Problem

After a fresh pull of croneu/phpapp-fpm, other containers can no longer reach php-fpm:

$ telnet php 9000
telnet: Unable to connect to remote host: Connection refused

Inside the php container, php-fpm is bound to 127.0.0.1:9000 instead of 0.0.0.0:9000.

Root cause

The entrypoint has always written listen = 127.0.0.1:9000 into /usr/local/etc/php-fpm.d/www.conf. This used to be harmless because the upstream php:*-fpm image shipped zz-docker.conf with listen = 9000, which — being alphabetically last — overrode our value and bound php-fpm to all interfaces.

Upstream has since moved the listen directive out of zz-docker.conf and into docker.conf:

; docker.conf
; default listen address for easy override in later php-fpm.d/*.conf files
listen = 9000

; zz-docker.conf
[global]
daemonize = no
[www]

Load order is now docker.conf → www.conf → zz-docker.conf, so our www.conf wins with 127.0.0.1:9000 and zz-docker.conf no longer provides an overriding listen. Net effect: php-fpm silently flipped to localhost-only.

Change

Default the pool to listen = 9000 in both the entrypoint template and files/php-fpm-www.conf. Users who want to restrict the bind address can still do so via PHP_FPM_OVERRIDE.

Generated by Oz.