From 71b4e88c07d5c869ad6646b34b13505f9012ac73 Mon Sep 17 00:00:00 2001 From: Michael RICOIS Date: Thu, 22 Mar 2018 12:44:32 +0100 Subject: [PATCH] Initial commit --- README.md | 78 ++ additional/install_composer.sh | 19 + docker-compose.yml | 79 ++ dockerfiles/LICENSE | 201 ++++ dockerfiles/README.md | 11 + dockerfiles/docker-compose.example.yml | 77 ++ dockerfiles/httpd/2.4/debian-9/Dockerfile | 28 + dockerfiles/httpd/2.4/debian-9/run.sh | 8 + dockerfiles/httpd/2.4/ubuntu-16.04/Dockerfile | 28 + dockerfiles/httpd/2.4/ubuntu-16.04/run.sh | 8 + dockerfiles/httpd/README.md | 39 + dockerfiles/mailcatcher/Dockerfile | 14 + dockerfiles/mailcatcher/README.md | 16 + dockerfiles/maildev/README.md | 7 + .../mariadb/10.0/ubuntu-14.04/Dockerfile | 33 + .../mariadb/10.0/ubuntu-14.04/init_user.sh | 32 + dockerfiles/mariadb/10.0/ubuntu-14.04/my.cnf | 6 + dockerfiles/mariadb/10.0/ubuntu-14.04/run.sh | 17 + .../mariadb/10.1/ubuntu-14.04/Dockerfile | 32 + .../mariadb/10.1/ubuntu-14.04/init_user.sh | 32 + dockerfiles/mariadb/10.1/ubuntu-14.04/my.cnf | 6 + dockerfiles/mariadb/10.1/ubuntu-14.04/run.sh | 15 + dockerfiles/mariadb/10.2/debian/Dockerfile | 33 + dockerfiles/mariadb/10.2/debian/init_user.sh | 32 + dockerfiles/mariadb/10.2/debian/my.cnf | 8 + dockerfiles/mariadb/10.2/debian/run.sh | 15 + dockerfiles/mariadb/10.2/official/Dockerfile | 25 + .../mariadb/10.2/official/init_user.sh | 32 + dockerfiles/mariadb/10.2/official/my.cnf | 8 + dockerfiles/mariadb/10.2/ubuntu/Dockerfile | 35 + dockerfiles/mariadb/10.2/ubuntu/init_user.sh | 32 + dockerfiles/mariadb/10.2/ubuntu/my.cnf | 7 + dockerfiles/mariadb/10.2/ubuntu/run.sh | 15 + .../mariadb/5.5/ubuntu-14.04/Dockerfile | 32 + .../mariadb/5.5/ubuntu-14.04/init_user.sh | 32 + dockerfiles/mariadb/5.5/ubuntu-14.04/my.cnf | 6 + dockerfiles/mariadb/5.5/ubuntu-14.04/run.sh | 15 + dockerfiles/mariadb/README.md | 37 + .../php-cli/5.5/ubuntu14.04/Dockerfile | 24 + .../php-cli/7.0/ubuntu16.04/Dockerfile | 24 + dockerfiles/php-cli/README.md | 6 + .../php-fpm/5.5/ubuntu-14.04/Dockerfile | 34 + dockerfiles/php-fpm/5.6/debian-8/Dockerfile | 34 + dockerfiles/php-fpm/7.0/debian-9/Dockerfile | 44 + .../php-fpm/7.0/debian-9/composer-install.sh | 17 + .../php-fpm/7.0/debian-9/entrypoint.sh | 12 + .../php-fpm/7.0/ubuntu-16.04/Dockerfile | 33 + dockerfiles/php-fpm/README.md | 6 + dockerfiles/redis/3.2/Dockerfile | 4 + dockerfiles/redis/3.2/redis.conf | 1052 +++++++++++++++++ dockerfiles/redis/4.0/Dockerfile | 4 + dockerfiles/redis/4.0/redis.conf | 1052 +++++++++++++++++ dockerfiles/redis/README.md | 6 + 53 files changed, 3502 insertions(+) create mode 100644 README.md create mode 100644 additional/install_composer.sh create mode 100644 docker-compose.yml create mode 100644 dockerfiles/LICENSE create mode 100644 dockerfiles/README.md create mode 100644 dockerfiles/docker-compose.example.yml create mode 100644 dockerfiles/httpd/2.4/debian-9/Dockerfile create mode 100644 dockerfiles/httpd/2.4/debian-9/run.sh create mode 100644 dockerfiles/httpd/2.4/ubuntu-16.04/Dockerfile create mode 100644 dockerfiles/httpd/2.4/ubuntu-16.04/run.sh create mode 100644 dockerfiles/httpd/README.md create mode 100644 dockerfiles/mailcatcher/Dockerfile create mode 100644 dockerfiles/mailcatcher/README.md create mode 100644 dockerfiles/maildev/README.md create mode 100644 dockerfiles/mariadb/10.0/ubuntu-14.04/Dockerfile create mode 100644 dockerfiles/mariadb/10.0/ubuntu-14.04/init_user.sh create mode 100644 dockerfiles/mariadb/10.0/ubuntu-14.04/my.cnf create mode 100644 dockerfiles/mariadb/10.0/ubuntu-14.04/run.sh create mode 100644 dockerfiles/mariadb/10.1/ubuntu-14.04/Dockerfile create mode 100644 dockerfiles/mariadb/10.1/ubuntu-14.04/init_user.sh create mode 100644 dockerfiles/mariadb/10.1/ubuntu-14.04/my.cnf create mode 100644 dockerfiles/mariadb/10.1/ubuntu-14.04/run.sh create mode 100644 dockerfiles/mariadb/10.2/debian/Dockerfile create mode 100644 dockerfiles/mariadb/10.2/debian/init_user.sh create mode 100644 dockerfiles/mariadb/10.2/debian/my.cnf create mode 100644 dockerfiles/mariadb/10.2/debian/run.sh create mode 100644 dockerfiles/mariadb/10.2/official/Dockerfile create mode 100644 dockerfiles/mariadb/10.2/official/init_user.sh create mode 100644 dockerfiles/mariadb/10.2/official/my.cnf create mode 100644 dockerfiles/mariadb/10.2/ubuntu/Dockerfile create mode 100644 dockerfiles/mariadb/10.2/ubuntu/init_user.sh create mode 100644 dockerfiles/mariadb/10.2/ubuntu/my.cnf create mode 100644 dockerfiles/mariadb/10.2/ubuntu/run.sh create mode 100644 dockerfiles/mariadb/5.5/ubuntu-14.04/Dockerfile create mode 100644 dockerfiles/mariadb/5.5/ubuntu-14.04/init_user.sh create mode 100644 dockerfiles/mariadb/5.5/ubuntu-14.04/my.cnf create mode 100644 dockerfiles/mariadb/5.5/ubuntu-14.04/run.sh create mode 100644 dockerfiles/mariadb/README.md create mode 100644 dockerfiles/php-cli/5.5/ubuntu14.04/Dockerfile create mode 100644 dockerfiles/php-cli/7.0/ubuntu16.04/Dockerfile create mode 100644 dockerfiles/php-cli/README.md create mode 100644 dockerfiles/php-fpm/5.5/ubuntu-14.04/Dockerfile create mode 100644 dockerfiles/php-fpm/5.6/debian-8/Dockerfile create mode 100644 dockerfiles/php-fpm/7.0/debian-9/Dockerfile create mode 100644 dockerfiles/php-fpm/7.0/debian-9/composer-install.sh create mode 100644 dockerfiles/php-fpm/7.0/debian-9/entrypoint.sh create mode 100644 dockerfiles/php-fpm/7.0/ubuntu-16.04/Dockerfile create mode 100644 dockerfiles/php-fpm/README.md create mode 100644 dockerfiles/redis/3.2/Dockerfile create mode 100644 dockerfiles/redis/3.2/redis.conf create mode 100644 dockerfiles/redis/4.0/Dockerfile create mode 100644 dockerfiles/redis/4.0/redis.conf create mode 100644 dockerfiles/redis/README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..26db8a3 --- /dev/null +++ b/README.md @@ -0,0 +1,78 @@ + +# EnvDev Dockerfiles +Web Developement Environment (Apache, PHP, MariaDB, ...) + +# List +* HTTPd +* PHP-FPM +* MariaDB +* Redis +* MailCatcher +* MailDev +* PHP-Cli + +# Docker Engine + +## Install +Mac: https://docs.docker.com/docker-for-mac/install/ +Windows: https://docs.docker.com/docker-for-windows/install/ +Ubuntu: https://docs.docker.com/install/linux/docker-ce/ubuntu/ + +# Docker compose +https://github.com/docker/compose/releases + +# Usage +Start with a docker-compose file + +We hope you have define a workspace path +Linux: ```/home//workspace``` +Windows: ```C:\\worspace``` + +## Launch services (first time build) +```bash +docker-compose up -d +``` +Delete service : `docker-compose rm` + +## Start and stop +`docker-compose start` +`docker-compose stop` + +## Viewing log +`docker-compose logs -f` +`docker-compose logs ` + +## View running container + + +## Update or Re-create base image + + +# Specific container usage + +## PHP Cli +Work in your vhosts to execute some command in php +```bash +docker-compose exec -u fpm + +``` +To avoid permissions problem + +Update composer or an admin command +```bash +docker-compose exec +``` + +## Database +Database files are store in /database. +Even if you delete your + + +# Additional +## ctop +Get ctop on [github](https://github.com/bcicen/ctop) + +```bash +sudo wget https://github.com/bcicen/ctop/releases/download/v0.7.1/ctop-0.7.1-linux-amd64 -O /usr/local/bin/ctop +sudo chmod +x /usr/local/bin/ctop +``` diff --git a/additional/install_composer.sh b/additional/install_composer.sh new file mode 100644 index 0000000..f4dec98 --- /dev/null +++ b/additional/install_composer.sh @@ -0,0 +1,19 @@ +#!/bin/sh + +EXPECTED_SIGNATURE=$(wget -q -O - https://composer.github.io/installer.sig) +php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" +ACTUAL_SIGNATURE=$(php -r "echo hash_file('SHA384', 'composer-setup.php');") + +if [ "$EXPECTED_SIGNATURE" != "$ACTUAL_SIGNATURE" ] +then + >&2 echo 'ERROR: Invalid installer signature' + rm composer-setup.php + exit 1 +fi + +php composer-setup.php --quiet +RESULT=$? +rm composer-setup.php +mv composer.phar /usr/local/bin/composer +chmod +x /usr/local/bin/composer +exit $RESULT diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..657db6c --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,79 @@ +version: '2.1' +services: + # PHP 5.6 FPM + fpm56: + container_name: fpm56 + image: php-fpm:5.6-debian + volumes: + - /home/michael/workspace:/home/vhosts + links: + - "db:db" + - "mailcatcher:mailcatcher" + logging: + driver: "json-file" + options: + max-size: "1g" + max-file: "10" + # PHP 7.0 FPM + fpm70: + container_name: fpm70 + image: php-fpm:7.0-debian + volumes: + - /home/michael/workspace:/home/vhosts + links: + - "db:db" + - "mailcatcher:mailcatcher" + logging: + driver: "json-file" + options: + max-size: "1g" + max-file: "10" + # MailCatcher + mailcatcher: + container_name: mailcatcher + image: mailcatcher:0.6.5 + logging: + driver: "json-file" + options: + max-size: "1g" + max-file: "10" + # MariaDB + db: + container_name: db + image: mariadb:10.2-debian + user: mysql + volumes: + - /home/michael/workspace/database:/var/lib/mysql + logging: + driver: "json-file" + options: + max-size: "500m" + max-file: "9" + environment: + MARIADB_PASS: password + # Apache HTTPd + httpd: + container_name: httpd + image: httpd:2.4-debian + volumes: + - /home/michael/workspace:/home/vhosts + links: + - "fpm56:fpm56" + - "fpm70:fpm70" + logging: + driver: "json-file" + options: + max-size: "1g" + max-file: "10" + networks: + front: + ipv4_address: 172.10.0.2 + +networks: + front: + driver: bridge + ipam: + driver: default + config: + - subnet: 172.10.0.0/16 + gateway: 172.10.0.1 diff --git a/dockerfiles/LICENSE b/dockerfiles/LICENSE new file mode 100644 index 0000000..261eeb9 --- /dev/null +++ b/dockerfiles/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/dockerfiles/README.md b/dockerfiles/README.md new file mode 100644 index 0000000..2861173 --- /dev/null +++ b/dockerfiles/README.md @@ -0,0 +1,11 @@ +# EnvDev Dockerfiles +Web Developement Environment (Apache, PHP, MariaDB, ...) + +# List +* HTTPd +* MailCatcher +* MailDev +* MariaDB +* PHP-Cli +* PHP-FPM +* Redis diff --git a/dockerfiles/docker-compose.example.yml b/dockerfiles/docker-compose.example.yml new file mode 100644 index 0000000..e2a4f0f --- /dev/null +++ b/dockerfiles/docker-compose.example.yml @@ -0,0 +1,77 @@ +version: '2.1' +services: + # PHP 7.0 FPM + dev-fpm70: + container_name: dev-fpm70 + image: envdev/php-fpm:7.0-debian + volumes: + - /path/to/workspace:/home/vhosts + links: + - "dev-db:db" + - "dev-redis:redis" + - "dev-mailcatcher:mailcatcher" + logging: + driver: "json-file" + options: + max-size: "1g" + max-file: "10" + environment: + LOCAL_USER_ID: 1000 + # MailCatcher + dev-mailcatcher: + container_name: dev-mailcatcher + image: envdev/mailcatcher:0.6.5 + logging: + driver: "json-file" + options: + max-size: "1g" + max-file: "10" + # MailCatcher + dev-redis: + container_name: dev-redis + image: envdev/redis:4.0 + logging: + driver: "json-file" + options: + max-size: "1g" + max-file: "10" + # MariaDB + dev-db: + container_name: dev-db + image: envdev/mariadb:10.2-debian + user: mysql + volumes: + - /path/to/workspace/database:/var/lib/mysql + logging: + driver: "json-file" + options: + max-size: "500m" + max-file: "9" + environment: + MARIADB_PASS: password + # Apache HTTPd + dev-httpd: + container_name: dev-httpd + image: envdev/httpd:2.4-debian + volumes: + - /path/to/workspace:/home/vhosts + links: + - "dev-fpm70:fpm70" + logging: + driver: "json-file" + options: + max-size: "1g" + max-file: "10" + networks: + default: + front: + ipv4_address: 172.10.0.2 + +networks: + front: + driver: bridge + ipam: + driver: default + config: + - subnet: 172.10.0.0/16 + gateway: 172.10.0.1 diff --git a/dockerfiles/httpd/2.4/debian-9/Dockerfile b/dockerfiles/httpd/2.4/debian-9/Dockerfile new file mode 100644 index 0000000..0205a41 --- /dev/null +++ b/dockerfiles/httpd/2.4/debian-9/Dockerfile @@ -0,0 +1,28 @@ +FROM debian:9 + +# Environment +ENV TERM xterm +ENV DEBIAN_FRONTEND noninteractive +ENV TZ=Europe/Paris + +# Installation +RUN apt-get update && apt-get -y upgrade && apt-get -y dist-upgrade && \ + apt-get -y install nano apache2 libapache2-mod-xsendfile && \ + echo "ServerName 127.0.0.1" > /etc/apache2/conf-available/httpd.conf && \ + mkdir /var/run/apache2 && mkdir /var/lock/apache2 && \ + rm -f /var/log/apache2/error.log && ln -s /dev/stderr /var/log/apache2/error.log && \ + rm -f /var/log/apache2/access.log && ln -s /dev/stdout /var/log/apache2/access.log + +RUN perl /usr/sbin/a2enconf httpd +RUN perl /usr/sbin/a2enmod autoindex deflate expires headers rewrite actions proxy proxy_fcgi +RUN apt-get clean && rm -rf /var/lib/apt/lists/* + +ADD run.sh /run.sh +RUN chmod +x /run.sh + +# Add VOLUMEs +VOLUME ["/home/vhosts"] + +# Expose and Run +EXPOSE 80 +CMD ["/run.sh"] diff --git a/dockerfiles/httpd/2.4/debian-9/run.sh b/dockerfiles/httpd/2.4/debian-9/run.sh new file mode 100644 index 0000000..6f010d5 --- /dev/null +++ b/dockerfiles/httpd/2.4/debian-9/run.sh @@ -0,0 +1,8 @@ +#!/bin/bash +set -e + +# Apache gets grumpy about PID files pre-existing +rm -f /usr/local/apache2/logs/httpd.pid + +source /etc/apache2/envvars +exec apache2 -D FOREGROUND diff --git a/dockerfiles/httpd/2.4/ubuntu-16.04/Dockerfile b/dockerfiles/httpd/2.4/ubuntu-16.04/Dockerfile new file mode 100644 index 0000000..dd5fc8c --- /dev/null +++ b/dockerfiles/httpd/2.4/ubuntu-16.04/Dockerfile @@ -0,0 +1,28 @@ +FROM ubuntu:16.04 + +# Environment +ENV TERM xterm +ENV DEBIAN_FRONTEND noninteractive +ENV TZ=Europe/Paris + +# Installation +RUN apt-get update && apt-get -y upgrade && apt-get -y dist-upgrade && \ + apt-get -y install nano apache2 libapache2-mod-fcgid libapache2-mod-rpaf libapache2-mod-xsendfile && \ + echo "ServerName 127.0.0.1" > /etc/apache2/conf-available/httpd.conf && \ + mkdir /var/run/apache2 && mkdir /var/lock/apache2 && \ + rm -f /var/log/apache2/error.log && ln -s /dev/stderr /var/log/apache2/error.log && \ + rm -f /var/log/apache2/access.log && ln -s /dev/stdout /var/log/apache2/access.log + +RUN perl /usr/sbin/a2enconf httpd +RUN perl /usr/sbin/a2enmod autoindex deflate expires headers rewrite actions proxy proxy_fcgi rpaf +RUN apt-get clean && rm -rf /var/lib/apt/lists/* + +ADD run.sh /run.sh +RUN chmod +x /run.sh + +# Add VOLUMEs +VOLUME ["/home/vhosts"] + +# Expose and Run +EXPOSE 80 +CMD ["/run.sh"] diff --git a/dockerfiles/httpd/2.4/ubuntu-16.04/run.sh b/dockerfiles/httpd/2.4/ubuntu-16.04/run.sh new file mode 100644 index 0000000..6f010d5 --- /dev/null +++ b/dockerfiles/httpd/2.4/ubuntu-16.04/run.sh @@ -0,0 +1,8 @@ +#!/bin/bash +set -e + +# Apache gets grumpy about PID files pre-existing +rm -f /usr/local/apache2/logs/httpd.pid + +source /etc/apache2/envvars +exec apache2 -D FOREGROUND diff --git a/dockerfiles/httpd/README.md b/dockerfiles/httpd/README.md new file mode 100644 index 0000000..e4f010d --- /dev/null +++ b/dockerfiles/httpd/README.md @@ -0,0 +1,39 @@ +# Build +``` +$ docker build --force-rm --no-cache -t envdev/httpd:- httpd/// +``` + +# Usage +## Configure Vhosts + +## php-fpm +Create a file `/etc/apache2/sites-enabled/fpm/70.conf` and add in your vhost +`include fpm/70.conf` + +``` +# Redirect to local php-fpm if mod_php is not available + + + # Enable http authorization headers + + SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1 + + + + SetHandler "proxy:fcgi://fpm70/:9000 + + + # Deny access to raw php sources by default + # To re-enable it's recommended to enable access to the files + # only in specific virtual host or directory + Require all denied + + # Deny access to files without filename (e.g. '.php') + + Require all denied + + + +``` + +Adapt to any version of PHP-FPM you have diff --git a/dockerfiles/mailcatcher/Dockerfile b/dockerfiles/mailcatcher/Dockerfile new file mode 100644 index 0000000..3f78d74 --- /dev/null +++ b/dockerfiles/mailcatcher/Dockerfile @@ -0,0 +1,14 @@ +FROM alpine:latest + +ENV VERSION 0.6.5 +ENV HTTP_PORT 1080 +ENV SMTP_PORT 1025 + +RUN apk add --update ruby ruby-dev ruby-bigdecimal sqlite sqlite-dev build-base libstdc++ ca-certificates && \ + gem install json --no-ri --no-rdoc && \ + gem install mailcatcher -v $VERSION --no-ri --no-rdoc && \ + apk del --purge ruby-dev build-base && \ + rm -rf /var/cache/apk/* + +EXPOSE $SMTP_PORT $HTTP_PORT +CMD mailcatcher -f --ip=0.0.0.0 --smtp-port=$SMTP_PORT --http-port=$HTTP_PORT \ No newline at end of file diff --git a/dockerfiles/mailcatcher/README.md b/dockerfiles/mailcatcher/README.md new file mode 100644 index 0000000..e1f8ae6 --- /dev/null +++ b/dockerfiles/mailcatcher/README.md @@ -0,0 +1,16 @@ +# Mailcatcher + +[Mailcatcher](http://mailcatcher.me) catches mail and serves it through a dream. + +Deliver mails to smtp://127.0.0.1:1025 et check out [http://127.0.0.1:1080]() to see them. + +## Environment variables +**SMTP_PORT** Change default SMTP port (default: 1025) + +**HTTP_PORT** Change default HTTP port (default: 1080) + +## Usage with PHP +sudo nano /etc/php5/apache2/php.ini +sudo nano /etc/php5/cli/php.ini + +sendmail_path = /usr/bin/env catchmail --smtp-ip 172.18.0.1 --smtp-port 1025 -f some@from.address diff --git a/dockerfiles/maildev/README.md b/dockerfiles/maildev/README.md new file mode 100644 index 0000000..43f6a09 --- /dev/null +++ b/dockerfiles/maildev/README.md @@ -0,0 +1,7 @@ +MailDev +======= + +[MailDev](http://danfarrelly.nyc/MailDev/) + +> $ docker pull djfarrelly/maildev +> $ docker run -p 1080:80 -p 1025:25 djfarrelly/maildev diff --git a/dockerfiles/mariadb/10.0/ubuntu-14.04/Dockerfile b/dockerfiles/mariadb/10.0/ubuntu-14.04/Dockerfile new file mode 100644 index 0000000..20de6da --- /dev/null +++ b/dockerfiles/mariadb/10.0/ubuntu-14.04/Dockerfile @@ -0,0 +1,33 @@ +FROM ubuntu:14.04 + +ENV TERM xterm +ENV DEBIAN_FRONTEND noninteractive + +# Installation +RUN apt-get -y install software-properties-common && \ + apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xcbcb082a1bb943db && \ + add-apt-repository 'deb [arch=amd64,i386] http://mirror6.layerjet.com/mariadb/repo/10.0/ubuntu trusty main' && \ + apt-get update && apt-get -y upgrade && apt-get install -y mariadb-server-10.0 pwgen && \ + rm -rf /var/lib/mysql/* && \ + apt-get clean && \ + rm -rf /var/lib/apt/lists/* && \ + sed -i -e 's/log_bin[ \t]*= \/var\/log\/mysql\/mariadb-bin/#log_bin[ \t]*= \/var\/log\/mysql\/mariadb-bin/g' /etc/mysql/my.cnf && \ + sed -i -e 's/log_bin_index[ \t]*= \/var\/log\/mysql\/mariadb-bin.index/#log_bin_index[ \t]*= \/var\/log\/mysql\/mariadb-bin.index/g' /etc/mysql/my.cnf && \ + sed -i -r 's/syslog/log_error=\/var\/log\/errorlog.err/' /etc/mysql/conf.d/mysqld_safe_syslog.cnf && \ + ln -s /dev/stderr /var/log/errorlog.err && \ + echo "Europe/Paris" > /etc/timezone && dpkg-reconfigure -f noninteractive tzdata + +# Add MySQL configuration +ADD *.cnf /etc/mysql/conf.d/ +RUN chmod 644 /etc/mysql/conf.d/*.cnf + +# Add cli to run +ADD init_user.sh /home/init_user.sh +ADD run.sh /home/run.sh +RUN chmod 775 /home/*.sh + +# Add VOLUMEs to allow backup of config and databases +VOLUME ["/etc/mysql", "/var/lib/mysql"] + +EXPOSE 3306 +CMD ["/home/run.sh"] diff --git a/dockerfiles/mariadb/10.0/ubuntu-14.04/init_user.sh b/dockerfiles/mariadb/10.0/ubuntu-14.04/init_user.sh new file mode 100644 index 0000000..cabc48d --- /dev/null +++ b/dockerfiles/mariadb/10.0/ubuntu-14.04/init_user.sh @@ -0,0 +1,32 @@ +#!/bin/bash + +/usr/bin/mysqld_safe > /dev/null 2>&1 & + +RET=1 +while [[ RET -ne 0 ]]; do + echo "=> Waiting for confirmation of MariaDB service startup" + sleep 5 + mysql -uroot -e "status" > /dev/null 2>&1 + RET=$? +done + + +PASS=${MARIADB_PASS:-$(pwgen -s 12 1)} +_word=$( [ ${MARIADB_PASS} ] && echo "preset" || echo "random" ) +echo "=> Creating MariaDB admin user with ${_word} password" + +mysql -uroot -e "CREATE USER 'admin'@'%' IDENTIFIED BY '$PASS'" +mysql -uroot -e "GRANT ALL PRIVILEGES ON *.* TO 'admin'@'%' WITH GRANT OPTION" + +echo "=> Done!" + +echo "========================================================================" +echo "You can now connect to this MariaDB Server using:" +echo "" +echo " mysql -uadmin -p$PASS -h -P" +echo "" +echo "Please remember to change the above password as soon as possible!" +echo "MariaDB user 'root' has no password but only allows local connections" +echo "========================================================================" + +mysqladmin -uroot shutdown diff --git a/dockerfiles/mariadb/10.0/ubuntu-14.04/my.cnf b/dockerfiles/mariadb/10.0/ubuntu-14.04/my.cnf new file mode 100644 index 0000000..90089a6 --- /dev/null +++ b/dockerfiles/mariadb/10.0/ubuntu-14.04/my.cnf @@ -0,0 +1,6 @@ +[mysqld] +bind-address=0.0.0.0 +skip_name_resolve +skip_external_locking +#server-id +#log-bin diff --git a/dockerfiles/mariadb/10.0/ubuntu-14.04/run.sh b/dockerfiles/mariadb/10.0/ubuntu-14.04/run.sh new file mode 100644 index 0000000..118a830 --- /dev/null +++ b/dockerfiles/mariadb/10.0/ubuntu-14.04/run.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +VOLUME_HOME="/var/lib/mysql" + +if [[ ! -d $VOLUME_HOME/mysql ]]; then + echo "=> An empty or uninitialized MariaDB volume is detected in $VOLUME_HOME" + echo "=> Installing MariaDB ..." + mysql_install_db > /dev/null 2>&1 + echo "=> Done!" + /home/init_user.sh +else + echo "=> Using an existing volume of MariaDB" +fi + +/home/init_config.sh + +exec mysqld_safe diff --git a/dockerfiles/mariadb/10.1/ubuntu-14.04/Dockerfile b/dockerfiles/mariadb/10.1/ubuntu-14.04/Dockerfile new file mode 100644 index 0000000..f064449 --- /dev/null +++ b/dockerfiles/mariadb/10.1/ubuntu-14.04/Dockerfile @@ -0,0 +1,32 @@ +FROM ubuntu:14.04 + +ENV TERM xterm +ENV DEBIAN_FRONTEND noninteractive + +# Installation +RUN apt-get update && apt-get -y install software-properties-common && \ + apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xcbcb082a1bb943db && \ + add-apt-repository 'deb [arch=amd64,i386] http://ftp.igh.cnrs.fr/pub/mariadb/repo/10.1/ubuntu trusty main' && \ + apt-get update && apt-get -y upgrade && apt-get -y install mariadb-server-10.1 pwgen && \ + rm -rf /var/lib/mysql/* && \ + sed -i -e 's/log_bin[ \t]*= \/var\/log\/mysql\/mariadb-bin/#log_bin[ \t]*= \/var\/log\/mysql\/mariadb-bin/g' /etc/mysql/my.cnf && \ + sed -i -e 's/log_bin_index[ \t]*= \/var\/log\/mysql\/mariadb-bin.index/#log_bin_index[ \t]*= \/var\/log\/mysql\/mariadb-bin.index/g' /etc/mysql/my.cnf && \ + sed -i -r 's/syslog/log_error=\/var\/log\/errorlog.err/' /etc/mysql/conf.d/mysqld_safe_syslog.cnf && \ + apt-get clean && rm -rf /var/lib/apt/lists/* && \ + ln -s /dev/stderr /var/log/errorlog.err && \ + echo "Europe/Paris" > /etc/timezone && dpkg-reconfigure -f noninteractive tzdata + +# Add MySQL configuration +ADD *.cnf /etc/mysql/conf.d/ +RUN chmod 644 /etc/mysql/conf.d/*.cnf + +# Add cli to run +ADD init_user.sh /home/init_user.sh +ADD run.sh /home/run.sh +RUN chmod 775 /home/*.sh + +# Add VOLUMEs to allow backup of config and databases +VOLUME ["/etc/mysql", "/var/lib/mysql"] + +EXPOSE 3306 +CMD ["/home/run.sh"] diff --git a/dockerfiles/mariadb/10.1/ubuntu-14.04/init_user.sh b/dockerfiles/mariadb/10.1/ubuntu-14.04/init_user.sh new file mode 100644 index 0000000..cabc48d --- /dev/null +++ b/dockerfiles/mariadb/10.1/ubuntu-14.04/init_user.sh @@ -0,0 +1,32 @@ +#!/bin/bash + +/usr/bin/mysqld_safe > /dev/null 2>&1 & + +RET=1 +while [[ RET -ne 0 ]]; do + echo "=> Waiting for confirmation of MariaDB service startup" + sleep 5 + mysql -uroot -e "status" > /dev/null 2>&1 + RET=$? +done + + +PASS=${MARIADB_PASS:-$(pwgen -s 12 1)} +_word=$( [ ${MARIADB_PASS} ] && echo "preset" || echo "random" ) +echo "=> Creating MariaDB admin user with ${_word} password" + +mysql -uroot -e "CREATE USER 'admin'@'%' IDENTIFIED BY '$PASS'" +mysql -uroot -e "GRANT ALL PRIVILEGES ON *.* TO 'admin'@'%' WITH GRANT OPTION" + +echo "=> Done!" + +echo "========================================================================" +echo "You can now connect to this MariaDB Server using:" +echo "" +echo " mysql -uadmin -p$PASS -h -P" +echo "" +echo "Please remember to change the above password as soon as possible!" +echo "MariaDB user 'root' has no password but only allows local connections" +echo "========================================================================" + +mysqladmin -uroot shutdown diff --git a/dockerfiles/mariadb/10.1/ubuntu-14.04/my.cnf b/dockerfiles/mariadb/10.1/ubuntu-14.04/my.cnf new file mode 100644 index 0000000..90089a6 --- /dev/null +++ b/dockerfiles/mariadb/10.1/ubuntu-14.04/my.cnf @@ -0,0 +1,6 @@ +[mysqld] +bind-address=0.0.0.0 +skip_name_resolve +skip_external_locking +#server-id +#log-bin diff --git a/dockerfiles/mariadb/10.1/ubuntu-14.04/run.sh b/dockerfiles/mariadb/10.1/ubuntu-14.04/run.sh new file mode 100644 index 0000000..b862ecc --- /dev/null +++ b/dockerfiles/mariadb/10.1/ubuntu-14.04/run.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +VOLUME_HOME="/var/lib/mysql" + +if [[ ! -d $VOLUME_HOME/mysql ]]; then + echo "=> An empty or uninitialized MariaDB volume is detected in $VOLUME_HOME" + echo "=> Installing MariaDB ..." + mysql_install_db > /dev/null 2>&1 + echo "=> Done!" + /home/init_user.sh +else + echo "=> Using an existing volume of MariaDB" +fi + +exec mysqld_safe diff --git a/dockerfiles/mariadb/10.2/debian/Dockerfile b/dockerfiles/mariadb/10.2/debian/Dockerfile new file mode 100644 index 0000000..816a98f --- /dev/null +++ b/dockerfiles/mariadb/10.2/debian/Dockerfile @@ -0,0 +1,33 @@ +FROM debian:9 + +# Environment +ENV TERM xterm +ENV DEBIAN_FRONTEND noninteractive +ENV TZ=Europe/Paris + +# Installation +RUN apt-get update && apt-get -y install software-properties-common procps gnupg pwgen nano && \ + apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xF1656F24C74CD1D8 && \ + add-apt-repository 'deb [arch=amd64] http://ftp.igh.cnrs.fr/pub/mariadb/repo/10.2/debian stretch main' && \ + apt-get update && apt-get -y upgrade && apt-get -y install mariadb-server-10.2 && \ + sed -i -e 's/log_bin[ \t]*= \/var\/log\/mysql\/mariadb-bin/#log_bin[ \t]*= \/var\/log\/mysql\/mariadb-bin/g' /etc/mysql/my.cnf && \ + sed -i -e 's/log_bin_index[ \t]*= \/var\/log\/mysql\/mariadb-bin.index/#log_bin_index[ \t]*= \/var\/log\/mysql\/mariadb-bin.index/g' /etc/mysql/my.cnf && \ + ln -s /dev/stderr /var/log/errorlog.err && chown mysql: /var/lib/mysql && \ + apt-get clean && rm -rf /var/lib/apt/lists/* && \ + echo "Europe/Paris" > /etc/timezone && dpkg-reconfigure -f noninteractive tzdata + +# Add MySQL configuration +ADD *.cnf /etc/mysql/conf.d/ +RUN chmod 644 /etc/mysql/conf.d/*.cnf + +# Add cli to run +ADD init_user.sh /home/init_user.sh +ADD run.sh /home/run.sh +RUN chmod 775 /home/*.sh + +# Add VOLUMEs to allow backup of config and databases +VOLUME ["/etc/mysql", "/var/lib/mysql"] + +# Expose and Run +EXPOSE 3306 +CMD ["/home/run.sh"] diff --git a/dockerfiles/mariadb/10.2/debian/init_user.sh b/dockerfiles/mariadb/10.2/debian/init_user.sh new file mode 100644 index 0000000..cabc48d --- /dev/null +++ b/dockerfiles/mariadb/10.2/debian/init_user.sh @@ -0,0 +1,32 @@ +#!/bin/bash + +/usr/bin/mysqld_safe > /dev/null 2>&1 & + +RET=1 +while [[ RET -ne 0 ]]; do + echo "=> Waiting for confirmation of MariaDB service startup" + sleep 5 + mysql -uroot -e "status" > /dev/null 2>&1 + RET=$? +done + + +PASS=${MARIADB_PASS:-$(pwgen -s 12 1)} +_word=$( [ ${MARIADB_PASS} ] && echo "preset" || echo "random" ) +echo "=> Creating MariaDB admin user with ${_word} password" + +mysql -uroot -e "CREATE USER 'admin'@'%' IDENTIFIED BY '$PASS'" +mysql -uroot -e "GRANT ALL PRIVILEGES ON *.* TO 'admin'@'%' WITH GRANT OPTION" + +echo "=> Done!" + +echo "========================================================================" +echo "You can now connect to this MariaDB Server using:" +echo "" +echo " mysql -uadmin -p$PASS -h -P" +echo "" +echo "Please remember to change the above password as soon as possible!" +echo "MariaDB user 'root' has no password but only allows local connections" +echo "========================================================================" + +mysqladmin -uroot shutdown diff --git a/dockerfiles/mariadb/10.2/debian/my.cnf b/dockerfiles/mariadb/10.2/debian/my.cnf new file mode 100644 index 0000000..070eb12 --- /dev/null +++ b/dockerfiles/mariadb/10.2/debian/my.cnf @@ -0,0 +1,8 @@ +[mysqld] +bind-address=0.0.0.0 +skip-host-cache +skip_name_resolve +skip_external_locking +log_error=/var/log/errorlog.err +#server-id +#log-bin \ No newline at end of file diff --git a/dockerfiles/mariadb/10.2/debian/run.sh b/dockerfiles/mariadb/10.2/debian/run.sh new file mode 100644 index 0000000..b862ecc --- /dev/null +++ b/dockerfiles/mariadb/10.2/debian/run.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +VOLUME_HOME="/var/lib/mysql" + +if [[ ! -d $VOLUME_HOME/mysql ]]; then + echo "=> An empty or uninitialized MariaDB volume is detected in $VOLUME_HOME" + echo "=> Installing MariaDB ..." + mysql_install_db > /dev/null 2>&1 + echo "=> Done!" + /home/init_user.sh +else + echo "=> Using an existing volume of MariaDB" +fi + +exec mysqld_safe diff --git a/dockerfiles/mariadb/10.2/official/Dockerfile b/dockerfiles/mariadb/10.2/official/Dockerfile new file mode 100644 index 0000000..8dca4f2 --- /dev/null +++ b/dockerfiles/mariadb/10.2/official/Dockerfile @@ -0,0 +1,25 @@ +FROM mariadb:10.2 + +# Environment +ENV TERM xterm +ENV DEBIAN_FRONTEND noninteractive +ENV TZ=Europe/Paris + +# Installation +RUN apt-get update && apt-get -y install software-properties-common gnupg procps nano pwgen && \ + echo "Europe/Paris" > /etc/timezone && dpkg-reconfigure -f noninteractive tzdata + +# Add MySQL configuration +ADD *.cnf /etc/mysql/conf.d/ +RUN chmod 644 /etc/mysql/conf.d/*.cnf + +# Add cli to run +ADD init_user.sh /home/init_user.sh +RUN chmod 775 /home/*.sh + +# Add VOLUMEs to allow backup of config and databases +VOLUME ["/etc/mysql", "/var/lib/mysql"] + +# Expose and Run +EXPOSE 3306 +CMD ["mysqld"] diff --git a/dockerfiles/mariadb/10.2/official/init_user.sh b/dockerfiles/mariadb/10.2/official/init_user.sh new file mode 100644 index 0000000..cabc48d --- /dev/null +++ b/dockerfiles/mariadb/10.2/official/init_user.sh @@ -0,0 +1,32 @@ +#!/bin/bash + +/usr/bin/mysqld_safe > /dev/null 2>&1 & + +RET=1 +while [[ RET -ne 0 ]]; do + echo "=> Waiting for confirmation of MariaDB service startup" + sleep 5 + mysql -uroot -e "status" > /dev/null 2>&1 + RET=$? +done + + +PASS=${MARIADB_PASS:-$(pwgen -s 12 1)} +_word=$( [ ${MARIADB_PASS} ] && echo "preset" || echo "random" ) +echo "=> Creating MariaDB admin user with ${_word} password" + +mysql -uroot -e "CREATE USER 'admin'@'%' IDENTIFIED BY '$PASS'" +mysql -uroot -e "GRANT ALL PRIVILEGES ON *.* TO 'admin'@'%' WITH GRANT OPTION" + +echo "=> Done!" + +echo "========================================================================" +echo "You can now connect to this MariaDB Server using:" +echo "" +echo " mysql -uadmin -p$PASS -h -P" +echo "" +echo "Please remember to change the above password as soon as possible!" +echo "MariaDB user 'root' has no password but only allows local connections" +echo "========================================================================" + +mysqladmin -uroot shutdown diff --git a/dockerfiles/mariadb/10.2/official/my.cnf b/dockerfiles/mariadb/10.2/official/my.cnf new file mode 100644 index 0000000..ebed58f --- /dev/null +++ b/dockerfiles/mariadb/10.2/official/my.cnf @@ -0,0 +1,8 @@ +[mysqld] +bind-address=0.0.0.0 +skip-host-cache +skip_name_resolve +skip_external_locking +log_error=/var/log/errorlog.err +#server-id +#log-bin diff --git a/dockerfiles/mariadb/10.2/ubuntu/Dockerfile b/dockerfiles/mariadb/10.2/ubuntu/Dockerfile new file mode 100644 index 0000000..df4b4bc --- /dev/null +++ b/dockerfiles/mariadb/10.2/ubuntu/Dockerfile @@ -0,0 +1,35 @@ +FROM ubuntu:16.04 + +# Environment +ENV TERM xterm +ENV DEBIAN_FRONTEND noninteractive +ENV TZ=Europe/Paris + +# Installation +RUN apt-get update && apt-get -y install software-properties-common pwgen && \ + apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xcbcb082a1bb943db && \ + add-apt-repository 'deb [arch=amd64,i386] http://ftp.igh.cnrs.fr/pub/mariadb/repo/10.2/ubuntu xenial main' && \ + apt-get update && apt-get -y upgrade && apt-get -y install mariadb-server-10.2 && \ + rm -rf /var/lib/mysql/* && \ + sed -i -e 's/log_bin[ \t]*= \/var\/log\/mysql\/mariadb-bin/#log_bin[ \t]*= \/var\/log\/mysql\/mariadb-bin/g' /etc/mysql/my.cnf && \ + sed -i -e 's/log_bin_index[ \t]*= \/var\/log\/mysql\/mariadb-bin.index/#log_bin_index[ \t]*= \/var\/log\/mysql\/mariadb-bin.index/g' /etc/mysql/my.cnf && \ + sed -i -r 's/syslog/log_error=\/var\/log\/errorlog.err/' /etc/mysql/conf.d/mysqld_safe_syslog.cnf && \ + apt-get clean && rm -rf /var/lib/apt/lists/* && \ + ln -s /dev/stderr /var/log/errorlog.err && \ + echo "Europe/Paris" > /etc/timezone && dpkg-reconfigure -f noninteractive tzdata + +# Add MySQL configuration +ADD *.cnf /etc/mysql/conf.d/ +RUN chmod 644 /etc/mysql/conf.d/*.cnf + +# Add cli to run +ADD init_user.sh /home/init_user.sh +ADD run.sh /home/run.sh +RUN chmod 775 /home/*.sh + +# Add VOLUMEs to allow backup of config and databases +VOLUME ["/etc/mysql", "/var/lib/mysql"] + +# Expose and Run +EXPOSE 3306 +CMD ["/home/run.sh"] diff --git a/dockerfiles/mariadb/10.2/ubuntu/init_user.sh b/dockerfiles/mariadb/10.2/ubuntu/init_user.sh new file mode 100644 index 0000000..cabc48d --- /dev/null +++ b/dockerfiles/mariadb/10.2/ubuntu/init_user.sh @@ -0,0 +1,32 @@ +#!/bin/bash + +/usr/bin/mysqld_safe > /dev/null 2>&1 & + +RET=1 +while [[ RET -ne 0 ]]; do + echo "=> Waiting for confirmation of MariaDB service startup" + sleep 5 + mysql -uroot -e "status" > /dev/null 2>&1 + RET=$? +done + + +PASS=${MARIADB_PASS:-$(pwgen -s 12 1)} +_word=$( [ ${MARIADB_PASS} ] && echo "preset" || echo "random" ) +echo "=> Creating MariaDB admin user with ${_word} password" + +mysql -uroot -e "CREATE USER 'admin'@'%' IDENTIFIED BY '$PASS'" +mysql -uroot -e "GRANT ALL PRIVILEGES ON *.* TO 'admin'@'%' WITH GRANT OPTION" + +echo "=> Done!" + +echo "========================================================================" +echo "You can now connect to this MariaDB Server using:" +echo "" +echo " mysql -uadmin -p$PASS -h -P" +echo "" +echo "Please remember to change the above password as soon as possible!" +echo "MariaDB user 'root' has no password but only allows local connections" +echo "========================================================================" + +mysqladmin -uroot shutdown diff --git a/dockerfiles/mariadb/10.2/ubuntu/my.cnf b/dockerfiles/mariadb/10.2/ubuntu/my.cnf new file mode 100644 index 0000000..8a8ce93 --- /dev/null +++ b/dockerfiles/mariadb/10.2/ubuntu/my.cnf @@ -0,0 +1,7 @@ +[mysqld] +bind-address=0.0.0.0 +skip-host-cache +skip_name_resolve +skip_external_locking +#server-id +#log-bin diff --git a/dockerfiles/mariadb/10.2/ubuntu/run.sh b/dockerfiles/mariadb/10.2/ubuntu/run.sh new file mode 100644 index 0000000..b862ecc --- /dev/null +++ b/dockerfiles/mariadb/10.2/ubuntu/run.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +VOLUME_HOME="/var/lib/mysql" + +if [[ ! -d $VOLUME_HOME/mysql ]]; then + echo "=> An empty or uninitialized MariaDB volume is detected in $VOLUME_HOME" + echo "=> Installing MariaDB ..." + mysql_install_db > /dev/null 2>&1 + echo "=> Done!" + /home/init_user.sh +else + echo "=> Using an existing volume of MariaDB" +fi + +exec mysqld_safe diff --git a/dockerfiles/mariadb/5.5/ubuntu-14.04/Dockerfile b/dockerfiles/mariadb/5.5/ubuntu-14.04/Dockerfile new file mode 100644 index 0000000..194c4e6 --- /dev/null +++ b/dockerfiles/mariadb/5.5/ubuntu-14.04/Dockerfile @@ -0,0 +1,32 @@ +FROM ubuntu:14.04 + +ENV TERM xterm +ENV DEBIAN_FRONTEND noninteractive + +# Installation +RUN apt-get update && apt-get -y install software-properties-common && \ + apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xcbcb082a1bb943db && \ + add-apt-repository 'deb [arch=amd64,i386] http://ftp.igh.cnrs.fr/pub/mariadb/repo/5.5/ubuntu trusty main' && \ + apt-get update && apt-get -y upgrade && apt-get -y install mariadb-server-5.5 pwgen && \ + rm -rf /var/lib/mysql/* && \ + apt-get clean && rm -rf /var/lib/apt/lists/* && \ + sed -i -e 's/log_bin[ \t]*= \/var\/log\/mysql\/mariadb-bin/#log_bin[ \t]*= \/var\/log\/mysql\/mariadb-bin/g' /etc/mysql/my.cnf && \ + sed -i -e 's/log_bin_index[ \t]*= \/var\/log\/mysql\/mariadb-bin.index/#log_bin_index[ \t]*= \/var\/log\/mysql\/mariadb-bin.index/g' /etc/mysql/my.cnf && \ + sed -i -r 's/syslog/log_error=\/var\/log\/errorlog.err/' /etc/mysql/conf.d/mysqld_safe_syslog.cnf && \ + ln -s /dev/stderr /var/log/errorlog.err && \ + echo "Europe/Paris" > /etc/timezone && dpkg-reconfigure -f noninteractive tzdata + +# Add MySQL configuration +ADD *.cnf /etc/mysql/conf.d/ +RUN chmod 644 /etc/mysql/conf.d/*.cnf + +# Add cli to run +ADD init_user.sh /home/init_user.sh +ADD run.sh /home/run.sh +RUN chmod 775 /home/*.sh + +# Add VOLUMEs to allow backup of config and databases +VOLUME ["/etc/mysql", "/var/lib/mysql"] + +EXPOSE 3306 +CMD ["/home/run.sh"] diff --git a/dockerfiles/mariadb/5.5/ubuntu-14.04/init_user.sh b/dockerfiles/mariadb/5.5/ubuntu-14.04/init_user.sh new file mode 100644 index 0000000..cabc48d --- /dev/null +++ b/dockerfiles/mariadb/5.5/ubuntu-14.04/init_user.sh @@ -0,0 +1,32 @@ +#!/bin/bash + +/usr/bin/mysqld_safe > /dev/null 2>&1 & + +RET=1 +while [[ RET -ne 0 ]]; do + echo "=> Waiting for confirmation of MariaDB service startup" + sleep 5 + mysql -uroot -e "status" > /dev/null 2>&1 + RET=$? +done + + +PASS=${MARIADB_PASS:-$(pwgen -s 12 1)} +_word=$( [ ${MARIADB_PASS} ] && echo "preset" || echo "random" ) +echo "=> Creating MariaDB admin user with ${_word} password" + +mysql -uroot -e "CREATE USER 'admin'@'%' IDENTIFIED BY '$PASS'" +mysql -uroot -e "GRANT ALL PRIVILEGES ON *.* TO 'admin'@'%' WITH GRANT OPTION" + +echo "=> Done!" + +echo "========================================================================" +echo "You can now connect to this MariaDB Server using:" +echo "" +echo " mysql -uadmin -p$PASS -h -P" +echo "" +echo "Please remember to change the above password as soon as possible!" +echo "MariaDB user 'root' has no password but only allows local connections" +echo "========================================================================" + +mysqladmin -uroot shutdown diff --git a/dockerfiles/mariadb/5.5/ubuntu-14.04/my.cnf b/dockerfiles/mariadb/5.5/ubuntu-14.04/my.cnf new file mode 100644 index 0000000..e311eb5 --- /dev/null +++ b/dockerfiles/mariadb/5.5/ubuntu-14.04/my.cnf @@ -0,0 +1,6 @@ +[mysqld] +bind-address=0.0.0.0 +skip-name-resolve +skip_external_locking +#server-id +#log-bin diff --git a/dockerfiles/mariadb/5.5/ubuntu-14.04/run.sh b/dockerfiles/mariadb/5.5/ubuntu-14.04/run.sh new file mode 100644 index 0000000..b862ecc --- /dev/null +++ b/dockerfiles/mariadb/5.5/ubuntu-14.04/run.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +VOLUME_HOME="/var/lib/mysql" + +if [[ ! -d $VOLUME_HOME/mysql ]]; then + echo "=> An empty or uninitialized MariaDB volume is detected in $VOLUME_HOME" + echo "=> Installing MariaDB ..." + mysql_install_db > /dev/null 2>&1 + echo "=> Done!" + /home/init_user.sh +else + echo "=> Using an existing volume of MariaDB" +fi + +exec mysqld_safe diff --git a/dockerfiles/mariadb/README.md b/dockerfiles/mariadb/README.md new file mode 100644 index 0000000..f13a44e --- /dev/null +++ b/dockerfiles/mariadb/README.md @@ -0,0 +1,37 @@ +# Build +``` +$ docker build --force-rm --no-cache -t envdev/mariadb:- mariadb/// +``` + +# Usage +* 5.5-ubuntu +* 10.0-ubuntu +* 10.1-ubuntu +* 10.2-debian + * In `docker run` specify `--user mysql` + +The first time that you run your container, a new user `admin` with all privileges +will be created in MariaDB with a random password. To get the password, check the logs +of the container by running: + + docker logs + +You will see an output like the following: + + ======================================================================== + You can now connect to this MariaDB Server using: + + mysql -uadmin -pxVN33tWOhM3u -h -P + + Please remember to change the above password as soon as possible! + MariaDB user 'root' has no password but only allows local connections + ======================================================================== + +In this case, `xVN33tWOhM3u` is the password assigned to the `admin` user. + +## Setting a specific password for the admin account + +If you want to use a preset password instead of a random generated one, you can +set the environment variable `MARIADB_PASS` to your specific password when running the container: + +`$ docker run -d -p 3306:3306 -e MARIADB_PASS="mypass" envdev/mariadb` diff --git a/dockerfiles/php-cli/5.5/ubuntu14.04/Dockerfile b/dockerfiles/php-cli/5.5/ubuntu14.04/Dockerfile new file mode 100644 index 0000000..255539a --- /dev/null +++ b/dockerfiles/php-cli/5.5/ubuntu14.04/Dockerfile @@ -0,0 +1,24 @@ +FROM ubuntu:14.04 + +ENV TERM xterm +ENV DEBIAN_FRONTEND noninteractive + +# Installation +RUN apt-get update && apt-get -y install software-properties-common nano && \ + apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xcbcb082a1bb943db && \ + add-apt-repository 'deb [arch=amd64,i386,ppc64el] http://ftp.igh.cnrs.fr/pub/mariadb/repo/10.1/ubuntu trusty main' && \ + apt-get update && apt-get -y upgrade && apt-get -y install mariadb-client-10.1 pwgen \ + php5-cli php5-mcrypt php5-apcu php5-curl php5-xmlrpc php5-xsl php5-mysqlnd php5-gd \ + php5-json php5-intl php5-imagick && \ + sed -i -e 's/short_open_tag = Off/short_open_tag = On/g' /etc/php5/cli/php.ini && \ + sed -i -e 's/;mbstring.internal_encoding = UTF-8/mbstring.internal_encoding = UTF-8/g' /etc/php5/cli/php.ini && \ + sed -i -e 's/;date.timezone =/date.timezone = Europe\/Paris/g' /etc/php5/cli/php.ini && \ + apt-get clean && rm -rf /var/lib/apt/lists/* && \ + echo "Europe/Paris" > /etc/timezone && dpkg-reconfigure -f noninteractive tzdata + +# Add cron file description + +# Add VOLUMEs +VOLUME ["/home/vhosts"] + +CMD ["cron", "-f"] \ No newline at end of file diff --git a/dockerfiles/php-cli/7.0/ubuntu16.04/Dockerfile b/dockerfiles/php-cli/7.0/ubuntu16.04/Dockerfile new file mode 100644 index 0000000..5309094 --- /dev/null +++ b/dockerfiles/php-cli/7.0/ubuntu16.04/Dockerfile @@ -0,0 +1,24 @@ +FROM ubuntu:16.04 + +ENV TERM xterm +ENV DEBIAN_FRONTEND noninteractive +ENV TZ=Europe/Paris + +# Installation +RUN apt-get update && apt-get -y install software-properties-common nano && \ + apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8 && \ + add-apt-repository 'deb [arch=amd64,i386,ppc64el] http://ftp.igh.cnrs.fr/pub/mariadb/repo/10.1/ubuntu xenial main' && \ + apt-get update && apt-get -y upgrade && apt-get -y install mariadb-client-10.1 pwgen \ + php7.0-cli php7.0-mcrypt php7.0-curl php7.0-xmlrpc php7.0-xsl php7.0-mysqlnd php7.0-gd \ + php7.0-json php7.0-intl php-imagick php-apcu && \ + sed -i -e 's/short_open_tag = Off/short_open_tag = On/g' /etc/php/7.0/cli/php.ini && \ + sed -i -e 's/;mbstring.internal_encoding = UTF-8/mbstring.internal_encoding = UTF-8/g' /etc/php/7.0/cli/php.ini && \ + sed -i -e 's/;date.timezone =/date.timezone = Europe\/Paris/g' /etc/php/7.0/cli/php.ini && \ + apt-get clean && rm -rf /var/lib/apt/lists/* + +# Add cron file description + +# Add VOLUMEs +VOLUME ["/home/vhosts"] + +CMD ["cron", "-f"] \ No newline at end of file diff --git a/dockerfiles/php-cli/README.md b/dockerfiles/php-cli/README.md new file mode 100644 index 0000000..a5f1b03 --- /dev/null +++ b/dockerfiles/php-cli/README.md @@ -0,0 +1,6 @@ +# Build +``` +$ docker build --force-rm --no-cache -t envdev/php-cli:- php-cli/// +``` + +# Usage diff --git a/dockerfiles/php-fpm/5.5/ubuntu-14.04/Dockerfile b/dockerfiles/php-fpm/5.5/ubuntu-14.04/Dockerfile new file mode 100644 index 0000000..06a2ed7 --- /dev/null +++ b/dockerfiles/php-fpm/5.5/ubuntu-14.04/Dockerfile @@ -0,0 +1,34 @@ +FROM ubuntu:14.04 + +ENV TERM xterm +ENV DEBIAN_FRONTEND noninteractive + +# Installation +RUN apt-get update && apt-get -y install software-properties-common nano && \ + apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xcbcb082a1bb943db && \ + add-apt-repository 'deb [arch=amd64,i386,ppc64el] http://ftp.igh.cnrs.fr/pub/mariadb/repo/10.1/ubuntu trusty main' && \ + apt-get update && apt-get -y upgrade && apt-get -y install mariadb-client-10.1 pwgen \ + php5-fpm php5-mcrypt php5-curl php5-xmlrpc php5-xsl php5-mysqlnd php5-gd \ + php5-json php5-intl php5-imagick php5-apcu php-mbstring php5-redis && \ + sed -i -e 's/max_execution_time = 30/max_execution_time = 300/g' /etc/php5/fpm/php.ini && \ + sed -i -e 's/short_open_tag = Off/short_open_tag = On/g' /etc/php5/fpm/php.ini && \ + sed -i -e 's/;realpath_cache_size = 16k/realpath_cache_size = 1M/g' /etc/php5/fpm/php.ini && \ + sed -i -e 's/;mbstring.internal_encoding = UTF-8/mbstring.internal_encoding = UTF-8/g' /etc/php5/fpm/php.ini && \ + sed -i -e 's/;date.timezone =/date.timezone = Europe\/Paris/g' /etc/php5/fpm/php.ini && \ + sed -i -e 's/post_max_size = 8M/post_max_size = 50M/g' /etc/php5/fpm/php.ini && \ + sed -i -e 's/upload_max_filesize = 2M/upload_max_filesize = 50M/g' /etc/php5/fpm/php.ini && \ + sed -i -e 's/session.save_handler = files/session.save_handler = redis/g' /etc/php5/fpm/php.ini && \ + sed -i -e 's/;session.save_path = "\/var\/lib\/php5"/session.save_path = "$REDIS_PORT_6379_TCP"/g' /etc/php5/fpm/php.ini && \ + sed -i -e 's/session.gc_maxlifetime = 1440/session.gc_maxlifetime = 86400/g' /etc/php5/fpm/php.ini && \ + sed -i -e 's/;opcache.enable=0/opcache.enable=1/g' /etc/php5/fpm/php.ini && \ + sed -i -e 's/listen =[.]*$/listen = 9000/g' /etc/php5/fpm/pool.d/www.conf && \ + touch /var/log/php5-fpm.log && chown www-data /var/log/php5-fpm.log && \ + apt-get clean && rm -rf /var/lib/apt/lists/* && \ + echo "Europe/Paris" > /etc/timezone && dpkg-reconfigure -f noninteractive tzdata + +# Add VOLUMEs +VOLUME ["/home/vhosts"] + +EXPOSE 9000 + +CMD ["php5-fpm", "-F"] diff --git a/dockerfiles/php-fpm/5.6/debian-8/Dockerfile b/dockerfiles/php-fpm/5.6/debian-8/Dockerfile new file mode 100644 index 0000000..55ece89 --- /dev/null +++ b/dockerfiles/php-fpm/5.6/debian-8/Dockerfile @@ -0,0 +1,34 @@ +FROM debian:8 + +# Environment +ENV TERM xterm +ENV DEBIAN_FRONTEND noninteractive +ENV TZ=Europe/Paris + +# Installation +RUN apt-get update && apt-get -y install software-properties-common procps nano wget && \ + apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xcbcb082a1bb943db && \ + add-apt-repository 'deb [arch=amd64,i386,ppc64el] http://ftp.igh.cnrs.fr/pub/mariadb/repo/10.2/debian jessie main' && \ + apt-get update && apt-get -y upgrade && apt-get -y install mariadb-client-10.2 pwgen \ + php5-fpm php5-mcrypt php5-mbstring php5-curl php5-xmlrpc php5-xsl php5-mysqlnd php5-gd \ + php5-json php5-intl php5-imagick php5-apcu && \ + sed -i -e 's/max_execution_time = 30/max_execution_time = 300/g' /etc/php5/fpm/php.ini && \ + sed -i -e 's/short_open_tag = Off/short_open_tag = On/g' /etc/php5/fpm/php.ini && \ + sed -i -e 's/;realpath_cache_size = 16k/realpath_cache_size = 1M/g' /etc/php5/fpm/php.ini && \ + sed -i -e 's/;mbstring.internal_encoding = UTF-8/mbstring.internal_encoding = UTF-8/g' /etc/php5/fpm/php.ini && \ + sed -i -e 's/;date.timezone =/date.timezone = Europe\/Paris/g' /etc/php5/fpm/php.ini && \ + sed -i -e 's/post_max_size = 8M/post_max_size = 50M/g' /etc/php5/fpm/php.ini && \ + sed -i -e 's/upload_max_filesize = 2M/upload_max_filesize = 50M/g' /etc/php5/fpm/php.ini && \ + sed -i -e 's/session.gc_maxlifetime = 1440/session.gc_maxlifetime = 86400/g' /etc/php5/fpm/php.ini && \ + sed -i -e 's/;opcache.enable=0/opcache.enable=1/g' /etc/php5/fpm/php.ini && \ + sed -i -e 's/^listen =.*/listen = 9000/g' /etc/php5/fpm/pool.d/www.conf && \ + touch /var/log/php5-fpm.log && chown www-data /var/log/php5-fpm.log && \ + apt-get clean && rm -rf /var/lib/apt/lists/* && \ + echo "Europe/Paris" > /etc/timezone && dpkg-reconfigure -f noninteractive tzdata + +# Add VOLUMEs +VOLUME ["/home/vhosts"] + +# Expose and Run +EXPOSE 9000 +CMD ["php5-fpm", "-F"] diff --git a/dockerfiles/php-fpm/7.0/debian-9/Dockerfile b/dockerfiles/php-fpm/7.0/debian-9/Dockerfile new file mode 100644 index 0000000..28c9589 --- /dev/null +++ b/dockerfiles/php-fpm/7.0/debian-9/Dockerfile @@ -0,0 +1,44 @@ +FROM debian:9 + +# Environment +ENV TERM xterm +ENV DEBIAN_FRONTEND noninteractive +ENV TZ=Europe/Paris + +# Installation +RUN apt-get update && apt-get -y install software-properties-common procps gnupg nano wget git && \ + apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xF1656F24C74CD1D8 && \ + add-apt-repository 'deb [arch=amd64] http://ftp.igh.cnrs.fr/pub/mariadb/repo/10.2/debian stretch main' && \ + apt-get update && apt-get -y upgrade && apt-get -y install mariadb-client-10.2 pwgen \ + php7.0-fpm php7.0-mcrypt php7.0-mbstring php7.0-curl php7.0-xmlrpc php7.0-xsl php7.0-mysql php7.0-json php7.0-intl \ + php7.0-zip php7.0-gd php-apcu && \ + sed -i -e 's/max_execution_time = 30/max_execution_time = 300/g' /etc/php/7.0/fpm/php.ini && \ + sed -i -e 's/short_open_tag = Off/short_open_tag = On/g' /etc/php/7.0/fpm/php.ini && \ + sed -i -e 's/;realpath_cache_size = 16k/realpath_cache_size = 1M/g' /etc/php/7.0/fpm/php.ini && \ + sed -i -e 's/;mbstring.internal_encoding = UTF-8/mbstring.internal_encoding = UTF-8/g' /etc/php/7.0/fpm/php.ini && \ + sed -i -e 's/;date.timezone =/date.timezone = Europe\/Paris/g' /etc/php/7.0/fpm/php.ini && \ + sed -i -e 's/post_max_size = 8M/post_max_size = 50M/g' /etc/php/7.0/fpm/php.ini && \ + sed -i -e 's/upload_max_filesize = 2M/upload_max_filesize = 50M/g' /etc/php/7.0/fpm/php.ini && \ + sed -i -e 's/session.gc_maxlifetime = 1440/session.gc_maxlifetime = 86400/g' /etc/php/7.0/fpm/php.ini && \ + sed -i -e 's/;opcache.enable=0/opcache.enable=1/g' /etc/php/7.0/fpm/php.ini && \ + sed -i -e 's/^listen =.*/listen = 9000/g' /etc/php/7.0/fpm/pool.d/www.conf && \ + sed -i -e 's/^user = www-data/user = fpm/g' /etc/php/7.0/fpm/pool.d/www.conf && \ + sed -i -e 's/^group = www-data/group = fpm/g' /etc/php/7.0/fpm/pool.d/www.conf && \ + touch /var/log/php7.0-fpm.log && mkdir /run/php && \ + apt-get clean && rm -rf /var/lib/apt/lists/* && \ + echo "Europe/Paris" > /etc/timezone && dpkg-reconfigure -f noninteractive tzdata + +COPY composer-install.sh / +COPY entrypoint.sh / + +RUN chmod +x /composer-install.sh +RUN chmod +x /entrypoint.sh + +# Add VOLUMEs +VOLUME ["/home/vhosts"] + +ENTRYPOINT ["/entrypoint.sh"] + +# Expose and Run +EXPOSE 9000 +CMD ["php-fpm7.0", "-F"] diff --git a/dockerfiles/php-fpm/7.0/debian-9/composer-install.sh b/dockerfiles/php-fpm/7.0/debian-9/composer-install.sh new file mode 100644 index 0000000..09b9c51 --- /dev/null +++ b/dockerfiles/php-fpm/7.0/debian-9/composer-install.sh @@ -0,0 +1,17 @@ +#!/usr/bin/env sh + +EXPECTED_SIGNATURE=$(wget -q -O - https://composer.github.io/installer.sig) +php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" +ACTUAL_SIGNATURE=$(php -r "echo hash_file('SHA384', 'composer-setup.php');") + +if [ "$EXPECTED_SIGNATURE" != "$ACTUAL_SIGNATURE" ] +then + >&2 echo 'ERROR: Invalid installer signature' + rm composer-setup.php + exit 1 +fi + +php composer-setup.php --filename=composer --install-dir=/usr/local/bin --quiet +RESULT=$? +rm composer-setup.php +exit $RESULT \ No newline at end of file diff --git a/dockerfiles/php-fpm/7.0/debian-9/entrypoint.sh b/dockerfiles/php-fpm/7.0/debian-9/entrypoint.sh new file mode 100644 index 0000000..b828eac --- /dev/null +++ b/dockerfiles/php-fpm/7.0/debian-9/entrypoint.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +# Add local user +# Either use the LOCAL_USER_ID if passed in at runtime or +# fallback + +USER_ID=${LOCAL_USER_ID:-9001} + +echo "FPM USER ID : $USER_ID" +useradd --shell /bin/bash -u $USER_ID -o -c "" -m fpm + +exec "$@" diff --git a/dockerfiles/php-fpm/7.0/ubuntu-16.04/Dockerfile b/dockerfiles/php-fpm/7.0/ubuntu-16.04/Dockerfile new file mode 100644 index 0000000..64d67f0 --- /dev/null +++ b/dockerfiles/php-fpm/7.0/ubuntu-16.04/Dockerfile @@ -0,0 +1,33 @@ +FROM ubuntu:16.04 + +ENV TERM xterm +ENV DEBIAN_FRONTEND noninteractive +ENV TZ=Europe/Paris + +# Installation +RUN apt-get update && apt-get -y install software-properties-common nano && \ + apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8 && \ + add-apt-repository 'deb [arch=amd64,i386,ppc64el] http://ftp.igh.cnrs.fr/pub/mariadb/repo/10.1/ubuntu xenial main' && \ + apt-get update && apt-get -y upgrade && apt-get -y install mariadb-client-10.1 pwgen \ + php7.0-fpm php7.0-mcrypt php7.0-curl php7.0-xmlrpc php7.0-xsl php7.0-mysqlnd php7.0-gd \ + php7.0-json php7.0-intl php-imagick php-apcu php-mbstring php-redis && \ + sed -i -e 's/max_execution_time = 30/max_execution_time = 300/g' /etc/php/7.0/fpm/php.ini && \ + sed -i -e 's/short_open_tag = Off/short_open_tag = On/g' /etc/php/7.0/fpm/php.ini && \ + sed -i -e 's/;realpath_cache_size = 16k/realpath_cache_size = 1M/g' /etc/php/7.0/fpm/php.ini && \ + sed -i -e 's/;mbstring.internal_encoding = UTF-8/mbstring.internal_encoding = UTF-8/g' /etc/php/7.0/fpm/php.ini && \ + sed -i -e 's/;date.timezone =/date.timezone = Europe\/Paris/g' /etc/php/7.0/fpm/php.ini && \ + sed -i -e 's/post_max_size = 8M/post_max_size = 50M/g' /etc/php/7.0/fpm/php.ini && \ + sed -i -e 's/upload_max_filesize = 2M/upload_max_filesize = 50M/g' /etc/php/7.0/fpm/php.ini && \ + sed -i -e 's/session.save_handler = files/session.save_handler = redis/g' /etc/php/7.0/fpm/php.ini && \ + sed -i -e 's/;session.save_path = "\/var\/lib\/php\/sessions"/session.save_path = "$REDIS_PORT_6379_TCP"/g' /etc/php/7.0/fpm/php.ini && \ + sed -i -e 's/session.gc_maxlifetime = 1440/session.gc_maxlifetime = 86400/g' /etc/php/7.0/fpm/php.ini && \ + sed -i -e 's/;opcache.enable=0/opcache.enable=1/g' /etc/php/7.0/fpm/php.ini && \ + sed -i -e 's/listen = \/run\/php\/php7.0-fpm.sock$/listen = 9000/g' /etc/php/7.0/fpm/pool.d/www.conf && \ + mkdir /run/php && apt-get clean && rm -rf /var/lib/apt/lists/* + +# Add VOLUMEs +VOLUME ["/home/vhosts"] + +# Expose and Run +EXPOSE 9000 +CMD ["php-fpm7.0", "-F"] diff --git a/dockerfiles/php-fpm/README.md b/dockerfiles/php-fpm/README.md new file mode 100644 index 0000000..8b184fc --- /dev/null +++ b/dockerfiles/php-fpm/README.md @@ -0,0 +1,6 @@ +# Build +``` +$ docker build --force-rm --no-cache -t envdev/php-fpm:- php-fpm/// +``` + +# Usage diff --git a/dockerfiles/redis/3.2/Dockerfile b/dockerfiles/redis/3.2/Dockerfile new file mode 100644 index 0000000..cca5211 --- /dev/null +++ b/dockerfiles/redis/3.2/Dockerfile @@ -0,0 +1,4 @@ +FROM redis:3.2 + +COPY redis.conf /usr/local/etc/redis/redis.conf +CMD [ "redis-server", "/usr/local/etc/redis/redis.conf" ] \ No newline at end of file diff --git a/dockerfiles/redis/3.2/redis.conf b/dockerfiles/redis/3.2/redis.conf new file mode 100644 index 0000000..63558c4 --- /dev/null +++ b/dockerfiles/redis/3.2/redis.conf @@ -0,0 +1,1052 @@ +# Redis configuration file example. +# +# Note that in order to read the configuration file, Redis must be +# started with the file path as first argument: +# +# ./redis-server /path/to/redis.conf + +# Note on units: when memory size is needed, it is possible to specify +# it in the usual form of 1k 5GB 4M and so forth: +# +# 1k => 1000 bytes +# 1kb => 1024 bytes +# 1m => 1000000 bytes +# 1mb => 1024*1024 bytes +# 1g => 1000000000 bytes +# 1gb => 1024*1024*1024 bytes +# +# units are case insensitive so 1GB 1Gb 1gB are all the same. + +################################## INCLUDES ################################### + +# Include one or more other config files here. This is useful if you +# have a standard template that goes to all Redis servers but also need +# to customize a few per-server settings. Include files can include +# other files, so use this wisely. +# +# Notice option "include" won't be rewritten by command "CONFIG REWRITE" +# from admin or Redis Sentinel. Since Redis always uses the last processed +# line as value of a configuration directive, you'd better put includes +# at the beginning of this file to avoid overwriting config change at runtime. +# +# If instead you are interested in using includes to override configuration +# options, it is better to use include as the last line. +# +# include /path/to/local.conf +# include /path/to/other.conf + +################################## NETWORK ##################################### + +# By default, if no "bind" configuration directive is specified, Redis listens +# for connections from all the network interfaces available on the server. +# It is possible to listen to just one or multiple selected interfaces using +# the "bind" configuration directive, followed by one or more IP addresses. +# +# Examples: +# +# bind 192.168.1.100 10.0.0.1 +# bind 127.0.0.1 ::1 +# +# ~~~ WARNING ~~~ If the computer running Redis is directly exposed to the +# internet, binding to all the interfaces is dangerous and will expose the +# instance to everybody on the internet. So by default we uncomment the +# following bind directive, that will force Redis to listen only into +# the IPv4 lookback interface address (this means Redis will be able to +# accept connections only from clients running into the same computer it +# is running). +# +# IF YOU ARE SURE YOU WANT YOUR INSTANCE TO LISTEN TO ALL THE INTERFACES +# JUST COMMENT THE FOLLOWING LINE. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +bind 127.0.0.1 + +# Protected mode is a layer of security protection, in order to avoid that +# Redis instances left open on the internet are accessed and exploited. +# +# When protected mode is on and if: +# +# 1) The server is not binding explicitly to a set of addresses using the +# "bind" directive. +# 2) No password is configured. +# +# The server only accepts connections from clients connecting from the +# IPv4 and IPv6 loopback addresses 127.0.0.1 and ::1, and from Unix domain +# sockets. +# +# By default protected mode is enabled. You should disable it only if +# you are sure you want clients from other hosts to connect to Redis +# even if no authentication is configured, nor a specific set of interfaces +# are explicitly listed using the "bind" directive. +protected-mode yes + +# Accept connections on the specified port, default is 6379 (IANA #815344). +# If port 0 is specified Redis will not listen on a TCP socket. +port 6379 + +# TCP listen() backlog. +# +# In high requests-per-second environments you need an high backlog in order +# to avoid slow clients connections issues. Note that the Linux kernel +# will silently truncate it to the value of /proc/sys/net/core/somaxconn so +# make sure to raise both the value of somaxconn and tcp_max_syn_backlog +# in order to get the desired effect. +tcp-backlog 511 + +# Unix socket. +# +# Specify the path for the Unix socket that will be used to listen for +# incoming connections. There is no default, so Redis will not listen +# on a unix socket when not specified. +# +# unixsocket /tmp/redis.sock +# unixsocketperm 700 + +# Close the connection after a client is idle for N seconds (0 to disable) +timeout 0 + +# TCP keepalive. +# +# If non-zero, use SO_KEEPALIVE to send TCP ACKs to clients in absence +# of communication. This is useful for two reasons: +# +# 1) Detect dead peers. +# 2) Take the connection alive from the point of view of network +# equipment in the middle. +# +# On Linux, the specified value (in seconds) is the period used to send ACKs. +# Note that to close the connection the double of the time is needed. +# On other kernels the period depends on the kernel configuration. +# +# A reasonable value for this option is 300 seconds, which is the new +# Redis default starting with Redis 3.2.1. +tcp-keepalive 300 + +################################# GENERAL ##################################### + +# By default Redis does not run as a daemon. Use 'yes' if you need it. +# Note that Redis will write a pid file in /var/run/redis.pid when daemonized. +daemonize no + +# If you run Redis from upstart or systemd, Redis can interact with your +# supervision tree. Options: +# supervised no - no supervision interaction +# supervised upstart - signal upstart by putting Redis into SIGSTOP mode +# supervised systemd - signal systemd by writing READY=1 to $NOTIFY_SOCKET +# supervised auto - detect upstart or systemd method based on +# UPSTART_JOB or NOTIFY_SOCKET environment variables +# Note: these supervision methods only signal "process is ready." +# They do not enable continuous liveness pings back to your supervisor. +supervised no + +# If a pid file is specified, Redis writes it where specified at startup +# and removes it at exit. +# +# When the server runs non daemonized, no pid file is created if none is +# specified in the configuration. When the server is daemonized, the pid file +# is used even if not specified, defaulting to "/var/run/redis.pid". +# +# Creating a pid file is best effort: if Redis is not able to create it +# nothing bad happens, the server will start and run normally. +pidfile /var/run/redis_6379.pid + +# Specify the server verbosity level. +# This can be one of: +# debug (a lot of information, useful for development/testing) +# verbose (many rarely useful info, but not a mess like the debug level) +# notice (moderately verbose, what you want in production probably) +# warning (only very important / critical messages are logged) +loglevel notice + +# Specify the log file name. Also the empty string can be used to force +# Redis to log on the standard output. Note that if you use standard +# output for logging but daemonize, logs will be sent to /dev/null +logfile "" + +# To enable logging to the system logger, just set 'syslog-enabled' to yes, +# and optionally update the other syslog parameters to suit your needs. +# syslog-enabled no + +# Specify the syslog identity. +# syslog-ident redis + +# Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7. +# syslog-facility local0 + +# Set the number of databases. The default database is DB 0, you can select +# a different one on a per-connection basis using SELECT where +# dbid is a number between 0 and 'databases'-1 +databases 16 + +################################ SNAPSHOTTING ################################ +# +# Save the DB on disk: +# +# save +# +# Will save the DB if both the given number of seconds and the given +# number of write operations against the DB occurred. +# +# In the example below the behaviour will be to save: +# after 900 sec (15 min) if at least 1 key changed +# after 300 sec (5 min) if at least 10 keys changed +# after 60 sec if at least 10000 keys changed +# +# Note: you can disable saving completely by commenting out all "save" lines. +# +# It is also possible to remove all the previously configured save +# points by adding a save directive with a single empty string argument +# like in the following example: +# +# save "" + +#save 900 1 +#save 300 10 +#save 60 10000 + +# By default Redis will stop accepting writes if RDB snapshots are enabled +# (at least one save point) and the latest background save failed. +# This will make the user aware (in a hard way) that data is not persisting +# on disk properly, otherwise chances are that no one will notice and some +# disaster will happen. +# +# If the background saving process will start working again Redis will +# automatically allow writes again. +# +# However if you have setup your proper monitoring of the Redis server +# and persistence, you may want to disable this feature so that Redis will +# continue to work as usual even if there are problems with disk, +# permissions, and so forth. +stop-writes-on-bgsave-error yes + +# Compress string objects using LZF when dump .rdb databases? +# For default that's set to 'yes' as it's almost always a win. +# If you want to save some CPU in the saving child set it to 'no' but +# the dataset will likely be bigger if you have compressible values or keys. +rdbcompression yes + +# Since version 5 of RDB a CRC64 checksum is placed at the end of the file. +# This makes the format more resistant to corruption but there is a performance +# hit to pay (around 10%) when saving and loading RDB files, so you can disable it +# for maximum performances. +# +# RDB files created with checksum disabled have a checksum of zero that will +# tell the loading code to skip the check. +rdbchecksum yes + +# The filename where to dump the DB +dbfilename dump.rdb + +# The working directory. +# +# The DB will be written inside this directory, with the filename specified +# above using the 'dbfilename' configuration directive. +# +# The Append Only File will also be created inside this directory. +# +# Note that you must specify a directory here, not a file name. +dir ./ + +################################# REPLICATION ################################# + +# Master-Slave replication. Use slaveof to make a Redis instance a copy of +# another Redis server. A few things to understand ASAP about Redis replication. +# +# 1) Redis replication is asynchronous, but you can configure a master to +# stop accepting writes if it appears to be not connected with at least +# a given number of slaves. +# 2) Redis slaves are able to perform a partial resynchronization with the +# master if the replication link is lost for a relatively small amount of +# time. You may want to configure the replication backlog size (see the next +# sections of this file) with a sensible value depending on your needs. +# 3) Replication is automatic and does not need user intervention. After a +# network partition slaves automatically try to reconnect to masters +# and resynchronize with them. +# +# slaveof + +# If the master is password protected (using the "requirepass" configuration +# directive below) it is possible to tell the slave to authenticate before +# starting the replication synchronization process, otherwise the master will +# refuse the slave request. +# +# masterauth + +# When a slave loses its connection with the master, or when the replication +# is still in progress, the slave can act in two different ways: +# +# 1) if slave-serve-stale-data is set to 'yes' (the default) the slave will +# still reply to client requests, possibly with out of date data, or the +# data set may just be empty if this is the first synchronization. +# +# 2) if slave-serve-stale-data is set to 'no' the slave will reply with +# an error "SYNC with master in progress" to all the kind of commands +# but to INFO and SLAVEOF. +# +slave-serve-stale-data yes + +# You can configure a slave instance to accept writes or not. Writing against +# a slave instance may be useful to store some ephemeral data (because data +# written on a slave will be easily deleted after resync with the master) but +# may also cause problems if clients are writing to it because of a +# misconfiguration. +# +# Since Redis 2.6 by default slaves are read-only. +# +# Note: read only slaves are not designed to be exposed to untrusted clients +# on the internet. It's just a protection layer against misuse of the instance. +# Still a read only slave exports by default all the administrative commands +# such as CONFIG, DEBUG, and so forth. To a limited extent you can improve +# security of read only slaves using 'rename-command' to shadow all the +# administrative / dangerous commands. +slave-read-only yes + +# Replication SYNC strategy: disk or socket. +# +# ------------------------------------------------------- +# WARNING: DISKLESS REPLICATION IS EXPERIMENTAL CURRENTLY +# ------------------------------------------------------- +# +# New slaves and reconnecting slaves that are not able to continue the replication +# process just receiving differences, need to do what is called a "full +# synchronization". An RDB file is transmitted from the master to the slaves. +# The transmission can happen in two different ways: +# +# 1) Disk-backed: The Redis master creates a new process that writes the RDB +# file on disk. Later the file is transferred by the parent +# process to the slaves incrementally. +# 2) Diskless: The Redis master creates a new process that directly writes the +# RDB file to slave sockets, without touching the disk at all. +# +# With disk-backed replication, while the RDB file is generated, more slaves +# can be queued and served with the RDB file as soon as the current child producing +# the RDB file finishes its work. With diskless replication instead once +# the transfer starts, new slaves arriving will be queued and a new transfer +# will start when the current one terminates. +# +# When diskless replication is used, the master waits a configurable amount of +# time (in seconds) before starting the transfer in the hope that multiple slaves +# will arrive and the transfer can be parallelized. +# +# With slow disks and fast (large bandwidth) networks, diskless replication +# works better. +repl-diskless-sync no + +# When diskless replication is enabled, it is possible to configure the delay +# the server waits in order to spawn the child that transfers the RDB via socket +# to the slaves. +# +# This is important since once the transfer starts, it is not possible to serve +# new slaves arriving, that will be queued for the next RDB transfer, so the server +# waits a delay in order to let more slaves arrive. +# +# The delay is specified in seconds, and by default is 5 seconds. To disable +# it entirely just set it to 0 seconds and the transfer will start ASAP. +repl-diskless-sync-delay 5 + +# Slaves send PINGs to server in a predefined interval. It's possible to change +# this interval with the repl_ping_slave_period option. The default value is 10 +# seconds. +# +# repl-ping-slave-period 10 + +# The following option sets the replication timeout for: +# +# 1) Bulk transfer I/O during SYNC, from the point of view of slave. +# 2) Master timeout from the point of view of slaves (data, pings). +# 3) Slave timeout from the point of view of masters (REPLCONF ACK pings). +# +# It is important to make sure that this value is greater than the value +# specified for repl-ping-slave-period otherwise a timeout will be detected +# every time there is low traffic between the master and the slave. +# +# repl-timeout 60 + +# Disable TCP_NODELAY on the slave socket after SYNC? +# +# If you select "yes" Redis will use a smaller number of TCP packets and +# less bandwidth to send data to slaves. But this can add a delay for +# the data to appear on the slave side, up to 40 milliseconds with +# Linux kernels using a default configuration. +# +# If you select "no" the delay for data to appear on the slave side will +# be reduced but more bandwidth will be used for replication. +# +# By default we optimize for low latency, but in very high traffic conditions +# or when the master and slaves are many hops away, turning this to "yes" may +# be a good idea. +repl-disable-tcp-nodelay no + +# Set the replication backlog size. The backlog is a buffer that accumulates +# slave data when slaves are disconnected for some time, so that when a slave +# wants to reconnect again, often a full resync is not needed, but a partial +# resync is enough, just passing the portion of data the slave missed while +# disconnected. +# +# The bigger the replication backlog, the longer the time the slave can be +# disconnected and later be able to perform a partial resynchronization. +# +# The backlog is only allocated once there is at least a slave connected. +# +# repl-backlog-size 1mb + +# After a master has no longer connected slaves for some time, the backlog +# will be freed. The following option configures the amount of seconds that +# need to elapse, starting from the time the last slave disconnected, for +# the backlog buffer to be freed. +# +# A value of 0 means to never release the backlog. +# +# repl-backlog-ttl 3600 + +# The slave priority is an integer number published by Redis in the INFO output. +# It is used by Redis Sentinel in order to select a slave to promote into a +# master if the master is no longer working correctly. +# +# A slave with a low priority number is considered better for promotion, so +# for instance if there are three slaves with priority 10, 100, 25 Sentinel will +# pick the one with priority 10, that is the lowest. +# +# However a special priority of 0 marks the slave as not able to perform the +# role of master, so a slave with priority of 0 will never be selected by +# Redis Sentinel for promotion. +# +# By default the priority is 100. +slave-priority 100 + +# It is possible for a master to stop accepting writes if there are less than +# N slaves connected, having a lag less or equal than M seconds. +# +# The N slaves need to be in "online" state. +# +# The lag in seconds, that must be <= the specified value, is calculated from +# the last ping received from the slave, that is usually sent every second. +# +# This option does not GUARANTEE that N replicas will accept the write, but +# will limit the window of exposure for lost writes in case not enough slaves +# are available, to the specified number of seconds. +# +# For example to require at least 3 slaves with a lag <= 10 seconds use: +# +# min-slaves-to-write 3 +# min-slaves-max-lag 10 +# +# Setting one or the other to 0 disables the feature. +# +# By default min-slaves-to-write is set to 0 (feature disabled) and +# min-slaves-max-lag is set to 10. + +# A Redis master is able to list the address and port of the attached +# slaves in different ways. For example the "INFO replication" section +# offers this information, which is used, among other tools, by +# Redis Sentinel in order to discover slave instances. +# Another place where this info is available is in the output of the +# "ROLE" command of a masteer. +# +# The listed IP and address normally reported by a slave is obtained +# in the following way: +# +# IP: The address is auto detected by checking the peer address +# of the socket used by the slave to connect with the master. +# +# Port: The port is communicated by the slave during the replication +# handshake, and is normally the port that the slave is using to +# list for connections. +# +# However when port forwarding or Network Address Translation (NAT) is +# used, the slave may be actually reachable via different IP and port +# pairs. The following two options can be used by a slave in order to +# report to its master a specific set of IP and port, so that both INFO +# and ROLE will report those values. +# +# There is no need to use both the options if you need to override just +# the port or the IP address. +# +# slave-announce-ip 5.5.5.5 +# slave-announce-port 1234 + +################################## SECURITY ################################### + +# Require clients to issue AUTH before processing any other +# commands. This might be useful in environments in which you do not trust +# others with access to the host running redis-server. +# +# This should stay commented out for backward compatibility and because most +# people do not need auth (e.g. they run their own servers). +# +# Warning: since Redis is pretty fast an outside user can try up to +# 150k passwords per second against a good box. This means that you should +# use a very strong password otherwise it will be very easy to break. +# +# requirepass foobared + +# Command renaming. +# +# It is possible to change the name of dangerous commands in a shared +# environment. For instance the CONFIG command may be renamed into something +# hard to guess so that it will still be available for internal-use tools +# but not available for general clients. +# +# Example: +# +# rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52 +# +# It is also possible to completely kill a command by renaming it into +# an empty string: +# +# rename-command CONFIG "" +# +# Please note that changing the name of commands that are logged into the +# AOF file or transmitted to slaves may cause problems. + +################################### LIMITS #################################### + +# Set the max number of connected clients at the same time. By default +# this limit is set to 10000 clients, however if the Redis server is not +# able to configure the process file limit to allow for the specified limit +# the max number of allowed clients is set to the current file limit +# minus 32 (as Redis reserves a few file descriptors for internal uses). +# +# Once the limit is reached Redis will close all the new connections sending +# an error 'max number of clients reached'. +# +# maxclients 10000 + +# Don't use more memory than the specified amount of bytes. +# When the memory limit is reached Redis will try to remove keys +# according to the eviction policy selected (see maxmemory-policy). +# +# If Redis can't remove keys according to the policy, or if the policy is +# set to 'noeviction', Redis will start to reply with errors to commands +# that would use more memory, like SET, LPUSH, and so on, and will continue +# to reply to read-only commands like GET. +# +# This option is usually useful when using Redis as an LRU cache, or to set +# a hard memory limit for an instance (using the 'noeviction' policy). +# +# WARNING: If you have slaves attached to an instance with maxmemory on, +# the size of the output buffers needed to feed the slaves are subtracted +# from the used memory count, so that network problems / resyncs will +# not trigger a loop where keys are evicted, and in turn the output +# buffer of slaves is full with DELs of keys evicted triggering the deletion +# of more keys, and so forth until the database is completely emptied. +# +# In short... if you have slaves attached it is suggested that you set a lower +# limit for maxmemory so that there is some free RAM on the system for slave +# output buffers (but this is not needed if the policy is 'noeviction'). +# +# maxmemory + +# MAXMEMORY POLICY: how Redis will select what to remove when maxmemory +# is reached. You can select among five behaviors: +# +# volatile-lru -> remove the key with an expire set using an LRU algorithm +# allkeys-lru -> remove any key according to the LRU algorithm +# volatile-random -> remove a random key with an expire set +# allkeys-random -> remove a random key, any key +# volatile-ttl -> remove the key with the nearest expire time (minor TTL) +# noeviction -> don't expire at all, just return an error on write operations +# +# Note: with any of the above policies, Redis will return an error on write +# operations, when there are no suitable keys for eviction. +# +# At the date of writing these commands are: set setnx setex append +# incr decr rpush lpush rpushx lpushx linsert lset rpoplpush sadd +# sinter sinterstore sunion sunionstore sdiff sdiffstore zadd zincrby +# zunionstore zinterstore hset hsetnx hmset hincrby incrby decrby +# getset mset msetnx exec sort +# +# The default is: +# +# maxmemory-policy noeviction + +# LRU and minimal TTL algorithms are not precise algorithms but approximated +# algorithms (in order to save memory), so you can tune it for speed or +# accuracy. For default Redis will check five keys and pick the one that was +# used less recently, you can change the sample size using the following +# configuration directive. +# +# The default of 5 produces good enough results. 10 Approximates very closely +# true LRU but costs a bit more CPU. 3 is very fast but not very accurate. +# +# maxmemory-samples 5 + +############################## APPEND ONLY MODE ############################### + +# By default Redis asynchronously dumps the dataset on disk. This mode is +# good enough in many applications, but an issue with the Redis process or +# a power outage may result into a few minutes of writes lost (depending on +# the configured save points). +# +# The Append Only File is an alternative persistence mode that provides +# much better durability. For instance using the default data fsync policy +# (see later in the config file) Redis can lose just one second of writes in a +# dramatic event like a server power outage, or a single write if something +# wrong with the Redis process itself happens, but the operating system is +# still running correctly. +# +# AOF and RDB persistence can be enabled at the same time without problems. +# If the AOF is enabled on startup Redis will load the AOF, that is the file +# with the better durability guarantees. +# +# Please check http://redis.io/topics/persistence for more information. + +appendonly no + +# The name of the append only file (default: "appendonly.aof") + +appendfilename "appendonly.aof" + +# The fsync() call tells the Operating System to actually write data on disk +# instead of waiting for more data in the output buffer. Some OS will really flush +# data on disk, some other OS will just try to do it ASAP. +# +# Redis supports three different modes: +# +# no: don't fsync, just let the OS flush the data when it wants. Faster. +# always: fsync after every write to the append only log. Slow, Safest. +# everysec: fsync only one time every second. Compromise. +# +# The default is "everysec", as that's usually the right compromise between +# speed and data safety. It's up to you to understand if you can relax this to +# "no" that will let the operating system flush the output buffer when +# it wants, for better performances (but if you can live with the idea of +# some data loss consider the default persistence mode that's snapshotting), +# or on the contrary, use "always" that's very slow but a bit safer than +# everysec. +# +# More details please check the following article: +# http://antirez.com/post/redis-persistence-demystified.html +# +# If unsure, use "everysec". + +# appendfsync always +appendfsync everysec +# appendfsync no + +# When the AOF fsync policy is set to always or everysec, and a background +# saving process (a background save or AOF log background rewriting) is +# performing a lot of I/O against the disk, in some Linux configurations +# Redis may block too long on the fsync() call. Note that there is no fix for +# this currently, as even performing fsync in a different thread will block +# our synchronous write(2) call. +# +# In order to mitigate this problem it's possible to use the following option +# that will prevent fsync() from being called in the main process while a +# BGSAVE or BGREWRITEAOF is in progress. +# +# This means that while another child is saving, the durability of Redis is +# the same as "appendfsync none". In practical terms, this means that it is +# possible to lose up to 30 seconds of log in the worst scenario (with the +# default Linux settings). +# +# If you have latency problems turn this to "yes". Otherwise leave it as +# "no" that is the safest pick from the point of view of durability. + +no-appendfsync-on-rewrite no + +# Automatic rewrite of the append only file. +# Redis is able to automatically rewrite the log file implicitly calling +# BGREWRITEAOF when the AOF log size grows by the specified percentage. +# +# This is how it works: Redis remembers the size of the AOF file after the +# latest rewrite (if no rewrite has happened since the restart, the size of +# the AOF at startup is used). +# +# This base size is compared to the current size. If the current size is +# bigger than the specified percentage, the rewrite is triggered. Also +# you need to specify a minimal size for the AOF file to be rewritten, this +# is useful to avoid rewriting the AOF file even if the percentage increase +# is reached but it is still pretty small. +# +# Specify a percentage of zero in order to disable the automatic AOF +# rewrite feature. + +auto-aof-rewrite-percentage 100 +auto-aof-rewrite-min-size 64mb + +# An AOF file may be found to be truncated at the end during the Redis +# startup process, when the AOF data gets loaded back into memory. +# This may happen when the system where Redis is running +# crashes, especially when an ext4 filesystem is mounted without the +# data=ordered option (however this can't happen when Redis itself +# crashes or aborts but the operating system still works correctly). +# +# Redis can either exit with an error when this happens, or load as much +# data as possible (the default now) and start if the AOF file is found +# to be truncated at the end. The following option controls this behavior. +# +# If aof-load-truncated is set to yes, a truncated AOF file is loaded and +# the Redis server starts emitting a log to inform the user of the event. +# Otherwise if the option is set to no, the server aborts with an error +# and refuses to start. When the option is set to no, the user requires +# to fix the AOF file using the "redis-check-aof" utility before to restart +# the server. +# +# Note that if the AOF file will be found to be corrupted in the middle +# the server will still exit with an error. This option only applies when +# Redis will try to read more data from the AOF file but not enough bytes +# will be found. +aof-load-truncated yes + +################################ LUA SCRIPTING ############################### + +# Max execution time of a Lua script in milliseconds. +# +# If the maximum execution time is reached Redis will log that a script is +# still in execution after the maximum allowed time and will start to +# reply to queries with an error. +# +# When a long running script exceeds the maximum execution time only the +# SCRIPT KILL and SHUTDOWN NOSAVE commands are available. The first can be +# used to stop a script that did not yet called write commands. The second +# is the only way to shut down the server in the case a write command was +# already issued by the script but the user doesn't want to wait for the natural +# termination of the script. +# +# Set it to 0 or a negative value for unlimited execution without warnings. +lua-time-limit 5000 + +################################ REDIS CLUSTER ############################### +# +# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +# WARNING EXPERIMENTAL: Redis Cluster is considered to be stable code, however +# in order to mark it as "mature" we need to wait for a non trivial percentage +# of users to deploy it in production. +# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +# +# Normal Redis instances can't be part of a Redis Cluster; only nodes that are +# started as cluster nodes can. In order to start a Redis instance as a +# cluster node enable the cluster support uncommenting the following: +# +# cluster-enabled yes + +# Every cluster node has a cluster configuration file. This file is not +# intended to be edited by hand. It is created and updated by Redis nodes. +# Every Redis Cluster node requires a different cluster configuration file. +# Make sure that instances running in the same system do not have +# overlapping cluster configuration file names. +# +# cluster-config-file nodes-6379.conf + +# Cluster node timeout is the amount of milliseconds a node must be unreachable +# for it to be considered in failure state. +# Most other internal time limits are multiple of the node timeout. +# +# cluster-node-timeout 15000 + +# A slave of a failing master will avoid to start a failover if its data +# looks too old. +# +# There is no simple way for a slave to actually have a exact measure of +# its "data age", so the following two checks are performed: +# +# 1) If there are multiple slaves able to failover, they exchange messages +# in order to try to give an advantage to the slave with the best +# replication offset (more data from the master processed). +# Slaves will try to get their rank by offset, and apply to the start +# of the failover a delay proportional to their rank. +# +# 2) Every single slave computes the time of the last interaction with +# its master. This can be the last ping or command received (if the master +# is still in the "connected" state), or the time that elapsed since the +# disconnection with the master (if the replication link is currently down). +# If the last interaction is too old, the slave will not try to failover +# at all. +# +# The point "2" can be tuned by user. Specifically a slave will not perform +# the failover if, since the last interaction with the master, the time +# elapsed is greater than: +# +# (node-timeout * slave-validity-factor) + repl-ping-slave-period +# +# So for example if node-timeout is 30 seconds, and the slave-validity-factor +# is 10, and assuming a default repl-ping-slave-period of 10 seconds, the +# slave will not try to failover if it was not able to talk with the master +# for longer than 310 seconds. +# +# A large slave-validity-factor may allow slaves with too old data to failover +# a master, while a too small value may prevent the cluster from being able to +# elect a slave at all. +# +# For maximum availability, it is possible to set the slave-validity-factor +# to a value of 0, which means, that slaves will always try to failover the +# master regardless of the last time they interacted with the master. +# (However they'll always try to apply a delay proportional to their +# offset rank). +# +# Zero is the only value able to guarantee that when all the partitions heal +# the cluster will always be able to continue. +# +# cluster-slave-validity-factor 10 + +# Cluster slaves are able to migrate to orphaned masters, that are masters +# that are left without working slaves. This improves the cluster ability +# to resist to failures as otherwise an orphaned master can't be failed over +# in case of failure if it has no working slaves. +# +# Slaves migrate to orphaned masters only if there are still at least a +# given number of other working slaves for their old master. This number +# is the "migration barrier". A migration barrier of 1 means that a slave +# will migrate only if there is at least 1 other working slave for its master +# and so forth. It usually reflects the number of slaves you want for every +# master in your cluster. +# +# Default is 1 (slaves migrate only if their masters remain with at least +# one slave). To disable migration just set it to a very large value. +# A value of 0 can be set but is useful only for debugging and dangerous +# in production. +# +# cluster-migration-barrier 1 + +# By default Redis Cluster nodes stop accepting queries if they detect there +# is at least an hash slot uncovered (no available node is serving it). +# This way if the cluster is partially down (for example a range of hash slots +# are no longer covered) all the cluster becomes, eventually, unavailable. +# It automatically returns available as soon as all the slots are covered again. +# +# However sometimes you want the subset of the cluster which is working, +# to continue to accept queries for the part of the key space that is still +# covered. In order to do so, just set the cluster-require-full-coverage +# option to no. +# +# cluster-require-full-coverage yes + +# In order to setup your cluster make sure to read the documentation +# available at http://redis.io web site. + +################################## SLOW LOG ################################### + +# The Redis Slow Log is a system to log queries that exceeded a specified +# execution time. The execution time does not include the I/O operations +# like talking with the client, sending the reply and so forth, +# but just the time needed to actually execute the command (this is the only +# stage of command execution where the thread is blocked and can not serve +# other requests in the meantime). +# +# You can configure the slow log with two parameters: one tells Redis +# what is the execution time, in microseconds, to exceed in order for the +# command to get logged, and the other parameter is the length of the +# slow log. When a new command is logged the oldest one is removed from the +# queue of logged commands. + +# The following time is expressed in microseconds, so 1000000 is equivalent +# to one second. Note that a negative number disables the slow log, while +# a value of zero forces the logging of every command. +slowlog-log-slower-than 10000 + +# There is no limit to this length. Just be aware that it will consume memory. +# You can reclaim memory used by the slow log with SLOWLOG RESET. +slowlog-max-len 128 + +################################ LATENCY MONITOR ############################## + +# The Redis latency monitoring subsystem samples different operations +# at runtime in order to collect data related to possible sources of +# latency of a Redis instance. +# +# Via the LATENCY command this information is available to the user that can +# print graphs and obtain reports. +# +# The system only logs operations that were performed in a time equal or +# greater than the amount of milliseconds specified via the +# latency-monitor-threshold configuration directive. When its value is set +# to zero, the latency monitor is turned off. +# +# By default latency monitoring is disabled since it is mostly not needed +# if you don't have latency issues, and collecting data has a performance +# impact, that while very small, can be measured under big load. Latency +# monitoring can easily be enabled at runtime using the command +# "CONFIG SET latency-monitor-threshold " if needed. +latency-monitor-threshold 0 + +############################# EVENT NOTIFICATION ############################## + +# Redis can notify Pub/Sub clients about events happening in the key space. +# This feature is documented at http://redis.io/topics/notifications +# +# For instance if keyspace events notification is enabled, and a client +# performs a DEL operation on key "foo" stored in the Database 0, two +# messages will be published via Pub/Sub: +# +# PUBLISH __keyspace@0__:foo del +# PUBLISH __keyevent@0__:del foo +# +# It is possible to select the events that Redis will notify among a set +# of classes. Every class is identified by a single character: +# +# K Keyspace events, published with __keyspace@__ prefix. +# E Keyevent events, published with __keyevent@__ prefix. +# g Generic commands (non-type specific) like DEL, EXPIRE, RENAME, ... +# $ String commands +# l List commands +# s Set commands +# h Hash commands +# z Sorted set commands +# x Expired events (events generated every time a key expires) +# e Evicted events (events generated when a key is evicted for maxmemory) +# A Alias for g$lshzxe, so that the "AKE" string means all the events. +# +# The "notify-keyspace-events" takes as argument a string that is composed +# of zero or multiple characters. The empty string means that notifications +# are disabled. +# +# Example: to enable list and generic events, from the point of view of the +# event name, use: +# +# notify-keyspace-events Elg +# +# Example 2: to get the stream of the expired keys subscribing to channel +# name __keyevent@0__:expired use: +# +# notify-keyspace-events Ex +# +# By default all notifications are disabled because most users don't need +# this feature and the feature has some overhead. Note that if you don't +# specify at least one of K or E, no events will be delivered. +notify-keyspace-events "" + +############################### ADVANCED CONFIG ############################### + +# Hashes are encoded using a memory efficient data structure when they have a +# small number of entries, and the biggest entry does not exceed a given +# threshold. These thresholds can be configured using the following directives. +hash-max-ziplist-entries 512 +hash-max-ziplist-value 64 + +# Lists are also encoded in a special way to save a lot of space. +# The number of entries allowed per internal list node can be specified +# as a fixed maximum size or a maximum number of elements. +# For a fixed maximum size, use -5 through -1, meaning: +# -5: max size: 64 Kb <-- not recommended for normal workloads +# -4: max size: 32 Kb <-- not recommended +# -3: max size: 16 Kb <-- probably not recommended +# -2: max size: 8 Kb <-- good +# -1: max size: 4 Kb <-- good +# Positive numbers mean store up to _exactly_ that number of elements +# per list node. +# The highest performing option is usually -2 (8 Kb size) or -1 (4 Kb size), +# but if your use case is unique, adjust the settings as necessary. +list-max-ziplist-size -2 + +# Lists may also be compressed. +# Compress depth is the number of quicklist ziplist nodes from *each* side of +# the list to *exclude* from compression. The head and tail of the list +# are always uncompressed for fast push/pop operations. Settings are: +# 0: disable all list compression +# 1: depth 1 means "don't start compressing until after 1 node into the list, +# going from either the head or tail" +# So: [head]->node->node->...