSTALL_SOCKETS} - - INSTALL_YAML=${LARAVEL_HORIZON_INSTALL_YAML} - - INSTALL_CASSANDRA=${PHP_FPM_INSTALL_CASSANDRA} - - INSTALL_PHPREDIS=${LARAVEL_HORIZON_INSTALL_PHPREDIS} - - INSTALL_MONGO=${LARAVEL_HORIZON_INSTALL_MONGO} - - INSTALL_FFMPEG=${LARAVEL_HORIZON_INSTALL_FFMPEG} - - INSTALL_AUDIOWAVEFORM=${LARAVEL_HORIZON_INSTALL_AUDIOWAVEFORM} - - PUID=${LARAVEL_HORIZON_PUID} - - PGID=${LARAVEL_HORIZON_PGID} - volumes: - - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER} - - ./laravel-horizon/supervisord.d:/etc/supervisord.d - depends_on: - - workspace - extra_hosts: - - "dockerhost:${DOCKER_HOST_IP}" - networks: - - backend - -### NGINX Server ######################################### - nginx: - build: - context: ./nginx - args: - - CHANGE_SOURCE=${CHANGE_SOURCE} - - PHP_UPSTREAM_CONTAINER=${NGINX_PHP_UPSTREAM_CONTAINER} - - PHP_UPSTREAM_PORT=${NGINX_PHP_UPSTREAM_PORT} - - http_proxy - - https_proxy - - no_proxy - volumes: - - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}${APP_CODE_CONTAINER_FLAG} - - ${NGINX_HOST_LOG_PATH}:/var/log/nginx - - ${NGINX_SITES_PATH}:/etc/nginx/sites-available - - ${NGINX_SSL_PATH}:/etc/nginx/ssl - ports: - - "${NGINX_HOST_HTTP_PORT}:80" - - "${NGINX_HOST_HTTPS_PORT}:443" - - "${VARNISH_BACKEND_PORT}:81" - depends_on: - - php-fpm - networks: - - frontend - - backend - -### Blackfire ######################################## - blackfire: - image: blackfire/blackfire - environment: - - BLACKFIRE_SERVER_ID=${BLACKFIRE_SERVER_ID} - - BLACKFIRE_SERVER_TOKEN=${BLACKFIRE_SERVER_TOKEN} - depends_on: - - php-fpm - networks: - - backend - -### Apache Server ######################################## - apache2: - build: - context: ./apache2 - args: - - PHP_UPSTREAM_CONTAINER=${APACHE_PHP_UPSTREAM_CONTAINER} - - PHP_UPSTREAM_PORT=${APACHE_PHP_UPSTREAM_PORT} - - PHP_UPSTREAM_TIMEOUT=${APACHE_PHP_UPSTREAM_TIMEOUT} - - DOCUMENT_ROOT=${APACHE_DOCUMENT_ROOT} - - APACHE_INSTALL_HTTP2=${APACHE_INSTALL_HTTP2} - volumes: - - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}${APP_CODE_CONTAINER_FLAG} - - ${APACHE_HOST_LOG_PATH}:/var/log/apache2 - - ${APACHE_SITES_PATH}:/etc/apache2/sites-available - ports: - - "${APACHE_HOST_HTTP_PORT}:80" - - "${APACHE_HOST_HTTPS_PORT}:443" - depends_on: - - php-fpm - networks: - - frontend - - backend - -### HHVM ################################################# - hhvm: - build: ./hhvm - volumes: - - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}${APP_CODE_CONTAINER_FLAG} - expose: - - "9000" - depends_on: - - workspace - networks: - - frontend - - backend - -### Minio ################################################ - minio: - build: ./minio - volumes: - - ${DATA_PATH_HOST}/minio/data:/export - - ${DATA_PATH_HOST}/minio/config:/root/.minio - ports: - - "${MINIO_PORT}:9000" - environment: - - MINIO_ACCESS_KEY=access - - MINIO_SECRET_KEY=secretkey - networks: - - frontend - - backend - -### MySQL ################################################ - mysql: - build: - context: ./mysql - args: - - MYSQL_VERSION=${MYSQL_VERSION} - environment: - - MYSQL_DATABASE=${MYSQL_DATABASE} - - MYSQL_USER=${MYSQL_USER} - - MYSQL_PASSWORD=${MYSQL_PASSWORD} - - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} - - TZ=${WORKSPACE_TIMEZONE} - volumes: - - ${DATA_PATH_HOST}/mysql:/var/lib/mysql - - ${MYSQL_ENTRYPOINT_INITDB}:/docker-entrypoint-initdb.d - ports: - - "${MYSQL_PORT}:3306" - networks: - - backend - -### Percona ################################################ - percona: - build: - context: ./percona - environment: - - MYSQL_DATABASE=${PERCONA_DATABASE} - - MYSQL_USER=${PERCONA_USER} - - MYSQL_PASSWORD=${PERCONA_PASSWORD} - - MYSQL_ROOT_PASSWORD=${PERCONA_ROOT_PASSWORD} - volumes: - - ${DATA_PATH_HOST}/percona:/var/lib/mysql - - ${PERCONA_ENTRYPOINT_INITDB}:/docker-entrypoint-initdb.d - ports: - - "${PERCONA_PORT}:3306" - networks: - - backend - -### MSSQL ################################################ - mssql: - build: - context: ./mssql - environment: - - MSSQL_PID=Express - - MSSQL_DATABASE=${MSSQL_DATABASE} - - SA_PASSWORD=${MSSQL_PASSWORD} - - ACCEPT_EULA=Y - volumes: - - ${DATA_PATH_HOST}/mssql:/var/opt/mssql - ports: - - "${MSSQL_PORT}:1433" - networks: - - backend - -### MariaDB ############################################## - mariadb: - build: - context: ./mariadb - args: - - http_proxy - - https_proxy - - no_proxy - - MARIADB_VERSION=${MARIADB_VERSION} - volumes: - - ${DATA_PATH_HOST}/mariadb:/var/lib/mysql - - ${MARIADB_ENTRYPOINT_INITDB}:/docker-entrypoint-initdb.d - ports: - - "${MARIADB_PORT}:3306" - environment: - - TZ=${WORKSPACE_TIMEZONE} - - MYSQL_DATABASE=${MARIADB_DATABASE} - - MYSQL_USER=${MARIADB_USER} - - MYSQL_PASSWORD=${MARIADB_PASSWORD} - - MYSQL_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD} - networks: - - backend - -### PostgreSQL ########################################### - postgres: - build: - context: ./postgres - args: - - POSTGRES_VERSION=${POSTGRES_VERSION} - volumes: - - ${DATA_PATH_HOST}/postgres:/var/lib/postgresql/data - - ${POSTGRES_ENTRYPOINT_INITDB}:/docker-entrypoint-initdb.d - ports: - - "${POSTGRES_PORT}:5432" - environment: - - POSTGRES_DB=${POSTGRES_DB} - - POSTGRES_USER=${POSTGRES_USER} - - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} - - GITLAB_POSTGRES_INIT=${GITLAB_POSTGRES_INIT} - - GITLAB_POSTGRES_USER=${GITLAB_POSTGRES_USER} - - GITLAB_POSTGRES_PASSWORD=${GITLAB_POSTGRES_PASSWORD} - - GITLAB_POSTGRES_DB=${GITLAB_POSTGRES_DB} - - JUPYTERHUB_POSTGRES_INIT=${JUPYTERHUB_POSTGRES_INIT} - - JUPYTERHUB_POSTGRES_USER=${JUPYTERHUB_POSTGRES_USER} - - JUPYTERHUB_POSTGRES_PASSWORD=${JUPYTERHUB_POSTGRES_PASSWORD} - - JUPYTERHUB_POSTGRES_DB=${JUPYTERHUB_POSTGRES_DB} - - SONARQUBE_POSTGRES_INIT=${SONARQUBE_POSTGRES_INIT} - - SONARQUBE_POSTGRES_DB=${SONARQUBE_POSTGRES_DB} - - SONARQUBE_POSTGRES_USER=${SONARQUBE_POSTGRES_USER} - - SONARQUBE_POSTGRES_PASSWORD=${SONARQUBE_POSTGRES_PASSWORD} - - POSTGRES_CONFLUENCE_INIT=${CONFLUENCE_POSTGRES_INIT} - - POSTGRES_CONFLUENCE_DB=${CONFLUENCE_POSTGRES_DB} - - POSTGRES_CONFLUENCE_USER=${CONFLUENCE_POSTGRES_USER} - - POSTGRES_CONFLUENCE_PASSWORD=${CONFLUENCE_POSTGRES_PASSWORD} - networks: - - backend - -### PostgreSQL PostGis ################################### - postgres-postgis: - build: ./postgres-postgis - volumes: - - ${DATA_PATH_HOST}/postgres:/var/lib/postgresql/data - ports: - - "${POSTGRES_PORT}:5432" - environment: - - POSTGRES_DB=${POSTGRES_DB} - - POSTGRES_USER=${POSTGRES_USER} - - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} - networks: - - backend - -### Neo4j ################################################ - neo4j: - build: ./neo4j - ports: - - "7474:7474" - - "1337:1337" - environment: - - NEO4J_AUTH=default:secret - volumes: - - ${DATA_PATH_HOST}/neo4j:/var/lib/neo4j/data - networks: - - backend - -### MongoDB ############################################## - mongo: - build: ./mongo - ports: - - "${MONGODB_PORT}:27017" - volumes: - - ${DATA_PATH_HOST}/mongo:/data/db - - ${DATA_PATH_HOST}/mongo_config:/data/configdb - networks: - - backend - -### RethinkDB ############################################## - rethinkdb: - build: ./rethinkdb - ports: - - "${RETHINKDB_PORT}:8080" - volumes: - - ${DATA_PATH_HOST}/rethinkdb:/data/rethinkdb_data - networks: - - backend - -### Redis ################################################ - redis: - build: ./redis - volumes: - - ${DATA_PATH_HOST}/redis:/data - ports: - - "${REDIS_PORT}:6379" - networks: - - backend - -### Redis Cluster ########################################## - redis-cluster: - build: ./redis-cluster - ports: - - "${REDIS_CLUSTER_PORT_RANGE}:7000-7005" - networks: - - backend - -### ZooKeeper ######################################### - zookeeper: - build: ./zookeeper - volumes: - - ${DATA_PATH_HOST}/zookeeper/data:/data - - ${DATA_PATH_HOST}/zookeeper/datalog:/datalog - ports: - - "${ZOOKEEPER_PORT}:2181" - networks: - - backend - -### Aerospike ########################################## - aerospike: - build: ./aerospike - volumes: - - workspace - - ${DATA_PATH_HOST}/aerospike:/opt/aerospike/data - ports: - - "${AEROSPIKE_SERVICE_PORT}:3000" - - "${AEROSPIKE_FABRIC_PORT}:3001" - - "${AEROSPIKE_HEARTBEAT_PORT}:3002" - - "${AEROSPIKE_INFO_PORT}:3003" - environment: - - STORAGE_GB=${AEROSPIKE_STORAGE_GB} - - MEM_GB=${AEROSPIKE_MEM_GB} - - NAMESPACE=${AEROSPIKE_NAMESPACE} - networks: - - backend - -### Memcached ############################################ - memcached: - build: ./memcached - volumes: - - ${DATA_PATH_HOST}/memcached:/var/lib/memcached - ports: - - "${MEMCACHED_HOST_PORT}:11211" - depends_on: - - php-fpm - networks: - - backend - -### Beanstalkd ########################################### - beanstalkd: - build: ./beanstalkd - ports: - - "${BEANSTALKD_HOST_PORT}:11300" - privileged: true - depends_on: - - php-fpm - networks: - - backend - -### SQS ############################################# - sqs: - build: ./sqs - ports: - - "${SQS_NODE_HOST_PORT}:9324" - - "${SQS_MANAGEMENT_HTTP_HOST_PORT}:9325" - privileged: true - hostname: laradock-sqs - volumes: - - ${DATA_PATH_HOST}/sqs:/opt/custom - networks: - - frontend - - backend - -### RabbitMQ ############################################# - rabbitmq: - build: ./rabbitmq - ports: - - "${RABBITMQ_NODE_HOST_PORT}:5672" - - "${RABBITMQ_MANAGEMENT_HTTP_HOST_PORT}:15672" - - "${RABBITMQ_MANAGEMENT_HTTPS_HOST_PORT}:15671" - privileged: true - environment: - - RABBITMQ_DEFAULT_USER=${RABBITMQ_DEFAULT_USER} - - RABBITMQ_DEFAULT_PASS=${RABBITMQ_DEFAULT_PASS} - hostname: laradock-rabbitmq - volumes: - - ${DATA_PATH_HOST}/rabbitmq:/var/lib/rabbitmq - depends_on: - - php-fpm - networks: - - backend - -### Cassandra ############################################ - cassandra: - build: ./cassandra - ports: - - "${CASSANDRA_TRANSPORT_PORT_NUMBER}:7000" - - "${CASSANDRA_JMX_PORT_NUMBER}:7199" - - "${CASSANDRA_CQL_PORT_NUMBER}:9042" - privileged: true - environment: - - CASSANDRA_VERSION=${CASSANDRA_VERSION} - - CASSANDRA_TRANSPORT_PORT_NUMBER=${CASSANDRA_TRANSPORT_PORT_NUMBER} - - CASSANDRA_JMX_PORT_NUMBER=${CASSANDRA_JMX_PORT_NUMBER} - - CASSANDRA_CQL_PORT_NUMBER=${CASSANDRA_CQL_PORT_NUMBER} - - CASSANDRA_USER=${CASSANDRA_USER} - - CASSANDRA_PASSWORD_SEEDER=${CASSANDRA_PASSWORD_SEEDER} - - CASSANDRA_PASSWORD=${CASSANDRA_PASSWORD} - - CASSANDRA_NUM_TOKENS=${CASSANDRA_NUM_TOKENS} - - CASSANDRA_HOST=${CASSANDRA_HOST} - - CASSANDRA_CLUSTER_NAME=${CASSANDRA_CLUSTER_NAME} - - CASSANDRA_SEEDS=${CASSANDRA_SEEDS} - - CASSANDRA_ENDPOINT_SNITCH=${CASSANDRA_ENDPOINT_SNITCH} - - CASSANDRA_ENABLE_RPC=${CASSANDRA_ENABLE_RPC} - - CASSANDRA_DATACENTER=${CASSANDRA_DATACENTER} - - CASSANDRA_RACK=${CASSANDRA_RACK} - hostname: laradock-cassandra - volumes: - - ${DATA_PATH_HOST}/cassandra:/var/lib/cassandra - depends_on: - - php-fpm - networks: - - backend - -### Gearman ############################################ - gearman: - build: ./gearman - ports: - - "${GEARMAN_PORT}:4730" - privileged: true - environment: - - GEARMAN_VERSION=${GEARMAN_VERSION} - - GEARMAN_VERBOSE=${GEARMAN_VERBOSE} - - GEARMAN_QUEUE_TYPE=${GEARMAN_QUEUE_TYPE} - - GEARMAN_THREADS=${GEARMAN_THREADS} - - GEARMAN_BACKLOG=${GEARMAN_BACKLOG} - - GEARMAN_FILE_DESCRIPTORS=${GEARMAN_FILE_DESCRIPTORS} - - GEARMAN_JOB_RETRIES=${GEARMAN_JOB_RETRIES} - - GEARMAN_ROUND_ROBIN=${GEARMAN_ROUND_ROBIN} - - GEARMAN_WORKER_WAKEUP=${GEARMAN_WORKER_WAKEUP} - - GEARMAN_KEEPALIVE=${GEARMAN_KEEPALIVE} - - GEARMAN_KEEPALIVE_IDLE=${GEARMAN_KEEPALIVE_IDLE} - - GEARMAN_KEEPALIVE_INTERVAL=${GEARMAN_KEEPALIVE_INTERVAL} - - GEARMAN_KEEPALIVE_COUNT=${GEARMAN_KEEPALIVE_COUNT} - - GEARMAN_MYSQL_HOST=${GEARMAN_MYSQL_HOST} - - GEARMAN_MYSQL_PORT=${GEARMAN_MYSQL_PORT} - - GEARMAN_MYSQL_USER=${GEARMAN_MYSQL_USER} - - GEARMAN_MYSQL_PASSWORD=${GEARMAN_MYSQL_PASSWORD} - - GEARMAN_MYSQL_PASSWORD_FILE=${GEARMAN_MYSQL_PASSWORD_FILE} - - GEARMAN_MYSQL_DB=${GEARMAN_MYSQL_DB} - - GEARMAN_MYSQL_TABLE=${GEARMAN_MYSQL_TABLE} - hostname: laradock-gearman - depends_on: - - php-fpm - networks: - - backend - -### Beanstalkd Console ################################### - beanstalkd-console: - build: ./beanstalkd-console - ports: - - "${BEANSTALKD_CONSOLE_HOST_PORT}:2080" - depends_on: - - beanstalkd - networks: - - backend - -### Caddy Server ######################################### - caddy: - build: ./caddy - volumes: - - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}${APP_CODE_CONTAINER_FLAG} - - ${CADDY_CONFIG_PATH}:/etc/caddy - - ${CADDY_HOST_LOG_PATH}:/var/log/caddy - - ${DATA_PATH_HOST}:/root/.caddy - ports: - - "${CADDY_HOST_HTTP_PORT}:80" - - "${CADDY_HOST_HTTPS_PORT}:443" - depends_on: - - php-fpm - networks: - - frontend - - backend - -### phpMyAdmin ########################################### - phpmyadmin: - build: ./phpmyadmin - environment: - - PMA_ARBITRARY=1 - - MYSQL_USER=${PMA_USER} - - MYSQL_PASSWORD=${PMA_PASSWORD} - - MYSQL_ROOT_PASSWORD=${PMA_ROOT_PASSWORD} - ports: - - "${PMA_PORT}:80" - depends_on: - - "${PMA_DB_ENGINE}" - networks: - - frontend - - backend - -### Adminer ########################################### - adminer: - build: - context: ./adminer - args: - - INSTALL_MSSQL=${ADM_INSTALL_MSSQL} - environment: - - ADMINER_PLUGINS=${ADM_PLUGINS} - - ADMINER_DESIGN=${ADM_DESIGN} - - ADMINER_DEFAULT_SERVER=${ADM_DEFAULT_SERVER} - ports: - - "${ADM_PORT}:8080" - depends_on: - - php-fpm - networks: - - frontend - - backend - -### pgAdmin ############################################## - pgadmin: - image: dpage/pgadmin4:latest - environment: - - "PGADMIN_DEFAULT_EMAIL=${PGADMIN_DEFAULT_EMAIL}" - - "PGADMIN_DEFAULT_PASSWORD=${PGADMIN_DEFAULT_PASSWORD}" - ports: - - "${PGADMIN_PORT}:80" - volumes: - - ${DATA_PATH_HOST}/pgadmin:/var/lib/pgadmin - depends_on: - - postgres - networks: - - frontend - - backend - -### MeiliSearch ########################################## - meilisearch: - image: getmeili/meilisearch:latest - volumes: - - ${DATA_PATH_HOST}/meilisearch:/var/lib/meilisearch - ports: - - "${MEILISEARCH_HOST_PORT}:7700" - networks: - - frontend - - backend - -### ElasticSearch ######################################## - elasticsearch: - build: - context: ./elasticsearch - args: - - ELK_VERSION=${ELK_VERSION} - volumes: - - elasticsearch:/usr/share/elasticsearch/data - environment: - - cluster.name=laradock-cluster - - node.name=laradock-node - - bootstrap.memory_lock=true - - "ES_JAVA_OPTS=-Xms512m -Xmx512m" - - cluster.initial_master_nodes=laradock-node - ulimits: - memlock: - soft: -1 - hard: -1 - nofile: - soft: 65536 - hard: 65536 - ports: - - "${ELASTICSEARCH_HOST_HTTP_PORT}:9200" - - "${ELASTICSEARCH_HOST_TRANSPORT_PORT}:9300" - depends_on: - - php-fpm - networks: - - frontend - - backend - -### Logstash ############################################## - logstash: - build: - context: ./logstash - args: - - ELK_VERSION=${ELK_VERSION} - volumes: - - './logstash/config/logstash.yml:/usr/share/logstash/config/logstash.yml' - - './logstash/pipeline:/usr/share/logstash/pipeline' - ports: - - '5001:5001' - environment: - LS_JAVA_OPTS: '-Xmx1g -Xms1g' - env_file: - - .env - networks: - - frontend - - backend - depends_on: - - elasticsearch - -### Kibana ############################################## - kibana: - build: - context: ./kibana - args: - - ELK_VERSION=${ELK_VERSION} - ports: - - "${KIBANA_HTTP_PORT}:5601" - depends_on: - - elasticsearch - networks: - - frontend - - backend - -### Dejavu ############################################## - dejavu: - build: - context: ./dejavu - ports: - - "${DEJAVU_HTTP_PORT}:1358" - depends_on: - - elasticsearch - networks: - - frontend - - backend - -### Certbot ######################################### - certbot: - build: - context: ./certbot - volumes: - - ./data/certbot/certs/:/var/certs - - ./certbot/letsencrypt/:/var/www/letsencrypt - environment: - - CN="fake.domain.com" - - EMAIL="fake.email@gmail.com" - networks: - - frontend - -### MailCatcher ################################################ - mailcatcher: - build: ./mailcatcher - ports: - - "1025:1025" - - "1080:1080" - networks: - - frontend - - backend - -### Mailhog ################################################ - mailhog: - build: ./mailhog - ports: - - "1025:1025" - - "8025:8025" - networks: - - frontend - - backend - -### MailDev ############################################## - maildev: - build: ./maildev - ports: - - "${MAILDEV_HTTP_PORT}:80" - - "${MAILDEV_SMTP_PORT}:25" - networks: - - frontend - - backend - -### Selenium ############################################### - selenium: - build: ./selenium - ports: - - "${SELENIUM_PORT}:4444" - volumes: - - /dev/shm:/dev/shm - networks: - - frontend - -### Varnish ########################################## - proxy: - container_name: proxy - build: ./varnish - expose: - - ${VARNISH_PORT} - environment: - - VARNISH_CONFIG=${VARNISH_CONFIG} - - CACHE_SIZE=${VARNISH_PROXY1_CACHE_SIZE} - - VARNISHD_PARAMS=${VARNISHD_PARAMS} - - VARNISH_PORT=${VARNISH_PORT} - - BACKEND_HOST=${VARNISH_PROXY1_BACKEND_HOST} - - BACKEND_PORT=${VARNISH_BACKEND_PORT} - - VARNISH_SERVER=${VARNISH_PROXY1_SERVER} - ports: - - "${VARNISH_PORT}:${VARNISH_PORT}" - links: - - workspace - networks: - - frontend - - proxy2: - container_name: proxy2 - build: ./varnish - expose: - - ${VARNISH_PORT} - environment: - - VARNISH_CONFIG=${VARNISH_CONFIG} - - CACHE_SIZE=${VARNISH_PROXY2_CACHE_SIZE} - - VARNISHD_PARAMS=${VARNISHD_PARAMS} - - VARNISH_PORT=${VARNISH_PORT} - - BACKEND_HOST=${VARNISH_PROXY2_BACKEND_HOST} - - BACKEND_PORT=${VARNISH_BACKEND_PORT} - - VARNISH_SERVER=${VARNISH_PROXY2_SERVER} - ports: - - "${VARNISH_PORT}:${VARNISH_PORT}" - links: - - workspace - networks: - - frontend - -### HAProxy #################################### - haproxy: - build: ./haproxy - ports: - - "${HAPROXY_HOST_HTTP_PORT}:8085" - volumes: - - /var/run/docker.sock:/var/run/docker.sock - links: - - proxy - - proxy2 - -### Jenkins ################################################### - jenkins: - build: ./jenkins - environment: - JAVA_OPTS: "-Djava.awt.headless=true" - ports: - - "${JENKINS_HOST_SLAVE_AGENT_PORT}:50000" - - "${JENKINS_HOST_HTTP_PORT}:8080" - privileged: true - volumes: - - ${JENKINS_HOME}:/var/jenkins_home - - /var/run/docker.sock:/var/run/docker.sock - networks: - - frontend - - backend - -### Grafana ################################################ - grafana: - build: - context: ./grafana - volumes: - - ${DATA_PATH_HOST}/grafana:/var/lib/grafana - ports: - - "${GRAFANA_PORT}:3000" - networks: - - backend - -### Graylog ####################################### - graylog: - build: ./graylog - environment: - - GRAYLOG_PASSWORD_SECRET=${GRAYLOG_PASSWORD} - - GRAYLOG_ROOT_PASSWORD_SHA2=${GRAYLOG_SHA256_PASSWORD} - - GRAYLOG_HTTP_EXTERNAL_URI=http://127.0.0.1:${GRAYLOG_PORT}/ - links: - - mongo - - elasticsearch - depends_on: - - mongo - - elasticsearch - ports: - # Graylog web interface and REST API - - ${GRAYLOG_PORT}:9000 - # Syslog TCP - - ${GRAYLOG_SYSLOG_TCP_PORT}:514 - # Syslog UDP - - ${GRAYLOG_SYSLOG_UDP_PORT}:514/udp - # GELF TCP - - ${GRAYLOG_GELF_TCP_PORT}:12201 - # GELF UDP - - ${GRAYLOG_GELF_UDP_PORT}:12201/udp - user: graylog - volumes: - - ${DATA_PATH_HOST}/graylog:/usr/share/graylog/data - networks: - - backend - -### Laravel Echo Server ####################################### - laravel-echo-server: - build: - context: ./laravel-echo-server - args: - - CHANGE_SOURCE=${CHANGE_SOURCE} - volumes: - - ./laravel-echo-server/laravel-echo-server.json:/app/laravel-echo-server.json:ro - ports: - - "${LARAVEL_ECHO_SERVER_PORT}:6001" - links: - - redis - networks: - - frontend - - backend - -### Solr ################################################ - solr: - build: - context: ./solr - args: - - SOLR_VERSION=${SOLR_VERSION} - - SOLR_DATAIMPORTHANDLER_MYSQL=${SOLR_DATAIMPORTHANDLER_MYSQL} - - SOLR_DATAIMPORTHANDLER_MSSQL=${SOLR_DATAIMPORTHANDLER_MSSQL} - volumes: - - ${DATA_PATH_HOST}/solr:/opt/solr/server/solr/mycores - ports: - - "${SOLR_PORT}:8983" - networks: - - backend - -### Thumbor ######################################### - thumbor: - build: ./thumbor - volumes: - - ${DATA_PATH_HOST}/thumbor/data:/data - - ${DATA_PATH_HOST}/thumbor/data:/logs - ports: - - "${THUMBOR_PORT}:8000" - environment: - - THUMBOR_LOG_FORMAT=${THUMBOR_LOG_FORMAT} - - THUMBOR_LOG_DATE_FORMAT=${THUMBOR_LOG_DATE_FORMAT} - - MAX_WIDTH=${MAX_WIDTH} - - MAX_HEIGHT=${MAX_HEIGHT} - - MIN_WIDTH=${MIN_WIDTH} - - MIN_HEIGHT=${MIN_HEIGHT} - - ALLOWED_SOURCES=${ALLOWED_SOURCES} - - QUALITY=${QUALITY} - - WEBP_QUALITY=${WEBP_QUALITY} - - PNG_COMPRESSION_LEVEL=${PNG_COMPRESSION_LEVEL} - - AUTO_WEBP=${AUTO_WEBP} - - MAX_AGE=${MAX_AGE} - - MAX_AGE_TEMP_IMAGE=${MAX_AGE_TEMP_IMAGE} - - RESPECT_ORIENTATION=${RESPECT_ORIENTATION} - - IGNORE_SMART_ERRORS=${IGNORE_SMART_ERRORS} - - PRESERVE_EXIF_INFO=${PRESERVE_EXIF_INFO} - - ALLOW_ANIMATED_GIFS=${ALLOW_ANIMATED_GIFS} - - USE_GIFSICLE_ENGINE=${USE_GIFSICLE_ENGINE} - - USE_BLACKLIST=${USE_BLACKLIST} - - LOADER=${LOADER} - - STORAGE=${STORAGE} - - AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} - - AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} - - RESULT_STORAGE=${RESULT_STORAGE} - - ENGINE=${ENGINE} - - SECURITY_KEY=${SECURITY_KEY} - - ALLOW_UNSAFE_URL=${ALLOW_UNSAFE_URL} - - ALLOW_OLD_URLS=${ALLOW_OLD_URLS} - - FILE_LOADER_ROOT_PATH=${FILE_LOADER_ROOT_PATH} - - HTTP_LOADER_CONNECT_TIMEOUT=${HTTP_LOADER_CONNECT_TIMEOUT} - - HTTP_LOADER_REQUEST_TIMEOUT=${HTTP_LOADER_REQUEST_TIMEOUT} - - HTTP_LOADER_FOLLOW_REDIRECTS=${HTTP_LOADER_FOLLOW_REDIRECTS} - - HTTP_LOADER_MAX_REDIRECTS=${HTTP_LOADER_MAX_REDIRECTS} - - HTTP_LOADER_FORWARD_USER_AGENT=${HTTP_LOADER_FORWARD_USER_AGENT} - - HTTP_LOADER_DEFAULT_USER_AGENT=${HTTP_LOADER_DEFAULT_USER_AGENT} - - HTTP_LOADER_PROXY_HOST=${HTTP_LOADER_PROXY_HOST} - - HTTP_LOADER_PROXY_PORT=${HTTP_LOADER_PROXY_PORT} - - HTTP_LOADER_PROXY_USERNAME=${HTTP_LOADER_PROXY_USERNAME} - - HTTP_LOADER_PROXY_PASSWORD=${HTTP_LOADER_PROXY_PASSWORD} - - HTTP_LOADER_CA_CERTS=${HTTP_LOADER_CA_CERTS} - - HTTP_LOADER_VALIDATE_CERTS=${HTTP_LOADER_VALIDATE_CERTS} - - HTTP_LOADER_CLIENT_KEY=${HTTP_LOADER_CLIENT_KEY} - - HTTP_LOADER_CLIENT_CERT=${HTTP_LOADER_CLIENT_CERT} - - HTTP_LOADER_CURL_ASYNC_HTTP_CLIENT=${HTTP_LOADER_CURL_ASYNC_HTTP_CLIENT} - - STORAGE_EXPIRATION_SECONDS=${STORAGE_EXPIRATION_SECONDS} - - STORES_CRYPTO_KEY_FOR_EACH_IMAGE=${STORES_CRYPTO_KEY_FOR_EACH_IMAGE} - - FILE_STORAGE_ROOT_PATH=${FILE_STORAGE_ROOT_PATH} - - UPLOAD_MAX_SIZE=${UPLOAD_MAX_SIZE} - - UPLOAD_ENABLED=${UPLOAD_ENABLED} - - UPLOAD_PHOTO_STORAGE=${UPLOAD_PHOTO_STORAGE} - - UPLOAD_DELETE_ALLOWED=${UPLOAD_DELETE_ALLOWED} - - UPLOAD_PUT_ALLOWED=${UPLOAD_PUT_ALLOWED} - - UPLOAD_DEFAULT_FILENAME=${UPLOAD_DEFAULT_FILENAME} - - MONGO_STORAGE_SERVER_HOST=${MONGO_STORAGE_SERVER_HOST} - - MONGO_STORAGE_SERVER_PORT=${MONGO_STORAGE_SERVER_PORT} - - MONGO_STORAGE_SERVER_DB=${MONGO_STORAGE_SERVER_DB} - - MONGO_STORAGE_SERVER_COLLECTION=${MONGO_STORAGE_SERVER_COLLECTION} - - REDIS_STORAGE_SERVER_HOST=${REDIS_STORAGE_SERVER_HOST} - - REDIS_STORAGE_SERVER_PORT=${REDIS_STORAGE_SERVER_PORT} - - REDIS_STORAGE_SERVER_DB=${REDIS_STORAGE_SERVER_DB} - - REDIS_STORAGE_SERVER_PASSWORD=${REDIS_STORAGE_SERVER_PASSWORD} - - REDIS_RESULT_STORAGE_SERVER_HOST=${REDIS_RESULT_STORAGE_SERVER_HOST} - - REDIS_RESULT_STORAGE_SERVER_PORT=${REDIS_RESULT_STORAGE_SERVER_PORT} - - REDIS_RESULT_STORAGE_SERVER_DB=${REDIS_RESULT_STORAGE_SERVER_DB} - - REDIS_RESULT_STORAGE_SERVER_PASSWORD=${REDIS_RESULT_STORAGE_SERVER_PASSWORD} - - MEMCACHE_STORAGE_SERVERS=${MEMCACHE_STORAGE_SERVERS} - - MIXED_STORAGE_FILE_STORAGE=${MIXED_STORAGE_FILE_STORAGE} - - MIXED_STORAGE_CRYPTO_STORAGE=${MIXED_STORAGE_CRYPTO_STORAGE} - - MIXED_STORAGE_DETECTOR_STORAGE=${MIXED_STORAGE_DETECTOR_STORAGE} - - META_CALLBACK_NAME=${META_CALLBACK_NAME} - - DETECTORS=${DETECTORS} - - FACE_DETECTOR_CASCADE_FILE=${FACE_DETECTOR_CASCADE_FILE} - - OPTIMIZERS=${OPTIMIZERS} - - JPEGTRAN_PATH=${JPEGTRAN_PATH} - - PROGRESSIVE_JPEG=${PROGRESSIVE_JPEG} - - RESULT_STORAGE_EXPIRATION_SECONDS=${RESULT_STORAGE_EXPIRATION_SECONDS} - - RESULT_STORAGE_FILE_STORAGE_ROOT_PATH=${RESULT_STORAGE_FILE_STORAGE_ROOT_PATH} - - RESULT_STORAGE_STORES_UNSAFE=${RESULT_STORAGE_STORES_UNSAFE} - - REDIS_QUEUE_SERVER_HOST=${REDIS_QUEUE_SERVER_HOST} - - REDIS_QUEUE_SERVER_PORT=${REDIS_QUEUE_SERVER_PORT} - - REDIS_QUEUE_SERVER_DB=${REDIS_QUEUE_SERVER_DB} - - REDIS_QUEUE_SERVER_PASSWORD=${REDIS_QUEUE_SERVER_PASSWORD} - - SQS_QUEUE_KEY_ID=${SQS_QUEUE_KEY_ID} - - SQS_QUEUE_KEY_SECRET=${SQS_QUEUE_KEY_SECRET} - - SQS_QUEUE_REGION=${SQS_QUEUE_REGION} - - USE_CUSTOM_ERROR_HANDLING=${USE_CUSTOM_ERROR_HANDLING} - - ERROR_HANDLER_MODULE=${ERROR_HANDLER_MODULE} - - ERROR_FILE_LOGGER=${ERROR_FILE_LOGGER} - - ERROR_FILE_NAME_USE_CONTEXT=${ERROR_FILE_NAME_USE_CONTEXT} - - SENTRY_DSN_URL=${SENTRY_DSN_URL} - - TC_AWS_REGION=${TC_AWS_REGION} - - TC_AWS_ENDPOINT=${TC_AWS_ENDPOINT} - - TC_AWS_STORAGE_BUCKET=${TC_AWS_STORAGE_BUCKET} - - TC_AWS_STORAGE_ROOT_PATH=${TC_AWS_STORAGE_ROOT_PATH} - - TC_AWS_LOADER_BUCKET=${TC_AWS_LOADER_BUCKET} - - TC_AWS_LOADER_ROOT_PATH=${TC_AWS_LOADER_ROOT_PATH} - - TC_AWS_RESULT_STORAGE_BUCKET=${TC_AWS_RESULT_STORAGE_BUCKET} - - TC_AWS_RESULT_STORAGE_ROOT_PATH=${TC_AWS_RESULT_STORAGE_ROOT_PATH} - - TC_AWS_STORAGE_SSE=${TC_AWS_STORAGE_SSE} - - TC_AWS_STORAGE_RRS=${TC_AWS_STORAGE_RRS} - - TC_AWS_ENABLE_HTTP_LOADER=${TC_AWS_ENABLE_HTTP_LOADER} - - TC_AWS_ALLOWED_BUCKETS=${TC_AWS_ALLOWED_BUCKETS} - - TC_AWS_STORE_METADATA=${TC_AWS_STORE_METADATA} - networks: - - frontend - - backend - -### AWS EB-CLI ################################################ - aws: - build: - context: ./aws-eb-cli - volumes: - - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}${APP_CODE_CONTAINER_FLAG} - depends_on: - - workspace - tty: true - -### Portainer ################################################ - portainer: - build: - context: ./portainer - volumes: - - ${DATA_PATH_HOST}/portainer_data:/data - - /var/run/docker.sock:/var/run/docker.sock - extra_hosts: - - "dockerhost:${DOCKER_HOST_IP}" - ports: - - 9010:9000 - networks: - - backend - -### Gitlab ################################################ - gitlab: - build: - context: ./gitlab - environment: - GITLAB_OMNIBUS_CONFIG: | - external_url '${GITLAB_DOMAIN_NAME}' - redis['enable'] = false - nginx['listen_https'] = false - nginx['listen_port'] = 80 - nginx['custom_gitlab_server_config'] = "set_real_ip_from 172.0.0.0/8;\nreal_ip_header X-Real-IP;\nreal_ip_recursive on;" - postgresql['enable'] = false - gitlab_rails['trusted_proxies'] = ['caddy','nginx','apache2'] - gitlab_rails['redis_host'] = 'redis' - gitlab_rails['redis_database'] = 8 - gitlab_rails['db_host'] = '${GITLAB_POSTGRES_HOST}' - gitlab_rails['db_username'] = '${GITLAB_POSTGRES_USER}' - gitlab_rails['db_password'] = '${GITLAB_POSTGRES_PASSWORD}' - gitlab_rails['db_database'] = '${GITLAB_POSTGRES_DB}' - gitlab_rails['initial_root_password'] = '${GITLAB_ROOT_PASSWORD}' - gitlab_rails['gitlab_shell_ssh_port'] = ${GITLAB_HOST_SSH_PORT} - volumes: - - ${DATA_PATH_HOST}/gitlab/config:/etc/gitlab - - ${DATA_PATH_HOST}/gitlab/data:/var/opt/gitlab - - ${GITLAB_HOST_LOG_PATH}:/var/log/gitlab - ports: - - "${GITLAB_HOST_HTTP_PORT}:80" - - "${GITLAB_HOST_HTTPS_PORT}:443" - - "${GITLAB_HOST_SSH_PORT}:22" - networks: - - backend - depends_on: - - redis - - postgres - gitlab-runner: - image: gitlab/gitlab-runner:latest - environment: - - CI_SERVER_URL=${GITLAB_CI_SERVER_URL} - - REGISTRATION_TOKEN=${GITLAB_RUNNER_REGISTRATION_TOKEN} - - RUNNER_NAME=${COMPOSE_PROJECT_NAME}-runner - - REGISTER_NON_INTERACTIVE=${GITLAB_REGISTER_NON_INTERACTIVE} - - RUNNER_EXECUTOR=shell - volumes: - - ${DATA_PATH_HOST}/gitlab/runner:/etc/gitlab-runner - - /var/run/docker.sock:/var/run/docker.sock:rw - -### JupyterHub ######################################### - jupyterhub: - build: - context: ./jupyterhub - depends_on: - - postgres - - jupyterhub-user - volumes: - - /var/run/docker.sock:/var/run/docker.sock:rw - - ${DATA_PATH_HOST}/jupyterhub/:/data - - ${JUPYTERHUB_CUSTOM_CONFIG}:/jupyterhub_config.py - - ${JUPYTERHUB_USER_DATA}:/user-data - - ${JUPYTERHUB_USER_LIST}:/userlist - networks: - - backend - ports: - - "${JUPYTERHUB_PORT}:80" - environment: - - TERM=xterm - - JUPYTERHUB_USER_DATA=${JUPYTERHUB_USER_DATA} - - JUPYTERHUB_POSTGRES_DB=${JUPYTERHUB_POSTGRES_DB} - - JUPYTERHUB_POSTGRES_USER=${JUPYTERHUB_POSTGRES_USER} - - JUPYTERHUB_POSTGRES_HOST=${JUPYTERHUB_POSTGRES_HOST} - - JUPYTERHUB_POSTGRES_PASSWORD=${JUPYTERHUB_POSTGRES_PASSWORD} - - JUPYTERHUB_OAUTH_CALLBACK_URL=${JUPYTERHUB_OAUTH_CALLBACK_URL} - - JUPYTERHUB_OAUTH_CLIENT_ID=${JUPYTERHUB_OAUTH_CLIENT_ID} - - JUPYTERHUB_OAUTH_CLIENT_SECRET=${JUPYTERHUB_OAUTH_CLIENT_SECRET} - - JUPYTERHUB_LOCAL_NOTEBOOK_IMAGE=${COMPOSE_PROJECT_NAME}_jupyterhub-user - - JUPYTERHUB_ENABLE_NVIDIA=${JUPYTERHUB_ENABLE_NVIDIA} - jupyterhub-user: - build: - context: ./jupyterhub - dockerfile: Dockerfile.user - command: ["sh", "-c", "echo \"build only\""] - -### IPython ######################################### - ipython-controller: - build: - context: ./ipython - dockerfile: Dockerfile.controller - networks: - - backend - extra_hosts: - - "laradock-ipython:${LARADOCK_IPYTHON_CONTROLLER_IP}" - ports: - - "33327-33338:33327-33338" - ipython-engine: - build: - context: ./ipython - dockerfile: Dockerfile.engine - networks: - - backend - extra_hosts: - - "laradock-ipython:${LARADOCK_IPYTHON_CONTROLLER_IP}" - -### Docker-in-Docker ################################################ - docker-in-docker: - image: docker:19.03-dind - environment: - DOCKER_TLS_SAN: DNS:docker-in-docker - privileged: true - volumes: - - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER} - - docker-in-docker:/certs/client - expose: - - 2375 - networks: - - backend - -### NetData ################################################ - netdata: - image: netdata/netdata:latest - cap_add: - - SYS_PTRACE - volumes: - - /proc:/host/proc:ro - - /sys:/host/sys:ro - - /var/run/docker.sock:/var/run/docker.sock:ro - ports: - - "${NETDATA_PORT}:19999" - networks: - - backend - -### REDISWEBUI ################################################ - redis-webui: - build: - context: ./redis-webui - environment: - - ADMIN_USER=${REDIS_WEBUI_USERNAME} - - ADMIN_PASS=${REDIS_WEBUI_PASSWORD} - - REDIS_1_HOST=${REDIS_WEBUI_CONNECT_HOST} - - REDIS_1_PORT=${REDIS_WEBUI_CONNECT_PORT} - networks: - - backend - ports: - - "${REDIS_WEBUI_PORT}:80" - depends_on: - - redis - -### MongoWebUI ################################################ - mongo-webui: - build: - context: ./mongo-webui - environment: - - ROOT_URL=${MONGO_WEBUI_ROOT_URL} - - MONGO_URL=${MONGO_WEBUI_MONGO_URL} - - INSTALL_MONGO=${MONGO_WEBUI_INSTALL_MONGO} - volumes: - - ${DATA_PATH_HOST}/mongo-webui:/data/db - ports: - - "${MONGO_WEBUI_PORT}:3000" - networks: - - backend - depends_on: - - mongo - -### Metabase ################################################# - metabase: - image: metabase/metabase:latest - environment: - - MB_DB_FILE=/metabase-data/${METABASE_DB_FILE} - ports: - - ${METABASE_PORT}:3000 - volumes: - - ${DATA_PATH_HOST}/metabase-data:/metabase-data - networks: - - backend - -### IDE-THEIA ################################################ - ide-theia: - build: - context: ./ide-theia - volumes: - - ${APP_CODE_PATH_HOST}:/home/project - ports: - - "${IDE_THEIA_PORT}:3000" - networks: - - backend - -### IDE-WEBIDE ################################################ - ide-webide: - build: - context: ./ide-webide - volumes: - - ${DATA_PATH_HOST}/ide/webide/ide.db:/root/.coding-ide/ide.db - ports: - - "${IDE_WEBIDE_PORT}:8080" - networks: - - backend - -### IDE-CODIAD ################################################ - ide-codiad: - build: - context: ./ide-codiad - environment: - - APP_CODE_PATH_CONTAINER=${APP_CODE_PATH_CONTAINER} - - TZ=${WORKSPACE_TIMEZONE} - - PGID=1000 - - PUID=1000 - volumes: - - /etc/localtime:/etc/localtime:ro - - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER} - - ${DATA_PATH_HOST}/ide/codiad:/config - ports: - - "${IDE_CODIAD_PORT}:80" - networks: - - backend - -### IDE-ICECODER ################################################ - ide-icecoder: - build: - context: ./ide-icecoder - environment: - - DOCUMENT_ROOT=${APP_CODE_PATH_CONTAINER} - - TZ=${WORKSPACE_TIMEZONE} - - PGID=1000 - - PUID=1000 - volumes: - - /etc/localtime:/etc/localtime:ro - - ${APP_CODE_PATH_HOST}:/home/laradock/ICEcoder/dev - ports: - - "${IDE_ICECODER_PORT}:8080" - networks: - - backend - -### DOCKER-REGISTRY ################################################ - docker-registry: - build: - context: ./docker-registry - volumes: - - /etc/localtime:/etc/localtime:ro - - ${DATA_PATH_HOST}/docker-registry:/var/lib/registry - ports: - - "${DOCKER_REGISTRY_PORT}:5000" - networks: - - backend - -### DOCKER-WEB-UI ################################################ - docker-web-ui: - build: - context: ./docker-web-ui - environment: - - TZ=${WORKSPACE_TIMEZONE} - - ENV_DOCKER_REGISTRY_HOST=${DOCKER_WEBUI_REGISTRY_HOST} - - ENV_DOCKER_REGISTRY_PORT=${DOCKER_WEBUI_REGISTRY_PORT} - - ENV_DOCKER_REGISTRY_USE_SSL=${DOCKER_REGISTRY_USE_SSL} - - ENV_MODE_BROWSE_ONLY=${DOCKER_REGISTRY_BROWSE_ONLY} - volumes: - - /etc/localtime:/etc/localtime:ro - ports: - - "${DOCKER_WEBUI_PORT}:80" - networks: - - frontend - - backend - -### MAILU ################################################ - mailu: - image: mailu/admin:${MAILU_VERSION} - volumes: - - "${DATA_PATH_HOST}/mailu/data:/data" - - "${DATA_PATH_HOST}/mailu/dkim:/dkim" - - "${DATA_PATH_HOST}/mailu/webmail:/webmail" - - /var/run/docker.sock:/var/run/docker.sock:ro - depends_on: - - mailu-front - - mailu-imap - - mailu-smtp - - mailu-antispam - - mailu-antivirus - - mailu-webdav - - mailu-admin - - mailu-webmail - - mailu-fetchmail - command: ["sh", "-c", "echo ${MAILU_INIT_ADMIN_USERNAME}@${MAILU_DOMAIN} ${MAILU_INIT_ADMIN_PASSWORD} ;python manage.py advertise ; python manage.py db upgrade ; python manage.py admin ${MAILU_INIT_ADMIN_USERNAME} ${MAILU_DOMAIN} ${MAILU_INIT_ADMIN_PASSWORD} || true;sed -i -- \"s/= Off/= On/g\" /webmail/_data_/_default_/configs/config.ini || true;if grep -Fq \"registration_link_url\" /webmail/_data_/_default_/configs/config.ini;then echo Already set!;else echo \"\" >> /webmail/_data_/_default_/configs/config.ini; echo \"[login]\" >> /webmail/_data_/_default_/configs/config.ini;echo \"registration_link_url = '${MAILU_WEBSITE}${MAILU_WEB_ADMIN}/ui/user/signup'\" >> /webmail/_data_/_default_/configs/config.ini;fi"] - networks: - - backend - mailu-front: - image: mailu/nginx:${MAILU_VERSION} - environment: - - ADMIN=${MAILU_ADMIN} - - WEB_ADMIN=${MAILU_WEB_ADMIN} - - WEB_WEBMAIL=${MAILU_WEB_WEBMAIL} - - WEBDAV=${MAILU_WEBDAV} - - HOSTNAMES=${MAILU_HOSTNAMES} - - TLS_FLAVOR=${MAILU_TLS_FLAVOR} - - MESSAGE_SIZE_LIMIT=${MAILU_MESSAGE_SIZE_LIMIT} - ports: - - "${MAILU_HTTP_PORT}:80" - - "${MAILU_HTTPS_PORT}:443" - - "110:110" - - "143:143" - - "993:993" - - "995:995" - - "25:25" - - "465:465" - - "587:587" - volumes: - - "${DATA_PATH_HOST}/mailu/certs:/certs" - networks: - backend: - aliases: - - front - mailu-imap: - image: mailu/dovecot:${MAILU_VERSION} - environment: - - DOMAIN=${MAILU_DOMAIN} - - HOSTNAMES=${MAILU_HOSTNAMES} - - POSTMASTER=${MAILU_POSTMASTER} - - WEBMAIL=${MAILU_WEBMAIL} - - RECIPIENT_DELIMITER=${MAILU_RECIPIENT_DELIMITER} - volumes: - - "${DATA_PATH_HOST}/mailu/data:/data" - - "${DATA_PATH_HOST}/mailu/mail:/mail" - - "${DATA_PATH_HOST}/mailu/overrides:/overrides" - depends_on: - - mailu-front - networks: - backend: - aliases: - - imap - mailu-smtp: - image: mailu/postfix:${MAILU_VERSION} - environment: - - DOMAIN=${MAILU_DOMAIN} - - HOSTNAMES=${MAILU_HOSTNAMES} - - RELAYHOST=${MAILU_RELAYHOST} - - RELAYNETS=${MAILU_RELAYNETS} - - RECIPIENT_DELIMITER=${MAILU_RECIPIENT_DELIMITER} - - MESSAGE_SIZE_LIMIT=${MAILU_MESSAGE_SIZE_LIMIT} - volumes: - - "${DATA_PATH_HOST}/mailu/data:/data" - - "${DATA_PATH_HOST}/mailu/overrides:/overrides" - depends_on: - - mailu-front - networks: - backend: - aliases: - - smtp - mailu-antispam: - image: mailu/rspamd:${MAILU_VERSION} - volumes: - - "${DATA_PATH_HOST}/mailu/filter:/var/lib/rspamd" - - "${DATA_PATH_HOST}/mailu/dkim:/dkim" - - "${DATA_PATH_HOST}/mailu/overrides/rspamd:/etc/rspamd/override.d" - depends_on: - - mailu-front - networks: - backend: - aliases: - - antispam - mailu-antivirus: - image: mailu/clamav:${MAILU_VERSION} - volumes: - - "${DATA_PATH_HOST}/mailu/filter:/data" - networks: - backend: - aliases: - - antivirus - mailu-webdav: - image: mailu/${MAILU_WEBDAV}:${MAILU_VERSION} - volumes: - - "${DATA_PATH_HOST}/mailu/dav:/data" - networks: - backend: - aliases: - - webdav - mailu-admin: - image: mailu/admin:${MAILU_VERSION} - environment: - - DOMAIN=${MAILU_DOMAIN} - - HOSTNAMES=${MAILU_HOSTNAMES} - - POSTMASTER=${MAILU_POSTMASTER} - - SECRET_KEY=${MAILU_SECRET_KEY} - - AUTH_RATELIMIT=${MAILU_AUTH_RATELIMIT} - - TLS_FLAVOR=${MAILU_TLS_FLAVOR} - - DISABLE_STATISTICS=${MAILU_DISABLE_STATISTICS} - - DMARC_RUA=${MAILU_DMARC_RUA} - - DMARC_RUF=${MAILU_DMARC_RUF} - - WELCOME=${MAILU_WELCOME} - - WELCOME_SUBJECT=${MAILU_WELCOME_SUBJECT} - - WELCOME_BODY=${MAILU_WELCOME_BODY} - - WEB_ADMIN=${MAILU_WEB_ADMIN} - - WEB_WEBMAIL=${MAILU_WEB_WEBMAIL} - - WEBSITE=${MAILU_WEBSITE} - - WEBMAIL=${MAILU_WEBMAIL} - - SITENAME=${MAILU_SITENAME} - - PASSWORD_SCHEME=${MAILU_PASSWORD_SCHEME} - - RECAPTCHA_PUBLIC_KEY=${MAILU_RECAPTCHA_PUBLIC_KEY} - - RECAPTCHA_PRIVATE_KEY=${MAILU_RECAPTCHA_PRIVATE_KEY} - volumes: - - "${DATA_PATH_HOST}/mailu/data:/data" - - "${DATA_PATH_HOST}/mailu/dkim:/dkim" - - /var/run/docker.sock:/var/run/docker.sock:ro - depends_on: - - redis - networks: - backend: - aliases: - - admin - mailu-webmail: - image: "mailu/${MAILU_WEBMAIL}:${MAILU_VERSION}" - volumes: - - "${DATA_PATH_HOST}/mailu/webmail:/data" - networks: - backend: - aliases: - - webmail - mailu-fetchmail: - image: mailu/fetchmail:${MAILU_VERSION} - environment: - - FETCHMAIL_DELAY=${MAILU_FETCHMAIL_DELAY} - volumes: - - "${DATA_PATH_HOST}/mailu/data:/data" - networks: - backend: - aliases: - - fetchmail - -### TRAEFIK ######################################### - traefik: - build: - context: ./traefik - volumes: - - /var/run/docker.sock:/var/run/docker.sock - - ./traefik/data:/data - command: - - "--api" - - "--providers.docker.exposedbydefault=false" - - "--accesslog.filepath=/data/access.log" - # entrypoints - - "--entrypoints.http.address=:${TRAEFIK_HOST_HTTP_PORT}" - - "--entrypoints.http.http.redirections.entrypoint.to=https" - - "--entrypoints.https.address=:${TRAEFIK_HOST_HTTPS_PORT}" - - "--entrypoints.traefik.address=:${TRAEFIK_DASHBOARD_PORT}" - # certificatesresolvers - - "--certificatesresolvers.letsencrypt.acme.email=${ACME_EMAIL}" - - "--certificatesresolvers.letsencrypt.acme.storage=/data/acme.json" - - "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=http" - ports: - - "${TRAEFIK_HOST_HTTP_PORT}:${TRAEFIK_HOST_HTTP_PORT}" - - "${TRAEFIK_HOST_HTTPS_PORT}:${TRAEFIK_HOST_HTTPS_PORT}" - - "${TRAEFIK_DASHBOARD_PORT}:${TRAEFIK_DASHBOARD_PORT}" - networks: - - frontend - - backend - labels: - - "traefik.enable=true" - - "traefik.http.routers.traefik.rule=Host(`${ACME_DOMAIN}`)" - - "traefik.http.routers.traefik.entrypoints=traefik" - - "traefik.http.routers.traefik.service=api@internal" - - "traefik.http.routers.traefik.middlewares=access-auth" - - "traefik.http.routers.traefik.tls.certresolver=letsencrypt" - - "traefik.http.middlewares.access-auth.basicauth.realm=Login Required" - - "traefik.http.middlewares.access-auth.basicauth.users=${TRAEFIK_DASHBOARD_USER}" - -### MOSQUITTO Broker ######################################### - mosquitto: - build: - context: ./mosquitto - volumes: - - ${DATA_PATH_HOST}/mosquitto/data:/mosquitto/data - ports: - - "${MOSQUITTO_PORT}:9001" - networks: - - frontend - - backend - -### COUCHDB ################################################### - couchdb: - build: - context: ./couchdb - volumes: - - ${DATA_PATH_HOST}/couchdb/data:/opt/couchdb/data - ports: - - "${COUCHDB_PORT}:5984" - networks: - - backend - -### Manticore Search ########################################### - manticore: - build: - context: ./manticore - volumes: - - ${MANTICORE_CONFIG_PATH}:/etc/sphinxsearch - - ${DATA_PATH_HOST}/manticore/data:/var/lib/manticore/data - - ${DATA_PATH_HOST}/manticore/log:/var/log/manticore - ports: - - "${MANTICORE_API_PORT}:9312" - - "${MANTICORE_SPHINXQL_PORT}:9306" - - "${MANTICORE_HTTP_PORT}:9308" - networks: - - backend - -### SONARQUBE ################################################ - sonarqube: - build: - context: ./sonarqube - hostname: "${SONARQUBE_HOSTNAME}" - volumes: - - ${DATA_PATH_HOST}/sonarqube/conf:/opt/sonarqube/conf - - ${DATA_PATH_HOST}/sonarqube/data:/opt/sonarqube/data - - ${DATA_PATH_HOST}/sonarqube/logs:/opt/sonarqube/logs - - ${DATA_PATH_HOST}/sonarqube/extensions:/opt/sonarqube/extensions - - ${DATA_PATH_HOST}/sonarqube/plugins:/opt/sonarqube/lib/bundled-plugins - ports: - - ${SONARQUBE_PORT}:9000 - depends_on: - - postgres - environment: - - sonar.jdbc.username=${SONARQUBE_POSTGRES_USER} - - sonar.jdbc.password=${SONARQUBE_POSTGRES_PASSWORD} - - sonar.jdbc.url=jdbc:postgresql://${SONARQUBE_POSTGRES_HOST}:5432/${SONARQUBE_POSTGRES_DB} - networks: - - backend - - frontend - -### CONFLUENCE ################################################ - confluence: - container_name: Confluence - image: atlassian/confluence-server:${CONFLUENCE_VERSION} - restart: always - ports: - - "${CONFLUENCE_HOST_HTTP_PORT}:8090" - networks: - - frontend - - backend - depends_on: - - postgres - volumes: - - ${DATA_PATH_HOST}/Confluence:/var/atlassian/application-data - -### tomcat #################################################### - tomcat: - container_name: tomcat - image: tomcat:${TOMCAT_VERSION} - ports: - - "${TOMCAT_HOST_HTTP_PORT}:8080" - networks: - - frontend - - backend - volumes: - - ${DATA_PATH_HOST}/tomcat/webapps:/usr/local/tomcat/webapps - - ${DATA_PATH_HOST}/tomcat/logs:/usr/local/tomcat/logs - # restart: always - diff --git a/compose/docker-composer-2.yml b/compose/docker-composer-2.yml deleted file mode 100644 index b216a9dc..00000000 --- a/compose/docker-composer-2.yml +++ /dev/null @@ -1,97 +0,0 @@ -version: "3" -services: - php72: - build: - context: . - args: - PHP_VERSION: 7.2 - container_name: php72 - restart: always - working_dir: /var/www - volumes: - - ~/.ssh:/root/.ssh/ - - ${WEB_ROOT}:/var/www:cached - - ${COMPOSER}/php72:/root/.composer/ - - ${PHP72_INI}:/usr/local/etc/php/php.ini - environment: - TZ: "$TZ" - WEB_ENV: "local" # 信用飞项目使用 - ports: # hexo 需要 4000 端口 - - 4000:4000 - extra_hosts: - - fund-api.test:172.20.128.2 - - xyf-pay-system.test:172.20.128.2 - - shoufuyou-pay-gateway.test:172.20.128.2 - - xyf-middleground-system.test:172.20.128.2 - networks: - static-network: - - # php73: - # build: - # context: . - # args: - # PHP_VERSION: 7.3 - # container_name: php73 - # restart: always - # working_dir: /var/www - # volumes: - # - ${WEB_ROOT}:/var/www - # - ${COMPOSER}/php73:/root/.composer/ - # - ${PHP73_INI}:/usr/local/etc/php/php.ini - # environment: - # TZ: "$TZ" - # ports: - # - 9501:9501 - # networks: - # static-network: - - nginx: - image: nginx:alpine - container_name: nginx - restart: always - volumes: - - ${WEB_ROOT}:/var/www:cached # 需要和 php 的目录一致 - - ${NGINX_CONF}:/etc/nginx/conf.d # nginx 配置 - - ${LOG}/nginx:/var/log/nginx/ # nginx 日志 - ports: - - ${NGINX_PORT}:80 - environment: - TZ: "$TZ" - networks: - static-network: - ipv4_address: 172.20.128.2 - - mysql: - image: mysql:${MYSQL_VERSION} - container_name: mysql - volumes: - - ${MYSQL_DATA}:/var/lib/mysql - restart: always - environment: - MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD} - MYSQL_USER: ${MYSQL_USER} - MYSQL_PASSWORD: ${MYSQL_PASSWORD} - TZ: "$TZ" - ports: - - ${MYSQL_PORT}:3306 - networks: - static-network: - - redis: - image: redis:${REDIS_VERSION} - container_name: redis - restart: always - volumes: - - ${REDIS_DATA}:/data - - ${REDIS_CONF}:/usr/local/etc/redis/redis.conf - ports: - - ${REDIS_PORT}:6379 - command: [ redis-server, "/usr/local/etc/redis/redis.conf" ] - networks: - static-network: - -networks: - static-network: - ipam: - config: - - subnet: 172.20.0.0/16 \ No newline at end of file diff --git a/compose/docker-composer-3.yml b/compose/docker-composer-3.yml deleted file mode 100644 index 708954e6..00000000 --- a/compose/docker-composer-3.yml +++ /dev/null @@ -1,81 +0,0 @@ -version: '3' -services: - app: - cap_add: - - SYS_PTRACE -# image: zdzserver/lnmp-app # 使用已有的镜像(快速) -# build: # 自己构建(php安装扩展越多,越慢) -# context: . -# args: -# TZ: ${TZ} -# ALPINE_REPOSITORIES: ${ALPINE_REPOSITORIES} -# PHP_VERSION: ${PHP_VERSION:-7.4.3} -# PHP_EXTENSIONS: ${PHP_EXTENSIONS}} - ports: - - 80:80 - - 433:433 - restart: always - volumes: - - ${WEB_DIR:-/srv/www}:/srv/www - - ./php/php.ini:/usr/local/etc/php/conf.d/my.ini - - ./php/php-fpm.conf:/usr/local/etc/php-fpm.d/zz-docker.conf - - ./nginx/conf.d:/etc/nginx/conf.d/ - - ./nginx/nginx.conf:/etc/nginx/nginx.conf - - ./nginx/extend:/etc/nginx/extend - - ./log/php:/var/log/php - - ./log/nginx:/var/log/nginx - networks: - - default - mysql: - image: mysql:${MYSQL_IMAGE_VERSION:-latest} - ports: - - 3306:3306 - restart: always - volumes: - - ./mysql/conf/mysql.cnf:/etc/mysql/conf.d/mysql.cnf:ro - - ./log/mysql:/var/log/mysql/:rw - - ./mysql/data:/var/lib/mysql/:rw - environment: - MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD} - TZ: ${TZ} - networks: - - default - redis: - image: redis:${REDIS_IMAGE_VERSION:-latest} - ports: - - 6379:6379 - restart: always - volumes: - - ./redis/data:/data:rw - - ./redis/conf/redis.conf:/etc/redis.conf:ro - - ./log/redis:/var/log/redis - command: ["redis-server", "/etc/redis.conf"] - networks: - - default - environment: - TZ: ${TZ} - mongo: - image: mongo:${MONGO_IMAGE_VERSION:-latest} - ports: - - 27017:27017 - restart: always - volumes: - - ./mongo/conf/mongod.yml:/etc/mongod.conf:rw - - ./log/mongo:/var/log/mongo - environment: - TZ: ${TZ} - MONGO_INITDB_ROOT_USERNAME: ${MONGO_INITDB_ROOT_USERNAME} - MONGO_INITDB_ROOT_PASSWORD: ${MONGO_INITDB_ROOT_PASSWORD} - # 配置文件 换行符不能是CRLF和CR - command: mongod --config /etc/mongod.conf - networks: - - default - mongo-express: - image: mongo-express:${MONGO_EXPRESS_IMAGE_VERSION:-latest} - ports: - - 8081:8081 - environment: - ME_CONFIG_MONGODB_ADMINUSERNAME: ${MONGO_INITDB_ROOT_USERNAME} - ME_CONFIG_MONGODB_ADMINPASSWORD: ${MONGO_INITDB_ROOT_PASSWORD} - networks: - - default \ No newline at end of file diff --git a/compose/docker-composer-4.yml b/compose/docker-composer-4.yml deleted file mode 100644 index 2ba30c9b..00000000 --- a/compose/docker-composer-4.yml +++ /dev/null @@ -1,329 +0,0 @@ -version: "3" -services: - nginx: - build: - context: ./services/nginx - args: - NGINX_VERSION: nginx:${NGINX_VERSION} - CONTAINER_PACKAGE_URL: ${CONTAINER_PACKAGE_URL} - NGINX_INSTALL_APPS: ${NGINX_INSTALL_APPS} - container_name: nginx - ports: - - "${NGINX_HTTP_HOST_PORT}:80" - - "${NGINX_HTTPS_HOST_PORT}:443" - volumes: - - ${SOURCE_DIR}:/www/:rw - - ${NGINX_SSL_CERTIFICATE_DIR}:/ssl:rw - - ${NGINX_CONFD_DIR}:/etc/nginx/conf.d/:rw - - ${NGINX_CONF_FILE}:/etc/nginx/nginx.conf:ro - - ${NGINX_FASTCGI_PHP_CONF}:/etc/nginx/fastcgi-php.conf:ro - - ${NGINX_FASTCGI_PARAMS}:/etc/nginx/fastcgi_params:ro - - ${NGINX_LOG_DIR}:/var/log/nginx/:rw - environment: - TZ: "$TZ" - restart: always - networks: - - default - - php: - build: - context: ./services/php - args: - PHP_VERSION: php:${PHP_VERSION}-fpm-alpine - CONTAINER_PACKAGE_URL: ${CONTAINER_PACKAGE_URL} - PHP_EXTENSIONS: ${PHP_EXTENSIONS} - TZ: "$TZ" - container_name: php - expose: - - 9501 - extra_hosts: - - "www.site1.com:172.17.0.1" - volumes: - - ${SOURCE_DIR}:/www/:rw - - ${PHP_PHP_CONF_FILE}:/usr/local/etc/php/php.ini:ro - - ${PHP_FPM_CONF_FILE}:/usr/local/etc/php-fpm.d/www.conf:rw - - ${PHP_LOG_DIR}:/var/log/php - - ${DATA_DIR}/composer:/tmp/composer - restart: always - cap_add: - - SYS_PTRACE - networks: - - default - -# php56: -# build: -# context: ./services/php -# args: -# PHP_VERSION: php:${PHP56_VERSION}-fpm-alpine -# CONTAINER_PACKAGE_URL: ${CONTAINER_PACKAGE_URL} -# PHP_EXTENSIONS: ${PHP56_EXTENSIONS} -# TZ: "$TZ" -# container_name: php56 -# expose: -# - 9501 -# volumes: -# - ${SOURCE_DIR}:/www/:rw -# - ${PHP56_PHP_CONF_FILE}:/usr/local/etc/php/php.ini:ro -# - ${PHP56_FPM_CONF_FILE}:/usr/local/etc/php-fpm.d/www.conf:rw -# - ${PHP56_LOG_DIR}:/var/log/php -# - ${DATA_DIR}/composer:/tmp/composer -# restart: always -# cap_add: -# - SYS_PTRACE -# networks: -# - default - -# php54: -# build: -# context: ./services/php54 -# args: -# PHP_VERSION: php:${PHP54_VERSION}-fpm -# CONTAINER_PACKAGE_URL: ${CONTAINER_PACKAGE_URL} -# PHP_EXTENSIONS: ${PHP54_EXTENSIONS} -# TZ: "$TZ" -# container_name: php54 -# volumes: -# - ${SOURCE_DIR}:/www/:rw -# - ${PHP54_PHP_CONF_FILE}:/usr/local/etc/php/php.ini:ro -# - ${PHP54_FPM_CONF_FILE}:/usr/local/etc/php-fpm.d/www.conf:rw -# - ${PHP54_LOG_DIR}:/var/log/php -# - ${DATA_DIR}/composer:/tmp/composer -# restart: always -# cap_add: -# - SYS_PTRACE -# networks: -# - default - - mysql: - image: mysql:${MYSQL_VERSION} - container_name: mysql - ports: - - "${MYSQL_HOST_PORT}:3306" - volumes: - - ${MYSQL_CONF_FILE}:/etc/mysql/conf.d/mysql.cnf:ro - - ${DATA_DIR}/mysql:/var/lib/mysql/:rw - restart: always - networks: - - default - environment: - MYSQL_ROOT_PASSWORD: "${MYSQL_ROOT_PASSWORD}" - TZ: "$TZ" - -# mysql5: -# image: mysql:${MYSQL5_VERSION} -# container_name: mysql5 -# ports: -# - "${MYSQL5_HOST_PORT}:3306" -# volumes: -# - ${MYSQL5_CONF_FILE}:/etc/mysql/conf.d/mysql.cnf:ro -# - ${DATA_DIR}/mysql5:/var/lib/mysql/:rw -# restart: always -# networks: -# - default -# environment: -# MYSQL_ROOT_PASSWORD: "${MYSQL5_ROOT_PASSWORD}" -# TZ: "$TZ" - -# openresty: -# image: openresty/openresty:${OPENRESTY_VERSION} -# container_name: openresty -# ports: -# - "${OPENRESTY_HTTP_HOST_PORT}:80" -# - "${OPENRESTY_HTTPS_HOST_PORT}:443" -# volumes: -# - ${SOURCE_DIR}:/www/:rw -# - ${OPENRESTY_CONFD_DIR}:/etc/nginx/conf.d/:ro -# - ${OPENRESTY_SSL_CERTIFICATE_DIR}:/ssl:rw -# - ${OPENRESTY_CONF_FILE}:/usr/local/openresty/nginx/conf/nginx.conf:ro -# - ${OPENRESTY_FASTCGI_PHP_CONF}:/usr/local/openresty/nginx/conf/fastcgi-php.conf:ro -# - ${OPENRESTY_CONF_FASTCGIPARAMS_FILE}:/usr/local/openresty/nginx/conf/fastcgi_params:ro -# - ${OPENRESTY_LOG_DIR}:/var/log/nginx/:rw -# environment: -# TZ: "$TZ" -# networks: -# - default - -# redis: -# image: redis:${REDIS_VERSION} -# container_name: redis -# ports: -# - "${REDIS_HOST_PORT}:6379" -# volumes: -# - ${REDIS_CONF_FILE}:/etc/redis.conf:ro -# - ${DATA_DIR}/redis:/data/:rw -# restart: always -# entrypoint: ["redis-server", "/etc/redis.conf"] -# environment: -# TZ: "$TZ" -# networks: -# - default - -# memcached: -# image: memcached:${MEMCACHED_VERSION} -# container_name: memcached -# ports: -# - "${MEMCACHED_HOST_PORT}:11211" -# environment: -# MEMCACHED_CACHE_SIZE: "${MEMCACHED_CACHE_SIZE}" -# networks: -# - default - -# rabbitmq: -# image: rabbitmq:${RABBITMQ_VERSION} -# container_name: rabbitmq -# restart: always -# ports: -# - "${RABBITMQ_HOST_PORT_C}:5672" -# - "${RABBITMQ_HOST_PORT_S}:15672" -# environment: -# TZ: "$TZ" -# RABBITMQ_DEFAULT_USER: "${RABBITMQ_DEFAULT_USER}" -# RABBITMQ_DEFAULT_PASS: "${RABBITMQ_DEFAULT_PASS}" -# networks: -# - default - -# phpmyadmin: -# image: phpmyadmin/phpmyadmin:latest -# container_name: phpmyadmin -# ports: -# - "${PHPMYADMIN_HOST_PORT}:80" -# volumes: -# - ${PHPMYADMIN_USER_CONF_FILE}:/etc/phpmyadmin/config.user.inc.php:ro -# - ${PHPMYADMIN_PHP_CONF_FILE}:/usr/local/etc/php/conf.d/php-phpmyadmin.ini:ro -# networks: -# - default -# environment: -# - PMA_HOST=mysql -# - PMA_PORT=3306 -# - TZ=$TZ - -# phpredisadmin: -# image: erikdubbelboer/phpredisadmin:latest -# container_name: phpredisadmin -# ports: -# - "${REDISMYADMIN_HOST_PORT}:80" -# networks: -# - default -# environment: -# - REDIS_1_HOST=redis -# - REDIS_1_PORT=6379 -# - TZ=$TZ - -# mongodb: -# image: mongo:${MONGODB_VERSION} -# container_name: mongodb -# environment: -# MONGO_INITDB_ROOT_USERNAME: "${MONGODB_INITDB_ROOT_USERNAME}" -# MONGO_INITDB_ROOT_PASSWORD: "${MONGODB_INITDB_ROOT_PASSWORD}" -# TZ: "$TZ" -# volumes: -# - ${DATA_DIR}/mongo:/data/db:rw -# - ${DATA_DIR}/mongo_key:/mongo:rw -# ports: -# - "${MONGODB_HOST_PORT}:27017" -# networks: -# - default -# command: -# --auth - -# adminmongo: -# image: mrvautin/adminmongo -# container_name: adminmongo -# ports: -# - "${ADMINMONGO_HOST_PORT}:1234" -# environment: -# - HOST=0.0.0.0 -# - DB_HOST=mongodb -# - DB_PORT=27017 -# networks: -# - default - -# elasticsearch: -# build: -# context: ./services/elasticsearch -# args: -# ELASTICSEARCH_VERSION: ${ELASTICSEARCH_VERSION} -# ELASTICSEARCH_PLUGINS: ${ELASTICSEARCH_PLUGINS} -# container_name: elasticsearch -# environment: -# - TZ=$TZ -# - discovery.type=single-node -# - "ES_JAVA_OPTS=-Xms512m -Xmx512m" -# volumes: -# - ${DATA_DIR}/esdata:/usr/share/elasticsearch/data -# - ${ELASTICSEARCH_CONF_FILE}:/usr/share/elasticsearch/config/elasticsearch.yml -# hostname: elasticsearch -# restart: always -# ports: -# - "${ELASTICSEARCH_HOST_PORT_C}:9200" -# - "${ELASTICSEARCH_HOST_PORT_S}:9300" - -# kibana: -# image: kibana:${KIBANA_VERSION} -# container_name: kibana -# environment: -# TZ: "$TZ" -# elasticsearch.hosts: http://elasticsearch:9200 -# I18N_LOCALE: "${KIBANA_I18N_LOCALE}" -# hostname: kibana -# depends_on: -# - elasticsearch -# restart: always -# ports: -# - "${KIBANA_HOST}:5601" - -# logstash: -# image: logstash:${LOGSTASH_VERSION} -# container_name: logstash -# hostname: logstash -# restart: always -# depends_on: -# - elasticsearch -# environment: -# TZ: "$TZ" -# ports: -# - "${LOGSTASH_HOST_PORT_C}:9600" -# - "${LOGSTASH_HOST_PORT_S}:5044" - -# node: -# image: node:${NODE_VERSION} -# environment: -# - NODE_ENV=production -# volumes: -# - ${SOURCE_DIR}:/www/:rw -# expose: -# - "8081" -# networks: -# - default -# stdin_open: true -# tty: true - - -# supervisor: -# build: -# context: ./services/supervisor -# args: -# ALPINE_VERSION: alpine:${ALPINE_VERSION} -# TZ: "$TZ" -# CONTAINER_PACKAGE_URL: ${CONTAINER_PACKAGE_URL} -# container_name: supervisor -# ports: -# - "${SUPERVISOR_HOST_PORT_C}:9001" -# volumes: -# - ${SOURCE_DIR}:/www/:rw -# - ${SUPERVISOR_LOG}:/var/log/supervisor/:rw -# - ${SUPERVISOR_CONFIG}:/etc/supervisor/conf.d/:rw -# - ${SUPERVISOR_CONF_FILE}:/etc/supervisor/supervisord.conf:ro -# command: -# - /bin/sh -# - -c -# - | -# supervisord -n -c /etc/supervisor/supervisord.conf -# restart: always -# cap_add: -# - SYS_PTRACE -# networks: -# - default - -networks: - default: diff --git a/compose/docker-composer-5.yml b/compose/docker-composer-5.yml deleted file mode 100644 index 3e84ba3e..00000000 --- a/compose/docker-composer-5.yml +++ /dev/null @@ -1,94 +0,0 @@ -version: '3' -services: - nginx: - build: - context: ./nginx - args: - NGINX_VERSION: $NGINX_VERSION - depends_on: - - php - ports: - - "80:80" - - "443:443" - volumes: - - ./www:/usr/share/nginx/html - - ./nginx/conf.d:/etc/nginx/conf.d - - ./nginx/cert:/etc/nginx/cert - - ./nginx/nginx.conf:/etc/nginx/nginx.conf - - ./nginx/log/error.log:/var/log/nginx/error.log - networks: - - frontend - restart: always - container_name: nginx - - php: - build: - context: ./php - args: - PHP_VERSION: $PHP_VERSION - SWOOLE_VERSION: $SWOOLE_VERSION - AMQP_VERSION: $AMQP_VERSION - ports: - - "9501:9501" - volumes: - - ./www:/var/www/html - - ./php/config/php.ini:/usr/local/etc/php/php.ini - - ./php/config/php-fpm.conf:/usr/local/etc/php-fpm.conf - - ./php/config/php-fpm.d:/usr/local/etc/php-fpm.d - networks: - - frontend - - backend - restart: always - container_name: php - - mysql: - build: ./mysql - ports: - - "3306:3306" - volumes: - - ./mysql/data:/var/lib/mysql - - ./mysql/my.cnf:/etc/my.cnf - environment: - MYSQL_ROOT_PASSWORD: 123456 - networks: - - backend - restart: always - container_name: mysql - - redis: - build: ./redis - ports: - - "6379:6379" - volumes: - - ./redis/redis.conf/:/usr/local/etc/redis.conf - - ./redis/data:/usr/local/redis/data - - ./redis/redis.log:/usr/local/redis/redis.log - networks: - - backend - restart: always - container_name: redis - - rabbitmq: - #容器名称 - container_name: rabbitmq - #镜像名称 - image: rabbitmq:3.8.3 - #总是重启后启动 - restart: always - #端口映射 - ports: - - 5672:5672 - - 15672:15672 - #挂载 - volumes: - - ./rabbitmq/data:/var/lib/rabbitmq - #环境变量 - environment: - - RABBITMQ_DEFAULT_USER=admin - - RABBITMQ_DEFAULT_PASS=123456 - networks: - - backend -networks: - frontend: - backend: - diff --git a/compose/docker-composer-6.yml b/compose/docker-composer-6.yml deleted file mode 100644 index b46e36c3..00000000 --- a/compose/docker-composer-6.yml +++ /dev/null @@ -1,52 +0,0 @@ -# Web development environment -version: "3.6" -services: - - home: - image: vfac/envdevhome:1.2 - container_name: home - env_file: .env - volumes: - - ${PROJECTS_PATH}:${PROJECTS_PATH_DEST} - - ./version:/var/www/html/envdev/version - - ./profiles:/var/www/html/profiles - - ./conf:/envdevconf - ports: - - '1234:80' - links: - - base:base - depends_on: - - base - networks: - vfac: - ipv4_address: 172.16.238.18 - - base: - image: ${BASE_IMAGE}:${BASE_VERSION} - container_name: base - env_file: - - .env - volumes: - - ${PROJECTS_PATH}:${PROJECTS_PATH_DEST} - - ./tools/phpinfo:/var/www/html/phpinfo - - ./conf/php/php.ini:/usr/local/etc/php/php.ini - - ./outputs/profiler:/outputs/profiler - - ~/.gitconfig:/root/.gitconfig - - ~/.gitconfig:/home/vfac/.gitconfig - - ~/.ssh:/root/.ssh - - ~/.ssh:/home/vfac/.ssh - user: "${USER_ID}:${GROUP_ID}" - ports: - - '22:22' - - working_dir: ${PROJECTS_PATH_DEST} - networks: - vfac: - ipv4_address: ${BASE_STATIC_IP} - -networks: - vfac: - name: vfac - ipam: - config: - - subnet: 172.16.238.0/24 diff --git a/compose/docker-composer-7.yml b/compose/docker-composer-7.yml deleted file mode 100644 index c301a58e..00000000 --- a/compose/docker-composer-7.yml +++ /dev/null @@ -1,41 +0,0 @@ -version: '2' -services: - nginx: - image: "${DOCKER_USER}/lnmp-nginx:v1.2" - build: - context: . - dockerfile: Dockerfile.nginx - ports: - - "80:80" - networks: - - frontend - depends_on: - - php - php: - image: "${DOCKER_USER}/lnmp-php:v1.2" - build: - context: . - dockerfile: Dockerfile.php - networks: - - frontend - - backend - environment: - MYSQL_PASSWORD: Passw0rd - depends_on: - - mysql - mysql: - image: mysql:5.7 - volumes: - - mysql-data:/var/lib/mysql - environment: - TZ: 'Asia/Shanghai' - MYSQL_ROOT_PASSWORD: Passw0rd - command: ['mysqld', '--character-set-server=utf8'] - networks: - - backend -volumes: - mysql-data: - -networks: - frontend: - backend: diff --git a/compose/elasticsearch-compose.yml b/compose/elasticsearch-compose.yml deleted file mode 100644 index 389a3a10..00000000 --- a/compose/elasticsearch-compose.yml +++ /dev/null @@ -1,53 +0,0 @@ -version: '2.2' -services: - elasticsearch: - image: docker.elastic.co/elasticsearch/elasticsearch:6.4.3 - container_name: elasticsearch - environment: - - cluster.name=docker-cluster - - bootstrap.memory_lock=true - - "ES_JAVA_OPTS=-Xms512m -Xmx512m" - - "discovery.zen.ping.unicast.hosts=elasticsearch2, elasticsearch" - - script.painless.regex.enabled=true - - node.master=false - - node.data=true - ulimits: - memlock: - soft: -1 - hard: -1 - volumes: - - esdata1:/usr/share/elasticsearch/data - ports: - - 9200:9200 - networks: - - esnet - elasticsearch2: - image: docker.elastic.co/elasticsearch/elasticsearch:6.4.3 - container_name: elasticsearch2 - environment: - - cluster.name=docker-cluster - - bootstrap.memory_lock=true - - "ES_JAVA_OPTS=-Xms512m -Xmx512m" - - "discovery.zen.ping.unicast.hosts=elasticsearch, elasticsearch2" - - script.painless.regex.enabled=true - - node.master=true - - node.data=false - ulimits: - memlock: - soft: -1 - hard: -1 - volumes: - - esdata2:/usr/share/elasticsearch/data - ports: - - 9201:9200 - networks: - - esnet - -volumes: - esdata1: - driver: local - esdata2: - driver: local - -networks: - esnet: diff --git a/compose/ethereum-stack-compose.yml b/compose/ethereum-stack-compose.yml deleted file mode 100755 index f696d843..00000000 --- a/compose/ethereum-stack-compose.yml +++ /dev/null @@ -1,32 +0,0 @@ -version: '2' - -services: - - ganache: - container_name: ganache - image: gengxiankun/ganache - expose: - - "7454" - ports: - - "7454:7454" - environment: - - NETWORKID=6 - - PORT=7454 - restart: always - - truffle: - container_name: truffle - image: gengxiankun/truffle - volumes: - - ../docker-compose_data/ethereum/:/data/ - working_dir: /data - links: - - ganache:ganache - restart: always - - geth: - container_name: geth - image: gengxiankun/geth - restart: always - links: - - ganache:ganache diff --git a/compose/fast.yml b/compose/fast.yml deleted file mode 100644 index 0406ab8c..00000000 --- a/compose/fast.yml +++ /dev/null @@ -1,89 +0,0 @@ -version: '3' - -services: - cgi: - container_name: cgi - image: registry.cn-beijing.aliyuncs.com/duiying/php7.2:1.0 - tty: true - restart: always - expose: - - "9000" - volumes: - - ./www:/data/www - - ./docker/log/cgi:/var/log/php-fpm - depends_on: - - mysql - - redis - links: - - mysql:mysql - - redis:redis - proxy: - container_name: proxy - image: registry.cn-beijing.aliyuncs.com/duiying/nginx:1.0 - tty: true - restart: always - ports: - - "80:80" - - "443:443" - volumes: - - ./www:/data/www - - ./docker/config/proxy/conf.d:/etc/nginx/conf.d - - ./docker/log/proxy:/var/log/nginx - depends_on: - - cgi - links: - - cgi - mysql: - container_name: mysql - image: daocloud.io/library/mysql:5.6 - restart: always - expose: - - "3306" - ports: - - "3306:3306" - volumes: - - ./docker/data/mysql:/var/lib/mysql - environment: - - MYSQL_ROOT_PASSWORD=root - redis: - container_name: redis - image: daocloud.io/library/redis - restart: always - expose: - - "6379" - ports: - - "6379:6379" - volumes: - - ./docker/data/redis:/data - command: redis-server --appendonly yes - phpmyadmin: - container_name: phpmyadmin - image: daocloud.io/daocloud/phpmyadmin - expose: - - '80' - ports: - - "8080:80" - environment: - - PMA_ARBITRARY=0 - - PMA_HOST=mysql - # 如果取消下面两行注释, phpmyadmin就不用输入用户名和密码, 可以直接登录 - # - PMA_USER=root - # - PMA_PASSWORD=root - depends_on: - - mysql - links: - - mysql:mysql - phpredisadmin: - container_name: phpredisadmin - image: erikdubbelboer/phpredisadmin - expose: - - '80' - ports: - - "8081:80" - environment: - - REDIS_1_HOST=redis - - REDIS_1_NAME=redis - depends_on: - - redis - links: - - redis:redis diff --git a/compose/filebeat-compose.yml b/compose/filebeat-compose.yml deleted file mode 100644 index b610bb0b..00000000 --- a/compose/filebeat-compose.yml +++ /dev/null @@ -1,4 +0,0 @@ -version: '2.2' -services: - filebeat: - image: docker.elastic.co/beats/filebeat:6.4.3 \ No newline at end of file diff --git a/compose/kibana-compose.yml b/compose/kibana-compose.yml deleted file mode 100644 index 2cddb13c..00000000 --- a/compose/kibana-compose.yml +++ /dev/null @@ -1,10 +0,0 @@ -version: '2.2' - -services: - kibana: - container_name: kibana - image: docker.elastic.co/kibana/kibana:6.4.3 - environment: - ELASTICSEARCH_URL: http://10.0.72.173:9200 - ports: - - 5601:5601 \ No newline at end of file diff --git a/compose/laradock.yml b/compose/laradock.yml deleted file mode 100644 index 55b0edbe..00000000 --- a/compose/laradock.yml +++ /dev/null @@ -1,314 +0,0 @@ -version: '2' - -services: - -### Workspace Utilities Container ########################### - - workspace: - build: - context: ./workspace - args: - - INSTALL_XDEBUG=false - - INSTALL_MONGO=false - - INSTALL_NODE=true - - INSTALL_YARN=true - - INSTALL_DRUSH=false - - INSTALL_AEROSPIKE_EXTENSION=false - - COMPOSER_GLOBAL_INSTALL=false - - INSTALL_WORKSPACE_SSH=false - - PUID=1000 - - PGID=1000 - - NODE_VERSION=stable - - TZ=UTC - volumes_from: - - volumes_source - extra_hosts: - # IMPORTANT: Replace with your Docker Host IP (will be appended to /etc/hosts) - - "dockerhost:10.0.75.1" - ports: - - "22:22" - tty: true - -### PHP-FPM Container ####################################### - - php-fpm: - build: - context: ./php-fpm - args: - - INSTALL_XDEBUG=false - - INSTALL_MONGO=false - - INSTALL_ZIP_ARCHIVE=false - - INSTALL_MEMCACHED=false - - INSTALL_OPCACHE=false - - INSTALL_AEROSPIKE_EXTENSION=false - dockerfile: Dockerfile-70 - volumes_from: - - volumes_source - expose: - - "9000" - links: - - workspace - extra_hosts: - # IMPORTANT: Replace with your Docker Host IP (will be appended to /etc/hosts) - - "dockerhost:10.0.75.1" - environment: - # IMPORTANT: Set the Remote Interpreter entry matching name to `laravel` - - PHP_IDE_CONFIG="serverName=laravel" - -### Nginx Server Container ################################## - - nginx: - build: - context: ./nginx - args: - - PHP_UPSTREAM=php-fpm - volumes_from: - - volumes_source - volumes: - - ./logs/nginx/:/var/log/nginx - ports: - - "80:80" - - "443:443" - links: - - php-fpm - -### Apache Server Container ################################## - - apache2: - build: - context: ./apache2 - args: - - PHP_SOCKET="php-fpm:9000" - volumes_from: - - volumes_source - volumes: - - ./logs/apache2:/var/log/apache2 - ports: - - "80:80" - - "443:443" - links: - - php-fpm - -### HHVM Container ########################################## - - hhvm: - build: ./hhvm - volumes_from: - - volumes_source - expose: - - "9000" - links: - - workspace - -### MySQL Container ######################################### - - mysql: - build: ./mysql - volumes_from: - - volumes_data - ports: - - "3306:3306" - environment: - MYSQL_DATABASE: homestead - MYSQL_USER: homestead - MYSQL_PASSWORD: secret - MYSQL_ROOT_PASSWORD: root - -### PostgreSQL Container #################################### - - postgres: - build: ./postgres - volumes_from: - - volumes_data - ports: - - "5432:5432" - environment: - POSTGRES_DB: homestead - POSTGRES_USER: homestead - POSTGRES_PASSWORD: secret - -### MariaDB Container ####################################### - - mariadb: - build: ./mariadb - volumes_from: - - volumes_data - ports: - - "3306:3306" - environment: - MYSQL_DATABASE: homestead - MYSQL_USER: homestead - MYSQL_PASSWORD: secret - MYSQL_ROOT_PASSWORD: root - -### Neo4j Container ######################################### - - neo4j: - build: ./neo4j - ports: - - "7474:7474" - - "1337:1337" - environment: - - NEO4J_AUTH=homestead:secret - volumes_from: - - volumes_data - -### MongoDB Container ####################################### - - mongo: - build: ./mongo - ports: - - "27017:27017" - volumes_from: - - volumes_data - -### Redis Container ######################################### - - redis: - build: ./redis - volumes_from: - - volumes_data - ports: - - "6379:6379" - -### Aerospike c Container ######################################### - - aerospike: - build: ./aerospike - volumes_from: - - workspace - - volumes_data - ports: - - "3000:3000" - - "3001:3001" - - "3002:3002" - - "3003:3003" - - -### Memcached Container ##################################### - - memcached: - build: ./memcached - volumes_from: - - volumes_data - ports: - - "11211:11211" - links: - - php-fpm - -### Beanstalkd Container #################################### - - beanstalkd: - build: ./beanstalkd - ports: - - "11300:11300" - privileged: true - links: - - php-fpm - -### RabbitMQ Container #################################### - - rabbitmq: - build: ./rabbitmq - ports: - - "5672:5672" - - "15671:15671" - - "8080:15672" - privileged: true - environment: - RABBITMQ_DEFAULT_USER: guest - RABBITMQ_DEFAULT_PASS: guest - links: - - php-fpm - -### Beanstalkd Console Container ############################ - - beanstalkd-console: - build: ./beanstalkd-console - ports: - - "2080:2080" - links: - - beanstalkd - -### Caddy Server Container ################################## - - caddy: - build: ./caddy - volumes_from: - - volumes_source - - volumes_data - ports: - - "80:80" - - "443:443" - - "2015:2015" - volumes: - - ./caddy/Caddyfile:/etc/Caddyfile - - ./logs/caddy:/var/log/caddy - links: - - php-fpm - -### phpMyAdmin Container ################################## - - phpmyadmin: - build: ./phpmyadmin - environment: - PMA_ARBITRARY: 1 - MYSQL_USER: homestead - MYSQL_PASSWORD: secret - MYSQL_ROOT_PASSWORD: root - volumes_from: - - volumes_data - ports: - - "8080:80" - links: - # for mysql container - - "mysql:db" - # for mariadb container - # - "mariadb:db" - -### pgAdmin Container ################################## - - pgadmin: - build: ./pgadmin - ports: - - "5050:5050" - links: - - postgres - -### ElasticSearch Container ################################## - - elasticsearch: - build: ./elasticsearch - volumes_from: - - volumes_data - ports: - - "9200:9200" - - "9300:9300" - links: - - php-fpm - -### Laravel Application Code Container ###################### - - volumes_source: - image: tianon/true - volumes: - - ../:/var/www/laravel - - -### Databases Data Container ################################ - - volumes_data: - image: tianon/true - volumes: - - ./data/mysql:/var/lib/mysql - - ./data/postgres:/var/lib/postgresql/data - - ./data/memcached:/var/lib/memcached - - ./data/redis:/data - - ./data/neo4j:/var/lib/neo4j/data - - ./data/mongo:/data/db - - ./data/aerospike:/opt/aerospike/data - - ./data/sessions:/sessions - - ./data/caddy:/root/.caddy - - ./data/elasticsearch/data:/usr/share/elasticsearch/data - -### Add more Containers below ############################### diff --git a/compose/lnmp-stack-compose.yml b/compose/lnmp-stack-compose.yml deleted file mode 100755 index cbb3cd33..00000000 --- a/compose/lnmp-stack-compose.yml +++ /dev/null @@ -1,53 +0,0 @@ -version: '2' - -services: - - mysql: - container_name: mysql - image: daocloud.io/library/mysql:5.6 - restart: always - expose: - - "3306" - ports: - - "3306:3306" - volumes: - - ../docker-compose_data/mysql/data:/data - - ../docker-compose_data/mysql/var-lib-mysql:/var/lib/mysql - working_dir: /data - environment: - - MYSQL_ROOT_PASSWORD=root - - TZ=Asia/Shanghai - restart: always - - php-fpm: - container_name: php-fpm - image: gengxiankun/php:7.1-latest - restart: always - expose: - - "9000" - volumes: - - ../docker-compose_data/php-fpm/www:/www - - ../docker-compose_data/php-fpm/log:/var/log/php-fpm - environment: - - TZ=Asia/Shanghai - working_dir: /www - links: - - mysql:mysql - - nginx: - container_name: nginx - image: gengxiankun/nginx:openresty-latest - restart: always - ports: - - "80:80" - - "443:443" - volumes: - - ../docker-compose_data/nginx/conf.d:/etc/nginx/conf.d - volumes_from: - - php-fpm - working_dir: /etc/nginx/conf.d - environment: - - TZ=Asia/Shanghai - links: - - mysql:mysql - - php-fpm:php-fpm diff --git a/compose/logstash.yml b/compose/logstash.yml deleted file mode 100644 index c76e8707..00000000 --- a/compose/logstash.yml +++ /dev/null @@ -1,9 +0,0 @@ -version: '2' - -services: - logstash: - image: docker.elastic.co/logstash/logstash:6.4.3 - ports: - - 5044:5044 - volumes: - - ../docker-compose_data/logstash/:/usr/share/logstash/pipeline/ diff --git a/compose/metricbeat.yml b/compose/metricbeat.yml deleted file mode 100644 index 28607002..00000000 --- a/compose/metricbeat.yml +++ /dev/null @@ -1,12 +0,0 @@ -version: '2' - -services: - metricbeat: - image: docker.elastic.co/beats/metricbeat:6.4.3 - user: root - container_name: metricbeat - environment: - - setup.kibana.host= - - output.elasticsearch.hosts=["elasticsearch:9200"] - volumes: - - /var/run/docker.sock:/var/run/docker.sock:ro \ No newline at end of file diff --git a/compose/nginx-lua-compose.yml b/compose/nginx-lua-compose.yml deleted file mode 100755 index bca2f663..00000000 --- a/compose/nginx-lua-compose.yml +++ /dev/null @@ -1,50 +0,0 @@ -version: '2' - -services: - - mysql: - container_name: mysql - image: daocloud.io/library/mysql - restart: always - expose: - - "3306" - ports: - - "3306:3306" - volumes: - - ../docker-compose_data/mysql/data:/data - - ../docker-compose_data/mysql/var-lib-mysql:/var/lib/mysql - working_dir: /data - environment: - - MYSQL_ROOT_PASSWORD=root - - TZ=Asia/Shanghai - restart: always - - redis: - container_name: redis - image: daocloud.io/library/redis - restart: always - expose: - - "6379" - ports: - - "6379:6379" - volumes: - - ../docker-compose_data/redis/var_lib_redis:/data - - ../docker-compose_data/redis/data:/data - command: redis-server --appendonly yes - - nginx: - container_name: nginx - build: ../openresty/ - restart: always - ports: - - "80:80" - - "443:443" - volumes: - - ../docker-compose_data/nginx/conf.d:/etc/nginx/conf.d - - ../docker-compose_data/nginx/library:/opt/openresty/library - working_dir: /etc/nginx/conf.d - environment: - - TZ=Asia/Shanghai - links: - - mysql:mysql - - redis:redis \ No newline at end of file diff --git a/compose/simplify.yml b/compose/simplify.yml deleted file mode 100644 index c680fff6..00000000 --- a/compose/simplify.yml +++ /dev/null @@ -1,58 +0,0 @@ -version: '3' - -services: - cgi: - container_name: cgi - build: ./docker/files/cgi - tty: true - restart: always - expose: - - "9000" - volumes: - - ./www:/data/www - - ./docker/log/cgi:/var/log/php-fpm - depends_on: - - mysql - - redis - links: - - mysql:mysql - - redis:redis - proxy: - container_name: proxy - build: ./docker/files/proxy - tty: true - restart: always - ports: - - "80:80" - - "443:443" - volumes: - - ./www:/data/www - - ./docker/config/proxy/conf.d:/etc/nginx/conf.d - - ./docker/log/proxy:/var/log/nginx - depends_on: - - cgi - links: - - cgi - mysql: - container_name: mysql - image: daocloud.io/library/mysql:5.6 - restart: always - expose: - - "3306" - ports: - - "3306:3306" - volumes: - - ./docker/data/mysql:/var/lib/mysql - environment: - - MYSQL_ROOT_PASSWORD=root - redis: - container_name: redis - image: daocloud.io/library/redis - restart: always - expose: - - "6379" - ports: - - "6379:6379" - volumes: - - ./docker/data/redis:/data - command: redis-server --appendonly yes \ No newline at end of file diff --git a/dockenv b/dockenv index 9ee77ddb..0ff945ec 100755 --- a/dockenv +++ b/dockenv @@ -15,6 +15,7 @@ START_TIME=$(date +%s) # http://hub-mirror.c.163.com # docker.mirrors.ustc.edu.cn # https://mirror.baidubce.com +# https://mirror.ccs.tencentyun.com # lnmp # php 5.6 7.2 7.3 7.4 8 @@ -58,6 +59,24 @@ IMAGE_PATH=${CUR_PATH}/images source .env +for denv in $* ;do + [[ "$(echo $denv | grep '\-\-registry\-prefix=')" ]] && DOCKER_REGISTRY_PREFIX=$(echo $denv | awk -F '=' '{print $2}') + [[ "$(echo $denv | grep '\-\-with=github')" ]] && ENABLE_GITHUB_REGISTRY=true + [[ "$(echo $denv | grep '\-\-with=coding')" ]] && ENABLE_CODING_REGISTRY=true + [[ "$(echo $denv | grep '\-\-with=baidu')" ]] && ENABLE_BAIDU_REGISTRY=true + [[ "$(echo $denv | grep '\-\-with=huawei')" ]] && ENABLE_HUAWEI_REGISTRY=true + [[ "$(echo $denv | grep '\-\-with=aliyun')" ]] && ENABLE_ALIYUN_REGISTRY=true + [[ "$(echo $denv | grep '\-\-with=tencent')" ]] && ENABLE_TENCENT_REGISTRY=true + [[ "$(echo $denv | grep '\-\-with=gitlab')" ]] && ENABLE_GITLAB_REGISTRY=true + [[ "$(echo $denv | grep '\-\-with=quay')" ]] && ENABLE_QUAY_REGISTRY=true + [[ "$(echo $denv | grep '\-\-with=gcr')" ]] && ENABLE_GCR_REGISTRY=true + [[ "$(echo $denv | grep '\-\-with=gar')" ]] && ENABLE_GAR_REGISTRY=true + [[ "$(echo $denv | grep '\-\-with=azure')" ]] && ENABLE_AZURE_REGISTRY=true + [[ "$(echo $denv | grep '\-\-with=ucloud')" ]] && ENABLE_UCLOUD_REGISTRY=true + [[ "$(echo $denv | grep '\-\-with=amazon')" ]] && ENABLE_AMAZON_REGISTRY=true + [[ "$(echo $denv | grep '\-\-with=ecr')" ]] && ENABLE_ECR_REGISTRY=true +done + _red() { printf '\033[1;31;31m%b\033[0m' "$1" } @@ -97,16 +116,25 @@ do_build() cd ${IMAGE_PATH} if [[ -d "$NAME" ]]; then if [[ -z "${VERSION}" ]]; then - cd ${NAME} - DOCKER_BUILDKIT=0 - CMD="docker build --progress plain --no-cache -t ${DOCKER_REGISTRY_PREFIX}/${NAME}:latest ." - ${CMD} - else - cd ${NAME}/${VERSION} - DOCKER_BUILDKIT=0 - CMD="docker build --progress plain --no-cache -t ${DOCKER_REGISTRY_PREFIX}/${NAME}:$VERSION ." - ${CMD} + VERSION='latest' fi + cd ${NAME}/${VERSION} + DOCKER_BUILDKIT=0 + docker build --progress plain --no-cache -t ${DOCKER_REGISTRY_PREFIX}/${NAME}:$VERSION . + [[ -n "${ENABLE_GITHUB_REGISTRY}" ]] && docker tag ${DOCKER_REGISTRY_PREFIX}/${NAME}:$VERSION ${DOCKER_REGISTRY_GITHUB}/${NAME}:$VERSION + [[ -n "${ENABLE_CODING_REGISTRY}" ]] && docker tag ${DOCKER_REGISTRY_PREFIX}/${NAME}:$VERSION ${DOCKER_REGISTRY_CODING}/${NAME}:$VERSION + [[ -n "${ENABLE_BAIDU_REGISTRY}" ]] && docker tag ${DOCKER_REGISTRY_PREFIX}/${NAME}:$VERSION ${DOCKER_REGISTRY_BAIDU}/${NAME}:$VERSION + [[ -n "${ENABLE_HUAWEI_REGISTRY}" ]] && docker tag ${DOCKER_REGISTRY_PREFIX}/${NAME}:$VERSION ${DOCKER_REGISTRY_HUAWEI}/${NAME}:$VERSION + [[ -n "${ENABLE_ALIYUN_REGISTRY}" ]] && docker tag ${DOCKER_REGISTRY_PREFIX}/${NAME}:$VERSION ${DOCKER_REGISTRY_ALIYUN}/${NAME}:$VERSION + [[ -n "${ENABLE_TENCENT_REGISTRY}" ]] && docker tag ${DOCKER_REGISTRY_PREFIX}/${NAME}:$VERSION ${DOCKER_REGISTRY_TENCENT}/${NAME}:$VERSION + [[ -n "${ENABLE_GITLAB_REGISTRY}" ]] && docker tag ${DOCKER_REGISTRY_PREFIX}/${NAME}:$VERSION ${DOCKER_REGISTRY_GITLAB}/${NAME}:$VERSION + [[ -n "${ENABLE_QUAY_REGISTRY}" ]] && docker tag ${DOCKER_REGISTRY_PREFIX}/${NAME}:$VERSION ${DOCKER_REGISTRY_QUAY}/${NAME}:$VERSION + [[ -n "${ENABLE_GCR_REGISTRY}" ]] && docker tag ${DOCKER_REGISTRY_PREFIX}/${NAME}:$VERSION ${DOCKER_REGISTRY_GCR}/${NAME}:$VERSION + [[ -n "${ENABLE_GAR_REGISTRY}" ]] && docker tag ${DOCKER_REGISTRY_PREFIX}/${NAME}:$VERSION ${DOCKER_REGISTRY_GAR}/${NAME}:$VERSION + [[ -n "${ENABLE_AZURE_REGISTRY}" ]] && docker tag ${DOCKER_REGISTRY_PREFIX}/${NAME}:$VERSION ${DOCKER_REGISTRY_AZURE}/${NAME}:$VERSION + [[ -n "${ENABLE_UCLOUD_REGISTRY}" ]] && docker tag ${DOCKER_REGISTRY_PREFIX}/${NAME}:$VERSION ${DOCKER_REGISTRY_UCLOUD}/${NAME}:$VERSION + [[ -n "${ENABLE_AMAZON_REGISTRY}" ]] && docker tag ${DOCKER_REGISTRY_PREFIX}/${NAME}:$VERSION ${DOCKER_REGISTRY_AMAZON}/${NAME}:$VERSION + [[ -n "${ENABLE_ECR_REGISTRY}" ]] && docker tag ${DOCKER_REGISTRY_PREFIX}/${NAME}:$VERSION ${DOCKER_REGISTRY_RCR}/${NAME}:$VERSION fi } @@ -120,15 +148,47 @@ do_builds() cd ${NAME} for ver in $(ls); do VERSION="${ver}" - cd "${IMAGE_PATH}/${NAME}/${VERSION}" - do_build build ${NAME} ${VERSION} - _info "${NAME}:${VERSION} Build Complete" - # CMD="docker build --no-cache -t ${DOCKER_REGISTRY_PREFIX}/${NAME}:$VERSION ." - # echo ${CMD} + if [[ -f "${IMAGE_PATH}/${NAME}/${VERSION}/Dockerfile" ]]; then + cd "${IMAGE_PATH}/${NAME}/${VERSION}" + do_build build ${NAME} ${VERSION} + _info "${NAME}:${VERSION} Build Complete" + # CMD="docker build --no-cache -t ${DOCKER_REGISTRY_PREFIX}/${NAME}:$VERSION ." + fi done fi } +# Push Images to Registry +do_push() +{ + NAME=$2 + VERSION=$3 + cd ${IMAGE_PATH} + if [[ -d "$NAME" ]]; then + cd ${NAME}/${VERSION} + if [[ -z "${VERSION}" ]]; then + VERSION='latest' + fi + + [[ -n "${ENABLE_GITHUB_REGISTRY}" ]] && docker push ${DOCKER_REGISTRY_GITHUB}/${NAME}:$VERSION + [[ -n "${ENABLE_CODING_REGISTRY}" ]] && docker push ${DOCKER_REGISTRY_CODING}/${NAME}:$VERSION + [[ -n "${ENABLE_BAIDU_REGISTRY}" ]] && docker push ${DOCKER_REGISTRY_BAIDU}/${NAME}:$VERSION + [[ -n "${ENABLE_HUAWEI_REGISTRY}" ]] && docker push ${DOCKER_REGISTRY_HUAWEI}/${NAME}:$VERSION + [[ -n "${ENABLE_ALIYUN_REGISTRY}" ]] && docker push ${DOCKER_REGISTRY_ALIYUN}/${NAME}:$VERSION + [[ -n "${ENABLE_TENCENT_REGISTRY}" ]] && docker push ${DOCKER_REGISTRY_TENCENT}/${NAME}:$VERSION + [[ -n "${ENABLE_GITLAB_REGISTRY}" ]] && docker push ${DOCKER_REGISTRY_GITLAB}/${NAME}:$VERSION + [[ -n "${ENABLE_QUAY_REGISTRY}" ]] && docker push ${DOCKER_REGISTRY_QUAY}/${NAME}:$VERSION + [[ -n "${ENABLE_GCR_REGISTRY}" ]] && docker push ${DOCKER_REGISTRY_GCR}/${NAME}:$VERSION + [[ -n "${ENABLE_GAR_REGISTRY}" ]] && docker push ${DOCKER_REGISTRY_GAR}/${NAME}:$VERSION + [[ -n "${ENABLE_AZURE_REGISTRY}" ]] && docker push ${DOCKER_REGISTRY_AZURE}/${NAME}:$VERSION + [[ -n "${ENABLE_UCLOUD_REGISTRY}" ]] && docker push ${DOCKER_REGISTRY_UCLOUD}/${NAME}:$VERSION + [[ -n "${ENABLE_AMAZON_REGISTRY}" ]] && docker push ${DOCKER_REGISTRY_AMAZON}/${NAME}:$VERSION + [[ -n "${ENABLE_ECR_REGISTRY}" ]] && docker push ${DOCKER_REGISTRY_RCR}/${NAME}:$VERSION + + docker push ${DOCKER_REGISTRY_PREFIX}/${NAME}:$VERSION + fi +} + # 批量上传 do_pushs() { @@ -139,9 +199,11 @@ do_pushs() cd ${NAME} for ver in $(ls); do VERSION="${ver}" - cd "${IMAGE_PATH}/${NAME}/${VERSION}" - do_push push ${NAME} ${VERSION} - _info "${NAME}:${VERSION} Push Complete" + if [[ -f "${IMAGE_PATH}/${NAME}/${VERSION}/Dockerfile" ]]; then + cd "${IMAGE_PATH}/${NAME}/${VERSION}" + do_push push ${NAME} ${VERSION} + _info "${NAME}:${VERSION} Push Complete" + fi done fi } @@ -165,23 +227,6 @@ do_run() echo '' } -# Push Images to Registry -do_push() -{ - NAME=$2 - VERSION=$3 - cd ${IMAGE_PATH} - if [[ -d "$NAME" ]]; then - cd ${NAME}/${VERSION} - if [[ -z "${VERSION}" ]]; then - VERSION='latest' - fi - - CMD="docker push ${DOCKER_REGISTRY_PREFIX}/${NAME}:$VERSION" - ${CMD} - fi -} - do_login() { case $1 in @@ -191,13 +236,32 @@ do_login() 'coding') docker login -u -p cloudflying-docker.pkg.coding.net ;; - 'aliyun') + # 阿里云香港 + 'aliyun-hk') docker login -u -p registry.cn-hongkong.aliyuncs.com ;; + # 默认广州节点 'tencent') docker login -u -p ccr.ccs.tencentyun.com ;; - *) echo 'Unknow Platform' + 'tencent-sg') + docker login -u -p sgccr.ccs.tencentyun.com + ;; + 'tencent-hk') + docker login -u -p hkccr.ccs.tencentyun.com + ;; + 'tencent-kr') + docker login -u -p krccr.ccs.tencentyun.com + ;; + 'tencent-jp') + docker login -u -p jpccr.ccs.tencentyun.com + ;; + # 美西硅谷 + 'tencent-usw') + docker login -u -p uswccr.ccs.tencentyun.com + ;; + *) + echo 'Unknow Platform' ;; esac } @@ -206,9 +270,13 @@ usage() { echo " Docker Env Build Tool /-----------------------------------\\ -| build image name tag | -| push image name tag | -| pull image name tag | +| build image name tag +| push image name tag +| pull image name tag +| login login to registry ,avaiable platform : baidu coding aliyun-hk tencent tencent-hk tencent-sg tencent-kr tencent-jp tencent-usw (silicon valley) +| +|Params: +| --registry-prefix set docker prefix, example : docker.com/user \\-----------------------------------/" } diff --git "a/docs/\345\246\202\344\275\225\346\226\260\345\273\272\344\270\200\344\270\252\347\253\231\347\202\271.md" b/docs/add-sites.md similarity index 100% rename from "docs/\345\246\202\344\275\225\346\226\260\345\273\272\344\270\200\344\270\252\347\253\231\347\202\271.md" rename to docs/add-sites.md diff --git "a/docs/\345\246\202\344\275\225\345\256\211\350\243\205swoole\346\211\251\345\261\225.md" "b/docs/\345\246\202\344\275\225\345\256\211\350\243\205swoole\346\211\251\345\261\225.md" deleted file mode 100644 index ae1aa9d5..00000000 --- "a/docs/\345\246\202\344\275\225\345\256\211\350\243\205swoole\346\211\251\345\261\225.md" +++ /dev/null @@ -1,33 +0,0 @@ -# 如何安装swoole扩展 - -#### 如何安装swoole扩展 - -```shell -# 进入PHP容器 -[root@localhost Docker-LNMP]# docker exec -it cgi bash - -# 解决gcc版本过低的问题 -yum -y install centos-release-scl -yum -y install devtoolset-7 -scl enable devtoolset-7 bash - -# 下载、安装 -wget https://github.com/swoole/swoole-src/archive/v4.2.1.tar.gz &&\ - tar -zxvf v4.2.1.tar.gz &&\ - cd swoole-src-4.2.1 &&\ - phpize &&\ - ./configure &&\ - make && make install &&\ - sed -i '$a \\n[swoole]\nextension=swoole.so' /etc/php.ini &&\ -cd ../ && rm -rf v4.2.1.tar.gz swoole-src-4.2.1 - -# 退出PHP容器 -[root@510d01c199f5 /]# exit -exit - -# 重启PHP容器 -[root@localhost Docker-LNMP]# docker restart cgi -``` - -![swoole](https://raw.githubusercontent.com/duiying/img/master/swoole.png) - diff --git "a/docs/\345\246\202\344\275\225\345\256\211\350\243\205yaf\346\211\251\345\261\225.md" "b/docs/\345\246\202\344\275\225\345\256\211\350\243\205yaf\346\211\251\345\261\225.md" deleted file mode 100644 index 9f85c160..00000000 --- "a/docs/\345\246\202\344\275\225\345\256\211\350\243\205yaf\346\211\251\345\261\225.md" +++ /dev/null @@ -1,27 +0,0 @@ -# 如何安装yaf扩展 - -#### 安装yaf扩展 - -```shell -# 进入PHP容器 -[root@localhost Docker-LNMP]# docker exec -it cgi bash - -# 下载、安装 -wget http://pecl.php.net/get/yaf-3.0.8.tgz &&\ - tar -zxvf yaf-3.0.8.tgz &&\ - cd yaf-3.0.8 &&\ - phpize &&\ - ./configure &&\ - make && make install &&\ - sed -i '$a \\n[yaf]\nextension=yaf.so\nyaf.environ=product' /etc/php.ini &&\ -cd ../ && rm -rf yaf-3.0.8.tgz yaf-3.0.8 - -# 退出PHP容器 -[root@510d01c199f5 /]# exit -exit - -# 重启PHP容器 -[root@localhost Docker-LNMP]# docker restart cgi -``` - -![yaf](https://raw.githubusercontent.com/duiying/img/master/yaf.png) diff --git a/images/aerospike/Dockerfile b/images/aerospike/Dockerfile deleted file mode 100644 index 16dd5bbe..00000000 --- a/images/aerospike/Dockerfile +++ /dev/null @@ -1,8 +0,0 @@ -FROM alpine:edge -LABEL maintainer="Mahmoud Zalt " - -RUN apk add --no-cache beanstalkd - -EXPOSE 11300 -# /etc/aerospike/aerospike.conf -ENTRYPOINT ["/usr/bin/beanstalkd"] \ No newline at end of file diff --git a/images/aerospike/ce-5.3/Dockerfile b/images/aerospike/ce-5.3/Dockerfile new file mode 100644 index 00000000..6ea084f2 --- /dev/null +++ b/images/aerospike/ce-5.3/Dockerfile @@ -0,0 +1,9 @@ +FROM aerospike:ce-5.3.0.16 +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +EXPOSE 3000 3001 