commit d90614805befd2a8765b14290f9bdbc9d7743ecb Author: ZF sun <34314687@qq.com> Date: Tue Oct 28 18:23:50 2025 +0800 add docker config files diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 000000000..3fa4e4445 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,94 @@ + +services: + php-fpm: + build: + context: ./docker/php + dockerfile: Dockerfile + container_name: newshop_php + restart: always + environment: + - PHP_ENV=development + - APP_ENV=development + - APP_DEBUG=true + ports: + - "9000:9000" # PHP-FPM + volumes: + - ./src:/var/www/html + # 更新下载源列表以加速apt-get + - ./docker/debian/sources.list:/etc/apt/sources.list:ro + - ./docker/php/php.ini:/usr/local/etc/php/php.ini:ro + depends_on: + - db + networks: + - newshop-net + + nginx: + build: + context: ./docker/nginx + dockerfile: Dockerfile + container_name: newshop_nginx + restart: always + ports: + - "80:80" + - "443:443" + volumes: + - ./src:/var/www/html:ro + # 更新下载源列表以加速apt-get + - ./docker/debian/sources.list:/etc/apt/sources.list:ro + # 创建临时目录 + - /var/www/server/nginx/proxy_temp_dir + - /var/www/server/nginx/proxy_cache_dir + + + depends_on: + - php-fpm + networks: + - newshop-net + + db: + image: mysql:5.7.44 + container_name: newshop_mysql + environment: + MYSQL_ROOT_PASSWORD: rootpassword + MYSQL_ROOT_HOST: '%' # 允许root从任何主机连接 + MYSQL_DATABASE: shop_mallnew + MYSQL_USER: shop_mallnew + MYSQL_PASSWORD: shop_mallnew + # env_file: + # - ./.docker/.env + volumes: + - mysql_db_data:/var/lib/mysql + - ./docker/mysql/init:/docker-entrypoint-initdb.d + - ./docker/mysql/my.cnf:/etc/mysql/conf.d/custom.cnf + ports: + - "3306:3306" + networks: + - newshop-net + restart: unless-stopped + command: + - --character-set-server=utf8mb4 + - --collation-server=utf8mb4_unicode_ci + - --innodb_buffer_pool_size=256M + + # Redis 服务(可选) + redis: + image: redis:8.2 + container_name: newshop-redis + environment: + - REDIS_PASSWORD=luckyshop123!@# + ports: + - "6379:6379" + volumes: + - redis_data:/data + - ./docker/redis/redis.conf:/etc/redis/redis.conf + networks: + - newshop-net + restart: unless-stopped + +volumes: + mysql_db_data: + redis_data: + +networks: + newshop-net: + driver: bridge \ No newline at end of file diff --git a/docker/.DS_Store b/docker/.DS_Store new file mode 100644 index 000000000..f658acdf9 Binary files /dev/null and b/docker/.DS_Store differ diff --git a/docker/debian/sources.list b/docker/debian/sources.list new file mode 100644 index 000000000..3113063f7 --- /dev/null +++ b/docker/debian/sources.list @@ -0,0 +1,6 @@ +# deb http://snapshot.debian.org/archive/debian/20221114T000000Z bullseye main +deb https://mirrors.aliyun.com/debian/ bullseye main +# deb http://snapshot.debian.org/archive/debian-security/20221114T000000Z bullseye-security main +deb https://mirrors.aliyun.com/debian-security/ bullseye-security main +# deb http://snapshot.debian.org/archive/debian/20221114T000000Z bullseye-updates main +deb https://mirrors.aliyun.com/debian/ bullseye-updates main \ No newline at end of file diff --git a/docker/mysql/init/init.sql b/docker/mysql/init/init.sql new file mode 100644 index 000000000..5d46f6d17 --- /dev/null +++ b/docker/mysql/init/init.sql @@ -0,0 +1,14 @@ +-- docker/mysql/init/init.sql +-- 初始化数据库和用户 +CREATE DATABASE IF NOT EXISTS shop_mallnew CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci; +CREATE USER IF NOT EXISTS 'shop_mallnew'@'%' IDENTIFIED BY 'shop_mallnew'; +GRANT ALL PRIVILEGES ON shop_mallnew.* TO 'shop_mallnew'@'%'; + +CREATE DATABASE IF NOT EXISTS 5g CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci; +CREATE USER IF NOT EXISTS '5g'@'%' IDENTIFIED BY '123456'; +GRANT ALL PRIVILEGES ON 5g.* TO '5g'@'%'; + +-- 刷新权限 +FLUSH PRIVILEGES; + +-- 你可以根据需要添加更多的初始化SQL语句 \ No newline at end of file diff --git a/docker/mysql/my.cnf b/docker/mysql/my.cnf new file mode 100644 index 000000000..d3d42fb8d --- /dev/null +++ b/docker/mysql/my.cnf @@ -0,0 +1,27 @@ +[mysqld] +# 字符集设置 +character-set-server=utf8mb4 +collation-server=utf8mb4_unicode_ci + +# 连接设置 +max_connections=100 +wait_timeout=28800 +interactive_timeout=28800 + +# 缓冲区设置 +innodb_buffer_pool_size=256M +key_buffer_size=64M + +# 日志设置 +slow_query_log=1 +slow_query_log_file=/var/lib/mysql/slow.log +long_query_time=2 + +# 其他设置 +sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES + +[client] +default-character-set=utf8mb4 + +[mysql] +default-character-set=utf8mb4 \ No newline at end of file diff --git a/docker/mysql/sources.list b/docker/mysql/sources.list new file mode 100644 index 000000000..3113063f7 --- /dev/null +++ b/docker/mysql/sources.list @@ -0,0 +1,6 @@ +# deb http://snapshot.debian.org/archive/debian/20221114T000000Z bullseye main +deb https://mirrors.aliyun.com/debian/ bullseye main +# deb http://snapshot.debian.org/archive/debian-security/20221114T000000Z bullseye-security main +deb https://mirrors.aliyun.com/debian-security/ bullseye-security main +# deb http://snapshot.debian.org/archive/debian/20221114T000000Z bullseye-updates main +deb https://mirrors.aliyun.com/debian/ bullseye-updates main \ No newline at end of file diff --git a/docker/nginx/.DS_Store b/docker/nginx/.DS_Store new file mode 100644 index 000000000..fab5ba4bb Binary files /dev/null and b/docker/nginx/.DS_Store differ diff --git a/docker/nginx/Dockerfile b/docker/nginx/Dockerfile new file mode 100644 index 000000000..4a9e7d831 --- /dev/null +++ b/docker/nginx/Dockerfile @@ -0,0 +1,29 @@ +FROM nginx:alpine + +# 删除默认配置 +RUN rm /etc/nginx/conf.d/default.conf + +# +# - ./.docker/nginx/conf.c:/etc/nginx/conf.c:ro +# - ./.docker/nginx/default.conf:/etc/nginx/conf.d/default.conf:ro +# - ./.docker/nginx/sites-enabled:/etc/nginx/sites-enabled:ro +# 将本地 nginx 配置复制到镜像中并设置为只读 +COPY ./conf.c /etc/nginx/conf.c +COPY ./default.conf /etc/nginx/conf.d/default.conf +COPY ./sites-enabled /etc/nginx/sites-enabled + +# 设置只读权限(文件 0444,目录及其内容 0555) +RUN chmod 0444 /etc/nginx/conf.c \ + && chmod 0444 /etc/nginx/conf.d/default.conf \ + && chmod -R 0555 /etc/nginx/sites-enabled + +# 设置工作目录 +WORKDIR /var/www/html + +# 创建日志目录 +RUN mkdir -p /var/log/nginx + +# 暴露端口 +EXPOSE 80 443 + +CMD ["nginx", "-g", "daemon off;"] \ No newline at end of file diff --git a/docker/nginx/conf.c/.DS_Store b/docker/nginx/conf.c/.DS_Store new file mode 100644 index 000000000..b28321988 Binary files /dev/null and b/docker/nginx/conf.c/.DS_Store differ diff --git a/docker/nginx/conf.c/debug.conf b/docker/nginx/conf.c/debug.conf new file mode 100644 index 000000000..91c9a63e3 --- /dev/null +++ b/docker/nginx/conf.c/debug.conf @@ -0,0 +1,3 @@ +# 开发环境显示错误 +fastcgi_param PHP_VALUE "display_errors=On"; +fastcgi_param PHP_VALUE "error_reporting=E_ALL"; \ No newline at end of file diff --git a/docker/nginx/conf.c/enable-php-00.conf b/docker/nginx/conf.c/enable-php-00.conf new file mode 100644 index 000000000..e69de29bb diff --git a/docker/nginx/conf.c/enable-php-52.conf b/docker/nginx/conf.c/enable-php-52.conf new file mode 100644 index 000000000..5ca1eaa8d --- /dev/null +++ b/docker/nginx/conf.c/enable-php-52.conf @@ -0,0 +1,8 @@ + location ~ [^/]\.php(/|$) + { + try_files $uri =404; + fastcgi_pass unix:/tmp/php-cgi-52.sock; + fastcgi_index index.php; + include conf.c/fastcgi.conf; + include conf.c/pathinfo.conf; + } diff --git a/docker/nginx/conf.c/enable-php-53.conf b/docker/nginx/conf.c/enable-php-53.conf new file mode 100644 index 000000000..0de681730 --- /dev/null +++ b/docker/nginx/conf.c/enable-php-53.conf @@ -0,0 +1,8 @@ + location ~ [^/]\.php(/|$) + { + try_files $uri =404; + fastcgi_pass unix:/tmp/php-cgi-53.sock; + fastcgi_index index.php; + include conf.c/fastcgi.conf; + include conf.c/pathinfo.conf; + } diff --git a/docker/nginx/conf.c/enable-php-54.conf b/docker/nginx/conf.c/enable-php-54.conf new file mode 100644 index 000000000..5a0f1bfcf --- /dev/null +++ b/docker/nginx/conf.c/enable-php-54.conf @@ -0,0 +1,8 @@ + location ~ [^/]\.php(/|$) + { + try_files $uri =404; + fastcgi_pass unix:/tmp/php-cgi-54.sock; + fastcgi_index index.php; + include conf.c/fastcgi.conf; + include conf.c/pathinfo.conf; + } diff --git a/docker/nginx/conf.c/enable-php-55.conf b/docker/nginx/conf.c/enable-php-55.conf new file mode 100644 index 000000000..b3a310406 --- /dev/null +++ b/docker/nginx/conf.c/enable-php-55.conf @@ -0,0 +1,8 @@ + location ~ [^/]\.php(/|$) + { + try_files $uri =404; + fastcgi_pass unix:/tmp/php-cgi-55.sock; + fastcgi_index index.php; + include conf.c/fastcgi.conf; + include conf.c/pathinfo.conf; + } diff --git a/docker/nginx/conf.c/enable-php-56.conf b/docker/nginx/conf.c/enable-php-56.conf new file mode 100644 index 000000000..adcf247d5 --- /dev/null +++ b/docker/nginx/conf.c/enable-php-56.conf @@ -0,0 +1,8 @@ + location ~ [^/]\.php(/|$) + { + try_files $uri =404; + fastcgi_pass unix:/tmp/php-cgi-56.sock; + fastcgi_index index.php; + include conf.c/fastcgi.conf; + include conf.c/pathinfo.conf; + } diff --git a/docker/nginx/conf.c/enable-php-70.conf b/docker/nginx/conf.c/enable-php-70.conf new file mode 100644 index 000000000..20f162501 --- /dev/null +++ b/docker/nginx/conf.c/enable-php-70.conf @@ -0,0 +1,8 @@ + location ~ [^/]\.php(/|$) + { + try_files $uri =404; + fastcgi_pass unix:/tmp/php-cgi-70.sock; + fastcgi_index index.php; + include conf.c/fastcgi.conf; + include conf.c/pathinfo.conf; + } diff --git a/docker/nginx/conf.c/enable-php-71.conf b/docker/nginx/conf.c/enable-php-71.conf new file mode 100644 index 000000000..8ab77c13f --- /dev/null +++ b/docker/nginx/conf.c/enable-php-71.conf @@ -0,0 +1,8 @@ + location ~ [^/]\.php(/|$) + { + try_files $uri =404; + fastcgi_pass unix:/tmp/php-cgi-71.sock; + fastcgi_index index.php; + include conf.c/fastcgi.conf; + include conf.c/pathinfo.conf; + } diff --git a/docker/nginx/conf.c/enable-php-72.conf b/docker/nginx/conf.c/enable-php-72.conf new file mode 100644 index 000000000..b4758a8b2 --- /dev/null +++ b/docker/nginx/conf.c/enable-php-72.conf @@ -0,0 +1,8 @@ + location ~ [^/]\.php(/|$) + { + try_files $uri =404; + fastcgi_pass unix:/tmp/php-cgi-72.sock; + fastcgi_index index.php; + include conf.c/fastcgi.conf; + include conf.c/pathinfo.conf; + } diff --git a/docker/nginx/conf.c/enable-php-73.conf b/docker/nginx/conf.c/enable-php-73.conf new file mode 100644 index 000000000..62f1dddcd --- /dev/null +++ b/docker/nginx/conf.c/enable-php-73.conf @@ -0,0 +1,8 @@ + location ~ [^/]\.php(/|$) + { + try_files $uri =404; + fastcgi_pass unix:/tmp/php-cgi-73.sock; + fastcgi_index index.php; + include conf.c/fastcgi.conf; + include conf.c/pathinfo.conf; + } diff --git a/docker/nginx/conf.c/enable-php-74.conf b/docker/nginx/conf.c/enable-php-74.conf new file mode 100644 index 000000000..28d634338 --- /dev/null +++ b/docker/nginx/conf.c/enable-php-74.conf @@ -0,0 +1,10 @@ + location ~ [^/]\.php(/|$) + { + try_files $uri =404; + # fastcgi_pass unix:/tmp/php-cgi-74.sock; + fastcgi_pass php-fpm:9000; + fastcgi_index index.php; + include conf.c/fastcgi.conf; + include conf.c/pathinfo.conf; + include conf.c/debug.conf; + } diff --git a/docker/nginx/conf.c/enable-php-80.conf b/docker/nginx/conf.c/enable-php-80.conf new file mode 100644 index 000000000..e1dbc1d9d --- /dev/null +++ b/docker/nginx/conf.c/enable-php-80.conf @@ -0,0 +1,8 @@ + location ~ [^/]\.php(/|$) + { + try_files $uri =404; + fastcgi_pass unix:/tmp/php-cgi-80.sock; + fastcgi_index index.php; + include conf.c/fastcgi.conf; + include conf.c/pathinfo.conf; + } diff --git a/docker/nginx/conf.c/enable-php-81.conf b/docker/nginx/conf.c/enable-php-81.conf new file mode 100644 index 000000000..64592ec83 --- /dev/null +++ b/docker/nginx/conf.c/enable-php-81.conf @@ -0,0 +1,8 @@ + location ~ [^/]\.php(/|$) + { + try_files $uri =404; + fastcgi_pass unix:/tmp/php-cgi-81.sock; + fastcgi_index index.php; + include conf.c/fastcgi.conf; + include conf.c/pathinfo.conf; + } diff --git a/docker/nginx/conf.c/enable-php-82.conf b/docker/nginx/conf.c/enable-php-82.conf new file mode 100644 index 000000000..29e468239 --- /dev/null +++ b/docker/nginx/conf.c/enable-php-82.conf @@ -0,0 +1,8 @@ + location ~ [^/]\.php(/|$) + { + try_files $uri =404; + fastcgi_pass unix:/tmp/php-cgi-82.sock; + fastcgi_index index.php; + include conf.c/fastcgi.conf; + include conf.c/pathinfo.conf; + } diff --git a/docker/nginx/conf.c/enable-php-83.conf b/docker/nginx/conf.c/enable-php-83.conf new file mode 100644 index 000000000..3756cc1eb --- /dev/null +++ b/docker/nginx/conf.c/enable-php-83.conf @@ -0,0 +1,8 @@ + location ~ [^/]\.php(/|$) + { + try_files $uri =404; + fastcgi_pass unix:/tmp/php-cgi-83.sock; + fastcgi_index index.php; + include conf.c/fastcgi.conf; + include conf.c/pathinfo.conf; + } diff --git a/docker/nginx/conf.c/enable-php-84.conf b/docker/nginx/conf.c/enable-php-84.conf new file mode 100644 index 000000000..f53cf38e6 --- /dev/null +++ b/docker/nginx/conf.c/enable-php-84.conf @@ -0,0 +1,10 @@ + + location ~ [^/]\.php(/|$) + { + try_files $uri =404; + fastcgi_pass