ab-docker/scripts
1
0
Fork 0
Code Releases Activity

update scripts and param templates

Browse Source
This commit is contained in:
Asif Bacchus 2019-11-13 08:51:34 -07:00
parent 5969b80ce2
commit 3718ee3dc9
4 changed files with 37 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
ab-nginx-php.params.template
View File

@ -19,10 +19,10 @@ TZ=Area/Location
# Hostnames to which this instance of NGINX should answer: # Hostnames to which this instance of NGINX should answer:
# By default, this is set to '_' meaning 'match anything'. However, that won't # By default, this is set to '_' meaning 'match anything'. However, that won't
# work if you're using SSL certificates! Multiple hostnames must be space # work if you're using SSL certificates! Multiple hostnames must be space
# delimited. # delimited and "enclosed in quotes".
# This is NOT required if you are supplying your own server blocks via # This is NOT required if you are supplying your own server blocks via
# 'SERVERS_DIR' # 'SERVERS_DIR'
SERVER_NAMES="domain.tld www.domain.tld server.domain.tld alt.domain.tld" HOSTNAMES="domain.tld www.domain.tld server.domain.tld alt.domain.tld"
# Ports to expose on the HOST machine (container ALWAYS internally uses 80/443): # Ports to expose on the HOST machine (container ALWAYS internally uses 80/443):
# If you need to use ports other than HTTP=80 and HTTPS=443, remember to set up # If you need to use ports other than HTTP=80 and HTTPS=443, remember to set up
@ -34,12 +34,21 @@ SERVER_NAMES="domain.tld www.domain.tld server.domain.tld alt.domain.tld"
HTTP_PORT=80 HTTP_PORT=80
HTTPS_PORT=443 HTTPS_PORT=443
# Access logging (global preference): # NGINX Access logging (global preference):
# Unless overridden in a server/location block, access logging will be handled # Unless overridden in a server/location block, access logging will be handled
# according to this setting. Default is OFF. Choices are 'ON' or 'OFF'. Logs # according to this setting. Default is OFF. Choices are 'ON' or 'OFF'. Logs
# will be printed to the console so they are accessible via 'docker logs ...' # will be printed to the console so they are accessible via 'docker logs ...'
ACCESS_LOG=OFF ACCESS_LOG=OFF
### PHP-FPM options
# PHP Access logging:
# This controls whether the PHP-FPM access log is written to the console. The
# error log is always written. Default is OFF. Choices are 'ON' or 'OFF'.
# Logs are accessible via 'docker logs ...'
PHP_ACCESS_LOG=OFF
### Content files ### Content files
# Whatever you specify here will replace the default files in the container # Whatever you specify here will replace the default files in the container
# with your content/configurations. # with your content/configurations.
@ -60,11 +69,11 @@ CONFIG_DIR=$(pwd)/config/
# (i.e. 00-first_server.conf, 05-second_server.conf) # (i.e. 00-first_server.conf, 05-second_server.conf)
# Only files with a ".conf" extension will be loaded! If you want to disable a # Only files with a ".conf" extension will be loaded! If you want to disable a
# file, simply change it's extension (i.e. '.conf.disabled'). # file, simply change it's extension (i.e. '.conf.disabled').
SERVERS_DIR=/home/user/server_blocks/ SERVERS_DIR=$(pwd)/sites/
# Specify a directory that contains files for your 'webroot'. This includes # Specify a directory that contains files for your 'webroot'. This includes
# things like HTML, CSS, etc. # things like HTML, CSS, etc.
WEBROOT_DIR=/home/user/my_web_stuff/ WEBROOT_DIR=/var/www
### SSL options: ### SSL options:
@ -80,10 +89,10 @@ TLS13_ONLY=FALSE
# Remember, if you are mounting symlinks (like when using Let's Encrypt), you # Remember, if you are mounting symlinks (like when using Let's Encrypt), you
# MUST specify the full path of the symlink so the target is resolved! # MUST specify the full path of the symlink so the target is resolved!
# DH (Diffie-Hellman Parameters file) is only required if using TLS 1.2 # DH (Diffie-Hellman Parameters file) is only required if using TLS 1.2
SSL_CERT=/path/to/your/ssl-certificate/fullchain.pem #SSL_CERT=/path/to/your/ssl-certificate/fullchain.pem
SSL_KEY=/path/to/your/ssl-private-key/privkey.pem #SSL_KEY=/path/to/your/ssl-private-key/privkey.pem
SSL_CHAIN=/path/to/your/ssl-certificate-chain/chain.pem #SSL_CHAIN=/path/to/your/ssl-certificate-chain/chain.pem
DH=/path/to/your/diffie-hellman-parameters-file/dhparam.pem #DH=/path/to/your/diffie-hellman-parameters-file/dhparam.pem
#EOF #EOF

6
ab-nginx-php.sh
View File

@ -176,6 +176,7 @@ if [ -z "$SSL_CERT" ]; then
printf "${cyan}\nRunning SHELL on %s...${norm}\n" "$container_name" printf "${cyan}\nRunning SHELL on %s...${norm}\n" "$container_name"
docker run --rm -it --name ${container_name} \ docker run --rm -it --name ${container_name} \
--env-file ab-nginx-php.params \ --env-file ab-nginx-php.params \
-e SERVER_NAMES="$HOSTNAMES" \
$vmount \ $vmount \
-p ${HTTP_PORT}:80 \ -p ${HTTP_PORT}:80 \
docker.asifbacchus.app/nginx/ab-nginx-php:latest /bin/sh docker.asifbacchus.app/nginx/ab-nginx-php:latest /bin/sh
@ -184,6 +185,7 @@ if [ -z "$SSL_CERT" ]; then
printf "${cyan}\nRunning NGINX on %s...${norm}\n" "$container_name" printf "${cyan}\nRunning NGINX on %s...${norm}\n" "$container_name"
docker run -d --name ${container_name} \ docker run -d --name ${container_name} \
--env-file ab-nginx-php.params \ --env-file ab-nginx-php.params \
-e SERVER_NAMES="$HOSTNAMES" \
$vmount \ $vmount \
-p ${HTTP_PORT}:80 \ -p ${HTTP_PORT}:80 \
--restart unless-stopped \ --restart unless-stopped \
@ -196,6 +198,7 @@ elif [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = FALSE ]; then
printf "${cyan}\nRunning SHELL on %s (TLS 1.2)...${norm}\n" "$container_name" printf "${cyan}\nRunning SHELL on %s (TLS 1.2)...${norm}\n" "$container_name"
docker run --rm -it --name ${container_name} \ docker run --rm -it --name ${container_name} \
--env-file ab-nginx-php.params \ --env-file ab-nginx-php.params \
-e SERVER_NAMES="$HOSTNAMES" \
$vmount \ $vmount \
-v "$SSL_CERT":/certs/fullchain.pem:ro \ -v "$SSL_CERT":/certs/fullchain.pem:ro \
-v "$SSL_KEY":/certs/privkey.pem:ro \ -v "$SSL_KEY":/certs/privkey.pem:ro \
@ -208,6 +211,7 @@ elif [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = FALSE ]; then
printf "${cyan}\nRunning NGINX on %s (TLS 1.2)...${norm}\n" "$container_name" printf "${cyan}\nRunning NGINX on %s (TLS 1.2)...${norm}\n" "$container_name"
docker run -d --name ${container_name} \ docker run -d --name ${container_name} \
--env-file ab-nginx-php.params \ --env-file ab-nginx-php.params \
-e SERVER_NAMES="$HOSTNAMES" \
$vmount \ $vmount \
-v "$SSL_CERT":/certs/fullchain.pem:ro \ -v "$SSL_CERT":/certs/fullchain.pem:ro \
-v "$SSL_KEY":/certs/privkey.pem:ro \ -v "$SSL_KEY":/certs/privkey.pem:ro \
@ -224,6 +228,7 @@ elif [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = TRUE ]; then
printf "${cyan}\nRunning SHELL on %s (TLS 1.3)...${norm}\n" "$container_name" printf "${cyan}\nRunning SHELL on %s (TLS 1.3)...${norm}\n" "$container_name"
docker run --rm -it --name ${container_name} \ docker run --rm -it --name ${container_name} \
--env-file ab-nginx-php.params \ --env-file ab-nginx-php.params \
-e SERVER_NAMES="$HOSTNAMES" \
$vmount \ $vmount \
-v "$SSL_CERT":/certs/fullchain.pem:ro \ -v "$SSL_CERT":/certs/fullchain.pem:ro \
-v "$SSL_KEY":/certs/privkey.pem:ro \ -v "$SSL_KEY":/certs/privkey.pem:ro \
@ -235,6 +240,7 @@ elif [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = TRUE ]; then
printf "${cyan}\nRunning NGINX on %s (TLS 1.3)...${norm}\n" "$container_name" printf "${cyan}\nRunning NGINX on %s (TLS 1.3)...${norm}\n" "$container_name"
docker run -d --name ${container_name} \ docker run -d --name ${container_name} \
--env-file ab-nginx-php.params \ --env-file ab-nginx-php.params \
-e SERVER_NAMES="$HOSTNAMES" \
$vmount \ $vmount \
-v "$SSL_CERT":/certs/fullchain.pem:ro \ -v "$SSL_CERT":/certs/fullchain.pem:ro \
-v "$SSL_KEY":/certs/privkey.pem:ro \ -v "$SSL_KEY":/certs/privkey.pem:ro \

