public/docker-wallabag
1
0
Fork 0
mirror of https://github.com/wallabag/docker synced 2025-12-13 09:46:27 +00:00
Code Issues Releases Wiki Activity

wip

Browse Source 
Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
This commit is contained in:
Kevin Decherf
2021-03-30 22:14:34 +02:00
parent 13818bd90e
commit 3ee10895d8
21 changed files with 172 additions and 2965 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.gitignore vendored
View File

@@ -1,3 +1,2 @@
.cache
__pycache__/*
*.pyc
/patches/*
!/patches/.keep

144
Dockerfile
View File

@@ -1,73 +1,89 @@
FROM alpine:3.12
FROM php:7.4.14-fpm-alpine
LABEL maintainer "Marvin Steadfast <marvin@xsteadfastx.org>"
ARG BASE=2.4.2
ARG WALLABAG_VERSION=2.4.2
WORKDIR /var/www/html
RUN apk add gnu-libiconv --update-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge/community/ --allow-untrusted
ENV LD_PRELOAD /usr/lib/preloadable_libiconv.so php
ENV SYMFONY_ENV=prod
RUN set -ex \
&& apk update \
&& apk upgrade --available \
&& apk add \
ansible \
curl \
git \
libwebp \
mariadb-client \
nginx \
pcre \
php7 \
php7-amqp \
php7-bcmath \
php7-ctype \
php7-curl \
php7-dom \
php7-fpm \
php7-gd \
php7-gettext \
php7-iconv \
php7-json \
php7-mbstring \
php7-openssl \
php7-pdo_mysql \
php7-pdo_pgsql \
php7-pdo_sqlite \
php7-phar \
php7-session \
php7-simplexml \
php7-tokenizer \
php7-xml \
php7-zlib \
php7-sockets \
php7-xmlreader \
php7-tidy \
php7-intl \
py3-mysqlclient \
py3-psycopg2 \
py-simplejson \
rabbitmq-c \
s6 \
tar \
tzdata \
make \
bash \
&& rm -rf /var/cache/apk/* \
&& ln -sf /dev/stdout /var/log/nginx/access.log \
&& ln -sf /dev/stderr /var/log/nginx/error.log \
&& curl -s https://getcomposer.org/installer | php \
&& mv composer.phar /usr/local/bin/composer \
&& composer selfupdate --1 \
&& git clone --branch $WALLABAG_VERSION --depth 1 https://github.com/wallabag/wallabag.git /var/www/wallabag
RUN set -ex; \
\
apk add --no-cache --virtual .run-deps \
gnu-libiconv=1.15-r3 \
imagemagick6-libs \
tzdata \
; \
apk add --no-cache --virtual .build-deps \
$PHPIZE_DEPS \
freetype-dev \
gettext-dev \
icu-dev \
imagemagick6-dev \
libjpeg-turbo-dev \
libpng-dev \
libxml2-dev \
libzip-dev \
oniguruma-dev \
postgresql-dev \
sqlite-dev \
tidyhtml-dev \
; \
docker-php-ext-configure gd --with-freetype --with-jpeg; \
docker-php-ext-install -j "$(nproc)" \
bcmath \
gd \
gettext \
iconv \
intl \
mbstring \
opcache \
pdo \
pdo_mysql \
pdo_pgsql \
pdo_sqlite \
sockets \
tidy \
zip \
; \
pecl install redis; \
pecl install imagick; \
docker-php-ext-enable \
redis \
imagick \
; \
runDeps="$( \
scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/lib/php/extensions \
| tr ',' '\n' \
| sort -u \
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
)"; \
apk add --virtual .wallabag-phpext-rundeps $runDeps; \
apk del .build-deps \
; \
apk add --virtual .composer-runtime-deps git patch; \
curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin/ --filename=composer; \
rm -rf /usr/src/* /tmp/pear/*
COPY root /
RUN wget -O /usr/local/bin/envsubst https://github.com/a8m/envsubst/releases/download/v1.1.0/envsubst-`uname -s`-`uname -m`; \
chmod +x /usr/local/bin/envsubst
RUN set -ex \
&& cd /var/www/wallabag \
&& SYMFONY_ENV=prod composer install --no-dev -o --prefer-dist --no-progress \
&& chown -R nobody:nobody /var/www/wallabag
RUN wget -O /tmp/wallabag.tar.gz https://github.com/wallabag/wallabag/archive/$BASE.tar.gz; \
mkdir /tmp/extract; \
tar xf /tmp/wallabag.tar.gz -C /tmp/extract; \
rmdir /var/www/html; \
mv /tmp/extract/wallabag-*/ /var/www/html; \
cd /var/www/html; \
composer install --no-dev --no-interaction -o --prefer-dist; \
chown -R www-data: /var/www/html; \
rm -rf /tmp/wallabag.tar.gz /tmp/extract /root/.composer /var/www/html/var/cache/prod;
COPY entrypoint.sh /entrypoint.sh
COPY config/ /opt/wallabag/config/
COPY patches/ /opt/wallabag/patches/
COPY apply-patches.sh /opt/wallabag/apply-patches.sh
RUN set -ex; \
/opt/wallabag/apply-patches.sh
EXPOSE 80
ENTRYPOINT ["/entrypoint.sh"]
CMD ["wallabag"]
CMD ["php-fpm"]

5
apply-patches.sh Executable file
View File

@@ -0,0 +1,5 @@
#!/bin/sh
for i in $(find /opt/wallabag/patches/ -type f -name "*.patch" | sort); do
(cd /var/www/html ; echo "Applying ${i}" ; patch -p1 < ${i})
done

62
config/parameters.yml Normal file
View File

@@ -0,0 +1,62 @@
parameters:
database_driver: ${SYMFONY__ENV__DATABASE_DRIVER:-pdo_sqlite}
database_driver_class: ${SYMFONY__ENV__DATABASE_DRIVER_CLASS:-~}
database_host: ${SYMFONY__ENV__DATABASE_HOST:-127.0.0.1}
database_port: ${SYMFONY__ENV__DATABASE_PORT:-~}
database_name: ${SYMFONY__ENV__DATABASE_NAME:-symfony}
database_user: ${SYMFONY__ENV__DATABASE_USER:-root}
database_password: ${SYMFONY__ENV__DATABASE_PASSWORD:-~}
database_path: "%kernel.root_dir%/../data/db/wallabag.sqlite"
database_table_prefix: wallabag_
database_socket: null
database_charset: ${SYMFONY__ENV__DATABASE_CHARSET:-utf8}
domain_name: ${SYMFONY__ENV__DOMAIN_NAME:-https://your-wallabag-url-instance.com}
server_name: ${SYMFONY__ENV__SERVER_NAME:-"Your wallabag instance"}
mailer_transport: ${SYMFONY__ENV__MAILER_TRANSPORT:-smtp}
mailer_user: ${SYMFONY__ENV__MAILER_USER:-~}
mailer_password: ${SYMFONY__ENV__MAILER_PASSWORD:-~}
mailer_host: ${SYMFONY__ENV__MAILER_HOST:-127.0.0.1}
mailer_port: ${SYMFONY__ENV__MAILER_PORT:-25}
mailer_encryption: ${SYMFONY__ENV__MAILER_ENCRYPTION:-~}
mailer_auth_mode: ${SYMFONY__ENV__MAILER_AUTH_MODE:-~}
locale: ${SYMFONY__ENV__LOCALE:-en}
# A secret key that's used to generate certain security-related tokens
secret: ${SYMFONY__ENV__SECRET:-~}
# two factor stuff
twofactor_auth: ${SYMFONY__ENV__TWOFACTOR_AUTH:-true}
twofactor_sender: ${SYMFONY__ENV__TWOFACTOR_SENDER:-no-reply@wallabag.org}
# fosuser stuff
fosuser_registration: ${SYMFONY__ENV__FOSUSER_REGISTRATION:-true}
fosuser_confirmation: ${SYMFONY__ENV__FOSUSER_CONFIRMATION:-true}
fos_oauth_server_access_token_lifetime: 3600
fos_oauth_server_refresh_token_lifetime: 1209600
from_email: ${SYMFONY__ENV__FROM_EMAIL:-wallabag@example.com}
rss_limit: 50
# RabbitMQ processing
rabbitmq_host: localhost
rabbitmq_port: 5672
rabbitmq_user: guest
rabbitmq_password: guest
rabbitmq_prefetch_count: 10
# Redis processing
redis_scheme: ${SYMFONY__ENV__REDIS_SCHEME:-tcp}
redis_host: ${SYMFONY__ENV__REDIS_HOST:-redis}
redis_port: ${SYMFONY__ENV__REDIS_PORT:-6379}
redis_path: ${SYMFONY__ENV__REDIS_PATH:-~}
redis_password: ${SYMFONY__ENV__REDIS_PASSWORD:-~}
# Sentry
sentry_dsn: ${SYMFONY__ENV__SENTRY_DSN:-~}
session_handler: ${SESSION_HANDLER:-session.handler.native_file}

17
config/wallabag-php.ini Normal file
View File

@@ -0,0 +1,17 @@
memory_limit = ${PHP_MEMORY_LIMIT:-512M}
max_execution_time = ${PHP_MAX_EXECUTION_TIME:-60}
date.time = ${PHP_TIMEZONE:-Europe/Paris}
display_errors = off
session.save_handler = redis
session.save_path = "tcp://${PHP_SESSION_REDIS_HOST}:6379?database=2"
opcache.enable=1
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1

6
entrypoint.sh Executable file
View File

@@ -0,0 +1,6 @@
#!/bin/sh
envsubst < /opt/wallabag/config/wallabag-php.ini > /usr/local/etc/php/conf.d/wallabag-php.ini
envsubst < /opt/wallabag/config/parameters.yml > /var/www/html/app/config/parameters.yml
exec "$@"

0
patches/.keep Normal file
View File

28
root/entrypoint.sh
View File

@@ -1,28 +0,0 @@
#!/bin/sh
provisioner () {
echo "Starting provisioner..."
if ! out=`ansible-playbook -i /etc/ansible/hosts /etc/ansible/entrypoint.yml -c local "$@"`;then
echo $out;
fi
echo "Provisioner finished."
}
if [ "$1" = "wallabag" ];then
provisioner
exec s6-svscan /etc/s6/
fi
if [ "$1" = "import" ];then
provisioner --skip-tags=firstrun
cd /var/www/wallabag/
exec su -c "bin/console wallabag:import:redis-worker --env=prod $2 -vv" -s /bin/sh nobody
fi
if [ "$1" = "migrate" ];then
provisioner
cd /var/www/wallabag/
exec su -c "bin/console doctrine:migrations:migrate --env=prod --no-interaction" -s /bin/sh nobody
fi
exec "$@"

170
root/etc/ansible/entrypoint.yml
View File

@@ -1,170 +0,0 @@
---
- hosts: localhost
remote_user: root
vars:
database_driver: "{{ lookup('env', 'SYMFONY__ENV__DATABASE_DRIVER')|default('pdo_sqlite', true) }}"
database_host: "{{ lookup('env', 'SYMFONY__ENV__DATABASE_HOST')|default('127.0.0.1', true) }}"
database_name: "{{ lookup('env', 'SYMFONY__ENV__DATABASE_NAME')|default('symfony', true) }}"
database_password: "{{ lookup('env', 'SYMFONY__ENV__DATABASE_PASSWORD')|default('~', true) }}"
database_port: "{{ lookup('env', 'SYMFONY__ENV__DATABASE_PORT')|default('~', true) }}"
database_root_password_mariadb: "{{ lookup('env', 'MYSQL_ROOT_PASSWORD') }}"
database_root_user_postgres: "{{ lookup('env', 'POSTGRES_USER') }}"
database_root_password_postgres: "{{ lookup('env', 'POSTGRES_PASSWORD') }}"
database_user: "{{ lookup('env', 'SYMFONY__ENV__DATABASE_USER')|default('root', true) }}"
database_charset: "{{ lookup('env', 'SYMFONY__ENV__DATABASE_CHARSET')|default('utf8', true) }}"
populate_database: "{{ lookup('env', 'POPULATE_DATABASE')|default(True, true) }}"
locale: "{{ lookup('env', 'SYMFONY__ENV__LOCALE')|default('en', true) }}"
secret: "{{ lookup('env', 'SYMFONY__ENV__SECRET')|default('ovmpmAWXRCabNlMgzlzFXDYmCFfzGv', true) }}"
mailer_transport: "{{ lookup('env', 'SYMFONY__ENV__MAILER_TRANSPORT')|default('smtp', true) }}"
mailer_host: "{{ lookup('env', 'SYMFONY__ENV__MAILER_HOST')|default('127.0.0.1', true) }}"
mailer_user: "{{ lookup('env', 'SYMFONY__ENV__MAILER_USER')|default('~', true) }}"
mailer_password: "{{ lookup('env', 'SYMFONY__ENV__MAILER_PASSWORD')|default('~', true) }}"
mailer_port: "{{ lookup('env', 'SYMFONY__ENV__MAILER_PORT')|default('25', true) }}"
mailer_encryption: "{{ lookup('env', 'SYMFONY__ENV__MAILER_ENCRYPTION')|default('~', true) }}"
mailer_auth_mode: "{{ lookup('env', 'SYMFONY__ENV__MAILER_AUTH_MODE')|default('~', true) }}"
from_email: "{{ lookup('env', 'SYMFONY__ENV__FROM_EMAIL')|default('wallabag@example.com', true) }}"
twofactor_auth: "{{ lookup('env', 'SYMFONY__ENV__TWOFACTOR_AUTH')|default('true', true) }}"
twofactor_sender: "{{ lookup('env', 'SYMFONY__ENV__TWOFACTOR_SENDER')|default('no-reply@wallabag.org', true) }}"
registration: "{{ lookup('env', 'SYMFONY__ENV__FOSUSER_REGISTRATION')|default('true', true) }}"
registration_mail_confirmation: "{{ lookup('env', 'SYMFONY__ENV__FOSUSER_CONFIRMATION')|default('true', true) }}"
domain_name: "{{ lookup('env', 'SYMFONY__ENV__DOMAIN_NAME')|default('https://your-wallabag-url-instance.com', true) }}"
redis_scheme: "{{ lookup('env', 'SYMFONY__ENV__REDIS_SCHEME')|default('tcp', true) }}"
redis_host: "{{ lookup('env', 'SYMFONY__ENV__REDIS_HOST')|default('redis', true) }}"
redis_port: "{{ lookup('env', 'SYMFONY__ENV__REDIS_PORT')|default('6379', true) }}"
redis_path: "{{ lookup('env', 'SYMFONY__ENV__REDIS_PATH')|default('~', true) }}"
redis_password: "{{ lookup('env', 'SYMFONY__ENV__REDIS_PASSWORD')|default('~', true) }}"
sentry_dsn: "{{ lookup('env', 'SYMFONY__ENV__SENTRY_DSN')|default('~', true) }}"
server_name: "{{ lookup('env', 'SYMFONY__ENV__SERVER_NAME')|default('Your wallabag instance', true) }}"
tasks:
- name: needed dirs
file:
path={{ item }}
state=directory
with_items:
- /var/www/wallabag/app
- /var/www/wallabag/app/config
- /var/www/wallabag/data
- /var/www/wallabag/data/assets
- /var/www/wallabag/data/db
notify: chown dir
tags:
- firstrun
- name: write parameters.yml
template:
src=templates/parameters.yml.j2
dest=/var/www/wallabag/app/config/parameters.yml
- stat:
path=/var/www/wallabag/data/db/wallabag.sqlite
register: wallabag_sqlite_db
when: database_driver == 'pdo_sqlite'
- name: notify install for sqlite
debug:
msg='notify installation script if sqlite db does not exist'
changed_when: true
notify: run install
when: (database_driver == 'pdo_sqlite') and
(wallabag_sqlite_db.stat.exists == False)
- name: wait for db container
wait_for:
host="{{ database_host }}"
port="{{ database_port }}"
when: (database_driver == 'pdo_mysql') or
(database_driver == 'pdo_pgsql')
- name: add mariadb db
mysql_db:
name="{{ database_name }}"
state=present
login_host="{{ database_host }}"
login_port={{ database_port }}
login_user=root
login_password="{{ database_root_password_mariadb }}"
encoding="utf8mb4"
notify: run install
when: (database_driver == 'pdo_mysql') and
(populate_database == True)
tags:
- firstrun
- name: add mariadb user
mysql_user:
name="{{ database_user }}"
host=%
password="{{ database_password }}"
priv={{ database_name }}.*:ALL
login_host="{{ database_host }}"
login_port={{ database_port }}
login_user=root
login_password="{{ database_root_password_mariadb }}"
state=present
when: (database_driver == 'pdo_mysql') and
(database_user != 'root') and
(populate_database == True)
tags:
- firstrun
- name: postgresql db
postgresql_db:
name="{{ database_name }}"
state=present
login_host="{{ database_host }}"
port={{ database_port }}
login_user="{{ database_root_user_postgres }}"
login_password="{{ database_root_password_postgres }}"
notify: run install
when: (database_driver == 'pdo_pgsql') and
(populate_database == True)
tags:
- firstrun
- name: add postgresql user
postgresql_user:
name="{{ database_user }}"
password="{{ database_password }}"
encrypted=true
db={{ database_name }}
priv=ALL
login_host="{{ database_host }}"
port={{ database_port }}
login_user="{{ database_root_user_postgres }}"
login_password="{{ database_root_password_postgres }}"
state=present
when: (database_driver == 'pdo_pgsql') and
(database_user != 'postgres') and
(populate_database == True)
tags:
- firstrun
- name: remove cache
file:
path=/var/www/wallabag/var/cache
state=absent
- name: run composer
shell: SYMFONY_ENV=prod composer install --no-dev -o --prefer-dist
args:
chdir: /var/www/wallabag
notify: chown dir
handlers:
- name: run install
shell: php bin/console wallabag:install --env=prod -n
args:
chdir: /var/www/wallabag
notify: chown dir
- name: chown dir
file:
path=/var/www/wallabag
recurse=yes
owner=nobody
group=nobody

2
root/etc/ansible/hosts
View File

@@ -1,2 +0,0 @@
[localhost]
localhost

63
root/etc/ansible/templates/parameters.yml.j2
View File

@@ -1,63 +0,0 @@
parameters:
database_driver: {{ database_driver }}
database_host: {{ database_host }}
database_port: {{ database_port }}
database_name: {{ database_name }}
database_user: {{ database_user }}
database_password: {{ database_password }}
database_path: "%kernel.root_dir%/../data/db/wallabag.sqlite"
database_table_prefix: wallabag_
database_socket: null
database_charset: {{ database_charset }}
domain_name: {{ domain_name }}
mailer_transport: {{ mailer_transport }}
mailer_user: {{ mailer_user }}
mailer_password: {{ mailer_password }}
mailer_host: {{ mailer_host }}
mailer_port: {{ mailer_port }}
mailer_encryption: {{ mailer_encryption }}
mailer_auth_mode: {{ mailer_auth_mode }}
locale: {{ locale }}
# A secret key that's used to generate certain security-related tokens
secret: {{ secret }}
# two factor stuff
twofactor_auth: {{ twofactor_auth }}
twofactor_sender: {{ twofactor_sender }}
# fosuser stuff
fosuser_registration: {{ registration }}
fosuser_confirmation: {{ registration_mail_confirmation }}
# how long the access token should live in seconds for the API
fos_oauth_server_access_token_lifetime: 3600
# how long the refresh token should life in seconds for the API
fos_oauth_server_refresh_token_lifetime: 1209600
from_email: {{ from_email }}
rss_limit: 50
# RabbitMQ processing
rabbitmq_host: localhost
rabbitmq_port: 5672
rabbitmq_user: guest
rabbitmq_password: guest
rabbitmq_prefetch_count: 10
# Redis processing
redis_scheme: {{ redis_scheme }}
redis_host: {{ redis_host }}
redis_port: {{ redis_port }}
redis_path: {{ redis_path }}
redis_password: {{ redis_password }}
# sentry logging
sentry_dsn: {{ sentry_dsn }}
# User-friendly name of your instance for 2FA issuer
server_name: {{ server_name }}

25
root/etc/nginx/fastcgi_params
View File

@@ -1,25 +0,0 @@
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REQUEST_SCHEME $scheme;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;

68
root/etc/nginx/nginx.conf
View File

@@ -1,68 +0,0 @@
user nginx;
worker_processes 1;
pid /var/run/nginx.pid;
events {
worker_connections 2048;
multi_accept on;
use epoll;
}
http {
server_tokens off;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 15;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log off;
error_log off;
gzip on;
gzip_disable "msie6";
open_file_cache max=100;
client_max_body_size 100M;
upstream php-upstream {
server 127.0.0.1:9000;
}
server {
listen 80;
server_name _;
root /var/www/wallabag/web;
location / {
# try to serve file directly, fallback to app.php
try_files $uri /app.php$is_args$args;
}
location ~ ^/app\.php(/|$) {
fastcgi_pass php-upstream;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
# When you are using symlinks to link the document root to the
# current version of your application, you should pass the real
# application path instead of the path to the symlink to PHP
# FPM.
# Otherwise, PHP's OPcache may not properly detect changes to
# your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
# for more information).
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
# Prevents URIs that include the front controller. This will 404:
# http://domain.tld/app.php/some-path
# Remove the internal directive to allow URIs like this
internal;
}
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
}
}
daemon off;

537
root/etc/php7/php-fpm.conf
View File

@@ -1,537 +0,0 @@
;;;;;;;;;;;;;;;;;;;;;
; FPM Configuration ;
;;;;;;;;;;;;;;;;;;;;;
; All relative paths in this configuration file are relative to PHP's install
; prefix (/usr). This prefix can be dynamically changed by using the
; '-p' argument from the command line.
; Include one or more files. If glob(3) exists, it is used to include a bunch of
; files from a glob(3) pattern. This directive can be used everywhere in the
; file.
; Relative path can also be used. They will be prefixed by:
; - the global prefix if it's been set (-p argument)
; - /usr otherwise
;include=etc/fpm.d/*.conf
;;;;;;;;;;;;;;;;;;
; Global Options ;
;;;;;;;;;;;;;;;;;;
[global]
; Pid file
; Note: the default prefix is /var
; Default Value: none
;pid = run/php-fpm.pid
; Error log file
; If it's set to "syslog", log is sent to syslogd instead of being written
; in a local file.
; Note: the default prefix is /var
; Default Value: log/php-fpm.log
error_log = /var/log/php-fpm.log
; syslog_facility is used to specify what type of program is logging the
; message. This lets syslogd specify that messages from different facilities
; will be handled differently.
; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON)
; Default Value: daemon
;syslog.facility = daemon
; syslog_ident is prepended to every message. If you have multiple FPM
; instances running on the same server, you can change the default value
; which must suit common needs.
; Default Value: php-fpm
;syslog.ident = php-fpm
; Log level
; Possible Values: alert, error, warning, notice, debug
; Default Value: notice
;log_level = notice
; If this number of child processes exit with SIGSEGV or SIGBUS within the time
; interval set by emergency_restart_interval then FPM will restart. A value
; of '0' means 'Off'.
; Default Value: 0
;emergency_restart_threshold = 0
; Interval of time used by emergency_restart_interval to determine when
; a graceful restart will be initiated. This can be useful to work around
; accidental corruptions in an accelerator's shared memory.
; Available Units: s(econds), m(inutes), h(ours), or d(ays)
; Default Unit: seconds
; Default Value: 0
;emergency_restart_interval = 0
; Time limit for child processes to wait for a reaction on signals from master.
; Available units: s(econds), m(inutes), h(ours), or d(ays)
; Default Unit: seconds
; Default Value: 0
;process_control_timeout = 0
; The maximum number of processes FPM will fork. This has been design to control
; the global number of processes when using dynamic PM within a lot of pools.
; Use it with caution.
; Note: A value of 0 indicates no limit
; Default Value: 0
; process.max = 128
; Specify the nice(2) priority to apply to the master process (only if set)
; The value can vary from -19 (highest priority) to 20 (lower priority)
; Note: - It will only work if the FPM master process is launched as root
; - The pool process will inherit the master process priority
; unless it specified otherwise
; Default Value: no set
; process.priority = -19
; Send FPM to background. Set to 'no' to keep FPM in foreground for debugging.
; Default Value: yes
;daemonize = yes
; Set open file descriptor rlimit for the master process.
; Default Value: system defined value
;rlimit_files = 1024
; Set max core size rlimit for the master process.
; Possible Values: 'unlimited' or an integer greater or equal to 0
; Default Value: system defined value
;rlimit_core = 0
; Specify the event mechanism FPM will use. The following is available:
; - select (any POSIX os)
; - poll (any POSIX os)
; - epoll (linux >= 2.5.44)
; - kqueue (FreeBSD >= 4.1, OpenBSD >= 2.9, NetBSD >= 2.0)
; - /dev/poll (Solaris >= 7)
; - port (Solaris >= 10)
; Default Value: not set (auto detection)
;events.mechanism = epoll
; When FPM is build with systemd integration, specify the interval,
; in second, between health report notification to systemd.
; Set to 0 to disable.
; Available Units: s(econds), m(inutes), h(ours)
; Default Unit: seconds
; Default value: 10
;systemd_interval = 10
;;;;;;;;;;;;;;;;;;;;
; Pool Definitions ;
;;;;;;;;;;;;;;;;;;;;
; Multiple pools of child processes may be started with different listening
; ports and different management options. The name of the pool will be
; used in logs and stats. There is no limitation on the number of pools which
; FPM can handle. Your system will tell you anyway :)
; Start a new pool named 'www'.
; the variable $pool can we used in any directive and will be replaced by the
; pool name ('www' here)
[www]
; Per pool prefix
; It only applies on the following directives:
; - 'access.log'
; - 'slowlog'
; - 'listen' (unixsocket)
; - 'chroot'
; - 'chdir'
; - 'php_values'
; - 'php_admin_values'
; When not set, the global prefix (or /usr) applies instead.
; Note: This directive can also be relative to the global prefix.
; Default Value: none
;prefix = /path/to/pools/$pool
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
user = nobody
group = nobody
; The address on which to accept FastCGI requests.
; Valid syntaxes are:
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
; a specific port;
; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
; a specific port;
; 'port' - to listen on a TCP socket to all IPv4 addresses on a
; specific port;
; '[::]:port' - to listen on a TCP socket to all addresses
; (IPv6 and IPv4-mapped) on a specific port;
; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = 127.0.0.1:9000
; Set listen(2) backlog.
; Default Value: 65535 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 65535
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0660
;listen.owner = nobody
;listen.group = nobody
;listen.mode = 0660
; When POSIX Access Control Lists are supported you can set them using
; these options, value is a comma separated list of user/group names.
; When set, listen.owner and listen.group are ignored
;listen.acl_users =
;listen.acl_groups =
; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
; must be separated by a comma. If this value is left blank, connections will be
; accepted from any ip address.
; Default Value: any
;listen.allowed_clients = 127.0.0.1
; Specify the nice(2) priority to apply to the pool processes (only if set)
; The value can vary from -19 (highest priority) to 20 (lower priority)
; Note: - It will only work if the FPM master process is launched as root
; - The pool processes will inherit the master process priority
; unless it specified otherwise
; Default Value: no set
; process.priority = -19
; Choose how the process manager will control the number of child processes.
; Possible Values:
; static - a fixed number (pm.max_children) of child processes;
; dynamic - the number of child processes are set dynamically based on the
; following directives. With this process management, there will be
; always at least 1 children.
; pm.max_children - the maximum number of children that can
; be alive at the same time.
; pm.start_servers - the number of children created on startup.
; pm.min_spare_servers - the minimum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is less than this
; number then some children will be created.
; pm.max_spare_servers - the maximum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is greater than this
; number then some children will be killed.
; ondemand - no children are created at startup. Children will be forked when
; new requests will connect. The following parameter are used:
; pm.max_children - the maximum number of children that
; can be alive at the same time.
; pm.process_idle_timeout - The number of seconds after which
; an idle process will be killed.
; Note: This value is mandatory.
pm = dynamic
; The number of child processes to be created when pm is set to 'static' and the
; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
; This value sets the limit on the number of simultaneous requests that will be
; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
; CGI. The below defaults are based on a server without much resources. Don't
; forget to tweak pm.* to fit your needs.
; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
; Note: This value is mandatory.
pm.max_children = 5
; The number of child processes created on startup.
; Note: Used only when pm is set to 'dynamic'
; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
pm.start_servers = 2
; The desired minimum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.min_spare_servers = 1
; The desired maximum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.max_spare_servers = 3
; The number of seconds after which an idle process will be killed.
; Note: Used only when pm is set to 'ondemand'
; Default Value: 10s
;pm.process_idle_timeout = 10s;
; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
; Default Value: 0
;pm.max_requests = 500
; The URI to view the FPM status page. If this value is not set, no URI will be
; recognized as a status page. It shows the following informations:
; pool - the name of the pool;
; process manager - static, dynamic or ondemand;
; start time - the date and time FPM has started;
; start since - number of seconds since FPM has started;
; accepted conn - the number of request accepted by the pool;
; listen queue - the number of request in the queue of pending
; connections (see backlog in listen(2));
; max listen queue - the maximum number of requests in the queue
; of pending connections since FPM has started;
