Skip to content

Unit tests standard #250

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
evanjamesjackson wants to merge 155 commits into from
Closed

Unit tests standard #250

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
155 commits
Select commit Hold shift + click to select a range
9dccfe1
.dockerignore file
evanjamesjackson May 7, 2024
b496038
Using 1000:1000 for uid:gid as that is consistent for our local setups
evanjamesjackson May 7, 2024
1b2907a
Adding Platform Version 2024.1 dependency
evanjamesjackson May 7, 2024
e7f517d
Ignoring composer cache directory in Git and Docker
evanjamesjackson May 7, 2024
4b6a27d
First pass at customized Docker setup
evanjamesjackson May 7, 2024
bb25d34
Adding APP_NAME env var
evanjamesjackson May 8, 2024
9be0328
Reintroducing cache:clear in init.local
evanjamesjackson May 8, 2024
a68c9f1
Contingency in case composer.lock is missing
evanjamesjackson May 8, 2024
f551186
Core bundles installed and enabled
evanjamesjackson May 8, 2024
133c3a1
Config for debug container
evanjamesjackson May 8, 2024
25d0f4b
Fixing debug container
evanjamesjackson May 8, 2024
ac4d057
Adding SYMFONY_DOTENV_VARS env var to get rid of deprecation warnings
evanjamesjackson May 8, 2024
fc42085
Ignoring .htaccess
evanjamesjackson May 8, 2024
b6d86c6
Getting rid of supervisord warnings
evanjamesjackson May 8, 2024
0e46314
Nginx config for debug container
evanjamesjackson May 8, 2024
44b44cc
Custom port for webapp
evanjamesjackson May 8, 2024
58feca7
Port for accessing local DB
evanjamesjackson May 8, 2024
62002cd
More selective about what goes in image
evanjamesjackson May 9, 2024
ccf5acf
Fixing last commit
evanjamesjackson May 9, 2024
a1ea70d
Removing unnecessary comment
evanjamesjackson May 9, 2024
6d625eb
Removing aqmp messenger requirement completely as we don't use it
evanjamesjackson May 9, 2024
ead2cb2
Configuration to commit but Docker-ignore local config files
evanjamesjackson May 9, 2024
e458dcb
Obviously can't ignore the Symfony .env file...
evanjamesjackson May 9, 2024
c7f7055
Undoing local config contigency as it's a half-baked idea at this point
evanjamesjackson May 9, 2024
ee76d7a
Configuration for local files. And committing database.yaml
evanjamesjackson May 9, 2024
38c1b34
PHP ini and PHP-FPM conf changes
evanjamesjackson May 9, 2024
f5be506
Adding Role Creator and Folder Creator bundles
evanjamesjackson May 9, 2024
49bf49a
Removing php.ini and php-fpm.conf as it they are in base image already!
evanjamesjackson May 9, 2024
27a95bb
Proper config for Redis for Pimcore cache and session storage
evanjamesjackson May 9, 2024
505d27b
Merge pull request #1 from TorqIT/torq-changes
evanjamesjackson May 10, 2024
048f2c7
Adding procps
evanjamesjackson May 22, 2024
b02d978
Now only running cache:clear locally if a DB has been seeded
evanjamesjackson May 23, 2024
7d63168
Casting database port to string
evanjamesjackson May 23, 2024
376daba
Adding missing PimcoreAdminBundle install step
evanjamesjackson May 23, 2024
4dc2663
Adding iputils-ping package
evanjamesjackson May 23, 2024
955ce1f
Removing explicit rw directives from volumes as that is the default
evanjamesjackson May 23, 2024
f641dec
Adding --no-interaction flag
evanjamesjackson May 31, 2024
d73cb88
Custom Redis Docker image
evanjamesjackson Jun 7, 2024
ac5b9ff
Adding extra condition on pimcore-install
evanjamesjackson Jun 11, 2024
22e34ee
Explicitly using 127.0.0.1:9000 in nginx.conf to avoid problems with …
evanjamesjackson Jun 11, 2024
00e4e27
Removed comment
evanjamesjackson Jun 20, 2024
741f411
Merge remote-tracking branch 'upstream/2024.x' into 2024.x
evanjamesjackson Jul 25, 2024
a6f2358
Removing unnecessary nginx application from php-debug service
evanjamesjackson Jul 25, 2024
f320fe7
Moving build:classes and cache:warmup calls to base as all built imag…
evanjamesjackson Jul 25, 2024
bbee9f6
Removing --fail-without-error as Pimcore 11.3 no longer fails when bu…
evanjamesjackson Jul 25, 2024
ea8e3b1
More comprehensive check on PIMCORE_INSTALL variable
evanjamesjackson Jul 25, 2024
335ef3b
Volume-mapping init.sh so it is easier to debug
evanjamesjackson Jul 26, 2024
f1edc99
Better echo out
evanjamesjackson Jul 26, 2024
97bafd4
Replacing custom Redis image with Docker Hub one with a simple comman…
evanjamesjackson Jul 29, 2024
e1ef680
Use --force flag to ensure there are no problems with out-of-sync mod…
evanjamesjackson Jul 30, 2024
0292050
Simplifying PIMCORE_INSTALL condition
evanjamesjackson Jul 30, 2024
02234f2
Merge pull request #3 from TorqIT/always-force-class-rebuild
evanjamesjackson Jul 30, 2024
d7bf4f5
Container name for Redis
evanjamesjackson Jul 31, 2024
c58cd92
Typo
evanjamesjackson Aug 6, 2024
e8686cf
Adjusting case of 'as' keyword to get rid of build warnings
evanjamesjackson Aug 13, 2024
33fff9c
Change init command order.
lukemacausland Aug 26, 2024
f0fb843
Merge pull request #4 from TorqIT/change-init-command-order
evanjamesjackson Aug 26, 2024
8217c9c
Merge remote-tracking branch 'upstream/2024.x' into 2024.x
evanjamesjackson Aug 28, 2024
c911745
allow npm proxy access to php container (#2)
cameronfromtorq Aug 28, 2024
e9a1d61
Adding missing XDebug configuration
evanjamesjackson Aug 28, 2024
86b0b6f
Updating to use PHP 8.3 versions of base Pimcore images
evanjamesjackson Aug 28, 2024
70e965e
Always run composer-install-dependencies.sh to ensure local vendor fo…
evanjamesjackson Sep 3, 2024
1161e13
Update README.md
evanjamesjackson Sep 17, 2024
c0e7675
Upgrading Symfony dependencies to ^6.4
evanjamesjackson Oct 7, 2024
6d94942
Merge remote-tracking branch 'upstream/2024.x' into 2024.x
evanjamesjackson Oct 7, 2024
83bf7e7
Update Symfony dependencies to ^6.4.11
evanjamesjackson Oct 10, 2024
1f9586f
add vscode settings folder (#6)
cameronfromtorq Oct 11, 2024
63795cc
Locking down _profiler route to require PIMCORE_ADMIN role to reduce …
evanjamesjackson Oct 17, 2024
05029c0
Revert "Locking down _profiler route to require PIMCORE_ADMIN role to…
evanjamesjackson Oct 17, 2024
a6aec45
Proper version constraint for Symfony dependencies to avoid Redis bug
evanjamesjackson Oct 18, 2024
b3673c5
Disabling profiler by default
evanjamesjackson Oct 29, 2024
b2822c5
Removing unprotected firewall for _profiler and _wdt routes
evanjamesjackson Oct 30, 2024
abb0366
Put back dev firewall for static files
evanjamesjackson Oct 30, 2024
0c90025
Merge remote-tracking branch 'upstream/2024.x' into 2024.x
evanjamesjackson Nov 17, 2024
fd2b54a
Ensuring that pimcore:build:classes does not silently fail during ima…
evanjamesjackson Nov 17, 2024
ee5b3db
Better default value for database server version
evanjamesjackson Nov 17, 2024
f0870a5
Merge branch 'pimcore:2024.x' into 2024.x
evanjamesjackson Nov 27, 2024
a9958ef
Add package, and enable. (#9)
lukemacausland Nov 28, 2024
7fc9a1b
Kernel secret-izing and updating README.md (#11)
evanjamesjackson Nov 28, 2024
bf3cbac
Fixing file location of kernel-secret
evanjamesjackson Nov 28, 2024
dceb476
Fix typo in README
evanjamesjackson Dec 9, 2024
74f41df
Typo in README
evanjamesjackson Dec 9, 2024
c13dfdc
consume search index messages
cameronfromtorq Dec 11, 2024
3ef0529
Merge pull request #12 from TorqIT/bugfix/index-backend-search-by-def…
evanjamesjackson Dec 11, 2024
77a3ef6
Update composer.json
lukemacausland Jan 6, 2025
833d812
Update Kernel.php
lukemacausland Jan 6, 2025
3b67e84
Update composer.json
lukemacausland Jan 8, 2025
cddec4e
Merge pull request #14 from TorqIT/feature/add-custom-grid-field-bundle
evanjamesjackson Jan 8, 2025
f4381d0
Create quantityvalues.json
lukemacausland Feb 4, 2025
eecbda7
Add import command to init
lukemacausland Feb 4, 2025
1b02a7d
Merge pull request #16 from TorqIT/feature/quantity-value-init
evanjamesjackson Feb 5, 2025
dba7fd2
Add composer package
lukemacausland Feb 13, 2025
b6c42bb
Add bundle to Kernel.php
lukemacausland Feb 13, 2025
e037f70
Merge pull request #17 from TorqIT/feature/path-formatter-bundle
evanjamesjackson Feb 13, 2025
678ca71
Update extensions.json to suggest inelephense and editorconfig as ins…
IronSean Feb 20, 2025
5368fd9
Merge pull request #18 from TorqIT/feature/editorconfig
evanjamesjackson Feb 26, 2025
6064a92
Remove COMPOSER_HOME env var
evanjamesjackson Feb 26, 2025
c3290ad
Merge pull request #19 from TorqIT/remove-composer-home-var
lukemacausland Feb 26, 2025
e96be16
Sidebar Env Indicator (#10)
lukemacausland Mar 6, 2025
a90e7a0
Apply php-cs-fixer changes
evanjamesjackson Mar 6, 2025
1f27d9a
Continous integration workflow (#20)
evanjamesjackson Mar 7, 2025
9dde625
Update supervisord.conf (#22)
lukemacausland Apr 8, 2025
60d9d43
Update supervisord.conf to split up largest workers (#13)
IronSean Apr 16, 2025
2928a8a
Add default domain name config (#5)
lukemacausland May 13, 2025
e61ebf5
SQL In-File (#24)
lukemacausland Jun 17, 2025
e82a857
Fix syntax error for test services
rjjackson22 Jul 9, 2025
c313e26
Merge pull request #28 from TorqIT/feature/dvps-187-fix-syntax-error-…
evanjamesjackson Jul 17, 2025
bd726eb
Add marker to indicate Dockerfile syntax (for use with secrets)
evanjamesjackson Aug 5, 2025
49f6773
Add cache-buster rewrite for protected assets option #2
evanjamesjackson Aug 5, 2025
a555ebf
Merge pull request #27 from TorqIT/bugfix/sidebar-panel-collapse
torqdev Oct 28, 2025
473cbf4
Upstream merge (#33)
evanjamesjackson Oct 28, 2025
76ea3ac
Merge remote-tracking branch 'upstream/2024.x' into 2024.x
evanjamesjackson Oct 28, 2025
4daaced
Upstream merge 2025.x
evanjamesjackson Oct 28, 2025
98020d8
Pull from 8.4-v4 base images
evanjamesjackson Oct 28, 2025
1275cd9
Remove TinymceBundle
evanjamesjackson Oct 29, 2025
2325ddf
Update bundles to be compatible with Pimcore 12
evanjamesjackson Oct 29, 2025
7ec17a9
Ignore local installation files
evanjamesjackson Oct 30, 2025
914ab5a
New secrets required for Pimcore 12
evanjamesjackson Oct 31, 2025
a314379
Update README
evanjamesjackson Oct 31, 2025
99ce113
Upgrade PR Docker image build workflow
evanjamesjackson Oct 31, 2025
457ba98
Contributing instructions
evanjamesjackson Oct 31, 2025
1898157
Try explicit product key
evanjamesjackson Oct 31, 2025
a09c4c6
Revert workflow
evanjamesjackson Oct 31, 2025
3f1ffd9
Use /etc/profile.d for secrets-to-env-vars so it is available to logi…
evanjamesjackson Oct 31, 2025
d2688a9
Fix syntax warning
evanjamesjackson Oct 31, 2025
f40e32b
Add configuration of default composer directories to get rid of warnings
evanjamesjackson Nov 5, 2025
1acb121
Add monolog.yaml to handle debug/error logging of APP_ENV values that…
evanjamesjackson Nov 10, 2025
30e6593
Feature: Perspective Editor (#38)
lukemacausland Dec 3, 2025
3325dc0
Create system_settings.yaml (#15)
lukemacausland Dec 3, 2025
1113737
add a local testing enviroment for sending / recieving emails (#26)
cameronfromtorq Dec 3, 2025
4796cff
Clarify why these three secrets are mounted as env vars
evanjamesjackson Dec 4, 2025
54650b7
Merge remote-tracking branch 'upstream/2025.x' into 2025.x
evanjamesjackson Dec 5, 2025
2788aee
Merge branch '2025.x' into prepare-2025.x
evanjamesjackson Dec 5, 2025
5b126bc
Merge branch 'prepare-2025.x' of github.com:TorqIT/pimcore-skeleton i…
evanjamesjackson Dec 5, 2025
b89d082
Merge pull request #34 from TorqIT/prepare-2025.x
evanjamesjackson Dec 5, 2025
9647df3
Delete upstream workflows (#39)
evanjamesjackson Dec 5, 2025
4e890ac
Merge branch '2024.x' into 2025.x
evanjamesjackson Dec 5, 2025
93f63ff
Use new standardized CI workflow (#41)
evanjamesjackson Dec 5, 2025
0660151
Only run CI on PRs (#43)
evanjamesjackson Dec 9, 2025
c39bd68
Add config locations placeholders to the skeleton for easy access in …
IronSean Dec 9, 2025
9bf1ad8
Adding script to install all available bundles without listing them i…
lukemacausland Dec 10, 2025
6657e46
This change was done in a separate pull request.
lukemacausland Dec 10, 2025
5c0cd86
Add custom expression providers for use in calculated fields.
lukemacausland Dec 10, 2025
03efe34
Add datahub / importer, with default configs. (#44)
lukemacausland Dec 15, 2025
843c0d2
Update init.sh (#42)
evanjamesjackson Dec 15, 2025
cf9ad19
Fix typo on db service (#49)
evanjamesjackson Dec 15, 2025
9a4364f
Merge pull request #48 from TorqIT/feature/generic-symfony-functions
lukemacausland Dec 18, 2025
04f71cf
Merge branch '2025.x' into feature/install-bundles-script
lukemacausland Dec 18, 2025
f855d8b
Add "install" env vars required by pimcore-install
evanjamesjackson Dec 15, 2025
0474a39
Pin pimcore/platform-version to 2025.4 LTS (#51)
evanjamesjackson Dec 18, 2025
d7e5a41
Merge pull request #47 from TorqIT/feature/install-bundles-script
lukemacausland Dec 18, 2025
35c8051
Copy in install bundle script. (#53)
lukemacausland Dec 18, 2025
e0c5fe9
Compare nginx to nginx-debug (#54)
lukemacausland Jan 5, 2026
37c54d4
Ensure wget is available in PHP container for healthcheck purposes (#57)
evanjamesjackson Jan 14, 2026
9fc720c
RUN_UNIT_TESTS true by default
evanjamesjackson Jan 19, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
60 changes: 60 additions & 0 deletions .docker/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
# syntax=docker/dockerfile:1

FROM pimcore/pimcore:php8.4-v4 AS base
RUN set -eux; \
apt-get update -y; \
apt-get install -y --no-install-recommends autoconf make g++ unixodbc-dev cron procps iputils-ping vim supervisor netcat-traditional default-mysql-client; \
rm -rf /var/lib/apt/lists/*; \
usermod -u 1000 www-data; \
groupmod -g 1000 www-data;
# We copy in the composer files and download dependencies, then in a separate set of statements below copy in the full
# source directory and run a full composer install. This will take advantage of Docker-build caching when the composer
# dependencies do not change.
COPY --chown=www-data:www-data /composer.* /var/www/html
COPY /.docker/composer-install-dependencies.sh /composer-install-dependencies.sh
RUN /composer-install-dependencies.sh
COPY /.docker/secrets-to-env-vars.sh /etc/profile.d/secrets-to-env-vars.sh
COPY --chown=www-data:www-data / /var/www/html
RUN --mount=type=secret,id=kernel-secret,uid=1000 \
# These three secrets are deliberately mounted as env vars rather than files as required by Pimcore
--mount=type=secret,id=pimcore-product-key,env=PIMCORE_PRODUCT_KEY,uid=1000 \
--mount=type=secret,id=pimcore-instance-identifier,env=PIMCORE_INSTANCE_IDENTIFIER,uid=1000 \
--mount=type=secret,id=pimcore-encryption-secret,env=PIMCORE_ENCRYPTION_SECRET,uid=1000 \
set -eux; \
cd /var/www/html; \
runuser -u www-data -- php /usr/local/bin/composer install; \
runuser -u www-data -- /var/www/html/bin/console pimcore:build:classes; \
runuser -u www-data -- /var/www/html/bin/console cache:warmup

FROM base AS init
COPY ./.docker/init/install-bundles.sh /install-bundles.sh
COPY /.docker/init/init.sh /init.sh
CMD [ "/init.sh" ]

FROM base AS php
RUN set -eux; \
apt-get update -y; \
apt-get install -y --no-install-recommends nginx wget; \
rm -rf /var/lib/apt/lists/*;
COPY /.docker/php/php.ini /usr/local/etc/php/conf.d/docker-pimcore-php.ini
COPY /.docker/php/nginx.conf /etc/nginx/sites-available/default
COPY /.docker/php/supervisord.conf /etc/supervisor/supervisord.conf
COPY ./.docker/php/start-php.sh /start-php.sh
CMD [ "/start-php.sh" ]

FROM base AS supervisord
COPY --from=pimcore/pimcore:php8.4-supervisord-v4 /var/run /var/run
COPY --from=pimcore/pimcore:php8.4-supervisord-v4 /usr/sbin/cron /usr/sbin/cron
COPY --from=pimcore/pimcore:php8.4-supervisord-v4 /etc/supervisor/supervisord.conf /etc/supervisor/supervisord.conf
COPY /.docker/supervisord/supervisord.conf /etc/supervisor/conf.d/pimcore.conf
COPY ./.docker/supervisord/start-supervisord.sh /start-supervisord.sh
CMD [ "/start-supervisord.sh" ]

FROM base AS php-debug
COPY --from=pimcore/pimcore:php8.4-debug-v4 /usr/local/bin/entrypoint.sh /usr/local/bin/entrypoint.sh
RUN pecl install xdebug; \
docker-php-ext-enable xdebug;
ENV PHP_IDE_CONFIG=serverName=localhost
COPY /.docker/php-debug/xdebug.conf /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini
COPY /.docker/php-debug/start-php-debug.sh /start-php-debug.sh
CMD [ "/start-php-debug.sh" ]
6 changes: 6 additions & 0 deletions .docker/composer-install-dependencies.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
#!/usr/bin/env bash
echo Configuring Composer...
mkdir -p /var/www/.cache/composer && chown -R www-data:www-data /var/www/.cache/composer
mkdir -p /var/www/.config/composer && chown -R www-data:www-data /var/www/.config/composer
echo Installing Composer packages...
cd /var/www/html && runuser -u www-data -- php -d memory_limit=-1 -d xdebug.remote_enable=0 /usr/local/bin/composer install --prefer-dist --no-scripts
17 changes: 17 additions & 0 deletions .docker/init/init.local.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
#!/usr/bin/env bash

set -e

source /etc/profile.d/secrets-to-env-vars.sh

/composer-install-dependencies.sh

if [ "$(mysql -h "$DATABASE_HOST" -u "$DATABASE_USER" -p"$DATABASE_PASSWORD" \
-sse "select count(*) from information_schema.tables where table_schema='pimcore' and table_name='assets';")" -ne 0 ]
then
# Only run cache clear if the database is seeded. If it is not, trying to clear the cache will cause errors.
# init.sh will handle seeding it
runuser -u www-data -- bin/console cache:clear
fi

/init.sh
37 changes: 37 additions & 0 deletions .docker/init/init.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
#!/usr/bin/env bash

set -e

source /etc/profile.d/secrets-to-env-vars.sh

if [ "$(mysql -h "$DATABASE_HOST" -u "$DATABASE_USER" -p"$DATABASE_PASSWORD" \
-sse "select count(*) from information_schema.tables where table_schema='pimcore' and table_name='assets';")" -eq 0 ] \
&& [ "$PIMCORE_INSTALL" = "true" ]
then
echo "Database is empty and PIMCORE_INSTALL is set to true, so calling pimcore-install..."
PIMCORE_INSTALL_ENCRYPTION_SECRET=$PIMCORE_ENCRYPTION_SECRET \
PIMCORE_INSTALL_INSTANCE_IDENTIFIER=$PIMCORE_INSTANCE_IDENTIFIER \
PIMCORE_INSTALL_PRODUCT_KEY=$PIMCORE_PRODUCT_KEY \
runuser -u www-data -- vendor/bin/pimcore-install --skip-database-config --no-interaction
fi

echo Installing bundles...
/install-bundles.sh

echo Running migration...
runuser -u www-data -- /var/www/html/bin/console doctrine:migrations:migrate -n

echo Rebuilding classes...
runuser -u www-data -- /var/www/html/bin/console pimcore:deployment:classes-rebuild -c -d -n --force

echo Creating folders...
runuser -u www-data -- /var/www/html/bin/console torq:folder-creator

echo Generating roles...
runuser -u www-data -- /var/www/html/bin/console torq:generate-roles

echo Clearing Pimcore cache...
runuser -u www-data -- /var/www/html/bin/console pimcore:cache:clear

echo Generating quantity values...
runuser -u www-data -- /var/www/html/bin/console definition:import:units config/quantityvalues.json --override
29 changes: 29 additions & 0 deletions .docker/init/install-bundles.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
#!/usr/bin/env bash

BUNDLES=$(
bin/console pimcore:bundle:list --json | \
php -r '
$bundles = json_decode(stream_get_contents(STDIN), true);
$toInstall = [];
foreach($bundles as $b) {
if ($b["Enabled"] == true &&
$b["Installed"] == false &&
$b["Installable"] == true) {
$toInstall[] = $b["Bundle"];
}
}
echo implode(" ", $toInstall);
'
)

if [ -z "${BUNDLES}" ]; then
echo "No bundles to install"
else
for BUNDLE in ${BUNDLES}; do
echo "Installing bundle: ${BUNDLE}"
runuser -u www-data -- /var/www/html/bin/console pimcore:bundle:install "${BUNDLE}" --no-interaction --no-cache-clear
done

echo "Manually clearing cache..."
runuser -u www-data -- /var/www/html/bin/console cache:clear --no-interaction
fi
8 changes: 0 additions & 8 deletions .docker/messenger.yaml
View file
Open in desktop

This file was deleted.

184 changes: 184 additions & 0 deletions .docker/php-debug/nginx-debug.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,184 @@

# mime types are already covered in nginx.conf
#include mime.types;

upstream php-pimcore10 {
server php:9000;
}

upstream php-pimcore10-debug {
server php-debug:9000;
}

map $args $static_page_root {
default /var/tmp/pages;
"~*(^|&)pimcore_editmode=true(&|$)" /var/nonexistent;
"~*(^|&)pimcore_preview=true(&|$)" /var/nonexistent;
"~*(^|&)pimcore_version=[^&]+(&|$)" /var/nonexistent;
}

map $uri $static_page_uri {
default $uri;
"/" /%home;
}

server {
listen [::]:80 default_server;
listen 80 default_server;

#server_name pimcore.localhost;

root /var/www/html/public;
index index.php;

# Filesize depending on your data
client_max_body_size 100m;

# It is recommended to seclude logs per virtual host
#access_log /var/log/access.log;
#error_log /var/log/error.log error;

# Protected Assets
#
### 1. Option - Restricting access to certain assets completely
#
# location ~ ^/protected/.* {
# return 403;
# }
# location ~ ^/var/.*/protected(.*) {
# return 403;
# }
#
# location ~ ^/cache-buster\-[\d]+/protected(.*) {
# return 403;
# }
#
### 2. Option - Checking permissions before delivery
#
# rewrite ^(/protected/.*) /index.php$is_args$args last;
#
# rewrite ^(/cache-buster-(?:\d+)/protected(?:.*)) /index.php$is_args$args last;
#
# location ~ ^/var/.*/protected(.*) {
# return 403;
# }
#
# location ~ ^/cache-buster\-[\d]+/protected(.*) {
# return 403;
# }

# Pimcore Head-Link Cache-Busting
rewrite ^/cache-buster-(?:\d+)/(.*) /$1 last;

# Stay secure
#
# a) don't allow PHP in folders allowing file uploads
location ~* /var/assets/.*\.php(/|$) {
return 404;
}

# b) Prevent clients from accessing hidden files (starting with a dot)
# Access to `/.well-known/` is allowed.
# https://www.mnot.net/blog/2010/04/07/well-known
# https://tools.ietf.org/html/rfc5785
location ~* /\.(?!well-known/) {
deny all;
log_not_found off;
access_log off;
}

# c) Prevent clients from accessing to backup/config/source files
location ~* (?:\.(?:bak|conf(ig)?|dist|fla|in[ci]|log|psd|sh|sql|sw[op])|~)$ {
deny all;
}

# Some Admin Modules need this:
# Server Info, Opcache
location ~* ^/admin/external {
rewrite .* /index.php$is_args$args last;
}

# Thumbnails
location ~* .*/(image|video)-thumb__\d+__.* {
try_files /var/tmp/thumbnails$uri /index.php;
expires 2w;
access_log off;
add_header Cache-Control "public";
}

# Assets
# Still use a whitelist approach to prevent each and every missing asset to go through the PHP Engine.
location ~* ^(?!/admin|/asset/webdav|/studio/api)(.+?)\.((?:css|js)(?:\.map)?|jpe?g|gif|png|svgz?|eps|exe|gz|json|zip|mp\d|m4a|ogg|ogv|webp|webm|pdf|csv|docx?|xlsx?|pptx?)$ {
try_files /var/assets$uri $uri =404;
expires 2w;
access_log off;
log_not_found off;
add_header Cache-Control "public";
}

location / {
error_page 404 /meta/404;
try_files $static_page_root$static_page_uri.html $uri /index.php$is_args$args;
}

# Use this location when the installer has to be run
# location ~ /(index|install)\.php(/|$) {
#
# Use this after initial install is done:
location ~ ^/index\.php(/|$) {
send_timeout 1800;
fastcgi_read_timeout 1800;
# regex to split $uri to $fastcgi_script_name and $fastcgi_path_info
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# Check that the PHP script exists before passing it
#try_files $fastcgi_script_name =404;
# include fastcgi.conf if needed
include fastcgi_params;
# Bypass the fact that try_files resets $fastcgi_path_info
# see: http://trac.nginx.org/nginx/ticket/321
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;

# Activate these, if using Symlinks and opcache
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;

# Mitigate https://httpoxy.org/ vulnerabilities
fastcgi_param HTTP_PROXY "";

# If Xdebug session is requested, pass it to the Xdebug enabled container
if ($http_cookie ~* "XDEBUG_SESSION") {
fastcgi_pass php-pimcore10-debug;
}

fastcgi_pass php-pimcore10;
# Prevents URIs that include the front controller. This will 404:
# http://domain.tld/index.php/some-path
# Remove the internal directive to allow URIs like this
internal;
}

# PHP-FPM Status and Ping
location /fpm- {
access_log off;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
location /fpm-status {
allow 127.0.0.1;
# add additional IP's or Ranges
deny all;
fastcgi_pass php-pimcore10;
}
location /fpm-ping {
fastcgi_pass php-pimcore10;
}
}
# nginx Status
# see: https://nginx.org/en/docs/http/ngx_http_stub_status_module.html
location /nginx-status {
allow 127.0.0.1;
deny all;
access_log off;
stub_status;
}
}
3 changes: 3 additions & 0 deletions .docker/php-debug/start-php-debug.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
#!/bin/bash
source /etc/profile.d/secrets-to-env-vars.sh
exec "/usr/local/bin/entrypoint.sh" php-fpm
13 changes: 13 additions & 0 deletions .docker/php-debug/xdebug.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
zend_extension=xdebug

[xdebug]
xdebug.mode=debug,develop,profile
xdebug.output_dir = /var/www/html/var/log/xdebug.log
xdebug.client_host=host.docker.internal
xdebug.client_port=9003
xdebug.cli_color=1
xdebug.start_with_request=trigger
xdebug.log_level=3
xdebug.log=/var/www/html/var/log/xdebug.log
xdebug.discover_client_host=1
xdebug.max_nesting_level=256
Loading