From bd1994a61fadfab66eb9cbf9e0f5fecb10c113fe Mon Sep 17 00:00:00 2001 From: luming Date: Mon, 15 Jan 2024 14:17:20 +0800 Subject: [PATCH] add caddyserver with php-fpm. --- caddy-with-php/Dockerfile | 90 +++--- caddy-with-php/config/Caddyfile | 30 +- caddy-with-php/config/Caddyfile.php-fpm | 6 + caddy-with-php/config/index.html | 394 ++++++++++++++++++++++++ caddy-with-php/entry.sh | 9 +- caddy-with-php/entrypoint.sh | 6 + php-fpm/8.1/Dockerfile | 2 +- php-fpm/8.1/buildx/Dockerfile | 2 +- php-fpm/8.2/Dockerfile | 2 +- php-fpm/8.2/buildx/Dockerfile | 2 +- php-fpm/8.3/Dockerfile | 2 +- php-fpm/8.3/buildx/Dockerfile | 2 +- 12 files changed, 499 insertions(+), 48 deletions(-) create mode 100644 caddy-with-php/config/Caddyfile.php-fpm create mode 100644 caddy-with-php/config/index.html create mode 100644 caddy-with-php/entrypoint.sh diff --git a/caddy-with-php/Dockerfile b/caddy-with-php/Dockerfile index 3aa07b1..6ad467f 100644 --- a/caddy-with-php/Dockerfile +++ b/caddy-with-php/Dockerfile @@ -3,6 +3,9 @@ FROM caddy:alpine as caddy-build FROM php:8.3-fpm-alpine3.19 LABEL maintainer="rainerosion " +ENV XDG_CONFIG_HOME /config +ENV XDG_DATA_HOME /data + # build dependencies ENV BUILD_DEPS \ libzip-dev \ @@ -61,41 +64,56 @@ ARG UID=1000 ARG GUID=1000 # fpm user ARG USER=www-data -RUN set -eux && \ - sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories && \ - apk update && \ - apk add --no-cache $RUN_DEPS && \ - usermod -u $UID -o $USER && \ - groupmod -g $GUID -o $USER && \ - apk add --no-cache --virtual .build-deps $BUILD_DEPS && \ - docker-php-ext-configure gd --enable-gd --with-jpeg --with-webp --with-freetype && \ - docker-php-ext-install -j $(nproc) $PHP_EXTENSIONS && \ - pecl install -o -f redis && \ - pecl install memcached imagick && \ - docker-php-ext-enable redis memcached imagick && \ - apk del .build-deps \ - -# web server +# web server and php-fpm RUN set -eux; \ - apkArch="$(apk --print-arch)"; \ - case "$apkArch" in \ - x86_64) binArch='amd64'; checksum='b74311ec8263f30f6d36e5c8be151e8bc092b377789a55300d5671238b9043de5bd6db2bcefae32aa1e6fe94c47bbf02982c44a7871e5777b2596fdb20907cbf' ;; \ - armhf) binArch='armv6'; checksum='88756642ca412db3a8da7a40b518861a6f524a8ac704021e8451d3cb38746f24243b1e561f4eec07e1575200d06bfd098783d2b7ee7ee07a971aed1c677da6e6' ;; \ - armv7) binArch='armv7'; checksum='118776e879c280556abb7c03ff7c0081eda23c2aee0472aef176f733785e9501defaeaf334cd2443e31294809beafaea831d2e695aa68045160082aa3a966e2f' ;; \ - aarch64) binArch='arm64'; checksum='62252ade5e8dcec13a66154ee1978d959370be049cce52e7c4edefff14ef70bbb21630e3735092719bc3c31214e89dff99e55970ff0adec8ac0a94c6415b059a' ;; \ - ppc64el|ppc64le) binArch='ppc64le'; checksum='65d27fe53f5e4fa79f3476f8902071c907aab74db1a2616342be3714d4252219fbb53b174ef588e20c51e7cfac84376c7a0a608091c2fe83b31dbf59dabeb237' ;; \ - s390x) binArch='s390x'; checksum='c562190962a2db0248a4190616dd2ebaa02df2cf62f1a2c71f9d9de18af2a297df8000a06a11e8d3929dfd64f0c081d1e61961687ca220007459f2dbd0be2c81' ;; \ - *) echo >&2 "error: unsupported architecture ($apkArch)"; exit 1 ;;\ - esac; \ - wget -O /tmp/caddy.tar.gz "https://github.com/caddyserver/caddy/releases/download/v2.7.6/caddy_2.7.6_linux_${binArch}.tar.gz"; \ - echo "$checksum /tmp/caddy.tar.gz" | sha512sum -c; \ - tar x -z -f /tmp/caddy.tar.gz -C /usr/bin caddy; \ - rm -f /tmp/caddy.tar.gz; \ - setcap cap_net_bind_service=+ep /usr/bin/caddy; \ - chmod +x /usr/bin/caddy; \ - caddy version \ -ENV XDG_CONFIG_HOME /config -ENV XDG_DATA_HOME /data -EXPOSE 80 443 2019 + sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories; \ + apk update; \ + apk add --no-cache $RUN_DEPS; \ + usermod -u $UID -o $USER; \ + groupmod -g $GUID -o $USER; \ + apk add --no-cache --virtual .build-deps $BUILD_DEPS; \ + mkdir -p \ + /config/caddy \ + /data/caddy \ + /etc/caddy \ + /usr/share/caddy ; \ + wget -O /etc/caddy/Caddyfile "https://p.iblog.site/https://github.com/caddyserver/dist/raw/cd39178d252a610fee6aa8465c787d9c780007a2/config/Caddyfile"; \ + wget -O /usr/share/caddy/index.html "https://p.iblog.site/https://github.com/caddyserver/dist/raw/cd39178d252a610fee6aa8465c787d9c780007a2/welcome/index.html"; \ + echo " /usr/share/caddy/info.php; \ + apkArch="$(apk --print-arch)"; \ + case "$apkArch" in \ + x86_64) binArch='amd64'; checksum='b74311ec8263f30f6d36e5c8be151e8bc092b377789a55300d5671238b9043de5bd6db2bcefae32aa1e6fe94c47bbf02982c44a7871e5777b2596fdb20907cbf' ;; \ + armhf) binArch='armv6'; checksum='88756642ca412db3a8da7a40b518861a6f524a8ac704021e8451d3cb38746f24243b1e561f4eec07e1575200d06bfd098783d2b7ee7ee07a971aed1c677da6e6' ;; \ + armv7) binArch='armv7'; checksum='118776e879c280556abb7c03ff7c0081eda23c2aee0472aef176f733785e9501defaeaf334cd2443e31294809beafaea831d2e695aa68045160082aa3a966e2f' ;; \ + aarch64) binArch='arm64'; checksum='62252ade5e8dcec13a66154ee1978d959370be049cce52e7c4edefff14ef70bbb21630e3735092719bc3c31214e89dff99e55970ff0adec8ac0a94c6415b059a' ;; \ + ppc64el|ppc64le) binArch='ppc64le'; checksum='65d27fe53f5e4fa79f3476f8902071c907aab74db1a2616342be3714d4252219fbb53b174ef588e20c51e7cfac84376c7a0a608091c2fe83b31dbf59dabeb237' ;; \ + s390x) binArch='s390x'; checksum='c562190962a2db0248a4190616dd2ebaa02df2cf62f1a2c71f9d9de18af2a297df8000a06a11e8d3929dfd64f0c081d1e61961687ca220007459f2dbd0be2c81' ;; \ + *) echo >&2 "error: unsupported architecture ($apkArch)"; exit 1 ;;\ + esac; \ + wget -O /tmp/caddy.tar.gz "https://github.com/caddyserver/caddy/releases/download/v2.7.6/caddy_2.7.6_linux_${binArch}.tar.gz"; \ + echo "$checksum /tmp/caddy.tar.gz" | sha512sum -c; \ + tar x -z -f /tmp/caddy.tar.gz -C /usr/bin caddy; \ + rm -f /tmp/caddy.tar.gz; \ + setcap cap_net_bind_service=+ep /usr/bin/caddy; \ + chmod +x /usr/bin/caddy; \ + caddy version; \ +# docker-php-ext-configure gd --enable-gd --with-jpeg --with-webp --with-freetype; \ +# docker-php-ext-install -j $(nproc) $PHP_EXTENSIONS; \ +# pecl install -o -f redis; \ +# pecl install memcached imagick; \ +# docker-php-ext-enable redis memcached imagick; \ + apk del .build-deps; \ + curl --tlsv1 -v -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer; + +EXPOSE 80 +EXPOSE 443 +EXPOSE 2019 EXPOSE 443/udp -WORKDIR /srv \ No newline at end of file + +COPY entrypoint.sh /usr/local/bin/ +RUN chmod +x /usr/local/bin/entrypoint.sh + +WORKDIR /srv + +ENTRYPOINT ["entrypoint.sh"] +CMD ["caddy","run","--config","/etc/caddy/Caddyfile","--adapter","caddyfile"] \ No newline at end of file diff --git a/caddy-with-php/config/Caddyfile b/caddy-with-php/config/Caddyfile index bdba522..3b22e2c 100644 --- a/caddy-with-php/config/Caddyfile +++ b/caddy-with-php/config/Caddyfile @@ -1,6 +1,26 @@ +# The Caddyfile is an easy way to configure your Caddy web server. +# +# Unless the file starts with a global options block, the first +# uncommented line is always the address of your site. +# +# To use your own domain name (with automatic HTTPS), first make +# sure your domain's A/AAAA DNS records are properly pointed to +# this machine's public IP, then replace ":80" below with your +# domain name. + :80 { - encode gzip - root * /www/websites/public - php_fastcgi php-fpm:9000 - file_server -} \ No newline at end of file + # Set this path to your site's directory. + root * /usr/share/caddy + + # Enable the static file server. + file_server + + # Another common task is to set up a reverse proxy: + # reverse_proxy localhost:8080 + + # Or serve a PHP site through php-fpm: + # php_fastcgi localhost:9000 +} + +# Refer to the Caddy docs for more information: +# https://caddyserver.com/docs/caddyfile \ No newline at end of file diff --git a/caddy-with-php/config/Caddyfile.php-fpm b/caddy-with-php/config/Caddyfile.php-fpm new file mode 100644 index 0000000..d4533f1 --- /dev/null +++ b/caddy-with-php/config/Caddyfile.php-fpm @@ -0,0 +1,6 @@ +:80 { + encode gzip + root * /www/websites/public + php_fastcgi 127.0.0.1:9000 + file_server +} \ No newline at end of file diff --git a/caddy-with-php/config/index.html b/caddy-with-php/config/index.html new file mode 100644 index 0000000..d85128a --- /dev/null +++ b/caddy-with-php/config/index.html @@ -0,0 +1,394 @@ + + + + Caddy works! + + + + + + + +
+
+
+
+ + + + + + + + + + +

+ Congratulations! + おめでとう! + Felicidades! + 恭喜! + बधाई हो! + Поздравляю! + Вітаю! + 🎊 +

+ +

+ Your web server is working. Now make it work for you. 💪 +

+

+ Caddy is ready to serve your site over HTTPS: +

+
    +
  1. Point your domain's A/AAAA DNS records at this machine.
    2. +
  2. Upload your site's files to /var/www/html. +
  3. + Edit your Caddyfile at /etc/caddy/Caddyfile: +
      +
    1. Replace :80 with your domain name
      2. +
    2. Change the site root to /var/www/html
      3. +
    +
    4. +
  4. Reload the configuration: systemctl reload caddy
    5. +
  5. Visit your site!
    6. +
+

If that worked 🥳

+

+ Awesome! You won't have to look at this slanted page anymore. +

+

+ Remember, Caddy can do a lot more than serve static files. It's also a powerful reverse proxy and + application platform. You can use the Caddyfile to enable any other features you need. Or you could use + Caddy's API to configure it programmatically. +

+

+ Everything you need to know is either in the 📖 Caddy + documentation or the manual for your OS/platform. Have fun! +

+ +

If that didn't work 😶

+

+ It's okay, you can fix it! First check the following things: +

+
    +
  • Service status: systemctl status caddy
    • +
  • Logs: journalctl --no-pager -u caddy
    • +
  • Are your site's files readable by the caddy user and group? ls -la /var/www/html
    • +
  • Is the caddy home directory writeable? ls -la /var/lib/caddy
    • +
  • Ensure your domain's A and/or AAAA records point to your machine's public IP address: + dig example.com
    • +
  • Are your ports 80 and 443 externally reachable, and is Caddy able to bind to them? Check your + firewalls, port forwarding, and other network configuration.
    • +
+

+ WAIT! Before trying again, switch to Let's Encrypt's staging environment to + avoid being accidentally rate limited. Once you + get everything else working, it's safe to switch back. +

+

+ Depending on your DNS provider, it may take a while for the DNS records to propagate. Even when + everything is configured properly, automated challenges to obtain TLS certificates usually take several + seconds, but may take up to several minutes or hours. +

+ If you still need help, we have a great community! First try a search, and if your question is original, go ahead + and ask it! Remember to pay it forward and help others too. 😁 +

