diff --git a/README.md b/README.md index a348951..0e45a4a 100644 --- a/README.md +++ b/README.md @@ -1,2 +1 @@ # vultr-ssl-free -Set Up Server by Vultr with Let's Encrypt (SSL) diff --git a/build/php7fpm/Dockerfile b/build/php7fpm/Dockerfile new file mode 100644 index 0000000..976e5fe --- /dev/null +++ b/build/php7fpm/Dockerfile @@ -0,0 +1,12 @@ +FROM php:7.1.12-fpm +LABEL Eakkabin Jaikeawma + +RUN apt-get update && apt-get install -y curl libpcre3-dev libssl-dev libssl1.0.0 --no-install-recommends \ + && docker-php-ext-install -j$(nproc) iconv mysqli pdo pdo_mysql mbstring \ + && apt-get clean && apt-get autoremove \ + && rm -r /var/lib/apt/lists/* && rm -rf /tmp/* /var/tmp/* + +WORKDIR /usr/share/nginx/html +EXPOSE 9000 + +CMD ["php-fpm"] \ No newline at end of file diff --git a/config/default.conf b/config/default.conf new file mode 100644 index 0000000..46586e9 --- /dev/null +++ b/config/default.conf @@ -0,0 +1,87 @@ + +#server { +# +# listen 80 default_server; +# listen [::]:80 default_server; +# +# server_name localhost; +# return 301 https://$host$request_uri; +# +#} + +server { + + listen 80 default_server; + listen [::]:80 default_server; + + server_name localhost; + charset utf-8; + + add_header X-Frame-Options DENY; + add_header X-Content-Type-Options nosniff; + add_header X-UA-Compatible "IE=Edge,Chrome=1"; + add_header X-XSS-Protection "1; mode=block"; + add_header Strict-Transport-Security "max-age=31536000; includeSubdomains"; + + root /usr/share/nginx/html; + index index.php index.html index.htm; + + #ssl on; + #ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + #ssl_certificate /etc/nginx/ssl/certs/fullchain1.pem; + #ssl_certificate_key /etc/nginx/ssl/certs/privkey1.pem; + #ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS"; + #ssl_prefer_server_ciphers on; + + #ssl_ecdh_curve secp384r1; + #ssl_session_cache shared:SSL:10m; + #ssl_session_tickets off; + #ssl_stapling on; + #ssl_stapling_verify on; + + #resolver 8.8.8.8 8.8.4.4 valid=300s; + #resolver_timeout 5s; + + #ssl_dhparam /etc/nginx/ssl/certs/dhparam.pem; + + location / { + try_files $uri $uri/ /; + } + + location = /favicon.ico { access_log off; log_not_found off; } + + access_log off; + error_log /var/log/nginx/localhost.error.log; + + location ~ \.php$ { + try_files $uri =404; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass phpfpm:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + fastcgi_hide_header X-Powered-By; + proxy_hide_header X-Powered-By; + proxy_pass_header Server; + } + + location ~* \.(js|css|jpg|jpeg|gif|png|svg|ico|pdf|html|htm)$ { + expires 365d; + } + + location ~ /\.ht { + deny all; + return 404; + } + + location ~ /.well-known { + allow all; + } + + error_page 401 403 404 /404.html; + +} \ No newline at end of file diff --git a/config/nginx.conf b/config/nginx.conf new file mode 100644 index 0000000..c1952f2 --- /dev/null +++ b/config/nginx.conf @@ -0,0 +1,63 @@ + +user nginx; +worker_processes auto; + +error_log /var/log/nginx/error.log warn; +pid /var/run/nginx.pid; + +events { + worker_connections 1024; + use epoll; + multi_accept on; +} + +http { + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 1k; + client_body_buffer_size 10k; + client_max_body_size 8m; + large_client_header_buffers 2 1k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + fastcgi_buffers 8 16k; + fastcgi_buffer_size 32k; + fastcgi_connect_timeout 600; + fastcgi_send_timeout 600; + fastcgi_read_timeout 600; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + open_file_cache max=1000 inactive=20s; + open_file_cache_valid 30s; + open_file_cache_min_uses 5; + open_file_cache_errors off; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + error_log /var/log/nginx/error.log; + + gzip on; + gzip_comp_level 2; + gzip_min_length 1000; + gzip_buffers 8 64k; + gzip_types text/plain application/x-javascript text/css application/javascript text/javascript text/xml application/json application/vnd.ms-fontobject application/x-font-opentype application/x-font-truetype application/x-font-ttf application/xml font/eot font/opentype font/otf image/svg+xml image/vnd.microsoft.icon; + gzip_proxied expired no-cache no-store private auth; + + include /etc/nginx/conf.d/*.conf; + include /etc/nginx/conf.d/vhosts/*.conf; + +} \ No newline at end of file diff --git a/config/php7.ini b/config/php7.ini new file mode 100644 index 0000000..98cf95e --- /dev/null +++ b/config/php7.ini @@ -0,0 +1,7 @@ +file_uploads = On + +post_max_size = 30M +upload_max_filesize = 30M + +memory_limit = 30M +max_execution_time = 600 \ No newline at end of file diff --git a/config/vhosts/.gitignore b/config/vhosts/.gitignore new file mode 100644 index 0000000..f935021 --- /dev/null +++ b/config/vhosts/.gitignore @@ -0,0 +1 @@ +!.gitignore diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..135dcf5 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,33 @@ +version: '3.3' + +services: + + php7fpm: + build: ./build/php7fpm + container_name: docker-php7fpm + working_dir: /usr/share/nginx/html + restart: always + environment: + - TERM=xterm + volumes: + - ./www:/usr/share/nginx/html + - ./config/php7.ini:/usr/local/etc/php/php.ini + ports: + - "9000:9000" + + nginx: + image: nginx:1.12.1 + container_name: docker-nginx + working_dir: /usr/share/nginx/html + restart: always + volumes: + - ./www:/usr/share/nginx/html + - ./config/ssl:/etc/nginx/ssl + - ./config/vhosts:/etc/nginx/conf.d/vhosts + - ./config/default.conf:/etc/nginx/conf.d/default.conf + - ./config/nginx.conf:/etc/nginx/nginx.conf + links: + - "php7fpm:phpfpm" + ports: + - "80:80" + - "443:443" diff --git a/www/index.html b/www/index.html new file mode 100644 index 0000000..6949c43 --- /dev/null +++ b/www/index.html @@ -0,0 +1,14 @@ + + + + Welcome to nginx! + + + +

Welcome to nginx!

+

If you see this page, the nginx web server is successfully installed and working. Further configuration is required.

+

For online documentation and support please refer to + nginx.org.
Commercial support is available at nginx.com.

+

Thank you for using nginx.

+ + \ No newline at end of file diff --git a/www/info.php b/www/info.php new file mode 100644 index 0000000..147cebc --- /dev/null +++ b/www/info.php @@ -0,0 +1 @@ +