; listen queue len - the size of the socket queue of pending connections;
; idle processes - the number of idle processes;
; active processes - the number of active processes;
; total processes - the number of idle + active processes;
; max active processes - the maximum number of active processes since FPM
; has started;
; max children reached - number of times, the process limit has been reached,
; when pm tries to start more children (works only for
; pm 'dynamic' and 'ondemand');
; Value are updated in real time.
; Example output:
; pool: www
; process manager: static
; start time: 01/Jul/2011:17:53:49 +0200
; start since: 62636
; accepted conn: 190460
; listen queue: 0
; max listen queue: 1
; listen queue len: 42
; idle processes: 4
; active processes: 11
; total processes: 15
; max active processes: 12
; max children reached: 0
;
; By default the status page output is formatted as text/plain. Passing either
; 'html', 'xml' or 'json' in the query string will return the corresponding
; output syntax. Example:
; http://www.foo.bar/status
; http://www.foo.bar/status?json
; http://www.foo.bar/status?html
; http://www.foo.bar/status?xml
;
; By default the status page only outputs short status. Passing 'full' in the
; query string will also return status for each pool process.
; Example:
; http://www.foo.bar/status?full
; http://www.foo.bar/status?json&full
; http://www.foo.bar/status?html&full
; http://www.foo.bar/status?xml&full
; The Full status returns for each process:
; pid - the PID of the process;
; state - the state of the process (Idle, Running, ...);
; start time - the date and time the process has started;
; start since - the number of seconds since the process has started;
; requests - the number of requests the process has served;
; request duration - the duration in µs of the requests;
; request method - the request method (GET, POST, ...);
; request URI - the request URI with the query string;
; content length - the content length of the request (only with POST);
; user - the user (PHP_AUTH_USER) (or '-' if not set);
; script - the main script called (or '-' if not set);
; last request cpu - the %cpu the last request consumed
; it's always 0 if the process is not in Idle state
; because CPU calculation is done when the request
; processing has terminated;
; last request memory - the max amount of memory the last request consumed
; it's always 0 if the process is not in Idle state
; because memory calculation is done when the request
; processing has terminated;
; If the process is in Idle state, then informations are related to the
; last request the process has served. Otherwise informations are related to
; the current request being served.
; Example output:
; ************************
; pid: 31330
; state: Running
; start time: 01/Jul/2011:17:53:49 +0200
; start since: 63087
; requests: 12808
; request duration: 1250261
; request method: GET
; request URI: /test_mem.php?N=10000
; content length: 0
; user: -
; script: /home/fat/web/docs/php/test_mem.php
; last request cpu: 0.00
; last request memory: 0
;
; Note: There is a real-time FPM status monitoring sample web page available
; It's available in: /usr/share/php/fpm/status.html
;
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
;pm.status_path = /status
; The ping URI to call the monitoring page of FPM. If this value is not set, no
; URI will be recognized as a ping page. This could be used to test from outside
; that FPM is alive and responding, or to
; - create a graph of FPM availability (rrd or such);
; - remove a server from a group if it is not responding (load balancing);
; - trigger alerts for the operating team (24/7).
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
;ping.path = /ping
; This directive may be used to customize the response of a ping request. The
; response is formatted as text/plain with a 200 response code.
; Default Value: pong
;ping.response = pong
; The access log file
; Default: not set
;access.log = log/$pool.access.log
; The access log format.
; The following syntax is allowed
; %%: the '%' character
; %C: %CPU used by the request
; it can accept the following format:
; - %{user}C for user CPU only
; - %{system}C for system CPU only
; - %{total}C for user + system CPU (default)
; %d: time taken to serve the request
; it can accept the following format:
; - %{seconds}d (default)
; - %{miliseconds}d
; - %{mili}d
; - %{microseconds}d
; - %{micro}d
; %e: an environment variable (same as $_ENV or $_SERVER)
; it must be associated with embraces to specify the name of the env
; variable. Some exemples:
; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
; %f: script filename
; %l: content-length of the request (for POST request only)
; %m: request method
; %M: peak of memory allocated by PHP
; it can accept the following format:
; - %{bytes}M (default)
; - %{kilobytes}M
; - %{kilo}M
; - %{megabytes}M
; - %{mega}M
; %n: pool name
; %o: output header
; it must be associated with embraces to specify the name of the header:
; - %{Content-Type}o
; - %{X-Powered-By}o
; - %{Transfert-Encoding}o
; - ....
; %p: PID of the child that serviced the request
; %P: PID of the parent of the child that serviced the request
; %q: the query string
; %Q: the '?' character if query string exists
; %r: the request URI (without the query string, see %q and %Q)
; %R: remote IP address
; %s: status (response code)
; %t: server time the request was received
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; %T: time the log has been written (the request has finished)
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; %u: remote user
;
; Default: "%R - %u %t \"%m %r\" %s"
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
; The log file for slow requests
; Default Value: not set
; Note: slowlog is mandatory if request_slowlog_timeout is set
;slowlog = log/$pool.log.slow
; The timeout for serving a single request after which a PHP backtrace will be
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
;request_slowlog_timeout = 0
; The timeout for serving a single request after which the worker process will
; be killed. This option should be used when the 'max_execution_time' ini option
; does not stop script execution for some reason. A value of '0' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
;request_terminate_timeout = 0
; Set open file descriptor rlimit.
; Default Value: system defined value
;rlimit_files = 1024
; Set max core size rlimit.
; Possible Values: 'unlimited' or an integer greater or equal to 0
; Default Value: system defined value
;rlimit_core = 0
; Chroot to this directory at the start. This value must be defined as an
; absolute path. When this value is not set, chroot is not used.
; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
; of its subdirectories. If the pool prefix is not set, the global prefix
; will be used instead.
; Note: chrooting is a great security feature and should be used whenever
; possible. However, all PHP paths will be relative to the chroot
; (error_log, sessions.save_path, ...).
; Default Value: not set
;chroot =
; Chdir to this directory at the start.
; Note: relative path can be used.
; Default Value: current directory or / when chroot
;chdir = /var/www
; Redirect worker stdout and stderr into main error log. If not set, stdout and
; stderr will be redirected to /dev/null according to FastCGI specs.
; Note: on highloaded environement, this can cause some delay in the page
; process time (several ms).
; Default Value: no
;catch_workers_output = yes
; Clear environment in FPM workers
; Prevents arbitrary environment variables from reaching FPM worker processes
; by clearing the environment in workers before env vars specified in this
; pool configuration are added.
; Setting to "no" will make all environment variables available to PHP code
; via getenv(), $_ENV and $_SERVER.
; Default Value: yes
;clear_env = no
; Limits the extensions of the main script FPM will allow to parse. This can
; prevent configuration mistakes on the web server side. You should only limit
; FPM to .php extensions to prevent malicious users to use other extensions to
; exectute php code.
; Note: set an empty value to allow all extensions.
; Default Value: .php
;security.limit_extensions = .php .php3 .php4 .php5
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp
; Additional php.ini defines, specific to this pool of workers. These settings
; overwrite the values previously defined in the php.ini. The directives are the
; same as the PHP SAPI:
; php_value/php_flag - you can set classic ini defines which can
; be overwritten from PHP call 'ini_set'.
; php_admin_value/php_admin_flag - these directives won't be overwritten by
; PHP call 'ini_set'
; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
; Defining 'extension' will load the corresponding shared extension from
; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
; overwrite previously defined php.ini values, but will append the new value
; instead.
; Note: path INI options can be relative and will be expanded with the prefix
; (pool, global or /usr)
; Default Value: nothing is defined by default except the values in php.ini and
; specified at startup with the -d argument
;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
;php_flag[display_errors] = off
;php_admin_value[error_log] = /var/log/fpm-php.www.log
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M

1930
root/etc/php7/php.ini
View File

File diff suppressed because it is too large Load Diff

2
root/etc/s6/.s6-svscan/finish
View File

@@ -1,2 +0,0 @@
#!/bin/sh
exec /bin/true

2
root/etc/s6/nginx/finish
View File

@@ -1,2 +0,0 @@
#!/bin/sh
exec /bin/true

3
root/etc/s6/nginx/run
View File

@@ -1,3 +0,0 @@
#!/bin/sh
exec nginx -c /etc/nginx/nginx.conf

2
root/etc/s6/php-fpm/finish
View File

@@ -1,2 +0,0 @@
#!/bin/sh
exec /bin/true

3
root/etc/s6/php-fpm/run
View File

@@ -1,3 +0,0 @@
#!/bin/sh
exec php-fpm7 -F

63
root/var/www/wallabag/app/config/parameters.yml
View File

@@ -1,63 +0,0 @@
parameters:
database_driver: pdo_sqlite
database_host: 127.0.0.1
database_port: ~
database_name: symfony
database_user: root
database_password: ~
database_path: "%kernel.root_dir%/../data/db/wallabag.sqlite"
database_table_prefix: wallabag_
database_socket: null
database_charset: utf8
domain_name: https://your-wallabag-url-instance.com
mailer_transport: smtp
mailer_user: ~
mailer_password: ~
mailer_host: 127.0.0.1
mailer_port: false
mailer_encryption: ~
mailer_auth_mode: ~
locale: en
# A secret key that's used to generate certain security-related tokens
secret: ovmpmAWXRCabNlMgzlzFXDYmCFfzGv
# two factor stuff
twofactor_auth: true
twofactor_sender: no-reply@wallabag.org
# fosuser stuff
fosuser_registration: true
fosuser_confirmation: true
# how long the access token should live in seconds for the API
fos_oauth_server_access_token_lifetime: 3600
# how long the refresh token should life in seconds for the API
fos_oauth_server_refresh_token_lifetime: 1209600
from_email: no-reply@wallabag.org
rss_limit: 50
# RabbitMQ processing
rabbitmq_host: localhost
rabbitmq_port: 5672
rabbitmq_user: guest
rabbitmq_password: guest
rabbitmq_prefetch_count: 10
# Redis processing
redis_scheme: tcp
redis_host: localhost
redis_port: 6379
redis_path: null
redis_password: null
# sentry logging
sentry_dsn: ~
# User-friendly name of your instance for 2FA issuer
server_name: Your wallabag instance