Last active
January 30, 2023 15:42
-
-
Save twang2218/3c7850f60ed501e0e25a017d466b7fb1 to your computer and use it in GitHub Desktop.
HAProxy + Nginx + PHP with client IP attached (don't forget docker daemon option `--userland-proxy=false`)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '2' | |
| services: | |
| haproxy: | |
| image: haproxy:alpine | |
| volumes: | |
| - ./haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg | |
| ports: | |
| - "80:80" | |
| depends_on: | |
| - nginx | |
| - syslog | |
| nginx: | |
| image: nginx:alpine | |
| volumes: | |
| - ./nginx.conf:/etc/nginx/conf.d/default.conf:ro | |
| - ./:/usr/share/nginx/html:ro | |
| depends_on: | |
| - php | |
| php: | |
| image: php:fpm-alpine | |
| volumes: | |
| - ./:/usr/share/nginx/html:ro | |
| syslog: | |
| image: bobrik/syslog-ng:latest | |
| volumes: | |
| - ./log:/var/log/syslog-ng | |
| networks: | |
| default: | |
| ipam: | |
| config: | |
| - subnet: 10.2.0.0/24 | |
| ip_range: 10.2.0.0/25 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| global | |
| log syslog daemon | |
| defaults | |
| timeout connect 5000ms | |
| timeout client 50000ms | |
| timeout server 50000ms | |
| resolvers docker_dns | |
| nameserver dns "127.0.0.11:53" | |
| timeout retry 1s | |
| hold valid 1s | |
| listen http-in | |
| mode http | |
| bind :80 | |
| option httplog | |
| option forwardfor except 127.0.0.1 | |
| log global | |
| server nginx nginx:80 check resolvers docker_dns resolve-prefer ipv4 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php phpinfo(); ?> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| listen 80; | |
| server_name _; | |
| charset utf-8; | |
| root /usr/share/nginx/html; | |
| index index.php index.html index.htm; | |
| gzip on; | |
| gzip_disable "msie6"; | |
| gzip_types text/plain text/css text/xml text/javascript application/json | |
| application/x-javascript application/xml application/xml+rss application/javascript; | |
| error_page 404 = /index.php; | |
| access_log /dev/stdout; | |
| error_log /var/log/nginx/error.log debug; | |
| client_max_body_size 64m; | |
| location / { | |
| try_files $uri $uri/ /index.php?$args; | |
| } | |
| location /. { | |
| return 404; | |
| } | |
| location ~ \.php$ { | |
| include fastcgi_params; | |
| try_files $uri =404; | |
| resolver 127.0.0.11; | |
| set_real_ip_from 10.2.0.0/24; | |
| real_ip_header X-Forwarded-For; | |
| set $php "php"; | |
| fastcgi_pass $php:9000; | |
| fastcgi_split_path_info ^(.+\.php)(/.+)$; | |
| fastcgi_read_timeout 300; | |
| fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |
| fastcgi_index index.php; | |
| } | |
| location ~ /\.ht { | |
| deny all; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment