diff --git a/docker/nginx/Dockerfile b/docker/nginx/Dockerfile index 86dedad..37fdce5 100644 --- a/docker/nginx/Dockerfile +++ b/docker/nginx/Dockerfile @@ -1,5 +1,3 @@ -FROM nginx:1.22.0-alpine +FROM nginx:1.27.0-alpine3.19 COPY nginx.conf /etc/nginx/conf.d/default.conf -COPY ssl.pem /etc/nginx/ssl.pem -COPY key.pem /etc/nginx/key.pem diff --git a/docker/nginx/nginx.conf b/docker/nginx/nginx.conf index 3dd45d5..5069a1c 100644 --- a/docker/nginx/nginx.conf +++ b/docker/nginx/nginx.conf @@ -1,19 +1,26 @@ server { - listen 443 ssl; - ssl_certificate /etc/nginx/ssl.pem; - ssl_certificate_key /etc/nginx/key.pem; + listen 80; root /app/public; + add_header X-Frame-Options "SAMEORIGIN"; + add_header X-Content-Type-Options "nosniff"; index index.php; - if (!-e $request_filename) { - rewrite ^.*$ /index.php last; + charset utf-8; + location / { + try_files $uri $uri/ /index.php?$query_string; } + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + error_page 404 /index.php; location ~ \.php$ { fastcgi_pass php-fpm-debug:9000; fastcgi_index index.php; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; include fastcgi_params; fastcgi_read_timeout 300; } + location ~ /\.(?!well-known).* { + deny all; + } } diff --git a/docker/php-fpm/Dockerfile b/docker/php-fpm/Dockerfile index 139bdfe..7101069 100644 --- a/docker/php-fpm/Dockerfile +++ b/docker/php-fpm/Dockerfile @@ -1,4 +1,4 @@ -FROM php:8.2.12-fpm-alpine3.18 as base +FROM php:8.3.8-fpm-alpine3.20 as base RUN apk add --no-cache $PHPIZE_DEPS \ freetype-dev \ @@ -17,7 +17,7 @@ RUN docker-php-ext-configure gd --with-freetype --with-jpeg \ RUN pecl install redis-6.0.2 && docker-php-ext-enable redis # install composer from the composer image -COPY --from=composer:2.6.5 /usr/bin/composer /usr/bin/composer +COPY --from=composer:2.7.7 /usr/bin/composer /usr/bin/composer COPY docker-php-file-uploads.ini /usr/local/etc/php/conf.d/docker-php-file-uploads.ini @@ -25,5 +25,5 @@ FROM base as debug # Supports xdebug RUN apk add --update linux-headers -RUN pecl install xdebug-3.2.2 && docker-php-ext-enable xdebug +RUN pecl install xdebug-3.3.2 && docker-php-ext-enable xdebug COPY docker-php-ext-xdebug.ini /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini diff --git a/docker/php-fpm/docker-php-ext-xdebug.ini b/docker/php-fpm/docker-php-ext-xdebug.ini index 69b8397..63e4b0f 100644 --- a/docker/php-fpm/docker-php-ext-xdebug.ini +++ b/docker/php-fpm/docker-php-ext-xdebug.ini @@ -1,5 +1,5 @@ zend_extension=xdebug -xdebug.mode=debug +xdebug.mode=debug,develop xdebug.idekey=PHPSTORM xdebug.client_host=docker.for.mac.localhost memory_limit=512M diff --git a/docker/vite/.gitignore b/docker/vite/.gitignore new file mode 100644 index 0000000..cfaad76 --- /dev/null +++ b/docker/vite/.gitignore @@ -0,0 +1 @@ +*.pem diff --git a/vite.config.js b/vite.config.js index 463a7fb..8b80956 100644 --- a/vite.config.js +++ b/vite.config.js @@ -26,12 +26,10 @@ export default defineConfig(({ mode }) => { if (mode === "development") { config.server = { - port: 30098, - strictPort: true, host: true, https: { - key: readFileSync("docker/nginx/key.pem"), - cert: readFileSync("docker/nginx/ssl.pem"), + key: readFileSync("docker/vite/key.pem"), + cert: readFileSync("docker/vite/ssl.pem"), }, hmr: { host: "project.domain",