unix:/tmp/php-cgi-84.sock; + fastcgi_index index.php; + include conf.c/fastcgi.conf; + include conf.c/pathinfo.conf; + } + \ No newline at end of file diff --git a/docker/nginx/conf.c/enable-php-90.conf b/docker/nginx/conf.c/enable-php-90.conf new file mode 100644 index 000000000..3df13761a --- /dev/null +++ b/docker/nginx/conf.c/enable-php-90.conf @@ -0,0 +1,10 @@ + + location ~ [^/]\.php(/|$) + { + try_files $uri =404; + fastcgi_pass unix:/tmp/php-cgi-90.sock; + fastcgi_index index.php; + include conf.c/fastcgi.conf; + include conf.c/pathinfo.conf; + } + \ No newline at end of file diff --git a/docker/nginx/conf.c/enable-php-91.conf b/docker/nginx/conf.c/enable-php-91.conf new file mode 100644 index 000000000..405d69378 --- /dev/null +++ b/docker/nginx/conf.c/enable-php-91.conf @@ -0,0 +1,10 @@ + + location ~ [^/]\.php(/|$) + { + try_files $uri =404; + fastcgi_pass unix:/tmp/php-cgi-91.sock; + fastcgi_index index.php; + include conf.c/fastcgi.conf; + include conf.c/pathinfo.conf; + } + \ No newline at end of file diff --git a/docker/nginx/conf.c/enable-php.conf b/docker/nginx/conf.c/enable-php.conf new file mode 100644 index 000000000..9edb07c30 --- /dev/null +++ b/docker/nginx/conf.c/enable-php.conf @@ -0,0 +1,7 @@ + location ~ [^/]\.php(/|$) + { + try_files $uri =404; + fastcgi_pass unix:/tmp/php-cgi-56.sock; + fastcgi_index index.php; + include conf.c/fastcgi.conf; + } diff --git a/docker/nginx/conf.c/fastcgi.conf b/docker/nginx/conf.c/fastcgi.conf new file mode 100644 index 000000000..091738c60 --- /dev/null +++ b/docker/nginx/conf.c/fastcgi.conf @@ -0,0 +1,26 @@ + +fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REQUEST_SCHEME $scheme; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; diff --git a/docker/nginx/conf.c/fastcgi.conf.default b/docker/nginx/conf.c/fastcgi.conf.default new file mode 100644 index 000000000..091738c60 --- /dev/null +++ b/docker/nginx/conf.c/fastcgi.conf.default @@ -0,0 +1,26 @@ + +fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REQUEST_SCHEME $scheme; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; diff --git a/docker/nginx/conf.c/fastcgi_params b/docker/nginx/conf.c/fastcgi_params new file mode 100644 index 000000000..28decb955 --- /dev/null +++ b/docker/nginx/conf.c/fastcgi_params @@ -0,0 +1,25 @@ + +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REQUEST_SCHEME $scheme; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; diff --git a/docker/nginx/conf.c/fastcgi_params.default b/docker/nginx/conf.c/fastcgi_params.default new file mode 100644 index 000000000..28decb955 --- /dev/null +++ b/docker/nginx/conf.c/fastcgi_params.default @@ -0,0 +1,25 @@ + +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REQUEST_SCHEME $scheme; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; diff --git a/docker/nginx/conf.c/koi-utf b/docker/nginx/conf.c/koi-utf new file mode 100644 index 000000000..e7974ff6a --- /dev/null +++ b/docker/nginx/conf.c/koi-utf @@ -0,0 +1,109 @@ + +# This map is not a full koi8-r <> utf8 map: it does not contain +# box-drawing and some other characters. Besides this map contains +# several koi8-u and Byelorussian letters which are not in koi8-r. +# If you need a full and standard map, use contrib/unicode2nginx/koi-utf +# map instead. + +charset_map koi8-r utf-8 { + + 80 E282AC ; # euro + + 95 E280A2 ; # bullet + + 9A C2A0 ; #   + + 9E C2B7 ; # · + + A3 D191 ; # small yo + A4 D194 ; # small Ukrainian ye + + A6 D196 ; # small Ukrainian i + A7 D197 ; # small Ukrainian yi + + AD D291 ; # small Ukrainian soft g + AE D19E ; # small Byelorussian short u + + B0 C2B0 ; # ° + + B3 D081 ; # capital YO + B4 D084 ; # capital Ukrainian YE + + B6 D086 ; # capital Ukrainian I + B7 D087 ; # capital Ukrainian YI + + B9 E28496 ; # numero sign + + BD D290 ; # capital Ukrainian soft G + BE D18E ; # capital Byelorussian short U + + BF C2A9 ; # (C) + + C0 D18E ; # small yu + C1 D0B0 ; # small a + C2 D0B1 ; # small b + C3 D186 ; # small ts + C4 D0B4 ; # small d + C5 D0B5 ; # small ye + C6 D184 ; # small f + C7 D0B3 ; # small g + C8 D185 ; # small kh + C9 D0B8 ; # small i + CA D0B9 ; # small j + CB D0BA ; # small k + CC D0BB ; # small l + CD D0BC ; # small m + CE D0BD ; # small n + CF D0BE ; # small o + + D0 D0BF ; # small p + D1 D18F ; # small ya + D2 D180 ; # small r + D3 D181 ; # small s + D4 D182 ; # small t + D5 D183 ; # small u + D6 D0B6 ; # small zh + D7 D0B2 ; # small v + D8 D18C ; # small soft sign + D9 D18B ; # small y + DA D0B7 ; # small z + DB D188 ; # small sh + DC D18D ; # small e + DD D189 ; # small shch + DE D187 ; # small ch + DF D18A ; # small hard sign + + E0 D0AE ; # capital YU + E1 D090 ; # capital A + E2 D091 ; # capital B + E3 D0A6 ; # capital TS + E4 D094 ; # capital D + E5 D095 ; # capital YE + E6 D0A4 ; # capital F + E7 D093 ; # capital G + E8 D0A5 ; # capital KH + E9 D098 ; # capital I + EA D099 ; # capital J + EB D09A ; # capital K + EC D09B ; # capital L + ED D09C ; # capital M + EE D09D ; # capital N + EF D09E ; # capital O + + F0 D09F ; # capital P + F1 D0AF ; # capital YA + F2 D0A0 ; # capital R + F3 D0A1 ; # capital S + F4 D0A2 ; # capital T + F5 D0A3 ; # capital U + F6 D096 ; # capital ZH + F7 D092 ; # capital V + F8 D0AC ; # capital soft sign + F9 D0AB ; # capital Y + FA D097 ; # capital Z + FB D0A8 ; # capital SH + FC D0AD ; # capital E + FD D0A9 ; # capital SHCH + FE D0A7 ; # capital CH + FF D0AA ; # capital hard sign +} diff --git a/docker/nginx/conf.c/koi-win b/docker/nginx/conf.c/koi-win new file mode 100644 index 000000000..72afabe89 --- /dev/null +++ b/docker/nginx/conf.c/koi-win @@ -0,0 +1,103 @@ + +charset_map koi8-r windows-1251 { + + 80 88 ; # euro + + 95 95 ; # bullet + + 9A A0 ; #   + + 9E B7 ; # · + + A3 B8 ; # small yo + A4 BA ; # small Ukrainian ye + + A6 B3 ; # small Ukrainian i + A7 BF ; # small Ukrainian yi + + AD B4 ; # small Ukrainian soft g + AE A2 ; # small Byelorussian short u + + B0 B0 ; # ° + + B3 A8 ; # capital YO + B4 AA ; # capital Ukrainian YE + + B6 B2 ; # capital Ukrainian I + B7 AF ; # capital Ukrainian YI + + B9 B9 ; # numero sign + + BD A5 ; # capital Ukrainian soft G + BE A1 ; # capital Byelorussian short U + + BF A9 ; # (C) + + C0 FE ; # small yu + C1 E0 ; # small a + C2 E1 ; # small b + C3 F6 ; # small ts + C4 E4 ; # small d + C5 E5 ; # small ye + C6 F4 ; # small f + C7 E3 ; # small g + C8 F5 ; # small kh + C9 E8 ; # small i + CA E9 ; # small j + CB EA ; # small k + CC EB ; # small l + CD EC ; # small m + CE ED ; # small n + CF EE ; # small o + + D0 EF ; # small p + D1 FF ; # small ya + D2 F0 ; # small r + D3 F1 ; # small s + D4 F2 ; # small t + D5 F3 ; # small u + D6 E6 ; # small zh + D7 E2 ; # small v + D8 FC ; # small soft sign + D9 FB ; # small y + DA E7 ; # small z + DB F8 ; # small sh + DC FD ; # small e + DD F9 ; # small shch + DE F7 ; # small ch + DF FA ; # small hard sign + + E0 DE ; # capital YU + E1 C0 ; # capital A + E2 C1 ; # capital B + E3 D6 ; # capital TS + E4 C4 ; # capital D + E5 C5 ; # capital YE + E6 D4 ; # capital F + E7 C3 ; # capital G + E8 D5 ; # capital KH + E9 C8 ; # capital I + EA C9 ; # capital J + EB CA ; # capital K + EC CB ; # capital L + ED CC ; # capital M + EE CD ; # capital N + EF CE ; # capital O + + F0 CF ; # capital P + F1 DF ; # capital YA + F2 D0 ; # capital R + F3 D1 ; # capital S + F4 D2 ; # capital T + F5 D3 ; # capital U + F6 C6 ; # capital ZH + F7 C2 ; # capital V + F8 DC ; # capital soft sign + F9 DB ; # capital Y + FA C7 ; # capital Z + FB D8 ; # capital SH + FC DD ; # capital E + FD D9 ; # capital SHCH + FE D7 ; # capital CH + FF DA ; # capital hard sign +} diff --git a/docker/nginx/conf.c/luawaf.conf b/docker/nginx/conf.c/luawaf.conf new file mode 100644 index 000000000..389abfae0 --- /dev/null +++ b/docker/nginx/conf.c/luawaf.conf @@ -0,0 +1,4 @@ +lua_shared_dict limit 10m; +lua_package_path "/www/server/nginx/waf/?.lua"; +init_by_lua_file /www/server/nginx/waf/init.lua; +access_by_lua_file /www/server/nginx/waf/waf.lua; diff --git a/docker/nginx/conf.c/mime.types b/docker/nginx/conf.c/mime.types new file mode 100644 index 000000000..296125695 --- /dev/null +++ b/docker/nginx/conf.c/mime.types @@ -0,0 +1,97 @@ + +types { + text/html html htm shtml; + text/css css; + text/xml xml; + image/gif gif; + image/jpeg jpeg jpg; + application/javascript js; + application/atom+xml atom; + application/rss+xml rss; + + text/mathml mml; + text/plain txt; + text/vnd.sun.j2me.app-descriptor jad; + text/vnd.wap.wml wml; + text/x-component htc; + + image/png png; + image/svg+xml svg svgz; + image/tiff tif tiff; + image/vnd.wap.wbmp wbmp; + image/webp webp; + image/x-icon ico; + image/x-jng jng; + image/x-ms-bmp bmp; + + font/woff woff; + font/woff2 woff2; + + application/java-archive jar war ear; + application/json json; + application/mac-binhex40 hqx; + application/msword doc; + application/pdf pdf; + application/postscript ps eps ai; + application/rtf rtf; + application/vnd.apple.mpegurl m3u8; + application/vnd.google-earth.kml+xml kml; + application/vnd.google-earth.kmz kmz; + application/vnd.ms-excel xls; + application/vnd.ms-fontobject eot; + application/vnd.ms-powerpoint ppt; + application/vnd.oasis.opendocument.graphics odg; + application/vnd.oasis.opendocument.presentation odp; + application/vnd.oasis.opendocument.spreadsheet ods; + application/vnd.oasis.opendocument.text odt; + application/vnd.openxmlformats-officedocument.presentationml.presentation + pptx; + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet + xlsx; + application/vnd.openxmlformats-officedocument.wordprocessingml.document + docx; + application/vnd.wap.wmlc wmlc; + application/x-7z-compressed 7z; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-perl pl pm; + application/x-pilot prc pdb; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-tcl tcl tk; + application/x-x509-ca-cert der pem crt; + application/x-xpinstall xpi; + application/xhtml+xml xhtml; + application/xspf+xml xspf; + application/zip zip; + + application/octet-stream bin exe dll; + application/octet-stream deb; + application/octet-stream dmg; + application/octet-stream iso img; + application/octet-stream msi msp msm; + + audio/midi mid midi kar; + audio/mpeg mp3; + audio/ogg ogg; + audio/x-m4a m4a; + audio/x-realaudio ra; + + video/3gpp 3gpp 3gp; + video/mp2t ts; + video/mp4 mp4; + video/mpeg mpeg mpg; + video/quicktime mov; + video/webm webm; + video/x-flv flv; + video/x-m4v m4v; + video/x-mng mng; + video/x-ms-asf asx asf; + video/x-ms-wmv wmv; + video/x-msvideo avi; +} diff --git a/docker/nginx/conf.c/mime.types.default b/docker/nginx/conf.c/mime.types.default new file mode 100644 index 000000000..296125695 --- /dev/null +++ b/docker/nginx/conf.c/mime.types.default @@ -0,0 +1,97 @@ + +types { + text/html html htm shtml; + text/css css; + text/xml xml; + image/gif gif; + image/jpeg jpeg jpg; + application/javascript js; + application/atom+xml atom; + application/rss+xml rss; + + text/mathml mml; + text/plain txt; + text/vnd.sun.j2me.app-descriptor jad; + text/vnd.wap.wml wml; + text/x-component htc; + + image/png png; + image/svg+xml svg svgz; + image/tiff tif tiff; + image/vnd.wap.wbmp wbmp; + image/webp webp; + image/x-icon ico; + image/x-jng jng; + image/x-ms-bmp bmp; + + font/woff woff; + font/woff2 woff2; + + application/java-archive jar war ear; + application/json json; + application/mac-binhex40 hqx; + application/msword doc; + application/pdf pdf; + application/postscript ps eps ai; + application/rtf rtf; + application/vnd.apple.mpegurl m3u8; + application/vnd.google-earth.kml+xml kml; + application/vnd.google-earth.kmz kmz; + application/vnd.ms-excel xls; + application/vnd.ms-fontobject eot; + application/vnd.ms-powerpoint ppt; + application/vnd.oasis.opendocument.graphics odg; + application/vnd.oasis.opendocument.presentation odp; + application/vnd.oasis.opendocument.spreadsheet ods; + application/vnd.oasis.opendocument.text odt; + application/vnd.openxmlformats-officedocument.presentationml.presentation + pptx; + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet + xlsx; + application/vnd.openxmlformats-officedocument.wordprocessingml.document + docx; + application/vnd.wap.wmlc wmlc; + application/x-7z-compressed 7z; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-perl pl pm; + application/x-pilot prc pdb; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-tcl tcl tk; + application/x-x509-ca-cert der pem crt; + application/x-xpinstall xpi; + application/xhtml+xml xhtml; + application/xspf+xml xspf; + application/zip zip; + + application/octet-stream bin exe dll; + application/octet-stream deb; + application/octet-stream dmg; + application/octet-stream iso img; + application/octet-stream msi msp msm; + + audio/midi mid midi kar; + audio/mpeg mp3; + audio/ogg ogg; + audio/x-m4a m4a; + audio/x-realaudio ra; + + video/3gpp 3gpp 3gp; + video/mp2t ts; + video/mp4 mp4; + video/mpeg mpeg mpg; + video/quicktime mov; + video/webm webm; + video/x-flv