forked from baseboxorg/docker-wordpress-nginx-fpm-cache-ssl
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Dockerfile
230 lines (179 loc) · 6.79 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
# ===============================================================================
# Dockerfile
# "Wordpress + Nginx + Cached + NoDB" docker image - production ready
#
# What's it included:
#
# - php-fpm
# - Wordpress - build with the **latest** version
# - Nginx - as reverse proxy, HTTP / HTTPS enabled.
# - Cache - fastcgi-cache, fastcgi_cache_purge, Opcache
# - No DB included.
#
# Optional
#
# - Deploy `letsencrypt` SSL.
# - Deploy normal SSL.
#
# @link https://letsencrypt.org/ | letsencrypt
#
# It is based on Ubuntu 14.04 LTS
# ===============================================================================
# Set the base image to Ubuntu
FROM ubuntu:14.04
# File Author / Maintainer
MAINTAINER Lei SHI <[email protected]>
# Default HTTP and HTTPS ports
EXPOSE 80 443
# ===============================================================================
# Env. Setup
#
# Keep upstart from complaining
RUN dpkg-divert --local --rename --add /sbin/initctl && \
ln -sf /bin/true /sbin/initctl
# Let the container know that there is no tty
ENV DEBIAN_FRONTEND noninteractive
# Update the repository sources list and finish upgrade
RUN apt-get update && apt-get -y upgrade
# ----------------------------------------------------------
# Dependencies
# ----------------------------------------------------------
# Basic Dependencies
#
# The basic dependecies includes:
#
# - PHP & fpm
# - MySQL client
# - curl
# - Git
# - pwgen - Open-Source Password Generator
# - python-setuptools - for `easy_install`
#
RUN apt-get install -y mysql-client \
php5-fpm \
php5-mysql \
pwgen \
python-setuptools \
curl \
git \
unzip
# **Wordpress** Dependencies
RUN apt-get install -y php5-curl \
php5-gd \
php5-intl \
php-pear \
php5-imagick \
php5-imap \
php5-mcrypt \
php5-memcache \
php5-ming \
php5-ps \
php5-pspell \
php5-recode \
php5-sqlite \
php5-tidy \
php5-xmlrpc \
php5-xsl
### ---- FIX -----
# Fix 'add-apt-repository: not found' in Ubuntu 14.04 LTS
RUN apt-get -y install software-properties-common \
python-software-properties
# ----------------------------------------------------------
# Nginx
#
# Nginx compiled with `fastcgi_cache` and `fastcgi_cache_purge`
#
# @link https://easyengine.io/wordpress-nginx/tutorials/single-site/fastcgi-cache-with-purging/
# ----------------------------------------------------------
RUN add-apt-repository ppa:rtcamp/nginx && \
apt-get update && \
apt-get remove nginx* && \
apt-get install -y nginx-custom
############################################################
# Configurations
#
# ----------------------------------------------------------
# Nginx Config
# ----------------------------------------------------------
# Copy config files to `/etc/nginx/` folder
COPY config/nginx.conf /etc/nginx/nginx.conf
COPY config/nginx-site-http.conf /etc/nginx/nginx-site-http.conf
COPY config/nginx-site-https.conf /etc/nginx/nginx-site-https.conf
# Default **site** config - HTTP
# Later if need to enforce SSL, use `nginx-site-http.conf` instead.
COPY config/nginx-site-https.conf /etc/nginx/sites-available/default
COPY config/nginx-ssl.conf /etc/nginx/ssl-template.conf
COPY config/nginx-restrictions.conf /etc/nginx/restrictions.conf
