Anonymous avatar Anonymous committed a838c4e

Use an approot to properly protect accesses to the framework files

Comments (0)

Files changed (7)

 www:
     type: php
+    approot: web
 
 db:
     type: mysql

nginx.conf

-# Set this to "app.php" to go into production mode:
-set $front_controller app_dev.php;
-
-index $front_controller;
-
-try_files $uri /web$uri /web/$front_controller$uri;
-
-location ~ ".+\.php($|/.*)" {
-   if ( -f /home/dotcloud/current/maintenance) {
-       return 503;
-   }
-
-   fastcgi_pass                     unix:/var/dotcloud/php5-fpm.sock;
-   include                          fastcgi_params;
-   include                          /home/dotcloud/current/\*fastcgi.conf;
-   fastcgi_split_path_info          ^(.+\.php)(/.+)$;
-   fastcgi_param PATH_INFO          $fastcgi_path_info;
-   fastcgi_param PATH_TRANSLATED    $document_root$fastcgi_path_info;
-}

php.ini

-[Date]
-
-date.timezone = America/Los_Angeles

postinstall

-#!/bin/sh
-
-# Install the vendor libraries
-#
-# The ~/current directory, where your application lives on DotCloud, is erased
-# by the newer version of your code, each time you push.
-# So, we would need to reinstall all the vendor libraries if we left them
-# inside ~/current.
-# That's why we install the vendor libraries outside of ~/current and create a
-# symlink to it.
-symfony_install_vendor() {
-    local vendor_directory=$HOME/vendor/
-
-    [ -d $vendor_directory ] || mkdir -p $vendor_directory
-
-    rm -rf ~/current/vendor
-    ln -s $vendor_directory ~/current/vendor
-
-    php ~/current/bin/vendors install
-}
-
-symfony_install_vendor
+# Set this to "app.php" to go into production mode:
+set $front_controller app_dev.php;
+
+index $front_controller;
+
+try_files $uri $uri/ /$front_controller$uri;
+
+location ~ ".+\.php($|/.*)" {
+   if ( -f /home/dotcloud/current/maintenance) {
+       return 503;
+   }
+
+   fastcgi_pass                     unix:/var/dotcloud/php5-fpm.sock;
+   include                          fastcgi_params;
+   include                          /home/dotcloud/current/\*fastcgi.conf;
+   fastcgi_split_path_info          ^(.+\.php)(/.+)$;
+   fastcgi_param PATH_INFO          $fastcgi_path_info;
+   fastcgi_param PATH_TRANSLATED    $document_root$fastcgi_path_info;
+}
+[Date]
+
+date.timezone = America/Los_Angeles
+#!/bin/sh
+
+# Install the vendor libraries
+#
+# The ~/code directory, where your application lives on DotCloud, is erased by
+# the newer version of your code, each time you push.
+# So, we would need to reinstall all the vendor libraries if we left them
+# inside ~/code.
+# That's why we install the vendor libraries outside of ~/code and create a
+# symlink to it.
+symfony_install_vendor() {
+    local vendor_directory=$HOME/vendor/
+
+    [ -d $vendor_directory ] || mkdir -p $vendor_directory
+
+    rm -rf ~/code/vendor
+    ln -s $vendor_directory ~/code/vendor
+
+    php ~/code/bin/vendors install
+}
+
+symfony_install_vendor
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.