diff --git a/base/php-nginx/7.4-alpine/Dockerfile b/base/php-nginx/7.4-alpine/Dockerfile new file mode 100644 index 0000000..4a56a9f --- /dev/null +++ b/base/php-nginx/7.4-alpine/Dockerfile @@ -0,0 +1,25 @@ +#+++++++++++++++++++++++++++++++++++++++ +# Dockerfile for webdevops/php-nginx:7.4-alpine +# -- automatically generated -- +#+++++++++++++++++++++++++++++++++++++++ + +FROM php:7.4-alpine + +ENV WEB_DOCUMENT_ROOT=/app \ + WEB_DOCUMENT_INDEX=index.php \ + WEB_ALIAS_DOMAIN=*.vm \ + WEB_PHP_TIMEOUT=600 \ + WEB_PHP_SOCKET="" +ENV WEB_PHP_SOCKET=127.0.0.1:9000 +ENV SERVICE_NGINX_CLIENT_MAX_BODY_SIZE="50m" + +COPY conf/ /opt/docker/ + +RUN set -x \ + # Install nginx + && apk-install \ + nginx \ + && docker-run-bootstrap \ + && docker-image-cleanup + +EXPOSE 80 443 diff --git a/base/php-nginx/7.4-alpine/Dockerfile.jinja2 b/base/php-nginx/7.4-alpine/Dockerfile.jinja2 new file mode 100644 index 0000000..b698bdf --- /dev/null +++ b/base/php-nginx/7.4-alpine/Dockerfile.jinja2 @@ -0,0 +1,14 @@ +{{ docker.from("php", "7.4-alpine") }} + +{{ environment.web() }} +{{ environment.webPhp() }} +{{ environment.nginx() }} + +{{ docker.copy('conf/', '/opt/docker/') }} + +RUN set -x \ + {{ nginx.alpine() }} \ + {{ provision.runBootstrap() }} \ + {{ docker.cleanup() }} + +{{ docker.expose('80 443') }} diff --git a/base/php-nginx/7.4-alpine/conf/bin/service.d/nginx.d/10-init.sh b/base/php-nginx/7.4-alpine/conf/bin/service.d/nginx.d/10-init.sh new file mode 100644 index 0000000..8acb511 --- /dev/null +++ b/base/php-nginx/7.4-alpine/conf/bin/service.d/nginx.d/10-init.sh @@ -0,0 +1,5 @@ +if [[ ! -e "$WEB_DOCUMENT_ROOT" ]]; then + echo "" + echo "[WARNING] WEB_DOCUMENT_ROOT does not exists with path \"$WEB_DOCUMENT_ROOT\"!" + echo "" +fi diff --git a/base/php-nginx/7.4-alpine/conf/bin/service.d/nginx.sh b/base/php-nginx/7.4-alpine/conf/bin/service.d/nginx.sh new file mode 100644 index 0000000..3517c72 --- /dev/null +++ b/base/php-nginx/7.4-alpine/conf/bin/service.d/nginx.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env bash + +# Init vars +if [[ -z "$SERVICE_NGINX_OPTS" ]]; then SERVICE_NGINX_OPTS=""; fi + +source /opt/docker/bin/config.sh + +includeScriptDir "/opt/docker/bin/service.d/nginx.d/" + +exec /usr/sbin/nginx -g 'daemon off;' $SERVICE_NGINX_OPTS diff --git a/base/php-nginx/7.4-alpine/conf/etc/nginx/conf.d/.gitkeep b/base/php-nginx/7.4-alpine/conf/etc/nginx/conf.d/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/base/php-nginx/7.4-alpine/conf/etc/nginx/conf.d/10-php.conf b/base/php-nginx/7.4-alpine/conf/etc/nginx/conf.d/10-php.conf new file mode 100644 index 0000000..9abe45f --- /dev/null +++ b/base/php-nginx/7.4-alpine/conf/etc/nginx/conf.d/10-php.conf @@ -0,0 +1,3 @@ +upstream php { + server ; +} diff --git a/base/php-nginx/7.4-alpine/conf/etc/nginx/global.conf b/base/php-nginx/7.4-alpine/conf/etc/nginx/global.conf new file mode 100644 index 0000000..b6141db --- /dev/null +++ b/base/php-nginx/7.4-alpine/conf/etc/nginx/global.conf @@ -0,0 +1 @@ +# deprecated diff --git a/base/php-nginx/7.4-alpine/conf/etc/nginx/main.conf b/base/php-nginx/7.4-alpine/conf/etc/nginx/main.conf new file mode 100644 index 0000000..06de065 --- /dev/null +++ b/base/php-nginx/7.4-alpine/conf/etc/nginx/main.conf @@ -0,0 +1,4 @@ +include /opt/docker/etc/nginx/global.conf; +include /opt/docker/etc/nginx/php.conf; +include /opt/docker/etc/nginx/conf.d/*.conf; +include /opt/docker/etc/nginx/vhost.conf; diff --git a/base/php-nginx/7.4-alpine/conf/etc/nginx/nginx.conf b/base/php-nginx/7.4-alpine/conf/etc/nginx/nginx.conf new file mode 100644 index 0000000..b9cb4eb --- /dev/null +++ b/base/php-nginx/7.4-alpine/conf/etc/nginx/nginx.conf @@ -0,0 +1,34 @@ +# For more information on configuration, see: +# * Official English Documentation: http://nginx.org/en/docs/ +# * Official Russian Documentation: http://nginx.org/ru/docs/ + +user nginx; +worker_processes auto; +error_log /docker.stdout; +pid /run/nginx.pid; + +events { + worker_connections 1024; +} + +http { + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /docker.stdout main; + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + # Load modular configuration files from the /etc/nginx/conf.d directory. + # See http://nginx.org/en/docs/ngx_core_module.html#include + # for more information. + include /etc/nginx/conf.d/*.conf; +} diff --git a/base/php-nginx/7.4-alpine/conf/etc/nginx/php.conf b/base/php-nginx/7.4-alpine/conf/etc/nginx/php.conf new file mode 100644 index 0000000..b6141db --- /dev/null +++ b/base/php-nginx/7.4-alpine/conf/etc/nginx/php.conf @@ -0,0 +1 @@ +# deprecated diff --git a/base/php-nginx/7.4-alpine/conf/etc/nginx/ssl/server.crt b/base/php-nginx/7.4-alpine/conf/etc/nginx/ssl/server.crt new file mode 100644 index 0000000..6b06949 --- /dev/null +++ b/base/php-nginx/7.4-alpine/conf/etc/nginx/ssl/server.crt @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIE1DCCArwCCQDMMwGnSuK0tTANBgkqhkiG9w0BAQsFADAsMRswGQYDVQQKExJE +b2NrZXIgQm9pbGVycGxhdGUxDTALBgNVBAMUBCoudm0wHhcNMTUwNTA0MTcxNDQw +WhcNMjUwNTAxMTcxNDQwWjAsMRswGQYDVQQKExJEb2NrZXIgQm9pbGVycGxhdGUx +DTALBgNVBAMUBCoudm0wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDK +3TIUiyDvXelWeY9VXMrpjuZtYpVSDsACLpjFUhMnsP5/iKT0VbeZyqHvmwZjAg4G +Y10d+yZDdgv/xeu0HPOFbtR6pCp10d1tdLHZto5Cyuxu7IQsAVjnD6Ko7XFwtNk7 +9o6JZfAFaGL4w5MokrVmCtspnsMZH7/7zU4f96cbF39zLopnpuXGD6t6DA8Qj3gy +0duaTjs42bYRN+rwLzVKAev99iQ4kPMJn4vV6/Xk6rtoSzC67GQyVZYaFypicD1S +NtsRmgEVvjCBDbrLOneUiRwff6qxEsZi7Hxv7BKFj4iUWnII7K/nP7T6uBHQjHO+ +FpsGkU9lCMrCeVFBe8kKz/cbhd+yLUxXwAPr6gSOPmwn232Gy4tozvqZHpbUxsgx +7sT3ej9K66h1D7J+BjNFWYM1hbnC1r7H/xS7EBzBV8qRoQCVe08Juf5xsouXFakD +clLV4+L+1cxkpwsCQDly5g3tm/TBqA2O+ZJ+YHQDHKkzMyhLs6i0X/M5qvJBiLg1 +GLTCS20rpQ5gXTEGuINqHgwXQWkUO6bhgSYqdHGX3zbZ5+qWpI4eui3dHZ1Ll0VH +6Icpb7ORTQwhc6W8KBlybssYPSlGOEBGUjYGNheoz9FpoSkxCis+P8ZNKtrmpPoq +Su0eOOGFOFHG02eOgPVxSwrDeN9MVJo7BPysGMHJmQIDAQABMA0GCSqGSIb3DQEB +CwUAA4ICAQC63g6NHmQKbiy3G6iaDkpUSbr5Mq2YgU61XnvWVyREqDcy/BXCw9oY +SJ/KUvCpqPnACNOFqjadRAmPiA9nf2WduoCgwQGV/YRFGswSuVvh/3X2TX5NWvbS +t8MQDttQg1dxpiMUjlu3rqhfohBdWJvp2lVSdpDb/MOlXBc/+p7HfOHwhqB7wwPN +NNbSKUbZqZxmD8cOf1X0hASr1yfFPj+2vST3ESaON8S0T2p63YX/sD5jvOUiEuyw +I5WcvLmiRZA07SH8nWyckLY3qWL+OlhSZrlAnolWS00b+7h5LNuRYEjKzwVgntoA +aCopyQih6wIk0+AfJO4sfhJBmQhnIrAaP/zwBH5g9zVizLf5H7U+hNXrMwgw55Sq +vjMdkZHvPKUXTvVit/rYE9H+PY3brkRWzOl4V/i/ZLJJm5805H/NyTbz9kPMJw2Q +nn+KOpfXXySD39f8iuRgSKXsYNul38hxWgcZZ6g+sOOp2n/VUmf0eZUWNnJ8i7AP +4Qif7aDKMcibOwSwsB+DKZXDvZ5XSdnMphtuLS5rPSL81rVRmWC2DMfQ2eP8j0WN +VTroSk0xedQ7Qr+9TNooi9IyzX6n1a2S1UiciEZ3ZcDbXPl/P01m+IYZyPnLv0+9 +ZeioZYh1JLv3/OKsMrMLTfh2ZCj3aXwmc2Owi/wU2LS5QUOMcHH7CQ== +-----END CERTIFICATE----- \ No newline at end of file diff --git a/base/php-nginx/7.4-alpine/conf/etc/nginx/ssl/server.csr b/base/php-nginx/7.4-alpine/conf/etc/nginx/ssl/server.csr new file mode 100644 index 0000000..8a9909f --- /dev/null +++ b/base/php-nginx/7.4-alpine/conf/etc/nginx/ssl/server.csr @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIEcTCCAlkCAQAwLDEbMBkGA1UEChMSRG9ja2VyIEJvaWxlcnBsYXRlMQ0wCwYD +VQQDFAQqLnZtMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyt0yFIsg +713pVnmPVVzK6Y7mbWKVUg7AAi6YxVITJ7D+f4ik9FW3mcqh75sGYwIOBmNdHfsm +Q3YL/8XrtBzzhW7UeqQqddHdbXSx2baOQsrsbuyELAFY5w+iqO1xcLTZO/aOiWXw +BWhi+MOTKJK1ZgrbKZ7DGR+/+81OH/enGxd/cy6KZ6blxg+regwPEI94MtHbmk47 +ONm2ETfq8C81SgHr/fYkOJDzCZ+L1ev15Oq7aEswuuxkMlWWGhcqYnA9UjbbEZoB +Fb4wgQ26yzp3lIkcH3+qsRLGYux8b+wShY+IlFpyCOyv5z+0+rgR0IxzvhabBpFP +ZQjKwnlRQXvJCs/3G4Xfsi1MV8AD6+oEjj5sJ9t9hsuLaM76mR6W1MbIMe7E93o/ +SuuodQ+yfgYzRVmDNYW5wta+x/8UuxAcwVfKkaEAlXtPCbn+cbKLlxWpA3JS1ePi +/tXMZKcLAkA5cuYN7Zv0wagNjvmSfmB0AxypMzMoS7OotF/zOaryQYi4NRi0wktt +K6UOYF0xBriDah4MF0FpFDum4YEmKnRxl9822efqlqSOHrot3R2dS5dFR+iHKW+z +kU0MIXOlvCgZcm7LGD0pRjhARlI2BjYXqM/RaaEpMQorPj/GTSra5qT6KkrtHjjh +hThRxtNnjoD1cUsKw3jfTFSaOwT8rBjByZkCAwEAAaAAMA0GCSqGSIb3DQEBCwUA +A4ICAQBsEBgC2YepuZq/8UqvKMZKVy/etDKXj7BB+QPb+leNiKD7p4LDxHJsZSH8 +Ku9uMPeLfiQDn5jA41k5SlGttzvObd65RdEbO3yHpqsg05EGSDDLfaE1k2Al/qmX +/o8roPZF7+2kZthgMAgkcokS54LYqEYTGqOf3J9Ss0yRIZwhaOVebfFIbIOdpw0B +JNMIJPHTMdZrcuRVI+wR1uPLIlEJzBvxTGbTrvPU25WJFtu+EajKqXO0SHdy0yx8 +uH4ykRBJRc36+oYo7nZ5D56dh7pZn3+9J64FKAOV0Q3KqMFieGy053ezuhJd70eZ +UozTgfjs3WpMzoYmKETSyl3XZSdInRe+sUlKPruTsKyg69oYxjPlrGfAmmGcCFca +TnZinT18dI92zK7OtOVkmYeYKC1lwuhftVrNMXzZuHOGpS9NNYtc4nDqDMIEOfV3 +6rCdu03WjEgJ+Z67tJs16xOx9du4/EHxS2Ijn9DPfVJvYy0TgzDi1BUpjWx0KTLx +C4OQbEZ/QTWmHVbSch/hcZhzbf7SNh5RpnW4EtmcpDFjIKMfxJmoKeiTf7qnilx0 +7uRvsZFKoDKRDOFiPfgMg5AOtLHziYsd9m0tJjC2GHvFuPjzOtzhnUUjmmvht170 +2aqKakjST4amg7jzLcs871HX0/WjOtt29NpOz140blkKf1bisg== +-----END CERTIFICATE REQUEST----- \ No newline at end of file diff --git a/base/php-nginx/7.4-alpine/conf/etc/nginx/ssl/server.key b/base/php-nginx/7.4-alpine/conf/etc/nginx/ssl/server.key new file mode 100644 index 0000000..c9eec14 --- /dev/null +++ b/base/php-nginx/7.4-alpine/conf/etc/nginx/ssl/server.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEAyt0yFIsg713pVnmPVVzK6Y7mbWKVUg7AAi6YxVITJ7D+f4ik +9FW3mcqh75sGYwIOBmNdHfsmQ3YL/8XrtBzzhW7UeqQqddHdbXSx2baOQsrsbuyE +LAFY5w+iqO1xcLTZO/aOiWXwBWhi+MOTKJK1ZgrbKZ7DGR+/+81OH/enGxd/cy6K +Z6blxg+regwPEI94MtHbmk47ONm2ETfq8C81SgHr/fYkOJDzCZ+L1ev15Oq7aEsw +uuxkMlWWGhcqYnA9UjbbEZoBFb4wgQ26yzp3lIkcH3+qsRLGYux8b+wShY+IlFpy +COyv5z+0+rgR0IxzvhabBpFPZQjKwnlRQXvJCs/3G4Xfsi1MV8AD6+oEjj5sJ9t9 +hsuLaM76mR6W1MbIMe7E93o/SuuodQ+yfgYzRVmDNYW5wta+x/8UuxAcwVfKkaEA +lXtPCbn+cbKLlxWpA3JS1ePi/tXMZKcLAkA5cuYN7Zv0wagNjvmSfmB0AxypMzMo +S7OotF/zOaryQYi4NRi0wkttK6UOYF0xBriDah4MF0FpFDum4YEmKnRxl9822efq +lqSOHrot3R2dS5dFR+iHKW+zkU0MIXOlvCgZcm7LGD0pRjhARlI2BjYXqM/RaaEp +MQorPj/GTSra5qT6KkrtHjjhhThRxtNnjoD1cUsKw3jfTFSaOwT8rBjByZkCAwEA +AQKCAgAbZPdoUsllyZbC+LNkYZ19ILD5QIDNjfRb1xMGQmkXyQz1B+zOmeyrNfPc +OWEJabOfJTfj3pByN7SzG3US4333HNpQnW6mbmqqZ0HFFqPrXR/Ecuf+UUhCG5hp +m3bgM2vKbyccYsmg0VHcKfzrU7RvTTP/UNMjx2fThwvvwS+ttuSdF0HVcXJB5sfP +OWWnZNhkdHZlRf81VCED/jsZqCZYEh5eMyj9AoXvXL4zayPPf+tC0DSKaXW2Xlxg +tZQhqup8+a9nlxZia0Z9hu8clo6jXkiP8FuKgfCMV0cOjiCKLLHS5svTbLLsVWwJ +F2ZAdVcD6mWQ43qHOEK5NEzGvQKO14CaOLnVT2yAkMcyNohsEgoDP9oCBGDJQbBH +NmtZfpVjjtuTr9P9TEkU1FcBRo0x6Il/DkzamGbOeFAmgnaGElhJ5c/CAG7whaIf +mUfFOBGPH/wESY3gBOACDofeSh27RrlvbLaPiCGKivDUTBmhBsIuso6XqOKbvtfV +/HhhndpdRVfIj4DdE7gIrLIGN977JMVAXFCNz7KrvAWwcOXrCHCoWpklJ9repq8l +26ICY8K7VXktzDHQUmhd88ZWR+9ASURsJghUgZUOcMrEGyvci6Y8hpLhHiNVPHuQ ++ps7tpPsXSntBUqWBzhRZh74+nJlOOV6oYykl30JT2JzB6lwiQKCAQEA9ecn8N2z +20tR2UEiTv/MjVSepQtAAajegvcd1iasvvQKXnh3XLmoZHzH2tTa0lp5RIZpUQPl +lOTwko0lYTBnYblt65AJQ3FTgisNobIpoqE8BFXLm6wggz7CbabjmPGDe173lPGR +sI0YSKYvzrdn4zw8Fh6WULJyZHLi58zJYL3r0WBDiOoxpGaGA1GlmkuIWjhKHaX2 +OvF1vOuQDJ2eDyTc5TYFC0NKG76Mvanov5L/yrhNM/umbmp0SPspzHGZobAKUr20 +OazFT8S+2TA1OTxWNbiPbSimFoaZbEdqsNACGfVJWO8Sh8iqlt5RmEcSiSvGBj6L +QKprRO9Fsp2GawKCAQEA0zGhRsnux4JTNsdUSYsEJtITMj6eE+nl7CoZ9DAOwC5X +6/aSpUE4TT+pWNrt9iluXiGL0j89UJ7r/L1OcsiyzGb8ig9NU4zr1NIGTZ0DstHi +HPYINjeiBJEFIy17kOQn+9/I5c4hBUwz6ihwNoEomymVB/EsLJKAML0AudJGKg+Z +/f/qrS40eab5SAiaKgsh0MZnj+vIxyGBydt6r2HGmjfNITVbXIu6IpO+6NXDwM/e +7v10AAZ3j9+gb1RedLg2ghuIuYU90hmMhtVWsh9nVmaOkMW9/WFgOPYvt/mHH/hR +d4pePZ9kACGmqo/b9sHvHw1YEubtCt1VUiNuFxnJCwKCAQBWnxz0vkRTJY8phsY9 +KeK2jm5sGTBs5T2syLwb6ffENFdKvAjgAw6Mh2And/+1ReWd+/MxdLv03UjZdxsJ +x3FDfXx5FH4O4ebW3a+pnAcKoN1xcX+N0O6LDRqUYcue3sTAOs3gC9CUbr91KAWD +Phw8ccWAzTmKJ7IgLFA982ekyoI9eTmRC159WRgwJxy844qerWF+XC4GyXP+HsTZ +jNRW5Vdi7sqMEyIR7+fIEAhLI88zbATWIPmZv6pC4ybwO7wwtsCMMQNBpdjDprzL +6S12ggikV+U+QKlxGe0FtYqhykRTPJKf32eZqVheWOZJTA/9fgv9ux52oxGycM8O +gmsNAoIBAQC60m5uZnd5uYnPLWkcXYNgq/kbO1UvHHut/FhVMKX7z4MrU0XKNfWO +MECoP5K9bU0aq+Y6KIMe7FapjvT0iSHRu1Cu+HZY8JI2A0xcIAeDijLRl7sP6wrB +q1+2DKgANjRAlWfsEfoX658JBpitPngjOheBnRCMpVQMyUT5HE/BKWf5zwdUB0mY +S+K8nA90HcDeJIS8RcGolbVwUV0oBABhr/cf50lYhqozqCr7YQ33ZGs7Uq3oz8+4 +UARmN2YPLl3Znm3GX12em8c6B0LX8vvA7Jw06Rf2Ksup1+3Ce1PTLiEy9A4FyRf3 +Hc2HmBbnJAtZlr5QikMqlzzAmmLqwH6dAoIBAC+ryaQGJFsijCSuaDfRp/uy9xnd +DjgMdTwjl5WLBmyudChVMANl8eqCbvVO41CN84yORk03oQ4cx0eKxAZaLaSzgkb3 +W0X2nFQe7VJSYMQswCQ+1WfJvEFrIdkEKIa//uQdhqNrgUKSNVhhSTMbNEkDTIWn +ssbv2H9hvUaFt/J/vP9zCKuU5oYvNU7Oi6ZXRYezRn9atlJYanLFoJnHUBRzGms5 +K0vhdCPDXQq87z5Yudoh0jLUQF9Nx0GTWeBceQ9n5hZeRUNQWxP4AJThQX9KSPTS +mbL3Kh4XNRmAUJ2N+Njh+3dg91s+JkKvC1wcspLsmLPQe+9AxBSH9y5JE/8= +-----END RSA PRIVATE KEY----- \ No newline at end of file diff --git a/base/php-nginx/7.4-alpine/conf/etc/nginx/vhost.common.conf b/base/php-nginx/7.4-alpine/conf/etc/nginx/vhost.common.conf new file mode 100644 index 0000000..a5df62e --- /dev/null +++ b/base/php-nginx/7.4-alpine/conf/etc/nginx/vhost.common.conf @@ -0,0 +1,2 @@ +# compatibility for PHP and TYPO3 Docker Boilerplate +include /opt/docker/etc/nginx/vhost.common.d/*.conf; diff --git a/base/php-nginx/7.4-alpine/conf/etc/nginx/vhost.common.d/.gitkeep b/base/php-nginx/7.4-alpine/conf/etc/nginx/vhost.common.d/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/base/php-nginx/7.4-alpine/conf/etc/nginx/vhost.common.d/10-general.conf b/base/php-nginx/7.4-alpine/conf/etc/nginx/vhost.common.d/10-general.conf new file mode 100644 index 0000000..31c9bf0 --- /dev/null +++ b/base/php-nginx/7.4-alpine/conf/etc/nginx/vhost.common.d/10-general.conf @@ -0,0 +1 @@ +client_max_body_size ; diff --git a/base/php-nginx/7.4-alpine/conf/etc/nginx/vhost.common.d/10-location-root.conf b/base/php-nginx/7.4-alpine/conf/etc/nginx/vhost.common.d/10-location-root.conf new file mode 100644 index 0000000..28fd811 --- /dev/null +++ b/base/php-nginx/7.4-alpine/conf/etc/nginx/vhost.common.d/10-location-root.conf @@ -0,0 +1,3 @@ +location / { + try_files $uri $uri/ /?$query_string; +} diff --git a/base/php-nginx/7.4-alpine/conf/etc/nginx/vhost.common.d/10-log.conf b/base/php-nginx/7.4-alpine/conf/etc/nginx/vhost.common.d/10-log.conf new file mode 100644 index 0000000..9646c68 --- /dev/null +++ b/base/php-nginx/7.4-alpine/conf/etc/nginx/vhost.common.d/10-log.conf @@ -0,0 +1,2 @@ +access_log /docker.stdout; +error_log /docker.stderr warn; diff --git a/base/php-nginx/7.4-alpine/conf/etc/nginx/vhost.common.d/10-php.conf b/base/php-nginx/7.4-alpine/conf/etc/nginx/vhost.common.d/10-php.conf new file mode 100644 index 0000000..22b08a5 --- /dev/null +++ b/base/php-nginx/7.4-alpine/conf/etc/nginx/vhost.common.d/10-php.conf @@ -0,0 +1,7 @@ +location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_read_timeout ; +} diff --git a/base/php-nginx/7.4-alpine/conf/etc/nginx/vhost.conf b/base/php-nginx/7.4-alpine/conf/etc/nginx/vhost.conf new file mode 100644 index 0000000..109fbb3 --- /dev/null +++ b/base/php-nginx/7.4-alpine/conf/etc/nginx/vhost.conf @@ -0,0 +1,28 @@ +server { + listen 80 default_server; + listen [::]:80 default_server; + + server_name _ docker; + + root ""; + index ; + + include /opt/docker/etc/nginx/vhost.common.d/*.conf; +} + +############## +# SSL +############## + +server { + listen 443 default_server; + listen [::]:443 default_server; + + server_name _ docker; + + root ""; + index ; + + include /opt/docker/etc/nginx/vhost.common.d/*.conf; + include /opt/docker/etc/nginx/vhost.ssl.conf; +} diff --git a/base/php-nginx/7.4-alpine/conf/etc/nginx/vhost.ssl.conf b/base/php-nginx/7.4-alpine/conf/etc/nginx/vhost.ssl.conf new file mode 100644 index 0000000..4ddba25 --- /dev/null +++ b/base/php-nginx/7.4-alpine/conf/etc/nginx/vhost.ssl.conf @@ -0,0 +1,7 @@ +ssl on; +ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # not possible to do exclusive +ssl_ciphers 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA'; +ssl_prefer_server_ciphers on; + +ssl_certificate /opt/docker/etc/nginx/ssl/server.crt; +ssl_certificate_key /opt/docker/etc/nginx/ssl/server.key; diff --git a/base/php-nginx/7.4-alpine/conf/etc/supervisor.d/nginx.conf b/base/php-nginx/7.4-alpine/conf/etc/supervisor.d/nginx.conf new file mode 100644 index 0000000..657bf49 --- /dev/null +++ b/base/php-nginx/7.4-alpine/conf/etc/supervisor.d/nginx.conf @@ -0,0 +1,14 @@ +[group:nginx] +programs=nginxd +priority=20 + +[program:nginxd] +command = /opt/docker/bin/service.d/nginx.sh +process_name=%(program_name)s +startsecs = 0 +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/base/php-nginx/7.4-alpine/conf/provision/bootstrap.d/.gitkeep b/base/php-nginx/7.4-alpine/conf/provision/bootstrap.d/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/base/php-nginx/7.4-alpine/conf/provision/bootstrap.d/10-nginx.sh b/base/php-nginx/7.4-alpine/conf/provision/bootstrap.d/10-nginx.sh new file mode 100644 index 0000000..1ba70f9 --- /dev/null +++ b/base/php-nginx/7.4-alpine/conf/provision/bootstrap.d/10-nginx.sh @@ -0,0 +1,38 @@ +#!/usr/bin/env bash + +IMAGE_FAMILY=$(docker-image-info family) + +# Remove daemon statement (will be added as command line argument) +go-replace --mode=lineinfile --regex --regex-backrefs \ + -s '^[\s#]*daemon ' -r '' \ + -- /etc/nginx/nginx.conf + +go-replace --mode=line --regex --regex-backrefs \ + -s '^([ \t]*access_log)[ \t]*([^\t ;]+)(.*;)$' -r '$1 /docker.stdout $3' \ + -s '^([ \t]*error_log)[ \t]*([^\t ;]+)(.*;)$' -r '$1 /docker.stderr $3' \ + -- /etc/nginx/nginx.conf + +# Enable nginx main config +mkdir -p /etc/nginx/conf.d/ +ln -sf /opt/docker/etc/nginx/main.conf /etc/nginx/conf.d/10-docker.conf + +rm -f \ + /etc/nginx/sites-enabled/default \ + /etc/nginx/conf.d/default.conf + +if [[ "$IMAGE_FAMILY" == "RedHat" ]] || [[ "$IMAGE_FAMILY" == "Alpine" ]]; then + ln -sf /opt/docker/etc/nginx/nginx.conf /etc/nginx/nginx.conf +fi + +# Clear log dir +rm -rf /var/lib/nginx/logs +mkdir -p /var/lib/nginx/logs + +# Set log to stdout/stderr +ln -sf /var/lib/nginx/logs/access.log /docker.stdout +ln -sf /var/lib/nginx/logs/error.log /docker.stderr + +# Fix rights of ssl files +chown -R root:root /opt/docker/etc/nginx/ssl +find /opt/docker/etc/nginx/ssl -type d -exec chmod 750 {} \; +find /opt/docker/etc/nginx/ssl -type f -exec chmod 640 {} \; diff --git a/base/php-nginx/7.4-alpine/conf/provision/bootstrap.d/10-php.sh b/base/php-nginx/7.4-alpine/conf/provision/bootstrap.d/10-php.sh new file mode 100644 index 0000000..4a7d826 --- /dev/null +++ b/base/php-nginx/7.4-alpine/conf/provision/bootstrap.d/10-php.sh @@ -0,0 +1,7 @@ +#!/usr/bin/env bash + +# Restrict php-fpm to local connection +go-replace --mode=line --regex \ + -s '^[\s;]*listen[\s]*=' -r 'listen = 127.0.0.1:9000' \ + --path=/opt/docker/etc/php/fpm/ \ + --path-pattern='*.conf' diff --git a/base/php-nginx/7.4-alpine/conf/provision/entrypoint.d/.gitkeep b/base/php-nginx/7.4-alpine/conf/provision/entrypoint.d/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/base/php-nginx/7.4-alpine/conf/provision/entrypoint.d/20-nginx.sh b/base/php-nginx/7.4-alpine/conf/provision/entrypoint.d/20-nginx.sh new file mode 100644 index 0000000..0264b6c --- /dev/null +++ b/base/php-nginx/7.4-alpine/conf/provision/entrypoint.d/20-nginx.sh @@ -0,0 +1,24 @@ +# Create tmp dir for nginx +mkdir -p /var/tmp/nginx/ + +# Prevent startup of nginx (ubuntu 16.04 needs it) +ln -f -s /var/lib/nginx/logs /var/log/nginx + +# Replace markers +go-replace \ + -s "" -r "$WEB_DOCUMENT_INDEX" \ + -s "" -r "$WEB_DOCUMENT_ROOT" \ + -s "" -r "$WEB_ALIAS_DOMAIN" \ + -s "" -r "$HOSTNAME" \ + -s "" -r "$WEB_PHP_SOCKET" \ + -s "" -r "$WEB_PHP_TIMEOUT" \ + -s "" -r "$SERVICE_NGINX_CLIENT_MAX_BODY_SIZE" \ + --path=/opt/docker/etc/nginx/ \ + --path-pattern='*.conf' \ + --ignore-empty + +if [[ -z "$WEB_PHP_SOCKET" ]]; then + ## WEB_PHP_SOCKET is not set, remove PHP files + rm -f -- /opt/docker/etc/nginx/conf.d/10-php.conf + rm -f -- /opt/docker/etc/nginx/vhost.common.d/10-php.conf +fi diff --git a/base/php-nginx/README.md b/base/php-nginx/README.md new file mode 100644 index 0000000..244f5fd --- /dev/null +++ b/base/php-nginx/README.md @@ -0,0 +1,90 @@ +# php-nginx +build arm image based [webdevops/Dockerfile](https://github.com/webdevops/Dockerfile) + +## 镜像链 +所需镜像`php-nginx:7.4-alpine`需要上游基础镜像`php:7.4-alpine`. +而`php:7.4-alpine`又需要上游基础镜像`toolbox`. + +上述镜像由 [webdevops/Dockerfile](https://github.com/webdevops/Dockerfile) 维护,均为 X86 架构. +根据每个基础镜像的 Dockerfile 文件发现了部分 X86 二进制执行文件,很难直接使用 buildx 直接构建多架构. +需手动修改相关命令支持 ARM, 尝试使用 GitHub Action 来构建多次因部分测试命令报错, 最终只能使用 ARM 服务器来一层层手动构建. + +## 构建 ARM 镜像 +### toolbox +```shell +cd toolbox/latest +docker build -t tookbox . +``` + +### php:7.4-alpine +```shell +cd php/7.4-alpine +docker build -t php:7.4-alpine . +``` + +### php-nginx:7.4-alpine +```shell +cd 7.4-alpine +docker build -t php-nginx:7.4-alpine . +``` + +## 合并镜像 +上述已构建出 ARM 架构`php-nginx:7.4-alpine`, 加上官方的 X86 架构`webdevops/php-nginx:7.4-alpine`, 使用起来并不方便,推荐使用`manifest`来合并镜像. + +### 推送现有镜像 +制作单镜像多架构,需要先把 2 个不同架构的镜像分别推送至 docker hub 上. +所以需要 X86 和 ARM 两台服务器分别执行. +在推送之前可以使用`tag`命令规划好镜像名方便区分. + +- X86 ioiox/php-nginx-x86:latest +- ARM ioiox/php-nginx-arm:latest + +#### X86 +> *注意请使用 X86 服务器,先下载 webdevops 的 X86 版本,重新`tag`并推送至 docker hub.* +```shell +docker pull webdevops/php-nginx:7.4-alpine +docker tag webdevops/php-nginx:7.4-alpine ioiox/php-nginx-x86:latest +docker push ioiox/php-nginx-x86:latest +``` + +#### ARM +> *注意请使用 ARM 服务器将上述构建的 ARM 版`php-nginx:7.4-alpine`重新`tag`并推送至 docker hub.* +```shell +docker tag php-nginx:7.4-alpine ioiox/php-nginx-arm:latest +docker push ioiox/php-nginx-arm:latest +``` + +### 创建 manifest 列表 +创建单镜像的 manifest 列表, 建议加上`tag`,列表中包含了上文推送的 2 个架构的镜像. +> *以下操作可以在任意架构服务器执行* +```shell +docker manifest create ioiox/php-nginx:7.4-alpine \ + ioiox/php-nginx-x86:latest \ + ioiox/php-nginx-arm:latest +``` + +### 设置 manifest 列表 +为对应的架构设置对应的镜像 +```shell +docker manifest annotate ioiox/php-nginx:7.4-alpine \ + ioiox/php-nginx-x86:latest \ + --os linux --arch x86_64 + +docker manifest annotate ioiox/php-nginx:7.4-alpine \ + ioiox/php-nginx-arm:latest \ + --os linux --arch arm64 --variant v8 +``` + +### 查看 manifest 列表 +查看并检查 manifest 列表 +```shell +docker manifest inspect ioiox/php-nginx:7.4-alpine +``` + +### 推送 manifest 列表 +推送 manifest 列表至 docker hub +```shell +docker manifest push ioiox/php-nginx:7.4-alpine +``` + +此时已完成镜像合并,在 X86 或 ARM 服务器上使用`ioiox/php-nginx:7.4-alpine`镜像就会使用各自的架构镜像,同时可以在 docker hub 上删除刚才推送上去的`ioiox/php-nginx-x86:latest`和`ioiox/php-nginx-arm:latest`也不会影响新镜像的使用. diff --git a/base/php-nginx/php/7.4-alpine/Dockerfile b/base/php-nginx/php/7.4-alpine/Dockerfile new file mode 100644 index 0000000..7193fc7 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/Dockerfile @@ -0,0 +1,262 @@ +#+++++++++++++++++++++++++++++++++++++++ +# Dockerfile for webdevops/php-official:7.4-alpine +# -- automatically generated -- +#+++++++++++++++++++++++++++++++++++++++ + + +# Staged baselayout builder +FROM toolbox AS baselayout +RUN mkdir -p \ + /baselayout/sbin \ + /baselayout/usr/local/bin \ + # Baselayout scripts + && wget -O /tmp/baselayout-install.sh https://raw.githubusercontent.com/webdevops/Docker-Image-Baselayout/master/install.sh \ + && sh /tmp/baselayout-install.sh /baselayout \ + ## Install go-replace + && wget -O "/baselayout/usr/local/bin/go-replace" "https://github.com/webdevops/goreplace/releases/download/1.1.2/gr-arm64-linux" \ + && chmod +x "/baselayout/usr/local/bin/go-replace" \ + && "/baselayout/usr/local/bin/go-replace" --version \ + # Install gosu + && wget -O "/baselayout/sbin/gosu" "https://github.com/tianon/gosu/releases/download/1.10/gosu-arm64" \ + && wget -O "/tmp/gosu.asc" "https://github.com/tianon/gosu/releases/download/1.10/gosu-arm64.asc" \ + && export GNUPGHOME="$(mktemp -d)" \ + && gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \ + && gpg --batch --verify /tmp/gosu.asc "/baselayout/sbin/gosu" \ + && rm -rf "$GNUPGHOME" /tmp/gosu.asc \ + && chmod +x "/baselayout/sbin/gosu" \ + && "/baselayout/sbin/gosu" nobody true + + +FROM php:7.4-fpm-alpine + +LABEL maintainer=info@webdevops.io \ + vendor=WebDevOps.io \ + io.webdevops.layout=8 \ + io.webdevops.version=1.5.0 + +ENV TERM="xterm" \ + LANG="C.UTF-8" \ + LC_ALL="C.UTF-8" +ENV DOCKER_CONF_HOME=/opt/docker/ \ + LOG_STDOUT="" \ + LOG_STDERR="" +ENV APPLICATION_USER=application \ + APPLICATION_GROUP=application \ + APPLICATION_PATH=/app \ + APPLICATION_UID=1000 \ + APPLICATION_GID=1000 +ENV PHP_SENDMAIL_PATH="/usr/sbin/sendmail -t -i" +ENV LD_PRELOAD="/usr/lib/preloadable_libiconv.so" +ENV COMPOSER_VERSION="2" + + +# Baselayout copy (from staged image) +COPY --from=baselayout /baselayout / + + +COPY conf/ /opt/docker/ + +RUN set -x \ + # Init bootstrap + # Add community + && echo https://dl-4.alpinelinux.org/alpine/v3.11/community/ >> /etc/apk/repositories \ + # System update + && /usr/local/bin/apk-upgrade \ + # Install base stuff + && apk-install \ + bash \ + ca-certificates \ + openssl \ + && update-ca-certificates \ + && /usr/local/bin/generate-dockerimage-info \ + ## Fix su execution (eg for tests) + && mkdir -p /etc/pam.d/ \ + && echo 'auth sufficient pam_rootok.so' >> /etc/pam.d/su + +RUN set -x \ + # Install services + && chmod +x /opt/docker/bin/* \ + && apk-install \ + supervisor \ + wget \ + curl \ + vim \ + sed \ + tzdata \ + busybox-suid \ + && chmod +s /sbin/gosu \ + && docker-run-bootstrap \ + && docker-image-cleanup + +RUN set -x \ + && apk-install shadow \ + && apk-install \ + # Install common tools + zip \ + unzip \ + bzip2 \ + drill \ + ldns \ + openssh-client \ + rsync \ + patch \ + git \ + && docker-run-bootstrap \ + && docker-image-cleanup + +RUN set -x \ + # Install php environment + && apk-install \ + imagemagick \ + graphicsmagick \ + ghostscript \ + jpegoptim \ + pngcrush \ + optipng \ + pngquant \ + vips \ + rabbitmq-c \ + c-client \ + # Libraries + libldap \ + icu-libs \ + libintl \ + libpq \ + libxslt \ + libzip \ + libmemcached \ + yaml \ + # Build dependencies + autoconf \ + g++ \ + make \ + libtool \ + pcre-dev \ + gettext-dev \ + freetype-dev \ + libjpeg-turbo-dev \ + libpng-dev \ + vips-dev \ + krb5-dev \ + openssl-dev \ + imap-dev \ + imagemagick-dev \ + rabbitmq-c-dev \ + openldap-dev \ + icu-dev \ + postgresql-dev \ + libxml2-dev \ + ldb-dev \ + pcre-dev \ + libxslt-dev \ + libzip-dev \ + libmemcached-dev \ + yaml-dev \ + # Install guetzli + && wget https://github.com/google/guetzli/archive/master.zip \ + && unzip master.zip \ + && make -C guetzli-master \ + && cp guetzli-master/bin/Release/guetzli /usr/local/bin/ \ + && rm -rf master.zip guetzli-master \ + # https://github.com/docker-library/php/issues/240 + && apk add gnu-libiconv --update-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge/testing/ --allow-untrusted \ + # Install new version of ICU + && curl -sS -o /tmp/icu.tar.gz -L https://github.com/unicode-org/icu/releases/download/release-66-1/icu4c-66_1-src.tgz \ + && tar -zxf /tmp/icu.tar.gz -C /tmp && cd /tmp/icu/source && ./configure --prefix=/usr/local && make && make install && cd / && rm -rf /tmp/icu* \ + # Install extensions + && PKG_CONFIG_PATH=/usr/local docker-php-ext-configure intl \ + && docker-php-ext-configure gd --with-jpeg --with-freetype --with-webp \ + && docker-php-ext-configure ldap \ + && PHP_OPENSSL=yes docker-php-ext-configure imap --with-kerberos --with-imap-ssl \ + && docker-php-ext-install \ + bcmath \ + bz2 \ + calendar \ + exif \ + ffi \ + intl \ + gettext \ + ldap \ + mysqli \ + imap \ + pcntl \ + pdo_mysql \ + pdo_pgsql \ + pgsql \ + soap \ + sockets \ + tokenizer \ + sysvmsg \ + sysvsem \ + sysvshm \ + shmop \ + xmlrpc \ + xsl \ + zip \ + gd \ + gettext \ + opcache \ + # Install extensions for PHP 7.x + # Memcached for 7.3 can currently only be built from master + && MEMCACHED="`mktemp -d`" \ + && curl -skL https://github.com/php-memcached-dev/php-memcached/archive/master.tar.gz | tar zxf - --strip-components 1 -C $MEMCACHED \ + && docker-php-ext-configure $MEMCACHED \ + && docker-php-ext-install $MEMCACHED \ + && rm -rf $MEMCACHED \ + # Install vips (only works with PHP >= 7.0) + && pecl install apcu \ + && printf "\n" | pecl install vips \ + && pecl install redis \ + && pecl install mongodb \ + && pecl install imagick \ + && pecl install amqp \ + && pecl install yaml \ + && docker-php-ext-enable \ + apcu \ + redis \ + imagick \ + mongodb \ + amqp \ + vips \ + yaml \ + # Uninstall dev and header packages + && apk del -f --purge \ + autoconf \ + g++ \ + make \ + libtool \ + pcre-dev \ + gettext-dev \ + freetype-dev \ + libjpeg-turbo-dev \ + libpng-dev \ + vips-dev \ + krb5-dev \ + openssl-dev \ + imap-dev \ + rabbitmq-c-dev \ + imagemagick-dev \ + openldap-dev \ + icu-dev \ + postgresql-dev \ + libxml2-dev \ + ldb-dev \ + pcre-dev \ + libxslt-dev \ + libzip-dev \ + libmemcached-dev \ + yaml-dev \ + && rm -f /usr/local/etc/php-fpm.d/zz-docker.conf \ + && curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin/ --filename=composer2 \ + && curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin/ --filename=composer1 --1 \ + && ln -sf /usr/local/bin/composer2 /usr/local/bin/composer \ + # Enable php services + && docker-service enable syslog \ + && docker-service enable cron \ + && docker-run-bootstrap \ + && docker-image-cleanup + +WORKDIR / +EXPOSE 9000 +ENTRYPOINT ["/entrypoint"] +CMD ["supervisord"] diff --git a/base/php-nginx/php/7.4-alpine/Dockerfile.jinja2 b/base/php-nginx/php/7.4-alpine/Dockerfile.jinja2 new file mode 100644 index 0000000..bd57ee1 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/Dockerfile.jinja2 @@ -0,0 +1,39 @@ +{{ baselayout.dockerStage() }} + +{{ docker.fromOfficial("php", "7.4-fpm-alpine") }} + +{{ docker.version() }} + +{{ environment.general() }} +{{ environment.base() }} +{{ environment.baseApp() }} +{{ environment.phpOfficialSendmailWorkaround() }} {# Check if needed #} +{{ environment.phpAlpineIconvWorkaround() }} +{{ environment.phpComposerVersion() }} + +{{ baselayout.copy() }} + +{{ docker.copy('conf/', '/opt/docker/') }} + +RUN set -x \ + {{ bootstrap.alpine('3.11') }} + +RUN set -x \ + {{ base.alpine() }} \ + {{ provision.runBootstrap() }} \ + {{ docker.cleanup() }} + +RUN set -x \ + {{ baseapp.alpine() }} \ + {{ provision.runBootstrap() }} \ + {{ docker.cleanup() }} + +RUN set -x \ + {{ php.officialAlpine(version='7.4') }} \ + {{ provision.runBootstrap() }} \ + {{ docker.cleanup() }} + +{{ docker.workdir('/') }} +{{ docker.expose('9000') }} +{{ docker.entrypoint("/entrypoint") }} +{{ docker.cmd("supervisord") }} diff --git a/base/php-nginx/php/7.4-alpine/conf/VERSION b/base/php-nginx/php/7.4-alpine/conf/VERSION new file mode 100644 index 0000000..301160a --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/VERSION @@ -0,0 +1 @@ +8 \ No newline at end of file diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/bootstrap.sh b/base/php-nginx/php/7.4-alpine/conf/bin/bootstrap.sh new file mode 100644 index 0000000..b1b3acd --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/bootstrap.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +exec docker-run-bootstrap diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/config.sh b/base/php-nginx/php/7.4-alpine/conf/bin/config.sh new file mode 100644 index 0000000..46265a3 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/config.sh @@ -0,0 +1,117 @@ +#!/usr/bin/env bash + +shopt -s nullglob + +### + # Check if current user is root + # + ## +function rootCheck() { + # Root check + if [ "$(/usr/bin/whoami)" != "root" ]; then + echo "[ERROR] $* must be run as root" + exit 1 + fi +} + +### + # Create /docker.stdout and /docker.stderr + # + ## +function createDockerStdoutStderr() { + # link stdout from docker + if [[ -n "$LOG_STDOUT" ]]; then + echo "Log stdout redirected to $LOG_STDOUT" + else + LOG_STDOUT="/proc/$$/fd/1" + fi + + if [[ -n "$LOG_STDERR" ]]; then + echo "Log stderr redirected to $LOG_STDERR" + else + LOG_STDERR="/proc/$$/fd/2" + fi + + ln -f -s "$LOG_STDOUT" /docker.stdout + ln -f -s "$LOG_STDERR" /docker.stderr +} +### + # Include script directory text inside a file + # + # $1 -> path + # + ## +function includeScriptDir() { + if [[ -d "$1" ]]; then + for FILE in "$1"/*.sh; do + echo "-> Executing ${FILE}" + # run custom scripts, only once + . "$FILE" + done + fi +} + +### + # Show deprecation notice + # + ## +function deprecationNotice() { + echo "" + echo "###############################################################################" + echo "### THIS CALL IS DEPRECATED AND WILL BE REMOVED IN THE FUTURE" + echo "###" + echo "### $*" + echo "###" + echo "###############################################################################" + echo "" +} + +### + # Run "entrypoint" scripts + ## +function runEntrypoints() { + ############### + # Try to find entrypoint + ############### + + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" + + if [ -f "$ENTRYPOINT_SCRIPT" ]; then + . "$ENTRYPOINT_SCRIPT" + fi + + ############### + # Run default + ############### + if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then + . /opt/docker/bin/entrypoint.d/default.sh + fi + + exit 1 +} + + # Run "entrypoint" provisioning + ## +function runProvisionEntrypoint() { + includeScriptDir "/opt/docker/provision/entrypoint.d" + includeScriptDir "/entrypoint.d" +} + +### + # List environment variables (based on prefix) + ## +function envListVars() { + if [[ $# -eq 1 ]]; then + env | grep "^${1}" | cut -d= -f1 + else + env | cut -d= -f1 + fi +} + +### + # Get environment variable (even with dots in name) + # + ## +function envGetValue() { + awk "BEGIN {print ENVIRON[\"$1\"]}" +} diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/control.sh b/base/php-nginx/php/7.4-alpine/conf/bin/control.sh new file mode 100644 index 0000000..22d1897 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/control.sh @@ -0,0 +1,160 @@ +#!/usr/bin/env bash + +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value + +source /opt/docker/bin/config.sh + +rootCheck "$0" + +CONTROL_COMMAND="$1" +shift + +case "$CONTROL_COMMAND" in + + ## ------------------------------------------ + ## PROVISION + ## ------------------------------------------ + + ## main roles + "provision.role") + deprecationNotice " Please use >>/opt/docker/bin/provision add --tag bootstrap --tag build --tag onbuild [role]<< for adding provision roles" + /opt/docker/bin/provision add --tag bootstrap --tag build --tag onbuild --tag entrypoint "$1" + ;; + + "provision.role.bootstrap") + deprecationNotice " Please use >>/opt/docker/bin/provision add --tag bootstrap [role]<< for adding provision roles" + /opt/docker/bin/provision add --tag bootstrap "$1" + ;; + + "provision.role.build") + deprecationNotice " Please use >>/opt/docker/bin/provision add --tag build [role]<< for adding provision roles" + /opt/docker/bin/provision add --tag build "$1" + ;; + + "provision.role.onbuild") + deprecationNotice " Please use >>/opt/docker/bin/provision add --tag onbuild [role]<< for adding provision roles" + /opt/docker/bin/provision add --tag onbuild "$1" + ;; + + "provision.role.entrypoint") + deprecationNotice " Please use >>/opt/docker/bin/provision add --tag entrypoint [role]<< for adding provision roles" + /opt/docker/bin/provision add --tag entrypoint "$1" + ;; + + ## startup roles + "provision.role.startup") + deprecationNotice " Please use >>/opt/docker/bin/provision add --tag bootstrap --tag build --tag onbuild --priority 50 [role]<< for adding provision roles" + /opt/docker/bin/provision add --tag bootstrap --tag build --tag onbuild --tag entrypoint --priority 50 "$1" + ;; + + "provision.role.startup.bootstrap") + deprecationNotice " Please use >>/opt/docker/bin/provision add --tag bootstrap --priority 50 [role]<< for adding provision roles" + /opt/docker/bin/provision add --tag bootstrap --priority 50 "$1" + ;; + + "provision.role.startup.build") + deprecationNotice " Please use >>/opt/docker/bin/provision add --tag build --priority 50 [role]<< for adding provision roles" + /opt/docker/bin/provision add --tag build --priority 50 "$1" + ;; + + "provision.role.startup.onbuild") + deprecationNotice " Please use >>/opt/docker/bin/provision add --tag onbuild --priority 50 [role]<< for adding provision roles" + /opt/docker/bin/provision add --tag onbuild --priority 50 "$1" + ;; + + "provision.role.startup.entrypoint") + deprecationNotice " Please use >>/opt/docker/bin/provision add --tag entrypoint --priority 50 [role]<< for adding provision roles" + /opt/docker/bin/provision add --tag entrypoint --priority 50 "$1" + ;; + + ## finish roles + "provision.role.finish") + deprecationNotice " Please use >>/opt/docker/bin/provision add --tag bootstrap --tag build --tag onbuild --priority 200 [role]<< for adding provision roles" + /opt/docker/bin/provision add --tag bootstrap --tag build --tag onbuild --tag entrypoint --priority 200 "$1" + ;; + + "provision.role.finish.bootstrap") + deprecationNotice " Please use >>/opt/docker/bin/provision add --tag bootstrap --priority 200 [role]<< for adding provision roles" + /opt/docker/bin/provision add --tag bootstrap --priority 200 "$1" + ;; + + "provision.role.finish.build") + deprecationNotice " Please use >>/opt/docker/bin/provision add --tag build --priority 200 [role]<< for adding provision roles" + /opt/docker/bin/provision add --tag build --priority 200 "$1" + ;; + + "provision.role.finish.onbuild") + deprecationNotice " Please use >>/opt/docker/bin/provision add --tag onbuild --priority 200 [role]<< for adding provision roles" + /opt/docker/bin/provision add --tag onbuild --priority 200 "$1" + ;; + + "provision.role.finish.entrypoint") + deprecationNotice " Please use >>/opt/docker/bin/provision add --tag entrypoint --priority 200 [role]<< for adding provision roles" + /opt/docker/bin/provision add --tag entrypoint --priority 200 "$1" + ;; + + ## ------------------------------------------ + ## Service + ## ------------------------------------------ + + "service.enable") + deprecationNotice " Please use >>docker-service-enable [service]<<" + docker-service-enable "$1" + ;; + + "service.disable") + deprecationNotice " Please use >>docker-service-disable [service]<<" + docker-service-disable "$1" + ;; + + ## ------------------------------------------ + ## Version + ## ------------------------------------------ + + "version.get") + cat /opt/docker/VERSION + ;; + + "version.require.min") + EXPECTED_VERSION="$1" + CURRENT_VERSION="$(cat /opt/docker/VERSION)" + if [ "$CURRENT_VERSION" -lt "$EXPECTED_VERSION" ]; then + echo "-----------------------------------------------------------" + echo "--- This docker image is not up2date!" + echo "--- " + echo "--- Version expected min: $EXPECTED_VERSION" + echo "--- Version current: $CURRENT_VERSION" + echo "--- " + echo "--- Run 'docker pull ' to update image" + echo "-----------------------------------------------------------" + exit 1 + fi + ;; + + "version.require.max") + EXPECTED_VERSION="$1" + CURRENT_VERSION="$(cat /opt/docker/VERSION)" + if [ "$CURRENT_VERSION" -gt "$EXPECTED_VERSION" ]; then + echo "-----------------------------------------------------------" + echo "--- This docker image is too new!" + echo "--- " + echo "--- Version expected max: $EXPECTED_VERSION" + echo "--- Version current: $CURRENT_VERSION" + echo "-----------------------------------------------------------" + exit 1 + fi + ;; + + + "buildtime.get") + cat /opt/docker/BUILDTIME + ;; + + *) + echo "[ERROR] Invalid controll command: \"${CONTROL_COMMAND}\"" + exit 1 + ;; +esac diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/entrypoint.d/cli.sh b/base/php-nginx/php/7.4-alpine/conf/bin/entrypoint.d/cli.sh new file mode 100644 index 0000000..fe212a8 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/entrypoint.d/cli.sh @@ -0,0 +1,19 @@ +#!/usr/bin/env bash + +############################################# +## Run CLI_SCRIPT from environment variable +############################################# + +if [ -n "${CLI_SCRIPT}" ]; then + if [ -n "$APPLICATION_USER" ]; then + # Run as EFFECTIVE_USER + shift + exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + else + # Run as root + exec ${CLI_SCRIPT} "$@" + fi +else + echo "[ERROR] No CLI_SCRIPT in in docker environment defined" + exit 1 +fi diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/entrypoint.d/default.sh b/base/php-nginx/php/7.4-alpine/conf/bin/entrypoint.d/default.sh new file mode 100644 index 0000000..a1be715 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/entrypoint.d/default.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +exec "$@" diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/entrypoint.d/noop.sh b/base/php-nginx/php/7.4-alpine/conf/bin/entrypoint.d/noop.sh new file mode 100644 index 0000000..092d55d --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/entrypoint.d/noop.sh @@ -0,0 +1,7 @@ +#!/usr/bin/env bash + +############################################# +## NOOP (no operation) +############################################# + +exec tail -f /dev/null diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/entrypoint.d/root.sh b/base/php-nginx/php/7.4-alpine/conf/bin/entrypoint.d/root.sh new file mode 100644 index 0000000..6fa0d06 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/entrypoint.d/root.sh @@ -0,0 +1,14 @@ +#!/usr/bin/env bash + +############################################# +## Root shell +############################################# + +if [ "$#" -eq 1 ]; then + ## No command, fall back to interactive shell + exec bash +else + ## Exec root command + shift + exec "$@" +fi diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/entrypoint.d/supervisord.sh b/base/php-nginx/php/7.4-alpine/conf/bin/entrypoint.d/supervisord.sh new file mode 100644 index 0000000..f214896 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/entrypoint.d/supervisord.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env bash + +############################################# +## Supervisord (start daemons) +############################################# + +## Start services +exec /opt/docker/bin/service.d/supervisor.sh + diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/entrypoint.sh b/base/php-nginx/php/7.4-alpine/conf/bin/entrypoint.sh new file mode 100644 index 0000000..0489b79 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/entrypoint.sh @@ -0,0 +1,46 @@ +#!/usr/bin/env bash + +if [[ -z "$CONTAINER_UID" ]]; then + export CONTAINER_UID="application" +fi + +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value + +# auto elevate privileges (if container is not started as root) +if [[ "$UID" -ne 0 ]]; then + export CONTAINER_UID="$UID" + exec gosu root "$0" "$@" +fi +# remove suid bit on gosu +chmod -s /sbin/gosu + +trap 'echo sigterm ; exit' SIGTERM +trap 'echo sigkill ; exit' SIGKILL + +# sanitize input and set task +TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" + +source /opt/docker/bin/config.sh + +createDockerStdoutStderr + +if [[ "$UID" -eq 0 ]]; then + # Only run provision if user is root + + if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then + # Visible provisioning + runProvisionEntrypoint + else + # Hidden provisioning + runProvisionEntrypoint > /dev/null + fi +fi + +############################# +## COMMAND +############################# + +runEntrypoints "$@" diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/provision b/base/php-nginx/php/7.4-alpine/conf/bin/provision new file mode 100755 index 0000000..418e81d --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/provision @@ -0,0 +1,8 @@ +#!/usr/bin/env bash + +# Install ansible if not installed +if [ -z "`which ansible-playbook`" ]; then + docker-ansible-install +fi + +exec /opt/docker/bin/provision.py "$@" diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/provision.py b/base/php-nginx/php/7.4-alpine/conf/bin/provision.py new file mode 100755 index 0000000..d367c28 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/provision.py @@ -0,0 +1,328 @@ +#!/usr/bin/env python + +import os +import argparse +import json +import sys +from string import Template +from subprocess import call +import tempfile +import time + +STORAGE = '/opt/docker/etc/.registry/provision.json' +PROVISION_DIR = '/opt/docker/provision/' + +PLAYBOOK_TAGS=['bootstrap', 'build', 'onbuild', 'entrypoint'] + +PLAYBOOK = Template( +"""--- + +- hosts: all + vars_files: + - ./variables-webdevops.yml + - ./variables.yml + roles: + - $roles +""") + + + +def readJson(): + ret = {} + + # create registry directory if it doesn't exists + if not os.path.exists(os.path.dirname(STORAGE)): + os.mkdir(os.path.dirname(STORAGE)) + + # try to read file + if os.path.isfile(STORAGE): + f=open(STORAGE).read() + ret = json.loads(f) + + return ret + + + +def saveJson(data): + with open(STORAGE, 'w') as f: + json.dump(data, f) + + + +def buildRoleList(tags): + json = readJson() + roleList = {} + + # fetch roles list for each tag + for tag in tags: + if tag in json: + for role in json[tag]: + roleRow = json[tag][role] + if role not in roleList: + roleList[role] = {} + + if 'tags' not in roleList[role]: + roleList[role]['tags'] = {} + + roleList[role]['role'] = role + roleList[role]['added'] = roleRow['added'] + roleList[role]['priority'] = roleRow['priority'] + roleList[role]['tags'][tag] = tag + + return roleList + + +def buildSortedRoleList(tags): + roleList = buildRoleList(tags) + + # sort list + roleList = sorted(roleList, key=lambda x: (roleList[x]['priority'], roleList[x]['added'])) + + return roleList + + + +def buildPlaybook(roleList): + ## build playbook + ret = PLAYBOOK.substitute( + roles = "\n - ".join(roleList) + ) + + return ret + + +def buildPlaybookFromArgs(args): + roleList = [] + + ## add roles from tag (if use registry is active) + if args.useRegistry and args.tags: + roleList.extend(buildSortedRoleList(args.tags)) + + ## add roles from command arguments + if args.roles: + for role in args.roles: + roleList.extend(role.split(',')) + + if roleList: + return buildPlaybook(roleList) + else: + return False + + + +def actionRun(args): + if args.playbook: + ## predefined playbook + playbook = args.playbook + else: + ## dynamic playbook + playbookContent = buildPlaybookFromArgs(args) + + if playbookContent: + f = tempfile.NamedTemporaryFile(dir=PROVISION_DIR, prefix='playbook.', suffix='.yml', delete=False) + f.write(playbookContent) + f.close() + playbook = f.name + else: + ## nothing to do + sys.exit(0) + + ## build ansible command with args + cmd = [ + 'ansible-playbook', + playbook, + '-i', 'localhost,', + '--connection=local', + ] + + if args.tags: + cmd.extend([ + '--tags=' + ','.join(args.tags) + ]) + + if args.args: + cmd.extend(args.args) + + ## run ansible + retval = call(cmd) + + ## cleanup dynamic playbook + if not args.playbook: + os.unlink(playbook) + + sys.exit(retval) + + + +def actionPlaybook(args): + playbook = buildPlaybookFromArgs(args) + + if playbook: + print playbook + else: + sys.exit(1) + + + +def actionList(args): + json = readJson() + list = {} + + for tag in args.tags: + if tag in json: + for role in json[tag]: + print role + + + +def actionAdd(args): + json = readJson() + + for tag in args.tags: + for role in args.role: + if tag not in json: + json[tag] = {} + + json[tag][role] = { + 'name': role, + 'added': int(time.time()), + 'priority': args.priority + } + + saveJson(json) + + + +def actionSummary(args): + # list all roles in each possible tag + for tag in PLAYBOOK_TAGS: + roleList = buildRoleList([tag]) + if roleList: + maxLength = len(max(roleList.keys(), key=len)) + + print "Roles in " + tag + ":" + for role in roleList: + print ' - ' + role.ljust(maxLength, ' ') + ' [priority: ' + str(roleList[role]['priority']) + ']' + print '' + + + +def main(args): + actions = { + 'list': actionList, + 'add': actionAdd, + 'summary': actionSummary, + 'playbook': actionPlaybook, + 'run': actionRun + } + + func = actions.get(args.action, lambda: "nothing") + return func(args) + + + + +if __name__ == '__main__': + parser = argparse.ArgumentParser() + subparsers = parser.add_subparsers( + title='subcommands', + dest='action' + ) + + ################################### + ## SUMMARY command + summary = subparsers.add_parser('summary') + + ################################### + ## RUN command + run = subparsers.add_parser('run') + run.add_argument( + '--tag', + dest='tags', + choices=PLAYBOOK_TAGS, + required=True, + action='append', + help='Ansible tag' + ) + run.add_argument( + '--playbook', + dest='playbook', + help='Ansible playbook' + ) + run.add_argument( + '--use-registry', + dest='useRegistry', + action='store_true', + help='Use registred roles' + ) + run.add_argument( + '--role', + dest='roles', + action='append', + help='Ansible role' + ) + run.add_argument('args', nargs=argparse.REMAINDER) + + ################################### + ## PLAYBOOK command + playbook = subparsers.add_parser('playbook') + playbook.add_argument( + '--tag', + dest='tags', + choices=PLAYBOOK_TAGS, + required=True, + action='append', + help='Ansible tag' + ) + playbook.add_argument( + '--use-registry', + dest='useRegistry', + action='store_true', + help='Use registred roles' + ) + playbook.add_argument( + '--role', + dest='roles', + action='append', + help='Ansible tag' + ) + playbook.add_argument('args', nargs=argparse.REMAINDER) + + ################################### + ## LIST command + list = subparsers.add_parser('list') + list.add_argument( + '--tag', + dest='tags', + choices=PLAYBOOK_TAGS, + required=True, + action='append', + help='Ansible tag' + ) + list.add_argument('args', nargs=argparse.REMAINDER) + + ################################### + ## ADD command + add = subparsers.add_parser('add') + add.add_argument( + '--tag', + dest='tags', + choices=PLAYBOOK_TAGS, + required=True, + action='append', + help='Ansible tag' + ) + add.add_argument( + '--priority', + type=int, + default=100, + dest='priority', + help='Priority for role [default 100, 1 is most important]' + ) + add.add_argument('role', metavar='roles', nargs='+', help='Ansible roles') + + add.add_argument('args', nargs=argparse.REMAINDER) + + ## Execute + args = parser.parse_args() + main(args) diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/service.d/cron.d/10-init.sh b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/cron.d/10-init.sh new file mode 100644 index 0000000..611edc9 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/cron.d/10-init.sh @@ -0,0 +1,16 @@ +# Install crontab files + +if [[ -d "/opt/docker/etc/cron" ]]; then + mkdir -p /etc/cron.d/ + + find /opt/docker/etc/cron -type f | while read CRONTAB_FILE; do + # fix permissions + chmod 0644 -- "$CRONTAB_FILE" + + # add newline, cron needs this + echo >> "$CRONTAB_FILE" + + # Install files + cp -a -- "$CRONTAB_FILE" "/etc/cron.d/$(basename "$CRONTAB_FILE")" + done +fi diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/service.d/cron.sh b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/cron.sh new file mode 100644 index 0000000..5af1357 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/cron.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env bash + +# Init vars +if [[ -z "$SERVICE_CRON_OPTS" ]]; then SERVICE_CRON_OPTS=""; fi + +source /opt/docker/bin/config.sh + +includeScriptDir "/opt/docker/bin/service.d/cron.d/" + +exec /usr/sbin/crond -f $SERVICE_CRON_OPTS diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/service.d/dnsmasq.d/10-init.sh b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/dnsmasq.d/10-init.sh new file mode 100644 index 0000000..836ebe2 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/dnsmasq.d/10-init.sh @@ -0,0 +1,37 @@ +# Create dnsmasq.d directory if not exists +mkdir -p -- /etc/dnsmasq.d/ + +# Enable /etc/dnsmasq.d/ +go-replace --mode=lineinfile --once \ + -s 'conf-dir' -r 'conf-dir=/etc/dnsmasq.d/,*.conf' \ + -- /etc/dnsmasq.conf + +## clear dns file +echo > /etc/dnsmasq.d/webdevops.conf + +if [ ! -f /etc/resolv.conf.original ]; then + cp -a /etc/resolv.conf /etc/resolv.conf.original + + ## set forward servers + cat /etc/resolv.conf.original | grep nameserver | sed 's/nameserver /server=/' > /etc/dnsmasq.d/forward.conf + + ## set dnsmasq to main nameserver + echo "nameserver 127.0.0.1" > /etc/resolv.conf +fi + + +# Add own VIRTUAL_HOST as loopback +if [[ -n "${VIRTUAL_HOST+x}" ]]; then + # split comma by space + VIRTUAL_HOST_LIST=${VIRTUAL_HOST//,/$'\n'} + + # replace *.domain for dns specific .domain wildcard + VIRTUAL_HOST_LIST=${VIRTUAL_HOST_LIST/\*./.} + + # no support for .* + VIRTUAL_HOST_LIST=${VIRTUAL_HOST_LIST/.\*/.} + + for DOMAIN in $VIRTUAL_HOST_LIST; do + echo "address=/${DOMAIN}/127.0.0.1" >> /etc/dnsmasq.d/webdevops.conf + done +fi diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/service.d/dnsmasq.sh b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/dnsmasq.sh new file mode 100644 index 0000000..b8b4c12 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/dnsmasq.sh @@ -0,0 +1,11 @@ +#!/usr/bin/env bash + +# Init vars +if [[ -z "$SERVICE_DNSMASQ_OPTS" ]]; then SERVICE_DNSMASQ_OPTS=""; fi +if [[ -z "$SERVICE_DNSMASQ_USER" ]]; then SERVICE_DNSMASQ_USER="root"; fi + +source /opt/docker/bin/config.sh + +includeScriptDir "/opt/docker/bin/service.d/dnsmasq.d/" + +exec dnsmasq --keep-in-foreground --user="$SERVICE_DNSMASQ_USER" $SERVICE_DNSMASQ_OPTS diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/service.d/php-fpm.d/10-init.sh b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/php-fpm.d/10-init.sh new file mode 100644 index 0000000..7d0dada --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/php-fpm.d/10-init.sh @@ -0,0 +1,12 @@ +# setup user env +FPM_POOL_CONF="/opt/docker/etc/php/fpm/pool.d/application.conf" + +## Setup container uid +if [[ -n "$CONTAINER_UID" ]]; then + echo "Setting php-fpm user to $CONTAINER_UID" + go-replace --mode=line --regex \ + -s '^[\s;]*user[\s]*=' -r "user = $CONTAINER_UID" \ + -s '^[\s;]*group[\s]*=' -r "group = $CONTAINER_UID" \ + --path=/opt/docker/etc/php/fpm/ \ + --path-pattern='*.conf' +fi diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/service.d/php-fpm.d/11-clear-env.sh b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/php-fpm.d/11-clear-env.sh new file mode 100644 index 0000000..ef6fd40 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/php-fpm.d/11-clear-env.sh @@ -0,0 +1,38 @@ +# +# Workaround for old php-fpm versions which don't have clear_env setting +# + +VARIABLE_LIST="; Workaround for missing clear_env feature in PHP-FPM" + +# For each exported variable +for envVariable in $(printenv|cut -f1 -d=); do + + case "$envVariable" in + "_"|"PATH"|"PWD") + ## ignore this variables + ;; + + *) + ## get content of variable + envVariableContent="${!envVariable}" + + ## php-fpm requires that env variable has to be filled with content + if [[ -n "$envVariableContent" ]]; then + ## quote quotes + envVariableContent=${envVariableContent//\"/\\\"} + + ## add to list + VARIABLE_LIST="${VARIABLE_LIST}"$'\n'"env[${envVariable}] = \"${envVariableContent}\"" + fi + ;; + esac + +done + +# Replace ;#CLEAR_ENV_WORKAROUND# with environment variable list for all php-fpm pool files +go-replace \ + -s ";#CLEAR_ENV_WORKAROUND#" -r "$VARIABLE_LIST" \ + --path=/opt/docker/etc/php/fpm/pool.d/ \ + --path-pattern='*.conf' \ + --ignore-empty + diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/service.d/php-fpm.sh b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/php-fpm.sh new file mode 100644 index 0000000..15374f5 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/php-fpm.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env bash + +# Init vars +if [[ -z "$SERVICE_PHPFPM_OPTS" ]]; then SERVICE_PHPFPM_OPTS=""; fi + +source /opt/docker/bin/config.sh + +includeScriptDir "/opt/docker/bin/service.d/php-fpm.d/" + +exec /usr/local/bin/php-fpm --nodaemonize $SERVICE_PHPFPM_OPTS diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/service.d/postfix.d/10-init.sh b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/postfix.d/10-init.sh new file mode 100644 index 0000000..8257415 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/postfix.d/10-init.sh @@ -0,0 +1,30 @@ +# force new copy of hosts there (otherwise links could be outdated) +mkdir -p /var/spool/postfix/etc +cp -f /etc/hosts /var/spool/postfix/etc/hosts +cp -f /etc/resolv.conf /var/spool/postfix/etc/resolv.conf +cp -f /etc/services /var/spool/postfix/etc/services + +go-replace --mode=line --regex -s '^[\s]*myhostname[\s]*=.*' -r "myhostname = $HOSTNAME" + +# General +go-replace --mode=lineinfile --regex \ + -s '^[\s]*myhostname[\s]*=.*.*' -r "myhostname = $HOSTNAME" \ + -s '^[\s]*inet_interfaces[\s]*=.*' -r "inet_interfaces = 127.0.0.1" \ + -- /etc/postfix/main.cf + +## REPLAYHOST +if [[ -n "${POSTFIX_RELAYHOST+x}" ]]; then + go-replace --mode=lineinfile --regex \ + -s '^[\s]*relayhost[\s]*=.*' -r "relayhost = $POSTFIX_RELAYHOST" \ + -- /etc/postfix/main.cf +fi + +## MYNETWORKS +if [[ -n "${POSTFIX_MYNETWORKS+x}" ]]; then + go-replace --mode=lineinfile --regex \ + -s '^[\s]*mynetworks[\s]*=.*' -r "mynetworks = $POSTFIX_MYNETWORKS" \ + -- /etc/postfix/main.cf +fi + +# generate aliases db +newaliases || : diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/service.d/postfix.sh b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/postfix.sh new file mode 100644 index 0000000..b9e477b --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/postfix.sh @@ -0,0 +1,42 @@ +#!/usr/bin/env bash +# postfix-wrapper.sh, version 0.1.0 +# +# You cannot start postfix in some foreground mode and +# it's more or less important that docker doesn't kill +# postfix and its chilren if you stop the container. +# +# Use this script with supervisord and it will take +# care about starting and stopping postfix correctly. +# +# supervisord config snippet for postfix-wrapper: +# +# [program:postfix] +# process_name = postfix +# command = /path/to/postfix-wrapper.sh +# startsecs = 0 +# autorestart = false +# + +# Init vars +if [[ -z "$SERVICE_POSTFIX_OPTS" ]]; then SERVICE_POSTFIX_OPTS=""; fi + +source /opt/docker/bin/config.sh + +trap "postfix stop" SIGINT +trap "postfix stop" SIGTERM +trap "postfix reload" SIGHUP + +includeScriptDir "/opt/docker/bin/service.d/postfix.d/" + +# start postfix +postfix start $SERVICE_POSTFIX_OPTS + +# lets give postfix some time to start +sleep 3 + +# wait until postfix is dead (triggered by trap) +if [[ -f /var/spool/postfix/pid/master.pid ]]; then + while kill -0 "$(cat /var/spool/postfix/pid/master.pid 2>/dev/null)" &>/dev/null; do + sleep 5 + done +fi diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/service.d/ssh.d/10-init.sh b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/ssh.d/10-init.sh new file mode 100644 index 0000000..f2b6003 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/ssh.d/10-init.sh @@ -0,0 +1,7 @@ +# Init ssh privilege separation directory +mkdir -p /var/run/sshd +chown root:root /var/run/sshd +chmod 755 /var/run/sshd + +# generate host keys +ssh-keygen -A diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/service.d/ssh.sh b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/ssh.sh new file mode 100644 index 0000000..f01e87a --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/ssh.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env bash + +# Init vars +if [[ -z "$SERVICE_SSH_OPTS" ]]; then SERVICE_SSH_OPTS=""; fi + +source /opt/docker/bin/config.sh + +includeScriptDir "/opt/docker/bin/service.d/ssh.d/" + +exec /usr/sbin/sshd -D $SERVICE_SSH_OPTS diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/service.d/supervisor.d/10-init.sh b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/supervisor.d/10-init.sh new file mode 100644 index 0000000..fdffa2a --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/supervisor.d/10-init.sh @@ -0,0 +1 @@ +# placeholder diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/service.d/supervisor.sh b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/supervisor.sh new file mode 100644 index 0000000..5a82a13 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/supervisor.sh @@ -0,0 +1,11 @@ +#!/usr/bin/env bash + +# Init vars +if [[ -z "$SERVICE_SUPERVISOR_OPTS" ]]; then SERVICE_SUPERVISOR_OPTS=""; fi +if [[ -z "$SERVICE_SUPERVISOR_USER" ]]; then SERVICE_SUPERVISOR_USER="root"; fi + +source /opt/docker/bin/config.sh + +includeScriptDir "/opt/docker/bin/service.d/supervisor.d/" + +exec supervisord -c /opt/docker/etc/supervisor.conf --logfile /dev/null --pidfile /dev/null --user "$SERVICE_SUPERVISOR_USER" $SERVICE_SUPERVISOR_OPTS diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/service.d/syslog-ng.d/10-init.sh b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/syslog-ng.d/10-init.sh new file mode 100644 index 0000000..326207e --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/syslog-ng.d/10-init.sh @@ -0,0 +1,10 @@ +# If /dev/log is either a named pipe or it was placed there accidentally, +# e.g. because of the issue documented at https://github.com/phusion/baseimage-docker/pull/25, +# then we remove it. +if [ ! -S /dev/log ]; then rm -f /dev/log; fi +if [ ! -S /var/lib/syslog-ng/syslog-ng.ctl ]; then rm -f /var/lib/syslog-ng/syslog-ng.ctl; fi + +if [[ ! -p /docker.stdout ]]; then + # Switch to file (tty docker mode) + go-replace -s 'pipe("/docker.stdout")' -r 'file("/docker.stdout")' -- /opt/docker/etc/syslog-ng/syslog-ng.conf +fi diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/service.d/syslog-ng.sh b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/syslog-ng.sh new file mode 100644 index 0000000..8e1358c --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/service.d/syslog-ng.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env bash + +# Init vars +if [[ -z "$SERVICE_SYSLOG_OPTS" ]]; then SERVICE_SYSLOG_OPTS=""; fi + +source /opt/docker/bin/config.sh + +includeScriptDir "/opt/docker/bin/service.d/syslog-ng.d/" + +exec syslog-ng -F --no-caps -p /var/run/syslog-ng.pid $SYSLOGNG_OPTS $SERVICE_SYSLOG_OPTS diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/container-file-auto-restore b/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/container-file-auto-restore new file mode 100644 index 0000000..a41fcb3 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/container-file-auto-restore @@ -0,0 +1,26 @@ +#!/usr/bin/env bash + +set -o pipefail ## trace ERR through pipes +set -o errtrace ## trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value + +if [[ "$#" -ne 1 ]]; then + echo "Usage: $0 " + exit 1 +fi + +SOURCE_FILE="$1" +BACKUP_FILE="$(dirname "$1")/.$(basename "$1").bak" + +if [[ -f "$BACKUP_FILE" ]]; then + ## Backup file exists + ## -> container was restarted + ## -> restoring configuration + cp -a -- "$BACKUP_FILE" "$SOURCE_FILE" +else + ## Backup file DOESN'T exists + ## -> container first startup + ## -> backup configuration + cp -a -- "$SOURCE_FILE" "$BACKUP_FILE" +fi diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/docker-ansible-install b/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/docker-ansible-install new file mode 100644 index 0000000..dfb06fc --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/docker-ansible-install @@ -0,0 +1,77 @@ +#!/usr/bin/env bash + +IMAGE_FAMILY=$(docker-image-info family) + +# Installation +case "$IMAGE_FAMILY" in + Debian|Ubuntu) + apt-install \ + python-minimal \ + python-setuptools \ + python-pip \ + python-paramiko \ + python-jinja2 \ + python-dev \ + libffi-dev \ + libssl-dev \ + build-essential + pip install --upgrade pip + hash -r + pip install --no-cache-dir ansible + # Cleanup + apt-get purge -y -f --force-yes \ + python-dev \ + build-essential \ + libssl-dev \ + libffi-dev + + chmod 750 /usr/local/bin/ansible* + ;; + + RedHat) + yum-install \ + epel-release \ + PyYAML \ + python-jinja2 \ + python-httplib2 \ + python-keyczar \ + python-paramiko \ + python-setuptools \ + python-setuptools-devel \ + libffi \ + python-devel \ + libffi-devel + easy_install pip + pip install --upgrade pip + hash -r + pip install --no-cache-dir ansible + # Cleanup + yum erase -y python-devel + + chmod 750 /usr/bin/ansible* + ;; + + Alpine) + apk-install \ + python \ + python-dev \ + py-setuptools \ + py-crypto \ + py2-pip \ + py-cparser \ + py-cryptography \ + py-markupsafe \ + py-cffi \ + py-yaml \ + py-jinja2 \ + py-paramiko + pip install --upgrade pip + hash -r + pip install --no-cache-dir ansible + # Cleanup + apk del python-dev + + chmod 750 /usr/bin/ansible* + ;; +esac +docker-image-cleanup diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/docker-cronjob b/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/docker-cronjob new file mode 100644 index 0000000..2746c75 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/docker-cronjob @@ -0,0 +1,26 @@ +#!/usr/bin/env bash + +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value + +source /opt/docker/bin/config.sh + +rootCheck "$0" + +if [[ "$#" -eq 0 ]]; then + echo "Usage: $0 ''" + exit 1 +fi + +# create crontab file +touch /etc/cron.d/webdevops-docker +chmod 0644 /etc/cron.d/webdevops-docker + +for CRONJOB_LINES in "$@"; do + echo "$CRONJOB_LINES" >> /etc/cron.d/webdevops-docker +done + +# Add required newline at end +echo >> /etc/cron.d/webdevops-docker diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/docker-php-setting b/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/docker-php-setting new file mode 100644 index 0000000..30bbb97 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/docker-php-setting @@ -0,0 +1,44 @@ +#!/usr/bin/env bash + +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value + +# Defaults +PHP_INI_FILE="/opt/docker/etc/php/php.ini" +PHP_VALUE_RAW=0 +PHP_KEY= +PHP_VALUE= + +for arg in "$@"; do + case "$arg" in + --raw) + PHP_VALUE_RAW=1 + shift + ;; + esac +done + +if [[ "$#" -le 2 ]]; then + echo "Usage: $(basename "$0") [--raw] " + exit 1 +fi + +PHP_SETTING_KEY=$1 +shift +PHP_SETTING_VALUE="$@" + +if [[ "$PHP_VALUE_RAW" -eq 0 ]]; then + case "$PHP_SETTING_VALUE" in + ''|*[!0-9]*) + # non numeric + PHP_SETTING_VALUE="\"${PHP_SETTING_VALUE}\"" + ;; + esac +fi + + +echo "$(basename "$0"): Setting php setting: ${PHP_SETTING_KEY} = ${PHP_SETTING_VALUE}" +echo "${PHP_SETTING_KEY} = ${PHP_SETTING_VALUE}" >> "$PHP_INI_FILE" + diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/docker-provision b/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/docker-provision new file mode 100644 index 0000000..4ee715c --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/docker-provision @@ -0,0 +1,9 @@ +#!/usr/bin/env bash + +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value + +# wrapper +exec /opt/docker/bin/provision "$@" diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/docker-service b/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/docker-service new file mode 100644 index 0000000..70a4937 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/docker-service @@ -0,0 +1,89 @@ +#!/usr/bin/env bash + +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value + +if [[ "$#" -le 1 ]]; then + echo "Usage: $0 " + exit 1 +fi + +SERVICE_COMMAND=$1 +shift + +for SERVICE in "$@"; do + RUN_FILE="/opt/docker/bin/service.d/${SERVICE}.sh" + SERVICE_FILE="/opt/docker/etc/supervisor.d/${SERVICE}.conf" + PROVISION_FILE="/opt/docker/provision/service.d/${SERVICE}.sh" + + case "$SERVICE_COMMAND" in + enable) + # Run on demand installation/provisioning + if [[ -f "$PROVISION_FILE" ]]; then + echo "Running provisioning for ${SERVICE}, please wait..." + + ## execute scripts + . "$PROVISION_FILE" + + ## remove directory (one run time) + rm -f -- "$PROVISION_FILE" + fi + + ## Enable service + if [[ -f "$SERVICE_FILE" ]]; then + go-replace --mode=lineinfile \ + -s 'autostart =' -r 'autostart = true' \ + -- "$SERVICE_FILE" + else + echo "[ERROR] Service '${SERVICE}' not found (tried ${SERVICE_FILE})" + exit 1 + fi + ;; + + disable) + ## Disable service + if [[ -f "$SERVICE_FILE" ]]; then + go-replace --mode=lineinfile \ + -s 'autostart =' -r 'autostart = false' \ + -- "$SERVICE_FILE" + else + echo "[ERROR] Service '${SERVICE}' not found (tried ${SERVICE_FILE})" + exit 1 + fi + ;; + + install) + # Run on demand installation/provisioning + if [[ -f "$PROVISION_FILE" ]]; then + echo "Running provisioning for ${SERVICE}, please wait..." + + ## execute scripts + . "$PROVISION_FILE" + + ## remove directory (one run time) + rm -f -- "$PROVISION_FILE" + fi + ;; + + run) + if [[ -f "$RUN_FILE" ]]; then + exec "$RUN_FILE" + else + echo "[ERROR] Service '${SERVICE}' not found (tried ${RUN_FILE})" + exit 1 + fi + ;; + + stop|start|restart|status|pid|check) + service "${SERVICE}" "$SERVICE_COMMAND" + ;; + + *) + echo "[ERROR] $SERVICE_COMMAND is not a valid command" + exit 1 + ;; + esac +done + diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/docker-service-disable b/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/docker-service-disable new file mode 100644 index 0000000..991f249 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/docker-service-disable @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +exec docker-service disable "$@" diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/docker-service-enable b/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/docker-service-enable new file mode 100644 index 0000000..da99c9a --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/docker-service-enable @@ -0,0 +1,4 @@ +#!/usr/bin/env bash + +exec docker-service enable "$@" + diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/service b/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/service new file mode 100755 index 0000000..69874cb --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/service @@ -0,0 +1,86 @@ +#!/usr/bin/env bash + +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value + +# Root check +if [ "$(/usr/bin/whoami)" != "root" ]; then + echo "[ERROR] Must be run as root" + exit 1 +fi + +function serviceHelp() { + echo "Usage: $(basename "$0") " +} + +function getServicePid() { + local serviceName="$1" + local servicePid=$(supervisorctl pid "${serviceName}:${serviceName}d") + + if [[ -z "$servicePid" ]] || [[ "$servicePid" == "0" ]]; then + echo "not running" + exit 1 + fi + + echo $servicePid +} + +# Param check +if [ "$#" -lt 2 ]; then + echo "[ERROR] Missing parameters" + serviceHelp + exit 1 +fi + +############################# +# Param init +############################# + +SERVICENAME="$1" +ACTION="$2" + +############################# +# Service aliases +############################# +case "$SERVICENAME" in + apache2|httpd) + SERVICENAME="apache" + ;; +esac + +############################# +# Action runner +############################# +case "$ACTION" in + stop|start|restart|status) + exec supervisorctl "$ACTION" "${SERVICENAME}:${SERVICENAME}d" + ;; + + pid) + echo $(getServicePid "${SERVICENAME}") + ;; + + check) + FIRST_PID=$(getServicePid "${SERVICENAME}") + sleep 5 + SECOND_PID=$(getServicePid "${SERVICENAME}") + + if [[ "$FIRST_PID" == "$SECOND_PID" ]]; then + echo "ok" + exit 0 + else + echo "not running" + exit 1 + fi + ;; + + + *) + echo "[ERROR] Invalid action" + serviceHelp + exit 1 + ;; + +esac diff --git a/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/version-compare b/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/version-compare new file mode 100644 index 0000000..ca450b0 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/bin/usr-bin/version-compare @@ -0,0 +1,43 @@ +#!/usr/bin/env bash + +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value + +function versionCompare () { + if [[ $1 == $2 ]] + then + echo -n '=' + return + fi + local IFS=. + local i ver1=($1) ver2=($2) + # fill empty fields in ver1 with zeros + for ((i=${#ver1[@]}; i<${#ver2[@]}; i++)) + do + ver1[i]=0 + done + for ((i=0; i<${#ver1[@]}; i++)) + do + if [[ -z ${ver2[i]} ]] + then + # fill empty fields in ver2 with zeros + ver2[i]=0 + fi + if ((10#${ver1[i]} > 10#${ver2[i]})) + then + echo -n '>' + return + fi + if ((10#${ver1[i]} < 10#${ver2[i]})) + then + echo -n '<' + return + fi + done + + echo -n '=' +} + +versionCompare "$1" "$2" diff --git a/base/php-nginx/php/7.4-alpine/conf/etc/cron/.gitkeep b/base/php-nginx/php/7.4-alpine/conf/etc/cron/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/base/php-nginx/php/7.4-alpine/conf/etc/logrotate.d/php5-fpm b/base/php-nginx/php/7.4-alpine/conf/etc/logrotate.d/php5-fpm new file mode 100644 index 0000000..e6ef4b1 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/etc/logrotate.d/php5-fpm @@ -0,0 +1,12 @@ +/var/log/php5-fpm/fpm.log +/var/log/php5-fpm/access.log +/var/log/php5-fpm/slow.log +/var/log/php5-fpm/error.log { + missingok + notifempty + sharedscripts + delaycompress + postrotate + /bin/kill -SIGUSR1 `cat /var/run/php5-fpm.pid` 2>/dev/null || true + endscript +} diff --git a/base/php-nginx/php/7.4-alpine/conf/etc/logrotate.d/syslog-ng b/base/php-nginx/php/7.4-alpine/conf/etc/logrotate.d/syslog-ng new file mode 100644 index 0000000..4a6f9c5 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/etc/logrotate.d/syslog-ng @@ -0,0 +1,38 @@ +/var/log/syslog +{ + rotate 7 + daily + missingok + notifempty + delaycompress + compress + postrotate + /bin/kill -HUP `cat /var/run/syslog-ng.pid 2> /dev/null` > /dev/null + endscript +} + +/var/log/mail.info +/var/log/mail.warn +/var/log/mail.err +/var/log/mail.log +/var/log/daemon.log +/var/log/kern.log +/var/log/auth.log +/var/log/user.log +/var/log/lpr.log +/var/log/cron.log +/var/log/debug +/var/log/messages +{ + rotate 4 + weekly + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + /bin/kill -HUP `cat /var/run/syslog-ng.pid 2> /dev/null` > /dev/null + supervisorctl restart syslog-ng-stdout > /dev/null + endscript +} \ No newline at end of file diff --git a/base/php-nginx/php/7.4-alpine/conf/etc/php/conf.d/.gitkeep b/base/php-nginx/php/7.4-alpine/conf/etc/php/conf.d/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/base/php-nginx/php/7.4-alpine/conf/etc/php/fpm/.gitkeep b/base/php-nginx/php/7.4-alpine/conf/etc/php/fpm/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/base/php-nginx/php/7.4-alpine/conf/etc/php/php.ini b/base/php-nginx/php/7.4-alpine/conf/etc/php/php.ini new file mode 100644 index 0000000..4472121 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/etc/php/php.ini @@ -0,0 +1 @@ +; placeholder diff --git a/base/php-nginx/php/7.4-alpine/conf/etc/php/php.webdevops.ini b/base/php-nginx/php/7.4-alpine/conf/etc/php/php.webdevops.ini new file mode 100644 index 0000000..aa1545a --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/etc/php/php.webdevops.ini @@ -0,0 +1,34 @@ +; ------------------------------------- +; Docker Webdevops PHP configuration +; ------------------------------------- + +; this file will overwrite default php.ini settings + +display_errors = 0 +log_errors = 1 + +short_open_tag = Off +variables_order = 'GPCS' +request_order = 'GP' + +allow_url_fopen = On +allow_url_include = Off + +memory_limit = 512M +max_execution_time = 300 +max_input_time = 300 +post_max_size = 50M +upload_max_filesize = 50M +max_input_vars = 5000 + +expose_php = Off + +date.timezone = UTC + +mysql.default_host = mysql +mysqli.default_host = mysql + +opcache.memory_consumption = 256 +opcache.interned_strings_buffer = 16 +opcache.max_accelerated_files = 7963 +opcache.fast_shutdown = 1 diff --git a/base/php-nginx/php/7.4-alpine/conf/etc/supervisor.conf b/base/php-nginx/php/7.4-alpine/conf/etc/supervisor.conf new file mode 100644 index 0000000..479e0db --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/etc/supervisor.conf @@ -0,0 +1,20 @@ +[supervisord] +nodaemon=true + +[unix_http_server] +file = /.supervisor.sock +chmod = 0700 +chown = root:root +username = root +password = {SHA}e982f17bcbe0f724063b708a4f76db211a999304 + +[supervisorctl] +serverurl = unix:///.supervisor.sock +username = root +password = docker + +[rpcinterface:supervisor] +supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface + +[include] +files = /opt/docker/etc/supervisor.d/*.conf diff --git a/base/php-nginx/php/7.4-alpine/conf/etc/supervisor.d/.gitkeep b/base/php-nginx/php/7.4-alpine/conf/etc/supervisor.d/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/base/php-nginx/php/7.4-alpine/conf/etc/supervisor.d/cron.conf b/base/php-nginx/php/7.4-alpine/conf/etc/supervisor.d/cron.conf new file mode 100644 index 0000000..ef0a716 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/etc/supervisor.d/cron.conf @@ -0,0 +1,14 @@ +[group:cron] +programs=crond +priority=25 + +[program:crond] +command = /opt/docker/bin/service.d/cron.sh +process_name=%(program_name)s +startsecs = 0 +autostart = false +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/base/php-nginx/php/7.4-alpine/conf/etc/supervisor.d/dnsmasq.conf b/base/php-nginx/php/7.4-alpine/conf/etc/supervisor.d/dnsmasq.conf new file mode 100644 index 0000000..9832ffc --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/etc/supervisor.d/dnsmasq.conf @@ -0,0 +1,14 @@ +[group:dnsmasq] +programs=dnsmasqd +priority=15 + +[program:dnsmasqd] +command = /opt/docker/bin/service.d/dnsmasq.sh +process_name=%(program_name)s +startsecs = 0 +autostart = false +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/base/php-nginx/php/7.4-alpine/conf/etc/supervisor.d/php-fpm.conf b/base/php-nginx/php/7.4-alpine/conf/etc/supervisor.d/php-fpm.conf new file mode 100644 index 0000000..5781f5b --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/etc/supervisor.d/php-fpm.conf @@ -0,0 +1,15 @@ +[group:php-fpm] +programs=php-fpmd +priority=20 + +[program:php-fpmd] +command = /opt/docker/bin/service.d/php-fpm.sh +process_name=%(program_name)s +startsecs = 0 +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 + diff --git a/base/php-nginx/php/7.4-alpine/conf/etc/supervisor.d/postfix.conf b/base/php-nginx/php/7.4-alpine/conf/etc/supervisor.d/postfix.conf new file mode 100644 index 0000000..b8d70bb --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/etc/supervisor.d/postfix.conf @@ -0,0 +1,15 @@ +[group:postfix] +programs=postfixd +priority=30 + +[program:postfixd] +directory = /etc/postfix +command = /opt/docker/bin/service.d/postfix.sh +process_name=%(program_name)s +startsecs = 0 +autostart = false +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/base/php-nginx/php/7.4-alpine/conf/etc/supervisor.d/ssh.conf b/base/php-nginx/php/7.4-alpine/conf/etc/supervisor.d/ssh.conf new file mode 100644 index 0000000..0ecd798 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/etc/supervisor.d/ssh.conf @@ -0,0 +1,14 @@ +[group:ssh] +programs=sshd +priority=30 + +[program:sshd] +command = /opt/docker/bin/service.d/ssh.sh +process_name=%(program_name)s +startsecs=0 +autostart = false +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/base/php-nginx/php/7.4-alpine/conf/etc/supervisor.d/syslog.conf b/base/php-nginx/php/7.4-alpine/conf/etc/supervisor.d/syslog.conf new file mode 100644 index 0000000..20d1e23 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/etc/supervisor.d/syslog.conf @@ -0,0 +1,13 @@ +[group:syslog] +programs=syslogd +priority=10 + +[program:syslogd] +command = /opt/docker/bin/service.d/syslog-ng.sh +process_name=%(program_name)s +autostart = false +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/base/php-nginx/php/7.4-alpine/conf/etc/syslog-ng/syslog-ng.conf b/base/php-nginx/php/7.4-alpine/conf/etc/syslog-ng/syslog-ng.conf new file mode 100644 index 0000000..c698415 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/etc/syslog-ng/syslog-ng.conf @@ -0,0 +1,48 @@ +@version: 3.5 + +template t_isostamp { + # syslog-t_isostamp START + template("[SYSLOG] $MSGHDR$MSG\n"); + # syslog-t_isostamp END +}; + +options { + # syslog-options START + file-template(t_isostamp); + chain_hostnames(off); + flush_lines(0); + use-dns(no); + use_fqdn(no); + owner("root"); + group("adm"); + perm(0640); + stats_freq(0); + # syslog-options START +}; + +source s_src { + # syslog-s_src START + unix-stream("/dev/log"); + internal(); + # syslog-s_src END +}; + +filter f_filter { + # syslog-f_filter START + not facility(auth, authpriv); + # syslog-f_filter END +}; + +destination d_all { + # syslog-d_all START + pipe("/docker.stdout"); + # syslog-d_all END +}; + +log { + # syslog-log START + source(s_src); + filter(f_filter); + destination(d_all); + # syslog-log START +}; diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/ansible.cfg b/base/php-nginx/php/7.4-alpine/conf/provision/ansible.cfg new file mode 100644 index 0000000..e69de29 diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/.gitkeep b/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/10-entrypoint.sh b/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/10-entrypoint.sh new file mode 100644 index 0000000..413e7b3 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/10-entrypoint.sh @@ -0,0 +1,14 @@ +#!/usr/bin/env bash + +# Link main entrypoint script to /entrypoint +ln -sf /opt/docker/bin/entrypoint.sh /entrypoint + +# Link entrypoint cmd shortcut conf directory to /entrypoint.cmd +ln -sf /opt/docker/bin/entrypoint.d /entrypoint.cmd + +# Create /entrypoint.d +mkdir -p /entrypoint.d +chmod 700 /entrypoint.d +chown root:root /entrypoint.d + + diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/10-permissions.sh b/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/10-permissions.sh new file mode 100644 index 0000000..20d602b --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/10-permissions.sh @@ -0,0 +1,2 @@ +#!/usr/bin/env bash + diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/10-php-init.sh b/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/10-php-init.sh new file mode 100644 index 0000000..db0141b --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/10-php-init.sh @@ -0,0 +1,4 @@ +#!/usr/bin/env bash + +PHP_VERSION=$(php -r 'echo phpversion();' | cut -d '-' -f 1) +IMAGE_FAMILY=$(docker-image-info family) diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/10-supervisor.sh b/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/10-supervisor.sh new file mode 100644 index 0000000..311daee --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/10-supervisor.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env bash + +# Remove /usr/sbin/service (images have custom service script) +rm -rf /usr/sbin/service + +# Remove existing supervisor configuration +rm -rf -- /etc/supervisor* + +# Link supervisor configuration script +ln -sf /opt/docker/etc/supervisor.conf /etc/supervisord.conf diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/10-user-application.sh b/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/10-user-application.sh new file mode 100644 index 0000000..7a7b42f --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/10-user-application.sh @@ -0,0 +1,8 @@ +#!/usr/bin/env bash + +# Add group +addgroup -g "$APPLICATION_GID" "$APPLICATION_GROUP" + +# Add user +adduser -D -u "$APPLICATION_UID" -h "/home/application" -s /bin/bash -G $APPLICATION_GROUP "$APPLICATION_USER" + diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/11-php-conf.sh b/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/11-php-conf.sh new file mode 100644 index 0000000..ee56cca --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/11-php-conf.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env bash + +PHP_CLEAR_ENV_AVAILABLE=1 + +PHP_ETC_DIR=/usr/local/etc/php +PHP_MAIN_CONF=/usr/local/etc/php-fpm.conf +PHP_POOL_CONF=www.conf +PHP_POOL_DIR=/usr/local/etc/php-fpm.d +PHP_FPM_BIN=/usr/local/sbin/php-fpm +PHP_MOD_INI_DIR=/usr/local/etc/php/conf.d diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/20-app.sh b/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/20-app.sh new file mode 100644 index 0000000..749966b --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/20-app.sh @@ -0,0 +1,5 @@ +#!/usr/bin/env bash + +# Create /app folder +mkdir -p /app +chown "$APPLICATION_USER":"$APPLICATION_GROUP" /app diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/20-setup-php-fpm-pool.sh b/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/20-setup-php-fpm-pool.sh new file mode 100644 index 0000000..121788e --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/20-setup-php-fpm-pool.sh @@ -0,0 +1,45 @@ +#!/usr/bin/env bash + +# Rename pool file file to application.conf +if [[ ! -f "/opt/docker/etc/php/fpm/pool.d/application.conf" ]]; then + # Move php-fpm pool directory file to /opt/docker/etc/php/ + mv -- "$PHP_POOL_DIR" /opt/docker/etc/php/fpm/pool.d + + mv -- "/opt/docker/etc/php/fpm/pool.d/${PHP_POOL_CONF}" /opt/docker/etc/php/fpm/pool.d/application.conf +fi + +# Remove php-fpm pool directory +rm -rf -- "$PHP_POOL_DIR" + +# Symlink php-fpm pool file to original destination +ln -sf -- /opt/docker/etc/php/fpm/pool.d "$PHP_POOL_DIR" + +# Configure php-fpm pool (application.conf) +go-replace --mode=lineinfile --regex \ + -s '^[\s;]*catch_workers_output[\s]*=' -r 'catch_workers_output = yes' \ + -s '^[\s;]*access.format[\s]*=' -r 'access.format = "[php-fpm:access] %R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"' \ + -s '^[\s;]*access.log[\s]*=' -r 'access.log = /docker.stdout' \ + -s '^[\s;]*slowlog[\s]*=' -r 'slowlog = /docker.stderr' \ + -s '^[\s;]*php_admin_value\[error_log\][\s]*=' -r 'php_admin_value[error_log] = /docker.stderr' \ + -s '^[\s;]*php_admin_value\[log_errors\][\s]*=' -r 'php_admin_value[log_errors] = on' \ + -s '^[\s;]*listen.allowed_clients[\s]*=' -r ";listen.allowed_clients" \ + -- /opt/docker/etc/php/fpm/pool.d/application.conf + +# Fix user setting +go-replace --mode=line --regex \ + -s '^[\s;]*user[\s]*=' -r "user = $APPLICATION_USER" \ + -s '^[\s;]*group[\s]*=' -r "group = $APPLICATION_GROUP" \ + --path=/opt/docker/etc/php/fpm/ \ + --path-pattern='*.conf' + +if [[ "$PHP_CLEAR_ENV_AVAILABLE" -eq 1 ]]; then + # Clear env setting available, disable clearing of environment variables + go-replace --mode=lineinfile --regex \ + -s '^[\s;]*clear_env[\s]*=' -r 'clear_env = no' \ + -- /opt/docker/etc/php/fpm/pool.d/application.conf + rm -f /opt/docker/bin/service.d/php-fpm.d/11-clear-env.sh +else + # Append clear env workaround in php-fpm pool (old php-fpm versions) + echo ';#CLEAR_ENV_WORKAROUND#' >> /opt/docker/etc/php/fpm/pool.d/application.conf + +fi diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/20-setup-php-fpm.sh b/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/20-setup-php-fpm.sh new file mode 100644 index 0000000..873ddf6 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/20-setup-php-fpm.sh @@ -0,0 +1,43 @@ +#!/usr/bin/env bash + +# Link main php-fpm binary +ln -sf -- "$PHP_FPM_BIN" /usr/local/bin/php-fpm + +# Move php-fpm main file to /opt/docker/etc/php/fpm/ and create symlink +if [[ ! -f /opt/docker/etc/php/fpm/php-fpm.conf ]]; then + mv -- "$PHP_MAIN_CONF" /opt/docker/etc/php/fpm/php-fpm.conf +else + rm -f -- "PHP_MAIN_CONF" +fi +ln -sf -- /opt/docker/etc/php/fpm/php-fpm.conf "$PHP_MAIN_CONF" + +# Configure php-fpm main (all versions) +go-replace --mode=lineinfile --regex \ + --lineinfile-after='\[global\]' \ + -s '^[\s;]*error_log[\s]*=' -r 'error_log = /docker.stderr' \ + -s '^[\s;]*pid[\s]*=' -r 'pid = /var/run/php-fpm.pid' \ + -- /opt/docker/etc/php/fpm/php-fpm.conf + +if [[ "$(version-compare "$PHP_VERSION" "5.5.999")" == "<" ]]; then + # listen on public IPv4 port + # no ipv6 sockets available for old php version + go-replace --mode=line --regex \ + -s '^[\s;]*listen[\s]*=' -r 'listen = 0.0.0.0:9000' \ + --path=/opt/docker/etc/php/fpm/ \ + --path-pattern='*.conf' +else + # listen on public IPv6 port + go-replace --mode=line --regex \ + -s '^[\s;]*listen[\s]*=' -r 'listen = [::]:9000' \ + --path=/opt/docker/etc/php/fpm/ \ + --path-pattern='*.conf' + +fi + +if [[ "$(version-compare "$PHP_VERSION" "5.99.999")" == "<" ]]; then + # Configure php-fpm main (php 5.x) + go-replace --mode=lineinfile --regex \ + --lineinfile-after='\[global\]' \ + -s '^[\s;]*daemonize[\s]*=' -r 'daemonize = no' \ + -- /opt/docker/etc/php/fpm/php-fpm.conf +fi diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/20-setup-php.sh b/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/20-setup-php.sh new file mode 100644 index 0000000..71caa48 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/20-setup-php.sh @@ -0,0 +1,11 @@ +#!/usr/bin/env bash + +case "$IMAGE_FAMILY" in + Debian|Ubuntu|Alpine) + # Register webdevops ini + ln -sf "/opt/docker/etc/php/php.webdevops.ini" "${PHP_ETC_DIR}/conf.d/98-webdevops.ini" + + # Register custom php ini + ln -sf "/opt/docker/etc/php/php.ini" "${PHP_ETC_DIR}/conf.d/99-docker.ini" + ;; +esac diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/30-setup-ioncube.sh b/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/30-setup-ioncube.sh new file mode 100644 index 0000000..18a6a9e --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/30-setup-ioncube.sh @@ -0,0 +1,45 @@ +#!/usr/bin/env bash + +echo "Installing ionCube loader" + +DOWNLOAD_URL="http://downloads3.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz" +TMP_FILE="/tmp/ioncube_loaders.tar.gz" + +echo "Downloading ..." +curl -sS ${DOWNLOAD_URL} -o ${TMP_FILE} +echo "Unpacking ..." +tar -xzf ${TMP_FILE} -C /tmp + +PHP_VERSION=`php -v | head -1 | grep -o 'PHP [0-9].[0-9]' | sed -r 's/PHP //g'` +PHP_EXTENSION_DIR=`php -i | grep -o -m 1 'extension_dir .* =' | sed -r 's/extension_dir => //g' | sed -r 's/ =//g'` +MOD_INI="${PHP_MOD_INI_DIR}/00-ioncube.ini" +SO_FILE="${PHP_EXTENSION_DIR}/ioncube_loader_lin_${PHP_VERSION}.so" + +echo "PHP-VERSION: ${PHP_VERSION}" +echo "PHP-EXTENSION-DIR: ${PHP_EXTENSION_DIR}" +if [[ ! -f "/tmp/ioncube/ioncube_loader_lin_${PHP_VERSION}.so" ]]; then + echo "There is no ioncube available for PHP${PHP_VERSION}, skipping installation" +else + echo "Installing ${SO_FILE}" + cp "/tmp/ioncube/ioncube_loader_lin_${PHP_VERSION}.so" ${SO_FILE} + + echo "Writing module ini" + echo "[ioncube]" > ${MOD_INI} + echo "zend_extension = ${SO_FILE}" >> ${MOD_INI} + echo "; priority=01" >> ${MOD_INI} + + echo "Cleaning up" + rm -rf $TMP_FILE + rm -rf /tmp/ioncube + + echo "Enabling ionCube PHP module" + case "$IMAGE_FAMILY" in + Debian|Ubuntu) + # Enable ionCube (if available) + if [[ -f "${PHP_ETC_DIR}/mods-available/00-ioncube.ini" ]]; then + ln -sf "${PHP_ETC_DIR}/mods-available/00-ioncube.ini" "${PHP_ETC_DIR}/cli/conf.d/00-ioncube.ini" + ln -sf "${PHP_ETC_DIR}/mods-available/00-ioncube.ini" "${PHP_ETC_DIR}/fpm/conf.d/00-ioncube.ini" + fi + ;; + esac +fi diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/90-cleanup.sh b/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/90-cleanup.sh new file mode 100644 index 0000000..3ca393d --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/provision/bootstrap.d/90-cleanup.sh @@ -0,0 +1,12 @@ +#!/usr/bin/env bash + +# Remove default cronjobs +rm -f -- \ + /etc/cron.daily/logrotate \ + /etc/cron.daily/apt-compat \ + /etc/cron.daily/dpkg \ + /etc/cron.daily/passwd \ + /etc/cron.daily/0yum-daily.cron \ + /etc/cron.daily/logrotate \ + /etc/cron.hourly/0yum-hourly.cron \ + /etc/periodic/daily/logrotate diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/build.d/.gitkeep b/base/php-nginx/php/7.4-alpine/conf/provision/build.d/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/build.d/10-cleanup.sh b/base/php-nginx/php/7.4-alpine/conf/provision/build.d/10-cleanup.sh new file mode 100644 index 0000000..41031b7 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/provision/build.d/10-cleanup.sh @@ -0,0 +1,7 @@ +#!/usr/bin/env bash + +## remove logs (each bootstrap) +rm -rf -- /var/log/* +rm -rf -- /var/tmp/* +rm -rf -- /tmp/* +rm -rf -- /root/.profile diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/entrypoint.d/.gitkeep b/base/php-nginx/php/7.4-alpine/conf/provision/entrypoint.d/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/entrypoint.d/05-permissions.sh b/base/php-nginx/php/7.4-alpine/conf/provision/entrypoint.d/05-permissions.sh new file mode 100644 index 0000000..6f77d8e --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/provision/entrypoint.d/05-permissions.sh @@ -0,0 +1,2 @@ +# Fix rights of /tmp (can be a volume) +chmod 1777 /tmp diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/entrypoint.d/20-php-fpm.sh b/base/php-nginx/php/7.4-alpine/conf/provision/entrypoint.d/20-php-fpm.sh new file mode 100644 index 0000000..5ab722c --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/provision/entrypoint.d/20-php-fpm.sh @@ -0,0 +1,80 @@ +####################################### +### FPM MAIN +####################################### + +container-file-auto-restore "/opt/docker/etc/php/fpm/php-fpm.conf" + +echo '' >> /opt/docker/etc/php/fpm/php-fpm.conf +echo '; container env settings' >> /opt/docker/etc/php/fpm/php-fpm.conf +echo '[global]' >> /opt/docker/etc/php/fpm/php-fpm.conf + +if [[ -n "${FPM_PROCESS_MAX+x}" ]]; then + echo "process.max = ${FPM_PROCESS_MAX}" >> /opt/docker/etc/php/fpm/php-fpm.conf +fi + +# General fpm main setting +for ENV_VAR in $(envListVars "fpm\.global\."); do + env_key=${ENV_VAR#fpm.global.} + env_val=$(envGetValue "$ENV_VAR") + + echo "$env_key = ${env_val}" >> /opt/docker/etc/php/fpm/php-fpm.conf +done + +####################################### +### FPM POOL +####################################### + +container-file-auto-restore "/opt/docker/etc/php/fpm/pool.d/application.conf" + +echo '' >> /opt/docker/etc/php/fpm/pool.d/application.conf +echo '; container env settings' >> /opt/docker/etc/php/fpm/pool.d/application.conf + +# General fpm pool setting +for ENV_VAR in $(envListVars "fpm\.pool\."); do + env_key=${ENV_VAR#fpm.pool.} + env_val=$(envGetValue "$ENV_VAR") + + echo "$env_key = ${env_val}" >> /opt/docker/etc/php/fpm/pool.d/application.conf +done + + +if [[ -n "${FPM_PM_MAX_CHILDREN+x}" ]]; then + echo "pm.max_children = ${FPM_PM_MAX_CHILDREN}" >> /opt/docker/etc/php/fpm/pool.d/application.conf +fi + +if [[ -n "${FPM_PM_START_SERVERS+x}" ]]; then + echo "pm.start_servers = ${FPM_PM_START_SERVERS}" >> /opt/docker/etc/php/fpm/pool.d/application.conf +fi + +if [[ -n "${FPM_PM_MIN_SPARE_SERVERS+x}" ]]; then + echo "pm.min_spare_servers = ${FPM_PM_MIN_SPARE_SERVERS}" >> /opt/docker/etc/php/fpm/pool.d/application.conf +fi + +if [[ -n "${FPM_PM_MAX_SPARE_SERVERS+x}" ]]; then + echo "pm.max_spare_servers = ${FPM_PM_MAX_SPARE_SERVERS}" >> /opt/docker/etc/php/fpm/pool.d/application.conf +fi + +if [[ -n "${FPM_PROCESS_IDLE_TIMEOUT+x}" ]]; then + echo "pm.process_idle_timeout = ${FPM_PROCESS_IDLE_TIMEOUT}" >> /opt/docker/etc/php/fpm/pool.d/application.conf +fi + +if [[ -n "${FPM_MAX_REQUESTS+x}" ]]; then + echo "pm.max_requests = ${FPM_MAX_REQUESTS}" >> /opt/docker/etc/php/fpm/pool.d/application.conf +fi + +if [[ -n "${FPM_REQUEST_TERMINATE_TIMEOUT+x}" ]]; then + echo "request_terminate_timeout = ${FPM_REQUEST_TERMINATE_TIMEOUT}" >> /opt/docker/etc/php/fpm/pool.d/application.conf +fi + +if [[ -n "${FPM_RLIMIT_FILES+x}" ]]; then + echo "rlimit_files = ${FPM_RLIMIT_FILES}" >> /opt/docker/etc/php/fpm/pool.d/application.conf +fi + +if [[ -n "${FPM_RLIMIT_CORE+x}" ]]; then + echo "rlimit_core = ${FPM_RLIMIT_CORE}" >> /opt/docker/etc/php/fpm/pool.d/application.conf +fi + +# Workaround for official PHP images +if [[ -n "${PHP_SENDMAIL_PATH+x}" ]]; then + echo "php_admin_value[sendmail_path] = ${PHP_SENDMAIL_PATH}" >> /opt/docker/etc/php/fpm/pool.d/application.conf +fi diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/entrypoint.d/20-php.sh b/base/php-nginx/php/7.4-alpine/conf/provision/entrypoint.d/20-php.sh new file mode 100644 index 0000000..2e208fb --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/provision/entrypoint.d/20-php.sh @@ -0,0 +1,75 @@ +container-file-auto-restore "/opt/docker/etc/php/php.webdevops.ini" + +echo '' >> /opt/docker/etc/php/php.webdevops.ini +echo '; container env settings' >> /opt/docker/etc/php/php.webdevops.ini + +# General php setting +for ENV_VAR in $(envListVars "php\."); do + env_key=${ENV_VAR#php.} + env_val=$(envGetValue "$ENV_VAR") + + echo "$env_key = ${env_val}" >> /opt/docker/etc/php/php.webdevops.ini +done + + +if [[ -n "${PHP_DATE_TIMEZONE+x}" ]]; then + echo "date.timezone = ${PHP_DATE_TIMEZONE}" >> /opt/docker/etc/php/php.webdevops.ini +fi + +if [[ -n "${PHP_DISPLAY_ERRORS+x}" ]]; then + echo "display_errors = ${PHP_DISPLAY_ERRORS}" >> /opt/docker/etc/php/php.webdevops.ini +fi + +if [[ -n "${PHP_MEMORY_LIMIT+x}" ]]; then + echo "memory_limit = ${PHP_MEMORY_LIMIT}" >> /opt/docker/etc/php/php.webdevops.ini +fi + +if [[ -n "${PHP_MAX_EXECUTION_TIME+x}" ]]; then + echo "max_execution_time = ${PHP_MAX_EXECUTION_TIME}" >> /opt/docker/etc/php/php.webdevops.ini +fi + +if [[ -n "${PHP_POST_MAX_SIZE+x}" ]]; then + echo "post_max_size = ${PHP_POST_MAX_SIZE}" >> /opt/docker/etc/php/php.webdevops.ini +fi + +if [[ -n "${PHP_UPLOAD_MAX_FILESIZE+x}" ]]; then + echo "upload_max_filesize = ${PHP_UPLOAD_MAX_FILESIZE}" >> /opt/docker/etc/php/php.webdevops.ini +fi + +if [[ -n "${PHP_OPCACHE_MEMORY_CONSUMPTION+x}" ]]; then + echo "opcache.memory_consumption = ${PHP_OPCACHE_MEMORY_CONSUMPTION}" >> /opt/docker/etc/php/php.webdevops.ini +fi + +if [[ -n "${PHP_OPCACHE_MAX_ACCELERATED_FILES+x}" ]]; then + echo "opcache.max_accelerated_files = ${PHP_OPCACHE_MAX_ACCELERATED_FILES}" >> /opt/docker/etc/php/php.webdevops.ini +fi + +if [[ -n "${PHP_OPCACHE_VALIDATE_TIMESTAMPS+x}" ]]; then + echo "opcache.validate_timestamps = ${PHP_OPCACHE_VALIDATE_TIMESTAMPS}" >> /opt/docker/etc/php/php.webdevops.ini +fi + +if [[ -n "${PHP_OPCACHE_REVALIDATE_FREQ+x}" ]]; then + echo "opcache.revalidate_freq = ${PHP_OPCACHE_REVALIDATE_FREQ}" >> /opt/docker/etc/php/php.webdevops.ini +fi + +if [[ -n "${PHP_OPCACHE_INTERNED_STRINGS_BUFFER+x}" ]]; then + echo "opcache.interned_strings_buffer = ${PHP_OPCACHE_INTERNED_STRINGS_BUFFER}" >> /opt/docker/etc/php/php.webdevops.ini +fi + +# Workaround for official PHP images +if [[ -n "${PHP_SENDMAIL_PATH+x}" ]]; then + echo "sendmail_path = ${PHP_SENDMAIL_PATH}" >> /opt/docker/etc/php/php.webdevops.ini +fi + +# Disable all PHP mods specified in PHP_DISMOD as comma separated list +if [[ -n "${PHP_DISMOD+x}" ]]; then + ini_dir_cli=$(php -i | grep 'Scan this dir for additional .ini files' | cut -c44-) + ini_dir_fpm=$(php-fpm -i | grep 'Scan this dir for additional .ini files' | cut -c44-) + for DISABLE_MOD in ${PHP_DISMOD//,/ }; do + rm -f ${ini_dir_cli}/*${DISABLE_MOD}* + rm -f ${ini_dir_fpm}/*${DISABLE_MOD}* + done +fi + +# Link composer version accordingly +ln -sf /usr/local/bin/composer${COMPOSER_VERSION:-2} /usr/local/bin/composer diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/onbuild.d/.gitkeep b/base/php-nginx/php/7.4-alpine/conf/provision/onbuild.d/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/roles/.gitkeep b/base/php-nginx/php/7.4-alpine/conf/provision/roles/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/service.d/.gitkeep b/base/php-nginx/php/7.4-alpine/conf/provision/service.d/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/service.d/cron.sh b/base/php-nginx/php/7.4-alpine/conf/provision/service.d/cron.sh new file mode 100644 index 0000000..bd8a547 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/provision/service.d/cron.sh @@ -0,0 +1,13 @@ +#!/usr/bin/env bash + +IMAGE_FAMILY=$(docker-image-info family) + +case "$IMAGE_FAMILY" in + Debian|Ubuntu) + apt-install cron + ;; + + RedHat) + yum-install cronie + ;; +esac diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/service.d/dnsmasq.sh b/base/php-nginx/php/7.4-alpine/conf/provision/service.d/dnsmasq.sh new file mode 100644 index 0000000..9e5c322 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/provision/service.d/dnsmasq.sh @@ -0,0 +1,24 @@ +#!/usr/bin/env bash + +IMAGE_FAMILY=$(docker-image-info family) + +# Installation +case "$IMAGE_FAMILY" in + Debian|Ubuntu) + apt-install dnsmasq + ;; + + RedHat) + yum-install dnsmasq + ;; + + Alpine) + apk-install dnsmasq + ;; +esac + +# Configuration +go-replace --mode=line \ + -s '^[\s]*user[\s]*=' -r 'user = root' \ + -s '^[\s]*conf-dir[\s]*=' -r 'conf-dir = /etc/dnsmasq.d' \ + -- /etc/dnsmasq.conf diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/service.d/postfix.sh b/base/php-nginx/php/7.4-alpine/conf/provision/service.d/postfix.sh new file mode 100644 index 0000000..a8c7cc6 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/provision/service.d/postfix.sh @@ -0,0 +1,32 @@ +#!/usr/bin/env bash + +IMAGE_FAMILY=$(docker-image-info family) + +# Installation +case "$IMAGE_FAMILY" in + Debian|Ubuntu) + apt-install postfix + ;; + + RedHat) + yum-install postfix + + # Fix mysql lib + if [[ ! -f /lib64/libmysqlclient.so.18 ]] && [[ -f /usr/lib64/mysql/libmysqlclient.so.18 ]]; then + ln -s /usr/lib64/mysql/libmysqlclient.so.18 /lib64/libmysqlclient.so.18 + fi + ;; + + Alpine) + apk-install postfix + ;; +esac + +# Configuration +go-replace --mode=line \ + -s '^[\s]*mydestination[\s]*=' -r 'mydestination = ' \ + -s '^[\s]*message_size_limit[\s]*=' -r 'message_size_limit = 15240000' \ + -s '^[\s]*smtp_use_tls[\s]*=' -r 'smtp_use_tls = yes' \ + -s '^[\s]*smtp_tls_security_level[\s]*=' -r 'smtp_tls_security_level = may' \ + -s '^[\s]*myhostname[\s]*=' -r '# myhostname' \ + -- /etc/postfix/main.cf diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/service.d/ssh.sh b/base/php-nginx/php/7.4-alpine/conf/provision/service.d/ssh.sh new file mode 100644 index 0000000..63d7a9f --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/provision/service.d/ssh.sh @@ -0,0 +1,17 @@ +#!/usr/bin/env bash + +IMAGE_FAMILY=$(docker-image-info family) + +case "$IMAGE_FAMILY" in + Debian|Ubuntu) + apt-install openssh-server + ;; + + RedHat) + yum-install openssh-server + ;; + + Alpine) + apk-install openssh + ;; +esac diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/service.d/syslog.sh b/base/php-nginx/php/7.4-alpine/conf/provision/service.d/syslog.sh new file mode 100644 index 0000000..675d0b0 --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/provision/service.d/syslog.sh @@ -0,0 +1,41 @@ +#!/usr/bin/env bash + +IMAGE_FAMILY=$(docker-image-info family) + +# Installation +case "$IMAGE_FAMILY" in + Debian|Ubuntu) + apt-install syslog-ng syslog-ng-core + ;; + + RedHat) + yum-install syslog-ng + + # remove logrotate (not needed for docker) + rm -f "/etc/cron.daily/logrotate" + ;; + + Alpine) + apk-install syslog-ng + ;; +esac + +## Configuration +SYSLOG_NG_VERSION=$(syslog-ng --version | grep -E -e '^Installer-Version:[ ]+[0-9]+\.[0-9]+' | head -n 1 | awk '{print $2}' | cut -f 1,2 -d .) + +# Disable caps inside container +if [[ -f /etc/default/syslog-ng ]]; then + go-replace --mode=lineinfile \ + -s "SYSLOGNG_OPTS" -r "SYSLOGNG_OPTS = --no-caps" \ + -- /etc/default/syslog-ng +fi + +# Symlink configuration +ln -s -f /opt/docker/etc/syslog-ng/syslog-ng.conf /etc/syslog-ng/syslog-ng.conf + +go-replace --mode=lineinfile \ + -s "@version" -r "@version: ${SYSLOG_NG_VERSION}" \ + -- /etc/syslog-ng/syslog-ng.conf + +# Ensure /var/lib/syslog-ng exists +mkdir -p /var/lib/syslog-ng diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/variables-webdevops.yml b/base/php-nginx/php/7.4-alpine/conf/provision/variables-webdevops.yml new file mode 100644 index 0000000..0b2a21a --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/provision/variables-webdevops.yml @@ -0,0 +1,7 @@ +--- + +docker_image_info_family: "{{ lookup('pipe', 'docker-image-info family') }}" +docker_image_info_distribution: "{{ lookup('pipe', 'docker-image-info dist') }}" +docker_image_info_distribution_version: "{{ lookup('pipe', 'docker-image-info dist-version') }}" +docker_image_info_distribution_release: "{{ lookup('pipe', 'docker-image-info dist-release') }}" +docker_image_info_distribution_codename: "{{ lookup('pipe', 'docker-image-info dist-codename') }}" diff --git a/base/php-nginx/php/7.4-alpine/conf/provision/variables.yml b/base/php-nginx/php/7.4-alpine/conf/provision/variables.yml new file mode 100644 index 0000000..0b2a21a --- /dev/null +++ b/base/php-nginx/php/7.4-alpine/conf/provision/variables.yml @@ -0,0 +1,7 @@ +--- + +docker_image_info_family: "{{ lookup('pipe', 'docker-image-info family') }}" +docker_image_info_distribution: "{{ lookup('pipe', 'docker-image-info dist') }}" +docker_image_info_distribution_version: "{{ lookup('pipe', 'docker-image-info dist-version') }}" +docker_image_info_distribution_release: "{{ lookup('pipe', 'docker-image-info dist-release') }}" +docker_image_info_distribution_codename: "{{ lookup('pipe', 'docker-image-info dist-codename') }}" diff --git a/base/php-nginx/toolbox/latest/Dockerfile b/base/php-nginx/toolbox/latest/Dockerfile new file mode 100644 index 0000000..8150b73 --- /dev/null +++ b/base/php-nginx/toolbox/latest/Dockerfile @@ -0,0 +1,28 @@ +#+++++++++++++++++++++++++++++++++++++++ +# Dockerfile for webdevops/toolbox:latest +# -- automatically generated -- +#+++++++++++++++++++++++++++++++++++++++ + +FROM alpine:latest + +RUN apk add --no-cache \ + ca-certificates \ + openssl \ + curl \ + bash \ + sed \ + wget \ + zip \ + unzip \ + bzip2 \ + p7zip \ + drill \ + ldns \ + openssh-client \ + rsync \ + git \ + gnupg \ + ## Install go-replace + && wget -O "/usr/local/bin/go-replace" "https://github.com/webdevops/goreplace/releases/download/1.1.2/gr-arm64-linux" \ + && chmod +x "/usr/local/bin/go-replace" \ + && "/usr/local/bin/go-replace" --version diff --git a/base/php-nginx/toolbox/latest/Dockerfile.jinja2 b/base/php-nginx/toolbox/latest/Dockerfile.jinja2 new file mode 100644 index 0000000..bdb3a7e --- /dev/null +++ b/base/php-nginx/toolbox/latest/Dockerfile.jinja2 @@ -0,0 +1,20 @@ +{{ docker.fromOfficial("alpine") }} + +RUN apk add --no-cache \ + ca-certificates \ + openssl \ + curl \ + bash \ + sed \ + wget \ + zip \ + unzip \ + bzip2 \ + p7zip \ + drill \ + ldns \ + openssh-client \ + rsync \ + git \ + gnupg \ + {{ tools.goreplace() }}