Use official nginx.org instead of third-party sources

[Saipriya-1144]

Migrate PHP-FPM nginx from sury.org/ondrej PPA to official nginx.org repository (https://nginx.org/en/linux_packages.html)

The nginx package from the official nginx.org repo is a unified package that already includes everything nginx-common, nginx-core. These split packages only exist in Debian/Ubuntu's default apt repos and conflict with the nginx.org version, so they cannot be installed separately.

nginx.org config fix:
Fixed nginx configuration to work with nginx.org packages (which have a different directory layout and defaults than the Debian/Ubuntu distro packages):

• COPY ... /etc/nginx/conf.d/default.conf — nginx.org's nginx.conf includes files from conf.d/, not sites-available/ or sites-enabled/. The previous paths were silently ignored, meaning the PHP-FPM proxy config was never loaded.

Debian/Ubuntu distro packages (what we had before) — their nginx.conf contains:

With official nginx repo - The nginx.conf

So we need to copy any conf files to this folder /etc/nginx/conf.d/default.conf not /etc/nginx/sites-available/default

• sed ... 's!worker_connections 1024!worker_connections 10068!g' — nginx.org defaults to worker_connections 1024 (not 768 like distro packages). The previous sed searched for 768, matched nothing, and left the value unchanged.

• sed ... '/worker_connections/a\ multi_accept on;' — nginx.org's config doesn't contain a commented-out # multi_accept on line (that was a Debian addition). Instead, we append multi_accept on; after the worker_connections line.

Debian/Ubuntu distro packages (what we had before) — their nginx.conf contains:

Pinned the msodbcsql17 and added it to apt-mark hold list. Without it, apt-get upgrade attempts to upgrade msodbcsql17, which triggers an interactive EULA prompt that fails in non-interactive Docker builds.

• The purpose of this PR is explained in this message or in an issue. If an issue please include a reference as #<issue_number>.
• Tests are included and/or updated for code changes.
• Proper license headers are included in each file.

[vijaysaayi]

Code Review (AI)
⚠️ Critical: nginx.org packages do NOT use sites-available/sites-enabled

The official nginx.org package ships an nginx.conf that includes conf.d/*.conf — it does not include sites-enabled/*. These COPY commands place the PHP-FPM proxy config in a directory that nginx will never read.

nginx -t won't catch this because it only validates syntax of loaded configs — files in sites-enabled/ are simply never loaded (no error, just silent omission). At runtime, nginx won't forward requests to PHP-FPM.

Suggested fix:

RUN rm -f /etc/nginx/conf.d/default.conf
COPY images/runtime/php-fpm/nginx_conf/default.conf /etc/nginx/conf.d/default.conf

Also update the sed commands — nginx.org defaults use worker_connections 1024 (not 768), so the current sed will silently no-op.

This applies to all 7 Dockerfiles in this PR. ```

[vijaysaayi]

Code Review (AI)

⚠️ sed patterns won't match nginx.org defaults

The nginx.org package ships different defaults than the Debian/PPA packages:

Setting	Debian/PPA default	nginx.org default
worker_connections	768	1024
# multi_accept on	present	not present

sed -i doesn't error when a pattern doesn't match — it silently writes the file unchanged. So after this PR, worker_connections stays at 1024 (never bumped to 10068) and multi_accept remains off.

Suggested fix: Supply a complete nginx.conf via COPY instead of relying on sed against upstream defaults, or update the patterns:

RUN sed -ri -e 's!worker_connections\s+[0-9]+!worker_connections 10068!g' /etc/nginx/nginx.conf

This applies to all 7 Dockerfiles in this PR. ```