FROM debian:jessie MAINTAINER Ric Harvey # Surpress Upstart errors/warning RUN dpkg-divert --local --rename --add /sbin/initctl RUN ln -sf /bin/true /sbin/initctl # Let the conatiner know that there is no tty ENV DEBIAN_FRONTEND noninteractive # Update base image # Add sources for latest nginx # Add PHP packages from dotdeb # Install software requirements ADD nginx_signing.key /nginx_signing.key ADD dotdeb.gpg /dotdeb.gpg RUN apt-get update && \ apt-get upgrade -y && \ echo deb http://nginx.org/packages/mainline/debian/ jessie nginx >> /etc/apt/sources.list && \ echo deb-src http://nginx.org/packages/mainline/debian/ jessie nginx >> /etc/apt/sources.list && \ apt-key add /nginx_signing.key && \ echo deb http://packages.dotdeb.org jessie all >> /etc/apt/sources.list && \ echo deb-src http://packages.dotdeb.org jessie all >> /etc/apt/sources.list && \ apt-key add /dotdeb.gpg && \ BUILD_PACKAGES="supervisor nginx php5-fpm git php5-mysql php5-mysql php-apc php5-curl php5-gd php5-intl php-pear php5-imagick php5-imap php5-mcrypt php5-memcache php5-pspell php5-recode php5-sqlite php5-tidy php5-xmlrpc php5-xsl php5-pgsql php5-mongo pwgen" && \ apt-get -y install $BUILD_PACKAGES && \ apt-get clean && \ apt-get autoclean && \ echo -n > /var/lib/apt/extended_states && \ rm -rf /var/lib/apt/lists/* && \ rm -rf /usr/share/man/?? && \ rm -rf /usr/share/man/??_* # tweak nginx config RUN sed -i -e"s/worker_processes 1/worker_processes 5/" /etc/nginx/nginx.conf && \ sed -i -e"s/keepalive_timeout\s*65/keepalive_timeout 2/" /etc/nginx/nginx.conf && \ sed -i -e"s/keepalive_timeout 2/keepalive_timeout 2;\n\tclient_max_body_size 100m/" /etc/nginx/nginx.conf && \ sed -i "s/.*conf\.d\/\*\.conf;.*/&\n include \/etc\/nginx\/sites-enabled\/\*;/" /etc/nginx/nginx.conf && \ echo "daemon off;" >> /etc/nginx/nginx.conf # tweak php-fpm config RUN sed -i -e "s/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g" /etc/php5/fpm/php.ini && \ sed -i -e "s/upload_max_filesize\s*=\s*2M/upload_max_filesize = 100M/g" /etc/php5/fpm/php.ini && \ sed -i -e "s/post_max_size\s*=\s*8M/post_max_size = 100M/g" /etc/php5/fpm/php.ini && \ sed -i -e "s/;daemonize\s*=\s*yes/daemonize = no/g" /etc/php5/fpm/php-fpm.conf && \ sed -i -e "s/;catch_workers_output\s*=\s*yes/catch_workers_output = yes/g" /etc/php5/fpm/pool.d/www.conf && \ sed -i -e "s/pm.max_children = 5/pm.max_children = 9/g" /etc/php5/fpm/pool.d/www.conf && \ sed -i -e "s/pm.start_servers = 2/pm.start_servers = 3/g" /etc/php5/fpm/pool.d/www.conf && \ sed -i -e "s/pm.min_spare_servers = 1/pm.min_spare_servers = 2/g" /etc/php5/fpm/pool.d/www.conf && \ sed -i -e "s/pm.max_spare_servers = 3/pm.max_spare_servers = 4/g" /etc/php5/fpm/pool.d/www.conf && \ sed -i -e "s/pm.max_requests = 500/pm.max_requests = 200/g" /etc/php5/fpm/pool.d/www.conf # fix ownership of sock file for php-fpm as our version of nginx runs as nginx RUN sed -i -e "s/user = www-data/user = nginx/g" /etc/php5/fpm/pool.d/www.conf && \ sed -i -e "s/group = www-data/group = nginx/g" /etc/php5/fpm/pool.d/www.conf && \ sed -i -e "s/listen.owner = www-data/listen.owner = nginx/g" /etc/php5/fpm/pool.d/www.conf && \ sed -i -e "s/listen.group = www-data/listen.group = nginx/g" /etc/php5/fpm/pool.d/www.conf && \ sed -i -e "s/;listen.mode = 0660/listen.mode = 0750/g" /etc/php5/fpm/pool.d/www.conf && \ find /etc/php5/cli/conf.d/ -name "*.ini" -exec sed -i -re 's/^(\s*)#(.*)/\1;\2/g' {} \; # nginx site conf RUN rm -Rf /etc/nginx/conf.d/* && \ mkdir -p /etc/nginx/sites-available/ && \ mkdir -p /etc/nginx/sites-enabled/ && \ mkdir -p /etc/nginx/ssl/ ADD ./nginx-site.conf /etc/nginx/sites-available/default.conf RUN ln -s /etc/nginx/sites-available/default.conf /etc/nginx/sites-enabled/default.conf # Add git commands to allow container updating ADD ./pull /usr/bin/pull ADD ./push /usr/bin/push RUN chmod 755 /usr/bin/pull && chmod 755 /usr/bin/push # Supervisor Config ADD ./supervisord.conf /etc/supervisord.conf # Start Supervisord ADD ./start.sh /start.sh RUN chmod 755 /start.sh # Setup Volume VOLUME ["/usr/share/nginx/html"] # add test PHP file ADD ./index.php /usr/share/nginx/html/index.php RUN chown -Rf www-data.www-data /usr/share/nginx/html/ # Expose Ports EXPOSE 443 EXPOSE 80 CMD ["/bin/bash", "/start.sh"]