From d024a178b89cd5efd36dc2295e0ba8baa9c10683 Mon Sep 17 00:00:00 2001
From: Jonas Kaninda <jonaskaninda@gmail.com>
Date: Sun, 14 Jan 2024 14:53:05 +0100
Subject: [PATCH 1/2] chore: set www-data as user for supervisor programs

---
 README.md                         |  7 ++-
 src/{conf/nginx => }/default.conf |  0
 src/docker/7.2/Dockerfile         | 26 +++++++++--
 src/docker/7.3/Dockerfile         | 27 ++++++++++--
 src/docker/7.4/Dockerfile         | 26 +++++++++--
 src/docker/8.0/Dockerfile         | 27 ++++++++++--
 src/docker/8.1/Dockerfile         | 29 +++++++++---
 src/docker/8.2/Dockerfile         | 27 +++++++++---
 src/docker/8.3/Dockerfile         | 26 +++++++++--
 src/entrypoint.sh                 | 29 +-----------
 src/nginx.conf                    | 73 +++++++++++++++++++++++++++++++
 src/supervisor/supervisord.conf   | 19 ++++----
 12 files changed, 249 insertions(+), 67 deletions(-)
 rename src/{conf/nginx => }/default.conf (100%)
 create mode 100644 src/nginx.conf

diff --git a/README.md b/README.md
index 6b5927e..55006b4 100644
--- a/README.md
+++ b/README.md
@@ -46,7 +46,8 @@ services:
     app:
         image: jkaninda/nginx-php-fpm:8.2
         container_name: my-app
-        restart: unless-stopped      
+        restart: unless-stopped 
+        user: www-data # Optional - for production usage    
         volumes:
         #Project root
             - ./:/var/www/html
@@ -115,10 +116,12 @@ WORKDIR /var/www/html
 
 # Custom cache invalidation / optional
 #ARG CACHEBUST=1
-# Run composer install / Optional
+# composer install / Optional
 #RUN composer install
 # Fix permissions
 RUN chown -R www-data:www-data /var/www/html
+
+USER www-data
 ```
 
 
diff --git a/src/conf/nginx/default.conf b/src/default.conf
similarity index 100%
rename from src/conf/nginx/default.conf
rename to src/default.conf
diff --git a/src/docker/7.2/Dockerfile b/src/docker/7.2/Dockerfile
index 66793a8..6e525fa 100644
--- a/src/docker/7.2/Dockerfile
+++ b/src/docker/7.2/Dockerfile
@@ -69,7 +69,6 @@ RUN rm -Rf /var/www/* && \
 mkdir -p /var/www/html
 
 ADD src/index.php $WORKDIR/index.php
-ADD src/conf/nginx/default.conf /etc/nginx/sites-available/default
 ADD src/php.ini $PHP_INI_DIR/conf.d/
 ADD src/opcache.ini $PHP_INI_DIR/conf.d/
 ADD src/supervisor/supervisord.conf /etc/supervisor/supervisord.conf
@@ -78,16 +77,35 @@ COPY src/entrypoint.sh /usr/local/bin/
 RUN chmod +x /usr/local/bin/entrypoint.sh
 RUN ln -s /usr/local/bin/entrypoint.sh /
 
-ENTRYPOINT ["entrypoint.sh"]
+RUN rm -rf /etc/nginx/conf.d/default.conf
+RUN rm -rf /etc/nginx/sites-enabled/default
+RUN rm -rf /etc/nginx/sites-available/default
 
+RUN rm -rf /etc/nginx/nginx.conf
 
+COPY src/nginx.conf /etc/nginx/nginx.conf
+COPY src/default.conf /etc/nginx/conf.d/
 
