FROM centos:7 MAINTAINER Carl <lpl20150013@163.com> #====================================解決依賴關係============================================ ENV NGINX_VERSION 1.10.2 ENV PHP_VERSION 7.0.12 ENV LIBICONV_VERSION 1.14 RUN yum -y install bzip* libm* mhash* \ ImageMagick* php-pear* php-devel* \ autoconf automake openssh libiconv* \ libreoffice-headless libreoffice-writer lua* \ libtool cmake make --skip-broken && \ yum clean all #============================================================================================= # RUN rpm -ivh http://dl.fedoraproject.org/pub/epel/7Server/x86_64/e/epel-release-7-8.noarch.rpm && \ yum install -y wget \ wget zlib-devel zlib* \ python-setuptools openssh* libmcrypt* \ freetype-devel libpng-devel libjpeg-devel \ pcre-devel lrzsz* gcc* p_w_picpath* openoffice* \ libxslt-devel freetype-devel libpng-devel \ libcurl-devel openldap* postgresql-devel \ curl-devel bzip2-devel libjpeg-devel readline-devel \ libmcrypt* glibc* libcurl* \ screen tree lsof htop iptraf sysstat inotify-tools htop\ mcrypt* libevent* libxml2* \ post* pcre* gcc-c++ && \ yum clean all #====================================安裝nginx && php7========================================= RUN groupadd -r www && \ useradd -M -s /sbin/nologin -r -g www www #download nginx libiconv and php7,libiconv1.14版本存在BUG RUN mkdir -p /usr/local/src/nginx-php && cd $_ && \ wget -c -O nginx.tar.gz http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz && \ wget -O php.tar.gz http://php.net/distributions/php-$PHP_VERSION.tar.gz && \ wget -c -O libiconv.tar.gz http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.14.tar.gz && \ curl -O -SL https://github.com/xdebug/xdebug/archive/XDEBUG_2_4_0RC3.tar.gz #Make install nginx RUN cd /usr/local/src/nginx-php && \ tar -zxvf nginx.tar.gz && \ cd nginx-$NGINX_VERSION && \ ./configure --prefix=/usr/local/nginx \ --user=www --group=www \ --error-log-path=/var/log/nginx_error.log \ --http-log-path=/var/log/nginx_access.log \ --pid-path=/var/run/nginx.pid \ --with-pcre \ --with-http_ssl_module \ --without-mail_pop3_module \ --without-mail_imap_module \ --with-http_gzip_static_module && \ make && make install #Make install libiconv,存在BUG可修復 #stdio.in.h找到 #_GL_WARN_ON_USE (gets,"gets is a security hole - use fgets instead"); #註釋掉 #添加 ##ifdefined(__GLIBC__)&&!defined(__UCLIBC__)&&!__GLIBC_PREREQ(2,16) # _GL_WARN_ON_USE (gets,"gets is a security hole - use fgets instead"); ##endif RUN cd /usr/local/src/nginx-php && \ tar -zxvf libiconv.tar.gz && \ cd libiconv-$LIBICONV_VERSION && \ ./configure --prefix=/usr/local/libiconv && \ make -j 4 && make install #Make install php7 RUN cd /usr/local/src/nginx-php && \ tar -zvxf php.tar.gz && \ cd php-$PHP_VERSION && \ ./configure --prefix=/usr/local/php \ --with-config-file-path=/usr/local/php/etc \ --with-config-file-scan-dir=/usr/local/php/etc/php.d \ --with-fpm-user=www \ --with-fpm-group=www \ --with-mcrypt=/usr/include \ --with-iconv=/usr/local/libiconv \ --with-mysqli \ --with-pdo-mysql \ --with-openssl \ --with-gd \ --with-zlib \ --with-gettext \ --with-curl \ --with-png-dir \ --with-jpeg-dir \ --with-freetype-dir \ --with-xmlrpc \ --with-mhash \ --with-openssl \ --enable-fpm \ --enable-xml \ --enable-shmop \ --enable-sysvsem \ --enable-inline-optimization \ --enable-mbregex \ --enable-mbstring \ --enable-ftp \ --enable-gd-native-ttf \ --enable-mysqlnd \ --enable-pcntl \ --enable-sockets \ --enable-zip \ --enable-soap \ --enable-session \ --enable-opcache \ --enable-bcmath \ --enable-exif \ --enable-fileinfo \ --disable-rpath \ --disable-debug \ --without-pear && \ make -j 4 && make install #======================================================================================================= # #Add xdebug extension RUN cd /home/nginx-php && \ tar -zxvf XDEBUG_2_4_0RC3.tar.gz && \ cd xdebug-XDEBUG_2_4_0RC3 && \ /usr/local/php/bin/phpize && \ ./configure --enable-xdebug --with-php-config=/usr/local/php/bin/php-config && \ make && \ cp modules/xdebug.so /usr/local/php/lib/php/extensions/xdebug.so RUN cd /home/nginx-php/php-$PHP_VERSION && \ cp php.ini-production /usr/local/php/etc/php.ini && \ cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf && \ cp /usr/local/php/etc/php-fpm.d/www.conf.default /usr/local/php/etc/php-fpm.d/www.conf # #======================================================================================================= #Install supervisor RUN easy_install supervisor && \ mkdir -p /var/log/supervisor && \ mkdir -p /var/run/sshd && \ mkdir -p /var/run/supervisord #Add supervisord conf ADD supervisord.conf /etc/supervisord.conf #Create web folder VOLUME ["/data/www", "/usr/local/nginx/conf/ssl", "/usr/local/nginx/conf/vhost", "/usr/local/php/etc/php.d"] ADD index.php /data/www/index.php ADD xdebug.ini /usr/local/php/etc/php.d/xdebug.ini #Update nginx config ADD nginx.conf /usr/local/nginx/conf/nginx.conf #========================向容器中添加文件=============================== #Start ADD start.sh /start.sh RUN chmod +x /start.sh #======================指定容器映射到主機的端口========================= #Set port EXPOSE 8080 443 9000 #======================================================== #Start it ENTRYPOINT ["/start.sh"]
#!/bin/sh ######################################################################### # File Name: start.sh # Author: TiMOphY ######################################################################### Nginx_Install_Dir=/usr/local/nginx DATA_DIR=/data/www set -e chown -R www.www $DATA_DIR if [[ -n "$PROXY_WEB" ]]; then [ -f "${Nginx_Install_Dir}/conf/ssl" ] || mkdir -p $Nginx_Install_Dir/conf/ssl [ -f "${Nginx_Install_Dir}/conf/vhost" ] || mkdir -p $Nginx_Install_Dir/conf/vhost if [ -z "$PROXY_DOMAIN" ]; then echo >&2 'error: missing PROXY_DOMAIN' echo >&2 ' Did you forget to add -e PROXY_DOMAIN=... ?' exit 1 fi if [ -z "$PROXY_CRT" ]; then echo >&2 'error: missing PROXY_CRT' echo >&2 ' Did you forget to add -e PROXY_CRT=... ?' exit 1 fi if [ -z "$PROXY_KEY" ]; then echo >&2 'error: missing PROXY_KEY' echo >&2 ' Did you forget to add -e PROXY_KEY=... ?' exit 1 fi if [ ! -f "${Nginx_Install_Dir}/conf/ssl/${PROXY_CRT}" ]; then echo >&2 'error: missing PROXY_CRT' echo >&2 " You need to put ${PROXY_CRT} in ssl directory" exit 1 fi if [ ! -f "${Nginx_Install_Dir}/conf/ssl/${PROXY_KEY}" ]; then echo >&2 'error: missing PROXY_CSR' echo >&2 " You need to put ${PROXY_KEY} in ssl directory" exit 1 fi cat > ${Nginx_Install_Dir}/conf/vhost/website.conf << EOF server { listen 80; server_name $PROXY_DOMAIN; return 301 https://$PROXY_DOMAIN\$request_uri; } server { listen 443 ssl; server_name $PROXY_DOMAIN; ssl on; ssl_certificate ssl/${PROXY_CRT}; ssl_certificate_key ssl/${PROXY_KEY}; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; keepalive_timeout 70; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; root $DATA_DIR; index index.php index.html index.htm; location / { try_files \$uri \$uri/ /index.php?\$args; } location ~ \.php$ { root /data/www; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /\$document_root\$fastcgi_script_name; include fastcgi_params; } } EOF fi /usr/bin/supervisord -n -c /etc/supervisord.conf