README.md 5.3 KB
Docker LEMP
| name | pulls | version | layers | image size |
|---|---|---|---|---|
| metowolf/php |  |
 |
 |
 |
| metowolf/nginx |  |
 |
 |
 |
| mysql/mysql-server |  |
 |
 |
|
| metowolf/redis |  |
 |
 |
 |
| phpmyadmin/phpmyadmin |  |
 |
 |
Requirements
Usage
Clone docker-lemp inside your project
git clone https://github.com/metowolf/docker-lemp.git- Enter the docker-lemp folder and rename .env.example to .env.
bash cd docker-lemp cp .env.example .env cp docker-compose.example.yml docker-compose.yml
- Enter the docker-lemp folder and rename .env.example to .env.
Open your project’s .env file and set the following:
MYSQL_ROOT_PASSWORD=your_password- Run your containers:
bash docker-compose up -d
- Run your containers:
Running QUIC
The following configuration file can be used as a starting point to enable HTTP/3 support:
http {
server {
# Enable QUIC, HTTP/3 and HTTP/2 on both IPv4 and IPv6.
listen 443 ssl http2;
listen 443 quic;
listen [::]:443 ssl http2;
listen [::]:443 quic;
ssl_certificate cert.crt;
ssl_certificate_key cert.key;
# Add HSTS header
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
# Add Alt-Svc header to negotiate HTTP/3.
add_header alt-svc 'h3-23=":443"; ma=86400';
# Enable specific TLS versions (TLSv1 and TLSv1.1 are not longer saft, TLSv1.3 is required for QUIC).
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers TLS-CHACHA20-POLY1305-SHA256:TLS-AES-256-GCM-SHA384:TLS-AES-128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256;
ssl_prefer_server_ciphers on;
ssl_early_data on;
}
}
Running brotli
Add the following lines into
nginx.confto loadbrotlimodule for your nginx server:load_module modules/ngx_http_brotli_filter_module.so; load_module modules/ngx_http_brotli_static_module.so;- Add the following lines into the configuration file of your sites to enable
brotlifeature:nginx brotli on; brotli_comp_level 6; brotli_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript image/svg+xml;
- Add the following lines into the configuration file of your sites to enable
Generally Upgrade
Modify project’s .env file.
vim .env- Rebuild containers:
bash docker-compose up -d --no-deps --build
- Rebuild containers:
Upgrade to Caddyless version
Before git pull
Rename conflicted file if exists:
mv etc/nginx/nginx.conf etc/nginx/nginx.conf.bakAfter
git pull- Modify project’s .env file.
bash vim .env
- Modify project’s .env file.
Move Nginx/MySQL/SSL configuration to new directory: ```bash
move nginx configuration
mv etc/nginx/config/* etc/nginx/conf.d/
move MySQL configuration
rm -fr etc/mysql && mkdir etc/mysql && mkdir etc/mysql/my.cnf.d mv etc/database/data etc/mysql && mv etc/database/config/* etc/mysql/my.cnf.d
move SSL configuration
mv etc/ssl etc/nginx
3. Rebuild containers and remove the `Caddy` container:
```bash
docker-compose up -d --no-deps --build --remove-orphans