 RUN usermod -u ${USER_ID} ${USER_NAME}
 RUN groupmod -g ${USER_ID} ${GROUP_NAME}
+
+RUN mkdir -p /var/log/supervisor
+RUN mkdir -p /var/log/nginx
+RUN mkdir -p /var/cache/nginx
+
 RUN chown -R ${USER_NAME}:${GROUP_NAME} /var/www && \
   chown -R ${USER_NAME}:${GROUP_NAME} /var/log/ && \
   chown -R ${USER_NAME}:${GROUP_NAME} /etc/supervisor/conf.d/ && \
   chown -R ${USER_NAME}:${GROUP_NAME} $PHP_INI_DIR/conf.d/ && \
-  chown -R ${USER_NAME}:${GROUP_NAME} /etc/nginx/sites-available/
+  touch /var/run/nginx.pid && \
+  chown -R $USER_NAME:$USER_NAME /var/cache/nginx && \
+  chown -R $USER_NAME:$USER_NAME /var/lib/nginx/ && \
+  chown -R $USER_NAME:$USER_NAME /var/run/nginx.pid && \
+  chown -R $USER_NAME:$USER_NAME /var/log/supervisor && \
+  chown -R $USER_NAME:$USER_NAME /etc/nginx/conf.d/ && \
+  chown -R ${USER_NAME}:${GROUP_NAME} /tmp
+
+
+#USER ${USER_NAME}
 EXPOSE 80
-CMD [ "entrypoint" ]
+ENTRYPOINT ["entrypoint.sh"]
\ No newline at end of file
diff --git a/src/docker/7.3/Dockerfile b/src/docker/7.3/Dockerfile
index cc311eb..dbed050 100644
--- a/src/docker/7.3/Dockerfile
+++ b/src/docker/7.3/Dockerfile
@@ -69,7 +69,6 @@ RUN rm -Rf /var/www/* && \
 mkdir -p /var/www/html
 
 ADD src/index.php $WORKDIR/index.php
-ADD src/conf/nginx/default.conf /etc/nginx/sites-available/default
 ADD src/php.ini $PHP_INI_DIR/conf.d/
 ADD src/opcache.ini $PHP_INI_DIR/conf.d/
 
@@ -79,15 +78,35 @@ COPY src/entrypoint.sh /usr/local/bin/
 RUN chmod +x /usr/local/bin/entrypoint.sh
 RUN ln -s /usr/local/bin/entrypoint.sh /
 
-ENTRYPOINT ["entrypoint.sh"]
+RUN rm -rf /etc/nginx/conf.d/default.conf
+RUN rm -rf /etc/nginx/sites-enabled/default
+RUN rm -rf /etc/nginx/sites-available/default
 
+RUN rm -rf /etc/nginx/nginx.conf
+
+COPY src/nginx.conf /etc/nginx/nginx.conf
+COPY src/default.conf /etc/nginx/conf.d/
 
 RUN usermod -u ${USER_ID} ${USER_NAME}
 RUN groupmod -g ${USER_ID} ${GROUP_NAME}
+
+RUN mkdir -p /var/log/supervisor
+RUN mkdir -p /var/log/nginx
+RUN mkdir -p /var/cache/nginx
+
 RUN chown -R ${USER_NAME}:${GROUP_NAME} /var/www && \
   chown -R ${USER_NAME}:${GROUP_NAME} /var/log/ && \
   chown -R ${USER_NAME}:${GROUP_NAME} /etc/supervisor/conf.d/ && \
   chown -R ${USER_NAME}:${GROUP_NAME} $PHP_INI_DIR/conf.d/ && \
-  chown -R ${USER_NAME}:${GROUP_NAME} /etc/nginx/sites-available/
+  touch /var/run/nginx.pid && \
+  chown -R $USER_NAME:$USER_NAME /var/cache/nginx && \
+  chown -R $USER_NAME:$USER_NAME /var/lib/nginx/ && \
+  chown -R $USER_NAME:$USER_NAME /var/run/nginx.pid && \
+  chown -R $USER_NAME:$USER_NAME /var/log/supervisor && \
+  chown -R $USER_NAME:$USER_NAME /etc/nginx/conf.d/ && \
+  chown -R ${USER_NAME}:${GROUP_NAME} /tmp
+
+
+#USER ${USER_NAME}
 EXPOSE 80
-CMD [ "entrypoint" ]
+ENTRYPOINT ["entrypoint.sh"]
\ No newline at end of file
