Comment to 'Warning: Undefined array key in 14.0.0-B1'
  • this is already the version 14.0.0-B1 from github

    • Hi @ORV !

      Could you please specify your current PHP version? And what kind of content your users post in Timeline?

      • my setup files:

        #!/bin/bash
        # set_permissions.sh
        sudo chown -R www-data:www-data .
        sudo find ./ -type d -exec chmod 775 {} \;
        sudo find ./ -type f -exec chmod 644 {} \;
        
        
        # Set execute permissions for ffmpeg.exe
        sudo chmod +x ./plugins/ffmpeg/ffmpeg.exe
        sudo chmod +x ./periodic/cron.php
        sudo chmod +x ./image_transcoder.php
        # Set permissions for the specified directories
        # sudo chmod 777 ./inc $ only before instalkation
        sudo chmod 775 ./inc
        sudo chmod 777 ./cache
        sudo chmod 777 ./cache_public
        sudo chmod 777 ./logs
        sudo chmod 777 ./tmp
        sudo chmod 777 ./storage
        sudo chmod 777 ./periodic
        
        
        sudo chmod +x ./docker-compose.yaml
        sudo chown myuser:myuser ./docker-compose.yaml
        sudo chown -R myuser:myuser .github
        sudo chown -R myuser:myuser .gitignore
        sudo chown -R myuser:myuser .env
        sudo chown -R myuser:myuser .htaccess
        sudo chown -R myuser:myuser set_permissions.sh
        sudo chmod 660 ./logs/mysql_error.log
        sudo chown mysql:adm ./logs/mysql_error.log
        sudo chmod +x ./set_permissions.sh
        

        doker-compose.yaml:

        version: '3'
        
        
        networks:
          caddy_public_network:
            external: true
        
        
          una_private_network:
            external: false
        
        
        services:
            web:
                image: nginx:latest
                container_name: nginx.exemple.com
                hostname: localhost
                env_file:
                    - .env
                deploy:
                    resources:
                        limits:
                            cpus: '1'       # Limit the service to 1.5 CPUs
                            memory: 8G      # Limit the service to 8GB of memory
                ports:
                     - 127.0.0.1:8888:8888
                volumes:
                    # - ./scripts/docker-compose/nginx.conf:/etc/nginx/conf.d/nginx.conf
                    - ./scripts/docker-compose/default.conf:/etc/nginx/conf.d/default.conf
                    - ./scripts/docker-compose/rate_limit.conf:/etc/nginx/conf.d/rate_limit.conf
                    - ./scripts/docker-compose/memcached.conf:/etc/nginx/conf.d/memcached.conf
                    - ./logs/access.log:/var/log/nginx/access.log
                    - ./logs/error.log:/var/log/nginx/error.log
                    # - ./logs/auth_error.log:/var/log/nginx/auth_error.log# - ./scripts/docker-compose/phpmyadmin.conf:/etc/nginx/conf.d/phpmyadmin.conf
                    - ./:/opt/una
                    - /etc/localtime:/etc/localtime:ro
                depends_on:
                    - php
                networks:
                    - caddy_public_network
                    - una_private_network
                extra_hosts:
                    - "host.docker.internal:host-gateway"
                    - "127.0.0.1:host-gateway"  # IP backend
        
        
            memcached:
                image: memcached:latest
                container_name: memcached.exemple.com
                hostname: localhost
                env_file:
                    - .env
                ports:
                    - 127.0.0.1:11211:11211
                networks:
                    - una_private_network
                extra_hosts:
                    - "host.docker.internal:host-gateway"
                    - "127.0.0.1:host-gateway"  # IP backend
        
        
            php:
                image: test/test-php:14.0.0-B1
                container_name: php.exemple.com.14.0.0-B1
                hostname: localhost
                env_file:
                    - .env
                build:
                    context: .
                    dockerfile: scripts/docker-compose/PHP.Dockerfile
                deploy:
                    resources:
                        limits:
                            cpus: '2'
                            memory: 16G
                    restart_policy:
                        condition: on-failure
                volumes:
                    - ./scripts/docker-compose/php.ini:/usr/local/etc/php/php.ini
                    - ./scripts/docker-compose/www.conf:/usr/local/etc/php-fpm.d/www.conf
                    - ./:/opt/una:Z
                    - /etc/localtime:/etc/localtime:ro
                depends_on:
                    - mysql
                networks:
                    - una_private_network
                extra_hosts:
                    - "host.docker.internal:host-gateway"
                    - "127.0.0.1:host-gateway"  # IP backend
        
        
            cron:
                image: test/test-cron:14.0.0-B1
                container_name: cron.exemple.com.14.0.0-B1
                hostname: localhost
                env_file:
                    - .env
                build:
                    context: .
                    dockerfile: scripts/docker-compose/Cron.Dockerfile
                deploy:
                    resources:
                        limits:
                            cpus: '0.5'
                            memory: 4G
                    restart_policy:
                        condition: on-failure
                volumes:
                    - ./scripts/docker-compose/php.ini:/usr/local/etc/php/php.ini
                    - ./scripts/docker-compose/www.conf:/usr/local/etc/php-fpm.d/www.conf
                    - ./:/opt/una:Z
                    - /etc/localtime:/etc/localtime:ro
                depends_on:
                    - mysql
                networks:
                    - una_private_network
                extra_hosts:
                    - "host.docker.internal:host-gateway"
                    - "127.0.0.1:host-gateway"  # IP backend
        
        
            mysql:
                image: mariadb:latest
                container_name: mysql.exemple.com
                env_file:
                    - .env
                environment:
                    MYSQL_ROOT_PASSWORD: '${MYSQL_ROOT_PASSWORD}'
                    MYSQL_USER: '${MYSQL_USER}'
                    MYSQL_PASSWORD: '${MYSQL_PASSWORD}'
                    MYSQL_DATABASE: '${MYSQL_DATABASE}'
                volumes:
                    - mysqldata:/var/lib/mysql
                    - ./scripts/docker-compose/db_dump.sql:/docker-entrypoint-initdb.d/db_dump.sql
                    - ./scripts/docker-compose/mysqld.cnf:/etc/mysql/conf.d/mysqld.cnf
                ports:
                    - 127.0.0.1:3306:3306
                networks:
                    - una_private_network
                extra_hosts:
                    - "host.docker.internal:host-gateway"
                    - "127.0.0.1:host-gateway"  # IP backend
        
        
            jot:
                image: unaio/jot-server:latest
                container_name: jot.exemple.com
                hostname: localhost
                env_file:
                    - .env
                restart: always
                ports:
                    - 127.0.0.1:5000:5000
                networks:
                    - una_private_network
                extra_hosts:
                    - "host.docker.internal:host-gateway"
                    - "127.0.0.1:host-gateway"  # IP backend
        
        
            phpmyadmin:
                image: phpmyadmin
                container_name: phpmyadmin.exemple.com
                hostname: localhost
                restart: always
                ports:
                    - 127.0.0.1:8787:80
                env_file:
                    - .env
                environment:
                    - PMA_HOST=mysql
                    - PMA_USER=root
                    - PMA_PASSWORD=${MYSQL_ROOT_PASSWORD}
                    - UPLOAD_LIMIT=1024M
                volumes:
                    - ./scripts/docker-compose/phpmyadmin.inc.php:/etc/phpmyadmin/config.user.inc.php
                depends_on:
                    - mysql
                networks:
                    - una_private_network
                extra_hosts:
                    - "host.docker.internal:host-gateway"
                    - "127.0.0.1:host-gateway"  # IP backend
        
        
        
        volumes:
            mysqldata: {}
        
        
        

        update php-ini for memcached:

        ; Memcached extension configuration
        [memcached]
        ; Memcached extension configuration
        
        
        ; Specify the serializer for Memcached
        memcached.serializer = php
        
        
        ; Specify the session prefix for Memcached
        memcached.sess_prefix = memc.sess.key.
        
        
        ; Enable binary protocol for Memcached sessions
        memcached.sess_binary = On
        
        
        ; Use SASL authentication for Memcached (0 = disable, 1 = enable)
        memcached.use_sasl = 0
        
        
        ; Minimum waiting time for session lock acquisition (in milliseconds)
        memcached.sess_lock_wait_min = 150
        
        
        ; Maximum waiting time for session lock acquisition (in milliseconds)
        memcached.sess_lock_wait_max = 150
        
        
        ; Maximum size of POST data that PHP will accept.
        post_max_size = 1024M
        
        
        ; Maximum allowed size for uploaded files.
        upload_max_filesize = 1024M
        
        
        ; Maximum execution time of each script, in seconds
        max_execution_time = 3600
        
        
        ; Maximum amount of time each script may spend parsing request data
        max_input_time = 3600
        
        
        ; Maximum amount of memory a script may consume
        memory_limit = 1024M
        
        
        ; Maximum number of files that can be uploaded via a single request
        max_file_uploads = 50
        
        
        ; Enable HTML error handling
        html_errors = On
        
        
        ; String to output before an error message
        error_prepend_string = "
        "
        
        
        ; String to output after an error message
        error_append_string = "
        "
        
        
        [opcache]
        ; Enables the opcode cache for PHP
        opcache.enable = 1
        
        
        ; Frequency of checking for updated files (0 = never)
        opcache.revalidate_freq = 0
        
        
        ; Validates cached files with timestamp checks
        opcache.validate_timestamps = 1
        
        
        ; Maximum number of files that can be cached in memory
        opcache.max_accelerated_files = 100000
        
        
        ; Memory consumption by the opcode cache (in MB)
        opcache.memory_consumption = 72
        
        
        ; Maximum wasted memory percentage before restart
        opcache.max_wasted_percentage = 20
        
        
        ; Size of the interned strings buffer (in MB)
        opcache.interned_strings_buffer = 16
        
        
        ; Allows for faster shutting down of the opcode cache
        opcache.fast_shutdown = 1
        
        
        

        Php 8.1 from UNA: https://github.com/unacms/una/blob/master/scripts/docker-compose/PHP.Dockerfile with my update for memcached:

        FROM php:8.1-fpm
        
        
        RUN apt-get update && apt-get install -y \
                cron \
                libfreetype6-dev \
                libjpeg62-turbo-dev \
                libmcrypt-dev \
                libpng-dev \
                libonig-dev \
                libmagickwand-dev \
                libzip-dev \
                unzip \
                libmemcached-dev \
                zlib1g-dev \
                libssl-dev \
            && docker-php-ext-configure gd --with-freetype --with-jpeg \
            && docker-php-ext-install -j$(nproc) gd \
            && docker-php-ext-install -j$(nproc) pdo pdo_mysql mysqli \
            && docker-php-ext-install -j$(nproc) zip exif opcache iconv mbstring \
        #    && pecl install xdebug && docker-php-ext-enable xdebug \
        #    && pecl install mcrypt-1.0.3 && docker-php-ext-enable mcrypt \
            && pecl install imagick-3.7.0 \
            && pecl install memcached \
            && docker-php-ext-enable imagick memcached
        

        nginx upstream wuth memcached.conf:

        upstream memcached_server {
            server 127.0.0.1:11211;
            # Other Memcached servers can be added here if needed
        }
        

        default.conf

        server {
                listen 80 default_server;
                server_name localhost;
        
        
                root /opt/una;
        
        
                client_max_body_size 1024M;
                ## Timeouts## request timed out -- default 60# read timeout for the request body from client, its set for testing purpose
                client_body_timeout   900;
        
        
                # how long to wait for the client to send a request header, its set for testing purpose
                client_header_timeout 900;
        
        
                # server will close connection after this time
                keepalive_timeout 900;
        
        
                ## if client stop responding, free up memory -- default 60
                send_timeout 900;
        
        
                ## Reset lingering timed out connections. Deflect DDoS.## allow the server to close connection on non responding client, this will free up memory
                reset_timedout_connection on;
        
        
                proxy_connect_timeout 3600;
                proxy_send_timeout 3600;
                proxy_read_timeout 3600;
        
        
                location / {
                    index index.html index.htm index.php;
        
        
                    rewrite "^/page/(.*)$" /page.php?i=$1 last;
                    rewrite "^/m/(.*)$" /modules/index.php?r=$1 last;
                    rewrite "^/s/([a-zA-Z0-9_]+)/([a-zA-Z0-9\.]+)" /storage.php?o=$1&f=$2 last;
        
        
                    if (!-e $request_filename) {
                        rewrite  ^/(.+)$  /r.php?_q=$1  last;
                        break;
                    }
        
        
                    # Block requests with suspicious patternsif ($query_string ~* "(\%60|\%7C|\%26|\%24|\%3B|\%28|\%29)") {return 403;
                    }
        
        
                }
        
        
                index index.php index.html index.htm;
        
        
                location ~ \.php$ {
                    fastcgi_pass php:9000;
                    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                    include fastcgi_params;
        
        
                    # Add these timeout settings
                    fastcgi_connect_timeout 3600;
                    fastcgi_send_timeout 3600;
                    fastcgi_read_timeout 3600;
                    fastcgi_buffer_size 128k;
                    fastcgi_buffers 4 256k;
                    fastcgi_busy_buffers_size 256k;
                    fastcgi_temp_file_write_size 256k;
                }
        
        
                ############################################################################# HSTS policy                                                           #############################################################################
                add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
                add_header X-Frame-Options "SAMEORIGIN" always;
                add_header X-XSS-Protection "1; mode=block" always;
                add_header X-Content-Type-Options "nosniff" always;
                # add_header Content-Security-Policy "default-src 'self'" always;
                add_header Referrer-Policy "strict-origin-when-cross-origin" always;
        
        
                ############################################################################# serve static files directly Tanks to Alex T https://una.io/u/alex-t   #############################################################################
                location ~* ^(/cache_public/|/plugins_public/|/modules/|/studio/|/template/).+\.(jpg|jpeg|gif|css|png|js|ico|svg|eot|ttf|woff|woff2|)$ {
                    access_log        off;
                    expires           1h;
                    # root /opt/una# add_header Cache-Control "public";
                    try_files       $uri =404;
                }
        
        
                ############################################################################# deny access to hidden files                                           #############################################################################
                location ~ /(\.ht|\.git) {
                    deny  all;
                }
        
        
                ############################################################################# deny access to specific folders                                       #############################################################################
                location ~ ^/(cache/|storage/|logs/|plugins/|tmp/) {
                    deny  all;
                }
        
        
                ############################################################################# Memcached                                                              #############################################################################
                location /memcached {
                    set $memcached_key $uri;
                    memcached_pass memcached_server;
                    default_type application/json;
                    error_page 404 = /memcached_not_found;
                }
        
        
                location = /memcached_not_found {
                    return 404 "{\"error\": \"Not found in Memcached\"}";
                }
        
        
        }
        

        and my caddyfile reverse proxy:

          {$EXEMPLE_HOSTNAME} {
              log {
                    output discard
              }
        
        
              tls {$EXEMPLE_TLS}
        
        
              redir https://www.{host}
          }
        
        
          {$WWW_EXEMPLE_HOSTNAME} {
              log {
                    output discard
              }
        
        
              tls {$EXEMPLE_TLS}
        
        
              @api {
                    path /config
                    path /healthz
                    path /stats/errors
                    path /stats/checker
              }
        
        
              @static {
                    path /static
              }
        
        
              @notstatic {
                    not path /static
              }
        
        
              @imageproxy {
                    path /image_proxy
              }
        
        
              @notimageproxy {
                    not path /image_proxy
              }
        
        
              header {
                    # Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS
                    Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
        
        
                    # Enable cross-site filter (XSS) and tell browser to block detected attacks
                    X-XSS-Protection "1; mode=block"
        
        
                    # Prevent some browsers from MIME-sniffing a response away from the declared Content-Type
                    X-Content-Type-Options "nosniff"
        
        
                    # Disable some features
                    Permissions-Policy "accelerometer=(self),ambient-light-sensor=(self),autoplay=(self),camera=(self),encrypted-media=(self),focus-without-user-activation=(),geolocation=(self),gyroscope=(self),magnetometer=(),microphone=(self),midi=(),payment=(),picture-in-picture=(),speaker=(self),sync-xhr=(self),usb=(),vr=()"
        
        
                    # Disable some features (legacy)# Feature-Policy "accelerometer 'none';ambient-light-sensor 'none'; autoplay 'none';camera 'none';encrypted-media 'none';focus-without-user-activation 'none'; geolocation 'none';gyroscope 'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none'; speaker 'none';sync-xhr 'none';usb 'none';vr 'none'"
        
        
                    # Referer
                    Referrer-Policy "no-referrer"
        
        
                    # X-Robots-Tag
                    X-Robots-Tag "noindex, noarchive, nofollow"
        
        
                    # Remove Server header
                    -Server
              }
        
        
              header @api {
                    Access-Control-Allow-Methods "GET, POST, OPTIONS"
                    Access-Control-Allow-Origin  "https://www.googleapis.com https://maps.googleapis.com https://www.exemple.com https://exemple.com https://onesignal.com";
        
        
              }
        
        
              # Cache
              header @static {
                    # Cache
                    Cache-Control "public, max-age=31536000"
                    defer
              }
        
        
              header @notstatic {
                    # No Cache
                    Cache-Control "no-cache, no-store"
                    Pragma "no-cache"
              }
        
        
              # CSP (see http://content-security-policy.com/ ) @imageproxy {#      Content-Security-Policy "default-src 'self' https://www.exemple.com; connect-src 'self' https://overpass-api.de https://maps.googleapis.com; img-src 'self' data: https://www.exemple.com; script-src 'self' https://www.exemple.com https://maps.googleapis.com"#}
                
              #  header @notimageproxy {#      Content-Security-Policy "upgrade-insecure-requests; connect-src 'self' https://overpass-api.de https://maps.googleapis.com;"#}        
        
        
              handle {
                    encode zstd gzip
        
        
                    reverse_proxy localhost:80 {
                          header_up X-Forwarded-Port {http.request.port}
                          # header_up X-Forwarded-Proto {http.request.scheme}
                          header_up X-Real-IP {remote_host}
                   }
              }
        }