ARG ARCH= FROM ${ARCH}alpine:3.20 LABEL Maintainer="Ernesto Serrano " \ Description="Lightweight container with Nginx & PHP-FPM based on Alpine Linux." # Install packages RUN apk --no-cache add \ php83 \ php83-ctype \ php83-curl \ php83-dom \ php83-exif \ php83-fileinfo \ php83-fpm \ php83-gd \ php83-iconv \ php83-intl \ php83-json \ php83-mbstring \ php83-mysqli \ php83-opcache \ php83-openssl \ php83-pecl-apcu \ php83-pdo \ php83-pdo_mysql \ php83-pgsql \ php83-phar \ php83-session \ php83-simplexml \ php83-soap \ php83-sodium \ php83-tokenizer \ php83-xml \ php83-xmlreader \ php83-zip \ php83-zlib \ nginx \ runit \ curl \ # Bring in gettext so we can get `envsubst`, then throw # the rest away. To do this, we need to install `gettext` # then move `envsubst` out of the way so `gettext` can # be deleted completely, then move `envsubst` back. && apk add --no-cache --virtual .gettext gettext \ && mv /usr/bin/envsubst /tmp/ \ && runDeps="$( \ scanelf --needed --nobanner /tmp/envsubst \ | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ | sort -u \ | xargs -r apk info --installed \ | sort -u \ )" \ && apk add --no-cache $runDeps \ && apk del .gettext \ && mv /tmp/envsubst /usr/local/bin/ \ # Remove alpine cache && rm -rf /var/cache/apk/* \ # Remove default server definition && rm /etc/nginx/http.d/default.conf \ # Make sure files/folders needed by the processes are accessable when they run under the nobody user && mkdir -p /run /var/lib/nginx /var/www/html /var/log/nginx \ && chown -R nobody:nobody /run /var/lib/nginx /var/www/html /var/log/nginx # Add configuration files COPY --chown=nobody rootfs/ / # Switch to use a non-root user from here on USER nobody # Add application WORKDIR /var/www/html # Expose the port nginx is reachable on EXPOSE 8080 # Let runit start nginx & php-fpm # Ensure /bin/docker-entrypoint.sh is always executed ENTRYPOINT ["/bin/docker-entrypoint.sh"] # Configure a healthcheck to validate that everything is up&running HEALTHCHECK --timeout=10s CMD curl --silent --fail http://127.0.0.1:8080/fpm-ping || exit 1 ENV nginx_root_directory=/var/www/html \ client_max_body_size=2M \ clear_env=no \ allow_url_fopen=On \ allow_url_include=Off \ display_errors=Off \ file_uploads=On \ max_execution_time=0 \ max_input_time=-1 \ max_input_vars=1000 \ memory_limit=128M \ post_max_size=8M \ upload_max_filesize=2M \ zlib_output_compression=On \ date_timezone=UTC