From 5e4202bb0e3f18d8db868cf86dd2dc54274a6e83 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Mon, 28 May 2018 14:17:56 +0200 Subject: [PATCH 001/117] Initial commit: php-5.6 Docker file with httpd:2.4-alpine as base image --- Dockerfile | 206 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 206 insertions(+) create mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..ce88d48 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,206 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "update.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM httpd:2.4-alpine + +# dependencies required for running "phpize" +# these get automatically installed and removed by "docker-php-ext-*" (unless they're already installed) +ENV PHPIZE_DEPS \ + autoconf \ + dpkg-dev dpkg \ + file \ + g++ \ + gcc \ + libc-dev \ + make \ + pkgconf \ + re2c + +# persistent / runtime deps +RUN apk add --no-cache --virtual .persistent-deps \ + ca-certificates \ + curl \ + tar \ + xz \ +# https://github.com/docker-library/php/issues/494 + libressl + +# ensure www-data user exists +RUN set -x \ + && addgroup -g 82 -S www-data \ + && adduser -u 82 -D -S -G www-data www-data +# 82 is the standard uid/gid for "www-data" in Alpine +# http://git.alpinelinux.org/cgit/aports/tree/main/apache2/apache2.pre-install?h=v3.3.2 +# http://git.alpinelinux.org/cgit/aports/tree/main/lighttpd/lighttpd.pre-install?h=v3.3.2 +# http://git.alpinelinux.org/cgit/aports/tree/main/nginx-initscripts/nginx-initscripts.pre-install?h=v3.3.2 + +ENV PHP_INI_DIR /usr/local/etc/php +RUN mkdir -p $PHP_INI_DIR/conf.d + +#### +ENV PHP_EXTRA_CONFIGURE_ARGS --enable-fpm --with-fpm-user=www-data --with-fpm-group=www-data +#### + +# Apply stack smash protection to functions using local buffers and alloca() +# Make PHP's main executable position-independent (improves ASLR security mechanism, and has no performance impact on x86_64) +# Enable optimization (-O2) +# Enable linker optimization (this sorts the hash buckets to improve cache locality, and is non-default) +# Adds GNU HASH segments to generated executables (this is used if present, and is much faster than sysv hash; in this configuration, sysv hash is also generated) +# https://github.com/docker-library/php/issues/272 +ENV PHP_CFLAGS="-fstack-protector-strong -fpic -fpie -O2" +ENV PHP_CPPFLAGS="$PHP_CFLAGS" +ENV PHP_LDFLAGS="-Wl,-O1 -Wl,--hash-style=both -pie" + +ENV GPG_KEYS 0BD78B5F97500D450838F95DFE857D9A90D90EC1 6E4F6AB321FDC07F2C332E3AC2BF0BC433CFC8B3 + +ENV PHP_VERSION 5.6.36 +ENV PHP_URL="https://secure.php.net/get/php-5.6.36.tar.xz/from/this/mirror" PHP_ASC_URL="https://secure.php.net/get/php-5.6.36.tar.xz.asc/from/this/mirror" +ENV PHP_SHA256="18f536bf548e909b4e980379d0c4e56d024b2b1eb1c9768fd169360491f1d6dd" PHP_MD5="" + +RUN set -xe; \ + \ + apk add --no-cache --virtual .fetch-deps \ + gnupg \ + ; \ + \ + mkdir -p /usr/src; \ + cd /usr/src; \ + \ + wget -O php.tar.xz "$PHP_URL"; \ + \ + if [ -n "$PHP_SHA256" ]; then \ + echo "$PHP_SHA256 *php.tar.xz" | sha256sum -c -; \ + fi; \ + if [ -n "$PHP_MD5" ]; then \ + echo "$PHP_MD5 *php.tar.xz" | md5sum -c -; \ + fi; \ + \ + if [ -n "$PHP_ASC_URL" ]; then \ + wget -O php.tar.xz.asc "$PHP_ASC_URL"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \ + done; \ + gpg --batch --verify php.tar.xz.asc php.tar.xz; \ + rm -rf "$GNUPGHOME"; \ + fi; \ + \ + apk del .fetch-deps + +COPY docker-php-source /usr/local/bin/ + +RUN set -xe \ + && apk add --no-cache --virtual .build-deps \ + $PHPIZE_DEPS \ + coreutils \ + curl-dev \ + libedit-dev \ + libressl-dev \ + libxml2-dev \ + sqlite-dev \ + \ + && export CFLAGS="$PHP_CFLAGS" \ + CPPFLAGS="$PHP_CPPFLAGS" \ + LDFLAGS="$PHP_LDFLAGS" \ + && docker-php-source extract \ + && cd /usr/src/php \ + && gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \ + && ./configure \ + --build="$gnuArch" \ + --with-config-file-path="$PHP_INI_DIR" \ + --with-config-file-scan-dir="$PHP_INI_DIR/conf.d" \ + \ +# make sure invalid --configure-flags are fatal errors intead of just warnings + --enable-option-checking=fatal \ + \ + --disable-cgi \ + \ +# https://github.com/docker-library/php/issues/439 + --with-mhash \ + \ +# --enable-ftp is included here because ftp_ssl_connect() needs ftp to be compiled statically (see https://github.com/docker-library/php/issues/236) + --enable-ftp \ +# --enable-mbstring is included here because otherwise there's no way to get pecl to use it properly (see https://github.com/docker-library/php/issues/195) + --enable-mbstring \ +# --enable-mysqlnd is included here because it's harder to compile after the fact than extensions are (since it's a plugin for several extensions, not an extension in itself) + --enable-mysqlnd \ + \ + --with-curl \ + --with-libedit \ + --with-openssl \ + --with-zlib \ + \ +# bundled pcre does not support JIT on s390x +# https://manpages.debian.org/stretch/libpcre3-dev/pcrejit.3.en.html#AVAILABILITY_OF_JIT_SUPPORT + $(test "$gnuArch" = 's390x-linux-gnu' && echo '--without-pcre-jit') \ + \ + $PHP_EXTRA_CONFIGURE_ARGS \ + && make -j "$(nproc)" \ + && make install \ + && { find /usr/local/bin /usr/local/sbin -type f -perm +0111 -exec strip --strip-all '{}' + || true; } \ + && make clean \ + && cd / \ + && docker-php-source delete \ + \ + && runDeps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + )" \ + && apk add --no-cache --virtual .php-rundeps $runDeps \ + \ + && apk del .build-deps \ + \ +# https://github.com/docker-library/php/issues/443 + && pecl update-channels \ + && rm -rf /tmp/pear ~/.pearrc + +COPY docker-php-ext-* docker-php-entrypoint /usr/local/bin/ + +ENTRYPOINT ["docker-php-entrypoint"] +#### +WORKDIR /var/www/html + +RUN set -ex \ + && cd /usr/local/etc \ + && if [ -d php-fpm.d ]; then \ + # for some reason, upstream's php-fpm.conf.default has "include=NONE/etc/php-fpm.d/*.conf" + sed 's!=NONE/!=!g' php-fpm.conf.default | tee php-fpm.conf > /dev/null; \ + cp php-fpm.d/www.conf.default php-fpm.d/www.conf; \ + else \ + # PHP 5.x doesn't use "include=" by default, so we'll create our own simple config that mimics PHP 7+ for consistency + mkdir php-fpm.d; \ + cp php-fpm.conf.default php-fpm.d/www.conf; \ + { \ + echo '[global]'; \ + echo 'include=etc/php-fpm.d/*.conf'; \ + } | tee php-fpm.conf; \ + fi \ + && { \ + echo '[global]'; \ + echo 'error_log = /proc/self/fd/2'; \ + echo; \ + echo '[www]'; \ + echo '; if we send this to /proc/self/fd/1, it never appears'; \ + echo 'access.log = /proc/self/fd/2'; \ + echo; \ + echo 'clear_env = no'; \ + echo; \ + echo '; Ensure worker stdout and stderr are sent to the main error log.'; \ + echo 'catch_workers_output = yes'; \ + } | tee php-fpm.d/docker.conf \ + && { \ + echo '[global]'; \ + echo 'daemonize = no'; \ + echo; \ + echo '[www]'; \ + echo 'listen = 9000'; \ + } | tee php-fpm.d/zz-docker.conf + +EXPOSE 9000 +CMD ["php-fpm"] +#### From b56e70442a8224ace0c52df18f3b295bd2cab97e Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Mon, 28 May 2018 14:35:10 +0200 Subject: [PATCH 002/117] Changed container order. Build Apache on top of php-5.6 Alpine image. Commented user creation (already done on php image) --- Dockerfile | 293 +++++++++++++++++++++-------------------------------- 1 file changed, 115 insertions(+), 178 deletions(-) diff --git a/Dockerfile b/Dockerfile index ce88d48..6fceca0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,206 +1,143 @@ -# -# NOTE: THIS DOCKERFILE IS GENERATED VIA "update.sh" -# -# PLEASE DO NOT EDIT IT DIRECTLY. -# - -FROM httpd:2.4-alpine - -# dependencies required for running "phpize" -# these get automatically installed and removed by "docker-php-ext-*" (unless they're already installed) -ENV PHPIZE_DEPS \ - autoconf \ - dpkg-dev dpkg \ - file \ - g++ \ - gcc \ - libc-dev \ - make \ - pkgconf \ - re2c - -# persistent / runtime deps -RUN apk add --no-cache --virtual .persistent-deps \ - ca-certificates \ - curl \ - tar \ - xz \ -# https://github.com/docker-library/php/issues/494 - libressl +FROM from php:5.6-fpm-alpine # ensure www-data user exists -RUN set -x \ - && addgroup -g 82 -S www-data \ - && adduser -u 82 -D -S -G www-data www-data +#RUN set -x \ +# && addgroup -g 82 -S www-data \ +# && adduser -u 82 -D -S -G www-data www-data # 82 is the standard uid/gid for "www-data" in Alpine # http://git.alpinelinux.org/cgit/aports/tree/main/apache2/apache2.pre-install?h=v3.3.2 # http://git.alpinelinux.org/cgit/aports/tree/main/lighttpd/lighttpd.pre-install?h=v3.3.2 # http://git.alpinelinux.org/cgit/aports/tree/main/nginx-initscripts/nginx-initscripts.pre-install?h=v3.3.2 -ENV PHP_INI_DIR /usr/local/etc/php -RUN mkdir -p $PHP_INI_DIR/conf.d +ENV HTTPD_PREFIX /usr/local/apache2 +ENV PATH $HTTPD_PREFIX/bin:$PATH +RUN mkdir -p "$HTTPD_PREFIX" \ + && chown www-data:www-data "$HTTPD_PREFIX" +WORKDIR $HTTPD_PREFIX -#### -ENV PHP_EXTRA_CONFIGURE_ARGS --enable-fpm --with-fpm-user=www-data --with-fpm-group=www-data -#### +ENV HTTPD_VERSION 2.4.33 +ENV HTTPD_SHA256 de02511859b00d17845b9abdd1f975d5ccb5d0b280c567da5bf2ad4b70846f05 -# Apply stack smash protection to functions using local buffers and alloca() -# Make PHP's main executable position-independent (improves ASLR security mechanism, and has no performance impact on x86_64) -# Enable optimization (-O2) -# Enable linker optimization (this sorts the hash buckets to improve cache locality, and is non-default) -# Adds GNU HASH segments to generated executables (this is used if present, and is much faster than sysv hash; in this configuration, sysv hash is also generated) -# https://github.com/docker-library/php/issues/272 -ENV PHP_CFLAGS="-fstack-protector-strong -fpic -fpie -O2" -ENV PHP_CPPFLAGS="$PHP_CFLAGS" -ENV PHP_LDFLAGS="-Wl,-O1 -Wl,--hash-style=both -pie" +# https://httpd.apache.org/security/vulnerabilities_24.html +ENV HTTPD_PATCHES="" -ENV GPG_KEYS 0BD78B5F97500D450838F95DFE857D9A90D90EC1 6E4F6AB321FDC07F2C332E3AC2BF0BC433CFC8B3 +ENV APACHE_DIST_URLS \ +# https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394 + https://www.apache.org/dyn/closer.cgi?action=download&filename= \ +# if the version is outdated (or we're grabbing the .asc file), we might have to pull from the dist/archive :/ + https://www-us.apache.org/dist/ \ + https://www.apache.org/dist/ \ + https://archive.apache.org/dist/ -ENV PHP_VERSION 5.6.36 -ENV PHP_URL="https://secure.php.net/get/php-5.6.36.tar.xz/from/this/mirror" PHP_ASC_URL="https://secure.php.net/get/php-5.6.36.tar.xz.asc/from/this/mirror" -ENV PHP_SHA256="18f536bf548e909b4e980379d0c4e56d024b2b1eb1c9768fd169360491f1d6dd" PHP_MD5="" - -RUN set -xe; \ +# see https://httpd.apache.org/docs/2.4/install.html#requirements +RUN set -eux; \ \ - apk add --no-cache --virtual .fetch-deps \ + runDeps=' \ + apr-dev \ + apr-util-dev \ + apr-util-ldap \ + perl \ + '; \ + apk add --no-cache --virtual .build-deps \ + $runDeps \ + ca-certificates \ + coreutils \ + dpkg-dev dpkg \ + gcc \ gnupg \ + libc-dev \ + # mod_session_crypto + libressl \ + libressl-dev \ + # mod_proxy_html mod_xml2enc + libxml2-dev \ + # mod_lua + lua-dev \ + make \ + # mod_http2 + nghttp2-dev \ + pcre-dev \ + tar \ + # mod_deflate + zlib-dev \ ; \ \ - mkdir -p /usr/src; \ - cd /usr/src; \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local success=; \ + local distUrl=; \ + for distUrl in $APACHE_DIST_URLS; do \ + if wget -O "$f" "$distUrl$distFile" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ \ - wget -O php.tar.xz "$PHP_URL"; \ + ddist 'httpd.tar.bz2' "httpd/httpd-$HTTPD_VERSION.tar.bz2"; \ + echo "$HTTPD_SHA256 *httpd.tar.bz2" | sha256sum -c -; \ \ - if [ -n "$PHP_SHA256" ]; then \ - echo "$PHP_SHA256 *php.tar.xz" | sha256sum -c -; \ - fi; \ - if [ -n "$PHP_MD5" ]; then \ - echo "$PHP_MD5 *php.tar.xz" | md5sum -c -; \ - fi; \ +# see https://httpd.apache.org/download.cgi#verify + ddist 'httpd.tar.bz2.asc' "httpd/httpd-$HTTPD_VERSION.tar.bz2.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in \ +# gpg: key 791485A8: public key "Jim Jagielski (Release Signing Key) " imported + A93D62ECC3C8EA12DB220EC934EA76E6791485A8 \ +# gpg: key 995E35221AD84DFF: public key "Daniel Ruggeri (http://home.apache.org/~druggeri/) " imported + B9E8213AEFB861AF35A41F2C995E35221AD84DFF \ + ; do \ + gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \ + done; \ + gpg --batch --verify httpd.tar.bz2.asc httpd.tar.bz2; \ + rm -rf "$GNUPGHOME" httpd.tar.bz2.asc; \ \ - if [ -n "$PHP_ASC_URL" ]; then \ - wget -O php.tar.xz.asc "$PHP_ASC_URL"; \ - export GNUPGHOME="$(mktemp -d)"; \ - for key in $GPG_KEYS; do \ - gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \ - done; \ - gpg --batch --verify php.tar.xz.asc php.tar.xz; \ - rm -rf "$GNUPGHOME"; \ - fi; \ + mkdir -p src; \ + tar -xf httpd.tar.bz2 -C src --strip-components=1; \ + rm httpd.tar.bz2; \ + cd src; \ \ - apk del .fetch-deps - -COPY docker-php-source /usr/local/bin/ - -RUN set -xe \ - && apk add --no-cache --virtual .build-deps \ - $PHPIZE_DEPS \ - coreutils \ - curl-dev \ - libedit-dev \ - libressl-dev \ - libxml2-dev \ - sqlite-dev \ + patches() { \ + while [ "$#" -gt 0 ]; do \ + local patchFile="$1"; shift; \ + local patchSha256="$1"; shift; \ + ddist "$patchFile" "httpd/patches/apply_to_$HTTPD_VERSION/$patchFile"; \ + echo "$patchSha256 *$patchFile" | sha256sum -c -; \ + patch -p0 < "$patchFile"; \ + rm -f "$patchFile"; \ + done; \ + }; \ + patches $HTTPD_PATCHES; \ \ - && export CFLAGS="$PHP_CFLAGS" \ - CPPFLAGS="$PHP_CPPFLAGS" \ - LDFLAGS="$PHP_LDFLAGS" \ - && docker-php-source extract \ - && cd /usr/src/php \ - && gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \ - && ./configure \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + ./configure \ --build="$gnuArch" \ - --with-config-file-path="$PHP_INI_DIR" \ - --with-config-file-scan-dir="$PHP_INI_DIR/conf.d" \ - \ -# make sure invalid --configure-flags are fatal errors intead of just warnings - --enable-option-checking=fatal \ - \ - --disable-cgi \ - \ -# https://github.com/docker-library/php/issues/439 - --with-mhash \ - \ -# --enable-ftp is included here because ftp_ssl_connect() needs ftp to be compiled statically (see https://github.com/docker-library/php/issues/236) - --enable-ftp \ -# --enable-mbstring is included here because otherwise there's no way to get pecl to use it properly (see https://github.com/docker-library/php/issues/195) - --enable-mbstring \ -# --enable-mysqlnd is included here because it's harder to compile after the fact than extensions are (since it's a plugin for several extensions, not an extension in itself) - --enable-mysqlnd \ - \ - --with-curl \ - --with-libedit \ - --with-openssl \ - --with-zlib \ - \ -# bundled pcre does not support JIT on s390x -# https://manpages.debian.org/stretch/libpcre3-dev/pcrejit.3.en.html#AVAILABILITY_OF_JIT_SUPPORT - $(test "$gnuArch" = 's390x-linux-gnu' && echo '--without-pcre-jit') \ - \ - $PHP_EXTRA_CONFIGURE_ARGS \ - && make -j "$(nproc)" \ - && make install \ - && { find /usr/local/bin /usr/local/sbin -type f -perm +0111 -exec strip --strip-all '{}' + || true; } \ - && make clean \ - && cd / \ - && docker-php-source delete \ + --prefix="$HTTPD_PREFIX" \ + --enable-mods-shared=reallyall \ + --enable-mpms-shared=all \ + ; \ + make -j "$(nproc)"; \ + make install; \ + \ + cd ..; \ + rm -r src man manual; \ + \ + sed -ri \ + -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ + -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ + "$HTTPD_PREFIX/conf/httpd.conf"; \ \ - && runDeps="$( \ + runDeps="$runDeps $( \ scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \ | tr ',' '\n' \ | sort -u \ | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ - )" \ - && apk add --no-cache --virtual .php-rundeps $runDeps \ - \ - && apk del .build-deps \ - \ -# https://github.com/docker-library/php/issues/443 - && pecl update-channels \ - && rm -rf /tmp/pear ~/.pearrc - -COPY docker-php-ext-* docker-php-entrypoint /usr/local/bin/ - -ENTRYPOINT ["docker-php-entrypoint"] -#### -WORKDIR /var/www/html + )"; \ + apk add --virtual .httpd-rundeps $runDeps; \ + apk del .build-deps -RUN set -ex \ - && cd /usr/local/etc \ - && if [ -d php-fpm.d ]; then \ - # for some reason, upstream's php-fpm.conf.default has "include=NONE/etc/php-fpm.d/*.conf" - sed 's!=NONE/!=!g' php-fpm.conf.default | tee php-fpm.conf > /dev/null; \ - cp php-fpm.d/www.conf.default php-fpm.d/www.conf; \ - else \ - # PHP 5.x doesn't use "include=" by default, so we'll create our own simple config that mimics PHP 7+ for consistency - mkdir php-fpm.d; \ - cp php-fpm.conf.default php-fpm.d/www.conf; \ - { \ - echo '[global]'; \ - echo 'include=etc/php-fpm.d/*.conf'; \ - } | tee php-fpm.conf; \ - fi \ - && { \ - echo '[global]'; \ - echo 'error_log = /proc/self/fd/2'; \ - echo; \ - echo '[www]'; \ - echo '; if we send this to /proc/self/fd/1, it never appears'; \ - echo 'access.log = /proc/self/fd/2'; \ - echo; \ - echo 'clear_env = no'; \ - echo; \ - echo '; Ensure worker stdout and stderr are sent to the main error log.'; \ - echo 'catch_workers_output = yes'; \ - } | tee php-fpm.d/docker.conf \ - && { \ - echo '[global]'; \ - echo 'daemonize = no'; \ - echo; \ - echo '[www]'; \ - echo 'listen = 9000'; \ - } | tee php-fpm.d/zz-docker.conf +COPY httpd-foreground /usr/local/bin/ -EXPOSE 9000 -CMD ["php-fpm"] -#### +EXPOSE 80 +CMD ["httpd-foreground"] From 823757a8c3bebd77fa50c0cedbfce7ca25668dcb Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Mon, 28 May 2018 14:37:50 +0200 Subject: [PATCH 003/117] Fix typo --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 6fceca0..b54bb39 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM from php:5.6-fpm-alpine +FROM php:5.6-fpm-alpine # ensure www-data user exists #RUN set -x \ @@ -137,7 +137,7 @@ RUN set -eux; \ apk add --virtual .httpd-rundeps $runDeps; \ apk del .build-deps -COPY httpd-foreground /usr/local/bin/ +#COPY httpd-foreground /usr/local/bin/ EXPOSE 80 CMD ["httpd-foreground"] From b16fe58f63b57995cf717dca9bfc3bfabe20a7d5 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Wed, 6 Jun 2018 16:48:32 +0200 Subject: [PATCH 004/117] Using php image --- Dockerfile | 164 ++++++++--------------------------------- README.md | 2 + install-ext-modules.sh | 5 ++ 3 files changed, 38 insertions(+), 133 deletions(-) create mode 100644 install-ext-modules.sh diff --git a/Dockerfile b/Dockerfile index b54bb39..f8f9456 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,143 +1,41 @@ -FROM php:5.6-fpm-alpine +FROM php:5-fpm-alpine -# ensure www-data user exists -#RUN set -x \ -# && addgroup -g 82 -S www-data \ -# && adduser -u 82 -D -S -G www-data www-data -# 82 is the standard uid/gid for "www-data" in Alpine -# http://git.alpinelinux.org/cgit/aports/tree/main/apache2/apache2.pre-install?h=v3.3.2 -# http://git.alpinelinux.org/cgit/aports/tree/main/lighttpd/lighttpd.pre-install?h=v3.3.2 -# http://git.alpinelinux.org/cgit/aports/tree/main/nginx-initscripts/nginx-initscripts.pre-install?h=v3.3.2 +#WORKDIR /tmp -ENV HTTPD_PREFIX /usr/local/apache2 -ENV PATH $HTTPD_PREFIX/bin:$PATH -RUN mkdir -p "$HTTPD_PREFIX" \ - && chown www-data:www-data "$HTTPD_PREFIX" -WORKDIR $HTTPD_PREFIX +### Add httpd +RUN apk add --no-cache apache2 apache2-utils + +### Add monit +RUN apk add --no-cache monit + +### Build PHP... No redis available on the repos :( +#RUN apk add --no-cache php5 php5-mysqli php5-xml php5-gd php5-openssl php5-json php5-curl php5-pdo php5-pdo_mysql php5-opcache php5-mcrypt php5-dom php5-apache2 php5-iconv php5-suhosin; \ +# ln -s /usr/bin/php5 /usr/bin/php + +#ADD build-php.sh /tmp + +#RUN /bin/sh /tmp/build-php.sh -ENV HTTPD_VERSION 2.4.33 -ENV HTTPD_SHA256 de02511859b00d17845b9abdd1f975d5ccb5d0b280c567da5bf2ad4b70846f05 -# https://httpd.apache.org/security/vulnerabilities_24.html -ENV HTTPD_PATCHES="" -ENV APACHE_DIST_URLS \ -# https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394 - https://www.apache.org/dyn/closer.cgi?action=download&filename= \ -# if the version is outdated (or we're grabbing the .asc file), we might have to pull from the dist/archive :/ - https://www-us.apache.org/dist/ \ - https://www.apache.org/dist/ \ - https://archive.apache.org/dist/ -# see https://httpd.apache.org/docs/2.4/install.html#requirements -RUN set -eux; \ - \ - runDeps=' \ - apr-dev \ - apr-util-dev \ - apr-util-ldap \ - perl \ - '; \ - apk add --no-cache --virtual .build-deps \ - $runDeps \ - ca-certificates \ - coreutils \ - dpkg-dev dpkg \ - gcc \ - gnupg \ - libc-dev \ - # mod_session_crypto - libressl \ - libressl-dev \ - # mod_proxy_html mod_xml2enc - libxml2-dev \ - # mod_lua - lua-dev \ - make \ - # mod_http2 - nghttp2-dev \ - pcre-dev \ - tar \ - # mod_deflate - zlib-dev \ - ; \ - \ - ddist() { \ - local f="$1"; shift; \ - local distFile="$1"; shift; \ - local success=; \ - local distUrl=; \ - for distUrl in $APACHE_DIST_URLS; do \ - if wget -O "$f" "$distUrl$distFile" && [ -s "$f" ]; then \ - success=1; \ - break; \ - fi; \ - done; \ - [ -n "$success" ]; \ - }; \ - \ - ddist 'httpd.tar.bz2' "httpd/httpd-$HTTPD_VERSION.tar.bz2"; \ - echo "$HTTPD_SHA256 *httpd.tar.bz2" | sha256sum -c -; \ - \ -# see https://httpd.apache.org/download.cgi#verify - ddist 'httpd.tar.bz2.asc' "httpd/httpd-$HTTPD_VERSION.tar.bz2.asc"; \ - export GNUPGHOME="$(mktemp -d)"; \ - for key in \ -# gpg: key 791485A8: public key "Jim Jagielski (Release Signing Key) " imported - A93D62ECC3C8EA12DB220EC934EA76E6791485A8 \ -# gpg: key 995E35221AD84DFF: public key "Daniel Ruggeri (http://home.apache.org/~druggeri/) " imported - B9E8213AEFB861AF35A41F2C995E35221AD84DFF \ - ; do \ - gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \ - done; \ - gpg --batch --verify httpd.tar.bz2.asc httpd.tar.bz2; \ - rm -rf "$GNUPGHOME" httpd.tar.bz2.asc; \ - \ - mkdir -p src; \ - tar -xf httpd.tar.bz2 -C src --strip-components=1; \ - rm httpd.tar.bz2; \ - cd src; \ - \ - patches() { \ - while [ "$#" -gt 0 ]; do \ - local patchFile="$1"; shift; \ - local patchSha256="$1"; shift; \ - ddist "$patchFile" "httpd/patches/apply_to_$HTTPD_VERSION/$patchFile"; \ - echo "$patchSha256 *$patchFile" | sha256sum -c -; \ - patch -p0 < "$patchFile"; \ - rm -f "$patchFile"; \ - done; \ - }; \ - patches $HTTPD_PATCHES; \ - \ - gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ - ./configure \ - --build="$gnuArch" \ - --prefix="$HTTPD_PREFIX" \ - --enable-mods-shared=reallyall \ - --enable-mpms-shared=all \ - ; \ - make -j "$(nproc)"; \ - make install; \ - \ - cd ..; \ - rm -r src man manual; \ - \ - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "$HTTPD_PREFIX/conf/httpd.conf"; \ - \ - runDeps="$runDeps $( \ - scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \ - | tr ',' '\n' \ - | sort -u \ - | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ - )"; \ - apk add --virtual .httpd-rundeps $runDeps; \ - apk del .build-deps #COPY httpd-foreground /usr/local/bin/ +## Adding supervisor. Based on https://github.com/rawmind0/alpine-monit +#ENV MONIT_VERSION=5.25.1 +#ENV MONIT_HOME=/usr/local +#ENV MONIT_URL=https://mmonit.com/monit/dist +# +#RUN apk add --no-cache --virtual .build-deps gcc musl-dev make libressl-dev file zlib-dev \ +# mkdir -p /opt/src; cd /opt/src && \ +# curl -sS \${MONIT_URL}/monit-\${MONIT_VERSION}.tar.gz | gunzip -c - | tar -xf - && \ +# cd /opt/src/monit-\${MONIT_VERSION} && \ +# ./configure --prefix=\${MONIT_HOME} --without-pam && \ +# make && make install && \ +# mkdir -p \${MONIT_HOME}/etc/conf.d \${MONIT_HOME}/log && \ +# apk del gcc musl-dev make libressl-dev file zlib-dev &&\ +# rm -rf /var/cache/apk/* /opt/src + EXPOSE 80 -CMD ["httpd-foreground"] +CMD ["/bin/sh"] diff --git a/README.md b/README.md index 5026a62..360a4ec 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,4 @@ # httpd-php Apache + PHP Docker images + +PHP compiled for westmere diff --git a/install-ext-modules.sh b/install-ext-modules.sh new file mode 100644 index 0000000..7618607 --- /dev/null +++ b/install-ext-modules.sh @@ -0,0 +1,5 @@ +#/bin/sh + +set -xue + +apk add --no-cache --virtual .persistent-deps ca-certificates curl tar xz libressl \ No newline at end of file From 82d8dc2738cde72b40db4cf807c071a6d7a7393f Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Wed, 6 Jun 2018 16:49:57 +0200 Subject: [PATCH 005/117] Added modules --- install-ext-modules.sh | 59 +++++++++++++++++++++++++++++++++++++++++- 1 file changed, 58 insertions(+), 1 deletion(-) diff --git a/install-ext-modules.sh b/install-ext-modules.sh index 7618607..64f4c87 100644 --- a/install-ext-modules.sh +++ b/install-ext-modules.sh @@ -2,4 +2,61 @@ set -xue -apk add --no-cache --virtual .persistent-deps ca-certificates curl tar xz libressl \ No newline at end of file +modules="bz2 calendar exif gd pdo_mysql opcache zip xsl intl mcrypt ldap " + + +#Dumb list of dev dependencies... +makedepends=" + autoconf + apache2-dev + aspell-dev + bison + bzip2-dev + curl-dev + db-dev + enchant-dev + freetds-dev + freetype-dev + gdbm-dev + gettext-dev + gmp-dev + icu-dev + imap-dev + krb5-dev + libedit-dev + libical-dev + libjpeg-turbo-dev + libmcrypt-dev + libpng-dev + libressl-dev + libwebp-dev + libxml2-dev + libxpm-dev + libxslt-dev + libzip-dev + net-snmp-dev + openldap-dev + pcre-dev + postgresql-dev + re2c + recode-dev + sqlite-dev + tidyhtml-dev + unixodbc-dev + zlib-dev + " + +apk add --no-cache --virtual .build-deps $makedepends $PHPIZE_DEPS + +docker-php-source extract + +pecl install igbinary + +docker-php-ext-enable igbinary + + + +docker-php-ext-install $modules + + + From 5d6504d839b9e935f3f0fbc61141dc86abb3c910 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Wed, 6 Jun 2018 17:20:35 +0200 Subject: [PATCH 006/117] Finish php modules install --- install-ext-modules.sh | 29 ++++++++++++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/install-ext-modules.sh b/install-ext-modules.sh index 64f4c87..9e28d58 100644 --- a/install-ext-modules.sh +++ b/install-ext-modules.sh @@ -44,19 +44,46 @@ makedepends=" tidyhtml-dev unixodbc-dev zlib-dev + libmemcached-dev " apk add --no-cache --virtual .build-deps $makedepends $PHPIZE_DEPS docker-php-source extract +pecl install + pecl install igbinary + docker-php-ext-enable igbinary +yes | peck install memcached-2.2.0 +cd /tmp -docker-php-ext-install $modules +pecl bundle redis + +cd redis + +phpize + +./configure --enable-redis-igbinary --enable-redis-lzf + +make -j +make install + +cd / + +rm /tmp/* + +docker-php-source delete + +docker-php-ext-enable redis + +docker-php-ext-install $modules +apk add --no-cache $( scanelf --needed --nobanner --format '%n#p' --recursive /usr/local | tr ',' '\n' | sort -u | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' ) +apk del .build-deps \ No newline at end of file From 90569fc68db776bb855fbba0330284cd6c0776b7 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Wed, 6 Jun 2018 17:25:40 +0200 Subject: [PATCH 007/117] Fix typos --- Dockerfile | 4 +++- install-ext-modules.sh | 5 +---- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index f8f9456..3403a3a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,8 @@ FROM php:5-fpm-alpine -#WORKDIR /tmp +# Install PHP Modules + +RUN curl https://raw.githubusercontent.com/fpfis/httpd-php/release/5.6/install-ext-modules.sh | /bin/sh ### Add httpd RUN apk add --no-cache apache2 apache2-utils diff --git a/install-ext-modules.sh b/install-ext-modules.sh index 9e28d58..7a81534 100644 --- a/install-ext-modules.sh +++ b/install-ext-modules.sh @@ -51,14 +51,11 @@ apk add --no-cache --virtual .build-deps $makedepends $PHPIZE_DEPS docker-php-source extract -pecl install - pecl install igbinary - docker-php-ext-enable igbinary -yes | peck install memcached-2.2.0 +yes | pecl install memcached-2.2.0 cd /tmp From 6da877568f3f0539bc9dfe3b20eefd7f7c7fe101 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Wed, 6 Jun 2018 17:33:21 +0200 Subject: [PATCH 008/117] Fix yes... --- install-ext-modules.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install-ext-modules.sh b/install-ext-modules.sh index 7a81534..818d7a6 100644 --- a/install-ext-modules.sh +++ b/install-ext-modules.sh @@ -55,7 +55,7 @@ pecl install igbinary docker-php-ext-enable igbinary -yes | pecl install memcached-2.2.0 +yes '' | pecl install memcached-2.2.0 cd /tmp From 65315a73b86474a841be096da38707701879ab6a Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Wed, 6 Jun 2018 17:36:47 +0200 Subject: [PATCH 009/117] Removed yes... --- install-ext-modules.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install-ext-modules.sh b/install-ext-modules.sh index 818d7a6..a6ea501 100644 --- a/install-ext-modules.sh +++ b/install-ext-modules.sh @@ -55,7 +55,7 @@ pecl install igbinary docker-php-ext-enable igbinary -yes '' | pecl install memcached-2.2.0 +pecl install memcached-2.2.0 cd /tmp From 7bb11eee648806147fd24027a07653cc7e1e3cd3 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Wed, 6 Jun 2018 17:42:11 +0200 Subject: [PATCH 010/117] Fix for pecl... --- install-ext-modules.sh | 36 ++++++++++++++++-------------------- 1 file changed, 16 insertions(+), 20 deletions(-) diff --git a/install-ext-modules.sh b/install-ext-modules.sh index a6ea501..9498598 100644 --- a/install-ext-modules.sh +++ b/install-ext-modules.sh @@ -47,40 +47,36 @@ makedepends=" libmemcached-dev " -apk add --no-cache --virtual .build-deps $makedepends $PHPIZE_DEPS +apk add --no-cache --virtual .build-deps $makedepends $PHPIZE_DEPS; -docker-php-source extract +docker-php-source extract; -pecl install igbinary +pecl install igbinary; -docker-php-ext-enable igbinary +docker-php-ext-enable igbinary; -pecl install memcached-2.2.0 +echo '' | pecl install memcached-2.2.0; -cd /tmp +cd /tmp; -pecl bundle redis +pecl bundle redis; -cd redis +cd redis; -phpize +phpize; -./configure --enable-redis-igbinary --enable-redis-lzf +./configure --enable-redis-igbinary --enable-redis-lzf && make -j && make install; -make -j +cd /; -make install +rm /tmp/*; -cd / +docker-php-source delete; -rm /tmp/* +docker-php-ext-enable redis; -docker-php-source delete +docker-php-ext-install $modules; -docker-php-ext-enable redis - -docker-php-ext-install $modules - -apk add --no-cache $( scanelf --needed --nobanner --format '%n#p' --recursive /usr/local | tr ',' '\n' | sort -u | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' ) +apk add --no-cache $( scanelf --needed --nobanner --format '%n#p' --recursive /usr/local | tr ',' '\n' | sort -u | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' ); apk del .build-deps \ No newline at end of file From 3ad7c84b13843c845b619222a79a3324b629d367 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Wed, 6 Jun 2018 20:12:25 +0200 Subject: [PATCH 011/117] Fix rm --- install-ext-modules.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install-ext-modules.sh b/install-ext-modules.sh index 9498598..8a92f89 100644 --- a/install-ext-modules.sh +++ b/install-ext-modules.sh @@ -69,7 +69,7 @@ phpize; cd /; -rm /tmp/*; +rm -rf /tmp/*; docker-php-source delete; From b44c90dd3536ee7393aeaa54320acc6b6c8898ff Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Thu, 7 Jun 2018 17:07:50 +0200 Subject: [PATCH 012/117] Working container --- Dockerfile | 47 ++++++++----------- apache2_conf/conf.d/php.conf | 2 + apache2_conf/httpd.conf | 89 ++++++++++++++++++++++++++++++++++++ apache2_conf/modules.conf | 26 +++++++++++ monitrc | 18 ++++++++ run.sh | 26 +++++++++++ 6 files changed, 181 insertions(+), 27 deletions(-) create mode 100644 apache2_conf/conf.d/php.conf create mode 100644 apache2_conf/httpd.conf create mode 100644 apache2_conf/modules.conf create mode 100644 monitrc create mode 100755 run.sh diff --git a/Dockerfile b/Dockerfile index 3403a3a..8afe7e1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,43 +1,36 @@ FROM php:5-fpm-alpine -# Install PHP Modules +ENV DOCUMENT_ROOT /var/www/html -RUN curl https://raw.githubusercontent.com/fpfis/httpd-php/release/5.6/install-ext-modules.sh | /bin/sh +ENV PORT 8080 -### Add httpd -RUN apk add --no-cache apache2 apache2-utils +ENV APACHE_EXTRA_CONF "" -### Add monit -RUN apk add --no-cache monit +ENV APACHE_EXTRA_CONF_DIR "" -### Build PHP... No redis available on the repos :( -#RUN apk add --no-cache php5 php5-mysqli php5-xml php5-gd php5-openssl php5-json php5-curl php5-pdo php5-pdo_mysql php5-opcache php5-mcrypt php5-dom php5-apache2 php5-iconv php5-suhosin; \ -# ln -s /usr/bin/php5 /usr/bin/php +# Install PHP Modules +RUN curl https://raw.githubusercontent.com/fpfis/httpd-php/release/5.6/install-ext-modules.sh | /bin/sh -#ADD build-php.sh /tmp +RUN ln -s /usr/lib/etc/ /etc/php -#RUN /bin/sh /tmp/build-php.sh +### Add httpd +RUN apk add --no-cache apache2 apache2-utils apache2-proxy +ADD apache2_conf/ /etc/apache2/ +RUN ln -s /usr/lib/apache2/ /etc/apache2/modules +RUN rm /etc/apache2/conf.d/mpm.conf +### Add monit +RUN apk add --no-cache monit -#COPY httpd-foreground /usr/local/bin/ -## Adding supervisor. Based on https://github.com/rawmind0/alpine-monit -#ENV MONIT_VERSION=5.25.1 -#ENV MONIT_HOME=/usr/local -#ENV MONIT_URL=https://mmonit.com/monit/dist -# -#RUN apk add --no-cache --virtual .build-deps gcc musl-dev make libressl-dev file zlib-dev \ -# mkdir -p /opt/src; cd /opt/src && \ -# curl -sS \${MONIT_URL}/monit-\${MONIT_VERSION}.tar.gz | gunzip -c - | tar -xf - && \ -# cd /opt/src/monit-\${MONIT_VERSION} && \ -# ./configure --prefix=\${MONIT_HOME} --without-pam && \ -# make && make install && \ -# mkdir -p \${MONIT_HOME}/etc/conf.d \${MONIT_HOME}/log && \ -# apk del gcc musl-dev make libressl-dev file zlib-dev &&\ -# rm -rf /var/cache/apk/* /opt/src +ADD monitrc /etc/monitrc +ADD run.sh / EXPOSE 80 -CMD ["/bin/sh"] +EXPOSE 2812 + +ENTRYPOINT ["/run.sh"] + diff --git a/apache2_conf/conf.d/php.conf b/apache2_conf/conf.d/php.conf new file mode 100644 index 0000000..e678688 --- /dev/null +++ b/apache2_conf/conf.d/php.conf @@ -0,0 +1,2 @@ +ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/${DOCUMENT_ROOT}/$1 +DirectoryIndex /index.php index.php diff --git a/apache2_conf/httpd.conf b/apache2_conf/httpd.conf new file mode 100644 index 0000000..20792a7 --- /dev/null +++ b/apache2_conf/httpd.conf @@ -0,0 +1,89 @@ +ServerRoot "/etc/apache2" +PidFile /run/httpd.pid +Listen ${PORT} +Include modules.conf + +User www-data +Group www-data + + +ServerAdmin root@localhost + + + + AllowOverride none + Require all denied + + + +DocumentRoot ${DOCUMENT_ROOT} + + + AllowOverride All + Require all granted + + + + Options Indexes FollowSymLinks + + AllowOverride All + + Require all granted + + + + DirectoryIndex index.html + + + + Require all denied + + +ErrorLog /dev/fd/2 +TransferLog /dev/fd/1 +LogLevel notice + + + LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined + LogFormat "%h %l %u %t \"%r\" %>s %b" common + + + LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio + + + + + + ScriptAlias /cgi-bin/ "/var/www/cgi-bin/" + + + + AllowOverride None + Options None + Require all granted + + + + TypesConfig mime.types + + AddType application/x-compress .Z + AddType application/x-gzip .gz .tgz + + AddType text/html .shtml + AddOutputFilter INCLUDES .shtml + + +AddDefaultCharset UTF-8 + + + MIMEMagicFile conf/magic + + + +EnableSendfile on + +${APACHE_EXTRA_CONF} + +IncludeOptional ${APACHE_EXTRA_CONF_DIR}/*.conf + +IncludeOptional conf.d/*.conf diff --git a/apache2_conf/modules.conf b/apache2_conf/modules.conf new file mode 100644 index 0000000..22756b4 --- /dev/null +++ b/apache2_conf/modules.conf @@ -0,0 +1,26 @@ +LoadModule mpm_prefork_module modules/mod_mpm_prefork.so +LoadModule authn_file_module modules/mod_authn_file.so +LoadModule authn_core_module modules/mod_authn_core.so +LoadModule authz_host_module modules/mod_authz_host.so +LoadModule authz_groupfile_module modules/mod_authz_groupfile.so +LoadModule authz_user_module modules/mod_authz_user.so +LoadModule authz_core_module modules/mod_authz_core.so +LoadModule access_compat_module modules/mod_access_compat.so +LoadModule auth_basic_module modules/mod_auth_basic.so +LoadModule reqtimeout_module modules/mod_reqtimeout.so +LoadModule filter_module modules/mod_filter.so +LoadModule mime_module modules/mod_mime.so +LoadModule log_config_module modules/mod_log_config.so +LoadModule env_module modules/mod_env.so +LoadModule headers_module modules/mod_headers.so +LoadModule setenvif_module modules/mod_setenvif.so +LoadModule version_module modules/mod_version.so +LoadModule slotmem_shm_module modules/mod_slotmem_shm.so +LoadModule unixd_module modules/mod_unixd.so +LoadModule status_module modules/mod_status.so +LoadModule autoindex_module modules/mod_autoindex.so +LoadModule dir_module modules/mod_dir.so +LoadModule alias_module modules/mod_alias.so +LoadModule negotiation_module modules/mod_negotiation.so +LoadModule proxy_module modules/mod_proxy.so +LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so diff --git a/monitrc b/monitrc new file mode 100644 index 0000000..a65f461 --- /dev/null +++ b/monitrc @@ -0,0 +1,18 @@ +set daemon 10 + +set log syslog + +set httpd port 2812 and + use address localhost # only accept connection from localhost + allow localhost # allow localhost to connect to the server and + allow admin:monit # require user 'admin' with password 'monit' + +check process apache with pidfile /run/httpd.pid + start program = "/usr/sbin/httpd" with timeout 60 seconds + stop program = "/usr/sbin/httpd -k stop" + + +check process php-fpm with pidfile /run/php-fpm.pid + start program = "/usr/local/sbin/php-fpm -g /run/php-fpm.pid -D" with timeout 60 seconds + stop program = "/bin/kill `/bin/cat /run/php-fpm.pid`" + diff --git a/run.sh b/run.sh new file mode 100755 index 0000000..2591c54 --- /dev/null +++ b/run.sh @@ -0,0 +1,26 @@ +#!/bin/sh +set -e + +trap "echo TRAP" EXIT + +# Get uid for the current docroot +[ -z "${DOCUMENT_ROOT}" ] && export DOCUMENT_ROOT=/var/www/html + +# Check if docroot or parent exists : +[ -d "${DOCUMENT_ROOT}" ] && export REF_DIR=${DOCUMENT_ROOT} +# Else use its parent +[ -z "${REF_DIR}" ] && export REF_DIR=$(dirname ${DOCUMENT_ROOT}) + +# Get our command to run +export CMD=$@ + +# If APACHE_EXTRA_CONF isn't being set outside, set it to an empty value. +if [ -z ${APACHE_EXTRA_CONF} ]; then export APACHE_EXTRA_CONF=""; fi + +if [ -z "$CMD" ]; then + # If no run command provided, run supervisor as root a: + /usr/bin/monit -I +else + # Run the command as user web + HOME=/tmp su www-data -c sh -c "$CMD" +fi From 50b5255110b84c014f8c63bd2265f7c7d2f33702 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Thu, 7 Jun 2018 17:09:41 +0200 Subject: [PATCH 013/117] Added drone.yaml --- .drone.yaml | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 .drone.yaml diff --git a/.drone.yaml b/.drone.yaml new file mode 100644 index 0000000..3de1c52 --- /dev/null +++ b/.drone.yaml @@ -0,0 +1,13 @@ +workspace: + base: /${DRONE_BRANCH%%/*} + path: ${DRONE_BRANCH%%/*} + +pipeline: + build-and-push-image: + image: plugins/docker + repo: fpfis/${DRONE_BRANCH##*/} + tags: + - latest + secrets: [ docker_username, docker_password ] + when: + branch: release/* From fc1a7f4e134da599565024cc639b8cc8272b3116 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Thu, 7 Jun 2018 17:24:12 +0200 Subject: [PATCH 014/117] Fix expose port --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 8afe7e1..6f469f9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -29,7 +29,7 @@ ADD monitrc /etc/monitrc ADD run.sh / -EXPOSE 80 +EXPOSE 8080 EXPOSE 2812 ENTRYPOINT ["/run.sh"] From ebef8d353fccdb445f8985e2d5d51e83643ba190 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Thu, 7 Jun 2018 19:39:14 +0200 Subject: [PATCH 015/117] Delete drone yaml --- .drone.yaml | 13 ------------- 1 file changed, 13 deletions(-) delete mode 100644 .drone.yaml diff --git a/.drone.yaml b/.drone.yaml deleted file mode 100644 index 3de1c52..0000000 --- a/.drone.yaml +++ /dev/null @@ -1,13 +0,0 @@ -workspace: - base: /${DRONE_BRANCH%%/*} - path: ${DRONE_BRANCH%%/*} - -pipeline: - build-and-push-image: - image: plugins/docker - repo: fpfis/${DRONE_BRANCH##*/} - tags: - - latest - secrets: [ docker_username, docker_password ] - when: - branch: release/* From b0038ae9d723c5941d32008d33eb3bc66eee42b3 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Fri, 8 Jun 2018 12:25:12 +0200 Subject: [PATCH 016/117] Edit README --- README.md | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 360a4ec..e9145c2 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,10 @@ # httpd-php -Apache + PHP Docker images +Alpine 3.7 + +Apache + PHP 5.6 + +Monit + +Module list: + -PHP compiled for westmere From a1096ae28eb6e9712a5e843ea4d12438896e26bd Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Fri, 8 Jun 2018 12:27:15 +0200 Subject: [PATCH 017/117] drone yaml --- .drone.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 .drone.yml diff --git a/.drone.yml b/.drone.yml new file mode 100644 index 0000000..b6f3bbe --- /dev/null +++ b/.drone.yml @@ -0,0 +1,13 @@ +workspace: + base: /fpfis/ + path: httpd-php + +pipeline: + build-and-push-image: + image: plugins/docker + repo: fpfis/httpd-php + tags: + - latest + secrets: [ docker_username, docker_password ] + when: + branch: release/* From 8ab65579015118ba4b1a7367b47a7374344b63da Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Fri, 8 Jun 2018 12:50:52 +0200 Subject: [PATCH 018/117] Fix monit permissions --- Dockerfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Dockerfile b/Dockerfile index 6f469f9..efe16b7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -27,6 +27,8 @@ RUN apk add --no-cache monit ADD monitrc /etc/monitrc +RUN chmod 700 /etc/monitrc + ADD run.sh / EXPOSE 8080 From c6cbc57cd54177b3c74fd5feb14ee3ea437a1c17 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Fri, 8 Jun 2018 16:29:17 +0200 Subject: [PATCH 019/117] Enable mod_rewrite --- apache2_conf/modules.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/apache2_conf/modules.conf b/apache2_conf/modules.conf index 22756b4..6856e06 100644 --- a/apache2_conf/modules.conf +++ b/apache2_conf/modules.conf @@ -24,3 +24,4 @@ LoadModule alias_module modules/mod_alias.so LoadModule negotiation_module modules/mod_negotiation.so LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so +LoadModule rewrite_module modules/mod_rewrite.so From f37712ce99fb55f3077c5bfff6b46ab5c431a962 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Tue, 12 Jun 2018 11:42:41 +0200 Subject: [PATCH 020/117] Deleted yaml --- .drone.yml | 13 ------------- 1 file changed, 13 deletions(-) delete mode 100644 .drone.yml diff --git a/.drone.yml b/.drone.yml deleted file mode 100644 index b6f3bbe..0000000 --- a/.drone.yml +++ /dev/null @@ -1,13 +0,0 @@ -workspace: - base: /fpfis/ - path: httpd-php - -pipeline: - build-and-push-image: - image: plugins/docker - repo: fpfis/httpd-php - tags: - - latest - secrets: [ docker_username, docker_password ] - when: - branch: release/* From 7952bcd77e242528721dac6fb224bc1cd031b486 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Tue, 12 Jun 2018 15:10:43 +0200 Subject: [PATCH 021/117] Apache user is now a env variable --- Dockerfile | 4 + README.md | 7 + apache2_conf/httpd.conf | 4 +- php_conf/docker.conf | 11 + php_conf/www-fpfis.conf | 12 + php_conf/www.conf | 543 ++++++++++++++++++++++++++++++++++++++++ 6 files changed, 579 insertions(+), 2 deletions(-) create mode 100644 php_conf/docker.conf create mode 100644 php_conf/www-fpfis.conf create mode 100644 php_conf/www.conf diff --git a/Dockerfile b/Dockerfile index efe16b7..a3f5bc7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,6 +8,10 @@ ENV APACHE_EXTRA_CONF "" ENV APACHE_EXTRA_CONF_DIR "" +ENV DAEMON_USER "www-data" + +ENV DAEMON_GROUP "www-data" + # Install PHP Modules RUN curl https://raw.githubusercontent.com/fpfis/httpd-php/release/5.6/install-ext-modules.sh | /bin/sh diff --git a/README.md b/README.md index e9145c2..1d436fb 100644 --- a/README.md +++ b/README.md @@ -5,6 +5,13 @@ Apache + PHP 5.6 Monit +Apache Variables: + +`DAEMON_USER` User that will run Apache and PHP. Defaults to www-data +`DAEMON_GROUP` Daemon group. Defaults to www-data +`DOCUMENT_ROOT` Document Root. Defaults to /var/www/html + + Module list: diff --git a/apache2_conf/httpd.conf b/apache2_conf/httpd.conf index 20792a7..b0e7b9c 100644 --- a/apache2_conf/httpd.conf +++ b/apache2_conf/httpd.conf @@ -3,8 +3,8 @@ PidFile /run/httpd.pid Listen ${PORT} Include modules.conf -User www-data -Group www-data +User ${DAEMON_USER} +Group ${DAEMON_GROUP} ServerAdmin root@localhost diff --git a/php_conf/docker.conf b/php_conf/docker.conf new file mode 100644 index 0000000..6791334 --- /dev/null +++ b/php_conf/docker.conf @@ -0,0 +1,11 @@ +[global] +error_log = /proc/self/fd/2 + +[www] +; if we send this to /proc/self/fd/1, it never appears +access.log = /proc/self/fd/2 + +clear_env = no + +; Ensure worker stdout and stderr are sent to the main error log. +catch_workers_output = yes diff --git a/php_conf/www-fpfis.conf b/php_conf/www-fpfis.conf new file mode 100644 index 0000000..d8760f9 --- /dev/null +++ b/php_conf/www-fpfis.conf @@ -0,0 +1,12 @@ +[global] + +[www] +user = www-data +group = www-data +listen = 127.0.0.1:9000 + +pm = dynamic +pm.max_children = 5 +pm.start_servers = 2 +pm.min_spare_servers = 1 +pm.max_spare_servers = 3 diff --git a/php_conf/www.conf b/php_conf/www.conf new file mode 100644 index 0000000..79c917d --- /dev/null +++ b/php_conf/www.conf @@ -0,0 +1,543 @@ +;;;;;;;;;;;;;;;;;;;;; +; FPM Configuration ; +;;;;;;;;;;;;;;;;;;;;; + +; All relative paths in this configuration file are relative to PHP's install +; prefix (/usr/local). This prefix can be dynamically changed by using the +; '-p' argument from the command line. + +; Include one or more files. If glob(3) exists, it is used to include a bunch of +; files from a glob(3) pattern. This directive can be used everywhere in the +; file. +; Relative path can also be used. They will be prefixed by: +; - the global prefix if it's been set (-p argument) +; - /usr/local otherwise +;include=etc/fpm.d/*.conf + +;;;;;;;;;;;;;;;;;; +; Global Options ; +;;;;;;;;;;;;;;;;;; + +[global] +; Pid file +; Note: the default prefix is /usr/local/var +; Default Value: none +;pid = run/php-fpm.pid + +; Error log file +; If it's set to "syslog", log is sent to syslogd instead of being written +; in a local file. +; Note: the default prefix is /usr/local/var +; Default Value: log/php-fpm.log +;error_log = log/php-fpm.log + +; syslog_facility is used to specify what type of program is logging the +; message. This lets syslogd specify that messages from different facilities +; will be handled differently. +; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON) +; Default Value: daemon +;syslog.facility = daemon + +; syslog_ident is prepended to every message. If you have multiple FPM +; instances running on the same server, you can change the default value +; which must suit common needs. +; Default Value: php-fpm +;syslog.ident = php-fpm + +; Log level +; Possible Values: alert, error, warning, notice, debug +; Default Value: notice +;log_level = notice + +; If this number of child processes exit with SIGSEGV or SIGBUS within the time +; interval set by emergency_restart_interval then FPM will restart. A value +; of '0' means 'Off'. +; Default Value: 0 +;emergency_restart_threshold = 0 + +; Interval of time used by emergency_restart_interval to determine when +; a graceful restart will be initiated. This can be useful to work around +; accidental corruptions in an accelerator's shared memory. +; Available Units: s(econds), m(inutes), h(ours), or d(ays) +; Default Unit: seconds +; Default Value: 0 +;emergency_restart_interval = 0 + +; Time limit for child processes to wait for a reaction on signals from master. +; Available units: s(econds), m(inutes), h(ours), or d(ays) +; Default Unit: seconds +; Default Value: 0 +;process_control_timeout = 0 + +; The maximum number of processes FPM will fork. This has been design to control +; the global number of processes when using dynamic PM within a lot of pools. +; Use it with caution. +; Note: A value of 0 indicates no limit +; Default Value: 0 +; process.max = 128 + +; Specify the nice(2) priority to apply to the master process (only if set) +; The value can vary from -19 (highest priority) to 20 (lower priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool process will inherit the master process priority +; unless it specified otherwise +; Default Value: no set +; process.priority = -19 + +; Send FPM to background. Set to 'no' to keep FPM in foreground for debugging. +; Default Value: yes +;daemonize = yes + +; Set open file descriptor rlimit for the master process. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit for the master process. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Specify the event mechanism FPM will use. The following is available: +; - select (any POSIX os) +; - poll (any POSIX os) +; - epoll (linux >= 2.5.44) +; - kqueue (FreeBSD >= 4.1, OpenBSD >= 2.9, NetBSD >= 2.0) +; - /dev/poll (Solaris >= 7) +; - port (Solaris >= 10) +; Default Value: not set (auto detection) +;events.mechanism = epoll + +; When FPM is build with systemd integration, specify the interval, +; in second, between health report notification to systemd. +; Set to 0 to disable. +; Available Units: s(econds), m(inutes), h(ours) +; Default Unit: seconds +; Default value: 10 +;systemd_interval = 10 + +;;;;;;;;;;;;;;;;;;;; +; Pool Definitions ; +;;;;;;;;;;;;;;;;;;;; + +; Multiple pools of child processes may be started with different listening +; ports and different management options. The name of the pool will be +; used in logs and stats. There is no limitation on the number of pools which +; FPM can handle. Your system will tell you anyway :) + +; Start a new pool named 'www'. +; the variable $pool can we used in any directive and will be replaced by the +; pool name ('www' here) +[www] + +; Per pool prefix +; It only applies on the following directives: +; - 'access.log' +; - 'slowlog' +; - 'listen' (unixsocket) +; - 'chroot' +; - 'chdir' +; - 'php_values' +; - 'php_admin_values' +; When not set, the global prefix (or NONE) applies instead. +; Note: This directive can also be relative to the global prefix. +; Default Value: none +;prefix = /path/to/pools/$pool + +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +user = www-data +group = www-data + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on +; a specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all IPv4 addresses on a +; specific port; +; '[::]:port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +listen = 127.0.0.1:9000 + +; Set listen(2) backlog. +; Default Value: 65535 (-1 on FreeBSD and OpenBSD) +;listen.backlog = 65535 + +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. +; Default Values: user and group are set as the running user +; mode is set to 0660 +;listen.owner = www-data +;listen.group = www-data +;listen.mode = 0660 +; When POSIX Access Control Lists are supported you can set them using +; these options, value is a comma separated list of user/group names. +; When set, listen.owner and listen.group are ignored +;listen.acl_users = +;listen.acl_groups = + +; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. +; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original +; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address +; must be separated by a comma. If this value is left blank, connections will be +; accepted from any ip address. +; Default Value: any +;listen.allowed_clients = 127.0.0.1 + +; Specify the nice(2) priority to apply to the pool processes (only if set) +; The value can vary from -19 (highest priority) to 20 (lower priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool processes will inherit the master process priority +; unless it specified otherwise +; Default Value: no set +; process.priority = -19 + +; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user +; or group is differrent than the master process user. It allows to create process +; core dump and ptrace the process for the pool user. +; Default Value: no +; process.dumpable = yes + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives. With this process management, there will be +; always at least 1 children. +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; ondemand - no children are created at startup. Children will be forked when +; new requests will connect. The following parameter are used: +; pm.max_children - the maximum number of children that +; can be alive at the same time. +; pm.process_idle_timeout - The number of seconds after which +; an idle process will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. The below defaults are based on a server without much resources. Don't +; forget to tweak pm.* to fit your needs. +; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' +; Note: This value is mandatory. +pm.max_children = 5 + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 +pm.start_servers = 2 + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.min_spare_servers = 1 + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.max_spare_servers = 3 + +; The number of seconds after which an idle process will be killed. +; Note: Used only when pm is set to 'ondemand' +; Default Value: 10s +;pm.process_idle_timeout = 10s; + +; The number of requests each child process should execute before respawning. +; This can be useful to work around memory leaks in 3rd party libraries. For +; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. +; Default Value: 0 +;pm.max_requests = 500 + +; The URI to view the FPM status page. If this value is not set, no URI will be +; recognized as a status page. It shows the following informations: +; pool - the name of the pool; +; process manager - static, dynamic or ondemand; +; start time - the date and time FPM has started; +; start since - number of seconds since FPM has started; +; accepted conn - the number of request accepted by the pool; +; listen queue - the number of request in the queue of pending +; connections (see backlog in listen(2)); +; max listen queue - the maximum number of requests in the queue +; of pending connections since FPM has started; +; listen queue len - the size of the socket queue of pending connections; +; idle processes - the number of idle processes; +; active processes - the number of active processes; +; total processes - the number of idle + active processes; +; max active processes - the maximum number of active processes since FPM +; has started; +; max children reached - number of times, the process limit has been reached, +; when pm tries to start more children (works only for +; pm 'dynamic' and 'ondemand'); +; Value are updated in real time. +; Example output: +; pool: www +; process manager: static +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 62636 +; accepted conn: 190460 +; listen queue: 0 +; max listen queue: 1 +; listen queue len: 42 +; idle processes: 4 +; active processes: 11 +; total processes: 15 +; max active processes: 12 +; max children reached: 0 +; +; By default the status page output is formatted as text/plain. Passing either +; 'html', 'xml' or 'json' in the query string will return the corresponding +; output syntax. Example: +; http://www.foo.bar/status +; http://www.foo.bar/status?json +; http://www.foo.bar/status?html +; http://www.foo.bar/status?xml +; +; By default the status page only outputs short status. Passing 'full' in the +; query string will also return status for each pool process. +; Example: +; http://www.foo.bar/status?full +; http://www.foo.bar/status?json&full +; http://www.foo.bar/status?html&full +; http://www.foo.bar/status?xml&full +; The Full status returns for each process: +; pid - the PID of the process; +; state - the state of the process (Idle, Running, ...); +; start time - the date and time the process has started; +; start since - the number of seconds since the process has started; +; requests - the number of requests the process has served; +; request duration - the duration in µs of the requests; +; request method - the request method (GET, POST, ...); +; request URI - the request URI with the query string; +; content length - the content length of the request (only with POST); +; user - the user (PHP_AUTH_USER) (or '-' if not set); +; script - the main script called (or '-' if not set); +; last request cpu - the %cpu the last request consumed +; it's always 0 if the process is not in Idle state +; because CPU calculation is done when the request +; processing has terminated; +; last request memory - the max amount of memory the last request consumed +; it's always 0 if the process is not in Idle state +; because memory calculation is done when the request +; processing has terminated; +; If the process is in Idle state, then informations are related to the +; last request the process has served. Otherwise informations are related to +; the current request being served. +; Example output: +; ************************ +; pid: 31330 +; state: Running +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 63087 +; requests: 12808 +; request duration: 1250261 +; request method: GET +; request URI: /test_mem.php?N=10000 +; content length: 0 +; user: - +; script: /home/fat/web/docs/php/test_mem.php +; last request cpu: 0.00 +; last request memory: 0 +; +; Note: There is a real-time FPM status monitoring sample web page available +; It's available in: /usr/local/share/php/fpm/status.html +; +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;pm.status_path = /status + +; The ping URI to call the monitoring page of FPM. If this value is not set, no +; URI will be recognized as a ping page. This could be used to test from outside +; that FPM is alive and responding, or to +; - create a graph of FPM availability (rrd or such); +; - remove a server from a group if it is not responding (load balancing); +; - trigger alerts for the operating team (24/7). +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;ping.path = /ping + +; This directive may be used to customize the response of a ping request. The +; response is formatted as text/plain with a 200 response code. +; Default Value: pong +;ping.response = pong + +; The access log file +; Default: not set +;access.log = log/$pool.access.log + +; The access log format. +; The following syntax is allowed +; %%: the '%' character +; %C: %CPU used by the request +; it can accept the following format: +; - %{user}C for user CPU only +; - %{system}C for system CPU only +; - %{total}C for user + system CPU (default) +; %d: time taken to serve the request +; it can accept the following format: +; - %{seconds}d (default) +; - %{miliseconds}d +; - %{mili}d +; - %{microseconds}d +; - %{micro}d +; %e: an environment variable (same as $_ENV or $_SERVER) +; it must be associated with embraces to specify the name of the env +; variable. Some exemples: +; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e +; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e +; %f: script filename +; %l: content-length of the request (for POST request only) +; %m: request method +; %M: peak of memory allocated by PHP +; it can accept the following format: +; - %{bytes}M (default) +; - %{kilobytes}M +; - %{kilo}M +; - %{megabytes}M +; - %{mega}M +; %n: pool name +; %o: output header +; it must be associated with embraces to specify the name of the header: +; - %{Content-Type}o +; - %{X-Powered-By}o +; - %{Transfert-Encoding}o +; - .... +; %p: PID of the child that serviced the request +; %P: PID of the parent of the child that serviced the request +; %q: the query string +; %Q: the '?' character if query string exists +; %r: the request URI (without the query string, see %q and %Q) +; %R: remote IP address +; %s: status (response code) +; %t: server time the request was received +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; %T: time the log has been written (the request has finished) +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; %u: remote user +; +; Default: "%R - %u %t \"%m %r\" %s" +;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +;slowlog = log/$pool.log.slow + +; The timeout for serving a single request after which a PHP backtrace will be +; dumped to the 'slowlog' file. A value of '0s' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_slowlog_timeout = 0 + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_terminate_timeout = 0 + +; Set open file descriptor rlimit. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Chroot to this directory at the start. This value must be defined as an +; absolute path. When this value is not set, chroot is not used. +; Note: you can prefix with '$prefix' to chroot to the pool prefix or one +; of its subdirectories. If the pool prefix is not set, the global prefix +; will be used instead. +; Note: chrooting is a great security feature and should be used whenever +; possible. However, all PHP paths will be relative to the chroot +; (error_log, sessions.save_path, ...). +; Default Value: not set +;chroot = + +; Chdir to this directory at the start. +; Note: relative path can be used. +; Default Value: current directory or / when chroot +;chdir = /var/www + +; Redirect worker stdout and stderr into main error log. If not set, stdout and +; stderr will be redirected to /dev/null according to FastCGI specs. +; Note: on highloaded environement, this can cause some delay in the page +; process time (several ms). +; Default Value: no +;catch_workers_output = yes + +; Clear environment in FPM workers +; Prevents arbitrary environment variables from reaching FPM worker processes +; by clearing the environment in workers before env vars specified in this +; pool configuration are added. +; Setting to "no" will make all environment variables available to PHP code +; via getenv(), $_ENV and $_SERVER. +; Default Value: yes +;clear_env = no + +; Limits the extensions of the main script FPM will allow to parse. This can +; prevent configuration mistakes on the web server side. You should only limit +; FPM to .php extensions to prevent malicious users to use other extensions to +; exectute php code. +; Note: set an empty value to allow all extensions. +; Default Value: .php +;security.limit_extensions = .php .php3 .php4 .php5 + +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from +; the current environment. +; Default Value: clean env +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /tmp +;env[TMPDIR] = /tmp +;env[TEMP] = /tmp + +; Additional php.ini defines, specific to this pool of workers. These settings +; overwrite the values previously defined in the php.ini. The directives are the +; same as the PHP SAPI: +; php_value/php_flag - you can set classic ini defines which can +; be overwritten from PHP call 'ini_set'. +; php_admin_value/php_admin_flag - these directives won't be overwritten by +; PHP call 'ini_set' +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. + +; Defining 'extension' will load the corresponding shared extension from +; extension_dir. Defining 'disable_functions' or 'disable_classes' will not +; overwrite previously defined php.ini values, but will append the new value +; instead. + +; Note: path INI options can be relative and will be expanded with the prefix +; (pool, global or /usr/local) + +; Default Value: nothing is defined by default except the values in php.ini and +; specified at startup with the -d argument +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com +;php_flag[display_errors] = off +;php_admin_value[error_log] = /var/log/fpm-php.www.log +;php_admin_flag[log_errors] = on +;php_admin_value[memory_limit] = 32M From 1f16400465b585a4219a3a050bbb661eb4c6b61a Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Tue, 12 Jun 2018 15:14:38 +0200 Subject: [PATCH 022/117] Added drone.yml --- .drone.yml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 .drone.yml diff --git a/.drone.yml b/.drone.yml new file mode 100644 index 0000000..ef32b2c --- /dev/null +++ b/.drone.yml @@ -0,0 +1,17 @@ +workspace: + base: /fpfis/ + path: httpd-php + +pipeline: + dumpenv: + image: library/bash + commands: + - printenv + build-and-push-image: + image: plugins/docker + repo: fpfis/httpd-php + tags: + - latest + secrets: [ docker_username, docker_password ] + when: + branch: release/* From b1fae8c5201e3efa9bbb7cf340280d337de19d31 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Tue, 12 Jun 2018 16:21:07 +0200 Subject: [PATCH 023/117] Removed php conf files --- php_conf/docker.conf | 11 - php_conf/www-fpfis.conf | 12 - php_conf/www.conf | 543 ---------------------------------------- 3 files changed, 566 deletions(-) delete mode 100644 php_conf/docker.conf delete mode 100644 php_conf/www-fpfis.conf delete mode 100644 php_conf/www.conf diff --git a/php_conf/docker.conf b/php_conf/docker.conf deleted file mode 100644 index 6791334..0000000 --- a/php_conf/docker.conf +++ /dev/null @@ -1,11 +0,0 @@ -[global] -error_log = /proc/self/fd/2 - -[www] -; if we send this to /proc/self/fd/1, it never appears -access.log = /proc/self/fd/2 - -clear_env = no - -; Ensure worker stdout and stderr are sent to the main error log. -catch_workers_output = yes diff --git a/php_conf/www-fpfis.conf b/php_conf/www-fpfis.conf deleted file mode 100644 index d8760f9..0000000 --- a/php_conf/www-fpfis.conf +++ /dev/null @@ -1,12 +0,0 @@ -[global] - -[www] -user = www-data -group = www-data -listen = 127.0.0.1:9000 - -pm = dynamic -pm.max_children = 5 -pm.start_servers = 2 -pm.min_spare_servers = 1 -pm.max_spare_servers = 3 diff --git a/php_conf/www.conf b/php_conf/www.conf deleted file mode 100644 index 79c917d..0000000 --- a/php_conf/www.conf +++ /dev/null @@ -1,543 +0,0 @@ -;;;;;;;;;;;;;;;;;;;;; -; FPM Configuration ; -;;;;;;;;;;;;;;;;;;;;; - -; All relative paths in this configuration file are relative to PHP's install -; prefix (/usr/local). This prefix can be dynamically changed by using the -; '-p' argument from the command line. - -; Include one or more files. If glob(3) exists, it is used to include a bunch of -; files from a glob(3) pattern. This directive can be used everywhere in the -; file. -; Relative path can also be used. They will be prefixed by: -; - the global prefix if it's been set (-p argument) -; - /usr/local otherwise -;include=etc/fpm.d/*.conf - -;;;;;;;;;;;;;;;;;; -; Global Options ; -;;;;;;;;;;;;;;;;;; - -[global] -; Pid file -; Note: the default prefix is /usr/local/var -; Default Value: none -;pid = run/php-fpm.pid - -; Error log file -; If it's set to "syslog", log is sent to syslogd instead of being written -; in a local file. -; Note: the default prefix is /usr/local/var -; Default Value: log/php-fpm.log -;error_log = log/php-fpm.log - -; syslog_facility is used to specify what type of program is logging the -; message. This lets syslogd specify that messages from different facilities -; will be handled differently. -; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON) -; Default Value: daemon -;syslog.facility = daemon - -; syslog_ident is prepended to every message. If you have multiple FPM -; instances running on the same server, you can change the default value -; which must suit common needs. -; Default Value: php-fpm -;syslog.ident = php-fpm - -; Log level -; Possible Values: alert, error, warning, notice, debug -; Default Value: notice -;log_level = notice - -; If this number of child processes exit with SIGSEGV or SIGBUS within the time -; interval set by emergency_restart_interval then FPM will restart. A value -; of '0' means 'Off'. -; Default Value: 0 -;emergency_restart_threshold = 0 - -; Interval of time used by emergency_restart_interval to determine when -; a graceful restart will be initiated. This can be useful to work around -; accidental corruptions in an accelerator's shared memory. -; Available Units: s(econds), m(inutes), h(ours), or d(ays) -; Default Unit: seconds -; Default Value: 0 -;emergency_restart_interval = 0 - -; Time limit for child processes to wait for a reaction on signals from master. -; Available units: s(econds), m(inutes), h(ours), or d(ays) -; Default Unit: seconds -; Default Value: 0 -;process_control_timeout = 0 - -; The maximum number of processes FPM will fork. This has been design to control -; the global number of processes when using dynamic PM within a lot of pools. -; Use it with caution. -; Note: A value of 0 indicates no limit -; Default Value: 0 -; process.max = 128 - -; Specify the nice(2) priority to apply to the master process (only if set) -; The value can vary from -19 (highest priority) to 20 (lower priority) -; Note: - It will only work if the FPM master process is launched as root -; - The pool process will inherit the master process priority -; unless it specified otherwise -; Default Value: no set -; process.priority = -19 - -; Send FPM to background. Set to 'no' to keep FPM in foreground for debugging. -; Default Value: yes -;daemonize = yes - -; Set open file descriptor rlimit for the master process. -; Default Value: system defined value -;rlimit_files = 1024 - -; Set max core size rlimit for the master process. -; Possible Values: 'unlimited' or an integer greater or equal to 0 -; Default Value: system defined value -;rlimit_core = 0 - -; Specify the event mechanism FPM will use. The following is available: -; - select (any POSIX os) -; - poll (any POSIX os) -; - epoll (linux >= 2.5.44) -; - kqueue (FreeBSD >= 4.1, OpenBSD >= 2.9, NetBSD >= 2.0) -; - /dev/poll (Solaris >= 7) -; - port (Solaris >= 10) -; Default Value: not set (auto detection) -;events.mechanism = epoll - -; When FPM is build with systemd integration, specify the interval, -; in second, between health report notification to systemd. -; Set to 0 to disable. -; Available Units: s(econds), m(inutes), h(ours) -; Default Unit: seconds -; Default value: 10 -;systemd_interval = 10 - -;;;;;;;;;;;;;;;;;;;; -; Pool Definitions ; -;;;;;;;;;;;;;;;;;;;; - -; Multiple pools of child processes may be started with different listening -; ports and different management options. The name of the pool will be -; used in logs and stats. There is no limitation on the number of pools which -; FPM can handle. Your system will tell you anyway :) - -; Start a new pool named 'www'. -; the variable $pool can we used in any directive and will be replaced by the -; pool name ('www' here) -[www] - -; Per pool prefix -; It only applies on the following directives: -; - 'access.log' -; - 'slowlog' -; - 'listen' (unixsocket) -; - 'chroot' -; - 'chdir' -; - 'php_values' -; - 'php_admin_values' -; When not set, the global prefix (or NONE) applies instead. -; Note: This directive can also be relative to the global prefix. -; Default Value: none -;prefix = /path/to/pools/$pool - -; Unix user/group of processes -; Note: The user is mandatory. If the group is not set, the default user's group -; will be used. -user = www-data -group = www-data - -; The address on which to accept FastCGI requests. -; Valid syntaxes are: -; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on -; a specific port; -; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on -; a specific port; -; 'port' - to listen on a TCP socket to all IPv4 addresses on a -; specific port; -; '[::]:port' - to listen on a TCP socket to all addresses -; (IPv6 and IPv4-mapped) on a specific port; -; '/path/to/unix/socket' - to listen on a unix socket. -; Note: This value is mandatory. -listen = 127.0.0.1:9000 - -; Set listen(2) backlog. -; Default Value: 65535 (-1 on FreeBSD and OpenBSD) -;listen.backlog = 65535 - -; Set permissions for unix socket, if one is used. In Linux, read/write -; permissions must be set in order to allow connections from a web server. Many -; BSD-derived systems allow connections regardless of permissions. -; Default Values: user and group are set as the running user -; mode is set to 0660 -;listen.owner = www-data -;listen.group = www-data -;listen.mode = 0660 -; When POSIX Access Control Lists are supported you can set them using -; these options, value is a comma separated list of user/group names. -; When set, listen.owner and listen.group are ignored -;listen.acl_users = -;listen.acl_groups = - -; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. -; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original -; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address -; must be separated by a comma. If this value is left blank, connections will be -; accepted from any ip address. -; Default Value: any -;listen.allowed_clients = 127.0.0.1 - -; Specify the nice(2) priority to apply to the pool processes (only if set) -; The value can vary from -19 (highest priority) to 20 (lower priority) -; Note: - It will only work if the FPM master process is launched as root -; - The pool processes will inherit the master process priority -; unless it specified otherwise -; Default Value: no set -; process.priority = -19 - -; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user -; or group is differrent than the master process user. It allows to create process -; core dump and ptrace the process for the pool user. -; Default Value: no -; process.dumpable = yes - -; Choose how the process manager will control the number of child processes. -; Possible Values: -; static - a fixed number (pm.max_children) of child processes; -; dynamic - the number of child processes are set dynamically based on the -; following directives. With this process management, there will be -; always at least 1 children. -; pm.max_children - the maximum number of children that can -; be alive at the same time. -; pm.start_servers - the number of children created on startup. -; pm.min_spare_servers - the minimum number of children in 'idle' -; state (waiting to process). If the number -; of 'idle' processes is less than this -; number then some children will be created. -; pm.max_spare_servers - the maximum number of children in 'idle' -; state (waiting to process). If the number -; of 'idle' processes is greater than this -; number then some children will be killed. -; ondemand - no children are created at startup. Children will be forked when -; new requests will connect. The following parameter are used: -; pm.max_children - the maximum number of children that -; can be alive at the same time. -; pm.process_idle_timeout - The number of seconds after which -; an idle process will be killed. -; Note: This value is mandatory. -pm = dynamic - -; The number of child processes to be created when pm is set to 'static' and the -; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. -; This value sets the limit on the number of simultaneous requests that will be -; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. -; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP -; CGI. The below defaults are based on a server without much resources. Don't -; forget to tweak pm.* to fit your needs. -; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' -; Note: This value is mandatory. -pm.max_children = 5 - -; The number of child processes created on startup. -; Note: Used only when pm is set to 'dynamic' -; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 -pm.start_servers = 2 - -; The desired minimum number of idle server processes. -; Note: Used only when pm is set to 'dynamic' -; Note: Mandatory when pm is set to 'dynamic' -pm.min_spare_servers = 1 - -; The desired maximum number of idle server processes. -; Note: Used only when pm is set to 'dynamic' -; Note: Mandatory when pm is set to 'dynamic' -pm.max_spare_servers = 3 - -; The number of seconds after which an idle process will be killed. -; Note: Used only when pm is set to 'ondemand' -; Default Value: 10s -;pm.process_idle_timeout = 10s; - -; The number of requests each child process should execute before respawning. -; This can be useful to work around memory leaks in 3rd party libraries. For -; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. -; Default Value: 0 -;pm.max_requests = 500 - -; The URI to view the FPM status page. If this value is not set, no URI will be -; recognized as a status page. It shows the following informations: -; pool - the name of the pool; -; process manager - static, dynamic or ondemand; -; start time - the date and time FPM has started; -; start since - number of seconds since FPM has started; -; accepted conn - the number of request accepted by the pool; -; listen queue - the number of request in the queue of pending -; connections (see backlog in listen(2)); -; max listen queue - the maximum number of requests in the queue -; of pending connections since FPM has started; -; listen queue len - the size of the socket queue of pending connections; -; idle processes - the number of idle processes; -; active processes - the number of active processes; -; total processes - the number of idle + active processes; -; max active processes - the maximum number of active processes since FPM -; has started; -; max children reached - number of times, the process limit has been reached, -; when pm tries to start more children (works only for -; pm 'dynamic' and 'ondemand'); -; Value are updated in real time. -; Example output: -; pool: www -; process manager: static -; start time: 01/Jul/2011:17:53:49 +0200 -; start since: 62636 -; accepted conn: 190460 -; listen queue: 0 -; max listen queue: 1 -; listen queue len: 42 -; idle processes: 4 -; active processes: 11 -; total processes: 15 -; max active processes: 12 -; max children reached: 0 -; -; By default the status page output is formatted as text/plain. Passing either -; 'html', 'xml' or 'json' in the query string will return the corresponding -; output syntax. Example: -; http://www.foo.bar/status -; http://www.foo.bar/status?json -; http://www.foo.bar/status?html -; http://www.foo.bar/status?xml -; -; By default the status page only outputs short status. Passing 'full' in the -; query string will also return status for each pool process. -; Example: -; http://www.foo.bar/status?full -; http://www.foo.bar/status?json&full -; http://www.foo.bar/status?html&full -; http://www.foo.bar/status?xml&full -; The Full status returns for each process: -; pid - the PID of the process; -; state - the state of the process (Idle, Running, ...); -; start time - the date and time the process has started; -; start since - the number of seconds since the process has started; -; requests - the number of requests the process has served; -; request duration - the duration in µs of the requests; -; request method - the request method (GET, POST, ...); -; request URI - the request URI with the query string; -; content length - the content length of the request (only with POST); -; user - the user (PHP_AUTH_USER) (or '-' if not set); -; script - the main script called (or '-' if not set); -; last request cpu - the %cpu the last request consumed -; it's always 0 if the process is not in Idle state -; because CPU calculation is done when the request -; processing has terminated; -; last request memory - the max amount of memory the last request consumed -; it's always 0 if the process is not in Idle state -; because memory calculation is done when the request -; processing has terminated; -; If the process is in Idle state, then informations are related to the -; last request the process has served. Otherwise informations are related to -; the current request being served. -; Example output: -; ************************ -; pid: 31330 -; state: Running -; start time: 01/Jul/2011:17:53:49 +0200 -; start since: 63087 -; requests: 12808 -; request duration: 1250261 -; request method: GET -; request URI: /test_mem.php?N=10000 -; content length: 0 -; user: - -; script: /home/fat/web/docs/php/test_mem.php -; last request cpu: 0.00 -; last request memory: 0 -; -; Note: There is a real-time FPM status monitoring sample web page available -; It's available in: /usr/local/share/php/fpm/status.html -; -; Note: The value must start with a leading slash (/). The value can be -; anything, but it may not be a good idea to use the .php extension or it -; may conflict with a real PHP file. -; Default Value: not set -;pm.status_path = /status - -; The ping URI to call the monitoring page of FPM. If this value is not set, no -; URI will be recognized as a ping page. This could be used to test from outside -; that FPM is alive and responding, or to -; - create a graph of FPM availability (rrd or such); -; - remove a server from a group if it is not responding (load balancing); -; - trigger alerts for the operating team (24/7). -; Note: The value must start with a leading slash (/). The value can be -; anything, but it may not be a good idea to use the .php extension or it -; may conflict with a real PHP file. -; Default Value: not set -;ping.path = /ping - -; This directive may be used to customize the response of a ping request. The -; response is formatted as text/plain with a 200 response code. -; Default Value: pong -;ping.response = pong - -; The access log file -; Default: not set -;access.log = log/$pool.access.log - -; The access log format. -; The following syntax is allowed -; %%: the '%' character -; %C: %CPU used by the request -; it can accept the following format: -; - %{user}C for user CPU only -; - %{system}C for system CPU only -; - %{total}C for user + system CPU (default) -; %d: time taken to serve the request -; it can accept the following format: -; - %{seconds}d (default) -; - %{miliseconds}d -; - %{mili}d -; - %{microseconds}d -; - %{micro}d -; %e: an environment variable (same as $_ENV or $_SERVER) -; it must be associated with embraces to specify the name of the env -; variable. Some exemples: -; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e -; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e -; %f: script filename -; %l: content-length of the request (for POST request only) -; %m: request method -; %M: peak of memory allocated by PHP -; it can accept the following format: -; - %{bytes}M (default) -; - %{kilobytes}M -; - %{kilo}M -; - %{megabytes}M -; - %{mega}M -; %n: pool name -; %o: output header -; it must be associated with embraces to specify the name of the header: -; - %{Content-Type}o -; - %{X-Powered-By}o -; - %{Transfert-Encoding}o -; - .... -; %p: PID of the child that serviced the request -; %P: PID of the parent of the child that serviced the request -; %q: the query string -; %Q: the '?' character if query string exists -; %r: the request URI (without the query string, see %q and %Q) -; %R: remote IP address -; %s: status (response code) -; %t: server time the request was received -; it can accept a strftime(3) format: -; %d/%b/%Y:%H:%M:%S %z (default) -; %T: time the log has been written (the request has finished) -; it can accept a strftime(3) format: -; %d/%b/%Y:%H:%M:%S %z (default) -; %u: remote user -; -; Default: "%R - %u %t \"%m %r\" %s" -;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" - -; The log file for slow requests -; Default Value: not set -; Note: slowlog is mandatory if request_slowlog_timeout is set -;slowlog = log/$pool.log.slow - -; The timeout for serving a single request after which a PHP backtrace will be -; dumped to the 'slowlog' file. A value of '0s' means 'off'. -; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) -; Default Value: 0 -;request_slowlog_timeout = 0 - -; The timeout for serving a single request after which the worker process will -; be killed. This option should be used when the 'max_execution_time' ini option -; does not stop script execution for some reason. A value of '0' means 'off'. -; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) -; Default Value: 0 -;request_terminate_timeout = 0 - -; Set open file descriptor rlimit. -; Default Value: system defined value -;rlimit_files = 1024 - -; Set max core size rlimit. -; Possible Values: 'unlimited' or an integer greater or equal to 0 -; Default Value: system defined value -;rlimit_core = 0 - -; Chroot to this directory at the start. This value must be defined as an -; absolute path. When this value is not set, chroot is not used. -; Note: you can prefix with '$prefix' to chroot to the pool prefix or one -; of its subdirectories. If the pool prefix is not set, the global prefix -; will be used instead. -; Note: chrooting is a great security feature and should be used whenever -; possible. However, all PHP paths will be relative to the chroot -; (error_log, sessions.save_path, ...). -; Default Value: not set -;chroot = - -; Chdir to this directory at the start. -; Note: relative path can be used. -; Default Value: current directory or / when chroot -;chdir = /var/www - -; Redirect worker stdout and stderr into main error log. If not set, stdout and -; stderr will be redirected to /dev/null according to FastCGI specs. -; Note: on highloaded environement, this can cause some delay in the page -; process time (several ms). -; Default Value: no -;catch_workers_output = yes - -; Clear environment in FPM workers -; Prevents arbitrary environment variables from reaching FPM worker processes -; by clearing the environment in workers before env vars specified in this -; pool configuration are added. -; Setting to "no" will make all environment variables available to PHP code -; via getenv(), $_ENV and $_SERVER. -; Default Value: yes -;clear_env = no - -; Limits the extensions of the main script FPM will allow to parse. This can -; prevent configuration mistakes on the web server side. You should only limit -; FPM to .php extensions to prevent malicious users to use other extensions to -; exectute php code. -; Note: set an empty value to allow all extensions. -; Default Value: .php -;security.limit_extensions = .php .php3 .php4 .php5 - -; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from -; the current environment. -; Default Value: clean env -;env[HOSTNAME] = $HOSTNAME -;env[PATH] = /usr/local/bin:/usr/bin:/bin -;env[TMP] = /tmp -;env[TMPDIR] = /tmp -;env[TEMP] = /tmp - -; Additional php.ini defines, specific to this pool of workers. These settings -; overwrite the values previously defined in the php.ini. The directives are the -; same as the PHP SAPI: -; php_value/php_flag - you can set classic ini defines which can -; be overwritten from PHP call 'ini_set'. -; php_admin_value/php_admin_flag - these directives won't be overwritten by -; PHP call 'ini_set' -; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. - -; Defining 'extension' will load the corresponding shared extension from -; extension_dir. Defining 'disable_functions' or 'disable_classes' will not -; overwrite previously defined php.ini values, but will append the new value -; instead. - -; Note: path INI options can be relative and will be expanded with the prefix -; (pool, global or /usr/local) - -; Default Value: nothing is defined by default except the values in php.ini and -; specified at startup with the -d argument -;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com -;php_flag[display_errors] = off -;php_admin_value[error_log] = /var/log/fpm-php.www.log -;php_admin_flag[log_errors] = on -;php_admin_value[memory_limit] = 32M From 0e0a7736ebb4c28eb163482811cd4192a5a5e30f Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Tue, 12 Jun 2018 16:21:39 +0200 Subject: [PATCH 024/117] Fix ln typo --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index a3f5bc7..47f4447 100644 --- a/Dockerfile +++ b/Dockerfile @@ -15,7 +15,7 @@ ENV DAEMON_GROUP "www-data" # Install PHP Modules RUN curl https://raw.githubusercontent.com/fpfis/httpd-php/release/5.6/install-ext-modules.sh | /bin/sh -RUN ln -s /usr/lib/etc/ /etc/php +RUN ln -s /usr/local/etc/ /etc/php ### Add httpd RUN apk add --no-cache apache2 apache2-utils apache2-proxy From 292c1877743b30d62d63d6c088571537586c926b Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Tue, 12 Jun 2018 16:32:08 +0200 Subject: [PATCH 025/117] Fix for www-data on run.sh --- run.sh | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/run.sh b/run.sh index 2591c54..c58a387 100755 --- a/run.sh +++ b/run.sh @@ -1,8 +1,6 @@ #!/bin/sh set -e -trap "echo TRAP" EXIT - # Get uid for the current docroot [ -z "${DOCUMENT_ROOT}" ] && export DOCUMENT_ROOT=/var/www/html @@ -22,5 +20,10 @@ if [ -z "$CMD" ]; then /usr/bin/monit -I else # Run the command as user web - HOME=/tmp su www-data -c sh -c "$CMD" + if id -u www-data >/dev/null 2>&1; + then + HOME=/tmp su www-data -c sh -c "$CMD" + else + eval "$CMD" + fi fi From 811148556717261001d145d02be7d96f175dac7e Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Tue, 12 Jun 2018 16:41:28 +0200 Subject: [PATCH 026/117] Added tags --- .drone.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.drone.yml b/.drone.yml index ef32b2c..1494cf7 100644 --- a/.drone.yml +++ b/.drone.yml @@ -7,11 +7,12 @@ pipeline: image: library/bash commands: - printenv + - echo ${DRONE_BRANCH%%/*} + - echo ${DRONE_BRANCH##/*} build-and-push-image: image: plugins/docker repo: fpfis/httpd-php - tags: - - latest + tags: [ 5 , 5.6 , latest ] secrets: [ docker_username, docker_password ] when: branch: release/* From 97570e0daf54a1a2059065a5aab69b6c04c197af Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Tue, 12 Jun 2018 16:49:09 +0200 Subject: [PATCH 027/117] Play around with tags --- .drone.yml | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/.drone.yml b/.drone.yml index 1494cf7..b95ca91 100644 --- a/.drone.yml +++ b/.drone.yml @@ -9,10 +9,11 @@ pipeline: - printenv - echo ${DRONE_BRANCH%%/*} - echo ${DRONE_BRANCH##/*} - build-and-push-image: - image: plugins/docker - repo: fpfis/httpd-php - tags: [ 5 , 5.6 , latest ] - secrets: [ docker_username, docker_password ] - when: - branch: release/* + - echo ${DRONE_BRANCH/\//_}_${DRONE_COMMIT:0:8},${DRONE_BRANCH/\//_} +# build-and-push-image: +# image: plugins/docker +# repo: fpfis/httpd-php +# tags: [ 5 , 5.6 , latest ] +# secrets: [ docker_username, docker_password ] +# when: +# branch: release/* From 3edc7681c2838f8a78187a969c4cc4b6906f0092 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Tue, 12 Jun 2018 16:55:37 +0200 Subject: [PATCH 028/117] Play around with tags --- .drone.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.drone.yml b/.drone.yml index b95ca91..789417c 100644 --- a/.drone.yml +++ b/.drone.yml @@ -8,7 +8,7 @@ pipeline: commands: - printenv - echo ${DRONE_BRANCH%%/*} - - echo ${DRONE_BRANCH##/*} + - echo ${DRONE_BRANCH##\/} - echo ${DRONE_BRANCH/\//_}_${DRONE_COMMIT:0:8},${DRONE_BRANCH/\//_} # build-and-push-image: # image: plugins/docker From c9ab6b814e734393cf44f5e172a0e8b1b8f42f9e Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Tue, 12 Jun 2018 16:58:08 +0200 Subject: [PATCH 029/117] Play around with tags --- .drone.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.drone.yml b/.drone.yml index 789417c..89b51c8 100644 --- a/.drone.yml +++ b/.drone.yml @@ -8,7 +8,7 @@ pipeline: commands: - printenv - echo ${DRONE_BRANCH%%/*} - - echo ${DRONE_BRANCH##\/} + - echo ${DRONE_BRANCH##*/} - echo ${DRONE_BRANCH/\//_}_${DRONE_COMMIT:0:8},${DRONE_BRANCH/\//_} # build-and-push-image: # image: plugins/docker From 72d9ac8b87df56c979e9a242995a29b1a17f0b84 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Tue, 12 Jun 2018 17:00:44 +0200 Subject: [PATCH 030/117] Play around with tags --- .drone.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.drone.yml b/.drone.yml index 89b51c8..6943d81 100644 --- a/.drone.yml +++ b/.drone.yml @@ -6,10 +6,8 @@ pipeline: dumpenv: image: library/bash commands: - - printenv - - echo ${DRONE_BRANCH%%/*} + - echo ${${DRONE_BRANCH##*/}:1} - echo ${DRONE_BRANCH##*/} - - echo ${DRONE_BRANCH/\//_}_${DRONE_COMMIT:0:8},${DRONE_BRANCH/\//_} # build-and-push-image: # image: plugins/docker # repo: fpfis/httpd-php From 76f4e6cf38cd77c92b3879edad56852eab4d9da9 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Tue, 12 Jun 2018 17:10:20 +0200 Subject: [PATCH 031/117] Play around with tags --- .drone.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.drone.yml b/.drone.yml index 6943d81..e71b16e 100644 --- a/.drone.yml +++ b/.drone.yml @@ -6,7 +6,7 @@ pipeline: dumpenv: image: library/bash commands: - - echo ${${DRONE_BRANCH##*/}:1} + - echo ${DRONE_BRANCH##*/:1} - echo ${DRONE_BRANCH##*/} # build-and-push-image: # image: plugins/docker From db06d6e9981fe13b93ca057a0223cc1f867a1133 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Tue, 12 Jun 2018 17:12:04 +0200 Subject: [PATCH 032/117] Play around with tags --- .drone.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.drone.yml b/.drone.yml index e71b16e..41e35f7 100644 --- a/.drone.yml +++ b/.drone.yml @@ -6,7 +6,7 @@ pipeline: dumpenv: image: library/bash commands: - - echo ${DRONE_BRANCH##*/:1} + - echo ${DRONE_BRANCH:9} - echo ${DRONE_BRANCH##*/} # build-and-push-image: # image: plugins/docker From 02e5e44246de3912812b891f3004aa63c60049ff Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Tue, 12 Jun 2018 17:13:02 +0200 Subject: [PATCH 033/117] Play around with tags --- .drone.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.drone.yml b/.drone.yml index 41e35f7..e235343 100644 --- a/.drone.yml +++ b/.drone.yml @@ -6,7 +6,7 @@ pipeline: dumpenv: image: library/bash commands: - - echo ${DRONE_BRANCH:9} + - echo ${DRONE_BRANCH:8:1} - echo ${DRONE_BRANCH##*/} # build-and-push-image: # image: plugins/docker From f5f4957e453fa95218908e20fbbba1070e77aea3 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Tue, 12 Jun 2018 17:17:33 +0200 Subject: [PATCH 034/117] Yaml fix --- .drone.yml | 23 +++++++++-------------- 1 file changed, 9 insertions(+), 14 deletions(-) diff --git a/.drone.yml b/.drone.yml index e235343..7cf4abc 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,17 +1,12 @@ workspace: - base: /fpfis/ - path: httpd-php + base: ${DRONE_BRANCH%%/*} + path: ${DRONE_BRANCH##*/} pipeline: - dumpenv: - image: library/bash - commands: - - echo ${DRONE_BRANCH:8:1} - - echo ${DRONE_BRANCH##*/} -# build-and-push-image: -# image: plugins/docker -# repo: fpfis/httpd-php -# tags: [ 5 , 5.6 , latest ] -# secrets: [ docker_username, docker_password ] -# when: -# branch: release/* + build-and-push-image: + image: plugins/docker + repo: fpfis/httpd-php + tags: [ ${DRONE_BRANCH:8:1} , ${DRONE_BRANCH##*/} ] + secrets: [ docker_username, docker_password ] + when: + branch: release/* From 75c8308ef1c57095fe7ea3175f4195f8db51a076 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Tue, 12 Jun 2018 17:23:50 +0200 Subject: [PATCH 035/117] Yaml fix --- .drone.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.drone.yml b/.drone.yml index 7cf4abc..5a627f5 100644 --- a/.drone.yml +++ b/.drone.yml @@ -6,7 +6,7 @@ pipeline: build-and-push-image: image: plugins/docker repo: fpfis/httpd-php - tags: [ ${DRONE_BRANCH:8:1} , ${DRONE_BRANCH##*/} ] + tags: [ "${DRONE_BRANCH:8:1}" , ${DRONE_BRANCH##*/} ] secrets: [ docker_username, docker_password ] when: branch: release/* From d0170efb6740b7ad107f4f2fd873f674a3fc4229 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Tue, 12 Jun 2018 17:25:07 +0200 Subject: [PATCH 036/117] Yaml fix --- .drone.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.drone.yml b/.drone.yml index 5a627f5..963d97f 100644 --- a/.drone.yml +++ b/.drone.yml @@ -6,7 +6,9 @@ pipeline: build-and-push-image: image: plugins/docker repo: fpfis/httpd-php - tags: [ "${DRONE_BRANCH:8:1}" , ${DRONE_BRANCH##*/} ] + tags: + - ${DRONE_BRANCH:8:1} + - ${DRONE_BRANCH##*/} secrets: [ docker_username, docker_password ] when: branch: release/* From 2fb6adfa2798f0b507c4ad20b8882e0ac90fc66b Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Thu, 14 Jun 2018 15:33:29 +0200 Subject: [PATCH 037/117] Initial 7.1 image --- .drone.yml | 6 +++--- Dockerfile | 4 ++-- README.md | 2 +- install-ext-modules.sh | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.drone.yml b/.drone.yml index 963d97f..20d4c62 100644 --- a/.drone.yml +++ b/.drone.yml @@ -6,9 +6,9 @@ pipeline: build-and-push-image: image: plugins/docker repo: fpfis/httpd-php - tags: - - ${DRONE_BRANCH:8:1} - - ${DRONE_BRANCH##*/} + tags: [ 7.1 ] +# - ${DRONE_BRANCH:8:1} +# - ${DRONE_BRANCH##*/} secrets: [ docker_username, docker_password ] when: branch: release/* diff --git a/Dockerfile b/Dockerfile index 47f4447..17ca8f6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM php:5-fpm-alpine +FROM php:7.1-fpm-alpine ENV DOCUMENT_ROOT /var/www/html @@ -13,7 +13,7 @@ ENV DAEMON_USER "www-data" ENV DAEMON_GROUP "www-data" # Install PHP Modules -RUN curl https://raw.githubusercontent.com/fpfis/httpd-php/release/5.6/install-ext-modules.sh | /bin/sh +RUN curl https://raw.githubusercontent.com/fpfis/httpd-php/release/7.1/install-ext-modules.sh | /bin/sh RUN ln -s /usr/local/etc/ /etc/php diff --git a/README.md b/README.md index 1d436fb..a0feeb0 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # httpd-php Alpine 3.7 -Apache + PHP 5.6 +Apache + PHP 7.1 Monit diff --git a/install-ext-modules.sh b/install-ext-modules.sh index 8a92f89..de5139f 100644 --- a/install-ext-modules.sh +++ b/install-ext-modules.sh @@ -55,7 +55,7 @@ pecl install igbinary; docker-php-ext-enable igbinary; -echo '' | pecl install memcached-2.2.0; +echo '' | pecl install memcached; cd /tmp; @@ -79,4 +79,4 @@ docker-php-ext-install $modules; apk add --no-cache $( scanelf --needed --nobanner --format '%n#p' --recursive /usr/local | tr ',' '\n' | sort -u | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' ); -apk del .build-deps \ No newline at end of file +apk del .build-deps From 308e89b16a4cdfee6a071a36436ac4e55e026a53 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Thu, 14 Jun 2018 15:35:37 +0200 Subject: [PATCH 038/117] Fix yaml --- .drone.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.drone.yml b/.drone.yml index 20d4c62..1815fdb 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,5 +1,5 @@ workspace: - base: ${DRONE_BRANCH%%/*} + base: /${DRONE_BRANCH%%/*} path: ${DRONE_BRANCH##*/} pipeline: From dfa08b03812bc8d4c4cd8572f38ab65179bd303d Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Thu, 14 Jun 2018 16:11:39 +0200 Subject: [PATCH 039/117] Added php-fpm user variable --- Dockerfile | 2 + phpfpf_conf/www.conf | 419 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 421 insertions(+) create mode 100644 phpfpf_conf/www.conf diff --git a/Dockerfile b/Dockerfile index 17ca8f6..c14aa57 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,6 +17,8 @@ RUN curl https://raw.githubusercontent.com/fpfis/httpd-php/release/7.1/install-e RUN ln -s /usr/local/etc/ /etc/php +ADD phpfpm_conf/www.conf /etc/php/php-fpm.d/ + ### Add httpd RUN apk add --no-cache apache2 apache2-utils apache2-proxy diff --git a/phpfpf_conf/www.conf b/phpfpf_conf/www.conf new file mode 100644 index 0000000..a73be4f --- /dev/null +++ b/phpfpf_conf/www.conf @@ -0,0 +1,419 @@ +; Start a new pool named 'www'. +; the variable $pool can be used in any directive and will be replaced by the +; pool name ('www' here) +[www] + +; Per pool prefix +; It only applies on the following directives: +; - 'access.log' +; - 'slowlog' +; - 'listen' (unixsocket) +; - 'chroot' +; - 'chdir' +; - 'php_values' +; - 'php_admin_values' +; When not set, the global prefix (or NONE) applies instead. +; Note: This directive can also be relative to the global prefix. +; Default Value: none +;prefix = /path/to/pools/$pool + +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +user = ${DAEMON_USER} +group = ${DAEMON_USER} + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on +; a specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +listen = 127.0.0.1:9000 + +; Set listen(2) backlog. +; Default Value: 511 (-1 on FreeBSD and OpenBSD) +;listen.backlog = 511 + +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. +; Default Values: user and group are set as the running user +; mode is set to 0660 +;listen.owner = www-data +;listen.group = www-data +;listen.mode = 0660 +; When POSIX Access Control Lists are supported you can set them using +; these options, value is a comma separated list of user/group names. +; When set, listen.owner and listen.group are ignored +;listen.acl_users = +;listen.acl_groups = + +; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. +; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original +; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address +; must be separated by a comma. If this value is left blank, connections will be +; accepted from any ip address. +; Default Value: any +;listen.allowed_clients = 127.0.0.1 + +; Specify the nice(2) priority to apply to the pool processes (only if set) +; The value can vary from -19 (highest priority) to 20 (lower priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool processes will inherit the master process priority +; unless it specified otherwise +; Default Value: no set +; process.priority = -19 + +; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user +; or group is differrent than the master process user. It allows to create process +; core dump and ptrace the process for the pool user. +; Default Value: no +; process.dumpable = yes + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives. With this process management, there will be +; always at least 1 children. +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; ondemand - no children are created at startup. Children will be forked when +; new requests will connect. The following parameter are used: +; pm.max_children - the maximum number of children that +; can be alive at the same time. +; pm.process_idle_timeout - The number of seconds after which +; an idle process will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. The below defaults are based on a server without much resources. Don't +; forget to tweak pm.* to fit your needs. +; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' +; Note: This value is mandatory. +pm.max_children = 5 + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 +pm.start_servers = 2 + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.min_spare_servers = 1 + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.max_spare_servers = 3 + +; The number of seconds after which an idle process will be killed. +; Note: Used only when pm is set to 'ondemand' +; Default Value: 10s +;pm.process_idle_timeout = 10s; + +; The number of requests each child process should execute before respawning. +; This can be useful to work around memory leaks in 3rd party libraries. For +; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. +; Default Value: 0 +;pm.max_requests = 500 + +; The URI to view the FPM status page. If this value is not set, no URI will be +; recognized as a status page. It shows the following informations: +; pool - the name of the pool; +; process manager - static, dynamic or ondemand; +; start time - the date and time FPM has started; +; start since - number of seconds since FPM has started; +; accepted conn - the number of request accepted by the pool; +; listen queue - the number of request in the queue of pending +; connections (see backlog in listen(2)); +; max listen queue - the maximum number of requests in the queue +; of pending connections since FPM has started; +; listen queue len - the size of the socket queue of pending connections; +; idle processes - the number of idle processes; +; active processes - the number of active processes; +; total processes - the number of idle + active processes; +; max active processes - the maximum number of active processes since FPM +; has started; +; max children reached - number of times, the process limit has been reached, +; when pm tries to start more children (works only for +; pm 'dynamic' and 'ondemand'); +; Value are updated in real time. +; Example output: +; pool: www +; process manager: static +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 62636 +; accepted conn: 190460 +; listen queue: 0 +; max listen queue: 1 +; listen queue len: 42 +; idle processes: 4 +; active processes: 11 +; total processes: 15 +; max active processes: 12 +; max children reached: 0 +; +; By default the status page output is formatted as text/plain. Passing either +; 'html', 'xml' or 'json' in the query string will return the corresponding +; output syntax. Example: +; http://www.foo.bar/status +; http://www.foo.bar/status?json +; http://www.foo.bar/status?html +; http://www.foo.bar/status?xml +; +; By default the status page only outputs short status. Passing 'full' in the +; query string will also return status for each pool process. +; Example: +; http://www.foo.bar/status?full +; http://www.foo.bar/status?json&full +; http://www.foo.bar/status?html&full +; http://www.foo.bar/status?xml&full +; The Full status returns for each process: +; pid - the PID of the process; +; state - the state of the process (Idle, Running, ...); +; start time - the date and time the process has started; +; start since - the number of seconds since the process has started; +; requests - the number of requests the process has served; +; request duration - the duration in µs of the requests; +; request method - the request method (GET, POST, ...); +; request URI - the request URI with the query string; +; content length - the content length of the request (only with POST); +; user - the user (PHP_AUTH_USER) (or '-' if not set); +; script - the main script called (or '-' if not set); +; last request cpu - the %cpu the last request consumed +; it's always 0 if the process is not in Idle state +; because CPU calculation is done when the request +; processing has terminated; +; last request memory - the max amount of memory the last request consumed +; it's always 0 if the process is not in Idle state +; because memory calculation is done when the request +; processing has terminated; +; If the process is in Idle state, then informations are related to the +; last request the process has served. Otherwise informations are related to +; the current request being served. +; Example output: +; ************************ +; pid: 31330 +; state: Running +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 63087 +; requests: 12808 +; request duration: 1250261 +; request method: GET +; request URI: /test_mem.php?N=10000 +; content length: 0 +; user: - +; script: /home/fat/web/docs/php/test_mem.php +; last request cpu: 0.00 +; last request memory: 0 +; +; Note: There is a real-time FPM status monitoring sample web page available +; It's available in: /usr/local/share/php/fpm/status.html +; +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;pm.status_path = /status + +; The ping URI to call the monitoring page of FPM. If this value is not set, no +; URI will be recognized as a ping page. This could be used to test from outside +; that FPM is alive and responding, or to +; - create a graph of FPM availability (rrd or such); +; - remove a server from a group if it is not responding (load balancing); +; - trigger alerts for the operating team (24/7). +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;ping.path = /ping + +; This directive may be used to customize the response of a ping request. The +; response is formatted as text/plain with a 200 response code. +; Default Value: pong +;ping.response = pong + +; The access log file +; Default: not set +;access.log = log/$pool.access.log + +; The access log format. +; The following syntax is allowed +; %%: the '%' character +; %C: %CPU used by the request +; it can accept the following format: +; - %{user}C for user CPU only +; - %{system}C for system CPU only +; - %{total}C for user + system CPU (default) +; %d: time taken to serve the request +; it can accept the following format: +; - %{seconds}d (default) +; - %{miliseconds}d +; - %{mili}d +; - %{microseconds}d +; - %{micro}d +; %e: an environment variable (same as $_ENV or $_SERVER) +; it must be associated with embraces to specify the name of the env +; variable. Some exemples: +; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e +; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e +; %f: script filename +; %l: content-length of the request (for POST request only) +; %m: request method +; %M: peak of memory allocated by PHP +; it can accept the following format: +; - %{bytes}M (default) +; - %{kilobytes}M +; - %{kilo}M +; - %{megabytes}M +; - %{mega}M +; %n: pool name +; %o: output header +; it must be associated with embraces to specify the name of the header: +; - %{Content-Type}o +; - %{X-Powered-By}o +; - %{Transfert-Encoding}o +; - .... +; %p: PID of the child that serviced the request +; %P: PID of the parent of the child that serviced the request +; %q: the query string +; %Q: the '?' character if query string exists +; %r: the request URI (without the query string, see %q and %Q) +; %R: remote IP address +; %s: status (response code) +; %t: server time the request was received +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %T: time the log has been written (the request has finished) +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %u: remote user +; +; Default: "%R - %u %t \"%m %r\" %s" +;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +;slowlog = log/$pool.log.slow + +; The timeout for serving a single request after which a PHP backtrace will be +; dumped to the 'slowlog' file. A value of '0s' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_slowlog_timeout = 0 + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_terminate_timeout = 0 + +; Set open file descriptor rlimit. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Chroot to this directory at the start. This value must be defined as an +; absolute path. When this value is not set, chroot is not used. +; Note: you can prefix with '$prefix' to chroot to the pool prefix or one +; of its subdirectories. If the pool prefix is not set, the global prefix +; will be used instead. +; Note: chrooting is a great security feature and should be used whenever +; possible. However, all PHP paths will be relative to the chroot +; (error_log, sessions.save_path, ...). +; Default Value: not set +;chroot = + +; Chdir to this directory at the start. +; Note: relative path can be used. +; Default Value: current directory or / when chroot +;chdir = /var/www + +; Redirect worker stdout and stderr into main error log. If not set, stdout and +; stderr will be redirected to /dev/null according to FastCGI specs. +; Note: on highloaded environement, this can cause some delay in the page +; process time (several ms). +; Default Value: no +;catch_workers_output = yes + +; Clear environment in FPM workers +; Prevents arbitrary environment variables from reaching FPM worker processes +; by clearing the environment in workers before env vars specified in this +; pool configuration are added. +; Setting to "no" will make all environment variables available to PHP code +; via getenv(), $_ENV and $_SERVER. +; Default Value: yes +;clear_env = no + +; Limits the extensions of the main script FPM will allow to parse. This can +; prevent configuration mistakes on the web server side. You should only limit +; FPM to .php extensions to prevent malicious users to use other extensions to +; execute php code. +; Note: set an empty value to allow all extensions. +; Default Value: .php +;security.limit_extensions = .php .php3 .php4 .php5 .php7 + +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from +; the current environment. +; Default Value: clean env +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /tmp +;env[TMPDIR] = /tmp +;env[TEMP] = /tmp + +; Additional php.ini defines, specific to this pool of workers. These settings +; overwrite the values previously defined in the php.ini. The directives are the +; same as the PHP SAPI: +; php_value/php_flag - you can set classic ini defines which can +; be overwritten from PHP call 'ini_set'. +; php_admin_value/php_admin_flag - these directives won't be overwritten by +; PHP call 'ini_set' +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. + +; Defining 'extension' will load the corresponding shared extension from +; extension_dir. Defining 'disable_functions' or 'disable_classes' will not +; overwrite previously defined php.ini values, but will append the new value +; instead. + +; Note: path INI options can be relative and will be expanded with the prefix +; (pool, global or /usr/local) + +; Default Value: nothing is defined by default except the values in php.ini and +; specified at startup with the -d argument +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com +;php_flag[display_errors] = off +;php_admin_value[error_log] = /var/log/fpm-php.www.log +;php_admin_flag[log_errors] = on +;php_admin_value[memory_limit] = 32M From 9c0a0c0d0829980083c79a9b6fa19fd3fb4cff65 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Thu, 14 Jun 2018 16:17:53 +0200 Subject: [PATCH 040/117] Yaml update --- .drone.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.drone.yml b/.drone.yml index 963d97f..53bdd19 100644 --- a/.drone.yml +++ b/.drone.yml @@ -6,9 +6,9 @@ pipeline: build-and-push-image: image: plugins/docker repo: fpfis/httpd-php - tags: - - ${DRONE_BRANCH:8:1} - - ${DRONE_BRANCH##*/} + tags: [ 5 , 5.6 ] +# - ${DRONE_BRANCH:8:1} +# - ${DRONE_BRANCH##*/} secrets: [ docker_username, docker_password ] when: branch: release/* From cd12c3e66e35b080b0014675fabf0bb617fe8ae3 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Thu, 14 Jun 2018 16:23:32 +0200 Subject: [PATCH 041/117] Added phpfmp folder --- {phpfpf_conf => phpfpm_conf}/www.conf | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename {phpfpf_conf => phpfpm_conf}/www.conf (100%) diff --git a/phpfpf_conf/www.conf b/phpfpm_conf/www.conf similarity index 100% rename from phpfpf_conf/www.conf rename to phpfpm_conf/www.conf From 7079ea439b5bf66f7c2bbda6639e21a0163ea874 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Thu, 14 Jun 2018 16:26:03 +0200 Subject: [PATCH 042/117] Added php-fpm config --- Dockerfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Dockerfile b/Dockerfile index 47f4447..dd44516 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,6 +17,8 @@ RUN curl https://raw.githubusercontent.com/fpfis/httpd-php/release/5.6/install-e RUN ln -s /usr/local/etc/ /etc/php +ADD phpfpm_conf/www.conf /etc/php/php-fpm.d/ + ### Add httpd RUN apk add --no-cache apache2 apache2-utils apache2-proxy From 922a9101b1abe056906eb1840f261cc803b08838 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Thu, 14 Jun 2018 16:27:24 +0200 Subject: [PATCH 043/117] Fix yaml --- .drone.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.drone.yml b/.drone.yml index 53bdd19..5dae254 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,5 +1,5 @@ workspace: - base: ${DRONE_BRANCH%%/*} + base: /${DRONE_BRANCH%%/*} path: ${DRONE_BRANCH##*/} pipeline: From 2ad5e167f0b7ba0ca2975bb76ee51076029ce224 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Thu, 21 Jun 2018 18:13:24 +0200 Subject: [PATCH 044/117] Update install-ext-modules.sh --- install-ext-modules.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install-ext-modules.sh b/install-ext-modules.sh index de5139f..c973c9c 100644 --- a/install-ext-modules.sh +++ b/install-ext-modules.sh @@ -2,7 +2,7 @@ set -xue -modules="bz2 calendar exif gd pdo_mysql opcache zip xsl intl mcrypt ldap " +modules="bz2 calendar exif gd pdo_mysql opcache zip xsl intl mcrypt ldap sockets " #Dumb list of dev dependencies... From 106b7130432037f4ec9bcc1e5742e510dfd9b4a8 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Fri, 22 Jun 2018 16:33:05 +0200 Subject: [PATCH 045/117] Fixing GD --- Dockerfile | 3 ++- install-ext-modules.sh | 16 ++++++++++++++-- 2 files changed, 16 insertions(+), 3 deletions(-) mode change 100644 => 100755 install-ext-modules.sh diff --git a/Dockerfile b/Dockerfile index c14aa57..282af2b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -13,7 +13,8 @@ ENV DAEMON_USER "www-data" ENV DAEMON_GROUP "www-data" # Install PHP Modules -RUN curl https://raw.githubusercontent.com/fpfis/httpd-php/release/7.1/install-ext-modules.sh | /bin/sh +ADD install-ext-modules.sh /install-ext-modules.sh +RUN /install-ext-modules.sh RUN ln -s /usr/local/etc/ /etc/php diff --git a/install-ext-modules.sh b/install-ext-modules.sh old mode 100644 new mode 100755 index c973c9c..1b10eaf --- a/install-ext-modules.sh +++ b/install-ext-modules.sh @@ -2,8 +2,7 @@ set -xue -modules="bz2 calendar exif gd pdo_mysql opcache zip xsl intl mcrypt ldap sockets " - +modules="soap bz2 calendar exif pdo_mysql opcache zip xsl intl mcrypt mbstring ldap sockets " #Dumb list of dev dependencies... makedepends=" @@ -51,14 +50,25 @@ apk add --no-cache --virtual .build-deps $makedepends $PHPIZE_DEPS; docker-php-source extract; +# GD + +docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ +docker-php-ext-install gd + +# Igbinary + pecl install igbinary; docker-php-ext-enable igbinary; +# Memcached + echo '' | pecl install memcached; cd /tmp; +# Redis + pecl bundle redis; cd redis; @@ -75,6 +85,8 @@ docker-php-source delete; docker-php-ext-enable redis; +# Others + docker-php-ext-install $modules; apk add --no-cache $( scanelf --needed --nobanner --format '%n#p' --recursive /usr/local | tr ',' '\n' | sort -u | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' ); From 27cf03d8b26a4aa7ebecca5659ecd4ca3a68435b Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Fri, 22 Jun 2018 16:37:02 +0200 Subject: [PATCH 046/117] Fixing issue with non-IPv6 ready hosts --- Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Dockerfile b/Dockerfile index 282af2b..72a3a54 100644 --- a/Dockerfile +++ b/Dockerfile @@ -28,6 +28,7 @@ ADD apache2_conf/ /etc/apache2/ RUN ln -s /usr/lib/apache2/ /etc/apache2/modules RUN rm /etc/apache2/conf.d/mpm.conf +RUN rm /usr/local/etc/php-fpm.d/zz-docker.conf ### Add monit RUN apk add --no-cache monit From c832182effbbdf1ee4609421a0b6e5cb71724970 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Fri, 22 Jun 2018 18:10:52 +0200 Subject: [PATCH 047/117] Adding ssmtp for mail communication --- Dockerfile | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 72a3a54..31c400a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,6 +12,9 @@ ENV DAEMON_USER "www-data" ENV DAEMON_GROUP "www-data" +### Add ssmtp +RUN apk add --no-cache ssmtp + # Install PHP Modules ADD install-ext-modules.sh /install-ext-modules.sh RUN /install-ext-modules.sh @@ -20,6 +23,7 @@ RUN ln -s /usr/local/etc/ /etc/php ADD phpfpm_conf/www.conf /etc/php/php-fpm.d/ + ### Add httpd RUN apk add --no-cache apache2 apache2-utils apache2-proxy @@ -43,4 +47,3 @@ EXPOSE 8080 EXPOSE 2812 ENTRYPOINT ["/run.sh"] - From 76289d7ed57486a6dce66c65ccbf420d3efc4503 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Sun, 24 Jun 2018 12:28:13 +0200 Subject: [PATCH 048/117] Update Dockerfile --- Dockerfile | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Dockerfile b/Dockerfile index 31c400a..5f0b232 100644 --- a/Dockerfile +++ b/Dockerfile @@ -34,6 +34,10 @@ RUN ln -s /usr/lib/apache2/ /etc/apache2/modules RUN rm /etc/apache2/conf.d/mpm.conf RUN rm /usr/local/etc/php-fpm.d/zz-docker.conf +### Fix iconv +RUN apk add gnu-libiconv --update-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge/testing/ --allow-untrusted +ENV LD_PRELOAD /usr/lib/preloadable_libiconv.so php + ### Add monit RUN apk add --no-cache monit From bf8785f56904ebb5b3324ede6e74559a3fd919d8 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Sun, 24 Jun 2018 14:43:16 +0200 Subject: [PATCH 049/117] Various fixes/additions - Changed drone pipeline to provide generic tagging - Added settings for log files - Added settings for min/max proccess - Added prod settings for php/apache --- .drone.yml | 33 ++++++++++++++++++++++++--------- Dockerfile | 24 +++++++++++++++++------- apache2_conf/conf.d/php.conf | 2 +- apache2_conf/conf.d/prod.conf | 2 ++ apache2_conf/httpd.conf | 6 +++--- php_conf/90-common.ini | 5 +++++ php_conf/95-prod.ini | 2 ++ phpfpm_conf/www.conf | 8 ++++---- 8 files changed, 58 insertions(+), 24 deletions(-) create mode 100644 apache2_conf/conf.d/prod.conf create mode 100644 php_conf/90-common.ini create mode 100644 php_conf/95-prod.ini diff --git a/.drone.yml b/.drone.yml index 1815fdb..ded84b8 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,14 +1,29 @@ -workspace: - base: /${DRONE_BRANCH%%/*} - path: ${DRONE_BRANCH##*/} - pipeline: - build-and-push-image: + # Build and push tags : + build-and-push: image: plugins/docker repo: fpfis/httpd-php - tags: [ 7.1 ] -# - ${DRONE_BRANCH:8:1} -# - ${DRONE_BRANCH##*/} - secrets: [ docker_username, docker_password ] + auto_tag: true + secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] + when: + event: tag + + # Build and push dev release + build-and-push-branch: + image: plugins/docker + repo: fpfis/platform + tags: ${DRONE_BRANCH##*/} + secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] when: + event: push branch: release/* + + # Mark production + build-and-push-production: + image: plugins/docker + repo: fpfis/platform + tags: production-${DRONE_BRANCH##*/} + secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] + when: + event: push + branch: production/* diff --git a/Dockerfile b/Dockerfile index 31c400a..1a20dd9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,6 +8,16 @@ ENV APACHE_EXTRA_CONF "" ENV APACHE_EXTRA_CONF_DIR "" +ENV APACHE_ERROR_LOG /dev/fd/2 + +ENV APACHE_ACCESS_LOG /dev/fd/1 + +ENV FPM_MIN_CHILDREN 3 + +ENV FPM_MAX_CHILDREN 5 + +ENV PHP_ERROR_LOG /dev/fd/2 + ENV DAEMON_USER "www-data" ENV DAEMON_GROUP "www-data" @@ -17,12 +27,11 @@ RUN apk add --no-cache ssmtp # Install PHP Modules ADD install-ext-modules.sh /install-ext-modules.sh -RUN /install-ext-modules.sh - -RUN ln -s /usr/local/etc/ /etc/php +RUN /install-ext-modules.sh && \ + ln -s /usr/local/etc/ /etc/php ADD phpfpm_conf/www.conf /etc/php/php-fpm.d/ - +ADD php_conf/ /usr/local/etc/php/conf.d/ ### Add httpd RUN apk add --no-cache apache2 apache2-utils apache2-proxy @@ -31,15 +40,16 @@ ADD apache2_conf/ /etc/apache2/ RUN ln -s /usr/lib/apache2/ /etc/apache2/modules -RUN rm /etc/apache2/conf.d/mpm.conf -RUN rm /usr/local/etc/php-fpm.d/zz-docker.conf +### Clean upstream config +RUN rm /etc/apache2/conf.d/mpm.conf && \ + rm /usr/local/etc/php-fpm.d/zz-docker.conf ### Add monit RUN apk add --no-cache monit ADD monitrc /etc/monitrc -RUN chmod 700 /etc/monitrc +RUN chmod 700 /etc/monitrc ADD run.sh / diff --git a/apache2_conf/conf.d/php.conf b/apache2_conf/conf.d/php.conf index e678688..18db1c9 100644 --- a/apache2_conf/conf.d/php.conf +++ b/apache2_conf/conf.d/php.conf @@ -1,2 +1,2 @@ ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/${DOCUMENT_ROOT}/$1 -DirectoryIndex /index.php index.php +DirectoryIndex index.php index.html \ No newline at end of file diff --git a/apache2_conf/conf.d/prod.conf b/apache2_conf/conf.d/prod.conf new file mode 100644 index 0000000..21a2df3 --- /dev/null +++ b/apache2_conf/conf.d/prod.conf @@ -0,0 +1,2 @@ +ServerTokens Prod +ServerSignature Off \ No newline at end of file diff --git a/apache2_conf/httpd.conf b/apache2_conf/httpd.conf index b0e7b9c..1c83d47 100644 --- a/apache2_conf/httpd.conf +++ b/apache2_conf/httpd.conf @@ -39,8 +39,8 @@ DocumentRoot ${DOCUMENT_ROOT} Require all denied -ErrorLog /dev/fd/2 -TransferLog /dev/fd/1 +ErrorLog ${APACHE_ERROR_LOG} +TransferLog ${APACHE_ACCESS_LOG} LogLevel notice @@ -86,4 +86,4 @@ ${APACHE_EXTRA_CONF} IncludeOptional ${APACHE_EXTRA_CONF_DIR}/*.conf -IncludeOptional conf.d/*.conf +IncludeOptional conf.d/*.conf \ No newline at end of file diff --git a/php_conf/90-common.ini b/php_conf/90-common.ini new file mode 100644 index 0000000..a30685b --- /dev/null +++ b/php_conf/90-common.ini @@ -0,0 +1,5 @@ +max_execution_time = 30 +max_input_time = 30 +memory_limit = 512M +log_errors=On +error_log=${PHP_ERROR_LOG} \ No newline at end of file diff --git a/php_conf/95-prod.ini b/php_conf/95-prod.ini new file mode 100644 index 0000000..a553174 --- /dev/null +++ b/php_conf/95-prod.ini @@ -0,0 +1,2 @@ +expose_php=Off +display_errors=Off \ No newline at end of file diff --git a/phpfpm_conf/www.conf b/phpfpm_conf/www.conf index a73be4f..a87e065 100644 --- a/phpfpm_conf/www.conf +++ b/phpfpm_conf/www.conf @@ -110,22 +110,22 @@ pm = dynamic ; forget to tweak pm.* to fit your needs. ; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' ; Note: This value is mandatory. -pm.max_children = 5 +pm.max_children = ${FPM_MAX_CHILDREN} ; The number of child processes created on startup. ; Note: Used only when pm is set to 'dynamic' ; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 -pm.start_servers = 2 +;pm.start_servers = ${FPM_START_CHILDREN} ; The desired minimum number of idle server processes. ; Note: Used only when pm is set to 'dynamic' ; Note: Mandatory when pm is set to 'dynamic' -pm.min_spare_servers = 1 +pm.min_spare_servers = ${FPM_MIN_CHILDREN} ; The desired maximum number of idle server processes. ; Note: Used only when pm is set to 'dynamic' ; Note: Mandatory when pm is set to 'dynamic' -pm.max_spare_servers = 3 +pm.max_spare_servers = ${FPM_MAX_CHILDREN} ; The number of seconds after which an idle process will be killed. ; Note: Used only when pm is set to 'ondemand' From 4dda4e049e89db4b130ddf623c16e0e778a7b9ba Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Sun, 24 Jun 2018 14:52:25 +0200 Subject: [PATCH 050/117] Do not release platform 7.1 --- .drone.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.drone.yml b/.drone.yml index ded84b8..34bf845 100644 --- a/.drone.yml +++ b/.drone.yml @@ -11,7 +11,7 @@ pipeline: # Build and push dev release build-and-push-branch: image: plugins/docker - repo: fpfis/platform + repo: fpfis/httpd-php tags: ${DRONE_BRANCH##*/} secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] when: @@ -21,7 +21,7 @@ pipeline: # Mark production build-and-push-production: image: plugins/docker - repo: fpfis/platform + repo: fpfis/httpd-php tags: production-${DRONE_BRANCH##*/} secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] when: From 8fe217b76bfbd41e64cc63bf4d14fc0419551b7c Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Sun, 24 Jun 2018 15:26:25 +0200 Subject: [PATCH 051/117] Downgraded memcached to 2.2.0 --- install-ext-modules.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install-ext-modules.sh b/install-ext-modules.sh index 1b10eaf..5fdaeee 100755 --- a/install-ext-modules.sh +++ b/install-ext-modules.sh @@ -63,7 +63,7 @@ docker-php-ext-enable igbinary; # Memcached -echo '' | pecl install memcached; +echo '' | pecl install memcached-2.2.0; cd /tmp; From a54ae9e65c30fa7884ffadfaf0519df875eb7c67 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 3 Jul 2018 15:43:53 +0200 Subject: [PATCH 052/117] Added default timezone --- php_conf/90-common.ini | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/php_conf/90-common.ini b/php_conf/90-common.ini index a30685b..3ab02e8 100644 --- a/php_conf/90-common.ini +++ b/php_conf/90-common.ini @@ -1,5 +1,6 @@ +date.timezone = Europe/Brussels max_execution_time = 30 max_input_time = 30 memory_limit = 512M log_errors=On -error_log=${PHP_ERROR_LOG} \ No newline at end of file +error_log=${PHP_ERROR_LOG} From 122303e4d5574fb5513a5c379d8d0c2dfb58246d Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Fri, 20 Jul 2018 16:18:48 +0200 Subject: [PATCH 053/117] Applied new pipelien --- .drone.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/.drone.yml b/.drone.yml index 34bf845..831c89d 100644 --- a/.drone.yml +++ b/.drone.yml @@ -3,11 +3,14 @@ pipeline: build-and-push: image: plugins/docker repo: fpfis/httpd-php - auto_tag: true secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] + tags: + - ${DRONE_TAG} + - ${DRONE_TAG%%-*} + - ${DRONE_BRANCH##*/} when: event: tag - + # Build and push dev release build-and-push-branch: image: plugins/docker @@ -27,3 +30,4 @@ pipeline: when: event: push branch: production/* + From c6b1735628ca729177aa4b5dac7bf3d1359e39b2 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Fri, 20 Jul 2018 16:18:48 +0200 Subject: [PATCH 054/117] Applied new pipelien --- .drone.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/.drone.yml b/.drone.yml index 34bf845..831c89d 100644 --- a/.drone.yml +++ b/.drone.yml @@ -3,11 +3,14 @@ pipeline: build-and-push: image: plugins/docker repo: fpfis/httpd-php - auto_tag: true secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] + tags: + - ${DRONE_TAG} + - ${DRONE_TAG%%-*} + - ${DRONE_BRANCH##*/} when: event: tag - + # Build and push dev release build-and-push-branch: image: plugins/docker @@ -27,3 +30,4 @@ pipeline: when: event: push branch: production/* + From 9c641ae979a734cc7216f24635e413d1862ee259 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 21 Aug 2018 14:10:09 +0200 Subject: [PATCH 055/117] Added bash --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 13c89ce..12ce3f0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -22,8 +22,8 @@ ENV DAEMON_USER "www-data" ENV DAEMON_GROUP "www-data" -### Add ssmtp -RUN apk add --no-cache ssmtp +### Add ssmtp & bash +RUN apk add --no-cache ssmtp bash # Install PHP Modules ADD install-ext-modules.sh /install-ext-modules.sh From 99dad1c6017d9af809e0f2039eee0d1d3ba7ff58 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Thu, 20 Sep 2018 11:32:02 +0200 Subject: [PATCH 056/117] Update Dockerfile Breaking housing :( --- Dockerfile | 2 -- 1 file changed, 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 0dca4b3..8082ea1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -55,8 +55,6 @@ RUN apk add --no-cache monit ADD monitrc /etc/monitrc -RUN chmod 700 /etc/monitrc - ADD run.sh / EXPOSE 8080 From 8204161fb086648f1139e876b9ec9b3296b391fb Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 25 Sep 2018 10:56:52 +0200 Subject: [PATCH 057/117] Breaks testing :( :( Revert "Update Dockerfile" This reverts commit 99dad1c6017d9af809e0f2039eee0d1d3ba7ff58. --- Dockerfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Dockerfile b/Dockerfile index 8082ea1..0dca4b3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -55,6 +55,8 @@ RUN apk add --no-cache monit ADD monitrc /etc/monitrc +RUN chmod 700 /etc/monitrc + ADD run.sh / EXPOSE 8080 From 512e89e46420ddbd62dab3e0bf8a9b7b68aaab88 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Mon, 8 Oct 2018 18:52:58 +0200 Subject: [PATCH 058/117] Migrate to php 5.6-stretch image due to issues with alpine --- Dockerfile | 50 +++++++++++++++++++++++++++++++++++++------------- 1 file changed, 37 insertions(+), 13 deletions(-) diff --git a/Dockerfile b/Dockerfile index 0dca4b3..5e1cf79 100644 --- a/Dockerfile +++ b/Dockerfile @@ -23,12 +23,33 @@ ENV DAEMON_USER "www-data" ENV DAEMON_GROUP "www-data" ### Add ssmtp & bash -RUN apk add --no-cache ssmtp bash +#RUN apk add --no-cache ssmtp bash # Install PHP Modules -ADD install-ext-modules.sh /install-ext-modules.sh -RUN /install-ext-modules.sh && \ - ln -s /usr/local/etc/ /etc/php +RUN apt-get update &&\ + apt-get -y install $run_deps &&\ + apt-get -y install $dev_deps &&\ + docker-php-source extract &&\ + docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu/ &&\ + docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ &&\ + docker-php-ext-install -j$(nproc) $php_modules &&\ + pecl install igbinary &&\ + docker-php-ext-enable igbinary &&\ + echo '' | pecl install memcached-2.2.0 &&\ + docker-php-ext-enable memcached &&\ + cd /tmp &&\ + pecl bundle redis &&\ + cd redis &&\ + phpize &&\ + ./configure --enable-redis-igbinary --enable-redis-lzf && make -j && make install &&\ + cd / &&\ + rm -rf /tmp/* &&\ + docker-php-source delete &&\ + docker-php-ext-enable redis &&\ + apt-get -y autoremove --purge $dev_deps &&\ + apt-get -y clean + +RUN ln -s /usr/local/etc/ /etc/php ADD phpfpm_conf/www.conf /etc/php/php-fpm.d/ ADD php_conf/ /usr/local/etc/php/conf.d/ @@ -36,26 +57,29 @@ ADD php_conf/ /usr/local/etc/php/conf.d/ ADD phpfpm_conf/www.conf /etc/php/php-fpm.d/ ### Add httpd -RUN apk add --no-cache apache2 apache2-utils apache2-proxy +RUN apt update &&\ + apt -y install apache2 &&\ + apt clean -ADD apache2_conf/ /etc/apache2/ -RUN ln -s /usr/lib/apache2/ /etc/apache2/modules +ADD apache2_conf/ /etc/apache2/ ### Clean upstream config -RUN rm /etc/apache2/conf.d/mpm.conf && \ - rm /usr/local/etc/php-fpm.d/zz-docker.conf +#RUN rm /etc/apache2/conf.d/mpm.conf && \ +# rm /usr/local/etc/php-fpm.d/zz-docker.conf ### Fix iconv -RUN apk add gnu-libiconv --update-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge/testing/ --allow-untrusted -ENV LD_PRELOAD /usr/lib/preloadable_libiconv.so php +#RUN apk add gnu-libiconv --update-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge/testing/ --allow-untrusted +#ENV LD_PRELOAD /usr/lib/preloadable_libiconv.so php ### Add monit -RUN apk add --no-cache monit +RUN apt update &&\ + apt -y install monit &&\ + apt clean ADD monitrc /etc/monitrc -RUN chmod 700 /etc/monitrc +RUN chmod 600 /etc/monitrc ADD run.sh / From c5a3cc942aee6124cee050b1fc2ec65b902c2950 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Mon, 8 Oct 2018 18:54:51 +0200 Subject: [PATCH 059/117] Fix copy-paste stupidity -.-' --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 5e1cf79..29fe188 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM php:5.6-fpm-alpine +FROM php:5-fpm-stretch ENV DOCUMENT_ROOT /var/www/html From 0faff81b8cd238f3631da94be0d3d03a8b20c0a6 Mon Sep 17 00:00:00 2001 From: tiago-fm Date: Mon, 8 Oct 2018 18:58:22 +0200 Subject: [PATCH 060/117] And more copy-paste stupidity -.-' --- Dockerfile | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/Dockerfile b/Dockerfile index 29fe188..0e1c6b6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,11 @@ FROM php:5-fpm-stretch +ARG php_modules="soap bz2 calendar exif pdo_mysql opcache zip xsl intl mcrypt mbstring ldap sockets iconv gd" + +ARG dev_deps="libxml2-dev libbz2-dev zlib1g-dev libxslt1-dev libmcrypt-dev libldap2-dev libfreetype6-dev libjpeg62-turbo-dev libpng-dev libmemcached-dev" + +ARG run_deps="libfreetype6 libjpeg62-turbo libmemcached11" + ENV DOCUMENT_ROOT /var/www/html ENV PORT 8080 From 17c9b573981ea2ef5346152ec9808d70793929c9 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 11:43:30 +0200 Subject: [PATCH 061/117] Started port to supervisor, started adding extensions, fixed eps --- Dockerfile | 51 +++++++++++++++++++++++++++++++------------------ run.sh | 2 +- supervisor.conf | 20 +++++++++++++++++++ 3 files changed, 53 insertions(+), 20 deletions(-) create mode 100644 supervisor.conf diff --git a/Dockerfile b/Dockerfile index 0e1c6b6..f247efc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,10 +1,10 @@ FROM php:5-fpm-stretch -ARG php_modules="soap bz2 calendar exif pdo_mysql opcache zip xsl intl mcrypt mbstring ldap sockets iconv gd" +ARG php_modules="soap bz2 calendar exif pdo_mysql opcache zip xsl intl mcrypt mbstring ldap sockets iconv gd oci8" -ARG dev_deps="libxml2-dev libbz2-dev zlib1g-dev libxslt1-dev libmcrypt-dev libldap2-dev libfreetype6-dev libjpeg62-turbo-dev libpng-dev libmemcached-dev" +ARG dev_deps="unzip libxml2-dev libbz2-dev zlib1g-dev libxslt1-dev libmcrypt-dev libldap2-dev libfreetype6-dev libjpeg62-turbo-dev libpng-dev libmemcached-dev" -ARG run_deps="libfreetype6 libjpeg62-turbo libmemcached11" +ARG run_deps="libfreetype6 libjpeg62-turbo libmemcached11 libxml2 libmcrypt4 libldap-common libxslt1.1 libaio1 libmemcachedutil2" ENV DOCUMENT_ROOT /var/www/html @@ -33,18 +33,34 @@ ENV DAEMON_GROUP "www-data" # Install PHP Modules RUN apt-get update &&\ - apt-get -y install $run_deps &&\ + # APT deps : + apt-get -y install $run_deps &&\ apt-get -y install $dev_deps &&\ + + # OCI8 deps : + curl https://repo.ne-dev.eu/deb/instantclient-basic-linux.x64-12.2.0.1.0.zip > /tmp/instantclient-basic-linux.zip &&\ + unzip /tmp/instantclient-basic-linux.zip -d /usr/local/ &&\ + rm /tmp/instantclient-basic-linux.zip &&\ + curl https://repo.ne-dev.eu/deb/instantclient-sdk-linux.x64-12.2.0.1.0.zip > /tmp/instantclient-sdk-linux.zip &&\ + unzip /tmp/instantclient-sdk-linux.zip -d /usr/local/ &&\ + rm /tmp/instantclient-sdk-linux.zip &&\ + ln -s /usr/local/instantclient_12_2/libclntsh.so.12.1 /usr/local/instantclient_12_2/libclntsh.so &&\ + echo /usr/local/instantclient_12_2 > /etc/ld.so.conf.d/oracle-instantclient.conf && ldconfig &&\ + + # Setup modules : docker-php-source extract &&\ docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu/ &&\ docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ &&\ + docker-php-ext-configure oci8 --with-oci8=instantclient,/usr/local/instantclient_12_2 &&\ docker-php-ext-install -j$(nproc) $php_modules &&\ - pecl install igbinary &&\ - docker-php-ext-enable igbinary &&\ - echo '' | pecl install memcached-2.2.0 &&\ - docker-php-ext-enable memcached &&\ - cd /tmp &&\ - pecl bundle redis &&\ + + # Setup redis/memcached module : + pecl install igbinary &&\ + docker-php-ext-enable igbinary &&\ + echo '' | pecl install memcached-2.2.0 &&\ + docker-php-ext-enable memcached &&\ + cd /tmp &&\ + pecl bundle redis &&\ cd redis &&\ phpize &&\ ./configure --enable-redis-igbinary --enable-redis-lzf && make -j && make install &&\ @@ -52,8 +68,11 @@ RUN apt-get update &&\ rm -rf /tmp/* &&\ docker-php-source delete &&\ docker-php-ext-enable redis &&\ + + # Clean our mess apt-get -y autoremove --purge $dev_deps &&\ - apt-get -y clean + apt-get -y clean &&\ + rm -rf /var/lib/apt/lists/* RUN ln -s /usr/local/etc/ /etc/php @@ -74,18 +93,12 @@ ADD apache2_conf/ /etc/apache2/ #RUN rm /etc/apache2/conf.d/mpm.conf && \ # rm /usr/local/etc/php-fpm.d/zz-docker.conf -### Fix iconv -#RUN apk add gnu-libiconv --update-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge/testing/ --allow-untrusted -#ENV LD_PRELOAD /usr/lib/preloadable_libiconv.so php - ### Add monit RUN apt update &&\ - apt -y install monit &&\ + apt -y install supervisor &&\ apt clean -ADD monitrc /etc/monitrc - -RUN chmod 600 /etc/monitrc +ADD supervisor.conf /etc/supervisor/conf.d/php.conf ADD run.sh / diff --git a/run.sh b/run.sh index c58a387..41949dd 100755 --- a/run.sh +++ b/run.sh @@ -17,7 +17,7 @@ if [ -z ${APACHE_EXTRA_CONF} ]; then export APACHE_EXTRA_CONF=""; fi if [ -z "$CMD" ]; then # If no run command provided, run supervisor as root a: - /usr/bin/monit -I + supervisor -nc /etc/supervisor/supervisord.conf else # Run the command as user web if id -u www-data >/dev/null 2>&1; diff --git a/supervisor.conf b/supervisor.conf new file mode 100644 index 0000000..7bda1c3 --- /dev/null +++ b/supervisor.conf @@ -0,0 +1,20 @@ +[program:httpd] +command=sh -c "/usr/sbin/httpd -T -d /usr/lib64/httpd -f /etc/httpd/conf/httpd.conf -DFOREGROUND" +killasgroup=true +stopasgroup=true +environment=DOCUMENT_ROOT=%(ENV_DOCUMENT_ROOT)s +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 + + +[program:php] +command=sh -c "/usr/local/sbin/php-fpm -g /run/php-fpm.pid -D" +killasgroup=true +stopasgroup=true +environment=DOCUMENT_ROOT=%(ENV_DOCUMENT_ROOT)s +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 From 8e1a775267a9f3cca7956578b92570a85542a6c3 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 11:47:16 +0200 Subject: [PATCH 062/117] Fix indent [CI-SKIP] --- Dockerfile | 80 +++++++++++++++++++++++++++--------------------------- 1 file changed, 40 insertions(+), 40 deletions(-) diff --git a/Dockerfile b/Dockerfile index f247efc..ac2c820 100644 --- a/Dockerfile +++ b/Dockerfile @@ -33,46 +33,46 @@ ENV DAEMON_GROUP "www-data" # Install PHP Modules RUN apt-get update &&\ - # APT deps : - apt-get -y install $run_deps &&\ - apt-get -y install $dev_deps &&\ - - # OCI8 deps : - curl https://repo.ne-dev.eu/deb/instantclient-basic-linux.x64-12.2.0.1.0.zip > /tmp/instantclient-basic-linux.zip &&\ - unzip /tmp/instantclient-basic-linux.zip -d /usr/local/ &&\ - rm /tmp/instantclient-basic-linux.zip &&\ - curl https://repo.ne-dev.eu/deb/instantclient-sdk-linux.x64-12.2.0.1.0.zip > /tmp/instantclient-sdk-linux.zip &&\ - unzip /tmp/instantclient-sdk-linux.zip -d /usr/local/ &&\ - rm /tmp/instantclient-sdk-linux.zip &&\ - ln -s /usr/local/instantclient_12_2/libclntsh.so.12.1 /usr/local/instantclient_12_2/libclntsh.so &&\ - echo /usr/local/instantclient_12_2 > /etc/ld.so.conf.d/oracle-instantclient.conf && ldconfig &&\ - - # Setup modules : - docker-php-source extract &&\ - docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu/ &&\ - docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ &&\ - docker-php-ext-configure oci8 --with-oci8=instantclient,/usr/local/instantclient_12_2 &&\ - docker-php-ext-install -j$(nproc) $php_modules &&\ - - # Setup redis/memcached module : - pecl install igbinary &&\ - docker-php-ext-enable igbinary &&\ - echo '' | pecl install memcached-2.2.0 &&\ - docker-php-ext-enable memcached &&\ - cd /tmp &&\ - pecl bundle redis &&\ - cd redis &&\ - phpize &&\ - ./configure --enable-redis-igbinary --enable-redis-lzf && make -j && make install &&\ - cd / &&\ - rm -rf /tmp/* &&\ - docker-php-source delete &&\ - docker-php-ext-enable redis &&\ - - # Clean our mess - apt-get -y autoremove --purge $dev_deps &&\ - apt-get -y clean &&\ - rm -rf /var/lib/apt/lists/* + # APT deps : + apt-get -y install $run_deps &&\ + apt-get -y install $dev_deps &&\ + + # OCI8 deps : + curl https://repo.ne-dev.eu/deb/instantclient-basic-linux.x64-12.2.0.1.0.zip > /tmp/instantclient-basic-linux.zip &&\ + unzip /tmp/instantclient-basic-linux.zip -d /usr/local/ &&\ + rm /tmp/instantclient-basic-linux.zip &&\ + curl https://repo.ne-dev.eu/deb/instantclient-sdk-linux.x64-12.2.0.1.0.zip > /tmp/instantclient-sdk-linux.zip &&\ + unzip /tmp/instantclient-sdk-linux.zip -d /usr/local/ &&\ + rm /tmp/instantclient-sdk-linux.zip &&\ + ln -s /usr/local/instantclient_12_2/libclntsh.so.12.1 /usr/local/instantclient_12_2/libclntsh.so &&\ + echo /usr/local/instantclient_12_2 > /etc/ld.so.conf.d/oracle-instantclient.conf && ldconfig &&\ + + # Setup modules : + docker-php-source extract &&\ + docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu/ &&\ + docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ &&\ + docker-php-ext-configure oci8 --with-oci8=instantclient,/usr/local/instantclient_12_2 &&\ + docker-php-ext-install -j$(nproc) $php_modules &&\ + + # Setup redis/memcached module : + pecl install igbinary &&\ + docker-php-ext-enable igbinary &&\ + echo '' | pecl install memcached-2.2.0 &&\ + docker-php-ext-enable memcached &&\ + cd /tmp &&\ + pecl bundle redis &&\ + cd redis &&\ + phpize &&\ + ./configure --enable-redis-igbinary --enable-redis-lzf && make -j && make install &&\ + cd / &&\ + rm -rf /tmp/* &&\ + docker-php-source delete &&\ + docker-php-ext-enable redis &&\ + + # Clean our mess + apt-get -y autoremove --purge $dev_deps &&\ + apt-get -y clean &&\ + rm -rf /var/lib/apt/lists/* RUN ln -s /usr/local/etc/ /etc/php From 10256eec32eafadbaa4e66fe678b6003f9935d3d Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 11:49:31 +0200 Subject: [PATCH 063/117] Cleaned --- Dockerfile | 24 ++++-------------------- 1 file changed, 4 insertions(+), 20 deletions(-) diff --git a/Dockerfile b/Dockerfile index ac2c820..feca5dc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,7 +4,7 @@ ARG php_modules="soap bz2 calendar exif pdo_mysql opcache zip xsl intl mcrypt mb ARG dev_deps="unzip libxml2-dev libbz2-dev zlib1g-dev libxslt1-dev libmcrypt-dev libldap2-dev libfreetype6-dev libjpeg62-turbo-dev libpng-dev libmemcached-dev" -ARG run_deps="libfreetype6 libjpeg62-turbo libmemcached11 libxml2 libmcrypt4 libldap-common libxslt1.1 libaio1 libmemcachedutil2" +ARG run_deps="apache2 supervisor libfreetype6 libjpeg62-turbo libmemcached11 libxml2 libmcrypt4 libldap-common libxslt1.1 libaio1 libmemcachedutil2" ENV DOCUMENT_ROOT /var/www/html @@ -72,32 +72,16 @@ RUN apt-get update &&\ # Clean our mess apt-get -y autoremove --purge $dev_deps &&\ apt-get -y clean &&\ - rm -rf /var/lib/apt/lists/* - -RUN ln -s /usr/local/etc/ /etc/php + rm -rf /var/lib/apt/lists/* &&\ + ln -s /usr/local/etc/ /etc/php ADD phpfpm_conf/www.conf /etc/php/php-fpm.d/ ADD php_conf/ /usr/local/etc/php/conf.d/ ADD phpfpm_conf/www.conf /etc/php/php-fpm.d/ -### Add httpd -RUN apt update &&\ - apt -y install apache2 &&\ - apt clean - - ADD apache2_conf/ /etc/apache2/ -### Clean upstream config -#RUN rm /etc/apache2/conf.d/mpm.conf && \ -# rm /usr/local/etc/php-fpm.d/zz-docker.conf - -### Add monit -RUN apt update &&\ - apt -y install supervisor &&\ - apt clean - ADD supervisor.conf /etc/supervisor/conf.d/php.conf ADD run.sh / @@ -105,4 +89,4 @@ ADD run.sh / EXPOSE 8080 EXPOSE 2812 -ENTRYPOINT ["/run.sh"] +ENTRYPOINT ["/run.sh"] \ No newline at end of file From 941f36e85df76c7d2f3a5b8c1840038f5386dae2 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 12:52:27 +0200 Subject: [PATCH 064/117] Going multistage --- Dockerfile | 26 ++++++++++++++++++++------ supervisor.conf | 6 ++---- 2 files changed, 22 insertions(+), 10 deletions(-) diff --git a/Dockerfile b/Dockerfile index feca5dc..8bab50a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM php:5-fpm-stretch +FROM php:5.6-fpm-stretch as httpd-php ARG php_modules="soap bz2 calendar exif pdo_mysql opcache zip xsl intl mcrypt mbstring ldap sockets iconv gd oci8" @@ -40,10 +40,8 @@ RUN apt-get update &&\ # OCI8 deps : curl https://repo.ne-dev.eu/deb/instantclient-basic-linux.x64-12.2.0.1.0.zip > /tmp/instantclient-basic-linux.zip &&\ unzip /tmp/instantclient-basic-linux.zip -d /usr/local/ &&\ - rm /tmp/instantclient-basic-linux.zip &&\ curl https://repo.ne-dev.eu/deb/instantclient-sdk-linux.x64-12.2.0.1.0.zip > /tmp/instantclient-sdk-linux.zip &&\ unzip /tmp/instantclient-sdk-linux.zip -d /usr/local/ &&\ - rm /tmp/instantclient-sdk-linux.zip &&\ ln -s /usr/local/instantclient_12_2/libclntsh.so.12.1 /usr/local/instantclient_12_2/libclntsh.so &&\ echo /usr/local/instantclient_12_2 > /etc/ld.so.conf.d/oracle-instantclient.conf && ldconfig &&\ @@ -65,7 +63,6 @@ RUN apt-get update &&\ phpize &&\ ./configure --enable-redis-igbinary --enable-redis-lzf && make -j && make install &&\ cd / &&\ - rm -rf /tmp/* &&\ docker-php-source delete &&\ docker-php-ext-enable redis &&\ @@ -73,6 +70,7 @@ RUN apt-get update &&\ apt-get -y autoremove --purge $dev_deps &&\ apt-get -y clean &&\ rm -rf /var/lib/apt/lists/* &&\ + rm -rf /tmp/* &&\ ln -s /usr/local/etc/ /etc/php ADD phpfpm_conf/www.conf /etc/php/php-fpm.d/ @@ -87,6 +85,22 @@ ADD supervisor.conf /etc/supervisor/conf.d/php.conf ADD run.sh / EXPOSE 8080 -EXPOSE 2812 -ENTRYPOINT ["/run.sh"] \ No newline at end of file +ENTRYPOINT ["/run.sh"] + +# Image with Java +FROM httpd-php as httpd-php-full + +RUN apt-get update &&\ + mkdir -p /usr/share/man/man1 &&\ + apt-get install -y openjdk-8-jre-headless &&\ + apt-get clean &&\ + rm -rf /var/lib/apt/lists/* + +# Dev image +FROM httpd-php as httpd-php-dev + +RUN docker-php-source extract &&\ + pecl install xdebug-2.5.5 &&\ + docker-php-ext-enable xdebug &&\ + docker-php-source delete \ No newline at end of file diff --git a/supervisor.conf b/supervisor.conf index 7bda1c3..505a601 100644 --- a/supervisor.conf +++ b/supervisor.conf @@ -1,8 +1,7 @@ [program:httpd] -command=sh -c "/usr/sbin/httpd -T -d /usr/lib64/httpd -f /etc/httpd/conf/httpd.conf -DFOREGROUND" +command=sh -c ". /etc/apache2/envvars ; apache2 -DFOREGROUND" killasgroup=true stopasgroup=true -environment=DOCUMENT_ROOT=%(ENV_DOCUMENT_ROOT)s stdout_logfile=/dev/stdout stdout_logfile_maxbytes=0 stderr_logfile=/dev/stderr @@ -13,8 +12,7 @@ stderr_logfile_maxbytes=0 command=sh -c "/usr/local/sbin/php-fpm -g /run/php-fpm.pid -D" killasgroup=true stopasgroup=true -environment=DOCUMENT_ROOT=%(ENV_DOCUMENT_ROOT)s stdout_logfile=/dev/stdout stdout_logfile_maxbytes=0 stderr_logfile=/dev/stderr -stderr_logfile_maxbytes=0 +stderr_logfile_maxbytes=0 \ No newline at end of file From 568a53454cb03844158a6e7a0214f18b55f4f773 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 13:01:02 +0200 Subject: [PATCH 065/117] Updated pipeline --- .drone.yml | 29 ++++++++++++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/.drone.yml b/.drone.yml index 831c89d..56e4f32 100644 --- a/.drone.yml +++ b/.drone.yml @@ -3,6 +3,7 @@ pipeline: build-and-push: image: plugins/docker repo: fpfis/httpd-php + target: httpd-php secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] tags: - ${DRONE_TAG} @@ -11,21 +12,47 @@ pipeline: when: event: tag - # Build and push dev release + + # Build and push release build-and-push-branch: image: plugins/docker repo: fpfis/httpd-php tags: ${DRONE_BRANCH##*/} secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] + target: httpd-php + when: + event: push + branch: release/* + + # Build and push dev release + build-and-push-branch-dev: + image: plugins/docker + repo: fpfis/httpd-php + tags: ${DRONE_BRANCH##*/}-dev + secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] + target: httpd-php-dev when: event: push branch: release/* + # Build and push dev release + build-and-push-branch-full: + image: plugins/docker + repo: fpfis/httpd-php-dev + tags: ${DRONE_BRANCH##*/}-full + secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] + target: httpd-php-full + when: + event: push + branch: release/* + + # Mark production build-and-push-production: image: plugins/docker repo: fpfis/httpd-php tags: production-${DRONE_BRANCH##*/} + target: httpd-php secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] when: event: push From 76fa80c63622a39bd264d819f5d1544e0822f805 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 13:10:39 +0200 Subject: [PATCH 066/117] Moved oci8 to full image --- Dockerfile | 35 ++++++++++++++++++++--------------- 1 file changed, 20 insertions(+), 15 deletions(-) diff --git a/Dockerfile b/Dockerfile index 8bab50a..5bc6e22 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ FROM php:5.6-fpm-stretch as httpd-php -ARG php_modules="soap bz2 calendar exif pdo_mysql opcache zip xsl intl mcrypt mbstring ldap sockets iconv gd oci8" +ARG php_modules="soap bz2 calendar exif pdo_mysql opcache zip xsl intl mcrypt mbstring ldap sockets iconv gd" ARG dev_deps="unzip libxml2-dev libbz2-dev zlib1g-dev libxslt1-dev libmcrypt-dev libldap2-dev libfreetype6-dev libjpeg62-turbo-dev libpng-dev libmemcached-dev" @@ -34,22 +34,13 @@ ENV DAEMON_GROUP "www-data" # Install PHP Modules RUN apt-get update &&\ # APT deps : - apt-get -y install $run_deps &&\ - apt-get -y install $dev_deps &&\ - - # OCI8 deps : - curl https://repo.ne-dev.eu/deb/instantclient-basic-linux.x64-12.2.0.1.0.zip > /tmp/instantclient-basic-linux.zip &&\ - unzip /tmp/instantclient-basic-linux.zip -d /usr/local/ &&\ - curl https://repo.ne-dev.eu/deb/instantclient-sdk-linux.x64-12.2.0.1.0.zip > /tmp/instantclient-sdk-linux.zip &&\ - unzip /tmp/instantclient-sdk-linux.zip -d /usr/local/ &&\ - ln -s /usr/local/instantclient_12_2/libclntsh.so.12.1 /usr/local/instantclient_12_2/libclntsh.so &&\ - echo /usr/local/instantclient_12_2 > /etc/ld.so.conf.d/oracle-instantclient.conf && ldconfig &&\ + apt-get -y install --no-install-recommends $run_deps &&\ + apt-get -y install --no-install-recommends $dev_deps &&\ # Setup modules : docker-php-source extract &&\ docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu/ &&\ docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ &&\ - docker-php-ext-configure oci8 --with-oci8=instantclient,/usr/local/instantclient_12_2 &&\ docker-php-ext-install -j$(nproc) $php_modules &&\ # Setup redis/memcached module : @@ -93,12 +84,26 @@ FROM httpd-php as httpd-php-full RUN apt-get update &&\ mkdir -p /usr/share/man/man1 &&\ - apt-get install -y openjdk-8-jre-headless &&\ + apt-get install --no-install-recommends -y openjdk-8-jre-headless unzip &&\ + # OCI8 deps : + curl https://repo.ne-dev.eu/deb/instantclient-basic-linux.x64-12.2.0.1.0.zip > /tmp/instantclient-basic-linux.zip &&\ + unzip /tmp/instantclient-basic-linux.zip -d /usr/local/ &&\ + curl https://repo.ne-dev.eu/deb/instantclient-sdk-linux.x64-12.2.0.1.0.zip > /tmp/instantclient-sdk-linux.zip &&\ + unzip /tmp/instantclient-sdk-linux.zip -d /usr/local/ &&\ + ln -s /usr/local/instantclient_12_2/libclntsh.so.12.1 /usr/local/instantclient_12_2/libclntsh.so &&\ + echo /usr/local/instantclient_12_2 > /etc/ld.so.conf.d/oracle-instantclient.conf && ldconfig &&\ + # OCI8 build : + docker-php-source extract &&\ + docker-php-ext-configure oci8 --with-oci8=instantclient,/usr/local/instantclient_12_2 &&\ + docker-php-ext-install -j$(nproc) oci8 &&\ + docker-php-source delete &&\ + # Clean : apt-get clean &&\ - rm -rf /var/lib/apt/lists/* + rm -rf /var/lib/apt/lists/* &&\ + rm -rf /tmp/* # Dev image -FROM httpd-php as httpd-php-dev +FROM httpd-php-full as httpd-php-dev RUN docker-php-source extract &&\ pecl install xdebug-2.5.5 &&\ From c3ecb37d44d5d85c6f219595d874b130d845d8a4 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 13:13:40 +0200 Subject: [PATCH 067/117] Updated pipeline --- .drone.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.drone.yml b/.drone.yml index 56e4f32..2235573 100644 --- a/.drone.yml +++ b/.drone.yml @@ -38,7 +38,7 @@ pipeline: # Build and push dev release build-and-push-branch-full: image: plugins/docker - repo: fpfis/httpd-php-dev + repo: fpfis/httpd-php tags: ${DRONE_BRANCH##*/}-full secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] target: httpd-php-full From 0b5de65e5ba4ad0504a6b9e28e0e03c596ea1c7c Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 13:26:54 +0200 Subject: [PATCH 068/117] Updated pipeline --- .drone.yml | 42 ++++++++++++------------------------------ 1 file changed, 12 insertions(+), 30 deletions(-) diff --git a/.drone.yml b/.drone.yml index 2235573..e523749 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,9 +1,15 @@ +matrix: + TARGET: + - httpd-php + - httpd-php-dev + - httpd-php-full + pipeline: # Build and push tags : build-and-push: image: plugins/docker - repo: fpfis/httpd-php - target: httpd-php + repo: fpfis/${TARGET} + target: ${TARGET} secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] tags: - ${DRONE_TAG} @@ -16,45 +22,21 @@ pipeline: # Build and push release build-and-push-branch: image: plugins/docker - repo: fpfis/httpd-php + repo: fpfis/${TARGET} tags: ${DRONE_BRANCH##*/} secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] - target: httpd-php - when: - event: push - branch: release/* - - # Build and push dev release - build-and-push-branch-dev: - image: plugins/docker - repo: fpfis/httpd-php - tags: ${DRONE_BRANCH##*/}-dev - secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] - target: httpd-php-dev + target: ${TARGET} when: event: push branch: release/* - # Build and push dev release - build-and-push-branch-full: - image: plugins/docker - repo: fpfis/httpd-php - tags: ${DRONE_BRANCH##*/}-full - secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] - target: httpd-php-full - when: - event: push - branch: release/* - - # Mark production build-and-push-production: image: plugins/docker - repo: fpfis/httpd-php + repo: fpfis/${TARGET} tags: production-${DRONE_BRANCH##*/} - target: httpd-php + target: ${TARGET} secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] when: event: push branch: production/* - From 1c329224c2f9f08ba5257aaca3b48e37561b446e Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 14:10:27 +0200 Subject: [PATCH 069/117] Added script testing ubuntu build --- Dockerfile | 112 +++------------------------------------- scripts/install-base.sh | 17 ++++++ 2 files changed, 23 insertions(+), 106 deletions(-) create mode 100755 scripts/install-base.sh diff --git a/Dockerfile b/Dockerfile index 5bc6e22..11881cc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,111 +1,11 @@ -FROM php:5.6-fpm-stretch as httpd-php +FROM ubuntu as httpd-php -ARG php_modules="soap bz2 calendar exif pdo_mysql opcache zip xsl intl mcrypt mbstring ldap sockets iconv gd" +ARG php_version="5.6" -ARG dev_deps="unzip libxml2-dev libbz2-dev zlib1g-dev libxslt1-dev libmcrypt-dev libldap2-dev libfreetype6-dev libjpeg62-turbo-dev libpng-dev libmemcached-dev" +ARG php_modules="soap bz2 calendar exif mysql opcache zip xsl intl mcrypt mbstring ldap sockets iconv gd" -ARG run_deps="apache2 supervisor libfreetype6 libjpeg62-turbo libmemcached11 libxml2 libmcrypt4 libldap-common libxslt1.1 libaio1 libmemcachedutil2" +ARG run_deps="apache2 supervisor" +ADD scripts /scripts +RUN /scripts/install-base.sh -ENV DOCUMENT_ROOT /var/www/html -ENV PORT 8080 - -ENV APACHE_EXTRA_CONF "" - -ENV APACHE_EXTRA_CONF_DIR "" - -ENV APACHE_ERROR_LOG /dev/fd/2 - -ENV APACHE_ACCESS_LOG /dev/fd/1 - -ENV FPM_MIN_CHILDREN 3 - -ENV FPM_MAX_CHILDREN 5 - -ENV PHP_ERROR_LOG /dev/fd/2 - -ENV DAEMON_USER "www-data" - -ENV DAEMON_GROUP "www-data" - -### Add ssmtp & bash -#RUN apk add --no-cache ssmtp bash - -# Install PHP Modules -RUN apt-get update &&\ - # APT deps : - apt-get -y install --no-install-recommends $run_deps &&\ - apt-get -y install --no-install-recommends $dev_deps &&\ - - # Setup modules : - docker-php-source extract &&\ - docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu/ &&\ - docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ &&\ - docker-php-ext-install -j$(nproc) $php_modules &&\ - - # Setup redis/memcached module : - pecl install igbinary &&\ - docker-php-ext-enable igbinary &&\ - echo '' | pecl install memcached-2.2.0 &&\ - docker-php-ext-enable memcached &&\ - cd /tmp &&\ - pecl bundle redis &&\ - cd redis &&\ - phpize &&\ - ./configure --enable-redis-igbinary --enable-redis-lzf && make -j && make install &&\ - cd / &&\ - docker-php-source delete &&\ - docker-php-ext-enable redis &&\ - - # Clean our mess - apt-get -y autoremove --purge $dev_deps &&\ - apt-get -y clean &&\ - rm -rf /var/lib/apt/lists/* &&\ - rm -rf /tmp/* &&\ - ln -s /usr/local/etc/ /etc/php - -ADD phpfpm_conf/www.conf /etc/php/php-fpm.d/ -ADD php_conf/ /usr/local/etc/php/conf.d/ - -ADD phpfpm_conf/www.conf /etc/php/php-fpm.d/ - -ADD apache2_conf/ /etc/apache2/ - -ADD supervisor.conf /etc/supervisor/conf.d/php.conf - -ADD run.sh / - -EXPOSE 8080 - -ENTRYPOINT ["/run.sh"] - -# Image with Java -FROM httpd-php as httpd-php-full - -RUN apt-get update &&\ - mkdir -p /usr/share/man/man1 &&\ - apt-get install --no-install-recommends -y openjdk-8-jre-headless unzip &&\ - # OCI8 deps : - curl https://repo.ne-dev.eu/deb/instantclient-basic-linux.x64-12.2.0.1.0.zip > /tmp/instantclient-basic-linux.zip &&\ - unzip /tmp/instantclient-basic-linux.zip -d /usr/local/ &&\ - curl https://repo.ne-dev.eu/deb/instantclient-sdk-linux.x64-12.2.0.1.0.zip > /tmp/instantclient-sdk-linux.zip &&\ - unzip /tmp/instantclient-sdk-linux.zip -d /usr/local/ &&\ - ln -s /usr/local/instantclient_12_2/libclntsh.so.12.1 /usr/local/instantclient_12_2/libclntsh.so &&\ - echo /usr/local/instantclient_12_2 > /etc/ld.so.conf.d/oracle-instantclient.conf && ldconfig &&\ - # OCI8 build : - docker-php-source extract &&\ - docker-php-ext-configure oci8 --with-oci8=instantclient,/usr/local/instantclient_12_2 &&\ - docker-php-ext-install -j$(nproc) oci8 &&\ - docker-php-source delete &&\ - # Clean : - apt-get clean &&\ - rm -rf /var/lib/apt/lists/* &&\ - rm -rf /tmp/* - -# Dev image -FROM httpd-php-full as httpd-php-dev - -RUN docker-php-source extract &&\ - pecl install xdebug-2.5.5 &&\ - docker-php-ext-enable xdebug &&\ - docker-php-source delete \ No newline at end of file diff --git a/scripts/install-base.sh b/scripts/install-base.sh new file mode 100755 index 0000000..6c598af --- /dev/null +++ b/scripts/install-base.sh @@ -0,0 +1,17 @@ +#!bin/bash +set -e +set -x +apt-get update +apt-get install -y software-properties-common +add-apt-repository -y ppa:ondrej/php + + +for module in ${php_modules}; do + modules="php${php_version}-${module} ${modules}" +done + +apt-get install -y php${php_version}-fpm ${modules} + +apt-get autoremove software-properties-common -y --purge +apt-get clean +rm -rf /var/lib/apt/lists/* From a37f49ad76e75428d58fd0335354feeed0ac1f04 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 14:12:49 +0200 Subject: [PATCH 070/117] Added script testing ubuntu build --- scripts/install-base.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install-base.sh b/scripts/install-base.sh index 6c598af..f5feaa4 100755 --- a/scripts/install-base.sh +++ b/scripts/install-base.sh @@ -10,7 +10,7 @@ for module in ${php_modules}; do modules="php${php_version}-${module} ${modules}" done -apt-get install -y php${php_version}-fpm ${modules} +apt-get install -y apache2 php${php_version}-fpm ${modules} apt-get autoremove software-properties-common -y --purge apt-get clean From 57f580e44e601ee4b2b3c0e26be61474f9470c7f Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 14:17:48 +0200 Subject: [PATCH 071/117] Fix questions --- Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Dockerfile b/Dockerfile index 11881cc..d2b0876 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,6 @@ FROM ubuntu as httpd-php +ARG DEBIAN_FRONTEND=noninteractive ARG php_version="5.6" ARG php_modules="soap bz2 calendar exif mysql opcache zip xsl intl mcrypt mbstring ldap sockets iconv gd" From 2c2607c4bd6e9636c6862032a965f67c1153b337 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 14:24:47 +0200 Subject: [PATCH 072/117] Try to combo --- .drone.yml | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/.drone.yml b/.drone.yml index e523749..56ac56f 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,8 +1,10 @@ matrix: + PHP_VERSION: + - 5.6 + - 7.1 TARGET: - httpd-php - httpd-php-dev - - httpd-php-full pipeline: # Build and push tags : @@ -11,21 +13,24 @@ pipeline: repo: fpfis/${TARGET} target: ${TARGET} secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] + build_args: + - php_version: ${PHP_VERSION} tags: - - ${DRONE_TAG} - - ${DRONE_TAG%%-*} - - ${DRONE_BRANCH##*/} + - ${DRONE_TAG}-ubuntu + - ${DRONE_TAG%%-*}-ubuntu + - ${PHP_VERSION}-ubuntu when: event: tag - # Build and push release build-and-push-branch: image: plugins/docker repo: fpfis/${TARGET} - tags: ${DRONE_BRANCH##*/} + tags: ${PHP_VERSION}-ubuntu secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] target: ${TARGET} + build_args: + - php_version: ${PHP_VERSION} when: event: push branch: release/* @@ -34,9 +39,11 @@ pipeline: build-and-push-production: image: plugins/docker repo: fpfis/${TARGET} - tags: production-${DRONE_BRANCH##*/} + tags: production-${PHP_VERSION}-ubuntu target: ${TARGET} secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] + build_args: + - php_version: ${PHP_VERSION} when: event: push branch: production/* From f946d84d3c3c36d1e64e2c7d05d0b7b90ceb0351 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 14:28:57 +0200 Subject: [PATCH 073/117] RTFM --- .drone.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.drone.yml b/.drone.yml index 56ac56f..5496947 100644 --- a/.drone.yml +++ b/.drone.yml @@ -14,7 +14,7 @@ pipeline: target: ${TARGET} secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] build_args: - - php_version: ${PHP_VERSION} + - php_version=${PHP_VERSION} tags: - ${DRONE_TAG}-ubuntu - ${DRONE_TAG%%-*}-ubuntu @@ -30,7 +30,7 @@ pipeline: secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] target: ${TARGET} build_args: - - php_version: ${PHP_VERSION} + - php_version=${PHP_VERSION} when: event: push branch: release/* @@ -43,7 +43,7 @@ pipeline: target: ${TARGET} secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] build_args: - - php_version: ${PHP_VERSION} + - php_version=${PHP_VERSION} when: event: push branch: production/* From 6e33a92692317a0f090f66607d81e255cf2401c5 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 14:30:20 +0200 Subject: [PATCH 074/117] Added supervisor --- scripts/install-base.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install-base.sh b/scripts/install-base.sh index f5feaa4..750f162 100755 --- a/scripts/install-base.sh +++ b/scripts/install-base.sh @@ -10,7 +10,7 @@ for module in ${php_modules}; do modules="php${php_version}-${module} ${modules}" done -apt-get install -y apache2 php${php_version}-fpm ${modules} +apt-get install -y supervisor apache2 php${php_version}-fpm ${modules} apt-get autoremove software-properties-common -y --purge apt-get clean From fe38282877d97dfd365de56353121e149b398f6f Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 14:43:09 +0200 Subject: [PATCH 075/117] Building all --- .drone.yml | 1 + Dockerfile | 5 +++++ scripts/install-dev.sh | 10 ++++++++++ scripts/install-full.sh | 29 +++++++++++++++++++++++++++++ 4 files changed, 45 insertions(+) create mode 100755 scripts/install-dev.sh create mode 100755 scripts/install-full.sh diff --git a/.drone.yml b/.drone.yml index 5496947..c4fc70c 100644 --- a/.drone.yml +++ b/.drone.yml @@ -4,6 +4,7 @@ matrix: - 7.1 TARGET: - httpd-php + - httpd-php-full - httpd-php-dev pipeline: diff --git a/Dockerfile b/Dockerfile index d2b0876..791a9aa 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,3 +10,8 @@ ADD scripts /scripts RUN /scripts/install-base.sh +FROM httpd-php as httpd-php-full +RUN /scripts/install-full.sh + +FROM httpd-php-full as httpd-php-dev +RUN /scripts/install-dev.sh \ No newline at end of file diff --git a/scripts/install-dev.sh b/scripts/install-dev.sh new file mode 100755 index 0000000..105e503 --- /dev/null +++ b/scripts/install-dev.sh @@ -0,0 +1,10 @@ +#!bin/bash +set -e +set -x +apt-get update + +apt-get install -y php${php_version}-xdebug + +apt-get clean +rm -rf /var/lib/apt/lists/* +rm -rf /tmp/* \ No newline at end of file diff --git a/scripts/install-full.sh b/scripts/install-full.sh new file mode 100755 index 0000000..9c8e52c --- /dev/null +++ b/scripts/install-full.sh @@ -0,0 +1,29 @@ +#!bin/bash +set -e +set -x +apt-get update + +# Fix java installation +mkdir -p /usr/share/man/man1 +apt-get install --no-install-recommends -y openjdk-8-jre-headless unzip + +# OCI8 deps : +curl https://repo.ne-dev.eu/deb/instantclient-basic-linux.x64-12.2.0.1.0.zip > /tmp/instantclient-basic-linux.zip +unzip /tmp/instantclient-basic-linux.zip -d /usr/local/ +curl https://repo.ne-dev.eu/deb/instantclient-sdk-linux.x64-12.2.0.1.0.zip > /tmp/instantclient-sdk-linux.zip +unzip /tmp/instantclient-sdk-linux.zip -d /usr/local/ +ln -s /usr/local/instantclient_12_2/libclntsh.so.12.1 /usr/local/instantclient_12_2/libclntsh.so +echo /usr/local/instantclient_12_2 > /etc/ld.so.conf.d/oracle-instantclient.conf && ldconfig + +# OCI8 build : +docker-php-source extract +docker-php-ext-configure oci8 --with-oci8=instantclient,/usr/local/instantclient_12_2 +docker-php-ext-install -j$(nproc) oci8 +docker-php-source delete + +# Clean : + +apt-get autoremove unzip --purge +apt-get clean +rm -rf /var/lib/apt/lists/* +rm -rf /tmp/* \ No newline at end of file From ada7a73c78b9a4e80279b53a1f6868441f478da4 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 14:45:01 +0200 Subject: [PATCH 076/117] Building all --- scripts/install-full.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/install-full.sh b/scripts/install-full.sh index 9c8e52c..e1b8ff9 100755 --- a/scripts/install-full.sh +++ b/scripts/install-full.sh @@ -5,7 +5,7 @@ apt-get update # Fix java installation mkdir -p /usr/share/man/man1 -apt-get install --no-install-recommends -y openjdk-8-jre-headless unzip +apt-get install --no-install-recommends -y openjdk-8-jre-headless curl unzip # OCI8 deps : curl https://repo.ne-dev.eu/deb/instantclient-basic-linux.x64-12.2.0.1.0.zip > /tmp/instantclient-basic-linux.zip @@ -23,7 +23,7 @@ docker-php-source delete # Clean : -apt-get autoremove unzip --purge +apt-get autoremove curl unzip --purge apt-get clean rm -rf /var/lib/apt/lists/* rm -rf /tmp/* \ No newline at end of file From 6dbe6c482e7a8f059168d098f3348d7cc8375874 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 14:45:16 +0200 Subject: [PATCH 077/117] Building all --- scripts/install-dev.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install-dev.sh b/scripts/install-dev.sh index 105e503..29070c5 100755 --- a/scripts/install-dev.sh +++ b/scripts/install-dev.sh @@ -3,7 +3,7 @@ set -e set -x apt-get update -apt-get install -y php${php_version}-xdebug +apt-get install -y php${php_version}-xdebug unzip patch git apt-get clean rm -rf /var/lib/apt/lists/* From 83b108b5184d8e5a63c8fe698f2d307d5543885a Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 15:23:53 +0200 Subject: [PATCH 078/117] Fixing oci8 --- Dockerfile | 6 ++++-- scripts/install-full.sh | 18 +++++++++++------- 2 files changed, 15 insertions(+), 9 deletions(-) diff --git a/Dockerfile b/Dockerfile index 791a9aa..ed8e532 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,15 +2,17 @@ FROM ubuntu as httpd-php ARG DEBIAN_FRONTEND=noninteractive ARG php_version="5.6" - ARG php_modules="soap bz2 calendar exif mysql opcache zip xsl intl mcrypt mbstring ldap sockets iconv gd" - ARG run_deps="apache2 supervisor" + +ENV php_version=${php_version} + ADD scripts /scripts RUN /scripts/install-base.sh FROM httpd-php as httpd-php-full +ARG oci8_version="2.0.12" RUN /scripts/install-full.sh FROM httpd-php-full as httpd-php-dev diff --git a/scripts/install-full.sh b/scripts/install-full.sh index e1b8ff9..8cdf61c 100755 --- a/scripts/install-full.sh +++ b/scripts/install-full.sh @@ -5,7 +5,7 @@ apt-get update # Fix java installation mkdir -p /usr/share/man/man1 -apt-get install --no-install-recommends -y openjdk-8-jre-headless curl unzip +apt-get install --no-install-recommends -y libaio1 openjdk-8-jre-headless curl unzip # OCI8 deps : curl https://repo.ne-dev.eu/deb/instantclient-basic-linux.x64-12.2.0.1.0.zip > /tmp/instantclient-basic-linux.zip @@ -16,14 +16,18 @@ ln -s /usr/local/instantclient_12_2/libclntsh.so.12.1 /usr/local/instantclient_1 echo /usr/local/instantclient_12_2 > /etc/ld.so.conf.d/oracle-instantclient.conf && ldconfig # OCI8 build : -docker-php-source extract -docker-php-ext-configure oci8 --with-oci8=instantclient,/usr/local/instantclient_12_2 -docker-php-ext-install -j$(nproc) oci8 -docker-php-source delete +apt-get install -y php${php_version}-dev +pecl download oci8-${oci8_version} +pushd oci8-${oci8_version} +phpize +./configure --with-oci8=instantclient,/usr/local/instantclient_12_2 +make -j$(nproc) +make install +popd +rm -Rf oci8-${oci8_version} # Clean : - -apt-get autoremove curl unzip --purge +apt-get autoremove curl unzip php${php_version}-dev --purge apt-get clean rm -rf /var/lib/apt/lists/* rm -rf /tmp/* \ No newline at end of file From e917dfa3802961135a358006d42957bb7319fe14 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 15:26:45 +0200 Subject: [PATCH 079/117] Fixing oci8 --- Dockerfile | 2 +- scripts/install-full.sh | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index ed8e532..5a96976 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ FROM ubuntu as httpd-php -ARG DEBIAN_FRONTEND=noninteractive +ENV DEBIAN_FRONTEND=noninteractive ARG php_version="5.6" ARG php_modules="soap bz2 calendar exif mysql opcache zip xsl intl mcrypt mbstring ldap sockets iconv gd" ARG run_deps="apache2 supervisor" diff --git a/scripts/install-full.sh b/scripts/install-full.sh index 8cdf61c..f5c8395 100755 --- a/scripts/install-full.sh +++ b/scripts/install-full.sh @@ -18,13 +18,14 @@ echo /usr/local/instantclient_12_2 > /etc/ld.so.conf.d/oracle-instantclient.conf # OCI8 build : apt-get install -y php${php_version}-dev pecl download oci8-${oci8_version} +tar -xzvf oci8-${oci8_version}.tar.gz pushd oci8-${oci8_version} phpize ./configure --with-oci8=instantclient,/usr/local/instantclient_12_2 make -j$(nproc) make install popd -rm -Rf oci8-${oci8_version} +rm -Rf oci8-${oci8_version} oci8-${oci8_version}.tar.gz # Clean : apt-get autoremove curl unzip php${php_version}-dev --purge From 4489e8f5294a3711a3d02e4b923ab5d7ebf0b963 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 15:30:34 +0200 Subject: [PATCH 080/117] Fixing oci8 --- scripts/install-full.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install-full.sh b/scripts/install-full.sh index f5c8395..91b4f61 100755 --- a/scripts/install-full.sh +++ b/scripts/install-full.sh @@ -18,7 +18,7 @@ echo /usr/local/instantclient_12_2 > /etc/ld.so.conf.d/oracle-instantclient.conf # OCI8 build : apt-get install -y php${php_version}-dev pecl download oci8-${oci8_version} -tar -xzvf oci8-${oci8_version}.tar.gz +tar -xzvf oci8-${oci8_version}.tgz pushd oci8-${oci8_version} phpize ./configure --with-oci8=instantclient,/usr/local/instantclient_12_2 From f0a223091613a0a60030180cc2f365c2ae8ab7e6 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 15:32:52 +0200 Subject: [PATCH 081/117] Fixing oci8 --- scripts/install-full.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install-full.sh b/scripts/install-full.sh index 91b4f61..aa12981 100755 --- a/scripts/install-full.sh +++ b/scripts/install-full.sh @@ -28,7 +28,7 @@ popd rm -Rf oci8-${oci8_version} oci8-${oci8_version}.tar.gz # Clean : -apt-get autoremove curl unzip php${php_version}-dev --purge +apt-get autoremove -y curl unzip php${php_version}-dev --purge apt-get clean rm -rf /var/lib/apt/lists/* rm -rf /tmp/* \ No newline at end of file From 9ac26bdaa4efbc4325456d49f6d2c0c6af383ff7 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 15:36:15 +0200 Subject: [PATCH 082/117] Updated matrix --- .drone.yml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/.drone.yml b/.drone.yml index c4fc70c..27b2eb5 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,8 +1,9 @@ matrix: - PHP_VERSION: - - 5.6 - - 7.1 - TARGET: + - PHP_VERSION: 7.1 + OCI8_VERSION: 2.18 + - PHP_VERSION: 5.6 + OCI8_VERSION: 2.0.12 + - TARGET: - httpd-php - httpd-php-full - httpd-php-dev From 0be6327b78897c70a336e8433d93f247aab64fa6 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 15:39:59 +0200 Subject: [PATCH 083/117] matrix --- .drone.yml | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/.drone.yml b/.drone.yml index 27b2eb5..6f1033d 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,12 +1,20 @@ matrix: - - PHP_VERSION: 7.1 - OCI8_VERSION: 2.18 - - PHP_VERSION: 5.6 - OCI8_VERSION: 2.0.12 - - TARGET: + PHP_VERSION: + - 5.6 + - 7.1 + OCI8_VERSION: + - 2.1.8 + - 2.0.12 + TARGET: - httpd-php - httpd-php-full - httpd-php-dev + include: + - PHP_VERSION: 7.1 + OCI8_VERSION: 2.1.8 + - PHP_VERSION: 5.6 + OCI8_VERSION: 2.0.12 + pipeline: # Build and push tags : From 7ddbfad29431c8febe431649d95487aa5f920499 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 15:40:13 +0200 Subject: [PATCH 084/117] matrix --- .drone.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.drone.yml b/.drone.yml index 6f1033d..a584bef 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,10 +1,4 @@ matrix: - PHP_VERSION: - - 5.6 - - 7.1 - OCI8_VERSION: - - 2.1.8 - - 2.0.12 TARGET: - httpd-php - httpd-php-full From e7e5dc8d3c227559fdc4fde75a20c6a7c8cfdcfb Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 15:40:47 +0200 Subject: [PATCH 085/117] Revert "matrix" This reverts commit 7ddbfad29431c8febe431649d95487aa5f920499. --- .drone.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.drone.yml b/.drone.yml index a584bef..6f1033d 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,4 +1,10 @@ matrix: + PHP_VERSION: + - 5.6 + - 7.1 + OCI8_VERSION: + - 2.1.8 + - 2.0.12 TARGET: - httpd-php - httpd-php-full From 7072b821f0f182db30b52128c35f558648570f59 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 15:44:05 +0200 Subject: [PATCH 086/117] matrix --- .drone.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.drone.yml b/.drone.yml index 6f1033d..edd8cdd 100644 --- a/.drone.yml +++ b/.drone.yml @@ -9,10 +9,10 @@ matrix: - httpd-php - httpd-php-full - httpd-php-dev - include: - - PHP_VERSION: 7.1 + exclude: + - PHP_VERSION: 5.6 OCI8_VERSION: 2.1.8 - - PHP_VERSION: 5.6 + - PHP_VERSION: 7.1 OCI8_VERSION: 2.0.12 From 9cf74542eb45672556fce481b8feea9fe23dc653 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 15:51:25 +0200 Subject: [PATCH 087/117] Okay --- .drone.yml | 29 ++++++++++++++++------------- 1 file changed, 16 insertions(+), 13 deletions(-) diff --git a/.drone.yml b/.drone.yml index edd8cdd..8d23f8d 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,19 +1,19 @@ matrix: - PHP_VERSION: - - 5.6 - - 7.1 - OCI8_VERSION: - - 2.1.8 - - 2.0.12 - TARGET: - - httpd-php - - httpd-php-full - - httpd-php-dev - exclude: - - PHP_VERSION: 5.6 + include: + - PHP_VERSION: 7.1 + TARGET: httpd-php + - PHP_VERSION: 7.1 + TARGET: httpd-php-dev + - PHP_VERSION: 7.1 OCI8_VERSION: 2.1.8 - - PHP_VERSION: 7.1 + TARGET: httpd-php-full + - PHP_VERSION: 5.6 + TARGET: httpd-php + - PHP_VERSION: 5.6 + TARGET: httpd-php-dev + - PHP_VERSION: 5.6 OCI8_VERSION: 2.0.12 + TARGET: httpd-php-full pipeline: @@ -25,6 +25,7 @@ pipeline: secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] build_args: - php_version=${PHP_VERSION} + - oci8_version=${OCI8_VERSION} tags: - ${DRONE_TAG}-ubuntu - ${DRONE_TAG%%-*}-ubuntu @@ -41,6 +42,7 @@ pipeline: target: ${TARGET} build_args: - php_version=${PHP_VERSION} + - oci8_version=${OCI8_VERSION} when: event: push branch: release/* @@ -54,6 +56,7 @@ pipeline: secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] build_args: - php_version=${PHP_VERSION} + - oci8_version=${OCI8_VERSION} when: event: push branch: production/* From a675390911cb79a6ecf5cad455da198d065cb992 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 15:55:20 +0200 Subject: [PATCH 088/117] Added oci8 conf --- scripts/install-full.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/install-full.sh b/scripts/install-full.sh index aa12981..f00b596 100755 --- a/scripts/install-full.sh +++ b/scripts/install-full.sh @@ -26,6 +26,8 @@ make -j$(nproc) make install popd rm -Rf oci8-${oci8_version} oci8-${oci8_version}.tar.gz +echo "extension=oci8.so" > /etc/php/${php_version}/mods-available/oci8.ini +phpenmod oci8 # Clean : apt-get autoremove -y curl unzip php${php_version}-dev --purge From acda3f0a856caca2b61ec5e41f090af5c750b89f Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 15:58:06 +0200 Subject: [PATCH 089/117] Added envs --- .drone.yml | 2 ++ Dockerfile | 1 + 2 files changed, 3 insertions(+) diff --git a/.drone.yml b/.drone.yml index 8d23f8d..efd1f97 100644 --- a/.drone.yml +++ b/.drone.yml @@ -4,6 +4,7 @@ matrix: TARGET: httpd-php - PHP_VERSION: 7.1 TARGET: httpd-php-dev + OCI8_VERSION: 2.1.8 - PHP_VERSION: 7.1 OCI8_VERSION: 2.1.8 TARGET: httpd-php-full @@ -11,6 +12,7 @@ matrix: TARGET: httpd-php - PHP_VERSION: 5.6 TARGET: httpd-php-dev + OCI8_VERSION: 2.0.12 - PHP_VERSION: 5.6 OCI8_VERSION: 2.0.12 TARGET: httpd-php-full diff --git a/Dockerfile b/Dockerfile index 5a96976..62e20b4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -13,6 +13,7 @@ RUN /scripts/install-base.sh FROM httpd-php as httpd-php-full ARG oci8_version="2.0.12" +ENV oci8_version=${oci8_version} RUN /scripts/install-full.sh FROM httpd-php-full as httpd-php-dev From ae95bdec7ad74135f29b2edca58a53ea8bbe450e Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 16:04:55 +0200 Subject: [PATCH 090/117] Tu pousse le bouchon Maurice --- .drone.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.drone.yml b/.drone.yml index efd1f97..04ef255 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,5 +1,12 @@ matrix: include: + - PHP_VERSION: 7.2 + TARGET: httpd-php + - PHP_VERSION: 7.2 + TARGET: httpd-php-dev + OCI8_VERSION: 2.1.8 + - PHP_VERSION: 7.2 + OCI8_VERSION: 2.1.8 - PHP_VERSION: 7.1 TARGET: httpd-php - PHP_VERSION: 7.1 From dd99ab8f788e2ea9fd276aa9326727f00976f1b5 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 16:08:44 +0200 Subject: [PATCH 091/117] Tu pousse le bouchon Maurice --- scripts/install-base.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/scripts/install-base.sh b/scripts/install-base.sh index 750f162..4cf25be 100755 --- a/scripts/install-base.sh +++ b/scripts/install-base.sh @@ -7,6 +7,10 @@ add-apt-repository -y ppa:ondrej/php for module in ${php_modules}; do + if [ "${php_version}" == "7.2" ] && [ "${module}" == "mcrypt" ]; then + echo "WARNING: ${module} not supported on 7.2" + continue + fi modules="php${php_version}-${module} ${modules}" done From 4d892fba0610e80fb4c09a0ae13dabc38b2701d7 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 16:12:27 +0200 Subject: [PATCH 092/117] Fixed 7.2 target issue --- .drone.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.drone.yml b/.drone.yml index 04ef255..eec8698 100644 --- a/.drone.yml +++ b/.drone.yml @@ -7,6 +7,7 @@ matrix: OCI8_VERSION: 2.1.8 - PHP_VERSION: 7.2 OCI8_VERSION: 2.1.8 + TARGET: httpd-php-full - PHP_VERSION: 7.1 TARGET: httpd-php - PHP_VERSION: 7.1 From 67b34502bee4caddae09c0d353e995a44dd356d9 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 16:24:12 +0200 Subject: [PATCH 093/117] added redis and memcached --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 62e20b4..13ae550 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ FROM ubuntu as httpd-php ENV DEBIAN_FRONTEND=noninteractive ARG php_version="5.6" -ARG php_modules="soap bz2 calendar exif mysql opcache zip xsl intl mcrypt mbstring ldap sockets iconv gd" +ARG php_modules="soap bz2 calendar exif mysql opcache zip xsl intl mcrypt mbstring ldap sockets iconv gd redis memcached" ARG run_deps="apache2 supervisor" ENV php_version=${php_version} From b796e2571a19e502e46c80c5224a723779dbdb08 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 22:50:28 +0200 Subject: [PATCH 094/117] Added dev devps --- .drone.yml | 16 ---------------- Dockerfile | 6 +++++- scripts/install-dev.sh | 12 ++++++++++-- 3 files changed, 15 insertions(+), 19 deletions(-) diff --git a/.drone.yml b/.drone.yml index eec8698..0724fae 100644 --- a/.drone.yml +++ b/.drone.yml @@ -27,22 +27,6 @@ matrix: pipeline: - # Build and push tags : - build-and-push: - image: plugins/docker - repo: fpfis/${TARGET} - target: ${TARGET} - secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] - build_args: - - php_version=${PHP_VERSION} - - oci8_version=${OCI8_VERSION} - tags: - - ${DRONE_TAG}-ubuntu - - ${DRONE_TAG%%-*}-ubuntu - - ${PHP_VERSION}-ubuntu - when: - event: tag - # Build and push release build-and-push-branch: image: plugins/docker diff --git a/Dockerfile b/Dockerfile index 13ae550..29fb151 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,4 +17,8 @@ ENV oci8_version=${oci8_version} RUN /scripts/install-full.sh FROM httpd-php-full as httpd-php-dev -RUN /scripts/install-dev.sh \ No newline at end of file +ARG composer_version="1.7.2" +ARG drush_version="8.1.17" +ENV PATH=${PATH}:/root/.composer/vendor/bin +ENV COMPOSER_DISABLE_ROOT_WARN 1 +RUN /scripts/install-dev.sh diff --git a/scripts/install-dev.sh b/scripts/install-dev.sh index 29070c5..e77b944 100755 --- a/scripts/install-dev.sh +++ b/scripts/install-dev.sh @@ -3,8 +3,16 @@ set -e set -x apt-get update -apt-get install -y php${php_version}-xdebug unzip patch git +# Install dev packages : +apt-get install -y php${php_version}-xdebug wget unzip patch git + +# Install PHP dev packages : +wget https://github.com/composer/composer/releases/download/${composer_version}/composer.phar -O /usr/bin/composer +wget https://github.com/drush-ops/drush/releases/download/${drush_version}/drush.phar -O /usr/bin/drush + +chmod +x /usr/bin/composer /usr/bin/drush apt-get clean rm -rf /var/lib/apt/lists/* -rm -rf /tmp/* \ No newline at end of file +rm -rf /tmp/* +rm -Rf /root/.composer/cache From 1e6da4cb83d883ad974047ef2b2a1f71e058e0f9 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 22:58:44 +0200 Subject: [PATCH 095/117] Fixing composer warning on docker builds --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 29fb151..a848bfb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,5 +20,5 @@ FROM httpd-php-full as httpd-php-dev ARG composer_version="1.7.2" ARG drush_version="8.1.17" ENV PATH=${PATH}:/root/.composer/vendor/bin -ENV COMPOSER_DISABLE_ROOT_WARN 1 +ENV COMPOSER_ALLOW_SUPERUSER 1 RUN /scripts/install-dev.sh From f312197aaaabdd1fc6bce376e9510af8e9818aae Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 9 Oct 2018 23:03:47 +0200 Subject: [PATCH 096/117] [CI-SKIP] Cleaning a bit --- install-ext-modules.sh | 94 ---------------------------------------- monitrc | 18 -------- run.sh => scripts/run.sh | 0 3 files changed, 112 deletions(-) delete mode 100755 install-ext-modules.sh delete mode 100644 monitrc rename run.sh => scripts/run.sh (100%) diff --git a/install-ext-modules.sh b/install-ext-modules.sh deleted file mode 100755 index 5fdaeee..0000000 --- a/install-ext-modules.sh +++ /dev/null @@ -1,94 +0,0 @@ -#/bin/sh - -set -xue - -modules="soap bz2 calendar exif pdo_mysql opcache zip xsl intl mcrypt mbstring ldap sockets " - -#Dumb list of dev dependencies... -makedepends=" - autoconf - apache2-dev - aspell-dev - bison - bzip2-dev - curl-dev - db-dev - enchant-dev - freetds-dev - freetype-dev - gdbm-dev - gettext-dev - gmp-dev - icu-dev - imap-dev - krb5-dev - libedit-dev - libical-dev - libjpeg-turbo-dev - libmcrypt-dev - libpng-dev - libressl-dev - libwebp-dev - libxml2-dev - libxpm-dev - libxslt-dev - libzip-dev - net-snmp-dev - openldap-dev - pcre-dev - postgresql-dev - re2c - recode-dev - sqlite-dev - tidyhtml-dev - unixodbc-dev - zlib-dev - libmemcached-dev - " - -apk add --no-cache --virtual .build-deps $makedepends $PHPIZE_DEPS; - -docker-php-source extract; - -# GD - -docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ -docker-php-ext-install gd - -# Igbinary - -pecl install igbinary; - -docker-php-ext-enable igbinary; - -# Memcached - -echo '' | pecl install memcached-2.2.0; - -cd /tmp; - -# Redis - -pecl bundle redis; - -cd redis; - -phpize; - -./configure --enable-redis-igbinary --enable-redis-lzf && make -j && make install; - -cd /; - -rm -rf /tmp/*; - -docker-php-source delete; - -docker-php-ext-enable redis; - -# Others - -docker-php-ext-install $modules; - -apk add --no-cache $( scanelf --needed --nobanner --format '%n#p' --recursive /usr/local | tr ',' '\n' | sort -u | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' ); - -apk del .build-deps diff --git a/monitrc b/monitrc deleted file mode 100644 index a65f461..0000000 --- a/monitrc +++ /dev/null @@ -1,18 +0,0 @@ -set daemon 10 - -set log syslog - -set httpd port 2812 and - use address localhost # only accept connection from localhost - allow localhost # allow localhost to connect to the server and - allow admin:monit # require user 'admin' with password 'monit' - -check process apache with pidfile /run/httpd.pid - start program = "/usr/sbin/httpd" with timeout 60 seconds - stop program = "/usr/sbin/httpd -k stop" - - -check process php-fpm with pidfile /run/php-fpm.pid - start program = "/usr/local/sbin/php-fpm -g /run/php-fpm.pid -D" with timeout 60 seconds - stop program = "/bin/kill `/bin/cat /run/php-fpm.pid`" - diff --git a/run.sh b/scripts/run.sh similarity index 100% rename from run.sh rename to scripts/run.sh From 6a08626fe3e00607768fd947b55629e602e80741 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Wed, 10 Oct 2018 12:11:49 +0200 Subject: [PATCH 097/117] Imported old config --- Dockerfile | 9 +++++++++ php_conf/95-cli.ini | 1 + php_conf/95-dev.ini | 3 +++ scripts/install-dev.sh | 2 +- scripts/run.sh | 18 ++++-------------- supervisor.conf | 5 ++--- 6 files changed, 20 insertions(+), 18 deletions(-) create mode 100644 php_conf/95-cli.ini create mode 100644 php_conf/95-dev.ini diff --git a/Dockerfile b/Dockerfile index a848bfb..d9aefd4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -9,6 +9,13 @@ ENV php_version=${php_version} ADD scripts /scripts RUN /scripts/install-base.sh +ADD supervisor.conf /etc/supervisor/conf.d/services.conf +ADD apache2_conf /etc/apache2 +ADD php_conf /etc/php/${php_version}/mods-available +ADD phpfpm_conf /etc/php/${php_version}/fpm/pool.d +RUN phpenmod 90-common 95-prod +RUN phpenmod -s cli 95-cli +ENTRYPOINT ["/scripts/run.sh"] FROM httpd-php as httpd-php-full @@ -22,3 +29,5 @@ ARG drush_version="8.1.17" ENV PATH=${PATH}:/root/.composer/vendor/bin ENV COMPOSER_ALLOW_SUPERUSER 1 RUN /scripts/install-dev.sh +RUN phpdismod 95-prod +RUN phpendmod 95-dev \ No newline at end of file diff --git a/php_conf/95-cli.ini b/php_conf/95-cli.ini new file mode 100644 index 0000000..4ed7788 --- /dev/null +++ b/php_conf/95-cli.ini @@ -0,0 +1 @@ +memory_limit = 4G \ No newline at end of file diff --git a/php_conf/95-dev.ini b/php_conf/95-dev.ini new file mode 100644 index 0000000..bcadd8b --- /dev/null +++ b/php_conf/95-dev.ini @@ -0,0 +1,3 @@ +expose_php=On +display_errors=On +memory_limit = 512M \ No newline at end of file diff --git a/scripts/install-dev.sh b/scripts/install-dev.sh index e77b944..0ee229f 100755 --- a/scripts/install-dev.sh +++ b/scripts/install-dev.sh @@ -15,4 +15,4 @@ chmod +x /usr/bin/composer /usr/bin/drush apt-get clean rm -rf /var/lib/apt/lists/* rm -rf /tmp/* -rm -Rf /root/.composer/cache +rm -Rf /root/.composer/cache \ No newline at end of file diff --git a/scripts/run.sh b/scripts/run.sh index 41949dd..660403d 100755 --- a/scripts/run.sh +++ b/scripts/run.sh @@ -12,18 +12,8 @@ set -e # Get our command to run export CMD=$@ -# If APACHE_EXTRA_CONF isn't being set outside, set it to an empty value. -if [ -z ${APACHE_EXTRA_CONF} ]; then export APACHE_EXTRA_CONF=""; fi +[ ! -d /run/php ] && mkdir /run/php +[ ! -d /run/apache2 ] && mkdir /run/apache2 -if [ -z "$CMD" ]; then - # If no run command provided, run supervisor as root a: - supervisor -nc /etc/supervisor/supervisord.conf -else - # Run the command as user web - if id -u www-data >/dev/null 2>&1; - then - HOME=/tmp su www-data -c sh -c "$CMD" - else - eval "$CMD" - fi -fi + +supervisord -nc /etc/supervisor/supervisord.conf diff --git a/supervisor.conf b/supervisor.conf index 505a601..c47ecf9 100644 --- a/supervisor.conf +++ b/supervisor.conf @@ -1,5 +1,5 @@ [program:httpd] -command=sh -c ". /etc/apache2/envvars ; apache2 -DFOREGROUND" +command=bash -c 'source /etc/apache2/envvars && exec apache2 -D FOREGROUND' killasgroup=true stopasgroup=true stdout_logfile=/dev/stdout @@ -7,9 +7,8 @@ stdout_logfile_maxbytes=0 stderr_logfile=/dev/stderr stderr_logfile_maxbytes=0 - [program:php] -command=sh -c "/usr/local/sbin/php-fpm -g /run/php-fpm.pid -D" +command=bash -c 'php-fpm%(ENV_php_version)s -g /run/php-fpm.pid -OF' killasgroup=true stopasgroup=true stdout_logfile=/dev/stdout From 02a5e2f1519098843a378fb166b698fb573d5daf Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Wed, 10 Oct 2018 12:18:19 +0200 Subject: [PATCH 098/117] Added yaml to the mix --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index d9aefd4..a79afe7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ FROM ubuntu as httpd-php ENV DEBIAN_FRONTEND=noninteractive ARG php_version="5.6" -ARG php_modules="soap bz2 calendar exif mysql opcache zip xsl intl mcrypt mbstring ldap sockets iconv gd redis memcached" +ARG php_modules="soap bz2 calendar exif mysql opcache zip xsl intl mcrypt yaml mbstring ldap sockets iconv gd redis memcached" ARG run_deps="apache2 supervisor" ENV php_version=${php_version} From 9100a7cc2febb0ecae42a6375947766f59128d8c Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Wed, 10 Oct 2018 12:19:41 +0200 Subject: [PATCH 099/117] Fixed typo --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index a79afe7..f445dab 100644 --- a/Dockerfile +++ b/Dockerfile @@ -30,4 +30,4 @@ ENV PATH=${PATH}:/root/.composer/vendor/bin ENV COMPOSER_ALLOW_SUPERUSER 1 RUN /scripts/install-dev.sh RUN phpdismod 95-prod -RUN phpendmod 95-dev \ No newline at end of file +RUN phpenmod 95-dev \ No newline at end of file From f9e73643871ced320e6a26e22b02763275973eb8 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Wed, 10 Oct 2018 12:24:53 +0200 Subject: [PATCH 100/117] Added default FPM configuration --- Dockerfile | 2 + phpfpm_conf/www.conf | 410 +------------------------------------------ 2 files changed, 3 insertions(+), 409 deletions(-) diff --git a/Dockerfile b/Dockerfile index f445dab..43c0966 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,6 +6,8 @@ ARG php_modules="soap bz2 calendar exif mysql opcache zip xsl intl mcrypt yaml m ARG run_deps="apache2 supervisor" ENV php_version=${php_version} +ENV FPM_MAX_CHILDREN=5 +ENV FPM_MIN_CHILDREN=2 ADD scripts /scripts RUN /scripts/install-base.sh diff --git a/phpfpm_conf/www.conf b/phpfpm_conf/www.conf index a87e065..3ec21f7 100644 --- a/phpfpm_conf/www.conf +++ b/phpfpm_conf/www.conf @@ -1,419 +1,11 @@ -; Start a new pool named 'www'. -; the variable $pool can be used in any directive and will be replaced by the -; pool name ('www' here) [www] -; Per pool prefix -; It only applies on the following directives: -; - 'access.log' -; - 'slowlog' -; - 'listen' (unixsocket) -; - 'chroot' -; - 'chdir' -; - 'php_values' -; - 'php_admin_values' -; When not set, the global prefix (or NONE) applies instead. -; Note: This directive can also be relative to the global prefix. -; Default Value: none -;prefix = /path/to/pools/$pool - -; Unix user/group of processes -; Note: The user is mandatory. If the group is not set, the default user's group -; will be used. user = ${DAEMON_USER} group = ${DAEMON_USER} -; The address on which to accept FastCGI requests. -; Valid syntaxes are: -; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on -; a specific port; -; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on -; a specific port; -; 'port' - to listen on a TCP socket to all addresses -; (IPv6 and IPv4-mapped) on a specific port; -; '/path/to/unix/socket' - to listen on a unix socket. -; Note: This value is mandatory. listen = 127.0.0.1:9000 -; Set listen(2) backlog. -; Default Value: 511 (-1 on FreeBSD and OpenBSD) -;listen.backlog = 511 - -; Set permissions for unix socket, if one is used. In Linux, read/write -; permissions must be set in order to allow connections from a web server. Many -; BSD-derived systems allow connections regardless of permissions. -; Default Values: user and group are set as the running user -; mode is set to 0660 -;listen.owner = www-data -;listen.group = www-data -;listen.mode = 0660 -; When POSIX Access Control Lists are supported you can set them using -; these options, value is a comma separated list of user/group names. -; When set, listen.owner and listen.group are ignored -;listen.acl_users = -;listen.acl_groups = - -; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. -; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original -; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address -; must be separated by a comma. If this value is left blank, connections will be -; accepted from any ip address. -; Default Value: any -;listen.allowed_clients = 127.0.0.1 - -; Specify the nice(2) priority to apply to the pool processes (only if set) -; The value can vary from -19 (highest priority) to 20 (lower priority) -; Note: - It will only work if the FPM master process is launched as root -; - The pool processes will inherit the master process priority -; unless it specified otherwise -; Default Value: no set -; process.priority = -19 - -; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user -; or group is differrent than the master process user. It allows to create process -; core dump and ptrace the process for the pool user. -; Default Value: no -; process.dumpable = yes - -; Choose how the process manager will control the number of child processes. -; Possible Values: -; static - a fixed number (pm.max_children) of child processes; -; dynamic - the number of child processes are set dynamically based on the -; following directives. With this process management, there will be -; always at least 1 children. -; pm.max_children - the maximum number of children that can -; be alive at the same time. -; pm.start_servers - the number of children created on startup. -; pm.min_spare_servers - the minimum number of children in 'idle' -; state (waiting to process). If the number -; of 'idle' processes is less than this -; number then some children will be created. -; pm.max_spare_servers - the maximum number of children in 'idle' -; state (waiting to process). If the number -; of 'idle' processes is greater than this -; number then some children will be killed. -; ondemand - no children are created at startup. Children will be forked when -; new requests will connect. The following parameter are used: -; pm.max_children - the maximum number of children that -; can be alive at the same time. -; pm.process_idle_timeout - The number of seconds after which -; an idle process will be killed. -; Note: This value is mandatory. pm = dynamic - -; The number of child processes to be created when pm is set to 'static' and the -; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. -; This value sets the limit on the number of simultaneous requests that will be -; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. -; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP -; CGI. The below defaults are based on a server without much resources. Don't -; forget to tweak pm.* to fit your needs. -; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' -; Note: This value is mandatory. pm.max_children = ${FPM_MAX_CHILDREN} - -; The number of child processes created on startup. -; Note: Used only when pm is set to 'dynamic' -; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 -;pm.start_servers = ${FPM_START_CHILDREN} - -; The desired minimum number of idle server processes. -; Note: Used only when pm is set to 'dynamic' -; Note: Mandatory when pm is set to 'dynamic' pm.min_spare_servers = ${FPM_MIN_CHILDREN} - -; The desired maximum number of idle server processes. -; Note: Used only when pm is set to 'dynamic' -; Note: Mandatory when pm is set to 'dynamic' -pm.max_spare_servers = ${FPM_MAX_CHILDREN} - -; The number of seconds after which an idle process will be killed. -; Note: Used only when pm is set to 'ondemand' -; Default Value: 10s -;pm.process_idle_timeout = 10s; - -; The number of requests each child process should execute before respawning. -; This can be useful to work around memory leaks in 3rd party libraries. For -; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. -; Default Value: 0 -;pm.max_requests = 500 - -; The URI to view the FPM status page. If this value is not set, no URI will be -; recognized as a status page. It shows the following informations: -; pool - the name of the pool; -; process manager - static, dynamic or ondemand; -; start time - the date and time FPM has started; -; start since - number of seconds since FPM has started; -; accepted conn - the number of request accepted by the pool; -; listen queue - the number of request in the queue of pending -; connections (see backlog in listen(2)); -; max listen queue - the maximum number of requests in the queue -; of pending connections since FPM has started; -; listen queue len - the size of the socket queue of pending connections; -; idle processes - the number of idle processes; -; active processes - the number of active processes; -; total processes - the number of idle + active processes; -; max active processes - the maximum number of active processes since FPM -; has started; -; max children reached - number of times, the process limit has been reached, -; when pm tries to start more children (works only for -; pm 'dynamic' and 'ondemand'); -; Value are updated in real time. -; Example output: -; pool: www -; process manager: static -; start time: 01/Jul/2011:17:53:49 +0200 -; start since: 62636 -; accepted conn: 190460 -; listen queue: 0 -; max listen queue: 1 -; listen queue len: 42 -; idle processes: 4 -; active processes: 11 -; total processes: 15 -; max active processes: 12 -; max children reached: 0 -; -; By default the status page output is formatted as text/plain. Passing either -; 'html', 'xml' or 'json' in the query string will return the corresponding -; output syntax. Example: -; http://www.foo.bar/status -; http://www.foo.bar/status?json -; http://www.foo.bar/status?html -; http://www.foo.bar/status?xml -; -; By default the status page only outputs short status. Passing 'full' in the -; query string will also return status for each pool process. -; Example: -; http://www.foo.bar/status?full -; http://www.foo.bar/status?json&full -; http://www.foo.bar/status?html&full -; http://www.foo.bar/status?xml&full -; The Full status returns for each process: -; pid - the PID of the process; -; state - the state of the process (Idle, Running, ...); -; start time - the date and time the process has started; -; start since - the number of seconds since the process has started; -; requests - the number of requests the process has served; -; request duration - the duration in µs of the requests; -; request method - the request method (GET, POST, ...); -; request URI - the request URI with the query string; -; content length - the content length of the request (only with POST); -; user - the user (PHP_AUTH_USER) (or '-' if not set); -; script - the main script called (or '-' if not set); -; last request cpu - the %cpu the last request consumed -; it's always 0 if the process is not in Idle state -; because CPU calculation is done when the request -; processing has terminated; -; last request memory - the max amount of memory the last request consumed -; it's always 0 if the process is not in Idle state -; because memory calculation is done when the request -; processing has terminated; -; If the process is in Idle state, then informations are related to the -; last request the process has served. Otherwise informations are related to -; the current request being served. -; Example output: -; ************************ -; pid: 31330 -; state: Running -; start time: 01/Jul/2011:17:53:49 +0200 -; start since: 63087 -; requests: 12808 -; request duration: 1250261 -; request method: GET -; request URI: /test_mem.php?N=10000 -; content length: 0 -; user: - -; script: /home/fat/web/docs/php/test_mem.php -; last request cpu: 0.00 -; last request memory: 0 -; -; Note: There is a real-time FPM status monitoring sample web page available -; It's available in: /usr/local/share/php/fpm/status.html -; -; Note: The value must start with a leading slash (/). The value can be -; anything, but it may not be a good idea to use the .php extension or it -; may conflict with a real PHP file. -; Default Value: not set -;pm.status_path = /status - -; The ping URI to call the monitoring page of FPM. If this value is not set, no -; URI will be recognized as a ping page. This could be used to test from outside -; that FPM is alive and responding, or to -; - create a graph of FPM availability (rrd or such); -; - remove a server from a group if it is not responding (load balancing); -; - trigger alerts for the operating team (24/7). -; Note: The value must start with a leading slash (/). The value can be -; anything, but it may not be a good idea to use the .php extension or it -; may conflict with a real PHP file. -; Default Value: not set -;ping.path = /ping - -; This directive may be used to customize the response of a ping request. The -; response is formatted as text/plain with a 200 response code. -; Default Value: pong -;ping.response = pong - -; The access log file -; Default: not set -;access.log = log/$pool.access.log - -; The access log format. -; The following syntax is allowed -; %%: the '%' character -; %C: %CPU used by the request -; it can accept the following format: -; - %{user}C for user CPU only -; - %{system}C for system CPU only -; - %{total}C for user + system CPU (default) -; %d: time taken to serve the request -; it can accept the following format: -; - %{seconds}d (default) -; - %{miliseconds}d -; - %{mili}d -; - %{microseconds}d -; - %{micro}d -; %e: an environment variable (same as $_ENV or $_SERVER) -; it must be associated with embraces to specify the name of the env -; variable. Some exemples: -; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e -; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e -; %f: script filename -; %l: content-length of the request (for POST request only) -; %m: request method -; %M: peak of memory allocated by PHP -; it can accept the following format: -; - %{bytes}M (default) -; - %{kilobytes}M -; - %{kilo}M -; - %{megabytes}M -; - %{mega}M -; %n: pool name -; %o: output header -; it must be associated with embraces to specify the name of the header: -; - %{Content-Type}o -; - %{X-Powered-By}o -; - %{Transfert-Encoding}o -; - .... -; %p: PID of the child that serviced the request -; %P: PID of the parent of the child that serviced the request -; %q: the query string -; %Q: the '?' character if query string exists -; %r: the request URI (without the query string, see %q and %Q) -; %R: remote IP address -; %s: status (response code) -; %t: server time the request was received -; it can accept a strftime(3) format: -; %d/%b/%Y:%H:%M:%S %z (default) -; The strftime(3) format must be encapsuled in a %{}t tag -; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t -; %T: time the log has been written (the request has finished) -; it can accept a strftime(3) format: -; %d/%b/%Y:%H:%M:%S %z (default) -; The strftime(3) format must be encapsuled in a %{}t tag -; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t -; %u: remote user -; -; Default: "%R - %u %t \"%m %r\" %s" -;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" - -; The log file for slow requests -; Default Value: not set -; Note: slowlog is mandatory if request_slowlog_timeout is set -;slowlog = log/$pool.log.slow - -; The timeout for serving a single request after which a PHP backtrace will be -; dumped to the 'slowlog' file. A value of '0s' means 'off'. -; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) -; Default Value: 0 -;request_slowlog_timeout = 0 - -; The timeout for serving a single request after which the worker process will -; be killed. This option should be used when the 'max_execution_time' ini option -; does not stop script execution for some reason. A value of '0' means 'off'. -; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) -; Default Value: 0 -;request_terminate_timeout = 0 - -; Set open file descriptor rlimit. -; Default Value: system defined value -;rlimit_files = 1024 - -; Set max core size rlimit. -; Possible Values: 'unlimited' or an integer greater or equal to 0 -; Default Value: system defined value -;rlimit_core = 0 - -; Chroot to this directory at the start. This value must be defined as an -; absolute path. When this value is not set, chroot is not used. -; Note: you can prefix with '$prefix' to chroot to the pool prefix or one -; of its subdirectories. If the pool prefix is not set, the global prefix -; will be used instead. -; Note: chrooting is a great security feature and should be used whenever -; possible. However, all PHP paths will be relative to the chroot -; (error_log, sessions.save_path, ...). -; Default Value: not set -;chroot = - -; Chdir to this directory at the start. -; Note: relative path can be used. -; Default Value: current directory or / when chroot -;chdir = /var/www - -; Redirect worker stdout and stderr into main error log. If not set, stdout and -; stderr will be redirected to /dev/null according to FastCGI specs. -; Note: on highloaded environement, this can cause some delay in the page -; process time (several ms). -; Default Value: no -;catch_workers_output = yes - -; Clear environment in FPM workers -; Prevents arbitrary environment variables from reaching FPM worker processes -; by clearing the environment in workers before env vars specified in this -; pool configuration are added. -; Setting to "no" will make all environment variables available to PHP code -; via getenv(), $_ENV and $_SERVER. -; Default Value: yes -;clear_env = no - -; Limits the extensions of the main script FPM will allow to parse. This can -; prevent configuration mistakes on the web server side. You should only limit -; FPM to .php extensions to prevent malicious users to use other extensions to -; execute php code. -; Note: set an empty value to allow all extensions. -; Default Value: .php -;security.limit_extensions = .php .php3 .php4 .php5 .php7 - -; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from -; the current environment. -; Default Value: clean env -;env[HOSTNAME] = $HOSTNAME -;env[PATH] = /usr/local/bin:/usr/bin:/bin -;env[TMP] = /tmp -;env[TMPDIR] = /tmp -;env[TEMP] = /tmp - -; Additional php.ini defines, specific to this pool of workers. These settings -; overwrite the values previously defined in the php.ini. The directives are the -; same as the PHP SAPI: -; php_value/php_flag - you can set classic ini defines which can -; be overwritten from PHP call 'ini_set'. -; php_admin_value/php_admin_flag - these directives won't be overwritten by -; PHP call 'ini_set' -; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. - -; Defining 'extension' will load the corresponding shared extension from -; extension_dir. Defining 'disable_functions' or 'disable_classes' will not -; overwrite previously defined php.ini values, but will append the new value -; instead. - -; Note: path INI options can be relative and will be expanded with the prefix -; (pool, global or /usr/local) - -; Default Value: nothing is defined by default except the values in php.ini and -; specified at startup with the -d argument -;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com -;php_flag[display_errors] = off -;php_admin_value[error_log] = /var/log/fpm-php.www.log -;php_admin_flag[log_errors] = on -;php_admin_value[memory_limit] = 32M +pm.max_spare_servers = ${FPM_MAX_CHILDREN} \ No newline at end of file From eb47dcf895b523970e40f9eb8281585ef3fcc950 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Wed, 10 Oct 2018 12:27:49 +0200 Subject: [PATCH 101/117] Added default values --- Dockerfile | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 43c0966..5ae9a57 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,9 +5,11 @@ ARG php_version="5.6" ARG php_modules="soap bz2 calendar exif mysql opcache zip xsl intl mcrypt yaml mbstring ldap sockets iconv gd redis memcached" ARG run_deps="apache2 supervisor" -ENV php_version=${php_version} -ENV FPM_MAX_CHILDREN=5 -ENV FPM_MIN_CHILDREN=2 +ENV php_version=${php_version} \ + FPM_MAX_CHILDREN=5 \ + FPM_MIN_CHILDREN=2 \ + DAEMON_USER=www-data \ + DOCUMENT_ROOT=/var/www/html ADD scripts /scripts RUN /scripts/install-base.sh From 6576d492ef59cdd99eb6de6425fe3c9193f040ca Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Wed, 10 Oct 2018 13:37:09 +0200 Subject: [PATCH 102/117] Updated config, now running state --- Dockerfile | 21 ++++++++++----- apache2_conf/{httpd.conf => apache2.conf} | 18 ++++++++----- .../{conf.d => conf-available}/php.conf | 0 .../{conf.d => conf-available}/prod.conf | 0 apache2_conf/modules.conf | 27 ------------------- supervisor.conf => supervisor_conf/httpd.conf | 9 ------- supervisor_conf/php.conf | 8 ++++++ 7 files changed, 33 insertions(+), 50 deletions(-) rename apache2_conf/{httpd.conf => apache2.conf} (77%) rename apache2_conf/{conf.d => conf-available}/php.conf (100%) rename apache2_conf/{conf.d => conf-available}/prod.conf (100%) delete mode 100644 apache2_conf/modules.conf rename supervisor.conf => supervisor_conf/httpd.conf (50%) create mode 100644 supervisor_conf/php.conf diff --git a/Dockerfile b/Dockerfile index 5ae9a57..c3a2414 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,22 +3,28 @@ FROM ubuntu as httpd-php ENV DEBIAN_FRONTEND=noninteractive ARG php_version="5.6" ARG php_modules="soap bz2 calendar exif mysql opcache zip xsl intl mcrypt yaml mbstring ldap sockets iconv gd redis memcached" -ARG run_deps="apache2 supervisor" ENV php_version=${php_version} \ FPM_MAX_CHILDREN=5 \ FPM_MIN_CHILDREN=2 \ DAEMON_USER=www-data \ + DAEMON_GROUP=www-data \ + HTTP_PORT=8080 \ + APACHE_ERROR_LOG=/dev/stderr \ + APACHE_ACCESS_LOG=/dev/stdout \ + PHP_ERROR_LOG=/dev/stderr \ DOCUMENT_ROOT=/var/www/html ADD scripts /scripts RUN /scripts/install-base.sh -ADD supervisor.conf /etc/supervisor/conf.d/services.conf +ADD supervisor_conf /etc/supervisor/conf.d ADD apache2_conf /etc/apache2 ADD php_conf /etc/php/${php_version}/mods-available ADD phpfpm_conf /etc/php/${php_version}/fpm/pool.d -RUN phpenmod 90-common 95-prod -RUN phpenmod -s cli 95-cli +RUN phpenmod 90-common 95-prod && \ + phpenmod -s cli 95-cli && \ + a2enmod proxy_fcgi && \ + a2enconf php prod ENTRYPOINT ["/scripts/run.sh"] @@ -32,6 +38,7 @@ ARG composer_version="1.7.2" ARG drush_version="8.1.17" ENV PATH=${PATH}:/root/.composer/vendor/bin ENV COMPOSER_ALLOW_SUPERUSER 1 -RUN /scripts/install-dev.sh -RUN phpdismod 95-prod -RUN phpenmod 95-dev \ No newline at end of file +RUN /scripts/install-dev.sh && \ + phpdismod 95-prod && \ + phpenmod 95-dev && \ + a2disconf prod \ No newline at end of file diff --git a/apache2_conf/httpd.conf b/apache2_conf/apache2.conf similarity index 77% rename from apache2_conf/httpd.conf rename to apache2_conf/apache2.conf index 1c83d47..30c11d4 100644 --- a/apache2_conf/httpd.conf +++ b/apache2_conf/apache2.conf @@ -1,7 +1,6 @@ ServerRoot "/etc/apache2" -PidFile /run/httpd.pid -Listen ${PORT} -Include modules.conf +PidFile /run/apache2.pid +Listen ${HTTP_PORT} User ${DAEMON_USER} Group ${DAEMON_GROUP} @@ -9,6 +8,9 @@ Group ${DAEMON_GROUP} ServerAdmin root@localhost +# Include module configuration: +IncludeOptional mods-enabled/*.load +IncludeOptional mods-enabled/*.conf AllowOverride none @@ -64,7 +66,7 @@ LogLevel notice - TypesConfig mime.types + TypesConfig /etc/mime.types AddType application/x-compress .Z AddType application/x-gzip .gz .tgz @@ -82,8 +84,10 @@ AddDefaultCharset UTF-8 EnableSendfile on -${APACHE_EXTRA_CONF} -IncludeOptional ${APACHE_EXTRA_CONF_DIR}/*.conf +# Include of directories ignores editors' and dpkg's backup files, +# Include generic snippets of statements +IncludeOptional conf-enabled/*.conf -IncludeOptional conf.d/*.conf \ No newline at end of file +# Allow to provide files through volumes +IncludeOptional /etc/apache2/conf.d/*.conf diff --git a/apache2_conf/conf.d/php.conf b/apache2_conf/conf-available/php.conf similarity index 100% rename from apache2_conf/conf.d/php.conf rename to apache2_conf/conf-available/php.conf diff --git a/apache2_conf/conf.d/prod.conf b/apache2_conf/conf-available/prod.conf similarity index 100% rename from apache2_conf/conf.d/prod.conf rename to apache2_conf/conf-available/prod.conf diff --git a/apache2_conf/modules.conf b/apache2_conf/modules.conf deleted file mode 100644 index 6856e06..0000000 --- a/apache2_conf/modules.conf +++ /dev/null @@ -1,27 +0,0 @@ -LoadModule mpm_prefork_module modules/mod_mpm_prefork.so -LoadModule authn_file_module modules/mod_authn_file.so -LoadModule authn_core_module modules/mod_authn_core.so -LoadModule authz_host_module modules/mod_authz_host.so -LoadModule authz_groupfile_module modules/mod_authz_groupfile.so -LoadModule authz_user_module modules/mod_authz_user.so -LoadModule authz_core_module modules/mod_authz_core.so -LoadModule access_compat_module modules/mod_access_compat.so -LoadModule auth_basic_module modules/mod_auth_basic.so -LoadModule reqtimeout_module modules/mod_reqtimeout.so -LoadModule filter_module modules/mod_filter.so -LoadModule mime_module modules/mod_mime.so -LoadModule log_config_module modules/mod_log_config.so -LoadModule env_module modules/mod_env.so -LoadModule headers_module modules/mod_headers.so -LoadModule setenvif_module modules/mod_setenvif.so -LoadModule version_module modules/mod_version.so -LoadModule slotmem_shm_module modules/mod_slotmem_shm.so -LoadModule unixd_module modules/mod_unixd.so -LoadModule status_module modules/mod_status.so -LoadModule autoindex_module modules/mod_autoindex.so -LoadModule dir_module modules/mod_dir.so -LoadModule alias_module modules/mod_alias.so -LoadModule negotiation_module modules/mod_negotiation.so -LoadModule proxy_module modules/mod_proxy.so -LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so -LoadModule rewrite_module modules/mod_rewrite.so diff --git a/supervisor.conf b/supervisor_conf/httpd.conf similarity index 50% rename from supervisor.conf rename to supervisor_conf/httpd.conf index c47ecf9..6538f09 100644 --- a/supervisor.conf +++ b/supervisor_conf/httpd.conf @@ -5,13 +5,4 @@ stopasgroup=true stdout_logfile=/dev/stdout stdout_logfile_maxbytes=0 stderr_logfile=/dev/stderr -stderr_logfile_maxbytes=0 - -[program:php] -command=bash -c 'php-fpm%(ENV_php_version)s -g /run/php-fpm.pid -OF' -killasgroup=true -stopasgroup=true -stdout_logfile=/dev/stdout -stdout_logfile_maxbytes=0 -stderr_logfile=/dev/stderr stderr_logfile_maxbytes=0 \ No newline at end of file diff --git a/supervisor_conf/php.conf b/supervisor_conf/php.conf new file mode 100644 index 0000000..64d9e3b --- /dev/null +++ b/supervisor_conf/php.conf @@ -0,0 +1,8 @@ +[program:php] +command=bash -c 'php-fpm%(ENV_php_version)s -g /run/php-fpm.pid -OF' +killasgroup=true +stopasgroup=true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 \ No newline at end of file From f8f26030a4bba507cbc90557ad5b6e61534c3bc7 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Wed, 10 Oct 2018 13:56:10 +0200 Subject: [PATCH 103/117] Fixed a few settings, added FPM port selection --- Dockerfile | 1 + apache2_conf/conf-available/php.conf | 2 +- phpfpm_conf/www.conf | 2 +- scripts/run.sh | 8 +++++++- 4 files changed, 10 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index c3a2414..91468b3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,6 +10,7 @@ ENV php_version=${php_version} \ DAEMON_USER=www-data \ DAEMON_GROUP=www-data \ HTTP_PORT=8080 \ + FPM_PORT=9000 \ APACHE_ERROR_LOG=/dev/stderr \ APACHE_ACCESS_LOG=/dev/stdout \ PHP_ERROR_LOG=/dev/stderr \ diff --git a/apache2_conf/conf-available/php.conf b/apache2_conf/conf-available/php.conf index 18db1c9..4769d3c 100644 --- a/apache2_conf/conf-available/php.conf +++ b/apache2_conf/conf-available/php.conf @@ -1,2 +1,2 @@ -ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/${DOCUMENT_ROOT}/$1 +ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:${FPM_PORT}/${DOCUMENT_ROOT}/$1 DirectoryIndex index.php index.html \ No newline at end of file diff --git a/phpfpm_conf/www.conf b/phpfpm_conf/www.conf index 3ec21f7..fde8455 100644 --- a/phpfpm_conf/www.conf +++ b/phpfpm_conf/www.conf @@ -3,7 +3,7 @@ user = ${DAEMON_USER} group = ${DAEMON_USER} -listen = 127.0.0.1:9000 +listen = 127.0.0.1:${FPM_PORT} pm = dynamic pm.max_children = ${FPM_MAX_CHILDREN} diff --git a/scripts/run.sh b/scripts/run.sh index 660403d..c014bda 100755 --- a/scripts/run.sh +++ b/scripts/run.sh @@ -16,4 +16,10 @@ export CMD=$@ [ ! -d /run/apache2 ] && mkdir /run/apache2 -supervisord -nc /etc/supervisor/supervisord.conf +if [ -z "${CMD}" ]; then + # As root, let daemon handle the rest + supervisord -nc /etc/supervisor/supervisord.conf +else + # TODO : us ref_dir's permissions to use it's UID + exec ${CMD} +fi From e5c603a01d448f7c29fd58845a04ad240a6162a4 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Wed, 10 Oct 2018 13:58:26 +0200 Subject: [PATCH 104/117] Added rewrite --- Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 91468b3..32590f0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,6 +3,7 @@ FROM ubuntu as httpd-php ENV DEBIAN_FRONTEND=noninteractive ARG php_version="5.6" ARG php_modules="soap bz2 calendar exif mysql opcache zip xsl intl mcrypt yaml mbstring ldap sockets iconv gd redis memcached" +ARG apache2_modules="proxy_fcgi rewrite" ENV php_version=${php_version} \ FPM_MAX_CHILDREN=5 \ @@ -24,7 +25,7 @@ ADD php_conf /etc/php/${php_version}/mods-available ADD phpfpm_conf /etc/php/${php_version}/fpm/pool.d RUN phpenmod 90-common 95-prod && \ phpenmod -s cli 95-cli && \ - a2enmod proxy_fcgi && \ + a2enmod ${apache2_modules} && \ a2enconf php prod ENTRYPOINT ["/scripts/run.sh"] From 498b321620c4808322928559bed1af52bc0a38fe Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Wed, 10 Oct 2018 14:03:56 +0200 Subject: [PATCH 105/117] [CI SKIP] Commented Dockerfile --- Dockerfile | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 32590f0..6323489 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,10 +1,14 @@ +## Base PHP image : + FROM ubuntu as httpd-php +# Build arguments ENV DEBIAN_FRONTEND=noninteractive ARG php_version="5.6" ARG php_modules="soap bz2 calendar exif mysql opcache zip xsl intl mcrypt yaml mbstring ldap sockets iconv gd redis memcached" ARG apache2_modules="proxy_fcgi rewrite" +# Default configuration and environment ENV php_version=${php_version} \ FPM_MAX_CHILDREN=5 \ FPM_MIN_CHILDREN=2 \ @@ -17,24 +21,30 @@ ENV php_version=${php_version} \ PHP_ERROR_LOG=/dev/stderr \ DOCUMENT_ROOT=/var/www/html +# Add our setup scripts and run the base one ADD scripts /scripts RUN /scripts/install-base.sh + +# Add our specific configuration ADD supervisor_conf /etc/supervisor/conf.d ADD apache2_conf /etc/apache2 ADD php_conf /etc/php/${php_version}/mods-available ADD phpfpm_conf /etc/php/${php_version}/fpm/pool.d + +# Enable our specific configuration RUN phpenmod 90-common 95-prod && \ phpenmod -s cli 95-cli && \ a2enmod ${apache2_modules} && \ a2enconf php prod ENTRYPOINT ["/scripts/run.sh"] - +## Full PHP images ( adds Java, OCI, and other heavy runtime libs ) FROM httpd-php as httpd-php-full ARG oci8_version="2.0.12" ENV oci8_version=${oci8_version} RUN /scripts/install-full.sh +## Based on the full image ( adds developement tools ) FROM httpd-php-full as httpd-php-dev ARG composer_version="1.7.2" ARG drush_version="8.1.17" From d3e5d88a0ba99c81bccb6913dcac8e1cc3573206 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Wed, 10 Oct 2018 14:33:34 +0200 Subject: [PATCH 106/117] Modified log config, added settings for most common variables --- Dockerfile | 10 ++++++---- php_conf/90-common.ini | 9 ++++----- phpfpm_conf/www.conf | 4 +++- 3 files changed, 13 insertions(+), 10 deletions(-) diff --git a/Dockerfile b/Dockerfile index 6323489..f0b93ea 100644 --- a/Dockerfile +++ b/Dockerfile @@ -16,9 +16,11 @@ ENV php_version=${php_version} \ DAEMON_GROUP=www-data \ HTTP_PORT=8080 \ FPM_PORT=9000 \ - APACHE_ERROR_LOG=/dev/stderr \ - APACHE_ACCESS_LOG=/dev/stdout \ - PHP_ERROR_LOG=/dev/stderr \ + APACHE_ERROR_LOG=/proc/self/fd/2 \ + APACHE_ACCESS_LOG=/proc/self/fd/1 \ + PHP_MAX_EXECUTION_TIME=30 \ + PHP_MAX_INPUT_TIME=30 \ + PHP_MEMORY_LIMIT=512M \ DOCUMENT_ROOT=/var/www/html # Add our setup scripts and run the base one @@ -53,4 +55,4 @@ ENV COMPOSER_ALLOW_SUPERUSER 1 RUN /scripts/install-dev.sh && \ phpdismod 95-prod && \ phpenmod 95-dev && \ - a2disconf prod \ No newline at end of file + a2disconf prod diff --git a/php_conf/90-common.ini b/php_conf/90-common.ini index 3ab02e8..d6cefb8 100644 --- a/php_conf/90-common.ini +++ b/php_conf/90-common.ini @@ -1,6 +1,5 @@ date.timezone = Europe/Brussels -max_execution_time = 30 -max_input_time = 30 -memory_limit = 512M -log_errors=On -error_log=${PHP_ERROR_LOG} +max_execution_time = ${PHP_MAX_EXECUTION_TIME} +max_input_time = ${PHP_MAX_INPUT_TIME} +memory_limit = ${PHP_MEMORY_LIMIT} +log_errors=On \ No newline at end of file diff --git a/phpfpm_conf/www.conf b/phpfpm_conf/www.conf index fde8455..e85c5a1 100644 --- a/phpfpm_conf/www.conf +++ b/phpfpm_conf/www.conf @@ -8,4 +8,6 @@ listen = 127.0.0.1:${FPM_PORT} pm = dynamic pm.max_children = ${FPM_MAX_CHILDREN} pm.min_spare_servers = ${FPM_MIN_CHILDREN} -pm.max_spare_servers = ${FPM_MAX_CHILDREN} \ No newline at end of file +pm.max_spare_servers = ${FPM_MAX_CHILDREN} + +access.log = /proc/self/fd/1 From d27462c7c603f51abee66b202caeedc001826fbd Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Wed, 10 Oct 2018 15:47:17 +0200 Subject: [PATCH 107/117] Fixes, uses 1000 as most common UID --- Dockerfile | 6 ++++-- apache2_conf/conf-available/php.conf | 2 -- phpfpm_conf/www.conf | 4 +++- scripts/install-base.sh | 6 +++++- 4 files changed, 12 insertions(+), 6 deletions(-) delete mode 100644 apache2_conf/conf-available/php.conf diff --git a/Dockerfile b/Dockerfile index f0b93ea..f259ce4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,9 @@ FROM ubuntu as httpd-php ENV DEBIAN_FRONTEND=noninteractive ARG php_version="5.6" ARG php_modules="soap bz2 calendar exif mysql opcache zip xsl intl mcrypt yaml mbstring ldap sockets iconv gd redis memcached" -ARG apache2_modules="proxy_fcgi rewrite" +ARG apache2_modules="proxy_fcgi setenvif rewrite" +ARG USER_ID=1000 +ARG GROUP_ID=1000 # Default configuration and environment ENV php_version=${php_version} \ @@ -37,7 +39,7 @@ ADD phpfpm_conf /etc/php/${php_version}/fpm/pool.d RUN phpenmod 90-common 95-prod && \ phpenmod -s cli 95-cli && \ a2enmod ${apache2_modules} && \ - a2enconf php prod + a2enconf php${php_version}-fpm prod ENTRYPOINT ["/scripts/run.sh"] ## Full PHP images ( adds Java, OCI, and other heavy runtime libs ) diff --git a/apache2_conf/conf-available/php.conf b/apache2_conf/conf-available/php.conf deleted file mode 100644 index 4769d3c..0000000 --- a/apache2_conf/conf-available/php.conf +++ /dev/null @@ -1,2 +0,0 @@ -ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:${FPM_PORT}/${DOCUMENT_ROOT}/$1 -DirectoryIndex index.php index.html \ No newline at end of file diff --git a/phpfpm_conf/www.conf b/phpfpm_conf/www.conf index e85c5a1..9b0f1b8 100644 --- a/phpfpm_conf/www.conf +++ b/phpfpm_conf/www.conf @@ -3,7 +3,9 @@ user = ${DAEMON_USER} group = ${DAEMON_USER} -listen = 127.0.0.1:${FPM_PORT} +listen = /run/php/php${php_version}-fpm.sock +listen.group = ${DAEMON_USER} +listen.owner = ${DAEMON_USER} pm = dynamic pm.max_children = ${FPM_MAX_CHILDREN} diff --git a/scripts/install-base.sh b/scripts/install-base.sh index 4cf25be..74abaad 100755 --- a/scripts/install-base.sh +++ b/scripts/install-base.sh @@ -1,11 +1,15 @@ #!bin/bash set -e set -x + +# Fix www-data uid/gid : +usermod -u ${USER_ID} www-data +groupmod -g ${GROUP_ID} www-data + apt-get update apt-get install -y software-properties-common add-apt-repository -y ppa:ondrej/php - for module in ${php_modules}; do if [ "${php_version}" == "7.2" ] && [ "${module}" == "mcrypt" ]; then echo "WARNING: ${module} not supported on 7.2" From a4e324914a5f9b1eec633ad5213500923c50e9f0 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Wed, 10 Oct 2018 15:48:45 +0200 Subject: [PATCH 108/117] [SKIP CI] Removed FPM port, now using sockets --- Dockerfile | 1 - 1 file changed, 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index f259ce4..3df35f3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,7 +17,6 @@ ENV php_version=${php_version} \ DAEMON_USER=www-data \ DAEMON_GROUP=www-data \ HTTP_PORT=8080 \ - FPM_PORT=9000 \ APACHE_ERROR_LOG=/proc/self/fd/2 \ APACHE_ACCESS_LOG=/proc/self/fd/1 \ PHP_MAX_EXECUTION_TIME=30 \ From 14e7bdccc3206d45c6afc4a3e7f726cd70162947 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Fri, 12 Oct 2018 11:44:08 +0200 Subject: [PATCH 109/117] Added curl --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 3df35f3..8d4843f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,7 +5,7 @@ FROM ubuntu as httpd-php # Build arguments ENV DEBIAN_FRONTEND=noninteractive ARG php_version="5.6" -ARG php_modules="soap bz2 calendar exif mysql opcache zip xsl intl mcrypt yaml mbstring ldap sockets iconv gd redis memcached" +ARG php_modules="curl soap bz2 calendar exif mysql opcache zip xsl intl mcrypt yaml mbstring ldap sockets iconv gd redis memcached" ARG apache2_modules="proxy_fcgi setenvif rewrite" ARG USER_ID=1000 ARG GROUP_ID=1000 From 8275b3b1f5b33eec9bf0cea402f313fff26c7a44 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Mon, 15 Oct 2018 13:34:49 +0200 Subject: [PATCH 110/117] Update www.conf --- phpfpm_conf/www.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/phpfpm_conf/www.conf b/phpfpm_conf/www.conf index 9b0f1b8..e9a799c 100644 --- a/phpfpm_conf/www.conf +++ b/phpfpm_conf/www.conf @@ -13,3 +13,4 @@ pm.min_spare_servers = ${FPM_MIN_CHILDREN} pm.max_spare_servers = ${FPM_MAX_CHILDREN} access.log = /proc/self/fd/1 +clear_env = no From 8f03d86adac5d1e40419b1b32b99bafc3eec3e84 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 16 Oct 2018 14:29:02 +0200 Subject: [PATCH 111/117] Update install-dev.sh keeping compatiblity --- scripts/install-dev.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/install-dev.sh b/scripts/install-dev.sh index 0ee229f..8da5cb3 100755 --- a/scripts/install-dev.sh +++ b/scripts/install-dev.sh @@ -9,10 +9,10 @@ apt-get install -y php${php_version}-xdebug wget unzip patch git # Install PHP dev packages : wget https://github.com/composer/composer/releases/download/${composer_version}/composer.phar -O /usr/bin/composer wget https://github.com/drush-ops/drush/releases/download/${drush_version}/drush.phar -O /usr/bin/drush - +ln -s /usr/bin/composer /usr/local/bin/composer chmod +x /usr/bin/composer /usr/bin/drush apt-get clean rm -rf /var/lib/apt/lists/* rm -rf /tmp/* -rm -Rf /root/.composer/cache \ No newline at end of file +rm -Rf /root/.composer/cache From 1b6dc67634f68b2d886bb1f2950a9f2a42b8d0ac Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 16 Oct 2018 15:19:35 +0200 Subject: [PATCH 112/117] Added mysql client --- scripts/install-full.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/install-full.sh b/scripts/install-full.sh index f00b596..949cc8f 100755 --- a/scripts/install-full.sh +++ b/scripts/install-full.sh @@ -5,7 +5,7 @@ apt-get update # Fix java installation mkdir -p /usr/share/man/man1 -apt-get install --no-install-recommends -y libaio1 openjdk-8-jre-headless curl unzip +apt-get install --no-install-recommends -y libaio1 openjdk-8-jre-headless curl unzip mysql-client # OCI8 deps : curl https://repo.ne-dev.eu/deb/instantclient-basic-linux.x64-12.2.0.1.0.zip > /tmp/instantclient-basic-linux.zip @@ -33,4 +33,4 @@ phpenmod oci8 apt-get autoremove -y curl unzip php${php_version}-dev --purge apt-get clean rm -rf /var/lib/apt/lists/* -rm -rf /tmp/* \ No newline at end of file +rm -rf /tmp/* From de78de5dc05e10cdb0a4a93f6c4c5ca314c6d45e Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Tue, 16 Oct 2018 17:06:10 +0200 Subject: [PATCH 113/117] Added tidy in the modules --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 8d4843f..f5b4c64 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,7 +5,7 @@ FROM ubuntu as httpd-php # Build arguments ENV DEBIAN_FRONTEND=noninteractive ARG php_version="5.6" -ARG php_modules="curl soap bz2 calendar exif mysql opcache zip xsl intl mcrypt yaml mbstring ldap sockets iconv gd redis memcached" +ARG php_modules="curl soap bz2 calendar exif mysql opcache zip xsl intl mcrypt yaml mbstring ldap sockets iconv gd redis memcached tidy" ARG apache2_modules="proxy_fcgi setenvif rewrite" ARG USER_ID=1000 ARG GROUP_ID=1000 From 331a732cd5b72314a3c3c2948080e75ec99c1c4c Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Thu, 18 Oct 2018 12:23:53 +0200 Subject: [PATCH 114/117] Disabling sendmail in dev image, using ENV memory logic for dev as well --- Dockerfile | 3 ++- php_conf/95-dev.ini | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index f5b4c64..9cd46b8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -52,7 +52,8 @@ FROM httpd-php-full as httpd-php-dev ARG composer_version="1.7.2" ARG drush_version="8.1.17" ENV PATH=${PATH}:/root/.composer/vendor/bin -ENV COMPOSER_ALLOW_SUPERUSER 1 +ENV COMPOSER_ALLOW_SUPERUSER=1 +ENV PHP_MEMORY_LIMIT=2G RUN /scripts/install-dev.sh && \ phpdismod 95-prod && \ phpenmod 95-dev && \ diff --git a/php_conf/95-dev.ini b/php_conf/95-dev.ini index bcadd8b..d7d265b 100644 --- a/php_conf/95-dev.ini +++ b/php_conf/95-dev.ini @@ -1,3 +1,3 @@ expose_php=On display_errors=On -memory_limit = 512M \ No newline at end of file +sendmail_path = /bin/true \ No newline at end of file From 295be2169094d675b5df67c9aebfdb9210955b97 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Thu, 18 Oct 2018 15:46:40 +0200 Subject: [PATCH 115/117] Preparing for release --- .drone.yml | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/.drone.yml b/.drone.yml index 0724fae..079f495 100644 --- a/.drone.yml +++ b/.drone.yml @@ -31,7 +31,7 @@ pipeline: build-and-push-branch: image: plugins/docker repo: fpfis/${TARGET} - tags: ${PHP_VERSION}-ubuntu + tags: ${PHP_VERSION} secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] target: ${TARGET} build_args: @@ -39,13 +39,13 @@ pipeline: - oci8_version=${OCI8_VERSION} when: event: push - branch: release/* + branch: develop # Mark production build-and-push-production: image: plugins/docker repo: fpfis/${TARGET} - tags: production-${PHP_VERSION}-ubuntu + tags: production-${PHP_VERSION} target: ${TARGET} secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] build_args: @@ -53,4 +53,19 @@ pipeline: - oci8_version=${OCI8_VERSION} when: event: push - branch: production/* + branch: master + + # Mark production + build-and-push-tag: + image: plugins/docker + repo: fpfis/${TARGET} + tags: production-${PHP_VERSION} + target: ${TARGET} + secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] + build_args: + - php_version=${PHP_VERSION} + - oci8_version=${OCI8_VERSION} + when: + event: tag + matrix: + PHP_VERSION: ${DRONE_TAG%.*} \ No newline at end of file From f3bda8a1c6d74cfe648a4962c51c4b8a7b6ccb36 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Thu, 18 Oct 2018 15:52:05 +0200 Subject: [PATCH 116/117] Preparing for release --- .drone.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.drone.yml b/.drone.yml index 079f495..9b268a8 100644 --- a/.drone.yml +++ b/.drone.yml @@ -59,7 +59,7 @@ pipeline: build-and-push-tag: image: plugins/docker repo: fpfis/${TARGET} - tags: production-${PHP_VERSION} + tags: [ ${PHP_VERSION}, ${DRONE_TAG%.*}, ${DRONE_TAG} ] target: ${TARGET} secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] build_args: From 6a11e305e9f4cb1b0b0885006cc98f999e62aa08 Mon Sep 17 00:00:00 2001 From: Gregory Boddin Date: Thu, 18 Oct 2018 15:53:36 +0200 Subject: [PATCH 117/117] Preparing for release --- .drone.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.drone.yml b/.drone.yml index 9b268a8..425f75d 100644 --- a/.drone.yml +++ b/.drone.yml @@ -59,7 +59,10 @@ pipeline: build-and-push-tag: image: plugins/docker repo: fpfis/${TARGET} - tags: [ ${PHP_VERSION}, ${DRONE_TAG%.*}, ${DRONE_TAG} ] + tags: + - ${PHP_VERSION} + - ${DRONE_TAG%.*} + - ${DRONE_TAG} target: ${TARGET} secrets: [ DOCKER_USERNAME, DOCKER_PASSWORD ] build_args: