Simple example on how to update the php-fpm.conf file for a Symfony application.
It should be used for the kickoff-docker-php.
Simple example on how to update the php-fpm.conf file for a Symfony application.
It should be used for the kickoff-docker-php.
# add this line on top of the stack of the command "nginx-build". | |
- orbit generate -t modules/nginx/conf.d/php-fpm.blueprint.conf -o modules/nginx/conf.d/php-fpm.conf -e Config,config/.env {{ if debug }}-d{{ end }} |
server { | |
listen 80; | |
server_name _; | |
charset utf-8; | |
root /var/www/html/web; | |
# Uploads to 100M | |
client_max_body_size 100m; | |
location / { | |
{{- if eq "local" .EnvFiles.Config.ENV }} | |
try_files $uri /app_dev.php$is_args$args; | |
{{- else }} | |
try_files $uri /app.php$is_args$args; | |
{{- end }} | |
} | |
## Begin - Security | |
# don't send the nginx version number in error pages and Server header | |
server_tokens off; | |
add_header X-Content-Type-Options nosniff; | |
add_header X-XSS-Protection "1; mode=block"; | |
add_header X-Frame-Options SAMEORIGIN; | |
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: ; style-src 'self' fonts.googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' fonts.googleapis.com fonts.gstatic.com; child-src 'none'; object-src 'self'; connect-src 'self'"; | |
# deny all direct access for these folders | |
location ~* /(.git|cache|bin|logs|backup|tests)/.*$ { return 403; } | |
# deny running scripts inside core vendor folder | |
location ~* /(vendor)/.*\.(txt|xml|md|html|yaml|php|pl|py|cgi|twig|sh|bat)$ { return 403; } | |
# deny access to specific files in the root folder | |
location ~ /(LICENSE.txt|composer.lock|composer.json|nginx.conf|web.config|htaccess.txt|\.htaccess) { return 403; } | |
## End - Security | |
## Begin - PHP | |
{{- if eq "local" .EnvFiles.Config.ENV }} | |
location ~ ^/(app_dev|config)\.php(/|$) { | |
fastcgi_pass php-fpm:9000; | |
fastcgi_split_path_info ^(.+\.php)(/.*)$; | |
include fastcgi_params; | |
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; | |
fastcgi_param DOCUMENT_ROOT $realpath_root; | |
} | |
{{- else }} | |
location ~ ^/app\.php(/|$) { | |
fastcgi_pass php-fpm:9000; | |
fastcgi_split_path_info ^(.+\.php)(/.*)$; | |
include fastcgi_params; | |
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; | |
fastcgi_param DOCUMENT_ROOT $realpath_root; | |
internal; | |
} | |
{{- end }} | |
location ~ \.php$ { return 404; } | |
## End - PHP | |
location ~* ^.+\.(ico|js|gif|jpg|jpeg|png|bmp)$ { | |
expires 30d; | |
} | |
} |
This gist fails as it is, in order to make it work:
Change the first orbit build definition:
orbit generate -f modules/nginx/conf.d/php-fpm.blueprint.conf -o modules/nginx/conf.d/php-fpm.conf {{ if debug }}-d{{ end }}
This is changing
-t
flag for-f
and removing-e Config,config/.env
entirelyIn the blueprint file: