bunkerweb 1.4.0
This commit is contained in:
bunkerity
@@ -1,11 +0,0 @@
|
||||
# PrestaShop
|
||||
|
||||
PrestaShop is a freemium, open source e-commerce platform. See the official [website](https://www.prestashop.com) and [repository](https://github.com/PrestaShop/PrestaShop) for more information.
|
||||
|
||||
## Architecture
|
||||
|
||||
<img src="https://github.com/bunkerity/bunkerized-nginx/blob/master/examples/prestashop/architecture.png?raw=true" />
|
||||
|
||||
## Docker
|
||||
|
||||
See [docker-compose.yml](https://github.com/bunkerity/bunkerized-nginx/blob/master/examples/prestashop/docker-compose.yml).
|
||||
Binary file not shown.
|
Before Width: | Height: | Size: 19 KiB |
@@ -2,55 +2,57 @@ version: '3'
|
||||
|
||||
services:
|
||||
|
||||
mywww:
|
||||
image: bunkerity/bunkerized-nginx
|
||||
restart: always
|
||||
depends_on:
|
||||
- myprestashop
|
||||
mybunker:
|
||||
image: bunkerity/bunkerweb:1.4.0
|
||||
ports:
|
||||
- 80:8080
|
||||
- 443:8443
|
||||
# ⚠️ read this if you use local folders for volumes ⚠️
|
||||
# bunkerweb runs as an unprivileged user with UID/GID 101
|
||||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
|
||||
# another example for existing folder : chown -R root:101 folder && chmod -R 770 folder
|
||||
# more info at https://docs.bunkerweb.io
|
||||
volumes:
|
||||
- ./prestashop-files:/www:ro
|
||||
- ./letsencrypt:/etc/letsencrypt
|
||||
- ./server-confs:/server-confs:ro # custom confs at server context for prestashop
|
||||
- bw_data:/data
|
||||
environment:
|
||||
- SERVER_NAME=www.example.com # replace with your domain
|
||||
- AUTO_LETS_ENCRYPT=yes
|
||||
- REDIRECT_HTTP_TO_HTTPS=yes
|
||||
- SERVER_NAME=www.example.com # replace with your domain
|
||||
- SERVE_FILES=no
|
||||
- DISABLE_DEFAULT_SERVER=yes
|
||||
- MAX_CLIENT_SIZE=50m
|
||||
- AUTO_LETS_ENCRYPT=yes
|
||||
- USE_CLIENT_CACHE=yes
|
||||
- USE_GZIP=yes
|
||||
- REMOTE_PHP=myprestashop
|
||||
- REMOTE_PHP_PATH=/var/www/html
|
||||
- LIMIT_REQ_RATE=5r/s
|
||||
- LIMIT_REQ_BURST=10
|
||||
|
||||
myprestashop:
|
||||
image: prestashop/prestashop:1.7-fpm
|
||||
restart: always
|
||||
- MAX_CLIENT_SIZE=50m
|
||||
- USE_REVERSE_PROXY=yes
|
||||
- REVERSE_PROXY_URL=/
|
||||
- REVERSE_PROXY_HOST=http://myps
|
||||
# Remove the following lines after finishing the installation of PrestaShop
|
||||
- LIMIT_REQ_URL_1=/install/index.php
|
||||
- LIMIT_REQ_RATE_1=8r/s
|
||||
|
||||
myps:
|
||||
image: prestashop/prestashop:1.7
|
||||
volumes:
|
||||
- ./prestashop-files:/var/www/html
|
||||
- ./ps-data:/var/www/html
|
||||
environment:
|
||||
- DB_SERVER=mydb
|
||||
- DB_NAME=prestashop
|
||||
- DB_USER=user
|
||||
- DB_PASSWD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD)
|
||||
- PS_INSTALL_AUTO=1
|
||||
- PS_DOMAIN=www.example.com # replace with your domain
|
||||
- PS_FOLDER_ADMIN=myadmin # replace with your admin folder
|
||||
- DB_PASSWD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD)
|
||||
- DB_PREFIX=prefix_ # replace with a random prefix (good security practice)
|
||||
- DB_NAME=prestashop
|
||||
- PS_ENABLE_SSL=1
|
||||
- ADMIN_MAIL=admin@example.com # replace with your mail
|
||||
- ADMIN_PASSWD=admin # replace with a stronger password
|
||||
- ADMIN_MAIL=admin@example.com # change to the prestashop admin email
|
||||
- ADMIN_PASSWD=changeme # change to the prestashop admin password
|
||||
|
||||
mydb:
|
||||
image: mariadb
|
||||
restart: always
|
||||
volumes:
|
||||
- ./db-data:/var/lib/mysql