flv; + video/x-m4v m4v; + video/x-mng mng; + video/x-ms-asf asx asf; + video/x-ms-wmv wmv; + video/x-msvideo avi; +} diff --git a/docker/nginx/conf.c/nginx.conf b/docker/nginx/conf.c/nginx.conf new file mode 100644 index 000000000..82bb125d7 --- /dev/null +++ b/docker/nginx/conf.c/nginx.conf @@ -0,0 +1,92 @@ +user www www; +worker_processes auto; +error_log /www/wwwlogs/nginx_error.log crit; +pid /www/server/nginx/logs/nginx.pid; +worker_rlimit_nofile 51200; + +events + { + use epoll; + worker_connections 51200; + multi_accept on; + } + +http + { + include mime.types; + #include luawaf.conf; + + include proxy.conf; + + default_type application/octet-stream; + + server_names_hash_bucket_size 512; + client_header_buffer_size 32k; + large_client_header_buffers 4 32k; + client_max_body_size 50m; + + sendfile on; + tcp_nopush on; + + keepalive_timeout 60; + + tcp_nodelay on; + + fastcgi_connect_timeout 300; + fastcgi_send_timeout 300; + fastcgi_read_timeout 300; + fastcgi_buffer_size 64k; + fastcgi_buffers 4 64k; + fastcgi_busy_buffers_size 128k; + fastcgi_temp_file_write_size 256k; + fastcgi_intercept_errors on; + + gzip on; + gzip_min_length 1k; + gzip_buffers 4 16k; + gzip_http_version 1.1; + gzip_comp_level 2; + gzip_types text/plain application/javascript application/x-javascript text/javascript text/css application/xml; + gzip_vary on; + gzip_proxied expired no-cache no-store private auth; + gzip_disable "MSIE [1-6]\."; + + limit_conn_zone $binary_remote_addr zone=perip:10m; + limit_conn_zone $server_name zone=perserver:10m; + + server_tokens off; + access_log off; + +server + { + listen 888; + server_name phpmyadmin; + index index.html index.htm index.php; + root /www/server/phpmyadmin; + location ~ /tmp/ { + return 403; + } + + #error_page 404 /404.html; + include enable-php.conf; + + location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ + { + expires 30d; + } + + location ~ .*\.(js|css)?$ + { + expires 12h; + } + + location ~ /\. + { + deny all; + } + + access_log /www/wwwlogs/access.log; + } +include /www/server/panel/vhost/nginx/*.conf; +} + diff --git a/docker/nginx/conf.c/nginx.conf.default b/docker/nginx/conf.c/nginx.conf.default new file mode 100644 index 000000000..29bc085f2 --- /dev/null +++ b/docker/nginx/conf.c/nginx.conf.default @@ -0,0 +1,117 @@ + +#user nobody; +worker_processes 1; + +#error_log logs/error.log; +#error_log logs/error.log notice; +#error_log logs/error.log info; + +#pid logs/nginx.pid; + + +events { + worker_connections 1024; +} + + +http { + include mime.types; + default_type application/octet-stream; + + #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + # '$status $body_bytes_sent "$http_referer" ' + # '"$http_user_agent" "$http_x_forwarded_for"'; + + #access_log logs/access.log main; + + sendfile on; + #tcp_nopush on; + + #keepalive_timeout 0; + keepalive_timeout 65; + + #gzip on; + + server { + listen 80; + server_name localhost; + + #charset koi8-r; + + #access_log logs/host.access.log main; + + location / { + root html; + index index.html index.htm; + } + + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root html; + } + + # proxy the PHP scripts to Apache listening on 127.0.0.1:80 + # + #location ~ \.php$ { + # proxy_pass http://127.0.0.1; + #} + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # + #location ~ \.php$ { + # root html; + # fastcgi_pass 127.0.0.1:9000; + # fastcgi_index index.php; + # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; + # include fastcgi_params; + #} + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + #location ~ /\.ht { + # deny all; + #} + } + + + # another virtual host using mix of IP-, name-, and port-based configuration + # + #server { + # listen 8000; + # listen somename:8080; + # server_name somename alias another.alias; + + # location / { + # root html; + # index index.html index.htm; + # } + #} + + + # HTTPS server + # + #server { + # listen 443 ssl; + # server_name localhost; + + # ssl_certificate cert.pem; + # ssl_certificate_key cert.key; + + # ssl_session_cache shared:SSL:1m; + # ssl_session_timeout 5m; + + # ssl_ciphers HIGH:!aNULL:!MD5; + # ssl_prefer_server_ciphers on; + + # location / { + # root html; + # index index.html index.htm; + # } + #} + +} diff --git a/docker/nginx/conf.c/pathinfo.conf b/docker/nginx/conf.c/pathinfo.conf new file mode 100644 index 000000000..e5465ee8e --- /dev/null +++ b/docker/nginx/conf.c/pathinfo.conf @@ -0,0 +1,9 @@ +set $real_script_name $fastcgi_script_name; +set $path_info ""; +if ($fastcgi_script_name ~ "^(.+?\.php)(/.+)$") { + set $real_script_name $1; + set $path_info $2; + } +fastcgi_param SCRIPT_FILENAME $document_root$real_script_name; +fastcgi_param SCRIPT_NAME $real_script_name; +fastcgi_param PATH_INFO $path_info; \ No newline at end of file diff --git a/docker/nginx/conf.c/proxy.conf b/docker/nginx/conf.c/proxy.conf new file mode 100644 index 000000000..65e17624d --- /dev/null +++ b/docker/nginx/conf.c/proxy.conf @@ -0,0 +1,35 @@ +# 代理临时文件目录,用于存放尚未完全发送/接收的请求体或响应体片段 +proxy_temp_path /var/www/server/nginx/proxy_temp_dir; + +# 定义代理缓存存放路径、目录层级、缓存区名称与大小、失效时间和最大占用空间 +proxy_cache_path /var/www/server/nginx/proxy_cache_dir levels=1:2 keys_zone=cache_one:20m inactive=1d max_size=5g; + +# 客户端请求体缓冲区大小;超过此大小的请求体会写入临时文件(单位:字节,可用k、m) +client_body_buffer_size 512k; + +# 与上游服务器建立连接的超时时间(秒) +proxy_connect_timeout 60; + +# 从上游服务器读取响应的超时时间(秒) +proxy_read_timeout 60; + +# 向上游服务器发送请求时的超时时间(秒) +proxy_send_timeout 60; + +# 用于读取上游响应头的缓冲区大小 +proxy_buffer_size 32k; + +# 用于读取上游响应体的缓冲区数量与每个缓冲区大小(数量 大小) +proxy_buffers 4 64k; + +# 当缓冲区正在被发送到客户端时允许占用的缓冲区总大小 +proxy_busy_buffers_size 128k; + +# 向临时文件写入时每次写入的最大字节数 +proxy_temp_file_write_size 128k; + +# 指定在何种情况下将请求转发到下一个上游(错误、超时、无效头以及特定HTTP状态码) +proxy_next_upstream error timeout invalid_header http_500 http_503 http_404; + +# 在当前上下文启用名为 cache_one 的缓存区用于响应缓存(与上面的 keys_zone 名称对应) +proxy_cache cache_one; diff --git a/docker/nginx/conf.c/scgi_params b/docker/nginx/conf.c/scgi_params new file mode 100644 index 000000000..6d4ce4f3e --- /dev/null +++ b/docker/nginx/conf.c/scgi_params @@ -0,0 +1,17 @@ + +scgi_param REQUEST_METHOD $request_method; +scgi_param REQUEST_URI $request_uri; +scgi_param QUERY_STRING $query_string; +scgi_param CONTENT_TYPE $content_type; + +scgi_param DOCUMENT_URI $document_uri; +scgi_param DOCUMENT_ROOT $document_root; +scgi_param SCGI 1; +scgi_param SERVER_PROTOCOL $server_protocol; +scgi_param REQUEST_SCHEME $scheme; +scgi_param HTTPS $https if_not_empty; + +scgi_param REMOTE_ADDR $remote_addr; +scgi_param REMOTE_PORT $remote_port; +scgi_param SERVER_PORT $server_port; +scgi_param SERVER_NAME $server_name; diff --git a/docker/nginx/conf.c/scgi_params.default b/docker/nginx/conf.c/scgi_params.default new file mode 100644 index 000000000..6d4ce4f3e --- /dev/null +++ b/docker/nginx/conf.c/scgi_params.default @@ -0,0 +1,17 @@ + +scgi_param REQUEST_METHOD $request_method; +scgi_param REQUEST_URI $request_uri; +scgi_param QUERY_STRING $query_string; +scgi_param CONTENT_TYPE $content_type; + +scgi_param DOCUMENT_URI $document_uri; +scgi_param DOCUMENT_ROOT $document_root; +scgi_param SCGI 1; +scgi_param SERVER_PROTOCOL $server_protocol; +scgi_param REQUEST_SCHEME $scheme; +scgi_param HTTPS $https if_not_empty; + +scgi_param REMOTE_ADDR $remote_addr; +scgi_param REMOTE_PORT $remote_port; +scgi_param SERVER_PORT $server_port; +scgi_param SERVER_NAME $server_name; diff --git a/docker/nginx/conf.c/uwsgi_params b/docker/nginx/conf.c/uwsgi_params new file mode 100644 index 000000000..09c732cd6 --- /dev/null +++ b/docker/nginx/conf.c/uwsgi_params @@ -0,0 +1,17 @@ + +uwsgi_param QUERY_STRING $query_string; +uwsgi_param REQUEST_METHOD $request_method; +uwsgi_param CONTENT_TYPE $content_type; +uwsgi_param CONTENT_LENGTH $content_length; + +uwsgi_param REQUEST_URI $request_uri; +uwsgi_param PATH_INFO $document_uri; +uwsgi_param DOCUMENT_ROOT $document_root; +uwsgi_param SERVER_PROTOCOL $server_protocol; +uwsgi_param REQUEST_SCHEME $scheme; +uwsgi_param HTTPS $https if_not_empty; + +uwsgi_param REMOTE_ADDR $remote_addr; +uwsgi_param REMOTE_PORT $remote_port; +uwsgi_param SERVER_PORT $server_port; +uwsgi_param SERVER_NAME $server_name; diff --git a/docker/nginx/conf.c/uwsgi_params.default b/docker/nginx/conf.c/uwsgi_params.default new file mode 100644 index 000000000..09c732cd6 --- /dev/null +++ b/docker/nginx/conf.c/uwsgi_params.default @@ -0,0 +1,17 @@ + +uwsgi_param QUERY_STRING $query_string; +uwsgi_param REQUEST_METHOD $request_method; +uwsgi_param CONTENT_TYPE $content_type; +uwsgi_param CONTENT_LENGTH $content_length; + +uwsgi_param REQUEST_URI $request_uri; +uwsgi_param PATH_INFO $document_uri; +uwsgi_param DOCUMENT_ROOT $document_root; +uwsgi_param SERVER_PROTOCOL $server_protocol; +uwsgi_param REQUEST_SCHEME $scheme; +uwsgi_param HTTPS $https if_not_empty; + +uwsgi_param REMOTE_ADDR $remote_addr; +uwsgi_param REMOTE_PORT $remote_port; +uwsgi_param SERVER_PORT $server_port; +uwsgi_param SERVER_NAME $server_name; diff --git a/docker/nginx/conf.c/win-utf b/docker/nginx/conf.c/win-utf new file mode 100644 index 000000000..ed8bc007a --- /dev/null +++ b/docker/nginx/conf.c/win-utf @@ -0,0 +1,126 @@ + +# This map is not a full windows-1251 <> utf8 map: it does not +# contain Serbian and Macedonian letters. If you need a full map, +# use contrib/unicode2nginx/win-utf map instead. + +charset_map windows-1251 utf-8 { + + 82 E2809A ; # single low-9 quotation mark + + 84 E2809E ; # double low-9 quotation mark + 85 E280A6 ; # ellipsis + 86 E280A0 ; # dagger + 87 E280A1 ; # double dagger + 88 E282AC ; # euro + 89 E280B0 ; # per mille + + 91 E28098 ; # left single quotation mark + 92 E28099 ; # right single quotation mark + 93 E2809C ; # left double quotation mark + 94 E2809D ; # right double quotation mark + 95 E280A2 ; # bullet + 96 E28093 ; # en dash + 97 E28094 ; # em dash + + 99 E284A2 ; # trade mark sign + + A0 C2A0 ; #   + A1 D18E ; # capital Byelorussian short U + A2 D19E ; # small Byelorussian short u + + A4 C2A4 ; # currency sign + A5 D290 ; # capital Ukrainian soft G + A6 C2A6 ; # borken bar + A7 C2A7 ; # section sign + A8 D081 ; # capital YO + A9 C2A9 ; # (C) + AA D084 ; # capital Ukrainian YE + AB C2AB ; # left-pointing double angle quotation mark + AC C2AC ; # not sign + AD C2AD ; # soft hypen + AE C2AE ; # (R) + AF D087 ; # capital Ukrainian YI + + B0 C2B0 ; # ° + B1 C2B1 ; # plus-minus sign + B2 D086 ; # capital Ukrainian I + B3 D196 ; # small Ukrainian i + B4 D291 ; # small Ukrainian soft g + B5 C2B5 ; # micro sign + B6 C2B6 ; # pilcrow sign + B7 C2B7 ; # · + B8 D191 ; # small yo + B9 E28496 ; # numero sign + BA D194 ; # small Ukrainian ye + BB C2BB ; # right-pointing double angle quotation mark + + BF D197 ; # small Ukrainian yi + + C0 D090 ; # capital A + C1 D091 ; # capital B + C2 D092 ; # capital V + C3 D093 ; # capital G + C4 D094 ; # capital D + C5 D095 ; # capital YE + C6 D096 ; # capital ZH + C7 D097 ; # capital Z + C8 D098 ; # capital I + C9 D099 ; # capital J + CA D09A ; # capital K + CB D09B ; # capital L + CC D09C ; # capital M + CD D09D ; # capital N + CE D09E ; # capital O + CF D09F ; # capital P + + D0 D0A0 ; # capital R + D1 D0A1 ; # capital S + D2 D0A2 ; # capital T + D3 D0A3 ; # capital U + D4 D0A4 ; # capital F + D5 D0A5 ; # capital KH + D6 D0A6 ; # capital TS + D7 D0A7 ; # capital CH + D8 D0A8 ; # capital SH + D9 D0A9 ; # capital SHCH + DA D0AA ; # capital hard sign + DB D0AB ; # capital Y + DC D0AC ; # capital soft sign + DD D0AD ; # capital E + DE D0AE ; # capital YU + DF D0AF ; # capital YA + + E0 D0B0 ; # small a + E1 D0B1 ; # small b + E2 D0B2 ; # small v + E3 D0B3 ; # small g + E4 D0B4 ; # small d + E5 D0B5 ; # small ye + E6 D0B6 ; # small zh + E7 D0B7 ; # small z + E8 D0B8 ; # small i + E9 D0B9 ; # small j + EA D0BA ; # small k + EB D0BB ; # small l + EC D0BC ; # small m + ED D0BD ; # small n + EE D0BE ; # small o + EF D0BF ; # small p + + F0 D180 ; # small r + F1 D181 ; # small s + F2 D182 ; # small t + F3 D183 ; # small u + F4 D184 ; # small f + F5 D185 ; # small kh + F6 D186 ; # small ts + F7 D187 ; # small ch + F8 D188 ; # small sh + F9 D189 ; # small shch + FA D18A ; # small hard sign + FB D18B ; # small y + FC D18C ; # small soft sign + FD D18D ; # small e + FE D18E ; # small yu + FF D18F ; # small ya +} diff --git a/docker/nginx/default.conf b/docker/nginx/default.conf new file mode 100644 index 000000000..9ffece423 --- /dev/null +++ b/docker/nginx/default.conf @@ -0,0 +1,41 @@ +#include luawaf.conf; # 可选Lua防火墙配置(当前被注释) +include conf.c/proxy.conf; # 引入反向代理或公共设置 + +# server_names_hash_bucket_size 512; # server_name哈希桶大小(影响域名匹配性能) +# client_header_buffer_size 32k; # 单个请求头的缓冲区大小 +# large_client_header_buffers 4 32k; # 用于大请求头的缓冲区数量与大小 +# client_max_body_size 50m; # 客户端请求体最大尺寸(上传限制) + +# sendfile on; # 启用高效文件传输sendfile +# tcp_nopush on; # 优化TCP以减少分片(与sendfile配合) + +# keepalive_timeout 60; # keep-alive连接超时时间(秒) + +# tcp_nodelay on; # 关闭Nagle算法以减少小包延迟 + +# fastcgi_connect_timeout 300; # FastCGI连接超时(秒) +# fastcgi_send_timeout 300; # 发送给FastCGI的超时(秒) +# fastcgi_read_timeout 300; # 从FastCGI读取响应的超时(秒) +# fastcgi_buffer_size 64k; # FastCGI响应头缓冲区大小 +# fastcgi_buffers 4 64k; # FastCGI响应的缓冲区数量和单个大小 +# fastcgi_busy_buffers_size 128k; # FastCGI忙时缓冲区总大小(避免磁盘写入) +# fastcgi_temp_file_write_size 256k; # 写入临时文件前允许的阈值大小 +# fastcgi_intercept_errors on; # 由nginx处理后端返回的错误页面 + +# gzip on; # 启用gzip压缩响应 +# gzip_min_length 1k; # 小于该长度的响应不做压缩 +# gzip_buffers 4 16k; # gzip压缩时使用的缓冲区数量与大小 +# gzip_http_version 1.1; # 最低支持的HTTP版本以启用gzip +# gzip_comp_level 2; # gzip压缩级别(1-9,数值越大CPU越高) +# gzip_types text/plain application/javascript application/x-javascript text/javascript text/css application/xml; # 要压缩的内容类型 +# gzip_vary on; # 添加Vary: Accept-Encoding头以支持缓存代理 +# gzip_proxied expired no-cache no-store private auth; # 在代理情况下是否对响应进行gzip +# gzip_disable "MSIE [1-6]\."; # 对老旧IE浏览器禁用gzip + +# limit_conn_zone $binary_remote_addr zone=perip:10m; # 基于客户端IP的连接数限制共享内存区 +# limit_conn_zone $server_name zone=perserver:10m; # 基于server_name(虚拟主机)的连接数限制共享内存区 + +# server_tokens off; # 禁止在响应和错误页中显示nginx版本 +# access_log off; # 关闭访问日志(可根据需求启用) + +include sites-enabled/*.conf; # 引入启用的站点(虚拟主机)配置 \ No newline at end of file diff --git a/docker/nginx/ref/nginx.conf b/docker/nginx/ref/nginx.conf new file mode 100644 index 000000000..0e900aa55 --- /dev/null +++ b/docker/nginx/ref/nginx.conf @@ -0,0 +1,75 @@ +# /etc/nginx/nginx.conf​​ +# Nginx 的主配置文件(通常是 /etc/nginx/nginx.conf)变更的修改 + +############################################ +# user nginx; +# worker_processes auto; + +# events { +# worker_connections 1024; +# } + +# http { +# include /etc/nginx/conf.d/*.conf; # 加载其他配置 +# } +############################################# + + +user www www; # 运行nginx的用户和组 +worker_processes auto; # 自动设置工作进程数量(建议等于CPU核数) +error_log /www/wwwlogs/nginx_error.log crit; # 错误日志路径及最低记录级别 +pid /tmp/nginx.pid; # 主进程PID文件位置 +worker_rlimit_nofile 51200; # 提高工作进程可打开的最大文件描述符数 + +events { # 事件模块开始 + use epoll; # 指定事件驱动模型(Linux上推荐epoll) + worker_connections 51200; # 每个工作进程允许的最大连接数 + multi_accept on; # 允许一次接收多个新连接 +} # 事件模块结束 + +http { # HTTP 主配置块开始 + include mime.types; # 引入MIME类型映射文件 + #include luawaf.conf; # 可选Lua防火墙配置(当前被注释) + include conf.c/proxy.conf; # 引入反向代理或公共设置 + + default_type application/octet-stream; # 默认MIME类型 + + server_names_hash_bucket_size 512; # server_name哈希桶大小(影响域名匹配性能) + client_header_buffer_size 32k; # 单个请求头的缓冲区大小 + large_client_header_buffers 4 32k; # 用于大请求头的缓冲区数量与大小 + client_max_body_size 50m; # 客户端请求体最大尺寸(上传限制) + + sendfile on; # 启用高效文件传输sendfile + tcp_nopush on; # 优化TCP以减少分片(与sendfile配合) + + keepalive_timeout 60; # keep-alive连接超时时间(秒) + + tcp_nodelay on; # 关闭Nagle算法以减少小包延迟 + + fastcgi_connect_timeout 300; # FastCGI连接超时(秒) + fastcgi_send_timeout 300; # 发送给FastCGI的超时(秒) + fastcgi_read_timeout 300; # 从FastCGI读取响应的超时(秒) + fastcgi_buffer_size 64k; # FastCGI响应头缓冲区大小 + fastcgi_buffers 4 64k; # FastCGI响应的缓冲区数量和单个大小 + fastcgi_busy_buffers_size 128k; # FastCGI忙时缓冲区总大小(避免磁盘写入) + fastcgi_temp_file_write_size 256k; # 写入临时文件前允许的阈值大小 + fastcgi_intercept_errors on; # 由nginx处理后端返回的错误页面 + + gzip on; # 启用gzip压缩响应 + gzip_min_length 1k; # 小于该长度的响应不做压缩 + gzip_buffers 4 16k; # gzip压缩时使用的缓冲区数量与大小 + gzip_http_version 1.1; # 最低支持的HTTP版本以启用gzip + gzip_comp_level 2; # gzip压缩级别(1-9,数值越大CPU越高) + gzip_types text/plain application/javascript application/x-javascript text/javascript text/css application/xml; # 要压缩的内容类型 + gzip_vary on; # 添加Vary: Accept-Encoding头以支持缓存代理 + gzip_proxied expired no-cache no-store private auth; # 在代理情况下是否对响应进行gzip + gzip_disable "MSIE [1-6]\."; # 对老旧IE浏览器禁用gzip + + limit_conn_zone $binary_remote_addr zone=perip:10m; # 基于客户端IP的连接数限制共享内存区 + limit_conn_zone $server_name zone=perserver:10m; # 基于server_name(虚拟主机)的连接数限制共享内存区 + + server_tokens off; # 禁止在响应和错误页中显示nginx版本 + access_log off; # 关闭访问日志(可根据需求启用) + + include sites-enabled/*.conf; # 引入启用的站点(虚拟主机)配置 +} # HTTP 主配置块结束 diff --git a/docker/nginx/ref/xcx30.5g-quickapp.conf b/docker/nginx/ref/xcx30.5g-quickapp.conf new file mode 100644 index 000000000..6fd8d4837 --- /dev/null +++ b/docker/nginx/ref/xcx30.5g-quickapp.conf @@ -0,0 +1,68 @@ +server +{ + listen 80; + listen 443 ssl http2 ; + server_name xcx30.5g-quickapp.com; + index index.php index.html index.htm default.php default.htm default.html; + root /www/myweb/newshop; + + #SSL-START SSL相关配置,请勿删除或修改下一行带注释的404规则 + #error_page 404/404.html; + ssl_certificate /www/server/panel/vhost/cert/xcx30.5g-quickapp.com/fullchain.pem; + ssl_certificate_key /www/server/panel/vhost/cert/xcx30.5g-quickapp.com/privkey.pem; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5; + ssl_prefer_server_ciphers on; + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 10m; + add_header Strict-Transport-Security "max-age=31536000"; + error_page 497 https://$host$request_uri; + + #SSL-END + + #ERROR-PAGE-START 错误页配置,可以注释、删除或修改 + #error_page 404 /404.html; + #error_page 502 /502.html; + #ERROR-PAGE-END + + #PHP-INFO-START PHP引用配置,可以注释或修改 + include enable-php-74.conf; + #PHP-INFO-END + + #REWRITE-START URL重写规则引用,修改后将导致面板设置的伪静态规则失效 + # include /www/server/panel/vhost/rewrite/xcx30.5g-quickapp.com.conf; # 等于下面的内容 + location / { + if (!-e $request_filename) { + rewrite ^(.*)$ /index.php/$1 last; + break; + } + } + #REWRITE-END + + #禁止访问的文件或目录 + location ~ ^/(\.user.ini|\.htaccess|\.git|\.svn|\.project|LICENSE|README.md) + { + return 404; + } + + #一键申请SSL证书验证目录相关设置 + location ~ \.well-known{ + allow all; + } + + location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ + { + expires 30d; + error_log /dev/null; + access_log /dev/null; + } + + location ~ .*\.(js|css)?$ + { + expires 12h; + error_log /dev/null; + access_log /dev/null; + } + access_log /www/wwwlogs/xcx30.5g-quickapp.com.log; + error_log /www/wwwlogs/xcx30.5g-quickapp.com.error.log; +} \ No newline at end of file diff --git a/docker/nginx/sites-enabled/app.conf b/docker/nginx/sites-enabled/app.conf new file mode 100644 index 000000000..bdf3882ec --- /dev/null +++ b/docker/nginx/sites-enabled/app.conf @@ -0,0 +1,66 @@ + + server { + listen 80; + # listen 443 ssl http2; # Enable HTTP/2 + + server_name localhost; + root /var/www/html; + index index.php index.html index.htm default.php default.htm default.html; + + # --- SSL configuration start --- + # ssl_certificate /etc/nginx/ssl/nginx.crt; + # ssl_certificate_key /etc/nginx/ssl/nginx.key; + # ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + # ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5; + # ssl_prefer_server_ciphers on; + # ssl_session_cache shared:SSL:10m; + # ssl_session_timeout 10m; + # add_header Strict-Transport-Security "max-age=31536000"; + # error_page 497 https://$host$request_uri; + # add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + # --- SSL configuration end --- + + #PHP-INFO-START PHP引用配置,可以注释或修改 + include conf.c/enable-php-74.conf; + #PHP-INFO-END + + # --- REWRITE-START --- URL重写规则引用,修改后将导致面板设置的伪静态规则失效 + # include /www/server/panel/vhost/rewrite/xcx30.5g-quickapp.com.conf; # 等于下面的内容 + location / { + if (!