# ----------------------------------------------------------
# PHP-fpm Config
# ----------------------------------------------------------
RUN sed -i -e "s/;cgi.fix_pathinfo\s*=\s*1/cgi.fix_pathinfo = 0/g; s/expose_php\s*=\s*On/expose_php = Off/g" \
/etc/php5/fpm/php.ini
RUN sed -i -e "s/expose_php\s*=\s*On/expose_php = Off/g" /etc/php5/fpm/php.ini
RUN sed -i -e "s/upload_max_filesize\s*=\s*2M/upload_max_filesize = 100M/g; s/post_max_size\s*=\s*8M/post_max_size = 100M/g" \
/etc/php5/fpm/php.ini
#RUN sed -i -e "s/post_max_size\s*=\s*8M/post_max_size = 100M/g" /etc/php5/fpm/php.ini
RUN sed -i -e "s/;daemonize\s*=\s*yes/daemonize = no/g" /etc/php5/fpm/php-fpm.conf
RUN sed -i -e "s/;catch_workers_output\s*=\s*yes/catch_workers_output = yes/g; s/listen\s*=\s*\/var\/run\/php5-fpm.sock/listen = 127.0.0.1:9000/g; s/;listen.allowed_clients\s*=\s*127.0.0.1/listen.allowed_clients = 127.0.0.1/g" \
/etc/php5/fpm/pool.d/www.conf
#RUN sed -i -e "s/listen\s*=\s*\/var\/run\/php5-fpm.sock/listen = 127.0.0.1:9000/g" /etc/php5/fpm/pool.d/www.conf
#RUN sed -i -e "s/;listen.allowed_clients\s*=\s*127.0.0.1/listen.allowed_clients = 127.0.0.1/g" /etc/php5/fpm/pool.d/www.conf
# ----------------------------------------------------------
# Opcode Config
# ----------------------------------------------------------
RUN sed -i -e"s/^;opcache.enable\s*=\s*0/opcache.enable = 1/; s/^;opcache.max_accelerated_files\s*=\s*2000/opcache.max_accelerated_files = 4000/" /etc/php5/fpm/php.ini
#RUN sed -i -e"s/^;opcache.max_accelerated_files\s*=\s*2000/opcache.max_accelerated_files = 4000/" /etc/php5/fpm/php.ini
# ===============================================================================
# Install & Config Supervisor
#
# Supervisor is a process manager which makes managing a number of long-running programs a trivial task
# by providing a consistent interface through which they can be monitored and controlled.
#
# it uses `easy_install` (from `python-setuptools`) to install **supervisor**.
#
# @link http://supervisord.org/#
#
RUN /usr/bin/easy_install supervisor && \
/usr/bin/easy_install supervisor-stdout
COPY config/supervisord.conf /etc/supervisord.conf
# ===============================================================================
# Install Wordpress
#
# Get the code of **latest** version.
RUN cd /usr/share/nginx/ && \
curl -o wp-latest.tar.gz https://wordpress.org/latest.tar.gz && \
tar -xvf wp-latest.tar.gz && \
rm wp-latest.tar.gz
# Target **webroot** - `/usr/share/nginx/www`
RUN rm -rf /usr/share/nginx/www && \
mv /usr/share/nginx/wordpress /usr/share/nginx/www && \
chown -R www-data:www-data /usr/share/nginx/www
# ===============================================================================
# System Initialization
#
## Copy the **pre-defined** bash script
COPY bash/init.sh /init.sh
## Modify the permisison - make sure they are excuatable
RUN chmod 755 /init.sh
# Set up default CMD
CMD ["/bin/bash", "/init.sh"]
# ===============================================================================
# Copy "optional" scripts
#
# Under `/addon` folder.
#
# `letsencrypt` SSL related
# @link https://letsencrypt.org/ | letsencrypt
COPY bash/ssl-letsencrypt.sh /addon/letsencrypt/ssl-letsencrypt.sh
# Normal SSL related
COPY bash/ssl.sh /addon/ssl.sh
# Install WP plugins
COPY bash/wp-install-plugins.sh /addon/wp-install-plugins.sh
# ===============================================================================
# Volume Mounting
#
# - Wordpress content
# - Log
#
# Mount the volumes
VOLUME ["/usr/share/nginx/www/wp-content", "/var/log"]