Initial commit
commit
5822986a9a
@ -0,0 +1,9 @@
|
||||
# Flavors
|
||||
|
||||
A repository of different types of containers based on `d.xr.to/base`
|
||||
|
||||
|name||readme|description|
|
||||
|---|---|---|---|
|
||||
|php|`docker pull d.xr.to/php`||PHP, with composer installed and the following extensions: bz2, curl, gettext, gmp, openssl, pdo_mysql, pdo_sqlite, zip, and phar|
|
||||
|php-fpm|`docker pull d.xr.to/php-fpm`||`d.xr.to/php` with an php-fpm server running on port 9000|
|
||||
|nginx|`docker pull d.xr.to/nginx`|[README](nginx/)|A simple pre-configured nginx with safe defaults|
|
@ -0,0 +1,10 @@
|
||||
FROM d.xr.to/base
|
||||
RUN xbps-install -Sy nginx
|
||||
RUN useradd -rU www -u 444
|
||||
RUN install -d -o www -g www /sites
|
||||
RUN chown -R www:www /var/tmp/nginx
|
||||
COPY files/nginx.conf /etc/nginx/nginx.conf
|
||||
COPY --chown=444:444 files/default /sites/default
|
||||
COPY files/dhparam.pem /etc/nginx/dhparam.pem
|
||||
EXPOSE 80/tcp 443/tcp
|
||||
CMD ["nginx", "-g", "daemon off;"]
|
@ -0,0 +1,16 @@
|
||||
# `d.xr.to/nginx`
|
||||
|
||||
```bash
|
||||
docker pull d.xr.to/nginx
|
||||
```
|
||||
|
||||
A nginx container, contains safe defaults for SSL and pre-generated 4096-bits DH parameters.
|
||||
|
||||
# Important paths
|
||||
|
||||
| | |
|
||||
|---|---|
|
||||
|`/sites/default`|Default root directory|
|
||||
|[`/etc/nginx/nginx.conf`](files/nginx.conf)|Default nginx config|
|
||||
|`/etc/nginx/sites`|Default include path of other config files|
|
||||
|[`/etc/nginx/dhparam.pem`](files/dhparam.pem)|Default pre-generated DH parameters|
|
@ -0,0 +1,27 @@
|
||||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<title>It works!</title>
|
||||
|
||||
<style>
|
||||
body {
|
||||
font-family: sans-serif;
|
||||
text-align: center;
|
||||
background-color: #212121;
|
||||
color: #ebdbb2;
|
||||
}
|
||||
|
||||
a {
|
||||
color: #fb4934;
|
||||
text-decoration: none;
|
||||
}
|
||||
</style>
|
||||
</head>
|
||||
<body>
|
||||
<h1>It works!</h1>
|
||||
<p>
|
||||
This <a href="https://github.com/dxrto/flavors/tree/master/nginx">d.xr.to/nginx</a> server works! but has yet to be configured. (for this domain?)