+

+ Visit Caddy on: + GitHub + or + Twitter + or + Our Forum +

+
+
+ +
+ © Copyright The Caddy Authors + +
+ The Caddy project is not responsible for the content, disposition, or behavior of this Web + property, which is independently owned and maintained. For inquiries, please contact the site owner or + hosting provider. +
+
+ + + + \ No newline at end of file diff --git a/caddy-with-php/entry.sh b/caddy-with-php/entry.sh index 8eda8e6..5d04eab 100644 --- a/caddy-with-php/entry.sh +++ b/caddy-with-php/entry.sh @@ -3,4 +3,11 @@ if [ "${1}" = "-D" ]; then exec /usr/bin/supervisord -n -c /etc/supervisord.conf else exec "$@" -fi \ No newline at end of file +fi + +# first arg is `-f` or `--some-option` +#if [ "${1#-}" != "$1" ]; then +# set -- php-fpm "$@" +#fi +# +#exec "$@" \ No newline at end of file diff --git a/caddy-with-php/entrypoint.sh b/caddy-with-php/entrypoint.sh new file mode 100644 index 0000000..2f1f911 --- /dev/null +++ b/caddy-with-php/entrypoint.sh @@ -0,0 +1,6 @@ +#!/bin/sh +set -e +# php-fpm daemonize +php-fpm -D +# start caddy +exec "$@" \ No newline at end of file diff --git a/php-fpm/8.1/Dockerfile b/php-fpm/8.1/Dockerfile index ea68ca2..5a6969c 100644 --- a/php-fpm/8.1/Dockerfile +++ b/php-fpm/8.1/Dockerfile @@ -1,7 +1,7 @@ FROM composer:latest as composer-build FROM php:8.1-fpm-alpine3.17 -MAINTAINER rainerosion "admin@rainss.cn" +LABEL maintainer="rainerosion " COPY --from=composer-build /usr/bin/composer /usr/bin/composer # build dependencies diff --git a/php-fpm/8.1/buildx/Dockerfile b/php-fpm/8.1/buildx/Dockerfile index 3a3f04a..0c91eb9 100644 --- a/php-fpm/8.1/buildx/Dockerfile +++ b/php-fpm/8.1/buildx/Dockerfile @@ -1,7 +1,7 @@ FROM --platform=$TARGETPLATFORM composer:latest as composer-build FROM --platform=$TARGETPLATFORM php:8.1-fpm-alpine3.17 -MAINTAINER rainerosion "admin@rainss.cn" +LABEL maintainer="rainerosion " COPY --from=composer-build /usr/bin/composer /usr/bin/composer # build dependencies diff --git a/php-fpm/8.2/Dockerfile b/php-fpm/8.2/Dockerfile index a1359ba..83b9f22 100644 --- a/php-fpm/8.2/Dockerfile +++ b/php-fpm/8.2/Dockerfile @@ -1,7 +1,7 @@ FROM composer:latest as composer-build FROM php:8.2-fpm-alpine3.19 -MAINTAINER rainerosion "admin@rainss.cn" +LABEL maintainer="rainerosion " COPY --from=composer-build /usr/bin/composer /usr/bin/composer # build dependencies diff --git a/php-fpm/8.2/buildx/Dockerfile b/php-fpm/8.2/buildx/Dockerfile index 86fa749..24c0053 100644 --- a/php-fpm/8.2/buildx/Dockerfile +++ b/php-fpm/8.2/buildx/Dockerfile @@ -1,7 +1,7 @@ FROM --platform=$TARGETPLATFORM composer:latest as composer-build FROM --platform=$TARGETPLATFORM php:8.2-fpm-alpine3.19 -MAINTAINER rainerosion "admin@rainss.cn" +LABEL maintainer="rainerosion " COPY --from=composer-build /usr/bin/composer /usr/bin/composer # build dependencies diff --git a/php-fpm/8.3/Dockerfile b/php-fpm/8.3/Dockerfile index 3a0e2cd..00b0281 100644 --- a/php-fpm/8.3/Dockerfile +++ b/php-fpm/8.3/Dockerfile @@ -1,7 +1,7 @@ FROM composer:latest as composer-build FROM php:8.3-fpm-alpine3.19 -MAINTAINER rainerosion "admin@rainss.cn" +LABEL maintainer="rainerosion " COPY --from=composer-build /usr/bin/composer /usr/bin/composer # build dependencies diff --git a/php-fpm/8.3/buildx/Dockerfile b/php-fpm/8.3/buildx/Dockerfile index ca0c2f5..a1c11bb 100644 --- a/php-fpm/8.3/buildx/Dockerfile +++ b/php-fpm/8.3/buildx/Dockerfile @@ -1,7 +1,7 @@ FROM --platform=$TARGETPLATFORM composer:latest as composer-build FROM --platform=$TARGETPLATFORM php:8.3-fpm-alpine3.19 -MAINTAINER rainerosion "admin@rainss.cn" +LABEL maintainer="rainerosion " COPY --from=composer-build /usr/bin/composer /usr/bin/composer # build dependencies