From a96edad9fca86d8939cf4973cd3284861f261cb4 Mon Sep 17 00:00:00 2001 From: noogen Date: Tue, 20 Nov 2018 09:37:03 -0600 Subject: [PATCH 1/2] update doc comment on restart for my-startup.sh #68 --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 5f361b0..16e4355 100644 --- a/README.md +++ b/README.md @@ -39,7 +39,7 @@ FTP was not installed on purpose because it's not secure. Use SFTP instead on t - [x] Use incrond to watch /etc/{passwd,shadow,gshadow,group} and sync to /backup/.etc so remember to attach the backup volume if you want to save password across restart. - [x] AWS CLI has been installed to simplify your backup lifestyle. You just need to setup a cron on VestaCP. - [x] Update *index.html* to remove reference to VestaCP from default site for security. -- [x] **Dovecot/roundcube email, phpmyadmin, phppgadmin, and DNS services** are disabled by default. Look at /home/admin/bin/my-startup.sh for instruction on how to re-enable these services. +- [x] **Dovecot/roundcube email, phpmyadmin, phppgadmin, and DNS services** are disabled by default. Look at /home/admin/bin/my-startup.sh for instruction on how to re-enable these services. Remember to restart your container after updating my-startup.sh. ### misc/tested/verified - [x] ssh/sftp, nginx, apache2, php7.1+ & v8js From 6df9a819d5ca6838c55277bf54f8a6dc4f72a3ee Mon Sep 17 00:00:00 2001 From: noogen Date: Sat, 8 Dec 2018 10:07:03 -0600 Subject: [PATCH 2/2] add php 7.3 support --- Dockerfile | 58 ++++++++++++++++---- README.md | 2 + rootfs/etc/nginx/location_optmz_php.conf | 21 ------- rootfs/etc/nginx/nginx.new | 1 - rootfs/etc/nginx/wp_super_cache.conf | 43 --------------- rootfs/sysprepz/nginx-templates/php-fpm.stpl | 23 ++------ rootfs/sysprepz/nginx-templates/php-fpm.tpl | 19 ++----- 7 files changed, 61 insertions(+), 106 deletions(-) delete mode 100644 rootfs/etc/nginx/wp_super_cache.conf diff --git a/Dockerfile b/Dockerfile index fe6401a..3896a65 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,11 +1,11 @@ -FROM niiknow/docker-hostingbase:1.2.3 +FROM niiknow/docker-hostingbase:1.3.0 LABEL maintainer="noogen " ENV DEBIAN_FRONTEND=noninteractive \ VESTA=/usr/local/vesta \ GOLANG_VERSION=1.11.2 \ NGINX_BUILD_DIR=/usr/src/nginx \ NGINX_DEVEL_KIT_VERSION=0.3.0 NGINX_SET_MISC_MODULE_VERSION=0.31 \ - NGINX_VERSION=1.14.1 \ + NGINX_VERSION=1.14.2 \ NGINX_PAGESPEED_VERSION=1.13.35.2 \ NGINX_PSOL_VERSION=1.13.35.2 \ IMAGE_FILTER_URL=https://raw.githubusercontent.com/niiknow/docker-nginx-image-proxy/master/build/src/ngx_http_image_filter_module.c @@ -68,6 +68,11 @@ RUN cd /tmp \ php7.2-tidy php7.2-opcache php7.2-json php7.2-bz2 php7.2-pgsql php7.2-readline php7.2-imagick \ php7.2-intl php7.2-sqlite3 php7.2-ldap php7.2-xml php7.2-redis php7.2-dev php7.2-fpm \ php7.2-soap php7.2-bcmath php7.2-fileinfo php7.2-xdebug php7.2-exif php7.2-tokenizer \ + && apt-get install -yq php7.3-mbstring php7.3-cgi php7.3-cli php7.3-dev php7.3-geoip php7.3-common php7.3-xmlrpc php7.3-sybase php7.3-curl \ + php7.3-enchant php7.3-imap php7.3-xsl php7.3-mysql php7.3-mysqli php7.3-mysqlnd php7.3-pspell php7.3-gd php7.3-zip \ + php7.3-tidy php7.3-opcache php7.3-json php7.3-bz2 php7.3-pgsql php7.3-readline php7.3-imagick \ + php7.3-intl php7.3-sqlite3 php7.3-ldap php7.3-xml php7.3-redis php7.3-dev php7.3-fpm \ + php7.3-soap php7.3-bcmath php7.3-fileinfo php7.3-xdebug php7.3-exif php7.3-tokenizer \ # put nginx on hold so it doesn't get updates with apt-get upgrade, also remove from vesta apt-get && apt-mark hold nginx postgresql-11 postgresql-client-11 postgresql-doc-11 postgresql-contrib \ @@ -79,7 +84,7 @@ RUN cd /tmp \ RUN cd /tmp \ # begin setup for vesta - && curl -SL https://raw.githubusercontent.com/serghey-rodin/vesta/a1b3aa3a8432b72842fe13ee77a892d2bba2b022/install/vst-install-ubuntu.sh -o /tmp/vst-install-ubuntu.sh \ + && curl -SL https://raw.githubusercontent.com/serghey-rodin/vesta/59695acd10ce63740bcf274a13569230362e06c5/install/vst-install-ubuntu.sh -o /tmp/vst-install-ubuntu.sh \ && sed -i -e "s/mysql\-server nginx/mysql-server/g" /tmp/vst-install-ubuntu.sh \ # fix mariadb instead of mysql @@ -103,7 +108,7 @@ RUN cd /tmp \ && service apache2 stop && service vesta stop \ # install additional mods since 7.2 became default in the php repo - && apt-get install -yf --no-install-recommends libapache2-mod-php7.1 \ + && apt-get install -yf --no-install-recommends libapache2-mod-php7.1 libapache2-mod-php7.2 libapache2-mod-php7.3 \ postgresql-9.6-postgis-2.3 postgresql-9.6-pgrouting postgis postgis-gui postgresql-9.6-pgaudit \ postgresql-9.6-repack \ @@ -115,13 +120,7 @@ RUN cd /tmp \ # make sure we default fcgi and php to 7.2 && mv /usr/bin/php-cgi /usr/bin/php-cgi-old \ && ln -s /usr/bin/php-cgi7.2 /usr/bin/php-cgi \ - && update-alternatives --set php /usr/bin/php7.2 \ - && update-alternatives --set phar /usr/bin/phar7.2 \ - && update-alternatives --set phar.phar /usr/bin/phar.phar7.2 \ - && pecl config-set php_ini /etc/php/7.2/cli/php.ini \ - && pecl config-set ext_dir /usr/lib/php/20170718 \ - && pecl config-set php_bin /usr/bin/php7.2 \ - && pecl config-set php_suffix 7.2 \ + && /usr/bin/switch-php.sh "7.2" \ # setting upawscli, golang, and awscli && curl -O https://bootstrap.pypa.io/get-pip.py \ @@ -176,6 +175,12 @@ RUN cd /tmp \ && ln -sf /etc/php/7.2/mods-available/pcs.ini /etc/php/7.2/cgi/conf.d/15-pcs.ini \ && ln -sf /etc/php/7.2/mods-available/pcs.ini /etc/php/7.2/fpm/conf.d/15-pcs.ini \ + && echo "extension=pcs.so" > /etc/php/7.3/mods-available/pcs.ini \ + && ln -sf /etc/php/7.3/mods-available/pcs.ini /etc/php/7.3/apache2/conf.d/15-pcs.ini \ + && ln -sf /etc/php/7.3/mods-available/pcs.ini /etc/php/7.3/cli/conf.d/15-pcs.ini \ + && ln -sf /etc/php/7.3/mods-available/pcs.ini /etc/php/7.3/cgi/conf.d/15-pcs.ini \ + && ln -sf /etc/php/7.3/mods-available/pcs.ini /etc/php/7.3/fpm/conf.d/15-pcs.ini \ + && echo "extension=couchbase.so" > /etc/php/7.1/mods-available/couchbase.ini \ && ln -sf /etc/php/7.1/mods-available/couchbase.ini /etc/php/7.1/apache2/conf.d/30-couchbase.ini \ && ln -sf /etc/php/7.1/mods-available/couchbase.ini /etc/php/7.1/cli/conf.d/30-couchbase.ini \ @@ -188,6 +193,12 @@ RUN cd /tmp \ && ln -sf /etc/php/7.2/mods-available/couchbase.ini /etc/php/7.2/cgi/conf.d/30-couchbase.ini \ && ln -sf /etc/php/7.2/mods-available/couchbase.ini /etc/php/7.2/fpm/conf.d/30-couchbase.ini \ + && echo "extension=couchbase.so" > /etc/php/7.3/mods-available/couchbase.ini \ + && ln -sf /etc/php/7.3/mods-available/couchbase.ini /etc/php/7.3/apache2/conf.d/30-couchbase.ini \ + && ln -sf /etc/php/7.3/mods-available/couchbase.ini /etc/php/7.3/cli/conf.d/30-couchbase.ini \ + && ln -sf /etc/php/7.3/mods-available/couchbase.ini /etc/php/7.3/cgi/conf.d/30-couchbase.ini \ + && ln -sf /etc/php/7.3/mods-available/couchbase.ini /etc/php/7.3/fpm/conf.d/30-couchbase.ini \ + # performance tweaks && chmod 0755 /etc/init.d/disable-transparent-hugepages \ @@ -233,6 +244,11 @@ RUN cd /tmp \ && sed -i "s/upload_max_filesize = 2M/upload_max_filesize = 600M/" /etc/php/7.2/cgi/php.ini \ && sed -i "s/upload_max_filesize = 2M/upload_max_filesize = 600M/" /etc/php/7.2/fpm/php.ini \ + && sed -i "s/upload_max_filesize = 2M/upload_max_filesize = 600M/" /etc/php/7.3/apache2/php.ini \ + && sed -i "s/upload_max_filesize = 2M/upload_max_filesize = 600M/" /etc/php/7.3/cli/php.ini \ + && sed -i "s/upload_max_filesize = 2M/upload_max_filesize = 600M/" /etc/php/7.3/cgi/php.ini \ + && sed -i "s/upload_max_filesize = 2M/upload_max_filesize = 600M/" /etc/php/7.3/fpm/php.ini \ + && sed -i "s/post_max_size = 8M/post_max_size = 600M/" /etc/php/7.1/apache2/php.ini \ && sed -i "s/post_max_size = 8M/post_max_size = 600M/" /etc/php/7.1/cli/php.ini \ && sed -i "s/post_max_size = 8M/post_max_size = 600M/" /etc/php/7.1/cgi/php.ini \ @@ -243,6 +259,11 @@ RUN cd /tmp \ && sed -i "s/post_max_size = 8M/post_max_size = 600M/" /etc/php/7.2/cgi/php.ini \ && sed -i "s/post_max_size = 8M/post_max_size = 600M/" /etc/php/7.2/fpm/php.ini \ + && sed -i "s/post_max_size = 8M/post_max_size = 600M/" /etc/php/7.3/apache2/php.ini \ + && sed -i "s/post_max_size = 8M/post_max_size = 600M/" /etc/php/7.3/cli/php.ini \ + && sed -i "s/post_max_size = 8M/post_max_size = 600M/" /etc/php/7.3/cgi/php.ini \ + && sed -i "s/post_max_size = 8M/post_max_size = 600M/" /etc/php/7.3/fpm/php.ini \ + && sed -i "s/max_input_time = 60/max_input_time = 3600/" /etc/php/7.1/apache2/php.ini \ && sed -i "s/max_input_time = 60/max_input_time = 3600/" /etc/php/7.1/cli/php.ini \ && sed -i "s/max_input_time = 60/max_input_time = 3600/" /etc/php/7.1/cgi/php.ini \ @@ -253,6 +274,11 @@ RUN cd /tmp \ && sed -i "s/max_input_time = 60/max_input_time = 3600/" /etc/php/7.2/cgi/php.ini \ && sed -i "s/max_input_time = 60/max_input_time = 3600/" /etc/php/7.2/fpm/php.ini \ + && sed -i "s/max_input_time = 60/max_input_time = 3600/" /etc/php/7.3/apache2/php.ini \ + && sed -i "s/max_input_time = 60/max_input_time = 3600/" /etc/php/7.3/cli/php.ini \ + && sed -i "s/max_input_time = 60/max_input_time = 3600/" /etc/php/7.3/cgi/php.ini \ + && sed -i "s/max_input_time = 60/max_input_time = 3600/" /etc/php/7.3/fpm/php.ini \ + && sed -i "s/max_execution_time = 30/max_execution_time = 300/" /etc/php/7.1/apache2/php.ini \ && sed -i "s/max_execution_time = 30/max_execution_time = 300/" /etc/php/7.1/cli/php.ini \ && sed -i "s/max_execution_time = 30/max_execution_time = 300/" /etc/php/7.1/cgi/php.ini \ @@ -263,6 +289,11 @@ RUN cd /tmp \ && sed -i "s/max_execution_time = 30/max_execution_time = 300/" /etc/php/7.2/cgi/php.ini \ && sed -i "s/max_execution_time = 30/max_execution_time = 300/" /etc/php/7.2/fpm/php.ini \ + && sed -i "s/max_execution_time = 30/max_execution_time = 300/" /etc/php/7.3/apache2/php.ini \ + && sed -i "s/max_execution_time = 30/max_execution_time = 300/" /etc/php/7.3/cli/php.ini \ + && sed -i "s/max_execution_time = 30/max_execution_time = 300/" /etc/php/7.3/cgi/php.ini \ + && sed -i "s/max_execution_time = 30/max_execution_time = 300/" /etc/php/7.3/fpm/php.ini \ + && sed -i -e "s/;sendmail_path =/sendmail_path = \/usr\/sbin\/exim \-t/g" /etc/php/7.1/apache2/php.ini \ && sed -i -e "s/;sendmail_path =/sendmail_path = \/usr\/sbin\/exim \-t/g" /etc/php/7.1/cli/php.ini \ && sed -i -e "s/;sendmail_path =/sendmail_path = \/usr\/sbin\/exim \-t/g" /etc/php/7.1/cgi/php.ini \ @@ -273,6 +304,11 @@ RUN cd /tmp \ && sed -i -e "s/;sendmail_path =/sendmail_path = \/usr\/sbin\/exim \-t/g" /etc/php/7.2/cgi/php.ini \ && sed -i -e "s/;sendmail_path =/sendmail_path = \/usr\/sbin\/exim \-t/g" /etc/php/7.2/fpm/php.ini \ + && sed -i -e "s/;sendmail_path =/sendmail_path = \/usr\/sbin\/exim \-t/g" /etc/php/7.3/apache2/php.ini \ + && sed -i -e "s/;sendmail_path =/sendmail_path = \/usr\/sbin\/exim \-t/g" /etc/php/7.3/cli/php.ini \ + && sed -i -e "s/;sendmail_path =/sendmail_path = \/usr\/sbin\/exim \-t/g" /etc/php/7.3/cgi/php.ini \ + && sed -i -e "s/;sendmail_path =/sendmail_path = \/usr\/sbin\/exim \-t/g" /etc/php/7.3/fpm/php.ini \ + # set same upload limit for php fcgi && sed -i "s/FcgidConnectTimeout 20/FcgidMaxRequestLen 629145600\n FcgidConnectTimeout 20/" /etc/apache2/mods-available/fcgid.conf \ diff --git a/README.md b/README.md index 16e4355..5b52769 100644 --- a/README.md +++ b/README.md @@ -70,6 +70,8 @@ If you use this Docker for hosting and allow your user to login, I also recommen Enjoy!!! ## Release Notes +1.5.2 - with php7.3 support. + 1.4.0 - Major release! In this update, we remove support for php5.6 and 7.0 as it will no longer officially supported/at end of life (EOL): http://php.net/supported-versions.php There is no excuse. You know this day was