Sort php-fpm configs and add ENV_WHITELIST option
This commit is contained in:
parent
8fc2924cb7
commit
54c2021348
12
Dockerfile
12
Dockerfile
@ -29,7 +29,12 @@ RUN \
|
||||
# ... but ensure it exists with the right owner
|
||||
&& mkdir -p /var/www \
|
||||
&& echo "<?php phpinfo();" > /var/www/index.php \
|
||||
&& chown -R www-data.www-data /var/www
|
||||
&& chown -R www-data.www-data /var/www \
|
||||
# Bring php-fpm configs into a more controallable state
|
||||
&& rm /usr/local/etc/php-fpm.d/www.conf.default \
|
||||
&& mv /usr/local/etc/php-fpm.d/docker.conf /usr/local/etc/php-fpm.d/00-docker.conf \
|
||||
&& mv /usr/local/etc/php-fpm.d/www.conf /usr/local/etc/php-fpm.d/10-www.conf \
|
||||
&& mv /usr/local/etc/php-fpm.d/zz-docker.conf /usr/local/etc/php-fpm.d/20-docker.conf
|
||||
|
||||
WORKDIR /var/www
|
||||
|
||||
@ -54,6 +59,11 @@ ENV REDIRECT_PROTO="auto"
|
||||
# config ini in /usr/local/etc/php/conf.d/
|
||||
ENV XDEBUG=false
|
||||
|
||||
# Which environment variables should be available to PHP? For security reasons we do not expose
|
||||
# any of them to PHP by default.
|
||||
# Valid values are "none" and "all"
|
||||
ENV ENV_WHITELIST="none"
|
||||
|
||||
ADD etc/ /etc/
|
||||
ADD usr/ /usr/
|
||||
|
||||
|
@ -40,4 +40,12 @@ else
|
||||
rm -f "${XDEBUG_INI}"
|
||||
fi
|
||||
|
||||
if [ "${ENV_WHITELIST}" == "all" ]; then
|
||||
rm -rf /usr/local/etc/php-fpm.d/50-clear-env.conf
|
||||
elif [ "${ENV_WHITELIST}" != "none" ]; then
|
||||
echo "ERROR: Invalid value for ENV_WHITELIST, got '${ENV_WHITELIST}'" >&2
|
||||
echo "ERROR: Valid values are: 'none' or 'all'" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
exec /usr/bin/supervisord -c /etc/supervisord.conf
|
||||
|
2
usr/local/etc/php-fpm.d/50-clear-env.conf
Normal file
2
usr/local/etc/php-fpm.d/50-clear-env.conf
Normal file
@ -0,0 +1,2 @@
|
||||
[www]
|
||||
clear_env = On
|
Loading…
Reference in New Issue
Block a user