Компания ООО «Информационное агентство «Валаам» (10 мая 2011 года переименована в ООО «Коммерсантъ КАРТОТЕКА») была основана в октябре 1995 года и осуществляет деятельность на рынке информационно-аналитических услуг более 22 лет.
Компания одна из наиболее динамично развивающихся в сфере создания и использования баз данных и информационных ресурсов, а также в области разработки программного обеспечения.
FROM php:5.6-apache RUN apt-get update && apt-get install -y \ libfreetype6-dev \ libjpeg62-turbo-dev \ libpng-dev \ libicu-dev \ libmemcached-dev \ libbz2-dev \ libssh2-1 \ libssh2-1-dev \ libssl-dev \ librabbitmq-dev \ libxml2-dev \ libxslt-dev \ git \ && a2enmod rewrite \ && docker-php-ext-install bcmath bz2 calendar exif opcache pdo_mysql mysql mysqli intl zip soap \ && docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ \ && docker-php-ext-install gd \ && docker-php-ext-install xsl RUN pecl install https://xdebug.org/files/xdebug-2.5.5.tgz \ && pecl install ssh2-0.13 \ && docker-php-ext-enable xdebug ssh2 \ && echo "error_reporting = E_ALL" > /usr/local/etc/php/php.ini \ && echo "post_max_size = 256M" > /usr/local/etc/php/php.ini \ && echo "upload_max_filesize = 256M" > /usr/local/etc/php/php.ini \ && echo "date.timezone = Europe/Moscow" > /usr/local/etc/php/php.ini \ && echo "display_startup_errors = On" >> /usr/local/etc/php/php.ini \ && echo "display_errors = On" >> /usr/local/etc/php/php.ini \ && echo "expose_php = Off" >> /usr/local/etc/php/php.ini \ && echo "xdebug.remote_enable=1" >> /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini \ && echo "xdebug.remote_connect_back=0" >> /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini \ && echo "xdebug.idekey=\"PHPSTORM\"" >> /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini \ && echo "xdebug.remote_port=9000" >> /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini \ && echo "xdebug.remote_host=10.0.75.1" >> /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini \ && chmod 777 /var/log RUN pecl install mongo && docker-php-ext-enable mongo RUN pecl install mongodb && docker-php-ext-enable mongodb RUN pecl install amqp && docker-php-ext-enable amqp RUN pecl install redis-3.1.0 && docker-php-ext-enable redis RUN pecl install memcached-2.2.0 && docker-php-ext-enable memcached RUN pecl install memcache && docker-php-ext-enable memcache RUN chmod 777 /etc/apache2/sites-available #Установка apache2-mpm-itk #RUN apt install -y libapache2-mpm-itk #RUN a2enmod mpm_prefork #RUN a2enmod mpm_itk # Установить composer RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer # Установить midnight-commander RUN apt-get install -y mc #SSL operation failed with code 1 #RUN apt-get install ca-certificates # RUN echo IncludeOptioal sites-enabled/*.conf #A configuration file. COPY root_rsa_CA.crt /etc/ssl/certs/root_rsa_CA.crt #A single-file version of CA certificates. This holds all CA certificates that you activated in /etc/ca-certificates.conf. COPY root_rsa_CA.crt /etc/ca-certificates/update.d/root_rsa_CA.crt # /usr/share/ca-certificates Directory of CA certificates # /usr/local/share/ca-certificates Directory of local CA certificates (with .crt extension). RUN update-ca-certificates COPY asps.key /mycert/asps.key COPY asps.pem /mycert/asps.pem RUN a2enmod ssl RUN apt-get install iputils-ping -y RUN echo "nameserver 192.168.0.106" > /etc/resolv.conf && \ echo "nameserver 192.168.0.2" > /etc/resolv.conf ADD ./hosts /etc/apache2/sites-available/ RUN a2ensite kartoteka asu anchikin vestnik libs srpi asps # Рабочая директория при входе в контейнер WORKDIR /var/www/
version: "3" services: db: image: "mysql:5.6" environment: MYSQL_ROOT_PASSWORD: blackmamba MYSQL_USER: mysql MYSQL_PASSWORD: admin MYSQL_DATABASE: kartoteka_local ports: - "3306:3306" volumes: - C:\mysql:/var/lib/mysql container_name: db site: environment: DEVELOP: 1 build: . depends_on: - db ports: - "80:80" - "443:443" volumes: - C:\docker\server\hosts:/etc/apache2/sites-available/ - C:\server\config\php\php.ini:/usr/local/etc/php/php.ini - C:\server\libs:/var/www/libs:cached - C:\server\libs:/var/www/libs_new__:cached - C:\server\libsasu:/var/www/libsasu:cached - C:\server\libsv:/var/www/libsv:cached - C:\server\uni:/var/www/uni:cached - C:\server\srpi:/var/www/srpi/srpi:cached - C:\server:/var/www/asps.vgr:cached - C:\server\kartoteka:/var/www/new.kartoteka.ru/webdata:cached - C:\server\tmp:/tmp:cached - C:\server\anchikin:/var/www/anchikin.develop:cached - C:\server\vestnik:/var/www/vestnik:cached - C:\server\asu:/var/www/asu:cached - C:\server\api:/var/www/api:cached - C:\server\bankruptcy:/var/www/bankruptcy:cached - C:\server\composer\cache:/.composer/cache/:cached - C:\server\files:/mnt/nfs/112/:cached - C:\server\files:/mnt/raid/files/web/:cached - C:\server\log:/var/www/log:cached - C:\server\cert:/var/www/cert container_name: site
asps.key
-----BEGIN PRIVATE KEY----- MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDK4jF27w+Q9wBf g/wxDK1QP/C4vQ3Ui0OUyUXCUnKGa69xV8Mffn64jzTxuTL0AwwYaHnhdJIi9b2g Vr9tOZI7Nd65y7tWN/+xPxaUW8z+ot5AjaEJkIXR17Jsg3Zrbc+5BMRAjbCtygg7 hqdLBIA04hm/jB69To9P798U/9M4VizVNAwDSokgh6bUiE8itE7IrfoV0Uk1kXyU yAraeKkzzh/fDqLyRXFgVx+m1xX8W9d9Aow8vUJeX8f17BUFnbHw/JI3Jev7iD0R 8++Ej6HbqePEMzHqjRGC5VEE41W63/HPzfk7tnUD+UqXbcqOM1TulstNzJCYW7Ux U1Eb/B3XAgMBAAECggEAE/36Fdg01noghUkCPusa4P+L/whSJpGalTzILP/m3Swb W7XkOmRCpHkoJHG1faoXNQiGihrsk5lXmEc0EdVMfZ0vV2umCDb4cUTgOrpZFvaB pCbQqZqeNTFmGZ9Suf9WKss3c40Czf1MlmEMdy34XD2zf9aU6N6m7J+cgfs7mx9l ypUxi1MLTMnbvRYIrmVg3PTacxgPM4nSARXLhOGjw9rYKRIVXt+4rrwkV7QcTgD9 Gx03MLm5ktduW3QYmNDjQ8tYq1MjtA+zq99Da6uB73QF6wuL6Oa4NrVYGLxvVh8G /GOjpCp4bU7QHz3Aq+jsau+EAFWI47Ml9ZEpgPM5IQKBgQDxSwcgIMJMhQkk+nRn SCkEuvqcA5JeMBnjl6NQmgl0OaeLfP1WKjJl7mW+YqGkMYkP1WNFSCskRlYXYwEN +zwKcUrUGo8VEStm5HA+TLm9XxG57/L4TH/r+HbSmiSppPKXENIXfc+zafhpn2yo kmKDre/xJPq6Wjjm1wacqxWdWQKBgQDXP9mDIiwB8hpakfDLDrV/FF8dYTCiu4lL p0of3SDFm05MjrGCp68q5tm2GpFpJWQPFVXFaWU7fCFtOpSb0NfwaSd1ERnZ4W1q xKrOW1EclHWza2H2DUIkS3/nYexqLkCOYaURPTkbMs8c0vwkN4fdi/jKyOhN6KtD WAkJB6o+rwKBgQDDtmxoJcoTUNDS+oaSA1ip6pM9GjSNSwykqqkfxmEmsWDxZgcB 7aYFQXGrE8syJ6+ZdSZY2qmLebV4sKf5VC8l9TCRi51EpDGE+oMENS1uqX7yRurX dQ1JM7YFKlvUceMGnvEZdsWSK8D+wv3aWSmozttQyALKRkXjDsPhLW+RuQKBgHvm iPHuzZ4hGgJgV1bLFLYdp9Jli3VgtdsSZJyK0L5uc1emG4+1riLn1xH3oRQBLeNw yHpl/JuNDECvo7M9N89u+ANu4I6GMFFw+1DlR39IBahNe4oCf7wcqXcq6scD8K0E j9uofiKl0Ioq+HBwdoiUdZVkqDOQZmTRXAISo3CJAoGBANpuDn+zSLbv4x5NsFcQ bsvqBtZbMS+9LhEHc3N0h9JvqydLFfGJC66Vlkh8WG1o8Gm9ptOViehsowsLVHBg EzslzXe0V6xx5VWLxyZuVc/Q3Id97KJ5ESyf4i4NM+QTxepUMwOhdhCea+kFjD+N 8VGF9mT6Zbma3AGPWryph3R/ -----END PRIVATE KEY-----
-----BEGIN CERTIFICATE----- MIIE9TCCBF6gAwIBAgICAOQwDQYJKoZIhvcNAQELBQAwggE+MSEwHwYJKoZIhvcN AQkBDBJhZG1pbkBrYXJ0b3Rla2EucnUxCzAJBgNVBAYTAlJVMSIwIAYDVQQIDBnQ ndCw0YXQuNC80L7QstGB0LrQuNC5IDMyMRUwEwYDVQQHDAzQnNC+0YHQutCy0LAx MDAuBgNVBAoMJ9Ce0J7QniDQmtC+0LzQvNC10YDRgdCw0L3RgtGKIEtBUlRPVEVL QTFBMD8GA1UECww40JLQvdGD0YLRgNC10L3QvdC40Lkg0KbQtdC90YLRgCDQodC1 0YDRgtC40YTQuNC60LDRhtC40LgxGDAWBgUqhQNkAQwNMTAyNzcwMDE3NzEzMDEa MBgGCCqFAwOBAwEBDAwwMDc3MTMwMzg5NjIxJjAkBgNVBAMMHdCb0KPQpiDQmtCQ 0KDQotCe0KLQldCa0JAgUlNBMCAXDTE5MDgxNDE0MDAwMVoYDzIwNTkwODE1MTQw MDAxWjCBuDELMAkGA1UEBhMCUlUxIjAgBgNVBAgMGdCd0LDRhdC40LzQvtCy0YHQ utC40LkgMzIxMDAuBgNVBAoMJ9Ce0J7QniDQmtC+0LzQvNC10YDRgdCw0L3RgtGK IEtBUlRPVEVLQTE6MDgGA1UECwwx0JjQvdGE0L7RgNC80LDRhtC40L7QvdC90YvQ tSDRgtC10YXQvdC+0LvQvtCz0LjQuDEXMBUGA1UEAwwOYXNwcy5sb2NhbGhvc3Qw ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK4jF27w+Q9wBfg/wxDK1Q P/C4vQ3Ui0OUyUXCUnKGa69xV8Mffn64jzTxuTL0AwwYaHnhdJIi9b2gVr9tOZI7 Nd65y7tWN/+xPxaUW8z+ot5AjaEJkIXR17Jsg3Zrbc+5BMRAjbCtygg7hqdLBIA0 4hm/jB69To9P798U/9M4VizVNAwDSokgh6bUiE8itE7IrfoV0Uk1kXyUyAraeKkz zh/fDqLyRXFgVx+m1xX8W9d9Aow8vUJeX8f17BUFnbHw/JI3Jev7iD0R8++Ej6Hb qePEMzHqjRGC5VEE41W63/HPzfk7tnUD+UqXbcqOM1TulstNzJCYW7UxU1Eb/B3X AgMBAAGjgf4wgfswCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwMQYDVR0lBCowKAYI KwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDAwYIKwYBBQUHAwQwGQYDVR0RBBIw EIIOYXNwcy5sb2NhbGhvc3QwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL2NhLmxv Y2FsL3Jvb3RfcnNhX0NBLmNybDBhBggrBgEFBQcBAQRVMFMwKwYIKwYBBQUHMAKG H2h0dHA6Ly9jYS5sb2NhbC9yb290X3JzYV9DQS5jcnQwJAYIKwYBBQUHMAGGGGh0 dHA6Ly9jYS5sb2NhbC9vY3NwLnNyZjANBgkqhkiG9w0BAQsFAAOBgQBU2iyA4FOi d/3JrTjTEGtdkyzyrl84bBP5AZuH8BAY647R7MhVyoKFKKOyPV11G1NjhS5ybyRa AZz+DnZ9OeF2w8XpdZtLqkKkhh/su+cKHwkL5PEDagJo3nD6s2JVikmKB2Jifsia 5tteg4TTkQdkvf1Ax7xZw3qFxqdStLdkFA== -----END CERTIFICATE-----
root_rsa_CA.crt
...
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
<VirtualHost *:80> DocumentRoot "/var/www/anchikin.develop" ServerName anchikin.local ServerAlias www.anchikin.local </VirtualHost>
<VirtualHost *:80>
DocumentRoot "/var/www/asps.vgr"
ServerName asps.localhost
ServerAlias www.asps.localhost
</VirtualHost>
<VirtualHost *:443>
DocumentRoot "/var/www/asps.vgr"
ServerName asps.localhost
ServerAlias www.asps.localhost
SSLEngine on
SSLProtocol all -SSLv2
SSLCertificateFile "/mycert/asps.pem"
SSLCertificateKeyFile "/mycert/asps.key"
</VirtualHost>
<VirtualHost *:80> DocumentRoot "/var/www/asu" ErrorLog "/var/www/log/asu_error.log" CustomLog "/var/www/log/asu.localhost-access.log" common ServerName asu.localhost ServerAlias www.asu.localhost KeepAlive On KeepAliveTimeout 3000 MaxKeepAliveRequests 1000 </VirtualHost>
....
<VirtualHost *:80> DocumentRoot "/var/www/new.kartoteka.ru/webdata" ErrorLog "/var/www/log/kartoteka_error.log" ServerName kartoteka.local ServerAlias www.kartoteka.local KeepAlive On KeepAliveTimeout 3000 MaxKeepAliveRequests 1000 </VirtualHost>
<VirtualHost *:80> DocumentRoot "/var/www/libs" ServerName libs.localhost ServerAlias www.libs.localhost </VirtualHost>
<VirtualHost *:80> DocumentRoot "/var/www/srpi" ServerName srpi.localhost ServerAlias www.srpi.localhost </VirtualHost>
<VirtualHost *:80> DocumentRoot "/var/www/vestnik" ServerName vestnik.localhost ServerAlias www.vestnik.localhost </VirtualHost>
server {
listen 192.168.0.100:80;
server_name asu.local;
return 301 https://asu.local$request_uri;
}
server {
listen 192.168.0.100:443 ssl http2;
set $site_name "asu.local";
server_name asu.local;
set $root_path "/usr/local/www/asu.local/webdata";
root $root_path;
index index.php index.html index.htm;
access_log /var/log/nginx/asu.local.access.log;
error_log /var/log/nginx/asu.local.error.log;
gzip on;
gzip_http_version 1.1;
gzip_buffers 32 4k;
gzip_comp_level 5;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private auth;
gzip_vary on;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
gzip_static on;
gzip_types text/plain text/css text/js text/json text/xml text/javascript text/x-component application/javascript application/x-javascript application/json application/xml application/rss+xml application/font-woff font/truetype font/opentype application/vnd.ms-fontobject image/svg+xml image/x-icon ;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options nosniff;
add_header x-xss-protection "1; mode=block" always;
add_header X-Content-Security-Policy "allow 'self'";
add_header X-WebKit-CSP "allow 'self'";
ssl_certificate /******/cert.crt;
ssl_certificate_key /******/private.key;
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:!DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;
ssl_session_timeout 5m;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:50m;
ssl_dhparam /*****/dhparam.pem;
location ~ \.php$ {
add_header Access-Control-Allow-Origin *;
add_header x-xss-protection "1; mode=block" always;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $root_path$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $root_path; # ▒▒▒▒ ▒▒▒▒▒▒▒▒ ▒▒▒▒▒ ▒▒▒▒▒▒▒▒ ▒▒ root ▒ ▒▒▒▒▒▒ server
fastcgi_pass php-fpm;
fastcgi_param PHP_VALUE session.save_path="/var/tmp/php";
fastcgi_buffer_size 32k;
fastcgi_buffers 4 32k;
fastcgi_read_timeout 50000;
fastcgi_hide_header X-Powered-By;
}
location ~*\.(js)$ {
root $root_path;
expires 12M;
add_header x-xss-protection "1; mode=block" always;
}
location ~*\.(jpg|jpeg|gif|png|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|tar|wav|bmp|rtf|swf|ico|flv|txt|xml|docx|xlsx|ttf|woff|woff2|mp3)$ {
root $root_path;
expires 12M;
add_header Pragma public;
add_header Cache-Control "max-age=31536000, public";
access_log off;
log_not_found off;
}
if ($uri ~ ^/(site\/ping|robots\.txt)$) {
set $maintenance off;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ /\.ht {
deny all;
}
location ~ /.svn/ {
deny all;
}
location ~ ^/(status|ping)$ {
access_log off;
allow 127.0.0.1;
allow 192.168.0.11;
deny all;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $fastcgi_script_name;
fastcgi_pass php-fpm;
}
}