Created
August 9, 2022 14:20
-
-
Save canthis/92df89116b147d3500b72cadfb8b1242 to your computer and use it in GitHub Desktop.
WinterCMS in separate containers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| listen 80; | |
| server_name localhost; | |
| index index.php; | |
| error_log /var/log/nginx/error.log; | |
| access_log /var/log/nginx/access.log; | |
| root /var/www/html/public; | |
| charset utf-8; | |
| client_max_body_size 1024M; | |
| location / { | |
| # Let Winter CMS handle everything by default. | |
| # The path not resolved by Winter CMS router will return Winter CMS's 404 page. | |
| # Everything that does not match with the whitelist below will fall into this. | |
| rewrite ^/.*$ /index.php last; | |
| } | |
| location ~ ^/index.php { | |
| fastcgi_pass app:9000; | |
| fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; | |
| include fastcgi_params; | |
| fastcgi_buffers 16 16k; | |
| fastcgi_buffer_size 32k; | |
| } | |
| # Whitelist | |
| ## Let Winter handle if static file not exists | |
| location ~ ^/favicon\.ico { try_files $uri /index.php; } | |
| location ~ ^/sitemap\.xml { try_files $uri /index.php; } | |
| location ~ ^/robots\.txt { try_files $uri /index.php; } | |
| location ~ ^/humans\.txt { try_files $uri /index.php; } | |
| # Block access to all dot files and folders except .well-known | |
| location ~ /\.(?!well-known).* { deny all; } | |
| ## Let nginx return 404 if static file not exists | |
| location ~ ^/storage/app/uploads/public { try_files $uri 404; } | |
| location ~ ^/storage/app/media { try_files $uri 404; } | |
| location ~ ^/storage/app/resized { try_files $uri 404; } | |
| location ~ ^/storage/temp/public { try_files $uri 404; } | |
| location ~ ^/modules/.*/assets { try_files $uri 404; } | |
| location ~ ^/modules/.*/resources { try_files $uri 404; } | |
| location ~ ^/modules/.*/behaviors/.*/assets { try_files $uri 404; } | |
| location ~ ^/modules/.*/behaviors/.*/resources { try_files $uri 404; } | |
| location ~ ^/modules/.*/widgets/.*/assets { try_files $uri 404; } | |
| location ~ ^/modules/.*/widgets/.*/resources { try_files $uri 404; } | |
| location ~ ^/modules/.*/formwidgets/.*/assets { try_files $uri 404; } | |
| location ~ ^/modules/.*/formwidgets/.*/resources { try_files $uri 404; } | |
| location ~ ^/modules/.*/reportwidgets/.*/assets { try_files $uri 404; } | |
| location ~ ^/modules/.*/reportwidgets/.*/resources { try_files $uri 404; } | |
| location ~ ^/plugins/.*/.*/assets { try_files $uri 404; } | |
| location ~ ^/plugins/.*/.*/resources { try_files $uri 404; } | |
| location ~ ^/plugins/.*/.*/behaviors/.*/assets { try_files $uri 404; } | |
| location ~ ^/plugins/.*/.*/behaviors/.*/resources { try_files $uri 404; } | |
| location ~ ^/plugins/.*/.*/reportwidgets/.*/assets { try_files $uri 404; } | |
| location ~ ^/plugins/.*/.*/reportwidgets/.*/resources { try_files $uri 404; } | |
| location ~ ^/plugins/.*/.*/formwidgets/.*/assets { try_files $uri 404; } | |
| location ~ ^/plugins/.*/.*/formwidgets/.*/resources { try_files $uri 404; } | |
| location ~ ^/plugins/.*/.*/widgets/.*/assets { try_files $uri 404; } | |
| location ~ ^/plugins/.*/.*/widgets/.*/resources { try_files $uri 404; } | |
| location ~ ^/themes/.*/assets { try_files $uri 404; } | |
| location ~ ^/themes/.*/resources { try_files $uri 404; } | |
| # Whitelist Horizon assets | |
| location ~ ^/vendor/horizon/.* { try_files $uri 404; } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '3' | |
| services: | |
| app: | |
| build: | |
| context: . | |
| dockerfile: Dockerfile | |
| image: wnbackend | |
| depends_on: | |
| - db | |
| restart: unless-stopped | |
| environment: | |
| APP_ENV: local | |
| CONTAINER_ROLE: backend | |
| working_dir: /var/www | |
| volumes: | |
| - ".:/var/www/html/public" | |
| - "./_docker/php/local.ini:/usr/local/etc/php/conf.d/local.ini" | |
