修復正式機 sysctl 權限錯誤：移除 setcap，PHP 改用 port 8080 搭配 Nginx proxy

2026-02-23 15:01:12 +08:00
parent 1acbfb7246
commit 1acc4daebb
3 changed files with 32 additions and 32 deletions
--- a/docker/8.5/Dockerfile
+++ b/docker/8.5/Dockerfile
@@ -11,7 +11,7 @@ WORKDIR /var/www/html

 ENV DEBIAN_FRONTEND=noninteractive
 ENV TZ=UTC
-ENV SUPERVISOR_PHP_COMMAND="/usr/bin/php -d variables_order=EGPCS /var/www/html/artisan serve --host=0.0.0.0 --port=80"
+ENV SUPERVISOR_PHP_COMMAND="/usr/bin/php -d variables_order=EGPCS /var/www/html/artisan serve --host=0.0.0.0 --port=8080"
 ENV SUPERVISOR_PHP_USER="sail"
 ENV PLAYWRIGHT_BROWSERS_PATH=0

@@ -75,7 +75,7 @@ RUN apt-get update && apt-get upgrade -y \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

-RUN setcap "cap_net_bind_service=+ep" /usr/bin/php8.5
+# setcap 已移除：正式機核心不允許 sysctl 設定，改用高位 port 8080 搭配 Nginx proxy

 RUN userdel -r ubuntu
 RUN groupadd --force -g $WWWGROUP sail
@@ -87,6 +87,6 @@ COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
 COPY php.ini /etc/php/8.5/cli/conf.d/99-sail.ini
 RUN chmod +x /usr/local/bin/start-container

-EXPOSE 80/tcp
+EXPOSE 8080/tcp

 ENTRYPOINT ["start-container"]
--- a/nginx/demo-proxy.conf
+++ b/nginx/demo-proxy.conf
@@ -4,7 +4,7 @@ server {
    server_name _;

    location / {
-        proxy_pass http://star-erp-laravel:80;
+        proxy_pass http://star-erp-laravel:8080;
        proxy_set_header Host star-erp.demo;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@@ -19,7 +19,7 @@ server {
    server_name _;

    location / {
-        proxy_pass http://star-erp-laravel:80;
+        proxy_pass http://star-erp-laravel:8080;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
--- a/nginx/prod-proxy.conf
+++ b/nginx/prod-proxy.conf
@@ -12,7 +12,7 @@ server {
    server_name erp.koori.tw erp.mamaiclub.com;

    location / {
-        proxy_pass http://star-erp-laravel:80;
+        proxy_pass http://star-erp-laravel:8080;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;