From f60e950d895a0768c91925e9bd788b29d6852c57 Mon Sep 17 00:00:00 2001 From: eater <=@eater.me> Date: Thu, 21 Feb 2019 15:35:55 +0100 Subject: [PATCH] Fix php-fpm container, and add logging to php-fpm --- nginx/files/nginx.conf | 11 ++++++++--- php-fpm/Dockerfile | 3 ++- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/nginx/files/nginx.conf b/nginx/files/nginx.conf index 27531e2..1d0c83a 100644 --- a/nginx/files/nginx.conf +++ b/nginx/files/nginx.conf @@ -1,11 +1,17 @@ user www www; worker_processes auto; +error_log /dev/stderr info; events { worker_connections 1024; } http { + log_format main '$remote_addr - $remote_user - [$host][$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /dev/stdout main; include mime.types; default_type application/octet-stream; sendfile on; @@ -13,7 +19,7 @@ http { gzip on; # Secure SSL Settings, source: https://cipherli.st/ - ssl_protocols TLSv1.3; + ssl_protocols TLSv1.3 TLSv1.2; ssl_prefer_server_ciphers on; ssl_dhparam /etc/nginx/dhparam.pem; ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384; @@ -29,8 +35,7 @@ http { add_header X-XSS-Protection "1; mode=block"; server { - listen 80; - listen 443 ssl; + listen 80 default_server; root /sites/default; } diff --git a/php-fpm/Dockerfile b/php-fpm/Dockerfile index b0c2bb0..8549bd8 100644 --- a/php-fpm/Dockerfile +++ b/php-fpm/Dockerfile @@ -1,6 +1,7 @@ FROM d.xr.to/php RUN xbps-install -Sy php-fpm RUN useradd -rU www -u 444 -RUN sed 's:\(user\|group\)\s*=\s*http:\1 = www:' +RUN mkdir /var/log +RUN sed -i 's:\(user\|group\)\s*=\s*http:\1 = www:;s:127\.0\.0\.1\:9000:9000:;s:\;error_log\s*=.+:error_log = /dev/stderr:;' /etc/php/php-fpm.conf /etc/php/php-fpm.d/www.conf EXPOSE 9000/tcp CMD ["/usr/bin/php-fpm", "--nodaemonize"]