| - "./_docker/php/opcache.ini:/usr/local/etc/php/conf.d/opcache.ini" | |
| nginx: | |
| image: nginx:alpine | |
| restart: unless-stopped | |
| depends_on: | |
| - app | |
| ports: | |
| - "80:80" | |
| volumes: | |
| - ".:/var/www/html/public" | |
| - "./_docker/nginx/conf.d:/etc/nginx/conf.d" | |
| db: | |
| image: mariadb:10.8 | |
| restart: unless-stopped | |
| tty: true | |
| ports: | |
| - "3306:3306" | |
| environment: | |
| MYSQL_DATABASE: wn | |
| MYSQL_USER: wnuser | |
| MYSQL_PASSWORD: wnpass | |
| MYSQL_ROOT_PASSWORD: wnpass | |
| volumes: | |
| - "../data/mysql:/var/lib/mysql" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM php:8.0-fpm | |
| # Set working directory | |
| WORKDIR /var/www/html/public | |
| # Install system dependencies | |
| RUN apt-get update && apt-get install -y \ | |
| strace \ | |
| curl \ | |
| libpng-dev \ | |
| libjpeg-dev \ | |
| libonig-dev \ | |
| libfreetype6-dev \ | |
| libxml2-dev \ | |
| zip \ | |
| libzip-dev \ | |
| unzip \ | |
| git \ | |
| && apt-get clean && rm -rf /var/lib/apt/lists/* | |
| # Clear cache | |
| #RUN apt-get clean && rm -rf /var/lib/apt/lists/* | |
| # Install PHP extensions | |
| RUN docker-php-ext-install -j "$(nproc)" pdo_mysql mbstring zip exif pcntl | |
| RUN docker-php-ext-configure gd --with-freetype --with-jpeg \ | |
| && docker-php-ext-install -j "$(nproc)" gd | |
| RUN docker-php-ext-configure opcache --enable-opcache && docker-php-ext-install -j "$(nproc)" opcache | |
| RUN docker-php-ext-configure intl && docker-php-ext-install -j "$(nproc)" intl | |
| RUN pecl install redis \ | |
| && docker-php-ext-enable redis | |
| # Copy opcache configration | |
| COPY ./_docker/php/opcache.ini /usr/local/etc/php/conf.d/opcache.ini | |
| # Get latest Composer | |
| COPY --from=composer:latest /usr/bin/composer /usr/bin/composer | |
| # Add user for laravel application | |
| RUN groupadd -g 1000 www | |
| RUN useradd -u 1000 -ms /bin/bash -g www www | |
| # Copy start script | |
| COPY _docker/start.sh /usr/local/bin/start | |
| RUN ["chmod", "+x", "/usr/local/bin/start"] | |
| # Copy existing application directory permissions | |
| COPY --chown=www:www . /var/www/html/public | |
| # Change current user to www | |
| USER www | |
| # Expose port 9000 and start php-fpm server | |
| EXPOSE 9000 | |
| CMD ["/usr/local/bin/start"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| upload_max_filesize=1024M | |
| post_max_size=1024M | |
| max_execution_time = 120 | |
| memory_limit=2G |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| opcache.enable=1 | |
| opcache.memory_consumption=256 | |
| opcache.use_cwd=0 | |
| opcache.max_file_size=0 | |
| opcache.max_accelerated_files=30000 | |
| opcache.validate_timestamps=1 | |
| opcache.revalidate_freq=0 | |
| opcache.jit_buffer_size=200M | |
| opcache.jit=1235 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -e | |
| role=${CONTAINER_ROLE:-backend} | |
| env=${APP_ENV:-production} | |
| if [ "$env" != "local" ]; then | |
| echo "Caching configuration..." | |
| (cd /var/www && php artisan config:cache) | |
| fi | |
| if [ "$role" = "backend" ]; then | |
| exec php-fpm | |
| elif [ "$role" = "horizon" ]; then | |
| echo "Running Laravel Horizon..." | |
| php /var/www/artisan horizon | |
| elif [ "$role" = "websockets" ]; then | |
| echo "Running Laravel Websockets..." | |
| php /var/www/artisan websockets:serve | |
| elif [ "$role" = "queue" ]; then | |
| echo "Running the queue..." | |
| php /var/www/artisan queue:work --verbose --tries=3 --timeout=90 | |
| elif [ "$role" = "scheduler" ]; then | |
| while [ true ] | |
| do | |
| php /var/www/artisan schedule:run --verbose --no-interaction & | |
| sleep 60 | |
| done | |
| else | |
| echo "Could not match the container role \"$role\"" | |
| exit 1 | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment