Example of how to quickly build a LEMP environment with Docker

LEMP (Linux + Nginx + MySQL + PHP) is basically a must-have environment for web developers today. Under normal circumstances, we can directly install and use it through system package management tools such as apt and yum. However, due to compatibility considerations, the software sources that come with the system are often updated slowly and will stagnate at the previous version in about half a year, affecting developers' follow-up testing of new features.

In order to pursue the latest version, many developers began to download source code packages and compile them themselves, but the process was too cumbersome, and later one-click installation packages such as Oneinstack and lamp.sh were created.

The launch of Docker can greatly simplify the above process. There are many maintainers on Docker Hub who package various components such as PHP and nginx into images. As a user, you can build a LEMP stack by simply pulling the relevant images. And the features based on Docker bring at least the following advantages:

• Update quickly and roll back to the specified version at any time
• Container isolation, high security
• No system residue, no dependency chain conflict

Two months ago, I started to build the entire LEMP framework and maintained some images myself as needed. The relevant orchestration templates are open source at https://github.com/metowolf/docker-lemp. Currently, the entire blog and API site are running on docker, and the operation is quite stable.

container

Demo

Let me demonstrate this with a simple example.

First, you need to install the docker and docker-compose environments. For the convenience of demonstration, we will directly use the PWD trial host to run it.

$ curl -fsSL https://get.docker.com -o get-docker.sh
$ sh get-docker.sh
$ curl -L "https://github.com/docker/compose/releases/download/1.23.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
$ chmod +x /usr/local/bin/docker-compose

Log in to the server and pull the orchestration template

$ git clone https://github.com/metowolf/docker-lemp.git
$ cd docker-lemp

Create a configuration file

$ cp .env.example .env
$ cp docker-compose.example.yml docker-compose.yml

Create nginx configuration

$ cat > etc/nginx/config/example.conf <<EOF
server {
 listen 80;
 server_name example.com *.direct.labs.play-with-docker.com;

 root /var/www/example.com;
 index index.php;

 location / {
 try_files \$uri \$uri/ /index.php?\$query_string;
 }

 location ~ \.php\$ {
 fastcgi_split_path_info ^(.+\.php)(/.+)\$;
 fastcgi_pass php-fpm:9000;
 fastcgi_index index.php;
 include fastcgi_params;
 fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
 fastcgi_param PATH_INFO \$fastcgi_path_info;
 }
}
EOF

Create phpinfo file

$ mkdir wwwroot/example.com/
$ cat > wwwroot/example.com/index.php <<EOF
<?php
phpinfo();
EOF

Start the container

$ docker-compose up -d php-fpm nginx mysql

After the startup is successful, if there are no accidents, we can see the familiar page on port 80.

Advanced gameplay

QUIC

In the orchestration example, I added a caddy to reverse nginx to get the quic feature. With the help of docker's features, we can let caddy listen to port 443 udp alone, and let nginx still listen to port 443 tcp, so that TLSv1.3 and quic can be taken into account at the same time.

A return header needs to be added in the nginx configuration to remind the browser to try to connect to quic

add_header alt-svc 'quic=":443"; ma=2592000; v="44,43,39"';

brotli

In the nginx container, I compiled brotli into a dynamic module that can be enabled as needed.

Create a new etc/nginx/nginx.conf configuration file

user nginx;
worker_processes auto;

error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;

# Mount the brotli module load_module modules/ngx_http_brotli_filter_module.so;
load_module modules/ngx_http_brotli_static_module.so;

events {
 worker_connections 1024;
}

http {
 include /etc/nginx/mime.types;
 default_type application/octet-stream;

 log_format main '$remote_addr - $remote_user [$time_local] "$request" '
      '$status $body_bytes_sent "$http_referer" '
      '"$http_user_agent" "$http_x_forwarded_for"';

 access_log /var/log/nginx/access.log main;

 sendfile on;
 #tcp_nopush on;

 keepalive_timeout 65;

 #gzip on;

 include /etc/nginx/conf.d/*.conf;
}

Create a new etc/nginx/config/brotli.conf configuration file

brotli on;
brotli_comp_level 6;
brotli_types application/x-httpd-php application/javascript application/x-javascript application/xml application/json text/plain text/javascript text/css text/xml image/jpeg image/gif image/png image/svg+xml;

Modify docker-compose.yml to mount the nginx.conf configuration file

---docker-compose.yml
+++ docker-compose.yml
@@ -11,6 +11,7 @@
  -php-fpm
  volumes:
  - ./log/nginx:/var/log/nginx:rw
+ - ./etc/nginx/nginx.conf:/etc/nginx/nginx.conf:rw
  - ./etc/nginx/config:/etc/nginx/conf.d:rw
  - ./etc/ssl:/etc/nginx/ssl:rw
  - ./wwwroot:/var/www:rw
@@ -65,6 +66,8 @@

Finally, update the container orchestration

$ docker-compose up -d --no-deps --build

The above is the full content of this article. I hope it will be helpful for everyone’s study. I also hope that everyone will support 123WORDPRESS.COM.