From e818acb0d163c24c2050c8395d381306320f1ad5 Mon Sep 17 00:00:00 2001 From: bunkerity Date: Sun, 29 Nov 2020 16:50:53 +0100 Subject: [PATCH] prestashop example --- examples/prestashop/docker-compose.yml | 53 ++++++++++++ .../prestashop/server-confs/prestashop.conf | 84 +++++++++++++++++++ 2 files changed, 137 insertions(+) create mode 100644 examples/prestashop/docker-compose.yml create mode 100644 examples/prestashop/server-confs/prestashop.conf diff --git a/examples/prestashop/docker-compose.yml b/examples/prestashop/docker-compose.yml new file mode 100644 index 0000000..6d8282c --- /dev/null +++ b/examples/prestashop/docker-compose.yml @@ -0,0 +1,53 @@ +version: '3' + +services: + + mywww: + image: bunkerity/bunkerized-nginx + restart: always + ports: + - 80:8080 + - 443:8443 + volumes: + - ./prestashop-files:/www:ro + - ./letsencrypt:/etc/letsencrypt + - ./server-confs:/server-confs:ro # custom confs at server context for prestashop + environment: + - SERVER_NAME=www.website.com # replace with your domain + - AUTO_LETS_ENCRYPT=yes + - REDIRECT_HTTP_TO_HTTPS=yes + - DISABLE_DEFAULT_SERVER=yes + - MAX_CLIENT_SIZE=50m + - USE_CLIENT_CACHE=yes + - USE_GZIP=yes + - USE_BROTLI=yes + - REMOTE_PHP=myprestashop + - REMOTE_PHP_PATH=/var/www/html + + myprestashop: + image: prestashop/prestashop:1.7-fpm + restart: always + volumes: + - ./prestashop-files:/var/www/html + environment: + - DB_SERVER=mydb + - DB_NAME=prestashop + - DB_USER=user + - DB_PASSWD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD) + - PS_INSTALL_AUTO=1 + - PS_DOMAIN=www.website.com # replace with your domain + - PS_FOLDER_ADMIN=myadmin # replace with your admin folder + - PS_ENABLE_SSL=1 + - ADMIN_MAIL=admin@website.com # replace with your mail + - ADMIN_PASSWD=admin # replace with a stronger password + + mydb: + image: mariadb + restart: always + volumes: + - ./db-data:/var/lib/mysql + environment: + - MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password + - MYSQL_DATABASE=prestashop + - MYSQL_USER=user + - MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match DB_PASSWD) diff --git a/examples/prestashop/server-confs/prestashop.conf b/examples/prestashop/server-confs/prestashop.conf new file mode 100644 index 0000000..6cf996a --- /dev/null +++ b/examples/prestashop/server-confs/prestashop.conf @@ -0,0 +1,84 @@ +# remove ports in redirects +port_in_redirect off; + +# Redirect 404 errors to prestashop +error_page 404 /index.php?controller=404; + +# Force pdf files to be downloaded +location ~* \.pdf$ { + add_header Content-Disposition Attachment; +} + +# Force files inupload directory to be downloaded +location ~ ^/upload/ { + add_header Content-Disposition Attachment; +} + +# Images +rewrite ^/([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$1$2$3.jpg last; +rewrite ^/([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$1$2$3$4.jpg last; +rewrite ^/([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$1$2$3$4$5.jpg last; +rewrite ^/([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$1$2$3$4$5$6.jpg last; +rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6$7.jpg last; +rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7$8.jpg last; +rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$1$2$3$4$5$6$7$8$9.jpg last; +rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$8/$1$2$3$4$5$6$7$8$9$10.jpg last; +rewrite ^/c/([0-9]+)(-[.*_a-zA-Z0-9-]*)(-[0-9]+)?/.+.jpg$ /img/c/$1$2$3.jpg last; +rewrite ^/c/([a-zA-Z_-]+)(-[0-9]+)?/.+.jpg$ /img/c/$1$2.jpg last; + +# AlphaImageLoader for IE and fancybox +rewrite ^images_ie/?([^/]+)\.(jpe?g|png|gif)$ js/jquery/plugins/fancybox/images/$1.$2 last; + +# Web service API +rewrite ^/api/?(.*)$ /webservice/dispatcher.php?url=$1 last; + +# Installation sandbox +rewrite ^(/install(?:-dev)?/sandbox)/(.*) /$1/test.php last; + +# [REQUIRED EDIT] Change this block to your admin folder +location /myadmin/ { + if (!-e $request_filename) { + rewrite ^/.*$ /myadmin/index.php last; + } +} + +# File security +# .htaccess .DS_Store .htpasswd etc +location ~ /\. { + deny all; +} +# Source code directories +location ~ ^/(app|bin|cache|classes|config|controllers|docs|localization|override|src|tests|tools|translations|travis-scripts|vendor|var)/ { + deny all; +} +# vendor in modules directory +location ~ ^/modules/.*/vendor/ { + deny all; +} +# Prevent exposing other sensitive files +location ~ \.(yml|log|tpl|twig|sass)$ { + deny all; +} + +# Prevent injection of php files +location /upload { + location ~ \.php$ { + deny all; + } +} +location /img { + location ~ \.php$ { + deny all; + } +} + +# [REQUIRED EDIT] PHP FPM part +location ~ \.php$ { + try_files $fastcgi_script_name /index.php$uri&$args =404; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include fastcgi_params; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param PATH_TRANSLATED /var/www/html/$fastcgi_path_info; + fastcgi_param SCRIPT_FILENAME /var/www/html/$fastcgi_script_name; + fastcgi_pass myprestashop:9000; +}