coming. * PHP 7.3 has not release so it's not yet available, but templates were added to prep for 7.3 release at the end of the year. We will also switch from nodejs 8.x to nodejs 10.x once it go into LTS at the end of this month. diff --git a/rootfs/etc/nginx/location_optmz_php.conf b/rootfs/etc/nginx/location_optmz_php.conf index 148021e..4b11073 100644 --- a/rootfs/etc/nginx/location_optmz_php.conf +++ b/rootfs/etc/nginx/location_optmz_php.conf @@ -25,24 +25,3 @@ log_not_found off; access_log off; } - - location /nginx_status { - stub_status on; - access_log off; - } - - location = /wp-admin { - rewrite ^ /wp-admin/ permanent; - } - - location = /admin { - rewrite ^ /admin/ permanent; - } - - location = /dashboard { - rewrite ^ /dashboard/ permanent; - } - - location = /error { - rewrite ^ /error/ permanent; - } \ No newline at end of file diff --git a/rootfs/etc/nginx/nginx.new b/rootfs/etc/nginx/nginx.new index a3c5e2c..c1430e7 100644 --- a/rootfs/etc/nginx/nginx.new +++ b/rootfs/etc/nginx/nginx.new @@ -101,7 +101,6 @@ http { underscores_in_headers on; proxy_cache_min_uses 2; - #proxy_cache site_diskcached; proxy_ssl_server_name on; proxy_intercept_errors on; diff --git a/rootfs/etc/nginx/wp_super_cache.conf b/rootfs/etc/nginx/wp_super_cache.conf deleted file mode 100644 index 84967d1..0000000 --- a/rootfs/etc/nginx/wp_super_cache.conf +++ /dev/null @@ -1,43 +0,0 @@ -set $supercacheuri ""; -set $supercachefile "$document_root/wp-content/cache/supercache/${http_host}${uri}index.html.gz"; -if (-e $supercachefile) { - set $supercacheuri "/wp-content/cache/supercache/${http_host}${uri}index.html.gz"; -} - -# If this is a POST request, pass the request onto WordPress. -if ($request_method = POST) { - set $supercacheuri ""; -} - -# If there is a query string, serve the uncached version. -if ($query_string) { - set $supercacheuri ""; -} - -# Logged in users and those who have posted a comment get the non-cached version. -if ($http_cookie ~* comment_author_|wordpress_logged_in|wp-postpass_) { - set $supercacheuri ""; -} - -# Mobile browsers get the non-cached version. -# Wastes CPU cycles if there isn't a mobile browser WP theme for the site. -if ($http_x_wap_profile) { - set $supercacheuri ""; -} - -if ($http_profile) { - set $supercacheuri ""; -} - -if ($http_user_agent ~* (2.0\ MMP|240x320|400X240|AvantGo|BlackBerry|Blazer|Cellphone|Danger|DoCoMo|Elaine/3.0|EudoraWeb|Googlebot-Mobile|hiptop|IEMobile|KYOCERA/WX310K|LG/U990|MIDP-2.|MMEF20|MOT-V|NetFront|Newt|Nintendo\ Wii|Nitro|Nokia|Opera\ Mini|Palm|PlayStation\ Portable|portalmmm|Proxinet|ProxiNet|SHARP-TQ-GX10|SHG-i900|Small|SonyEricsson|Symbian\ OS|SymbianOS|TS21i-10|UP.Browser|UP.Link|webOS|Windows\ CE|WinWAP|YahooSeeker/M1A1-R2D2|iPhone|iPod|Android|BlackBerry9530|LG-TU915\ Obigo|LGE\ VX|webOS|Nokia5800)) { - set $supercacheuri ""; -} - -if ($http_user_agent ~* (w3c\ |w3c-|acs-|alav|alca|amoi|audi|avan|benq|bird|blac|blaz|brew|cell|cldc|cmd-|dang|doco|eric|hipt|htc_|inno|ipaq|ipod|jigs|kddi|keji|leno|lg-c|lg-d|lg-g|lge-|lg/u|maui|maxo|midp|mits|mmef|mobi|mot-|moto|mwbp|nec-|newt|noki|palm|pana|pant|phil|play|port|prox|qwap|sage|sams|sany|sch-|sec-|send|seri|sgh-|shar|sie-|siem|smal|smar|sony|sph-|symb|t-mo|teli|tim-|tosh|tsm-|upg1|upsi|vk-v|voda|wap-|wapa|wapi|wapp|wapr|webc|winw|winw|xda\ |xda-)) { - set $supercacheuri ""; -} - -# Stop processing if the supercache file is valid. -if ($supercacheuri) { - rewrite ^ $supercacheuri break; -} \ No newline at end of file diff --git a/rootfs/sysprepz/nginx-templates/php-fpm.stpl b/rootfs/sysprepz/nginx-templates/php-fpm.stpl index 6cbce30..d1e0b0b 100644 --- a/rootfs/sysprepz/nginx-templates/php-fpm.stpl +++ b/rootfs/sysprepz/nginx-templates/php-fpm.stpl @@ -16,9 +16,13 @@ server { } root $site; + if ($request_method != GET) { + set $no_cache 1; + } + location / { # allow for custom handling - include %docroot%/sngin*.conf; + include %docroot%/ngin*.conf; try_files $uri $uri/ /index.php$is_args$args; } @@ -26,26 +30,11 @@ server { location ~ \.php$ { try_files $uri /index.php =404; - if ($http_cookie ~ (comment_author_.*|wordpress_logged_in.*|wp-postpass_.*)) { - set $no_cache 1; - } - fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_pass unix:/var/run/vesta-php-fpm-%domain_idn%.sock; + fastcgi_pass unix:/var/run/vesta-php-fpm-%domain_idn%.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; - - fastcgi_intercept_errors on; - - fastcgi_cache_use_stale error timeout invalid_header http_500; - fastcgi_cache_key $host$request_uri; - fastcgi_cache fpm_%domain%; - - # small amount of cache goes a long way - fastcgi_cache_valid 200 1m; - fastcgi_cache_bypass $no_cache; - fastcgi_no_cache $no_cache; } error_page 403 /error/404.html; diff --git a/rootfs/sysprepz/nginx-templates/php-fpm.tpl b/rootfs/sysprepz/nginx-templates/php-fpm.tpl index e75908f..e689810 100644 --- a/rootfs/sysprepz/nginx-templates/php-fpm.tpl +++ b/rootfs/sysprepz/nginx-templates/php-fpm.tpl @@ -15,9 +15,13 @@ server { } root $site; + if ($request_method != GET) { + set $no_cache 1; + } + location / { # allow for custom handling - include %docroot%/sngin*.conf; + include %docroot%/ngin*.conf; try_files $uri $uri/ /index.php$is_args$args; } @@ -30,21 +34,10 @@ server { } fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_pass unix:/var/run/vesta-php-fpm-%domain_idn%.sock; + fastcgi_pass unix:/var/run/vesta-php-fpm-%domain_idn%.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; - - fastcgi_intercept_errors on; - - fastcgi_cache_use_stale error timeout invalid_header http_500; - fastcgi_cache_key $host$request_uri; - fastcgi_cache fpm_%domain%; - - # small amount of cache goes a long way - fastcgi_cache_valid 200 1m; - fastcgi_cache_bypass $no_cache; - fastcgi_no_cache $no_cache; } error_page 403 /error/404.html;