kind: ConfigMap apiVersion: v1 metadata: name: {{ include "..fullname" . }}-env labels: {{- include "..labels" . | nindent 8 }} data: SMTP_PORT: '2525' SMTP_AUTH: 'true' SMTP_FORCE_FROM: "noreply@customer.v3.nu" SMTP_FROM_NAME: "V3 Customer Mailer" WP_ENV: "production" {{- if .Values.site.overrideMainUrl }} WP_HOME: "https://{{ .Values.site.overrideMainUrl }}" {{- else }} WP_HOME: "https://{{ .Values.site.url }}" {{- end }} {{- if and .Values.site.init .Values.site.init.composerPackage }} RUN_COMPOSER: 'true' INSTALL_SITE: {{ .Values.site.init.composerPackage }} SET_THEME: {{ .Values.site.init.themeName | default "" }} {{- end }} {{- if and .Values.site.init .Values.site.init.content .Values.site.init.content.import }} RUN_IMPORTS: 'true' IMPORT_CONTENT: {{ .Values.site.init.content.url }} {{- end }} {{- if and .Values.site.init .Values.site.init.database .Values.site.init.database.import }} RUN_DATABASEIMPORTS: 'true' IMPORT_DATABASE: {{ .Values.site.init.database.url }} FORCE_IMPORT_DB: {{ .Values.site.init.database.force | default "false" | quote }} {{- end }} --- kind: ConfigMap apiVersion: v1 metadata: name: {{ include "..fullname" . }}-cfg labels: {{- include "..labels" . | nindent 8 }} data: www.conf: |- [www] {{- if and .Values.global .Values.global.php }} listen = {{ .Values.global.php.listenAddress | default "127.0.0.1:8123" }} listen.backlog = {{ .Values.global.php.listenBacklog | default "511" }} pm = {{ .Values.global.php.pmMode | default "ondemand" }} pm.max_children = {{ .Values.global.php.pmMaxChildren | default "100" }} pm.process_idle_timeout = {{ .Values.global.php.pmProcessIdle | default "30s" }} pm.max_requests = {{ .Values.global.php.pmMaxRequests | default "1000" }} security.limit_extensions = {{ .Values.global.php.limitExtensions | default ".php" }} php_admin_value[expose_php] = {{ .Values.global.php.exposePHP | default "Off" }} php_admin_value[short_open_tag] = {{ .Values.global.php.shortOpenTag | default "Off" }} php_admin_value[disable_functions] = {{ .Values.global.php.disableFunctions | default "exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,show_source" }} php_value[log_errors] = {{ .Values.global.php.logErrors | default "On" }} php_admin_value[date.timezone] = {{ .Values.customer.timezone | default "Europe/Stockholm" }} {{- else }} listen = 127.0.0.1:8123 listen.backlog = 511 pm = ondemand pm.max_children = 100 pm.process_idle_timeout = 30s pm.max_requests = 1000 security.limit_extensions = .php php_admin_value[expose_php] = Off php_admin_value[short_open_tag] = Off php_admin_value[disable_functions] = exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,show_source php_value[log_errors] = On {{- end }} ping.path = /fpm-ping listen.allowed_clients = 127.0.0.1 catch_workers_output = yes php_value[error_log] = /dev/stderr {{- if .Values.global.php.adminValues }} {{- range $k, $v := .Values.global.php.adminValues }} php_admin_value[{{ $k }}] = {{ $v }} {{- end }} {{- end }} nginx.conf: | worker_processes auto; error_log stderr warn; pid /run/nginx/nginx.pid; {{- if and .Values.global .Values.global.nginx }} {{ .Values.global.nginx.globalAdditions | default "" }} {{- end }} events { {{- if and .Values.global .Values.global.nginx }}} worker_connections {{ .Values.global.nginx.workerConnections | default "1024" }}; {{ .Values.global.nginx.eventsAdditions | default "" }} {{- else }} worker_connections 1024; {{- end }} } http { include mime.types; default_type application/octet-stream; disable_symlinks off; log_format main_timed '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for" ' '$request_time $upstream_response_time $pipe $upstream_cache_status'; access_log /dev/stdout main_timed; error_log /dev/stderr notice; {{- if and .Values.global .Values.global.nginx }}} keepalive_timeout {{ .Values.global.nginx.keepaliveTimeout | default "61" }}; {{- else }} keepalive_timeout 61; {{- end }} client_max_body_size 512m; client_body_temp_path /tmp/client_temp; proxy_temp_path /tmp/proxy_temp_path; fastcgi_temp_path /tmp/fastcgi_temp; uwsgi_temp_path /tmp/uwsgi_temp; scgi_temp_path /tmp/scgi_temp; server { listen [::]:8080 default_server; listen 8080 default_server; server_name _; {{- if and .Values.global .Values.global.nginx }}} sendfile {{ .Values.global.nginx.sendfile | default "off" }}; tcp_nodelay {{ .Values.global.nginx.tcpNodelay | default "on" }}; absolute_redirect {{ .Values.global.nginx.absoluteRedirects | default "off" }}; {{- else }} sendfile off; tcp_nodelay on; absolute_redirect off; {{- end }} {{- if and .Values.site .Values.site.webroot }}} root {{ .Values.site.webroot.path | default "/app/web" }}; index {{ .Values.site.webroot.indexes | default "index.php index.html index.htm" }}; {{- else }} root /app/web; index {{ .Values.site.webroot.indexes }}; {{- end }} location / { try_files $uri $uri/ /index.php?q=$uri&$args; {{- if and .Values.global .Values.global.nginx }}} {{ .Values.global.nginx.rootLocationAdditions | default "" }} {{- end }} } location ~* /app/web/app/uploads/.*.php$ { deny all; } location ~* /wp-content/uploads/.*.php$ { deny all; } error_page 500 502 503 504 /50x.html; location = /50x.html { root /var/lib/nginx/html; } location ~ \.php$ { {{- if and .Values.global .Values.global.nginx }}} fastcgi_buffer_size {{ .Values.global.nginx.fcgiBufferSize | default "128k" }}; fastcgi_buffers {{ .Values.global.nginx.fcgiBuffers | default "4 256k" }}; fastcgi_busy_buffers_size {{ .Values.global.nginx.fcgiBusyBufferSize | default "256k" }}; fastcgi_read_timeout {{ .Values.global.nginx.fcgiReadTimeout | default "300" }}; {{- else }} fastcgi_buffer_size 128k; fastcgi_buffers 4 256k; fastcgi_busy_buffers_size 256k; fastcgi_read_timeout 300; {{- end }} include fastcgi_params; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass 127.0.0.1:8123; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; {{- if and .Values.global .Values.global.nginx }}} {{ .Values.global.nginx.phpLocationAdditions | default "" }} {{- end }} } location ~* \.(jpg|jpeg|webp|gif|png|css|svg|js|ico|xml)$ { expires 5d; } gzip_comp_level 5; gzip_min_length 256; gzip_types application/atom+xml application/javascript application/json application/rss+xml application/vnd.ms-fontobject application/x-font-ttf application/x-font-opentype application/x-font-truetype application/x-javascript application/x-web-app-manifest+json application/xhtml+xml application/xml font/eot font/opentype font/otf image/svg+xml image/x-icon image/vnd.microsoft.icon text/css text/plain text/javascript text/x-component; gzip_disable "MSIE [1-6]\.(?!.*SV1)"; location ~ /\. { log_not_found off; deny all; } location ~ ^/(fpm-status|fpm-ping)$ { access_log off; allow 127.0.0.1; deny all; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; fastcgi_pass 127.0.0.1:8123; } {{- if and .Values.global .Values.global.nginx }}} {{ .Values.global.nginx.serverAdditions | default "" }} {{- end }} } proxy_hide_header X-Powered-By; fastcgi_hide_header X-Powered-By; server_tokens off; add_header X-Content-Type-Options nosniff; add_header X-Frame-Options SAMEORIGIN; add_header X-XSS-Protection "1; mode=block"; {{- if and .Values.global .Values.global.nginx }}} {{ .Values.global.nginx.httpAdditions }} {{- end }} include /etc/nginx/modules/*.conf; }