ThatGuyJack/nginx-proxy-manager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2025-08-03 07:53:39 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

add php

Browse Source 
Signed-off-by: Zoey <zoey@z0ey.de>
This commit is contained in:
Zoey
2022-12-19 08:27:13 +01:00
parent 19a304d9ce
commit 920bce627a
38 changed files with 511 additions and 279 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
rootfs/usr/local/bin/check-health
View File

@@ -1,8 +1,6 @@
#!/bin/sh
OK=$(wget -q --no-check-certificate https://127.0.0.1:81/api -O - | jq --raw-output '.status')
if [ "$OK" == "OK" ]; then
if (cgi-fcgi -bind -connect /dev/php7.sock > /dev/null && cgi-fcgi -bind -connect /dev/php8.sock > /dev/null && cgi-fcgi -bind -connect /dev/php81.sock > /dev/null && cgi-fcgi -bind -connect /dev/php82.sock > /dev/null && [ "$(wget -q --no-check-certificate https://127.0.0.1:81/api -O - | jq --raw-output '.status')" == "OK" ]); then
echo "OK"
exit 0
else

110
rootfs/usr/local/bin/start
View File

@@ -1,18 +1,52 @@
#!/bin/sh
if [ -f /data/nginx/default_host/site.conf ]; then
mv /data/nginx/default_host/site.conf /data/nginx/default.conf || exit 1
# From https://github.com/nextcloud/all-in-one/pull/1377/files
if [ -n "$PHP_APKS" ]; then
if ! echo "$PHP_APKS" | grep -q "^[a-z0-9 _-]\+$"; then
echo "You've set PHP_APKS but not to an allowed value.
It needs to be a string. Allowed are small letters a-z, digits 0-9, spaces, hyphens and underscores.
It is set to '$PHP_APKS'." || exit 1
sleep inf || exit 1
fi
read -ra APKS_ARRAY <<< "$PHP_APKS"
for apk in "${APKS_ARRAY[@]}"; do
if ! echo "$apk" | grep -q "php*"; then
echo "'$apk' is a non allowed value.
It needs to start with php.
It is set to '$apk'." || exit 1
sleep inf || exit 1
fi
echo "Installing $apk via apk..."
if ! apk add --no-cache "$apk" >/dev/null; then
echo "The packet $apk was not installed!"
fi
done
fi
mkdir -p /tmp/letsencrypt-acme-challenge \
/data/letsencrypt \
/data/custom_ssl \
/data/access \
/data/php \
/data/nginx/redirection_host \
/data/nginx/proxy_host \
/data/nginx/dead_host \
/data/nginx/stream \
/data/nginx/custom || exit 1
/data/nginx/custom \
/data/nginx/html || exit 1
if [ -f /data/nginx/default_host/site.conf ]; then
mv /data/nginx/default_host/site.conf /data/nginx/default.conf || exit 1
fi
if [ -f /data/nginx/default_www/index.html ]; then
mv /data/nginx/default_www/index.html /data/nginx/html/index.html || exit 1
fi
rm -rf /data/letsencrypt-acme-challenge \
/data/nginx/default_host \
@@ -36,7 +70,17 @@ find /data/nginx -type f -name '*.conf' -exec sed -i "s/# Asset Caching//g" {} \
find /data/nginx -type f -name '*.conf' -exec sed -i "s/proxy_http_version.*//g" {} \; || exit 1
find /data/nginx -type f -name '*.conf' -exec sed -i "s/access_log.*//g" {} \; || exit 1
touch /data/nginx/custom/root.conf \
if [ ! -f /data/nginx/dummycert.pem ] || [ ! -f /data/nginx/dummykey.pem ]; then
openssl req -new -newkey rsa:4096 -days 365000 -nodes -x509 -subj '/CN=*' -sha256 -keyout /data/nginx/dummykey.pem -out /data/nginx/dummycert.pem || exit 1
fi
if [ ! -f /data/nginx/default.conf ]; then
cp /usr/local/nginx/conf/conf.d/include/default.conf /data/nginx/default.conf || exit 1
fi
touch /data/nginx/default.conf \
/data/nginx/html/index.html \
/data/nginx/custom/root.conf \
/data/nginx/custom/events.conf \
/data/nginx/custom/http.conf \
/data/nginx/custom/http_top.conf \
@@ -48,13 +92,15 @@ touch /data/nginx/custom/root.conf \
/data/nginx/custom/server_stream_udp.conf \
/usr/local/nginx/conf/conf.d/include/ip_ranges.conf || exit 1
if [ ! -f /data/nginx/dummycert.pem ] || [ ! -f /data/nginx/dummykey.pem ]; then
openssl req -new -newkey rsa:4096 -days 365000 -nodes -x509 -subj '/CN=*' -sha256 -keyout /data/nginx/dummykey.pem -out /data/nginx/dummycert.pem || exit 1
fi
for folder in $(find /etc -maxdepth 1 -type d -name php*); do cp -Trn $folder /data/php/$(echo $folder| sed "s|/etc/php||g"); done;
for folder in $(find /etc -maxdepth 1 -type d -name php*); do sed -i "s|user =.*|user = root|" /data/php/$(echo $folder| sed "s|/etc/php||g")/php-fpm.d/www.conf; done;
for folder in $(find /etc -maxdepth 1 -type d -name php*); do sed -i "s|group =.*|group = root|" /data/php/$(echo $folder| sed "s|/etc/php||g")/php-fpm.d/www.conf; done;
for folder in $(find /etc -maxdepth 1 -type d -name php*); do sed -i "s|listen =.*|listen = /dev/$(echo $folder| sed "s|/etc/||g").sock|" /data/php/$(echo $folder| sed "s|/etc/php||g")/php-fpm.d/www.conf; done;
for folder in $(find /etc -maxdepth 1 -type d -name php*); do sed -i "s|include=.*|include=/data/php/$(echo $folder| sed "s|/etc/php||g")/php-fpm.d/*.conf|g" /data/php/$(echo $folder| sed "s|/etc/php||g")/php-fpm.conf; done;
if [ "$NPM_LISTEN_LOCALHOST" == "true" ]; then
sed -i "s/listen 81/listen 127.0.0.1:81/g" /usr/local/nginx/conf/conf.d/production.conf || exit 1
sed -i "s/listen \[::\]:81/listen \[::1\]:81/g" /usr/local/nginx/conf/conf.d/production.conf || exit 1
sed -i "s/listen 81/listen 127.0.0.1:81/g" /usr/local/nginx/conf/conf.d/npm.conf || exit 1
sed -i "s/listen \[::\]:81/listen \[::1\]:81/g" /usr/local/nginx/conf/conf.d/npm.conf || exit 1
fi
if [ "$NGINX_LOG_NOT_FOUND" == "true" ]; then
@@ -66,8 +112,32 @@ nginx -T || exit 1
sleep inf || exit 1
fi
while nginx -t 2> /dev/null; do
if ! cross-env PHP_INI_SCAN_DIR=/data/php/7/conf.d php-fpm7 -c /data/php/7 -y /data/php/7/php-fpm.conf -FORt 2> /dev/null; then
cross-env PHP_INI_SCAN_DIR=/data/php/7/conf.d php-fpm7 -c /data/php/7 -y /data/php/7/php-fpm.conf -FORt || exit 1
sleep inf || exit 1
fi
if ! cross-env PHP_INI_SCAN_DIR=/data/php/8/conf.d php-fpm8 -c /data/php/8 -y /data/php/8/php-fpm.conf -FORt 2> /dev/null; then
cross-env PHP_INI_SCAN_DIR=/data/php/8/conf.d php-fpm8 -c /data/php/8 -y /data/php/8/php-fpm.conf -FORt || exit 1
