From 867257f58e310ef1399d2d6687132fadf7ff57c4 Mon Sep 17 00:00:00 2001
From: Alexander Ilyin <alexander@ilyin.eu>
Date: Fri, 1 May 2015 00:22:48 -0700
Subject: [PATCH 1/2] Sandbox based on Docker Compose and official `nginx`,
 `mysql` and `php` images.

---
 .gitignore         |  2 ++
 docker-compose.yml | 31 ++++++++++++++++++++
 fpm.conf           | 20 +++++++++++++
 mysql.cnf          | 36 +++++++++++++++++++++++
 nginx.conf         | 71 ++++++++++++++++++++++++++++++++++++++++++++++
 server.crt         | 20 +++++++++++++
 server.key         | 27 ++++++++++++++++++
 7 files changed, 207 insertions(+)
 create mode 100644 docker-compose.yml
 create mode 100644 fpm.conf
 create mode 100644 mysql.cnf
 create mode 100644 nginx.conf
 create mode 100644 server.crt
 create mode 100644 server.key

diff --git a/.gitignore b/.gitignore
index b2019be268..5220353d41 100644
--- a/.gitignore
+++ b/.gitignore
@@ -10,3 +10,5 @@
 /vendor/
 /bin/
 /composer.phar
+.idea
+.mysql
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000000..01c43d1d27
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,31 @@
+phpfpm:
+  command: php-fpm --allow-to-run-as-root
+  image: php:5.6.8-fpm
+  volumes:
+    - fpm.conf:/usr/local/etc/php-fpm.conf
+    - .:/var/www/symfony2
+  links:
+   - mysql
+mysql:
+  command: mysqld --user=root --verbose
+  image: mysql
+  volumes:
+    - .mysql:/var/lib/mysql
+    - mysql.cnf:/etc/mysql/my.cnf
+  environment:
+    MYSQL_DATABASE: symfony
+    MYSQL_USER: symfony
+    MYSQL_PASSWORD: symfony
+    MYSQL_ALLOW_EMPTY_PASSWORD: yes
+nginx:
+  image: nginx:1.9.0
+  volumes:
+    - nginx.conf:/etc/nginx/conf.d/default.conf
+    - .:/var/www/symfony2
+    - server.crt:/etc/ssl/certs/server.crt
+    - server.key:/etc/ssl/private/server.key
+  ports:
+   - "80:80"
+   - "443:443"
+  links:
+   - phpfpm
diff --git a/fpm.conf b/fpm.conf
new file mode 100644
index 0000000000..e176c0f4e2
--- /dev/null
+++ b/fpm.conf
@@ -0,0 +1,20 @@
+[global]
+error_log = /proc/self/fd/2
+daemonize = no
+
+[www]
+# BOOT2DOCKER LIMITATIONS
+user = root
+group = root
+
+# SYMFONY 2 REQUIREMENTS
+php_admin_value[date.timezone] = 'America/Los_Angeles'
+php_admin_flag[short_open_tag] = off
+
+access.log = /proc/self/fd/2
+listen = [::]:9000
+pm = dynamic
+pm.max_children = 100
+pm.start_servers = 30
+pm.min_spare_servers = 10
+pm.max_spare_servers = 50
diff --git a/mysql.cnf b/mysql.cnf
new file mode 100644
index 0000000000..c92511b4f8
--- /dev/null
+++ b/mysql.cnf
@@ -0,0 +1,36 @@
+[client]
+port		= 3306
+socket		= /var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+pid-file	= /var/run/mysqld/mysqld.pid
+socket		= /var/run/mysqld/mysqld.sock
+nice		= 0
+
+[mysqld]
+user		= root
+pid-file	= /var/run/mysqld/mysqld.pid
+socket		= /var/run/mysqld/mysqld.sock
+port		= 3306
+basedir		= /usr
+datadir		= /var/lib/mysql
+tmpdir		= /tmp
+lc-messages-dir	= /usr/share/mysql
+explicit_defaults_for_timestamp
+
+# Instead of skip-networking the default is now to listen only on
+# localhost which is more compatible and is not less secure.
+#bind-address	= 127.0.0.1
+
+#log-error	= /var/log/mysql/error.log
+
+# Recommended in standard MySQL setup
+sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES
+
+# Disabling symbolic-links is recommended to prevent assorted security risks
+symbolic-links=0
+
+# * IMPORTANT: Additional settings that can override those from this file!
+#   The files must end with '.cnf', otherwise they'll be ignored.
+#
+!includedir /etc/mysql/conf.d/
diff --git a/nginx.conf b/nginx.conf
new file mode 100644
index 0000000000..6f97db1ace
--- /dev/null
+++ b/nginx.conf
@@ -0,0 +1,71 @@
+# http://wiki.nginx.org/Symfony
+# http://symfony.com/doc/current/cookbook/configuration/web_server_configuration.html
+
+upstream phpfcgi {
+    server phpfpm:9000;
+    # server unix:/var/run/php5-fpm.sock; #for PHP-FPM running on UNIX socket
+}
+
+server {
+    listen 80;
+
+    server_name localhost;
+    root /var/www/symfony2/web;
+
+    # strip app.php/ prefix if it is present
+    rewrite ^/app\.php/?(.*)$ /$1 permanent;
+
+    location / {
+        index app.php;
+        try_files $uri @rewriteapp;
+    }
+
+    location @rewriteapp {
+        rewrite ^(.*)$ /app.php/$1 last;
+    }
+
+    # pass the PHP scripts to FastCGI server from upstream phpfcgi
+    location ~ ^/(app|app_dev|config)\.php(/|$) {
+        fastcgi_pass phpfcgi;
+        fastcgi_split_path_info ^(.+\.php)(/.*)$;
+        include fastcgi_params;
+        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_param  HTTPS off;
+        # Allow access to /app_dev.php & /config.php
+        fastcgi_param  REMOTE_ADDR 127.0.0.1;
+    }
+}
+
+server {
+    listen 443;
+
+    server_name localhost;
+    root /var/www/symfony2/web;
+
+    ssl on;
+    ssl_certificate /etc/ssl/certs/server.crt;
+    ssl_certificate_key /etc/ssl/private/server.key;
+
+    # strip app.php/ prefix if it is present
+    rewrite ^/app\.php/?(.*)$ /$1 permanent;
+
+    location / {
+        index app.php;
+        try_files $uri @rewriteapp;
+    }
+
+    location @rewriteapp {
+        rewrite ^(.*)$ /app.php/$1 last;
+    }
+
+    # pass the PHP scripts to FastCGI server from upstream phpfcgi
+    location ~ ^/(app|app_dev|config)\.php(/|$) {
+        fastcgi_pass phpfcgi;
+        fastcgi_split_path_info ^(.+\.php)(/.*)$;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_param HTTPS on;
+        # Allow access to /app_dev.php & /config.php
+        fastcgi_param  REMOTE_ADDR 127.0.0.1;
+    }
+}
\ No newline at end of file
diff --git a/server.crt b/server.crt
new file mode 100644
index 0000000000..57adccf9ce
--- /dev/null
+++ b/server.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDLjCCAhYCCQCqDFYEh1+MDTANBgkqhkiG9w0BAQUFADBZMQswCQYDVQQGEwJV
+UzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxETAPBgNVBAoT
+CFN5bWZvbnkyMRIwEAYDVQQDEwlsb2NhbGhvc3QwHhcNMTUwNDMwMTEzNDEyWhcN
+MTYwNDI5MTEzNDEyWjBZMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNV
+BAcTDU1vdW50YWluIFZpZXcxETAPBgNVBAoTCFN5bWZvbnkyMRIwEAYDVQQDEwls
+b2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRsV3rRGUL
+9ObOyELYMJ9PZGvvwI1DqyG3u9x0zXS1dFoNlTO/yN9NBoyC/IuxgmUu1iDzNgUr
++sKqwGXlJ1sJUhUimEh1O/rnYXSmKPGOrTjXb7NU9HUHLbsU8H9HWSt/9QpYsIOh
+4k90lhEI+ZPlSG7PlhjnqIY3XibT2JUQ7g1Z3bp0vIgIrnB2/CxApAKEslZp7qMs
+5qxUIIgUMskIIsuFuT6JSwa8KYVikPFfU1IxFj1ZD6Yg9WXRRGCof6oDphneXjEK
+zgIdSSs2g8DO9H/FDBuro9+gBQ9s79/3Cvx+1QTI6HkufWtrbf/dKJoPRVeIjxTC
+GyjdqrNmnzajAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAG1OsSjcb0DruCMRi493
+4khUBIvjkSCJflLef4rCRnY2KgSbbG0pboLexscIvOPt+H0dpC0CIs2AygzlxXCH
+nKIhyvY7i6BIXhjTsMMg/aMpchOGOE2lUbdI5nS25T1Rg2R8SNstB0+eDzhQLvtU
+L1UA6rvl+P6Gxlb3KdS+95mmkyQr5HCSbtY33nDj/MofbUdrfoCp0vAgU5gHO3+t
+rKZImItCZ/Qyq5h8ffpLc40uWZH8zNdFIccC9afNd2jBMtcJctSTA2/3uFfPUKvC
+ke3qs15+bPr3KXYMM9OtxLSe4yvogbn6mFGTumpBSwySP1VVQ9HEVDKt+3xZleqz
+TDI=
+-----END CERTIFICATE-----
diff --git a/server.key b/server.key
new file mode 100644
index 0000000000..c270d08f7c
--- /dev/null
+++ b/server.key
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpQIBAAKCAQEA0bFd60RlC/TmzshC2DCfT2Rr78CNQ6sht7vcdM10tXRaDZUz
+v8jfTQaMgvyLsYJlLtYg8zYFK/rCqsBl5SdbCVIVIphIdTv652F0pijxjq0412+z
+VPR1By27FPB/R1krf/UKWLCDoeJPdJYRCPmT5Uhuz5YY56iGN14m09iVEO4NWd26
+dLyICK5wdvwsQKQChLJWae6jLOasVCCIFDLJCCLLhbk+iUsGvCmFYpDxX1NSMRY9
+WQ+mIPVl0URgqH+qA6YZ3l4xCs4CHUkrNoPAzvR/xQwbq6PfoAUPbO/f9wr8ftUE
+yOh5Ln1ra23/3SiaD0VXiI8Uwhso3aqzZp82owIDAQABAoIBAQCBGrD2jy+fgvMw
+UUBGlvkfCnciL+1Jwm2KEBIVoAHBTpe7USeBZw2FAQk2BIOFkQD3K0MyOwpIH6YH
+N1oFEowMWwtEN3o1I+7A0tHdE8xVyfT7P3ysS65Z8yACLmhO52nO6HGsVVFWNF4z
+K8nlOrSCMGx5RrKivrGUGVXSjMCKoMjqizxEPyV8m/8Wsah1We7mDkF6Z7HD/1xv
+d/07PZVxrzh7Ab0irxGFdwgZ9uVQTFbHLcp0aKZUvD6OIUa9REq5o3tu/mMNimjx
+knBelY6o8dmzaPrzBy+F7iRuRrs7LzQiwUZlQ3tt83wDBZ32GiedrkuaWtf0O3cS
+MTMeGnxhAoGBAPHg/aBX8TadrieuzbKsYUMlhoE2wDIvM3bYs5QeQcU2ZrSXFWFM
+JuENK2HXnhbRsrIXiVcz15Cdj/mwxt3OWJxrBeHKIX+KKl7qPTrZzbqnH2WycRUz
+fU11oNFKOzph/cW9CpGwLg2cBWejfqsF7ZxtjKd6/tzzrYF6Ig/a7vWLAoGBAN3v
+VrNfh3wHclwt1AIHqhj+eVPLKZfVe0XvOPL50bG2rXiIyMnIsXaFiMtCX8SLAMaM
+6jdNgyJ1vTwLyG8ay9uGpO672Mr1AB/UocVKDwd/WFO8bjFe5hUFFo78rp9nOp6N
+lFYmTmHEZOSJm+hqTryQUA8aGOOR9NV6MczGy9ZJAoGBAKxh7//9jQCiogLQFvNW
+3T6QmOqwDYv2jdQOnvVaFv+pRMtBvdAJCNBtpVRm6dlTe+pm0c/fN6tuT7ThIunj
+bM2VjKyddQBDhOz+PcMahP+Yqcy9vtAgURYKViGyqMF0IvtxPf4UtM2oO0XghJ74
+a56HiK23/7mSxT44v9vS6Wj/AoGAP2rPxIvMpDVgiVSTG01jXqcAtl/8b6WSBybX
+iB64u+ZuZV34uig+BZccwrAhu4DY5OOJXeopSaSJQWpAiPcIP5+W650D0uL1eSMC
+YuTJrKPH8o2Kk1MBvgnpK0yq/WO7DWl5dLCXfzpmdiOYSG5wN1OpfNdBO24Onx2+
+szwvLPkCgYEAuCBfZyhzXaUH2UK47CwI2NRobKVxXK8K8996mJQPscsRcUih4DvJ
+AxMH282Xjh4AGOC3IvqDTmjkbkwIBj1Dur0Pq6gNEAV/O1WGI1tTSAwDWxUjrgKQ
+hrADWo7eYjW/rocMNDgS9OhPJ+0AVEwEfA+IDZCQp7vXoZAttlgekZc=
+-----END RSA PRIVATE KEY-----

From 129f73b44fa5741fed37350882b6d86a98bb2217 Mon Sep 17 00:00:00 2001
From: Alexander Ilyin <alexander@ilyin.eu>
Date: Fri, 1 May 2015 01:02:26 -0700
Subject: [PATCH 2/2] Removed dev specific directory.

---
 .gitignore | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.gitignore b/.gitignore
index 5220353d41..373a5c17ac 100644
--- a/.gitignore
+++ b/.gitignore
@@ -10,5 +10,4 @@
 /vendor/
 /bin/
 /composer.phar
-.idea
 .mysql