start project

codestepz · Dec 6, 2017 · f6cb59d · f6cb59d
1 parent 2d8a0fe
commit f6cb59d
Show file tree

Hide file tree

Showing 9 changed files with 218 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -1,2 +1 @@
 # vultr-ssl-free
-Set Up Server by Vultr with Let's Encrypt (SSL) 
diff --git a/build/php7fpm/Dockerfile b/build/php7fpm/Dockerfile
@@ -0,0 +1,12 @@
+FROM php:7.1.12-fpm
+LABEL Eakkabin Jaikeawma <[email protected]>
+
+RUN apt-get update && apt-get install -y curl libpcre3-dev libssl-dev libssl1.0.0 --no-install-recommends \
+    && docker-php-ext-install -j$(nproc) iconv mysqli pdo pdo_mysql mbstring \
+    && apt-get clean && apt-get autoremove \
+    && rm -r /var/lib/apt/lists/* && rm -rf /tmp/* /var/tmp/*
+
+WORKDIR /usr/share/nginx/html
+EXPOSE 9000
+
+CMD ["php-fpm"]
diff --git a/config/default.conf b/config/default.conf
@@ -0,0 +1,87 @@
+
+#server {
+#
+#    listen 80 default_server;
+#    listen [::]:80 default_server;
+#	
+#    server_name localhost;
+#    return 301 https://$host$request_uri;
+#	
+#}
+
+server {
+
+    listen 80 default_server;
+    listen [::]:80 default_server;
+
+    server_name localhost;
+    charset utf-8;
+
+    add_header X-Frame-Options DENY;
+    add_header X-Content-Type-Options nosniff;
+    add_header X-UA-Compatible "IE=Edge,Chrome=1";
+    add_header X-XSS-Protection "1; mode=block";
+    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
+
+    root /usr/share/nginx/html;
+    index index.php index.html index.htm;
+
+    #ssl on;
+    #ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+    #ssl_certificate /etc/nginx/ssl/certs/fullchain1.pem;
+    #ssl_certificate_key /etc/nginx/ssl/certs/privkey1.pem;
+    #ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS";
+    #ssl_prefer_server_ciphers on;
+
+    #ssl_ecdh_curve secp384r1;
+    #ssl_session_cache shared:SSL:10m;
+    #ssl_session_tickets off;
+    #ssl_stapling on;
+    #ssl_stapling_verify on;
+
+    #resolver 8.8.8.8 8.8.4.4 valid=300s;
+    #resolver_timeout 5s;
+
+    #ssl_dhparam /etc/nginx/ssl/certs/dhparam.pem;
+
+    location / {
+        try_files $uri $uri/ /;
+    }
+
+    location = /favicon.ico { access_log off; log_not_found off; }
+
+    access_log off;
+    error_log /var/log/nginx/localhost.error.log;
+
+    location ~ \.php$ {
+        try_files $uri =404;
+        fastcgi_split_path_info ^(.+\.php)(/.+)$;
+        fastcgi_pass phpfpm:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_param PATH_INFO $fastcgi_path_info;
+        fastcgi_intercept_errors off;
+        fastcgi_buffer_size 16k;
+        fastcgi_buffers 4 16k;
+        fastcgi_hide_header X-Powered-By;
+        proxy_hide_header X-Powered-By;
+        proxy_pass_header Server;
+    }
+
+    location ~* \.(js|css|jpg|jpeg|gif|png|svg|ico|pdf|html|htm)$ {
+        expires 365d;	
+    }
+
+    location ~ /\.ht {
+        deny all;
+        return 404;
+    }
+
+    location ~ /.well-known {
+        allow all;
+    }
+
+    error_page 401 403 404 /404.html;
+
+}
diff --git a/config/nginx.conf b/config/nginx.conf
@@ -0,0 +1,63 @@
+
+user  nginx;
+worker_processes  auto;
+
+error_log  /var/log/nginx/error.log warn;
+pid        /var/run/nginx.pid;
+
+events {
+    worker_connections  1024;
+    use epoll;
+    multi_accept on;
+}
+
+http {
+
+    sendfile                        on;
+    tcp_nopush                      on;
+    tcp_nodelay                     on;
+    client_header_timeout           1m;
+    client_body_timeout             1m;
+    client_header_buffer_size       1k;
+    client_body_buffer_size         10k; 
+    client_max_body_size            8m;
+    large_client_header_buffers     2 1k;
+    send_timeout                    30;
+    keepalive_timeout               60 60;
+    reset_timedout_connection       on;
+    server_tokens                   off;
+    server_name_in_redirect         off;
+    server_names_hash_max_size      512;
+    server_names_hash_bucket_size   512;
+
+    fastcgi_buffers                 8 16k;
+    fastcgi_buffer_size             32k;
+    fastcgi_connect_timeout         600;
+    fastcgi_send_timeout            600;
+    fastcgi_read_timeout            600;
+
+    include                         /etc/nginx/mime.types;
+    default_type                    application/octet-stream;
+
+    open_file_cache max=1000 inactive=20s;
+    open_file_cache_valid 30s;
+    open_file_cache_min_uses 5;
+    open_file_cache_errors off;
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    error_log /var/log/nginx/error.log;
+
+    gzip                on;
+    gzip_comp_level     2;
+    gzip_min_length     1000;
+    gzip_buffers        8 64k;
+    gzip_types          text/plain application/x-javascript text/css application/javascript text/javascript text/xml application/json application/vnd.ms-fontobject application/x-font-opentype application/x-font-truetype application/x-font-ttf application/xml font/eot font/opentype font/otf image/svg+xml image/vnd.microsoft.icon;
+    gzip_proxied        expired no-cache no-store private auth;
+
+    include /etc/nginx/conf.d/*.conf;
+    include /etc/nginx/conf.d/vhosts/*.conf;
+
+}
diff --git a/config/php7.ini b/config/php7.ini
@@ -0,0 +1,7 @@
+file_uploads = On
+
+post_max_size = 30M
+upload_max_filesize = 30M
+
+memory_limit = 30M
+max_execution_time = 600
diff --git a/config/vhosts/.gitignore b/config/vhosts/.gitignore
@@ -0,0 +1 @@
+!.gitignore
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -0,0 +1,33 @@
+version: '3.3'
+
+services:
+
+  php7fpm:
+    build: ./build/php7fpm
+    container_name: docker-php7fpm
+    working_dir: /usr/share/nginx/html
+    restart: always
+    environment:
+      - TERM=xterm
+    volumes:
+      - ./www:/usr/share/nginx/html
+      - ./config/php7.ini:/usr/local/etc/php/php.ini
+    ports:
+      - "9000:9000"
+
+  nginx:
+    image: nginx:1.12.1
+    container_name: docker-nginx
+    working_dir: /usr/share/nginx/html    
+    restart: always
+    volumes:
+      - ./www:/usr/share/nginx/html
+      - ./config/ssl:/etc/nginx/ssl
+      - ./config/vhosts:/etc/nginx/conf.d/vhosts
+      - ./config/default.conf:/etc/nginx/conf.d/default.conf
+      - ./config/nginx.conf:/etc/nginx/nginx.conf
+    links:
+      - "php7fpm:phpfpm"
+    ports:
+      - "80:80"
+      - "443:443"
diff --git a/www/index.html b/www/index.html
@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+    <head>
+        <title>Welcome to nginx!</title>
+        <style> body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style>
+    </head>
+    <body>
+        <h1>Welcome to nginx!</h1>
+        <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p>
+        <p>For online documentation and support please refer to
+        <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href="http://nginx.com/">nginx.com</a>.</p>
+        <p><em>Thank you for using nginx.</em></p>
+    </body>
+</html>
diff --git a/www/info.php b/www/info.php
@@ -0,0 +1 @@
+<?php phpinfo(); ?>
Original file line number	Diff line number	Diff line change
		@@ -1,2 +1 @@
		# vultr-ssl-free
		Set Up Server by Vultr with Let's Encrypt (SSL)