diff --git a/src/docker/7.4/Dockerfile b/src/docker/7.4/Dockerfile
index 63973dd..79268cc 100644
--- a/src/docker/7.4/Dockerfile
+++ b/src/docker/7.4/Dockerfile
@@ -69,7 +69,6 @@ RUN rm -Rf /var/www/* && \
 mkdir -p /var/www/html
 
 ADD src/index.php $WORKDIR/index.php
-ADD src/conf/nginx/default.conf /etc/nginx/sites-available/default
 ADD src/php.ini $PHP_INI_DIR/conf.d/
 ADD src/opcache.ini $PHP_INI_DIR/conf.d/
 ADD src/supervisor/supervisord.conf /etc/supervisor/supervisord.conf
@@ -78,16 +77,35 @@ COPY src/entrypoint.sh /usr/local/bin/
 RUN chmod +x /usr/local/bin/entrypoint.sh
 RUN ln -s /usr/local/bin/entrypoint.sh /
 
-ENTRYPOINT ["entrypoint.sh"]
+RUN rm -rf /etc/nginx/conf.d/default.conf
+RUN rm -rf /etc/nginx/sites-enabled/default
+RUN rm -rf /etc/nginx/sites-available/default
 
+RUN rm -rf /etc/nginx/nginx.conf
 
+COPY src/nginx.conf /etc/nginx/nginx.conf
+COPY src/default.conf /etc/nginx/conf.d/
 
 RUN usermod -u ${USER_ID} ${USER_NAME}
 RUN groupmod -g ${USER_ID} ${GROUP_NAME}
+
+RUN mkdir -p /var/log/supervisor
+RUN mkdir -p /var/log/nginx
+RUN mkdir -p /var/cache/nginx
+
 RUN chown -R ${USER_NAME}:${GROUP_NAME} /var/www && \
   chown -R ${USER_NAME}:${GROUP_NAME} /var/log/ && \
   chown -R ${USER_NAME}:${GROUP_NAME} /etc/supervisor/conf.d/ && \
   chown -R ${USER_NAME}:${GROUP_NAME} $PHP_INI_DIR/conf.d/ && \
-  chown -R ${USER_NAME}:${GROUP_NAME} /etc/nginx/sites-available/
+  touch /var/run/nginx.pid && \
+  chown -R $USER_NAME:$USER_NAME /var/cache/nginx && \
+  chown -R $USER_NAME:$USER_NAME /var/lib/nginx/ && \
+  chown -R $USER_NAME:$USER_NAME /var/run/nginx.pid && \
+  chown -R $USER_NAME:$USER_NAME /var/log/supervisor && \
+  chown -R $USER_NAME:$USER_NAME /etc/nginx/conf.d/ && \
+  chown -R ${USER_NAME}:${GROUP_NAME} /tmp
+
+
+#USER ${USER_NAME}
 EXPOSE 80
-CMD [ "entrypoint" ]
+ENTRYPOINT ["entrypoint.sh"]
\ No newline at end of file
diff --git a/src/docker/8.0/Dockerfile b/src/docker/8.0/Dockerfile
index bf46bde..d18b0d0 100644
--- a/src/docker/8.0/Dockerfile
+++ b/src/docker/8.0/Dockerfile
@@ -81,7 +81,6 @@ RUN rm -Rf /var/www/* && \
 mkdir -p /var/www/html
 
 ADD src/index.php $WORKDIR/index.php
-ADD src/conf/nginx/default.conf /etc/nginx/sites-available/default
 ADD src/php.ini $PHP_INI_DIR/conf.d/
 ADD src/opcache.ini $PHP_INI_DIR/conf.d/
 ADD src/supervisor/supervisord.conf /etc/supervisor/supervisord.conf
@@ -90,15 +89,35 @@ COPY src/entrypoint.sh /usr/local/bin/
 RUN chmod +x /usr/local/bin/entrypoint.sh
 RUN ln -s /usr/local/bin/entrypoint.sh /
 
-ENTRYPOINT ["entrypoint.sh"]
+RUN rm -rf /etc/nginx/conf.d/default.conf
+RUN rm -rf /etc/nginx/sites-enabled/default
+RUN rm -rf /etc/nginx/sites-available/default
 
+RUN rm -rf /etc/nginx/nginx.conf
+
+COPY src/nginx.conf /etc/nginx/nginx.conf