14
ab-nginx.params.template
View File

@ -19,10 +19,10 @@ TZ=Area/Location
# Hostnames to which this instance of NGINX should answer: # Hostnames to which this instance of NGINX should answer:
# By default, this is set to '_' meaning 'match anything'. However, that won't # By default, this is set to '_' meaning 'match anything'. However, that won't
# work if you're using SSL certificates! Multiple hostnames must be space # work if you're using SSL certificates! Multiple hostnames must be space
# delimited. # delimited and "enclosed in quotes".
# This is NOT required if you are supplying your own server blocks via # This is NOT required if you are supplying your own server blocks via
# 'SERVERS_DIR' # 'SERVERS_DIR'
SERVER_NAMES="domain.tld www.domain.tld server.domain.tld alt.domain.tld" HOSTNAMES="domain.tld www.domain.tld server.domain.tld alt.domain.tld"
# Ports to expose on the HOST machine (container ALWAYS internally uses 80/443): # Ports to expose on the HOST machine (container ALWAYS internally uses 80/443):
# If you need to use ports other than HTTP=80 and HTTPS=443, remember to set up # If you need to use ports other than HTTP=80 and HTTPS=443, remember to set up
@ -60,7 +60,7 @@ CONFIG_DIR=$(pwd)/config/
# (i.e. 00-first_server.conf, 05-second_server.conf) # (i.e. 00-first_server.conf, 05-second_server.conf)
# Only files with a ".conf" extension will be loaded! If you want to disable a # Only files with a ".conf" extension will be loaded! If you want to disable a
# file, simply change it's extension (i.e. '.conf.disabled'). # file, simply change it's extension (i.e. '.conf.disabled').
SERVERS_DIR=/home/user/server_blocks/ SERVERS_DIR=$(pwd)/sites/
# Specify a directory that contains files for your 'webroot'. This includes # Specify a directory that contains files for your 'webroot'. This includes
# things like HTML, CSS, etc. # things like HTML, CSS, etc.
@ -80,10 +80,10 @@ TLS13_ONLY=FALSE
# Remember, if you are mounting symlinks (like when using Let's Encrypt), you # Remember, if you are mounting symlinks (like when using Let's Encrypt), you
# MUST specify the full path of the symlink so the target is resolved! # MUST specify the full path of the symlink so the target is resolved!
# DH (Diffie-Hellman Parameters file) is only required if using TLS 1.2 # DH (Diffie-Hellman Parameters file) is only required if using TLS 1.2
SSL_CERT=/path/to/your/ssl-certificate/fullchain.pem #SSL_CERT=/path/to/your/ssl-certificate/fullchain.pem
SSL_KEY=/path/to/your/ssl-private-key/privkey.pem #SSL_KEY=/path/to/your/ssl-private-key/privkey.pem
SSL_CHAIN=/path/to/your/ssl-certificate-chain/chain.pem #SSL_CHAIN=/path/to/your/ssl-certificate-chain/chain.pem
DH=/path/to/your/diffie-hellman-parameters-file/dhparam.pem #DH=/path/to/your/diffie-hellman-parameters-file/dhparam.pem
#EOF #EOF

6
ab-nginx.sh
View File

@ -176,6 +176,7 @@ if [ -z "$SSL_CERT" ]; then
printf "${cyan}\nRunning SHELL on %s...${norm}\n" "$container_name" printf "${cyan}\nRunning SHELL on %s...${norm}\n" "$container_name"
docker run --rm -it --name ${container_name} \ docker run --rm -it --name ${container_name} \
--env-file ab-nginx.params \ --env-file ab-nginx.params \
-e SERVER_NAMES="$HOSTNAMES" \
$vmount \ $vmount \
-p ${HTTP_PORT}:80 \ -p ${HTTP_PORT}:80 \
docker.asifbacchus.app/nginx/ab-nginx:latest /bin/sh docker.asifbacchus.app/nginx/ab-nginx:latest /bin/sh
@ -184,6 +185,7 @@ if [ -z "$SSL_CERT" ]; then
printf "${cyan}\nRunning NGINX on %s...${norm}\n" "$container_name" printf "${cyan}\nRunning NGINX on %s...${norm}\n" "$container_name"
docker run -d --name ${container_name} \ docker run -d --name ${container_name} \
--env-file ab-nginx.params \ --env-file ab-nginx.params \
-e SERVER_NAMES="$HOSTNAMES" \
$vmount \ $vmount \
-p ${HTTP_PORT}:80 \ -p ${HTTP_PORT}:80 \
--restart unless-stopped \ --restart unless-stopped \
@ -196,6 +198,7 @@ elif [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = FALSE ]; then
printf "${cyan}\nRunning SHELL on %s (TLS 1.2)...${norm}\n" "$container_name" printf "${cyan}\nRunning SHELL on %s (TLS 1.2)...${norm}\n" "$container_name"
docker run --rm -it --name ${container_name} \ docker run --rm -it --name ${container_name} \
--env-file ab-nginx.params \ --env-file ab-nginx.params \
-e SERVER_NAMES="$HOSTNAMES" \
$vmount \ $vmount \
-v "$SSL_CERT":/certs/fullchain.pem:ro \ -v "$SSL_CERT":/certs/fullchain.pem:ro \
-v "$SSL_KEY":/certs/privkey.pem:ro \ -v "$SSL_KEY":/certs/privkey.pem:ro \
@ -208,6 +211,7 @@ elif [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = FALSE ]; then
printf "${cyan}\nRunning NGINX on %s (TLS 1.2)...${norm}\n" "$container_name" printf "${cyan}\nRunning NGINX on %s (TLS 1.2)...${norm}\n" "$container_name"
docker run -d --name ${container_name} \ docker run -d --name ${container_name} \
--env-file ab-nginx.params \ --env-file ab-nginx.params \
-e SERVER_NAMES="$HOSTNAMES" \
$vmount \ $vmount \
-v "$SSL_CERT":/certs/fullchain.pem:ro \ -v "$SSL_CERT":/certs/fullchain.pem:ro \
-v "$SSL_KEY":/certs/privkey.pem:ro \ -v "$SSL_KEY":/certs/privkey.pem:ro \
@ -224,6 +228,7 @@ elif [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = TRUE ]; then
printf "${cyan}\nRunning SHELL on %s (TLS 1.3)...${norm}\n" "$container_name" printf "${cyan}\nRunning SHELL on %s (TLS 1.3)...${norm}\n" "$container_name"
docker run --rm -it --name ${container_name} \ docker run --rm -it --name ${container_name} \
--env-file ab-nginx.params \ --env-file ab-nginx.params \
-e SERVER_NAMES="$HOSTNAMES" \
$vmount \ $vmount \
-v "$SSL_CERT":/certs/fullchain.pem:ro \ -v "$SSL_CERT":/certs/fullchain.pem:ro \
-v "$SSL_KEY":/certs/privkey.pem:ro \ -v "$SSL_KEY":/certs/privkey.pem:ro \
@ -235,6 +240,7 @@ elif [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = TRUE ]; then
printf "${cyan}\nRunning NGINX on %s (TLS 1.3)...${norm}\n" "$container_name" printf "${cyan}\nRunning NGINX on %s (TLS 1.3)...${norm}\n" "$container_name"
docker run -d --name ${container_name} \ docker run -d --name ${container_name} \
--env-file ab-nginx.params \ --env-file ab-nginx.params \
-e SERVER_NAMES="$HOSTNAMES" \
$vmount \ $vmount \
-v "$SSL_CERT":/certs/fullchain.pem:ro \ -v "$SSL_CERT":/certs/fullchain.pem:ro \
-v "$SSL_KEY":/certs/privkey.pem:ro \ -v "$SSL_KEY":/certs/privkey.pem:ro \