Stripped down web server setup

.env

INSTANCE_FOLDER=/srv/website-NAME
DATA_FOLDER=/mnt/Docker/website-NAME
BACKUP_FOLDER=/mnt/Backups/website-NAME

APP_NAME=website-NAME

MYSQL_PORT=3308
MYSQL_ROOT_PASSWORD="YOUR_ROOT_PASSWORD"
MYSQL_PRODUCTION_PASSWORD="YOUR_PRODUCTION_PASSWORD"
MYSQL_STAGING_PASSWORD="YOUR_STAGING_PASSWORD"

HTTP_PRODUCTION_DOMAIN=NAME.im
HTTP_PRODUCTION_ALIAS=www.NAME.im
HTTP_PRODUCTION_ROOT=production/current/public

HTTP_STAGING_DOMAIN=staging.NAME.im
HTTP_STAGING_ROOT=staging/current/public

config-httpd-httpd.conf

# config/httpd/httpd.conf
# copy default and append the following

LoadModule deflate_module modules/mod_deflate.so
LoadModule expires_module modules/mod_expires.so
LoadModule http2_module modules/mod_http2.so
LoadModule rewrite_module modules/mod_rewrite.so

User daemon
Group daemon

# Virtual hosts
Include conf/extra/production.conf
Include conf/extra/staging.conf

config-httpd-production.conf

# config/httpd/production.conf
DirectoryIndex index.php index.html
ServerName ${HTTP_PRODUCTION_DOMAIN}

LoadModule expires_module modules/mod_expires.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so

Protocols h2 http/1.1

<VirtualHost *:80>
  ServerName ${HTTP_PRODUCTION_DOMAIN}
  ServerAlias www.${HTTP_PRODUCTION_DOMAIN} ${HTTP_PRODUCTION_ALIAS} ${HTTP_PRODUCTION_DOMAIN}.dev.arpa www.${HTTP_PRODUCTION_DOMAIN}.dev.arpa

  LogLevel error
  ErrorLog logs/${HTTP_PRODUCTION_DOMAIN}.production-error.log
  LogFormat "%h %l %u %t \"%r\" %>s"
  CustomLog logs/${HTTP_PRODUCTION_DOMAIN}.production-access.log combined "expr=%{REQUEST_STATUS} >= 400"

  DocumentRoot htdocs/${HTTP_PRODUCTION_ROOT}
  <Directory htdocs/${HTTP_PRODUCTION_ROOT}>
    AllowOverride All
    Options FollowSymLinks MultiViews
    Require all granted
  </Directory>

  <FilesMatch \.php$>
    SetEnv HTTPS on
    SetHandler "proxy:fcgi://php-fpm:9001"
  </FilesMatch>

  SetEnv TYPO3_CONTEXT Production
</VirtualHost>

config-mariadb-my.cnf

# config/mariadb/my.cnf
[mysqld]
collation-server = utf8mb4_unicode_ci
character-set-server = utf8mb4

config-php-production.conf

# config/php/production.conf
[production]
listen = 9001

pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3

php_admin_value[error_log] = ${PHP_LOG_DIR}/${HTTP_PRODUCTION_DOMAIN}.production-php-error.log

docker-compose.yaml

networks:
  backend:

volumes:
  dbdata:
    driver: local
    driver_opts:
      o: bind
      type: none
      device: ${INSTANCE_FOLDER:-.}/data/mariadb
  data:
    driver: local
    driver_opts:
      o: bind
      type: none
      device: ${INSTANCE_FOLDER:-.}/data/htdocs
  logs:
    driver: local
    driver_opts:
      o: bind
      type: none
      device: ${INSTANCE_FOLDER:-.}/data/logs
  nas:
    driver: local
    driver_opts:
      o: bind
      type: none
      device: ${DATA_FOLDER:-.}
  backup:
    driver: local
    driver_opts:
      o: bind
      type: none
      device: ${BACKUP_FOLDER:-.}

services:
  php-fpm:
    image: evoweb/php:8.3-fpm

    restart: unless-stopped
    environment:
      - HTTP_PRODUCTION_DOMAIN
      - HTTP_STAGING_DOMAIN
    volumes:
      - '/etc/localtime:/etc/localtime:ro'
      - nas:${DATA_FOLDER:-.}
      - data:/usr/local/apache2/htdocs
      - logs:/var/log/php
      - '${INSTANCE_FOLDER:-.}/config/php/production.conf:/etc/php/8.3/fpm/pool.d/production.conf:ro'
      - '${INSTANCE_FOLDER:-.}/config/php/staging.conf:/etc/php/8.3/fpm/pool.d/staging.conf:ro'

    networks:
      - backend

  db:
    image: mariadb:10.11
    restart: unless-stopped
    environment:
      - APP_NAME
      - MYSQL_ROOT_PASSWORD
      - MYSQL_PRODUCTION_PASSWORD
      - MYSQL_STAGING_PASSWORD
      - MYSQL_REPLICATION_PASSWORD
    volumes:
      - '/etc/localtime:/etc/localtime:ro'
      - dbdata:/var/lib/mysql
      - '${INSTANCE_FOLDER:-.}/config/mariadb/my.cnf:/etc/mysql/conf.d/my.cnf'
      - '${INSTANCE_FOLDER:-.}/config/mariadb/init.sh:/docker-entrypoint-initdb.d/init.sh:ro'
    ports:
      - '127.0.0.1:${MYSQL_PORT:-3306}:3306'
    healthcheck:
      test: ["CMD-SHELL", 'mysql --user="root" --password="${MYSQL_ROOT_PASSWORD}" --execute="SELECT 1;" || exit 1']
      interval: 5s
      retries: 5
    networks:
      - backend

  webserver:
    image: httpd:2.4
    restart: always
    environment:
      - HTTPD_RUN_USER
      - HTTPD_RUN_GROUP
      - APP_NAME
      - HTTP_PRODUCTION_DOMAIN
      - HTTP_PRODUCTION_ALIAS
      - HTTP_PRODUCTION_ROOT=${HTTP_PRODUCTION_ROOT:-production/current/public}
      - HTTP_STAGING_DOMAIN
      - HTTP_STAGING_ALIAS
      - HTTP_STAGING_ROOT=${HTTP_STAGING_ROOT:-staging/current/public}
    volumes:
      - '/etc/localtime:/etc/localtime:ro'
      - nas:${DATA_FOLDER:-.}
      - data:/usr/local/apache2/htdocs
      - logs:/usr/local/apache2/logs
      - '${INSTANCE_FOLDER:-.}/config/httpd/httpd.conf:/usr/local/apache2/conf/httpd.conf'
      - '${INSTANCE_FOLDER:-.}/config/httpd/production.conf:/usr/local/apache2/conf/extra/production.conf'
      - '${INSTANCE_FOLDER:-.}/config/httpd/staging.conf:/usr/local/apache2/conf/extra/staging.conf'
    depends_on:
      - php-fpm
      - db
    networks:
      - backend
    ports:
      - '80:80'
      - '443:443'