Compare commits
5 Commits
Author | SHA1 | Date | |
---|---|---|---|
9abc04fd25 | |||
87fe4ad16a | |||
a823ac7d0e | |||
22231f791f | |||
6e3f0e7a61 |
2
.dockerignore
Normal file
2
.dockerignore
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
/vendor
|
||||||
|
/var
|
3
Dockerfile.standalone
Normal file
3
Dockerfile.standalone
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
ARG ADDITIONAL_PACKAGES="bash php81-cli php81-pdo_pgsql php81-pdo_mysql php81-mysqli php81-pgsql"
|
||||||
|
|
||||||
|
FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.1-standalone
|
21
Jenkinsfile
vendored
21
Jenkinsfile
vendored
@ -4,4 +4,23 @@
|
|||||||
// Utilisation du pipeline partagé pour les applications Symfony de Cadoles
|
// Utilisation du pipeline partagé pour les applications Symfony de Cadoles
|
||||||
// Le nom de l'image Docker passée en paramètre vous permet de préciser l'environnement de test
|
// Le nom de l'image Docker passée en paramètre vous permet de préciser l'environnement de test
|
||||||
// de votre application Symfony
|
// de votre application Symfony
|
||||||
symfonyAppPipeline("ubuntu:22.04")
|
symfonyAppPipeline('ubuntu:22.04', [
|
||||||
|
'hooks': [
|
||||||
|
// Run docker image build, verification and publication stages
|
||||||
|
'postSymfonyAppPipeline': {
|
||||||
|
stage('Build and publish hydra-dispatcher image') {
|
||||||
|
// Retrieve current tag
|
||||||
|
String currentTag = sh(script: 'git tag --points-at HEAD | head -n 1', returnStdout: true).trim()
|
||||||
|
// Retrieve default tag
|
||||||
|
String defaultTag = sh(returnStdout: true, script: 'git describe --always').trim()
|
||||||
|
container.buildAndPublishImage([
|
||||||
|
'imageName': 'reg.cadoles.com/cadoles/hydra-sql',
|
||||||
|
// Use current tag or default tag if not defined
|
||||||
|
'imageTag': defaultTag,
|
||||||
|
'dockerfile': './misc/images/hydra-sql-standalone/Dockerfile',
|
||||||
|
'dryRun': false
|
||||||
|
])
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
])
|
50
Makefile
50
Makefile
@ -1,46 +1,10 @@
|
|||||||
CI_COMPOSE=FIXUID=$(shell id -u) FIXGID=$(shell id -g) docker-compose -f docker-compose.yml
|
################################
|
||||||
HYDRA_SQL_SHELL_USER ?= www-data:
|
# Makefile for Cadoles SP
|
||||||
DOCKER_CMD ?=
|
################################
|
||||||
DOCKER_IMAGE_NAME ?= login-app-sql_hydra-sql
|
|
||||||
up:
|
|
||||||
FIXUID=$(shell id -u) FIXGID=$(shell id -g) docker-compose up --build
|
|
||||||
|
|
||||||
down:
|
IMAGE_REPO ?= reg.cadoles.com/cadoles
|
||||||
docker-compose down -v
|
IMAGE_VERSION ?= 0.0.1
|
||||||
|
|
||||||
purge:
|
DAY_SUFFIX_TAG ?= $(shell date +%Y%m%d)
|
||||||
docker-compose down -v --remove-orphans --rmi local
|
|
||||||
|
|
||||||
hydra-sql-shell:
|
include main.mk
|
||||||
$(CI_COMPOSE) exec \
|
|
||||||
-u "$(HYDRA_SQL_SHELL_USER)" \
|
|
||||||
hydra-sql \
|
|
||||||
/bin/bash
|
|
||||||
|
|
||||||
|
|
||||||
APP_LOCALES ?= fr,en
|
|
||||||
HYDRA_ADMIN_BASE_URL ?= http://hydra:4445
|
|
||||||
TRUSTED_PROXIES ?= 127.0.0.1,REMOTE_ADDR,localhost
|
|
||||||
ISSUER_URL ?= http://localhost:8000
|
|
||||||
BASE_URL ?= http://localhost:8080
|
|
||||||
DB_USER ?= lasql
|
|
||||||
DB_PASSWORD ?= lasql
|
|
||||||
DEFAULT_LOCALE ?= fr
|
|
||||||
BDD ?= postgres
|
|
||||||
DSN_REMOTE_DATABASE=mysql:host=mariadb;port=3306;dbname=lasql
|
|
||||||
|
|
||||||
up-mysql:
|
|
||||||
docker run \
|
|
||||||
-it --rm \
|
|
||||||
-p 8080:80 \
|
|
||||||
-e APP_LOCALES=$(APP_LOCALES) \
|
|
||||||
-e HYDRA_ADMIN_BASE_URL=$(HYDRA_ADMIN_BASE_URL) \
|
|
||||||
-e TRUSTED_PROXIES=$(TRUSTED_PROXIES) \
|
|
||||||
-e ISSUER_URL=$(ISSUER_URL) \
|
|
||||||
-e BASE_URL=$(BASE_URL) \
|
|
||||||
-e DB_USER=$(DB_USER) \
|
|
||||||
-e DB_PASSWORD=$(DB_PASSWORD) \
|
|
||||||
-e DEFAULT_LOCALE=$(DEFAULT_LOCALE) \
|
|
||||||
-e DSN_REMOTE_DATABASE=$(DSN_REMOTE_DATABASE) \
|
|
||||||
$(DOCKER_IMAGE_NAME):latest \
|
|
||||||
$(DOCKER_CMD)
|
|
||||||
|
@ -8,8 +8,8 @@ framework:
|
|||||||
# Other options include:
|
# Other options include:
|
||||||
|
|
||||||
# Redis
|
# Redis
|
||||||
app: cache.adapter.redis
|
# app: cache.adapter.redis
|
||||||
default_redis_provider: '%env(REDIS_URL)%'
|
# default_redis_provider: '%env(REDIS_URL)%'
|
||||||
|
|
||||||
# APCu (not recommended with heavy random-write workloads as memory fragmentation can cause perf issues)
|
# APCu (not recommended with heavy random-write workloads as memory fragmentation can cause perf issues)
|
||||||
#app: cache.adapter.apcu
|
#app: cache.adapter.apcu
|
||||||
|
@ -12,7 +12,7 @@ framework:
|
|||||||
# Enables session support. Note that the session will ONLY be started if you read or write from it.
|
# Enables session support. Note that the session will ONLY be started if you read or write from it.
|
||||||
# Remove or comment this section to explicitly disable session support.
|
# Remove or comment this section to explicitly disable session support.
|
||||||
session:
|
session:
|
||||||
handler_id: '%env(REDIS_URL)%'
|
handler_id: null
|
||||||
cookie_secure: auto
|
cookie_secure: auto
|
||||||
cookie_samesite: lax
|
cookie_samesite: lax
|
||||||
storage_factory_id: session.storage.factory.native
|
storage_factory_id: session.storage.factory.native
|
||||||
|
@ -1,38 +0,0 @@
|
|||||||
<VirtualHost *:80>
|
|
||||||
# Uncomment the following line to force Apache to pass the Authorization
|
|
||||||
# header to PHP: required for "basic_auth" under PHP-FPM and FastCGI
|
|
||||||
#
|
|
||||||
# SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
|
|
||||||
|
|
||||||
# For Apache 2.4.9 or higher
|
|
||||||
# Using SetHandler avoids issues with using ProxyPassMatch in combination
|
|
||||||
# with mod_rewrite or mod_autoindex
|
|
||||||
<FilesMatch \.php$>
|
|
||||||
SetHandler "proxy:unix:/run/php/php8.1-fpm.sock|fcgi://127.0.0.1:9000"
|
|
||||||
# for Unix sockets, Apache 2.4.10 or higher
|
|
||||||
# SetHandler proxy:unix:/path/to/fpm.sock|fcgi://dummy
|
|
||||||
</FilesMatch>
|
|
||||||
|
|
||||||
# If you use Apache version below 2.4.9 you must consider update or use this instead
|
|
||||||
# ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/var/www/project/public/$1
|
|
||||||
|
|
||||||
# If you run your Symfony application on a subpath of your document root, the
|
|
||||||
# regular expression must be changed accordingly:
|
|
||||||
# ProxyPassMatch ^/path-to-app/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/var/www/project/public/$1
|
|
||||||
|
|
||||||
DocumentRoot /var/www/public
|
|
||||||
<Directory /var/www/public>
|
|
||||||
# enable the .htaccess rewrites
|
|
||||||
AllowOverride All
|
|
||||||
Require all granted
|
|
||||||
</Directory>
|
|
||||||
|
|
||||||
# uncomment the following lines if you install assets as symlinks
|
|
||||||
# or run into problems when compiling LESS/Sass/CoffeeScript assets
|
|
||||||
# <Directory /var/www/project>
|
|
||||||
# Options FollowSymlinks
|
|
||||||
# </Directory>
|
|
||||||
|
|
||||||
ErrorLog /var/log/apache2/project_error.log
|
|
||||||
CustomLog /var/log/apache2/project_access.log combined
|
|
||||||
</VirtualHost>
|
|
@ -1,119 +0,0 @@
|
|||||||
FROM ubuntu:22.04
|
|
||||||
|
|
||||||
ARG HTTP_PROXY=
|
|
||||||
ARG HTTPS_PROXY=
|
|
||||||
ARG http_proxy=
|
|
||||||
ARG https_proxy=
|
|
||||||
|
|
||||||
ENV WAITFORIT_VERSION="v2.4.1"
|
|
||||||
|
|
||||||
ARG PHP_VERSION="8.1"
|
|
||||||
ENV PHP_VERSION $PHP_VERSION
|
|
||||||
|
|
||||||
RUN export DEBIAN_FRONTEND=noninteractive && \
|
|
||||||
apt-get update -y && \
|
|
||||||
apt-get install -y software-properties-common && \
|
|
||||||
add-apt-repository ppa:ondrej/php && \
|
|
||||||
apt-get update -y && \
|
|
||||||
apt-get install -y --no-install-recommends \
|
|
||||||
git bash wget ca-certificates supervisor cron rsyslog mysql-client jq \
|
|
||||||
mutt tree vim python3-setuptools python3-pip make \
|
|
||||||
php${PHP_VERSION}-cli php${PHP_VERSION}-ldap php${PHP_VERSION}-soap \
|
|
||||||
php${PHP_VERSION}-intl php${PHP_VERSION}-curl php${PHP_VERSION}-gd \
|
|
||||||
php${PHP_VERSION}-xml php${PHP_VERSION}-bcmath \
|
|
||||||
php${PHP_VERSION}-zip php${PHP_VERSION}-fpm \
|
|
||||||
php${PHP_VERSION}-mbstring \
|
|
||||||
php${PHP_VERSION}-pgsql \
|
|
||||||
php${PHP_VERSION}-mysql \
|
|
||||||
php${PHP_VERSION}-pdo-pgsql \
|
|
||||||
php${PHP_VERSION}-pdo-mysql \
|
|
||||||
php${PHP_VERSION}-ssh2 libxml2-utils \
|
|
||||||
locales \
|
|
||||||
apache2 \
|
|
||||||
libapache2-mod-fcgid \
|
|
||||||
ssh-client \
|
|
||||||
acl moreutils \
|
|
||||||
sudo
|
|
||||||
|
|
||||||
# Set fr_FR locale
|
|
||||||
RUN sed -i -e 's/# fr_FR.UTF-8 UTF-8/fr_FR.UTF-8 UTF-8/' /etc/locale.gen && \
|
|
||||||
dpkg-reconfigure --frontend=noninteractive locales && \
|
|
||||||
update-locale LANG=fr_FR.UTF-8
|
|
||||||
ENV LC_ALL fr_FR.UTF-8
|
|
||||||
ENV LANG fr_FR.UTF-8
|
|
||||||
ENV LANGUAGE fr_FR.UTF-8
|
|
||||||
|
|
||||||
# Install NodeJS
|
|
||||||
RUN wget -O- https://deb.nodesource.com/setup_18.x | bash - \
|
|
||||||
&& apt-get install -y nodejs \
|
|
||||||
&& npm install nodemon -g
|
|
||||||
|
|
||||||
# Waitforit - Wait for all service is running before launch tests
|
|
||||||
RUN wget -q -O /usr/local/bin/waitforit https://github.com/maxcnunes/waitforit/releases/download/$WAITFORIT_VERSION/waitforit-linux_amd64 \
|
|
||||||
&& chmod +x /usr/local/bin/waitforit
|
|
||||||
|
|
||||||
# Install superfsmon to restart supervisor programs on file changes
|
|
||||||
RUN pip3 install wheel superfsmon
|
|
||||||
|
|
||||||
VOLUME /var/www
|
|
||||||
VOLUME /var/www/var/logs
|
|
||||||
VOLUME /var/www/var/cache
|
|
||||||
|
|
||||||
# Install composer
|
|
||||||
COPY install-composer.sh /var/www/install-composer.sh
|
|
||||||
RUN chmod +x /var/www/install-composer.sh &&\
|
|
||||||
/var/www/install-composer.sh &&\
|
|
||||||
rm -f /var/www/install-composer.sh
|
|
||||||
|
|
||||||
# On active les mods d'apache nécessaires
|
|
||||||
RUN a2enmod rewrite
|
|
||||||
RUN a2enmod proxy_fcgi setenvif
|
|
||||||
RUN a2enconf php8.1-fpm
|
|
||||||
RUN a2enmod proxy
|
|
||||||
RUN a2enmod expires
|
|
||||||
RUN a2enmod headers
|
|
||||||
|
|
||||||
# On injecte les bonnes configs apache et php-fpm
|
|
||||||
COPY 000-default.conf /etc/apache2/sites-available/000-default.conf
|
|
||||||
COPY www.conf /etc/php/8.1/fpm/pool.d/www.conf
|
|
||||||
|
|
||||||
EXPOSE 5000
|
|
||||||
EXPOSE 80
|
|
||||||
|
|
||||||
WORKDIR /var/www
|
|
||||||
|
|
||||||
# On démarre php-fpm une fois pour créer les sockets
|
|
||||||
RUN service php8.1-fpm start
|
|
||||||
RUN service php8.1-fpm stop
|
|
||||||
|
|
||||||
|
|
||||||
COPY docker-entrypoint.sh /docker-entrypoint.sh
|
|
||||||
RUN chmod +x /docker-entrypoint.sh
|
|
||||||
|
|
||||||
COPY first-run.sh /root/first-run.sh
|
|
||||||
RUN chmod +x /root/first-run.sh
|
|
||||||
|
|
||||||
# Disable rsyslog privileges drop to allow stdout logging
|
|
||||||
RUN sed -i 's/^\$\(PrivDropTo.*\)$/#\1/' /etc/rsyslog.conf
|
|
||||||
RUN sed -i '/imklog/s/^/#/' /etc/rsyslog.conf
|
|
||||||
|
|
||||||
COPY rsyslog.conf /etc/rsyslog.d/var/www.conf
|
|
||||||
COPY supervisor.ini /etc/supervisor/supervisor.ini
|
|
||||||
COPY php.ini /etc/php/8.1/fpm/php.ini
|
|
||||||
|
|
||||||
VOLUME /container-lifecycle
|
|
||||||
|
|
||||||
RUN wget -O- https://github.com/boxboat/fixuid/releases/download/v0.5.1/fixuid-0.5.1-linux-amd64.tar.gz | tar -C /usr/local/bin -xzf - \
|
|
||||||
&& chown root:root /usr/local/bin/fixuid \
|
|
||||||
&& chmod 4755 /usr/local/bin/fixuid \
|
|
||||||
&& mkdir -p /etc/fixuid
|
|
||||||
|
|
||||||
COPY fixuid.yml /etc/fixuid/config.yml
|
|
||||||
|
|
||||||
ENTRYPOINT ["/usr/local/bin/fixuid"]
|
|
||||||
|
|
||||||
RUN echo "www-data ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/www-data
|
|
||||||
|
|
||||||
USER www-data
|
|
||||||
|
|
||||||
CMD ["/docker-entrypoint.sh"]
|
|
@ -1,34 +0,0 @@
|
|||||||
#!/bin/bash
|
|
||||||
|
|
||||||
set -eo pipefail
|
|
||||||
|
|
||||||
export COMPOSER_HOME=/tmp/composer
|
|
||||||
|
|
||||||
COMPOSER_AUTH="${COMPOSER_HOME}/auth.json"
|
|
||||||
|
|
||||||
function fix_composer_auth {
|
|
||||||
if [ ! -f "${COMPOSER_AUTH}" ]; then
|
|
||||||
return
|
|
||||||
fi
|
|
||||||
|
|
||||||
GITHUB_TOKEN=$(cat "${COMPOSER_AUTH}" | jq -r '.["github-oauth"]["github.com"]')
|
|
||||||
|
|
||||||
if [ ! -z "${GITHUB_TOKEN}" ]; then
|
|
||||||
|
|
||||||
GITHUB_USERNAME=$(cat "${COMPOSER_AUTH}" | jq -r '.["http-basic"]["github.com"].username')
|
|
||||||
if [ -z "${GITHUB_USERNAME}" ]; then
|
|
||||||
echo -n "Identifiant Github ? "
|
|
||||||
read GITHUB_USERNAME
|
|
||||||
fi
|
|
||||||
|
|
||||||
cat "${COMPOSER_AUTH}" | jq ".[\"http-basic\"][\"github.com\"] = {\"username\": \"${GITHUB_USERNAME}\", \"password\":\"${GITHUB_TOKEN}\"}" | sponge "${COMPOSER_AUTH}"
|
|
||||||
cat "${COMPOSER_AUTH}" | jq "del(.[\"github-oauth\"])" | sponge "${COMPOSER_AUTH}"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
function main {
|
|
||||||
fix_composer_auth
|
|
||||||
php composer.phar ${@:1}
|
|
||||||
}
|
|
||||||
|
|
||||||
main $@
|
|
@ -1,18 +0,0 @@
|
|||||||
#!/bin/bash
|
|
||||||
|
|
||||||
set -eo pipefail
|
|
||||||
|
|
||||||
if [ ! -e /container-lifecycle/first_run ]; then
|
|
||||||
echo "First hydra-sql run detected. Initializing environment..."
|
|
||||||
sudo -E /root/first-run.sh
|
|
||||||
sudo touch /container-lifecycle/first_run
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Récupération des clés SSH de l'hôte pour Composer
|
|
||||||
if [ -d '/root/.host-ssh' ] && [ $(id -u) -eq 0 ]; then
|
|
||||||
sudo rm -rf /root/.ssh
|
|
||||||
sudo cp -r /root/.host-ssh /root/.ssh
|
|
||||||
sudo chown -R root: /root/.ssh
|
|
||||||
fi
|
|
||||||
|
|
||||||
sudo -E /usr/bin/supervisord -c /etc/supervisor/supervisor.ini
|
|
@ -1,17 +0,0 @@
|
|||||||
#!/bin/bash
|
|
||||||
|
|
||||||
set -xeo pipefail
|
|
||||||
|
|
||||||
[ ! -d /var/www/.config ] && sudo mkdir -p /var/www/.config
|
|
||||||
[ -d /var/www/.config ] && sudo chown -R www-data: /var/www/.config
|
|
||||||
|
|
||||||
[ ! -d /var/www/.cache ] && sudo mkdir -p /var/www/.cache
|
|
||||||
[ -d /var/www/.cache ] && sudo chown -R www-data: /var/www/.cache
|
|
||||||
|
|
||||||
sudo chown -R www-data: /var/www
|
|
||||||
|
|
||||||
cp /bin/composer.phar /var/www/composer.phar
|
|
||||||
cd /var/www
|
|
||||||
php composer.phar install
|
|
||||||
npm install
|
|
||||||
npm run build
|
|
@ -1,6 +0,0 @@
|
|||||||
user: www-data
|
|
||||||
group: www-data
|
|
||||||
paths:
|
|
||||||
- /var/www/node_modules
|
|
||||||
- /var/www/vendor
|
|
||||||
- /var/www
|
|
@ -1,19 +0,0 @@
|
|||||||
#!/bin/bash
|
|
||||||
|
|
||||||
set -eo pipefail
|
|
||||||
|
|
||||||
EXPECTED_SIGNATURE="$(wget -q -O- https://composer.github.io/installer.sig)"
|
|
||||||
wget -q -O composer-setup.php https://getcomposer.org/installer
|
|
||||||
ACTUAL_SIGNATURE="$(php -r "echo hash_file('SHA384', 'composer-setup.php');")"
|
|
||||||
|
|
||||||
if [ "$EXPECTED_SIGNATURE" != "$ACTUAL_SIGNATURE" ]
|
|
||||||
then
|
|
||||||
>&2 echo 'ERROR: Invalid installer signature'
|
|
||||||
rm composer-setup.php
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
php composer-setup.php --install-dir=bin
|
|
||||||
RESULT=$?
|
|
||||||
rm composer-setup.php
|
|
||||||
exit $RESULT
|
|
@ -1,1938 +0,0 @@
|
|||||||
[PHP]
|
|
||||||
|
|
||||||
;;;;;;;;;;;;;;;;;;;
|
|
||||||
; About php.ini ;
|
|
||||||
;;;;;;;;;;;;;;;;;;;
|
|
||||||
; PHP's initialization file, generally called php.ini, is responsible for
|
|
||||||
; configuring many of the aspects of PHP's behavior.
|
|
||||||
|
|
||||||
; PHP attempts to find and load this configuration from a number of locations.
|
|
||||||
; The following is a summary of its search order:
|
|
||||||
; 1. SAPI module specific location.
|
|
||||||
; 2. The PHPRC environment variable. (As of PHP 5.2.0)
|
|
||||||
; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0)
|
|
||||||
; 4. Current working directory (except CLI)
|
|
||||||
; 5. The web server's directory (for SAPI modules), or directory of PHP
|
|
||||||
; (otherwise in Windows)
|
|
||||||
; 6. The directory from the --with-config-file-path compile time option, or the
|
|
||||||
; Windows directory (usually C:\windows)
|
|
||||||
; See the PHP docs for more specific information.
|
|
||||||
; http://php.net/configuration.file
|
|
||||||
|
|
||||||
; The syntax of the file is extremely simple. Whitespace and lines
|
|
||||||
; beginning with a semicolon are silently ignored (as you probably guessed).
|
|
||||||
; Section headers (e.g. [Foo]) are also silently ignored, even though
|
|
||||||
; they might mean something in the future.
|
|
||||||
|
|
||||||
; Directives following the section heading [PATH=/www/mysite] only
|
|
||||||
; apply to PHP files in the /www/mysite directory. Directives
|
|
||||||
; following the section heading [HOST=www.example.com] only apply to
|
|
||||||
; PHP files served from www.example.com. Directives set in these
|
|
||||||
; special sections cannot be overridden by user-defined INI files or
|
|
||||||
; at runtime. Currently, [PATH=] and [HOST=] sections only work under
|
|
||||||
; CGI/FastCGI.
|
|
||||||
; http://php.net/ini.sections
|
|
||||||
|
|
||||||
; Directives are specified using the following syntax:
|
|
||||||
; directive = value
|
|
||||||
; Directive names are *case sensitive* - foo=bar is different from FOO=bar.
|
|
||||||
; Directives are variables used to configure PHP or PHP extensions.
|
|
||||||
; There is no name validation. If PHP can't find an expected
|
|
||||||
; directive because it is not set or is mistyped, a default value will be used.
|
|
||||||
|
|
||||||
; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one
|
|
||||||
; of the INI constants (On, Off, True, False, Yes, No and None) or an expression
|
|
||||||
; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a
|
|
||||||
; previously set variable or directive (e.g. ${foo})
|
|
||||||
|
|
||||||
; Expressions in the INI file are limited to bitwise operators and parentheses:
|
|
||||||
; | bitwise OR
|
|
||||||
; ^ bitwise XOR
|
|
||||||
; & bitwise AND
|
|
||||||
; ~ bitwise NOT
|
|
||||||
; ! boolean NOT
|
|
||||||
|
|
||||||
; Boolean flags can be turned on using the values 1, On, True or Yes.
|
|
||||||
; They can be turned off using the values 0, Off, False or No.
|
|
||||||
|
|
||||||
; An empty string can be denoted by simply not writing anything after the equal
|
|
||||||
; sign, or by using the None keyword:
|
|
||||||
|
|
||||||
; foo = ; sets foo to an empty string
|
|
||||||
; foo = None ; sets foo to an empty string
|
|
||||||
; foo = "None" ; sets foo to the string 'None'
|
|
||||||
|
|
||||||
; If you use constants in your value, and these constants belong to a
|
|
||||||
; dynamically loaded extension (either a PHP extension or a Zend extension),
|
|
||||||
; you may only use these constants *after* the line that loads the extension.
|
|
||||||
|
|
||||||
;;;;;;;;;;;;;;;;;;;
|
|
||||||
; About this file ;
|
|
||||||
;;;;;;;;;;;;;;;;;;;
|
|
||||||
; PHP comes packaged with two INI files. One that is recommended to be used
|
|
||||||
; in production environments and one that is recommended to be used in
|
|
||||||
; development environments.
|
|
||||||
|
|
||||||
; php.ini-production contains settings which hold security, performance and
|
|
||||||
; best practices at its core. But please be aware, these settings may break
|
|
||||||
; compatibility with older or less security conscience applications. We
|
|
||||||
; recommending using the production ini in production and testing environments.
|
|
||||||
|
|
||||||
; php.ini-development is very similar to its production variant, except it is
|
|
||||||
; much more verbose when it comes to errors. We recommend using the
|
|
||||||
; development version only in development environments, as errors shown to
|
|
||||||
; application users can inadvertently leak otherwise secure information.
|
|
||||||
|
|
||||||
; This is the php.ini-production INI file.
|
|
||||||
|
|
||||||
;;;;;;;;;;;;;;;;;;;
|
|
||||||
; Quick Reference ;
|
|
||||||
;;;;;;;;;;;;;;;;;;;
|
|
||||||
; The following are all the settings which are different in either the production
|
|
||||||
; or development versions of the INIs with respect to PHP's default behavior.
|
|
||||||
; Please see the actual settings later in the document for more details as to why
|
|
||||||
; we recommend these changes in PHP's behavior.
|
|
||||||
|
|
||||||
; display_errors
|
|
||||||
; Default Value: On
|
|
||||||
; Development Value: On
|
|
||||||
; Production Value: Off
|
|
||||||
|
|
||||||
; display_startup_errors
|
|
||||||
; Default Value: Off
|
|
||||||
; Development Value: On
|
|
||||||
; Production Value: Off
|
|
||||||
|
|
||||||
; error_reporting
|
|
||||||
; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED
|
|
||||||
; Development Value: E_ALL
|
|
||||||
; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT
|
|
||||||
|
|
||||||
; html_errors
|
|
||||||
; Default Value: On
|
|
||||||
; Development Value: On
|
|
||||||
; Production value: On
|
|
||||||
|
|
||||||
; log_errors
|
|
||||||
; Default Value: Off
|
|
||||||
; Development Value: On
|
|
||||||
; Production Value: On
|
|
||||||
|
|
||||||
; max_input_time
|
|
||||||
; Default Value: -1 (Unlimited)
|
|
||||||
; Development Value: 60 (60 seconds)
|
|
||||||
; Production Value: 60 (60 seconds)
|
|
||||||
|
|
||||||
; output_buffering
|
|
||||||
; Default Value: Off
|
|
||||||
; Development Value: 4096
|
|
||||||
; Production Value: 4096
|
|
||||||
|
|
||||||
; register_argc_argv
|
|
||||||
; Default Value: On
|
|
||||||
; Development Value: Off
|
|
||||||
; Production Value: Off
|
|
||||||
|
|
||||||
; request_order
|
|
||||||
; Default Value: None
|
|
||||||
; Development Value: "GP"
|
|
||||||
; Production Value: "GP"
|
|
||||||
|
|
||||||
; session.gc_divisor
|
|
||||||
; Default Value: 100
|
|
||||||
; Development Value: 1000
|
|
||||||
; Production Value: 1000
|
|
||||||
|
|
||||||
; session.sid_bits_per_character
|
|
||||||
; Default Value: 4
|
|
||||||
; Development Value: 5
|
|
||||||
; Production Value: 5
|
|
||||||
|
|
||||||
; short_open_tag
|
|
||||||
; Default Value: On
|
|
||||||
; Development Value: Off
|
|
||||||
; Production Value: Off
|
|
||||||
|
|
||||||
; variables_order
|
|
||||||
; Default Value: "EGPCS"
|
|
||||||
; Development Value: "GPCS"
|
|
||||||
; Production Value: "GPCS"
|
|
||||||
|
|
||||||
;;;;;;;;;;;;;;;;;;;;
|
|
||||||
; php.ini Options ;
|
|
||||||
;;;;;;;;;;;;;;;;;;;;
|
|
||||||
; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini"
|
|
||||||
;user_ini.filename = ".user.ini"
|
|
||||||
|
|
||||||
; To disable this feature set this option to an empty value
|
|
||||||
;user_ini.filename =
|
|
||||||
|
|
||||||
; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes)
|
|
||||||
;user_ini.cache_ttl = 300
|
|
||||||
|
|
||||||
;;;;;;;;;;;;;;;;;;;;
|
|
||||||
; Language Options ;
|
|
||||||
;;;;;;;;;;;;;;;;;;;;
|
|
||||||
|
|
||||||
; Enable the PHP scripting language engine under Apache.
|
|
||||||
; http://php.net/engine
|
|
||||||
engine = On
|
|
||||||
|
|
||||||
; This directive determines whether or not PHP will recognize code between
|
|
||||||
; <? and ?> tags as PHP source which should be processed as such. It is
|
|
||||||
; generally recommended that <?php and ?> should be used and that this feature
|
|
||||||
; should be disabled, as enabling it may result in issues when generating XML
|
|
||||||
; documents, however this remains supported for backward compatibility reasons.
|
|
||||||
; Note that this directive does not control the <?= shorthand tag, which can be
|
|
||||||
; used regardless of this directive.
|
|
||||||
; Default Value: On
|
|
||||||
; Development Value: Off
|
|
||||||
; Production Value: Off
|
|
||||||
; http://php.net/short-open-tag
|
|
||||||
short_open_tag = Off
|
|
||||||
|
|
||||||
; The number of significant digits displayed in floating point numbers.
|
|
||||||
; http://php.net/precision
|
|
||||||
precision = 14
|
|
||||||
|
|
||||||
; Output buffering is a mechanism for controlling how much output data
|
|
||||||
; (excluding headers and cookies) PHP should keep internally before pushing that
|
|
||||||
; data to the client. If your application's output exceeds this setting, PHP
|
|
||||||
; will send that data in chunks of roughly the size you specify.
|
|
||||||
; Turning on this setting and managing its maximum buffer size can yield some
|
|
||||||
; interesting side-effects depending on your application and web server.
|
|
||||||
; You may be able to send headers and cookies after you've already sent output
|
|
||||||
; through print or echo. You also may see performance benefits if your server is
|
|
||||||
; emitting less packets due to buffered output versus PHP streaming the output
|
|
||||||
; as it gets it. On production servers, 4096 bytes is a good setting for performance
|
|
||||||
; reasons.
|
|
||||||
; Note: Output buffering can also be controlled via Output Buffering Control
|
|
||||||
; functions.
|
|
||||||
; Possible Values:
|
|
||||||
; On = Enabled and buffer is unlimited. (Use with caution)
|
|
||||||
; Off = Disabled
|
|
||||||
; Integer = Enables the buffer and sets its maximum size in bytes.
|
|
||||||
; Note: This directive is hardcoded to Off for the CLI SAPI
|
|
||||||
; Default Value: Off
|
|
||||||
; Development Value: 4096
|
|
||||||
; Production Value: 4096
|
|
||||||
; http://php.net/output-buffering
|
|
||||||
output_buffering = 4096
|
|
||||||
|
|
||||||
; You can redirect all of the output of your scripts to a function. For
|
|
||||||
; example, if you set output_handler to "mb_output_handler", character
|
|
||||||
; encoding will be transparently converted to the specified encoding.
|
|
||||||
; Setting any output handler automatically turns on output buffering.
|
|
||||||
; Note: People who wrote portable scripts should not depend on this ini
|
|
||||||
; directive. Instead, explicitly set the output handler using ob_start().
|
|
||||||
; Using this ini directive may cause problems unless you know what script
|
|
||||||
; is doing.
|
|
||||||
; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler"
|
|
||||||
; and you cannot use both "ob_gzhandler" and "zlib.output_compression".
|
|
||||||
; Note: output_handler must be empty if this is set 'On' !!!!
|
|
||||||
; Instead you must use zlib.output_handler.
|
|
||||||
; http://php.net/output-handler
|
|
||||||
;output_handler =
|
|
||||||
|
|
||||||
; URL rewriter function rewrites URL on the fly by using
|
|
||||||
; output buffer. You can set target tags by this configuration.
|
|
||||||
; "form" tag is special tag. It will add hidden input tag to pass values.
|
|
||||||
; Refer to session.trans_sid_tags for usage.
|
|
||||||
; Default Value: "form="
|
|
||||||
; Development Value: "form="
|
|
||||||
; Production Value: "form="
|
|
||||||
;url_rewriter.tags
|
|
||||||
|
|
||||||
; URL rewriter will not rewrite absolute URL nor form by default. To enable
|
|
||||||
; absolute URL rewrite, allowed hosts must be defined at RUNTIME.
|
|
||||||
; Refer to session.trans_sid_hosts for more details.
|
|
||||||
; Default Value: ""
|
|
||||||
; Development Value: ""
|
|
||||||
; Production Value: ""
|
|
||||||
;url_rewriter.hosts
|
|
||||||
|
|
||||||
; Transparent output compression using the zlib library
|
|
||||||
; Valid values for this option are 'off', 'on', or a specific buffer size
|
|
||||||
; to be used for compression (default is 4KB)
|
|
||||||
; Note: Resulting chunk size may vary due to nature of compression. PHP
|
|
||||||
; outputs chunks that are few hundreds bytes each as a result of
|
|
||||||
; compression. If you prefer a larger chunk size for better
|
|
||||||
; performance, enable output_buffering in addition.
|
|
||||||
; Note: You need to use zlib.output_handler instead of the standard
|
|
||||||
; output_handler, or otherwise the output will be corrupted.
|
|
||||||
; http://php.net/zlib.output-compression
|
|
||||||
zlib.output_compression = Off
|
|
||||||
|
|
||||||
; http://php.net/zlib.output-compression-level
|
|
||||||
;zlib.output_compression_level = -1
|
|
||||||
|
|
||||||
; You cannot specify additional output handlers if zlib.output_compression
|
|
||||||
; is activated here. This setting does the same as output_handler but in
|
|
||||||
; a different order.
|
|
||||||
; http://php.net/zlib.output-handler
|
|
||||||
;zlib.output_handler =
|
|
||||||
|
|
||||||
; Implicit flush tells PHP to tell the output layer to flush itself
|
|
||||||
; automatically after every output block. This is equivalent to calling the
|
|
||||||
; PHP function flush() after each and every call to print() or echo() and each
|
|
||||||
; and every HTML block. Turning this option on has serious performance
|
|
||||||
; implications and is generally recommended for debugging purposes only.
|
|
||||||
; http://php.net/implicit-flush
|
|
||||||
; Note: This directive is hardcoded to On for the CLI SAPI
|
|
||||||
implicit_flush = Off
|
|
||||||
|
|
||||||
; The unserialize callback function will be called (with the undefined class'
|
|
||||||
; name as parameter), if the unserializer finds an undefined class
|
|
||||||
; which should be instantiated. A warning appears if the specified function is
|
|
||||||
; not defined, or if the function doesn't include/implement the missing class.
|
|
||||||
; So only set this entry, if you really want to implement such a
|
|
||||||
; callback-function.
|
|
||||||
unserialize_callback_func =
|
|
||||||
|
|
||||||
; When floats & doubles are serialized, store serialize_precision significant
|
|
||||||
; digits after the floating point. The default value ensures that when floats
|
|
||||||
; are decoded with unserialize, the data will remain the same.
|
|
||||||
; The value is also used for json_encode when encoding double values.
|
|
||||||
; If -1 is used, then dtoa mode 0 is used which automatically select the best
|
|
||||||
; precision.
|
|
||||||
serialize_precision = -1
|
|
||||||
|
|
||||||
; open_basedir, if set, limits all file operations to the defined directory
|
|
||||||
; and below. This directive makes most sense if used in a per-directory
|
|
||||||
; or per-virtualhost web server configuration file.
|
|
||||||
; Note: disables the realpath cache
|
|
||||||
; http://php.net/open-basedir
|
|
||||||
;open_basedir =
|
|
||||||
|
|
||||||
; This directive allows you to disable certain functions for security reasons.
|
|
||||||
; It receives a comma-delimited list of function names.
|
|
||||||
; http://php.net/disable-functions
|
|
||||||
disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
|
|
||||||
|
|
||||||
; This directive allows you to disable certain classes for security reasons.
|
|
||||||
; It receives a comma-delimited list of class names.
|
|
||||||
; http://php.net/disable-classes
|
|
||||||
disable_classes =
|
|
||||||
|
|
||||||
; Colors for Syntax Highlighting mode. Anything that's acceptable in
|
|
||||||
; <span style="color: ???????"> would work.
|
|
||||||
; http://php.net/syntax-highlighting
|
|
||||||
;highlight.string = #DD0000
|
|
||||||
;highlight.comment = #FF9900
|
|
||||||
;highlight.keyword = #007700
|
|
||||||
;highlight.default = #0000BB
|
|
||||||
;highlight.html = #000000
|
|
||||||
|
|
||||||
; If enabled, the request will be allowed to complete even if the user aborts
|
|
||||||
; the request. Consider enabling it if executing long requests, which may end up
|
|
||||||
; being interrupted by the user or a browser timing out. PHP's default behavior
|
|
||||||
; is to disable this feature.
|
|
||||||
; http://php.net/ignore-user-abort
|
|
||||||
;ignore_user_abort = On
|
|
||||||
|
|
||||||
; Determines the size of the realpath cache to be used by PHP. This value should
|
|
||||||
; be increased on systems where PHP opens many files to reflect the quantity of
|
|
||||||
; the file operations performed.
|
|
||||||
; Note: if open_basedir is set, the cache is disabled
|
|
||||||
; http://php.net/realpath-cache-size
|
|
||||||
;realpath_cache_size = 4096k
|
|
||||||
|
|
||||||
; Duration of time, in seconds for which to cache realpath information for a given
|
|
||||||
; file or directory. For systems with rarely changing files, consider increasing this
|
|
||||||
; value.
|
|
||||||
; http://php.net/realpath-cache-ttl
|
|
||||||
;realpath_cache_ttl = 120
|
|
||||||
|
|
||||||
; Enables or disables the circular reference collector.
|
|
||||||
; http://php.net/zend.enable-gc
|
|
||||||
zend.enable_gc = On
|
|
||||||
|
|
||||||
; If enabled, scripts may be written in encodings that are incompatible with
|
|
||||||
; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such
|
|
||||||
; encodings. To use this feature, mbstring extension must be enabled.
|
|
||||||
; Default: Off
|
|
||||||
;zend.multibyte = Off
|
|
||||||
|
|
||||||
; Allows to set the default encoding for the scripts. This value will be used
|
|
||||||
; unless "declare(encoding=...)" directive appears at the top of the script.
|
|
||||||
; Only affects if zend.multibyte is set.
|
|
||||||
; Default: ""
|
|
||||||
;zend.script_encoding =
|
|
||||||
|
|
||||||
;;;;;;;;;;;;;;;;;
|
|
||||||
; Miscellaneous ;
|
|
||||||
;;;;;;;;;;;;;;;;;
|
|
||||||
|
|
||||||
; Decides whether PHP may expose the fact that it is installed on the server
|
|
||||||
; (e.g. by adding its signature to the Web server header). It is no security
|
|
||||||
; threat in any way, but it makes it possible to determine whether you use PHP
|
|
||||||
; on your server or not.
|
|
||||||
; http://php.net/expose-php
|
|
||||||
expose_php = Off
|
|
||||||
|
|
||||||
;;;;;;;;;;;;;;;;;;;
|
|
||||||
; Resource Limits ;
|
|
||||||
;;;;;;;;;;;;;;;;;;;
|
|
||||||
|
|
||||||
; Maximum execution time of each script, in seconds
|
|
||||||
; http://php.net/max-execution-time
|
|
||||||
; Note: This directive is hardcoded to 0 for the CLI SAPI
|
|
||||||
max_execution_time = 30
|
|
||||||
|
|
||||||
; Maximum amount of time each script may spend parsing request data. It's a good
|
|
||||||
; idea to limit this time on productions servers in order to eliminate unexpectedly
|
|
||||||
; long running scripts.
|
|
||||||
; Note: This directive is hardcoded to -1 for the CLI SAPI
|
|
||||||
; Default Value: -1 (Unlimited)
|
|
||||||
; Development Value: 60 (60 seconds)
|
|
||||||
; Production Value: 60 (60 seconds)
|
|
||||||
; http://php.net/max-input-time
|
|
||||||
max_input_time = 60
|
|
||||||
|
|
||||||
; Maximum input variable nesting level
|
|
||||||
; http://php.net/max-input-nesting-level
|
|
||||||
;max_input_nesting_level = 64
|
|
||||||
|
|
||||||
; How many GET/POST/COOKIE input variables may be accepted
|
|
||||||
;max_input_vars = 1000
|
|
||||||
|
|
||||||
; Maximum amount of memory a script may consume (128MB)
|
|
||||||
; http://php.net/memory-limit
|
|
||||||
memory_limit = 128M
|
|
||||||
|
|
||||||
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
||||||
; Error handling and logging ;
|
|
||||||
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
||||||
|
|
||||||
; This directive informs PHP of which errors, warnings and notices you would like
|
|
||||||
; it to take action for. The recommended way of setting values for this
|
|
||||||
; directive is through the use of the error level constants and bitwise
|
|
||||||
; operators. The error level constants are below here for convenience as well as
|
|
||||||
; some common settings and their meanings.
|
|
||||||
; By default, PHP is set to take action on all errors, notices and warnings EXCEPT
|
|
||||||
; those related to E_NOTICE and E_STRICT, which together cover best practices and
|
|
||||||
; recommended coding standards in PHP. For performance reasons, this is the
|
|
||||||
; recommend error reporting setting. Your production server shouldn't be wasting
|
|
||||||
; resources complaining about best practices and coding standards. That's what
|
|
||||||
; development servers and development settings are for.
|
|
||||||
; Note: The php.ini-development file has this setting as E_ALL. This
|
|
||||||
; means it pretty much reports everything which is exactly what you want during
|
|
||||||
; development and early testing.
|
|
||||||
;
|
|
||||||
; Error Level Constants:
|
|
||||||
; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0)
|
|
||||||
; E_ERROR - fatal run-time errors
|
|
||||||
; E_RECOVERABLE_ERROR - almost fatal run-time errors
|
|
||||||
; E_WARNING - run-time warnings (non-fatal errors)
|
|
||||||
; E_PARSE - compile-time parse errors
|
|
||||||
; E_NOTICE - run-time notices (these are warnings which often result
|
|
||||||
; from a bug in your code, but it's possible that it was
|
|
||||||
; intentional (e.g., using an uninitialized variable and
|
|
||||||
; relying on the fact it is automatically initialized to an
|
|
||||||
; empty string)
|
|
||||||
; E_STRICT - run-time notices, enable to have PHP suggest changes
|
|
||||||
; to your code which will ensure the best interoperability
|
|
||||||
; and forward compatibility of your code
|
|
||||||
; E_CORE_ERROR - fatal errors that occur during PHP's initial startup
|
|
||||||
; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's
|
|
||||||
; initial startup
|
|
||||||
; E_COMPILE_ERROR - fatal compile-time errors
|
|
||||||
; E_COMPILE_WARNING - compile-time warnings (non-fatal errors)
|
|
||||||
; E_USER_ERROR - user-generated error message
|
|
||||||
; E_USER_WARNING - user-generated warning message
|
|
||||||
; E_USER_NOTICE - user-generated notice message
|
|
||||||
; E_DEPRECATED - warn about code that will not work in future versions
|
|
||||||
; of PHP
|
|
||||||
; E_USER_DEPRECATED - user-generated deprecation warnings
|
|
||||||
;
|
|
||||||
; Common Values:
|
|
||||||
; E_ALL (Show all errors, warnings and notices including coding standards.)
|
|
||||||
; E_ALL & ~E_NOTICE (Show all errors, except for notices)
|
|
||||||
; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.)
|
|
||||||
; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors)
|
|
||||||
; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED
|
|
||||||
; Development Value: E_ALL
|
|
||||||
; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT
|
|
||||||
; http://php.net/error-reporting
|
|
||||||
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
|
|
||||||
|
|
||||||
; This directive controls whether or not and where PHP will output errors,
|
|
||||||
; notices and warnings too. Error output is very useful during development, but
|
|
||||||
; it could be very dangerous in production environments. Depending on the code
|
|
||||||
; which is triggering the error, sensitive information could potentially leak
|
|
||||||
; out of your application such as database usernames and passwords or worse.
|
|
||||||
; For production environments, we recommend logging errors rather than
|
|
||||||
; sending them to STDOUT.
|
|
||||||
; Possible Values:
|
|
||||||
; Off = Do not display any errors
|
|
||||||
; stderr = Display errors to STDERR (affects only CGI/CLI binaries!)
|
|
||||||
; On or stdout = Display errors to STDOUT
|
|
||||||
; Default Value: On
|
|
||||||
; Development Value: On
|
|
||||||
; Production Value: Off
|
|
||||||
; http://php.net/display-errors
|
|
||||||
display_errors = Off
|
|
||||||
|
|
||||||
; The display of errors which occur during PHP's startup sequence are handled
|
|
||||||
; separately from display_errors. PHP's default behavior is to suppress those
|
|
||||||
; errors from clients. Turning the display of startup errors on can be useful in
|
|
||||||
; debugging configuration problems. We strongly recommend you
|
|
||||||
; set this to 'off' for production servers.
|
|
||||||
; Default Value: Off
|
|
||||||
; Development Value: On
|
|
||||||
; Production Value: Off
|
|
||||||
; http://php.net/display-startup-errors
|
|
||||||
display_startup_errors = Off
|
|
||||||
|
|
||||||
; Besides displaying errors, PHP can also log errors to locations such as a
|
|
||||||
; server-specific log, STDERR, or a location specified by the error_log
|
|
||||||
; directive found below. While errors should not be displayed on productions
|
|
||||||
; servers they should still be monitored and logging is a great way to do that.
|
|
||||||
; Default Value: Off
|
|
||||||
; Development Value: On
|
|
||||||
; Production Value: On
|
|
||||||
; http://php.net/log-errors
|
|
||||||
log_errors = On
|
|
||||||
|
|
||||||
; Set maximum length of log_errors. In error_log information about the source is
|
|
||||||
; added. The default is 1024 and 0 allows to not apply any maximum length at all.
|
|
||||||
; http://php.net/log-errors-max-len
|
|
||||||
log_errors_max_len = 1024
|
|
||||||
|
|
||||||
; Do not log repeated messages. Repeated errors must occur in same file on same
|
|
||||||
; line unless ignore_repeated_source is set true.
|
|
||||||
; http://php.net/ignore-repeated-errors
|
|
||||||
ignore_repeated_errors = Off
|
|
||||||
|
|
||||||
; Ignore source of message when ignoring repeated messages. When this setting
|
|
||||||
; is On you will not log errors with repeated messages from different files or
|
|
||||||
; source lines.
|
|
||||||
; http://php.net/ignore-repeated-source
|
|
||||||
ignore_repeated_source = Off
|
|
||||||
|
|
||||||
; If this parameter is set to Off, then memory leaks will not be shown (on
|
|
||||||
; stdout or in the log). This has only effect in a debug compile, and if
|
|
||||||
; error reporting includes E_WARNING in the allowed list
|
|
||||||
; http://php.net/report-memleaks
|
|
||||||
report_memleaks = On
|
|
||||||
|
|
||||||
; This setting is on by default.
|
|
||||||
;report_zend_debug = 0
|
|
||||||
|
|
||||||
; Store the last error/warning message in $php_errormsg (boolean). Setting this value
|
|
||||||
; to On can assist in debugging and is appropriate for development servers. It should
|
|
||||||
; however be disabled on production servers.
|
|
||||||
; This directive is DEPRECATED.
|
|
||||||
; Default Value: Off
|
|
||||||
; Development Value: Off
|
|
||||||
; Production Value: Off
|
|
||||||
; http://php.net/track-errors
|
|
||||||
;track_errors = Off
|
|
||||||
|
|
||||||
; Turn off normal error reporting and emit XML-RPC error XML
|
|
||||||
; http://php.net/xmlrpc-errors
|
|
||||||
;xmlrpc_errors = 0
|
|
||||||
|
|
||||||
; An XML-RPC faultCode
|
|
||||||
;xmlrpc_error_number = 0
|
|
||||||
|
|
||||||
; When PHP displays or logs an error, it has the capability of formatting the
|
|
||||||
; error message as HTML for easier reading. This directive controls whether
|
|
||||||
; the error message is formatted as HTML or not.
|
|
||||||
; Note: This directive is hardcoded to Off for the CLI SAPI
|
|
||||||
; Default Value: On
|
|
||||||
; Development Value: On
|
|
||||||
; Production value: On
|
|
||||||
; http://php.net/html-errors
|
|
||||||
html_errors = On
|
|
||||||
|
|
||||||
; If html_errors is set to On *and* docref_root is not empty, then PHP
|
|
||||||
; produces clickable error messages that direct to a page describing the error
|
|
||||||
; or function causing the error in detail.
|
|
||||||
; You can download a copy of the PHP manual from http://php.net/docs
|
|
||||||
; and change docref_root to the base URL of your local copy including the
|
|
||||||
; leading '/'. You must also specify the file extension being used including
|
|
||||||
; the dot. PHP's default behavior is to leave these settings empty, in which
|
|
||||||
; case no links to documentation are generated.
|
|
||||||
; Note: Never use this feature for production boxes.
|
|
||||||
; http://php.net/docref-root
|
|
||||||
; Examples
|
|
||||||
;docref_root = "/phpmanual/"
|
|
||||||
|
|
||||||
; http://php.net/docref-ext
|
|
||||||
;docref_ext = .html
|
|
||||||
|
|
||||||
; String to output before an error message. PHP's default behavior is to leave
|
|
||||||
; this setting blank.
|
|
||||||
; http://php.net/error-prepend-string
|
|
||||||
; Example:
|
|
||||||
;error_prepend_string = "<span style='color: #ff0000'>"
|
|
||||||
|
|
||||||
; String to output after an error message. PHP's default behavior is to leave
|
|
||||||
; this setting blank.
|
|
||||||
; http://php.net/error-append-string
|
|
||||||
; Example:
|
|
||||||
;error_append_string = "</span>"
|
|
||||||
|
|
||||||
; Log errors to specified file. PHP's default behavior is to leave this value
|
|
||||||
; empty.
|
|
||||||
; http://php.net/error-log
|
|
||||||
; Example:
|
|
||||||
;error_log = php_errors.log
|
|
||||||
; Log errors to syslog (Event Log on Windows).
|
|
||||||
;error_log = syslog
|
|
||||||
|
|
||||||
; The syslog ident is a string which is prepended to every message logged
|
|
||||||
; to syslog. Only used when error_log is set to syslog.
|
|
||||||
;syslog.ident = php
|
|
||||||
|
|
||||||
; The syslog facility is used to specify what type of program is logging
|
|
||||||
; the message. Only used when error_log is set to syslog.
|
|
||||||
;syslog.facility = user
|
|
||||||
|
|
||||||
; Set this to disable filtering control characters (the default).
|
|
||||||
; Some loggers only accept NVT-ASCII, others accept anything that's not
|
|
||||||
; control characters. If your logger accepts everything, then no filtering
|
|
||||||
; is needed at all.
|
|
||||||
; Allowed values are:
|
|
||||||
; ascii (all printable ASCII characters and NL)
|
|
||||||
; no-ctrl (all characters except control characters)
|
|
||||||
; all (all characters)
|
|
||||||
; raw (like "all", but messages are not split at newlines)
|
|
||||||
; http://php.net/syslog.filter
|
|
||||||
;syslog.filter = ascii
|
|
||||||
|
|
||||||
;windows.show_crt_warning
|
|
||||||
; Default value: 0
|
|
||||||
; Development value: 0
|
|
||||||
; Production value: 0
|
|
||||||
|
|
||||||
;;;;;;;;;;;;;;;;;
|
|
||||||
; Data Handling ;
|
|
||||||
;;;;;;;;;;;;;;;;;
|
|
||||||
|
|
||||||
; The separator used in PHP generated URLs to separate arguments.
|
|
||||||
; PHP's default setting is "&".
|
|
||||||
; http://php.net/arg-separator.output
|
|
||||||
; Example:
|
|
||||||
;arg_separator.output = "&"
|
|
||||||
|
|
||||||
; List of separator(s) used by PHP to parse input URLs into variables.
|
|
||||||
; PHP's default setting is "&".
|
|
||||||
; NOTE: Every character in this directive is considered as separator!
|
|
||||||
; http://php.net/arg-separator.input
|
|
||||||
; Example:
|
|
||||||
;arg_separator.input = ";&"
|
|
||||||
|
|
||||||
; This directive determines which super global arrays are registered when PHP
|
|
||||||
; starts up. G,P,C,E & S are abbreviations for the following respective super
|
|
||||||
; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty
|
|
||||||
; paid for the registration of these arrays and because ENV is not as commonly
|
|
||||||
; used as the others, ENV is not recommended on productions servers. You
|
|
||||||
; can still get access to the environment variables through getenv() should you
|
|
||||||
; need to.
|
|
||||||
; Default Value: "EGPCS"
|
|
||||||
; Development Value: "GPCS"
|
|
||||||
; Production Value: "GPCS";
|
|
||||||
; http://php.net/variables-order
|
|
||||||
variables_order = "GPCS"
|
|
||||||
|
|
||||||
; This directive determines which super global data (G,P & C) should be
|
|
||||||
; registered into the super global array REQUEST. If so, it also determines
|
|
||||||
; the order in which that data is registered. The values for this directive
|
|
||||||
; are specified in the same manner as the variables_order directive,
|
|
||||||
; EXCEPT one. Leaving this value empty will cause PHP to use the value set
|
|
||||||
; in the variables_order directive. It does not mean it will leave the super
|
|
||||||
; globals array REQUEST empty.
|
|
||||||
; Default Value: None
|
|
||||||
; Development Value: "GP"
|
|
||||||
; Production Value: "GP"
|
|
||||||
; http://php.net/request-order
|
|
||||||
request_order = "GP"
|
|
||||||
|
|
||||||
; This directive determines whether PHP registers $argv & $argc each time it
|
|
||||||
; runs. $argv contains an array of all the arguments passed to PHP when a script
|
|
||||||
; is invoked. $argc contains an integer representing the number of arguments
|
|
||||||
; that were passed when the script was invoked. These arrays are extremely
|
|
||||||
; useful when running scripts from the command line. When this directive is
|
|
||||||
; enabled, registering these variables consumes CPU cycles and memory each time
|
|
||||||
; a script is executed. For performance reasons, this feature should be disabled
|
|
||||||
; on production servers.
|
|
||||||
; Note: This directive is hardcoded to On for the CLI SAPI
|
|
||||||
; Default Value: On
|
|
||||||
; Development Value: Off
|
|
||||||
; Production Value: Off
|
|
||||||
; http://php.net/register-argc-argv
|
|
||||||
register_argc_argv = Off
|
|
||||||
|
|
||||||
; When enabled, the ENV, REQUEST and SERVER variables are created when they're
|
|
||||||
; first used (Just In Time) instead of when the script starts. If these
|
|
||||||
; variables are not used within a script, having this directive on will result
|
|
||||||
; in a performance gain. The PHP directive register_argc_argv must be disabled
|
|
||||||
; for this directive to have any affect.
|
|
||||||
; http://php.net/auto-globals-jit
|
|
||||||
auto_globals_jit = On
|
|
||||||
|
|
||||||
; Whether PHP will read the POST data.
|
|
||||||
; This option is enabled by default.
|
|
||||||
; Most likely, you won't want to disable this option globally. It causes $_POST
|
|
||||||
; and $_FILES to always be empty; the only way you will be able to read the
|
|
||||||
; POST data will be through the php://input stream wrapper. This can be useful
|
|
||||||
; to proxy requests or to process the POST data in a memory efficient fashion.
|
|
||||||
; http://php.net/enable-post-data-reading
|
|
||||||
;enable_post_data_reading = Off
|
|
||||||
|
|
||||||
; Maximum size of POST data that PHP will accept.
|
|
||||||
; Its value may be 0 to disable the limit. It is ignored if POST data reading
|
|
||||||
; is disabled through enable_post_data_reading.
|
|
||||||
; http://php.net/post-max-size
|
|
||||||
post_max_size = 80M
|
|
||||||
|
|
||||||
; Automatically add files before PHP document.
|
|
||||||
; http://php.net/auto-prepend-file
|
|
||||||
auto_prepend_file =
|
|
||||||
|
|
||||||
; Automatically add files after PHP document.
|
|
||||||
; http://php.net/auto-append-file
|
|
||||||
auto_append_file =
|
|
||||||
|
|
||||||
; By default, PHP will output a media type using the Content-Type header. To
|
|
||||||
; disable this, simply set it to be empty.
|
|
||||||
;
|
|
||||||
; PHP's built-in default media type is set to text/html.
|
|
||||||
; http://php.net/default-mimetype
|
|
||||||
default_mimetype = "text/html"
|
|
||||||
|
|
||||||
; PHP's default character set is set to UTF-8.
|
|
||||||
; http://php.net/default-charset
|
|
||||||
default_charset = "UTF-8"
|
|
||||||
|
|
||||||
; PHP internal character encoding is set to empty.
|
|
||||||
; If empty, default_charset is used.
|
|
||||||
; http://php.net/internal-encoding
|
|
||||||
;internal_encoding =
|
|
||||||
|
|
||||||
; PHP input character encoding is set to empty.
|
|
||||||
; If empty, default_charset is used.
|
|
||||||
; http://php.net/input-encoding
|
|
||||||
;input_encoding =
|
|
||||||
|
|
||||||
; PHP output character encoding is set to empty.
|
|
||||||
; If empty, default_charset is used.
|
|
||||||
; See also output_buffer.
|
|
||||||
; http://php.net/output-encoding
|
|
||||||
;output_encoding =
|
|
||||||
|
|
||||||
;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
||||||
; Paths and Directories ;
|
|
||||||
;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
||||||
|
|
||||||
; UNIX: "/path1:/path2"
|
|
||||||
;include_path = ".:/usr/share/php"
|
|
||||||
;
|
|
||||||
; Windows: "\path1;\path2"
|
|
||||||
;include_path = ".;c:\php\includes"
|
|
||||||
;
|
|
||||||
; PHP's default setting for include_path is ".;/path/to/php/pear"
|
|
||||||
; http://php.net/include-path
|
|
||||||
|
|
||||||
; The root of the PHP pages, used only if nonempty.
|
|
||||||
; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root
|
|
||||||
; if you are running php as a CGI under any web server (other than IIS)
|
|
||||||
; see documentation for security issues. The alternate is to use the
|
|
||||||
; cgi.force_redirect configuration below
|
|
||||||
; http://php.net/doc-root
|
|
||||||
doc_root =
|
|
||||||
|
|
||||||
; The directory under which PHP opens the script using /~username used only
|
|
||||||
; if nonempty.
|
|
||||||
; http://php.net/user-dir
|
|
||||||
user_dir =
|
|
||||||
|
|
||||||
; Directory in which the loadable extensions (modules) reside.
|
|
||||||
; http://php.net/extension-dir
|
|
||||||
;extension_dir = "./"
|
|
||||||
; On windows:
|
|
||||||
;extension_dir = "ext"
|
|
||||||
|
|
||||||
; Directory where the temporary files should be placed.
|
|
||||||
; Defaults to the system default (see sys_get_temp_dir)
|
|
||||||
;sys_temp_dir = "/tmp"
|
|
||||||
|
|
||||||
; Whether or not to enable the dl() function. The dl() function does NOT work
|
|
||||||
; properly in multithreaded servers, such as IIS or Zeus, and is automatically
|
|
||||||
; disabled on them.
|
|
||||||
; http://php.net/enable-dl
|
|
||||||
enable_dl = Off
|
|
||||||
|
|
||||||
; cgi.force_redirect is necessary to provide security running PHP as a CGI under
|
|
||||||
; most web servers. Left undefined, PHP turns this on by default. You can
|
|
||||||
; turn it off here AT YOUR OWN RISK
|
|
||||||
; **You CAN safely turn this off for IIS, in fact, you MUST.**
|
|
||||||
; http://php.net/cgi.force-redirect
|
|
||||||
;cgi.force_redirect = 1
|
|
||||||
|
|
||||||
; if cgi.nph is enabled it will force cgi to always sent Status: 200 with
|
|
||||||
; every request. PHP's default behavior is to disable this feature.
|
|
||||||
;cgi.nph = 1
|
|
||||||
|
|
||||||
; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape
|
|
||||||
; (iPlanet) web servers, you MAY need to set an environment variable name that PHP
|
|
||||||
; will look for to know it is OK to continue execution. Setting this variable MAY
|
|
||||||
; cause security issues, KNOW WHAT YOU ARE DOING FIRST.
|
|
||||||
; http://php.net/cgi.redirect-status-env
|
|
||||||
;cgi.redirect_status_env =
|
|
||||||
|
|
||||||
; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's
|
|
||||||
; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok
|
|
||||||
; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting
|
|
||||||
; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting
|
|
||||||
; of zero causes PHP to behave as before. Default is 1. You should fix your scripts
|
|
||||||
; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
|
|
||||||
; http://php.net/cgi.fix-pathinfo
|
|
||||||
;cgi.fix_pathinfo=1
|
|
||||||
|
|
||||||
; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside
|
|
||||||
; of the web tree and people will not be able to circumvent .htaccess security.
|
|
||||||
;cgi.discard_path=1
|
|
||||||
|
|
||||||
; FastCGI under IIS supports the ability to impersonate
|
|
||||||
; security tokens of the calling client. This allows IIS to define the
|
|
||||||
; security context that the request runs under. mod_fastcgi under Apache
|
|
||||||
; does not currently support this feature (03/17/2002)
|
|
||||||
; Set to 1 if running under IIS. Default is zero.
|
|
||||||
; http://php.net/fastcgi.impersonate
|
|
||||||
;fastcgi.impersonate = 1
|
|
||||||
|
|
||||||
; Disable logging through FastCGI connection. PHP's default behavior is to enable
|
|
||||||
; this feature.
|
|
||||||
;fastcgi.logging = 0
|
|
||||||
|
|
||||||
; cgi.rfc2616_headers configuration option tells PHP what type of headers to
|
|
||||||
; use when sending HTTP response code. If set to 0, PHP sends Status: header that
|
|
||||||
; is supported by Apache. When this option is set to 1, PHP will send
|
|
||||||
; RFC2616 compliant header.
|
|
||||||
; Default is zero.
|
|
||||||
; http://php.net/cgi.rfc2616-headers
|
|
||||||
;cgi.rfc2616_headers = 0
|
|
||||||
|
|
||||||
; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #!
|
|
||||||
; (shebang) at the top of the running script. This line might be needed if the
|
|
||||||
; script support running both as stand-alone script and via PHP CGI<. PHP in CGI
|
|
||||||
; mode skips this line and ignores its content if this directive is turned on.
|
|
||||||
; http://php.net/cgi.check-shebang-line
|
|
||||||
;cgi.check_shebang_line=1
|
|
||||||
|
|
||||||
;;;;;;;;;;;;;;;;
|
|
||||||
; File Uploads ;
|
|
||||||
;;;;;;;;;;;;;;;;
|
|
||||||
|
|
||||||
; Whether to allow HTTP file uploads.
|
|
||||||
; http://php.net/file-uploads
|
|
||||||
file_uploads = On
|
|
||||||
|
|
||||||
; Temporary directory for HTTP uploaded files (will use system default if not
|
|
||||||
; specified).
|
|
||||||
; http://php.net/upload-tmp-dir
|
|
||||||
;upload_tmp_dir =
|
|
||||||
|
|
||||||
; Maximum allowed size for uploaded files.
|
|
||||||
; http://php.net/upload-max-filesize
|
|
||||||
upload_max_filesize = 22M
|
|
||||||
|
|
||||||
; Maximum number of files that can be uploaded via a single request
|
|
||||||
max_file_uploads = 20
|
|
||||||
|
|
||||||
;;;;;;;;;;;;;;;;;;
|
|
||||||
; Fopen wrappers ;
|
|
||||||
;;;;;;;;;;;;;;;;;;
|
|
||||||
|
|
||||||
; Whether to allow the treatment of URLs (like http:// or ftp://) as files.
|
|
||||||
; http://php.net/allow-url-fopen
|
|
||||||
allow_url_fopen = On
|
|
||||||
|
|
||||||
; Whether to allow include/require to open URLs (like http:// or ftp://) as files.
|
|
||||||
; http://php.net/allow-url-include
|
|
||||||
allow_url_include = Off
|
|
||||||
|
|
||||||
; Define the anonymous ftp password (your email address). PHP's default setting
|
|
||||||
; for this is empty.
|
|
||||||
; http://php.net/from
|
|
||||||
;from="john@doe.com"
|
|
||||||
|
|
||||||
; Define the User-Agent string. PHP's default setting for this is empty.
|
|
||||||
; http://php.net/user-agent
|
|
||||||
;user_agent="PHP"
|
|
||||||
|
|
||||||
; Default timeout for socket based streams (seconds)
|
|
||||||
; http://php.net/default-socket-timeout
|
|
||||||
default_socket_timeout = 60
|
|
||||||
|
|
||||||
; If your scripts have to deal with files from Macintosh systems,
|
|
||||||
; or you are running on a Mac and need to deal with files from
|
|
||||||
; unix or win32 systems, setting this flag will cause PHP to
|
|
||||||
; automatically detect the EOL character in those files so that
|
|
||||||
; fgets() and file() will work regardless of the source of the file.
|
|
||||||
; http://php.net/auto-detect-line-endings
|
|
||||||
;auto_detect_line_endings = Off
|
|
||||||
|
|
||||||
;;;;;;;;;;;;;;;;;;;;;;
|
|
||||||
; Dynamic Extensions ;
|
|
||||||
;;;;;;;;;;;;;;;;;;;;;;
|
|
||||||
|
|
||||||
; If you wish to have an extension loaded automatically, use the following
|
|
||||||
; syntax:
|
|
||||||
;
|
|
||||||
; extension=modulename
|
|
||||||
;
|
|
||||||
; For example:
|
|
||||||
;
|
|
||||||
; extension=mysqli
|
|
||||||
;
|
|
||||||
; When the extension library to load is not located in the default extension
|
|
||||||
; directory, You may specify an absolute path to the library file:
|
|
||||||
;
|
|
||||||
; extension=/path/to/extension/mysqli.so
|
|
||||||
;
|
|
||||||
; Note : The syntax used in previous PHP versions ('extension=<ext>.so' and
|
|
||||||
; 'extension='php_<ext>.dll') is supported for legacy reasons and may be
|
|
||||||
; deprecated in a future PHP major version. So, when it is possible, please
|
|
||||||
; move to the new ('extension=<ext>) syntax.
|
|
||||||
;
|
|
||||||
; Notes for Windows environments :
|
|
||||||
;
|
|
||||||
; - Many DLL files are located in the extensions/ (PHP 4) or ext/ (PHP 5+)
|
|
||||||
; extension folders as well as the separate PECL DLL download (PHP 5+).
|
|
||||||
; Be sure to appropriately set the extension_dir directive.
|
|
||||||
;
|
|
||||||
;extension=bz2
|
|
||||||
;extension=curl
|
|
||||||
;extension=fileinfo
|
|
||||||
;extension=gd2
|
|
||||||
;extension=gettext
|
|
||||||
;extension=gmp
|
|
||||||
;extension=intl
|
|
||||||
;extension=imap
|
|
||||||
;extension=interbase
|
|
||||||
;extension=ldap
|
|
||||||
;extension=mbstring
|
|
||||||
;extension=exif ; Must be after mbstring as it depends on it
|
|
||||||
;extension=mysqli
|
|
||||||
;extension=oci8_12c ; Use with Oracle Database 12c Instant Client
|
|
||||||
;extension=odbc
|
|
||||||
;extension=openssl
|
|
||||||
;extension=pdo_firebird
|
|
||||||
extension=pdo_mysql
|
|
||||||
;extension=pdo_oci
|
|
||||||
;extension=pdo_odbc
|
|
||||||
;extension=pdo_pgsql
|
|
||||||
;extension=pdo_sqlite
|
|
||||||
;extension=pgsql
|
|
||||||
;extension=shmop
|
|
||||||
|
|
||||||
; The MIBS data available in the PHP distribution must be installed.
|
|
||||||
; See http://www.php.net/manual/en/snmp.installation.php
|
|
||||||
;extension=snmp
|
|
||||||
|
|
||||||
;extension=soap
|
|
||||||
;extension=sockets
|
|
||||||
;extension=sodium
|
|
||||||
;extension=sqlite3
|
|
||||||
;extension=tidy
|
|
||||||
;extension=xmlrpc
|
|
||||||
;extension=xsl
|
|
||||||
|
|
||||||
;;;;;;;;;;;;;;;;;;;
|
|
||||||
; Module Settings ;
|
|
||||||
;;;;;;;;;;;;;;;;;;;
|
|
||||||
|
|
||||||
[CLI Server]
|
|
||||||
; Whether the CLI web server uses ANSI color coding in its terminal output.
|
|
||||||
cli_server.color = On
|
|
||||||
|
|
||||||
[Date]
|
|
||||||
; Defines the default timezone used by the date functions
|
|
||||||
; http://php.net/date.timezone
|
|
||||||
;date.timezone =
|
|
||||||
|
|
||||||
; http://php.net/date.default-latitude
|
|
||||||
;date.default_latitude = 31.7667
|
|
||||||
|
|
||||||
; http://php.net/date.default-longitude
|
|
||||||
;date.default_longitude = 35.2333
|
|
||||||
|
|
||||||
; http://php.net/date.sunrise-zenith
|
|
||||||
;date.sunrise_zenith = 90.583333
|
|
||||||
|
|
||||||
; http://php.net/date.sunset-zenith
|
|
||||||
;date.sunset_zenith = 90.583333
|
|
||||||
|
|
||||||
[filter]
|
|
||||||
; http://php.net/filter.default
|
|
||||||
;filter.default = unsafe_raw
|
|
||||||
|
|
||||||
; http://php.net/filter.default-flags
|
|
||||||
;filter.default_flags =
|
|
||||||
|
|
||||||
[iconv]
|
|
||||||
; Use of this INI entry is deprecated, use global input_encoding instead.
|
|
||||||
; If empty, default_charset or input_encoding or iconv.input_encoding is used.
|
|
||||||
; The precedence is: default_charset < input_encoding < iconv.input_encoding
|
|
||||||
;iconv.input_encoding =
|
|
||||||
|
|
||||||
; Use of this INI entry is deprecated, use global internal_encoding instead.
|
|
||||||
; If empty, default_charset or internal_encoding or iconv.internal_encoding is used.
|
|
||||||
; The precedence is: default_charset < internal_encoding < iconv.internal_encoding
|
|
||||||
;iconv.internal_encoding =
|
|
||||||
|
|
||||||
; Use of this INI entry is deprecated, use global output_encoding instead.
|
|
||||||
; If empty, default_charset or output_encoding or iconv.output_encoding is used.
|
|
||||||
; The precedence is: default_charset < output_encoding < iconv.output_encoding
|
|
||||||
; To use an output encoding conversion, iconv's output handler must be set
|
|
||||||
; otherwise output encoding conversion cannot be performed.
|
|
||||||
;iconv.output_encoding =
|
|
||||||
|
|
||||||
[imap]
|
|
||||||
; rsh/ssh logins are disabled by default. Use this INI entry if you want to
|
|
||||||
; enable them. Note that the IMAP library does not filter mailbox names before
|
|
||||||
; passing them to rsh/ssh command, thus passing untrusted data to this function
|
|
||||||
; with rsh/ssh enabled is insecure.
|
|
||||||
;imap.enable_insecure_rsh=0
|
|
||||||
|
|
||||||
[intl]
|
|
||||||
;intl.default_locale =
|
|
||||||
; This directive allows you to produce PHP errors when some error
|
|
||||||
; happens within intl functions. The value is the level of the error produced.
|
|
||||||
; Default is 0, which does not produce any errors.
|
|
||||||
;intl.error_level = E_WARNING
|
|
||||||
;intl.use_exceptions = 0
|
|
||||||
|
|
||||||
[sqlite3]
|
|
||||||
; Directory pointing to SQLite3 extensions
|
|
||||||
; http://php.net/sqlite3.extension-dir
|
|
||||||
;sqlite3.extension_dir =
|
|
||||||
|
|
||||||
; SQLite defensive mode flag (only available from SQLite 3.26+)
|
|
||||||
; When the defensive flag is enabled, language features that allow ordinary
|
|
||||||
; SQL to deliberately corrupt the database file are disabled. This forbids
|
|
||||||
; writing directly to the schema, shadow tables (eg. FTS data tables), or
|
|
||||||
; the sqlite_dbpage virtual table.
|
|
||||||
; https://www.sqlite.org/c3ref/c_dbconfig_defensive.html
|
|
||||||
; (for older SQLite versions, this flag has no use)
|
|
||||||
;sqlite3.defensive = 1
|
|
||||||
|
|
||||||
[Pcre]
|
|
||||||
; PCRE library backtracking limit.
|
|
||||||
; http://php.net/pcre.backtrack-limit
|
|
||||||
;pcre.backtrack_limit=100000
|
|
||||||
|
|
||||||
; PCRE library recursion limit.
|
|
||||||
; Please note that if you set this value to a high number you may consume all
|
|
||||||
; the available process stack and eventually crash PHP (due to reaching the
|
|
||||||
; stack size limit imposed by the Operating System).
|
|
||||||
; http://php.net/pcre.recursion-limit
|
|
||||||
;pcre.recursion_limit=100000
|
|
||||||
|
|
||||||
; Enables or disables JIT compilation of patterns. This requires the PCRE
|
|
||||||
; library to be compiled with JIT support.
|
|
||||||
;pcre.jit=1
|
|
||||||
|
|
||||||
[Pdo]
|
|
||||||
; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off"
|
|
||||||
; http://php.net/pdo-odbc.connection-pooling
|
|
||||||
;pdo_odbc.connection_pooling=strict
|
|
||||||
|
|
||||||
;pdo_odbc.db2_instance_name
|
|
||||||
|
|
||||||
[Pdo_mysql]
|
|
||||||
; Default socket name for local MySQL connects. If empty, uses the built-in
|
|
||||||
; MySQL defaults.
|
|
||||||
pdo_mysql.default_socket=
|
|
||||||
|
|
||||||
[Phar]
|
|
||||||
; http://php.net/phar.readonly
|
|
||||||
;phar.readonly = On
|
|
||||||
|
|
||||||
; http://php.net/phar.require-hash
|
|
||||||
;phar.require_hash = On
|
|
||||||
|
|
||||||
;phar.cache_list =
|
|
||||||
|
|
||||||
[mail function]
|
|
||||||
; For Win32 only.
|
|
||||||
; http://php.net/smtp
|
|
||||||
SMTP = localhost
|
|
||||||
; http://php.net/smtp-port
|
|
||||||
smtp_port = 25
|
|
||||||
|
|
||||||
; For Win32 only.
|
|
||||||
; http://php.net/sendmail-from
|
|
||||||
;sendmail_from = me@example.com
|
|
||||||
|
|
||||||
; For Unix only. You may supply arguments as well (default: "sendmail -t -i").
|
|
||||||
; http://php.net/sendmail-path
|
|
||||||
;sendmail_path =
|
|
||||||
|
|
||||||
; Force the addition of the specified parameters to be passed as extra parameters
|
|
||||||
; to the sendmail binary. These parameters will always replace the value of
|
|
||||||
; the 5th parameter to mail().
|
|
||||||
;mail.force_extra_parameters =
|
|
||||||
|
|
||||||
; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename
|
|
||||||
mail.add_x_header = Off
|
|
||||||
|
|
||||||
; The path to a log file that will log all mail() calls. Log entries include
|
|
||||||
; the full path of the script, line number, To address and headers.
|
|
||||||
;mail.log =
|
|
||||||
; Log mail to syslog (Event Log on Windows).
|
|
||||||
;mail.log = syslog
|
|
||||||
|
|
||||||
[ODBC]
|
|
||||||
; http://php.net/odbc.default-db
|
|
||||||
;odbc.default_db = Not yet implemented
|
|
||||||
|
|
||||||
; http://php.net/odbc.default-user
|
|
||||||
;odbc.default_user = Not yet implemented
|
|
||||||
|
|
||||||
; http://php.net/odbc.default-pw
|
|
||||||
;odbc.default_pw = Not yet implemented
|
|
||||||
|
|
||||||
; Controls the ODBC cursor model.
|
|
||||||
; Default: SQL_CURSOR_STATIC (default).
|
|
||||||
;odbc.default_cursortype
|
|
||||||
|
|
||||||
; Allow or prevent persistent links.
|
|
||||||
; http://php.net/odbc.allow-persistent
|
|
||||||
odbc.allow_persistent = On
|
|
||||||
|
|
||||||
; Check that a connection is still valid before reuse.
|
|
||||||
; http://php.net/odbc.check-persistent
|
|
||||||
odbc.check_persistent = On
|
|
||||||
|
|
||||||
; Maximum number of persistent links. -1 means no limit.
|
|
||||||
; http://php.net/odbc.max-persistent
|
|
||||||
odbc.max_persistent = -1
|
|
||||||
|
|
||||||
; Maximum number of links (persistent + non-persistent). -1 means no limit.
|
|
||||||
; http://php.net/odbc.max-links
|
|
||||||
odbc.max_links = -1
|
|
||||||
|
|
||||||
; Handling of LONG fields. Returns number of bytes to variables. 0 means
|
|
||||||
; passthru.
|
|
||||||
; http://php.net/odbc.defaultlrl
|
|
||||||
odbc.defaultlrl = 4096
|
|
||||||
|
|
||||||
; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char.
|
|
||||||
; See the documentation on odbc_binmode and odbc_longreadlen for an explanation
|
|
||||||
; of odbc.defaultlrl and odbc.defaultbinmode
|
|
||||||
; http://php.net/odbc.defaultbinmode
|
|
||||||
odbc.defaultbinmode = 1
|
|
||||||
|
|
||||||
[Interbase]
|
|
||||||
; Allow or prevent persistent links.
|
|
||||||
ibase.allow_persistent = 1
|
|
||||||
|
|
||||||
; Maximum number of persistent links. -1 means no limit.
|
|
||||||
ibase.max_persistent = -1
|
|
||||||
|
|
||||||
; Maximum number of links (persistent + non-persistent). -1 means no limit.
|
|
||||||
ibase.max_links = -1
|
|
||||||
|
|
||||||
; Default database name for ibase_connect().
|
|
||||||
;ibase.default_db =
|
|
||||||
|
|
||||||
; Default username for ibase_connect().
|
|
||||||
;ibase.default_user =
|
|
||||||
|
|
||||||
; Default password for ibase_connect().
|
|
||||||
;ibase.default_password =
|
|
||||||
|
|
||||||
; Default charset for ibase_connect().
|
|
||||||
;ibase.default_charset =
|
|
||||||
|
|
||||||
; Default timestamp format.
|
|
||||||
ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
|
|
||||||
|
|
||||||
; Default date format.
|
|
||||||
ibase.dateformat = "%Y-%m-%d"
|
|
||||||
|
|
||||||
; Default time format.
|
|
||||||
ibase.timeformat = "%H:%M:%S"
|
|
||||||
|
|
||||||
[MySQLi]
|
|
||||||
|
|
||||||
; Maximum number of persistent links. -1 means no limit.
|
|
||||||
; http://php.net/mysqli.max-persistent
|
|
||||||
mysqli.max_persistent = -1
|
|
||||||
|
|
||||||
; Allow accessing, from PHP's perspective, local files with LOAD DATA statements
|
|
||||||
; http://php.net/mysqli.allow_local_infile
|
|
||||||
;mysqli.allow_local_infile = On
|
|
||||||
|
|
||||||
; Allow or prevent persistent links.
|
|
||||||
; http://php.net/mysqli.allow-persistent
|
|
||||||
mysqli.allow_persistent = On
|
|
||||||
|
|
||||||
; Maximum number of links. -1 means no limit.
|
|
||||||
; http://php.net/mysqli.max-links
|
|
||||||
mysqli.max_links = -1
|
|
||||||
|
|
||||||
; Default port number for mysqli_connect(). If unset, mysqli_connect() will use
|
|
||||||
; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
|
|
||||||
; compile-time value defined MYSQL_PORT (in that order). Win32 will only look
|
|
||||||
; at MYSQL_PORT.
|
|
||||||
; http://php.net/mysqli.default-port
|
|
||||||
mysqli.default_port = 3306
|
|
||||||
|
|
||||||
; Default socket name for local MySQL connects. If empty, uses the built-in
|
|
||||||
; MySQL defaults.
|
|
||||||
; http://php.net/mysqli.default-socket
|
|
||||||
mysqli.default_socket =
|
|
||||||
|
|
||||||
; Default host for mysql_connect() (doesn't apply in safe mode).
|
|
||||||
; http://php.net/mysqli.default-host
|
|
||||||
mysqli.default_host =
|
|
||||||
|
|
||||||
; Default user for mysql_connect() (doesn't apply in safe mode).
|
|
||||||
; http://php.net/mysqli.default-user
|
|
||||||
mysqli.default_user =
|
|
||||||
|
|
||||||
; Default password for mysqli_connect() (doesn't apply in safe mode).
|
|
||||||
; Note that this is generally a *bad* idea to store passwords in this file.
|
|
||||||
; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw")
|
|
||||||
; and reveal this password! And of course, any users with read access to this
|
|
||||||
; file will be able to reveal the password as well.
|
|
||||||
; http://php.net/mysqli.default-pw
|
|
||||||
mysqli.default_pw =
|
|
||||||
|
|
||||||
; Allow or prevent reconnect
|
|
||||||
mysqli.reconnect = Off
|
|
||||||
|
|
||||||
[mysqlnd]
|
|
||||||
; Enable / Disable collection of general statistics by mysqlnd which can be
|
|
||||||
; used to tune and monitor MySQL operations.
|
|
||||||
mysqlnd.collect_statistics = On
|
|
||||||
|
|
||||||
; Enable / Disable collection of memory usage statistics by mysqlnd which can be
|
|
||||||
; used to tune and monitor MySQL operations.
|
|
||||||
mysqlnd.collect_memory_statistics = Off
|
|
||||||
|
|
||||||
; Records communication from all extensions using mysqlnd to the specified log
|
|
||||||
; file.
|
|
||||||
; http://php.net/mysqlnd.debug
|
|
||||||
;mysqlnd.debug =
|
|
||||||
|
|
||||||
; Defines which queries will be logged.
|
|
||||||
;mysqlnd.log_mask = 0
|
|
||||||
|
|
||||||
; Default size of the mysqlnd memory pool, which is used by result sets.
|
|
||||||
;mysqlnd.mempool_default_size = 16000
|
|
||||||
|
|
||||||
; Size of a pre-allocated buffer used when sending commands to MySQL in bytes.
|
|
||||||
;mysqlnd.net_cmd_buffer_size = 2048
|
|
||||||
|
|
||||||
; Size of a pre-allocated buffer used for reading data sent by the server in
|
|
||||||
; bytes.
|
|
||||||
;mysqlnd.net_read_buffer_size = 32768
|
|
||||||
|
|
||||||
; Timeout for network requests in seconds.
|
|
||||||
;mysqlnd.net_read_timeout = 31536000
|
|
||||||
|
|
||||||
; SHA-256 Authentication Plugin related. File with the MySQL server public RSA
|
|
||||||
; key.
|
|
||||||
;mysqlnd.sha256_server_public_key =
|
|
||||||
|
|
||||||
[OCI8]
|
|
||||||
|
|
||||||
; Connection: Enables privileged connections using external
|
|
||||||
; credentials (OCI_SYSOPER, OCI_SYSDBA)
|
|
||||||
; http://php.net/oci8.privileged-connect
|
|
||||||
;oci8.privileged_connect = Off
|
|
||||||
|
|
||||||
; Connection: The maximum number of persistent OCI8 connections per
|
|
||||||
; process. Using -1 means no limit.
|
|
||||||
; http://php.net/oci8.max-persistent
|
|
||||||
;oci8.max_persistent = -1
|
|
||||||
|
|
||||||
; Connection: The maximum number of seconds a process is allowed to
|
|
||||||
; maintain an idle persistent connection. Using -1 means idle
|
|
||||||
; persistent connections will be maintained forever.
|
|
||||||
; http://php.net/oci8.persistent-timeout
|
|
||||||
;oci8.persistent_timeout = -1
|
|
||||||
|
|
||||||
; Connection: The number of seconds that must pass before issuing a
|
|
||||||
; ping during oci_pconnect() to check the connection validity. When
|
|
||||||
; set to 0, each oci_pconnect() will cause a ping. Using -1 disables
|
|
||||||
; pings completely.
|
|
||||||
; http://php.net/oci8.ping-interval
|
|
||||||
;oci8.ping_interval = 60
|
|
||||||
|
|
||||||
; Connection: Set this to a user chosen connection class to be used
|
|
||||||
; for all pooled server requests with Oracle 11g Database Resident
|
|
||||||
; Connection Pooling (DRCP). To use DRCP, this value should be set to
|
|
||||||
; the same string for all web servers running the same application,
|
|
||||||
; the database pool must be configured, and the connection string must
|
|
||||||
; specify to use a pooled server.
|
|
||||||
;oci8.connection_class =
|
|
||||||
|
|
||||||
; High Availability: Using On lets PHP receive Fast Application
|
|
||||||
; Notification (FAN) events generated when a database node fails. The
|
|
||||||
; database must also be configured to post FAN events.
|
|
||||||
;oci8.events = Off
|
|
||||||
|
|
||||||
; Tuning: This option enables statement caching, and specifies how
|
|
||||||
; many statements to cache. Using 0 disables statement caching.
|
|
||||||
; http://php.net/oci8.statement-cache-size
|
|
||||||
;oci8.statement_cache_size = 20
|
|
||||||
|
|
||||||
; Tuning: Enables statement prefetching and sets the default number of
|
|
||||||
; rows that will be fetched automatically after statement execution.
|
|
||||||
; http://php.net/oci8.default-prefetch
|
|
||||||
;oci8.default_prefetch = 100
|
|
||||||
|
|
||||||
; Compatibility. Using On means oci_close() will not close
|
|
||||||
; oci_connect() and oci_new_connect() connections.
|
|
||||||
; http://php.net/oci8.old-oci-close-semantics
|
|
||||||
;oci8.old_oci_close_semantics = Off
|
|
||||||
|
|
||||||
[PostgreSQL]
|
|
||||||
; Allow or prevent persistent links.
|
|
||||||
; http://php.net/pgsql.allow-persistent
|
|
||||||
pgsql.allow_persistent = On
|
|
||||||
|
|
||||||
; Detect broken persistent links always with pg_pconnect().
|
|
||||||
; Auto reset feature requires a little overheads.
|
|
||||||
; http://php.net/pgsql.auto-reset-persistent
|
|
||||||
pgsql.auto_reset_persistent = Off
|
|
||||||
|
|
||||||
; Maximum number of persistent links. -1 means no limit.
|
|
||||||
; http://php.net/pgsql.max-persistent
|
|
||||||
pgsql.max_persistent = -1
|
|
||||||
|
|
||||||
; Maximum number of links (persistent+non persistent). -1 means no limit.
|
|
||||||
; http://php.net/pgsql.max-links
|
|
||||||
pgsql.max_links = -1
|
|
||||||
|
|
||||||
; Ignore PostgreSQL backends Notice message or not.
|
|
||||||
; Notice message logging require a little overheads.
|
|
||||||
; http://php.net/pgsql.ignore-notice
|
|
||||||
pgsql.ignore_notice = 0
|
|
||||||
|
|
||||||
; Log PostgreSQL backends Notice message or not.
|
|
||||||
; Unless pgsql.ignore_notice=0, module cannot log notice message.
|
|
||||||
; http://php.net/pgsql.log-notice
|
|
||||||
pgsql.log_notice = 0
|
|
||||||
|
|
||||||
[bcmath]
|
|
||||||
; Number of decimal digits for all bcmath functions.
|
|
||||||
; http://php.net/bcmath.scale
|
|
||||||
bcmath.scale = 0
|
|
||||||
|
|
||||||
[browscap]
|
|
||||||
; http://php.net/browscap
|
|
||||||
;browscap = extra/browscap.ini
|
|
||||||
|
|
||||||
[Session]
|
|
||||||
; Handler used to store/retrieve data.
|
|
||||||
; http://php.net/session.save-handler
|
|
||||||
session.save_handler = files
|
|
||||||
|
|
||||||
; Argument passed to save_handler. In the case of files, this is the path
|
|
||||||
; where data files are stored. Note: Windows users have to change this
|
|
||||||
; variable in order to use PHP's session functions.
|
|
||||||
;
|
|
||||||
; The path can be defined as:
|
|
||||||
;
|
|
||||||
; session.save_path = "N;/path"
|
|
||||||
;
|
|
||||||
; where N is an integer. Instead of storing all the session files in
|
|
||||||
; /path, what this will do is use subdirectories N-levels deep, and
|
|
||||||
; store the session data in those directories. This is useful if
|
|
||||||
; your OS has problems with many files in one directory, and is
|
|
||||||
; a more efficient layout for servers that handle many sessions.
|
|
||||||
;
|
|
||||||
; NOTE 1: PHP will not create this directory structure automatically.
|
|
||||||
; You can use the script in the ext/session dir for that purpose.
|
|
||||||
; NOTE 2: See the section on garbage collection below if you choose to
|
|
||||||
; use subdirectories for session storage
|
|
||||||
;
|
|
||||||
; The file storage module creates files using mode 600 by default.
|
|
||||||
; You can change that by using
|
|
||||||
;
|
|
||||||
; session.save_path = "N;MODE;/path"
|
|
||||||
;
|
|
||||||
; where MODE is the octal representation of the mode. Note that this
|
|
||||||
; does not overwrite the process's umask.
|
|
||||||
; http://php.net/session.save-path
|
|
||||||
;session.save_path = "/var/lib/php/sessions"
|
|
||||||
|
|
||||||
; Whether to use strict session mode.
|
|
||||||
; Strict session mode does not accept an uninitialized session ID, and
|
|
||||||
; regenerates the session ID if the browser sends an uninitialized session ID.
|
|
||||||
; Strict mode protects applications from session fixation via a session adoption
|
|
||||||
; vulnerability. It is disabled by default for maximum compatibility, but
|
|
||||||
; enabling it is encouraged.
|
|
||||||
; https://wiki.php.net/rfc/strict_sessions
|
|
||||||
session.use_strict_mode = 0
|
|
||||||
|
|
||||||
; Whether to use cookies.
|
|
||||||
; http://php.net/session.use-cookies
|
|
||||||
session.use_cookies = 1
|
|
||||||
|
|
||||||
; http://php.net/session.cookie-secure
|
|
||||||
;session.cookie_secure =
|
|
||||||
|
|
||||||
; This option forces PHP to fetch and use a cookie for storing and maintaining
|
|
||||||
; the session id. We encourage this operation as it's very helpful in combating
|
|
||||||
; session hijacking when not specifying and managing your own session id. It is
|
|
||||||
; not the be-all and end-all of session hijacking defense, but it's a good start.
|
|
||||||
; http://php.net/session.use-only-cookies
|
|
||||||
session.use_only_cookies = 1
|
|
||||||
|
|
||||||
; Name of the session (used as cookie name).
|
|
||||||
; http://php.net/session.name
|
|
||||||
session.name = PHPSESSID
|
|
||||||
|
|
||||||
; Initialize session on request startup.
|
|
||||||
; http://php.net/session.auto-start
|
|
||||||
session.auto_start = 0
|
|
||||||
|
|
||||||
; Lifetime in seconds of cookie or, if 0, until browser is restarted.
|
|
||||||
; http://php.net/session.cookie-lifetime
|
|
||||||
session.cookie_lifetime = 0
|
|
||||||
|
|
||||||
; The path for which the cookie is valid.
|
|
||||||
; http://php.net/session.cookie-path
|
|
||||||
session.cookie_path = /
|
|
||||||
|
|
||||||
; The domain for which the cookie is valid.
|
|
||||||
; http://php.net/session.cookie-domain
|
|
||||||
session.cookie_domain =
|
|
||||||
|
|
||||||
; Whether or not to add the httpOnly flag to the cookie, which makes it
|
|
||||||
; inaccessible to browser scripting languages such as JavaScript.
|
|
||||||
; http://php.net/session.cookie-httponly
|
|
||||||
session.cookie_httponly =
|
|
||||||
|
|
||||||
; Add SameSite attribute to cookie to help mitigate Cross-Site Request Forgery (CSRF/XSRF)
|
|
||||||
; Current valid values are "Lax" or "Strict"
|
|
||||||
; https://tools.ietf.org/html/draft-west-first-party-cookies-07
|
|
||||||
session.cookie_samesite =
|
|
||||||
|
|
||||||
; Handler used to serialize data. php is the standard serializer of PHP.
|
|
||||||
; http://php.net/session.serialize-handler
|
|
||||||
session.serialize_handler = php
|
|
||||||
|
|
||||||
; Defines the probability that the 'garbage collection' process is started on every
|
|
||||||
; session initialization. The probability is calculated by using gc_probability/gc_divisor,
|
|
||||||
; e.g. 1/100 means there is a 1% chance that the GC process starts on each request.
|
|
||||||
; Default Value: 1
|
|
||||||
; Development Value: 1
|
|
||||||
; Production Value: 1
|
|
||||||
; http://php.net/session.gc-probability
|
|
||||||
session.gc_probability = 0
|
|
||||||
|
|
||||||
; Defines the probability that the 'garbage collection' process is started on every
|
|
||||||
; session initialization. The probability is calculated by using gc_probability/gc_divisor,
|
|
||||||
; e.g. 1/100 means there is a 1% chance that the GC process starts on each request.
|
|
||||||
; For high volume production servers, using a value of 1000 is a more efficient approach.
|
|
||||||
; Default Value: 100
|
|
||||||
; Development Value: 1000
|
|
||||||
; Production Value: 1000
|
|
||||||
; http://php.net/session.gc-divisor
|
|
||||||
session.gc_divisor = 1000
|
|
||||||
|
|
||||||
; After this number of seconds, stored data will be seen as 'garbage' and
|
|
||||||
; cleaned up by the garbage collection process.
|
|
||||||
; http://php.net/session.gc-maxlifetime
|
|
||||||
session.gc_maxlifetime = 1440
|
|
||||||
|
|
||||||
; NOTE: If you are using the subdirectory option for storing session files
|
|
||||||
; (see session.save_path above), then garbage collection does *not*
|
|
||||||
; happen automatically. You will need to do your own garbage
|
|
||||||
; collection through a shell script, cron entry, or some other method.
|
|
||||||
; For example, the following script would is the equivalent of
|
|
||||||
; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
|
|
||||||
; find /path/to/sessions -cmin +24 -type f | xargs rm
|
|
||||||
|
|
||||||
; Check HTTP Referer to invalidate externally stored URLs containing ids.
|
|
||||||
; HTTP_REFERER has to contain this substring for the session to be
|
|
||||||
; considered as valid.
|
|
||||||
; http://php.net/session.referer-check
|
|
||||||
session.referer_check =
|
|
||||||
|
|
||||||
; Set to {nocache,private,public,} to determine HTTP caching aspects
|
|
||||||
; or leave this empty to avoid sending anti-caching headers.
|
|
||||||
; http://php.net/session.cache-limiter
|
|
||||||
session.cache_limiter = nocache
|
|
||||||
|
|
||||||
; Document expires after n minutes.
|
|
||||||
; http://php.net/session.cache-expire
|
|
||||||
session.cache_expire = 180
|
|
||||||
|
|
||||||
; trans sid support is disabled by default.
|
|
||||||
; Use of trans sid may risk your users' security.
|
|
||||||
; Use this option with caution.
|
|
||||||
; - User may send URL contains active session ID
|
|
||||||
; to other person via. email/irc/etc.
|
|
||||||
; - URL that contains active session ID may be stored
|
|
||||||
; in publicly accessible computer.
|
|
||||||
; - User may access your site with the same session ID
|
|
||||||
; always using URL stored in browser's history or bookmarks.
|
|
||||||
; http://php.net/session.use-trans-sid
|
|
||||||
session.use_trans_sid = 0
|
|
||||||
|
|
||||||
; Set session ID character length. This value could be between 22 to 256.
|
|
||||||
; Shorter length than default is supported only for compatibility reason.
|
|
||||||
; Users should use 32 or more chars.
|
|
||||||
; http://php.net/session.sid-length
|
|
||||||
; Default Value: 32
|
|
||||||
; Development Value: 26
|
|
||||||
; Production Value: 26
|
|
||||||
session.sid_length = 26
|
|
||||||
|
|
||||||
; The URL rewriter will look for URLs in a defined set of HTML tags.
|
|
||||||
; <form> is special; if you include them here, the rewriter will
|
|
||||||
; add a hidden <input> field with the info which is otherwise appended
|
|
||||||
; to URLs. <form> tag's action attribute URL will not be modified
|
|
||||||
; unless it is specified.
|
|
||||||
; Note that all valid entries require a "=", even if no value follows.
|
|
||||||
; Default Value: "a=href,area=href,frame=src,form="
|
|
||||||
; Development Value: "a=href,area=href,frame=src,form="
|
|
||||||
; Production Value: "a=href,area=href,frame=src,form="
|
|
||||||
; http://php.net/url-rewriter.tags
|
|
||||||
session.trans_sid_tags = "a=href,area=href,frame=src,form="
|
|
||||||
|
|
||||||
; URL rewriter does not rewrite absolute URLs by default.
|
|
||||||
; To enable rewrites for absolute paths, target hosts must be specified
|
|
||||||
; at RUNTIME. i.e. use ini_set()
|
|
||||||
; <form> tags is special. PHP will check action attribute's URL regardless
|
|
||||||
; of session.trans_sid_tags setting.
|
|
||||||
; If no host is defined, HTTP_HOST will be used for allowed host.
|
|
||||||
; Example value: php.net,www.php.net,wiki.php.net
|
|
||||||
; Use "," for multiple hosts. No spaces are allowed.
|
|
||||||
; Default Value: ""
|
|
||||||
; Development Value: ""
|
|
||||||
; Production Value: ""
|
|
||||||
;session.trans_sid_hosts=""
|
|
||||||
|
|
||||||
; Define how many bits are stored in each character when converting
|
|
||||||
; the binary hash data to something readable.
|
|
||||||
; Possible values:
|
|
||||||
; 4 (4 bits: 0-9, a-f)
|
|
||||||
; 5 (5 bits: 0-9, a-v)
|
|
||||||
; 6 (6 bits: 0-9, a-z, A-Z, "-", ",")
|
|
||||||
; Default Value: 4
|
|
||||||
; Development Value: 5
|
|
||||||
; Production Value: 5
|
|
||||||
; http://php.net/session.hash-bits-per-character
|
|
||||||
session.sid_bits_per_character = 5
|
|
||||||
|
|
||||||
; Enable upload progress tracking in $_SESSION
|
|
||||||
; Default Value: On
|
|
||||||
; Development Value: On
|
|
||||||
; Production Value: On
|
|
||||||
; http://php.net/session.upload-progress.enabled
|
|
||||||
;session.upload_progress.enabled = On
|
|
||||||
|
|
||||||
; Cleanup the progress information as soon as all POST data has been read
|
|
||||||
; (i.e. upload completed).
|
|
||||||
; Default Value: On
|
|
||||||
; Development Value: On
|
|
||||||
; Production Value: On
|
|
||||||
; http://php.net/session.upload-progress.cleanup
|
|
||||||
;session.upload_progress.cleanup = On
|
|
||||||
|
|
||||||
; A prefix used for the upload progress key in $_SESSION
|
|
||||||
; Default Value: "upload_progress_"
|
|
||||||
; Development Value: "upload_progress_"
|
|
||||||
; Production Value: "upload_progress_"
|
|
||||||
; http://php.net/session.upload-progress.prefix
|
|
||||||
;session.upload_progress.prefix = "upload_progress_"
|
|
||||||
|
|
||||||
; The index name (concatenated with the prefix) in $_SESSION
|
|
||||||
; containing the upload progress information
|
|
||||||
; Default Value: "PHP_SESSION_UPLOAD_PROGRESS"
|
|
||||||
; Development Value: "PHP_SESSION_UPLOAD_PROGRESS"
|
|
||||||
; Production Value: "PHP_SESSION_UPLOAD_PROGRESS"
|
|
||||||
; http://php.net/session.upload-progress.name
|
|
||||||
;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS"
|
|
||||||
|
|
||||||
; How frequently the upload progress should be updated.
|
|
||||||
; Given either in percentages (per-file), or in bytes
|
|
||||||
; Default Value: "1%"
|
|
||||||
; Development Value: "1%"
|
|
||||||
; Production Value: "1%"
|
|
||||||
; http://php.net/session.upload-progress.freq
|
|
||||||
;session.upload_progress.freq = "1%"
|
|
||||||
|
|
||||||
; The minimum delay between updates, in seconds
|
|
||||||
; Default Value: 1
|
|
||||||
; Development Value: 1
|
|
||||||
; Production Value: 1
|
|
||||||
; http://php.net/session.upload-progress.min-freq
|
|
||||||
;session.upload_progress.min_freq = "1"
|
|
||||||
|
|
||||||
; Only write session data when session data is changed. Enabled by default.
|
|
||||||
; http://php.net/session.lazy-write
|
|
||||||
;session.lazy_write = On
|
|
||||||
|
|
||||||
[Assertion]
|
|
||||||
; Switch whether to compile assertions at all (to have no overhead at run-time)
|
|
||||||
; -1: Do not compile at all
|
|
||||||
; 0: Jump over assertion at run-time
|
|
||||||
; 1: Execute assertions
|
|
||||||
; Changing from or to a negative value is only possible in php.ini! (For turning assertions on and off at run-time, see assert.active, when zend.assertions = 1)
|
|
||||||
; Default Value: 1
|
|
||||||
; Development Value: 1
|
|
||||||
; Production Value: -1
|
|
||||||
; http://php.net/zend.assertions
|
|
||||||
zend.assertions = -1
|
|
||||||
|
|
||||||
; Assert(expr); active by default.
|
|
||||||
; http://php.net/assert.active
|
|
||||||
;assert.active = On
|
|
||||||
|
|
||||||
; Throw an AssertionError on failed assertions
|
|
||||||
; http://php.net/assert.exception
|
|
||||||
;assert.exception = On
|
|
||||||
|
|
||||||
; Issue a PHP warning for each failed assertion. (Overridden by assert.exception if active)
|
|
||||||
; http://php.net/assert.warning
|
|
||||||
;assert.warning = On
|
|
||||||
|
|
||||||
; Don't bail out by default.
|
|
||||||
; http://php.net/assert.bail
|
|
||||||
;assert.bail = Off
|
|
||||||
|
|
||||||
; User-function to be called if an assertion fails.
|
|
||||||
; http://php.net/assert.callback
|
|
||||||
;assert.callback = 0
|
|
||||||
|
|
||||||
; Eval the expression with current error_reporting(). Set to true if you want
|
|
||||||
; error_reporting(0) around the eval().
|
|
||||||
; http://php.net/assert.quiet-eval
|
|
||||||
;assert.quiet_eval = 0
|
|
||||||
|
|
||||||
[COM]
|
|
||||||
; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs
|
|
||||||
; http://php.net/com.typelib-file
|
|
||||||
;com.typelib_file =
|
|
||||||
|
|
||||||
; allow Distributed-COM calls
|
|
||||||
; http://php.net/com.allow-dcom
|
|
||||||
;com.allow_dcom = true
|
|
||||||
|
|
||||||
; autoregister constants of a component's typlib on com_load()
|
|
||||||
; http://php.net/com.autoregister-typelib
|
|
||||||
;com.autoregister_typelib = true
|
|
||||||
|
|
||||||
; register constants casesensitive
|
|
||||||
; http://php.net/com.autoregister-casesensitive
|
|
||||||
;com.autoregister_casesensitive = false
|
|
||||||
|
|
||||||
; show warnings on duplicate constant registrations
|
|
||||||
; http://php.net/com.autoregister-verbose
|
|
||||||
;com.autoregister_verbose = true
|
|
||||||
|
|
||||||
; The default character set code-page to use when passing strings to and from COM objects.
|
|
||||||
; Default: system ANSI code page
|
|
||||||
;com.code_page=
|
|
||||||
|
|
||||||
[mbstring]
|
|
||||||
; language for internal character representation.
|
|
||||||
; This affects mb_send_mail() and mbstring.detect_order.
|
|
||||||
; http://php.net/mbstring.language
|
|
||||||
;mbstring.language = Japanese
|
|
||||||
|
|
||||||
; Use of this INI entry is deprecated, use global internal_encoding instead.
|
|
||||||
; internal/script encoding.
|
|
||||||
; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*)
|
|
||||||
; If empty, default_charset or internal_encoding or iconv.internal_encoding is used.
|
|
||||||
; The precedence is: default_charset < internal_encoding < iconv.internal_encoding
|
|
||||||
;mbstring.internal_encoding =
|
|
||||||
|
|
||||||
; Use of this INI entry is deprecated, use global input_encoding instead.
|
|
||||||
; http input encoding.
|
|
||||||
; mbstring.encoding_translation = On is needed to use this setting.
|
|
||||||
; If empty, default_charset or input_encoding or mbstring.input is used.
|
|
||||||
; The precedence is: default_charset < input_encoding < mbsting.http_input
|
|
||||||
; http://php.net/mbstring.http-input
|
|
||||||
;mbstring.http_input =
|
|
||||||
|
|
||||||
; Use of this INI entry is deprecated, use global output_encoding instead.
|
|
||||||
; http output encoding.
|
|
||||||
; mb_output_handler must be registered as output buffer to function.
|
|
||||||
; If empty, default_charset or output_encoding or mbstring.http_output is used.
|
|
||||||
; The precedence is: default_charset < output_encoding < mbstring.http_output
|
|
||||||
; To use an output encoding conversion, mbstring's output handler must be set
|
|
||||||
; otherwise output encoding conversion cannot be performed.
|
|
||||||
; http://php.net/mbstring.http-output
|
|
||||||
;mbstring.http_output =
|
|
||||||
|
|
||||||
; enable automatic encoding translation according to
|
|
||||||
; mbstring.internal_encoding setting. Input chars are
|
|
||||||
; converted to internal encoding by setting this to On.
|
|
||||||
; Note: Do _not_ use automatic encoding translation for
|
|
||||||
; portable libs/applications.
|
|
||||||
; http://php.net/mbstring.encoding-translation
|
|
||||||
;mbstring.encoding_translation = Off
|
|
||||||
|
|
||||||
; automatic encoding detection order.
|
|
||||||
; "auto" detect order is changed according to mbstring.language
|
|
||||||
; http://php.net/mbstring.detect-order
|
|
||||||
;mbstring.detect_order = auto
|
|
||||||
|
|
||||||
; substitute_character used when character cannot be converted
|
|
||||||
; one from another
|
|
||||||
; http://php.net/mbstring.substitute-character
|
|
||||||
;mbstring.substitute_character = none
|
|
||||||
|
|
||||||
; overload(replace) single byte functions by mbstring functions.
|
|
||||||
; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(),
|
|
||||||
; etc. Possible values are 0,1,2,4 or combination of them.
|
|
||||||
; For example, 7 for overload everything.
|
|
||||||
; 0: No overload
|
|
||||||
; 1: Overload mail() function
|
|
||||||
; 2: Overload str*() functions
|
|
||||||
; 4: Overload ereg*() functions
|
|
||||||
; http://php.net/mbstring.func-overload
|
|
||||||
;mbstring.func_overload = 0
|
|
||||||
|
|
||||||
; enable strict encoding detection.
|
|
||||||
; Default: Off
|
|
||||||
;mbstring.strict_detection = On
|
|
||||||
|
|
||||||
; This directive specifies the regex pattern of content types for which mb_output_handler()
|
|
||||||
; is activated.
|
|
||||||
; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml)
|
|
||||||
;mbstring.http_output_conv_mimetype=
|
|
||||||
|
|
||||||
; This directive specifies maximum stack depth for mbstring regular expressions. It is similar
|
|
||||||
; to the pcre.recursion_limit for PCRE.
|
|
||||||
; Default: 100000
|
|
||||||
;mbstring.regex_stack_limit=100000
|
|
||||||
|
|
||||||
[gd]
|
|
||||||
; Tell the jpeg decode to ignore warnings and try to create
|
|
||||||
; a gd image. The warning will then be displayed as notices
|
|
||||||
; disabled by default
|
|
||||||
; http://php.net/gd.jpeg-ignore-warning
|
|
||||||
;gd.jpeg_ignore_warning = 1
|
|
||||||
|
|
||||||
[exif]
|
|
||||||
; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS.
|
|
||||||
; With mbstring support this will automatically be converted into the encoding
|
|
||||||
; given by corresponding encode setting. When empty mbstring.internal_encoding
|
|
||||||
; is used. For the decode settings you can distinguish between motorola and
|
|
||||||
; intel byte order. A decode setting cannot be empty.
|
|
||||||
; http://php.net/exif.encode-unicode
|
|
||||||
;exif.encode_unicode = ISO-8859-15
|
|
||||||
|
|
||||||
; http://php.net/exif.decode-unicode-motorola
|
|
||||||
;exif.decode_unicode_motorola = UCS-2BE
|
|
||||||
|
|
||||||
; http://php.net/exif.decode-unicode-intel
|
|
||||||
;exif.decode_unicode_intel = UCS-2LE
|
|
||||||
|
|
||||||
; http://php.net/exif.encode-jis
|
|
||||||
;exif.encode_jis =
|
|
||||||
|
|
||||||
; http://php.net/exif.decode-jis-motorola
|
|
||||||
;exif.decode_jis_motorola = JIS
|
|
||||||
|
|
||||||
; http://php.net/exif.decode-jis-intel
|
|
||||||
;exif.decode_jis_intel = JIS
|
|
||||||
|
|
||||||
[Tidy]
|
|
||||||
; The path to a default tidy configuration file to use when using tidy
|
|
||||||
; http://php.net/tidy.default-config
|
|
||||||
;tidy.default_config = /usr/local/lib/php/default.tcfg
|
|
||||||
|
|
||||||
; Should tidy clean and repair output automatically?
|
|
||||||
; WARNING: Do not use this option if you are generating non-html content
|
|
||||||
; such as dynamic images
|
|
||||||
; http://php.net/tidy.clean-output
|
|
||||||
tidy.clean_output = Off
|
|
||||||
|
|
||||||
[soap]
|
|
||||||
; Enables or disables WSDL caching feature.
|
|
||||||
; http://php.net/soap.wsdl-cache-enabled
|
|
||||||
soap.wsdl_cache_enabled=1
|
|
||||||
|
|
||||||
; Sets the directory name where SOAP extension will put cache files.
|
|
||||||
; http://php.net/soap.wsdl-cache-dir
|
|
||||||
soap.wsdl_cache_dir="/tmp"
|
|
||||||
|
|
||||||
; (time to live) Sets the number of second while cached file will be used
|
|
||||||
; instead of original one.
|
|
||||||
; http://php.net/soap.wsdl-cache-ttl
|
|
||||||
soap.wsdl_cache_ttl=86400
|
|
||||||
|
|
||||||
; Sets the size of the cache limit. (Max. number of WSDL files to cache)
|
|
||||||
soap.wsdl_cache_limit = 5
|
|
||||||
|
|
||||||
[sysvshm]
|
|
||||||
; A default size of the shared memory segment
|
|
||||||
;sysvshm.init_mem = 10000
|
|
||||||
|
|
||||||
[ldap]
|
|
||||||
; Sets the maximum number of open links or -1 for unlimited.
|
|
||||||
ldap.max_links = -1
|
|
||||||
|
|
||||||
[dba]
|
|
||||||
;dba.default_handler=
|
|
||||||
|
|
||||||
[opcache]
|
|
||||||
; Determines if Zend OPCache is enabled
|
|
||||||
;opcache.enable=1
|
|
||||||
|
|
||||||
; Determines if Zend OPCache is enabled for the CLI version of PHP
|
|
||||||
;opcache.enable_cli=0
|
|
||||||
|
|
||||||
; The OPcache shared memory storage size.
|
|
||||||
;opcache.memory_consumption=128
|
|
||||||
|
|
||||||
; The amount of memory for interned strings in Mbytes.
|
|
||||||
;opcache.interned_strings_buffer=8
|
|
||||||
|
|
||||||
; The maximum number of keys (scripts) in the OPcache hash table.
|
|
||||||
; Only numbers between 200 and 1000000 are allowed.
|
|
||||||
;opcache.max_accelerated_files=10000
|
|
||||||
|
|
||||||
; The maximum percentage of "wasted" memory until a restart is scheduled.
|
|
||||||
;opcache.max_wasted_percentage=5
|
|
||||||
|
|
||||||
; When this directive is enabled, the OPcache appends the current working
|
|
||||||
; directory to the script key, thus eliminating possible collisions between
|
|
||||||
; files with the same name (basename). Disabling the directive improves
|
|
||||||
; performance, but may break existing applications.
|
|
||||||
;opcache.use_cwd=1
|
|
||||||
|
|
||||||
; When disabled, you must reset the OPcache manually or restart the
|
|
||||||
; webserver for changes to the filesystem to take effect.
|
|
||||||
;opcache.validate_timestamps=1
|
|
||||||
|
|
||||||
; How often (in seconds) to check file timestamps for changes to the shared
|
|
||||||
; memory storage allocation. ("1" means validate once per second, but only
|
|
||||||
; once per request. "0" means always validate)
|
|
||||||
;opcache.revalidate_freq=2
|
|
||||||
|
|
||||||
; Enables or disables file search in include_path optimization
|
|
||||||
;opcache.revalidate_path=0
|
|
||||||
|
|
||||||
; If disabled, all PHPDoc comments are dropped from the code to reduce the
|
|
||||||
; size of the optimized code.
|
|
||||||
;opcache.save_comments=1
|
|
||||||
|
|
||||||
; Allow file existence override (file_exists, etc.) performance feature.
|
|
||||||
;opcache.enable_file_override=0
|
|
||||||
|
|
||||||
; A bitmask, where each bit enables or disables the appropriate OPcache
|
|
||||||
; passes
|
|
||||||
;opcache.optimization_level=0x7FFFBFFF
|
|
||||||
|
|
||||||
;opcache.dups_fix=0
|
|
||||||
|
|
||||||
; The location of the OPcache blacklist file (wildcards allowed).
|
|
||||||
; Each OPcache blacklist file is a text file that holds the names of files
|
|
||||||
; that should not be accelerated. The file format is to add each filename
|
|
||||||
; to a new line. The filename may be a full path or just a file prefix
|
|
||||||
; (i.e., /var/www/x blacklists all the files and directories in /var/www
|
|
||||||
; that start with 'x'). Line starting with a ; are ignored (comments).
|
|
||||||
;opcache.blacklist_filename=
|
|
||||||
|
|
||||||
; Allows exclusion of large files from being cached. By default all files
|
|
||||||
; are cached.
|
|
||||||
;opcache.max_file_size=0
|
|
||||||
|
|
||||||
; Check the cache checksum each N requests.
|
|
||||||
; The default value of "0" means that the checks are disabled.
|
|
||||||
;opcache.consistency_checks=0
|
|
||||||
|
|
||||||
; How long to wait (in seconds) for a scheduled restart to begin if the cache
|
|
||||||
; is not being accessed.
|
|
||||||
;opcache.force_restart_timeout=180
|
|
||||||
|
|
||||||
; OPcache error_log file name. Empty string assumes "stderr".
|
|
||||||
;opcache.error_log=
|
|
||||||
|
|
||||||
; All OPcache errors go to the Web server log.
|
|
||||||
; By default, only fatal errors (level 0) or errors (level 1) are logged.
|
|
||||||
; You can also enable warnings (level 2), info messages (level 3) or
|
|
||||||
; debug messages (level 4).
|
|
||||||
;opcache.log_verbosity_level=1
|
|
||||||
|
|
||||||
; Preferred Shared Memory back-end. Leave empty and let the system decide.
|
|
||||||
;opcache.preferred_memory_model=
|
|
||||||
|
|
||||||
; Protect the shared memory from unexpected writing during script execution.
|
|
||||||
; Useful for internal debugging only.
|
|
||||||
;opcache.protect_memory=0
|
|
||||||
|
|
||||||
; Allows calling OPcache API functions only from PHP scripts which path is
|
|
||||||
; started from specified string. The default "" means no restriction
|
|
||||||
;opcache.restrict_api=
|
|
||||||
|
|
||||||
; Mapping base of shared memory segments (for Windows only). All the PHP
|
|
||||||
; processes have to map shared memory into the same address space. This
|
|
||||||
; directive allows to manually fix the "Unable to reattach to base address"
|
|
||||||
; errors.
|
|
||||||
;opcache.mmap_base=
|
|
||||||
|
|
||||||
; Enables and sets the second level cache directory.
|
|
||||||
; It should improve performance when SHM memory is full, at server restart or
|
|
||||||
; SHM reset. The default "" disables file based caching.
|
|
||||||
;opcache.file_cache=
|
|
||||||
|
|
||||||
; Enables or disables opcode caching in shared memory.
|
|
||||||
;opcache.file_cache_only=0
|
|
||||||
|
|
||||||
; Enables or disables checksum validation when script loaded from file cache.
|
|
||||||
;opcache.file_cache_consistency_checks=1
|
|
||||||
|
|
||||||
; Implies opcache.file_cache_only=1 for a certain process that failed to
|
|
||||||
; reattach to the shared memory (for Windows only). Explicitly enabled file
|
|
||||||
; cache is required.
|
|
||||||
;opcache.file_cache_fallback=1
|
|
||||||
|
|
||||||
; Enables or disables copying of PHP code (text segment) into HUGE PAGES.
|
|
||||||
; This should improve performance, but requires appropriate OS configuration.
|
|
||||||
;opcache.huge_code_pages=1
|
|
||||||
|
|
||||||
; Validate cached file permissions.
|
|
||||||
;opcache.validate_permission=0
|
|
||||||
|
|
||||||
; Prevent name collisions in chroot'ed environment.
|
|
||||||
;opcache.validate_root=0
|
|
||||||
|
|
||||||
; If specified, it produces opcode dumps for debugging different stages of
|
|
||||||
; optimizations.
|
|
||||||
;opcache.opt_debug_level=0
|
|
||||||
|
|
||||||
[curl]
|
|
||||||
; A default value for the CURLOPT_CAINFO option. This is required to be an
|
|
||||||
; absolute path.
|
|
||||||
;curl.cainfo =
|
|
||||||
|
|
||||||
[openssl]
|
|
||||||
; The location of a Certificate Authority (CA) file on the local filesystem
|
|
||||||
; to use when verifying the identity of SSL/TLS peers. Most users should
|
|
||||||
; not specify a value for this directive as PHP will attempt to use the
|
|
||||||
; OS-managed cert stores in its absence. If specified, this value may still
|
|
||||||
; be overridden on a per-stream basis via the "cafile" SSL stream context
|
|
||||||
; option.
|
|
||||||
;openssl.cafile=
|
|
||||||
|
|
||||||
; If openssl.cafile is not specified or if the CA file is not found, the
|
|
||||||
; directory pointed to by openssl.capath is searched for a suitable
|
|
||||||
; certificate. This value must be a correctly hashed certificate directory.
|
|
||||||
; Most users should not specify a value for this directive as PHP will
|
|
||||||
; attempt to use the OS-managed cert stores in its absence. If specified,
|
|
||||||
; this value may still be overridden on a per-stream basis via the "capath"
|
|
||||||
; SSL stream context option.
|
|
||||||
;openssl.capath=
|
|
||||||
|
|
||||||
; Local Variables:
|
|
||||||
; tab-width: 4
|
|
||||||
; End:
|
|
@ -1 +0,0 @@
|
|||||||
*.* -/dev/stdout
|
|
@ -1,45 +0,0 @@
|
|||||||
[supervisord]
|
|
||||||
nodaemon=true
|
|
||||||
|
|
||||||
|
|
||||||
[program:rsyslog]
|
|
||||||
command = /usr/sbin/rsyslogd -n
|
|
||||||
directory = /
|
|
||||||
user = root
|
|
||||||
autostart = true
|
|
||||||
stdout_logfile=/dev/stdout
|
|
||||||
stdout_logfile_maxbytes=0
|
|
||||||
stderr_logfile=/dev/stderr
|
|
||||||
stderr_logfile_maxbytes=0
|
|
||||||
|
|
||||||
|
|
||||||
[program:apache2]
|
|
||||||
environment=HOSTNAME="%(ENV_HOSTNAME)s"
|
|
||||||
command = apachectl -D "FOREGROUND"
|
|
||||||
directory = /var/www
|
|
||||||
user = root
|
|
||||||
autostart = true
|
|
||||||
stdout_logfile=/dev/stdout
|
|
||||||
stdout_logfile_maxbytes=0
|
|
||||||
stderr_logfile=/dev/stderr
|
|
||||||
stderr_logfile_maxbytes=0
|
|
||||||
|
|
||||||
[program:php-fpm]
|
|
||||||
environment=HOSTNAME="%(ENV_HOSTNAME)s"
|
|
||||||
command = /usr/sbin/php-fpm8.1 -F
|
|
||||||
autostart = true
|
|
||||||
autorestart = true
|
|
||||||
directory = /var/www
|
|
||||||
user = root
|
|
||||||
stdout_logfile=/dev/stdout
|
|
||||||
stdout_logfile_maxbytes=0
|
|
||||||
stderr_logfile=/dev/stderr
|
|
||||||
stderr_logfile_maxbytes=0
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
[unix_http_server]
|
|
||||||
file=/var/run/supervisor.sock
|
|
||||||
|
|
||||||
[rpcinterface:supervisor]
|
|
||||||
supervisor.rpcinterface_factory=supervisor.rpcinterface:make_main_rpcinterface
|
|
@ -1,20 +0,0 @@
|
|||||||
[global]
|
|
||||||
daemonize=no
|
|
||||||
error_log=/dev/stderr
|
|
||||||
|
|
||||||
[www]
|
|
||||||
user = www-data
|
|
||||||
group = www-data
|
|
||||||
|
|
||||||
listen = /run/php/php8.1-fpm.sock
|
|
||||||
|
|
||||||
listen.owner = www-data
|
|
||||||
listen.group = www-data
|
|
||||||
|
|
||||||
pm = dynamic
|
|
||||||
|
|
||||||
pm.max_children = 5
|
|
||||||
pm.start_servers = 2
|
|
||||||
pm.min_spare_servers = 1
|
|
||||||
pm.max_spare_servers = 3
|
|
||||||
catch_workers_output = yes
|
|
@ -1,46 +1,33 @@
|
|||||||
version: "3.8"
|
version: "3.8"
|
||||||
services:
|
services:
|
||||||
hydra-sql:
|
hydra-sql:
|
||||||
container_name: hydra-sql
|
|
||||||
build:
|
build:
|
||||||
context: ./containers/hydra-sql
|
context: .
|
||||||
args:
|
dockerfile: Dockerfile.standalone
|
||||||
- HTTP_PROXY=${HTTP_PROXY}
|
|
||||||
- HTTPS_PROXY=${HTTPS_PROXY}
|
|
||||||
- http_proxy=${http_proxy}
|
|
||||||
- https_proxy=${https_proxy}
|
|
||||||
user: ${FIXUID:-1000}:${FIXGID:-1000}
|
|
||||||
ports:
|
ports:
|
||||||
- 8080:80
|
- ${APP_HTTP_PORT:-8080}:8080
|
||||||
volumes:
|
volumes:
|
||||||
- .:/var/www
|
- ./src:/app/src:delegated
|
||||||
- /etc/localtime:/etc/localtime:ro
|
- ./templates:/app/templates:delegated
|
||||||
- $HOME/.ssh:/root/.host-ssh:ro
|
- ./translations:/app/translations:delegated
|
||||||
tmpfs:
|
- ./tests:/app/tests:delegated
|
||||||
- /var/www/var/logs:uid=${FIXUID:-1000},gid=${FIXGID:-1000}
|
- ./config:/app/config:delegated
|
||||||
- /var/www/var/cache:uid=${FIXUID:-1000},gid=${FIXGID:-1000}
|
- ./.env:/app/.env:delegated
|
||||||
- /var/www/public/build:uid=${FIXUID:-1000},gid=${FIXGID:-1000}
|
|
||||||
- /tmp
|
|
||||||
links:
|
|
||||||
- hydra
|
|
||||||
extra_hosts:
|
|
||||||
- "localhost:127.0.0.1"
|
|
||||||
- "localhost:host-gateway"
|
|
||||||
- "host.docker.internal:host-gateway"
|
|
||||||
environment:
|
environment:
|
||||||
- APP_LOCALES=fr,en
|
PHP_FPM_MEMORY_LIMIT: 128m
|
||||||
- HYDRA_ADMIN_BASE_URL=http://hydra:4445
|
APP_ENV: dev
|
||||||
- TRUSTED_PROXIES=127.0.0.1,REMOTE_ADDR,localhost
|
APP_LOCALES: fr,en
|
||||||
- ISSUER_URL=http://localhost:8000
|
HYDRA_ADMIN_BASE_URL: http://hydra:4445
|
||||||
- BASE_URL=http://localhost:8080
|
TRUSTED_PROXIES: 127.0.0.1,REMOTE_ADDR,localhost
|
||||||
- DB_USER=lasql
|
ISSUER_URL: http://localhost:8000
|
||||||
- DB_PASSWORD=lasql
|
BASE_URL: http://localhost:8080
|
||||||
- DEFAULT_LOCALE=fr
|
DB_USER: lasql
|
||||||
- DSN_REMOTE_DATABASE=pgsql:host='postgres';port=5432;dbname=lasql;
|
DB_PASSWORD: lasql
|
||||||
- HASH_ALGO_LEGACY=sha256
|
DEFAULT_LOCALE: fr
|
||||||
- SECURITY_PATTERN=password,salt,pepper
|
DSN_REMOTE_DATABASE: pgsql:host='postgres';port=5432;dbname=lasql;
|
||||||
|
HASH_ALGO_LEGACY: sha256
|
||||||
|
SECURITY_PATTERN: password,salt,pepper
|
||||||
|
REDIS_URL: redis://redis:6379
|
||||||
oidc-test:
|
oidc-test:
|
||||||
image: bornholm/oidc-test:v0.0.0-1-g936a77e
|
image: bornholm/oidc-test:v0.0.0-1-g936a77e
|
||||||
environment:
|
environment:
|
||||||
@ -121,12 +108,12 @@ services:
|
|||||||
- ./containers/compose/mariadb/init-db.d:/docker-entrypoint-initdb.d/:ro
|
- ./containers/compose/mariadb/init-db.d:/docker-entrypoint-initdb.d/:ro
|
||||||
- mariadb:/var/lib/mysql
|
- mariadb:/var/lib/mysql
|
||||||
- /etc/localtime:/etc/localtime:ro
|
- /etc/localtime:/etc/localtime:ro
|
||||||
redis:
|
# redis:
|
||||||
image: redis:7.2-rc2-alpine
|
# image: redis:7.2-rc2-alpine
|
||||||
environment:
|
# environment:
|
||||||
- TZ=Europe/Paris
|
# - TZ=Europe/Paris
|
||||||
volumes:
|
# volumes:
|
||||||
- /etc/localtime:/etc/localtime:ro
|
# - /etc/localtime:/etc/localtime:ro
|
||||||
volumes:
|
volumes:
|
||||||
postgres:
|
postgres:
|
||||||
mariadb:
|
mariadb:
|
80
main.mk
Normal file
80
main.mk
Normal file
@ -0,0 +1,80 @@
|
|||||||
|
IMAGES_DIR := ./misc/images
|
||||||
|
|
||||||
|
#
|
||||||
|
# $1: IMAGE_NAME
|
||||||
|
#
|
||||||
|
define build_image
|
||||||
|
echo "Building ${IMAGE_REPO}/$1";\
|
||||||
|
docker build \
|
||||||
|
-t "${IMAGE_REPO}/$1:$(IMAGE_VERSION)" \
|
||||||
|
-f ${IMAGES_DIR}/$1/Dockerfile \
|
||||||
|
.
|
||||||
|
endef
|
||||||
|
|
||||||
|
#
|
||||||
|
# $1: IMAGE_NAME
|
||||||
|
# $2: IMAGE_TAG
|
||||||
|
#
|
||||||
|
define scan_image
|
||||||
|
echo "Scanning ${IMAGE_REPO}/$1"; \
|
||||||
|
mkdir -p .trivy/$(IMAGE_REPO)/$1; \
|
||||||
|
tools/trivy/bin/trivy --cache-dir .trivy/.cache image -o ".trivy/$(IMAGE_REPO)/$1/$2/report.txt" $(TRIVY_ARGS) $(IMAGE_REPO)/$1:$2 ; \
|
||||||
|
cat ".trivy/$(IMAGE_REPO)/$1/$2report.txt"
|
||||||
|
endef
|
||||||
|
|
||||||
|
define install_trivy
|
||||||
|
mkdir -p tools/trivy/bin ; \
|
||||||
|
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b ./tools/trivy/bin v0.27.1
|
||||||
|
endef
|
||||||
|
|
||||||
|
define release_image
|
||||||
|
docker tag $(IMAGE_REPO)/$1:$(IMAGE_VERSION) $(IMAGE_REPO)/$1:$(IMAGE_VERSION)-$(DAY_SUFFIX_TAG) ; \
|
||||||
|
docker tag $(IMAGE_REPO)/$1:$(IMAGE_VERSION) $(IMAGE_REPO)/$1:$(IMAGE_VERSION); \
|
||||||
|
docker tag $(IMAGE_REPO)/$1:$(IMAGE_VERSION) $(IMAGE_REPO)/$1:latest ; \
|
||||||
|
docker push $(IMAGE_REPO)/$1:latest ; \
|
||||||
|
docker push $(IMAGE_REPO)/$1:$(IMAGE_VERSION) ; \
|
||||||
|
docker push $(IMAGE_REPO)/$1:$(IMAGE_VERSION)-$(DAY_SUFFIX_TAG)
|
||||||
|
endef
|
||||||
|
|
||||||
|
#list:
|
||||||
|
build: ${IMAGES_DIR}/*
|
||||||
|
@for name in $(basename $(notdir $^)); do \
|
||||||
|
$(call build_image,$${name}); \
|
||||||
|
done;\
|
||||||
|
|
||||||
|
scan: ${IMAGES_DIR}/*
|
||||||
|
$(call install_trivy)
|
||||||
|
@for name in $(basename $(notdir $^)); do \
|
||||||
|
$(call scan_image,$${name}); \
|
||||||
|
done;\
|
||||||
|
|
||||||
|
tools/trivy/bin/trivy:
|
||||||
|
mkdir -p tools/trivy/bin
|
||||||
|
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b ./tools/trivy/bin v0.27.1
|
||||||
|
|
||||||
|
|
||||||
|
release: ${IMAGES_DIR}/*
|
||||||
|
@for name in $(basename $(notdir $^)); do \
|
||||||
|
$(call release_image,$${name},base); \
|
||||||
|
done;\
|
||||||
|
|
||||||
|
_release:
|
||||||
|
docker tag $(IMAGE_FULL_NAME):$(IMAGE_TAG) $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION)-$(DAY_SUFFIX_TAG)
|
||||||
|
docker tag $(IMAGE_FULL_NAME):$(IMAGE_TAG) $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION)
|
||||||
|
docker tag $(IMAGE_FULL_NAME):$(IMAGE_TAG) $(IMAGE_FULL_NAME):$(IMAGE_TAG)-latest
|
||||||
|
docker push $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION)-$(DAY_SUFFIX_TAG)
|
||||||
|
docker push $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION)
|
||||||
|
docker push $(IMAGE_FULL_NAME):$(IMAGE_TAG)-latest
|
||||||
|
|
||||||
|
_test: tools/bin/bash_unit
|
||||||
|
tools/bin/bash_unit ./tests/test_$(IMAGE_TAG).sh
|
||||||
|
|
||||||
|
tools/bin/bash_unit:
|
||||||
|
mkdir -p tools/bin
|
||||||
|
cd tools/bin && bash <(curl -s https://raw.githubusercontent.com/pgrange/bash_unit/master/install.sh)
|
||||||
|
|
||||||
|
up:
|
||||||
|
skaffold dev -p dev --default-repo ${IMAGE_REPO}
|
||||||
|
|
||||||
|
|
||||||
|
##include recipes/*.mk
|
3
misc/images/hydra-sql-base/Dockerfile
Normal file
3
misc/images/hydra-sql-base/Dockerfile
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
ARG ADDITIONAL_PACKAGES="bash php81-cli php81-pdo_pgsql php81-pdo_mysql php81-mysqli php81-pgsql"
|
||||||
|
|
||||||
|
FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.1-base
|
3
misc/images/hydra-sql-standalone/Dockerfile
Normal file
3
misc/images/hydra-sql-standalone/Dockerfile
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
ARG ADDITIONAL_PACKAGES="bash php81-cli php81-pdo_pgsql php81-pdo_mysql php81-mysqli php81-pgsql"
|
||||||
|
|
||||||
|
FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.1-standalone
|
11
misc/k8s/kind/cluster/kustomization.yaml
Normal file
11
misc/k8s/kind/cluster/kustomization.yaml
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
|
||||||
|
resources:
|
||||||
|
- https://raw.githubusercontent.com/ory/k8s/v0.30.0/helm/charts/hydra-maester/crds/crd-oauth2clients.yaml
|
||||||
|
- https://forge.cadoles.com/CadolesKube/c-kustom//base/cloudnative-pg-operator?ref=develop
|
||||||
|
- https://forge.cadoles.com/CadolesKube/c-kustom//base/redis?ref=develop
|
||||||
|
- https://forge.cadoles.com/CadolesKube/c-kustom//base/minio?ref=develop
|
||||||
|
- https://forge.cadoles.com/CadolesKube/c-kustom//base/metallb?ref=develop
|
||||||
|
- https://forge.cadoles.com/CadolesKube/c-kustom//base/metrics?ref=develop
|
||||||
|
- https://forge.cadoles.com/CadolesKube/c-kustom//base/nginx?ref=develop
|
7
misc/k8s/kind/cluster/lb/kustomization.yaml
Normal file
7
misc/k8s/kind/cluster/lb/kustomization.yaml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
namespace: metallb-system
|
||||||
|
|
||||||
|
resources:
|
||||||
|
- ./resources/ipaddresspoool.yaml
|
||||||
|
- ./resources/advertise.yaml
|
9
misc/k8s/kind/cluster/lb/resources/advertise.yaml
Normal file
9
misc/k8s/kind/cluster/lb/resources/advertise.yaml
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
apiVersion: metallb.io/v1beta1
|
||||||
|
kind: L2Advertisement
|
||||||
|
metadata:
|
||||||
|
name: l2-ip-pool-ad
|
||||||
|
namespace: metallb-system
|
||||||
|
spec:
|
||||||
|
ipAddressPools:
|
||||||
|
- main-pool
|
||||||
|
|
8
misc/k8s/kind/cluster/lb/resources/ipaddresspoool.yaml
Normal file
8
misc/k8s/kind/cluster/lb/resources/ipaddresspoool.yaml
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
apiVersion: metallb.io/v1beta1
|
||||||
|
kind: IPAddressPool
|
||||||
|
metadata:
|
||||||
|
name: main-pool
|
||||||
|
namespace: metallb-system
|
||||||
|
spec:
|
||||||
|
addresses:
|
||||||
|
- 172.18.10.100-172.18.10.200
|
48
misc/k8s/kind/kind-cluster.yaml
Normal file
48
misc/k8s/kind/kind-cluster.yaml
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
kind: Cluster
|
||||||
|
apiVersion: kind.x-k8s.io/v1alpha4
|
||||||
|
name: hydra-sql
|
||||||
|
networking:
|
||||||
|
podSubnet: "10.110.0.0/16"
|
||||||
|
serviceSubnet: "10.115.0.0/16"
|
||||||
|
nodes:
|
||||||
|
- role: control-plane
|
||||||
|
image: kindest/node:v1.27.2
|
||||||
|
kubeadmConfigPatches:
|
||||||
|
- |
|
||||||
|
kind: InitConfiguration
|
||||||
|
nodeRegistration:
|
||||||
|
kubeletExtraArgs:
|
||||||
|
node-labels: "ingress-ready=true"
|
||||||
|
extraPortMappings:
|
||||||
|
- containerPort: 31000
|
||||||
|
hostPort: 31000
|
||||||
|
listenAddress: "0.0.0.0" # Optional, defaults to "0.0.0.0"
|
||||||
|
- containerPort: 80
|
||||||
|
hostPort: 8080
|
||||||
|
listenAddress: "0.0.0.0" # Optional, defaults to "0.0.0.0"
|
||||||
|
labels:
|
||||||
|
ingress-ready: true
|
||||||
|
- role: worker
|
||||||
|
image: kindest/node:v1.27.2
|
||||||
|
kubeadmConfigPatches:
|
||||||
|
- |
|
||||||
|
kind: JoinConfiguration
|
||||||
|
nodeRegistration:
|
||||||
|
kubeletExtraArgs:
|
||||||
|
system-reserved: memory=2Gi
|
||||||
|
- role: worker
|
||||||
|
image: kindest/node:v1.27.2
|
||||||
|
kubeadmConfigPatches:
|
||||||
|
- |
|
||||||
|
kind: JoinConfiguration
|
||||||
|
nodeRegistration:
|
||||||
|
kubeletExtraArgs:
|
||||||
|
system-reserved: memory=2Gi
|
||||||
|
- role: worker
|
||||||
|
image: kindest/node:v1.27.2
|
||||||
|
kubeadmConfigPatches:
|
||||||
|
- |
|
||||||
|
kind: JoinConfiguration
|
||||||
|
nodeRegistration:
|
||||||
|
kubeletExtraArgs:
|
||||||
|
system-reserved: memory=2Gi
|
@ -0,0 +1,8 @@
|
|||||||
|
---
|
||||||
|
nameReference:
|
||||||
|
- kind: Secret
|
||||||
|
fieldSpecs:
|
||||||
|
- path: spec/superuserSecret/name
|
||||||
|
kind: Cluster
|
||||||
|
- path: spec/bootstrap/initdb/secret/name
|
||||||
|
kind: Cluster
|
@ -0,0 +1,32 @@
|
|||||||
|
apiVersion: kustomize.config.k8s.io/v1alpha1
|
||||||
|
kind: Component
|
||||||
|
|
||||||
|
generatorOptions:
|
||||||
|
disableNameSuffixHash: true
|
||||||
|
|
||||||
|
configurations:
|
||||||
|
- ./configurations/cnpg-cluster.yaml
|
||||||
|
|
||||||
|
resources:
|
||||||
|
- ./resources/hydra-sql-cnpg-cluster.yaml
|
||||||
|
|
||||||
|
secretgenerator:
|
||||||
|
- name: hydra-sql-postgres-admin
|
||||||
|
type: secret
|
||||||
|
literals:
|
||||||
|
- username=postgres
|
||||||
|
- password=notsosecret
|
||||||
|
- name: hydra-sql-postgres-user
|
||||||
|
type: Secret
|
||||||
|
literals:
|
||||||
|
- username=hydra-sql
|
||||||
|
- password=NotSoSecretButThisIsBad
|
||||||
|
|
||||||
|
vars:
|
||||||
|
- name: APP_DATABASE_SERVICE_NAME
|
||||||
|
objref:
|
||||||
|
name: hydra-sql-postgres
|
||||||
|
kind: Cluster
|
||||||
|
apiVersion: postgresql.cnpg.io/v1
|
||||||
|
fieldref:
|
||||||
|
fieldpath: metadata.name
|
@ -0,0 +1,17 @@
|
|||||||
|
apiVersion: postgresql.cnpg.io/v1
|
||||||
|
kind: Cluster
|
||||||
|
metadata:
|
||||||
|
name: hydra-sql-postgres
|
||||||
|
spec:
|
||||||
|
instances: 3
|
||||||
|
primaryUpdateStrategy: unsupervised
|
||||||
|
superuserSecret:
|
||||||
|
name: hydra-sql-postgres-admin
|
||||||
|
bootstrap:
|
||||||
|
initdb:
|
||||||
|
database: hydra-sql
|
||||||
|
owner: hydra-sql
|
||||||
|
secret:
|
||||||
|
name: hydra-sql-postgres-user
|
||||||
|
storage:
|
||||||
|
size: 20Gi
|
10
misc/k8s/kustomization/base/kustomization.yaml
Normal file
10
misc/k8s/kustomization/base/kustomization.yaml
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
|
||||||
|
namePrefix: hydra-sql-
|
||||||
|
|
||||||
|
components:
|
||||||
|
- components/hydra-sql-cnpg
|
||||||
|
|
||||||
|
resources:
|
||||||
|
- resources/hydra-sql-kube
|
@ -0,0 +1,6 @@
|
|||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
|
||||||
|
resources:
|
||||||
|
- ./resources/hydra-sql-service.yaml
|
||||||
|
- ./resources/hydra-sql-deployment.yaml
|
@ -0,0 +1,55 @@
|
|||||||
|
apiVersion: apps/v1
|
||||||
|
kind: Deployment
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
io.kompose.service: hydra-sql
|
||||||
|
name: hydra-sql
|
||||||
|
spec:
|
||||||
|
replicas: 3
|
||||||
|
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
io.kompose.service: hydra-sql
|
||||||
|
strategy:
|
||||||
|
type: Recreate
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
io.kompose.service: hydra-sql
|
||||||
|
spec:
|
||||||
|
restartPolicy: Always
|
||||||
|
containers:
|
||||||
|
- image: reg.cadoles.com/cadoles/hydra-sql-kube
|
||||||
|
imagePullPolicy: Always
|
||||||
|
name: hydra-sql-php-fpm
|
||||||
|
args: ["/usr/sbin/php-fpm81", "-F", "-e"]
|
||||||
|
resources: {}
|
||||||
|
env:
|
||||||
|
- name: PHP_FPM_LISTEN
|
||||||
|
value: 127.0.0.1:9000
|
||||||
|
- name: PHP_MEMORY_LIMIT
|
||||||
|
value: 128m
|
||||||
|
- name: PHP_FPM_MEMORY_LIMIT
|
||||||
|
value: 128m
|
||||||
|
- name: PHP_FPM_LOG_LEVEL
|
||||||
|
value: warning
|
||||||
|
- name: APP_DATABASE_SERVICE_NAME
|
||||||
|
value: $(APP_DATABASE_SERVICE_NAME)-rw
|
||||||
|
- image: reg.cadoles.com/cadoles/hydra-sql-kube
|
||||||
|
imagePullPolicy: Always
|
||||||
|
name: hydra-sql-nginx
|
||||||
|
args: ["/usr/sbin/nginx"]
|
||||||
|
env:
|
||||||
|
- name: NGINX_APP_UPSTREAM_BACKEND_SERVER
|
||||||
|
value: 127.0.0.1:9000
|
||||||
|
- name: NGINX_APP_ROOT
|
||||||
|
value: "/public"
|
||||||
|
- name: NGINX_APP_PHP_INDEX
|
||||||
|
value: "/index.php"
|
||||||
|
- name: NGINX_ERROR_LOG_LEVEL
|
||||||
|
value: "warn"
|
||||||
|
- name: NGINX_APP_PHP_NON_FILE_PATTERN
|
||||||
|
value: "^/index\\.php(/|$)"
|
||||||
|
ports:
|
||||||
|
- containerPort: 8080
|
||||||
|
resources: {}
|
@ -0,0 +1,14 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
io.kompose.service: hydra-sql
|
||||||
|
name: hydra-sql
|
||||||
|
spec:
|
||||||
|
type: ClusterIP
|
||||||
|
ports:
|
||||||
|
- name: hydra-sql-http
|
||||||
|
port: 80
|
||||||
|
targetPort: 8080
|
||||||
|
selector:
|
||||||
|
io.kompose.service: hydra-sql
|
3
misc/k8s/kustomization/base/secrets/.gitignore
vendored
Normal file
3
misc/k8s/kustomization/base/secrets/.gitignore
vendored
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
*
|
||||||
|
!.gitignore
|
||||||
|
!.gitkeep
|
0
misc/k8s/kustomization/base/secrets/.gitkeep
Normal file
0
misc/k8s/kustomization/base/secrets/.gitkeep
Normal file
21
misc/k8s/kustomization/overlays/dev/kustomization.yaml
Normal file
21
misc/k8s/kustomization/overlays/dev/kustomization.yaml
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
namespace: hydra-sql-dev
|
||||||
|
|
||||||
|
resources:
|
||||||
|
- ../../base
|
||||||
|
- resources/namespace.yaml
|
||||||
|
- resources/ingress.yaml
|
||||||
|
|
||||||
|
patches:
|
||||||
|
- path: patches/update-replicas-for-hydra-sql.yaml
|
||||||
|
- path: patches/add-registry-pull-secret.yaml
|
||||||
|
target:
|
||||||
|
kind: Deployment
|
||||||
|
version: v1
|
||||||
|
|
||||||
|
secretGenerator:
|
||||||
|
- files:
|
||||||
|
- secrets/dockerconfig/.dockerconfigjson
|
||||||
|
name: regcred-dev
|
||||||
|
type: kubernetes.io/dockerconfigjson
|
@ -0,0 +1,4 @@
|
|||||||
|
- op: add
|
||||||
|
path: "/spec/template/spec/imagePullSecrets"
|
||||||
|
value:
|
||||||
|
- name: regcred-dev
|
@ -0,0 +1,8 @@
|
|||||||
|
apiVersion: apps/v1
|
||||||
|
kind: Deployment
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
io.kompose.service: hydra-sql
|
||||||
|
name: hydra-sql
|
||||||
|
spec:
|
||||||
|
replicas: 1
|
21
misc/k8s/kustomization/overlays/dev/resources/ingress.yaml
Normal file
21
misc/k8s/kustomization/overlays/dev/resources/ingress.yaml
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
apiVersion: networking.k8s.io/v1
|
||||||
|
kind: Ingress
|
||||||
|
metadata:
|
||||||
|
name: hydra-sql
|
||||||
|
annotations:
|
||||||
|
nginx.ingress.kubernetes.io/proxy-body-size: "138m"
|
||||||
|
nginx.ingress.kubernetes.io/enable-cors: "true" #cf 01
|
||||||
|
nginx.ingress.kubernetes.io/cors-allow-headers: "X-Forwarded-For" #cf 01
|
||||||
|
spec:
|
||||||
|
ingressClassName: nginx
|
||||||
|
rules:
|
||||||
|
- host: hydra-sql.dev.local
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
pathType: Prefix
|
||||||
|
backend:
|
||||||
|
service:
|
||||||
|
name: hydra-sql
|
||||||
|
port:
|
||||||
|
number: 8080
|
@ -0,0 +1,4 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: Namespace
|
||||||
|
metadata:
|
||||||
|
name: hydra-sql-dev
|
3
misc/k8s/kustomization/overlays/dev/secrets/.gitignore
vendored
Normal file
3
misc/k8s/kustomization/overlays/dev/secrets/.gitignore
vendored
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
*
|
||||||
|
!.gitignore
|
||||||
|
!.gitkeep
|
@ -27,7 +27,6 @@ make down
|
|||||||
```
|
```
|
||||||
DB_USER="lasql"
|
DB_USER="lasql"
|
||||||
DB_PASSWORD="lasql"
|
DB_PASSWORD="lasql"
|
||||||
|
|
||||||
ISSUER_URL="http://localhost:8000"
|
ISSUER_URL="http://localhost:8000"
|
||||||
BASE_URL='http://localhost:8080'
|
BASE_URL='http://localhost:8080'
|
||||||
# connexion hydra
|
# connexion hydra
|
||||||
@ -90,7 +89,7 @@ il faut aussi indique la sql_login.yaml à salt la valeur salt (qui correspond a
|
|||||||
|test3@test.com| 504ae1c3e2f5fdaf41f868164dabcef21e17059f5f388b452718a1ce92692c67| cesaltestunautreexemple| Dupont| Henri|
|
|test3@test.com| 504ae1c3e2f5fdaf41f868164dabcef21e17059f5f388b452718a1ce92692c67| cesaltestunautreexemple| Dupont| Henri|
|
||||||
|test4@test.com| $2a$12$91AHN7WFXieeadvUfZ88mO.9N7oS5adeXbdERnRno9oLAbqqDW4IG| NULL| Durand|Isabelle|
|
|test4@test.com| $2a$12$91AHN7WFXieeadvUfZ88mO.9N7oS5adeXbdERnRno9oLAbqqDW4IG| NULL| Durand|Isabelle|
|
||||||
|
|
||||||
A noter que le hash de test4 est hashé avec l'algo bcrypt
|
A noter que le hash de test4 est hashé avec l'algo bcrypt, il faut ajouter bcrypt dans la liste HASH_ALGO_LEGACY pour que l'identification soit possible
|
||||||
```
|
```
|
||||||
|
|
||||||
### mariadb (sans salt)
|
### mariadb (sans salt)
|
||||||
@ -128,3 +127,7 @@ sql_login:
|
|||||||
|`postgres`| Base de donnée postgres support du test et pour hydra|`5432`
|
|`postgres`| Base de donnée postgres support du test et pour hydra|`5432`
|
||||||
|`mariadb`| Base de donnée mariadb support du test|`3306`
|
|`mariadb`| Base de donnée mariadb support du test|`3306`
|
||||||
|`pgadmin`| pour administrer la base de donnée |`8085`
|
|`pgadmin`| pour administrer la base de donnée |`8085`
|
||||||
|
|
||||||
|
### Images
|
||||||
|
|
||||||
|
dépot Harbor:
|
46
skaffold.yaml
Normal file
46
skaffold.yaml
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
apiVersion: skaffold/v3
|
||||||
|
kind: Config
|
||||||
|
|
||||||
|
metadata:
|
||||||
|
name: mse
|
||||||
|
|
||||||
|
manifests:
|
||||||
|
kustomize:
|
||||||
|
paths:
|
||||||
|
- misc/k8s/kustomization/base
|
||||||
|
|
||||||
|
profiles:
|
||||||
|
- name: dev
|
||||||
|
manifests:
|
||||||
|
kustomize:
|
||||||
|
paths:
|
||||||
|
- misc/k8s/kustomization/overlays/dev
|
||||||
|
activation:
|
||||||
|
- command: dev
|
||||||
|
|
||||||
|
build:
|
||||||
|
cluster:
|
||||||
|
dockerConfig:
|
||||||
|
path: misc/k8s/kustomization/base/secrets/dockerconfig/.dockerconfigjson
|
||||||
|
randomDockerConfigSecret: true
|
||||||
|
randomPullSecret: true
|
||||||
|
|
||||||
|
tagPolicy:
|
||||||
|
sha256: {}
|
||||||
|
|
||||||
|
artifacts:
|
||||||
|
- image: reg.cadoles.com/cadoles/hydra-sql-kube
|
||||||
|
context: .
|
||||||
|
sync:
|
||||||
|
infer:
|
||||||
|
- src/**
|
||||||
|
- app/**
|
||||||
|
- translations/**
|
||||||
|
- scripts/**
|
||||||
|
- templates/**
|
||||||
|
kaniko:
|
||||||
|
dockerfile: misc/images/hydra-sql-kube/Dockerfile
|
||||||
|
cache: {}
|
||||||
|
|
||||||
|
deploy:
|
||||||
|
statusCheckDeadlineSeconds: 600
|
@ -8,6 +8,7 @@ use App\Hydra\HydraService;
|
|||||||
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
||||||
use Symfony\Component\HttpFoundation\RedirectResponse;
|
use Symfony\Component\HttpFoundation\RedirectResponse;
|
||||||
use Symfony\Component\HttpFoundation\Request;
|
use Symfony\Component\HttpFoundation\Request;
|
||||||
|
use Symfony\Component\HttpFoundation\Response;
|
||||||
use Symfony\Component\HttpFoundation\Session\SessionInterface;
|
use Symfony\Component\HttpFoundation\Session\SessionInterface;
|
||||||
use Symfony\Component\Routing\Annotation\Route;
|
use Symfony\Component\Routing\Annotation\Route;
|
||||||
|
|
||||||
@ -30,6 +31,12 @@ class MainController extends AbstractController
|
|||||||
return $this->hydra->handleLoginRequest($request);
|
return $this->hydra->handleLoginRequest($request);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[Route('/health', name: 'health')]
|
||||||
|
public function health()
|
||||||
|
{
|
||||||
|
return new Response('healthy', 200);
|
||||||
|
}
|
||||||
|
|
||||||
#[Route('/connect/login-accept', name: 'app_login_accept')]
|
#[Route('/connect/login-accept', name: 'app_login_accept')]
|
||||||
public function loginAccept(Request $request)
|
public function loginAccept(Request $request)
|
||||||
{
|
{
|
||||||
|
Loading…
Reference in New Issue
Block a user