|
||||
</p>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,13 @@
|
||||
-----BEGIN DH PARAMETERS-----
|
||||
MIICCAKCAgEAgVBWGwRq0v/VgsrfUz5Bm/zhuwvmngu3I80OBaVWycF6prJI0qJ8
|
||||
KJh+U1T49kLU4foOqCSxdWlsn9JcfOYLV3kUD3HvAh+wYGuwshuL5+DJkLYaGTtQ
|
||||
ZBHnNNnHR+3/UjfCQSKwqWGqLdDw1KTzveKlXj1AffydSJjHOjz9hxpMrUts+9bV
|
||||
ZLiUpTXTYCrN4jDxwCeBbgwcHwWGcsmXcDTJKjebpxQwJaHYkRjo6EOeC3kKrS4g
|
||||
nqLl6LU3DI7c9juZUl6wou7CQuSv/Gix/G2NDoupkhXnBHvH1T0msuICS7Y91L+G
|
||||
Y/oFzenHKxsaunW6DTg+rZeirRYKSg76AstVxJFxGHkQBSi+EykttkdEYutRRFp3
|
||||
IjiPi/x+XvtDibKrT0nbun13Rkq4C1A2q561HNp+e1PJ38Y46zW/S9Z+89uH2+ct
|
||||
J4b0scdUvtT1RKxEAstMtdRstxVO4Fi9FVWHDIhfP/xq864uIz9Mai43KD6bPaOi
|
||||
kN9y9zX3FQbYcEtvFc2rEdc+FlhtuLwFSgxrHTG3oJN2zRLMIQzoavI2Toklk7Wk
|
||||
uIwcUT/J12x2hehBgtgBrbyfPqnD2N2n6cugm/sq6c0ntUQAGHigBG7Y9XhnZz9Y
|
||||
tHaNFNWBKWoK7b0ulhkVjE8i1F1SpXdesmg9xpNR5VQmslzrZNwo2+sCAQI=
|
||||
-----END DH PARAMETERS-----
|
@ -0,0 +1,38 @@
|
||||
user www www;
|
||||
worker_processes auto;
|
||||
|
||||
events {
|
||||
worker_connections 1024;
|
||||
}
|
||||
|
||||
http {
|
||||
include mime.types;
|
||||
default_type application/octet-stream;
|
||||
sendfile on;
|
||||
keepalive_timeout 65;
|
||||
gzip on;
|
||||
|
||||
# Secure SSL Settings, source: https://cipherli.st/
|
||||
ssl_protocols TLSv1.3;
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_dhparam /etc/nginx/dhparam.pem;
|
||||
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
|
||||
ssl_ecdh_curve secp384r1;
|
||||
ssl_session_timeout 10m;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
ssl_session_tickets off;
|
||||
ssl_stapling on;
|
||||
ssl_stapling_verify on;
|
||||
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
|
||||
add_header X-Frame-Options DENY;
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
listen 443 ssl;
|
||||
root /sites/default;
|
||||
}
|
||||
|
||||
include sites/*;
|
||||
}
|
@ -0,0 +1,6 @@
|
||||
FROM d.xr.to/php-fpm
|
||||
RUN xbps-install -Sy php-fpm
|
||||
RUN useradd -rU www -u 444
|
||||
RUN sed 's:\(user\|group\)\s*=\s*http:\1 = www:'
|
||||
EXPOSE 9000/tcp
|
||||
CMD ["/usr/bin/php-fpm", "--nodaemonize"]
|
@ -0,0 +1,8 @@
|
||||
FROM d.xr.to/base
|
||||
LABEL maintainer="=@eater.me"
|
||||
RUN xbps-install -Sy php php-mysql php-sqlite wget
|
||||
RUN sed 's:^open_basedir:;open_basedir:;s:;extension=\(bz2\|curl\|gettext\|gmp\|openssl\|pdo_mysql\|pdo_sqlite\):extension=\1:;s:;extension=xsl:;extension=xsl\nextension=zip\nextension=phar:' -i /etc/php/php.ini
|
||||
COPY composer-install.sh /bin/composer-install.sh
|
||||
RUN bash /bin/composer-install.sh
|
||||
RUN rm -f /bin/composer-install.sh
|
||||
|
@ -0,0 +1,18 @@
|
||||
#!/bin/sh
|
||||
# Slightly edited version of: https://getcomposer.org/doc/faqs/how-to-install-composer-programmatically.md
|
||||
|
||||
EXPECTED_SIGNATURE="$(wget -q -O - https://composer.github.io/installer.sig)"
|
||||
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
|
||||
ACTUAL_SIGNATURE="$(php -r "echo hash_file('sha384', 'composer-setup.php');")"
|
||||
|
||||
if [ "$EXPECTED_SIGNATURE" != "$ACTUAL_SIGNATURE" ]
|
||||
then
|
||||
>&2 echo 'ERROR: Invalid installer signature'
|
||||
rm composer-setup.php
|
||||
exit 1
|
||||
fi
|
||||
|
||||
php composer-setup.php --quiet --install-dir=/bin --filename=composer
|
||||
RESULT=$?
|
||||
rm composer-setup.php
|
||||
exit $RESULT
|
Loading…
Reference in New Issue