sleep inf || exit 1
fi
if ! cross-env PHP_INI_SCAN_DIR=/data/php/81/conf.d php-fpm81 -c /data/php/81 -y /data/php/81/php-fpm.conf -FORt 2> /dev/null; then
cross-env PHP_INI_SCAN_DIR=/data/php/81/conf.d php-fpm81 -c /data/php/81 -y /data/php/81/php-fpm.conf -FORt || exit 1
sleep inf || exit 1
fi
if ! cross-env PHP_INI_SCAN_DIR=/data/php/82/conf.d php-fpm82 -c /data/php/82 -y /data/php/82/php-fpm.conf -FORt 2> /dev/null; then
cross-env PHP_INI_SCAN_DIR=/data/php/82/conf.d php-fpm82 -c /data/php/82 -y /data/php/82/php-fpm.conf -FORt || exit 1
sleep inf || exit 1
fi
while (nginx -t 2> /dev/null && cross-env PHP_INI_SCAN_DIR=/data/php/7/conf.d php-fpm7 -c /data/php/7 -y /data/php/7/php-fpm.conf -FORt 2> /dev/null && cross-env PHP_INI_SCAN_DIR=/data/php/8/conf.d php-fpm8 -c /data/php/8 -y /data/php/8/php-fpm.conf -FORt 2> /dev/null && cross-env PHP_INI_SCAN_DIR=/data/php/81/conf.d php-fpm81 -c /data/php/81 -y /data/php/81/php-fpm.conf -FORt 2> /dev/null && cross-env PHP_INI_SCAN_DIR=/data/php/82/conf.d php-fpm82 -c /data/php/82 -y /data/php/82/php-fpm.conf -FORt 2> /dev/null); do
nginx || exit 1 &
cross-env PHP_INI_SCAN_DIR=/data/php/7/conf.d php-fpm7 -c /data/php/7 -y /data/php/7/php-fpm.conf -FOR || exit 1 &
cross-env PHP_INI_SCAN_DIR=/data/php/8/conf.d php-fpm8 -c /data/php/8 -y /data/php/8/php-fpm.conf -FOR || exit 1 &
cross-env PHP_INI_SCAN_DIR=/data/php/81/conf.d php-fpm81 -c /data/php/81 -y /data/php/81/php-fpm.conf -FOR || exit 1 &
cross-env PHP_INI_SCAN_DIR=/data/php/82/conf.d php-fpm82 -c /data/php/82 -y /data/php/82/php-fpm.conf -FOR || exit 1 &
node --abort_on_uncaught_exception --max_old_space_size=250 index.js || exit 1 &
wait
done
@@ -76,3 +146,23 @@ if ! nginx -t 2> /dev/null; then
nginx -T || exit 1
sleep inf || exit 1
fi
if ! cross-env PHP_INI_SCAN_DIR=/data/php/7/conf.d php-fpm7 -c /data/php/7 -y /data/php/7/php-fpm.conf -FORt 2> /dev/null; then
cross-env PHP_INI_SCAN_DIR=/data/php/7/conf.d php-fpm7 -c /data/php/7 -y /data/php/7/php-fpm.conf -FORt || exit 1
sleep inf || exit 1
fi
if ! cross-env PHP_INI_SCAN_DIR=/data/php/8/conf.d php-fpm8 -c /data/php/8 -y /data/php/8/php-fpm.conf -FORt 2> /dev/null; then
cross-env PHP_INI_SCAN_DIR=/data/php/8/conf.d php-fpm8 -c /data/php/8 -y /data/php/8/php-fpm.conf -FORt || exit 1
sleep inf || exit 1
fi
if ! cross-env PHP_INI_SCAN_DIR=/data/php/81/conf.d php-fpm81 -c /data/php/81 -y /data/php/81/php-fpm.conf -FORt 2> /dev/null; then
cross-env PHP_INI_SCAN_DIR=/data/php/81/conf.d php-fpm81 -c /data/php/81 -y /data/php/81/php-fpm.conf -FORt || exit 1
sleep inf || exit 1
fi
if ! cross-env PHP_INI_SCAN_DIR=/data/php/82/conf.d php-fpm82 -c /data/php/82 -y /data/php/82/php-fpm.conf -FORt 2> /dev/null; then
cross-env PHP_INI_SCAN_DIR=/data/php/82/conf.d php-fpm82 -c /data/php/82 -y /data/php/82/php-fpm.conf -FORt || exit 1
sleep inf || exit 1
fi

29
rootfs/usr/local/nginx/conf/conf.d/include/default.conf Normal file
View File

@@ -0,0 +1,29 @@
# ------------------------------------------------------------
# Default Site
# ------------------------------------------------------------
server {
listen 80 default_server;
listen [::]:80 default_server;
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
listen 443 http3 default_server;
listen [::]:443 http3 default_server;
server_name _;
include conf.d/include/force-ssl.conf;
include conf.d/include/ssl-ciphers.conf;
include conf.d/include/letsencrypt-acme-challenge.conf;
include conf.d/include/block-exploits.conf;
add_header alt-svc 'h3=":443"; ma=86400, h3-29=":443"; ma=86400';
ssl_certificate /data/nginx/dummycert.pem;
ssl_certificate_key /data/nginx/dummykey.pem;
location / {
include conf.d/include/letsencrypt-acme-challenge.conf;
alias /html/default/;
}
}

2
rootfs/usr/local/nginx/conf/conf.d/include/proxy.conf
View File

@@ -4,7 +4,7 @@ proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Accept-Encoding "";
proxy_set_header Host $host:$server_port;
proxy_set_header Host $host;
proxy_http_version 1.1;
proxy_ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1 TLSv1 SSLv3 SSLv2;

36
rootfs/usr/local/nginx/conf/conf.d/default.conf → rootfs/usr/local/nginx/conf/conf.d/no-server-name.conf
View File

@@ -1,34 +1,28 @@
server {
listen 81 ssl http2;
listen 81 http3;
listen [::]:81 ssl http2;
listen [::]:81 http3;
listen 80;
listen [::]:80;
server_name nginxproxymanager-default;
include conf.d/include/force-ssl.conf;
include conf.d/include/block-exploits.conf;
include conf.d/include/letsencrypt-acme-challenge.conf;
}
# First 443 Host, which is the default if another default doesn't exist
server {
listen 443 ssl http2;
listen 443 http3;
listen [::]:443 ssl http2;
listen 443 http3;
listen [::]:443 http3;
server_name "";
return 444;
include conf.d/include/force-ssl.conf;
include conf.d/include/ssl-ciphers.conf;
include conf.d/include/letsencrypt-acme-challenge.conf;
include conf.d/include/block-exploits.conf;
add_header alt-svc 'h3=":443"; ma=86400, h3-29=":443"; ma=86400';
server_name nginxproxymanager-default;
ssl_certificate /data/nginx/dummycert.pem;
ssl_certificate_key /data/nginx/dummykey.pem;
include conf.d/include/ssl-ciphers.conf;
include conf.d/include/block-exploits.conf;
include conf.d/include/letsencrypt-acme-challenge.conf;
location / {
include conf.d/include/letsencrypt-acme-challenge.conf;
root /var/www/html;
}
}

6
rootfs/usr/local/nginx/conf/conf.d/production.conf → rootfs/usr/local/nginx/conf/conf.d/npm.conf
View File

@@ -1,11 +1,11 @@
# Admin Interface
server {
listen 81 ssl http2 default_server;
listen 81 http3 default_server;
listen [::]:81 ssl http2 default_server;
listen [::]:81 http3 default_server;
server_name nginxproxymanager;
server_name _;
ssl_certificate /data/nginx/dummycert.pem;
ssl_certificate_key /data/nginx/dummykey.pem;
include conf.d/include/ssl-ciphers.conf;
@@ -26,7 +26,7 @@ server {
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Accept-Encoding "";
proxy_set_header Host $host:$server_port;
proxy_set_header Host $host;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;

27
rootfs/usr/local/nginx/conf/nginx.conf
View File

@@ -36,11 +36,15 @@ http {
gzip_comp_level 9;
resolver localhost;
index index.html Index.html;
fastcgi_index index.php;
index index.php index.html;
error_page 404 =307 $scheme://$host:$server_port;
error_page 497 =301 https://$host:$server_port$request_uri;
proxy_headers_hash_max_size 1024;
proxy_headers_hash_bucket_size 128;
# Default upstream scheme
map $host $forward_scheme {
default http;
@@ -52,6 +56,22 @@ http {
'' close;
}
upstream php7 {
server unix:/dev/php7.sock;
}
upstream php8 {
server unix:/dev/php8.sock;
}
upstream php81 {
server unix:/dev/php81.sock;
}
upstream php82 {
server unix:/dev/php82.sock;
}
# Fancy Index
fancyindex on;
fancyindex_localtime on;
@@ -75,7 +95,10 @@ http {
set_real_ip_from 169.254.0.0/16;
set_real_ip_from fc00::/7;
set_real_ip_from fec0::/10;
include fastcgi.conf;
fastcgi_param HTTP_PROXY "";
include conf.d/include/ip_ranges.conf;
include /data/nginx/default.conf;