->node->[tail] +# [head], [tail] will always be uncompressed; inner nodes will compress. +# 2: [head]->[next]->node->node->...->node->[prev]->[tail] +# 2 here means: don't compress head or head->next or tail->prev or tail, +# but compress all nodes between them. +# 3: [head]->[next]->[next]->node->node->...->node->[prev]->[prev]->[tail] +# etc. +list-compress-depth 0 + +# Sets have a special encoding in just one case: when a set is composed +# of just strings that happen to be integers in radix 10 in the range +# of 64 bit signed integers. +# The following configuration setting sets the limit in the size of the +# set in order to use this special memory saving encoding. +set-max-intset-entries 512 + +# Similarly to hashes and lists, sorted sets are also specially encoded in +# order to save a lot of space. This encoding is only used when the length and +# elements of a sorted set are below the following limits: +zset-max-ziplist-entries 128 +zset-max-ziplist-value 64 + +# HyperLogLog sparse representation bytes limit. The limit includes the +# 16 bytes header. When an HyperLogLog using the sparse representation crosses +# this limit, it is converted into the dense representation. +# +# A value greater than 16000 is totally useless, since at that point the +# dense representation is more memory efficient. +# +# The suggested value is ~ 3000 in order to have the benefits of +# the space efficient encoding without slowing down too much PFADD, +# which is O(N) with the sparse encoding. The value can be raised to +# ~ 10000 when CPU is not a concern, but space is, and the data set is +# composed of many HyperLogLogs with cardinality in the 0 - 15000 range. +hll-sparse-max-bytes 3000 + +# Active rehashing uses 1 millisecond every 100 milliseconds of CPU time in +# order to help rehashing the main Redis hash table (the one mapping top-level +# keys to values). The hash table implementation Redis uses (see dict.c) +# performs a lazy rehashing: the more operation you run into a hash table +# that is rehashing, the more rehashing "steps" are performed, so if the +# server is idle the rehashing is never complete and some more memory is used +# by the hash table. +# +# The default is to use this millisecond 10 times every second in order to +# actively rehash the main dictionaries, freeing memory when possible. +# +# If unsure: +# use "activerehashing no" if you have hard latency requirements and it is +# not a good thing in your environment that Redis can reply from time to time +# to queries with 2 milliseconds delay. +# +# use "activerehashing yes" if you don't have such hard requirements but +# want to free memory asap when possible. +activerehashing yes + +# The client output buffer limits can be used to force disconnection of clients +# that are not reading data from the server fast enough for some reason (a +# common reason is that a Pub/Sub client can't consume messages as fast as the +# publisher can produce them). +# +# The limit can be set differently for the three different classes of clients: +# +# normal -> normal clients including MONITOR clients +# slave -> slave clients +# pubsub -> clients subscribed to at least one pubsub channel or pattern +# +# The syntax of every client-output-buffer-limit directive is the following: +# +# client-output-buffer-limit +# +# A client is immediately disconnected once the hard limit is reached, or if +# the soft limit is reached and remains reached for the specified number of +# seconds (continuously). +# So for instance if the hard limit is 32 megabytes and the soft limit is +# 16 megabytes / 10 seconds, the client will get disconnected immediately +# if the size of the output buffers reach 32 megabytes, but will also get +# disconnected if the client reaches 16 megabytes and continuously overcomes +# the limit for 10 seconds. +# +# By default normal clients are not limited because they don't receive data +# without asking (in a push way), but just after a request, so only +# asynchronous clients may create a scenario where data is requested faster +# than it can read. +# +# Instead there is a default limit for pubsub and slave clients, since +# subscribers and slaves receive data in a push fashion. +# +# Both the hard or the soft limit can be disabled by setting them to zero. +client-output-buffer-limit normal 0 0 0 +client-output-buffer-limit slave 256mb 64mb 60 +client-output-buffer-limit pubsub 32mb 8mb 60 + +# Redis calls an internal function to perform many background tasks, like +# closing connections of clients in timeout, purging expired keys that are +# never requested, and so forth. +# +# Not all tasks are performed with the same frequency, but Redis checks for +# tasks to perform according to the specified "hz" value. +# +# By default "hz" is set to 10. Raising the value will use more CPU when +# Redis is idle, but at the same time will make Redis more responsive when +# there are many keys expiring at the same time, and timeouts may be +# handled with more precision. +# +# The range is between 1 and 500, however a value over 100 is usually not +# a good idea. Most users should use the default of 10 and raise this up to +# 100 only in environments where very low latency is required. +hz 10 + +# When a child rewrites the AOF file, if the following option is enabled +# the file will be fsync-ed every 32 MB of data generated. This is useful +# in order to commit the file to the disk more incrementally and avoid +# big latency spikes. +aof-rewrite-incremental-fsync yes diff --git a/dockerfiles/redis/4.0/Dockerfile b/dockerfiles/redis/4.0/Dockerfile new file mode 100644 index 0000000..b102e0a --- /dev/null +++ b/dockerfiles/redis/4.0/Dockerfile @@ -0,0 +1,4 @@ +FROM redis:4.0 + +COPY redis.conf /usr/local/etc/redis/redis.conf +CMD [ "redis-server", "/usr/local/etc/redis/redis.conf" ] diff --git a/dockerfiles/redis/4.0/redis.conf b/dockerfiles/redis/4.0/redis.conf new file mode 100644 index 0000000..63558c4 --- /dev/null +++ b/dockerfiles/redis/4.0/redis.conf @@ -0,0 +1,1052 @@ +# Redis configuration file example. +# +# Note that in order to read the configuration file, Redis must be +# started with the file path as first argument: +# +# ./redis-server /path/to/redis.conf + +# Note on units: when memory size is needed, it is possible to specify +# it in the usual form of 1k 5GB 4M and so forth: +# +# 1k => 1000 bytes +# 1kb => 1024 bytes +# 1m => 1000000 bytes +# 1mb => 1024*1024 bytes +# 1g => 1000000000 bytes +# 1gb => 1024*1024*1024 bytes +# +# units are case insensitive so 1GB 1Gb 1gB are all the same. + +################################## INCLUDES ################################### + +# Include one or more other config files here. This is useful if you +# have a standard template that goes to all Redis servers but also need +# to customize a few per-server settings. Include files can include +# other files, so use this wisely. +# +# Notice option "include" won't be rewritten by command "CONFIG REWRITE" +# from admin or Redis Sentinel. Since Redis always uses the last processed +# line as value of a configuration directive, you'd better put includes +# at the beginning of this file to avoid overwriting config change at runtime. +# +# If instead you are interested in using includes to override configuration +# options, it is better to use include as the last line. +# +# include /path/to/local.conf +# include /path/to/other.conf + +################################## NETWORK ##################################### + +# By default, if no "bind" configuration directive is specified, Redis listens +# for connections from all the network interfaces available on the server. +# It is possible to listen to just one or multiple selected interfaces using +# the "bind" configuration directive, followed by one or more IP addresses. +# +# Examples: +# +# bind 192.168.1.100 10.0.0.1 +# bind 127.0.0.1 ::1 +# +# ~~~ WARNING ~~~ If the computer running Redis is directly exposed to the +# internet, binding to all the interfaces is dangerous and will expose the +# instance to everybody on the internet. So by default we uncomment the +# following bind directive, that will force Redis to listen only into +# the IPv4 lookback interface address (this means Redis will be able to +# accept connections only from clients running into the same computer it +# is running). +# +# IF YOU ARE SURE YOU WANT YOUR INSTANCE TO LISTEN TO ALL THE INTERFACES +# JUST COMMENT THE FOLLOWING LINE. +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +bind 127.0.0.1 + +# Protected mode is a layer of security protection, in order to avoid that +# Redis instances left open on the internet are accessed and exploited. +# +# When protected mode is on and if: +# +# 1) The server is not binding explicitly to a set of addresses using the +# "bind" directive. +# 2) No password is configured. +# +# The server only accepts connections from clients connecting from the +# IPv4 and IPv6 loopback addresses 127.0.0.1 and ::1, and from Unix domain +# sockets. +# +# By default protected mode is enabled. You should disable it only if +# you are sure you want clients from other hosts to connect to Redis +# even if no authentication is configured, nor a specific set of interfaces +# are explicitly listed using the "bind" directive. +protected-mode yes + +# Accept connections on the specified port, default is 6379 (IANA #815344). +# If port 0 is specified Redis will not listen on a TCP socket. +port 6379 + +# TCP listen() backlog. +# +# In high requests-per-second environments you need an high backlog in order +# to avoid slow clients connections issues. Note that the Linux kernel +# will silently truncate it to the value of /proc/sys/net/core/somaxconn so +# make sure to raise both the value of somaxconn and tcp_max_syn_backlog +# in order to get the desired effect. +tcp-backlog 511 + +# Unix socket. +# +# Specify the path for the Unix socket that will be used to listen for +# incoming connections. There is no default, so Redis will not listen +# on a unix socket when not specified. +# +# unixsocket /tmp/redis.sock +# unixsocketperm 700 + +# Close the connection after a client is idle for N seconds (0 to disable) +timeout 0 + +# TCP keepalive. +# +# If non-zero, use SO_KEEPALIVE to send TCP ACKs to clients in absence +# of communication. This is useful for two reasons: +# +# 1) Detect dead peers. +# 2) Take the connection alive from the point of view of network +# equipment in the middle. +# +# On Linux, the specified value (in seconds) is the period used to send ACKs. +# Note that to close the connection the double of the time is needed. +# On other kernels the period depends on the kernel configuration. +# +# A reasonable value for this option is 300 seconds, which is the new +# Redis default starting with Redis 3.2.1. +tcp-keepalive 300 + +################################# GENERAL ##################################### + +# By default Redis does not run as a daemon. Use 'yes' if you need it. +# Note that Redis will write a pid file in /var/run/redis.pid when daemonized. +daemonize no + +# If you run Redis from upstart or systemd, Redis can interact with your +# supervision tree. Options: +# supervised no - no supervision interaction +# supervised upstart - signal upstart by putting Redis into SIGSTOP mode +# supervised systemd - signal systemd by writing READY=1 to $NOTIFY_SOCKET +# supervised auto - detect upstart or systemd method based on +# UPSTART_JOB or NOTIFY_SOCKET environment variables +# Note: these supervision methods only signal "process is ready." +# They do not enable continuous liveness pings back to your supervisor. +supervised no + +# If a pid file is specified, Redis writes it where specified at startup +# and removes it at exit. +# +# When the server runs non daemonized, no pid file is created if none is +# specified in the configuration. When the server is daemonized, the pid file +# is used even if not specified, defaulting to "/var/run/redis.pid". +# +# Creating a pid file is best effort: if Redis is not able to create it +# nothing bad happens, the server will start and run normally. +pidfile /var/run/redis_6379.pid + +# Specify the server verbosity level. +# This can be one of: +# debug (a lot of information, useful for development/testing) +# verbose (many rarely useful info, but not a mess like the debug level) +# notice (moderately verbose, what you want in production probably) +# warning (only very important / critical messages are logged) +loglevel notice + +# Specify the log file name. Also the empty string can be used to force +# Redis to log on the standard output. Note that if you use standard +# output for logging but daemonize, logs will be sent to /dev/null +logfile "" + +# To enable logging to the system logger, just set 'syslog-enabled' to yes, +# and optionally update the other syslog parameters to suit your needs. +# syslog-enabled no + +# Specify the syslog identity. +# syslog-ident redis + +# Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7. +# syslog-facility local0 + +# Set the number of databases. The default database is DB 0, you can select +# a different one on a per-connection basis using SELECT where +# dbid is a number between 0 and 'databases'-1 +databases 16 + +################################ SNAPSHOTTING ################################ +# +# Save the DB on disk: +# +# save +# +# Will save the DB if both the given number of seconds and the given +# number of write operations against the DB occurred. +# +# In the example below the behaviour will be to save: +# after 900 sec (15 min) if at least 1 key changed +# after 300 sec (5 min) if at least 10 keys changed +# after 60 sec if at least 10000 keys changed +# +# Note: you can disable saving completely by commenting out all "save" lines. +# +# It is also possible to remove all the previously configured save +# points by adding a save directive with a single empty string argument +# like in the following example: +# +# save "" + +#save 900 1 +#save 300 10 +#save 60 10000 + +# By default Redis will stop accepting writes if RDB snapshots are enabled +# (at least one save point) and the latest background save failed. +# This will make the user aware (in a hard way) that data is not persisting +# on disk properly, otherwise chances are that no one will notice and some +# disaster will happen. +# +# If the background saving process will start working again Redis will +# automatically allow writes again. +# +# However if you have setup your proper monitoring of the Redis server +# and persistence, you may want to disable this feature so that Redis will +# continue to work as usual even if there are problems with disk, +# permissions, and so forth. +stop-writes-on-bgsave-error yes + +# Compress string objects using LZF when dump .rdb databases? +# For default that's set to 'yes' as it's almost always a win. +# If you want to save some CPU in the saving child set it to 'no' but +# the dataset will likely be bigger if you have compressible values or keys. +rdbcompression yes + +# Since version 5 of RDB a CRC64 checksum is placed at the end of the file. +# This makes the format more resistant to corruption but there is a performance +# hit to pay (around 10%) when saving and loading RDB files, so you can disable it +# for maximum performances. +# +# RDB files created with checksum disabled have a checksum of zero that will +# tell the loading code to skip the check. +rdbchecksum yes + +# The filename where to dump the DB +dbfilename dump.rdb + +# The working directory. +# +# The DB will be written inside this directory, with the filename specified +# above using the 'dbfilename' configuration directive. +# +# The Append Only File will also be created inside this directory. +# +# Note that you must specify a directory here, not a file name. +dir ./ + +################################# REPLICATION ################################# + +# Master-Slave replication. Use slaveof to make a Redis instance a copy of +# another Redis server. A few things to understand ASAP about Redis replication. +# +# 1) Redis replication is asynchronous, but you can configure a master to +# stop accepting writes if it appears to be not connected with at least +# a given number of slaves. +# 2) Redis slaves are able to perform a partial resynchronization with the +# master if the replication link is lost for a relatively small amount of +# time. You may want to configure the replication backlog size (see the next +# sections of this file) with a sensible value depending on your needs. +# 3) Replication is automatic and does not need user intervention. After a +# network partition slaves automatically try to reconnect to masters +# and resynchronize with them. +# +# slaveof + +# If the master is password protected (using the "requirepass" configuration +# directive below) it is possible to tell the slave to authenticate before +# starting the replication synchronization process, otherwise the master will +# refuse the slave request. +# +# masterauth + +# When a slave loses its connection with the master, or when the replication +# is still in progress, the slave can act in two different ways: +# +# 1) if slave-serve-stale-data is set to 'yes' (the default) the slave will +# still reply to client requests, possibly with out of date data, or the +# data set may just be empty if this is the first synchronization. +# +# 2) if slave-serve-stale-data is set to 'no' the slave will reply with +# an error "SYNC with master in progress" to all the kind of commands +# but to INFO and SLAVEOF. +# +slave-serve-stale-data yes + +# You can configure a slave instance to accept writes or not. Writing against +# a slave instance may be useful to store some ephemeral data (because data +# written on a slave will be easily deleted after resync with the master) but +# may also cause problems if clients are writing to it because of a +# misconfiguration. +# +# Since Redis 2.6 by default slaves are read-only. +# +# Note: read only slaves are not designed to be exposed to untrusted clients +# on the internet. It's just a protection layer against misuse of the instance. +# Still a read only slave exports by default all the administrative commands +# such as CONFIG, DEBUG, and so forth. To a limited extent you can improve +# security of read only slaves using 'rename-command' to shadow all the +# administrative / dangerous commands. +slave-read-only yes + +# Replication SYNC strategy: disk or socket. +# +# ------------------------------------------------------- +# WARNING: DISKLESS REPLICATION IS EXPERIMENTAL CURRENTLY +# ------------------------------------------------------- +# +# New slaves and reconnecting slaves that are not able to continue the replication +# process just receiving differences, need to do what is called a "full +# synchronization". An RDB file is transmitted from the master to the slaves. +# The transmission can happen in two different ways: +# +# 1) Disk-backed: The Redis master creates a new process that writes the RDB +# file on disk. Later the file is transferred by the parent +# process to the slaves incrementally. +# 2) Diskless: The Redis master creates a new process that directly writes the +# RDB file to slave sockets, without touching the disk at all. +# +# With disk-backed replication, while the RDB file is generated, more slaves +# can be queued and served with the RDB file as soon as the current child producing +# the RDB file finishes its work. With diskless replication instead once +# the transfer starts, new slaves arriving will be queued and a new transfer +# will start when the current one terminates. +# +# When diskless replication is used, the master waits a configurable amount of +# time (in seconds) before starting the transfer in the hope that multiple slaves +# will arrive and the transfer can be parallelized. +# +# With slow disks and fast (large bandwidth) networks, diskless replication +# works better. +repl-diskless-sync no + +# When diskless replication is enabled, it is possible to configure the delay +# the server waits in order to spawn the child that transfers the RDB via socket +# to the slaves. +# +# This is important since once the transfer starts, it is not possible to serve +# new slaves arriving, that will be queued for the next RDB transfer, so the server +# waits a delay in order to let more slaves arrive. +# +# The delay is specified in seconds, and by default is 5 seconds. To disable +# it entirely just set it to 0 seconds and the transfer will start ASAP. +repl-diskless-sync-delay 5 + +# Slaves send PINGs to server in a predefined interval. It's possible to change +# this interval with the repl_ping_slave_period option. The default value is 10 +# seconds. +# +# repl-ping-slave-period 10 + +# The following option sets the replication timeout for: +# +# 1) Bulk transfer I/O during SYNC, from the point of view of slave. +# 2) Master timeout from the point of view of slaves (data, pings). +# 3) Slave timeout from the point of view of masters (REPLCONF ACK pings). +# +# It is important to make sure that this value is greater than the value +# specified for repl-ping-slave-period otherwise a timeout will be detected +# every time there is low traffic between the master and the slave. +# +# repl-timeout 60 + +# Disable TCP_NODELAY on the slave socket after SYNC? +# +# If you select "yes" Redis will use a smaller number of TCP packets and +# less bandwidth to send data to slaves. But this can add a delay for +# the data to appear on the slave side, up to 40 milliseconds with +# Linux kernels using a default configuration. +# +# If you select "no" the delay for data to appear on the slave side will +# be reduced but more bandwidth will be used for replication. +# +# By default we optimize for low latency, but in very high traffic conditions +# or when the master and slaves are many hops away, turning this to "yes" may +# be a good idea. +repl-disable-tcp-nodelay no + +# Set the replication backlog size. The backlog is a buffer that accumulates +# slave data when slaves are disconnected for some time, so that when a slave +# wants to reconnect again, often a full resync is not needed, but a partial +# resync is enough, just passing the portion of data the slave missed while +# disconnected. +# +# The bigger the replication backlog, the longer the time the slave can be +# disconnected and later be able to perform a partial resynchronization. +# +# The backlog is only allocated once there is at least a slave connected. +# +# repl-backlog-size 1mb + +# After a master has no longer connected slaves for some time, the backlog +# will be freed. The following option configures the amount of seconds that +# need to elapse, starting from the time the last slave disconnected, for +# the backlog buffer to be freed. +# +# A value of 0 means to never release the backlog. +# +# repl-backlog-ttl 3600 + +# The slave priority is an integer number published by Redis in the INFO output. +# It is used by Redis Sentinel in order to select a slave to promote into a +# master if the master is no longer working correctly. +# +# A slave with a low priority number is considered better for promotion, so +# for instance if there are three slaves with priority 10, 100, 25 Sentinel will +# pick the one with priority 10, that is the lowest. +# +# However a special priority of 0 marks the slave as not able to perform the +# role of master, so a slave with priority of 0 will never be selected by +# Redis Sentinel for promotion. +# +# By default the priority is 100. +slave-priority 100 + +# It is possible for a master to stop accepting writes if there are less than +# N slaves connected, having a lag less or equal than M seconds. +# +# The N slaves need to be in "online" state. +# +# The lag in seconds, that must be <= the specified value, is calculated from +# the last ping received from the slave, that is usually sent every second. +# +# This option does not GUARANTEE that N replicas will accept the write, but +# will limit the window of exposure for lost writes in case not enough slaves +# are available, to the specified number of seconds. +# +# For example to require at least 3 slaves with a lag <= 10 seconds use: +# +# min-slaves-to-write 3 +# min-slaves-max-lag 10 +# +# Setting one or the other to 0 disables the feature. +# +# By default min-slaves-to-write is set to 0 (feature disabled) and +# min-slaves-max-lag is set to 10. + +# A Redis master is able to list the address and port of the attached +# slaves in different ways. For example the "INFO replication" section +# offers this information, which is used, among other tools, by +# Redis Sentinel in order to discover slave instances. +# Another place where this info is available is in the output of the +# "ROLE" command of a masteer. +# +# The listed IP and address normally reported by a slave is obtained +# in the following way: +# +# IP: The address is auto detected by checking the peer address +# of the socket used by the slave to connect with the master. +# +# Port: The port is communicated by the slave during the replication +# handshake, and is normally the port that the slave is using to +# list for connections. +# +# However when port forwarding or Network Address Translation (NAT) is +# used, the slave may be actually reachable via different IP and port +# pairs. The following two options can be used by a slave in order to +# report to its master a specific set of IP and port, so that both INFO +# and ROLE will report those values. +# +# There is no need to use both the options if you need to override just +# the port or the IP address. +# +# slave-announce-ip 5.5.5.5 +# slave-announce-port 1234 + +################################## SECURITY ################################### + +# Require clients to issue AUTH before processing any other +# commands. This might be useful in environments in which you do not trust +# others with access to the host running redis-server. +# +# This should stay commented out for backward compatibility and because most +# people do not need auth (e.g. they run their own servers). +# +# Warning: since Redis is pretty fast an outside user can try up to +# 150k passwords per second against a good box. This means that you should +# use a very strong password otherwise it will be very easy to break. +# +# requirepass foobared + +# Command renaming. +# +# It is possible to change the name of dangerous commands in a shared +# environment. For instance the CONFIG command may be renamed into something +# hard to guess so that it will still be available for internal-use tools +# but not available for general clients. +# +# Example: +# +# rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52 +# +# It is also possible to completely kill a command by renaming it into +# an empty string: +# +# rename-command CONFIG "" +# +# Please note that changing the name of commands that are logged into the +# AOF file or transmitted to slaves may cause problems. + +################################### LIMITS #################################### + +# Set the max number of connected clients at the same time. By default +# this limit is set to 10000 clients, however if the Redis server is not +# able to configure the process file limit to allow for the specified limit +# the max number of allowed clients is set to the current file limit +# minus 32 (as Redis reserves a few file descriptors for internal uses). +# +# Once the limit is reached Redis will close all the new connections sending +# an error 'max number of clients reached'. +# +# maxclients 10000 + +# Don't use more memory than the specified amount of bytes. +# When the memory limit is reached Redis will try to remove keys +# according to the eviction policy selected (see maxmemory-policy). +# +# If Redis can't remove keys according to the policy, or if the policy is +# set to 'noeviction', Redis will start to reply with errors to commands +# that would use more memory, like SET, LPUSH, and so on, and will continue +# to reply to read-only commands like GET. +# +# This option is usually useful when using Redis as an LRU cache, or to set +# a hard memory limit for an instance (using the 'noeviction' policy). +# +# WARNING: If you have slaves attached to an instance with maxmemory on, +# the size of the output buffers needed to feed the slaves are subtracted +# from the used memory count, so that network problems / resyncs will +# not trigger a loop where keys are evicted, and in turn the output +# buffer of slaves is full with DELs of keys evicted triggering the deletion +# of more keys, and so forth until the database is completely emptied. +# +# In short... if you have slaves attached it is suggested that you set a lower +# limit for maxmemory so that there is some free RAM on the system for slave +# output buffers (but this is not needed if the policy is 'noeviction'). +# +# maxmemory + +# MAXMEMORY POLICY: how Redis will select what to remove when maxmemory +# is reached. You can select among five behaviors: +# +# volatile-lru -> remove the key with an expire set using an LRU algorithm +# allkeys-lru -> remove any key according to the LRU algorithm +# volatile-random -> remove a random key with an expire set +# allkeys-random -> remove a random key, any key +# volatile-ttl -> remove the key with the nearest expire time (minor TTL) +# noeviction -> don't expire at all, just return an error on write operations +# +# Note: with any of the above policies, Redis will return an error on write +# operations, when there are no suitable keys for eviction. +# +# At the date of writing these commands are: set setnx setex append +# incr decr rpush lpush rpushx lpushx linsert lset rpoplpush sadd +# sinter sinterstore sunion sunionstore sdiff sdiffstore zadd zincrby +# zunionstore zinterstore hset hsetnx hmset hincrby incrby decrby +# getset mset msetnx exec sort +# +# The default is: +# +# maxmemory-policy noeviction + +# LRU and minimal TTL algorithms are not precise algorithms but approximated +# algorithms (in order to save memory), so you can tune it for speed or +# accuracy. For default Redis will check five keys and pick the one that was +# used less recently, you can change the sample size using the following +# configuration directive. +# +# The default of 5 produces good enough results. 10 Approximates very closely +# true LRU but costs a bit more CPU. 3 is very fast but not very accurate. +# +# maxmemory-samples 5 + +############################## APPEND ONLY MODE ############################### + +# By default Redis asynchronously dumps the dataset on disk. This mode is +# good enough in many applications, but an issue with the Redis process or +# a power outage may result into a few minutes of writes lost (depending on +# the configured save points). +# +# The Append Only File is an alternative persistence mode that provides +# much better durability. For instance using the default data fsync policy +# (see later in the config file) Redis can lose just one second of writes in a +# dramatic event like a server power outage, or a single write if something +# wrong with the Redis process itself happens, but the operating system is +# still running correctly. +# +# AOF and RDB persistence can be enabled at the same time without problems. +# If the AOF is enabled on startup Redis will load the AOF, that is the file +# with the better durability guarantees. +# +# Please check http://redis.io/topics/persistence for more information. + +appendonly no + +# The name of the append only file (default: "appendonly.aof") + +appendfilename "appendonly.aof" + +# The fsync() call tells the Operating System to actually write data on disk +# instead of waiting for more data in the output buffer. Some OS will really flush +# data on disk, some other OS will just try to do it ASAP. +# +# Redis supports three different modes: +# +# no: don't fsync, just let the OS flush the data when it wants. Faster. +# always: fsync after every write to the append only log. Slow, Safest. +# everysec: fsync only one time every second. Compromise. +# +# The default is "everysec", as that's usually the right compromise between +# speed and data safety. It's up to you to understand if you can relax this to +# "no" that will let the operating system flush the output buffer when +# it wants, for better performances (but if you can live with the idea of +# some data loss consider the default persistence mode that's snapshotting), +# or on the contrary, use "always" that's very slow but a bit safer than +# everysec. +# +# More details please check the following article: +# http://antirez.com/post/redis-persistence-demystified.html +# +# If unsure, use "everysec". + +# appendfsync always +appendfsync everysec +# appendfsync no + +# When the AOF fsync policy is set to always or everysec, and a background +# saving process (a background save or AOF log background rewriting) is +# performing a lot of I/O against the disk, in some Linux configurations +# Redis may block too long on the fsync() call. Note that there is no fix for +# this currently, as even performing fsync in a different thread will block +# our synchronous write(2) call. +# +# In order to mitigate this problem it's possible to use the following option +# that will prevent fsync() from being called in the main process while a +# BGSAVE or BGREWRITEAOF is in progress. +# +# This means that while another child is saving, the durability of Redis is +# the same as "appendfsync none". In practical terms, this means that it is +# possible to lose up to 30 seconds of log in the worst scenario (with the +# default Linux settings). +# +# If you have latency problems turn this to "yes". Otherwise leave it as +# "no" that is the safest pick from the point of view of durability. + +no-appendfsync-on-rewrite no + +# Automatic rewrite of the append only file. +# Redis is able to automatically rewrite the log file implicitly calling +# BGREWRITEAOF when the AOF log size grows by the specified percentage. +# +# This is how it works: Redis remembers the size of the AOF file after the +# latest rewrite (if no rewrite has happened since the restart, the size of +# the AOF at startup is used). +# +# This base size is compared to the current size. If the current size is +# bigger than the specified percentage, the rewrite is triggered. Also +# you need to specify a minimal size for the AOF file to be rewritten, this +# is useful to avoid rewriting the AOF file even if the percentage increase +# is reached but it is still pretty small. +# +# Specify a percentage of zero in order to disable the automatic AOF +# rewrite feature. + +auto-aof-rewrite-percentage 100 +auto-aof-rewrite-min-size 64mb + +# An AOF file may be found to be truncated at the end during the Redis +# startup process, when the AOF data gets loaded back into memory. +# This may happen when the system where Redis is running +# crashes, especially when an ext4 filesystem is mounted without the +# data=ordered option (however this can't happen when Redis itself +# crashes or aborts but the operating system still works correctly). +# +# Redis can either exit with an error when this happens, or load as much +# data as possible (the default now) and start if the AOF file is found +# to be truncated at the end. The following option controls this behavior. +# +# If aof-load-truncated is set to yes, a truncated AOF file is loaded and +# the Redis server starts emitting a log to inform the user of the event. +# Otherwise if the option is set to no, the server aborts with an error +# and refuses to start. When the option is set to no, the user requires +# to fix the AOF file using the "redis-check-aof" utility before to restart +# the server. +# +# Note that if the AOF file will be found to be corrupted in the middle +# the server will still exit with an error. This option only applies when +# Redis will try to read more data from the AOF file but not enough bytes +# will be found. +aof-load-truncated yes + +################################ LUA SCRIPTING ############################### + +# Max execution time of a Lua script in milliseconds. +# +# If the maximum execution time is reached Redis will log that a script is +# still in execution after the maximum allowed time and will start to +# reply to queries with an error. +# +# When a long running script exceeds the maximum execution time only the +# SCRIPT KILL and SHUTDOWN NOSAVE commands are available. The first can be +# used to stop a script that did not yet called write commands. The second +# is the only way to shut down the server in the case a write command was +# already issued by the script but the user doesn't want to wait for the natural +# termination of the script. +# +# Set it to 0 or a negative value for unlimited execution without warnings. +lua-time-limit 5000 + +################################ REDIS CLUSTER ############################### +# +# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +# WARNING EXPERIMENTAL: Redis Cluster is considered to be stable code, however +# in order to mark it as "mature" we need to wait for a non trivial percentage +# of users to deploy it in production. +# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +# +# Normal Redis instances can't be part of a Redis Cluster; only nodes that are +# started as cluster nodes can. In order to start a Redis instance as a +# cluster node enable the cluster support uncommenting the following: +# +# cluster-enabled yes + +# Every cluster node has a cluster configuration file. This file is not +# intended to be edited by hand. It is created and updated by Redis nodes. +# Every Redis Cluster node requires a different cluster configuration file. +# Make sure that instances running in the same system do not have +# overlapping cluster configuration file names. +# +# cluster-config-file nodes-6379.conf + +# Cluster node timeout is the amount of milliseconds a node must be unreachable +# for it to be considered in failure state. +# Most other internal time limits are multiple of the node timeout. +# +# cluster-node-timeout 15000 + +# A slave of a failing master will avoid to start a failover if its data +# looks too old. +# +# There is no simple way for a slave to actually have a exact measure of +# its "data age", so the following two checks are performed: +# +# 1) If there are multiple slaves able to failover, they exchange messages +# in order to try to give an advantage to the slave with the best +# replication offset (more data from the master processed). +# Slaves will try to get their rank by offset, and apply to the start +# of the failover a delay proportional to their rank. +# +# 2) Every single slave computes the time of the last interaction with +# its master. This can be the last ping or command received (if the master +# is still in the "connected" state), or the time that elapsed since the +# disconnection with the master (if the replication link is currently down). +# If the last interaction is too old, the slave will not try to failover +# at all. +# +# The point "2" can be tuned by user. Specifically a slave will not perform +# the failover if, since the last interaction with the master, the time +# elapsed is greater than: +# +# (node-timeout * slave-validity-factor) + repl-ping-slave-period +# +# So for example if node-timeout is 30 seconds, and the slave-validity-factor +# is 10, and assuming a default repl-ping-slave-period of 10 seconds, the +# slave will not try to failover if it was not able to talk with the master +# for longer than 310 seconds. +# +# A large slave-validity-factor may allow slaves with too old data to failover +# a master, while a too small value may prevent the cluster from being able to +# elect a slave at all. +# +# For maximum availability, it is possible to set the slave-validity-factor +# to a value of 0, which means, that slaves will always try to failover the +# master regardless of the last time they interacted with the master. +# (However they'll always try to apply a delay proportional to their +# offset rank). +# +# Zero is the only value able to guarantee that when all the partitions heal +# the cluster will always be able to continue. +# +# cluster-slave-validity-factor 10 + +# Cluster slaves are able to migrate to orphaned masters, that are masters +# that are left without working slaves. This improves the cluster ability +# to resist to failures as otherwise an orphaned master can't be failed over +# in case of failure if it has no working slaves. +# +# Slaves migrate to orphaned masters only if there are still at least a +# given number of other working slaves for their old master. This number +# is the "migration barrier". A migration barrier of 1 means that a slave +# will migrate only if there is at least 1 other working slave for its master +# and so forth. It usually reflects the number of slaves you want for every +# master in your cluster. +# +# Default is 1 (slaves migrate only if their masters remain with at least +# one slave). To disable migration just set it to a very large value. +# A value of 0 can be set but is useful only for debugging and dangerous +# in production. +# +# cluster-migration-barrier 1 + +# By default Redis Cluster nodes stop accepting queries if they detect there +# is at least an hash slot uncovered (no available node is serving it). +# This way if the cluster is partially down (for example a range of hash slots +# are no longer covered) all the cluster becomes, eventually, unavailable. +# It automatically returns available as soon as all the slots are covered again. +# +# However sometimes you want the subset of the cluster which is working, +# to continue to accept queries for the part of the key space that is still +# covered. In order to do so, just set the cluster-require-full-coverage +# option to no. +# +# cluster-require-full-coverage yes + +# In order to setup your cluster make sure to read the documentation +# available at http://redis.io web site. + +################################## SLOW LOG ################################### + +# The Redis Slow Log is a system to log queries that exceeded a specified +# execution time. The execution time does not include the I/O operations +# like talking with the client, sending the reply and so forth, +# but just the time needed to actually execute the command (this is the only +# stage of command execution where the thread is blocked and can not serve +# other requests in the meantime). +# +# You can configure the slow log with two parameters: one tells Redis +# what is the execution time, in microseconds, to exceed in order for the +# command to get logged, and the other parameter is the length of the +# slow log. When a new command is logged the oldest one is removed from the +# queue of logged commands. + +# The following time is expressed in microseconds, so 1000000 is equivalent +# to one second. Note that a negative number disables the slow log, while +# a value of zero forces the logging of every command. +slowlog-log-slower-than 10000 + +# There is no limit to this length. Just be aware that it will consume memory. +# You can reclaim memory used by the slow log with SLOWLOG RESET. +slowlog-max-len 128 + +################################ LATENCY MONITOR ############################## + +# The Redis latency monitoring subsystem samples different operations +# at runtime in order to collect data related to possible sources of +# latency of a Redis instance. +# +# Via the LATENCY command this information is available to the user that can +# print graphs and obtain reports. +# +# The system only logs operations that were performed in a time equal or +# greater than the amount of milliseconds specified via the +# latency-monitor-threshold configuration directive. When its value is set +# to zero, the latency monitor is turned off. +# +# By default latency monitoring is disabled since it is mostly not needed +# if you don't have latency issues, and collecting data has a performance +# impact, that while very small, can be measured under big load. Latency +# monitoring can easily be enabled at runtime using the command +# "CONFIG SET latency-monitor-threshold " if needed. +latency-monitor-threshold 0 + +############################# EVENT NOTIFICATION ############################## + +# Redis can notify Pub/Sub clients about events happening in the key space. +# This feature is documented at http://redis.io/topics/notifications +# +# For instance if keyspace events notification is enabled, and a client +# performs a DEL operation on key "foo" stored in the Database 0, two +# messages will be published via Pub/Sub: +# +# PUBLISH __keyspace@0__:foo del +# PUBLISH __keyevent@0__:del foo +# +# It is possible to select the events that Redis will notify among a set +# of classes. Every class is identified by a single character: +# +# K Keyspace events, published with __keyspace@__ prefix. +# E Keyevent events, published with __keyevent@__ prefix. +# g Generic commands (non-type specific) like DEL, EXPIRE, RENAME, ... +# $ String commands +# l List commands +# s Set commands +# h Hash commands +# z Sorted set commands +# x Expired events (events generated every time a key expires) +# e Evicted events (events generated when a key is evicted for maxmemory) +# A Alias for g$lshzxe, so that the "AKE" string means all the events. +# +# The "notify-keyspace-events" takes as argument a string that is composed +# of zero or multiple characters. The empty string means that notifications +# are disabled. +# +# Example: to enable list and generic events, from the point of view of the +# event name, use: +# +# notify-keyspace-events Elg +# +# Example 2: to get the stream of the expired keys subscribing to channel +# name __keyevent@0__:expired use: +# +# notify-keyspace-events Ex +# +# By default all notifications are disabled because most users don't need +# this feature and the feature has some overhead. Note that if you don't +# specify at least one of K or E, no events will be delivered. +notify-keyspace-events "" + +############################### ADVANCED CONFIG ############################### + +# Hashes are encoded using a memory efficient data structure when they have a +# small number of entries, and the biggest entry does not exceed a given +# threshold. These thresholds can be configured using the following directives. +hash-max-ziplist-entries 512 +hash-max-ziplist-value 64 + +# Lists are also encoded in a special way to save a lot of space. +# The number of entries allowed per internal list node can be specified +# as a fixed maximum size or a maximum number of elements. +# For a fixed maximum size, use -5 through -1, meaning: +# -5: max size: 64 Kb <-- not recommended for normal workloads +# -4: max size: 32 Kb <-- not recommended +# -3: max size: 16 Kb <-- probably not recommended +# -2: max size: 8 Kb <-- good +# -1: max size: 4 Kb <-- good +# Positive numbers mean store up to _exactly_ that number of elements +# per list node. +# The highest performing option is usually -2 (8 Kb size) or -1 (4 Kb size), +# but if your use case is unique, adjust the settings as necessary. +list-max-ziplist-size -2 + +# Lists may also be compressed. +# Compress depth is the number of quicklist ziplist nodes from *each* side of +# the list to *exclude* from compression. The head and tail of the list +# are always uncompressed for fast push/pop operations. Settings are: +# 0: disable all list compression +# 1: depth 1 means "don't start compressing until after 1 node into the list, +# going from either the head or tail" +# So: [head]->node->node->...->node->[tail] +# [head], [tail] will always be uncompressed; inner nodes will compress. +# 2: [head]->[next]->node->node->...->node->[prev]->[tail] +# 2 here means: don't compress head or head->next or tail->prev or tail, +# but compress all nodes between them. +# 3: [head]->[next]->[next]->node->node->...->node->[prev]->[prev]->[tail] +# etc. +list-compress-depth 0 + +# Sets have a special encoding in just one case: when a set is composed +# of just strings that happen to be integers in radix 10 in the range +# of 64 bit signed integers. +# The following configuration setting sets the limit in the size of the +# set in order to use this special memory saving encoding. +set-max-intset-entries 512 + +# Similarly to hashes and lists, sorted sets are also specially encoded in +# order to save a lot of space. This encoding is only used when the length and +# elements of a sorted set are below the following limits: +zset-max-ziplist-entries 128 +zset-max-ziplist-value 64 + +# HyperLogLog sparse representation bytes limit. The limit includes the +# 16 bytes header. When an HyperLogLog using the sparse representation crosses +# this limit, it is converted into the dense representation. +# +# A value greater than 16000 is totally useless, since at that point the +# dense representation is more memory efficient. +# +# The suggested value is ~ 3000 in order to have the benefits of +# the space efficient encoding without slowing down too much PFADD, +# which is O(N) with the sparse encoding. The value can be raised to +# ~ 10000 when CPU is not a concern, but space is, and the data set is +# composed of many HyperLogLogs with cardinality in the 0 - 15000 range. +hll-sparse-max-bytes 3000 + +# Active rehashing uses 1 millisecond every 100 milliseconds of CPU time in +# order to help rehashing the main Redis hash table (the one mapping top-level +# keys to values). The hash table implementation Redis uses (see dict.c) +# performs a lazy rehashing: the more operation you run into a hash table +# that is rehashing, the more rehashing "steps" are performed, so if the +# server is idle the rehashing is never complete and some more memory is used +# by the hash table. +# +# The default is to use this millisecond 10 times every second in order to +# actively rehash the main dictionaries, freeing memory when possible. +# +# If unsure: +# use "activerehashing no" if you have hard latency requirements and it is +# not a good thing in your environment that Redis can reply from time to time +# to queries with 2 milliseconds delay. +# +# use "activerehashing yes" if you don't have such hard requirements but +# want to free memory asap when possible. +activerehashing yes + +# The client output buffer limits can be used to force disconnection of clients +# that are not reading data from the server fast enough for some reason (a +# common reason is that a Pub/Sub client can't consume messages as fast as the +# publisher can produce them). +# +# The limit can be set differently for the three different classes of clients: +# +# normal -> normal clients including MONITOR clients +# slave -> slave clients +# pubsub -> clients subscribed to at least one pubsub channel or pattern +# +# The syntax of every client-output-buffer-limit directive is the following: +# +# client-output-buffer-limit +# +# A client is immediately disconnected once the hard limit is reached, or if +# the soft limit is reached and remains reached for the specified number of +# seconds (continuously). +# So for instance if the hard limit is 32 megabytes and the soft limit is +# 16 megabytes / 10 seconds, the client will get disconnected immediately +# if the size of the output buffers reach 32 megabytes, but will also get +# disconnected if the client reaches 16 megabytes and continuously overcomes +# the limit for 10 seconds. +# +# By default normal clients are not limited because they don't receive data +# without asking (in a push way), but just after a request, so only +# asynchronous clients may create a scenario where data is requested faster +# than it can read. +# +# Instead there is a default limit for pubsub and slave clients, since +# subscribers and slaves receive data in a push fashion. +# +# Both the hard or the soft limit can be disabled by setting them to zero. +client-output-buffer-limit normal 0 0 0 +client-output-buffer-limit slave 256mb 64mb 60 +client-output-buffer-limit pubsub 32mb 8mb 60 + +# Redis calls an internal function to perform many background tasks, like +# closing connections of clients in timeout, purging expired keys that are +# never requested, and so forth. +# +# Not all tasks are performed with the same frequency, but Redis checks for +# tasks to perform according to the specified "hz" value. +# +# By default "hz" is set to 10. Raising the value will use more CPU when +# Redis is idle, but at the same time will make Redis more responsive when +# there are many keys expiring at the same time, and timeouts may be +# handled with more precision. +# +# The range is between 1 and 500, however a value over 100 is usually not +# a good idea. Most users should use the default of 10 and raise this up to +# 100 only in environments where very low latency is required. +hz 10 + +# When a child rewrites the AOF file, if the following option is enabled +# the file will be fsync-ed every 32 MB of data generated. This is useful +# in order to commit the file to the disk more incrementally and avoid +# big latency spikes. +aof-rewrite-incremental-fsync yes diff --git a/dockerfiles/redis/README.md b/dockerfiles/redis/README.md new file mode 100644 index 0000000..6bf96ea --- /dev/null +++ b/dockerfiles/redis/README.md @@ -0,0 +1,6 @@ +# Build +``` +$ docker build --force-rm --no-cache -t envdev/redis: redis// +``` + +# Usage