diff --git a/Dockerfile b/Dockerfile index 937a9028..a643d1e8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,14 +5,13 @@ COPY global /app/global COPY frontend/dist /app/frontend WORKDIR /app -RUN echo https://dl-cdn.alpinelinux.org/alpine/edge/testing | tee -a /etc/apk/repositories && \ - apk upgrade --no-cache && \ +RUN apk upgrade --no-cache && \ apk add --no-cache ca-certificates wget tzdata bash coreutils \ python3 \ nodejs-current npm \ openssl apache2-utils jq fcgi \ gcc g++ libffi-dev python3-dev \ - php7 php7-fpm php8 php8-fpm php81 php81-fpm php82 php82-fpm && \ + php81 php81-fpm php82 php82-fpm && \ # Install cross-env npm install --global cross-env && \ diff --git a/README.md b/README.md index 73d325f1..4304562b 100644 --- a/README.md +++ b/README.md @@ -53,7 +53,7 @@ so that the barrier for entry here is low. - Easy security headers, see [here](https://github.com/GetPageSpeed/ngx_security_headers), enabled by default if you enable hsts - Access Log disabled - Error Log written to console -- PHP included, you can add php extensions, see aviable packages here: https://pkgs.alpinelinux.org/packages?branch=edge&name=php*&arch=x86_64 +- PHP included, you can add php extensions, see aviable packages [here](https://pkgs.alpinelinux.org/packages?branch=edge&repo=community&arch=x86_64&name=php8*-*) - allows different acme servers - up to 64 domains per cert allowed @@ -77,8 +77,8 @@ alias /var/www//; ``` b) Custom Nginx Configuration (advanced tab), which looks the following for file server and **php**: - Note: the slash at the end of the file path is important -- Note: you can replace `fastcgi_pass php82;` with `fastcgi_pass` `php7`/`php8`/`php81`/`php82` `;` -- Note: to add more php extension use the packes from [here](https://pkgs.alpinelinux.org/packages?branch=edge&name=php\*&arch=x86_64) and add them using the `PHP_APKS` env (see compose file) +- Note: you can replace `fastcgi_pass php82;` with `fastcgi_pass` `php81`/`php82` `;` +- Note: to add more php extension use the packes from [here](https://pkgs.alpinelinux.org/packages?branch=edge&repo=community&arch=x86_64&name=php8*-*) and add them using the `PHP_APKS` env (see compose file) ``` location / { alias /var/www//; @@ -94,7 +94,7 @@ if (!-f $document_root$fastcgi_script_name) {return 404;} 1. Open this file: `nano` `/opt/npm/ssl/certbot/config.ini` 2. uncomment the server line and change it to your acme server 3. maybe set eab keys -4. create your cert +4. create your cert using the npm web ui # Quick Setup @@ -121,7 +121,7 @@ services: - "TZ=Europe/Berlin" # - "NGINX_LOG_NOT_FOUND=true" # Allow logging of 404 errors # - "NPM_LISTEN_LOCALHOST=true" # Bind the NPM Dashboard on Port 81 only to localhost -# - "PHP_APKS=php7-curl php8-curl php81-curl php-82-curl" # Add php extensions, see aviable packages here: https://pkgs.alpinelinux.org/packages?branch=edge&name=php\*&arch=x86_64 +# - "PHP_APKS=php81-curl php-82-curl" # Add php extensions, see aviable packages here: https://pkgs.alpinelinux.org/packages?branch=edge&repo=community&arch=x86_64&name=php8*-* ``` 3. Bring up your stack by running (or deploy your portainer stack) diff --git a/compose.yaml b/compose.yaml index d8aeb415..dabd9fb5 100644 --- a/compose.yaml +++ b/compose.yaml @@ -13,4 +13,4 @@ services: - "TZ=Europe/Berlin" # - "NGINX_LOG_NOT_FOUND=true" # Allow logging of 404 errors # - "NPM_LISTEN_LOCALHOST=true" # Bind the NPM Dashboard on Port 81 only to localhost -# - "PHP_APKS=php7-curl php8-curl php81-curl php-82-curl" # Add php extensions, see aviable packages here: https://pkgs.alpinelinux.org/packages?branch=edge&name=php\*&arch=x86_64 +# - "PHP_APKS=php81-curl php-82-curl" # Add php extensions, see aviable packages here: https://pkgs.alpinelinux.org/packages?branch=edge&repo=community&arch=x86_64&name=php8*-* \ No newline at end of file diff --git a/frontend/package.json b/frontend/package.json index f1da2db2..096cd6dd 100644 --- a/frontend/package.json +++ b/frontend/package.json @@ -4,7 +4,7 @@ "description": "A beautiful interface for creating Nginx endpoints", "main": "js/index.js", "devDependencies": { - "@babel/core": "7.20.7", + "@babel/core": "7.20.12", "babel-core": "6.26.3", "babel-loader": "8.3.0", "babel-preset-env": "1.7.0", diff --git a/rootfs/bin/check-health.sh b/rootfs/bin/check-health.sh index 17593328..bd2f4223 100644 --- a/rootfs/bin/check-health.sh +++ b/rootfs/bin/check-health.sh @@ -1,6 +1,6 @@ #!/bin/bash -if (cgi-fcgi -bind -connect /dev/php7.sock &> /dev/null && cgi-fcgi -bind -connect /dev/php8.sock &> /dev/null && cgi-fcgi -bind -connect /dev/php81.sock &> /dev/null && cgi-fcgi -bind -connect /dev/php82.sock &> /dev/null && [ "$(wget -q --no-check-certificate https://127.0.0.1:81/api -O - | jq --raw-output '.status')" == "OK" ]); then +if (cgi-fcgi -bind -connect /dev/php81.sock &> /dev/null && cgi-fcgi -bind -connect /dev/php82.sock &> /dev/null && [ "$(wget -q --no-check-certificate https://127.0.0.1:81/api -O - | jq --raw-output '.status')" == "OK" ]); then echo "OK" exit 0 else diff --git a/rootfs/bin/start.sh b/rootfs/bin/start.sh index be1dc871..53425dcc 100644 --- a/rootfs/bin/start.sh +++ b/rootfs/bin/start.sh @@ -4,8 +4,8 @@ if [ -n "$PHP_APKS" ]; then if ! echo "$PHP_APKS" | grep -q "^[a-z0-9 _-]\+$"; then echo "You've set PHP_APKS but not to an allowed value. - It needs to be a string. Allowed are small letters a-z, digits 0-9, spaces, hyphens and underscores. - It is set to '$PHP_APKS'." || sleep inf +It needs to be a string. Allowed are small letters a-z, digits 0-9, spaces, hyphens and underscores. +It is set to "$PHP_APKS"." || sleep inf sleep inf || exit 1 fi @@ -13,32 +13,32 @@ if [ -n "$PHP_APKS" ]; then read -ra APKS_ARRAY <<< "$PHP_APKS" || sleep inf for apk in "${APKS_ARRAY[@]}"; do - if ! echo "$apk" | grep -q "php*"; then - echo "'$apk' is a non allowed value. - It needs to start with php. - It is set to '$apk'." || sleep inf + if ! echo "$apk" | grep -Eq "php81-.*|php82-.*"; then + echo ""$apk" is a non allowed value. +It needs to start with \"php81-\" or \"php82-\". +It is set to "$apk"." || sleep inf sleep inf || exit 1 fi - echo "Installing $apk via apk..." + echo "Installing "$apk" via apk..." if ! apk add --no-cache "$apk" &> /dev/null; then - echo "The packet $apk was not installed!" || sleep inf + echo "The packet "$apk" was not installed!" || sleep inf fi done fi mkdir -vp /data/tls/certbot/renewal \ - /data/tls/custom \ - /data/php \ - /data/nginx/redirection_host \ - /data/nginx/proxy_host \ - /data/nginx/dead_host \ - /data/nginx/stream \ - /data/nginx/custom \ - /data/nginx/access \ - /data/nginx/html \ - /tmp/acme-challenge || sleep inf + /data/tls/custom \ + /data/php \ + /data/nginx/redirection_host \ + /data/nginx/proxy_host \ + /data/nginx/dead_host \ + /data/nginx/stream \ + /data/nginx/custom \ + /data/nginx/access \ + /data/nginx/html \ + /tmp/acme-challenge || sleep inf if [ -f /data/nginx/default_host/site.conf ]; then mv -vn /data/nginx/default_host/site.conf /data/nginx/default.conf || sleep inf @@ -77,19 +77,21 @@ mv -v /data/ssl/* /data/tls || sleep inf fi rm -vrf /data/letsencrypt-acme-challenge \ - /data/nginx/default_host \ - /data/nginx/default_www \ - /data/nginx/streams \ - /data/nginx/temp \ - /data/index.html \ - /data/letsencrypt \ - /data/custom_ssl \ - /data/certbot \ - /data/access \ - /data/ssl \ - /data/logs \ - /data/error.log \ - /data/nginx/error.log || sleep inf + /data/nginx/default_host \ + /data/nginx/default_www \ + /data/nginx/streams \ + /data/nginx/temp \ + /data/index.html \ + /data/letsencrypt \ + /data/custom_ssl \ + /data/certbot \ + /data/access \ + /data/php/8 \ + /data/php/7 \ + /data/ssl \ + /data/logs \ + /data/error.log \ + /data/nginx/error.log || sleep inf find /data/nginx -type f -name '*.conf' -exec sed -i "s|/data/access|/data/nginx/access|g" {} \; || sleep inf @@ -141,11 +143,11 @@ touch /data/nginx/default.conf \ /data/nginx/custom/server_stream_udp.conf \ /usr/local/nginx/conf/conf.d/include/ip_ranges.conf || sleep inf -for phpv in $(ls -1 /etc | grep php | sed "s|php||g"); do cp -vrnT /etc/php$phpv /data/php/$phpv; done; -for phpv in $(ls -1 /etc | grep php | sed "s|php||g"); do sed -i "s|user =.*|user = root|" /data/php/$phpv/php-fpm.d/www.conf; done; -for phpv in $(ls -1 /etc | grep php | sed "s|php||g"); do sed -i "s|group =.*|group = root|" /data/php/$phpv/php-fpm.d/www.conf; done; -for phpv in $(ls -1 /etc | grep php | sed "s|php||g"); do sed -i "s|listen =.*|listen = /dev/php$phpv.sock|" /data/php/$phpv/php-fpm.d/www.conf; done; -for phpv in $(ls -1 /etc | grep php | sed "s|php||g"); do sed -i "s|include=.*|include=/data/php/$phpv/php-fpm.d/*.conf|g" /data/php/$phpv/php-fpm.conf; done; +for phpv in $(ls -1 /etc | grep php | sed "s|php||g"); do cp -vrnT /etc/php"$phpv" /data/php/"$phpv"; done; +for phpv in $(ls -1 /etc | grep php | sed "s|php||g"); do sed -i "s|user =.*|user = root|" /data/php/"$phpv"/php-fpm.d/www.conf; done; +for phpv in $(ls -1 /etc | grep php | sed "s|php||g"); do sed -i "s|group =.*|group = root|" /data/php/"$phpv"/php-fpm.d/www.conf; done; +for phpv in $(ls -1 /etc | grep php | sed "s|php||g"); do sed -i "s|listen =.*|listen = /dev/php"$phpv".sock|" /data/php/"$phpv"/php-fpm.d/www.conf; done; +for phpv in $(ls -1 /etc | grep php | sed "s|php||g"); do sed -i "s|include=.*|include=/data/php/"$phpv"/php-fpm.d/*.conf|g" /data/php/"$phpv"/php-fpm.conf; done; if [ "$NPM_LISTEN_LOCALHOST" == "true" ]; then sed -i "s/listen 81/listen 127.0.0.1:81/g" /usr/local/nginx/conf/conf.d/npm.conf || sleep inf @@ -161,16 +163,6 @@ nginx -T || sleep inf sleep inf || exit 1 fi -if ! cross-env PHP_INI_SCAN_DIR=/data/php/7/conf.d php-fpm7 -c /data/php/7 -y /data/php/7/php-fpm.conf -FORt &> /dev/null; then -cross-env PHP_INI_SCAN_DIR=/data/php/7/conf.d php-fpm7 -c /data/php/7 -y /data/php/7/php-fpm.conf -FORt || sleep inf -sleep inf || exit 1 -fi - -if ! cross-env PHP_INI_SCAN_DIR=/data/php/8/conf.d php-fpm8 -c /data/php/8 -y /data/php/8/php-fpm.conf -FORt &> /dev/null; then -cross-env PHP_INI_SCAN_DIR=/data/php/8/conf.d php-fpm8 -c /data/php/8 -y /data/php/8/php-fpm.conf -FORt || sleep inf -sleep inf || exit 1 -fi - if ! cross-env PHP_INI_SCAN_DIR=/data/php/81/conf.d php-fpm81 -c /data/php/81 -y /data/php/81/php-fpm.conf -FORt &> /dev/null; then cross-env PHP_INI_SCAN_DIR=/data/php/81/conf.d php-fpm81 -c /data/php/81 -y /data/php/81/php-fpm.conf -FORt || sleep inf sleep inf || exit 1 @@ -181,10 +173,8 @@ cross-env PHP_INI_SCAN_DIR=/data/php/82/conf.d php-fpm82 -c /data/php/82 -y /dat sleep inf || exit 1 fi -while (nginx -t &> /dev/null && cross-env PHP_INI_SCAN_DIR=/data/php/7/conf.d php-fpm7 -c /data/php/7 -y /data/php/7/php-fpm.conf -FORt &> /dev/null && cross-env PHP_INI_SCAN_DIR=/data/php/8/conf.d php-fpm8 -c /data/php/8 -y /data/php/8/php-fpm.conf -FORt &> /dev/null && cross-env PHP_INI_SCAN_DIR=/data/php/81/conf.d php-fpm81 -c /data/php/81 -y /data/php/81/php-fpm.conf -FORt &> /dev/null && cross-env PHP_INI_SCAN_DIR=/data/php/82/conf.d php-fpm82 -c /data/php/82 -y /data/php/82/php-fpm.conf -FORt &> /dev/null); do +while (nginx -t &> /dev/null && cross-env PHP_INI_SCAN_DIR=/data/php/81/conf.d php-fpm81 -c /data/php/81 -y /data/php/81/php-fpm.conf -FORt &> /dev/null && cross-env PHP_INI_SCAN_DIR=/data/php/82/conf.d php-fpm82 -c /data/php/82 -y /data/php/82/php-fpm.conf -FORt &> /dev/null); do nginx || exit 1 & -cross-env PHP_INI_SCAN_DIR=/data/php/7/conf.d php-fpm7 -c /data/php/7 -y /data/php/7/php-fpm.conf -FOR || exit 1 & -cross-env PHP_INI_SCAN_DIR=/data/php/8/conf.d php-fpm8 -c /data/php/8 -y /data/php/8/php-fpm.conf -FOR || exit 1 & cross-env PHP_INI_SCAN_DIR=/data/php/81/conf.d php-fpm81 -c /data/php/81 -y /data/php/81/php-fpm.conf -FOR || exit 1 & cross-env PHP_INI_SCAN_DIR=/data/php/82/conf.d php-fpm82 -c /data/php/82 -y /data/php/82/php-fpm.conf -FOR || exit 1 & node --abort_on_uncaught_exception --max_old_space_size=250 index.js || exit 1 & @@ -195,18 +185,10 @@ if ! nginx -t &> /dev/null; then nginx -T || exit 1 fi -if ! cross-env PHP_INI_SCAN_DIR=/data/php/7/conf.d php-fpm7 -c /data/php/7 -y /data/php/7/php-fpm.conf -FORt &> /dev/null; then -cross-env PHP_INI_SCAN_DIR=/data/php/7/conf.d php-fpm7 -c /data/php/7 -y /data/php/7/php-fpm.conf -FORt || exit 1 -fi - -if ! cross-env PHP_INI_SCAN_DIR=/data/php/8/conf.d php-fpm8 -c /data/php/8 -y /data/php/8/php-fpm.conf -FORt &> /dev/null; then -cross-env PHP_INI_SCAN_DIR=/data/php/8/conf.d php-fpm8 -c /data/php/8 -y /data/php/8/php-fpm.conf -FORt || exit 1 -fi - if ! cross-env PHP_INI_SCAN_DIR=/data/php/81/conf.d php-fpm81 -c /data/php/81 -y /data/php/81/php-fpm.conf -FORt &> /dev/null; then cross-env PHP_INI_SCAN_DIR=/data/php/81/conf.d php-fpm81 -c /data/php/81 -y /data/php/81/php-fpm.conf -FORt || exit 1 fi if ! cross-env PHP_INI_SCAN_DIR=/data/php/82/conf.d php-fpm82 -c /data/php/82 -y /data/php/82/php-fpm.conf -FORt &> /dev/null; then cross-env PHP_INI_SCAN_DIR=/data/php/82/conf.d php-fpm82 -c /data/php/82 -y /data/php/82/php-fpm.conf -FORt || exit 1 -fi +fi \ No newline at end of file diff --git a/rootfs/usr/local/nginx/conf/nginx.conf b/rootfs/usr/local/nginx/conf/nginx.conf index df42a195..251c32ee 100644 --- a/rootfs/usr/local/nginx/conf/nginx.conf +++ b/rootfs/usr/local/nginx/conf/nginx.conf @@ -56,14 +56,6 @@ http { '' close; } - upstream php7 { - server unix:/dev/php7.sock; - } - - upstream php8 { - server unix:/dev/php8.sock; - } - upstream php81 { server unix:/dev/php81.sock; }