修復正式機 sysctl 權限錯誤：移除 setcap，PHP 改用 port 8080 搭配 Nginx proxy

2026-02-23 15:01:12 +08:00
parent 1acbfb7246
commit 1acc4daebb
3 changed files with 32 additions and 32 deletions
--- a/docker/8.5/Dockerfile
+++ b/docker/8.5/Dockerfile
@@ -11,7 +11,7 @@ WORKDIR /var/www/html

 ENV DEBIAN_FRONTEND=noninteractive
 ENV TZ=UTC
-ENV SUPERVISOR_PHP_COMMAND="/usr/bin/php -d variables_order=EGPCS /var/www/html/artisan serve --host=0.0.0.0 --port=80"
+ENV SUPERVISOR_PHP_COMMAND="/usr/bin/php -d variables_order=EGPCS /var/www/html/artisan serve --host=0.0.0.0 --port=8080"
 ENV SUPERVISOR_PHP_USER="sail"
 ENV PLAYWRIGHT_BROWSERS_PATH=0

@@ -28,32 +28,32 @@ RUN apt-get update && apt-get upgrade -y \
    && echo "deb [signed-by=/etc/apt/keyrings/ppa_ondrej_php.gpg] https://ppa.launchpadcontent.net/ondrej/php/ubuntu noble main" > /etc/apt/sources.list.d/ppa_ondrej_php.list \
    && apt-get update \
    && apt-get install -y \
-        libgd3 \
-        php8.5-cli \
-        php8.5-dev \
-        php8.5-pgsql \
-        php8.5-sqlite3 \
-        php8.5-gd \
-        php8.5-curl \
-        php8.5-mongodb \
-        php8.5-imap \
-        php8.5-mysql \
-        php8.5-mbstring \
-        php8.5-xml \
-        php8.5-zip \
-        php8.5-bcmath \
-        php8.5-soap \
-        php8.5-intl \
-        php8.5-readline \
-        php8.5-ldap \
-        php8.5-msgpack \
-        php8.5-igbinary \
-        php8.5-redis \
-        #php8.5-swoole \
-        php8.5-memcached \
-        php8.5-pcov \
-        php8.5-imagick \
-        php8.5-xdebug \
+    libgd3 \
+    php8.5-cli \
+    php8.5-dev \
+    php8.5-pgsql \
+    php8.5-sqlite3 \
+    php8.5-gd \
+    php8.5-curl \
+    php8.5-mongodb \
+    php8.5-imap \
+    php8.5-mysql \
+    php8.5-mbstring \
+    php8.5-xml \
+    php8.5-zip \
+    php8.5-bcmath \
+    php8.5-soap \
+    php8.5-intl \
+    php8.5-readline \
+    php8.5-ldap \
+    php8.5-msgpack \
+    php8.5-igbinary \
+    php8.5-redis \
+    #php8.5-swoole \
+    php8.5-memcached \
+    php8.5-pcov \
+    php8.5-imagick \
+    php8.5-xdebug \
    && curl -sLS https://getcomposer.org/installer | php -- --install-dir=/usr/bin/ --filename=composer \
    && curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg \
    && echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_$NODE_VERSION.x nodistro main" > /etc/apt/sources.list.d/nodesource.list \
@@ -75,7 +75,7 @@ RUN apt-get update && apt-get upgrade -y \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

-RUN setcap "cap_net_bind_service=+ep" /usr/bin/php8.5
+# setcap 已移除：正式機核心不允許 sysctl 設定，改用高位 port 8080 搭配 Nginx proxy

 RUN userdel -r ubuntu
 RUN groupadd --force -g $WWWGROUP sail
@@ -87,6 +87,6 @@ COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
 COPY php.ini /etc/php/8.5/cli/conf.d/99-sail.ini
 RUN chmod +x /usr/local/bin/start-container

-EXPOSE 80/tcp
+EXPOSE 8080/tcp

 ENTRYPOINT ["start-container"]