Ryahn/Nginx-Docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

init

Browse Source
This commit is contained in:
Ryahn 2025-03-23 18:09:52 -05:00
commit 0163224955
25 changed files with 2612 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
.env-example Normal file
View File

@ -0,0 +1,25 @@
#PHP Settings
ERROR_REPORTING = E_ALL & ~E_DEPRECATED & ~E_STRICT
DISPLAY_ERRORS = 1
DISPLAY_STARTUP_ERRORS = 1
LOG_ERRORS = 1
ERROR_LOG = /var/log/php-error.log
MEMORY_LIMIT = 1024M
MAX_EXECUTION_TIME = 300
MAX_INPUT_TIME = 300
POST_MAX_SIZE = 8M
UPLOAD_MAX_FILESIZE = 8M
EXTENSION_DIR = /usr/lib/php/8.3/extensions
#Nginx Settings
NGINX_USER = root
NGINX_WORKER_PROCESSES = auto
NGINX_WORKER_CONNECTIONS = 1024
NGINX_ERROR_LOG = /var/log/nginx/error.log
NGINX_PID = /var/run/nginx.pid
# General Settings
DOMAINS =
EMAIL =
ENABLE_PHP = 1
PHP_VERSION = 8.3

15
.gitignore vendored Normal file
View File

@ -0,0 +1,15 @@
configs/nginx/conf.d/*
configs/nginx/sites-enabled/*
!configs/nginx/sites-enabled/.gitkeep
configs/nginx/sites-available/*
configs/nginx/ssl/*
logs/*
configs/nginx/lua/*
.env
!configs/nginx/conf.d/.gitkeep
!configs/nginx/sites-available/.gitkeep
!configs/nginx/ssl/.gitkeep
!logs/.gitkeep
!configs/nginx/lua/.gitkeep
configs/logs/*
!configs/logs/.gitkeep

184
Dockerfile Normal file
View File

@ -0,0 +1,184 @@
FROM debian:bullseye-slim
# Set environment variables
ENV NGINX_VERSION=1.22.1
ENV OPENSSL_VERSION=1.1.1q
ENV PCRE_VERSION=8.45
ENV ZLIB_VERSION=1.2.13
ENV LUAJIT_VERSION=2.1-20230410
ENV NGINX_DEVEL_KIT_VERSION=0.3.2
ENV LUA_NGINX_MODULE_VERSION=0.10.24
ENV NGINX_HTTP_S3_MODULE_VERSION=0.5.2
# Install dependencies
RUN apt-get update && apt-get install -y \
build-essential \
ca-certificates \
curl \
git \
libssl-dev \
libpcre3-dev \
libxml2-dev \
libxslt1-dev \
wget \
zlib1g-dev \
unzip \
apt-transport-https \
lsb-release \
gnupg \
python3-certbot \
python3-certbot-nginx
# Arguments for PHP installation
ARG ENABLE_PHP=1
ARG PHP_VERSION=8.3
# Conditionally install PHP based on ENABLE_PHP argument
RUN if [ "$ENABLE_PHP" = "1" ]; then \
curl -sSLo /usr/share/keyrings/deb.sury.org-php.gpg https://packages.sury.org/php/apt.gpg && \
sh -c 'echo "deb [signed-by=/usr/share/keyrings/deb.sury.org-php.gpg] https://packages.sury.org/php/ $(lsb_release -sc) main" > /etc/apt/sources.list.d/php.list' && \
apt-get update && \
DEBIAN_FRONTEND=noninteractive apt-get install -y \
php${PHP_VERSION}-fpm \
php${PHP_VERSION}-cli \
php${PHP_VERSION}-common \
php${PHP_VERSION}-mysql \
php${PHP_VERSION}-curl \
php${PHP_VERSION}-gd \
php${PHP_VERSION}-mbstring \
php${PHP_VERSION}-xml \
php${PHP_VERSION}-zip \
php${PHP_VERSION}-bcmath \
php${PHP_VERSION}-intl; \
fi
# Create build directory
WORKDIR /build
# Download and extract sources
RUN wget -O nginx-${NGINX_VERSION}.tar.gz https://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz && \
wget -O pcre-${PCRE_VERSION}.tar.gz https://ftp.exim.org/pub/pcre/pcre-${PCRE_VERSION}.tar.gz && \
wget -O zlib-${ZLIB_VERSION}.tar.gz https://github.com/madler/zlib/archive/refs/tags/v${ZLIB_VERSION}.tar.gz && \
wget -O openssl-${OPENSSL_VERSION}.tar.gz https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz
RUN tar -xzvf nginx-${NGINX_VERSION}.tar.gz && \
tar -xzvf pcre-${PCRE_VERSION}.tar.gz && \
tar -xzvf zlib-${ZLIB_VERSION}.tar.gz && \
mv zlib-${ZLIB_VERSION} zlib-${ZLIB_VERSION}-extract && \
mv zlib-${ZLIB_VERSION}-extract zlib-${ZLIB_VERSION} && \
tar -xzvf openssl-${OPENSSL_VERSION}.tar.gz
# Download LuaJIT, Nginx Devel Kit and Lua Nginx Module
RUN git clone https://github.com/openresty/luajit2.git luajit2-${LUAJIT_VERSION} && \
git clone https://github.com/vision5/ngx_devel_kit.git ngx_devel_kit-${NGINX_DEVEL_KIT_VERSION} && \
git clone https://github.com/openresty/lua-nginx-module.git lua-nginx-module-${LUA_NGINX_MODULE_VERSION} && \
git clone https://github.com/anomalizer/ngx_aws_auth.git nginx-http-auth-request-${NGINX_HTTP_S3_MODULE_VERSION} && \
git clone https://github.com/openresty/lua-resty-core.git
# Build and install LuaJIT
WORKDIR /build/luajit2-${LUAJIT_VERSION}
RUN make && make install
# Set environment variables for LuaJIT
ENV LUAJIT_LIB=/usr/local/lib
ENV LUAJIT_INC=/usr/local/include/luajit-2.1
# Install lua-resty-core
WORKDIR /build
RUN mkdir -p /usr/local/share/lua/5.1/ && \
cd lua-resty-core && \
cp -r lib/resty /usr/local/share/lua/5.1/ && \
cd .. && \
git clone https://github.com/openresty/lua-resty-lrucache.git && \
cd lua-resty-lrucache && \
cp -r lib/resty /usr/local/share/lua/5.1/
# Build Nginx with all modules
WORKDIR /build/nginx-${NGINX_VERSION}
RUN ./configure \
--prefix=/usr/share/nginx \
--sbin-path=/usr/sbin/nginx \
--modules-path=/usr/lib/nginx/modules \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--pid-path=/var/run/nginx.pid \
--lock-path=/var/run/nginx.lock \
--http-client-body-temp-path=/var/cache/nginx/client_temp \
--http-proxy-temp-path=/var/cache/nginx/proxy_temp \
--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \
--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \
--http-scgi-temp-path=/var/cache/nginx/scgi_temp \
--with-pcre=/build/pcre-${PCRE_VERSION} \
--with-pcre-jit \
--with-zlib=/build/zlib-${ZLIB_VERSION} \
--with-openssl=/build/openssl-${OPENSSL_VERSION} \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_addition_module \
--with-http_sub_module \
--with-http_dav_module \
--with-http_flv_module \
--with-http_mp4_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_stub_status_module \
--with-http_auth_request_module \
--with-file-aio \
--with-threads \
--with-stream \
--with-stream_ssl_module \
--with-http_v2_module \
--add-module=/build/ngx_devel_kit-${NGINX_DEVEL_KIT_VERSION} \
--add-module=/build/lua-nginx-module-${LUA_NGINX_MODULE_VERSION} \
--add-module=/build/nginx-http-auth-request-${NGINX_HTTP_S3_MODULE_VERSION} \
&& make && make install
# Create required directories
RUN mkdir -p /var/cache/nginx/client_temp && \
mkdir -p /etc/nginx/conf.d && \
mkdir -p /etc/nginx/sites-available && \
mkdir -p /etc/nginx/sites-enabled && \
mkdir -p /usr/share/nginx/html && \
mkdir -p /etc/letsencrypt && \
mkdir -p /etc/nginx/ssl && \
mkdir -p /etc/nginx/lua
# Forward request logs to Docker log collector
RUN ln -sf /dev/stdout /var/log/nginx/access.log && \
ln -sf /dev/stderr /var/log/nginx/error.log
# Clean up
RUN apt-get remove --purge -y build-essential curl git wget && \
apt-get autoremove -y && \
apt-get clean && \
rm -rf /var/lib/apt/lists/* /build
# Create directory for PHP-FPM socket if PHP is enabled
RUN if [ "$ENABLE_PHP" = "1" ]; then \
mkdir -p /run/php; \
fi
# Copy scripts
COPY scripts/link_sites.sh /usr/local/bin/
COPY scripts/generate_self_signed_ssl.sh /usr/local/bin/
COPY scripts/generate_letsencrypt.sh /usr/local/bin/
COPY scripts/update_configs.sh /usr/local/bin/
# Make scripts executable
RUN chmod +x /usr/local/bin/link_sites.sh && \
chmod +x /usr/local/bin/generate_self_signed_ssl.sh && \
chmod +x /usr/local/bin/generate_letsencrypt.sh && \
chmod +x /usr/local/bin/update_configs.sh
# Copy entrypoint script
COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh
# Expose ports
EXPOSE 80 443
# Start Nginx and PHP-FPM
CMD ["/entrypoint.sh"]

0
configs/logs/.gitkeep Normal file
View File

0
configs/nginx/conf.d/.gitkeep Normal file
View File

50
configs/nginx/default.conf Normal file
View File

@ -0,0 +1,50 @@
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name localhost;
#access_log /var/log/nginx/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
# # S3 proxy example
# location /s3/ {
# # Remove the /s3/ prefix when forwarding to S3
# rewrite ^/s3/(.*)$ /$1 break;
# proxy_http_version 1.1;
# proxy_set_header Host $s3_bucket.s3.amazonaws.com;
# proxy_set_header Authorization "";
# proxy_hide_header x-amz-id-2;
# proxy_hide_header x-amz-request-id;
# proxy_hide_header Set-Cookie;
# proxy_ignore_headers "Set-Cookie";
# proxy_buffering off;
# proxy_intercept_errors on;
# # Add AWS authentication headers
# aws_auth access=$aws_access_key secret=$aws_secret_key region=$s3_region;
# # S3 endpoint - modify for your region if needed
# proxy_pass https://$s3_bucket.s3.amazonaws.com/;
# }
# # Example of a Lua endpoint
# location /lua {
# default_type 'text/plain';
# content_by_lua_block {
# ngx.say("Hello from Lua!")
# ngx.say("S3 Bucket: " .. os.getenv("S3_BUCKET"))
# ngx.say("S3 Region: " .. os.getenv("S3_REGION"))
# }
# }
# Error pages
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}

41
configs/nginx/nginx.conf Normal file
View File

@ -0,0 +1,41 @@
user root;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
# Lua settings
lua_package_path "/etc/nginx/lua/?.lua;/usr/local/share/lua/5.1/?.lua;;";
# lua_shared_dict s3_cache 10m;
# AWS S3 settings
# set_by_lua_block $aws_access_key { return os.getenv("AWS_ACCESS_KEY") }
# set_by_lua_block $aws_secret_key { return os.getenv("AWS_SECRET_KEY") }
# set_by_lua_block $s3_bucket { return os.getenv("S3_BUCKET") }
# set_by_lua_block $s3_region { return os.getenv("S3_REGION") }
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}

0
configs/nginx/sites-available/.gitkeep Normal file
View File

0
configs/nginx/sites-enabled/.gitkeep Normal file
View File

13
configs/nginx/snippets/fastcgi-php.conf Normal file
View File

@ -0,0 +1,13 @@
# regex to split $uri to $fastcgi_script_name and $fastcgi_path
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
# Check that the PHP script exists before passing it
try_files $fastcgi_script_name =404;
# Bypass the fact that try_files resets $fastcgi_path_info
# see: http://trac.nginx.org/nginx/ticket/321
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
fastcgi_index index.php;
include fastcgi.conf;

25
configs/nginx/snippets/fastcgi.conf Normal file
View File

@ -0,0 +1,25 @@
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REQUEST_SCHEME $scheme;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;

2
configs/nginx/snippets/self-signed.conf Normal file
View File

@ -0,0 +1,2 @@
ssl_certificate /etc/nginx/ssl/self-signed.crt;
ssl_certificate_key /etc/nginx/ssl/self-signed.key;

5
configs/nginx/snippets/snakeoil.conf Normal file
View File

@ -0,0 +1,5 @@
# Self signed certificates generated by the ssl-cert package
# Don't use them in a production server!
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;

11
configs/nginx/snippets/ssl-params.conf Normal file
View File

@ -0,0 +1,11 @@
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";

0
configs/nginx/ssl/.gitkeep Normal file
View File

22
configs/php/php-fpm.conf Normal file
View File

@ -0,0 +1,22 @@
[global]
pid = /run/php/php8.3-fpm.pid
error_log = /var/log/php8.3-fpm.log
daemonize = yes
[www]
user = www-data
group = www-data
listen = /run/php/php8.3-fpm.sock
listen.owner = www-data
listen.group = www-data
listen.mode = 0660
pm = dynamic
pm.max_children = 25
pm.start_servers = 5
pm.min_spare_servers = 2
pm.max_spare_servers = 10
pm.max_requests = 500
php_admin_value[error_log] = /var/log/php8.3-fpm-errors.log
php_admin_flag[log_errors] = on

1966
configs/php/php.ini Normal file
View File

File diff suppressed because it is too large Load Diff

45
docker-compose.yml Normal file
View File

@ -0,0 +1,45 @@
version: '3.8'
services:
nginx:
build:
context: .
dockerfile: Dockerfile
args:
- ENABLE_PHP=${ENABLE_PHP:-1}
- PHP_VERSION=${PHP_VERSION:-8.3}
container_name: nginx
ports:
- "80:80"
- "443:443"
volumes:
- ./configs/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
- ./configs/nginx/conf.d:/etc/nginx/conf.d:ro
- ./configs/nginx/sites-available:/etc/nginx/sites-available:ro
- ./configs/nginx/sites-enabled:/etc/nginx/sites-enabled:ro
- ./configs/nginx/snippets:/etc/nginx/snippets:ro
- ./configs/nginx/ssl:/etc/nginx/ssl:ro
- ./html:/usr/share/nginx/html
- ./configs/php:/usr/local/etc/php
- ./configs/logs:/var/log/nginx
- ./configs/lua:/etc/nginx/lua:ro
- letsencrypt:/etc/letsencrypt
- nginx_data:/var/www/html
- php_data:/var/lib/php
environment:
- DOMAINS=${DOMAINS:-domain1.com,domain2.com,domain3.com}
- EMAIL=${EMAIL:-your-email@example.com}
- ENABLE_PHP=${ENABLE_PHP:-1}
- PHP_VERSION=${PHP_VERSION:-8.3}
restart: unless-stopped
networks:
- app-network
volumes:
letsencrypt:
nginx_data:
php_data:
networks:
app-network:
external: true

41
entrypoint.sh Normal file
View File

@ -0,0 +1,41 @@
#!/bin/bash
set -e
# Update configurations from .env
echo "Updating configurations from .env..."
/usr/local/bin/update_configs.sh
# Check if PHP is enabled
if [ "${ENABLE_PHP}" = "1" ]; then
echo "PHP is enabled, starting PHP-FPM..."
# Get PHP version from environment
PHP_VERSION=${PHP_VERSION:-8.3}
# Start PHP-FPM
/etc/init.d/php${PHP_VERSION}-fpm start
# Wait for PHP-FPM to be ready
until [ -S /run/php/php${PHP_VERSION}-fpm.sock ]; do
echo "Waiting for PHP-FPM socket..."
sleep 1
done
echo "PHP-FPM is ready!"
fi
# Link sites in sites-available to sites-enabled
echo "Linking available sites..."
/usr/local/bin/link_sites.sh
# Generate self-signed SSL certificates if no certificates exist
if [ ! -d "/etc/nginx/ssl" ] || [ -z "$(ls -A /etc/nginx/ssl)" ]; then
echo "Generating self-signed SSL certificates..."
/usr/local/bin/generate_self_signed_ssl.sh
fi
# Test nginx configuration
echo "Testing Nginx configuration..."
nginx -t
# Start Nginx
echo "Starting Nginx..."
nginx -g 'daemon off;'

11
html/index.html Normal file
View File

@ -0,0 +1,11 @@
<!DOCTYPE html>
<html>
<head>
<title>Nginx with Lua and S3</title>
</head>
<body>
<h1>Nginx with Lua and S3 Support</h1>
<p>Your server is running successfully!</p>
<p><a href="/lua">Test Lua endpoint</a></p>
</body>
</html>

0
logs/.gitkeep Normal file
View File

32
scripts/generate_letsencrypt.sh Executable file
View File

@ -0,0 +1,32 @@
#!/bin/bash
# Check if email is provided
if [ -z "$EMAIL" ]; then
echo "ERROR: Email address is required"
exit 1
fi
# Function to generate Let's Encrypt certificate
generate_cert() {
local domain=$1
certbot --nginx \
--non-interactive \
--agree-tos \
--email "$EMAIL" \
-d "$domain" \
--redirect
}
# If no domain is provided, use the DOMAINS environment variable
if [ $# -eq 0 ] && [ -n "$DOMAINS" ]; then
IFS=',' read -ra DOMAIN_LIST <<< "$DOMAINS"
for domain in "${DOMAIN_LIST[@]}"; do
generate_cert "$domain"
done
else
# Generate for specified domains
for domain in "$@"; do
generate_cert "$domain"
done
fi

54
scripts/generate_self_signed_ssl.sh Executable file
View File

@ -0,0 +1,54 @@
#!/bin/bash
SSL_DIR="/etc/nginx/ssl"
SITES_ENABLED="/etc/nginx/sites-enabled"
mkdir -p "$SSL_DIR"
# Function to generate self-signed certificate for a domain
generate_cert() {
local domain=$1
local cert_dir="$SSL_DIR/$domain"
mkdir -p "$cert_dir"
openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
-keyout "$cert_dir/self-signed.key" \
-out "$cert_dir/self-signed.crt" \
-subj "/CN=$domain"
chmod 600 "$cert_dir/self-signed.key"
echo "Generated self-signed certificate for $domain"
}
# Function to extract server names from nginx config files
extract_domains() {
grep -h "server_name" "$SITES_ENABLED"/* 2>/dev/null | \
sed 's/server_name//g' | \
tr -d ';' | \
tr ' ' '\n' | \
grep -v '^$' | \
sort -u
}
# If domains are provided as arguments, use those
if [ $# -gt 0 ]; then
echo "Generating certificates for specified domains..."
for domain in "$@"; do
generate_cert "$domain"
done
# If DOMAINS env variable is set, use that
elif [ -n "$DOMAINS" ]; then
echo "Generating certificates from DOMAINS environment variable..."
IFS=',' read -ra DOMAIN_LIST <<< "$DOMAINS"
for domain in "${DOMAIN_LIST[@]}"; do
generate_cert "$domain"
done
# Otherwise, try to extract domains from sites-enabled
else
echo "No domains specified. Attempting to extract from sites-enabled..."
while IFS= read -r domain; do
if [ -n "$domain" ]; then
generate_cert "$domain"
fi
done < <(extract_domains)
fi

35
scripts/link_sites.sh Executable file
View File

@ -0,0 +1,35 @@
#!/bin/bash
SITES_AVAILABLE="/etc/nginx/sites-available"
SITES_ENABLED="/etc/nginx/sites-enabled"
# Create sites-enabled directory if it doesn't exist
mkdir -p "$SITES_ENABLED"
# Loop through all files in sites-available
for site in "$SITES_AVAILABLE"/*; do
if [ -f "$site" ]; then
site_name=$(basename "$site")
target="$SITES_ENABLED/$site_name"
# Check if the symlink already exists
if [ ! -L "$target" ]; then
ln -s "$site" "$target"
echo "Linked $site_name"
else
echo "Site $site_name is already linked"
fi
fi
done
# Test nginx configuration
nginx -t
# Reload nginx if configuration test passes
if [ $? -eq 0 ]; then
nginx -s reload
echo "Nginx configuration reloaded successfully"
else
echo "Error in nginx configuration"
exit 1
fi

35
scripts/update_configs.sh Executable file
View File

@ -0,0 +1,35 @@
#!/bin/bash
# Function to update configuration files
update_config() {
local env_file=".env"
local nginx_conf="configs/nginx/nginx.conf"
local php_ini="configs/php/php.ini"
# Update nginx.conf
if [ -f "$env_file" ] && [ -f "$nginx_conf" ]; then
while IFS='=' read -r key value; do
if [[ $key == NGINX_* ]]; then
# Remove NGINX_ prefix and convert to lowercase
setting=${key#NGINX_}
setting=${setting,,}
# Update nginx.conf
sed -i "s|^[[:space:]]*$setting[[:space:]]*.*|$setting $value;|g" "$nginx_conf"
fi
done < "$env_file"
fi
# Update php.ini
if [ -f "$env_file" ] && [ -f "$php_ini" ]; then
while IFS='=' read -r key value; do
if [[ $key != NGINX_* ]]; then
# Convert underscores to dots for PHP settings
setting=${key//_/.}
# Update php.ini
sed -i "s|^[[:space:]]*$setting[[:space:]]*=.*|$setting = $value|g" "$php_ini"
fi
done < "$env_file"
fi
}
update_config