3002 + +ENTRYPOINT ["/usr/bin/dumb-init", "--", "/entrypoint.sh"] + +CMD ["asd"] diff --git a/images/aerospike/ce-5.4/Dockerfile b/images/aerospike/ce-5.4/Dockerfile new file mode 100644 index 00000000..e3b828b9 --- /dev/null +++ b/images/aerospike/ce-5.4/Dockerfile @@ -0,0 +1,9 @@ +FROM aerospike:ce-5.4.0.11 +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +EXPOSE 3000 3001 3002 + +ENTRYPOINT ["/usr/bin/dumb-init", "--", "/entrypoint.sh"] + +CMD ["asd"] diff --git a/images/aerospike/ce-5.5/Dockerfile b/images/aerospike/ce-5.5/Dockerfile new file mode 100644 index 00000000..99b6704d --- /dev/null +++ b/images/aerospike/ce-5.5/Dockerfile @@ -0,0 +1,9 @@ +FROM aerospike:ce-5.5.0.9 +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +EXPOSE 3000 3001 3002 + +ENTRYPOINT ["/usr/bin/dumb-init", "--", "/entrypoint.sh"] + +CMD ["asd"] diff --git a/images/aerospike/ce-5.6/Dockerfile b/images/aerospike/ce-5.6/Dockerfile new file mode 100644 index 00000000..a55c2a16 --- /dev/null +++ b/images/aerospike/ce-5.6/Dockerfile @@ -0,0 +1,9 @@ +FROM aerospike:ce-5.6.0.13 +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +EXPOSE 3000 3001 3002 + +ENTRYPOINT ["/usr/bin/dumb-init", "--", "/entrypoint.sh"] + +CMD ["asd"] diff --git a/images/aerospike/ce-5.7/Dockerfile b/images/aerospike/ce-5.7/Dockerfile new file mode 100644 index 00000000..507becba --- /dev/null +++ b/images/aerospike/ce-5.7/Dockerfile @@ -0,0 +1,9 @@ +FROM aerospike:ce-5.7.0.8 +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +EXPOSE 3000 3001 3002 + +ENTRYPOINT ["/usr/bin/dumb-init", "--", "/entrypoint.sh"] + +CMD ["asd"] diff --git a/images/aerospike/ee-5.3/Dockerfile b/images/aerospike/ee-5.3/Dockerfile new file mode 100644 index 00000000..21ba8ef8 --- /dev/null +++ b/images/aerospike/ee-5.3/Dockerfile @@ -0,0 +1,9 @@ +FROM aerospike:ee-5.3.0.16 +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +EXPOSE 3000 3001 3002 + +ENTRYPOINT ["/usr/bin/dumb-init", "--", "/entrypoint.sh"] + +CMD ["asd"] diff --git a/images/aerospike/ee-5.4/Dockerfile b/images/aerospike/ee-5.4/Dockerfile new file mode 100644 index 00000000..2657799b --- /dev/null +++ b/images/aerospike/ee-5.4/Dockerfile @@ -0,0 +1,9 @@ +FROM aerospike:ee-5.4.0.11 +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +EXPOSE 3000 3001 3002 + +ENTRYPOINT ["/usr/bin/dumb-init", "--", "/entrypoint.sh"] + +CMD ["asd"] diff --git a/images/aerospike/ee-5.5/Dockerfile b/images/aerospike/ee-5.5/Dockerfile new file mode 100644 index 00000000..2e97061e --- /dev/null +++ b/images/aerospike/ee-5.5/Dockerfile @@ -0,0 +1,9 @@ +FROM aerospike:ee-5.5.0.9 +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +EXPOSE 3000 3001 3002 + +ENTRYPOINT ["/usr/bin/dumb-init", "--", "/entrypoint.sh"] + +CMD ["asd"] diff --git a/images/aerospike/ee-5.6/Dockerfile b/images/aerospike/ee-5.6/Dockerfile new file mode 100644 index 00000000..512d1e33 --- /dev/null +++ b/images/aerospike/ee-5.6/Dockerfile @@ -0,0 +1,9 @@ +FROM aerospike:ee-5.6.0.13 +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +EXPOSE 3000 3001 3002 + +ENTRYPOINT ["/usr/bin/dumb-init", "--", "/entrypoint.sh"] + +CMD ["asd"] diff --git a/images/aerospike/ee-5.7/Dockerfile b/images/aerospike/ee-5.7/Dockerfile new file mode 100644 index 00000000..ebc79be3 --- /dev/null +++ b/images/aerospike/ee-5.7/Dockerfile @@ -0,0 +1,9 @@ +FROM aerospike:ee-5.7.0.8 +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +EXPOSE 3000 3001 3002 + +ENTRYPOINT ["/usr/bin/dumb-init", "--", "/entrypoint.sh"] + +CMD ["asd"] diff --git a/images/aerospike/latest/Dockerfile b/images/aerospike/latest/Dockerfile new file mode 100644 index 00000000..7d123063 --- /dev/null +++ b/images/aerospike/latest/Dockerfile @@ -0,0 +1,11 @@ +FROM aerospike:latest +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +COPY aerospike.conf /etc/aerospike/aerospike.conf + +EXPOSE 3000 3001 3002 + +ENTRYPOINT ["/usr/bin/dumb-init", "--", "/entrypoint.sh"] + +CMD ["asd"] diff --git a/images/aerospike/aerospike.conf b/images/aerospike/latest/aerospike.conf similarity index 100% rename from images/aerospike/aerospike.conf rename to images/aerospike/latest/aerospike.conf diff --git a/images/alinux/2/Dockerfile b/images/alinux/2/Dockerfile new file mode 100644 index 00000000..017660a6 --- /dev/null +++ b/images/alinux/2/Dockerfile @@ -0,0 +1,3 @@ +FROM alibaba-cloud-linux-2-registry.cn-hangzhou.cr.aliyuncs.com/alinux2/alinux2:latest + +CMD [ "bash" ] diff --git a/images/alinux/3/Dockerfile b/images/alinux/3/Dockerfile new file mode 100644 index 00000000..7f6f14b1 --- /dev/null +++ b/images/alinux/3/Dockerfile @@ -0,0 +1,3 @@ +FROM alibaba-cloud-linux-3-registry.cn-hangzhou.cr.aliyuncs.com/alinux3/alinux3:latest + +CMD [ "bash" ] diff --git a/images/alpine/3.10/Dockerfile b/images/alpine/3.10/Dockerfile index ad3091f1..c1ddd6ea 100644 --- a/images/alpine/3.10/Dockerfile +++ b/images/alpine/3.10/Dockerfile @@ -2,7 +2,6 @@ FROM alpine:3.10 LABEL MAINTAINER="Cloudflying" \ MAIL="" -RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \ - && echo 'nameserver 8.8.8.8' > /etc/resolv.conf +RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories CMD [ "/bin/sh" ] diff --git a/images/alpine/3.11/Dockerfile b/images/alpine/3.11/Dockerfile index 24c03851..f1d2cfe8 100644 --- a/images/alpine/3.11/Dockerfile +++ b/images/alpine/3.11/Dockerfile @@ -2,7 +2,6 @@ FROM alpine:3.11 LABEL MAINTAINER="Cloudflying" \ MAIL="" -RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \ - && echo 'nameserver 8.8.8.8' > /etc/resolv.conf +RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories CMD [ "/bin/sh" ] diff --git a/images/alpine/3.12/Dockerfile b/images/alpine/3.12/Dockerfile index 2189a150..df1c99bd 100644 --- a/images/alpine/3.12/Dockerfile +++ b/images/alpine/3.12/Dockerfile @@ -2,7 +2,6 @@ FROM alpine:3.12 LABEL MAINTAINER="Cloudflying" \ MAIL="" -RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \ - && echo 'nameserver 8.8.8.8' > /etc/resolv.conf +RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories CMD [ "/bin/sh" ] diff --git a/images/alpine/3.13/Dockerfile b/images/alpine/3.13/Dockerfile index a533cb8f..a429689b 100644 --- a/images/alpine/3.13/Dockerfile +++ b/images/alpine/3.13/Dockerfile @@ -2,7 +2,6 @@ FROM alpine:3.13 LABEL MAINTAINER="Cloudflying" \ MAIL="" -RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \ - && echo 'nameserver 223.5.5.5' > /etc/resolv.conf +RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories CMD [ "/bin/sh" ] diff --git a/images/alpine/3.14/Dockerfile b/images/alpine/3.14/Dockerfile new file mode 100644 index 00000000..b982bbfe --- /dev/null +++ b/images/alpine/3.14/Dockerfile @@ -0,0 +1,7 @@ +FROM alpine:3.14 +LABEL MAINTAINER="Cloudflying" \ + MAIL="" + +RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories + +CMD [ "/bin/sh" ] diff --git a/images/alpine/3.7/Dockerfile b/images/alpine/3.7/Dockerfile index 2bbb1a2b..23327968 100644 --- a/images/alpine/3.7/Dockerfile +++ b/images/alpine/3.7/Dockerfile @@ -2,7 +2,6 @@ FROM alpine:3.7 LABEL MAINTAINER="Cloudflying" \ MAIL="" -RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \ - && echo 'nameserver 8.8.8.8' > /etc/resolv.conf +RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories CMD [ "/bin/sh" ] diff --git a/images/alpine/3.8/Dockerfile b/images/alpine/3.8/Dockerfile index 3f4734fd..1cd66fae 100644 --- a/images/alpine/3.8/Dockerfile +++ b/images/alpine/3.8/Dockerfile @@ -2,7 +2,6 @@ FROM alpine:3.8 LABEL MAINTAINER="Cloudflying" \ MAIL="" -RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \ - && echo 'nameserver 8.8.8.8' > /etc/resolv.conf +RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories CMD [ "/bin/sh" ] diff --git a/images/alpine/3.9/Dockerfile b/images/alpine/3.9/Dockerfile index be17a98c..760b4a1a 100644 --- a/images/alpine/3.9/Dockerfile +++ b/images/alpine/3.9/Dockerfile @@ -2,7 +2,6 @@ FROM alpine:3.9 LABEL MAINTAINER="Cloudflying" \ MAIL="" -RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \ - && echo 'nameserver 8.8.8.8' > /etc/resolv.conf +RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories CMD [ "/bin/sh" ] diff --git a/images/alpine/edge/Dockerfile b/images/alpine/edge/Dockerfile index 3fb3ed12..a6f2aac1 100644 --- a/images/alpine/edge/Dockerfile +++ b/images/alpine/edge/Dockerfile @@ -2,7 +2,6 @@ FROM alpine:edge LABEL MAINTAINER="Cloudflying" \ MAIL="" -RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \ - && echo 'nameserver 8.8.8.8' > /etc/resolv.conf +RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories CMD [ "/bin/sh" ] diff --git a/images/archlinux/latest/Dockerfile b/images/archlinux/latest/Dockerfile index 400b3f7b..ff187a6e 100644 --- a/images/archlinux/latest/Dockerfile +++ b/images/archlinux/latest/Dockerfile @@ -10,7 +10,7 @@ ENV PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" \ LC_MEASUREMENT='en_US.UTF-8' \ TZ='Asia/Shanghai' -RUN echo "Server = https://mirrors.aliyun.com/archlinux/\$repo/os/\$arch" > /etc/pacman.d/mirrorlist\ +RUN echo "Server = https://mirrors.aliyun.com/archlinux/\$repo/os/\$arch" > /etc/pacman.d/mirrorlist \ && rm -fr /etc/localtime \ && ln --symbolic "/usr/share/zoneinfo/${TZ}" /etc/localtime \ && echo "Asia/Shanghai" > /etc/timezone diff --git a/images/beanstalkd/1.12/Dockerfile b/images/beanstalkd/1.12/Dockerfile new file mode 100644 index 00000000..804e38e2 --- /dev/null +++ b/images/beanstalkd/1.12/Dockerfile @@ -0,0 +1,12 @@ +FROM registry.cn-hongkong.aliyuncs.com/imxieke/alpine:3.14 + +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +RUN apk add --no-cache beanstalkd + +VOLUME /var/lib/beanstalkd/data + +EXPOSE 11300 + +CMD ["/usr/bin/beanstalkd"] diff --git a/images/beanstalkd/Dockerfile b/images/beanstalkd/Dockerfile deleted file mode 100644 index ea1f87a8..00000000 --- a/images/beanstalkd/Dockerfile +++ /dev/null @@ -1,16 +0,0 @@ -FROM phusion/baseimage:latest - -MAINTAINER Mahmoud Zalt - -ENV DEBIAN_FRONTEND noninteractive -ENV PATH /usr/local/rvm/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin - -RUN apt-get update -RUN apt-get install -y beanstalkd -RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* - -VOLUME /var/lib/beanstalkd/data - -EXPOSE 11300 - -CMD ["/usr/bin/beanstalkd"] \ No newline at end of file diff --git a/images/beanstalkd/latest/Dockerfile b/images/beanstalkd/latest/Dockerfile new file mode 100644 index 00000000..804e38e2 --- /dev/null +++ b/images/beanstalkd/latest/Dockerfile @@ -0,0 +1,12 @@ +FROM registry.cn-hongkong.aliyuncs.com/imxieke/alpine:3.14 + +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +RUN apk add --no-cache beanstalkd + +VOLUME /var/lib/beanstalkd/data + +EXPOSE 11300 + +CMD ["/usr/bin/beanstalkd"] diff --git a/images/boxs/Dockerfile b/images/boxs/Dockerfile deleted file mode 100644 index 4768d6ac..00000000 --- a/images/boxs/Dockerfile +++ /dev/null @@ -1,51 +0,0 @@ -FROM registry.cn-hongkong.aliyuncs.com/imxieke/ubuntu:20.04 -LABEL MAINTAINER="Cloudflying" \ - MAIL="oss@live.hk" - -ADD script/bootstrap.sh /usr/bin/boxs -ADD conf.d/.zshrc /tmp/.zshrc - -# COPY ./unity/supervisor.conf /etc/supervisor/conf.d/ -# COPY ./unity/xsession ${HOME}/.xsession -# COPY ./unity/startup.sh /bin/startup.sh -# COPY ./unity/unity.sh ${SHELL_DIR}/ - -# ADD ./xfce/ $HOME/ -# ADD ./script $STARTUPDIR - -# ADD conf/.xinitrc /root/.xinitrc -# ADD conf/.ratpoisonrc /root/.ratpoisonrc -# ADD conf/.xsession /root/.xsession -# ADD conf/vnc/xstartup /root/.vnc/xstartup - -ENV USER="boxs" \ - PASSWD="boxs" \ - AUTHORIZED_KEYS='**None**' \ - HOME_DIR=/home/$USER \ - DEBIAN_FRONTEND=noninteractive \ - TERM=xterm \ - NO_VNC_HOME=/opt/noVNC \ - VNC_COL_DEPTH=24 \ - VNC_RESOLUTION=1360x768 \ - VNC_PW=boxs \ - VNC_VIEW_ONLY=false \ - DISPLAY=:1 \ - VNC_PORT=5901 \ - NO_VNC_PORT=6901 \ - NO_VNC_HOME=/home/ubuntu/.noVNC \ - INST_SCRIPTS=/home/ubuntu/install \ - STARTUPDIR=/startup - -RUN chmod +x /usr/bin/boxs && bash /usr/bin/boxs - -USER ${USER} -WORKDIR ${HOME_DIR} - -# VOLUME ['/var/www'] -# VOLUME ['/etc/nginx/conf.d/'] -EXPOSE 22 80 443 6080 ${VNC_PORT} ${NO_VNC_PORT} - -CMD ['/bin/zsh'] -CMD ["/bin/bash", "/bin/startup.sh"] -ENTRYPOINT ["/bin/bash", "/bin/startup.sh"] -CMD ["--wait"] diff --git a/images/boxs/README.md b/images/boxs/README.md index 0aaad35e..f44210e0 100644 --- a/images/boxs/README.md +++ b/images/boxs/README.md @@ -1,72 +1,91 @@ ## About +boxs -> xfce-base-xfce + +## Boxs +>> 一键开箱即用 PHP 开发环境, 后期增加其他环境 如 Python Go Node ... + +## Version +- latest + - cli version dev env +- xfce + - Ubuntu Xfce4 Desktop Version env +- xfce-arch + - Archlinux Xfce4 Desktop Version env +- sshd + - Pure Simple Ubuntu Env, No php Python and more env +- builder + - Archlinux Builder, only for build Archlinux Package + +## TODO +- 优化 Nginx Redis PHP Mysql Memcached Leveldb 环境 +- neovim oh-my-zsh 配置个人习惯 +- fix systemctl not work inside docker container +- xfconf-query -c xsettings -p /Net/ThemeName -s "Numix" +- xfconf-query -c xfwm4 -p /general/theme -s "Numix" +- xfce-theme-manager +- 配置 Neovim zsh 插件 + + +## AUR +- menulibre +- xfonts-wqy +- xfonts-75dpi xfonts-scalable xfonts-cyrillic fonts-mononoki +- ttf-ubuntu-font-family xfonts-base xfonts-100dpi +- rar p7zip-full p7zip-rar +- qdirstat +- kazam + +## Create AUR +- chromium-codecs-ffmpeg +- chromium-browser-l10n + +## pkgs + +ubuntu-kylin-software-center +unity-tweak-tool +/opt/google/chrome/chrome --user-data-dir=/root --window-position=0,0 --window-size=1366,748 --force-device-scale-factor=1 --no-default-browser-check --no-first-run --disable-translate +## Cli Apps +- linuxbrew + +## Desktop App +- elementary/appcenter +- https://github.com/elementary-tweaks/elementary-tweaks + +## 拆包查看文件 +ukui-themes + +## Sound +``` +#set ALSA sound to HDMI output +sudo amixer cset numid=3 2 +sudo amixer cset numid=1 100% + +# run applications in the background + +echo "starting pulseaudio ..." +sudo pulseaudio --system --high-priority --no-cpu-limit -v -L 'module-alsa-sink device=plughw:0,1' >/dev/null 2>&1 & + + +## Chrome +if [ -z "$ALSADEV" ]; then + zenity --error --text "To support audio, please read README.md and run container with --device /dev/snd -e ALSADEV=..." + exit 1 +fi + +exec /usr/bin/google-chrome --no-sandbox --alsa-output-device="$ALSADEV" "$@" + +``` + +## TODO +- 考虑将常用程序写在脚本内 使用时一键安装 +- anbox 找一个替代品 +- uengine ## Feature - Web Server - [Nginx](https://github.com/nginx/nginx) - [OpenRestry](https://github.com/openresty/openresty) -[Tengine](https://github.com/alibaba/tengine) -- Nginx Module - - https://github.com/arut/nginx-rtmp-module - - https://github.com/openresty/lua-nginx-module - - https://github.com/openresty/lua-upstream-nginx-module - - https://github.com/openresty/stream-lua-nginx-module - - https://github.com/openresty/meta-lua-nginx-module - - https://github.com/wandenberg/nginx-push-stream-module - - https://github.com/winshining/nginx-http-flv-module - - https://github.com/weibocom/nginx-upsync-module - - https://github.com/yaoweibin/nginx_tcp_proxy_module - - https://github.com/google/ngx_brotli - - https://github.com/kaltura/nginx-vod-module - - https://github.com/FRiCKLE/ngx_cache_purge - - https://github.com/chobits/ngx_http_proxy_connect_module - - https://github.com/fdintino/nginx-upload-module - - https://github.com/leev/ngx_http_geoip2_module - - https://github.com/FRiCKLE/ngx_postgres - - https://github.com/arut/nginx-ts-module - - https://github.com/arut/nginx-dav-ext-module - - https://github.com/rryqszq4/ngx_php7 - - https://github.com/oupula/ngx_image_thumb - - https://github.com/alibaba/nginx-tfs - - https://github.com/alibaba/nginx-http-sysguard - - https://github.com/evansun922/nginx-quic - - https://github.com/alibaba/nginx-http-user-agent - - https://github.com/winshining/nginx-http-flv-module - - https://github.com/arut/nginx-mtask-module - - https://github.com/rryqszq4/ngx_sqlite - - https://github.com/arut/nginx-dlna-module - - https://github.com/arut/nginx-mysql-hsock-module - - https://github.com/arut/nginx-let-module - - https://github.com/rryqszq4/ngx_python - - https://github.com/hongzhidao/nginx-upload-module - - https://github.com/alibaba/nginx-backtrace - - https://github.com/google/nginx-sxg-module - - https://github.com/FRiCKLE/ngx_supervisord - - https://github.com/alibaba/nginx-http-slice - - https://github.com/arut/nginx-mysql-module - - https://github.com/arut/nginx-python-module - - https://github.com/FRiCKLE/ngx_slowfs_cache - - https://github.com/replay/ngx_http_consistent_hash - - https://github.com/alibaba/nginx-http-footer-filter - - https://github.com/zls0424/ngx_req_status - - https://github.com/qieangel2013/ngx-fastdfs - - https://github.com/TeslaGov/ngx-http-auth-jwt-module - - https://github.com/alibaba/nginx-http-concat - - https://github.com/arut/nginx-live-module - - https://github.com/yaoweibin/ngx_http_substitutions_filter_module - - https://github.com/beyondblog/ngx_lua_google_auth - - https://github.com/PhillipTaylor/ngx_http_knock_module -- Nginx Waf - - https://github.com/nbs-system/naxsi - - https://github.com/loveshell/ngx_lua_waf - - https://github.com/gsdu8g9/waf-nginx-module - - https://github.com/oneinstack/ngx_lua_waf - - https://github.com/taihedeveloper/ngx_lua_waf - - -- oh-my-zsh -- neovim -- tools - - [x] jq - - [x] bat - golang - nodejs - python @@ -74,34 +93,34 @@ - rust - dotnet - code-server (VSCode Web Version) -- openssh -- vnc - - novnc - - Desktop - - cinnamon - - gnome - - kde-plasma-desktop - - ubuntu-desktop - - ubuntu-unity-desktop - - kubuntu-desktop - - lubuntu-desktop - - xubuntu-desktop - - mate-desktop - - plasma-desktop kde - - ros-desktop unknow - - ukui-desktop-environment - - xfce4 - - lxde - - lxqt -- and more ... - -# Mirrors ## TODO -- 修改 /etc/update-motd.d ssh 登陆欢迎信息 - fix PATH -- ngrok in docker +- https://github.com/elementary + +https://flathub.org/repo/ +https://dl.flathub.org/repo/appstream/ +https://flathub.org/repo/appstream/ +https://flathub.org/beta-repo/appstream/org.gimp.GIMP.flatpakref +https://nightly.gnome.org/repo/appstream/org.gimp.GIMP.flatpakref + +https://rpmfusion.org/ + +fastly.cdn.snapcraft.io +darkbowser.canonical.com +canonical-bos01.cdn.snapcraft.io + +https://api.snapcraft.io/api/v1/snaps/download/99T7MUlRhtI3U0QFgl5mXXESAiSwt776_11993.snap -## Packages -## help +## 目录注释 +- 一般有 ~/ /usr /usr/local 三个位置存放安装文件 +- ~/.config/xfce4/panel/launcher-* xfce panel- 的启动器图标 类似桌面的快捷方式 +- ~/.local/share/applications +- /usr/local/share/applications +- /usr/share/applications +- /usr/local/share/fonts +- /usr/share/fonts +- ~/.local/share/icons +- /usr/local/share/icons +- /usr/share/icons diff --git a/images/boxs/README.unity.md b/images/boxs/README.unity.md deleted file mode 100644 index 62430e81..00000000 --- a/images/boxs/README.unity.md +++ /dev/null @@ -1,120 +0,0 @@ -# Docker-Ubuntu-Unity-noVNC - -Dockfile for Ubuntu with Unity desktop environment and noVNC. - -This **Image/Dockerfile** aims to create a container for **Ubuntu 16.04** with **Unity Desktop** and using **TightVNCServer**, **noVNC**, **Ngrok(Optional)** which allow user use browser to log in into this container. - - -## How to use? - -You can build this **Dockerfile** yourself: - -``` -sudo docker build -t "chenjr0719/ubuntu-unity-novnc" . -``` - -Or, just pull my **image**: - -``` -sudo docker pull chenjr0719/ubuntu-unity-novnc -``` - -The default usage of this image is: - -``` -sudo docker run -itd -p 80:6080 chenjr0719/ubuntu-unity-novnc -``` - -Wait for a few second, you can access http://localhost/vnc.html and see this screen: - -![alt text](https://github.com/chenjr0719/Docker-Ubuntu-Unity-noVNC/raw/master/noVNC.png "vnc.html") - - -### Password - -In default, the **password** will create randomly, to find the password, please using the following command: - -``` -sudo docker exec $CONTAINER_ID cat /home/ubuntu/password.txt -``` - -And you can use this password to log in into this container. - -After log in, you can see this screen: - -![alt text](https://github.com/chenjr0719/Docker-Ubuntu-Unity-noVNC/raw/master/desktop.png "Unity desktop") - - -## Arguments - -This image contains 3 input argument: - -1. Password - - You can set your own user password as you like: - ``` - sudo docker run -itd -p 80:6080 -e PASSWORD=$YOUR_PASSWORD chenjr0719/ubuntu-unity-novnc - ``` - Now, you can user your own password to log in. - -2. Sudo - - In default, the user **ubuntu** will not be the sudoer, but if you need, you can use this command: - ``` - sudo docker run -itd -p 80:6080 -e SUDO=yes chenjr0719/ubuntu-unity-novnc - ``` - - This command will grant the **sudo** to user **ubuntu**. - - And use **SUDO=YES**, **SUDO=Yes**, **SUDO=Y**, **SUDO=y** are also supported. - - To check the sudo is work , when you open **xTerm** it should show following message: - ``` - To run a command as administrator (user "root"), use "sudo ". - See "man sudo_root" for details. - ``` - - ![alt text](https://github.com/chenjr0719/Docker-Ubuntu-Unity-noVNC/raw/master/sudo.png "sudo") - - **Caution!!** allow your user as sudoer may cause security issues, use it carefully. - -3. Ngrok - - [Ngrok](https://ngrok.com/) can be used to deploy localhost to the internet. - - If you need to use this image across the internet, Ngrok is what you need. - - To enable Ngrok, use following command: - - ``` - sudo docker run -itd -p 80:6080 -e NGROK=yes chenjr0719/ubuntu-unity-novnc - ``` - - And find the link address: - - ``` - sudo docker exec $CONTAINER_ID cat /home/ubuntu/ngrok/Ngrok_URL.txt - ``` - - **NGROK=YES**, **NGROK=Yes**, **NGROK=Y**, **NGROK=y** are also supported. - - **Caution!!** this may also cause security issues, use it carefully. - - -## Screen size - -The default setting of screen siz is 1600x900. - -You can change screen by using following command, this will change screen size to 1024x768: - -``` -sudo docker exec $CONTAINER_ID sed -i "s|-geometry 1600x900|-geometry 1024x768|g" /etc/supervisor/conf.d/supervisor.conf -sudo docker restart $CONTAINER_ID -``` - - -## Issues - -Can't work properly with gnome-terminal, use XTerm to place it. - -Some components of Unity may not work properly with vncserver. diff --git a/images/boxs/builder/Dockerfile b/images/boxs/builder/Dockerfile new file mode 100644 index 00000000..77e3a4ad --- /dev/null +++ b/images/boxs/builder/Dockerfile @@ -0,0 +1,37 @@ +FROM registry.cn-hongkong.aliyuncs.com/imxieke/archlinux:latest +LABEL MAINTAINER="Cloudflying" \ + MAIL="oss@live.hk" + +ENV RUN_USER="boxs" \ + PASSWD="boxs" \ + AUTHORIZED_KEYS='**None**' \ + DEBIAN_FRONTEND=noninteractive + +ENV HOME_DIR=/home/$RUN_USER + +RUN pacman -Syy \ + && pacman -S --noconfirm openssh sudo git zsh neovim net-tools base-devel wget axel \ + && useradd -d /home/${RUN_USER} -m -s /bin/zsh ${RUN_USER} \ + && echo "${RUN_USER}:${PASSWD}" | chpasswd \ + && echo "root:${PASSWD}" | chpasswd \ + && echo "${RUN_USER} ALL=(ALL:ALL) NOPASSWD: ALL" >> /etc/sudoers \ + && git clone --depth 1 https://gitee.com/mirr/oh-my-zsh.git ${HOME_DIR}/.oh-my-zsh \ + && cp ${HOME_DIR}/.oh-my-zsh/templates/zshrc.zsh-template ${HOME_DIR}/.zshrc \ + && sed -i 's/ZSH_THEME.*/ZSH_THEME="strug"/g' ${HOME_DIR}/.zshrc \ + && su ${RUN_USER} && chsh -s "$(command -v zsh)" \ + && ssh-keygen -A \ + && sed -i 's/^#ClientAliveInterval.*/ClientAliveInterval 60/g' /etc/ssh/sshd_config \ + && sed -i 's/^#PermitRootLogin.*/PermitRootLogin no/g' /etc/ssh/sshd_config \ + && sed -i "s/^#ListenAddress 0.0.0.0/ListenAddress 0.0.0.0/g" /etc/ssh/sshd_config \ + && ln -s /bin/nvim /bin/vim \ + && ln -s /bin/nvim /bin/vi \ + && rm -fr /var/cache/pacman/pkg/* \ + && rm -fr /var/lib/pacman/sync/* + +USER ${RUN_USER} +WORKDIR ${HOME_DIR} + +EXPOSE 22 80 + +# CMD sudo service ssh start +CMD /usr/bin/bootstrap diff --git a/images/boxs/builder/README.md b/images/boxs/builder/README.md new file mode 100644 index 00000000..13cd7e5d --- /dev/null +++ b/images/boxs/builder/README.md @@ -0,0 +1,2 @@ +## Builder +Archlinux 编译环境 diff --git a/images/boxs/conf.d/1/50-motd-news b/images/boxs/conf.d/1/50-motd-news deleted file mode 100755 index 4b0b56a7..00000000 --- a/images/boxs/conf.d/1/50-motd-news +++ /dev/null @@ -1,146 +0,0 @@ -#!/bin/sh -# -# 50-motd-news - print the live news from the Ubuntu wire -# Copyright (C) 2016-2020 Canonical Ltd. -# Copyright (C) 2016-2017 Dustin Kirkland -# -# Authors: Dustin Kirkland -# Steve Langasek -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - -############################################################################## -# This program could be rewritten in C or Golang for faster performance. -# Or it could be rewritten in Python or another higher level language -# for more modularity. -# However, I've insisted on shell here for transparency! -# - Dustin -############################################################################## - -# Source the local configuration -[ -r /etc/default/motd-news ] && . /etc/default/motd-news - -# Exit immediately, unless we're enabled -# This makes this script very easy to disable in /etc/default/motd-news configuration -[ "$ENABLED" = "1" ] || exit 0 - -# Ensure sane defaults -[ -n "$URLS" ] || URLS="https://motd.ubuntu.com" -[ -n "$WAIT" ] || WAIT=5 -[ -n "$CACHE" ] || CACHE="/var/cache/motd-news" -[ "$1" = "--force" ] && FORCED=1 - -# Ensure we print safely, maximum of the first 10 lines, -# maximum of the first 80 chars per line, no control chars -safe_print() { - cat "$1" | head -n 10 | tr -d '\000-\011\013\014\016-\037' | cut -c -80 -} - - -# If we're not forcing an update, and we have a cached motd-news file, -# then just print it and exit as quickly as possible, for login performance. -# Note that systemd should keep this cache file up to date, asynchronously -if [ "$FORCED" != "1" ]; then - if [ -r $CACHE ]; then - echo - safe_print $CACHE - elif [ "$(id -u)" -eq 0 ]; then - : > $CACHE - fi - exit 0 -fi - -# If we've made it here, we've been given the --force argument, -# probably from the systemd motd-news.service. Let's update... - -# Abort early if wget is missing -[ -x /usr/bin/wget ] || exit 0 - -# Generate our temp files, clean up when done -NEWS=$(mktemp) || exit 1 -ERR=$(mktemp) || exit 1 -CLOUD=$(mktemp) || exit 1 -trap "rm -f $NEWS $ERR $CLOUD" HUP INT QUIT ILL TRAP KILL BUS TERM - -# Construct a user agent, similar to Firefox/Chrome/Safari/IE to -# ensure a proper, tailored, accurate message of the day - -# wget browser version, for debug purposes -wget_ver="$(dpkg -l wget | awk '$1 == "ii" { print($3); exit(0); }')" - -# Distribution version, for messages releated to this Ubuntu release -. /etc/lsb-release -lsb=$(echo "$DISTRIB_DESCRIPTION" | sed -e "s/ /\//g") -codename="$DISTRIB_CODENAME" - -# Kernel version and CPU type, for messages related to a particular revision or hardware -platform="$(uname -o)/$(uname -r)/$(uname -m)" -arch="$(uname -m)" -cpu="$(grep -m1 "^model name" /proc/cpuinfo | sed -e "s/.*: //" -e "s:\s\+:/:g")" -cloud_id="unknown" -if [ -x /usr/bin/cloud-id ]; then - /usr/bin/cloud-id > "$CLOUD" 2>/dev/null - if [ "$?" -eq "0" ]; then - # sanitize it a bit, just in case - cloud_id=$(cut -c -40 "${CLOUD}" | tr -c -d '[:alnum:]') - if [ -z "${cloud_id}" ]; then - cloud_id="unknown" - fi - fi -fi - -# Piece together the user agent -USER_AGENT="wget/$wget_ver $lsb $platform $cpu cloud_id/$cloud_id" - -# Loop over any configured URLs -for u in $URLS; do - # Ensure https:// protocol, for security reasons - case $u in - https://*) - true - ;; - https://motd.ubuntu.com) - u="$u/$codename/$arch" - ;; - *) - continue - ;; - esac - # If we're forced, set the wait to much higher (1 minute) - [ "$FORCED" = "1" ] && WAIT=60 - # Fetch and print the news motd - result=0 - not_found_is_ok=0 - wget --timeout "$WAIT" -U "$USER_AGENT" -O- --content-on-error "$u" >"$NEWS" 2>"$ERR" || result=$? - # from wget's manpage: 8 Server issued an error response. - if [ $result -eq 8 ]; then - if grep -q "ERROR 404" "$ERR"; then - # The server's 404 document is the generic, non cloud-specific, motd-news - # content present in the index.txt file - not_found_is_ok=1 - fi - fi - if [ $result -eq 0 ] || [ $not_found_is_ok -eq 1 ]; then - echo - # At most, 10 lines of text, remove control characters, print at most 80 characters per line - safe_print "$NEWS" - # Try to update the cache - safe_print "$NEWS" 2>/dev/null >$CACHE || true - else - : > "$CACHE" - fi -done -rm -f "$NEWS" "$ERR" "$CLOUD" -exit 0 diff --git a/images/boxs/conf.d/1/60-unminimize b/images/boxs/conf.d/1/60-unminimize deleted file mode 100755 index 7f1d44ec..00000000 --- a/images/boxs/conf.d/1/60-unminimize +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/sh -# -# This file is not managed by a package. If you no longer want to -# see this message you can safely remove the file. -echo "" -echo "This system has been minimized by removing packages and content that are" -echo "not required on a system that users do not log into." -echo "" -echo "To restore this content, you can run the 'unminimize' command." diff --git a/images/boxs/conf.d/default.conf b/images/boxs/conf.d/default.conf deleted file mode 100644 index 9b4d49fe..00000000 --- a/images/boxs/conf.d/default.conf +++ /dev/null @@ -1,55 +0,0 @@ -server - { - listen 80; - server_name _; - index index.html index.htm index.php; - root /var/www; - - location / { - if (!-e $request_filename){ - rewrite ^(.*)$ /index.php?s=$1 last; break; - } - } - - #error_page 404 /404.html; - location ~ [^/]\.php(/|$) - { - try_files $uri =404; - #fastcgi_pass unix:/tmp/php-cgi-70.sock; - fastcgi_pass 127.0.0.1:9000; - fastcgi_index index.php; - include fastcgi.conf; - set $real_script_name $fastcgi_script_name; - if ($fastcgi_script_name ~ "^(.+?\.php)(/.+)$") { - set $real_script_name $1; - set $path_info $2; - } - fastcgi_param SCRIPT_FILENAME $document_root$real_script_name; - fastcgi_param SCRIPT_NAME $real_script_name; - fastcgi_param PATH_INFO $path_info; - } - - location /nginx_status { - stub_status on; - access_log off; - # allow 127.0.0.1; - deny all; - } - - location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ - { - expires 30d; - } - - location ~ .*\.(js|css)?$ - { - expires 12h; - } - - location ~ /\. - { - deny all; - } - - access_log /var/log/nginx/access.log; - } \ No newline at end of file diff --git a/images/boxs/conf.d/desktop/xfce/.config/background.jpg b/images/boxs/conf.d/desktop/xfce/.config/background.jpg deleted file mode 100644 index 316cc20fea721f54d7f8dbe77b5776031118afd5..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 84691 zcmbTee^}D@{y&V7k}jbYEn|RMOQF@u+X6qkTMo;5yG+Bf zm?0*s#>`OPsJOA}96DQ_v205{?ej(9jZvp9YuW*cHRgm_PTT$De81QCzOMVP`@ZdJ z*R?Bw_pjIE_4xJV_q)G8BrFl<=H(J1A|ePo;Sb^W?+ARt!UaSkalu0P&qDZ#jE;(g zpBEM_ii(bXAvQMlg~f}>OQHqW3@BM@q7cER9)e$3B5f;1{L3}ad_nU-x0wE$2jy8P2|LZ4W z0dZku6lqa(%nR@fSC$YKMEvLIBO@0sgx@|4|4vx=V&u}q6kgOa=`PZ$O6ni#TRIl4 z&bfSJxyEze^&*_tf`to-3rXSgidaw$e~B+Hj7&_4TFR4>c2zE0^@sXJ)SQ-%%QvD|r^$Y6&8fzYI$#Du8kF)p3^<#k%s_mMml|>P=5OkEf;Jl=VGKei?NY*Dm z#Ygq@>Iid*@`PvwP}5R9NGH#U9?OnFHp#(hQeTJ%CQY0 zjLWrexPyF@<47-NVX_#CUqHf5bvFC@WS)I}UQYSFGn!bDgLzz!w&B&Ll_4`bhBd^P z^fb}Vq<;~y4+>S zkNA^i{bn2Mam6-=t+!KiX4_SNw%<_LXeeoGw;m_D&*-YUrp(4&4P9cEM2S2k4e9=Nsh6}jsf zlbx8+G{o?66}|^oMC3x7Z}i5z@*7i9apTqTdbd6_gY~{e?$psrp2!d?^MaUtSef#{ zC|Znqk@G0ter2(;(XC-&-|~buDvHNl^_*!n|4yLETZ|0lP|sIN>rZ2$)k|>ABCay^ zR>-WtGT+vYe()66KJ&q0(I|Wk*iq%x#sp#l2$RXn&anTUgn3{$F|HlQ0D`~mTtq=dQy~{ zzsHd4mqed_P|E)BsUt1*4^$WKIH_JOB zx@=MPrz;x1u_X>mUfsuztF3ab%k}dfE08}XMn-9JC;X)iH@P-NU`!kQDkLhPi1|;a z#5MD5%hTJdwlP1#j9zNVE38g+X&qO|A=*f`*asHbGNNNT+tYFlw@BB?%lBB)f|(_M znd&~dyS9pHrH>znHzmc*V9(d4OOFahm}K`|JvVIP{7Kv zP~*QfENOgTAk_xxZ#pt=8{y`MOkM-O^u#XSN<{hqxk;+`OZHlAX39jVNXqkN`$`F@ zLv=cm)N>Vkq#83XT@$6@yL)xq$xLmK{LD$nFLh)Y%62>8aaq$oToH2E4tv}3ME3G>f8dx8tIa6F>?&>fB zS`k8B*U=QWR`q<-I*jELBn)#*=JJR;cw2f&4c=_Yr%|7m(qb2wnil<&t9;{hy}O0q zi+QP6R`YnB+R(b)8qSc7xW zYv3xFS5`B=^NCfOis#nxgXW!y51nFECVT6J?<@=HExd<2rNct`85t3;9}RUO^yxc> zGYHEVLZq@mmcNjw*;}aWpSWi_6_cy%v1Hg1{UVGJOEM#iC&te9$j=;SoTBcmfnQeJ zh!-r3$tSXuns)0CF89X|em1R~_yTi^-oW-+C;l0bWSz>Vt!R_ss`lWOb-UD>4Cx3` z`qyJm-1-CE7u;>>qnF5cy~u&CIC=jxT($xm!n5k{sp})gsrr* zCRO%@sxeci?lnOgJ*KJJUsNa|CJX;8r<6f%05<1HfYRr|ul4%G#ey^YwmOnhJY z)m0NCRp#W4X-G)5SwU>8!P|@Q(;C6{vP!YiHajg;83@HkXtF|7#_ZPeOuN1>8biq`x`G<&xV|>$Jq0(qXXh7JLs-_Scyq^B)>jg4VNU}2L$>(l zEb-3x=hyhWIR#ho!ZB(wue&9Y=i?>E&sU^BUoKim@aU%uDg9or_JYWedq9TheHYKfi$!0IbJi8!g11tYP&74f&A2^yF^on0ib< z{}>agnoWrTO^NF|-Bna_!6IAJ$ax|XQmc*aYjq^AFs;kR@SVJDx#QNnY+0_TLryvH z=`r27nLy+hqjDMM7(9e|bC5SFBNYplc~`3}Dbt#RD1Xh~2Q zgPrHj(Uc^l$Bc#ir3qX`rv?)h-)99xsH!w6swn{946Cb+rii1rj~@T< z+O#2O%N0cnKxOPRe5cn}pbL4_V|A$0UK|b2(VF=7ijynG^g--7E#<+cb;gm)ChXCE zlR4r~Jtg8Sq9_B`ex?5?r+rk9sqAa=S?NsWpL%QwCi$5KpUc^cZkfz)MZQ+ZW*@Qe z3Eau7Q=}%3wgG>uqo%sEwQV|IHc0KdXj`)Z5IM)d>g;HOWhY2fDxL%cB8OD4e09Xw zc?p9e-~Joz48pck$$HvpASiA4VU<{tl#)G&I#5I8^2Hsf?D_jK@1px=u>K4h`8{P3 z(NM@Szm?Esqrw`W!8+A$)2SDRxjvyS!EccBi4I(QTh4ok& zn{xj$e}5PEaBtRmQU9a2weQswlPvTLmZV~`-bxvS7k{k{O6MML`?~F`haLk5G42dv zvhuTO#-{!D1?umofm*eBV5>MZV~R3$d?27QyD>%CDCH)taMZTQtk^x#EM{k!SU!7R zw!-+EGY>8Ui_|1L&}BB4GXzu`KSyir;?BB?#QPqr3}=ofG8?JHTPuy^FCFMSds{Wb zAidM(;yrv`Wt{PJ4E=oWSvi#`0S7=*g=J*GPEtc7h^t*$sO0o5 zBZ^?V5AghwMJ%Ip%$)c-WAa^7lr9*MEFx3fYWHbvrKU4GIMWIIup@;sk=JZuPaeX! z6%8ye(o-MA7_4`^Q+=X>|ElE}pIbLi7=SIDVb7`Z3>i+zqA>cYrvd)_cczRXjxlHq z&h%Ys;1n~b`r3o;-ZVN zm_a#Urg+P?hQ0bz;_u(2DIY64vqQ#UvhB6BnXb0^3SG1atwp+ZK>$alwOH}V);hl? z*La~^Sl}@eUL4{B!djARpLL6NI#B67b)dBVL}l*5uIriO+M&-XPVA<`S`1&BSR^4Z ziqpb)p1847vsPE<{O%&cR6Jh>n7UI)_iFWx9Fun;ll`(uwrsbIj^mqmh%wk0ti`CK zq9qZ?EK~90VdcqspTwj8&9N4cSg>5g8w1LUGe6AP9bY)#ySF_^e~$D__boZD9gSgk zZr!WbTO1+mlVt!?a8C+R8fhZ?v0{SzSa(jP7AgN17oAipRu0IPy?9NwOpHFK>Ya(g zG=yxe=2qw;?1^*AzchJ~#vYq|%?VUSljjaAPsjChRlJ9E2fECVp#l;YmO?C#<@AOh zgnJdU-lV!CF~>9NGI6IsG*HI=6DJ_)A)lYlI~9Y*i^XN0((XmZ6vk_H=|JspSwk|#cDk-VE2~CNCyvMra5!$3j#)OZ+V0Oa9NPF zf#c5?rK|EmVMzr^8%^MOlcA#g9t9!_?36B*kXYq(3Q!*;Wb=vgN6l2J5sOH&U*H?KFP4>ax34Xj?&r~j& z@X2H^Y4~mUXcLQ}2;|TGaUF?#ycsQgHqRacnOTi_j?=5V!nCQ11LBcBZHS)58OJ&` z8Ko(Wj}F_Fg zldL@>gpDBNc57YKLDNd2TRo^GmAJ8vXA=lnZ9|wT2C2CJ)u7Rtn?8%PNJU4`+{a4M ztpVz%NdK(YkUBrE$OP`TSuTkhZ=dfq8dh91y&Aib)7kt#aP60G>!O88O|wox9jj~F zIDr^msP_xvhqX@w1+P(etM8adrVK(2sLBjgD@cnE2$*v_Q?T?%DZH z>NDqE$3al99o-4cXBdZc-NFWWcai#|XtOxy4=SyKGxQnka-%NM!jLI5hD|96YZO)9 zGv@;v32`h^z?0-Yef}izG!Vd0XD`9|-IylJBuxz26NhWt9I6Mn+HXgWRdQyG^Gf+? z^CHd+wpVX$OftMu82n0qe%`lF^+x>%k}PqF%kW?O7nqllOo<`WlQCUYn4uY6+0+9@ zeDlN`CyDL)#w%=}%fNH@k`7=MoPpK*=M`H|{0n=6YY$IuQs^?n&`=^mU4+$|EjC5S z)R(gxWGz=&RA~Kh>qdrhwC?ahcp8h(oode*Z|w+n{LPSkFtka;z-pT^a$D%fY)5LYQkCzSgh+aKF~q;EO%#k#`IVU2U{q!c`U) z@*cA(AyBP}lZTZcjk?XmNI#H6n4-`hg9E{sZJ*$uk_x0`{a374H}}N1sqy+-+!y1UM}Ea@Hxv zypNo#k}Q&?Vb80WZO&)6jZ2&8PGL#ut(;kBu&c>w=d(!`R-m25U?JxsfqAeG+4E_P z;X~LHu`L7Ni~=}}UT;Q@*FPP-{K2rY#`&Eskv@94L-D*yI;I0De3wIR{ zHpT#-ZKcI*u}Wp%<^XfF-m6BAAB#W5nx(y4JBLp-m8NJ?|BuHbygWv#S6Nu>hK7&w5-@m1AwufSZ{z z%CJ7v<<>cvsMAs7yrZFrPwQX{HY=2k==N!!hM(;R{N|bBPbH^umAr|uqsO)c8*zPA zCXGL4Iu&)Or=-X)=02vyS;=2I1*=+D(0?bae+@pCTZo;0Nt;&^wd z_T_0Q1$fJd`-8}v$8K55UBE=w`jJIET^+XZUV`7-& zYWL@mQ^)EDl2vW^uYJp+d=k#B9wv$EavOklI7e(7%Kdo;ERohctj4uNn?!_Qmyz>? zN3S*p!SX_-0svKFX2|reH2(qB^`L16pkz+TM%%3)<`7%l$NjvHYqiU>?^ZvtBf-Zi z@%;?Ex^L@7YTGRCEKOXL=Cd>ACw+c9Db%-Y3G647LKauq5xIJQSmfFgGgYN0cje_@ z7}h=CBx;GCn*?akGr7Jx<~fh94gYNh>stobC=(BC4IBBsd6slb+zDmv_2SpJd=;MFF8O?nrI;(zpNVl3$a zvRO{2 zLqy8}u+{&z|5q2{hr^7qPG}gEE5~4N-07IGceY!eO#$49K zm^u2SAWG9MUeV#v4(j%s#!Y9=RZ)8^2{R@}#kR-|i2iMz;|E+F$R1`r2^4>u4Zf=3 zOv<4FqJ`}fDS@uRV%p&q7C67lbZW1xNtp9xr};#}WTa}w%nF-ek@1%GNt}Q|USND8 z+@dGzRe|EcqxvdDZ@Y$i_Atn`hC z6(iioVW1S+5+5tPB#UTZlu`(?7-2S$D;eAd*4 zALyyU%OhL{Hpjj`pSBCGs5PbLf}HEisJ7E_T6yCRxhyTI1s&J#<517tLvTRLigD#@h7{O^DF`*T`CsFVVTT>M&f0JDcJC?C3!cCkg#V=J;3$>Su(yx>HsgG zQ1L_)JzoDh^SV4$JtEJkwVragE^U7!GhWUYNl0Af-E1^CTdYz)X2s8=WkYU5&N~J4 zDx<9Zf@O8drFt`^EXaIj3?euIOE$!kEE&=2Du3QRwVmn!4X`OMy3xz?Pbz+5WrAS- zIir;~tbi-@N<6Au3aVP1;VjifCI-Yx%wvw$+=n|8r6<~D%Oc!I6(GV~cc%Kb)>Gk@ zwmFKZH*Y34hlNPD?x+rT4p+3SiXVhUOR>oakH{#FzsKTcxYk^bn;G1wwE6zhY)R}} zwi9&=lM@keE}H`Esv zgiNcY3G$kpa6kdsO<2nVZR^X4;p2Lo+4hUFb8GnFB5^v+OQ}+xT^>QX4tC9}RmN#M zBGNPUFKQ?Z<;i2KYr!A3$(HD)0_iGR)}VS!ds{?oS3GGC?g3L0oJs?*&{9!(l3G|B zY`hAF#B-z?0B*srK2edJ1-Z$xrKdkMuWeZuoA?trfb1eMmY8*1H;Ze7jo{%$Ql+K0 zcy~jlNl9|ADeEM#3_$V2W@R+^`t@!NNzUh=g-;@0G;N6U$&fW*Hk9gFzWnbDJO^&j zkw>K?rsZp1m_t;C!a4lcanq@Yxk={vNp4X^#^_&L!|W`st6NzkBPc8WEP`P3f?R$k zLYzj&t6@dw>DN;mJ4~2tmk^C*JdS(e8ID)xi;SHbaLvxC0^%%rp|Yq*+@et)3SmTT zu$KB!&h$SFl`E<0i|%^Y)!y=K)N%M}$F=7Ov%8fIrz0C={KL~MFB@#yNjp>AdG_x$ zE@6Re#;k~3eL)^c;N2at0E-g{@;+9uo|kF}*`f`8|VVR5(U8(}j9_fDq3zWE-w!%9yR9gldg zGXI`|XJ>7>@;YN+ZnA5O^+C&T93w!3+-c_?VYeo`Vxe-pW;cu1S7 zp%f~H;yQ2ayJg>Sq@sXnrBv`4t;03N62wdG;c$z75Y$z6o}OCvFqi~McHxzYBQ zB2+*W!5&ao#vgalNOycaEb;RDgXOx=bh>Ne-Ff)fxRuhys8S6BNDIVxd! z`_=A-4SP}N(7*G>G@lU2$2Gv)4cT{#5BGYJJ*|GtoAt?Ky3i29JU6MBQ({SLRvN2k zI?aiZ)MDky6A}{AfYq=aZuZ}t$ zhm|zT(!`1OBQ(ka^_V&!A%OL@hCPHd0^jNnbvAni(sd9jix2y*pD$KJxF(Rj!s7lW z72VFhaSaDz>7$^X*)!lg26A3u_e_HhL9L5fkS>Z^D13iDgr-Ai22DYH+Pl{_$sE+( zUIK5cp_E<8A{s4Ne*$PxjcK696YQNLf*%Y$dozfCVR`F zHSqPv;w)O!u}-ysABW388mG)Lz)&z^!6nG8$gRVjJTp6L zpTY}wZ27wKUW~3O8*F7s`vcj2^$~7b;uF8h^b<^SwWd@k=O*Mvsu*1mkDG6$IVZ3GY1ynk+_rt}CBYTxu z=@H;B1A`pmP75vZ?XcWZG$@VD3FO~1)fJ;tg5~R}FWm5)oep7v{Px%cD$}Maj5>E; z!p=ku66&jO>q0%U7w!4{>>{pDfb2J|97xnC0=b8f17`L{4uspO0~_`#5kk75_z)N| z$eZKc-{iD}d;)^ku*G^DFkSNoqdyoBevW2@t%ks3WsR%oBD4dpVvZLe-N&9hM^G8; z{$6*hjrwWE2knxTXm*BJi*Gc%KxwMD|_qRyRPZ03isC)&g2Ja7cR{-K{_WBElz zRI+VyNl#C$qT7K6jgd*ZJ=EGNl|6&F^9U{1#AQ>&2bL{36bcB_X0U*rv?cgsg3)oP z^IRC7u-Ida$&h{FL)R-A_%f{(AcEJe`z-lgG{d3jy98v7%hvoL8eMh^yV0#v+g>9p z2;MJDoFTEb;U;H@+ISrjh~ZYZVaYj&3j+DWl0<)jq_I|E3>jTHM4)_kEbPe&-KUAa zS(#AGF%(v6FmMP~2BDXfjC?u4g%Go+<0oaeJ`}?G51>Y06{tRs*qgd>jGZL1%BBozwwG2UQU}(cLVM%*&Z>&F-28F}YoLBwgBXPw?u{CRbo#d69j&2iZ-G1s1K39G)(k*ZLV_Pm04)eK2$l@V8IO2E=* zADOSx*HVu+hJ#b`DA<2!O9#(Oz1ltN>XWkxzFaWh0EJePqFO&kcYLNQ9z13Yrw~ts z6|5gC{+!KKj;b#rU63L$lsvCLJ0PqLtzMDEo_l6=J{dcEwfC*0#558jy{F;x3>h?b z?U$q0jaeUVsCai&25kw`BnR_O8GotR7NZ(eDoKSBq9sWNuBTG~{gdhENEO2e2o`9= zX=JZuJ&3}MCaS*lE{SQCwx>&j;RqIG1p@idg1cNdce!w7_wR&LYrUk4JLD3AB~Ogj zWjjDWzYIEt+`Jq7GU1wh1)Tm4w-Cg5q zTy4u2B)sdcAAMehz5VfBoJRd619zm$m>;fQaoJ8i?^FJv6#}PC>moA^sR7|Mh9TUd z%f=waeD+*_^~U2vU^z0aD$RZbS18I3nYyRNsqG+6femW-UsQLX4v4JtIy6Oe{8tV( zJ0;xvY#^UsAjQ@0W0`v_3->`^PAZ@p2vn7Dy7RcEfHKZv{N{*V>Cwg9r&tKiS^R)$ z=ZY)qlMWhxC&=H3P{3A^Ij`_CrUi|a3J}h+_F!axJJ**7UPSs#*OgZz2S&VbpaCJe z4*4cY!|LoOfz!;HQ>K#@m$sKUoO$5AeP6PC0FkM{afrACfg-n;O9lZ|_%*T33H$d> z&^V_Roxr=Kyg+VN`kTjy+{vyEuZ6I1T2y0*p78UyW~jKewP_0H!l~rxB~n4uxpOim zuj3y$-6hIScWO2sWqF>09B$Bw#x-N$>x}mzFW8;s?o{MOStIcCLG#B=M#Nc*7L~34@ zqx(5MZ2p_=8_DyNd-c#T@Qw9KKDgJ?o7^g@Xj#V=)`D+V1u8VpzNtB>trE%~%HKd> zRzsEOKtRZc0D;&v%^PnX)`6|G@!cT<-wqWxMO~I#J&QvV2q$n;d7%K0lyxj|1nt;p z{LPW>IBdoekjA!O;X&B+W=ajydR%W1D{@{04hQQQW26>D!fh9;L@0D(=m3dHyOIi~Jm|Btp<{SNXVhZIIoOyoM zDYPK@L?~E(k`r+Q+w$B>173CW=8p=f{Uv?fyxqz385Av)0-3CB!n9`FIoaE1r!nYt z{461v{X%L@_>Ibfvex=QUg?RQkO3E~vVB^Bxw{QhqWj@&@Yn7Js`dONbN;boW9Dg~ z{NjTM4y6+%Mf^q}&tK3|ROYoMbKrXAjcm%^;6AN}_}jenuKHqyyfD~pJ`GKoD$|_r z54sD-He5$3J1VjUVKFlGR{fR5#Aygr*%2nj2r7wSeNv;)2~yA=EiQQE0%rll4o1L8<-uvTw4JK^b#nqt5yVM6j5ux-w;NB~Y#5_DcUgXgJ^>7fxh)OdUo>h6kz|ez)n2 zx(%P`u_asB{yU}wdODn_yMb{H|J5A97RtpLvbSPX5RQL2EnuY2nBRI~taZA}kWp=Z zD~WBaaipsR3FP1p52$0ouFTO>DdR2I;88q6gJwp+zCqK8|19;}?Ik1k_d3hu7L!Pew{) zj-M8s`Pfi=5U{PyQRCIHkj6?Of9$k|jieOG%NnmwNWfgJUj90WzWlo`At45+^0sQK zlh;`fi6+2}56OT%n9r*`5|8UZv@XyM+=BF7)eaRS=gt*wumYL-W#ayo6SfU$UJYLi zr@f7M$E`gCs|tVqzH}$$=dK3^zJW3!sFU6q)4>(7O7D~n969-&+1OqKkua{r5;!B74)ixLDv%53i_g&@lW1sw zXhoK@Tjdvij#MKx)qM;5pCj=WDDZA5DNQH~_eJ@lf7zp#-rcpw#sR$UjKg#*UMan|IyG zbZL7Y22n(~Fbvgpl*AXJM)Eh7)iij=hAGL?ueGBziu|w8_K;OU8FiV2u&4bY zC$91|l@=Rij=oIcXHP0B3crC)FnH*Ci(BWtAXntXfI8xUA30p1OUXc;!iu#miNXr@ zVcYfe-8=s^Sg3sYGbkYTn3s#{xIR*uN@$7Ol)aiR1Jw`P5g$}!ji)tpS}aKjgmL#7 z0G3aZ_!xCQwuM3@)bsf?p$LlMC=+YDZ!r)(e2lk(?`S6;kO0SCKYe| z^x1AnK8@lPS|I5FeUeWjieteMC;Z?VQ{U>;R^;I3?A6{w3lEli*~oO zW~W8$Bj(7iT{REY~b>sE%n2(?8nM< zycyNKq$z-G!b-ZQ^+NmYvZkiG%jh|M_BslA>e+T>hSM)gQ3}6OvPPD#Ur_!JsbB+d z#FVEzkxr93aM^TIY10bi->D`PAl>`3343CXHSoW%LJNgYP&^4wgKTe;K640nROE2HTm_9u`R@@q}%hN7=zNm^Qr?|f(915sBBbEqeTb{ zzn7`QJ@0sTcYg+n!eH(DPXCYK=PSSyX7my|HBfznBI*Z` z{ZQEh*m{lnwuW_Sdvv&)EI9fDlzPBnGdhR4lUstXtcYRV2pVTyOK4m)yl76Rj@89b zUVVVjp#bW`k_M7mv%JXSn8ML*Io@_Q$ zlUmxqFjK-&oZp2wVwB`VpfhKd=e$Eg`R)&|(F)?loeT5_29l4UQrD)OokG$b%ckkm zTy|a>=P~)4ER*-MU|D9Lkq7ZxgP6llPzvZ~rQI z%58v3Sm&pbV+$Eyd9?rPx;(7x(Q`NKA0=5k)f`>IEO4=E~jwAVhIwc@7!=?%2)--ZZ2f7LNH69B2tinL*L$%bpYFqFSC=nD zhY|pT#uZ8WM>QTO?A8x0Uxy7mF=R{`isaj;L>+~d+5e1E`*RPOBmTRsScrV!GHv)w zAXW*VT+Ooi1l*BQE`{7L>?Xay+JRa@?tZFrswHXQ`p_+7~ z%}~vOEo0Z+5XiwEdJsCK)z}~Vi_-wg52N^{ei##Y5w=7dn>-Fg?4`K3)lZ?1HiIpg zcGp8!Tq@*n#_K!2Ro0a7wgioM`2sGRJ$f!JT!@X**CP7e7?_KULPbE_zX8oU4}BqJ z?8X3WR*3AfVP($J@r6hYW@D zsp+fAp_@jdND;DK$hB$vC-wg=xt9V^Hl zb-&lbIJIypki9)a`hCdQUTLRKw7Ent6G1S~;`ElE6i-}+b+3M)1+3Gnx6HwtngRUY z6=xWVhR=R(%OLI=R%V@NT1zg~K_8ofNOwY00+b)1A!z+W-MYHxzzP(krebuaTSu4~ zR#uK!m~)PF!za;~izY<(Vcv?1wo0IMnHX`4X>G&XrlBpiZ1=QV=QOZDb&@Q_5g3=X zI-6WWodmKq{v`D#L5zZ=#Lqev^_6n>Q&8C#@kER#Q6mqDlkGi z4Z;m*W8GeQ^Bt!ks<(yxm$B9h;%JzIV5CpyeP`Q{>49Oiq(sPg|G4yK)~N*Wy?XU& zL8yTS!r9vpgREqEOnO#8SZ1w8%Kfr$BVf3wdZZ*@21`iKWJf7$YGma(?Z;1_Wd<9- zx7W!mYgi9qMzcsv`nRwmHlH22;qOY8dFO`r9YU0*o~ihA-Uot&fH)l{d5Bu5n;}ER z2mPWn6SpGnYfu(Ouzv#uKJsfJh&xCc9u^$_L+Om&ZAlP@Ay)>9KrKSH|?!p~u) z5Ozo3cbc+sEV5HWDyxvQw*OM8Q;Il@gV>HC9R``VA zD;@HDcpNgy{5;33Ea(^QetsM#7BdVx{4zrN_!*c*!<@=v@RW3Pd~g?cslnT`s_06Nf0yndc4eKu;9?|L@P3;1~f=!Pey@NRhYZ_3D=nXadeWo*I^ zw~+HA^5XYW92)ZBwYlm{>C<4xwduUOcsbSUZXVQ*mj1Pse10-YeFtG4H)+Rb9o%Wi zCw2X_V(9Bb#f$+Z?}5~DQswp~0wH1c7*J@7dbO&f zm!t+nzR#WXoV_UDs1grs{{vbLld*BgN0@`$*_uq<;}`d{yKF0A`r-`+#Ph~w#HaYQ z8q$)AH^N@pw#dMUoHLl3XGpyR9a`&wK{kjlc{cm8gg%4pfdJjGj=-H~aY$1zXN;~} z0I$u4qFrkUs24aT?+Hk)xr$4XFc;fU2kN8XPcbZHnLT13Ld#Jkx4AAIJ$ev>c`yL1 z2s^bWt?L=|bK@Z1)bL$xnw*2(x?>|q!_=tPCpt(~NfHQ(ISH`?OP=md;MO=HLp%=} zlGk0w;;QV4kRD1JEBGz;m0R@Zui9T)(gn5g_yJ+9Dj$Y=TAIPX*1Ou~l^w4yY@2mt z;78KA&@`a$*2G5jF3gNcx$(RzzDzO4hN_lrZHTKRJe*f##z46(YlmqK^^cwWX%nZ5 zKGo(p_!#2Rn-gEv>RnH8{RP8m!xHc&xr#WV+f0CpRtS1_)JDz#(r|Y(KaXd;jb%&y zPk30;Il{`W`0Y+D3`1zwHb9A=*{${qkcL>dZpMU!%Lv>_&g}EBogeJZW_}ffi1F2Z zWYkqu7RqM)4W3A0p>>H$5`7$q1(uk;-=4M)(w;Y+-+cxC+>Y%oVcA3c`j*btr(vgx zB&STkd}(*$%eHVLRtOeU$Lq0fb%0+CeGRygP(Q1=y@(IE50jpN8wo`4+iP5>HvLTt zjunV?1wz}si`S_OZW85ye=LwDilC_f2GaOTcX&A1vaqsUvE|Bc2wpWnrlkZ_M#daq z+=3l8aRsJJRjqjtrS5d*H=|hW36<7*3WDniLvBA4GSAorFllg_!TM40gvYI@J^VqjB8BzhC9g_hbRFtlL?Vq#J{hqTeqP!VX zV5~JFw-P^l<#qi-4NTiWySHfdrp4GAs2Pz}pn4dh)a*35!Fb33! zmR086JDVJ4Mx8L>4ztxgP zBp>ge^zfm8Dv`x(uQ7<%%Hu3<;1!t~81DMRG1F{`uq6N4=w0IHT%{lxOrTgY%qNo- z;Pw$b&0ja+k4BrwDf!=J;=t*-K)3>eWN4KvfGML^iD~=jT}8>La|D4rO=Ru&sNGB4U(1!I~ao69my-HnA55HTm4#ve!D@hjODpTFh=&u97OWU_tA0A2nm>QcsoGJv3 zP!6c1B#Be)8vsk7pf{@4WUq(evQjGub_BZr8|1tTXvS~OFW zEWYfWg3Uf9R5>9!M`pc>ACK}~V(CFo^ zZ8-Opwc%l#19iNo?1&zLkdjTB$S-)AT7_jghAu!oo{b4^TvLJXPFAAtDNn#$ks!8o z0gW3T-jfi{Q?}@<*1u=1Rp^o-F$%yM6?$_a+A8~<@Iz^A{k#$YJ4*M+bs21W zb-tF(u8SYkfb0GG;l74%p5e=UZgm^@?PoxS#c?Iu>VA*#Kz@h7mqm z^&idlq*S*t`2zYb(qp0Tu}K$$K1ww0wYnZykc5PXo+jY7kBLTcF>faG5x1DcIts;Ju-6x2EPPUX#EF`j($(Gx0E1= z#gES`;=P-;UWS4lSHbCnl=#I_m0^b$WCcunk*IoUX#+v3mBfFmZlhg>3M@oj;JYZ7 z_6NHFTf9-`MbI^S;N$s#-isA3)m zlNzSUSuiFv15sT1zL1#~!-kq=QwBZ*ZC8>l35j*t=xSl1eu>JS&n6vter0`fZLk}{ z$Xw`SLKNue4o?6Oq2USH5?7MgA%y0GZ>;{trqxtuc9$)wSQbJcl;{TP!NbBz6(&X* zlSUZ}BGh!*fgx0S$I#LtVM80dn381?4J|IWk)T1z8-*dw;JE~#BveQN*Zx_-@-#W2 zUj|;$gfL{9g~CVy1uYxBV4}~!0Fzz#gD8EEZNsJn;uqn$ZW|kO<^icy`()p)2u~zV zLqQDN80xwLeL53pXR=kAS9kq9OzJ=Zua^xoa8W5Do+p3KRola3X&Esp26mPqm8!2Zg`nxQzP;vsuF+m zk|qL10N4bptOoxTM#Q;_0I#!^4~1EQDCR!+TD6D3^B`P5^;*#pIq!P|sZ2qmwxf8f zgaKbRVmm^U#8MD74A`tTZ2y&Rc!O{Q8*=O8&%z)Dc|yYQ6_w<&x4pJz;k5W00|i}| zae`%sS_lZf$I2r#K3vAgP*-LRd{e}a%DW4Vq0agc77>;S0XxHd_cib{AQ*OPQ=tD} zTP2$?lm%aT^%P8Z4Wxyz~b}^tM~KMJBKQ+>*@cnljGc z+j+Mdauvu9tZyIP8>McW7DRnO0Lq6Gx&XXo6cnpVy%Fkqh8y@UKmeE!I7&XOWY<~T z&BMSug?se_m6Fv**5(u*!ji#mig_r)qBQK2my)y!qn3RlHdzJX=9oSdDAg_E%qix2 z!7_6jULmXObciNrK@Gi5-H*sxo|TAr_l_RQq)cJ&Ot^Jzt^UHB^_f%dRuTf=H9?@` z;qSMo55PA@$o6PTM0Y_9<{a#Tmf}psI9{T>Gy9fErQ5DX!L4oZwn zG;t4Mw>*|re#p_|Pq5Xj9HRIVmvkKg{Y|MjnM)8m^n^ zKDj^zB_46jw5US&F)?f#CU9YVlL_B)aI+uUEak$AXvk0%ooa^*=C=mcyt<#Ogh?f} zPz4{?{eSWF-eFCj?fZWaC4vH0q9Q^72PAH4u&e-)vUhNmQlQ#Of~|s4Mvx^4H6p{{ zii|)K5G#%fD%A)M!0`YfAXo<|P^O4TB7%V5GyVLI-*G(u_*5`~ckcVT&g(p1SE`Zw zG(Kd4jS=xs++o+!f$hQ!#r$@G*ps9X_ZVm@#P&+J z^GO3PY&FTnU0T7&jCmUe$&Kp$UEi?Es6=is#uEM=;$4$UFnIWFxv=OnT6uxKs@5^N zNkS1nmV`9&VM8)vNsRupR{V@pC0f$BdZ$Xoza|t4C}IngYAKJ0Tz~T)v~A5jTfyW4 zH)Pb`hd#~`*c~=*J|^lr*cc4dJKN3}Lxr7S?p_RA-J-QZNgpjYdZfWDDF~B0%%9?* zd6A+;m8Qc?CTWHyoe&RHU(kRn;zCphw)*vCJMYTH*GMnlfyq2NYqCl)DNAx4yNl- zy_g+9+{Y-bEi-;_XYIaPi~Q6dl9uIcVy4mu%GLJB>RXf$0de-VOTY} z5cYt-W9GLZzz1T9G^@`uPs`Ej;D}Rn353e&sxq|-=FLD4EtQK+p3!<@Bc1At5ph4q zRWa|QYp(V{$mrVP1q;3r@kE-ImXl8`YtV!e^4)T1h@9XDhe0JcIdxFuGb zka5RFM2yllF?JZe6gbu3dUk}-tKOlFPwq{T;XjLM>!3F984*Wy;&fv7u@}(C@I^7q{humBJTO^C;9WUGmIXtzGPMJA)X^EkZ_w2C_!2w<1i>9bgLM8PlVvWL^|sN6BltE_ zbus%b(eiKOSCZ!Hnn6T1LGdn7y&dgsN8UnRE<`c@&a8IWT_GfUYddaMFXh7PP+;3E z8}l{|vf(=-R10L)EA{qLiN$8(Q8DpKgsab>SDx5PYN_IfZ$la5iJ zlx4)CTNjxiD|Z;~3L|>>(FkF0N_`NMvlX9p0cFI4xYQaDkRy~~c+)rtxO9UXt3N-;()3giOq*%|Z>~)FD`P)tu*{iOiE(4Spw_2BM&dsPYB!@5T->rovN+ zFZgz_J#b|v`0E%F&Y&$c1i5IOHvicIVu`B0<8C>iTTV-|ZqUvu*B1#b-3gYf(9|J8 zDyn4ah5l#viG-L%YhIV!&&JJNZaPpOC{88mF)#|mxDx7`*p2Lr#_Q}^Lpjt%51+mZ z7q^h&db9nTq|o=p)<`k07{VbOEtc$m$V?zLqgacg89zCDUdsvg&=20ggOsaAk4$ov z2-KdzB!_&=6|IGRdCwLiph+St3|KiJleoVUgp45+fwL*Myao}lVf2Vm#b>UmVn>Qp z`AwpVEVSh}-9RUPo?ONaSh>ZT&Z=qR>INd8u7Q46iAzy8P;7Re2ajO!&hNbB(Y+}G z)w!2aCMg-0EZRb9?#Lw>YIRA}#?1uqpic4mLT* zJEiJZz!VtupmSSKsP)6-Pfj<2&6>YXb@E-+nc9=9pydvt)$@1uR&jL5a9a9Ft0dx~ zw#-+sP{547TfMWK(w|U4uIfEXG`C#KKJKh8SiMtqS6B%#YoQz>C_mwCnX85k;yk$) z5mPxU9cZwIeUk68*{(<(AOp~cz)Hqw`->Dm8K@qlOMX#397Y2inSF-HIvF(>s^$*$ zw6qQT6y;L`RQD10B%QR=$j7?cSFY2xV8NACX?A?em|$*ic2=3h?ofl924YX$Q(bs) z4xq&ZOoS;XNQRq8X}M%=bcO+W{tT3I?rye#pa^@uFt66qsjgkrk~0O~o{mtLP2?}`vD zc??-j&LXNeP|eOVkTtSKDHd<4-od}Yeo*e6_8sX?Uq?#oBvU|)5L-90F)&#(KVV4p z;n5~avjr@*KI%FOrtD@ox=As%~upQ@4*nN&^)nTIcgHLy0>H;=LB6#)2x;f;wHF z-bXt2vo|sNs)UYQl_@G(DUuQ}NT!sAlEP>y5mrPLXYu2u6b(fJCl7CNG@{(I@ISo2vio_ac*1q?L*#BP|2ke z@_?(Cm%eGP4~GWtXjPPDH;T_RH-KOczlZB(E<7!4t*)D>aAaIu-zBD8o>Q$hdYYX( z)M0D0m4E6(0k$O?gCyU&+-a(2w;ayY0*ej-+t-U34exBF22ywF))(E>t3C;vrx4GT zVQ6p=MTPflWpUZ^olK5r2j5U>={{Fiy(4o96pdC{knI>$e1#HUSmLI~P*ql&HO{~4 zqlrJla`4A*9(0(c%(=5oMR`#|XttcKvp(5Za9}YMW60;nf(chgfwQn28U%BtbsY;- zo274q^LLAD`98T0k?X*@ zG^9|yG;zsgC&>{Q53V?&EXh8bmf7mR)r_P?!6ek1R^Czw{Fa_!#Z7~@>^&(Rr;k=nhp$kIy3cl`&I{1Xi=&klMzLj2h~m6bijkX z`f(_i$w5d3;-0yaYq>V#qT}=Y3#j7-;346MA`v6R@vL}fe*eAVOxRrY3|_Mtz1ibR zV1tTuV0QJN=#?bl+0V@Fzy}v%<40o z^lySyJKuAig$u{o+`a>$Z|7P3&fu*cJe4%6^xkHO@~$tQ9Hb9jsV;_~%u!hhr&+Lg7Gb3v$(_EaH4~ui5mslJ> zNipm_nS4(ydrwg*u(mR_CV2)XD9l{~uP+AQ;>8e}-CqhY7X6v=xHv<8bzUQ^y&dNT zx;}Ssc%|TBPm;OUlLSWfIrqf$+s!!`7C9~W5GyiEc_jSEGJ23<9Jom-7D>I+Bje#H zKxmyCaCIJpzYXQEsrkF7I41?-_}s|e$)bqbvYA)sxh71AhFrtf!b6FC`hQLexPh9T z7enOopJ>Kxus9zE3Sh+iLvQ&bP980uYz|$V;%qpM3=wJ>nE&99bz4vEXA|y;khQd! z%SjOgxH+JW>7)_hy+Z5-QUM#oryd!jH#45Kv}8?^kt?l&Y0)Dy^_9}P4Q2KGiI#+O zaNe&mOkp5E$QbguuVrgMG0RWV6c$jmiDe~(*OVHRKjWf|0Jj|)a4xi+DW#*U*!5d* zewmIB3%d7~TPQ@FseSljo!8bvvbDrchke;CB#`Bua=;fKm--+-U%QNGQI+Ku_4-x} z$Q|-EAT!zVbeAW0N)0Cw>ekMx%NFRk(ekf*FaHr!2J)?ut*PcWY2|KlGGcJ08)1A1 z{DgvB!?Ct=%T;$_*pPrKR$~a|+jgFQNQ%Ns>@FvkqY#8#!{}$hHgC?g022T-%)#u< zvzt{oM09hSNdvE%>#S(PHwRacW`9Dv|~C7KX1~* z=LeDEijf#H7h)QTDIzK>1E2bG>J)o!mw(!iK|vl4QnB}gN|N8}!R%DLC8K__BJKR_^|6vBT8fkc zBA5=s*Z!|sua(%qfN?rUrTQ=}e9%_(v#slCQt4nIC7^?c)Ul&~OUEhq_v}&?=Y(%y z1XjwB>pl*n?AH>K^tL>jwg)N|oU74YIn{xuY3r7v>|IiTsK1A;!Q39C7}?3H-w&O# zXjKslxo;D7UUZ)~@*+DyPo!w|JB+w^Mpj8xu z_>@MoNoiQM&TJ!2g(fPkG#?X&(WUH-i>`NM z_U6v)$sQkE{e$YQxrq&BRz?k^DELAPpOVyT&D&{rS}QDAL>}X_T+W(93j-MlO*WM< z2$Mn+sXE{6xED3Dc9r3mR*U1Zg)CH!Oofo0jNdRB9LEAK;@g-P)8l%1-h^LT{)+UL z)VH=iXY+hquW(`AG%jC$nF!t^I#D(Ej9|nNM5SD0qT&a3YEtKliG_7%+AoJY0zTx% z2Bjf=B~0{wG4=}G2sTB()-3JppblH}@ic2TSUIcT&cq@#r{c;w-GU+oNRU(etda+d zQ`}+<YTOrYHwaUZTjBblU2 zi;{>sl8?a<(VL036dj>N1007V$#Vc;XdXuPF&0&dMx2a=gu8i2Id!~Ymfnyn`~;#Z znDIe{&B2L+|M}Dy{Vj_`W#1f10ww{{9uXc4yvRl$_D1|b@_Je{YQ^_@gV`*p)d2VHxQmIwrVr{<4;<1l2j&&k~I~oUl+6H_b}3vQvsn za=ue@CZ(5huc_gET9Xxcu#6?NB!@bLQwA`Mw8pqWQ$+LMvH-((XH%<1?wVKadigi; zm}^AD^j=6#%r_Ov^&XcbLHdfcnBA%GukKTjD-85MP{k(Z z1r>$e9tUg;*!^(aJDX+CRFEq&V&D#LM~++A%SV#vYPSG{o1SM{T>?s<)U=;n%%~3Z ziNrW9F>nq#PQ=s~xjAx~-vLOJXs~OSaa{(=LRA7BxVDAFqLKn{+&inYFJpR(`);l) zFn&aVwh?D*l5LpOIHVl*lxGW`Ba0;Gtxkn24v)157h+>fNoq~ss2CptfOd1(X5!EK1g~M*0dJ%xHur5f^ z37eBED$e02xAj_)YmqR15Z>*n!5`Sk1H9ngta9^iW=(M3nByR~xiLm`)3+^K$7rG! zeWpU9UU+zGE>2Ml^0X@M>^k2hMas;P7_5MMqM6}pU3}&RpJ3E)GAT<8)Zs9ndW8g+ z@Vp8=0@@@Qly}@_Ob|q+s2(Sou%e+v6#fa4a|=Q*e}OzlL}8L5t70n zozu=rR5YPLicnF8M0K8l2j+`3i#TRsU3OnvGI)&^uXVhQ%5293$p6d_$~!nI<23Cr zHyO%gN7gjBwai}-0UM!z>mk@_ogk6&yo4I?sTSi4TXp8F@UwbPogWB8e;=laRy6hc za@cV0iD@<&GHs2LTKrHy!PzHg?V5=d_AN!NQ?HTZ&WlqvkQM34s=I+UH*gbt^=cdi z;^7rlU6P_#fz}w-omkFSYwgA76ok{=YVuPDoL5mB*@S&H~SCovQA*Wrk%_5@n z+H;PNR78Pp_*z>Ym*eT?L!{~C$*&S`a&}a`4Y^v6xY}3jF6cd}ABIV>tCSGwwVwQs@B^imI3@|bb%=<8 zy(ik4MX)sm`4NQc&A9Uu?rzimq(mmEQ#b#)FV>6H4a(omgNo!lrA`Hr&q zz7`#9suyQBn=}w5vqwKOqlb9xh0n?E!h+c1EO<6ax85{o#`n{w*~hNduYmFX#C%6` zm*8RVaf13i06fOUM%KfwT*Q(1@Oq<`RTGY)r5{q3tVxS$Fh!J5@5M>M_pcC}^g-aM zBwNPiG7EBRd^ik+sO?DXMLirDN32lKrjjg4sVZ$uu2WG(Gj_Unan&_jKMsx``GV9@ z*WE)5b0gL}Zi^dX6sM{&AXM3t&opsEd(YMNaQH*zG>>a>J6&tEX~ZoaF({Qy>hrUe zZYkAQz&UoM83@&7;ELbEM}}|21@tu}m<_OO?mH9v)`Wxps3jMSF+l%8!1CgP{C=T7 zYCA>oNx)&@Z%DN9QM`jf2ESXt#u(_NrAwHru39&kHqqb` z`K(GF!MdAIl&*ubH-4h%nm`v#C~DjqK=2m1oxYFLPXfXyf~qWVXIi7+9>Y`~kU!M% z&j@}tW6q0y%O3HpHH#ha*i<-rffB3`Nmr515)iStbaOi;Gmo$OJ{D31wi!^N}I*7f?xGF?TbbH+$IZE)pu?bye}s5JLLRqBXw^ zH`>;U|8rWrG|P;X^M}B&J}SmHRPV^hYdx*%W&;UE+LQrzk4-27N!U+tF;E{tzfFzs zB8WCUL?Bv9`G!9C z463)ewZw31g`e~qNW(xvjVQ&lc){E*!MBU^xM7y-bh`Xq6BGs~`RI@EJ;$6ehpY}f zudOreYKKM?CU6U9>Hw5UEpI|~t%okDGf+2}8QI>Ai20U`c5yhO>HY*)4iESdx02)(;O>mFRsn^3uQy#{1jI}PVdEVWTG3NcaH=`iG|LSGiDU8fIY0Y`f z4YqUY!$_%!Y7RK+D^bF&A-9rqbJcmXH-PkjOr{2mWdU#_l6DfndBJ>gbF5*@)p>5O zZDj{ogq}%daSizULPZlTp6com1rI+w9oDsE#l5TVSui5oSCD%JXgE7Z#UPFaTr+jv zkT4<4P|pi+Td!~33&U`stX$j`-Xs#16U8p#lZ)+smnXl$ z5WkCO4SSnz90A=Nx;(>ih_?}$k6~}kq#^m4*HSawvERTn^6`-Spl$ObC7227@<)s;}4S_>)!YHXMI0VEaAzLoWa$_3yz{PX5Ng(#&!p)zlb zcu+;<8+Nye=Zs+R4zURt%QG1U9veCCNm#WJ5=itN68C@NS)aNsCQ#j@IWEbM|Xx@cek6Faf(G>iz=_W;2l zG_rTJ@*H^CyTEmK#&b4X zs!|vM;y|AurJ|iO<9Xpx7`w!pZnn*>+P-oA6Wr-TtIejwHQoktzlZfT8 z9v&w!3rbENVO^c)?n(e&^5zfA#!2PaNalzI(sy} z+XRjw6}0|S(e*4Y0a&qoHjt3sojs;$b&6V5^6^ z+A9`VONg0lP4s?C><)?>%qT@Bx8QgVN;vq=lp4WOG>~c|BRDUzLb&^42XfqeiEa6* zRM55+0KF5-icA)aHPLkc*IWP%>iL|d4QAR#{r$f5!Q`vM9cfKUp>mQ*CUO^?huN20 zq1T{qsXDQy1~gEF+vg8F--2m2G1(Ocz7R0C)eZgdjtZuji2JaQT}#yR4MZ`78j)fr z`>*LmXw4Wc0LweQ9KVZ@Ah}*WsQJcR$5^32x8tH3M0IJu^)%bo@Y&Aw7)$Cs7Rruk zZE}fc6Z)in=SdMdNHUK%kk6sQGH?>i?W@#=Aihh_8S1~pV(x1SS&`pQN6bfUNHs`U za}+prG?6MQ2<#;=?}+h#`ESoo8e-FYTMhLtAGt3koo2VNAgvY&3!QWC&3C0*y?CaX3||1F#@i zoZKzp$JFy+_2oD-9f_mD8Cprs?XEJ^h&c8b?^&>QU?K_CgA6)wlEA06I$y=J4drC! zrt!3C7>$CybE0(=`x20&q$n@0)HYQXoxm$1kQE0g7-iv&>%4-PEH!+Vy-q#F*=XR~ z7EJo6Ixww&TBN>2O2r%Q9|5rfBR7eWZy@q{Fy@+pE6Z_StpGfNR65|UA_V5Dw@5wp z(~B@u8gav3D7l&o$ET#H>rA;Bjf&|T_aGhv_|HJO$=JiMM9%1t2EUSug*~U!z?jXP zQWj^|c6VgH)>gL~aJ2?yCo~S=)s$iP4*ohF6|!|8d?&miuLr<#VQ1Q@HcaW?=TWAp z+VcduPVOFwlM2j+xIXHi)D5hvzE0)a1$IpiEUVPM0ML$yG%~yl=HPtn7iEJ?stp!4>Xlf(sG7iwAHqipQ{4Z1IO|yqvH4 zE~^9864SE7G|rgo16D05=96Yh1r9d8bw|e=2v(S5_h!h)m;@_WfL#Wh;#vO}=cXb7 zWK|5c?phS$69IpMVwMwPx4G<*6@>Qfu>bIL4*)TmK#1pWKzl0Wr zi!M>is@C)s%&?r!kN7HWqWn}Esnp?=X(Nu3=mrzgq0+FdU`0oVVs~aQ-_hZ7EN(fD zn{L@XiFskUwl>HGRN!b`X-B#vory*Cex>B+G{|hgrb|K>XTHWp5K5E1YPJZg=ZJeF zHTIrTHHQFFxJQRI(2*6sRx^3P@y(d08&)U0U)psBIU2@b42`x#C$;xX(Fj9qr%F%t z@B(TzvJ(*)2Rd_i9`9<=JJs^Dp z9~D32ja+Z2?fBft#yGj&i2KU{cW)ESV)M{B_X$FYqYczaIkX+>b3%bPv0S_5gGdSw z8f-@+F3x7Ee?;H}Guujvxapek%Qgbe+#3SsyljC|WdXrld;#L6n$s+6u~B$Za1}W>X*aEO~7BKZ- zamL^z9!3@#@ zMoG=yvbjDmvjKqMj*1WgNp9qSyd8Bb;h2lh>XRDiP~&0LNhPz3m(53$xJ3{563I{& z7qBIi3q+_Ua!8a(j3>5%G6YxlDSC`$fCW4 z8cP^~NJpbRpo#eIjxbF@f5g4Lly=+;Yq((O=^qAO72W3|6Y4aZEgbX2QV^V|dsF~3 z&WNjrt)ES_l~7!Z=RFP+%*YHCN^mh2w8%B@g4sBr(=~>m zR+!XKyF&er4o-fPIl2pq!T$j?ga--T} zXl34{vr*$hhtd|ieHJjp@J_DyrAgbJ&+nsrZ$lp7E?=@)BM zhM{!RzpjaG0$+Wz+&sOJN&lZq)>{p@BUUTZg+DDj$VHW5gLC7Uqg|vR;JsC?Id?6A z%@Cu$lHxBo82Bjk+@hDjm5N%oK`k;)VEvV#RC)CfG<wd#)nn2jbvY8{2ejcvs4s)sjjuc0%pbslCsDNq z{)-Z>ZXBWX{^9z-wM*1M`VyOE%+Pl3STZ3$s1zXzjwJ%>OGN@~MiOr6O9r9J-=~J; z@5x&`%iqJcIg@(yAx*eDQ&B2#8g3_Py@flgpyHRYHbMOr)rn;B#mT%)VXW8( z>lvC?YlNUk>8-tpcoRKB!G(h>2r7blM}G3vnsH3=>0jglD^W=nC=fJoo5j;clo1`S zfv%T84QE#T;IUiqprCUa-Lgepo|8#2ODQ}&y*gB(_xL^Depk5IOhme<3H-A_-Lz)FKyf z&b^eb`_3%iJwvzKk*1T&T>Ul$%!Xu{Jd`rUj;)K6Cu}W&5nsQjfE_#F-eB}MQ~zx% z&Ond-jE+2AqJ8BGFGrhE3>IN8c!B;57BwEW2R`BHnjvRi>ftoOOlia3QJxnu0Ot|B zBJ)5k_9k)r%H6>J!*&Vfh_gC6<0On%#rNS01{r4~$bB5t13u48;JelEp_m)`+32}v zb~U>{8uD~W{?eI zQ7Ea-@1)5-L}_m|{p%L3VZ^4o`cRa@^=1^wKE*exi9jy18`c#0)gV=1&X-HMswNr| z=zx8>n1BLn2$BAJnt!NT-ne9VQjX{|ZKt|5uv7ldN!mu&I(XWP2_k{^dL6ET>Kt-5 z!=H=u9ZS^X;X}Cz62=Z$ANhlY~l9VGHe@n(QDnf@t_Zo-bQ~X{Y}rd}%_I zZcx*93n1E?b@A&-xqjZZb1C@XoA-Imp@U57#F&PuLOIL;Hn9}mPx3^Gb{dk0QY!pn zcPlin!h0t+DNd0C>#$uf)Yq`N(WdzwYqDk4Rl7aVBCu6PzQ6$b^>lw9vF)tdWAV~i zXK1K2N~?p=tNMGJ&ViJqeRL@-G7cWZmI3dD)DeM;l@XlC?_!$fJ?iF8HrUetbn>X#4I-qs=M}b?|t~Vg>)5waDS^EM`kfnLnu>0D3jL>^mRFo0fPoEE-z`N) zFH|;|(^p^egyR$m!`CdcG8m0jG<-SPrl6uG7+aQb>G+*x>K>N)Vh}d8)e-A28qB%D zu@@JD`(!8x^bH9F{0nw_R)9iG;t1%2Ke+j~(C|>p0oH@w!Obb53}vcz3xbiS;#ROg zn|Y$eBubHUYlkPzA`)94IIa^Y(cx5gob=P}a|W8rz~UX-q3( zH5~Z0&{}h~E#e{(Eykuy0R=H_mPra&bAy35&Xk_K`Qk)nmHw(=R(cdVA} zSMF2{tz+ynKV!RX#qW3KD_1NEKjBi9`;&D3Dqhi2iU<2U`QTSVuy^mN3u=tVMrDi|{gS*siDB2NqzJnM+~yp39;u>i+VB>a&HfvEw;_{0U_nq{iM~Z zG8OK{ydt$J78brzOOmfGqoJSe=cpoF_)D?XN}|AZ`R13jFyP8?aWl0`bGhP zq$yB5pJLL*o1+>v&;jPwiD1WVGu4(nu3fdr%Ppi!yl!`^e;?BBYS=z&diUjUa@+WMB`*`LWKaw3%L4br0Q}rtp30b^9hkdPxDI> z7Yj%Hq!&bOC&k2Hn%e>UBFAgbG1~x^7g{u|HUW{*lvhzA(B1$ZtXF`uQGc1ie7TaA z3p!I0xg-r6Z-*E?%wNr*@nBUr_+ow#{@mvAd4c=6Slx-<4`3yn2y=`k{a~t$j4Qq-WQAU87h9CV*VW5|Rtsv)BL@^($MrHR^+l!YUZ6c}W*;u;nsRnc; zZXRs3!~th3@4L*VI(B7i*?iOn#p2*l1H}&0-I~l-NL|eByMYZK6=&bW$s_)6jV5y= z0H0O>y-c$V^a^pm6#ea|ZI-ry3m=?Sy>!Dq{7&%NNjNcQ!5%}YbH$+Te0}R7i4^ZHwB?anw zP*?vpOAw5(|DZ~?!sbFqcDBb`%Bdv<71jA`<}~Sle(;sBV!GF%YDxD;E&Ff25*~de z{96B^dM1gTurU#Th@I&PnIx1G`brQQOg2rN`AT?MSTvC})s*<&eCAc0 z?>>c2u7AkNgrW#c#7M^B6r&nBFmo?56_?f|j}JLEvdp1AFV>G5@vLJLrr17_nG=#w zT?ui>9n*#=H8=R;?G>eH?reKcCFyXW_`~!`&=kSdChRuqSBv0`0Ks8BM8}{)T*d!&{c#BL?7D@Yi zlY?vxbZJL2##GCw8Zg}6^Gy*K@yY1Mk&T0uClw{JA| zPVU6Up}rZ{Lu;4++k4@_?t78%CMt>Mt=|)-u5TTgGL2h!rt(&1xAA?Kx*3u3$}cxR z|J41s{La50-VI8(-1*~5R?%lEF(3oXnVa`W->!u$YWlhWK zmn(PZFF)77-GBVxk9+G2rnIffgR1kd8O<*QjwFBgi5A>1-lkKm;RbT$_pfxj-Pn;?TLnCbI)}mu7)BNv`6su@GR@4dH^8gcwLw>8>9a;L6bKE2WW< zV)z_zb@Ocbo~%B`#RY!sWfG#4wnQCdLsdiR)OOB<+stUtxZr&hBdl}*ymnZn5Qh@I zHljEyaCNFtzXDIC_2aSC^D@?DY0G3R0ANM?hShmiHVR}Dl&KG zw33s8RY!?PIcOuq2Imb7w}B2ep*2`Y3%=f}WLhfBd~Dyqic|#IHgNIz$2ji~ABDe5 z_%V{z9IMLaB92FF_M~zvXFK*AE6#t^1q+Nq1}@P z@)B~TWo)gO^YhsJ^~-~D!>M$|uN|)kK*aTY*>TlYofcu!y5qV;lH1OF|Ihs2S9D({ zG$}6o&Mfv#cl&blZuOwUq_W(O9(Xh2c-Z6=lEBGBdKt1bx-_X zUkQi45)|s5qlpe53WF2dt*RAj{!?oOYxXY-Y=~U#Y_Rrd{`1vWo^bgg%rjr+ocTDD z-g}ZA_Ivfj#8<*iayx&*Pj}IyA>(go^EOj|3%iT&RzR(EozkopUb3E{KJ7I&ckvdL zd^zIVUwmioug}Z=yb%8>+k+P{_m-+ou@kgJ;?QYY>&J}aAL`n|Ml2K8x&1>*US#Tv6W@3K zUij+WQw5WpmZ7{HXEaX2CcJo;!8JzqagS4CqejmevmTr1di-1c_Scwbho~@w4wU+`n>pB4O!(Z}V3KkseHqIJowF6`N9Gxq7= zMYAs}{4vD@H@#<@w=c6r@%%w&C*wEioq9r{aAarQdY{MPhZ@D9RpNKY6DoF46GwF) zY<{=R{8rV9nV9>L6M5TzudiK4v-nu?=Z*U4gCYM42Gi6RtpnG7MPph1zpbw&KOC-{ zx*T2Qa7w-7&WEXO=~gqfXN;8}HcegpH~rzX!H#){!eW1KT36vle4`Uy@Z)ihsluGR zO;a~~o?M(Lsis9u_YbZg09$&aEfh z${4ThFW9!v8U65;@G#4_X=?hrnWVkaKFfQD4>x@>0|F&vovMs__q4j>?exJgeqr@z zuRr^%X%S>y(zkskXa%d#jsiup0JH@`(x-t0mDOP9ekZ-_qfv(iF z+eCRumlRX&F0-6-{qBz`E9zE~gW}ROSG2#lR_bzS)zdjqhuR-D7wK^Sa*qyk#Izx^ z^2tDggG_1UF;9Q-JI_dy6W?tiJXYSjETRp{%G@QEyEcCQTR-(*7Z3L+QuF6SV&Rvq zJNs{utBS83{-G=Wy9a;O2#z#*-@k5tiu`Vl3FndW($kPX1hdC2YL3O;-7&W+^^iHa zvU&ch*m{9QlvQ}|PMd8;Hm4Sz*`u_1@y`d#vwyeei2aza4?igAiP-eH&0;9!C)WpS zW5?4^+_#+iYw!R5w`bsO7-eLClT*usT8~Qsw))FY?oB;HVy`@Rq*&+D!*1hqS0YBu zQ>QH77^ix@$T)iFpC4AGeKeWhxi{q8_p$xQAKCw7zLIy|TYgwg_ud7|H7i(_q{<&c z|2~oaV&-MW#jLK^y`i%QhC8Y{UljcAtkl(A_krS*_fu>9v$Lmkr`Hr@&RV)p>+$|HzgghoiJEV8j~KmI+CbBppaCFhaR%&p6I)%4mXy}7$WDpJ_AXX7nCHx-?`Z+`oB z%5WpUEH(H^q<2aFjkYFH@a=tJpGO@3{!q`mLh~&Cp**CAufNcA>GmntA;DPZvF%B7 zH?;nI>|;;&m59W%SJ=}~4Gg9EQ!1usUzUMV+Lh8=rav|W;y7ZCL<vuK^UjP4Ai7~^fx-QHS?+>)@J(+q;9X0}lqW#Wds(r9GH5p3? zDdx~{>?>L4)B8YiTA<2|K-6e)BuX^0{9VhDCgEhpAWAIEi*&QWD%78yNqN0zL9RhG zo_q^?%hseE8i6zt+yyn2W)RRS<8nax1ms0Uu1V=Q0t2L}Ztz_N7-Y)t|JcMZCo3v2 zNR$)y2Rmcs;fCEvLz`|URtbRvLvfh~$^=h*Y?uFMf4B%w5^1UO!Y6`omFrYW84zq? zV{b)oiu+*vV9r{bUS!b*1iF~*6Vc7-mSc&!T}F%JLsj&w8&c`^$66sFSU=x{SpQL@ z$>tZCGilki$XoJnk}B5`{GY4VwqSQf6_AB+nnELZ|4J#sjH4j;tO~qx5{Pn{tQ&&~ z@*So=#O#o_$X?`bz+1?_?mD{luam$s1uOC|z}7iSp3!@f=j3#|`T1nC$7+{Vv(A)o z+&jc#f(k^n0o#7_%Q&@WNx`joJ}^M?kIu6v)4`O$<

c?GjIj1HxvH2aeuwwo)3*(rS8B^010qW=%WW zLPGblN#*z#IIhE198HPJJvab=eda5rWEk%pOUXT(puRb^Hvjx88tG^s22Ev9#J6@Y zdbLKk%XjLJzY85cKA7aay5w-o;p6hbL?!;vqEj8OyKN%x`B%cYNA=q?Jx$-xz2m;S z?=Z38x3Ttvg_BFKEZtZ6u6piQLeG}#UkO~_>G|!q&wnMTac43d&V$8)CMvG5(xC&^$ZMrS^ZGAhq3AtEMYZNBKwpLPhsUnbtO=}f=7I{o41RV(K$QmAiovDr8vjhDu+5sid6 z^xK?j%=+`eg&!>zZuw`$^(%+$AMTO%dEHL?O7K1M>DBwpmgu@k2?{RFx8 zOFqYv-!snJ{k}x&N@wQG-s*|msl8tb%QH*cXXwTgJ5r*Cg2%djCrF1djZOSFc;1v{ zCw{>?38m?^og<`a<6iDp!aaMth0tgvo>R4l>g|<}rbtawrs^|yB{RGJej99WnOM=( zI(bJlBnMWQ@ysLApa(_) zx~ue8UE%cpwN{X3pVznD`-hjF31tOV3FMek_E*C9Nnhg29O|wCp}M2_kMoY(-)1zUtIGvW_|fDH>!^P%G>s$zuPpO`=&InjXB;W`1qBOPQUnS)zOIX+#X5a zp6Zn`I{d`gl8{yZ=8nuCc=Rhh{*QjwYgfWQtgl}3$3csOBv-qzr?)Z^)wx-_tQYmz zTgnr!*?Ar+{d1G+GL1iOGE*aGjF0|4MXKJrfARTmpJ#qr%(UI-f6MsF>;%isvwmqS zbcc8Uy(2jNc+T!Mq1V0=wq2NRn+SaO$#>*S^UyiVdsA^=3EAua|MGWa&5_UJUkN6^ zJIvhu5#8C9CF{4>I!*S+N5$he^WyIDG1qf18S84FFlO&@|26av;V;+96F+}{*vFQmu;>4(>KSy_Hrx~F-c-0Hn3Y7gV6T3THDUwBnRe)cIJuh{=k%Qmap z(G@3q>$P^J_@bw;??=P>wF#9yorcvtzo%cB;%=Bp-P>lnTN>+7zhPq8&&n^$acH?* zf0Ed-Lu6xxCw1hRzP&mgz;@5RnPC28`|Ta6pXbfE{@+D0y{+cBxG81Z+f#sk7Zc26L#n0oajinHkG5$o9_PH)|s@v z_Qv1Kqwc>d%1D&vWqr7``Ahwkz^!|B=!pNMJ~H{JefTJMb>-54c>l?x*0;Rf57PJ5 zb^U1jdH=fePYXJ>owO$0n?KiNW|y?R{_mSdXG{(+v#EVpXSC&EvY|!j(?u_58U{*8ipw?n>pHM_O9;D;+)U!M6+^4MBm z-_Gc^520QXckY+JcJA8x;bY`U?^0%4@G;Biv6hn3#y!nV7k>`2@Mos5Ej^|hr(gO! zZQk4N^dw#v`Vw}q@W&-vfRzPyDIDg9Oru_b@TuA81Z6Oea1?+uw0rQW~h$y3Ue-nVaPwQ*SAusD?&BVEWXk0yh2Du-;d^ zLmIOgo^|H;$##G#@^<}(;g@DfcIpT!(u1P1CR#e}-c@jHP@}ItiCsP^9c2V2S$ip_ zA7gmw3;OI}mK0T&YhuGtpbkbdG&eu40jvfFV&HaRTUed?+~3*UHxNoGrXqA!eJdz9 zmkl$TWs_K$V>$v0!s!}7Ko}zkDXKE(uHh{2KYU54vj3b0SZyrbz?h-En*|9_v)0rh zcy*2m2aDMRtB+~<^d^7yFKkRrQn`Z-3D@q@OC(y8$-If6L4a;93@2-&6V9i3lWI0W57W$p;yAXPO!9 z1D2crKd#<9tm$+6;te1~P>9u71sSyhsRLM|G6jen2r~qn8a+5x6WXd66$wJXD6|m) z4Nj3ELIPq%uniTh2x<{+3xt4R)uMtW#E6Ilknm@ZNg6r!M|Fa>Cx!I;L(^3oRg^oItYkBQbm};{wxMvg%ig0!uEf0O@Me6ZjmTN zp{FR*mkw|3q-cp@c@0>`fd-9A~Z> z2ZgEJNEh*%r{qi5TG?P%0Gz$uoB#yHr5DM!X64qD-RwH!Zr!FdcviCn#sdv9Sx>S@ev?Jzl%yGC#`QlhToeuufCJyKPbZ0sNg#TO|DZrW_oTpK4&BW}h zxC|uJvnh@U6pF;-|85z}ANw>btCqsd-3nhgx7iZ*{0GhcAj5UY~u_!HvrD`o{m(rpn6Jbq@NTv2IdF&yWU@Ttfq`!YSg^O!x=||E=;l=V> zd%pd@;(21vWKor@HpvdeQPiNF8aE8$O3?o}PbRc*$qZvD)LIEt5OT$1&YI0T-#R57+RO2Ja*k z$gIi#Xnp_hKcGIY?VmN|Q|ySZOSXGkeD9VEE{=)+O#tN|SSXG93depH_L`hQl{}u^ zQTXOll^l5_@gwQT`#*8n;Nc_-tA$T$FTAaoWEBqMn%c!UPbR@-`ax}xA0PTmId7tr;qR7VsE@_{`Qyq+@DX9P0F!5$6^na$h%rMNZjwm?>X60=;`^h*MjL^ z<$V@=^=-(=6>r*-^H&|4_Wo4(=33+UVC*+t#%ntIbN6j1^Bdhg|F^=_?}S}(^1PIn z*%g0LM&4H_{yJIk*`FTEFvQyzlri#j9Gk z^KaRBdbOebljrOPD-tVA-mV)zKDuclg*C40q;Pthgg;XJj~x;I^GZ;0A8xz^tZ__M zb=z%3RkP5jzGa1LBUfG+8@_GaUFgyvh_M*9x4S@IUNz7>8CdPs@fza#1*Gb<@qlL0aE{(P>$6GYO>0KT0t6OK*U&K}JNVwGnlh#5W^wnK@#B^FZ5Mqc zxy4>NXj_H#nNRiGdbcW&XkdB5PtoF&BGO);q-N&M{Q!JR!{ zKN~-;(b+w)W3KG<efL4g4SgObXN*cfTAac2hX zt^eBkO89SAk?!3(2zc|QJJoU|L^NdzS|)hnF5qQLFLcv$trpvZlB^OGaw0yI3ZD zHFu|tDQthO$b#LvRU-PJPD$o!10xk{j@aE-fAV)*t8xtBq{K4HZ8?lCvG=lHU<*zp zU2KnB88rbuNRaOWyr7xBoUFjqRkVf0M(h+o!Oq162+%N6=SY!X53|e)vb(ksj$aRC zC+Nafp(Frgh>i+_*$>)8kRQK^XDXZE2SlAWGdIZrN!qkHFK-mlU7`rA`5=XpFG1ud zj5DD5`R5UaA!Z<07I9vxBX#jX|8PBea`GNdHAT#s43rt8D)I%HNNV~L+^fw=13~8S zHOWKGXy!I3A?AP!4(Dlc*(C$yOM%g<8vOKQv7NmnP1_%?p~}^^V1L4J4AGI{7ix{aN( z40dPEJ|`&$K6ab27M4eu)wVKEfy&)Bw`zfzD?h+e{zsUvXY2?3MiAH(>d!0)x8B|Y z`iMYrLCn?I>JOjJF-x@hpztVp-jlmeQ-R6ovPhFSp_jBDdUumlK)pELGCs7Ti8N$boS=|Po4Ec-=c55_iKeu1kEFoGQs zM&*I`a#;#IHEkA1Y4Fen1l3s~+XBUi2K&_5Vl_GHJ(HKrb4NxLyv$q~vcs?`jdkNb zh-ST!^aFBy#vk8sLF7z_&{L=X6LJLeG%> zi%9W0rceHjC|n^!7hfN=UVYrP+YY|x9ck^N`v4-CIb$JTv899>#RbjN%?}o>#fAmf zbs&CHVi4evFy~z{gXi|41)5w!oEH{H$J7aOqZ@2wz~G_o{dQJYh~)YAVHUSoL$j+^ zj|Y7FzR&RepJfIAs3?0ad^u_fyX^C^;_0icdn2YDkd9M~7~lT=$?lWEd)hDgNb+Ca zy=&^$xm(iiQbLC8(nd4)_9j?uaGm-1kL_z1E!TZdkOwQ0=*Ldm;&`T{#|6$E^C_z+ z$kuy_LW8qYxE}Yu)lgby(GKQ)B-Q`_OB2nf(!}@wN|S7&H2JIedExyJSxY9DyRb$I zuDuOK9YS2MPd<_y{+sSo)o^Gggr9f9j!*yL2W@ODq@T#P(L?9Z!+)wxCS8R0$53}{ zL@A;&c0%D~w|MfCJ89FgXYYJE|2NhRek++|J#oP`-)mCyaPkGpk;#lZA4z}pPj(6W z8h(Z@-Y)h^s5o^2)|E`T}ZPah-@Ne3s;Jx{#T3ECAXmeNa zWR-T4LEqo>{8fEvhF`ZYD;QhnMBF(&+{;a$F?VcB^^(MDpXWRG-kMu=HD%%IXD(xX zu&Pt;)I4o3I%;fzn{~k3CF9ga{^j>#VN&b(1MltAK14>d+a3pxA3x|4H)=I$uz%a~ zUy}ds;x>0xPgV`~{T?}`e~Nfb_uk8lsqV|O!WaJOo`2}SvyER34zZNRaCV%KU zv;Qp{o}-;u)HaF#YWROLoOUpBc;`FcKwcBR+@Zuo(^f>hLa#Ea z`(xJ)v`z+Yh#b{_B>ml(X!*agX21>grdCk#m*&tclpO!Bo|ZD9yW>6Q|MQ=OoM#@B zUnE;B{Y?0Jh#_R+(_Q26h9|JbUHyHt^9K#SdZTUa_DvI0+wJZSLJ+=%DxRodz8{Ae zapDSP)6ay)GYjvX@vO&ReVFlBW57bq{r*_9N+d3U_$HhYr&L-K5_Q z;l!b3cr!2hZSEDj?%%)LH_g)TerOS;D`R}oojPF+p>h41bY;W3mJ}|2Ak@kGf0v*@ zcq;sB-OYkhT`c(pFPbv*QRt%Y|8pbrDkJ^HgNj3p$oAjdPL197U2y-!=QT&y^wc__ z<1O!?W+n?-#&r!o%2>Bp_Q3tmx_;X$6gS3yBqdu7?aKeQDTVQM<(bG@_PbLDBQ@2+ z*AIKY*&8~uq8-oeMf?}mKWnR6N7BRAF$9t^yke2SC2tMJ8cl~i(z>tVxP z-o1Wwu<;fuxrQFRpc@tVn4YdaK5NqdfNK7U9d~JiPFxc*C2G zW>UuTQiSJy-I{7&?)F_j88m8qYcM%{q4{t&WCxFmvq2L}t_nTPoxU4nKA^r{B>uZc z;&U%YMRqD*wh=Ku613+*$ropo4iGEJFcw-JfIS>*V7iVfQ<8ijD3NaEwNrf-@o6%R zi729uTt+Sj{(vv0iC;7#ag{gKjR|A{nZFA1$6gBkxsUQeHGtY+{FE-BAMdzIS6!i5 ze}-y-pVy*--3zE+QxAA@kz=ap4>JP3mpKfQ)J9JuWEF~@nH)|mS@a`o5YB1j2P3wk zKhWGRR*8s%1`f^ic~AZk@-3Rz0c6MIs%PJ&TR9^O#+kk?OIhcI{fvzX7j6tUM#GsF zJ0jQMFM);F;#r7uQ5w*k)M#t$QRsrW3`Xyz*#u6mGye!8_m~nUcETrksr$g;O6Fr( zfxkNZ_6@VJ7J~8_6m6{vx9&PS4Jh?!Bw@>coFR2Cg8DM5rVL6g_<%Rnz4cPh;BEzb zW%S|vU8sw&;a;Hsoow09>X62?OT1f|d$2C(-%$e-bXBlvnl6x-Z@Tt_Z$~ihcr%^c zvBn1d<6<~$;O4acpuGqgogpmXnHyD<$@CyNV1FfmvoH-s5;9tw%I5o956h%p(YDGu zT)RcmSz8cxO)JSeu^PcVEsxVWq+dRs{~UXg)YZ8e?8hgB9L|ZOF1z%(@dbM6+*gP> zMKaLP;;q;V&|w9sKlnn4%dR$AeB(l!OW#GCv4i!EfK6t`%k=$z&s*-xRd7i)F|_W; zsB2POxX>1zvQL?AiMj}x?AIa%2H}A}ZIB(e5x0JnKo!*wJh-1= zR7EK#RzI+BmR2kYuq-1XNP)%i$;}v4Y?atxj`vh8_Cu}5m9;6Sy1_7+P;^R69Vk#z z?qT|eCDO12fg65_2^hRuZH2KI!OS*@iW+ZpcAAS6K)(qd9jCQ&pANfBiLjE2i6+@U$QWxHn+56}Vsd;W$9I+=9V`WGmU*iO z^D+m*7o>$Y(^KDV5>MJl!rJZF*D}w0l|0?!ezZ9%*}!T3^_uyU{h_s4@9ynL=ibuV zOno!;jn~$iS6y?jEa{x~gE~k)#nbcO4L%R=d^q;va`gRHZpYT?c_Xv_%}t(nahxC9 zKF5ws*|}kK$j60#e^KBszi%Gvd_o_u{pm-=p@<`QilbYt-Cwo8HoG=H1t<0f;g2_5 zEjLVimwbmZA*~*(H9S~AUNGhzLLLbCvT`DR{L<{VJAZuioHxtp&1xa%+R?hu4HY*v zU!P7i{^R+R!HjXE;*MKi1SFJhfK-N_wVfio;&eFFIlngJ+ATbNC$(< zT^YWE>KDS2Z=>(N$dbKGz83xK(WJ{E+jsxZ<}=1dU%XsG~)1Iq0i8{7fWV7^HZnX-o5zevc0e0ZJzo20n&7fMUi_r$-apZvDK zuD!vhC%(4X12YgeoV)e9M#0 z9$IU)dbUTXB46KoXsz#}zi8b%e^8iA^t5t@ZnRDssGf{Rwf~#S01U` z{nxF*Z={-^B3Qz=!aDkR_`s|+wMWZe&)+ch?B<_;)lU6LO3F;xbUgmA^(X%d{^I3H z!Q}pST)q~E{Jkj3WNAy%8A-g|Vf=0n_{@ImD3Ra4HplYT_2{X*byG9iTq>?Nzu+YA zG)+HVHfe`@e@gu~=YHMB4yjT1FIm!C``pEi@`82bo5Ajm`dJhs;R z?7}};A8d<rT)%b8kZD;y73*Nc=Dw3kh4%dItGc?#zXc=jq_wU}gli&ON zdCvEga@?|`_V<70Qcm9+FWiqg<}YiOgmxWrnSSE2cIM1i>-M!8+`iw7_we37pVv}R zUfCyRv|XI6+WMr<);Tw|on2p$9;~9=pA}Vk{m}mJlY5%KYQD5|4f!J}Raobd<4V$Z z)v%tk##3E{x?X5nKQH!~8@H>jGw$kr;kI3il!{0am*OPtoiqgCP zw(y-hub|@uF?fv|JZ|)&vvkXqzn=vsb02)~dH;_KKl^!f)!6>}moDZf_iC@+y?Z(> zZhd|{s6BhpZvFI^$RU(ESA5l=wv8G1b29M0udY$3U$9;XrS9bcHBNr5@B}oUE+xonT+q=D|cc|F)?5xk2 ze{OJle)a3vuM&SMx7vN?oEM6+-u>C#jrO|OIX8aJG+Ji6-D7g}ov%;8ckIT4QIaEV z-8X!?s+`vp2&H>#v!i~?`pVC#z53!!)2{Sg`|1k%zA_jex+W=#NUy4Qw4J*A4zrJj}%-MocOxHRlT6Y+t(-W zbkYB7`OH1&Bh-Z*s29%t^qfGaqDOMJWk-FJ6g%KP>l zuWBiuu)@6kdJX0GK6}|$+Tr_}i~r5^_0Ik`{Cro++2Uc&_uYl>&&?VC_PFGBic_Gy zc4lGmB8sZD=q*dU@i{M|wm<0Dcw^*4*J-ie44;|!si4NgZqnc*iR3Np+Saw(w#V z@QPUYOT=%utm3n-B+`$lct`6BP~*{$U=I#FiX!o{&a+p@zQ>I!JQNL6x)pY3 zi5-hEd^@%yb%1SqrzrDB!O@f4?#Y={ZcYJ(QP5gxz~DJ!%u)xLCIN{+Vjhqc@JeM| zKuA!KMLPcOIuo%u;GRELf5rrp5Zey9DzYZ%Ao!C6PT3X3F*H9!;aF(cD%}vr)P%&g|GLK3H-KBg=kC+?gOpi*|{(#L8f2^W2 zXzs(8NPYeO(b9-`gfiZ>PEuQAAOu8UfQjT{$@G|ZkvhA40e{Vw6;lQp9l;uGLBcqu zW;-qGqe%>af8Awj>mKPBrWzf7qBA4$(iiho8v3~g4)FbIDQT!Ey% zQM2Yp!$ka(2(X(=q}}b38ge;knQ->8neI?JZEs3}y=R1*k0M?h?3^s1DPsO}j1}iB z|6^5_UfJ39YAq2&XbO4nm!N-ql)2T6SAll1ym)Lx;ni>@DqO6;?N`W)+Z9DQ#ifVT z;@!wVOm|O;#64_t=2H@VOnWC7IROsCScou|(?(UP(MOzcjW<7FT?t>H@}6^;id zxY)Tn`wFp!SHi6aL+(U3?r$M=s#IFvK8|AH13fa0RHG)NkR%fF#F6+t!0E;U18g6t<0kv`wX-Dp8w6z$ZtIBB|<<^>VFnN(+K#ModV36`tjc8tHn|arflhyL41LQvRd0wZm_4(dN8;R z9MIJ2>4UmJumh9u$uijU03^%Xiq`@)MPR&#;nqklcX(#o0s8UbTiS2m}@89{6|V<~<#Dg|mC7!Np#0LpXM_=cG3 z!qyqxZh(&gJ^@W$l=~3*FIVmm>Y+8T#o7TmbtAnp*$u@DAJrdkSFK)&l-&qdNu z{gkAx!$MDgDbMsO0w;U2xUacEen_>fp}uykLvUtJ&!szvg~F>adsTH5SEf1w+XG(A zw*VND5mdI%y+?#~Y9ob%wgbowBmiNRndV`Gd^Ipoqj(pVS>?RrI+YVlRoF}XFm|w~ zzUASRhw^m1RVoj%?iTyE0gF_0@dP;rDJEHMz&Nfa4KV=f{9DsOwKZsr_OtYm;8l)UwM7IB3oDMo*`6kkGX-}uirhiJRl_roNe`F+B;)YDG5S9% zXj;~;Qu={na9H!YL`{js*XZeIjR0SV^wDCEWYB&lVoYxh1%;Vohi;6$*70|Sxsh+V z(K8Q4$%7eV(Q4uGB@QJvy;y~Q6_~*es-f||I*bqbGsI0d9FR}uVrL;}Ye9aa!}|+2 zz?WeoeU!HT0)iy?&*=MXj?)@Lok3AX7$XTr+aR7;5Zwy?;QFmd&r|`r3|N&*3gUDK zLiM>|Pp_3~Z4EFPmwz3w^;Cd8y)Yuio1>*6rb_{>A01VDlqyQ=JgtyTZ#_H8f|rB%vst;K&(8w?SL7Eox}@eqZo*}+ZbOBrJ@C%eHw zw3Y<^`65ycd`xbET$?**I*?IJK*bEV^4rfaxS-N`wQLc44uV?EFvoNz)d1u|>SqlY zP?gze6K~7k@R7cuGL!^3bc^Sela|J_z5{s0-mtA(<_pg+fk5KDW}s<2E7oAv0QijC7zFL!xFBM@nHx*jw%c zgmnbNv@}V--XBr7#8MsyoG=LyfY;@iF#2I^X+5mawL=_}8-QvqKpB#bgK^S|%!%Or z4Z-kPmE}t{+i#<3aTd4e*i<|r!jHucaILoTZ!QPsg<>x?j`zX|59%jK=as1`%Hp!_ zL3w{ifpWU0Bwn3=G#=b-iT8e8P^6am5~Ep!JSm(6m@3NV*kgR|&}br_Ns`+*Bh&^y zD$}ds$oRnvaw%xldpZiMAd&_@aM?y@pwl2;GPIBU5~(v1hX`a^#GUE{+y%>;1-@3a zM@&LMv^NSc0rYqU*iso42>eM>gRyfWvfODG5`Q>I*e$+}pj!18K1#mWDyM)4R$=Zr zAmknIh@GhpQvs>Lc+|UPH7OB!^jE?WMSP*GXah_}w`gE-4ZDMthVaSHPoYPB%m> z(gauYMOXI5ha}J<3iRdeNCOWFKZ+6(tF3aUM=IVt4&uxr?Z*JBmGZ|eOnF};xfE$|IroyCo4yLL$>s#=!cfAA+Qr=Pqku6S zm&(CpaKd>Da-8-g_4w1lkb}CQ#M!I19vDV)qx1OSYSmH1wK2E=BS^zZN?dYaL6J>z zr&|CVVZ!eu!X>PjAt<|y=I1{?|4bTNA_;IbLKs6fc2-ku_3S6@SV?f!P^0+b)AYI_ z`gJ5_zxojFz$PKyz2@}c|-i&3qv5mQYLF$*w{5#NIihe--X7`as>%{ z`!T_-?WaZ0+CjadvY#lZ=`Ja4D?=jm*Bfy>SWwDse!PGn8h}|cd_z2B1O1`FMX79L zU6247=Lh>0-3{B1-oRcP3LF;Rb>XS8oyy#V;!JGOK0YH2L6KJntopf^YE7ZQ$_8(l zvdX*d1bWcqphBZqIHm1T0yT@q^FYvdjw#^q0aW&8GlYL+>~Rz$iS({Td}u*@5Iz>T#D&Z{F zHV_Dep36efEUljc-5L?ZNEiYtaEh51qPW2{TD<6(4t(&#!7`#ij87V5)i^Xc_k|$_ zjb@+=Ot}s##~cgb(W30>Y%uzE5X}}EhbDp5foa&49#Jj&5o9q@ppTs0tj<63NO*!p zt;wLCo9nH=;IM)Kvdk;R8j9o52Lbgi31MI z*r!PJ2nr*X(dwrR1jU`iN*NWSo0E9&1n2RCTg%x?#EH!u|JEAvtq2}XZk|@$#twdb zZhnC>AGiHnpHFFQ%r_`^qYuzk=Sf%`lK=RfxdXkX4CSRC)}|ZUMbFBOO0Cx*uLJ?x z+Moy;21z`mtb32Pgxgyr_cFMRCLk}H885(#RTKb5g0)(`Jjy@|`n%N2R;f0@v4C`; zup9=h6pYkP$yJ1O1JW8PFbM?X*+G`&g)pe5xRYOmcobz-9hf=CF%6enA!j3YmJ;Yn z(STz%C+G9b{X?J7@Q&b-=I9lh2;y>y*tr?E7fKf49ZAj7@ZjKM{>eOF7|9Bhbb}GK zBv^#<8M>)%68mko7&I&$?ZlC-t-dZw6N7oH=>Vqq8z>w8aBBr2YUahSV|< z#{s#R9V!YA+KSLV^OX!Ot2?9)h#+0?c<*u;S(VX1;1~d%3~aQP?v)X%wACjk!iChb z&O+oZ2?Y7wjx(o%5w~8Yj7F4=y3%+lU=nDZPM?2##^>It^rJ+#H}`1t|H>vIH{(grvf&wU~s? zCmcts1%B%|fy#~O?8eVYeHi~8BcYBYAbvP1K3Uh|mSt_zKOv z*g8S(n{O8~#quR!Qe66L15h!*Xt-Tjd@aNoXBE}TRPGB1Nu@?Gg?r;Te(b)iq_o&0cz6)q9s4#+bc1Kv3&6}rZ`mH68HRGO&_NRUgn z_c)>oi0C;tAMrfrh7fwIwhOTUo1aIDA1ZdtoSx7~PHX1;H1pARwe8K80`7(Rs}SMb z-G0$%P+`NRp2KALk!>!=j>vpI5uao9l3-~qA&b?}R+LxgFKF{(zGq?tK2 zL$S=jwuU=IpFSvMhuhD1xu2@c7(lCkY1L+~_erFEtob6;%(=far|0Z>!-MqPSvn?> zyeM_XUtz`d3nxp0lAT}kV6cxtI2P@~3hEKqsOhJ8v-U7(;YOu&k%xA5jtG=5i(q>G zh%5}hX9h|$KQK&1o$$pOZ7EQ$;36F;C=H16vlXAM!Tl(@vj z6x=x<;%Rjv4Uy5zo^-{qVzbd`3l?enh_i!*A1Mvl1lT*x6%0A|k^&l2zAOniNkEO4 z9+d5@alnczav-?!A%#48vpJQGx$H9jYrY?JgkgoxNEugNkKgrcL@;uVi$toHAmazk zDYVs-^r!0g!*Z2MK5#Ogsbhkq8xGzbrmI$ATQ!ox zCN|OFR!gbD6nQ}@-TL`pFam?k9ZHraPVU=7)&+U03sRHVTc$nB>ygxYAcB@|8=s|I zFROb%q+TEjOUCa@3%OGbw4|+4p0Y3hx1M9>u8dyAf`SqGZ9O3$XK5-zNMB3{Ll)05 zBXeSOk`W|fSgoCwR+Jep33TrtLFtoFjOKzUbctHZsFYfhCBWMA33xR7^;nq2-Hmh} zfXM^MZ)FotTks7{$@*3A z-DL$H)SV($hr-oJHGr%9I)UF&kjN6`3E<{tn0t||C{UN_ zq7%ki=w8-pm?>6LYpu-xH6i9r^>(d5iEdd6cQm7}=DRnd-J7W!E@XF1F^q{C90Lc;Z!Ty4@A5K{dj%Uc`83xHOML_mol(3?@b!#nD;<=#1Tk2GISP=tRYK3xhVP3c-Vipl^ytmJwI@Y|f*cz}TIB3R zVvSr*wXJC+A!P*8a<8DJjZMITJ^g14bt6z1+beXVMj~Kr3H7Lrsr(Js20n0q#4H$P zs#_y1ZL~=Va>GGfz|d;2UC|nV-S6nFNW*dlbS`&4V&Y5U0%>UScJXQpc>Iuhdw8wI zUMb3wk~$!VCGEKawE?!loS(Uga;b0 zr)tc4qT8-MrG&TztD=YHuCI7|0jr`)4T4_9Gat|oK##gmf_$|;)~-a^%brum!aRD! zrbuTtLmnMQ6>;B@Jk=w@(8zsUi78%#0 z{Ob$tJT{${*tpQLsLsV*W{btPSbem?L6GeL>?;QO(o)gP4A)3$>&Y0Mc)%9kou!2G zz210Nf!?UWqtX6-m#7uO`W&Ztd|&RN_1FMPlj!BAiLoySO*;d<4vB|(u+ z(q+w@#q@fOceG*Bb|UKA)}!(B8S)7Wo+)t4e6btkr)T;0+IljA+yYV)w)%!J)!5qG zk)OJ805$9ryc3CvNz-|lOUI55{Rn{i=;@3G3$w^*mXj}fC!=23vWGl)p%#!% zghQ>LH=PZ%6yY-idp(dlxi4l~nzve@Zt=T9MeR#9uETIk^Z^+f>KQv>SMx?~1Hsny zJ4ys!3f&wB(nbo(KG^JtWkqO4)O^~Hl^7-z-aCvNxFl!AQcQOeyRwokxI+)>O{Y2| zLGJ8%yjviEd$j~L5E{Q2-PDwp)j^2F0@1wAPXM*Nb)t{&bhmhBLL%H~GT z;QU9T(74vzQr3!eGs`YXxhr)T5A?`$j1O(o5A$K4Ddc_Y7p3_s9CYf` zLSayPKVP1lU8g6e2U7++vkoIy!q=AzjC{ZS`RXa)BnC9dQLgq?a&EppE>k+~OuFqui=@wwf|sO5*=r>7(BZa;my zzMt96c(r~SaqHOhqHc;n_NZ*=; z)0~7093joqQIR*-*p%&wXK$5Q1S?=ktEtgGOOvaNZ7!N*{Vg}l>^Y5qSCbhEG=)eMWpqsNAd~ll`!E3KHJ7|qmkj^t#Zzpc%dO~2OmW^f;1w(*GUq9?var983NQl$g~V`23Wne1}R8VN-UDQ%5APP z(Y1j$jlPYfh6s(52NM(1o-EY0o6XEEfi{G_)dM&{R@~w_Ml7scNUk?=$VR-Ze|?+UFi2<3B3 zxRQ$0FGcXO2Z;BSOhb%jDhE^~^#JhWYJ>1+6A`uVEpV z9_7|~%3=F=Np7v7W|S|R7W}M(Y8RnDfP4nND1_(xrT^-jv!$5@ z`V0lRq8zUV8xNRm&$ALeVDP+J;Sfe%I&@a8XfuGfCy`FMYF4`l6)(fHN6Oq|gZj_w zA#y3?wt7KJe^}0fL4~|OAd37QcBG(wBwz@LV>xh~_rp9fv$>oM7JnitrfOt6FwuM= zOk!3QZfkRv)1%g)oM9~lnGv;MsDu;&!RjZ1Wxon#k_BI#i*L~Cf}cJ-5g%^zn|f#a znd|-0(F99%Mf+!9!=9z}AgM}r`C96J6L=T~0_o>c;_yb~MD&fbun z9(yGq*v1C(Le5=perQLz!za7!S)?95&T3oz2mymc^w}F8csmcUu!OR~h;V7}FsIzs zej(RW%nWfR6~m@%l|wDy@rn=A{MCMs z>^-pQen9bICpewzrQ$b|K}W}?lz}&NU)Uua(=7U$m=|scqAhCboqehs=eHVlWFd@* zNkoIuP#Zy+o|c!SJ`p||^GkDkjxoI28b!FcTDe1PPWp17(L6ZB6A6H+WZ$Dw0# z&$!v0*HWNFC0Yq;GsUurhk_9Yh&Q`{<~-W6*$8><0-}+9>#Soe&o(H4Ddg@mnegb-3C80+M@$A ztY~fzioJndAB#dP6H60tbPwL{Cx}(W6o^!Ko6JKKYO8#0njrvtnJ@y-9;$g(?bQ}gPwdB!$;au91z7a#$m!3ppNyc;n&%0Kcu z!kMFZKhRu3SS~F$HG4s%g9x-R96A~jXkxgGWa! zlGI$oOz3Ct<%XihB`d^>y|NmqB19T{ug-db`lZs?W&~ju0Okxq#l-GP!4tk{)d6|8h)ThGu`-(h$V2IhL7;%zNk6a+7%nVU*zQ)WONK|I-d5z(P2hLT;I{eIta2U?XSG*q1e6*}MOKE!$ zlFcgWUK(;;h8vyYrrbexJC><~A{}vx*eX>kED5!9&HPn41>8PXWcjicSUwg>J#CZV z$!cAN4Hvv_gu5|dnXwbR8U4(DtamS)XQ{X?_faA-c2T+s>Xq$jI$-9b7+k9@Lyd@R z^61IF!drIiKD8vrDh9NYFe3dZ6?AU~uzhyKI7e=sLf_Y2V??NzNo`69$U0rrYH&^jh9pd8En~7X4KVK{I z6?5W^zMx`bi=Q`<2D~lwzPz{~j`L-gcoQs0p}{gU)D7FhHs+}(c(;_YQ8gE36cx8P z#NKG`)&l)ZZhtd9rD}!MmX0bKI$0YJOrzpBfm-ZBtuWy6wZVlPXP79*6Xnfx<>h6O ztspw;tuVDi=hdE-2yHy6VwF+m zmMEIAZ)KZ%0Fq_6L&;p}*n;?vPp0(;q+N~RHdFI^(RRR%gVYDX+G!c?!?^PEKgfF0N@%_u_eOi9N|5Qs z4Op4-Q9h21_dEZ2HYeg7JTcZP)1ymyUYk{nBo*BzyWDy(Fh#jtMWVoCXW50}vgxw6 z+`KUrqjzq%T7t|wl#)`zuEKlSO(#K^*|IU3XA&?anTtgC`bHpx3#JyoD*yW>i^P!Yp7x|er$T_1O9dwk!~=QUfoWNN!B5C^ zJB33Nw=#98Sn4HZ@WT))Oh&#hAGHr|79>a6>bIRtEZt&^`_0x+Zn!OV#z*o^xiuSfI% zazETdH+ymlJk={Bx+Lu|Ds3ot^3fB!gsZ+Y2c2p}#WG1V=;g8IOR&bth)Xqh60Fs- zu9xIoal-IlN*tL8{$#H- zOOqRF#9=J~YC_bAMLxcJv_qZ*jb?HP$giPb^3B|Dbce}{V@EQgvQ<^)nz zuD;pj4vjEr5PU0oIW(kMTTmr)XApBzQhz5}VBCZ%`qCiiRTt#mJ90HBPf$&(4=BoL z#yG_d&uD{L9z=?rm4`+Q@)MxAb!@+0o@oR4M-DPNnIBZ~o4 ze55a)_5SDJLz9=WD=QL*5@Vfaqd$Vtro>lA{vc8&(a@(ZWmJL{0ag`L?Op(tYxz`R6@7g z&_w;KG5s6xYZe%GL9C8e!BUk_lnOBsKM;EapOXk%DsdnInf}Q-0|z7f9%_-rB;tZu zPtxS=$D08~)^WnF79Tm0;CzRg2llapq9InfeoCLzoQA-Q)crPG6i8Q$(w??7qH?NS zK_s=5ZXpXm&}fE&bJi@WCEWM;(r_;%bmMa0cdqD|*>f)5&&&W!=Vt|^(&nlnIV4T( z>|m1hd)yZZI@YFgFS8dNRx1WG&AY=5Xm|qX3(-gTNOX+R}o%%PlqPoS{qLoji{Q9a`3n z_A#Xm1q0C!g0);?F6PaH9RSJe8cfEW(10@Y_T3(h+6&{40m7u4oGMXeLs?~bgVKsiw2^SCig9Ovc@xt!tfjBL6I7M#tQ~|`77?LM4NIjE|=MaTfRpmWTV|tdqODiO4Ei2q7h%Pz=qh6M+_c%7iSwH5KcCkdqA$} zHJ^Xf@&U5l(%N8EFT}?;vmfhkqIN726OXv1iAQ)sf zKXft?vvL`hg(1Ie=?kG@MVjX7e-U=r(>ZsmOvDtyTARBjupmlsrC=J}$!UfgY5YcWF2vN$HXDXK7xGL5brD-2yi$y z0xuyO8x!64VG2L@QVKa0?<69zvR_P@e==81YII=-2S(87h9{a2sf4l0T-eK(l|aFo zJ1p*Xe8VrSIE#k)lUpDDM` zkE{uyP&4S!+@(t+xTNRO2(BGxvEg9*X(@N8(VX-Go_XcDo}9P1PfBQ79AO1ss)ibr zIdaVWou}bfIMkClC^qbBc`T7Ib$%OTpiX+JkW=nHuAN6Wt{;LqR)McfBW9^p2Jzuk zK$ij!%9bu6GvI6$d!cw(Vxu*sTO?}mQ60?EwDZ$+7TxlT9jNp2MqXDGN{cQAP=(xYLdj$JJ~5MwBjSgdnSu zkc8Nim58^t9QQwxjnRMv!MuyE36d(T^y-x%2MjnldA68_P-&7j`89c>(>A>tya1nl874?%3b9*aBkA<2|N^#;pE=LdOyN z`0P{xVx5L%?`SxNQoLJGS_z1N-PAC_`{F_fI}{GW)9{v1FC@gygY@6Y3Wrz8T%X*8 zOQ?rzeuJ<%BSFrHj8(2gBAl`B@rBTquXjOw?bE^ONt|a0Fvd>QJDS`P!NBIuKr;2i zPXldbC5N(!Q)KPBCE2kg1+b-&7BHEn^>myNR z+FR(^n5sr4wfGq?Wt5pyNyS9|e4&8Mfkm%01VL(>Vy~BBIDy5s026K_#DLa0C4vF} z=xB}jgcv6PyhV2R;9kSkMjk?4&+7dT!~UY=1x2hq7+zFR!_a8_8BrX$NEDbgHL? zUU@+Nnn!}4wFRlU8Ic07!SM0HP(+N+u}*qlOg%ElO3`2TLeBgAGuG;>s|ewLz3~I^ z5o(+X*B+(>ohQ%C9q&bF!DjY`FS2-n_7MQAyH!N|@d0QdPh0wctz@gv=NKjyU&ZGH zCus>;VR?_BbD*@Mxsuz@H?e`Z>5ftbeQxPN}V++Z&o`&DFa?+%{$U#vK zGp!ff%ki+bCSF~w6cq{822orq(ny7=HU*3ju+A>6-9x9^HY2u0+r8gN5?ItxOD*)` zP*mywMXmMSpKoaAoooN$3{?m@e811(e(w8znB$ZFNvLLMl46XlkewKi(v_+2+1-Zt z!yq0#G!lyfiuJdscKp7%hUJ>cmXkKD?ubgdBX!ba@xNf~b zY#Lr&w7fmAW8ywLU4y@9KI_>3O^+Dp4G#nz4!rPxE9G!VsFN;$p!w1su1S*_dFTE7 z2g4VYTvcz@B7Y0JR86*dZA)P!4OTzgxz&6&*2J0s!j#_)lZ`RmBs88E+M^QnL3p0L z>kO)GG_GB10y+)?;xvb<3Vy|?x+pYmd0kb*ehMly4+nSfN+7S0GbIMWajCZ53J5a^ zse?!I`>i&22*GgMQVp2n?<62YKy5w#X3z-h!*ZqZ#`c)H$FRYT zv*QLMG)9@Gz@-X$7Fa(;Pd@Qq4@TBHgK8$}&pJ^51>27%dt;bP5otVs*cdY7zPG}q zZR&Ws(TI2wszxFZWld^W3CkJWYhg9-ezfz8&Nu-H&8)ZxylX-ucjjPPNk-h~N;#%7 z^$)zavWd0Lh<&`X@xaevb^2<3pM@H1eF`Ue%w|lIZ^o@1$SS{+DgR+ces|wd>)zq` z0|yAU6krGNprt@5_ged{eG?5oja-?h`W~d5dEvkRl?74yE(T3&dKeyDAJ-- zp|GFcl{=DXim{Lh4XPww$On|my2*$Bx-W|vD{~de=ZR=&0BhpQwIA!cl{T%d(Me|@- zaG)iCTTN>R#ct?)xQTfn=y{5(Ja>xg@OO(gyb>ZY@r8C?%#LYQpRrsl)tYLumNhvx zQfxO>RUM4BPCQ+dlmDf%E$dTfsP}bigHfhP4=P5bV^i~nQi?Q#EV?h{+tzMb)n~V> z%bHI%Rix_{?+euoq!t>>1|28Y=A?V;ykV{82&dTTIMkNAzn_(<+1-7wV~a8+A0KG* zpG$Ffddu1G!Z#S5f5}NhC>3#D76!2hALWK&I*zV3P3u%k?5puri^>GjfaKL4vmy!# z%-pkNFEKqWdi_vw25I2B=dL$ubG?`S)g{)%RoAMao^W_o=Da;F^Rxu3Tt*^^Zo){JPU`D5zyu<5_sn35fBDEKkSdu7$6uGLBJ_a^I{HxH>a+xE*Q4k^BUbOdB zbzr<9=ui6xUiEwPsuh0SrMxnSOU)FwG~#_#!)azCcqhFnhUOiiAjJ@-$uVY4mnjtX zFFT^y@zX)I$-`#|`tU@aL3A?$wz1M^uk))ONAvZyh3nmXpL*B-G^~CB>18cqbalRH z_4mfWOHpBEt&MjfNOId`|7`Hu^#yzEwj6EcCSYONpY~eR%-Sn{mEPJk=H`-o08-80 z3?r*0_`VF4H=~2)$M-z8&5%07Rc{QbZpLNz z*VMyy0+;H*Px{5}2sif`?av1f_-2J#u{XxA`r$6N*_OLk%+^1wgRF7Iucq-FU|mcu zqV6#fFf^$l+OXo!5o>&B^6rykCPMz5$_Kr~>h!*<(aaZ&VI{7V85@S=s!F5<63>F4 zI?HC63HI;|*x>)N8HZ8SGaHfCYmu5*0g(=^cr}PNP9HZN4|?Dq0&+%0DZukYT_UN6 zfp8_w$&WnZi8R$HUw}De%FmpiCz%Sy`P4kwe=07Azdz>gaINpJ`Sb(RhQB-Ft$V-Ifk{C)iHh?7(y6(u)tsLDoiJxE97QO@bqwU|G>He@?Y$a+Lknx@6*}MlC2Fi*nVUJ01)V?;V-7 z3rV6tSEX{#WyT5fBLF%aW1X@8g_BL31q2bDAoG|?HRj~cT%xvD7-}Vk|9L` ztK>yU2I?rC`(pv3*5yTnF{s#4=4krU{(d&QuQBlcyVpav9Vfy70k7ZCv&{x_x1W(p zOx00q&$>m6mr-n}Z2hF4Wlt|@se=|TZ!Z2A*?_8ggO+Gi9JBmwb`z9m5rdG=AX-vQBi zaiPGb$su7n#8J8bS=M~oju8NCn_V)WF8K&!3Dsk)JCxD$4Z*(ijqg^vv|^y2Z|g^G7YpHQ#!-Ji~~$ zQM-Mmii-kdxp)hsfJ1j$E^B9{ls2y@3U037dHPI9m;tuQ+8ofy*o$@h+Uq?>E+3X| zdUD5HDR{xniuUvg7YMeKUe>Y!^&?b1rd=((#sS-gp5wv%efEQq+)$oJMGpr3x2Z@p zYVD&tWcx#9-~QjyE3l*UkO^L3S5XrE?##@#NGKi!k|6;7n?`+U-_G6i)_b?F6n?xF z*A+5yJI3D zx(sLo7ZROzAc=Ci<{!qj8=&?1aB|DDLY!&$KOxNPB+l2pg1pctq_aa}AfCVJ`iASC z2lDJos<1a45n;vdA87y|Wn|M;{xRM65Uwu{^jlK7Da!X&mOS1 z2F=UQHGS%T*9!_<@6I%32U3->mn;9WVdmkC_*~_Dx8GD#&AxW{QXLCbX3q(9*{2}x zOp?gyQp44>4s#TSRMxq*sk?lg$9}^ZMN{pUa=VZyQIUY}_>VrLTS!Y%)7VVSvM{LD zZr_&bcF#oWjg<1HU*pG~+y%=&E@*_2GLYm7Uyzn<_OIy{*J8pNEtk&yY z%6GJi!NXE(jl0;jc>8We_=Ym@gb!_Ny96_4VtLQ+xR`6!_Wt=ZiwS-AL`<&Ai=Zq2 zng4NcL3GrLREnXF4L^+p8Pb6GPOgU!pW=Q65=(3m0g;Wyn4Q#){+{Skf!Sn{hGIUw zuiCx+=i6loe4QbI3bj~leb#J*Jzg>z9w$Z#}EJTq;HEa zj@I^Vj7&Tv{6cSK$D}=K1&j119bNC)Css5>F0Xr=(;WM%|9Jttq9fI~a;t(+Af$L} zFxK{&(zKtGrE^UEyY5lBC{PKmXh7arkB`qSZ?)HOa<9S80Lq+;^MZEC*c#WP8tqas(d2SZ2}>jua~tfW0H-_rdqpm4+Ew(o(k84E_nIv1kbl+P9au7|T-C z1v0Fm!wSlnqd+mEP3&SB^tu47=3nbQmLwOPxecyZ9c_DZiQO}r?VfT(%n^;PO4?d2 zN=XhovdVRfG+Z{p?Emzvqdb4iC5^8vb3_E4{LmfBd07;2r;>bx&1uw=DTfC1LkW$B zn`FTfqy&_!qx#r}fbpCQJ0=}tW2?ScCa5Db22$NGDdlK}*rOTyZ?H=lG$A+iF1*?p zf@gRhpRSU5vs#mM;pFMHIZsB+J`Z44>7KNgPYEofZVSCnrgLupVc}_|M{QlELJN6% zH1m0;m-4=sd8Fw6s*%hU$05&z9-?^*AJvUvk5A^aCGWIPfZ2RHZvRJd9}Q1xxjRC& zt*?^0cK^aFSvj)ZXr$?J5cnD%Xz_~BOb51luS3`Uxc@3*Av zY$n(yqz!{95EKO~<-6iu)P-7e_{&)N;vK}uckv(F;+ia*1zwpFe5Sd#f|cv5pQ+8d z)TTse*McDi@$)R=HsH9lY+r?N~Gt_saC{#WG%nsdU*MfQh zV5~JQ?LBtSyAe^<@{4@TcQJQ0|1O~ogBkCm9TeZ6sSf-DDhffSXg6Kmc~eUM=;}8s z!%S{dRC;&c{<1&MR!un~zp#%t{;hrI<-|3gDEg{?GA1=0SA1t^eh*XJr-CXobHa-P zXp)UdU8#hdicY3XY8?E(XJ(=*6jR}l0AF0mGuXMf@=an%9&I!ikpFU1v>HW>2``fP zI~_quhoP9jZB=1k(@mT2_n8&6sF4yc+G@qT1K)Je{(Y40^m9=%aG7<e)x=a0}mEt*?=6uHvoV+nFyp8tp8MOx=a-tnAHr~^@YHVUYa*Xxl`J`2e>L-G=T zT)?a`6U{x|GwZ`Lb2juGI(gr{XQl~M~L*B|0tG(N*ao<8pSbXV&qIpPJ(}p9z-Ab&vo9~J}-ZCk_o$_CLMp$pBRAAFY zr_wT{9s!zF{bY!J_3=o)*hNZAr;=qpWK(c|zug7`%LeU2c)lV8^%O)8;@5!g>wFPI zTv`n~eh+f~M#VkBU$sj+2d(?s`Ikj7SwKSk9;SMFe)Iy9Tl^OnhVTk(NO zOJ-94hJA7wPj~Hxmo!XfGP%hR%2qOmmld;&Cbq115|$} zoB0V9080?I`UKgaxJ@1Y%bJc9Y0c4|tkA`x^1;2s&pL5@NG_FcN`F_GytZ^fg0DoV zp1iNUls?LnwO01O=boR?7I5dTcbgNM+xk0L)`hAbli-=DN6h&d3xfkcyU0hdc<kCp4!vq18@t8~-!BC_R0f zysZtu_9t!1xNQTd=tteNH~-*@Yp!QVN_nwf{chddPgg&i;nI6DT~hhTT;*0!;O z439$-oc9E>vjI`Dd?2*XGVi1#ZRDtO*_ci6+tjbJVJ#gcBje@5-`50lD2046$Re#A zNNRcU|EWb|*;(-Dg%4R}8(T=`pn(YahSez;M}2mM=8;}CzmJ-u$+i(6nbKd1ktK$v z8p%G@bmX#)M%D+d7V3hy)qJFd&l4{kA|Mz!Qv3ukm9Jp&Z&T&p&67I@kFk79dD_0& zTJ?JEU4weOAR=PCsrIzoynOQUK>op#QFXjvQdQ3q7id~gkU@37{&I9x;l|mJy4Glo zVK>S>;Dc%uCd+%k1sS;!Ej3()L0&o4ooSJ4Xr5A-I@Sl*2z%{f<`b+9svPew>$XgC~x zKVUUwLO>rCy%wrc-%lf%&L?ISX%lZ6jdIFCf1W$pdD#M|`kb7X9QCYrsV;387RW$v zW#d;ydWc)iAK;IYXJTQR|M$(yFIGo0LO#QD`5WdI^mkDTTt`f69t;82K-r6#sB8%` zs~X$GGGg#-f+}KKHUT6U<{VkK`3HR1e^m_8bk7vVHA}Brg4r?LaXhb_Uf}G7Np5n( zTgcY_wEsrhWe9v!zk6yt;O)GK5;rK*51krIj^nLZPgN=B;DSO{U$g?vK!v>EvfwmHdV8^NuUgOLV zH-Lwa_pm?u^gc`SE((FlWn-%{OI8Z4P~DbuyiJK%O|37?h(k@Y?L6{kZwVf3`*wO2 zYl?A?5emtnAcTelHEg;Bq>*&V8SN3UZ@|Wan(~r09dVQxspCiJl4v$le^s6r9s>eQ zFGMp*IT*_5X5-mY@8WEc)>W8gJh{FQ7y>Hpv`e1-nWt5vO54XGYd_khz2VfiDV~jr z`urnpu?JcEW}dZAW?-fT!@W~a1zi)P8M1A>665gLG%#xk%c3uW*0j6_lK=cJRn?I; z)w<`xt`Ax#N(bS)TtS>?=4H-=0XzWQ*d+@~`hFO&&-uejuOH8VzMe-#gPWc0fBbc^ zN#Elo-~?amJ7NkiN>Urm9Ph}^$0gPGyG+V-{pd(8W>~g@J(H9&aBZSA&CaDyG5Jd~Jo3h5e-#dy^5CC8 zqjR)xvxOGSj<91C6mJPo!Uo&oD-Hr_r+q9WbJ#^oN`9^x&gPU4T-ELCWE4lWfo~_|a!6x%t7k&Zz|{Y>-q&kS6&3c@baPy{)n=bO^h(hT zUKSmWQgwUc`kl-ne)Wl>q8HyWmbj#aLHN^ve5g!xklN9lj>nVVgcqM;l?%(G3o5-; z%xXkbz3m74^)kD>F$O5iP;CR?#MJKv_BF8rX^MMal%IVqZFu>E{7r|r%daGdrxP{; zqf1@>y%lb%8Jjlk)yR|fh!rgug-2tME1Qdg`)fS9+bIxVryRWeb&FC~G-z8<;x)qh zq(9DnU_6!7ax3Rk|66+1wwCB2;lDEGQZ>Izl;D~Chl(X;i|^2T^p}#bMs)~8?&N$L ze%Z1MzXM`#x3RJ6=m=~AOC$99Y8}~hzuckAt0M|94V7KKYGDBW+ ziwoujKz79C2Gu~$>L~1%51n$xUf#b~du5S2)W0pj^UO16^YxDVtk5`%=iW(2WXlT^ z7v2j)UkL>_aqJJ96eFv$ub}|%kz$;*5E{A}Zr4)9l>J9Vg4I08E%vAcYkn4)bqIvV@c#A1zeVzP2IOWSqhFjKa+Mp2oEA zjz0e0((lSfS0*+0R@S=@?pScN%pPOtM842u(L4eml#;*NS0ETD1^>gGFJzun`eHT- zAT1FkM39*7LH;#5w1R^~0j0uN{CSG|OZ1>uq(ZT~rDTs)(-LV90PqUMHn&QK4->RT zMD25z+H$KFs_GxgxYh+qcbK;5B3qI!;`t`FRb-F#Sytpc%g{%V#d^%`1+%<&Q0zxn z>Y0?kEq4ahMdKXYTXTC6u!8FS1!2T!OCXBawDQ5~mspf~zvtB@%bmsEBkvZ46{qh! zX@?fm$oYh;g1(DK$==M$>q&g5|f3OKr6JnXmW^UI*AP@Jm-qB~#65`ZWnVLeP+*) zP1yo{?3zuPKAJn^XJ$_NZ=KrKr@yon>;pT68gSp_UI9<%(2ieM$21Jndp%!HhAp*+ z5xlR(AB8xAtKlV;GaRhq@wwl+O}0M{@tbE1*h2B@26>1G(f0KH#2`k)pj&8uL$t-6 zEV30vLBS7~UNPZv3%D_AV`4krxoG*{_`Q!SEgLFr;Vp9>{R}kP$vi+?L+-1Xx%axsTW*)vii5jSJ;*EYX!zX9Y_18riE+9;cHN6nxZzl>AV zm~{fUJ_gm>ymuJiJ}d#!kTjQ*^Y)BpB6cM%>;Ka-U(@1yL6H?E$(#%llji z8?(3a-2LK6^x01Zm;1*HV>~3{KEe2oh)PdHfOM; z$O0(KNC~;ImYV1fXlf`LtVYKZhciNZyd}1P=pkDYZ@H((W)G`;V0eBD+~t^d)1VnW zFVl^bU-8a?MNhQWgs@HvbQO#~dUjQrI)r17{t4SZ?aJ(H{&%PSz1z42@7#Fo))%Z8HQhyK^swv;>$>0@*` zUeR}$LzDwdA35tF5HWQHk}8T(g`Iz?QP_8-dNLs35irEV3nb!|C@IC0X$qY#9f&wm zGz#T5@t;w%eM1=?`PL$(edM9KtXwToyoz5#aLLyxsVw%sWtSedJ6}!Mu8iMb8*wT@ zZueX?GNdtYME-(u>y~R(#(E*|bV%Wl7Rd-^B1#vDX#XI+7uQ%+c5z6TIBL^uI zghXYb@|4#S?xfMUw!GcxN*HghrzkO6qdmE5>}p5ABiq4Mbjsxu>>S+voq=0@_`z^m zE#yuKoB&?@;4}`H$}yO$GU1yVtci7$$nxmGR2E!s8%lS63M27}kU*GtW zA#yBTUrdh$`J*%>nAG|CErl4_fU z^e07*e$hN0WbMgIslckcw#x)ZX(Q3^(22GL8K0F4#b3RZ7Cw@T;q;mHyVtA`Y_b;& zM2%&QNzDn%ZfpP6er}+T8B{s5su%mg>JJwGeLz*}zyK=&i=|6HBvI4iYaLJzeEP?t z;DM{Pw%_g(Bi@2FaGh#)4OV_Wg~quf=AJ#aEq;$ZMnkhvU)x*VUDkYFSjOG%d9`Ek zXoavEcnxFt@ob^vTDNGCG1=NK8iZ3VaZTp4yYJ)uxFR{!52u9fDFw4fbTh9HTGCgI z>Xd2sIeyt|Iu@H!3QB?S`9cr8ODKI(+Sf2lVZZ0fwgiyqVTpc1R?~+68ikBu z0i3^>I`1O_!RTViZR5nYuYm>@h{eT>erpV_U>Jm}=}Ivf5u`GJn!+q*Izcr*LgNyd zZ%jXIwA}d0fO;ana?K~3M&Vo^7_^FkP_T$W-783#nBawk|J4|ltNP>yeZ_Cye&V3& zX%p1cxNMM`q)VxJEmbN zty2CMiW$BS>`>@^V;B*w#0!>AwLK1G(OYql&@LJijQO{rUMU^ZP4(mU3X=`WWA@1^ z`d*#33lBRy=QCNr1r=AVybJ9ub=(ziF7&b|;c9jCYXyFu%X^3ISnUT@cB*!to(oUL z$aSKRXsU?Px7?%lOMiZFy;HW9zYavkIId>|Tq*4OS5i zS7Vu~^rYP{bn$>rewry!;$@?;y%gW0<2T1Mo~DwUqv$Ev-P|%C%ojkS;(ChbDroA) zv%49=XGGG`6p9j8*VQ5|M!8{Bv71i5LbHvjGci4k$$(rCo&y9xJ%HIv zi+XQvsFa_5qD}MQG@tf@U4v%T9laycJ~3$zw0pOW>Mn=Uu!#u<6zo8`VE174k5N)l zc+oS$C~cvtK`A@wdYtnwn+k+CKz&qVR^nZE;!nmafeG&z*jaYBTo`CQ>Bp5GHeg#c z6vXpLVdSVB(5J#TE7nalf6c^dj>N*Z5&f;qcZ-14fWEQck*>`0Jox=KTU3Ktpt-q2 z0i`X`mM5P$s7}m!Nu&Ctf83HzX=6B3Nf`r#Q z?`z?ov(u%*>h-<{h3{iZrwTguh{LZI)@K~jCxmtwt7O6_gTddXtYFna9u_6exuZCb zRNP>qG2_yDsI1c1Wy64aIA)?SYo6#d-izz20`ivDLkLcI(G)!NK6OlLRQeZo%vHy6 zCwLr*Qa5rxAM-#zpS#6Hw@yf+i15c99R-fK`Ajcj46RoJ2@ztjAzF+yjkw7_|IspP zwU1}{)jW)Uz4m+AJyT#1V4R}xuuJ0v5^ULNZx_B1Krerd0mvop}1`Dx8AdRY|@4d zbuv!@M;+tg%jNE#H|#O3P`Jh$nLCA_Vhtf~0+#aop1bb7E*1s=vGv6Mzp9wCc9eHG zX!Kfl7}Q!|Pbeo3`l2taFU6fHD?T;;r`F!pqUE__B>Hg1ZIA)Umj?_D-{i z*iUj4UZ`XBH#&$XB@qLE3lPag*8y0!1q`&sLd)5R&+6;7?;&te2ea(6!tJp=`NSa> zKtt@uh}P;r@nB66aN~J~mR~xhJ1dP>p0S>l+xsT+6ntU;@MmLM$*4^jN>aa5#=}0W zT;VI~=Ap>cqB2N#Uv4z)cDKPFRtV;SfMre~r$DAr>PU5?E}M#wzvn`j)WtojoQ?_J!vC2>vL+1$p z$Ty=C&6JZE$qr#9VuttaVo^iw3Bo~t<2|_&pgPg0Q{esN$_n@qZd3PT;cd~N z!ZlMo&6xJtf}1ej>i4ZBM{{b^5;FLIY944D4+Kh`z%rKpn(xDl5>crj-X8w5bkmsm zGEX}X<({Zqoqlvuq8ecK1e;YO*?mmU>2PuJcwlH>CCzcjZ)ps|Cg67Y&`jlaoXcdm zm2lIJ6wReu$nvvJ}qNUijWc1Q3y_zOGUy9vBD1*A1+w3nH#EUQ1v+lzA9!S zrM$7cZniKm!$jAT9wHD!TNLcp{BGR5ht&o{scP3xhUJ440FAUFw!}_#CNrw65bRpZ zz1-nZEIh&yriU5vUwl0Fe-@}O<>#{6#`5gkcHy5VhS`mpsiY=0b5>qTYK|?+Np!_s z-+%_dd-Pa>N_t82aPM2URy`Qrm~aC@dkMBY4!_Fm&o3J@gAOB^CBtuA9gK4BXr%~5 za#giEyy)4P7L)C_#aK7``jj-R?RUaulD9m8qEXJ(SS^G`7QI1Dq|_9C2t4HGy0F<$RIN|W=ZDvFe? zDuvl_qeSmwEUk-YN>=a5z?blr&JoivawSkmHxJa?Sa|(iE9j~Et+@`cLq*wz<{I{@ zhDy=j+B7s(H>oGyLJJRKIGTN8%bE)q7}P37PG-V#Uf$iwUZMQ4Y^%{|S6px;P1^4x zbf?l%!q3Y~9K&BRuZ%9^DRQklcWGdN+jy!?HWz-~7Izuj!8e(O>-tM0N{6omAh?NqK zT!gkD-N(tX>c^fi=Xk~e|99mA>Z{fN*nafUPCPM^6EmbMaLzNh(F`c#qDxzvERQJA zJ`OvOuvPj7mkk}f_rD^8Ykh3ARa zX$HHXD-bGp*taCQs|p`3VPg{vel>)V!qt99fPoeIrX%aSb-vz!ibGT#A>k$XDDX9c=j83FWYfbc<^Tlx6s##Hf?7smofv z>#021eBz>G^Bw9b%R@|d9IWfRaM7h+CK)rs5xu*Sl6a{w*k26+>Wiasd+3)s5>5_xs{!{ zjD(0U*`aZV;3(suWMeR)l(%v$Kb@;`<|a6!f9z>bv6xI=3wP8ee zA0omxSFPlXRK{s1~K)_nz3-BbB%kfa*`F)&*cW zFfz8%Clv|V&{J0^dI36iPUWE_flykMd=RhF{C&1~`x+xAs|RinXOzx>8})c|`6HVD zx^33lG@+Ld+5_7w64}m$GYQ1Frq9g7hFjiB;RBLoiu$by4%GU@yHQI@!~lHr+1M5} zoxJGqr%2GWwyU30d7~{fI#VkDO%S!-m7g|+uLWUHE@L#vHUqE+&-E#axc`gFUln_? zB2ZN@d$QF`|9a>YlOR^0y;+4TREGM;|6VsQtZ!mB>GCN;rT_!ElCU5}lTMzsNYDgJ z1+m>%!ncYWE-s!FBrYm{B(7$YS>c84a9p`vBmeILUi|AXe;9Rhy@?EIM!|IwS=)DS zYovY)Vq67ko?pI~wID&3Kozqki^g}w6|CL}vPslt{AT349ih?Vog|Z4cUCUVVAR;m zmKumZ7b{O(#6kX#%mdpX{za)g*(bb}=rGltc-VEb4{Ra0W1tFhvg-J`wBhaP*t5@% zNKm!b##?a++^E|3do26p80UCa;846}%}YjK?C7(kvB7I3GberJl4MYsWgHT5 z#y|sJ6Q~|eGcXR6|NVYJKKp#mQIFy#n<-mh^HNGs7Perzwf>o$>bZBZbjY1GKq zdaZ-P>hI9WmKW;S#qcBB0ja43#IGTEghJt=w6>(*gMFdgfk1TqcorMGK0SMmg*085 z;R4RRlB`4yyv!j>j)yzjyT9zSn)3WV%Fm4sFCvAPQ$f|H+LA-0qGb-sV%-zF9O}^6 z2HIIZO~}kad+d_{1cO!PB?j3)Bknpe+GN9jb0mEit7vp1LMjT#%uEEn;8)|>jpYyJ z@AMOc=Cg<7nB$k^&BA8q40eRJ70Jo5MSh$$)40yek2DdDDp!W58HO+qp0w*UFSJ%> z4%wuo7w}MWB|wT4Yqmx_NSw5HX9WteQz(Xb;0x^qvoF~3 z&Reu+a6b_tEtnTfq>meQ&4o{d%if}39Q4ivXFl&evHcl*l%uyf$^1nn5#%M3|A+ zyd&KaxF555T9Z%w^*ob7Gn}QF6=_BVgheKea^V@YZ|Y&bIdT-~5&%cEFxQyDZGBMI zTtDuLo*HF?OWy*Zb5(C5LcHy3degvwM1~JV1B!^59exwM>(e|)JtO1f*rcj*; z|DX%s(hU_}+-tP-`;%MD&uf||nrxfJh4RnvPaAe91VEK0E*l)>tJZs>R&H>P0M5?G zt^IuoGIQHg9U6J}n64kjkZ{YGCJ#+t591XsZQ6*$Y>;~0Bjj0B?QoBPBY8}%k2WA_ z(uP52{4fdNqGhp z>l(!-Ft6{Qu|(3%yyA@!?StKTs4aHA_kACw><5VcK-6EHp4-ll9k$YY&&?qfA9M1e z>~41;%$oe1&NvfImvLG136n0xnV>3l%^m253c&u_*4k6O72cZeX^(_mm zgEcUg!zP+fb`_=EFDT)H#=MeT*wuR!Zcu~*iE^^Ir%aSpQ6w%9cMoQr`)}a=pba;% zyGoClI?8dR;-PUZ%O^f#co#Q1mV*>EVLL!k2NkS$uVJ#)&kI;{*K^P9_d(G!B{`YB zN2$W8qna9M;;HmtCvOAUv)fh*c{vK~wadmbw=iq3c}F{P9Y13T)HAEXG)edAD0V-B zSBsk+gUsQdAnt`KA>zA3EhcHU~mfVm+Tm#s~eqCQ(sW zdYPEznFQAlc(p)c{opMQaC| zsnIO4=`8|LM^t+6vD5;IJ+rE(bHe4f6_7B_H!R>YjC9SXc3DwWq}-u~blIf}Yu|R{ zA~axzlGSe0UIY7IZkEvzH?s&yo$>SsX(c(~17cEG06B!_h6+t$!wC~Qo=R7I^&Rig zYMRa4*FCHS2z_D}Y+%#^BVYg8YLJ#=tXxv7AJHihZ$L_`xa&PbUD#efG`foUbl;KB z+~G_nhtC9GX6M8KVXuiR=Nedqm|~`SG7^SJ>jr{fzF2|@trjq@O%i)BF)vaf%rprJ zT(%vMsxrgxP5lmr!dtP3xwCTF;L&RD%)^!0W6Z}yr`f$iiO4Z^ z9oVS-t=zrud`o1%IpX~LaUNY?Hc>5e;De@nQ4$jQE{{99;fa38js$cQF++qpK4Dk*2e`us62no~4k{>6fgJLzOiWDgxOU|PnZ-8nS zLSy5*bTNH(`44#tU@bfcXaxMN5Ac%3H5`_Nx4Wq5B|?uy)CS_#H*oKLPfa|j1B%bt zlG96x%@gpWC?NR{kX3UK@Ys7w! zbez?2rcBs!y}G8i?A;XZUTuc?~wwx05Z2m*j2l zAjN}q6H^zZW385`m!qUXu_M(Wwlb}M*#7V6l&n4b`zJAw1`M}vK5-dWipo^4^$p&N z2yvmLqF+J&L)6N)ZQ7dKU@X6jS*WKkTbs&o6vf`@_*+E3e^7h@+ zi_sccdM%;fKFj zkt~JlGZ7-nvxOdVq)Qc}1aLzF9Q@weSGF(fGU*#9kZG5|zh}S|T=8J|wjrsBt+dN~ z!iz#lG#F9#HK1IR>j!%GuOWbh0Z8qUtC%vg_&du0y5w)IqABFC&lVG?8-^q-6JmQ0 z&sdQho{m6fP5Vs+wpO-8%+kyoip93n#Lh^&f4#>Q$x`S?J7x=mZx)PkJLcOb`)kjy z&nv0r;deKmce3N^x$qXl@&%F_zn*IHob&d?7>J(9=sokWA%w{ciq0(=1hn=**uXE-)P@Yh?KHa*%~VXgXfw zwKJM$nlYoRfhh)h#t{=(V z&>rj5`J*koqladuD4%jrGN6CnI}Co7?*7(W|In{yLY88d+LC^-=Qpm&kV3uIuLt02 ztD$hs+G}7%bY_X}vPM#utW3LSpBRvTCutpQ!)QPWtMlJ!wsyvf@Rrq zOt_fj{)m`wz!^PB9U`3~u%%)4a7%~DR!;Z}6P0tDolsG3iO+(Xz`sTLWt$*-WO8!E zSac=eA%pdOJ7il|^_8crO=?oYEwr_z3v+?YqRIFB5T^<$S|BgTo5Wf~? zEmD=z;fszItRAx3k&DNlTD*WUL0(xxTWH^b1M0+8*ZOL9j_QYLvK4TrX2E+VC6~%K z{n$G881%Eeh*?Z_P}v+51tA;AvP=vGKg_E!Q?W)RBVe{9d-s}9&)jo}-PP}C@ouZl z?mL1{nX*m&mmJexEemWmQ?~f)KBuV-9)!HA+g~A)R~pJzk%%fYls0Zr#aOP{2TrA7 z)7onG6}llB*m&XZt6eH{D0fpqK_#>_p{VV}y(<-o6MrJlHMuY=AT4yEFAUJe`0k~g z&xFXA@zR*v>y-2oGQUnBT3oIyX(zXfNHLvhDQ#~F6p0)<9Z-aBFNCplMr;G_pS}c+ z3PLdBG#mZf)c6hFn{I8zqxk+*2~}}ka;Zyw`Z~X5I%4Pt`DenMn128AtMW5MpZ@dg z{FrTRAvyI+dA~&y6*lowa92?xpNI#O=4EpEKwBKX&^zDu`{A~M^Iq*8vgmgV_14AY z#_!