initial commit

Author: ianlintner

Dockerfile

@@ -0,0 +1,115 @@
+FROM ubuntu:14.04
+
+MAINTAINER Ian Lintner "[email protected]"
+ENV DEBIAN_FRONTEND noninteractive
+
+# Ensure UTF-8
+RUN locale-gen en_US.UTF-8
+ENV LANG       en_US.UTF-8
+ENV LC_ALL     en_US.UTF-8
+
+#ENV SMTP_HOST smtp.gmail.com
+#ENV SMTP_PORT 587
+#ENV SMTP_FROMNAME My Name
+#ENV SMTP_USERNAME [email protected]
+#ENV SMTP_PASSWORD secret
+
+ENV TERM xterm
+ENV PHP_OPCACHE enabled
+# Update system
+RUN apt-get update && apt-get dist-upgrade -y
+
+# Prevent restarts when installing
+RUN echo '#!/bin/sh\nexit 101' > /usr/sbin/policy-rc.d && chmod +x /usr/sbin/policy-rc.d
+
+# Basic packages
+RUN apt-get -y install php5-fpm php5-mysql php-apc php5-imagick php5-imap php5-mcrypt php5-curl php5-cli php5-gd php5-pgsql php5-sqlite php5-common php-pear curl php5-json php5-redis php5-memcache 
+RUN apt-get -y install nginx-extras git curl supervisor
+RUN apt-get -y install nano
+#RUN apt-get -y install msmtp msmtp-mta
+
+RUN php5enmod mcrypt
+
+RUN /usr/bin/curl -sS https://getcomposer.org/installer | /usr/bin/php
+RUN /bin/mv composer.phar /usr/local/bin/composer
+RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+# Install Composer and Drush
+RUN /usr/local/bin/composer self-update
+RUN /usr/local/bin/composer global require drush/drush:6.*
+RUN ln -s /root/.composer/vendor/drush/drush/drush /usr/local/bin/drush
+
+# Prepare directory
+RUN mkdir /var/www
+RUN usermod -u 1000 www-data
+RUN usermod -a -G users www-data
+RUN chown -R www-data:www-data /var/www
+
+EXPOSE 80
+EXPOSE 443
+WORKDIR /var/www
+VOLUME ["/var/www/sites/default/files"]
+CMD ["/usr/bin/supervisord", "-n"]
+
+# Startup script
+# This startup script wll configure nginx
+ADD ./startup.sh /opt/startup.sh
+RUN chmod +x /opt/startup.sh
+
+#ADD ./mail.sh /opt/mail.sh
+#RUN chmod +x /opt/mail.sh
+
+ADD ./cron.sh /opt/cron.sh
+RUN chmod +x /opt/cron.sh
+
+# We want it empty
+#RUN touch /etc/msmtprc
+#RUN chgrp mail /etc/msmtprc
+#RUN chmod 660 /etc/msmtprc
+#RUN touch /var/log/supervisor/msmtp.log
+#RUN chgrp mail /var/log/supervisor/msmtp.log
+#RUN chmod 660 /var/log/supervisor/msmtp.log
+#RUN adduser www-data mail
+
+#RUN rm /usr/sbin/sendmail
+#RUN rm /usr/lib/sendmail
+
+#RUN ln -s /usr/bin/msmtp /usr/sbin/sendmail
+#RUN ln -s /usr/bin/msmtp /usr/bin/sendmail
+#RUN ln -s /usr/bin/msmtp /usr/lib/sendmail
+
+RUN mkdir -p /var/cache/nginx/microcache
+
+RUN mkdir -p /etc/nginx/ssl
+RUN openssl req -x509 -nodes -days 365 -newkey rsa:2048 -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.example.com" -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt
+
+
+### Add configuration files
+# Supervisor
+ADD ./config/supervisor/supervisord-nginx.conf /etc/supervisor/conf.d/supervisord-nginx.conf
+
+# PHP
+ADD ./config/php/www.conf /etc/php5/fpm/pool.d/www.conf
+ADD ./config/php/php.ini /etc/php5/fpm/php.ini
+
+# Nginx
+ADD ./config/nginx/blacklist.conf /etc/nginx/blacklist.conf
+ADD ./config/nginx/drupal.conf /etc/nginx/drupal.conf
+ADD ./config/nginx/drupal_upload_progress.conf /etc/nginx/drupal_upload_progress.conf
+ADD ./config/nginx/fastcgi.conf /etc/nginx/fastcgi.conf
+ADD ./config/nginx/fastcgi_drupal.conf /etc/nginx/fastcgi_drupal.conf
+ADD ./config/nginx/fastcgi_microcache_zone.conf /etc/nginx/fastcgi_microcache_zone.conf
+ADD ./config/nginx/fastcgi_no_args_drupal.conf /etc/nginx/fastcgi_no_args_drupal.conf
+ADD ./config/nginx/map_cache.conf /etc/nginx/map_cache.conf
+ADD ./config/nginx/microcache_fcgi.conf /etc/nginx/microcache_fcgi.conf
+ADD ./config/nginx/microcache_fcgi_auth.conf /etc/nginx/microcache_fcgi_auth.conf
+ADD ./config/nginx/mime.types /etc/nginx/mime.types
+ADD ./config/nginx/nginx.conf /etc/nginx/nginx.conf
+ADD ./config/nginx/upstream_phpcgi_unix.conf /etc/nginx/upstream_phpcgi_unix.conf
+ADD ./config/nginx/map_block_http_methods.conf /etc/nginx/map_block_http_methods.conf
+ADD ./config/nginx/map_https_fcgi.conf /etc/nginx/map_https_fcgi.conf
+ADD ./config/nginx/nginx_status_allowed_hosts.conf /etc/nginx/nginx_status_allowed_hosts.conf
+ADD ./config/nginx/cron_allowed_hosts.conf /etc/nginx/cron_allowed_hosts.conf
+ADD ./config/nginx/php_fpm_status_allowed_hosts.conf /etc/nginx/php_fpm_status_allowed_hosts.conf
+ADD ./config/nginx/default /etc/nginx/sites-enabled/default
+

Makefile

@@ -0,0 +1,10 @@
+CURRENT_DIRECTORY := $(shell pwd)
+
+build:
+	@docker build --tag=espressodev/nginx-drupal:latest $(CURRENT_DIRECTORY)
+
+build-no-cache:
+	@docker build --no-cache --tag=espressodev/nginx-drupal:latest $(CURRENT_DIRECTORY)
+
+.PHONY: build
+

README.md

@@ -0,0 +1,63 @@
+# Docker image with Nginx and PHP 5.5.9 optimized for Drupal 7
+This image is build using Ubuntu 14.04 with Nginx and PHP 5.5.9 and is optimized to run Drupal 7.
+It can run Drupal 6 but most likelly you'll have PHP errors depending on the modules you have installed. In that case is recommended to use the image iiiepe/nginx-drupal6 or iiiepe/apache-drupal6
+
+Includes:
+
+- nginx
+- php
+- composer
+- drush
+
+Important:
+
+- Logs are at /var/log/supervisor so you can map that directory
+- Application root directory is /var/www so make sure you map the application there
+- Nginx configuration was provided by https://github.com/perusio/drupal-with-nginx but it's modified
+
+## To build
+
+    $ make build
+
+    or
+
+    $ docker build -t yourname/nginx-drupal .
+
+
+## To run
+Nginx will look for files in /var/www so you need to map your application to that directory.
+
+    $ docker run -d -p 8000:80 -v application:/var/www yourname/nginx-drupal
+
+If you want to link the container to a MySQL/MariaDB contaier do:
+
+    $ docker run -d -p 8000:80 -v application:/var/www my_mysql_container:mysql yourname/nginx-drupal
+
+The startup.sh script will add the environment variables with MYSQL_ to /etc/php5/fpm/pool.d/env.conf so PHP-FPM detects them. If you need to use them you can do:
+<?php getenv("SOME_ENV_VARIABLE_THAT_HAS_MYSQL_IN_THE_NAME"); ?>
+
+## Fig
+
+    mysql:
+      image: mysql
+      expose:
+        - "3306"
+      environment:
+        MYSQL_ROOT_PASSWORD: 123
+    web:
+      image: iiiepe/nginx-drupal
+      volumes:
+        - application:/var/www
+        - logs:/var/log/supervisor
+      ports:
+        - "80:80"
+      links:
+        - "mysql:mysql"
+
+## Running Drush
+With Fig this is actually easier and is the recommended way since if you're running Docker without fig, you'll have to link all containers before you run drush.
+
+    $ fig run --rm web drush
+
+### License
+Released under the MIT License.

config/nginx/blacklist.conf

@@ -0,0 +1,25 @@
+#-*- mode: nginx; mode: flyspell-prog; ispell-local-dictionary: "american" -*-
+### This file implements a blacklist for certain user agents and
+### referrers. It's a first line of defense. It must be included
+### inside a http block.
+
+
+## Add here all user agents that are to be blocked.
+map $http_user_agent $bad_bot {
+    default 0;
+    ~*^Lynx 0; # Let Lynx go through
+    libwww-perl                      1;
+    ~(?i)(httrack|htmlparser|libwww) 1;
+}
+
+## Add here all referrers that are to blocked.
+map $http_referer $bad_referer {
+    default 0;
+    ~(?i)(adult|babes|click|diamond|forsale|girl|jewelry|love|nudit|organic|poker|porn|poweroversoftware|sex|teen|webcam|zippo|casino|replica) 1;
+}
+
+## Add here all hosts that should be spared any referrer checking.
+geo $bad_referer {
+    127.0.0.1 0;
+    192.168.1.0/24 0;
+}

config/nginx/cron_allowed_hosts.conf

@@ -0,0 +1,10 @@
+# -*- mode: nginx; mode:autopair; mode: flyspell-prog; ispell-local-dictionary: "american" -*-
+### Configuration file for specifying which hosts can invoke Drupal's
+### cron. This only applies if you're not using drush to run cron.
+
+geo $not_allowed_cron {
+    default 1;
+    ## Add your set of hosts.
+    127.0.0.1 0; # allow the localhost
+    192.168.1.0/24 0; # allow on an internal network
+}

config/nginx/default

@@ -0,0 +1,34 @@
+server {
+	listen 80 default_server; # IPv4
+
+
+	# listen [fe80::202:b3ff:fe1e:8328]:80 default_server ipv6only=on; # IPv6
+  server_name _;
+  listen 443 ssl;
+  ssl_certificate /etc/nginx/ssl/nginx.crt;
+  ssl_certificate_key /etc/nginx/ssl/nginx.key;
+
+	limit_conn arbeit 32;
+
+
+  ## Access and error logs.
+	access_log /var/log/supervisor/nginx-access.log;
+  error_log /var/log/supervisor/nginx-error.log;
+
+  ## See the blacklist.conf file at the parent dir: /etc/nginx.
+  ## Deny access based on the User-Agent header.
+  if ($bad_bot) {
+      return 444;
+  }
+  ## Deny access based on the Referer header.
+  if ($bad_referer) {
+      return 444;
+  }
+
+  ## Filesystem root of the site and index.
+  root /var/www/docroot;
+  index index.php;
+  fastcgi_keep_conn on; # keep alive to the FCGI upstream
+  include drupal.conf;
+  include drupal_upload_progress.conf;
+}