|
||||
environment:
|
||||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=prestashop
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match DB_PASSWD)
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match DB_PASSWD)
|
||||
|
||||
volumes:
|
||||
bw_data:
|
||||
@@ -1,84 +0,0 @@
|
||||
# remove ports in redirects
|
||||
port_in_redirect off;
|
||||
|
||||
# Redirect 404 errors to prestashop
|
||||
error_page 404 /index.php?controller=404;
|
||||
|
||||
# Force pdf files to be downloaded
|
||||
location ~* \.pdf$ {
|
||||
add_header Content-Disposition Attachment;
|
||||
}
|
||||
|
||||
# Force files inupload directory to be downloaded
|
||||
location ~ ^/upload/ {
|
||||
add_header Content-Disposition Attachment;
|
||||
}
|
||||
|
||||
# Images
|
||||
rewrite ^/([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$1$2$3.jpg last;
|
||||
rewrite ^/([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$1$2$3$4.jpg last;
|
||||
rewrite ^/([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$1$2$3$4$5.jpg last;
|
||||
rewrite ^/([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$1$2$3$4$5$6.jpg last;
|
||||
rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6$7.jpg last;
|
||||
rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7$8.jpg last;
|
||||
rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$1$2$3$4$5$6$7$8$9.jpg last;
|
||||
rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$8/$1$2$3$4$5$6$7$8$9$10.jpg last;
|
||||
rewrite ^/c/([0-9]+)(-[.*_a-zA-Z0-9-]*)(-[0-9]+)?/.+.jpg$ /img/c/$1$2$3.jpg last;
|
||||
rewrite ^/c/([a-zA-Z_-]+)(-[0-9]+)?/.+.jpg$ /img/c/$1$2.jpg last;
|
||||
|
||||
# AlphaImageLoader for IE and fancybox
|
||||
rewrite ^images_ie/?([^/]+)\.(jpe?g|png|gif)$ js/jquery/plugins/fancybox/images/$1.$2 last;
|
||||
|
||||
# Web service API
|
||||
rewrite ^/api/?(.*)$ /webservice/dispatcher.php?url=$1 last;
|
||||
|
||||
# Installation sandbox
|
||||
rewrite ^(/install(?:-dev)?/sandbox)/(.*) /$1/test.php last;
|
||||
|
||||
# [REQUIRED EDIT] Change this block to your admin folder
|
||||
location /myadmin/ {
|
||||
if (!-e $request_filename) {
|
||||
rewrite ^/.*$ /myadmin/index.php last;
|
||||
}
|
||||
}
|
||||
|
||||
# File security
|
||||
# .htaccess .DS_Store .htpasswd etc
|
||||
location ~ /\. {
|
||||
deny all;
|
||||
}
|
||||
# Source code directories
|
||||
location ~ ^/(app|bin|cache|classes|config|controllers|docs|localization|override|src|tests|tools|translations|travis-scripts|vendor|var)/ {
|
||||
deny all;
|
||||
}
|
||||
# vendor in modules directory
|
||||
location ~ ^/modules/.*/vendor/ {
|
||||
deny all;
|
||||
}
|
||||
# Prevent exposing other sensitive files
|
||||
location ~ \.(yml|log|tpl|twig|sass)$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
# Prevent injection of php files
|
||||
location /upload {
|
||||
location ~ \.php$ {
|
||||
deny all;
|
||||
}
|
||||
}
|
||||
location /img {
|
||||
location ~ \.php$ {
|
||||
deny all;
|
||||
}
|
||||
}
|
||||
|
||||
# [REQUIRED EDIT] PHP FPM part
|
||||
location ~ \.php$ {
|
||||
try_files $fastcgi_script_name /index.php$uri&$args =404;
|
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||
include fastcgi_params;
|
||||
fastcgi_param PATH_INFO $fastcgi_path_info;
|
||||
fastcgi_param PATH_TRANSLATED /var/www/html/$fastcgi_path_info;
|
||||
fastcgi_param SCRIPT_FILENAME /var/www/html/$fastcgi_script_name;
|
||||
fastcgi_pass myprestashop:9000;
|
||||
}
|
||||
Reference in New Issue
Block a user