From 90016ae06cd8438c6fe1f4c6165bb5b9919f0659 Mon Sep 17 00:00:00 2001 From: xuyang Date: Wed, 14 Jan 2026 12:31:25 +0800 Subject: [PATCH] =?UTF-8?q?=E5=A4=84=E7=90=86php53=20composer=E8=AF=81?= =?UTF-8?q?=E4=B9=A6=E3=80=81mongo=E6=89=A9=E5=B1=95=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .env | 6 +-- hosts | 9 ++-- services/nginx/conf.d/gaore.com.conf | 4 +- services/nginx/conf.d/h5.uu89.com.conf | 17 +++++++- services/nginx/conf.d/mail.gaore.com.conf | 2 +- services/php53/Dockerfile | 51 ++++++++++++++++++++++- services/php53/extensions/install.sh | 1 + services/php53/php.ini | 2 +- 8 files changed, 77 insertions(+), 15 deletions(-) diff --git a/.env b/.env index 82de5fb..ae57061 100644 --- a/.env +++ b/.env @@ -1,7 +1,7 @@ # # PHP source directory # -SOURCE_DIR="/mnt/e/code/PHP" +SOURCE_DIR="E:\\code\\PHP" # # Runtime data directory @@ -21,8 +21,8 @@ TZ=Asia/Shanghai # mirrors.aliyun.com # mirrors.ustc.edu.cn # -# CONTAINER_PACKAGE_URL=mirrors.aliyun.com -CONTAINER_PACKAGE_URL=mirrors.163.com +CONTAINER_PACKAGE_URL=mirrors.aliyun.com +# CONTAINER_PACKAGE_URL=mirrors.163.com # # Nginx diff --git a/hosts b/hosts index 6c4de9f..3a5009e 100644 --- a/hosts +++ b/hosts @@ -1,5 +1,6 @@ 172.20.0.254 mkt.api.gaore.com mkt.gaore.com -172.20.0.254 callback.api.gaore.com -172.20.0.254 stat.gaore.com -172.20.0.254 msdk.gaore.com msdk.api.gaore.com game.gaore.com pay.api.gaore.com -192.168.1.202 sso.gaore.com admintest.gaore.com oss.gaore.com \ No newline at end of file +112.74.47.156 mail.gaore.com +172.20.0.254 callback.api.gaore.com h5.uu89.com +172.20.0.254 stat.gaore.com admin-stat.gaore.com passport.gaore.com +172.20.0.254 msdk.gaore.com msdk.api.gaore.com pay.api.gaore.com chat.gaore.com game.gaore.com script.gaore.com apisdk.gaore.com +192.168.1.202 sso.gaore.com admintest.gaore.com oss.gaore.com test.mkt.gaore.com \ No newline at end of file diff --git a/services/nginx/conf.d/gaore.com.conf b/services/nginx/conf.d/gaore.com.conf index 4681ef6..ae10c7f 100644 --- a/services/nginx/conf.d/gaore.com.conf +++ b/services/nginx/conf.d/gaore.com.conf @@ -1,7 +1,7 @@ server { listen 80; - server_name stat.gaore.com admin.stat.89yoo.com; + server_name stat.gaore.com admin.stat.89yoo.com admin-stat.gaore.com; root /www/gaore/stat.gaore.com/public; index index.php index.html index.htm; @@ -85,7 +85,7 @@ server { location ~ \.php(.*)$ { - fastcgi_pass host.docker.internal:9056; + fastcgi_pass host.docker.internal:9053; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param GAORE_ENVIRONMENT development; diff --git a/services/nginx/conf.d/h5.uu89.com.conf b/services/nginx/conf.d/h5.uu89.com.conf index b424ee1..ec305e5 100644 --- a/services/nginx/conf.d/h5.uu89.com.conf +++ b/services/nginx/conf.d/h5.uu89.com.conf @@ -1,7 +1,7 @@ # h5.uu89.com server { listen 80; - server_name h5.uu89.com; + server_name h5.uu89.com n5.89yoo.com; index index.php; root /www/gaore/h5.uu89.com/public; @@ -18,15 +18,28 @@ server { } location ~ \.php(.*)$ { + # 只允许 index.php 直接执行 + if ($uri != "/index.php") { + rewrite ^/(.*)$ /index.php?_url=/$1 last; + } + + # 防止伪造 PHP 文件请求 + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass host.docker.internal:9070; fastcgi_index index.php; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; + # fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; fastcgi_param QUAN_DEBUG On; fastcgi_param GAORE_ENVIRONMENT development; include fastcgi_params; + + # 添加调试头(临时) + add_header X-Phalcon-Debug "PHP processed" always; } # deny access to .htaccess files, if Apache's document root diff --git a/services/nginx/conf.d/mail.gaore.com.conf b/services/nginx/conf.d/mail.gaore.com.conf index 02ccf6c..80ab23e 100644 --- a/services/nginx/conf.d/mail.gaore.com.conf +++ b/services/nginx/conf.d/mail.gaore.com.conf @@ -4,7 +4,7 @@ server { listen 80; server_name mail.gaore.com; index index.php; - root /www/gaore/mail.gaore.com/public; + root /www/gaore/mail.gaore.com; access_log /var/log/nginx/mail.gaore.com.access.log main; error_log /var/log/nginx/mail.gaore.com.error.log warn; diff --git a/services/php53/Dockerfile b/services/php53/Dockerfile index f740641..73a8bba 100644 --- a/services/php53/Dockerfile +++ b/services/php53/Dockerfile @@ -5,6 +5,13 @@ ARG TZ ARG PHP_EXTENSIONS ARG CONTAINER_PACKAGE_URL +RUN echo "${TZ}" + + +# 设置时区 +ENV TZ=${TZ} +ENV DEBIAN_FRONTEND=noninteractive + # 替换源列表,更新软件包索引 RUN echo "deb http://archive.debian.org/debian/ stretch main contrib non-free" > /etc/apt/sources.list && \ echo "deb-src http://archive.debian.org/debian/ stretch main contrib non-free" >> /etc/apt/sources.list && \ @@ -13,7 +20,36 @@ RUN echo "deb http://archive.debian.org/debian/ stretch main contrib non-free" > echo "deb http://archive.debian.org/debian/ stretch-backports main contrib non-free" >> /etc/apt/sources.list && \ apt-get update -RUN apt-get install -y --allow-unauthenticated --no-install-recommends libyaml-dev +RUN apt-get install -y openssl --allow-unauthenticated --no-install-recommends libyaml-dev + +# 安装 SSL 库(多个版本确保兼容) +RUN apt-get install -y \ + openssl \ + libssl1.0-dev \ + libssl1.0.0 \ + --allow-unauthenticated \ + --no-install-recommends + +# 创建 SSL 库的符号链接 +RUN ln -sf /usr/lib/x86_64-linux-gnu/libssl.so /usr/lib/libssl.so && \ + ln -sf /usr/lib/x86_64-linux-gnu/libcrypto.so /usr/lib/libcrypto.so + +# 安装必要的软件包并更新 CA 证书 +RUN apt-get install -y \ + openssl \ + ca-certificates \ + curl \ + wget \ + gnupg \ + --allow-unauthenticated \ + --no-install-recommends \ + libyaml-dev && \ + update-ca-certificates --fresh && \ + rm -rf /var/lib/apt/lists/* + +# 设置时区 +RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \ + echo $TZ > /etc/timezone COPY ./docker-php-ext-enable /usr/local/bin/ RUN chmod +x /usr/local/bin/docker-php-ext-enable @@ -21,7 +57,18 @@ RUN chmod +x /usr/local/bin/docker-php-ext-enable COPY ./extensions /tmp/extensions WORKDIR /tmp/extensions RUN chmod +x install.sh \ - && sh install.sh + && sh install.sh \ + && rm -fr /tmp/extensions + +# 配置 Composer 使用系统 CA 证书 +RUN mkdir -p /var/www/.config/composer && \ + mkdir -p /var/www/.cache/composer && \ + chmod -R 777 /var/www/.config /var/www/.cache + +# 设置 Composer 环境变量 +ENV COMPOSER_ALLOW_SUPERUSER=1 +ENV COMPOSER_HOME=/var/www/.config/composer +ENV COMPOSER_CACHE_DIR=/var/www/.cache/composer # php image's www-data user uid & gid are 82, change them to 1000 (primary user) RUN usermod -u 1000 www-data && groupmod -g 1000 www-data diff --git a/services/php53/extensions/install.sh b/services/php53/extensions/install.sh index 22c134c..2489007 100644 --- a/services/php53/extensions/install.sh +++ b/services/php53/extensions/install.sh @@ -20,6 +20,7 @@ fi export EXTENSIONS=",${PHP_EXTENSIONS}," +echo "EXTENSIONS ,${PHP_EXTENSIONS}," # diff --git a/services/php53/php.ini b/services/php53/php.ini index 8b07550..d3d7164 100644 --- a/services/php53/php.ini +++ b/services/php53/php.ini @@ -1902,7 +1902,7 @@ ldap.max_links = -1 ; OS-managed cert stores in its absence. If specified, this value may still ; be overridden on a per-stream basis via the "cafile" SSL stream context ; option. -;openssl.cafile= +openssl.cafile=/tmp/composer/cacert.pem ; If openssl.cafile is not specified or if the CA file is not found, the ; directory pointed to by openssl.capath is searched for a suitable