>?75p_Joxzoj=CfUpYA7AVSf*gwhU5NtCTA;=Vj7Elv7F@`?me!6pU`d%0cDvaN~kkgnHkAR zX@<{BpSjp%gcdstm(0+LD+%sGZ?(cYTYm@kDQsULTn0l;meqIYgkSdjT(U$Zxm2@t zN;s!QnwE{TNWiMihr@0Ft*nKv$aZ7=O(}SPRlKsy_r>4fYUXDgi1ze|!BfYNo(IF~ zvKG>+(5D>s+X$;mwNJHfo?jSUNV9x1^q`W+e&9fmMM)hduoFI~N`1dM1mBGPWek%S zst(+-LCs_7n9+GYDiL3^VrtJfkq+;Ev@=1qYtjLVWQX9c4l~>|*q;jt-_X8sfWD3b zmI;5*VbUKoL-?jkD07$3$j{% zcfC9J@x^FigBhzcPPH-l{XyUz20J2OLsNw`q7#V;dXn$dErI+|Ko;ZBwn}6$F?aQ4 z!ZagQXH!)N0iDUp^!dE%%Z1I(G|qpFK@5Q`61UcuZXfOx@U2#0NZRXu+(q$7A=9&4 zzFT~-z6Mj=h)SALF~a4J!&V3C71{MFH}BsBUd3RzXZptBOQTr1#NbQXS1krV3v@qb zM1b5v4R_yXq=?fbd6oYJE%uebVrERL#!?R0ir2=#_~&cP|Eq`X)2UNx!kNzaSB1b{ z6R3b0MEOyXQ6c+r9R(%&y=Jz zdah18v{AC}zMbvsW@CB;tT&KhPAjpoaq1+N9rU}n6l5rNe9?02YAx$=!ul&e=W0)! zxLnywllXayd{s%Wr;7dLNUIT)7`B8<)z=Kj;QNX#_G|VEyc1G1CsWD%Dl>nkw; z{!U9+Z%&Qkr-9L;@SNfS<){~z4IcYIP{!K}VYwo99C*vYX3!GRJOjC?8t&P*Mf3H| zDR};2RW*!$RulyzJURc3ZvFayaJ}(}XWf)7QBP0sT-f=8D4wpei4sDhjnb4n$d6Sp z9U$6fQ41g3!HPBvAXk51(rZ53iYSd>QD&b9j~wJ3{qQ6%u9c|>N>Uoz_m!POLguM- z#eT}%WmdWOht?@7fxxa8CJs3RzIE?CeFfH8xEcw*#)r*{K`y~TvU|6@1zMzIkUVTO zURmT<;jN7q);&)gTJV|*j{G`Cv97dTZ zxoZ^v|9P|rI)$jCMb^5N?z`c>?+~JpaCzDY`%Rt^kg2%2zCZ9RxO%8%e-0bsR{5&u zJfpahc?#VW)8hl;%MOt=5s>p_m@ifS5+T^z;hR5=X8DUv7Sh&AH|D!`<6)~-TV9;a zS#g7qvk;VSuh?-bD^ch0e@mtd3NNCH%t(k#E75leD~k4f*m`EtH|;qCr;~PJ!U>D} zfsp|{=twa(OhaF{#T!eqHr*2*2#x60nNys$7vIW!@gnDGUEu$cqLMnJAJ!qE+P4#> zSv~uD&_tn0P3#q5&rH?|hv%f^(F2ALrEiOE^A{W0n2%uNd*8d;H`l~AHh~RGke;vx zSzQ_u7;q;eIGFjQAZ@Y;uF$Y)Wf)zHrT&gZSePwzQQ)|odISN9lRhahPVfYAhyEA)YT8wX1-&97ed`uVwv}D z&XaKrH%lNrMGLkA`!+sDq{7SrxVD-7;*5(k%rm~d@44>YgSd(1bIPI2l6r6S7H8zC zjS+WGXFQFmqHZR}H6&=*&;f2rFNhrE03SzEDcC;?oC!QkQRw{J?4<%z+Ax83;g6=Z z_=vNkWWi3EUF*@^XAV9XelWsbk)@Zo)#{H1!PC3G$sBKe;*jZ&7i(;+b>R%dQw}AD zGuIH1NvVsI=EFGb{!RcDjvLjJ#DqhIL_l;f;(E~&`BH!aI7yUWKj(p4J_drXEenS= znIh^+_=_eFAWET*#PCqg>kxls_EC)lhh;wXCC8O(D6SC)y!o|yH_xMRwFJ%9_q==; zW4fFZC!5IOt0H+I%OY{Wc`#vFmG@QdKktY5Yi^r(rai*t!S^J8x%EMoa=;wlFZ10d zv33ThD;%wIxJ|rv-yOmIiI*)$u{`E|!H}4~{sJxzm#5oL0Ym-#cKkFf^ZUfRqJ-pD z(OYpnjVPk5@E#6*@0AAsvz?q5h#9h9C5reV?~zZe^*vVtn_G>i?t8~w{%70zuv?0u zwnyVgv%BI|tr%wLhYh^!=x<5B!W!C__t%xqawj8L6xl^tncW8&FFoDA$J39ExTk&4mWAeP#QHFzCaWOfO^;c+YEK43A#c@Xm?vA zV(c;7`e+hn0;d0?>HDycV1MBacX1|OB83^|s_hAxY(xezk$0~;>A+dQC(e|}e zI^i>lG(!Tixvuf%BRNk>7=e#i+s`hGKP*)PVyKf{j$jkA3Uh1`a} zH@)^D98oaHQ>J;T9vXNM*8)B-XTq0BO%);KLamwZ&RbCgh}t+2*53TCyc=`<;3}na z{*=H|{Jyzz-*Yj=ovWIWNEYKXFiYq@8+_d>PBvpw5uT?{WgxJiJ%kzNX-*oIR4GMM zpU53Q$M7JELX)_GF;%|PDRJVakFT%RQn80kF(M)qbHGN3vQ-553fJ>vWP zBjxE_`jnK+Z$RyTw&~})EB@bZ<6F>OQ@-xy7&h&HM|l*HDDg48sBn^%9EyAHmjH9t zbVOrD*iZo<(~;B|9m{a zakIbgpaPuug5UJKSbUls6+Rn5CneU1Xx76M2omo)z6%oPSp1P8iT$(Y_@zSfWdJ*M n$ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-keyboard-shortcuts.xml b/images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-keyboard-shortcuts.xml deleted file mode 100644 index 4e2cea26..00000000 --- a/images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-keyboard-shortcuts.xml +++ /dev/null @@ -1,172 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml b/images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml deleted file mode 100644 index 05f5e394..00000000 --- a/images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml +++ /dev/null @@ -1,78 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfwm4.xml b/images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfwm4.xml deleted file mode 100644 index 4cce16cc..00000000 --- a/images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xfwm4.xml +++ /dev/null @@ -1,106 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xsettings.xml b/images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xsettings.xml deleted file mode 100644 index 3324472b..00000000 --- a/images/boxs/conf.d/desktop/xfce/.config/xfce4/xfconf/xfce-perchannel-xml/xsettings.xml +++ /dev/null @@ -1,59 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/images/boxs/conf.d/desktop/xfce/Desktop/.firefox.desktop b/images/boxs/conf.d/desktop/xfce/Desktop/.firefox.desktop deleted file mode 100644 index 5a7ad82e..00000000 --- a/images/boxs/conf.d/desktop/xfce/Desktop/.firefox.desktop +++ /dev/null @@ -1,221 +0,0 @@ -[Desktop Entry] -Version=1.0 -Name=Firefox Web Browser -Name[ar]=متصفح الويب فَيَرفُكْس -Name[ast]=Restolador web Firefox -Name[bn]=ফায়ারফক্স ওয়েব ব্রাউজার -Name[ca]=Navegador web Firefox -Name[cs]=Firefox Webový prohlížeč -Name[da]=Firefox - internetbrowser -Name[el]=Περιηγητής Firefox -Name[es]=Navegador web Firefox -Name[et]=Firefoxi veebibrauser -Name[fa]=مرورگر اینترنتی Firefox -Name[fi]=Firefox-selain -Name[fr]=Navigateur Web Firefox -Name[gl]=Navegador web Firefox -Name[he]=דפדפן האינטרנט Firefox -Name[hr]=Firefox web preglednik -Name[hu]=Firefox webböngésző -Name[it]=Firefox Browser Web -Name[ja]=Firefox ウェブ・ブラウザ -Name[ko]=Firefox 웹 브라우저 -Name[ku]=Geroka torê Firefox -Name[lt]=Firefox interneto naršyklė -Name[nb]=Firefox Nettleser -Name[nl]=Firefox webbrowser -Name[nn]=Firefox Nettlesar -Name[no]=Firefox Nettleser -Name[pl]=Przeglądarka WWW Firefox -Name[pt]=Firefox Navegador Web -Name[pt_BR]=Navegador Web Firefox -Name[ro]=Firefox – Navigator Internet -Name[ru]=Веб-браузер Firefox -Name[sk]=Firefox - internetový prehliadač -Name[sl]=Firefox spletni brskalnik -Name[sv]=Firefox webbläsare -Name[tr]=Firefox Web Tarayıcısı -Name[ug]=Firefox توركۆرگۈ -Name[uk]=Веб-браузер Firefox -Name[vi]=Trình duyệt web Firefox -Name[zh_CN]=Firefox 网络浏览器 -Name[zh_TW]=Firefox 網路瀏覽器 -Comment=Browse the World Wide Web -Comment[ar]=تصفح الشبكة العنكبوتية العالمية -Comment[ast]=Restola pela Rede -Comment[bn]=ইন্টারনেট ব্রাউজ করুন -Comment[ca]=Navegueu per la web -Comment[cs]=Prohlížení stránek World Wide Webu -Comment[da]=Surf på internettet -Comment[de]=Im Internet surfen -Comment[el]=Μπορείτε να περιηγηθείτε στο διαδίκτυο (Web) -Comment[es]=Navegue por la web -Comment[et]=Lehitse veebi -Comment[fa]=صفحات شبکه جهانی اینترنت را مرور نمایید -Comment[fi]=Selaa Internetin WWW-sivuja -Comment[fr]=Naviguer sur le Web -Comment[gl]=Navegar pola rede -Comment[he]=גלישה ברחבי האינטרנט -Comment[hr]=Pretražite web -Comment[hu]=A világháló böngészése -Comment[it]=Esplora il web -Comment[ja]=ウェブを閲覧します -Comment[ko]=웹을 돌아 다닙니다 -Comment[ku]=Li torê bigere -Comment[lt]=Naršykite internete -Comment[nb]=Surf på nettet -Comment[nl]=Verken het internet -Comment[nn]=Surf på nettet -Comment[no]=Surf på nettet -Comment[pl]=Przeglądanie stron WWW -Comment[pt]=Navegue na Internet -Comment[pt_BR]=Navegue na Internet -Comment[ro]=Navigați pe Internet -Comment[ru]=Доступ в Интернет -Comment[sk]=Prehliadanie internetu -Comment[sl]=Brskajte po spletu -Comment[sv]=Surfa på webben -Comment[tr]=İnternet'te Gezinin -Comment[ug]=دۇنيادىكى توربەتلەرنى كۆرگىلى بولىدۇ -Comment[uk]=Перегляд сторінок Інтернету -Comment[vi]=Để duyệt các trang web -Comment[zh_CN]=浏览互联网 -Comment[zh_TW]=瀏覽網際網路 -GenericName=Web Browser -GenericName[ar]=متصفح ويب -GenericName[ast]=Restolador Web -GenericName[bn]=ওয়েব ব্রাউজার -GenericName[ca]=Navegador web -GenericName[cs]=Webový prohlížeč -GenericName[da]=Webbrowser -GenericName[el]=Περιηγητής διαδικτύου -GenericName[es]=Navegador web -GenericName[et]=Veebibrauser -GenericName[fa]=مرورگر اینترنتی -GenericName[fi]=WWW-selain -GenericName[fr]=Navigateur Web -GenericName[gl]=Navegador Web -GenericName[he]=דפדפן אינטרנט -GenericName[hr]=Web preglednik -GenericName[hu]=Webböngésző -GenericName[it]=Browser web -GenericName[ja]=ウェブ・ブラウザ -GenericName[ko]=웹 브라우저 -GenericName[ku]=Geroka torê -GenericName[lt]=Interneto naršyklė -GenericName[nb]=Nettleser -GenericName[nl]=Webbrowser -GenericName[nn]=Nettlesar -GenericName[no]=Nettleser -GenericName[pl]=Przeglądarka WWW -GenericName[pt]=Navegador Web -GenericName[pt_BR]=Navegador Web -GenericName[ro]=Navigator Internet -GenericName[ru]=Веб-браузер -GenericName[sk]=Internetový prehliadač -GenericName[sl]=Spletni brskalnik -GenericName[sv]=Webbläsare -GenericName[tr]=Web Tarayıcı -GenericName[ug]=توركۆرگۈ -GenericName[uk]=Веб-браузер -GenericName[vi]=Trình duyệt Web -GenericName[zh_CN]=网络浏览器 -GenericName[zh_TW]=網路瀏覽器 -Keywords=Internet;WWW;Browser;Web;Explorer -Keywords[ar]=انترنت;إنترنت;متصفح;ويب;وب -Keywords[ast]=Internet;WWW;Restolador;Web;Esplorador -Keywords[ca]=Internet;WWW;Navegador;Web;Explorador;Explorer -Keywords[cs]=Internet;WWW;Prohlížeč;Web;Explorer -Keywords[da]=Internet;Internettet;WWW;Browser;Browse;Web;Surf;Nettet -Keywords[de]=Internet;WWW;Browser;Web;Explorer;Webseite;Site;surfen;online;browsen -Keywords[el]=Internet;WWW;Browser;Web;Explorer;Διαδίκτυο;Περιηγητής;Firefox;Φιρεφοχ;Ιντερνετ -Keywords[es]=Explorador;Internet;WWW -Keywords[fi]=Internet;WWW;Browser;Web;Explorer;selain;Internet-selain;internetselain;verkkoselain;netti;surffaa -Keywords[fr]=Internet;WWW;Browser;Web;Explorer;Fureteur;Surfer;Navigateur -Keywords[he]=דפדפן;אינטרנט;רשת;אתרים;אתר;פיירפוקס;מוזילה; -Keywords[hr]=Internet;WWW;preglednik;Web -Keywords[hu]=Internet;WWW;Böngésző;Web;Háló;Net;Explorer -Keywords[it]=Internet;WWW;Browser;Web;Navigatore -Keywords[is]=Internet;WWW;Vafri;Vefur;Netvafri;Flakk -Keywords[ja]=Internet;WWW;Web;インターネット;ブラウザ;ウェブ;エクスプローラ -Keywords[nb]=Internett;WWW;Nettleser;Explorer;Web;Browser;Nettside -Keywords[nl]=Internet;WWW;Browser;Web;Explorer;Verkenner;Website;Surfen;Online -Keywords[pt]=Internet;WWW;Browser;Web;Explorador;Navegador -Keywords[pt_BR]=Internet;WWW;Browser;Web;Explorador;Navegador -Keywords[ru]=Internet;WWW;Browser;Web;Explorer;интернет;браузер;веб;файрфокс;огнелис -Keywords[sk]=Internet;WWW;Prehliadač;Web;Explorer -Keywords[sl]=Internet;WWW;Browser;Web;Explorer;Brskalnik;Splet -Keywords[tr]=İnternet;WWW;Tarayıcı;Web;Gezgin;Web sitesi;Site;sörf;çevrimiçi;tara -Keywords[uk]=Internet;WWW;Browser;Web;Explorer;Інтернет;мережа;переглядач;оглядач;браузер;веб;файрфокс;вогнелис;перегляд -Keywords[vi]=Internet;WWW;Browser;Web;Explorer;Trình duyệt;Trang web -Keywords[zh_CN]=Internet;WWW;Browser;Web;Explorer;网页;浏览;上网;火狐;Firefox;ff;互联网;网站; -Keywords[zh_TW]=Internet;WWW;Browser;Web;Explorer;網際網路;網路;瀏覽器;上網;網頁;火狐 -Exec=firefox %u -Terminal=false -X-MultipleArgs=false -Type=Application -Icon=/usr/lib/firefox/browser/icons/mozicon128.png -Categories=GNOME;GTK;Network;WebBrowser; -MimeType=text/html;text/xml;application/xhtml+xml;application/xml;application/rss+xml;application/rdf+xml;image/gif;image/jpeg;image/png;x-scheme-handler/http;x-scheme-handler/https;x-scheme-handler/ftp;x-scheme-handler/chrome;video/webm;application/x-xpinstall; -StartupNotify=true -Actions=NewWindow;NewPrivateWindow; - -[Desktop Action NewWindow] -Name=Open a New Window -Name[ar]=افتح نافذة جديدة -Name[ast]=Abrir una ventana nueva -Name[bn]=Abrir una ventana nueva -Name[ca]=Obre una finestra nova -Name[cs]=Otevřít nové okno -Name[da]=Åbn et nyt vindue -Name[de]=Ein neues Fenster öffnen -Name[el]=Άνοιγμα νέου παραθύρου -Name[es]=Abrir una ventana nueva -Name[fi]=Avaa uusi ikkuna -Name[fr]=Ouvrir une nouvelle fenêtre -Name[gl]=Abrir unha nova xanela -Name[he]=פתיחת חלון חדש -Name[hr]=Otvori novi prozor -Name[hu]=Új ablak nyitása -Name[it]=Apri una nuova finestra -Name[ja]=新しいウィンドウを開く -Name[ko]=새 창 열기 -Name[ku]=Paceyeke nû veke -Name[lt]=Atverti naują langą -Name[nb]=Åpne et nytt vindu -Name[nl]=Nieuw venster openen -Name[pt]=Abrir nova janela -Name[pt_BR]=Abrir nova janela -Name[ro]=Deschide o fereastră nouă -Name[ru]=Новое окно -Name[sk]=Otvoriť nové okno -Name[sl]=Odpri novo okno -Name[sv]=Öppna ett nytt fönster -Name[tr]=Yeni pencere aç -Name[ug]=يېڭى كۆزنەك ئېچىش -Name[uk]=Відкрити нове вікно -Name[vi]=Mở cửa sổ mới -Name[zh_CN]=新建窗口 -Name[zh_TW]=開啟新視窗 -Exec=firefox -new-window -OnlyShowIn=Unity; - -[Desktop Action NewPrivateWindow] -Name=Open a New Private Window -Name[ar]=افتح نافذة جديدة للتصفح الخاص -Name[ca]=Obre una finestra nova en mode d'incògnit -Name[de]=Ein neues privates Fenster öffnen -Name[es]=Abrir una ventana privada nueva -Name[fi]=Avaa uusi yksityinen ikkuna -Name[fr]=Ouvrir une nouvelle fenêtre de navigation privée -Name[he]=פתיחת חלון גלישה פרטית חדש -Name[hu]=Új privát ablak nyitása -Name[it]=Apri una nuova finestra anonima -Name[nb]=Åpne et nytt privat vindu -Name[ru]=Новое приватное окно -Name[sl]=Odpri novo okno zasebnega brskanja -Name[tr]=Yeni bir pencere aç -Name[uk]=Відкрити нове вікно у потайливому режимі -Name[zh_TW]=開啟新隱私瀏覽視窗 -Exec=firefox -private-window -OnlyShowIn=Unity; diff --git a/images/boxs/conf.d/desktop/xfce/Desktop/chromium-browser.desktop b/images/boxs/conf.d/desktop/xfce/Desktop/chromium-browser.desktop deleted file mode 100755 index 8c8e9b73..00000000 --- a/images/boxs/conf.d/desktop/xfce/Desktop/chromium-browser.desktop +++ /dev/null @@ -1,298 +0,0 @@ -[Desktop Entry] -Version=1.0 -Name=Chromium Web Browser -Name[ast]=Restolador web Chromium -Name[bg]=Уеб четец Chromium -Name[bn]=ক্রোমিয়াম ওয়েব ব্রাউজার -Name[bs]=Chromium web preglednik -Name[ca]=Navegador web Chromium -Name[ca@valencia]=Navegador web Chromium -Name[da]=Chromium netbrowser -Name[de]=Chromium-Webbrowser -Name[en_AU]=Chromium Web Browser -Name[eo]=Kromiumo retfoliumilo -Name[es]=Navegador web Chromium -Name[et]=Chromiumi veebibrauser -Name[eu]=Chromium web-nabigatzailea -Name[fi]=Chromium-selain -Name[fr]=Navigateur Web Chromium -Name[gl]=Navegador web Chromium -Name[he]=דפדפן האינטרנט כרומיום -Name[hr]=Chromium web preglednik -Name[hu]=Chromium webböngésző -Name[hy]=Chromium ոստայն զննարկիչ -Name[ia]=Navigator del web Chromium -Name[id]=Peramban Web Chromium -Name[it]=Browser web Chromium -Name[ja]=Chromium ウェブ・ブラウザ -Name[ka]=ვებ ბრაუზერი Chromium -Name[ko]=Chromium 웹 브라우저 -Name[kw]=Peurel wias Chromium -Name[ms]=Pelayar Web Chromium -Name[nb]=Chromium nettleser -Name[nl]=Chromium webbrowser -Name[pt_BR]=Navegador de Internet Chromium -Name[ro]=Navigator Internet Chromium -Name[ru]=Веб-браузер Chromium -Name[sl]=Chromium spletni brskalnik -Name[sv]=Webbläsaren Chromium -Name[ug]=Chromium توركۆرگۈ -Name[vi]=Trình duyệt Web Chromium -Name[zh_CN]=Chromium 网页浏览器 -Name[zh_HK]=Chromium 網頁瀏覽器 -Name[zh_TW]=Chromium 網頁瀏覽器 -GenericName=Web Browser -GenericName[ar]=متصفح الشبكة -GenericName[ast]=Restolador web -GenericName[bg]=Уеб браузър -GenericName[bn]=ওয়েব ব্রাউজার -GenericName[bs]=Web preglednik -GenericName[ca]=Navegador web -GenericName[ca@valencia]=Navegador web -GenericName[cs]=WWW prohlížeč -GenericName[da]=Browser -GenericName[de]=Web-Browser -GenericName[el]=Περιηγητής ιστού -GenericName[en_AU]=Web Browser -GenericName[en_GB]=Web Browser -GenericName[eo]=Retfoliumilo -GenericName[es]=Navegador web -GenericName[et]=Veebibrauser -GenericName[eu]=Web-nabigatzailea -GenericName[fi]=WWW-selain -GenericName[fil]=Web Browser -GenericName[fr]=Navigateur Web -GenericName[gl]=Navegador web -GenericName[gu]=વેબ બ્રાઉઝર -GenericName[he]=דפדפן אינטרנט -GenericName[hi]=वेब ब्राउज़र -GenericName[hr]=Web preglednik -GenericName[hu]=Webböngésző -GenericName[hy]=Ոստայն զննարկիչ -GenericName[ia]=Navigator del Web -GenericName[id]=Peramban Web -GenericName[it]=Browser web -GenericName[ja]=ウェブ・ブラウザ -GenericName[ka]=ვებ ბრაუზერი -GenericName[kn]=ಜಾಲ ವೀಕ್ಷಕ -GenericName[ko]=웹 브라우저 -GenericName[kw]=Peurel wias -GenericName[lt]=Žiniatinklio naršyklė -GenericName[lv]=Tīmekļa pārlūks -GenericName[ml]=വെബ് ബ്രൌസര്‍ -GenericName[mr]=वेब ब्राऊजर -GenericName[ms]=Pelayar Web -GenericName[nb]=Nettleser -GenericName[nl]=Webbrowser -GenericName[or]=ଓ୍ବେବ ବ୍ରାଉଜର -GenericName[pl]=Przeglądarka WWW -GenericName[pt]=Navegador Web -GenericName[pt_BR]=Navegador web -GenericName[ro]=Navigator de Internet -GenericName[ru]=Веб-браузер -GenericName[sk]=WWW prehliadač -GenericName[sl]=Spletni brskalnik -GenericName[sr]=Интернет прегледник -GenericName[sv]=Webbläsare -GenericName[ta]=இணைய உலாவி -GenericName[te]=మహాతల అన్వేషి -GenericName[th]=เว็บเบราว์เซอร์ -GenericName[tr]=Web Tarayıcı -GenericName[ug]=توركۆرگۈ -GenericName[uk]=Навігатор Тенет -GenericName[vi]=Bộ duyệt Web -GenericName[zh_CN]=网页浏览器 -GenericName[zh_HK]=網頁瀏覽器 -GenericName[zh_TW]=網頁瀏覽器 -Comment=Access the Internet -Comment[ar]=الدخول إلى الإنترنت -Comment[ast]=Accesu a Internet -Comment[bg]=Достъп до интернет -Comment[bn]=ইন্টারনেটে প্রবেশ করুন -Comment[bs]=Pristup internetu -Comment[ca]=Accediu a Internet -Comment[ca@valencia]=Accediu a Internet -Comment[cs]=Přístup k internetu -Comment[da]=Få adgang til internettet -Comment[de]=Internetzugriff -Comment[el]=Πρόσβαση στο Διαδίκτυο -Comment[en_AU]=Access the Internet -Comment[en_GB]=Access the Internet -Comment[eo]=Akiri interreton -Comment[es]=Acceda a Internet -Comment[et]=Pääs Internetti -Comment[eu]=Sartu Internetera -Comment[fi]=Käytä internetiä -Comment[fil]=I-access ang Internet -Comment[fr]=Accéder à Internet -Comment[gl]=Acceda a Internet -Comment[gu]=ઇંટરનેટ ઍક્સેસ કરો -Comment[he]=גישה לאינטרנט -Comment[hi]=इंटरनेट तक पहुंच स्थापित करें -Comment[hr]=Pristupite Internetu -Comment[hu]=Az internet elérése -Comment[hy]=Մուտք համացանց -Comment[ia]=Accede a le Interrete -Comment[id]=Akses Internet -Comment[it]=Accesso a Internet -Comment[ja]=インターネットにアクセス -Comment[ka]=ინტერნეტში შესვლა -Comment[kn]=ಇಂಟರ್ನೆಟ್ ಅನ್ನು ಪ್ರವೇಶಿಸಿ -Comment[ko]=인터넷에 연결합니다 -Comment[kw]=Hedhes an Kesrosweyth -Comment[lt]=Interneto prieiga -Comment[lv]=Piekļūt internetam -Comment[ml]=ഇന്റര്‍‌നെറ്റ് ആക്‌സസ് ചെയ്യുക -Comment[mr]=इंटरनेटमध्ये प्रवेश करा -Comment[ms]=Mengakses Internet -Comment[nb]=Bruk internett -Comment[nl]=Verbinding maken met internet -Comment[or]=ଇଣ୍ଟର୍ନେଟ୍ ପ୍ରବେଶ କରନ୍ତୁ -Comment[pl]=Skorzystaj z internetu -Comment[pt]=Aceder à Internet -Comment[pt_BR]=Acessar a internet -Comment[ro]=Accesați Internetul -Comment[ru]=Доступ в Интернет -Comment[sk]=Prístup do siete Internet -Comment[sl]=Dostop do interneta -Comment[sr]=Приступите Интернету -Comment[sv]=Surfa på Internet -Comment[ta]=இணையத்தை அணுகுதல் -Comment[te]=ఇంటర్నెట్‌ను ఆక్సెస్ చెయ్యండి -Comment[th]=เข้าถึงอินเทอร์เน็ต -Comment[tr]=İnternet'e erişin -Comment[ug]=ئىنتېرنېت زىيارىتى -Comment[uk]=Доступ до Інтернету -Comment[vi]=Truy cập Internet -Comment[zh_CN]=访问互联网 -Comment[zh_HK]=連線到網際網路 -Comment[zh_TW]=連線到網際網路 -Exec=chromium-browser %U -Terminal=false -X-MultipleArgs=false -Type=Application -Icon=chromium-browser -Categories=Network;WebBrowser; -MimeType=text/html;text/xml;application/xhtml_xml;x-scheme-handler/http;x-scheme-handler/https; -StartupWMClass=Chromium-browser -StartupNotify=true -Actions=NewWindow;Incognito;TempProfile; -X-AppInstall-Package=chromium-browser - -Path= - -[Desktop Action NewWindow] -Name=Open a New Window -Name[ast]=Abrir una Ventana Nueva -Name[bg]=Отваряне на Нов прозорец -Name[bn]=একটি নতুন উইন্ডো খুলুন -Name[bs]=Otvori novi prozor -Name[ca]=Obre una finestra nova -Name[ca@valencia]=Obri una finestra nova -Name[da]=Åbn et nyt vindue -Name[de]=Ein neues Fenster öffnen -Name[en_AU]=Open a New Window -Name[eo]=Malfermi novan fenestron -Name[es]=Abrir una ventana nueva -Name[et]=Ava uus aken -Name[eu]=Ireki leiho berria -Name[fi]=Avaa uusi ikkuna -Name[fr]=Ouvrir une nouvelle fenêtre -Name[gl]=Abrir unha nova xanela -Name[he]=פתיחת חלון חדש -Name[hy]=Բացել նոր պատուհան -Name[ia]=Aperi un nove fenestra -Name[it]=Apri una nuova finestra -Name[ja]=新しいウィンドウを開く -Name[ka]=ახალი ფანჯრის გახსნა -Name[kw]=Egery fenester noweth -Name[ms]=Buka Tetingkap Baru -Name[nb]=Åpne et nytt vindu -Name[nl]=Nieuw venster openen -Name[pt_BR]=Abre uma nova janela -Name[ro]=Deschide o fereastră nouă -Name[ru]=Открыть новое окно -Name[sl]=Odpri novo okno -Name[sv]=Öppna ett nytt fönster -Name[ug]=يېڭى كۆزنەك ئاچ -Name[uk]=Відкрити нове вікно -Name[vi]=Mở cửa sổ mới -Name[zh_CN]=打开新窗口 -Name[zh_TW]=開啟新視窗 -Exec=chromium-browser - -[Desktop Action Incognito] -Name=Open a New Window in incognito mode -Name[ast]=Abrir una ventana nueva en mou incógnitu -Name[bg]=Отваряне на нов прозорец в режим \"инкогнито\" -Name[bn]=একটি নতুন উইন্ডো খুলুন ইনকোগনিটো অবস্থায় -Name[bs]=Otvori novi prozor u privatnom modu -Name[ca]=Obre una finestra nova en mode d'incògnit -Name[ca@valencia]=Obri una finestra nova en mode d'incògnit -Name[de]=Ein neues Fenster im Inkognito-Modus öffnen -Name[en_AU]=Open a New Window in incognito mode -Name[eo]=Malfermi novan fenestron nekoniĝeble -Name[es]=Abrir una ventana nueva en modo incógnito -Name[et]=Ava uus aken tundmatus olekus -Name[eu]=Ireki leiho berria isileko moduan -Name[fi]=Avaa uusi ikkuna incognito-tilassa -Name[fr]=Ouvrir une nouvelle fenêtre en mode navigation privée -Name[gl]=Abrir unha nova xanela en modo de incógnito -Name[he]=פתיחת חלון חדש במצב גלישה בסתר -Name[hy]=Բացել նոր պատուհան ծպտյալ աշխատակերպում -Name[ia]=Aperi un nove fenestra in modo incognite -Name[it]=Apri una nuova finestra in modalità incognito -Name[ja]=新しいシークレット ウィンドウを開く -Name[ka]=ახალი ფანჯრის ინკოგნიტოდ გახსნა -Name[kw]=Egry fenester noweth en modh privedh -Name[ms]=Buka Tetingkap Baru dalam mod menyamar -Name[nl]=Nieuw venster openen in incognito-modus -Name[pt_BR]=Abrir uma nova janela em modo anônimo -Name[ro]=Deschide o fereastră nouă în mod incognito -Name[ru]=Открыть новое окно в режиме инкогнито -Name[sl]=Odpri novo okno v načinu brez beleženja -Name[sv]=Öppna ett nytt inkognitofönster -Name[ug]=يوشۇرۇن ھالەتتە يېڭى كۆزنەك ئاچ -Name[uk]=Відкрити нове вікно у приватному режимі -Name[vi]=Mở cửa sổ mới trong chế độ ẩn danh -Name[zh_CN]=以隐身模式打开新窗口 -Name[zh_TW]=以匿名模式開啟新視窗 -Exec=chromium-browser --incognito - -[Desktop Action TempProfile] -Name=Open a New Window with a temporary profile -Name[ast]=Abrir una ventana nueva con perfil temporal -Name[bg]=Отваряне на Нов прозорец с временен профил -Name[bn]=সাময়িক প্রোফাইল সহ একটি নতুন উইন্ডো খুলুন -Name[bs]=Otvori novi prozor pomoću privremenog profila -Name[ca]=Obre una finestra nova amb un perfil temporal -Name[ca@valencia]=Obri una finestra nova amb un perfil temporal -Name[de]=Ein neues Fenster mit einem temporären Profil öffnen -Name[en_AU]=Open a New Window with a temporary profile -Name[eo]=Malfermi novan fenestron portempe -Name[es]=Abrir una ventana nueva con perfil temporal -Name[et]=Ava uus aken ajutise profiiliga -Name[eu]=Ireki leiho berria behin-behineko profil batekin -Name[fi]=Avaa uusi ikkuna käyttäen väliaikaista profiilia -Name[fr]=Ouvrir une nouvelle fenêtre avec un profil temporaire -Name[gl]=Abrir unha nova xanela con perfil temporal -Name[he]=פתיחת חלון חדש עם פרופיל זמני -Name[hy]=Բացել նոր պատուհան ժամանակավոր հատկագրով -Name[ia]=Aperi un nove fenestra con un profilo provisori -Name[it]=Apri una nuova finestra con un profilo temporaneo -Name[ja]=一時プロファイルで新しいウィンドウを開く -Name[ka]=ახალი ფანჯრის გახსნა დროებით პროფილში -Name[kw]=Egery fenester noweth gen profil dres prys -Name[ms]=Buka Tetingkap Baru dengan profil sementara -Name[nb]=Åpne et nytt vindu med en midlertidig profil -Name[nl]=Nieuw venster openen met een tijdelijk profiel -Name[pt_BR]=Abrir uma nova janela com um perfil temporário -Name[ro]=Deschide o fereastră nouă cu un profil temporar -Name[ru]=Открыть новое окно с временным профилем -Name[sl]=Odpri novo okno z začasnim profilom -Name[sv]=Öppna ett nytt fönster med temporär profil -Name[ug]=ۋاقىتلىق سەپلىمە ھۆججەت بىلەن يېڭى كۆزنەك ئاچ -Name[vi]=Mở cửa sổ mới với hồ sơ tạm -Name[zh_CN]=以临时配置文件打开新窗口 -Name[zh_TW]=以暫時性個人身分開啟新視窗 -Exec=chromium-browser --temp-profile diff --git a/images/boxs/conf.d/index.php b/images/boxs/conf.d/index.php deleted file mode 100644 index 802f3433..00000000 --- a/images/boxs/conf.d/index.php +++ /dev/null @@ -1,1468 +0,0 @@ -=0; $l--) - { - $allsize1[$l]=floor($size/pow(1024,$l)); - $allsize[$l]=$allsize1[$l]-$allsize1[$l+1]*1024; - } - - $len=count($allsize); - - for($j = $len-1; $j >=0; $j--) - { - $fsize=$fsize.$allsize[$j].$danwei[$j]; - } - return $fsize; -} - -function valid_email($str) -{ - return ( ! preg_match("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $str)) ? FALSE : TRUE; -} - -//检测PHP设置参数 -function show($varName) -{ - switch($result = get_cfg_var($varName)) - { - case 0: - return '×'; - break; - - case 1: - return ''; - break; - - default: - return $result; - break; - } -} - -//保留服务器性能测试结果 -$valInt = isset($_POST['pInt']) ? $_POST['pInt'] : "No Test"; -$valFloat = isset($_POST['pFloat']) ? $_POST['pFloat'] : "No Test"; -$valIo = isset($_POST['pIo']) ? $_POST['pIo'] : "No Test"; - -if ($_GET['act'] == "phpinfo") -{ - phpinfo(); - exit(); -} -elseif($_POST['act'] == "Int Test") -{ - $valInt = test_int(); -} -elseif($_POST['act'] == "Float Test") -{ - $valFloat = test_float(); -} -elseif($_POST['act'] == "IO Test") -{ - $valIo = test_io(); -} -//网速测试-开始 -elseif($_POST['act']=="Start Test") -{ -?> - - "; - } - ?> - -"; - Echo "This shows all the functions supported by the system, and custom functions\n"; - print_r($arr); - echo ""; - exit(); -}elseif($_GET['act'] == "disable_functions") -{ - $disFuns=get_cfg_var("disable_functions"); - if(empty($disFuns)) - { - $arr = '×'; - } - else - { - $arr = $disFuns; - } - Function php() - { - } - echo "

";
-	Echo "This shows all the functions disable by the system\n";
-	print_r($arr);
-	echo "
"; - exit(); -} - -//MySQL检测 -if ($_POST['act'] == 'MySQL Test') -{ - $host = isset($_POST['host']) ? trim($_POST['host']) : ''; - $port = isset($_POST['port']) ? (int) $_POST['port'] : ''; - $login = isset($_POST['login']) ? trim($_POST['login']) : ''; - $password = isset($_POST['password']) ? trim($_POST['password']) : ''; - $host = preg_match('~[^a-z0-9\-\.]+~i', $host) ? '' : $host; - $port = intval($port) ? intval($port) : ''; - $login = preg_match('~[^a-z0-9\_\-]+~i', $login) ? '' : htmlspecialchars($login); - $password = is_string($password) ? htmlspecialchars($password) : ''; -} -elseif ($_POST['act'] == 'Function Test') -{ - $funRe = "Function".$_POST['funName']."Test results support the position: ".isfun1($_POST['funName']); -} -elseif ($_POST['act'] == 'Mail Test') -{ - $mailRe = "Mail test results: send"; - if($_SERVER['SERVER_PORT']==80){$mailContent = "http://".$_SERVER['SERVER_NAME'].($_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME']);} - else{$mailContent = "http://".$_SERVER['SERVER_NAME'].":".$_SERVER['SERVER_PORT'].($_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME']);} - $mailRe .= (false !== @mail($_POST["mailAdd"], $mailContent, "This is a test mail!")) ? "Complete":"Failure"; -} - -//网络速度测试 -if(isset($_POST['speed'])) -{ - $speed=round(100/($_POST['speed']/1000),2); -} -elseif($_GET['speed']=="0") -{ - $speed=6666.67; -} -elseif(isset($_GET['speed']) and $_GET['speed']>0) -{ - $speed=round(100/($_GET['speed']/1000),2); //下载速度: $speed kb/s -} -else -{ - $speed=" No Test "; -} - - -// 检测函数支持 -function isfun($funName = '') -{ - if (!$funName || trim($funName) == '' || preg_match('~[^a-z0-9\_]+~i', $funName, $tmp)) return '错误'; - return (false !== function_exists($funName)) ? '' : '×'; -} -function isfun1($funName = '') -{ - if (!$funName || trim($funName) == '' || preg_match('~[^a-z0-9\_]+~i', $funName, $tmp)) return '错误'; - return (false !== function_exists($funName)) ? '√' : '×'; -} - -//整数运算能力测试 -function test_int() -{ - $timeStart = gettimeofday(); - for($i = 0; $i < 3000000; $i++) - { - $t = 1+1; - } - $timeEnd = gettimeofday(); - $time = ($timeEnd["usec"]-$timeStart["usec"])/1000000+$timeEnd["sec"]-$timeStart["sec"]; - $time = round($time, 3)." Second"; - return $time; -} - -//浮点运算能力测试 -function test_float() -{ - //得到圆周率值 - $t = pi(); - $timeStart = gettimeofday(); - - for($i = 0; $i < 3000000; $i++) - { - //开平方 - sqrt($t); - } - - $timeEnd = gettimeofday(); - $time = ($timeEnd["usec"]-$timeStart["usec"])/1000000+$timeEnd["sec"]-$timeStart["sec"]; - $time = round($time, 3)."Second"; - return $time; -} - -//IO能力测试 -function test_io() -{ - $fp = @fopen(PHPSELF, "r"); - $timeStart = gettimeofday(); - for($i = 0; $i < 10000; $i++) - { - @fread($fp, 10240); - @rewind($fp); - } - $timeEnd = gettimeofday(); - @fclose($fp); - $time = ($timeEnd["usec"]-$timeStart["usec"])/1000000+$timeEnd["sec"]-$timeStart["sec"]; - $time = round($time, 3)."Second"; - return($time); -} - -function GetCoreInformation() {$data = file('/proc/stat');$cores = array();foreach( $data as $line ) {if( preg_match('/^cpu[0-9]/', $line) ){$info = explode(' ', $line);$cores[]=array('user'=>$info[1],'nice'=>$info[2],'sys' => $info[3],'idle'=>$info[4],'iowait'=>$info[5],'irq' => $info[6],'softirq' => $info[7]);}}return $cores;} -function GetCpuPercentages($stat1, $stat2) {if(count($stat1)!==count($stat2)){return;}$cpus=array();for( $i = 0, $l = count($stat1); $i < $l; $i++) { $dif = array(); $dif['user'] = $stat2[$i]['user'] - $stat1[$i]['user'];$dif['nice'] = $stat2[$i]['nice'] - $stat1[$i]['nice']; $dif['sys'] = $stat2[$i]['sys'] - $stat1[$i]['sys'];$dif['idle'] = $stat2[$i]['idle'] - $stat1[$i]['idle'];$dif['iowait'] = $stat2[$i]['iowait'] - $stat1[$i]['iowait'];$dif['irq'] = $stat2[$i]['irq'] - $stat1[$i]['irq'];$dif['softirq'] = $stat2[$i]['softirq'] - $stat1[$i]['softirq'];$total = array_sum($dif);$cpu = array();foreach($dif as $x=>$y) $cpu[$x] = round($y / $total * 100, 2);$cpus['cpu' . $i] = $cpu;}return $cpus;} -$stat1 = GetCoreInformation();sleep(1);$stat2 = GetCoreInformation();$data = GetCpuPercentages($stat1, $stat2); -$cpu_show = $data['cpu0']['user']."%us, ".$data['cpu0']['sys']."%sy, ".$data['cpu0']['nice']."%ni, ".$data['cpu0']['idle']."%id, ".$data['cpu0']['iowait']."%wa, ".$data['cpu0']['irq']."%irq, ".$data['cpu0']['softirq']."%softirq"; -function makeImageUrl($title, $data) {$api='http://api.yahei.net/tz/cpu_show.php?id=';$url.=$data['user'].',';$url.=$data['nice'].',';$url.=$data['sys'].',';$url.=$data['idle'].',';$url.=$data['iowait'];$url.='&chdl=User|Nice|Sys|Idle|Iowait&chdlp=b&chl=';$url.=$data['user'].'%25|';$url.=$data['nice'].'%25|';$url.=$data['sys'].'%25|';$url.=$data['idle'].'%25|';$url.=$data['iowait'].'%25';$url.='&chtt=Core+'.$title;return $api.base64_encode($url);} -if($_GET['act'] == "cpu_percentage"){echo "
Slow image loading, please be patient!

";foreach( $data as $k => $v ) {echo '';}echo "
";exit();} - -// 根据不同系统取得CPU相关信息 -switch(PHP_OS) -{ - case "Linux": - $sysReShow = (false !== ($sysInfo = sys_linux()))?"show":"none"; - break; - - case "FreeBSD": - $sysReShow = (false !== ($sysInfo = sys_freebsd()))?"show":"none"; - break; - -/* - case "WINNT": - $sysReShow = (false !== ($sysInfo = sys_windows()))?"show":"none"; - break; -*/ - - default: - break; -} - -//linux系统探测 -function sys_linux() -{ - // CPU - if (false === ($str = @file("/proc/cpuinfo"))) return false; - $str = implode("", $str); - @preg_match_all("/model\s+name\s{0,}\:+\s{0,}([\w\s\)\(\@.-]+)([\r\n]+)/s", $str, $model); - @preg_match_all("/cpu\s+MHz\s{0,}\:+\s{0,}([\d\.]+)[\r\n]+/", $str, $mhz); - @preg_match_all("/cache\s+size\s{0,}\:+\s{0,}([\d\.]+\s{0,}[A-Z]+[\r\n]+)/", $str, $cache); - @preg_match_all("/bogomips\s{0,}\:+\s{0,}([\d\.]+)[\r\n]+/", $str, $bogomips); - if (false !== is_array($model[1])) - { - $res['cpu']['num'] = sizeof($model[1]); - /* - for($i = 0; $i < $res['cpu']['num']; $i++) - { - $res['cpu']['model'][] = $model[1][$i].' ('.$mhz[1][$i].')'; - $res['cpu']['mhz'][] = $mhz[1][$i]; - $res['cpu']['cache'][] = $cache[1][$i]; - $res['cpu']['bogomips'][] = $bogomips[1][$i]; - }*/ - if($res['cpu']['num']==1) - $x1 = ''; - else - $x1 = ' ×'.$res['cpu']['num']; - $mhz[1][0] = ' | Frequency:'.$mhz[1][0]; - $cache[1][0] = ' | Secondary cache:'.$cache[1][0]; - $bogomips[1][0] = ' | Bogomips:'.$bogomips[1][0]; - $res['cpu']['model'][] = $model[1][0].$mhz[1][0].$cache[1][0].$bogomips[1][0].$x1; - if (false !== is_array($res['cpu']['model'])) $res['cpu']['model'] = implode("
", $res['cpu']['model']); - if (false !== is_array($res['cpu']['mhz'])) $res['cpu']['mhz'] = implode("
", $res['cpu']['mhz']); - if (false !== is_array($res['cpu']['cache'])) $res['cpu']['cache'] = implode("
", $res['cpu']['cache']); - if (false !== is_array($res['cpu']['bogomips'])) $res['cpu']['bogomips'] = implode("
", $res['cpu']['bogomips']); - } - - // NETWORK - - // UPTIME - if (false === ($str = @file("/proc/uptime"))) return false; - $str = explode(" ", implode("", $str)); - $str = trim($str[0]); - $min = $str / 60; - $hours = $min / 60; - $days = floor($hours / 24); - $hours = floor($hours - ($days * 24)); - $min = floor($min - ($days * 60 * 24) - ($hours * 60)); - if ($days !== 0) $res['uptime'] = $days."Day"; - if ($hours !== 0) $res['uptime'] .= $hours."Hour"; - $res['uptime'] .= $min."Minute"; - - // MEMORY - if (false === ($str = @file("/proc/meminfo"))) return false; - $str = implode("", $str); - preg_match_all("/MemTotal\s{0,}\:+\s{0,}([\d\.]+).+?MemFree\s{0,}\:+\s{0,}([\d\.]+).+?Cached\s{0,}\:+\s{0,}([\d\.]+).+?SwapTotal\s{0,}\:+\s{0,}([\d\.]+).+?SwapFree\s{0,}\:+\s{0,}([\d\.]+)/s", $str, $buf); - preg_match_all("/Buffers\s{0,}\:+\s{0,}([\d\.]+)/s", $str, $buffers); - - $res['memTotal'] = round($buf[1][0]/1024, 2); - $res['memFree'] = round($buf[2][0]/1024, 2); - $res['memBuffers'] = round($buffers[1][0]/1024, 2); - $res['memCached'] = round($buf[3][0]/1024, 2); - $res['memUsed'] = $res['memTotal']-$res['memFree']; - $res['memPercent'] = (floatval($res['memTotal'])!=0)?round($res['memUsed']/$res['memTotal']*100,2):0; - - $res['memRealUsed'] = $res['memTotal'] - $res['memFree'] - $res['memCached'] - $res['memBuffers']; //真实内存使用 - $res['memRealFree'] = $res['memTotal'] - $res['memRealUsed']; //真实空闲 - $res['memRealPercent'] = (floatval($res['memTotal'])!=0)?round($res['memRealUsed']/$res['memTotal']*100,2):0; //真实内存使用率 - - $res['memCachedPercent'] = (floatval($res['memCached'])!=0)?round($res['memCached']/$res['memTotal']*100,2):0; //Cached内存使用率 - - $res['swapTotal'] = round($buf[4][0]/1024, 2); - $res['swapFree'] = round($buf[5][0]/1024, 2); - $res['swapUsed'] = round($res['swapTotal']-$res['swapFree'], 2); - $res['swapPercent'] = (floatval($res['swapTotal'])!=0)?round($res['swapUsed']/$res['swapTotal']*100,2):0; - - // LOAD AVG - if (false === ($str = @file("/proc/loadavg"))) return false; - $str = explode(" ", implode("", $str)); - $str = array_chunk($str, 4); - $res['loadAvg'] = implode(" ", $str[0]); - - return $res; -} - -//FreeBSD系统探测 -function sys_freebsd() -{ - //CPU - if (false === ($res['cpu']['num'] = get_key("hw.ncpu"))) return false; - $res['cpu']['model'] = get_key("hw.model"); - //LOAD AVG - if (false === ($res['loadAvg'] = get_key("vm.loadavg"))) return false; - //UPTIME - if (false === ($buf = get_key("kern.boottime"))) return false; - $buf = explode(' ', $buf); - $sys_ticks = time() - intval($buf[3]); - $min = $sys_ticks / 60; - $hours = $min / 60; - $days = floor($hours / 24); - $hours = floor($hours - ($days * 24)); - $min = floor($min - ($days * 60 * 24) - ($hours * 60)); - if ($days !== 0) $res['uptime'] = $days."Day"; - if ($hours !== 0) $res['uptime'] .= $hours."Hour"; - $res['uptime'] .= $min."Minute"; - //MEMORY - if (false === ($buf = get_key("hw.physmem"))) return false; - $res['memTotal'] = round($buf/1024/1024, 2); - - $str = get_key("vm.vmtotal"); - preg_match_all("/\nVirtual Memory[\:\s]*\(Total[\:\s]*([\d]+)K[\,\s]*Active[\:\s]*([\d]+)K\)\n/i", $str, $buff, PREG_SET_ORDER); - preg_match_all("/\nReal Memory[\:\s]*\(Total[\:\s]*([\d]+)K[\,\s]*Active[\:\s]*([\d]+)K\)\n/i", $str, $buf, PREG_SET_ORDER); - - $res['memRealUsed'] = round($buf[0][2]/1024, 2); - $res['memCached'] = round($buff[0][2]/1024, 2); - $res['memUsed'] = round($buf[0][1]/1024, 2) + $res['memCached']; - $res['memFree'] = $res['memTotal'] - $res['memUsed']; - $res['memPercent'] = (floatval($res['memTotal'])!=0)?round($res['memUsed']/$res['memTotal']*100,2):0; - - $res['memRealPercent'] = (floatval($res['memTotal'])!=0)?round($res['memRealUsed']/$res['memTotal']*100,2):0; - - return $res; -} - -//取得参数值 FreeBSD -function get_key($keyName) -{ - return do_command('sysctl', "-n $keyName"); -} - -//确定执行文件位置 FreeBSD -function find_command($commandName) -{ - $path = array('/bin', '/sbin', '/usr/bin', '/usr/sbin', '/usr/local/bin', '/usr/local/sbin'); - foreach($path as $p) - { - if (@is_executable("$p/$commandName")) return "$p/$commandName"; - } - return false; -} - -//执行系统命令 FreeBSD -function do_command($commandName, $args) -{ - $buffer = ""; - if (false === ($command = find_command($commandName))) return false; - if ($fp = @popen("$command $args", 'r')) - { - while (!@feof($fp)) - { - $buffer .= @fgets($fp, 4096); - } - return trim($buffer); - } - return false; -} - -//windows系统探测 -function sys_windows() -{ - if (PHP_VERSION >= 5) - { - $objLocator = new COM("WbemScripting.SWbemLocator"); - $wmi = $objLocator->ConnectServer(); - $prop = $wmi->get("Win32_PnPEntity"); - } - else - { - return false; - } - - //CPU - $cpuinfo = GetWMI($wmi,"Win32_Processor", array("Name","L2CacheSize","NumberOfCores")); - $res['cpu']['num'] = $cpuinfo[0]['NumberOfCores']; - if (null == $res['cpu']['num']) - { - $res['cpu']['num'] = 1; - }/* - for ($i=0;$i<$res['cpu']['num'];$i++) - { - $res['cpu']['model'] .= $cpuinfo[0]['Name']."
"; - $res['cpu']['cache'] .= $cpuinfo[0]['L2CacheSize']."
"; - }*/ - $cpuinfo[0]['L2CacheSize'] = ' ('.$cpuinfo[0]['L2CacheSize'].')'; - if($res['cpu']['num']==1) - $x1 = ''; - else - $x1 = ' ×'.$res['cpu']['num']; - $res['cpu']['model'] = $cpuinfo[0]['Name'].$cpuinfo[0]['L2CacheSize'].$x1; - // SYSINFO - $sysinfo = GetWMI($wmi,"Win32_OperatingSystem", array('LastBootUpTime','TotalVisibleMemorySize','FreePhysicalMemory','Caption','CSDVersion','SerialNumber','InstallDate')); - $sysinfo[0]['Caption']=iconv('GBK', 'UTF-8',$sysinfo[0]['Caption']); - $sysinfo[0]['CSDVersion']=iconv('GBK', 'UTF-8',$sysinfo[0]['CSDVersion']); - $res['win_n'] = $sysinfo[0]['Caption']." ".$sysinfo[0]['CSDVersion']." 序列号:{$sysinfo[0]['SerialNumber']} 于".date('Y年m月d日H:i:s',strtotime(substr($sysinfo[0]['InstallDate'],0,14)))."安装"; - //UPTIME - $res['uptime'] = $sysinfo[0]['LastBootUpTime']; - - $sys_ticks = 3600*8 + time() - strtotime(substr($res['uptime'],0,14)); - $min = $sys_ticks / 60; - $hours = $min / 60; - $days = floor($hours / 24); - $hours = floor($hours - ($days * 24)); - $min = floor($min - ($days * 60 * 24) - ($hours * 60)); - if ($days !== 0) $res['uptime'] = $days."Day"; - if ($hours !== 0) $res['uptime'] .= $hours."Hour"; - $res['uptime'] .= $min."Minute"; - - //MEMORY - $res['memTotal'] = round($sysinfo[0]['TotalVisibleMemorySize']/1024,2); - $res['memFree'] = round($sysinfo[0]['FreePhysicalMemory']/1024,2); - $res['memUsed'] = $res['memTotal']-$res['memFree']; //上面两行已经除以1024,这行不用再除了 - $res['memPercent'] = round($res['memUsed'] / $res['memTotal']*100,2); - - $swapinfo = GetWMI($wmi,"Win32_PageFileUsage", array('AllocatedBaseSize','CurrentUsage')); - - // LoadPercentage - $loadinfo = GetWMI($wmi,"Win32_Processor", array("LoadPercentage")); - $res['loadAvg'] = $loadinfo[0]['LoadPercentage']; - - return $res; -} - -function GetWMI($wmi,$strClass, $strValue = array()) -{ - $arrData = array(); - - $objWEBM = $wmi->Get($strClass); - $arrProp = $objWEBM->Properties_; - $arrWEBMCol = $objWEBM->Instances_(); - foreach($arrWEBMCol as $objItem) - { - @reset($arrProp); - $arrInstance = array(); - foreach($arrProp as $propItem) - { - eval("\$value = \$objItem->" . $propItem->Name . ";"); - if (empty($strValue)) - { - $arrInstance[$propItem->Name] = trim($value); - } - else - { - if (in_array($propItem->Name, $strValue)) - { - $arrInstance[$propItem->Name] = trim($value); - } - } - } - $arrData[] = $arrInstance; - } - return $arrData; -} - -//比例条 -function bar($percent) -{ -?> -
 
-"$du",'freeSpace'=>"$df",'hdPercent'=>"$hdPercent",'barhdPercent'=>"$hdPercent%",'TotalMemory'=>"$mt",'UsedMemory'=>"$mu",'FreeMemory'=>"$mf",'CachedMemory'=>"$mc",'Buffers'=>"$mb",'TotalSwap'=>"$st",'swapUsed'=>"$su",'swapFree'=>"$sf",'loadAvg'=>"$load",'uptime'=>"$uptime",'freetime'=>"$freetime",'bjtime'=>"$bjtime",'stime'=>"$stime",'memRealPercent'=>"$memRealPercent",'memRealUsed'=>"$memRealUsed",'memRealFree'=>"$memRealFree",'memPercent'=>"$memPercent%",'memCachedPercent'=>"$memCachedPercent",'barmemCachedPercent'=>"$memCachedPercent%",'swapPercent'=>"$swapPercent",'barmemRealPercent'=>"$memRealPercent%",'barswapPercent'=>"$swapPercent%",'NetOut2'=>"$NetOut[2]",'NetOut3'=>"$NetOut[3]",'NetOut4'=>"$NetOut[4]",'NetOut5'=>"$NetOut[5]",'NetOut6'=>"$NetOut[6]",'NetOut7'=>"$NetOut[7]",'NetOut8'=>"$NetOut[8]",'NetOut9'=>"$NetOut[9]",'NetOut10'=>"$NetOut[10]",'NetInput2'=>"$NetInput[2]",'NetInput3'=>"$NetInput[3]",'NetInput4'=>"$NetInput[4]",'NetInput5'=>"$NetInput[5]",'NetInput6'=>"$NetInput[6]",'NetInput7'=>"$NetInput[7]",'NetInput8'=>"$NetInput[8]",'NetInput9'=>"$NetInput[9]",'NetInput10'=>"$NetInput[10]",'NetOutSpeed2'=>"$NetOutSpeed[2]",'NetOutSpeed3'=>"$NetOutSpeed[3]",'NetOutSpeed4'=>"$NetOutSpeed[4]",'NetOutSpeed5'=>"$NetOutSpeed[5]",'NetInputSpeed2'=>"$NetInputSpeed[2]",'NetInputSpeed3'=>"$NetInputSpeed[3]",'NetInputSpeed4'=>"$NetInputSpeed[4]",'NetInputSpeed5'=>"$NetInputSpeed[5]"); - $jarr=json_encode($arr); - $_GET['callback'] = htmlspecialchars($_GET['callback']); - echo $_GET['callback'],'(',$jarr,')'; - exit; -} -?> - - - - -<?php echo $title.$version; ?> - - - - - - - - - - -
- - - - - - - - - - - - - - - -
PHPModuleOtherDatabasePerformanceSpeedMySQLFunctionMailDownload
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Server Parameters
Server Domain/IP - ()  Your IP address is:
Server identifies the
Server OS  Kernel version: Web Server
Server LanguageServer Port
Server HostNameAbsolute Path
Administrator MailProber Path
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Real-time Data Server
Current Server TimeServer Uptime
CPU Model [Core]
CPU usageView Chart";}else{echo "Only supports the Linux system";}?> -
Space usage - Total Space  G, - Used  G, - Free  G, - Rate % -
 
-
Memory usage - - Total Memory: - - , Used - - , Free - - , Rate - -
 
-0) -{ -?> - Cache Memory - , Rate - - % | Buffers -
 
- - Real Memory Used - - , Real Memory Free - - , Rate - - % -
 
-0) -{ -?> - SWAP: - - , Used - - , Free - - , Rate - - % -
 
- - -
Average System Load
- - - - - - - - - - - - - - - -
NetWork
: In : Real time: 0B/sOut : Real time: 0B/s
- - - - - - - - - -
PHP has been compiled module testing
-$value) { - if ($key!=0 && $key%13==0) { - echo '
'; - } - echo "$value  "; -} -?> -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
PHP Parameters
PHP Info: - - ×' :"PHPINFO";?> - PHP Version:
Run PHP: Memory Limit:
PHP Safe Mode: Post Max Size:
Upload Max Filesize: Floating-point data of significant digits:
Max Execution Time: SecondSocket TimeOut: Second
PHP Doc Root: User Dir:
Enable Dl: Include Path:
Display Errors: Register Globals:
Magic Quotes Gpc: "<?...?>"Short Open Tag:
"<% %>"ASP Tags: Ignore Repeated Errors:
Ignore Repeated Source: Report Memleaks:
Magic Quotes Gpc: Magic Quotes Runtime:
Allow URL Fopen: Register Argc Argv:
Cookie:√' : '×';?>Spell check(ASpell Library):
High-precision math(BCMath):PREL(PCRE):
PDF:SNMP:
VMailMgr:Curl:
SMTP:√' : '×';?>SMTP:×';?>
Enable Functions: Click here to view more!
Disable Functions: -×'; -} -else -{ - //echo $disFuns; - $disFuns_array = explode(',',$disFuns); - foreach ($disFuns_array as $key=>$value) - { - if ($key!=0 && $key%5==0) { - echo '
'; - } - echo "$value  "; -} -} - -?> -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Components
FTP: XML:
Session: Socket:
Calendar - Allow Url Fopen:
GD Library: - ×';} - ?>Zlib:
IMAP: JDToGregorian:
Preg Match: WDDX:
Iconv: mbstring:
BCADD: LDAP:
MCrypt: Mhash Count:
- - - - - - - - - - - - - - - - - - - - - - - -
Other Components
Zend Version×';}else{echo $zend_version;}?> - 2) -{ - echo "ZendGuardLoader[On]"; -} -else -{ - echo "Zend Optimizer"; -} -?> - 2){echo (get_cfg_var("zend_loader.enable"))?'':'×';} else{if(function_exists('zend_optimizer_version')){ echo zend_optimizer_version();}else{ echo (get_cfg_var("zend_optimizer.optimization_level")||get_cfg_var("zend_extension_manager.optimizer_ts")||get_cfg_var("zend.ze1_compatibility_mode")||get_cfg_var("zend_extension_ts"))?'':'×';}}?>
eAccelerator×";} ?>ioncube×";}?>
XCache×";} ?>APC×";} ?>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Database
MySQL: - - ODBC:
Oracle: SQL Server:
dBASE: mSQL:
SQLite: √ ';echo "SQLite3 Ver ";echo $sqliteVer[versionString];}else {echo isfun("sqlite_close");if(isfun("sqlite_close") == '') {echo " : ".@sqlite_libversion();}}?>Hyperwave:
Postgre SQL: Informix:
DBA database: DBM database:
FilePro database:SyBase database:
- - -" method="post"> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Server Performance Test
Reference ObjectInt Test
(1+1 Count 3 Million)		Float Test
(Pi times the square root of 3 million)		I/O Test
(10K file read 10,000 times)		CPU Info
LinodeVPS0.357 Second0.802 Second0.023 Second4 x Xeon L5520 @ 2.27GHz
PhotonVPS.com0.431 Second1.024 Second0.034 Second8 x Xeon E5520 @ 2.27GHz
SpaceRich.com0.421 Second1.003 Second0.038 Second4 x Core i7 920 @ 2.67GHz
RiZie.com0.521 Second1.559 Second0.054 Second2 x Pentium4 3.00GHz
CitynetHost.com0.343 Second0.761 Second0.023 Second2 x Core2Duo E4600 @ 2.40GHz
IXwebhosting.com0.535 Second1.607 Second0.058 Second4 x Xeon E5530 @ 2.40GHz
This Server


- - - - - - - - - - - - -
Network Speed Test
-
- 1000k bytes sent to the client data - 		- - - - - - - - - - - - - - - - - - -
Bandwidth1M2M3M4M5M6M7M8M9M10M
- - - - -
">">
-
- ".$_GET['speed']." Millisecond, Download Speed: "."".$speed.""." kb/s":" No Test " ?> - -
- - - - - - - - - - -
MySQL Database connection detection
- Host: - Port: - Username: - Password: - - -
- alert('Connect to the MySql database to normal')"; - } else { - echo ""; - } - } else { - echo ""; - } - } - ?> - - - - - - - - - - - alert('$funRe')"; - } - ?> -
Function Test
- Enter the function you want to test: - - - -
- - - - - - - - - - - alert('$mailRe')"; - } - ?> -
Mail Send Test
- Please enter your email address to test: - - - -
- - - - - - - - -
Processed in seconds. memory usage.TOP
- - -
- - diff --git a/images/boxs/conf.d/landscape-sysinfo.py b/images/boxs/conf.d/landscape-sysinfo.py deleted file mode 100644 index 9db55ef5..00000000 --- a/images/boxs/conf.d/landscape-sysinfo.py +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/python3 -import sys, os - -try: - if os.path.dirname(os.path.abspath(sys.argv[0])) == os.path.abspath("scripts"): - sys.path.insert(0, "./") - else: - from landscape.lib.warning import hide_warnings - hide_warnings() - - from twisted.internet import reactor - - from landscape.sysinfo.deployment import run -except ImportError: - # For some reasons the libraries are not importable for now. We are - # probably during an upgrade procedure, so let's exit, expecting the - # dependencies to be fixed at next run. - sys.exit(2) - - -if __name__ == "__main__": - run(sys.argv[1:], reactor) \ No newline at end of file diff --git a/images/boxs/conf.d/letsencrypt-renew b/images/boxs/conf.d/letsencrypt-renew deleted file mode 100644 index 13dd85e1..00000000 --- a/images/boxs/conf.d/letsencrypt-renew +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash - -# Lets Encrypt -if [ -z "$DOMAIN" ]; then - echo "You need to have \$DOMAIN set" -else - if [ -f /etc/letsencrypt/live/${DOMAIN}/fullchain.pem ]; then - certbot renew - supervisorctl restart nginx - else - echo "There is no cert to renew" - fi -fi diff --git a/images/boxs/conf.d/letsencrypt-setup b/images/boxs/conf.d/letsencrypt-setup deleted file mode 100644 index 45f560be..00000000 --- a/images/boxs/conf.d/letsencrypt-setup +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash - -# Lets Encrypt -if [ -z "$WEBROOT" ] || [ -z "$GIT_EMAIL" ] || [ -z "$DOMAIN" ]; then - echo "You need the \$WEBROOT, \$GIT_EMAIL and the \$DOMAIN Variables" -else - certbot certonly --webroot -w $WEBROOT -d $DOMAIN --email $GIT_EMAIL --agree-tos --quiet - ln -s /etc/nginx/sites-available/default-ssl.conf /etc/nginx/sites-enabled/ - - # change nginx for webroot and domain name - sed -i "s/##DOMAIN##/${DOMAIN}/g" /etc/nginx/sites-enabled/default-ssl.conf - sed -i "s#root /var/www/html;#root ${WEBROOT};#g" /etc/nginx/sites-available/default-ssl.conf - if [ ! -z "$WEBROOT" ]; then - webroot=$WEBROOT - sed -i "s#root /var/www/html;#root ${webroot};#g" /etc/nginx/sites-available/default-ssl.conf - fi - - supervisorctl restart nginx - -fi diff --git a/images/boxs/conf.d/motd.sh b/images/boxs/conf.d/motd.sh deleted file mode 100644 index 83381fc3..00000000 --- a/images/boxs/conf.d/motd.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/sh - -[ -r /etc/lsb-release ] && . /etc/lsb-release -[ -r /etc/lsb-release ] && . /usr/lib/os-release - -if [ -z "$DISTRIB_DESCRIPTION" ] && [ -x /usr/bin/lsb_release ]; then - # Fall back to using the very slow lsb_release utility - DISTRIB_DESCRIPTION=$(lsb_release -s -d) -fi - -printf "Welcome to %s (%s %s %s)\n" "$DISTRIB_DESCRIPTION" "$(uname -o)" "$(uname -r)" "$(uname -m)" - -printf "\n" -printf " * Documentation: https://help.ubuntu.com\n" -printf " * Management: https://landscape.canonical.com\n" -printf " * Support: https://ubuntu.com/advantage\n" - - # System load: 1.0 Processes: 135 - # Usage of /: 51.9% of 49.15GB Users logged in: 1 - # Memory usage: 28% IP address for eth0: 10.0.0.16 - # Swap usage: 39% IP address for docker0: 172.17.0.1 \ No newline at end of file diff --git a/images/boxs/conf.d/motd/50-landscape-sysinfo b/images/boxs/conf.d/motd/50-landscape-sysinfo deleted file mode 100644 index b1573ab3..00000000 --- a/images/boxs/conf.d/motd/50-landscape-sysinfo +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/sh -cores=$(grep -c ^processor /proc/cpuinfo 2>/dev/null) -[ "$cores" -eq "0" ] && cores=1 -threshold="${cores:-1}.0" -if [ $(echo "`cut -f1 -d ' ' /proc/loadavg` < $threshold" | bc) -eq 1 ]; then - echo - echo -n " System information as of " - /bin/date - echo - /usr/bin/landscape-sysinfo -else - echo - echo " System information disabled due to load higher than $threshold" -fi \ No newline at end of file diff --git a/images/boxs/conf.d/motd/50-motd-news b/images/boxs/conf.d/motd/50-motd-news deleted file mode 100755 index 08d7f0dc..00000000 --- a/images/boxs/conf.d/motd/50-motd-news +++ /dev/null @@ -1,135 +0,0 @@ -#!/bin/sh -# -# 50-motd-news - print the live news from the Ubuntu wire -# Copyright (C) 2016-2017 Canonical Ltd. -# Copyright (C) 2016-2017 Dustin Kirkland -# -# Authors: Dustin Kirkland -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - -############################################################################## -# This program could be rewritten in C or Golang for faster performance. -# Or it could be rewritten in Python or another higher level language -# for more modularity. -# However, I've insisted on shell here for transparency! -# - Dustin -############################################################################## - -# Source the local configuration -[ -r /etc/default/motd-news ] && . /etc/default/motd-news - -# Exit immediately, unless we're enabled -# This makes this script very easy to disable in /etc/default/motd-news configuration -[ "$ENABLED" = "1" ] || exit 0 - -# Ensure sane defaults -[ -n "$URLS" ] || URLS="https://motd.ubuntu.com" -[ -n "$WAIT" ] || WAIT=5 -[ -n "$CACHE" ] || CACHE="/var/cache/motd-news" -[ "$1" = "--force" ] && FORCED=1 - -# Ensure we print safely, maximum of the first 10 lines, -# maximum of the first 80 chars per line, no control chars -safe_print() { - cat "$1" | head -n 10 | tr -d '\000-\011\013\014\016-\037' | cut -c -80 -} - - -# If we're not forcing an update, and we have a cached motd-news file, -# then just print it and exit as quickly as possible, for login performance. -# Note that systemd should keep this cache file up to date, asynchronously -if [ "$FORCED" != "1" ]; then - if [ -r $CACHE ]; then - echo - safe_print $CACHE - else - : > $CACHE - fi - exit 0 -fi - -# If we've made it here, we've been given the --force argument, -# probably from the systemd motd-news.service. Let's update... - -# Generate our temp files, clean up when done -NEWS=$(mktemp) || exit 1 -ERR=$(mktemp) || exit 1 -CLOUD=$(mktemp) || exit 1 -trap "rm -f $NEWS $ERR $CLOUD" HUP INT QUIT ILL TRAP KILL BUS TERM - -# Construct a user agent, similar to Firefox/Chrome/Safari/IE to -# ensure a proper, tailored, accurate message of the day - -# Curl browser version, for debug purposes -curl_ver="$(dpkg -l curl | awk '$1 == "ii" { print($3); exit(0); }')" - -# Distribution version, for messages releated to this Ubuntu release -. /etc/lsb-release -lsb=$(echo "$DISTRIB_DESCRIPTION" | sed -e "s/ /\//g") -codename="$DISTRIB_CODENAME" - -# Kernel version and CPU type, for messages related to a particular revision or hardware -platform="$(uname -o)/$(uname -r)/$(uname -m)" -arch="$(uname -m)" -cpu="$(grep -m1 "^model name" /proc/cpuinfo | sed -e "s/.*: //" -e "s:\s\+:/:g")" -cloud_id="unknown" -if [ -x /usr/bin/cloud-id ]; then - /usr/bin/cloud-id > "$CLOUD" 2>/dev/null - if [ $? -eq 0 ]; then - # sanitize it a bit, just in case - cloud_id=$(cut -c -40 "${CLOUD}" | tr -c -d '[:alnum:]') - if [ -z "${cloud_id}" ]; then - cloud_id="unknown" - fi - fi -fi - -# Some messages may only be pertinent before or after some amount of uptime -read up idle < /proc/uptime -uptime="uptime/$up/$idle" - -# Piece together the user agent -USER_AGENT="curl/$curl_ver $lsb $platform $cpu $uptime cloud_id/$cloud_id" - -# Loop over any configured URLs -for u in $URLS; do - # Ensure https:// protocol, for security reasons - case $u in - https://*) - true - ;; - https://motd.ubuntu.com) - u="$u/$codename/$arch" - ;; - *) - continue - ;; - esac - # If we're forced, set the wait to much higher (1 minute) - [ "$FORCED" = "1" ] && WAIT=60 - # Fetch and print the news motd - if curl --connect-timeout "$WAIT" --max-time "$WAIT" -A "$USER_AGENT" -o- "$u" >"$NEWS" 2>"$ERR"; then - echo - # At most, 10 lines of text, remove control characters, print at most 80 characters per line - safe_print "$NEWS" - # Try to update the cache - safe_print "$NEWS" 2>/dev/null >$CACHE || true - else - : > "$CACHE" - fi -done -rm -f "$NEWS" "$ERR" "$CLOUD" -exit 0 diff --git a/images/boxs/conf.d/motd/80-esm b/images/boxs/conf.d/motd/80-esm deleted file mode 100755 index 08576213..00000000 --- a/images/boxs/conf.d/motd/80-esm +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh - -SERIES=$(lsb_release -cs) -DESCRIPTION=$(lsb_release -ds) - -[ "$SERIES" = "precise" ] || exit 0 - -[ -x /usr/bin/ubuntu-advantage ] || exit 0 - -if ubuntu-advantage is-esm-enabled; then - cat </dev/null | sort -r) || true -echo diff --git a/images/boxs/conf.d/motd/98-fsck-at-reboot b/images/boxs/conf.d/motd/98-fsck-at-reboot deleted file mode 100755 index e5ec39e5..00000000 --- a/images/boxs/conf.d/motd/98-fsck-at-reboot +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/sh - -if [ -x /usr/lib/update-notifier/update-motd-fsck-at-reboot ]; then - exec /usr/lib/update-notifier/update-motd-fsck-at-reboot -fi \ No newline at end of file diff --git a/images/boxs/conf.d/motd/98-reboot-required b/images/boxs/conf.d/motd/98-reboot-required deleted file mode 100755 index e86de0ba..00000000 --- a/images/boxs/conf.d/motd/98-reboot-required +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/sh - -if [ -x /usr/lib/update-notifier/update-motd-reboot-required ]; then - exec /usr/lib/update-notifier/update-motd-reboot-required -fi \ No newline at end of file diff --git a/images/boxs/conf.d/nginx.2.conf b/images/boxs/conf.d/nginx.2.conf deleted file mode 100644 index 0e528a71..00000000 --- a/images/boxs/conf.d/nginx.2.conf +++ /dev/null @@ -1,118 +0,0 @@ -user nginx; - -# Set number of worker processes automatically based on number of CPU cores. -worker_processes auto; - -# Configures default error logger. -error_log /var/log/nginx/error.log crit; -# pid /www/server/nginx/logs/nginx.pid; -worker_rlimit_nofile 51200; - -# Includes files with directives to load dynamic modules. -include /etc/nginx/modules/*.conf; - -# Enables the use of JIT for regular expressions to speed-up their processing. -pcre_jit on; - -events - { - # The maximum number of simultaneous connections that can be opened by - # a worker process. - use epoll; - worker_connections 51200; - multi_accept on; - } - -http - { - # Includes mapping of file name extensions to MIME types of responses - # and defines the default type. - include mime.types; - - # include luawaf.conf; - # include proxy.conf; - - default_type application/octet-stream; - - # Name servers used to resolve names of upstream servers into addresses. - # It's also needed when using tcpsocket and udpsocket in Lua modules. - #resolver 208.67.222.222 208.67.220.220; - - server_names_hash_bucket_size 512; - client_header_buffer_size 32k; - large_client_header_buffers 4 32k; - - # Specifies the maximum accepted body size of a client request, as - # indicated by the request header Content-Length. If the stated content - # length is greater than this size, then the client receives the HTTP - # error code 413. Set to 0 to disable. - client_max_body_size 16m; - - # Sendfile copies data between one FD and other from within the kernel, - # which is more efficient than read() + write(). - sendfile on; - - # Causes nginx to attempt to send its HTTP response head in one packet, - # instead of using partial frames. - tcp_nopush on; - - # Timeout for keep-alive connections. Server will close connections after this time. - keepalive_timeout 60; - - # Don't buffer data-sends (disable Nagle algorithm). - # Good for sending frequent small bursts of data in real time. - tcp_nodelay on; - - fastcgi_connect_timeout 300; - fastcgi_send_timeout 300; - fastcgi_read_timeout 300; - fastcgi_buffer_size 64k; - fastcgi_buffers 4 64k; - fastcgi_busy_buffers_size 128k; - fastcgi_temp_file_write_size 256k; - fastcgi_intercept_errors on; - - # Path of the file with Diffie-Hellman parameters for EDH ciphers. - #ssl_dhparam /etc/ssl/nginx/dh2048.pem; - - # Specifies that our cipher suits should be preferred over client ciphers. - ssl_prefer_server_ciphers on; - - # Enables a shared SSL cache with size that can hold around 8000 sessions. - ssl_session_cache shared:SSL:2m; - - # Enable gzipping of responses. - gzip on; - gzip_min_length 1k; - gzip_buffers 4 16k; - gzip_http_version 1.1; - gzip_comp_level 2; - gzip_types text/plain application/javascript application/x-javascript text/javascript text/css application/xml; - # Set the Vary HTTP header as defined in the RFC 2616. - gzip_vary on; - - # Enable checking the existence of precompressed files. - #gzip_static on; - - gzip_proxied expired no-cache no-store private auth; - gzip_disable "MSIE [1-6]\."; - - limit_conn_zone $binary_remote_addr zone=perip:10m; - limit_conn_zone $server_name zone=perserver:10m; - - # Don't tell nginx version to clients. - server_tokens off; - - # Specifies the main log format. - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - # Sets the path, format, and configuration for a buffered log write. - access_log /var/log/nginx/access.log main; - # access_log off; - - # Includes virtual hosts configs. - include /etc/nginx/conf.d/*.conf; -} - diff --git a/images/boxs/conf.d/nginx.conf b/images/boxs/conf.d/nginx.conf deleted file mode 100644 index 0c426183..00000000 --- a/images/boxs/conf.d/nginx.conf +++ /dev/null @@ -1,62 +0,0 @@ -worker_processes auto; -error_log /var/log/nginx/error.log crit; -pid /run/nginx/nginx.pid; -worker_rlimit_nofile 51200; - -events - { - use epoll; - multi_accept on; - worker_connections 51200; - } - -http - { - include /etc/nginx/mime.types; - #include proxy.conf; - #include luawaf.conf; - - default_type application/octet-stream; - - server_names_hash_bucket_size 128; - client_header_buffer_size 32k; - large_client_header_buffers 4 32k; - client_max_body_size 50m; - - sendfile on; - tcp_nopush on; - - keepalive_timeout 60; - - tcp_nodelay on; - - fastcgi_connect_timeout 300; - fastcgi_send_timeout 300; - fastcgi_read_timeout 300; - fastcgi_buffer_size 64k; - fastcgi_buffers 4 64k; - fastcgi_busy_buffers_size 128k; - fastcgi_temp_file_write_size 256k; - fastcgi_intercept_errors on; - - gzip on; - gzip_min_length 1k; - gzip_buffers 4 16k; - gzip_http_version 1.1; - gzip_comp_level 2; - gzip_types text/plain application/javascript application/x-javascript text/javascript text/css application/xml; - gzip_vary on; - gzip_proxied expired no-cache no-store private auth; - gzip_disable "MSIE [1-6]\."; - - limit_conn_zone $binary_remote_addr zone=perip:10m; - limit_conn_zone $server_name zone=perserver:10m; - - server_tokens off; - access_log off; - - include /etc/nginx/conf.d/*.conf; - include /etc/nginx/vhost.d/*.conf; - include /etc/nginx/modules/*.conf; -} - diff --git a/images/boxs/conf.d/nginx.conf.d/LICENSE b/images/boxs/conf.d/nginx.conf.d/LICENSE deleted file mode 100644 index f288702d..00000000 --- a/images/boxs/conf.d/nginx.conf.d/LICENSE +++ /dev/null @@ -1,674 +0,0 @@ - GNU GENERAL PUBLIC LICENSE - Version 3, 29 June 2007 - - Copyright (C) 2007 Free Software Foundation, Inc. - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - - Preamble - - The GNU General Public License is a free, copyleft license for -software and other kinds of works. - - The licenses for most software and other practical works are designed -to take away your freedom to share and change the works. By contrast, -the GNU General Public License is intended to guarantee your freedom to -share and change all versions of a program--to make sure it remains free -software for all its users. We, the Free Software Foundation, use the -GNU General Public License for most of our software; it applies also to -any other work released this way by its authors. You can apply it to -your programs, too. - - When we speak of free software, we are referring to freedom, not -price. Our General Public Licenses are designed to make sure that you -have the freedom to distribute copies of free software (and charge for -them if you wish), that you receive source code or can get it if you -want it, that you can change the software or use pieces of it in new -free programs, and that you know you can do these things. - - To protect your rights, we need to prevent others from denying you -these rights or asking you to surrender the rights. Therefore, you have -certain responsibilities if you distribute copies of the software, or if -you modify it: responsibilities to respect the freedom of others. - - For example, if you distribute copies of such a program, whether -gratis or for a fee, you must pass on to the recipients the same -freedoms that you received. You must make sure that they, too, receive -or can get the source code. And you must show them these terms so they -know their rights. - - Developers that use the GNU GPL protect your rights with two steps: -(1) assert copyright on the software, and (2) offer you this License -giving you legal permission to copy, distribute and/or modify it. - - For the developers' and authors' protection, the GPL clearly explains -that there is no warranty for this free software. For both users' and -authors' sake, the GPL requires that modified versions be marked as -changed, so that their problems will not be attributed erroneously to -authors of previous versions. - - Some devices are designed to deny users access to install or run -modified versions of the software inside them, although the manufacturer -can do so. This is fundamentally incompatible with the aim of -protecting users' freedom to change the software. The systematic -pattern of such abuse occurs in the area of products for individuals to -use, which is precisely where it is most unacceptable. Therefore, we -have designed this version of the GPL to prohibit the practice for those -products. If such problems arise substantially in other domains, we -stand ready to extend this provision to those domains in future versions -of the GPL, as needed to protect the freedom of users. - - Finally, every program is threatened constantly by software patents. -States should not allow patents to restrict development and use of -software on general-purpose computers, but in those that do, we wish to -avoid the special danger that patents applied to a free program could -make it effectively proprietary. To prevent this, the GPL assures that -patents cannot be used to render the program non-free. - - The precise terms and conditions for copying, distribution and -modification follow. - - TERMS AND CONDITIONS - - 0. Definitions. - - "This License" refers to version 3 of the GNU General Public License. - - "Copyright" also means copyright-like laws that apply to other kinds of -works, such as semiconductor masks. - - "The Program" refers to any copyrightable work licensed under this -License. Each licensee is addressed as "you". "Licensees" and -"recipients" may be individuals or organizations. - - To "modify" a work means to copy from or adapt all or part of the work -in a fashion requiring copyright permission, other than the making of an -exact copy. The resulting work is called a "modified version" of the -earlier work or a work "based on" the earlier work. - - A "covered work" means either the unmodified Program or a work based -on the Program. - - To "propagate" a work means to do anything with it that, without -permission, would make you directly or secondarily liable for -infringement under applicable copyright law, except executing it on a -computer or modifying a private copy. Propagation includes copying, -distribution (with or without modification), making available to the -public, and in some countries other activities as well. - - To "convey" a work means any kind of propagation that enables other -parties to make or receive copies. Mere interaction with a user through -a computer network, with no transfer of a copy, is not conveying. - - An interactive user interface displays "Appropriate Legal Notices" -to the extent that it includes a convenient and prominently visible -feature that (1) displays an appropriate copyright notice, and (2) -tells the user that there is no warranty for the work (except to the -extent that warranties are provided), that licensees may convey the -work under this License, and how to view a copy of this License. If -the interface presents a list of user commands or options, such as a -menu, a prominent item in the list meets this criterion. - - 1. Source Code. - - The "source code" for a work means the preferred form of the work -for making modifications to it. "Object code" means any non-source -form of a work. - - A "Standard Interface" means an interface that either is an official -standard defined by a recognized standards body, or, in the case of -interfaces specified for a particular programming language, one that -is widely used among developers working in that language. - - The "System Libraries" of an executable work include anything, other -than the work as a whole, that (a) is included in the normal form of -packaging a Major Component, but which is not part of that Major -Component, and (b) serves only to enable use of the work with that -Major Component, or to implement a Standard Interface for which an -implementation is available to the public in source code form. A -"Major Component", in this context, means a major essential component -(kernel, window system, and so on) of the specific operating system -(if any) on which the executable work runs, or a compiler used to -produce the work, or an object code interpreter used to run it. - - The "Corresponding Source" for a work in object code form means all -the source code needed to generate, install, and (for an executable -work) run the object code and to modify the work, including scripts to -control those activities. However, it does not include the work's -System Libraries, or general-purpose tools or generally available free -programs which are used unmodified in performing those activities but -which are not part of the work. For example, Corresponding Source -includes interface definition files associated with source files for -the work, and the source code for shared libraries and dynamically -linked subprograms that the work is specifically designed to require, -such as by intimate data communication or control flow between those -subprograms and other parts of the work. - - The Corresponding Source need not include anything that users -can regenerate automatically from other parts of the Corresponding -Source. - - The Corresponding Source for a work in source code form is that -same work. - - 2. Basic Permissions. - - All rights granted under this License are granted for the term of -copyright on the Program, and are irrevocable provided the stated -conditions are met. This License explicitly affirms your unlimited -permission to run the unmodified Program. The output from running a -covered work is covered by this License only if the output, given its -content, constitutes a covered work. This License acknowledges your -rights of fair use or other equivalent, as provided by copyright law. - - You may make, run and propagate covered works that you do not -convey, without conditions so long as your license otherwise remains -in force. You may convey covered works to others for the sole purpose -of having them make modifications exclusively for you, or provide you -with facilities for running those works, provided that you comply with -the terms of this License in conveying all material for which you do -not control copyright. Those thus making or running the covered works -for you must do so exclusively on your behalf, under your direction -and control, on terms that prohibit them from making any copies of -your copyrighted material outside their relationship with you. - - Conveying under any other circumstances is permitted solely under -the conditions stated below. Sublicensing is not allowed; section 10 -makes it unnecessary. - - 3. Protecting Users' Legal Rights From Anti-Circumvention Law. - - No covered work shall be deemed part of an effective technological -measure under any applicable law fulfilling obligations under article -11 of the WIPO copyright treaty adopted on 20 December 1996, or -similar laws prohibiting or restricting circumvention of such -measures. - - When you convey a covered work, you waive any legal power to forbid -circumvention of technological measures to the extent such circumvention -is effected by exercising rights under this License with respect to -the covered work, and you disclaim any intention to limit operation or -modification of the work as a means of enforcing, against the work's -users, your or third parties' legal rights to forbid circumvention of -technological measures. - - 4. Conveying Verbatim Copies. - - You may convey verbatim copies of the Program's source code as you -receive it, in any medium, provided that you conspicuously and -appropriately publish on each copy an appropriate copyright notice; -keep intact all notices stating that this License and any -non-permissive terms added in accord with section 7 apply to the code; -keep intact all notices of the absence of any warranty; and give all -recipients a copy of this License along with the Program. - - You may charge any price or no price for each copy that you convey, -and you may offer support or warranty protection for a fee. - - 5. Conveying Modified Source Versions. - - You may convey a work based on the Program, or the modifications to -produce it from the Program, in the form of source code under the -terms of section 4, provided that you also meet all of these conditions: - - a) The work must carry prominent notices stating that you modified - it, and giving a relevant date. - - b) The work must carry prominent notices stating that it is - released under this License and any conditions added under section - 7. This requirement modifies the requirement in section 4 to - "keep intact all notices". - - c) You must license the entire work, as a whole, under this - License to anyone who comes into possession of a copy. This - License will therefore apply, along with any applicable section 7 - additional terms, to the whole of the work, and all its parts, - regardless of how they are packaged. This License gives no - permission to license the work in any other way, but it does not - invalidate such permission if you have separately received it. - - d) If the work has interactive user interfaces, each must display - Appropriate Legal Notices; however, if the Program has interactive - interfaces that do not display Appropriate Legal Notices, your - work need not make them do so. - - A compilation of a covered work with other separate and independent -works, which are not by their nature extensions of the covered work, -and which are not combined with it such as to form a larger program, -in or on a volume of a storage or distribution medium, is called an -"aggregate" if the compilation and its resulting copyright are not -used to limit the access or legal rights of the compilation's users -beyond what the individual works permit. Inclusion of a covered work -in an aggregate does not cause this License to apply to the other -parts of the aggregate. - - 6. Conveying Non-Source Forms. - - You may convey a covered work in object code form under the terms -of sections 4 and 5, provided that you also convey the -machine-readable Corresponding Source under the terms of this License, -in one of these ways: - - a) Convey the object code in, or embodied in, a physical product - (including a physical distribution medium), accompanied by the - Corresponding Source fixed on a durable physical medium - customarily used for software interchange. - - b) Convey the object code in, or embodied in, a physical product - (including a physical distribution medium), accompanied by a - written offer, valid for at least three years and valid for as - long as you offer spare parts or customer support for that product - model, to give anyone who possesses the object code either (1) a - copy of the Corresponding Source for all the software in the - product that is covered by this License, on a durable physical - medium customarily used for software interchange, for a price no - more than your reasonable cost of physically performing this - conveying of source, or (2) access to copy the - Corresponding Source from a network server at no charge. - - c) Convey individual copies of the object code with a copy of the - written offer to provide the Corresponding Source. This - alternative is allowed only occasionally and noncommercially, and - only if you received the object code with such an offer, in accord - with subsection 6b. - - d) Convey the object code by offering access from a designated - place (gratis or for a charge), and offer equivalent access to the - Corresponding Source in the same way through the same place at no - further charge. You need not require recipients to copy the - Corresponding Source along with the object code. If the place to - copy the object code is a network server, the Corresponding Source - may be on a different server (operated by you or a third party) - that supports equivalent copying facilities, provided you maintain - clear directions next to the object code saying where to find the - Corresponding Source. Regardless of what server hosts the - Corresponding Source, you remain obligated to ensure that it is - available for as long as needed to satisfy these requirements. - - e) Convey the object code using peer-to-peer transmission, provided - you inform other peers where the object code and Corresponding - Source of the work are being offered to the general public at no - charge under subsection 6d. - - A separable portion of the object code, whose source code is excluded -from the Corresponding Source as a System Library, need not be -included in conveying the object code work. - - A "User Product" is either (1) a "consumer product", which means any -tangible personal property which is normally used for personal, family, -or household purposes, or (2) anything designed or sold for incorporation -into a dwelling. In determining whether a product is a consumer product, -doubtful cases shall be resolved in favor of coverage. For a particular -product received by a particular user, "normally used" refers to a -typical or common use of that class of product, regardless of the status -of the particular user or of the way in which the particular user -actually uses, or expects or is expected to use, the product. A product -is a consumer product regardless of whether the product has substantial -commercial, industrial or non-consumer uses, unless such uses represent -the only significant mode of use of the product. - - "Installation Information" for a User Product means any methods, -procedures, authorization keys, or other information required to install -and execute modified versions of a covered work in that User Product from -a modified version of its Corresponding Source. The information must -suffice to ensure that the continued functioning of the modified object -code is in no case prevented or interfered with solely because -modification has been made. - - If you convey an object code work under this section in, or with, or -specifically for use in, a User Product, and the conveying occurs as -part of a transaction in which the right of possession and use of the -User Product is transferred to the recipient in perpetuity or for a -fixed term (regardless of how the transaction is characterized), the -Corresponding Source conveyed under this section must be accompanied -by the Installation Information. But this requirement does not apply -if neither you nor any third party retains the ability to install -modified object code on the User Product (for example, the work has -been installed in ROM). - - The requirement to provide Installation Information does not include a -requirement to continue to provide support service, warranty, or updates -for a work that has been modified or installed by the recipient, or for -the User Product in which it has been modified or installed. Access to a -network may be denied when the modification itself materially and -adversely affects the operation of the network or violates the rules and -protocols for communication across the network. - - Corresponding Source conveyed, and Installation Information provided, -in accord with this section must be in a format that is publicly -documented (and with an implementation available to the public in -source code form), and must require no special password or key for -unpacking, reading or copying. - - 7. Additional Terms. - - "Additional permissions" are terms that supplement the terms of this -License by making exceptions from one or more of its conditions. -Additional permissions that are applicable to the entire Program shall -be treated as though they were included in this License, to the extent -that they are valid under applicable law. If additional permissions -apply only to part of the Program, that part may be used separately -under those permissions, but the entire Program remains governed by -this License without regard to the additional permissions. - - When you convey a copy of a covered work, you may at your option -remove any additional permissions from that copy, or from any part of -it. (Additional permissions may be written to require their own -removal in certain cases when you modify the work.) You may place -additional permissions on material, added by you to a covered work, -for which you have or can give appropriate copyright permission. - - Notwithstanding any other provision of this License, for material you -add to a covered work, you may (if authorized by the copyright holders of -that material) supplement the terms of this License with terms: - - a) Disclaiming warranty or limiting liability differently from the - terms of sections 15 and 16 of this License; or - - b) Requiring preservation of specified reasonable legal notices or - author attributions in that material or in the Appropriate Legal - Notices displayed by works containing it; or - - c) Prohibiting misrepresentation of the origin of that material, or - requiring that modified versions of such material be marked in - reasonable ways as different from the original version; or - - d) Limiting the use for publicity purposes of names of licensors or - authors of the material; or - - e) Declining to grant rights under trademark law for use of some - trade names, trademarks, or service marks; or - - f) Requiring indemnification of licensors and authors of that - material by anyone who conveys the material (or modified versions of - it) with contractual assumptions of liability to the recipient, for - any liability that these contractual assumptions directly impose on - those licensors and authors. - - All other non-permissive additional terms are considered "further -restrictions" within the meaning of section 10. If the Program as you -received it, or any part of it, contains a notice stating that it is -governed by this License along with a term that is a further -restriction, you may remove that term. If a license document contains -a further restriction but permits relicensing or conveying under this -License, you may add to a covered work material governed by the terms -of that license document, provided that the further restriction does -not survive such relicensing or conveying. - - If you add terms to a covered work in accord with this section, you -must place, in the relevant source files, a statement of the -additional terms that apply to those files, or a notice indicating -where to find the applicable terms. - - Additional terms, permissive or non-permissive, may be stated in the -form of a separately written license, or stated as exceptions; -the above requirements apply either way. - - 8. Termination. - - You may not propagate or modify a covered work except as expressly -provided under this License. Any attempt otherwise to propagate or -modify it is void, and will automatically terminate your rights under -this License (including any patent licenses granted under the third -paragraph of section 11). - - However, if you cease all violation of this License, then your -license from a particular copyright holder is reinstated (a) -provisionally, unless and until the copyright holder explicitly and -finally terminates your license, and (b) permanently, if the copyright -holder fails to notify you of the violation by some reasonable means -prior to 60 days after the cessation. - - Moreover, your license from a particular copyright holder is -reinstated permanently if the copyright holder notifies you of the -violation by some reasonable means, this is the first time you have -received notice of violation of this License (for any work) from that -copyright holder, and you cure the violation prior to 30 days after -your receipt of the notice. - - Termination of your rights under this section does not terminate the -licenses of parties who have received copies or rights from you under -this License. If your rights have been terminated and not permanently -reinstated, you do not qualify to receive new licenses for the same -material under section 10. - - 9. Acceptance Not Required for Having Copies. - - You are not required to accept this License in order to receive or -run a copy of the Program. Ancillary propagation of a covered work -occurring solely as a consequence of using peer-to-peer transmission -to receive a copy likewise does not require acceptance. However, -nothing other than this License grants you permission to propagate or -modify any covered work. These actions infringe copyright if you do -not accept this License. Therefore, by modifying or propagating a -covered work, you indicate your acceptance of this License to do so. - - 10. Automatic Licensing of Downstream Recipients. - - Each time you convey a covered work, the recipient automatically -receives a license from the original licensors, to run, modify and -propagate that work, subject to this License. You are not responsible -for enforcing compliance by third parties with this License. - - An "entity transaction" is a transaction transferring control of an -organization, or substantially all assets of one, or subdividing an -organization, or merging organizations. If propagation of a covered -work results from an entity transaction, each party to that -transaction who receives a copy of the work also receives whatever -licenses to the work the party's predecessor in interest had or could -give under the previous paragraph, plus a right to possession of the -Corresponding Source of the work from the predecessor in interest, if -the predecessor has it or can get it with reasonable efforts. - - You may not impose any further restrictions on the exercise of the -rights granted or affirmed under this License. For example, you may -not impose a license fee, royalty, or other charge for exercise of -rights granted under this License, and you may not initiate litigation -(including a cross-claim or counterclaim in a lawsuit) alleging that -any patent claim is infringed by making, using, selling, offering for -sale, or importing the Program or any portion of it. - - 11. Patents. - - A "contributor" is a copyright holder who authorizes use under this -License of the Program or a work on which the Program is based. The -work thus licensed is called the contributor's "contributor version". - - A contributor's "essential patent claims" are all patent claims -owned or controlled by the contributor, whether already acquired or -hereafter acquired, that would be infringed by some manner, permitted -by this License, of making, using, or selling its contributor version, -but do not include claims that would be infringed only as a -consequence of further modification of the contributor version. For -purposes of this definition, "control" includes the right to grant -patent sublicenses in a manner consistent with the requirements of -this License. - - Each contributor grants you a non-exclusive, worldwide, royalty-free -patent license under the contributor's essential patent claims, to -make, use, sell, offer for sale, import and otherwise run, modify and -propagate the contents of its contributor version. - - In the following three paragraphs, a "patent license" is any express -agreement or commitment, however denominated, not to enforce a patent -(such as an express permission to practice a patent or covenant not to -sue for patent infringement). To "grant" such a patent license to a -party means to make such an agreement or commitment not to enforce a -patent against the party. - - If you convey a covered work, knowingly relying on a patent license, -and the Corresponding Source of the work is not available for anyone -to copy, free of charge and under the terms of this License, through a -publicly available network server or other readily accessible means, -then you must either (1) cause the Corresponding Source to be so -available, or (2) arrange to deprive yourself of the benefit of the -patent license for this particular work, or (3) arrange, in a manner -consistent with the requirements of this License, to extend the patent -license to downstream recipients. "Knowingly relying" means you have -actual knowledge that, but for the patent license, your conveying the -covered work in a country, or your recipient's use of the covered work -in a country, would infringe one or more identifiable patents in that -country that you have reason to believe are valid. - - If, pursuant to or in connection with a single transaction or -arrangement, you convey, or propagate by procuring conveyance of, a -covered work, and grant a patent license to some of the parties -receiving the covered work authorizing them to use, propagate, modify -or convey a specific copy of the covered work, then the patent license -you grant is automatically extended to all recipients of the covered -work and works based on it. - - A patent license is "discriminatory" if it does not include within -the scope of its coverage, prohibits the exercise of, or is -conditioned on the non-exercise of one or more of the rights that are -specifically granted under this License. You may not convey a covered -work if you are a party to an arrangement with a third party that is -in the business of distributing software, under which you make payment -to the third party based on the extent of your activity of conveying -the work, and under which the third party grants, to any of the -parties who would receive the covered work from you, a discriminatory -patent license (a) in connection with copies of the covered work -conveyed by you (or copies made from those copies), or (b) primarily -for and in connection with specific products or compilations that -contain the covered work, unless you entered into that arrangement, -or that patent license was granted, prior to 28 March 2007. - - Nothing in this License shall be construed as excluding or limiting -any implied license or other defenses to infringement that may -otherwise be available to you under applicable patent law. - - 12. No Surrender of Others' Freedom. - - If conditions are imposed on you (whether by court order, agreement or -otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot convey a -covered work so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you may -not convey it at all. For example, if you agree to terms that obligate you -to collect a royalty for further conveying from those to whom you convey -the Program, the only way you could satisfy both those terms and this -License would be to refrain entirely from conveying the Program. - - 13. Use with the GNU Affero General Public License. - - Notwithstanding any other provision of this License, you have -permission to link or combine any covered work with a work licensed -under version 3 of the GNU Affero General Public License into a single -combined work, and to convey the resulting work. The terms of this -License will continue to apply to the part which is the covered work, -but the special requirements of the GNU Affero General Public License, -section 13, concerning interaction through a network will apply to the -combination as such. - - 14. Revised Versions of this License. - - The Free Software Foundation may publish revised and/or new versions of -the GNU General Public License from time to time. Such new versions will -be similar in spirit to the present version, but may differ in detail to -address new problems or concerns. - - Each version is given a distinguishing version number. If the -Program specifies that a certain numbered version of the GNU General -Public License "or any later version" applies to it, you have the -option of following the terms and conditions either of that numbered -version or of any later version published by the Free Software -Foundation. If the Program does not specify a version number of the -GNU General Public License, you may choose any version ever published -by the Free Software Foundation. - - If the Program specifies that a proxy can decide which future -versions of the GNU General Public License can be used, that proxy's -public statement of acceptance of a version permanently authorizes you -to choose that version for the Program. - - Later license versions may give you additional or different -permissions. However, no additional obligations are imposed on any -author or copyright holder as a result of your choosing to follow a -later version. - - 15. Disclaimer of Warranty. - - THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY -APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT -HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY -OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, -THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM -IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF -ALL NECESSARY SERVICING, REPAIR OR CORRECTION. - - 16. Limitation of Liability. - - IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS -THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY -GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE -USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF -DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD -PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), -EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF -SUCH DAMAGES. - - 17. Interpretation of Sections 15 and 16. - - If the disclaimer of warranty and limitation of liability provided -above cannot be given local legal effect according to their terms, -reviewing courts shall apply local law that most closely approximates -an absolute waiver of all civil liability in connection with the -Program, unless a warranty or assumption of liability accompanies a -copy of the Program in return for a fee. - - END OF TERMS AND CONDITIONS - - How to Apply These Terms to Your New Programs - - If you develop a new program, and you want it to be of the greatest -possible use to the public, the best way to achieve this is to make it -free software which everyone can redistribute and change under these terms. - - To do so, attach the following notices to the program. It is safest -to attach them to the start of each source file to most effectively -state the exclusion of warranty; and each file should have at least -the "copyright" line and a pointer to where the full notice is found. - - - Copyright (C) - - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation, either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see . - -Also add information on how to contact you by electronic and paper mail. - - If the program does terminal interaction, make it output a short -notice like this when it starts in an interactive mode: - - Copyright (C) - This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. - This is free software, and you are welcome to redistribute it - under certain conditions; type `show c' for details. - -The hypothetical commands `show w' and `show c' should show the appropriate -parts of the General Public License. Of course, your program's commands -might be different; for a GUI interface, you would use an "about box". - - You should also get your employer (if you work as a programmer) or school, -if any, to sign a "copyright disclaimer" for the program, if necessary. -For more information on this, and how to apply and follow the GNU GPL, see -. - - The GNU General Public License does not permit incorporating your program -into proprietary programs. If your program is a subroutine library, you -may consider it more useful to permit linking proprietary applications with -the library. If this is what you want to do, use the GNU Lesser General -Public License instead of this License. But first, please read -. diff --git a/images/boxs/conf.d/nginx.conf.d/README.md b/images/boxs/conf.d/nginx.conf.d/README.md deleted file mode 100644 index 0c60eb54..00000000 --- a/images/boxs/conf.d/nginx.conf.d/README.md +++ /dev/null @@ -1,19 +0,0 @@ -# nginx-conf - -We open source our NGINX conf. You can help us improve our service by contributing the conf. Also, we welcome you can build your own FastGit. - -## Filename rule - -[site_url].conf - -## Quick install - -Caution, till now, quick install **only supports Debian 10**. - -You can also take a try if you want to deploy FastGit on any system which uses APT as its package management tool (e.g., Ubuntu). -But we have no guarantee that the script will work properly. - -```bash -wget https://raw.githubusercontent.com/FastGitORG/nginx-conf/master/install-debian10.sh -sudo bash install-debian10.sh -``` diff --git a/images/boxs/conf.d/nginx.conf.d/anti-floc.conf b/images/boxs/conf.d/nginx.conf.d/anti-floc.conf deleted file mode 100644 index fa8fb81c..00000000 --- a/images/boxs/conf.d/nginx.conf.d/anti-floc.conf +++ /dev/null @@ -1,2 +0,0 @@ -# /etc/nginx/snippets/anti-floc.conf -add_header Permissions-Policy interest-cohort=(); \ No newline at end of file diff --git a/images/boxs/conf.d/nginx.conf.d/archive.fastgit.org.conf b/images/boxs/conf.d/nginx.conf.d/archive.fastgit.org.conf deleted file mode 100644 index 6aad19c1..00000000 --- a/images/boxs/conf.d/nginx.conf.d/archive.fastgit.org.conf +++ /dev/null @@ -1,71 +0,0 @@ -upstream GithubArchive { - server github.com:443; - keepalive 32; -} - -server { - listen 443 ssl http2; - server_name archive.fastgit.org; - root /www/wwwroot/fg; - index index.html; - - ssl_stapling on; - ssl_stapling_verify on; - ssl_trusted_certificate /var/www/cert/fg.pem; - - ssl_certificate /var/www/cert/fg.pem; - ssl_certificate_key /var/www/cert/fg.key; - - # Run following command & set permission before configuring - # curl https://ssl-config.mozilla.org/ffdhe2048.txt > /var/lib/nginx/dhparam.pem - ssl_dhparam /var/lib/nginx/dhparam.pem; - - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; - ssl_prefer_server_ciphers off; - - ssl_session_cache shared:SSL:10m; - ssl_session_timeout 10m; - ssl_session_tickets off; - - error_page 497 https://$host$request_uri; - - include /etc/nginx/snippets/anti-floc.conf; - - # SSL - location ~ \.well-known{ - allow all; - } - - location / { - - } - - location ~ ^/[^/]+/[^/]+/releases(/latest)?/download/ { - return 301 https://download.fastgit.org$request_uri; - } - - location ~ ^/[^/]+/[^/]+/archive/ { - recursive_error_pages on; - proxy_pass https://GithubArchive; - proxy_intercept_errors on; - error_page 301 302 307 = @handle_redirect; - } - - location @handle_redirect { - resolver 8.8.8.8; - recursive_error_pages on; - set $saved_redirect_location '$upstream_http_location'; - proxy_pass $saved_redirect_location; - proxy_intercept_errors on; - error_page 301 302 307 = @handle_redirect; - } - - # Block search engine - if ($http_user_agent ~* "qihoobot|Baiduspider|Bingbot|Googlebot|Googlebot-Mobile|Googlebot-Image|Mediapartners-Google|Adsbot-Google|Feedfetcher-Google|Yahoo! Slurp|Yahoo! Slurp China|YoudaoBot|Sosospider|Sogou spider|Sogou web spider|MSNBot|ia_archiver|Tomato Bot") { - return 403; - } - - access_log /www/wwwlogs/archive.fastgit.org.log; - error_log /www/wwwlogs/archive.fastgit.org.error.log; -} diff --git a/images/boxs/conf.d/nginx.conf.d/assets.fastgit.org.conf b/images/boxs/conf.d/nginx.conf.d/assets.fastgit.org.conf deleted file mode 100644 index 5abab9b7..00000000 --- a/images/boxs/conf.d/nginx.conf.d/assets.fastgit.org.conf +++ /dev/null @@ -1,81 +0,0 @@ -server { - listen 443 ssl http2; - server_name assets.fastgit.org; - root /www/wwwroot/fg; - - ssl_stapling on; - ssl_stapling_verify on; - ssl_trusted_certificate /var/www/cert/fg.pem; - - ssl_certificate /var/www/cert/fg.pem; - ssl_certificate_key /var/www/cert/fg.key; - - # Run following command & set permission before configuring - # curl https://ssl-config.mozilla.org/ffdhe2048.txt > /var/lib/nginx/dhparam.pem - ssl_dhparam /var/lib/nginx/dhparam.pem; - - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; - ssl_prefer_server_ciphers off; - - ssl_session_cache shared:SSL:10m; - ssl_session_timeout 60m; - ssl_session_tickets off; - - error_page 497 https://$host$request_uri; - - include /etc/nginx/snippets/anti-floc.conf; - - # SSL - location ~ \.well-known { - allow all; - } - - # Fuck Search Engine - location /robots.txt { - allow all; - } - - #PROXY-START/ - location ~* \.(php|jsp|cgi|asp|aspx)$ - { - proxy_pass https://github.githubassets.com; - proxy_set_header Host github.githubassets.com; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header REMOTE-HOST $remote_addr; - } - - location / - { - proxy_pass https://github.githubassets.com; - proxy_set_header Host github.githubassets.com; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header REMOTE-HOST $remote_addr; - add_header X-Cache $upstream_cache_status; - proxy_ignore_headers Set-Cookie Cache-Control expires; - # proxy_cache cache_one; - proxy_cache_key $host$uri$is_args$args; - proxy_cache_valid 200 304 301 302 480m; - expires 12h; - } - - # Block search engine - # if ($http_user_agent ~* "qihoobot|Baiduspider|Bingbot|Googlebot|Googlebot-Mobile|Googlebot-Image|Mediapartners-Google|Adsbot-Google|Feedfetcher-Google|Yahoo! Slurp|Yahoo! Slurp China|YoudaoBot|Sosospider|Sogou spider|Sogou web spider|MSNBot|ia_archiver|Tomato Bot") - # { - # return 403; - # } - - # Anti Agent Bot DDoS - # If behind CDN, use folloing commented code - # if ($http_x_forwarded_for != $remote_addr) { - # return 503; - # } - if ($proxy_add_x_forwarded_for != $remote_addr) { - return 503; - } - - access_log /www/wwwlogs/assets.fastgit.org.log; - error_log /www/wwwlogs/assets.fastgit.org.error.log; -} diff --git a/images/boxs/conf.d/nginx.conf.d/download.fastgit.org.conf b/images/boxs/conf.d/nginx.conf.d/download.fastgit.org.conf deleted file mode 100644 index 92077cf1..00000000 --- a/images/boxs/conf.d/nginx.conf.d/download.fastgit.org.conf +++ /dev/null @@ -1,73 +0,0 @@ -upstream GithubDownload { - server github.com:443; - keepalive 32; -} - -server { - listen 443 ssl http2; - server_name download.fastgit.org; - root /www/wwwroot/fg; - index index.html; - - ssl_stapling on; - ssl_stapling_verify on; - ssl_trusted_certificate /var/www/cert/fg.pem; - - ssl_certificate /var/www/cert/fg.pem; - ssl_certificate_key /var/www/cert/fg.key; - - # Run following command & set permission before configuring - # curl https://ssl-config.mozilla.org/ffdhe2048.txt > /var/lib/nginx/dhparam.pem - ssl_dhparam /var/lib/nginx/dhparam.pem; - - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; - ssl_prefer_server_ciphers off; - - ssl_session_cache shared:SSL:10m; - ssl_session_timeout 10m; - ssl_session_tickets off; - - error_page 497 https://$host$request_uri; - - include /etc/nginx/snippets/anti-floc.conf; - - # SSL - location ~ \.well-known{ - allow all; - } - - location / { - - } - - location ~ ^/[^/]+/[^/]+/releases(/latest)?/download/ { - proxy_cache_valid 206 120m; - proxy_cache_valid 200 120m; - recursive_error_pages on; - proxy_pass https://GithubDownload; - proxy_intercept_errors on; - error_page 301 302 307 = @handle_redirect; - } - - location ~ ^/[^/]+/[^/]+/archive/ { - return 301 https://archive.fastgit.org$request_uri; - } - - location @handle_redirect { - resolver 8.8.8.8; - recursive_error_pages on; - set $saved_redirect_location '$upstream_http_location'; - proxy_pass $saved_redirect_location; - proxy_intercept_errors on; - error_page 301 302 307 = @handle_redirect; - } - - # Block search engine - if ($http_user_agent ~* "qihoobot|Baiduspider|Bingbot|Googlebot|Googlebot-Mobile|Googlebot-Image|Mediapartners-Google|Adsbot-Google|Feedfetcher-Google|Yahoo! Slurp|Yahoo! Slurp China|YoudaoBot|Sosospider|Sogou spider|Sogou web spider|MSNBot|ia_archiver|Tomato Bot") { - return 403; - } - - access_log /www/wwwlogs/download.fastgit.org.log; - error_log /www/wwwlogs/download.fastgit.org.error.log; -} diff --git a/images/boxs/conf.d/nginx.conf.d/fastgit.org.conf b/images/boxs/conf.d/nginx.conf.d/fastgit.org.conf deleted file mode 100644 index 538ab84d..00000000 --- a/images/boxs/conf.d/nginx.conf.d/fastgit.org.conf +++ /dev/null @@ -1,38 +0,0 @@ -server { - listen 80; - listen [::]:80; - listen 443 ssl http2; - - server_name fastgit.org; - root /www/wwwroot/fgorg; - index index.html; - - ssl_stapling on; - ssl_stapling_verify on; - ssl_trusted_certificate /var/www/cert/fg.pem; - - ssl_certificate /var/www/cert/fg.pem; - ssl_certificate_key /var/www/cert/fg.key; - - # Run following command & set permission before configuring - # curl https://ssl-config.mozilla.org/ffdhe2048.txt > /var/lib/nginx/dhparam.pem - ssl_dhparam /var/lib/nginx/dhparam.pem; - - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; - ssl_prefer_server_ciphers off; - - ssl_session_cache shared:SSL:10m; - ssl_session_timeout 60m; - ssl_session_tickets off; - - include /etc/nginx/snippets/anti-floc.conf; - - location / { - try_files $uri $uri/ =404; - } - - access_log /www/wwwlogs/fastgit.org.log; - error_log /www/wwwlogs/fastgit.org.error.log; - -} diff --git a/images/boxs/conf.d/nginx.conf.d/hub.fastgit.org.conf b/images/boxs/conf.d/nginx.conf.d/hub.fastgit.org.conf deleted file mode 100644 index bd617566..00000000 --- a/images/boxs/conf.d/nginx.conf.d/hub.fastgit.org.conf +++ /dev/null @@ -1,109 +0,0 @@ -upstream github { - server github.com:443; - keepalive 32; -} - -server { - listen 443 ssl http2; - server_name hub.fastgit.org; - root /www/wwwroot/fg; - - ssl_stapling on; - ssl_stapling_verify on; - ssl_trusted_certificate /var/www/cert/fg.pem; - - ssl_certificate /var/www/cert/fg.pem; - ssl_certificate_key /var/www/cert/fg.key; - - # Run following command & set permission before configuring - # curl https://ssl-config.mozilla.org/ffdhe2048.txt > /var/lib/nginx/dhparam.pem - ssl_dhparam /var/lib/nginx/dhparam.pem; - - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; - ssl_prefer_server_ciphers off; - - ssl_session_cache shared:SSL:10m; - ssl_session_timeout 60m; - ssl_session_tickets off; - - client_max_body_size 2G; - error_page 497 https://$host$request_uri; - - include /etc/nginx/snippets/anti-floc.conf; - - # SSL - location ~ \.well-known { - allow all; - } - - # releases download - location ~ ^/[^/]+/[^/]+/releases/download/ { - return 301 https://download.fastgit.org$request_uri; - } - - # archive download - location ~ ^/[^/]+/[^/]+/archive/ { - return 301 https://archive.fastgit.org$request_uri; - } - - # Fuck Search Engine - location /robots.txt { - allow all; - } - - location / { - proxy_hide_header referrer-policy; - proxy_hide_header content-security-policy; - proxy_hide_header Strict-Transport-Security; - proxy_hide_header set-cookie; - proxy_hide_header x-pjax-url; - - proxy_set_header Host github.com; - proxy_set_header Accept-Encoding ""; - #proxy_set_header Connection ""; - - add_header x-pjax-url "https://hub.fastgit.org$request_uri"; - add_header X-FastGit-Node "azure-ea-0"; - - proxy_http_version 1.1; - proxy_connect_timeout 10s; - proxy_read_timeout 10s; - - # Not supported when installed from Debian source - # proxy_socket_keepalive on; - - sub_filter "\"https://raw.githubusercontent.com" "\"https://raw.fastgit.org"; - sub_filter "\"https://github.com" "\"https://hub.fastgit.org"; - sub_filter "\"https://github.githubassets.com" "\"https://assets.fastgit.org"; - sub_filter "\"https://github.githubassets.com" "\"https://assets.fastgit.org"; - sub_filter "https://customer-stories-feed.github.com" "https://customer-stories-feed.fastgit.org"; - sub_filter_once off; - - proxy_redirect https://github.com https://hub.fastgit.org; - proxy_redirect https://raw.githubusercontent.com https://raw.fastgit.org; - proxy_redirect https://github.githubassets.com https://assets.fastgit.org; - proxy_redirect https://customer-stories-feed.github.com https://customer-stories-feed.fastgit.org; - proxy_redirect https://codeload.github.com https://codeload.fastgit.org; - - proxy_pass https://github; - } - - # Block search engine - # if ($http_user_agent ~* "qihoobot|Baiduspider|Bingbot|Googlebot|Googlebot-Mobile|Googlebot-Image|Mediapartners-Google|Adsbot-Google|Feedfetcher-Google|Yahoo! Slurp|Yahoo! Slurp China|YoudaoBot|Sosospider|Sogou spider|Sogou web spider|MSNBot|ia_archiver|Tomato Bot") - # { - # return 403; - # } - - # Anti Agent Bot DDoS - # If behind CDN, use folloing commented code - # if ($http_x_forwarded_for != $remote_addr) { - # return 503; - # } - if ($proxy_add_x_forwarded_for != $remote_addr) { - return 503; - } - - access_log /www/wwwlogs/hub.fastgit.org.log; - error_log /www/wwwlogs/hub.fastgit.org.error.log; -} diff --git a/images/boxs/conf.d/nginx.conf.d/install-debian10.sh b/images/boxs/conf.d/nginx.conf.d/install-debian10.sh deleted file mode 100644 index 5f39cccd..00000000 --- a/images/boxs/conf.d/nginx.conf.d/install-debian10.sh +++ /dev/null @@ -1,97 +0,0 @@ -#!/bin/bash -# Only support Debian 10 - -if [ `whoami` != "root" ]; then - echo "sudo or root is required!" - exit 1 -fi - -if [ ! -f "/etc/debian_version" ]; then - echo "Boss, do you want to try debian?" - exit 1 -fi - -read -r -p "Install FastGit.org front? [Y/n] " input - -case $input in - [yY][eE][sS]|[yY]) - echo "You selected install" - ;; - - [nN][oO]|[nN]) - echo "You selected no install" - ;; - - *) - echo "Invalid input..." - exit 1 - ;; -esac - -echo "[I] Basic operations" -apt update -apt install curl wget nano -y - -echo "[I] Install Nginx & git" -apt install nginx -y -apt install git -y - -echo "[I] I love NGINX" -systemctl enable nginx -systemctl start nginx -systemctl stop nginx - -echo "[I] Install dhparam" -curl https://ssl-config.mozilla.org/ffdhe2048.txt > /var/lib/nginx/dhparam.pem -chmod +r /var/lib/nginx/dhparam.pem - -echo "[I] Download confs" -mkdir fastgit-tmp -cd fastgit-tmp -git clone https://github.com/FastGitORG/nginx-conf --depth=1 - -echo "[I] Install confs" -cd nginx-conf - -cp *.conf /etc/nginx/sites-enabled -mv /etc/nginx/sites-enabled/anti-floc.conf /etc/nginx/snippets/anti-floc.conf - -mkdir -p /www/wwwroot/fg -mkdir -p /www/wwwlogs -cp robots.txt /www/wwwroot/fg -echo "OK!" > /www/wwwroot/fg/index.html - -echo "[I] Process FastGit.org index.html" -case $input in - [yY][eE][sS]|[yY]) - git clone "https://github.com/FastGitORG/www" /www/wwwroot/fgorg - rm -rf /www/wwwroot/fgorg/.git - rm -rf /www/wwwroot/fgorg/README.md - rm -rf /www/wwwroot/fgorg/LICENSE - ;; - - [nN][oO]|[nN]) - rm -f /etc/nginx/sites-enabled/fastgit.org.conf - ;; -esac - -echo "[I] Clean tmp" -cd .. -rm -fR nginx-conf -cd .. -rm -fR fastgit-tmp - -mkdir -p /var/www/cert/ - -echo "Please delete this line, enter certification here, and save" > /var/www/cert/fg.pem -nano /var/www/cert/fg.pem - -echo "Please delete this line, enter private key here, and save" > /var/www/cert/fg.key -nano /var/www/cert/fg.key - -nginx -t - -systemctl start nginx -systemctl reload nginx - -echo "Enjoy! :D" diff --git a/images/boxs/conf.d/nginx.conf.d/raw.fastgit.org.conf b/images/boxs/conf.d/nginx.conf.d/raw.fastgit.org.conf deleted file mode 100644 index 0cfc228d..00000000 --- a/images/boxs/conf.d/nginx.conf.d/raw.fastgit.org.conf +++ /dev/null @@ -1,99 +0,0 @@ -upstream rawgithub { - server raw.githubusercontent.com:443; - keepalive 32; -} - -server { - listen 443 ssl http2; - server_name raw.fastgit.org; - root /www/wwwroot/fg; - - ssl_stapling on; - ssl_stapling_verify on; - ssl_trusted_certificate /var/www/cert/fg.pem; - - ssl_certificate /var/www/cert/fg.pem; - ssl_certificate_key /var/www/cert/fg.key; - - # Run following command & set permission before configuring - # curl https://ssl-config.mozilla.org/ffdhe2048.txt > /var/lib/nginx/dhparam.pem - ssl_dhparam /var/lib/nginx/dhparam.pem; - - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; - ssl_prefer_server_ciphers off; - - ssl_session_cache shared:SSL:10m; - ssl_session_timeout 10m; - ssl_session_tickets off; - - error_page 497 https://$host$request_uri; - - include /etc/nginx/snippets/anti-floc.conf; - - # SSL - location ~ \.well-known { - allow all; - } - - # Fuck Search Engine - location /robots.txt { - allow all; - } - - location / { - valid_referers none blocked *.fastgit.org raw.githubusercontent.com github.com; - if ($invalid_referer){ - return 403; - } - proxy_hide_header content-security-policy; - proxy_hide_header Strict-Transport-Security; - proxy_hide_header set-cookie; - proxy_hide_header x-pjax-url; - - proxy_set_header Host raw.githubusercontent.com; - proxy_set_header Accept-Encoding ""; - # proxy_set_header Connection ""; - - add_header X-FastGit-Node "dogyun-de-1"; - - proxy_http_version 1.1; - proxy_connect_timeout 5s; - proxy_read_timeout 5s; - - proxy_pass https://rawgithub; - } - - #location ~ .*\.(jpg|jpeg|gif|png|js|css)$ - #{ - # valid_referers none blocked *.fastgit.org raw.githubusercontent.com github.com; - # if ($invalid_referer){ - # return 403; - # } - # proxy_hide_header content-security-policy; - # proxy_hide_header Strict-Transport-Security; - # proxy_hide_header set-cookie; - # proxy_hide_header x-pjax-url; - # - # proxy_set_header Host raw.githubusercontent.com; - # proxy_set_header Accept-Encoding ""; - # #proxy_set_header Connection ""; - # - # add_header x-fastgit-node "dogyun-de-1"; - # - # proxy_http_version 1.1; - # proxy_connect_timeout 5s; - # proxy_read_timeout 5s; - # - # proxy_pass https://rawgithub; - #} - - # Block search engine - # if ($http_user_agent ~* "qihoobot|Baiduspider|Googlebot|Googlebot-Mobile|Googlebot-Image|Mediapartners-Google|Adsbot-Google|Feedfetcher-Google|Yahoo! Slurp|Yahoo! Slurp China|YoudaoBot|Sosospider|Sogou spider|Sogou web spider|MSNBot|ia_archiver|Tomato Bot") - # { - # return 403; - # } - - access_log /www/wwwlogs/raw.fastgit.org.log; - error_log /www/wwwlogs/raw.fastgit.org.error.log; -} diff --git a/images/boxs/conf.d/nginx.conf.d/robots.txt b/images/boxs/conf.d/nginx.conf.d/robots.txt deleted file mode 100644 index c6742d8a..00000000 --- a/images/boxs/conf.d/nginx.conf.d/robots.txt +++ /dev/null @@ -1,2 +0,0 @@ -User-Agent: * -Disallow: / diff --git a/images/boxs/conf.d/nginx/google.nginx.conf b/images/boxs/conf.d/nginx/google.nginx.conf deleted file mode 100644 index 9514f49c..00000000 --- a/images/boxs/conf.d/nginx/google.nginx.conf +++ /dev/null @@ -1,26 +0,0 @@ -server { - server_name www.example.com; - - location / { - proxy_pass https://www.google.com/; - - proxy_redirect https://www.google.com/ /; - # proxy_redirect off; - proxy_cookie_domain google.com www.example.com; - - proxy_set_header Host "www.google.com"; - proxy_set_header Referer https://www.google.com; - proxy_set_header Accept-Encoding ""; - proxy_set_header Accept-Language "en-US"; - proxy_set_header User-Agent $http_user_agent; - - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto https; - - subs_filter http://www.google.com http://www.example.com; - subs_filter https://www.google.com http://www.example.com; - sub_filter_once off; - # 这里替换网页中的链接,因为我们的镜像站是http的,所以上面顺便把协议也一起替换了 - } -} diff --git a/images/boxs/conf.d/nginx/google2.nginx.conf b/images/boxs/conf.d/nginx/google2.nginx.conf deleted file mode 100644 index ae2ced0a..00000000 --- a/images/boxs/conf.d/nginx/google2.nginx.conf +++ /dev/null @@ -1,35 +0,0 @@ -server { - listen 443 ssl http2; - #listen [::]:443 ssl http2; - server_name 反代玉米; - - ssl_certificate /usr/local/nginx/conf/ssl/反代玉米证书.cer; - ssl_certificate_key /usr/local/nginx/conf/ssl/反代玉米证书.key; - ssl_session_timeout 5m; - ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; - ssl_prefer_server_ciphers on; - ssl_ciphers "TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5"; - ssl_session_cache builtin:1000 shared:SSL:10m; - # openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048 - ssl_dhparam /usr/local/nginx/conf/ssl/dhparam.pem; - - location / { - proxy_pass https://www.google.com; - proxy_redirect off; - sub_filter_once off; - sub_filter "www.google.com" "反代玉米"; - proxy_set_header Host "www.google.com"; - proxy_set_header Referer $http_referer; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header User-Agent $http_user_agent; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto https; - proxy_set_header Accept-Encoding ""; - proxy_set_header Accept-Language "zh-CN"; - proxy_cookie_domain www.google.com 反代玉米; - proxy_set_header Cookie "PREF=ID=047808f19f6de346:U=0f62f33dd8549d11:FF=2:LD=en-US:NW=1:TM=1325338577:LM=1332142444:GM=1:SG=2:S=rE0SyJh2W1IQ-Maw"; - } - - access_log /root/log/google.log; - error_log /root/log/google_error.log; -} diff --git a/images/boxs/conf.d/nginx/gravatar.conf b/images/boxs/conf.d/nginx/gravatar.conf deleted file mode 100644 index 6b525653..00000000 --- a/images/boxs/conf.d/nginx/gravatar.conf +++ /dev/null @@ -1,44 +0,0 @@ -proxy_cache_path /tmp/cache levels=1:2 keys_zone=gravatar:50m inactive=30m max_size=50m; -server { - listen 80; - listen 443 ssl http2; - server_name gravatar.moeelf.com; - - ssl_protocols TLSv1.2; - ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS'; - - add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"; - - ssl_prefer_server_ciphers on; - ssl_session_timeout 10m; - ssl_session_cache builtin:1000 shared:SSL:10m; - ssl_buffer_size 1400; - - ssl_certificate /etc/nginx/ssl/moeelf.com/fullchain.cer; - ssl_certificate_key /etc/nginx/ssl/moeelf.com/gravatar.moeelf.com.key; - - location / { - proxy_pass https://secure.gravatar.com/; - - proxy_redirect off; - - # 向源站传送主机头、客户端真实 IP 等特定信息。 - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header Accept-Encoding ""; - - # 指定缓存使用的空间。 - proxy_cache gravatar; - # 指定缓存使用的 key 值,方便定位清除缓存。 - proxy_cache_key $scheme$host$request_uri; - - # 指定对 200、301 或者 302 等有效代码缓存的时间长度,特定参数 any 表示对任何响应都缓存一定时间长度。 - proxy_cache_valid 200 304 7d; - proxy_cache_valid 301 24h; - proxy_cache_valid 500 502 503 504 0s; - proxy_cache_valid any 1d; - } - -} diff --git a/images/boxs/conf.d/nginx/sni-host.conf b/images/boxs/conf.d/nginx/sni-host.conf deleted file mode 100644 index f14b2a27..00000000 --- a/images/boxs/conf.d/nginx/sni-host.conf +++ /dev/null @@ -1,26 +0,0 @@ -server { - listen 65531 ssl http2 reuseport; - server_name web1.moeelf.com; - - ssl_certificate /etc/nginx/ssl/web1.moeelf.com/fullchain.cer; - ssl_certificate_key /etc/nginx/ssl/web1.moeelf.com/web1.moeelf.com.key; - ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; - ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE; - ssl_prefer_server_ciphers on; - - #log_format stream '$remote_addr [$time_local] [$ssl_preread_server_name] [$route] $status $bytes_sent $bytes_received $session_time'; - access_log /var/log/nginx/web1.moeelf.com.log; -} -server { - listen 65532 ssl http2 reuseport; - server_name web2.moeelf.com; - - ssl_certificate /etc/nginx/ssl/web2.moeelf.com/fullchain.cer; - ssl_certificate_key /etc/nginx/ssl/web2.moeelf.com/web2.moeelf.com.key; - ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; - ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE; - ssl_prefer_server_ciphers on; - - #log_format stream '$remote_addr [$time_local] [$ssl_preread_server_name] [$route] $status $bytes_sent $bytes_received $session_time'; - access_log /var/log/nginx/web2.moeelf.com.log; -} diff --git a/images/boxs/conf.d/nginx/sni.nginx.conf b/images/boxs/conf.d/nginx/sni.nginx.conf deleted file mode 100644 index a73e2c6a..00000000 --- a/images/boxs/conf.d/nginx/sni.nginx.conf +++ /dev/null @@ -1,26 +0,0 @@ -stream { - map $ssl_preread_server_name $upstream { - web1.moeelf.com web1; - web2.moeelf.com web2; - default web; - } - - log_format stream '$remote_addr [$time_local] [$ssl_preread_server_name] [$upstream] $status $bytes_sent $bytes_received $session_time'; - access_log /var/log/nginx/stream.log stream; - - upstream web1 { - server web1:65531; - } - upstream web2 { - server web2:65532; - } - upstream web { - server nginx:4433; - } - server { - listen 443 reuseport; - listen [::]:443 reuseport; - proxy_pass $upstream; - ssl_preread on; - } -} diff --git a/images/boxs/conf.d/notifier/usr/lib/update-notifier/apt-cdrom-check b/images/boxs/conf.d/notifier/usr/lib/update-notifier/apt-cdrom-check deleted file mode 100755 index a6b2e914..00000000 --- a/images/boxs/conf.d/notifier/usr/lib/update-notifier/apt-cdrom-check +++ /dev/null @@ -1,93 +0,0 @@ -#!/bin/sh -# -# helper to check if we actually have an ubuntu CD -# -# Returncode: -# 0 - no ubuntu CD -# 1 - CD with packages -# 2 - dist-upgrader CD -# 3 - aptoncd media -# (if the returncodes change, make sure to update src/cdroms.c) -# - -mount_point="$1" -aptoncd_file="$mount_point/aptoncd.info" - -# sanity checks -if [ -z "$mount_point" ]; then - exit 0 -fi - -if [ -f "$aptoncd_file" ]; then - exit 3 -fi - -if [ ! -d "$mount_point/ubuntu" ] && [ ! -f "$mount_point/cdromupgrade" ]; then - exit 0 -fi - -# check if there are "Packages" files on the cd (and ignore the -# debian-installer dir) -find "$mount_point/dists/" -name "Packages.gz" | grep -q -v debian-installer - -# 1 means "no lines were selected" in grep (no Packages file but the -# debian-installer ones) -if [ $? -eq 1 ]; then - exit 0 -fi - -# get some apt-config vars -label_start=0 -cdrom_id="" - -apt_dir="/" -apt_state_dir="var/lib/apt/" -apt_cdrom_list="cdrom.list" -eval $(apt-config shell apt_dir Dir \ - apt_state_dir Dir::State \ - apt_cdrom_list Dir::State::cdroms) - - - -# identifying ... [afkdsjaf] line -line=$(apt-cdrom -d="$1" -m ident|grep "\[.*\]") - -# remove the stuff before "Identifying... [dasjflkd]" -> "dasjflkd" -line=${line%]*} -cdrom_id=${line#*\[} - -if [ -z "$cdrom_id" ]; then - # something bad happened here, we return "not yet scanned" as - # fallback (because we are cheap) - return 1 -fi - -# [cdrom-id] -> cdrom-id -if grep -s -q "$cdrom_id" $apt_dir$apt_state_dir$apt_cdrom_list; then - # already in sources.list, ignore - exit 0 -fi - -# so this is a CD we don't know yet and it has packages. good! -THIS_VERSION=$(lsb_release -sr) -VERSION_ON_MEDIA=$(awk {'print $2'} "$mount_point/.disk/info") - -# now check if it contains a signed dist-upgrader -for d in "$mount_point"/dists/*/main/dist-upgrader/binary-all/; do - if [ -d "$d" ]; then - # ok, we have one, now check the authentication - GPG="gpgv --ignore-time-conflict --keyring /etc/apt/trusted.gpg" - if $GPG "$d/"*.tar.gz.gpg "$d"/*.tar.gz; then - # verified ok, we have a valid upgrader, if it was not ok, the - # fallback to the end is ok because we still have packages on it - if dpkg --compare-versions "$THIS_VERSION" lt "$VERSION_ON_MEDIA"; then - exit 2 - fi - fi - fi -done - -# we got an ubuntu CD with packages -if dpkg --compare-versions "$THIS_VERSION" lt "$VERSION_ON_MEDIA"; then - exit 1 -fi diff --git a/images/boxs/conf.d/notifier/usr/lib/update-notifier/apt-check b/images/boxs/conf.d/notifier/usr/lib/update-notifier/apt-check deleted file mode 120000 index 7ca7279b..00000000 --- a/images/boxs/conf.d/notifier/usr/lib/update-notifier/apt-check +++ /dev/null @@ -1 +0,0 @@ -apt_check.py \ No newline at end of file diff --git a/images/boxs/conf.d/notifier/usr/lib/update-notifier/apt_check.py b/images/boxs/conf.d/notifier/usr/lib/update-notifier/apt_check.py deleted file mode 100755 index 100faacc..00000000 --- a/images/boxs/conf.d/notifier/usr/lib/update-notifier/apt_check.py +++ /dev/null @@ -1,214 +0,0 @@ -#!/usr/bin/python3 - - -# nice apt-get -s -o Debug::NoLocking=true upgrade | grep ^Inst - -import apt -import apt_pkg -import os -import sys -from optparse import OptionParser -import gettext -import subprocess - -SYNAPTIC_PINFILE = "/var/lib/synaptic/preferences" -DISTRO = subprocess.check_output( - ["lsb_release", "-c", "-s"], - universal_newlines=True).strip() - - -def _(msg): - return gettext.dgettext("update-notifier", msg) - - -def _handleException(type, value, tb): - sys.stderr.write("E: " + _("Unknown Error: '%s' (%s)") % (type, value)) - sys.exit(-1) - - -def clean(cache, depcache): - " unmark (clean) all changes from the given depcache " - # mvo: looping is too inefficient with the new auto-mark code - # for pkg in cache.Packages: - # depcache.MarkKeep(pkg) - depcache.init() - - -def saveDistUpgrade(cache, depcache): - """ this function mimics a upgrade but will never remove anything """ - depcache.upgrade(True) - if depcache.del_count > 0: - clean(cache, depcache) - depcache.upgrade() - - -def isSecurityUpgrade(ver): - " check if the given version is a security update (or masks one) " - security_pockets = [("Ubuntu", "%s-security" % DISTRO), - ("gNewSense", "%s-security" % DISTRO), - ("Debian", "%s-updates" % DISTRO)] - for (file, index) in ver.file_list: - for origin, archive in security_pockets: - if (file.archive == archive and file.origin == origin): - return True - return False - - -def write_package_names(outstream, cache, depcache): - " write out package names that change to outstream " - pkgs = [pkg for pkg in cache.packages if depcache.marked_install(pkg) or - depcache.marked_upgrade(pkg)] - outstream.write("\n".join([p.name for p in pkgs])) - - -def write_human_readable_summary(outstream, upgrades, security_updates): - " write out human summary summary to outstream " - outstream.write(gettext.dngettext("update-notifier", - "%i package can be updated.", - "%i packages can be updated.", - upgrades) % upgrades) - outstream.write("\n") - outstream.write(gettext.dngettext("update-notifier", - "%i update is a security update.", - "%i updates are security updates.", - security_updates) % security_updates) - outstream.write("\n") - - -def init(): - " init the system, be nice " - # FIXME: do a ionice here too? - os.nice(19) - apt_pkg.init() - - -def run(options=None): - - # we are run in "are security updates installed automatically?" - # question mode - if options.security_updates_unattended: - res = apt_pkg.config.find_i("APT::Periodic::Unattended-Upgrade", 0) - # print(res) - sys.exit(res) - - # get caches - try: - cache = apt_pkg.Cache(apt.progress.base.OpProgress()) - except SystemError as e: - sys.stderr.write("E: " + _("Error: Opening the cache (%s)") % e) - sys.exit(-1) - depcache = apt_pkg.DepCache(cache) - - # read the synaptic pins too - if os.path.exists(SYNAPTIC_PINFILE): - depcache.read_pinfile(SYNAPTIC_PINFILE) - depcache.init() - - if depcache.broken_count > 0: - sys.stderr.write("E: " + _("Error: BrokenCount > 0")) - sys.exit(-1) - - # do the upgrade (not dist-upgrade!) - try: - saveDistUpgrade(cache, depcache) - except SystemError as e: - sys.stderr.write("E: " + _("Error: Marking the upgrade (%s)") % e) - sys.exit(-1) - - # analyze the ugprade - upgrades = 0 - security_updates = 0 - - # we need another cache that has more pkg details - with apt.Cache() as aptcache: - for pkg in cache.packages: - # skip packages that are not marked upgraded/installed - if not (depcache.marked_install(pkg) or - depcache.marked_upgrade(pkg)): - continue - # check if this is really a upgrade or a false positive - # (workaround for ubuntu #7907) - inst_ver = pkg.current_ver - cand_ver = depcache.get_candidate_ver(pkg) - if cand_ver == inst_ver: - continue - # check for security upgrades - if isSecurityUpgrade(cand_ver): - upgrades += 1 - security_updates += 1 - continue - - # check to see if the update is a phased one - try: - from UpdateManager.Core.UpdateList import UpdateList - ul = UpdateList(None) - ignored = ul._is_ignored_phased_update( - aptcache[pkg.get_fullname()]) - if ignored: - depcache.mark_keep(pkg) - continue - except ImportError: - pass - - upgrades = upgrades + 1 - - # now check for security updates that are masked by a - # candidate version from another repo (-proposed or -updates) - for ver in pkg.version_list: - if (inst_ver and apt_pkg.version_compare(ver.ver_str, - inst_ver.ver_str) <= - 0): - # print("skipping '%s' " % ver.VerStr) - continue - if isSecurityUpgrade(ver): - security_updates += 1 - break - - # print the number of upgrades - if options and options.show_package_names: - write_package_names(sys.stderr, cache, depcache) - elif options and options.readable_output: - write_human_readable_summary(sys.stdout, upgrades, security_updates) - else: - # print the number of regular upgrades and the number of - # security upgrades - sys.stderr.write("%s;%s" % (upgrades, security_updates)) - - # return the number of upgrades (if its used as a module) - return(upgrades, security_updates) - - -if __name__ == "__main__": - # setup a exception handler to make sure that uncaught stuff goes - # to the notifier - sys.excepthook = _handleException - - # gettext - APP = "update-notifier" - DIR = "/usr/share/locale" - gettext.bindtextdomain(APP, DIR) - gettext.textdomain(APP) - - # check arguments - parser = OptionParser() - parser.add_option("-p", - "--package-names", - action="store_true", - dest="show_package_names", - help=_("Show the packages that are " - "going to be installed/upgraded")) - parser.add_option("", - "--human-readable", - action="store_true", - dest="readable_output", - help=_("Show human readable output on stdout")) - parser.add_option("", - "--security-updates-unattended", - action="store_true", - help=_("Return the time in days when security updates " - "are installed unattended (0 means disabled)")) - (options, args) = parser.parse_args() - - # run it - init() - run(options) diff --git a/images/boxs/conf.d/notifier/usr/lib/update-notifier/backend_helper.py b/images/boxs/conf.d/notifier/usr/lib/update-notifier/backend_helper.py deleted file mode 100755 index a67244d5..00000000 --- a/images/boxs/conf.d/notifier/usr/lib/update-notifier/backend_helper.py +++ /dev/null @@ -1,168 +0,0 @@ -#!/usr/bin/python3 - -import argparse -import logging -import os -import subprocess -import sys - -HAVE_APTDAEMON = False -try: - import aptdaemon.gtk3widgets - HAVE_APTDAEMON = True -except ImportError: - pass - - -# show updates -def show_updates(): - """ show updates using update-manager """ - cmd = ["update-manager", "--no-update"] - res = subprocess.call(cmd) - return (res == 0) - - -# install all updates -def _install_all_updates_aptdaemon(): - from gi.repository import Gtk - from aptdaemon import client, enums - from aptdaemon.gtk3widgets import AptProgressDialog - client = client.AptClient() - trans = client.upgrade_system(safe_mode=True) - dia = AptProgressDialog(trans) - dia.connect("finished", Gtk.main_quit) - dia.run() - Gtk.main() - return trans.exit == enums.EXIT_SUCCESS - - -def _install_all_updates_synaptic(): - cmd = ["/usr/bin/synaptic-pkexec", - "--dist-upgrade-mode", - "--non-interactive", - "--hide-main-window", - "-o", "Synaptic::AskRelated=true", - ] - return subprocess.call(cmd) - - -def install_all_updates(): - """ install all updates either with synaptic or aptdaemon """ - if HAVE_APTDAEMON: - return _install_all_updates_aptdaemon() - else: - return _install_all_updates_synaptic() - - -# check updates -def _check_updates_aptdaemon(): - from gi.repository import Gtk - from aptdaemon import client, enums - from aptdaemon.gtk3widgets import AptProgressDialog - client = client.AptClient() - trans = client.update_cache() - dia = AptProgressDialog(trans) - dia.connect("finished", Gtk.main_quit) - dia.run() - Gtk.main() - return trans.exit == enums.EXIT_SUCCESS - - -def _check_updates_gtk(): - cmd = ["/usr/bin/synaptic-pkexec", - "--update-at-startup", - "--non-interactive", - "--hide-main-window", - ] - subprocess.call(cmd) - - -def check_updates(): - """ check for updates either with aptdaemon or synaptic """ - if HAVE_APTDAEMON: - return _check_updates_aptdaemon() - else: - return _check_updates_gtk() - - -# start packagemanager -def start_packagemanager(): - if os.path.exists("/usr/bin/synaptic-pkexec"): - cmd = ["/usr/bin/synaptic-pkexec"] - return subprocess.call(cmd) - elif os.path.exists("/usr/bin/software-center"): - return subprocess.call(["/usr/bin/software-center"]) - else: - logging.error("neither synaptic nor software-center installed") - - -# add cdrom -def _add_cdrom_sp(mount_path): - from gi.repository import Gtk - import dbus - import dbus.mainloop.glib - bus = dbus.SystemBus(mainloop=dbus.mainloop.glib.DBusGMainLoop()) - proxy = bus.get_object("com.ubuntu.SoftwareProperties", "/") - backend = dbus.Interface(proxy, "com.ubuntu.SoftwareProperties") - backend.AddCdromSource() - backend.connect_to_signal( - "SourcesListModified", Gtk.main_quit) - backend.connect_to_signal( - "CdromScanFailed", Gtk.main_quit) - Gtk.main() - if os.path.exists("/usr/bin/software-center"): - subprocess.call(["/usr/bin/software-center"]) - - -def _add_cdrom_synaptic(mount_path): - cmd = ["/usr/bin/synaptic-pkexec", "--add-cdrom", mount_path] - return subprocess.call(cmd) - - -def add_cdrom(mount_path): - if os.path.exists("/usr/bin/synaptic-pkexec"): - _add_cdrom_synaptic(mount_path) - else: - _add_cdrom_sp(mount_path) - - -if __name__ == "__main__": - - parser = argparse.ArgumentParser( - description='backend helper for update-notifier') - parser.add_argument( - '--debug', default=False, action="store_true", - help='extra debug output') - subparser = parser.add_subparsers(title="Commands") - # show_update - update-manager - command = subparser.add_parser("show_updates") - command.set_defaults(command="show_updates") - # install_all - synaptic/aptdaemon install noninteractivly - command = subparser.add_parser("install_all_updates") - command.set_defaults(command="install_all_updates") - # check_updates - synaptic --reload/aptdaemon reload - command = subparser.add_parser("check_updates") - command.set_defaults(command="check_updates") - # start_pkgmanager - command = subparser.add_parser("start_packagemanager") - command.set_defaults(command="start_packagemanager") - # add_cdrom - command = subparser.add_parser("add_cdrom") - command.add_argument("mount_path") - command.set_defaults(command="add_cdrom") - - args = parser.parse_args() - if args.debug: - logging.basicConfig(level=logging.DEBUG) - else: - logging.basicConfig(level=logging.INFO) - - func_name = args.command - f_kwargs = {} - f = globals()[func_name] - if args.command == "add_cdrom": - f_kwargs["mount_path"] = args.mount_path - res = f(**f_kwargs) - - if not res: - sys.exit(1) diff --git a/images/boxs/conf.d/notifier/usr/lib/update-notifier/cddistupgrader b/images/boxs/conf.d/notifier/usr/lib/update-notifier/cddistupgrader deleted file mode 100755 index 75db2940..00000000 --- a/images/boxs/conf.d/notifier/usr/lib/update-notifier/cddistupgrader +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/sh -# - -CDROM_MOUNT="$1" - -for d in "$CDROM_MOUNT"/dists/*/main/dist-upgrader/binary-all/; do - if [ -d "$d" ]; then - UPGRADER_DIR="$d" - break - fi -done - -TAR=$(basename "$UPGRADER_DIR"/*.tar.gz) -CODENAME=${TAR%.tar.gz} - -# get a tempdir -TMPDIR=$(mktemp -t -d distupgrade.XXXXXX) -cd $TMPDIR - -# extract the tar -tar xzf "$UPGRADER_DIR"/"$TAR" - -# apply any patches needed before running the upgrade -for apatch in /usr/share/update-notifier/upgrader-patches/*.diff; do - if patch --dry-run < "$apatch"; then - patch < "$apatch" - fi -done - -# run it -"$TMPDIR"/"$CODENAME" --cdrom "$CDROM_MOUNT" diff --git a/images/boxs/conf.d/notifier/usr/lib/update-notifier/package-data-downloader b/images/boxs/conf.d/notifier/usr/lib/update-notifier/package-data-downloader deleted file mode 100755 index f7d85660..00000000 --- a/images/boxs/conf.d/notifier/usr/lib/update-notifier/package-data-downloader +++ /dev/null @@ -1,337 +0,0 @@ -#!/usr/bin/python3 -# -*- coding: utf-8 -*- -"""Process new requests to download per-package data""" -# Copyright (C) 2012 Canonical Ltd -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of version 3 of the GNU General Public License as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - -import glob -import os -import sys -import subprocess -import traceback -import debian.deb822 -import string -import debconf -from datetime import datetime - -# avoid hanging forever (LP: #1243090) -import socket -socket.setdefaulttimeout(60) - - -DATADIR = "/usr/share/package-data-downloads/" -STAMPDIR = "/var/lib/update-notifier/package-data-downloads/" -NOTIFIER_SOURCE_FILE = \ - "/usr/share/update-notifier/package-data-downloads-failed" -NOTIFIER_FILE = "/var/lib/update-notifier/user.d/data-downloads-failed" -NOTIFIER_PERMANENT_SOURCE_FILE = NOTIFIER_SOURCE_FILE + '-permanently' -NOTIFIER_PERMANENT_FILE = NOTIFIER_FILE + '-permanently' - -failures = [] -permanent_failures = [] - - -def create_or_update_stampfile(file): - """Create or update the indicated stampfile, and remove failure flags""" - - try: - with open(file, 'w'): - pass - # Ignore errors - except Exception: - traceback.print_exc(file=sys.stderr) - - os.utime(file, None) - - for ext in ('.failed', '.permanent-failure'): - if os.path.exists(file + ext): - os.unlink(file + ext) - - -def mark_hook_failed(hook_name, permanent=False): - """Create a stampfile recording that a hook failed - - We create separate stampfiles for failed hooks so we can - keep track of how long the hook has been failing and if the failure - should be considered permanent.""" - - if permanent: - filename = hook_name + '.permanent-failure' - else: - filename = hook_name + '.failed' - - failure_file = os.path.join(STAMPDIR, filename) - try: - with open(failure_file, 'w'): - pass - - # Ignore errors - except Exception: - traceback.print_exc(file=sys.stderr) - - for ext in ('', '.failed', '.permanent-failure'): - stampfile = hook_name + ext - if filename != stampfile \ - and os.path.exists(os.path.join(STAMPDIR, stampfile)): - os.unlink(os.path.join(STAMPDIR, stampfile)) - - -def hook_is_permanently_failed(hook_name): - """Check if this hook has been marked as permanently failing. - - If so, don't raise any more errors about it.""" - - failure_file = os.path.join(STAMPDIR, hook_name + '.permanent-failure') - return os.path.exists(failure_file) - - -def hook_aged_out(hook_name): - """Check if this hook has been failing consistently for >= 3 days""" - - failure_file = os.path.join(STAMPDIR, hook_name + '.failed') - try: - hook_date = datetime.fromtimestamp(os.stat(failure_file).st_ctime) - cur_time = datetime.now() - d = cur_time - hook_date - if d.days >= 3: - return True - except OSError: - pass - except Exception: - traceback.print_exc(file=sys.stderr) - return False - - -def record_failure(hook): - """Record that the named hook has failed""" - if hook_aged_out(hook): - permanent_failures.append(hook) - else: - failures.append(hook) - - -def existing_permanent_failures(): - """Return the list of all previously recorded permanent failures""" - - files = glob.glob(os.path.join(STAMPDIR, "*.permanent-failure")) - return [os.path.splitext(os.path.basename(path))[0] for path in files] - - -def trigger_update_notifier(failures, permanent=False): - """Tell update-notifier that there were failed packages""" - - try: - if permanent: - with open(NOTIFIER_PERMANENT_SOURCE_FILE, 'r', - encoding='utf-8') as f: - input = f.read() - output_file = open(NOTIFIER_PERMANENT_FILE, 'w', encoding='utf-8') - else: - with open(NOTIFIER_SOURCE_FILE, 'r', encoding='utf-8') as f: - input = f.read() - output_file = open(NOTIFIER_FILE, 'w', encoding='utf-8') - except Exception: - # Things failed and we can't even notify about it. Break the - # trigger so that there's some error propagation, even if not - # the most pleasant sort. - traceback.print_exc(file=sys.stderr) - sys.exit(1) - - packages = [os.path.basename(failure) for failure in failures] - output_file.write( - string.Template(input).substitute( - {'packages': ", ".join(packages)})) - output_file.close() - - -def get_hook_file_names(): - res = [] - for relfile in os.listdir(DATADIR): - # ignore files ending in .dpkg-* - if (os.path.splitext(relfile)[1] and - os.path.splitext(relfile)[1].startswith(".dpkg")): - continue - res.append(relfile) - return res - - -# we use apt-helper here as this gives us the exact same proxy behavior -# as apt-get itself (environment/apt-config proxy settings/autodiscover) -def download_file(uri, sha256_hashsum): - """Download a URI and checks the given hashsum using apt-helper - - Returns: path to the downloaded file or None - """ - download_dir = os.path.join(STAMPDIR, "partial") - dest_file = os.path.join(download_dir, os.path.basename(uri)) - ret = subprocess.call( - ["/usr/lib/apt/apt-helper", - "download-file", uri, dest_file, "SHA256:" + sha256_hashsum]) - if ret != 0: - if os.path.exists(dest_file): - os.remove(dest_file) - return None - return dest_file - - -def print_maybe(*args, **kwargs): - """Version of print() that ignores failure""" - try: - print(*args, **kwargs) - except OSError: - pass - - -def process_download_requests(): - """Process requests to download package data files - - Iterate over /usr/share/package-data-downloads and download any - package data specified in the contained file, then hand off to - the indicated handler for further processing. - - Successful downloads are recorded in - /var/lib/update-notifier/package-data-downloads to avoid unnecessary - repeat handling. - - Failed downloads are reported to the user via the - update-notifier interface.""" - - # Iterate through all the available hooks. If we get a failure - # processing any of them (download failure, checksum failure, or - # failure to run the hook script), record it but continue processing - # the rest of the hooks since some of them may succeed. - for relfile in get_hook_file_names(): - - stampfile = os.path.join(STAMPDIR, relfile) - file = os.path.join(DATADIR, relfile) - try: - if not os.path.exists(NOTIFIER_FILE) and \ - not os.path.exists(NOTIFIER_PERMANENT_FILE): - hook_date = os.stat(file).st_mtime - stamp_date = os.stat(stampfile).st_mtime - if hook_date < stamp_date: - continue - elif os.path.exists(stampfile): - continue - - except Exception as e: - if not isinstance(e, OSError): - traceback.print_exc(file=sys.stderr) - - hook = debian.deb822.Deb822() - files = [] - sums = [] - for para in hook.iter_paragraphs(open(file)): - if 'Script' in para: - if not files: - record_failure(relfile) - break - command = [para['Script']] - - if 'Should-Download' in para: - db = debconf.DebconfCommunicator('update-notifier') - try: - should = db.get(para['Should-Download']) - if should == "false": - # Do nothing with this file. - break - except (DebconfError, KeyError): - pass - finally: - db.shutdown() - - print_maybe("%s: processing..." % (relfile)) - - # Download each file and verify the sum - try: - downloaded = set() - for i in range(len(files)): - print_maybe("%s: downloading %s" % (relfile, files[i])) - dest_file = download_file(files[i], sums[i]) - if dest_file: - command.append(dest_file) - downloaded.add(dest_file) - else: - record_failure(relfile) - break - if relfile in failures + permanent_failures: - break - - sys.stdout.flush() - result = subprocess.call(command) - if result: - # There's no sense redownloading if the script fails - permanent_failures.append(relfile) - else: - create_or_update_stampfile(stampfile) - # cleanup - for f in downloaded: - os.remove(f) - break - except Exception: - traceback.print_exc(file=sys.stderr) - - record_failure(relfile) - # The 'script' is always the last stanza - break - - # Not in a 'script' stanza, so we should have some urls - try: - files.append(para['Url']) - sums.append(para['Sha256']) - except Exception as e: - print_maybe("%s: Error processing!" % (relfile)) - if not isinstance(e, KeyError): - traceback.print_exc(file=sys.stderr) - record_failure(relfile) - break - - previous_failures = existing_permanent_failures() - - # We only report about "permanent" failures when there are new ones, - # but we want the whole list of permanently-failing hooks so when - # we clobber the update-notifier file we don't lose information the - # user may not have seen yet - if permanent_failures: - new_failures = False - for failure in permanent_failures: - if failure not in previous_failures: - mark_hook_failed(failure, permanent=True) - previous_failures.append(failure) - new_failures = True - if new_failures: - trigger_update_notifier(previous_failures, permanent=True) - # 2016-09-19 14:36 reset the list of permanent_failures as it caused - # tests not to be idempotent - permanent_failures.clear() - if not previous_failures and os.path.exists(NOTIFIER_PERMANENT_FILE): - os.unlink(NOTIFIER_PERMANENT_FILE) - - # Filter out new failure reports for permanently-failed packages - our_failures = [x for x in failures if x not in previous_failures] - # 2016-09-19 14:36 reset the list of permanent_failures as it caused - # tests not to be idempotent - failures.clear() - - if our_failures: - for failure in our_failures: - mark_hook_failed(failure) - trigger_update_notifier(our_failures) - elif os.path.exists(NOTIFIER_FILE): - os.unlink(NOTIFIER_FILE) - - -if __name__ == "__main__": - process_download_requests() diff --git a/images/boxs/conf.d/notifier/usr/lib/update-notifier/package-system-locked b/images/boxs/conf.d/notifier/usr/lib/update-notifier/package-system-locked deleted file mode 100755 index 53e3ccab..00000000 --- a/images/boxs/conf.d/notifier/usr/lib/update-notifier/package-system-locked +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/sh -# check if package system is locked -# return 0 if unlocked, 2 if locked, 1 on error -set -e - -for f in /var/lib/dpkg/lock /var/cache/apt/archives/lock \ - /var/lib/apt/lists/lock /run/unattended-upgrades.lock; do - [ -e $f ] || continue - - # fuser succeeds if there is at least one user - if fuser $f; then - exit 2 - fi -done - -exit 0 diff --git a/images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-fsck-at-reboot b/images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-fsck-at-reboot deleted file mode 100755 index 74585a88..00000000 --- a/images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-fsck-at-reboot +++ /dev/null @@ -1,81 +0,0 @@ -#!/bin/sh -# Authors: -# Mads Chr. Olesen -# Kees Cook -set -e - -# poor mans force -if [ "$1" = "--force" ]; then - NEEDS_FSCK_CHECK=yes -fi - -# check time when we did the last check -stamp="/var/lib/update-notifier/fsck-at-reboot" -if [ -e "$stamp" ]; then - stampt=$(stat -c %Y $stamp) -else - stampt=0 -fi - -# check time when we last booted -last_boot=$(date -d "now - $(awk '{print $1}' /proc/uptime) seconds" +%s) - -now=$(date +%s) -if [ $(($stampt + 3600)) -lt $now ] || [ $stampt -gt $now ] \ - || [ $stampt -lt $last_boot ] -then - #echo $stampt $now need update - NEEDS_FSCK_CHECK=yes -fi - -# output something for update-motd -if [ -n "$NEEDS_FSCK_CHECK" ]; then - { - check_occur_any= - - ext_partitions=$(mount | awk '$5 ~ /^ext(2|3|4)$/ { print $1 }') - for part in $ext_partitions; do - dumpe2fs_out=$(dumpe2fs -h $part 2>/dev/null) - mount_count=$(echo "$dumpe2fs_out" | grep "^Mount count:"|cut -d':' -f 2-) - if [ -z "$mount_count" ]; then mount_count=0; fi - max_mount_count=$(echo "$dumpe2fs_out" | grep "^Maximum mount count:"|cut -d':' -f 2-) - if [ -z "$max_mount_count" ]; then max_mount_count=0; fi - check_interval=$(echo "$dumpe2fs_out" | grep "^Check interval:" | cut -d':' -f 2- | cut -d'(' -f 1) - if [ -z "$check_interval" ]; then check_interval=0; fi - next_check_date=$(echo "$dumpe2fs_out" | grep "^Next check after:" | cut -d':' -f 2-) - if [ -z "$next_check_interval" ]; then next_check_interval=0; fi - next_check_tstamp=$(date -d "$next_check_date" +%s) - - #echo "next_check_date=\"$next_check_date\" next_check_tstamp=\"$next_check_tstamp\"" - #echo "part=\"$part\" mount_count=\"$mount_count\" / max=\"$max_mount_count\" " - - check_occur= - # Check based on mount counts? - if [ "$max_mount_count" -gt 0 -a \ - "$mount_count" -ge "$max_mount_count" ]; then - check_occur=yes - fi - # Check based on time passed? - if [ "$check_interval" -gt 0 -a \ - "$next_check_tstamp" -lt "$now" ]; then - check_occur=yes - fi - if [ -n "$check_occur" ]; then - check_occur_any=yes - mountpoint=$(mount | grep "^$part" | cut -d ' ' -f 3) - pass=$(grep -v '^#' /etc/fstab | tr -s ' ' '\t' | cut -s -f 2,6 | grep -w "$mountpoint" | cut -f 2) - if [ "$pass" = "0" ]; then - echo "*** $part should be checked for errors ***" - else - echo "*** $part will be checked for errors at next reboot ***" - fi - fi - done - if [ -n "$check_occur_any" ]; then - echo "" - fi - } > $stamp -fi - -# output what we have (either cached or newly generated) -cat $stamp diff --git a/images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-hwe-eol b/images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-hwe-eol deleted file mode 100755 index 02fca8f0..00000000 --- a/images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-hwe-eol +++ /dev/null @@ -1,60 +0,0 @@ -#!/bin/sh -e -# -# helper for update-motd - - -# poor mans force -if [ "$1" = "--force" ]; then - NEED_EOL_CHECK=yes -else - NEED_EOL_CHECK=no -fi - -# check time when we did the last update check -stamp="/var/lib/update-notifier/hwe-eol" - -# get list dir -StateDir="/var/lib/apt/" -ListDir="lists/" -eval "$(apt-config shell StateDir Dir::State)" -eval "$(apt-config shell ListDir Dir::State::Lists)" - -# get dpkg status file -DpkgStatus="/var/lib/dpkg/status" -eval "$(apt-config shell DpkgStatus Dir::State::status)" - -# get sources.list file -EtcDir="etc/apt/" -SourceList="sources.list" -eval "$(apt-config shell EtcDir Dir::Etc)" -eval "$(apt-config shell SourceList Dir::Etc::sourcelist)" - -# let the actual update be asynchronous to avoid stalling apt-get -cleanup() { rm -f "$tmpfile"; } - -# check if we have a list file or sources.list that needs checking -if [ -e "$stamp" ]; then - if [ "$(find "/$StateDir/$ListDir" "/$EtcDir/$SourceList" "/$DpkgStatus" -type f -newer "$stamp" -print -quit)" ]; then - NEED_EOL_CHECK=yes - fi -else - if [ "$(find "/$StateDir/$ListDir" "/$EtcDir/$SourceList" -type f -print -quit)" ]; then - NEED_EOL_CHECK=yes - fi -fi - -tmpfile="" -trap cleanup EXIT -tmpfile=$(mktemp -p $(dirname "$stamp")) - -# output something for update-motd -if [ "$NEED_EOL_CHECK" = "yes" ]; then - { - # the script may exit with status 10 when a HWE update is needed - /usr/bin/hwe-support-status || true - } > "$tmpfile" - mv "$tmpfile" "$stamp" -fi - -# output what we have (either cached or newly generated) -cat "$stamp" diff --git a/images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-reboot-required b/images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-reboot-required deleted file mode 100755 index c3cfad8b..00000000 --- a/images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-reboot-required +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh -e -# -# helper for update-motd - -if [ -f /var/run/reboot-required ]; then - cat /var/run/reboot-required -fi diff --git a/images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-updates-available b/images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-updates-available deleted file mode 100755 index 7528b505..00000000 --- a/images/boxs/conf.d/notifier/usr/lib/update-notifier/update-motd-updates-available +++ /dev/null @@ -1,59 +0,0 @@ -#!/bin/sh -e -# -# helper for update-motd - - -# poor mans force -if [ "$1" = "--force" ]; then - NEED_UPDATE_CHECK=yes -else - NEED_UPDATE_CHECK=no -fi - -# check time when we did the last update check -stamp="/var/lib/update-notifier/updates-available" - -# get list dir -StateDir="/var/lib/apt/" -ListDir="lists/" -eval "$(apt-config shell StateDir Dir::State)" -eval "$(apt-config shell ListDir Dir::State::Lists)" - -# get dpkg status file -DpkgStatus="/var/lib/dpkg/status" -eval "$(apt-config shell DpkgStatus Dir::State::status)" - -# get sources.list file -EtcDir="etc/apt/" -SourceList="sources.list" -eval "$(apt-config shell EtcDir Dir::Etc)" -eval "$(apt-config shell SourceList Dir::Etc::sourcelist)" - -# let the actual update be asynchronous to avoid stalling apt-get -cleanup() { rm -f "$tmpfile"; } - -# check if we have a list file or sources.list that needs checking -if [ -e "$stamp" ]; then - if [ "$(find "/$StateDir/$ListDir" "/$EtcDir/$SourceList" "/$DpkgStatus" -type f -newer "$stamp" -print -quit)" ]; then - NEED_UPDATE_CHECK=yes - fi -else - if [ "$(find "/$StateDir/$ListDir" "/$EtcDir/$SourceList" -type f -print -quit)" ]; then - NEED_UPDATE_CHECK=yes - fi -fi - -tmpfile="" -trap cleanup EXIT -tmpfile=$(mktemp -p $(dirname "$stamp")) - -# output something for update-motd -if [ "$NEED_UPDATE_CHECK" = "yes" ]; then - { - - echo "" - /usr/lib/update-notifier/apt-check --human-readable - echo "" - } > "$tmpfile" - mv "$tmpfile" "$stamp" -fi diff --git a/images/boxs/conf.d/php.ini b/images/boxs/conf.d/php.ini deleted file mode 100644 index e72b7df1..00000000 --- a/images/boxs/conf.d/php.ini +++ /dev/null @@ -1,1934 +0,0 @@ -[PHP] - -;;;;;;;;;;;;;;;;;;; -; About php.ini ; -;;;;;;;;;;;;;;;;;;; -; PHP's initialization file, generally called php.ini, is responsible for -; configuring many of the aspects of PHP's behavior. - -; PHP attempts to find and load this configuration from a number of locations. -; The following is a summary of its search order: -; 1. SAPI module specific location. -; 2. The PHPRC environment variable. (As of PHP 5.2.0) -; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) -; 4. Current working directory (except CLI) -; 5. The web server's directory (for SAPI modules), or directory of PHP -; (otherwise in Windows) -; 6. The directory from the --with-config-file-path compile time option, or the -; Windows directory (C:\windows or C:\winnt) -; See the PHP docs for more specific information. -; http://php.net/configuration.file - -; The syntax of the file is extremely simple. Whitespace and lines -; beginning with a semicolon are silently ignored (as you probably guessed). -; Section headers (e.g. [Foo]) are also silently ignored, even though -; they might mean something in the future. - -; Directives following the section heading [PATH=/www/mysite] only -; apply to PHP files in the /www/mysite directory. Directives -; following the section heading [HOST=www.example.com] only apply to -; PHP files served from www.example.com. Directives set in these -; special sections cannot be overridden by user-defined INI files or -; at runtime. Currently, [PATH=] and [HOST=] sections only work under -; CGI/FastCGI. -; http://php.net/ini.sections - -; Directives are specified using the following syntax: -; directive = value -; Directive names are *case sensitive* - foo=bar is different from FOO=bar. -; Directives are variables used to configure PHP or PHP extensions. -; There is no name validation. If PHP can't find an expected -; directive because it is not set or is mistyped, a default value will be used. - -; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one -; of the INI constants (On, Off, True, False, Yes, No and None) or an expression -; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a -; previously set variable or directive (e.g. ${foo}) - -; Expressions in the INI file are limited to bitwise operators and parentheses: -; | bitwise OR -; ^ bitwise XOR -; & bitwise AND -; ~ bitwise NOT -; ! boolean NOT - -; Boolean flags can be turned on using the values 1, On, True or Yes. -; They can be turned off using the values 0, Off, False or No. - -; An empty string can be denoted by simply not writing anything after the equal -; sign, or by using the None keyword: - -; foo = ; sets foo to an empty string -; foo = None ; sets foo to an empty string -; foo = "None" ; sets foo to the string 'None' - -; If you use constants in your value, and these constants belong to a -; dynamically loaded extension (either a PHP extension or a Zend extension), -; you may only use these constants *after* the line that loads the extension. - -;;;;;;;;;;;;;;;;;;; -; About this file ; -;;;;;;;;;;;;;;;;;;; -; PHP comes packaged with two INI files. One that is recommended to be used -; in production environments and one that is recommended to be used in -; development environments. - -; php.ini-production contains settings which hold security, performance and -; best practices at its core. But please be aware, these settings may break -; compatibility with older or less security conscience applications. We -; recommending using the production ini in production and testing environments. - -; php.ini-development is very similar to its production variant, except it is -; much more verbose when it comes to errors. We recommend using the -; development version only in development environments, as errors shown to -; application users can inadvertently leak otherwise secure information. - -; This is php.ini-production INI file. - -;;;;;;;;;;;;;;;;;;; -; Quick Reference ; -;;;;;;;;;;;;;;;;;;; -; The following are all the settings which are different in either the production -; or development versions of the INIs with respect to PHP's default behavior. -; Please see the actual settings later in the document for more details as to why -; we recommend these changes in PHP's behavior. - -; display_errors -; Default Value: On -; Development Value: On -; Production Value: Off - -; display_startup_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; error_reporting -; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED -; Development Value: E_ALL -; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT - -; html_errors -; Default Value: On -; Development Value: On -; Production value: On - -; log_errors -; Default Value: Off -; Development Value: On -; Production Value: On - -; max_input_time -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) - -; output_buffering -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 - -; register_argc_argv -; Default Value: On -; Development Value: Off -; Production Value: Off - -; request_order -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" - -; session.gc_divisor -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 - -; session.sid_bits_per_character -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 - -; short_open_tag -; Default Value: On -; Development Value: Off -; Production Value: Off - -; track_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; variables_order -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS" - -;;;;;;;;;;;;;;;;;;;; -; php.ini Options ; -;;;;;;;;;;;;;;;;;;;; -; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" -;user_ini.filename = ".user.ini" - -; To disable this feature set this option to empty value -;user_ini.filename = - -; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) -;user_ini.cache_ttl = 300 - -;;;;;;;;;;;;;;;;;;;; -; Language Options ; -;;;;;;;;;;;;;;;;;;;; - -; Enable the PHP scripting language engine under Apache. -; http://php.net/engine -engine = On - -; This directive determines whether or not PHP will recognize code between -; tags as PHP source which should be processed as such. It is -; generally recommended that should be used and that this feature -; should be disabled, as enabling it may result in issues when generating XML -; documents, however this remains supported for backward compatibility reasons. -; Note that this directive does not control the would work. -; http://php.net/syntax-highlighting -;highlight.string = #DD0000 -;highlight.comment = #FF9900 -;highlight.keyword = #007700 -;highlight.default = #0000BB -;highlight.html = #000000 - -; If enabled, the request will be allowed to complete even if the user aborts -; the request. Consider enabling it if executing long requests, which may end up -; being interrupted by the user or a browser timing out. PHP's default behavior -; is to disable this feature. -; http://php.net/ignore-user-abort -;ignore_user_abort = On - -; Determines the size of the realpath cache to be used by PHP. This value should -; be increased on systems where PHP opens many files to reflect the quantity of -; the file operations performed. -; http://php.net/realpath-cache-size -;realpath_cache_size = 4096k - -; Duration of time, in seconds for which to cache realpath information for a given -; file or directory. For systems with rarely changing files, consider increasing this -; value. -; http://php.net/realpath-cache-ttl -;realpath_cache_ttl = 120 - -; Enables or disables the circular reference collector. -; http://php.net/zend.enable-gc -zend.enable_gc = On - -; If enabled, scripts may be written in encodings that are incompatible with -; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such -; encodings. To use this feature, mbstring extension must be enabled. -; Default: Off -;zend.multibyte = Off - -; Allows to set the default encoding for the scripts. This value will be used -; unless "declare(encoding=...)" directive appears at the top of the script. -; Only affects if zend.multibyte is set. -; Default: "" -;zend.script_encoding = - -;;;;;;;;;;;;;;;;; -; Miscellaneous ; -;;;;;;;;;;;;;;;;; - -; Decides whether PHP may expose the fact that it is installed on the server -; (e.g. by adding its signature to the Web server header). It is no security -; threat in any way, but it makes it possible to determine whether you use PHP -; on your server or not. -; http://php.net/expose-php -expose_php = Off - -;;;;;;;;;;;;;;;;;;; -; Resource Limits ; -;;;;;;;;;;;;;;;;;;; - -; Maximum execution time of each script, in seconds -; http://php.net/max-execution-time -; Note: This directive is hardcoded to 0 for the CLI SAPI -max_execution_time = 30 - -; Maximum amount of time each script may spend parsing request data. It's a good -; idea to limit this time on productions servers in order to eliminate unexpectedly -; long running scripts. -; Note: This directive is hardcoded to -1 for the CLI SAPI -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) -; http://php.net/max-input-time -max_input_time = 60 - -; Maximum input variable nesting level -; http://php.net/max-input-nesting-level -;max_input_nesting_level = 64 - -; How many GET/POST/COOKIE input variables may be accepted -; max_input_vars = 1000 - -; Maximum amount of memory a script may consume (128MB) -; http://php.net/memory-limit -memory_limit = 64M - -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -; Error handling and logging ; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -; This directive informs PHP of which errors, warnings and notices you would like -; it to take action for. The recommended way of setting values for this -; directive is through the use of the error level constants and bitwise -; operators. The error level constants are below here for convenience as well as -; some common settings and their meanings. -; By default, PHP is set to take action on all errors, notices and warnings EXCEPT -; those related to E_NOTICE and E_STRICT, which together cover best practices and -; recommended coding standards in PHP. For performance reasons, this is the -; recommend error reporting setting. Your production server shouldn't be wasting -; resources complaining about best practices and coding standards. That's what -; development servers and development settings are for. -; Note: The php.ini-development file has this setting as E_ALL. This -; means it pretty much reports everything which is exactly what you want during -; development and early testing. -; -; Error Level Constants: -; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0) -; E_ERROR - fatal run-time errors -; E_RECOVERABLE_ERROR - almost fatal run-time errors -; E_WARNING - run-time warnings (non-fatal errors) -; E_PARSE - compile-time parse errors -; E_NOTICE - run-time notices (these are warnings which often result -; from a bug in your code, but it's possible that it was -; intentional (e.g., using an uninitialized variable and -; relying on the fact it is automatically initialized to an -; empty string) -; E_STRICT - run-time notices, enable to have PHP suggest changes -; to your code which will ensure the best interoperability -; and forward compatibility of your code -; E_CORE_ERROR - fatal errors that occur during PHP's initial startup -; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's -; initial startup -; E_COMPILE_ERROR - fatal compile-time errors -; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) -; E_USER_ERROR - user-generated error message -; E_USER_WARNING - user-generated warning message -; E_USER_NOTICE - user-generated notice message -; E_DEPRECATED - warn about code that will not work in future versions -; of PHP -; E_USER_DEPRECATED - user-generated deprecation warnings -; -; Common Values: -; E_ALL (Show all errors, warnings and notices including coding standards.) -; E_ALL & ~E_NOTICE (Show all errors, except for notices) -; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.) -; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) -; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED -; Development Value: E_ALL -; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT -; http://php.net/error-reporting -error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT - -; This directive controls whether or not and where PHP will output errors, -; notices and warnings too. Error output is very useful during development, but -; it could be very dangerous in production environments. Depending on the code -; which is triggering the error, sensitive information could potentially leak -; out of your application such as database usernames and passwords or worse. -; For production environments, we recommend logging errors rather than -; sending them to STDOUT. -; Possible Values: -; Off = Do not display any errors -; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) -; On or stdout = Display errors to STDOUT -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/display-errors -display_errors = Off - -; The display of errors which occur during PHP's startup sequence are handled -; separately from display_errors. PHP's default behavior is to suppress those -; errors from clients. Turning the display of startup errors on can be useful in -; debugging configuration problems. We strongly recommend you -; set this to 'off' for production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/display-startup-errors -display_startup_errors = Off - -; Besides displaying errors, PHP can also log errors to locations such as a -; server-specific log, STDERR, or a location specified by the error_log -; directive found below. While errors should not be displayed on productions -; servers they should still be monitored and logging is a great way to do that. -; Default Value: Off -; Development Value: On -; Production Value: On -; http://php.net/log-errors -log_errors = On - -; Set maximum length of log_errors. In error_log information about the source is -; added. The default is 1024 and 0 allows to not apply any maximum length at all. -; http://php.net/log-errors-max-len -log_errors_max_len = 1024 - -; Do not log repeated messages. Repeated errors must occur in same file on same -; line unless ignore_repeated_source is set true. -; http://php.net/ignore-repeated-errors -ignore_repeated_errors = Off - -; Ignore source of message when ignoring repeated messages. When this setting -; is On you will not log errors with repeated messages from different files or -; source lines. -; http://php.net/ignore-repeated-source -ignore_repeated_source = Off - -; If this parameter is set to Off, then memory leaks will not be shown (on -; stdout or in the log). This has only effect in a debug compile, and if -; error reporting includes E_WARNING in the allowed list -; http://php.net/report-memleaks -report_memleaks = On - -; This setting is on by default. -;report_zend_debug = 0 - -; Store the last error/warning message in $php_errormsg (boolean). Setting this value -; to On can assist in debugging and is appropriate for development servers. It should -; however be disabled on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/track-errors -track_errors = Off - -; Turn off normal error reporting and emit XML-RPC error XML -; http://php.net/xmlrpc-errors -;xmlrpc_errors = 0 - -; An XML-RPC faultCode -;xmlrpc_error_number = 0 - -; When PHP displays or logs an error, it has the capability of formatting the -; error message as HTML for easier reading. This directive controls whether -; the error message is formatted as HTML or not. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: On -; Development Value: On -; Production value: On -; http://php.net/html-errors -html_errors = On - -; If html_errors is set to On *and* docref_root is not empty, then PHP -; produces clickable error messages that direct to a page describing the error -; or function causing the error in detail. -; You can download a copy of the PHP manual from http://php.net/docs -; and change docref_root to the base URL of your local copy including the -; leading '/'. You must also specify the file extension being used including -; the dot. PHP's default behavior is to leave these settings empty, in which -; case no links to documentation are generated. -; Note: Never use this feature for production boxes. -; http://php.net/docref-root -; Examples -;docref_root = "/phpmanual/" - -; http://php.net/docref-ext -;docref_ext = .html - -; String to output before an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-prepend-string -; Example: -;error_prepend_string = "" - -; String to output after an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-append-string -; Example: -;error_append_string = "" - -; Log errors to specified file. PHP's default behavior is to leave this value -; empty. -; http://php.net/error-log -; Example: -;error_log = php_errors.log -; Log errors to syslog (Event Log on Windows). -;error_log = syslog - -;windows.show_crt_warning -; Default value: 0 -; Development value: 0 -; Production value: 0 - -;;;;;;;;;;;;;;;;; -; Data Handling ; -;;;;;;;;;;;;;;;;; - -; The separator used in PHP generated URLs to separate arguments. -; PHP's default setting is "&". -; http://php.net/arg-separator.output -; Example: -;arg_separator.output = "&" - -; List of separator(s) used by PHP to parse input URLs into variables. -; PHP's default setting is "&". -; NOTE: Every character in this directive is considered as separator! -; http://php.net/arg-separator.input -; Example: -;arg_separator.input = ";&" - -; This directive determines which super global arrays are registered when PHP -; starts up. G,P,C,E & S are abbreviations for the following respective super -; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty -; paid for the registration of these arrays and because ENV is not as commonly -; used as the others, ENV is not recommended on productions servers. You -; can still get access to the environment variables through getenv() should you -; need to. -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS"; -; http://php.net/variables-order -variables_order = "GPCS" - -; This directive determines which super global data (G,P & C) should be -; registered into the super global array REQUEST. If so, it also determines -; the order in which that data is registered. The values for this directive -; are specified in the same manner as the variables_order directive, -; EXCEPT one. Leaving this value empty will cause PHP to use the value set -; in the variables_order directive. It does not mean it will leave the super -; globals array REQUEST empty. -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" -; http://php.net/request-order -request_order = "GP" - -; This directive determines whether PHP registers $argv & $argc each time it -; runs. $argv contains an array of all the arguments passed to PHP when a script -; is invoked. $argc contains an integer representing the number of arguments -; that were passed when the script was invoked. These arrays are extremely -; useful when running scripts from the command line. When this directive is -; enabled, registering these variables consumes CPU cycles and memory each time -; a script is executed. For performance reasons, this feature should be disabled -; on production servers. -; Note: This directive is hardcoded to On for the CLI SAPI -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-argc-argv -register_argc_argv = Off - -; When enabled, the ENV, REQUEST and SERVER variables are created when they're -; first used (Just In Time) instead of when the script starts. If these -; variables are not used within a script, having this directive on will result -; in a performance gain. The PHP directive register_argc_argv must be disabled -; for this directive to have any affect. -; http://php.net/auto-globals-jit -auto_globals_jit = On - -; Whether PHP will read the POST data. -; This option is enabled by default. -; Most likely, you won't want to disable this option globally. It causes $_POST -; and $_FILES to always be empty; the only way you will be able to read the -; POST data will be through the php://input stream wrapper. This can be useful -; to proxy requests or to process the POST data in a memory efficient fashion. -; http://php.net/enable-post-data-reading -;enable_post_data_reading = Off - -; Maximum size of POST data that PHP will accept. -; Its value may be 0 to disable the limit. It is ignored if POST data reading -; is disabled through enable_post_data_reading. -; http://php.net/post-max-size -post_max_size = 5120M - -; Automatically add files before PHP document. -; http://php.net/auto-prepend-file -auto_prepend_file = - -; Automatically add files after PHP document. -; http://php.net/auto-append-file -auto_append_file = - -; By default, PHP will output a media type using the Content-Type header. To -; disable this, simply set it to be empty. -; -; PHP's built-in default media type is set to text/html. -; http://php.net/default-mimetype -default_mimetype = "text/html" - -; PHP's default character set is set to UTF-8. -; http://php.net/default-charset -default_charset = "UTF-8" - -; PHP internal character encoding is set to empty. -; If empty, default_charset is used. -; http://php.net/internal-encoding -;internal_encoding = - -; PHP input character encoding is set to empty. -; If empty, default_charset is used. -; http://php.net/input-encoding -;input_encoding = - -; PHP output character encoding is set to empty. -; If empty, default_charset is used. -; See also output_buffer. -; http://php.net/output-encoding -;output_encoding = - -;;;;;;;;;;;;;;;;;;;;;;;;; -; Paths and Directories ; -;;;;;;;;;;;;;;;;;;;;;;;;; - -; UNIX: "/path1:/path2" -;include_path = ".:/php/includes" -; -; Windows: "\path1;\path2" -;include_path = ".;c:\php\includes" -; -; PHP's default setting for include_path is ".;/path/to/php/pear" -; http://php.net/include-path - -; The root of the PHP pages, used only if nonempty. -; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root -; if you are running php as a CGI under any web server (other than IIS) -; see documentation for security issues. The alternate is to use the -; cgi.force_redirect configuration below -; http://php.net/doc-root -doc_root = - -; The directory under which PHP opens the script using /~username used only -; if nonempty. -; http://php.net/user-dir -user_dir = - -; Directory in which the loadable extensions (modules) reside. -; http://php.net/extension-dir -; extension_dir = "./" -; On windows: -; extension_dir = "ext" - -; Directory where the temporary files should be placed. -; Defaults to the system default (see sys_get_temp_dir) -; sys_temp_dir = "/tmp" - -; Whether or not to enable the dl() function. The dl() function does NOT work -; properly in multithreaded servers, such as IIS or Zeus, and is automatically -; disabled on them. -; http://php.net/enable-dl -enable_dl = Off - -; cgi.force_redirect is necessary to provide security running PHP as a CGI under -; most web servers. Left undefined, PHP turns this on by default. You can -; turn it off here AT YOUR OWN RISK -; **You CAN safely turn this off for IIS, in fact, you MUST.** -; http://php.net/cgi.force-redirect -;cgi.force_redirect = 1 - -; if cgi.nph is enabled it will force cgi to always sent Status: 200 with -; every request. PHP's default behavior is to disable this feature. -;cgi.nph = 1 - -; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape -; (iPlanet) web servers, you MAY need to set an environment variable name that PHP -; will look for to know it is OK to continue execution. Setting this variable MAY -; cause security issues, KNOW WHAT YOU ARE DOING FIRST. -; http://php.net/cgi.redirect-status-env -;cgi.redirect_status_env = - -; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's -; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok -; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting -; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting -; of zero causes PHP to behave as before. Default is 1. You should fix your scripts -; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. -; http://php.net/cgi.fix-pathinfo -;cgi.fix_pathinfo=1 - -; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside -; of the web tree and people will not be able to circumvent .htaccess security. -; http://php.net/cgi.dicard-path -;cgi.discard_path=1 - -; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate -; security tokens of the calling client. This allows IIS to define the -; security context that the request runs under. mod_fastcgi under Apache -; does not currently support this feature (03/17/2002) -; Set to 1 if running under IIS. Default is zero. -; http://php.net/fastcgi.impersonate -;fastcgi.impersonate = 1 - -; Disable logging through FastCGI connection. PHP's default behavior is to enable -; this feature. -;fastcgi.logging = 0 - -; cgi.rfc2616_headers configuration option tells PHP what type of headers to -; use when sending HTTP response code. If set to 0, PHP sends Status: header that -; is supported by Apache. When this option is set to 1, PHP will send -; RFC2616 compliant header. -; Default is zero. -; http://php.net/cgi.rfc2616-headers -;cgi.rfc2616_headers = 0 - -; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! -; (shebang) at the top of the running script. This line might be needed if the -; script support running both as stand-alone script and via PHP CGI<. PHP in CGI -; mode skips this line and ignores its content if this directive is turned on. -; http://php.net/cgi.check-shebang-line -;cgi.check_shebang_line=1 - -;;;;;;;;;;;;;;;; -; File Uploads ; -;;;;;;;;;;;;;;;; - -; Whether to allow HTTP file uploads. -; http://php.net/file-uploads -file_uploads = On - -; Temporary directory for HTTP uploaded files (will use system default if not -; specified). -; http://php.net/upload-tmp-dir -;upload_tmp_dir = - -; Maximum allowed size for uploaded files. -; http://php.net/upload-max-filesize -upload_max_filesize = 5120M - -; Maximum number of files that can be uploaded via a single request -max_file_uploads = 40960 - -;;;;;;;;;;;;;;;;;; -; Fopen wrappers ; -;;;;;;;;;;;;;;;;;; - -; Whether to allow the treatment of URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-fopen -allow_url_fopen = On - -; Whether to allow include/require to open URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-include -allow_url_include = Off - -; Define the anonymous ftp password (your email address). PHP's default setting -; for this is empty. -; http://php.net/from -;from="john@doe.com" - -; Define the User-Agent string. PHP's default setting for this is empty. -; http://php.net/user-agent -;user_agent="PHP" - -; Default timeout for socket based streams (seconds) -; http://php.net/default-socket-timeout -default_socket_timeout = 60 - -; If your scripts have to deal with files from Macintosh systems, -; or you are running on a Mac and need to deal with files from -; unix or win32 systems, setting this flag will cause PHP to -; automatically detect the EOL character in those files so that -; fgets() and file() will work regardless of the source of the file. -; http://php.net/auto-detect-line-endings -;auto_detect_line_endings = Off - -;;;;;;;;;;;;;;;;;;;;;; -; Dynamic Extensions ; -;;;;;;;;;;;;;;;;;;;;;; - -; If you wish to have an extension loaded automatically, use the following -; syntax: -; -; extension=modulename.extension -; -; For example, on Windows: -; -; extension=msql.dll -; -; ... or under UNIX: -; -; extension=msql.so -; -; ... or with a path: -; -; extension=/path/to/extension/msql.so -; -; If you only provide the name of the extension, PHP will look for it in its -; default extension directory. -; -; Windows Extensions -; Note that ODBC support is built in, so no dll is needed for it. -; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5+) -; extension folders as well as the separate PECL DLL download (PHP 5+). -; Be sure to appropriately set the extension_dir directive. -; -;extension=php_bz2.dll -;extension=php_curl.dll -;extension=php_fileinfo.dll -;extension=php_ftp.dll -;extension=php_gd2.dll -;extension=php_gettext.dll -;extension=php_gmp.dll -;extension=php_intl.dll -;extension=php_imap.dll -;extension=php_interbase.dll -;extension=php_ldap.dll -;extension=php_mbstring.dll -;extension=php_exif.dll ; Must be after mbstring as it depends on it -;extension=php_mysqli.dll -;extension=php_oci8_12c.dll ; Use with Oracle Database 12c Instant Client -;extension=php_openssl.dll -;extension=php_pdo_firebird.dll -;extension=php_pdo_mysql.dll -;extension=php_pdo_oci.dll -;extension=php_pdo_odbc.dll -;extension=php_pdo_pgsql.dll -;extension=php_pdo_sqlite.dll -;extension=php_pgsql.dll -;extension=php_shmop.dll - -; The MIBS data available in the PHP distribution must be installed. -; See http://www.php.net/manual/en/snmp.installation.php -;extension=php_snmp.dll - -;extension=php_soap.dll -;extension=php_sockets.dll -;extension=php_sqlite3.dll -;extension=php_tidy.dll -;extension=php_xmlrpc.dll -;extension=php_xsl.dll - -;;;;;;;;;;;;;;;;;;; -; Module Settings ; -;;;;;;;;;;;;;;;;;;; - -[CLI Server] -; Whether the CLI web server uses ANSI color coding in its terminal output. -cli_server.color = On - -[Date] -; Defines the default timezone used by the date functions -; http://php.net/date.timezone -date.timezone = Asia/Shanghai - -; http://php.net/date.default-latitude -;date.default_latitude = 31.7667 - -; http://php.net/date.default-longitude -;date.default_longitude = 35.2333 - -; http://php.net/date.sunrise-zenith -;date.sunrise_zenith = 90.583333 - -; http://php.net/date.sunset-zenith -;date.sunset_zenith = 90.583333 - -[filter] -; http://php.net/filter.default -;filter.default = unsafe_raw - -; http://php.net/filter.default-flags -;filter.default_flags = - -[iconv] -; Use of this INI entry is deprecated, use global input_encoding instead. -; If empty, default_charset or input_encoding or iconv.input_encoding is used. -; The precedence is: default_charset < intput_encoding < iconv.input_encoding -;iconv.input_encoding = - -; Use of this INI entry is deprecated, use global internal_encoding instead. -; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. -; The precedence is: default_charset < internal_encoding < iconv.internal_encoding -;iconv.internal_encoding = - -; Use of this INI entry is deprecated, use global output_encoding instead. -; If empty, default_charset or output_encoding or iconv.output_encoding is used. -; The precedence is: default_charset < output_encoding < iconv.output_encoding -; To use an output encoding conversion, iconv's output handler must be set -; otherwise output encoding conversion cannot be performed. -;iconv.output_encoding = - -[intl] -;intl.default_locale = -; This directive allows you to produce PHP errors when some error -; happens within intl functions. The value is the level of the error produced. -; Default is 0, which does not produce any errors. -;intl.error_level = E_WARNING -;intl.use_exceptions = 0 - -[sqlite3] -;sqlite3.extension_dir = - -[Pcre] -;PCRE library backtracking limit. -; http://php.net/pcre.backtrack-limit -;pcre.backtrack_limit=100000 - -;PCRE library recursion limit. -;Please note that if you set this value to a high number you may consume all -;the available process stack and eventually crash PHP (due to reaching the -;stack size limit imposed by the Operating System). -; http://php.net/pcre.recursion-limit -;pcre.recursion_limit=100000 - -;Enables or disables JIT compilation of patterns. This requires the PCRE -;library to be compiled with JIT support. -;pcre.jit=1 - -[Pdo] -; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" -; http://php.net/pdo-odbc.connection-pooling -;pdo_odbc.connection_pooling=strict - -;pdo_odbc.db2_instance_name - -[Pdo_mysql] -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/pdo_mysql.cache_size -pdo_mysql.cache_size = 2000 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/pdo_mysql.default-socket -pdo_mysql.default_socket= - -[Phar] -; http://php.net/phar.readonly -;phar.readonly = On - -; http://php.net/phar.require-hash -;phar.require_hash = On - -;phar.cache_list = - -[mail function] -; For Win32 only. -; http://php.net/smtp -SMTP = localhost -; http://php.net/smtp-port -smtp_port = 25 - -; For Win32 only. -; http://php.net/sendmail-from -;sendmail_from = me@example.com - -; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). -; http://php.net/sendmail-path -;sendmail_path = - -; Force the addition of the specified parameters to be passed as extra parameters -; to the sendmail binary. These parameters will always replace the value of -; the 5th parameter to mail(). -;mail.force_extra_parameters = - -; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename -mail.add_x_header = On - -; The path to a log file that will log all mail() calls. Log entries include -; the full path of the script, line number, To address and headers. -;mail.log = -; Log mail to syslog (Event Log on Windows). -;mail.log = syslog - -[SQL] -; http://php.net/sql.safe-mode -sql.safe_mode = Off - -[ODBC] -; http://php.net/odbc.default-db -;odbc.default_db = Not yet implemented - -; http://php.net/odbc.default-user -;odbc.default_user = Not yet implemented - -; http://php.net/odbc.default-pw -;odbc.default_pw = Not yet implemented - -; Controls the ODBC cursor model. -; Default: SQL_CURSOR_STATIC (default). -;odbc.default_cursortype - -; Allow or prevent persistent links. -; http://php.net/odbc.allow-persistent -odbc.allow_persistent = On - -; Check that a connection is still valid before reuse. -; http://php.net/odbc.check-persistent -odbc.check_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/odbc.max-persistent -odbc.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/odbc.max-links -odbc.max_links = -1 - -; Handling of LONG fields. Returns number of bytes to variables. 0 means -; passthru. -; http://php.net/odbc.defaultlrl -odbc.defaultlrl = 4096 - -; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. -; See the documentation on odbc_binmode and odbc_longreadlen for an explanation -; of odbc.defaultlrl and odbc.defaultbinmode -; http://php.net/odbc.defaultbinmode -odbc.defaultbinmode = 1 - -;birdstep.max_links = -1 - -[Interbase] -; Allow or prevent persistent links. -ibase.allow_persistent = 1 - -; Maximum number of persistent links. -1 means no limit. -ibase.