-e $request_filename) { + rewrite ^(.*)$ /index.php/$1 last; + break; + } + } + # --- REWRITE-END --- + + #禁止访问的文件或目录 + location ~ ^/(\.user.ini|\.htaccess|\.git|\.svn|\.project|LICENSE|README.md) + { + return 404; + } + + location ~* \.(png|jpg|jpeg|gif|svg|ico|woff|woff2)$ { + expires 30d; + error_log /dev/null; + access_log /dev/null; + } + + location ~ .*\.(js|css)?$ + { + expires 12h; + error_log /dev/null; + access_log /dev/null; + } + + location ~ /\. + { + deny all; + } + + # 日志配置 + access_log /var/log/nginx/thinkphp_access.log; + error_log /var/log/nginx/thinkphp_error.log; + } + + diff --git a/docker/nginx/sources.list b/docker/nginx/sources.list new file mode 100644 index 000000000..3113063f7 --- /dev/null +++ b/docker/nginx/sources.list @@ -0,0 +1,6 @@ +# deb http://snapshot.debian.org/archive/debian/20221114T000000Z bullseye main +deb https://mirrors.aliyun.com/debian/ bullseye main +# deb http://snapshot.debian.org/archive/debian-security/20221114T000000Z bullseye-security main +deb https://mirrors.aliyun.com/debian-security/ bullseye-security main +# deb http://snapshot.debian.org/archive/debian/20221114T000000Z bullseye-updates main +deb https://mirrors.aliyun.com/debian/ bullseye-updates main \ No newline at end of file diff --git a/docker/php/.env b/docker/php/.env new file mode 100644 index 000000000..102d1c793 --- /dev/null +++ b/docker/php/.env @@ -0,0 +1,5 @@ +MYSQL_ROOT_PASSWORD=rootpassword +# 可选:你也可以在这里定义 MYSQL_DATABASE / MYSQL_USER / MYSQL_PASSWORD +MYSQL_DATABASE=shop_mallnew +MYSQL_USER=shop_mallnew +MYSQL_PASSWORD=shop_mallnew \ No newline at end of file diff --git a/docker/php/CacheDev-Dockerfile b/docker/php/CacheDev-Dockerfile new file mode 100644 index 000000000..080af3b36 --- /dev/null +++ b/docker/php/CacheDev-Dockerfile @@ -0,0 +1,19 @@ +# 使用官方PHP镜像 +FROM php:7.4.33-fpm-dev-cache + +# 设置工作目录 +WORKDIR /var/www/html + +# # 创建非 root 用户 +# RUN useradd -m -u 1000 phpuser && chown -R phpuser:phpuser /var/www/html + +# 设置权限, 防止 runtime 目录无法写入的问题 +# RUN chmod -R 755 /var/www/html +RUN chmod -R 777 /var/www/html/runtime + +# USER phpuser + +# 暴露端口 +EXPOSE 9000 + +CMD ["php-fpm"] \ No newline at end of file diff --git a/docker/php/Dockerfile b/docker/php/Dockerfile new file mode 100644 index 000000000..2e3427617 --- /dev/null +++ b/docker/php/Dockerfile @@ -0,0 +1,65 @@ +# 使用官方PHP镜像 +FROM php:7.4.33-fpm + +# 拷贝本地的 sources.list 文件以加速 apt-get +COPY ./sources.list /etc/apt/sources.list + +# 安装系统依赖 +RUN apt-get update && apt-get install -y \ + git \ + vim \ + curl \ + libpng-dev \ + libonig-dev \ + libxml2-dev \ + libssl-dev \ + zip \ + unzip \ + libzip-dev \ + default-mysql-client \ + libfreetype6-dev \ + libjpeg62-turbo-dev \ + libpng-dev \ + && rm -rf /var/lib/apt/lists/* + +# 安装 PHP 扩展 +RUN docker-php-ext-configure gd --with-freetype --with-jpeg \ + && docker-php-ext-install \ + pdo_mysql \ + mbstring \ + exif \ + pcntl \ + bcmath \ + gd \ + zip \ + sockets + +# 安装 Redis 扩展 +RUN pecl install redis-5.3.7 && docker-php-ext-enable redis + +# 安装Composer +COPY --from=composer:latest /usr/bin/composer /usr/bin/composer + +# 验证安装 +RUN composer --version + +# 设置工作目录 +WORKDIR /var/www/html + +# # 使用Composer安装项目依赖(可选,根据需要启用, 更多的时候,会出错,要在容器中执行操作) +# RUN composer config -g repo.packagist composer https://mirrors.aliyun.com/composer/ +# RUN composer install --no-dev --optimize-autoloader --working-dir=/var/www/html + +# # 创建非 root 用户 +# RUN useradd -m -u 1000 phpuser && chown -R phpuser:phpuser /var/www/html + +# 设置权限, 防止 runtime 目录无法写入的问题 +# RUN chmod -R 755 /var/www/html +RUN chmod -R 777 /var/www/html/runtime + +# USER phpuser + +# 暴露端口 +EXPOSE 9000 + +CMD ["php-fpm"] \ No newline at end of file diff --git a/docker/php/php.ini b/docker/php/php.ini new file mode 100644 index 000000000..55bf68758 --- /dev/null +++ b/docker/php/php.ini @@ -0,0 +1,6 @@ +display_errors = On +error_reporting = E_ALL +memory_limit = 512M +upload_max_filesize = 50M +post_max_size = 50M +opcache.enable=0 # 开发环境关闭opcache \ No newline at end of file diff --git a/docker/php/sources.list b/docker/php/sources.list new file mode 100644 index 000000000..3113063f7 --- /dev/null +++ b/docker/php/sources.list @@ -0,0 +1,6 @@ +# deb http://snapshot.debian.org/archive/debian/20221114T000000Z bullseye main +deb https://mirrors.aliyun.com/debian/ bullseye main +# deb http://snapshot.debian.org/archive/debian-security/20221114T000000Z bullseye-security main +deb https://mirrors.aliyun.com/debian-security/ bullseye-security main +# deb http://snapshot.debian.org/archive/debian/20221114T000000Z bullseye-updates main +deb https://mirrors.aliyun.com/debian/ bullseye-updates main \ No newline at end of file diff --git a/docker/php/xdebug.ini b/docker/php/xdebug.ini new file mode 100644 index 000000000..b6641d425 --- /dev/null +++ b/docker/php/xdebug.ini @@ -0,0 +1,7 @@ +[xdebug] +xdebug.mode=develop,debug +xdebug.start_with_request=yes +xdebug.client_host=host.docker.internal +xdebug.client_port=9003 +xdebug.idekey=PHPSTORM +xdebug.log=/var/log/xdebug.log \ No newline at end of file diff --git a/docker/redis/redis.conf b/docker/redis/redis.conf new file mode 100644 index 000000000..524b3df39 --- /dev/null +++ b/docker/redis/redis.conf @@ -0,0 +1,48 @@ +# Redis 配置文件 + +# 绑定地址(允许所有连接) +bind 0.0.0.0 + +# 端口 +port 6379 + +# 密码认证 +requirepass luckyshop123!@# + +# 持久化设置 +save 900 1 +save 300 10 +save 60 10000 + +# 数据存储目录 +dir /data + +# 日志级别 +loglevel notice + +# 日志文件 +logfile "" + +# 数据库数量 +databases 16 + +# 最大内存限制 +maxmemory 256mb +maxmemory-policy allkeys-lru + +# 连接超时 +timeout 0 + +# TCP keepalive +tcp-keepalive 300 + +# 保护模式(Docker 中关闭) +protected-mode no + +# 后台运行 +daemonize no + +# 客户端输出缓冲区限制 +client-output-buffer-limit normal 0 0 0 +client-output-buffer-limit replica 256mb 64mb 60 +client-output-buffer-limit pubsub 32mb 8mb 60 \ No newline at end of file