rework squirrel

Dockerfile

@@ -1,43 +1,44 @@
-FROM alpine:3.13
+ARG ARCH=
+FROM ${ARCH}alpine:3.15
 
 LABEL Maintainer="kerstin Sieren <kerstin@sieren.biz>" \
       Description="Lightweight container with Nginx & PHP-FPM based on Alpine Linux."
 
 # Install packages
 RUN apk --no-cache add \
-    php7 \
-    php7-fpm \
-    php7-opcache \
-    php7-pecl-apcu \
-    php7-mysqli \
-    php7-pgsql \
-    php7-json \
-    php7-openssl \
-    php7-curl \
-    php7-zlib \
-    php7-soap \
-    php7-xml \
-    php7-fileinfo \
-    php7-phar \
-    php7-intl \
-    php7-dom \
-    php7-xmlreader \
-    php7-ctype \
-    php7-session \
-    php7-iconv \
-    php7-tokenizer \
-    php7-zip \
-    php7-simplexml \
-    php7-mbstring \
-    php7-gd \
-    php7-pdo_mysql \
-    php7-pdo_pgsql \
-    php7-pdo_sqlite \
-    php7-pecl-mongodb \
-    nginx \
-    runit \
-    curl \
-    tar \
+        php7 \
+        php7-fpm \
+        php7-opcache \
+        php7-pecl-apcu \
+        php7-mysqli \
+        php7-pgsql \
+        php7-json \
+        php7-openssl \
+        php7-curl \
+        php7-zlib \
+        php7-soap \
+        php7-xml \
+        php7-fileinfo \
+        php7-phar \
+        php7-intl \
+        php7-dom \
+        php7-xmlreader \
+        php7-ctype \
+        php7-session \
+        php7-iconv \
+        php7-tokenizer \
+        php7-zip \
+        php7-simplexml \
+        php7-mbstring \
+        php7-gd \
+        php7-pecl-mongodb \
+        php7-pdo_mysql \
+        php7-pdo_pgsql \
+        php7-pdo_sqlite \
+        nginx \
+        runit \
+        curl \
+        tar \
 # Bring in gettext so we can get `envsubst`, then throw
 # the rest away. To do this, we need to install `gettext`
 # then move `envsubst` out of the way so `gettext` can
@@ -57,14 +58,11 @@ RUN apk --no-cache add \
 # Remove alpine cache
     && rm -rf /var/cache/apk/* \
 # Remove default server definition
-#    && rm /etc/nginx/http.d/default.conf \
+    && rm /etc/nginx/http.d/default.conf \
 # Make sure files/folders needed by the processes are accessable when they run under the nobody user
     && chown -R nobody.nobody /run \
     && chown -R nobody.nobody /var/lib/nginx \
-    && chown -R nobody.nobody /var/log/nginx \
-    && chown -R nobody:nobody /etc/php7 \
-    && chown -R nobody.nobody /var/log/ \
-    && chown -R nobody.nobody /tmp
+    && chown -R nobody.nobody /var/log/nginx
 
 RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/bin --filename=composer
 
@@ -84,9 +82,9 @@ EXPOSE 8080
 CMD [ "/bin/docker-entrypoint.sh" ]
 
 # Configure a healthcheck to validate that everything is up&running
-#HEALTHCHECK --timeout=10s CMD curl --silent --fail http://localhost:8080/fpm-ping
+HEALTHCHECK --timeout=10s CMD curl --silent --fail http://127.0.0.1:8080/fpm-ping
 
-ENV client_max_body_size=10M \
+ENV client_max_body_size=5M \
     clear_env=no \
     allow_url_fopen=On \
     allow_url_include=Off \

rootfs/etc/php81/conf.d/custom.ini

@@ -1,14 +0,0 @@
-[Date]
-date.timezone="UTC"
-
-allow_url_fopen = $allow_url_fopen
-allow_url_include= $allow_url_include
-display_errors= $display_errors
-file_uploads= $file_uploads
-max_execution_time= $max_execution_time
-max_input_time= $max_input_time
-max_input_vars= $max_input_vars
-memory_limit= $memory_limit
-post_max_size= $post_max_size
-upload_max_filesize= $upload_max_filesize
-zlib.output_compression= $zlib.output_compression

rootfs/etc/php81/php-fpm.d/www.conf

@@ -1,56 +0,0 @@
-[global]
-; Log to stderr
-error_log = /dev/stderr
-
-[www]
-; The address on which to accept FastCGI requests.
-; Valid syntaxes are:
-;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific IPv4 address on
-;                            a specific port;
-;   '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
-;                            a specific port;
-;   'port'                 - to listen on a TCP socket to all addresses
-;                            (IPv6 and IPv4-mapped) on a specific port;
-;   '/path/to/unix/socket' - to listen on a unix socket.
-; Note: This value is mandatory.
-listen = 127.0.0.1:9000
-
-; Enable status page
-pm.status_path = /fpm-status
-
-; Ondemand process manager
-pm = ondemand
-
-; The number of child processes to be created when pm is set to 'static' and the
-; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
-; This value sets the limit on the number of simultaneous requests that will be
-; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
-; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
-; CGI. The below defaults are based on a server without much resources. Don't
-; forget to tweak pm.* to fit your needs.
-; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
-; Note: This value is mandatory.
-pm.max_children = 100
-
-; The number of seconds after which an idle process will be killed.
-; Note: Used only when pm is set to 'ondemand'
-; Default Value: 10s
-pm.process_idle_timeout = 10s;
-
-; The number of requests each child process should execute before respawning.
-; This can be useful to work around memory leaks in 3rd party libraries. For
-; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
-; Default Value: 0
-pm.max_requests = 1000
-
-; Make sure the FPM workers can reach the environment variables for configuration
-clear_env = $clear_env
-
-; Catch output from PHP
-catch_workers_output = yes
-
-; Remove the 'child 10 said into stderr' prefix in the log and only show the actual message
-decorate_workers_output = no
-
-; Enable ping page to use in healthcheck
-ping.path = /fpm-ping