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -ibase.max_links = -1 - -; Default database name for ibase_connect(). -;ibase.default_db = - -; Default username for ibase_connect(). -;ibase.default_user = - -; Default password for ibase_connect(). -;ibase.default_password = - -; Default charset for ibase_connect(). -;ibase.default_charset = - -; Default timestamp format. -ibase.timestampformat = "%Y-%m-%d %H:%M:%S" - -; Default date format. -ibase.dateformat = "%Y-%m-%d" - -; Default time format. -ibase.timeformat = "%H:%M:%S" - -[MySQLi] - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysqli.max-persistent -mysqli.max_persistent = -1 - -; Allow accessing, from PHP's perspective, local files with LOAD DATA statements -; http://php.net/mysqli.allow_local_infile -;mysqli.allow_local_infile = On - -; Allow or prevent persistent links. -; http://php.net/mysqli.allow-persistent -mysqli.allow_persistent = On - -; Maximum number of links. -1 means no limit. -; http://php.net/mysqli.max-links -mysqli.max_links = -1 - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysqli.cache_size -mysqli.cache_size = 2000 - -; Default port number for mysqli_connect(). If unset, mysqli_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysqli.default-port -mysqli.default_port = 3306 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysqli.default-socket -mysqli.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-host -mysqli.default_host = - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-user -mysqli.default_user = - -; Default password for mysqli_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysqli.default-pw -mysqli.default_pw = - -; Allow or prevent reconnect -mysqli.reconnect = Off - -[mysqlnd] -; Enable / Disable collection of general statistics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_statistics -mysqlnd.collect_statistics = On - -; Enable / Disable collection of memory usage statistics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_memory_statistics -mysqlnd.collect_memory_statistics = Off - -; Records communication from all extensions using mysqlnd to the specified log -; file. -; http://php.net/mysqlnd.debug -;mysqlnd.debug = - -; Defines which queries will be logged. -; http://php.net/mysqlnd.log_mask -;mysqlnd.log_mask = 0 - -; Default size of the mysqlnd memory pool, which is used by result sets. -; http://php.net/mysqlnd.mempool_default_size -;mysqlnd.mempool_default_size = 16000 - -; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. -; http://php.net/mysqlnd.net_cmd_buffer_size -;mysqlnd.net_cmd_buffer_size = 2048 - -; Size of a pre-allocated buffer used for reading data sent by the server in -; bytes. -; http://php.net/mysqlnd.net_read_buffer_size -;mysqlnd.net_read_buffer_size = 32768 - -; Timeout for network requests in seconds. -; http://php.net/mysqlnd.net_read_timeout -;mysqlnd.net_read_timeout = 31536000 - -; SHA-256 Authentication Plugin related. File with the MySQL server public RSA -; key. -; http://php.net/mysqlnd.sha256_server_public_key -;mysqlnd.sha256_server_public_key = - -[OCI8] - -; Connection: Enables privileged connections using external -; credentials (OCI_SYSOPER, OCI_SYSDBA) -; http://php.net/oci8.privileged-connect -;oci8.privileged_connect = Off - -; Connection: The maximum number of persistent OCI8 connections per -; process. Using -1 means no limit. -; http://php.net/oci8.max-persistent -;oci8.max_persistent = -1 - -; Connection: The maximum number of seconds a process is allowed to -; maintain an idle persistent connection. Using -1 means idle -; persistent connections will be maintained forever. -; http://php.net/oci8.persistent-timeout -;oci8.persistent_timeout = -1 - -; Connection: The number of seconds that must pass before issuing a -; ping during oci_pconnect() to check the connection validity. When -; set to 0, each oci_pconnect() will cause a ping. Using -1 disables -; pings completely. -; http://php.net/oci8.ping-interval -;oci8.ping_interval = 60 - -; Connection: Set this to a user chosen connection class to be used -; for all pooled server requests with Oracle 11g Database Resident -; Connection Pooling (DRCP). To use DRCP, this value should be set to -; the same string for all web servers running the same application, -; the database pool must be configured, and the connection string must -; specify to use a pooled server. -;oci8.connection_class = - -; High Availability: Using On lets PHP receive Fast Application -; Notification (FAN) events generated when a database node fails. The -; database must also be configured to post FAN events. -;oci8.events = Off - -; Tuning: This option enables statement caching, and specifies how -; many statements to cache. Using 0 disables statement caching. -; http://php.net/oci8.statement-cache-size -;oci8.statement_cache_size = 20 - -; Tuning: Enables statement prefetching and sets the default number of -; rows that will be fetched automatically after statement execution. -; http://php.net/oci8.default-prefetch -;oci8.default_prefetch = 100 - -; Compatibility. Using On means oci_close() will not close -; oci_connect() and oci_new_connect() connections. -; http://php.net/oci8.old-oci-close-semantics -;oci8.old_oci_close_semantics = Off - -[PostgreSQL] -; Allow or prevent persistent links. -; http://php.net/pgsql.allow-persistent -pgsql.allow_persistent = On - -; Detect broken persistent links always with pg_pconnect(). -; Auto reset feature requires a little overheads. -; http://php.net/pgsql.auto-reset-persistent -pgsql.auto_reset_persistent = Off - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/pgsql.max-persistent -pgsql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -; http://php.net/pgsql.max-links -pgsql.max_links = -1 - -; Ignore PostgreSQL backends Notice message or not. -; Notice message logging require a little overheads. -; http://php.net/pgsql.ignore-notice -pgsql.ignore_notice = 0 - -; Log PostgreSQL backends Notice message or not. -; Unless pgsql.ignore_notice=0, module cannot log notice message. -; http://php.net/pgsql.log-notice -pgsql.log_notice = 0 - -[bcmath] -; Number of decimal digits for all bcmath functions. -; http://php.net/bcmath.scale -bcmath.scale = 0 - -[browscap] -; http://php.net/browscap -;browscap = extra/browscap.ini - -[Session] -; Handler used to store/retrieve data. -; http://php.net/session.save-handler -session.save_handler = files - -; Argument passed to save_handler. In the case of files, this is the path -; where data files are stored. Note: Windows users have to change this -; variable in order to use PHP's session functions. -; -; The path can be defined as: -; -; session.save_path = "N;/path" -; -; where N is an integer. Instead of storing all the session files in -; /path, what this will do is use subdirectories N-levels deep, and -; store the session data in those directories. This is useful if -; your OS has problems with many files in one directory, and is -; a more efficient layout for servers that handle many sessions. -; -; NOTE 1: PHP will not create this directory structure automatically. -; You can use the script in the ext/session dir for that purpose. -; NOTE 2: See the section on garbage collection below if you choose to -; use subdirectories for session storage -; -; The file storage module creates files using mode 600 by default. -; You can change that by using -; -; session.save_path = "N;MODE;/path" -; -; where MODE is the octal representation of the mode. Note that this -; does not overwrite the process's umask. -; http://php.net/session.save-path -;session.save_path = "/tmp" - -; Whether to use strict session mode. -; Strict session mode does not accept uninitialized session ID and regenerate -; session ID if browser sends uninitialized session ID. Strict mode protects -; applications from session fixation via session adoption vulnerability. It is -; disabled by default for maximum compatibility, but enabling it is encouraged. -; https://wiki.php.net/rfc/strict_sessions -session.use_strict_mode = 0 - -; Whether to use cookies. -; http://php.net/session.use-cookies -session.use_cookies = 1 - -; http://php.net/session.cookie-secure -;session.cookie_secure = - -; This option forces PHP to fetch and use a cookie for storing and maintaining -; the session id. We encourage this operation as it's very helpful in combating -; session hijacking when not specifying and managing your own session id. It is -; not the be-all and end-all of session hijacking defense, but it's a good start. -; http://php.net/session.use-only-cookies -session.use_only_cookies = 1 - -; Name of the session (used as cookie name). -; http://php.net/session.name -session.name = PHPSESSID - -; Initialize session on request startup. -; http://php.net/session.auto-start -session.auto_start = 0 - -; Lifetime in seconds of cookie or, if 0, until browser is restarted. -; http://php.net/session.cookie-lifetime -session.cookie_lifetime = 0 - -; The path for which the cookie is valid. -; http://php.net/session.cookie-path -session.cookie_path = / - -; The domain for which the cookie is valid. -; http://php.net/session.cookie-domain -session.cookie_domain = - -; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. -; http://php.net/session.cookie-httponly -session.cookie_httponly = - -; Handler used to serialize data. php is the standard serializer of PHP. -; http://php.net/session.serialize-handler -session.serialize_handler = php - -; Defines the probability that the 'garbage collection' process is started -; on every session initialization. The probability is calculated by using -; gc_probability/gc_divisor. Where session.gc_probability is the numerator -; and gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. -; Default Value: 1 -; Development Value: 1 -; Production Value: 1 -; http://php.net/session.gc-probability -session.gc_probability = 1 - -; Defines the probability that the 'garbage collection' process is started on every -; session initialization. The probability is calculated by using the following equation: -; gc_probability/gc_divisor. Where session.gc_probability is the numerator and -; session.gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. Increasing this value to 1000 will give you -; a 0.1% chance the gc will run on any give request. For high volume production servers, -; this is a more efficient approach. -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 -; http://php.net/session.gc-divisor -session.gc_divisor = 1000 - -; After this number of seconds, stored data will be seen as 'garbage' and -; cleaned up by the garbage collection process. -; http://php.net/session.gc-maxlifetime -session.gc_maxlifetime = 1440 - -; NOTE: If you are using the subdirectory option for storing session files -; (see session.save_path above), then garbage collection does *not* -; happen automatically. You will need to do your own garbage -; collection through a shell script, cron entry, or some other method. -; For example, the following script would is the equivalent of -; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): -; find /path/to/sessions -cmin +24 -type f | xargs rm - -; Check HTTP Referer to invalidate externally stored URLs containing ids. -; HTTP_REFERER has to contain this substring for the session to be -; considered as valid. -; http://php.net/session.referer-check -session.referer_check = - -; Set to {nocache,private,public,} to determine HTTP caching aspects -; or leave this empty to avoid sending anti-caching headers. -; http://php.net/session.cache-limiter -session.cache_limiter = nocache - -; Document expires after n minutes. -; http://php.net/session.cache-expire -session.cache_expire = 180 - -; trans sid support is disabled by default. -; Use of trans sid may risk your users' security. -; Use this option with caution. -; - User may send URL contains active session ID -; to other person via. email/irc/etc. -; - URL that contains active session ID may be stored -; in publicly accessible computer. -; - User may access your site with the same session ID -; always using URL stored in browser's history or bookmarks. -; http://php.net/session.use-trans-sid -session.use_trans_sid = 0 - -; Set session ID character length. This value could be between 22 to 256. -; Shorter length than default is supported only for compatibility reason. -; Users should use 32 or more chars. -; http://php.net/session.sid-length -; Default Value: 32 -; Development Value: 26 -; Production Value: 26 -session.sid_length = 26 - -; The URL rewriter will look for URLs in a defined set of HTML tags. -;
is special; if you include them here, the rewriter will -; add a hidden field with the info which is otherwise appended -; to URLs. tag's action attribute URL will not be modified -; unless it is specified. -; Note that all valid entries require a "=", even if no value follows. -; Default Value: "a=href,area=href,frame=src,form=" -; Development Value: "a=href,area=href,frame=src,form=" -; Production Value: "a=href,area=href,frame=src,form=" -; http://php.net/url-rewriter.tags -session.trans_sid_tags = "a=href,area=href,frame=src,form=" - -; URL rewriter does not rewrite absolute URLs by default. -; To enable rewrites for absolute pathes, target hosts must be specified -; at RUNTIME. i.e. use ini_set() -; tags is special. PHP will check action attribute's URL regardless -; of session.trans_sid_tags setting. -; If no host is defined, HTTP_HOST will be used for allowed host. -; Example value: php.net,www.php.net,wiki.php.net -; Use "," for multiple hosts. No spaces are allowed. -; Default Value: "" -; Development Value: "" -; Production Value: "" -;session.trans_sid_hosts="" - -; Define how many bits are stored in each character when converting -; the binary hash data to something readable. -; Possible values: -; 4 (4 bits: 0-9, a-f) -; 5 (5 bits: 0-9, a-v) -; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 -; http://php.net/session.hash-bits-per-character -session.sid_bits_per_character = 5 - -; Enable upload progress tracking in $_SESSION -; Default Value: On -; Development Value: On -; Production Value: On -; http://php.net/session.upload-progress.enabled -;session.upload_progress.enabled = On - -; Cleanup the progress information as soon as all POST data has been read -; (i.e. upload completed). -; Default Value: On -; Development Value: On -; Production Value: On -; http://php.net/session.upload-progress.cleanup -;session.upload_progress.cleanup = On - -; A prefix used for the upload progress key in $_SESSION -; Default Value: "upload_progress_" -; Development Value: "upload_progress_" -; Production Value: "upload_progress_" -; http://php.net/session.upload-progress.prefix -;session.upload_progress.prefix = "upload_progress_" - -; The index name (concatenated with the prefix) in $_SESSION -; containing the upload progress information -; Default Value: "PHP_SESSION_UPLOAD_PROGRESS" -; Development Value: "PHP_SESSION_UPLOAD_PROGRESS" -; Production Value: "PHP_SESSION_UPLOAD_PROGRESS" -; http://php.net/session.upload-progress.name -;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" - -; How frequently the upload progress should be updated. -; Given either in percentages (per-file), or in bytes -; Default Value: "1%" -; Development Value: "1%" -; Production Value: "1%" -; http://php.net/session.upload-progress.freq -;session.upload_progress.freq = "1%" - -; The minimum delay between updates, in seconds -; Default Value: 1 -; Development Value: 1 -; Production Value: 1 -; http://php.net/session.upload-progress.min-freq -;session.upload_progress.min_freq = "1" - -; Only write session data when session data is changed. Enabled by default. -; http://php.net/session.lazy-write -;session.lazy_write = On - -[Assertion] -; Switch whether to compile assertions at all (to have no overhead at run-time) -; -1: Do not compile at all -; 0: Jump over assertion at run-time -; 1: Execute assertions -; Changing from or to a negative value is only possible in php.ini! (For turning assertions on and off at run-time, see assert.active, when zend.assertions = 1) -; Default Value: 1 -; Development Value: 1 -; Production Value: -1 -; http://php.net/zend.assertions -zend.assertions = -1 - -; Assert(expr); active by default. -; http://php.net/assert.active -;assert.active = On - -; Throw an AssertationException on failed assertions -; http://php.net/assert.exception -;assert.exception = On - -; Issue a PHP warning for each failed assertion. (Overridden by assert.exception if active) -; http://php.net/assert.warning -;assert.warning = On - -; Don't bail out by default. -; http://php.net/assert.bail -;assert.bail = Off - -; User-function to be called if an assertion fails. -; http://php.net/assert.callback -;assert.callback = 0 - -; Eval the expression with current error_reporting(). Set to true if you want -; error_reporting(0) around the eval(). -; http://php.net/assert.quiet-eval -;assert.quiet_eval = 0 - -[COM] -; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs -; http://php.net/com.typelib-file -;com.typelib_file = - -; allow Distributed-COM calls -; http://php.net/com.allow-dcom -;com.allow_dcom = true - -; autoregister constants of a components typlib on com_load() -; http://php.net/com.autoregister-typelib -;com.autoregister_typelib = true - -; register constants casesensitive -; http://php.net/com.autoregister-casesensitive -;com.autoregister_casesensitive = false - -; show warnings on duplicate constant registrations -; http://php.net/com.autoregister-verbose -;com.autoregister_verbose = true - -; The default character set code-page to use when passing strings to and from COM objects. -; Default: system ANSI code page -;com.code_page= - -[mbstring] -; language for internal character representation. -; This affects mb_send_mail() and mbstring.detect_order. -; http://php.net/mbstring.language -;mbstring.language = Japanese - -; Use of this INI entry is deprecated, use global internal_encoding instead. -; internal/script encoding. -; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*) -; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. -; The precedence is: default_charset < internal_encoding < iconv.internal_encoding -;mbstring.internal_encoding = - -; Use of this INI entry is deprecated, use global input_encoding instead. -; http input encoding. -; mbstring.encoding_traslation = On is needed to use this setting. -; If empty, default_charset or input_encoding or mbstring.input is used. -; The precedence is: default_charset < intput_encoding < mbsting.http_input -; http://php.net/mbstring.http-input -;mbstring.http_input = - -; Use of this INI entry is deprecated, use global output_encoding instead. -; http output encoding. -; mb_output_handler must be registered as output buffer to function. -; If empty, default_charset or output_encoding or mbstring.http_output is used. -; The precedence is: default_charset < output_encoding < mbstring.http_output -; To use an output encoding conversion, mbstring's output handler must be set -; otherwise output encoding conversion cannot be performed. -; http://php.net/mbstring.http-output -;mbstring.http_output = - -; enable automatic encoding translation according to -; mbstring.internal_encoding setting. Input chars are -; converted to internal encoding by setting this to On. -; Note: Do _not_ use automatic encoding translation for -; portable libs/applications. -; http://php.net/mbstring.encoding-translation -;mbstring.encoding_translation = Off - -; automatic encoding detection order. -; "auto" detect order is changed according to mbstring.language -; http://php.net/mbstring.detect-order -;mbstring.detect_order = auto - -; substitute_character used when character cannot be converted -; one from another -; http://php.net/mbstring.substitute-character -;mbstring.substitute_character = none - -; overload(replace) single byte functions by mbstring functions. -; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), -; etc. Possible values are 0,1,2,4 or combination of them. -; For example, 7 for overload everything. -; 0: No overload -; 1: Overload mail() function -; 2: Overload str*() functions -; 4: Overload ereg*() functions -; http://php.net/mbstring.func-overload -;mbstring.func_overload = 0 - -; enable strict encoding detection. -; Default: Off -;mbstring.strict_detection = On - -; This directive specifies the regex pattern of content types for which mb_output_handler() -; is activated. -; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) -;mbstring.http_output_conv_mimetype= - -[gd] -; Tell the jpeg decode to ignore warnings and try to create -; a gd image. The warning will then be displayed as notices -; disabled by default -; http://php.net/gd.jpeg-ignore-warning -;gd.jpeg_ignore_warning = 1 - -[exif] -; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. -; With mbstring support this will automatically be converted into the encoding -; given by corresponding encode setting. When empty mbstring.internal_encoding -; is used. For the decode settings you can distinguish between motorola and -; intel byte order. A decode setting cannot be empty. -; http://php.net/exif.encode-unicode -;exif.encode_unicode = ISO-8859-15 - -; http://php.net/exif.decode-unicode-motorola -;exif.decode_unicode_motorola = UCS-2BE - -; http://php.net/exif.decode-unicode-intel -;exif.decode_unicode_intel = UCS-2LE - -; http://php.net/exif.encode-jis -;exif.encode_jis = - -; http://php.net/exif.decode-jis-motorola -;exif.decode_jis_motorola = JIS - -; http://php.net/exif.decode-jis-intel -;exif.decode_jis_intel = JIS - -[Tidy] -; The path to a default tidy configuration file to use when using tidy -; http://php.net/tidy.default-config -;tidy.default_config = /usr/local/lib/php/default.tcfg - -; Should tidy clean and repair output automatically? -; WARNING: Do not use this option if you are generating non-html content -; such as dynamic images -; http://php.net/tidy.clean-output -tidy.clean_output = Off - -[soap] -; Enables or disables WSDL caching feature. -; http://php.net/soap.wsdl-cache-enabled -soap.wsdl_cache_enabled=1 - -; Sets the directory name where SOAP extension will put cache files. -; http://php.net/soap.wsdl-cache-dir -soap.wsdl_cache_dir="/tmp" - -; (time to live) Sets the number of second while cached file will be used -; instead of original one. -; http://php.net/soap.wsdl-cache-ttl -soap.wsdl_cache_ttl=86400 - -; Sets the size of the cache limit. (Max. number of WSDL files to cache) -soap.wsdl_cache_limit = 5 - -[sysvshm] -; A default size of the shared memory segment -;sysvshm.init_mem = 10000 - -[ldap] -; Sets the maximum number of open links or -1 for unlimited. -ldap.max_links = -1 - -[mcrypt] -; For more information about mcrypt settings see http://php.net/mcrypt-module-open - -; Directory where to load mcrypt algorithms -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.algorithms_dir= - -; Directory where to load mcrypt modes -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.modes_dir= - -[dba] -;dba.default_handler= - -[opcache] -; Determines if Zend OPCache is enabled -;opcache.enable=1 - -; Determines if Zend OPCache is enabled for the CLI version of PHP -;opcache.enable_cli=0 - -; The OPcache shared memory storage size. -;opcache.memory_consumption=128 - -; The amount of memory for interned strings in Mbytes. -;opcache.interned_strings_buffer=8 - -; The maximum number of keys (scripts) in the OPcache hash table. -; Only numbers between 200 and 1000000 are allowed. -;opcache.max_accelerated_files=10000 - -; The maximum percentage of "wasted" memory until a restart is scheduled. -;opcache.max_wasted_percentage=5 - -; When this directive is enabled, the OPcache appends the current working -; directory to the script key, thus eliminating possible collisions between -; files with the same name (basename). Disabling the directive improves -; performance, but may break existing applications. -;opcache.use_cwd=1 - -; When disabled, you must reset the OPcache manually or restart the -; webserver for changes to the filesystem to take effect. -;opcache.validate_timestamps=1 - -; How often (in seconds) to check file timestamps for changes to the shared -; memory storage allocation. ("1" means validate once per second, but only -; once per request. "0" means always validate) -;opcache.revalidate_freq=2 - -; Enables or disables file search in include_path optimization -;opcache.revalidate_path=0 - -; If disabled, all PHPDoc comments are dropped from the code to reduce the -; size of the optimized code. -;opcache.save_comments=1 - -; If enabled, a fast shutdown sequence is used for the accelerated code -; Depending on the used Memory Manager this may cause some incompatibilities. -;opcache.fast_shutdown=0 - -; Allow file existence override (file_exists, etc.) performance feature. -;opcache.enable_file_override=0 - -; A bitmask, where each bit enables or disables the appropriate OPcache -; passes -;opcache.optimization_level=0xffffffff - -;opcache.inherited_hack=1 -;opcache.dups_fix=0 - -; The location of the OPcache blacklist file (wildcards allowed). -; Each OPcache blacklist file is a text file that holds the names of files -; that should not be accelerated. The file format is to add each filename -; to a new line. The filename may be a full path or just a file prefix -; (i.e., /var/www/x blacklists all the files and directories in /var/www -; that start with 'x'). Line starting with a ; are ignored (comments). -;opcache.blacklist_filename= - -; Allows exclusion of large files from being cached. By default all files -; are cached. -;opcache.max_file_size=0 - -; Check the cache checksum each N requests. -; The default value of "0" means that the checks are disabled. -;opcache.consistency_checks=0 - -; How long to wait (in seconds) for a scheduled restart to begin if the cache -; is not being accessed. -;opcache.force_restart_timeout=180 - -; OPcache error_log file name. Empty string assumes "stderr". -;opcache.error_log= - -; All OPcache errors go to the Web server log. -; By default, only fatal errors (level 0) or errors (level 1) are logged. -; You can also enable warnings (level 2), info messages (level 3) or -; debug messages (level 4). -;opcache.log_verbosity_level=1 - -; Preferred Shared Memory back-end. Leave empty and let the system decide. -;opcache.preferred_memory_model= - -; Protect the shared memory from unexpected writing during script execution. -; Useful for internal debugging only. -;opcache.protect_memory=0 - -; Allows calling OPcache API functions only from PHP scripts which path is -; started from specified string. The default "" means no restriction -;opcache.restrict_api= - -; Mapping base of shared memory segments (for Windows only). All the PHP -; processes have to map shared memory into the same address space. This -; directive allows to manually fix the "Unable to reattach to base address" -; errors. -;opcache.mmap_base= - -; Enables and sets the second level cache directory. -; It should improve performance when SHM memory is full, at server restart or -; SHM reset. The default "" disables file based caching. -;opcache.file_cache= - -; Enables or disables opcode caching in shared memory. -;opcache.file_cache_only=0 - -; Enables or disables checksum validation when script loaded from file cache. -;opcache.file_cache_consistency_checks=1 - -; Implies opcache.file_cache_only=1 for a certain process that failed to -; reattach to the shared memory (for Windows only). Explicitly enabled file -; cache is required. -;opcache.file_cache_fallback=1 - -; Enables or disables copying of PHP code (text segment) into HUGE PAGES. -; This should improve performance, but requires appropriate OS configuration. -;opcache.huge_code_pages=1 - -; Validate cached file permissions. -;opcache.validate_permission=0 - -; Prevent name collisions in chroot'ed environment. -;opcache.validate_root=0 - -[curl] -; A default value for the CURLOPT_CAINFO option. This is required to be an -; absolute path. -;curl.cainfo = - -[openssl] -; The location of a Certificate Authority (CA) file on the local filesystem -; to use when verifying the identity of SSL/TLS peers. Most users should -; not specify a value for this directive as PHP will attempt to use the -; OS-managed cert stores in its absence. If specified, this value may still -; be overridden on a per-stream basis via the "cafile" SSL stream context -; option. -;openssl.cafile= - -; If openssl.cafile is not specified or if the CA file is not found, the -; directory pointed to by openssl.capath is searched for a suitable -; certificate. This value must be a correctly hashed certificate directory. -; Most users should not specify a value for this directive as PHP will -; attempt to use the OS-managed cert stores in its absence. If specified, -; this value may still be overridden on a per-stream basis via the "capath" -; SSL stream context option. -;openssl.capath= - -; Local Variables: -; tab-width: 4 -; End: -zend_extension = ioncube.so \ No newline at end of file diff --git a/images/boxs/conf.d/init.d/sshd b/images/boxs/conf.d/sshd similarity index 100% rename from images/boxs/conf.d/init.d/sshd rename to images/boxs/conf.d/sshd diff --git a/images/boxs/conf.d/supervisor-novnc.conf b/images/boxs/conf.d/supervisor-novnc.conf deleted file mode 100644 index cf37d962..00000000 --- a/images/boxs/conf.d/supervisor-novnc.conf +++ /dev/null @@ -1,9 +0,0 @@ -[program:vncserver] -command=vncserver -geometry 1600x900 :1 -user=ubuntu - -[program:noVNC] -command=/opt/noVNC/utils/launch.sh --vnc localhost:5901 -user=ubuntu -stdout_logfile=/var/log/novnc.log -redirect_stderr=true \ No newline at end of file diff --git a/images/boxs/conf.d/supervisord.conf b/images/boxs/conf.d/supervisord.conf deleted file mode 100644 index 015a0549..00000000 --- a/images/boxs/conf.d/supervisord.conf +++ /dev/null @@ -1,54 +0,0 @@ -[supervisord] -nodaemon=false - -[program:ssh] -priority=10 -directory=/ -command=/usr/sbin/sshd -D -user=root -autostart=true -autorestart=true -stopsignal=QUIT - -[program:startxfce4] -priority=10 -directory=/root -command=/usr/bin/startxfce4 -d -user=root -autostart=true -autorestart=true -stopsignal=QUIT -environment=DISPLAY=":1",HOME="/root" -stdout_logfile=/var/log/xfce4.log -stderr_logfile=/var/log/xfce4.err - -[program:chrome] -environment=HOME="/root",DISPLAY=":1",USER="root" -command=/opt/google/chrome/chrome --user-data-dir=/root --window-position=0,0 --window-size=1366,748 --force-device-scale-factor=1 --no-default-browser-check --no-first-run --disable-translate -user=root -autorestart=true -priority=200 - -[program:xvfb] -priority=10 -directory=/ -command=/usr/bin/Xvfb :1 -screen 0 1366x768x16 -user=root -autostart=true -autorestart=true -stopsignal=QUIT -stdout_logfile=/var/log/xvfb.log -stderr_logfile=/var/log/xvfb.err - -[program:x11vnc] -priority=10 -directory=/ -command=x11vnc -display :1 -xkb -#command=x11vnc -display :1 -listen localhost -xkb -user=root -autostart=true -autorestart=true -stopsignal=QUIT -stdout_logfile=/var/log/x11vnc.log -stderr_logfile=/var/log/x11vnc.err - diff --git a/images/boxs/panel/Dockerfile.bt b/images/boxs/panel/Dockerfile.bt deleted file mode 100644 index a62d3bb9..00000000 --- a/images/boxs/panel/Dockerfile.bt +++ /dev/null @@ -1,13 +0,0 @@ -FROM registry.cn-hongkong.aliyuncs.com/imxieke/ubuntu:bionic -LABEL MAINTAINER="Cloudflying" \ - MAIL="oss@live.hk" - -ENV HOME=/home/${USER} -ADD scripts/install-bt.sh /tmp/build.sh - -RUN chmod +x /tmp/build.sh \ - && bash /tmp/build.sh \ - && rm -fr /tmp/* - -EXPOSE 8888 -CMD ["/bin/bash"] \ No newline at end of file diff --git a/images/boxs/panel/Dockerfile.bt6 b/images/boxs/panel/Dockerfile.bt6 deleted file mode 100644 index 2631dc4c..00000000 --- a/images/boxs/panel/Dockerfile.bt6 +++ /dev/null @@ -1,12 +0,0 @@ -FROM registry.cn-hongkong.aliyuncs.com/imxieke/debian:9.9 -LABEL MAINTAINER="Cloudflying" \ - MAIL="oss@live.hk" - -ADD scripts/bt6.sh /tmp/build.sh - -RUN chmod +x /tmp/build.sh \ - && bash /tmp/build.sh \ - && rm -fr /tmp/* - -EXPOSE 8888 -CMD ["/bin/bash"] diff --git a/images/boxs/panel/scripts/bt6.sh b/images/boxs/panel/scripts/bt6.sh deleted file mode 100644 index bd918e85..00000000 --- a/images/boxs/panel/scripts/bt6.sh +++ /dev/null @@ -1,458 +0,0 @@ -#!/bin/bash -PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin -export PATH -LANG=en_US.UTF-8 - -startTime=`date +%s` - -is64bit=`getconf LONG_BIT` - -echo " -+---------------------------------------------------------------------- -| Bt-WebPanel 6.x FOR Ubuntu/Debian -+---------------------------------------------------------------------- -| Copyright © 2015-2099 BT-SOFT(http://www.bt.cn) All rights reserved. -+---------------------------------------------------------------------- -| The WebPanel URL will be http://SERVER_IP:8888 when installed. -+---------------------------------------------------------------------- -" -# ln -sf bash /bin/sh - -DEPENDS="ruby lsb-release curl wget procps python python-pip python-dev python-imaging zip unzip openssl libssl-dev gcc libxml2 libxml2-dev libxslt zlib1g zlib1g-dev libjpeg-dev libpng-dev lsof libpcre3 libpcre3-dev cron" - -function depends() -{ - echo "=> Start Upgrade Software Source:" - apt update -y - for depend in ${DEPENDS}; do - apt install -y ${depend} # --force-yes - done -} -depends - -deepinSys=`cat /etc/issue` - -if [ `whoami` != "root" ];then - echo -e "\033[31mError: Please run the script with root privileges on Ubuntu, for example: sudo bash install.sh\033[0m"; - exit -fi - -#自动选择下载节点 -get_node_url(){ - nodes=(http://125.88.182.172:5880 http://103.224.251.67 http://128.1.164.196 http://download.bt.cn); - i=1; - if [ ! -f /bin/curl ];then - if [ -f /usr/local/curl/bin/curl ];then - ln -sf /usr/local/curl/bin/curl /bin/curl - fi - fi - for node in ${nodes[@]}; - do - start=`date +%s.%N` - result=`curl -sS --connect-timeout 3 -m 60 $node/check.txt` - if [ $result = 'True' ];then - end=`date +%s.%N` - start_s=`echo $start | cut -d '.' -f 1` - start_ns=`echo $start | cut -d '.' -f 2` - end_s=`echo $end | cut -d '.' -f 1` - end_ns=`echo $end | cut -d '.' -f 2` - time_micro=$(( (10#$end_s-10#$start_s)*1000000 + (10#$end_ns/1000 - 10#$start_ns/1000) )) - time_ms=$(($time_micro/1000)) - values[$i]=$time_ms; - urls[$time_ms]=$node - i=$(($i+1)) - fi - done - j=5000 - for n in ${values[@]}; - do - if [ $j -gt $n ];then - j=$n - fi - done - if [ $j = 5000 ];then - NODE_URL='http://download.bt.cn'; - else - NODE_URL=${urls[$j]} - fi - -} - -echo '---------------------------------------------'; -echo "Selected download node..."; -get_node_url -download_Url=$NODE_URL -echo "Download node: $download_Url"; -echo '---------------------------------------------'; -setup_path=/www -port='8888' -if [ -f $setup_path/server/panel/data/port.pl ];then - port=`cat $setup_path/server/panel/data/port.pl` -fi - -#apt-get install ntp ntpdate -y -#/etc/init.d/ntp stop -#update-rc.d ntp remove -#cat >>~/.profile<&1|awk '{print $2}') -pVersion=${tmp:0:3} - -function config_pip() -{ - mkdir -p ~/.pip && touch ~/.pip/pip.conf - echo "[global] -index-url = https://pypi.tuna.tsinghua.edu.cn/simple -[install] -trusted-host = https://pypi.tuna.tsinghua.edu.cn" > ~/.pip/pip.conf -} - -config_pip - -Install_pip() -{ - ispip=$(pip -V|grep python) - if [ "$ispip" == '' ];then - wget --no-check-certificate https://bootstrap.pypa.io/get-pip.py - python get-pip.py - rm -f get-pip.py - ispip=$(pip -V|grep python) - if [ "$ispip" == '' ];then - apt install python-pip -y - fi - fi -} - -# pip install setuptools -Install_setuptools() -{ - if [ ! -f "/usr/bin/easy_install" ];then - wget -O setuptools-33.1.1.zip $download_Url/install/src/setuptools-33.1.1.zip -T 10 - unzip setuptools-33.1.1.zip - rm -f setuptools-33.1.1.zip - cd setuptools-33.1.1 - python setup.py install - cd .. - rm -rf setuptools-33.1.1 - fi - - if [ ! -f "/usr/bin/easy_install" ];then - echo '================================================='; - echo -e "\033[31msetuptools installation failed. \033[0m"; - exit; - fi -} - -Install_Pillow() -{ - isSetup=`python -m PIL 2>&1|grep package` - if [ "$isSetup" = "" ];then - wget -O Pillow-3.2.0.zip $download_Url/install/src/Pillow-3.2.0.zip -T 10 - unzip Pillow-3.2.0.zip - rm -f Pillow-3.2.0.zip - cd Pillow-3.2.0 - python setup.py install - cd .. - rm -rf Pillow-3.2.0 - fi - isSetup=`python -m PIL 2>&1|grep package` - if [ "$isSetup" = "" ];then - echo '================================================='; - echo -e "\033[31mPillow installation failed. \033[0m"; - exit; - fi -} - -Install_psutil() -{ - isSetup=`python -m psutil 2>&1|grep package` - if [ "$isSetup" = "" ];then - wget -O psutil-5.2.2.tar.gz $download_Url/install/src/psutil-5.2.2.tar.gz -T 10 - tar xvf psutil-5.2.2.tar.gz - rm -f psutil-5.2.2.tar.gz - cd psutil-5.2.2 - python setup.py install - cd .. - rm -rf psutil-5.2.2 - fi - isSetup=`python -m psutil 2>&1|grep package` - if [ "$isSetup" = "" ];then - echo '================================================='; - echo -e "\033[31mpsutil installation failed. \033[0m"; - exit; - fi -} - -Install_mysqldb() -{ - isSetup=`python -m MySQLdb 2>&1|grep package` - if [ "$isSetup" = "" ];then - wget -O MySQL-python-1.2.5.zip $download_Url/install/src/MySQL-python-1.2.5.zip -T 10 - unzip MySQL-python-1.2.5.zip - rm -f MySQL-python-1.2.5.zip - cd MySQL-python-1.2.5 - python setup.py install - cd .. - rm -rf MySQL-python-1.2.5 - fi - -} - -Install_chardet() -{ - isSetup=`python -m chardet 2>&1|grep package` - if [ "$isSetup" = "" ];then - wget -O chardet-2.3.0.tar.gz $download_Url/install/src/chardet-2.3.0.tar.gz -T 10 - tar xvf chardet-2.3.0.tar.gz - rm -f chardet-2.3.0.tar.gz - cd chardet-2.3.0 - python setup.py install - cd .. - rm -rf chardet-2.3.0 - fi - isSetup=`python -m chardet 2>&1|grep package` - if [ "$isSetup" = "" ];then - echo '================================================='; - echo -e "\033[31mchardet installation failed. \033[0m"; - exit; - fi -} - -Install_webpy() -{ - isSetup=`python -m web 2>&1|grep package` - if [ "$isSetup" = "" ];then - wget -O web.py-0.38.tar.gz $download_Url/install/src/web.py-0.38.tar.gz -T 10 - tar xvf web.py-0.38.tar.gz - rm -f web.py-0.38.tar.gz - cd web.py-0.38 - python setup.py install - cd .. - rm -rf web.py-0.38 - fi - - isSetup=`python -m web 2>&1|grep package` - if [ "$isSetup" = "" ];then - echo '================================================='; - echo -e "\033[31mweb.py installation failed. \033[0m"; - exit; - fi -} - -pipArg='' -apt install libffi-dev -y -Install_pip - -curl -Ss --connect-timeout 3 -m 60 http://download.bt.cn/install/pip_select.sh|bash -pip install --upgrade setuptools -pip install itsdangerous==0.24 -pip install paramiko==2.0.2 -pip install flask-socketio==3.0.2 -pip install python-socketio==2.1.2 -pip install Werkzeug==0.15.1 -for p_name in psutil chardet virtualenv Flask Flask-Session Flask-SocketIO flask-sqlalchemy Pillow gunicorn gevent-websocket requests; -do - pip install ${p_name} -done - -is_gevent=$(pip list|grep gevent) - -if [ "$is_gevent" = "" ];then - if [ -f /usr/bin/yum ];then - yum install python-gevent -y - else - apt install python-gevent -y - fi -fi - -pip install psutil chardet virtualenv Flask Flask-Session Flask-SocketIO flask-sqlalchemy Pillow gunicorn gevent-websocket paramiko -Install_Pillow -Install_psutil - -pip install gunicorn -if [ -f /www/server/mysql/bin/mysql ]; then - pip install mysql-python - Install_mysqldb -fi -Install_chardet - -mkdir -p $setup_path/server/panel/logs -mkdir -p $setup_path/server/panel/vhost/apache -mkdir -p $setup_path/server/panel/vhost/nginx -mkdir -p $setup_path/server/panel/vhost/rewrite -wget -O $setup_path/server/panel/certbot-auto $download_Url/install/certbot-auto.init -T 5 -chmod +x $setup_path/server/panel/certbot-auto - - -if [ -f '/etc/init.d/bt' ];then - /etc/init.d/bt stop -fi - -mkdir -p /www/server -mkdir -p /www/wwwroot -mkdir -p /www/wwwlogs -mkdir -p /www/backup/database -mkdir -p /www/backup/site - -wget -O panel.zip $download_Url/install/src/panel6.zip -T 10 -wget -O /etc/init.d/bt $download_Url/install/src/bt6.init -T 10 -if [ -f "$setup_path/server/panel/data/default.db" ];then - if [ -d "/$setup_path/server/panel/old_data" ];then - rm -rf $setup_path/server/panel/old_data - fi - mkdir -p $setup_path/server/panel/old_data - mv -f $setup_path/server/panel/data/default.db $setup_path/server/panel/old_data/default.db - mv -f $setup_path/server/panel/data/system.db $setup_path/server/panel/old_data/system.db - mv -f $setup_path/server/panel/data/aliossAs.conf $setup_path/server/panel/old_data/aliossAs.conf - mv -f $setup_path/server/panel/data/qiniuAs.conf $setup_path/server/panel/old_data/qiniuAs.conf - mv -f $setup_path/server/panel/data/iplist.txt $setup_path/server/panel/old_data/iplist.txt - mv -f $setup_path/server/panel/data/port.pl $setup_path/server/panel/old_data/port.pl - mv -f $setup_path/server/panel/data/admin_path.pl $setup_path/server/panel/old_data/admin_path.pl -fi - -unzip -o panel.zip -d $setup_path/server/ > /dev/null - -if [ -d "$setup_path/server/panel/old_data" ];then - mv -f $setup_path/server/panel/old_data/default.db $setup_path/server/panel/data/default.db - mv -f $setup_path/server/panel/old_data/system.db $setup_path/server/panel/data/system.db - mv -f $setup_path/server/panel/old_data/aliossAs.conf $setup_path/server/panel/data/aliossAs.conf - mv -f $setup_path/server/panel/old_data/qiniuAs.conf $setup_path/server/panel/data/qiniuAs.conf - mv -f $setup_path/server/panel/old_data/iplist.txt $setup_path/server/panel/data/iplist.txt - mv -f $setup_path/server/panel/old_data/port.pl $setup_path/server/panel/data/port.pl - mv -f $setup_path/server/panel/old_data/admin_path.pl $setup_path/server/panel/data/admin_path.pl - - if [ -d "/$setup_path/server/panel/old_data" ];then - rm -rf $setup_path/server/panel/old_data - fi -fi - -rm -f panel.zip - -if [ ! -f $setup_path/server/panel/tools.py ];then - echo -e "\033[31mERROR: Failed to download, please try again!\033[0m"; - echo '============================================' - exit; -fi - -rm -f $setup_path/server/panel/class/*.pyc -rm -f $setup_path/server/panel/*.pyc -python -m compileall $setup_path/server/panel -#rm -f $setup_path/server/panel/class/*.py -#rm -f $setup_path/server/panel/*.py - -chmod 777 /tmp -chmod +x /etc/init.d/bt -ln -sf /etc/init.d/bt /usr/bin/bt -update-rc.d bt defaults -chmod -R 600 $setup_path/server/panel -chmod +x $setup_path/server/panel/certbot-auto -chmod -R +x $setup_path/server/panel/script -echo "$port" > $setup_path/server/panel/data/port.pl -/etc/init.d/bt start -password=`cat /dev/urandom | head -n 16 | md5sum | head -c 8` -sleep 1 -admin_auth='/www/server/panel/data/admin_path.pl' -if [ ! -f $admin_auth ];then - auth_path=`cat /dev/urandom | head -n 16 | md5sum | head -c 8` - echo "/$auth_path" > $admin_auth -fi -auth_path=`cat $admin_auth` -cd $setup_path/server/panel/ -python -m py_compile tools.py -python tools.py username -username=`python tools.pyc panel $password` -cd ~ -echo "$password" > $setup_path/server/panel/default.pl -chmod 600 $setup_path/server/panel/default.pl -/etc/init.d/bt restart -sleep 1 -isStart=`ps aux |grep 'gunicorn'|grep -v grep|awk '{print $2}'` -if [ "$isStart" == '' ];then - echo -e "\033[31mERROR: The BT-Panel service startup failed.\033[0m"; - echo '============================================' - exit; -fi - -if [ ! -f "/usr/bin/ufw" ];then - apt-get install -y ufw -fi - -if [ -f "/usr/sbin/ufw" ];then - ufw allow 888,20,21,22,80,$port/tcp - ufw allow 39000:40000/tcp - ufw_status=`ufw status` - echo y|ufw enable - ufw default deny - ufw reload -fi - -pip install psutil chardet psutil virtualenv $pipArg -if [ ! -d '/etc/letsencrypt' ];then - mkdir -p /etc/letsencrypt - mkdir -p /var/spool/cron - if [ ! -f '/var/spool/cron/crontabs/root' ];then - echo '' > /var/spool/cron/crontabs/root - chmod 600 /var/spool/cron/crontabs/root - fi -fi - -wget -O acme_install.sh $download_Url/install/acme_install.sh -nohup bash acme_install.sh &> /dev/null & -sleep 1 -rm -f acme_install.sh - -if [[ "${deepinSys}" =~ eepin ]]; then - address="localhost" -else - address=`curl -sS --connect-timeout 10 -m 60 https://www.bt.cn/Api/getIpAddress` - - if [ "$address" == '0.0.0.0' ] || [ "$address" == '' ];then - isHosts=`cat /etc/hosts|grep 'www.bt.cn'` - if [ "$isHosts" == '' ];then - echo "" >> /etc/hosts - echo "125.88.182.170 www.bt.cn" >> /etc/hosts - address=`curl -sS --connect-timeout 10 -m 60 https://www.bt.cn/Api/getIpAddress` - if [ "$address" == '' ];then - sed -i "/bt.cn/d" /etc/hosts - fi - fi - fi - - ipCheck=`python -c "import re; print(re.match('^(?:[0-9]{1,3}\.){3}[0-9]{1,3}$','$address'))"` - if [ "$address" == "None" ];then - address="SERVER_IP" - fi - if [ "$address" != "SERVER_IP" ];then - echo "$address" > $setup_path/server/panel/data/iplist.txt - fi -fi - -curl -sS --connect-timeout 10 -m 60 https://www.bt.cn/Api/SetupCount?type=Linux\&o=$1 > /dev/null 2>&1 -if [ "$1" != "" ];then - echo $1 > /www/server/panel/data/o.pl - cd /www/server/panel - python tools.py o -fi - -echo -e "==================================================================" -echo -e "\033[32mCongratulations! Install succeeded!\033[0m" -echo -e "==================================================================" -echo -e "Bt-Panel: http://$address:$port$auth_path" -echo -e "username: $username" -echo -e "password: $password" -echo -e "\033[33mWarning:\033[0m" -echo -e "\033[33mIf you cannot access the panel, \033[0m" -echo -e "\033[33mrelease the following port (8888|888|80|443|20|21) in the security group\033[0m" -echo -e "==================================================================" -rm -fr /www/server/panel/data/admin_path.pl - -endTime=`date +%s` -((outTime=($endTime-$startTime)/60)) -echo -e "Time consumed:\033[32m $outTime \033[0mMinute!" diff --git a/images/boxs/panel/scripts/install-bt.sh b/images/boxs/panel/scripts/install-bt.sh deleted file mode 100644 index b9d67393..00000000 --- a/images/boxs/panel/scripts/install-bt.sh +++ /dev/null @@ -1,431 +0,0 @@ -#!/bin/bash -PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin -export PATH -LANG=en_US.UTF-8 -is64bit=`getconf LONG_BIT` - -if [ "$is64bit" != '64' ];then - echo "=====================================" - echo "抱歉, 6.0不支持32位系统, 请使用64位系统或安装宝塔5.9!"; - exit 0; -fi - -echo " -+---------------------------------------------------------------------- -| Bt-WebPanel 6.x FOR Ubuntu/Debian -+---------------------------------------------------------------------- -| Copyright © 2015-2018 BT-SOFT(http://www.bt.cn) All rights reserved. -+---------------------------------------------------------------------- -| The WebPanel URL will be http://SERVER_IP:8888 when installed. -+---------------------------------------------------------------------- -" - -if [ `whoami` != "root" ];then - echo -e "\033[31mError: Please run the script with root privileges on Ubuntu, for example: sudo bash install.sh\033[0m"; - exit; -fi - -apt update -apt install -y --no-recoomends-install curl wget - -#自动选择下载节点 -get_node_url(){ - nodes=(http://125.88.182.172:5880 http://103.224.251.67 http://128.1.164.196 http://download.bt.cn); - i=1; - if [ ! -f /bin/curl ];then - if [ -f /usr/local/curl/bin/curl ];then - ln -sf /usr/local/curl/bin/curl /bin/curl - else - apt install curl -y - fi - fi - for node in ${nodes[@]}; - do - start=`date +%s.%N` - result=`curl -sS --connect-timeout 3 -m 60 $node/check.txt` - if [ $result = 'True' ];then - end=`date +%s.%N` - start_s=`echo $start | cut -d '.' -f 1` - start_ns=`echo $start | cut -d '.' -f 2` - end_s=`echo $end | cut -d '.' -f 1` - end_ns=`echo $end | cut -d '.' -f 2` - time_micro=$(( (10#$end_s-10#$start_s)*1000000 + (10#$end_ns/1000 - 10#$start_ns/1000) )) - time_ms=$(($time_micro/1000)) - values[$i]=$time_ms; - urls[$time_ms]=$node - i=$(($i+1)) - fi - done - j=5000 - for n in ${values[@]}; - do - if [ $j -gt $n ];then - j=$n - fi - done - if [ $j = 5000 ];then - NODE_URL='http://download.bt.cn'; - else - NODE_URL=${urls[$j]} - fi -} - -echo '---------------------------------------------'; -echo "Selected download node..."; -get_node_url -download_Url=$NODE_URL -echo "Download node: $download_Url"; -echo '---------------------------------------------'; -setup_path=/www -port='8888' -if [ -f $setup_path/server/panel/data/port.pl ];then - port=`cat $setup_path/server/panel/data/port.pl` -fi - -# while [ "$go" != 'y' ] && [ "$go" != 'n' ] -# do -# read -p "Do you want to directory now?(y/n): " go; -# done - -# if [ "$go" = 'n' ];then -# exit; -# fi - -echo "Bt-Panel Will be install to: $setup_path" - -startTime=`date +%s` - -ln -sf bash /bin/sh -apt-get install ruby -y -apt-get update -y -apt-get install lsb-release -y -#apt-get install ntp ntpdate -y -#/etc/init.d/ntp stop -#update-rc.d ntp remove -#cat >>~/.profile<&1|awk '{print $2}') -pVersion=${tmp:0:3} - -Install_setuptools() -{ - if [ ! -f "/usr/bin/easy_install" ];then - wget -O setuptools-33.1.1.zip $download_Url/install/src/setuptools-33.1.1.zip -T 10 - unzip setuptools-33.1.1.zip - rm -f setuptools-33.1.1.zip - cd setuptools-33.1.1 - python setup.py install - cd .. - rm -rf setuptools-33.1.1 - fi - - if [ ! -f "/usr/bin/easy_install" ];then - echo '================================================='; - echo -e "\033[31msetuptools installation failed. \033[0m"; - exit; - fi -} -Install_Pillow() -{ - isSetup=`python -m PIL 2>&1|grep package` - if [ "$isSetup" = "" ];then - wget -O Pillow-3.2.0.zip $download_Url/install/src/Pillow-3.2.0.zip -T 10 - unzip Pillow-3.2.0.zip - rm -f Pillow-3.2.0.zip - cd Pillow-3.2.0 - python setup.py install - cd .. - rm -rf Pillow-3.2.0 - fi - isSetup=`python -m PIL 2>&1|grep package` - if [ "$isSetup" = "" ];then - echo '================================================='; - echo -e "\033[31mPillow installation failed. \033[0m"; - exit; - fi -} - -Install_psutil() -{ - isSetup=`python -m psutil 2>&1|grep package` - if [ "$isSetup" = "" ];then - wget -O psutil-5.2.2.tar.gz $download_Url/install/src/psutil-5.2.2.tar.gz -T 10 - tar xvf psutil-5.2.2.tar.gz - rm -f psutil-5.2.2.tar.gz - cd psutil-5.2.2 - python setup.py install - cd .. - rm -rf psutil-5.2.2 - fi - isSetup=`python -m psutil 2>&1|grep package` - if [ "$isSetup" = "" ];then - echo '================================================='; - echo -e "\033[31mpsutil installation failed. \033[0m"; - exit; - fi -} - -Install_mysqldb() -{ - isSetup=`python -m MySQLdb 2>&1|grep package` - if [ "$isSetup" = "" ];then - wget -O MySQL-python-1.2.5.zip $download_Url/install/src/MySQL-python-1.2.5.zip -T 10 - unzip MySQL-python-1.2.5.zip - rm -f MySQL-python-1.2.5.zip - cd MySQL-python-1.2.5 - python setup.py install - cd .. - rm -rf MySQL-python-1.2.5 - fi - -} - -Install_chardet() -{ - isSetup=`python -m chardet 2>&1|grep package` - if [ "$isSetup" = "" ];then - wget -O chardet-2.3.0.tar.gz $download_Url/install/src/chardet-2.3.0.tar.gz -T 10 - tar xvf chardet-2.3.0.tar.gz - rm -f chardet-2.3.0.tar.gz - cd chardet-2.3.0 - python setup.py install - cd .. - rm -rf chardet-2.3.0 - fi - isSetup=`python -m chardet 2>&1|grep package` - if [ "$isSetup" = "" ];then - echo '================================================='; - echo -e "\033[31mchardet installation failed. \033[0m"; - exit; - fi -} - -Install_webpy() -{ - isSetup=`python -m web 2>&1|grep package` - if [ "$isSetup" = "" ];then - wget -O web.py-0.38.tar.gz $download_Url/install/src/web.py-0.38.tar.gz -T 10 - tar xvf web.py-0.38.tar.gz - rm -f web.py-0.38.tar.gz - cd web.py-0.38 - python setup.py install - cd .. - rm -rf web.py-0.38 - fi - - isSetup=`python -m web 2>&1|grep package` - if [ "$isSetup" = "" ];then - echo '================================================='; - echo -e "\033[31mweb.py installation failed. \033[0m"; - exit; - fi -} -pipArg='' -apt install libffi-dev -y -pip install --upgrade setuptools -pip install itsdangerous==0.24 -pip install paramiko==1.9 -for p_name in psutil chardet virtualenv Flask Flask-Session Flask-SocketIO flask-sqlalchemy Pillow gunicorn gevent-websocket; -do - pip install ${p_name} -done - -pip install psutil chardet virtualenv Flask Flask-Session Flask-SocketIO flask-sqlalchemy Pillow gunicorn gevent-websocket paramiko -Install_Pillow -Install_psutil - -pip install gunicorn -if [ -f /www/server/mysql/bin/mysql ]; then - pip install mysql-python - Install_mysqldb -fi -Install_chardet - -mkdir -p $setup_path/server/panel/logs -mkdir -p $setup_path/server/panel/vhost/apache -mkdir -p $setup_path/server/panel/vhost/nginx -mkdir -p $setup_path/server/panel/vhost/rewrite -wget -O $setup_path/server/panel/certbot-auto $download_Url/install/certbot-auto.init -T 5 -chmod +x $setup_path/server/panel/certbot-auto - - -if [ -f '/etc/init.d/bt' ];then - /etc/init.d/bt stop -fi - -mkdir -p /www/server -mkdir -p /www/wwwroot -mkdir -p /www/wwwlogs -mkdir -p /www/backup/database -mkdir -p /www/backup/site - -wget -O panel.zip $download_Url/install/src/panel6.zip -T 10 -wget -O /etc/init.d/bt $download_Url/install/src/bt6.init -T 10 -if [ -f "$setup_path/server/panel/data/default.db" ];then - if [ -d "/$setup_path/server/panel/old_data" ];then - rm -rf $setup_path/server/panel/old_data - fi - mkdir -p $setup_path/server/panel/old_data - mv -f $setup_path/server/panel/data/default.db $setup_path/server/panel/old_data/default.db - mv -f $setup_path/server/panel/data/system.db $setup_path/server/panel/old_data/system.db - mv -f $setup_path/server/panel/data/aliossAs.conf $setup_path/server/panel/old_data/aliossAs.conf - mv -f $setup_path/server/panel/data/qiniuAs.conf $setup_path/server/panel/old_data/qiniuAs.conf - mv -f $setup_path/server/panel/data/iplist.txt $setup_path/server/panel/old_data/iplist.txt - mv -f $setup_path/server/panel/data/port.pl $setup_path/server/panel/old_data/port.pl - mv -f $setup_path/server/panel/data/admin_path.pl $setup_path/server/panel/old_data/admin_path.pl -fi - -unzip -o panel.zip -d $setup_path/server/ > /dev/null - -if [ -d "$setup_path/server/panel/old_data" ];then - mv -f $setup_path/server/panel/old_data/default.db $setup_path/server/panel/data/default.db - mv -f $setup_path/server/panel/old_data/system.db $setup_path/server/panel/data/system.db - mv -f $setup_path/server/panel/old_data/aliossAs.conf $setup_path/server/panel/data/aliossAs.conf - mv -f $setup_path/server/panel/old_data/qiniuAs.conf $setup_path/server/panel/data/qiniuAs.conf - mv -f $setup_path/server/panel/old_data/iplist.txt $setup_path/server/panel/data/iplist.txt - mv -f $setup_path/server/panel/old_data/port.pl $setup_path/server/panel/data/port.pl - mv -f $setup_path/server/panel/old_data/admin_path.pl $setup_path/server/panel/data/admin_path.pl - - if [ -d "/$setup_path/server/panel/old_data" ];then - rm -rf $setup_path/server/panel/old_data - fi -fi - -rm -f panel.zip - -if [ ! -f $setup_path/server/panel/tools.py ];then - echo -e "\033[31mERROR: Failed to download, please try again!\033[0m"; - echo '============================================' - exit; -fi - -rm -f $setup_path/server/panel/class/*.pyc -rm -f $setup_path/server/panel/*.pyc -python -m compileall $setup_path/server/panel -#rm -f $setup_path/server/panel/class/*.py -#rm -f $setup_path/server/panel/*.py - -chmod 777 /tmp -chmod +x /etc/init.d/bt -ln -sf /etc/init.d/bt /usr/bin/bt -update-rc.d bt defaults -chmod -R 600 $setup_path/server/panel -chmod +x $setup_path/server/panel/certbot-auto -chmod -R +x $setup_path/server/panel/script -echo "$port" > $setup_path/server/panel/data/port.pl -/etc/init.d/bt start -password=`cat /dev/urandom | head -n 16 | md5sum | head -c 8` -sleep 1 -admin_auth='/www/server/panel/data/admin_path.pl' -if [ ! -f $admin_auth ];then - auth_path=`cat /dev/urandom | head -n 16 | md5sum | head -c 8` - echo "/$auth_path" > $admin_auth -fi -auth_path=`cat $admin_auth` -cd $setup_path/server/panel/ -python -m py_compile tools.py -python tools.py username -username=`python tools.pyc panel $password` -cd ~ -echo "$password" > $setup_path/server/panel/default.pl -chmod 600 $setup_path/server/panel/default.pl -/etc/init.d/bt restart -sleep 1 -isStart=`ps aux |grep 'gunicorn'|grep -v grep|awk '{print $2}'` -if [ "$isStart" == '' ];then - echo -e "\033[31mERROR: The BT-Panel service startup failed.\033[0m"; - echo '============================================' - exit; -fi - -if [ ! -f /root/.ssh/id_rsa.pub ];then - ssh-keygen -q -t rsa -P "" -f /root/.ssh/id_rsa -fi -cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys -chmod 600 /root/.ssh/authorized_keys - -if [ ! -f "/usr/bin/ufw" ];then - apt-get install -y ufw -fi - -if [ -f "/usr/sbin/ufw" ];then - ufw allow 888,20,21,22,80,$port/tcp - ufw allow 39000:40000/tcp - ufw_status=`ufw status` - echo y|ufw enable - ufw default deny - ufw reload -fi - -pip install psutil chardet psutil virtualenv $pipArg -if [ ! -d '/etc/letsencrypt' ];then - mkdir -p /etc/letsencrypt - mkdir -p /var/spool/cron - if [ ! -f '/var/spool/cron/crontabs/root' ];then - echo '' > /var/spool/cron/crontabs/root - chmod 600 /var/spool/cron/crontabs/root - fi -fi - -wget -O acme_install.sh $download_Url/install/acme_install.sh -nohup bash acme_install.sh &> /dev/null & -sleep 1 -rm -f acme_install.sh - -if [[ "${deepinSys}" =~ eepin ]]; then - address="localhost" -else - address=`curl -sS --connect-timeout 10 -m 60 https://www.bt.cn/Api/getIpAddress` - - if [ "$address" == '0.0.0.0' ] || [ "$address" == '' ];then - isHosts=`cat /etc/hosts|grep 'www.bt.cn'` - if [ "$isHosts" == '' ];then - echo "" >> /etc/hosts - echo "125.88.182.170 www.bt.cn" >> /etc/hosts - address=`curl -sS --connect-timeout 10 -m 60 https://www.bt.cn/Api/getIpAddress` - if [ "$address" == '' ];then - sed -i "/bt.cn/d" /etc/hosts - fi - fi - fi - - ipCheck=`python -c "import re; print(re.match('^(?:[0-9]{1,3}\.){3}[0-9]{1,3}$','$address'))"` - if [ "$address" == "None" ];then - address="SERVER_IP" - fi - if [ "$address" != "SERVER_IP" ];then - echo "$address" > $setup_path/server/panel/data/iplist.txt - fi -fi - -curl -sS --connect-timeout 10 -m 60 https://www.bt.cn/Api/SetupCount?type=Linux\&o=$1 > /dev/null 2>&1 -if [ "$1" != "" ];then - echo $1 > /www/server/panel/data/o.pl - cd /www/server/panel - python tools.py o -fi - -echo -e "==================================================================" -echo -e "\033[32mCongratulations! Install succeeded!\033[0m" -echo -e "==================================================================" -echo -e "Bt-Panel: http://$address" -echo -e "username: $username" -echo -e "password: $password" -# echo -e "\033[33mWarning:\033[0m" -# echo -e "\033[33mIf you cannot access the panel, \033[0m" -# echo -e "\033[33mrelease the following port (8888|888|80|443|20|21) in the security group\033[0m" -echo -e "==================================================================" -rm -fr /www/server/panel/data/admin_path.pl -endTime=`date +%s` -((outTime=($endTime-$startTime)/60)) -echo -e "Time consumed:\033[32m $outTime \033[0mMinute!" \ No newline at end of file diff --git a/images/boxs/script/bootstrap.sh b/images/boxs/script/bootstrap.sh deleted file mode 100644 index 8265bb77..00000000 --- a/images/boxs/script/bootstrap.sh +++ /dev/null @@ -1,278 +0,0 @@ -#!/usr/bon/env bash -export PATH="/bin:/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin:~/bin:~/.bin" - -USER="boxs" -PASSWD="boxs" -HOME_DIR=/home/$USER - -[ "$(id -u)" != '0' ] && echo 'use root user please' && exit - -sapt(){ apt install --no-install-recommends -y $@;} -runs(){ sudo -u "${USER}" $@;} - -_do_install() -{ - # fix depends - [[ -z "$(ls -lha /var/lib/apt/lists/ | grep 'dists')" ]] && apt update -y --fix-missing - - # System base functions - sapt tzdata lsb-release apt-transport-https apt-utils locales ca-certificates supervisor systemctl - - # Tools - if [[ -z "$(command -v nvim)" ]]; then - sapt sudo zsh neovim jq htop git bat net-tools whois neofetch screen screenfetch tree psutils \ - iproute2 telnet curl wget axel openssh-client openssh-server less iftop ncdu openssl expect - fi - - # Compress Package - sapt unar bzip2 unzip unrar - - # php7.4 - sapt php7.4-bcmath php7.4-bz2 php7.4-cli php7.4-common php7.4-curl php7.4-dba php7.4-enchant php7.4-gd php7.4-gmp php7.4-imap \ - php7.4-intl php7.4-json php7.4-ldap php7.4-mbstring php7.4-mysql php7.4-odbc php7.4-pgsql php7.4-pspell php7.4-readline \ - php7.4-snmp php7.4-soap php7.4-sqlite3 php7.4-tidy php7.4-xml php7.4-xmlrpc php7.4-xsl php7.4-zip - - - # Python - if [[ -z "$(command -v pip)" ]]; then - sapt python3-pip python3 python2 - fi -} - -_do_install_dev() -{ - sapt gcc make cmake autoconf automake -} - -_do_install_dotnet() -{ - # install dotnet - if [[ -z "$(command -v dotnet)" ]]; then - wget https://packages.microsoft.com/config/ubuntu/$(lsb_release -sr)/packages-microsoft-prod.deb -o /tmp/dotnet.deb - dpkg -i /tmp/dotnet.deb && rm -fr /tmp/dotnet.deb - apt update && sapt dotnet-sdk-5.0 - fi -} - -_config_vnc() -{ - # python-numpy websockify require - # sapt libnss-wrapper gettext python-numpy - # pip install numpy - # sapt chromium-browser chromium-browser-l10n chromium-codecs-ffmpeg ttf-wqy-zenhei - # spat xfce4 xfce4-terminal xterm - # apt purge -y pm-utils xscreensaver* - - if [[ ! -d '/opt/noVNC' ]]; then - git clone --depth 1 https://github.com/novnc/noVNC.git /opt/noVNC - fi - - if [[ ! -d '/opt/websockify' ]]; then - git clone --depth 1 https://github.com/novnc/websockify.git /opt/websockify - fi - - runs mkdir -p $HOME_DIR/.vnc - echo '$PASSWD' | runs vncpasswd -f > $HOME_DIR/.vnc/passwd - chmod 600 $HOME_DIR/.vnc/passwd - touch $HOME_DIR/.Xresources - -} - -# Config Server Env -_do_install_srv() -{ - wget -qO- https://get.docker.com/ | sh - sudo usermod -aG docker $USER -} - -_install_desktop_unity() -{ - sapt ttf-dejavu ttf-wqy-zenhei ttf-wqy-microhei - sapt xterm - sapt ubuntu-desktop unity-lens-applications gnome-panel metacity libtasn1-3-bin libglu1-mesa mate-terminal \ - fonts-liberation language-pack-zh-hans fonts-droid-fallback fonts-arphic-ukai \ - fonts-arphic-uming xfonts-wqy libxss1 xdg-utils libtasn1-3-bin libglu1-mesa - sapt xorg xfce4 x11vnc xorg-twm xorg-xclock ratpoison - sapt xorg-server xorg-apps i3-wm zsh vim git wget net-tools bzip2 python python-pip python-numpy supervisor \ - xterm gettext - pip install websocket websocketproxy - - echo '#!/bin/sh' > ${HOME}/.xinitrc - echo 'exec i3' >> ${HOME}/.xinitrc -} - -_do_install_gui_pkg() -{ - ls . - # sublime text gedit - # https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb -} - -# Config System Env -_config_env() -{ - # Config Default Timezone - rm -fr /etc/localtime - rm -fr /etc/timezone - ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime - echo "Asia/Shanghai" > /etc/timezone - - # Config User - if [[ -z "$(grep ${USER} /etc/sudoers)" ]]; then - echo 'a' - if [[ -z "$(grep ${USER} /etc/sudoers)" ]]; then - useradd -d /home/${USER} -m -s /bin/zsh ${USER} - echo "${USER}:${PASSWD}" | chpasswd - echo "root:${PASSWD}" | chpasswd - echo "${USER} ALL=(ALL:ALL) NOPASSWD: ALL" >> /etc/sudoers - fi - fi -} - -_config_ohmyzsh() -{ - # Oh my zsh - if [[ -n "$(command -v zsh)" ]]; then - if [[ ! -d "${HOME_DIR}/.oh-my-zsh" ]]; then - echo ' Config oh my zsh' - echo "Cloning oh my zsh to ${HOME_DIR}" - #sh -c "$(curl -fsSL https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh)" - runs git clone --depth=1 https://gitee.com/mirr/oh-my-zsh.git ${HOME_DIR}/.oh-my-zsh - runs cp ${HOME_DIR}/.oh-my-zsh/templates/zshrc.zsh-template ${HOME_DIR}/.zshrc - runs sed -i 's/robbyrussell/strug/g' ${HOME_DIR}/.zshrc - # cp /tmp/.zshrc ${HOME_DIR}/.zshrc - # chmod 777 ${HOME_DIR}/.zshrc - # runs chown ${USER}:${USER} ${HOME_DIR}/.zshrc - fi - fi -} - -_config_pkg() -{ - - # PHP - if [[ -n "$(command -v php)" ]] && [ -z "$(command -v composer)" ] ; then - curl -sL https://mirrors.cloud.tencent.com/composer/composer.phar -o /usr/local/bin/composer - runs chmod +x /usr/local/bin/composer - fi - - # Software source - [ -n "$(command -v pip)" ] && runs pip config set global.index-url https://mirrors.ustc.edu.cn/pypi/web/simple - [ -n "$(command -v pip2)" ] && runs pip2 config set global.index-url https://mirrors.ustc.edu.cn/pypi/web/simple - [ -n "$(command -v pip3)" ] && runs pip3 config set global.index-url https://mirrors.ustc.edu.cn/pypi/web/simple - [ -n "$(command -v composer)" ] && runs composer config -g repos.packagist composer https://mirrors.cloud.tencent.com/composer/ - [ -n "$(command -v npm)" ] && runs npm config set registry https://registry.npm.taobao.org - [ -n "$(command -v gem)" ] && runs gem sources -a https://gems.ruby-china.com - - # Config pip - [[ -n "$(command -v pip)" ]] && [[ -z "$(pip list | grep pip-search)" ]] && pip install pip-search - - # Config Neovim - [[ -n "$(command -v pip)" ]] && [[ -z "$(pip list | grep neovim)" ]] && pip install neovim -} - -_config_sshd() -{ - sed -i "s/UsePrivilegeSeparation.*/UsePrivilegeSeparation no/g" /etc/ssh/sshd_config - sed -i "s/UsePAM.*/UsePAM no/g" /etc/ssh/sshd_config - sed -i "s/PermitRootLogin.*/PermitRootLogin no/g" /etc/ssh/sshd_config - ssh-keygen -A -} - -_node_env() -{ - # nodejs - [ -z "$(command -v npm)" ] && sapt nodejs npm - - # Config node tools - [ -n "$(command -v npm)" ] && [ -z "$(command -v yarn)" ] && npm i -g yarn bower -} - -_do_default_env() -{ - # 先安装配置所需环境 - _do_install - _config_env - _config_ohmyzsh - _config_pkg - _do_clear -} - -_do_check_env() -{ - echo "==> check env start <==" - echo "==> check user ..." - if [ -n "$(grep ${USER} /etc/passwd)" ];then - echo "User: ${USER} Added" - else - echo "User: ${USER} Not found" - fi - - if [[ -d "${HOME_DIR}/.oh-my-zsh" ]]; then - echo "oh my zsh Added" - else - echo "oh my zsh Not found" - fi -} - -_do_sshd() -{ - mkdir -p /run/sshd - - if [[ ${ENABLE_SSHD} == "true" ]]; then - echo "======================================================================" - echo "You can now connect to this container via SSH using: " - echo " ssh ${USER}@HOST -p port " - echo "Enter the ${USER} password => '${PASSWD}' when prompted " - echo "Please remember to change the above password as soon as possible! " - echo "======================================================================" - echo " Boxs ssh is Running " - echo "======================================================================" - exec /usr/sbin/sshd -D -e - fi -} - -_do_run_vnc() -{ - /opt/noVNC/utils/launch.sh --vnc 0.0.0.0:5901 -} - -_do_clear() -{ - ## Clean Container - apt autoremove -y - apt-get clean all - rm -fr /var/lib/apt/lists/* - rm -fr /tmp/* -} - -if [[ -n "$1" ]]; then - case $1 in - install ) - _do_install $@ - ;; - node) - _node_env - ;; - config_vnc) - _config_vnc - ;; - clear ) - _do_clear - ;; - check) - _do_check_env $@ - ;; - *|-h|--help ) - echo " Boxs Env Config - -" - ;; - esac -else - _do_default_env -fi - -## Fix environment -# https://github.com/knownsec/ksubdomain -# ln -s /lib/libpcap.so.1.10.0 /lib/libpcap.so.0.8 diff --git a/images/boxs/script/build.sh b/images/boxs/script/build.sh deleted file mode 100644 index 04f2d0d4..00000000 --- a/images/boxs/script/build.sh +++ /dev/null @@ -1,119 +0,0 @@ -#!/usr/bin/env bash - -build(){ - apt update -y --fix-missing - apt install -y --no-install-recommends openssh-server openssh-sftp-server pwgen supervisor sudo git zsh neovim wget curl unzip whois \ - golang nodejs npm python python3 python-pip python3-pip mariadb-client mongodb-clients redis-server memcached sqlite3 libsqlite3-dev \ - beanstalkd net-tools apt-transport-https make cmake g++ software-properties-common -} - -# Permision for remote connect Container via ssh -sshd(){ - HOME_DIR=$1 - echo "########## Config sshd #################" - mkdir -p /var/run/sshd - sed -i "s/UsePrivilegeSeparation.*/UsePrivilegeSeparation no/g" /etc/ssh/sshd_config - sed -i "s/UsePAM.*/UsePAM no/g" /etc/ssh/sshd_config - sed -i "s/PermitRootLogin.*/PermitRootLogin yes/g" /etc/ssh/sshd_config - ssh-keygen -A - echo "#########Config End###########" - mkdir -p /root/.ssh/ - mkdir -p $HOME_DIR/.ssh/ - touch /root/.ssh/authorized_keys - chmod 600 /root/.ssh/authorized_keys - touch $HOME_DIR/.ssh/authorized_keys - chmod 600 $HOME_DIR/.ssh/authorized_keys -} - -ohmyzsh(){ - HOME_DIR=$1 - echo "Cloning ohmyzsh to $HOME_DIR" - #sh -c "$(curl -fsSL https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh)" - git clone --depth=1 https://github.com/robbyrussell/oh-my-zsh.git ${HOME_DIR}/.oh-my-zsh - cp ${HOME_DIR}/.oh-my-zsh/templates/zshrc.zsh-template ${HOME_DIR}/.zshrc -} - -#golang env -golang(){ - echo "Setting Golang Environment" - mkdir -p $HOME_DIR/.go/bin - mkdir -p $HOME_DIR/.go/src - mkdir -p $HOME_DIR/.go/pkg - echo "export GOBIN="$HOME_DIR/.go/bin"" >> $HOME_DIR/.zshrc - echo "export GOPATH="$HOME_DIR/.go/"" >> $HOME_DIR/.zshrc -} - -set_node(){ - echo "Set Node Environment" - # sudo -Hu ${USER} npm config set registry https://registry.npm.taobao.org - echo "registry=https://registry.npm.taobao.org" > ${HOME_DIR}/.npmrc - # echo "Install yarn" - # npm install -g yarn - # npm install -g webpack - # npm install -g bower - # npm install -g gulp-cli - # npm install -g grunt-cli -} - -set_php(){ - USER=$1 - # Set Some PHP CLI Settings - sudo sed -i "s/error_reporting = .*/error_reporting = E_ALL/" /etc/php/7.2/cli/php.ini - sudo sed -i "s/display_errors = .*/display_errors = On/" /etc/php/7.2/cli/php.ini - sudo sed -i "s/memory_limit = .*/memory_limit = 512M/" /etc/php/7.2/cli/php.ini - wget https://coding.net/u/imxieke/p/attachment/git/raw/master/pkgs/zray-standalone-php72.tar.gz -O - | sudo tar -xzf - -C /opt - chown -R ${USER}:${USER} /opt/zray - ln -sf /opt/zray/zray.ini /etc/php/7.2/cli/conf.d/zray.ini - ln -sf /opt/zray/zray.ini /etc/php/7.2/fpm/conf.d/zray.ini - ln -sf /opt/zray/lib/zray.so /usr/lib/php/20170718/zray.so - - # Current is 1.6.5 version - wget https://coding.net/u/imxieke/p/attachment/git/raw/master/pkgs/composer.phar -O /bin/composer - chmod +x /bin/composer - sudo -Hu ${USER} composer config -g repo.packagist composer https://packagist.laravel-china.org - - # WordPress Cli - wget https://coding.net/u/imxieke/p/attachment/git/raw/master/pkgs/wp-cli.phar -O /bin/wp-cli - chmod +x /bin/composer - - #Adminer php mysql manager - mkdir -p /var/www/tools - wget https://coding.net/u/imxieke/p/attachment/git/raw/master/code/adminer-4.6.3.php -O /var/www/tools/adminer.php - #vim /etc/nginx/sites-available/homestead.app - #insert new location below location /: - #location /ZendServer { - # try_files $uri $uri/ /ZendServer/index.php?$args; - #} -} - -mailhog(){ - wget --quiet -O /usr/local/bin/mailhog https://coding.net/u/imxieke/p/attachment/git/raw/master/pkgs/MailHog_linux_amd64_V1.0.0 - chmod +x /usr/local/bin/mailhog -} - -clean_env(){ - USER=$1 - HOME_DIR=$2 - apt autoremove -y - apt-get clean all - rm -fr /var/lib/apt/lists/* - chown -R ${USER}:${USER} ${HOME_DIR} -} - -install_ext(){ - USER=$1 - PASSWD=$2 - HOME_DIR=$3 - build - user ${USER} ${PASSWD} - sshd ${HOME_DIR} - ohmyzsh ${HOME_DIR} - golang ${HOME_DIR} - set_node ${HOME_DIR} - set_php ${USER} - mailhog - webeditor - clean_env ${USER} ${HOME_DIR} -} - -install_ext ${USER} ${PASSWD} ${HOME_DIR} diff --git a/images/boxs/script/entrypoint.sh b/images/boxs/script/entrypoint.sh deleted file mode 100644 index 8900d844..00000000 --- a/images/boxs/script/entrypoint.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/usr/bin/env bash -### - # @Author: Cloudflying - # @Date: 2021-07-07 23:25:27 - # @LastEditTime: 2021-07-07 23:25:28 - # @LastEditors: Cloudflying - # @Description: - # @FilePath: /dockenv/images/boxs/script/entrypoint.sh -### diff --git a/images/boxs/script/startup.sh b/images/boxs/script/startup.sh deleted file mode 100644 index 524e6488..00000000 --- a/images/boxs/script/startup.sh +++ /dev/null @@ -1,115 +0,0 @@ -#!/bin/bash -### every exit != 0 fails the script -set -e - -## print out help -help (){ -echo " -USAGE: -docker run -it -p 6901:6901 -p 5901:5901 consol/: