diff --git a/README.md b/README.md index 253805f..f59a1ce 100644 --- a/README.md +++ b/README.md @@ -111,7 +111,8 @@ services: user: "1000" env_file: .env restart: unless-stopped - scale: 2 + deploy: + replicas: 2 depends_on: - db - redis @@ -166,18 +167,32 @@ Run the stack with `docker-compose up -d` and the DB migrations using `docker-co By default the production containers run using nginx and php-fpm with a very conservative number of workers. You can control the number with the following environment variables in `.env` or directly on the `php-fpm` container: -``` -FPM_PM_MAX_CHILDREN=50 +```dotenv +FPM_PM_MAX_CHILDREN=40 FPM_PM_START_SERVERS=10 -FPM_PM_MIN_SPARE_SERVERS=5 -FPM_PM_MAX_SPARE_SERVERS=10 +FPM_PM_MIN_SPARE_SERVERS=10 +FPM_PM_MAX_SPARE_SERVERS=30 ``` These are used in the FPM configuration file, you can find more on configuring it in the php-fpm documentation. ### Performance Monitoring -You can monitor the nginx and php-fpm status using `/nginx-status` and `/fpm-status` HTTP endpoints. By default these are only allowed to be used by localhost and they shouldn't be exposed to the internet. You can control the IP range allowed to access them using the `STATUS_ALLOW` environment variable on the nginx container. It supports anything available for an `allow` command in nginx config. +You can monitor the nginx and php-fpm status using `/nginx-status` and `/fpm-status` HTTP endpoints. There is also an FPM ping endpoint at `/fpm-ping`. + +By default these are only allowed to be used by localhost and they shouldn't be exposed to the internet. You can control the IP range allowed to access them using the `STATUS_ALLOW` environment variable on the nginx container. It supports anything available for an `allow` command in nginx config. + +If you want to change these paths, set the environment variables `NGINX_STATUS_PATH`, `FPM_STATUS_PATH` and `FPM_PING_PATH` on both nginx and php-fpm. + +For example, if you wanted to use an unpredicatable string in the URL and allow access to all IPs: + +```dotenv +STATUS_ALLOW=0.0.0.0/0 + +FPM_STATUS_PATH=/410a821c-ac93-4b07-8652-7924937ce920/fpm-status +FPM_PING_PATH=/410a821c-ac93-4b07-8652-7924937ce920/fpm-ping +NGINX_STATUS_PATH=/410a821c-ac93-4b07-8652-7924937ce920/nginx-status +``` ## Usage diff --git a/composer.lock b/composer.lock index cdbdf5e..02a5af0 100644 --- a/composer.lock +++ b/composer.lock @@ -376,16 +376,16 @@ }, { "name": "doctrine/dbal", - "version": "3.7.1", + "version": "3.7.2", "source": { "type": "git", "url": "https://github.com/doctrine/dbal.git", - "reference": "5b7bd66c9ff58c04c5474ab85edce442f8081cb2" + "reference": "0ac3c270590e54910715e9a1a044cc368df282b2" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/doctrine/dbal/zipball/5b7bd66c9ff58c04c5474ab85edce442f8081cb2", - "reference": "5b7bd66c9ff58c04c5474ab85edce442f8081cb2", + "url": "https://api.github.com/repos/doctrine/dbal/zipball/0ac3c270590e54910715e9a1a044cc368df282b2", + "reference": "0ac3c270590e54910715e9a1a044cc368df282b2", "shasum": "" }, "require": { @@ -401,7 +401,7 @@ "doctrine/coding-standard": "12.0.0", "fig/log-test": "^1", "jetbrains/phpstorm-stubs": "2023.1", - "phpstan/phpstan": "1.10.35", + "phpstan/phpstan": "1.10.42", "phpstan/phpstan-strict-rules": "^1.5", "phpunit/phpunit": "9.6.13", "psalm/plugin-phpunit": "0.18.4", @@ -469,7 +469,7 @@ ], "support": { "issues": "https://github.com/doctrine/dbal/issues", - "source": "https://github.com/doctrine/dbal/tree/3.7.1" + "source": "https://github.com/doctrine/dbal/tree/3.7.2" }, "funding": [ { @@ -485,7 +485,7 @@ "type": "tidelift" } ], - "time": "2023-10-06T05:06:20+00:00" + "time": "2023-11-19T08:06:58+00:00" }, { "name": "doctrine/deprecations", @@ -8716,16 +8716,16 @@ }, { "name": "laravel/sail", - "version": "v1.26.0", + "version": "v1.26.1", "source": { "type": "git", "url": "https://github.com/laravel/sail.git", - "reference": "c60fe037004e272efd0d81f416ed2bfc623d70b4" + "reference": "7a82f5aa364dbee3fd9c52fc464cf0bdd11150ed" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/laravel/sail/zipball/c60fe037004e272efd0d81f416ed2bfc623d70b4", - "reference": "c60fe037004e272efd0d81f416ed2bfc623d70b4", + "url": "https://api.github.com/repos/laravel/sail/zipball/7a82f5aa364dbee3fd9c52fc464cf0bdd11150ed", + "reference": "7a82f5aa364dbee3fd9c52fc464cf0bdd11150ed", "shasum": "" }, "require": { @@ -8777,7 +8777,7 @@ "issues": "https://github.com/laravel/sail/issues", "source": "https://github.com/laravel/sail" }, - "time": "2023-10-18T13:57:15+00:00" + "time": "2023-11-20T15:56:47+00:00" }, { "name": "mockery/mockery", @@ -9235,16 +9235,16 @@ }, { "name": "phpstan/phpdoc-parser", - "version": "1.24.2", + "version": "1.24.3", "source": { "type": "git", "url": "https://github.com/phpstan/phpdoc-parser.git", - "reference": "bcad8d995980440892759db0c32acae7c8e79442" + "reference": "12f01d214f1c73b9c91fdb3b1c415e4c70652083" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpstan/phpdoc-parser/zipball/bcad8d995980440892759db0c32acae7c8e79442", - "reference": "bcad8d995980440892759db0c32acae7c8e79442", + "url": "https://api.github.com/repos/phpstan/phpdoc-parser/zipball/12f01d214f1c73b9c91fdb3b1c415e4c70652083", + "reference": "12f01d214f1c73b9c91fdb3b1c415e4c70652083", "shasum": "" }, "require": { @@ -9276,9 +9276,9 @@ "description": "PHPDoc parser with support for nullable, intersection and generic types", "support": { "issues": "https://github.com/phpstan/phpdoc-parser/issues", - "source": "https://github.com/phpstan/phpdoc-parser/tree/1.24.2" + "source": "https://github.com/phpstan/phpdoc-parser/tree/1.24.3" }, - "time": "2023-09-26T12:28:12+00:00" + "time": "2023-11-18T20:15:32+00:00" }, { "name": "phpunit/php-code-coverage", @@ -11045,16 +11045,16 @@ }, { "name": "theseer/tokenizer", - "version": "1.2.1", + "version": "1.2.2", "source": { "type": "git", "url": "https://github.com/theseer/tokenizer.git", - "reference": "34a41e998c2183e22995f158c581e7b5e755ab9e" + "reference": "b2ad5003ca10d4ee50a12da31de12a5774ba6b96" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/theseer/tokenizer/zipball/34a41e998c2183e22995f158c581e7b5e755ab9e", - "reference": "34a41e998c2183e22995f158c581e7b5e755ab9e", + "url": "https://api.github.com/repos/theseer/tokenizer/zipball/b2ad5003ca10d4ee50a12da31de12a5774ba6b96", + "reference": "b2ad5003ca10d4ee50a12da31de12a5774ba6b96", "shasum": "" }, "require": { @@ -11083,7 +11083,7 @@ "description": "A small library for converting tokenized PHP source code into XML and potentially other formats", "support": { "issues": "https://github.com/theseer/tokenizer/issues", - "source": "https://github.com/theseer/tokenizer/tree/1.2.1" + "source": "https://github.com/theseer/tokenizer/tree/1.2.2" }, "funding": [ { @@ -11091,7 +11091,7 @@ "type": "github" } ], - "time": "2021-07-28T10:34:58+00:00" + "time": "2023-11-20T00:12:19+00:00" } ], "aliases": [], diff --git a/docker-compose.yaml b/docker-compose.yaml index 67aac45..c99933a 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -47,7 +47,8 @@ services: command: "artisan queue:work" user: "1000" env_file: .env - scale: 2 + deploy: + replicas: 2 volumes: - ./:/app depends_on: diff --git a/docker/default.conf b/docker/default.conf index 729ccce..07e9d6a 100644 --- a/docker/default.conf +++ b/docker/default.conf @@ -6,7 +6,7 @@ map $http_upgrade $type { server { listen 80; index index.php index.html; - access_log /dev/stdout; + access_log /dev/stdout main; error_log /dev/stderr; root /var/www/public; client_max_body_size 8M; @@ -15,7 +15,7 @@ server { try_files /nonexistent @$type; } - location ~ ^/(fpm-status|fpm-ping)$ { + location ${FPM_STATUS_PATH} { access_log off; allow ${STATUS_ALLOW}; include fastcgi_params; @@ -23,7 +23,15 @@ server { fastcgi_pass php-fpm:9000; } - location /nginx-status { + location ${FPM_PING_PATH} { + access_log off; + allow ${STATUS_ALLOW}; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass php-fpm:9000; + } + + location ${NGINX_STATUS_PATH} { stub_status on; access_log off; allow ${STATUS_ALLOW};