+COPY src/default.conf /etc/nginx/conf.d/
 
 RUN usermod -u ${USER_ID} ${USER_NAME}
 RUN groupmod -g ${USER_ID} ${GROUP_NAME}
+
+RUN mkdir -p /var/log/supervisor
+RUN mkdir -p /var/log/nginx
+RUN mkdir -p /var/cache/nginx
+
 RUN chown -R ${USER_NAME}:${GROUP_NAME} /var/www && \
   chown -R ${USER_NAME}:${GROUP_NAME} /var/log/ && \
   chown -R ${USER_NAME}:${GROUP_NAME} /etc/supervisor/conf.d/ && \
   chown -R ${USER_NAME}:${GROUP_NAME} $PHP_INI_DIR/conf.d/ && \
-  chown -R ${USER_NAME}:${GROUP_NAME} /etc/nginx/sites-available/
+  touch /var/run/nginx.pid && \
+  chown -R $USER_NAME:$USER_NAME /var/cache/nginx && \
+  chown -R $USER_NAME:$USER_NAME /var/lib/nginx/ && \
+  chown -R $USER_NAME:$USER_NAME /var/run/nginx.pid && \
+  chown -R $USER_NAME:$USER_NAME /var/log/supervisor && \
+  chown -R $USER_NAME:$USER_NAME /etc/nginx/conf.d/ && \
+  chown -R ${USER_NAME}:${GROUP_NAME} /tmp
+
+
+#USER ${USER_NAME}
 EXPOSE 80
-CMD [ "entrypoint" ]
+ENTRYPOINT ["entrypoint.sh"]
\ No newline at end of file
diff --git a/src/docker/8.1/Dockerfile b/src/docker/8.1/Dockerfile
index f1012c7..24e88c3 100644
--- a/src/docker/8.1/Dockerfile
+++ b/src/docker/8.1/Dockerfile
@@ -82,7 +82,6 @@ RUN rm -Rf /var/www/* && \
 mkdir -p /var/www/html
 
 ADD src/index.php $WORKDIR/index.php
-ADD src/conf/nginx/default.conf /etc/nginx/sites-available/default
 ADD src/php.ini $PHP_INI_DIR/conf.d/
 ADD src/opcache.ini $PHP_INI_DIR/conf.d/
 ADD src/supervisor/supervisord.conf /etc/supervisor/supervisord.conf
@@ -91,15 +90,35 @@ COPY src/entrypoint.sh /usr/local/bin/
 RUN chmod +x /usr/local/bin/entrypoint.sh
 RUN ln -s /usr/local/bin/entrypoint.sh /
 
-ENTRYPOINT ["entrypoint.sh"]
+RUN rm -rf /etc/nginx/conf.d/default.conf
+RUN rm -rf /etc/nginx/sites-enabled/default
+RUN rm -rf /etc/nginx/sites-available/default
+
+RUN rm -rf /etc/nginx/nginx.conf
+
+COPY src/nginx.conf /etc/nginx/nginx.conf
+COPY src/default.conf /etc/nginx/conf.d/
 
 RUN usermod -u ${USER_ID} ${USER_NAME}
 RUN groupmod -g ${USER_ID} ${GROUP_NAME}
+
+RUN mkdir -p /var/log/supervisor
+RUN mkdir -p /var/log/nginx
+RUN mkdir -p /var/cache/nginx
+
 RUN chown -R ${USER_NAME}:${GROUP_NAME} /var/www && \
   chown -R ${USER_NAME}:${GROUP_NAME} /var/log/ && \
   chown -R ${USER_NAME}:${GROUP_NAME} /etc/supervisor/conf.d/ && \
   chown -R ${USER_NAME}:${GROUP_NAME} $PHP_INI_DIR/conf.d/ && \
-  chown -R ${USER_NAME}:${GROUP_NAME} /etc/nginx/sites-available/
-EXPOSE 80
-CMD [ "entrypoint" ]
+  touch /var/run/nginx.pid && \
+  chown -R $USER_NAME:$USER_NAME /var/cache/nginx && \
+  chown -R $USER_NAME:$USER_NAME /var/lib/nginx/ && \
+  chown -R $USER_NAME:$USER_NAME /var/run/nginx.pid && \
+  chown -R $USER_NAME:$USER_NAME /var/log/supervisor && \
+  chown -R $USER_NAME:$USER_NAME /etc/nginx/conf.d/ && \
+  chown -R ${USER_NAME}:${GROUP_NAME} /tmp
 
+
+#USER ${USER_NAME}
+EXPOSE 80
+ENTRYPOINT ["entrypoint.sh"]
diff --git a/src/docker/8.2/Dockerfile b/src/docker/8.2/Dockerfile
index c1c978e..99efdf4 100644
--- a/src/docker/8.2/Dockerfile
+++ b/src/docker/8.2/Dockerfile
@@ -82,7 +82,6 @@ RUN rm -Rf /var/www/* && \
 mkdir -p /var/www/html
 
 ADD src/index.php $WORKDIR/index.php
-ADD src/conf/nginx/default.conf /etc/nginx/sites-available/default
 ADD src/php.ini $PHP_INI_DIR/conf.d/
 ADD src/opcache.ini $PHP_INI_DIR/conf.d/
 ADD src/supervisor/supervisord.conf /etc/supervisor/supervisord.conf
@@ -91,17 +90,35 @@ COPY src/entrypoint.sh /usr/local/bin/
 RUN chmod +x /usr/local/bin/entrypoint.sh
 RUN ln -s /usr/local/bin/entrypoint.sh /
 
-ENTRYPOINT ["entrypoint.sh"]
+RUN rm -rf /etc/nginx/conf.d/default.conf
+RUN rm -rf /etc/nginx/sites-enabled/default
+RUN rm -rf /etc/nginx/sites-available/default
 
+RUN rm -rf /etc/nginx/nginx.conf
 
+COPY src/nginx.conf /etc/nginx/nginx.conf
+COPY src/default.conf /etc/nginx/conf.d/
 
 RUN usermod -u ${USER_ID} ${USER_NAME}
 RUN groupmod -g ${USER_ID} ${GROUP_NAME}
+
+RUN mkdir -p /var/log/supervisor
+RUN mkdir -p /var/log/nginx
+RUN mkdir -p /var/cache/nginx
+
 RUN chown -R ${USER_NAME}:${GROUP_NAME} /var/www && \
   chown -R ${USER_NAME}:${GROUP_NAME} /var/log/ && \
   chown -R ${USER_NAME}:${GROUP_NAME} /etc/supervisor/conf.d/ && \
   chown -R ${USER_NAME}:${GROUP_NAME} $PHP_INI_DIR/conf.d/ && \
-  chown -R ${USER_NAME}:${GROUP_NAME} /etc/nginx/sites-available/
-EXPOSE 80
-CMD [ "entrypoint" ]
+  touch /var/run/nginx.pid && \
+  chown -R $USER_NAME:$USER_NAME /var/cache/nginx && \
+  chown -R $USER_NAME:$USER_NAME /var/lib/nginx/ && \
+  chown -R $USER_NAME:$USER_NAME /var/run/nginx.pid && \
+  chown -R $USER_NAME:$USER_NAME /var/log/supervisor && \
+  chown -R $USER_NAME:$USER_NAME /etc/nginx/conf.d/ && \
+  chown -R ${USER_NAME}:${GROUP_NAME} /tmp
 
+
+#USER ${USER_NAME}
+EXPOSE 80
+ENTRYPOINT ["entrypoint.sh"]
\ No newline at end of file
diff --git a/src/docker/8.3/Dockerfile b/src/docker/8.3/Dockerfile
index 87bad94..051f097 100644
--- a/src/docker/8.3/Dockerfile
+++ b/src/docker/8.3/Dockerfile
@@ -82,7 +82,6 @@ RUN rm -Rf /var/www/* && \
 mkdir -p /var/www/html
 
 ADD src/index.php $WORKDIR/index.php
-ADD src/conf/nginx/default.conf /etc/nginx/sites-available/default
 ADD src/php.ini $PHP_INI_DIR/conf.d/
 ADD src/opcache.ini $PHP_INI_DIR/conf.d/
 ADD src/supervisor/supervisord.conf /etc/supervisor/supervisord.conf
@@ -91,18 +90,37 @@ COPY src/entrypoint.sh /usr/local/bin/
 RUN chmod +x /usr/local/bin/entrypoint.sh
 RUN ln -s /usr/local/bin/entrypoint.sh /
 
-ENTRYPOINT ["entrypoint.sh"]
 
+RUN rm -rf /etc/nginx/conf.d/default.conf
+RUN rm -rf /etc/nginx/sites-enabled/default
+RUN rm -rf /etc/nginx/sites-available/default
 
+RUN rm -rf /etc/nginx/nginx.conf
+
+COPY src/nginx.conf /etc/nginx/nginx.conf
+COPY src/default.conf /etc/nginx/conf.d/
 
 RUN usermod -u ${USER_ID} ${USER_NAME}
 RUN groupmod -g ${USER_ID} ${GROUP_NAME}
+
+RUN mkdir -p /var/log/supervisor
+RUN mkdir -p /var/log/nginx
+RUN mkdir -p /var/cache/nginx
+
 RUN chown -R ${USER_NAME}:${GROUP_NAME} /var/www && \
   chown -R ${USER_NAME}:${GROUP_NAME} /var/log/ && \
   chown -R ${USER_NAME}:${GROUP_NAME} /etc/supervisor/conf.d/ && \
   chown -R ${USER_NAME}:${GROUP_NAME} $PHP_INI_DIR/conf.d/ && \
-  chown -R ${USER_NAME}:${GROUP_NAME} /etc/nginx/sites-available/
+  touch /var/run/nginx.pid && \
+  chown -R $USER_NAME:$USER_NAME /var/cache/nginx && \
+  chown -R $USER_NAME:$USER_NAME /var/lib/nginx/ && \
+  chown -R $USER_NAME:$USER_NAME /var/run/nginx.pid && \
+  chown -R $USER_NAME:$USER_NAME /var/log/supervisor && \
+  chown -R $USER_NAME:$USER_NAME /etc/nginx/conf.d/ && \
+  chown -R ${USER_NAME}:${GROUP_NAME} /tmp
+
+
 #USER ${USER_NAME}
 EXPOSE 80
-CMD [ "entrypoint" ]
+ENTRYPOINT ["entrypoint.sh"]
 
diff --git a/src/entrypoint.sh b/src/entrypoint.sh
index b915a32..aaabcaf 100644
--- a/src/entrypoint.sh
+++ b/src/entrypoint.sh
@@ -54,23 +54,8 @@ else
     info  "artisan file not found"
 fi
 
-# Enable custom nginx config files if they exist
-if [ -f /var/www/html/conf/nginx/nginx.conf ]; then
-  cp /var/www/html/conf/nginx/nginx.conf /etc/nginx/nginx.conf
-  info "Using custom nginx.conf"
-fi
-
-if [ -f /var/www/html/conf/nginx/nginx-site.conf ]; then
-  info "Custom nginx site config found"
-  rm /etc/nginx/sites-available/default
-  cp /var/www/html/conf/nginx/nginx-site.conf /etc/nginx/sites-available/default
-  info "Start nginx with custom server config..."
-  else
-  info "Nginx-site.conf not found"
-  info "If you want to use custom configs, create config file in /var/www/html/conf/nginx/nginx-site.conf"
-  info "Start nginx with default config..."
-   rm -f /etc/nginx/sites-available/default
-   TASK=/etc/nginx/sites-available/default
+   rm -f /etc/nginx/conf.d/default.conf
+   TASK=/etc/nginx/conf.d/default.conf
    touch $TASK
    cat > "$TASK"  <<EOF
    server {
@@ -121,16 +106,6 @@ if [ -f /var/www/html/conf/nginx/nginx-site.conf ]; then
 	location ~ /\.bzr/  {deny all;}
 }
 EOF
-fi
-## Check if the supervisor config file exists
-if [ -f /var/www/html/conf/worker/supervisor.conf ]; then
-    info "Custom supervisor config found"
-    cp /var/www/html/conf/worker/supervisor.conf /etc/supervisor/conf.d/supervisor.conf
-    else
-    info "Supervisor.conf not found"
-    info "If you want to add more supervisor configs, create config file in /var/www/html/conf/worker/supervisor.conf"
-    info "Start supervisor with default config..."
-    fi
 
 supervisord -c /etc/supervisor/supervisord.conf
 
diff --git a/src/nginx.conf b/src/nginx.conf
new file mode 100644
index 0000000..ef61525
--- /dev/null
+++ b/src/nginx.conf
@@ -0,0 +1,73 @@
+user www-data;
+worker_processes auto;
+error_log               /var/log/nginx/error.log crit;
+pid                     /var/run/nginx.pid;
+include /etc/nginx/modules-enabled/*.conf;
+
+events {
+	worker_connections  1024;
+	use                 epoll;
+	multi_accept        on;
+}
+http {
+	sendfile on;
+	tcp_nopush on;
+	tcp_nodelay on;
+	client_header_timeout 3m;
+	client_body_timeout 3m;
+	client_max_body_size 256m;
+	client_header_buffer_size 4k;
+	client_body_buffer_size 256k;
+	large_client_header_buffers 4 32k;
+	send_timeout 3m;
+	keepalive_timeout 60 60;
+	reset_timedout_connection       on;
+	server_names_hash_max_size 1024;
+	server_names_hash_bucket_size 1024;
+	ignore_invalid_headers on;
+	connection_pool_size 256;
+	request_pool_size 4k;
+	output_buffers 4 32k;
+	postpone_output 1460;
+
+	include mime.types;
+	default_type application/octet-stream;
+
+
+
+	# Compression gzip
+	gzip on;
+	gzip_vary on;
+	gzip_disable "MSIE [1-6]\.";
+	gzip_proxied any;
+	gzip_min_length 512;
+	gzip_comp_level 6;
+	gzip_buffers 8 64k;
+	gzip_types text/plain text/xml text/css text/js application/x-javascript application/xml image/png image/x-icon image/gif image/jpeg image/svg+xml application/xml+rss text/javascript application/atom+xml application/javascript application/json application/x-font-ttf font/opentype;
+
+	# Proxy settings
+	proxy_redirect      off;
+	proxy_http_version 1.1;
+	proxy_set_header    Host            $host;
+	proxy_set_header    X-Real-IP       $remote_addr;
+	proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
+	proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection 'upgrade';
+    proxy_cache_bypass $http_upgrade;
+	proxy_pass_header   Set-Cookie;
+	proxy_connect_timeout   300;
+	proxy_send_timeout  300;
+	proxy_read_timeout  300;
+	proxy_buffers       32 4k;
+	proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m;
+	proxy_cache_key "$host$request_uri $cookie_user";
+	proxy_temp_path  /var/cache/nginx/temp;
+	proxy_ignore_headers Expires Cache-Control;
+	proxy_cache_use_stale error timeout invalid_header http_502;
+	proxy_cache_valid any 1d;
+	server_tokens off;
+
+
+
+	include /etc/nginx/conf.d/*.conf;
+}
\ No newline at end of file
diff --git a/src/supervisor/supervisord.conf b/src/supervisor/supervisord.conf
index 4019540..3dacdde 100644
--- a/src/supervisor/supervisord.conf
+++ b/src/supervisor/supervisord.conf
@@ -1,8 +1,10 @@
 [supervisord]
 nodaemon=true
-user=root
+user=www-data
 logfile=/var/log/supervisor/supervisord.log
-pidfile=/var/run/supervisord.pid
+logfile_maxbytes = 50MB
+pidfile=/tmp/supervisord.pid
+directory = /tmp
 
 
 [program:php-fpm]
@@ -10,9 +12,9 @@ command=/usr/local/sbin/php-fpm
 numprocs=1
 autostart=true
 autorestart=true
-stderr_logfile=/var/log/php-fpm_consumer.err.log
-stdout_logfile=/var/log/php-fpm_consumer.out.log
-user=root
+stderr_logfile=/var/log/supervisor/php-fpm.err.log
+stdout_logfile=/var/log/supervisor/php-fpm.out.log
+user=www-data
 priority=1
 
 [program:nginx]
@@ -20,9 +22,10 @@ command=/usr/sbin/nginx -g "daemon off;"
 numprocs=1
 autostart=true
 autorestart=true
-stderr_logfile=/var/log/nginx.err.log
-stdout_logfile=/var/log/nginx.out.log
-user=root
+stderr_logfile=/var/log/nginx/nginx.err.log
+stdout_logfile=/var/log/nginx/nginx.out.log
+logfile_maxbytes = 50MB
+user=www-data
 priority=2
 
 [include]

From 80e3d64ba7a03ba23a290ec8ec6036748027c767 Mon Sep 17 00:00:00 2001
From: Jonas Kaninda <jonaskaninda@gmail.com>
Date: Sun, 14 Jan 2024 14:54:33 +0100
Subject: [PATCH 2/2] chore: update readme

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 55006b4..4cb339c 100644
--- a/README.md
+++ b/README.md
@@ -133,7 +133,7 @@ USER www-data
 
 ## Supervisord
 ### Add more supervisor process in
-> /var/www/html/conf/worker/supervisor.conf
+> /etc/supervisor/conf.d/
 
 In case you want to execute and maintain a task or process with supervisor.