34
3
mirror of https://github.com/joomla-docker/docker-joomla.git synced 2025-01-25 08:08:41 +00:00

Adds opcache-recommended.ini & error-logging.ini & remoteip.conf also adding ghostscript and gd with freetype and webp to all docker images.

This commit is contained in:
Llewellyn van der Merwe 2022-05-27 08:47:18 +02:00
parent 4fab42e727
commit db49b92528
Signed by: Llewellyn
GPG Key ID: A9201372263741E7
13 changed files with 910 additions and 132 deletions

View File

@ -10,9 +10,15 @@ LABEL maintainer="Llewellyn van der Merwe <llewellyn.van-der-merwe@community.joo
# Disable remote database security requirements. # Disable remote database security requirements.
ENV JOOMLA_INSTALLATION_DISABLE_LOCALHOST_CHECK=1 ENV JOOMLA_INSTALLATION_DISABLE_LOCALHOST_CHECK=1
# Enable Apache Rewrite Module RUN set -eux; \
RUN a2enmod rewrite apt-get update; \
# Install the PHP extensions apt-get install -y --no-install-recommends \
# Ghostscript is required for rendering PDF previews
ghostscript \
; \
rm -rf /var/lib/apt/lists/*
# install the PHP extensions we need.
RUN set -ex; \ RUN set -ex; \
\ \
savedAptMark="$(apt-mark showmanual)"; \ savedAptMark="$(apt-mark showmanual)"; \
@ -21,20 +27,29 @@ RUN set -ex; \
apt-get install -y --no-install-recommends \ apt-get install -y --no-install-recommends \
libbz2-dev \ libbz2-dev \
libgmp-dev \ libgmp-dev \
libfreetype6-dev \
libjpeg-dev \ libjpeg-dev \
libldap2-dev \ libldap2-dev \
libmcrypt-dev \ libmcrypt-dev \
libmemcached-dev \ libmemcached-dev \
libpng-dev \ libmagickwand-dev \
libpq-dev \ libpq-dev \
libpng-dev \
libwebp-dev \
libzip-dev \ libzip-dev \
; \ ; \
\ \
docker-php-ext-configure gd --with-jpeg; \ docker-php-ext-configure gd \
--with-freetype \
--with-jpeg \
--with-webp \
; \
debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \ debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \
docker-php-ext-configure ldap --with-libdir="lib/$debMultiarch"; \ docker-php-ext-configure ldap --with-libdir="lib/$debMultiarch"; \
docker-php-ext-install -j "$(nproc)" \ docker-php-ext-install -j "$(nproc)" \
bz2 \ bz2 \
bcmath \
exif \
gd \ gd \
gmp \ gmp \
ldap \ ldap \
@ -44,7 +59,19 @@ RUN set -ex; \
pgsql \ pgsql \
zip \ zip \
; \ ; \
# https://pecl.php.net/package/imagick
pecl install imagick-3.6.0; \
docker-php-ext-enable imagick; \
rm -r /tmp/pear; \
\ \
# some misbehaving extensions end up outputting to stdout
out="$(php -r 'exit(0);')"; \
[ -z "$out" ]; \
err="$(php -r 'exit(0);' 3>&1 1>&2 2>&3)"; \
[ -z "$err" ]; \
\
extDir="$(php -r 'echo ini_get("extension_dir");')"; \
[ -d "$extDir" ]; \
# pecl will claim success even if one install fails, so we need to perform each install separately # pecl will claim success even if one install fails, so we need to perform each install separately
pecl install APCu-5.1.21; \ pecl install APCu-5.1.21; \
pecl install memcached-3.2.0; \ pecl install memcached-3.2.0; \
@ -60,7 +87,7 @@ RUN set -ex; \
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \ apt-mark auto '.*' > /dev/null; \
apt-mark manual $savedAptMark; \ apt-mark manual $savedAptMark; \
ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ ldd "$extDir"/*.so \
| awk '/=>/ { print $3 }' \ | awk '/=>/ { print $3 }' \
| sort -u \ | sort -u \
| xargs -r dpkg-query -S \ | xargs -r dpkg-query -S \
@ -69,7 +96,55 @@ RUN set -ex; \
| xargs -rt apt-mark manual; \ | xargs -rt apt-mark manual; \
\ \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/* rm -rf /var/lib/apt/lists/*; \
\
! { ldd "$extDir"/*.so | grep 'not found'; }; \
# check for output like "PHP Warning: PHP Startup: Unable to load dynamic library 'foo' (tried: ...)
err="$(php --version 3>&1 1>&2 2>&3)"; \
[ -z "$err" ]
# set recommended PHP.ini settings
# see https://secure.php.net/manual/en/opcache.installation.php
RUN set -eux; \
docker-php-ext-enable opcache; \
{ \
echo 'opcache.memory_consumption=128'; \
echo 'opcache.interned_strings_buffer=8'; \
echo 'opcache.max_accelerated_files=4000'; \
echo 'opcache.revalidate_freq=2'; \
echo 'opcache.fast_shutdown=1'; \
} > /usr/local/etc/php/conf.d/opcache-recommended.ini
# set recommended error logging
RUN { \
# https://www.php.net/manual/en/errorfunc.constants.php
echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \
echo 'display_errors = Off'; \
echo 'display_startup_errors = Off'; \
echo 'log_errors = On'; \
echo 'error_log = /dev/stderr'; \
echo 'log_errors_max_len = 1024'; \
echo 'ignore_repeated_errors = On'; \
echo 'ignore_repeated_source = Off'; \
echo 'html_errors = Off'; \
} > /usr/local/etc/php/conf.d/error-logging.ini
RUN set -eux; \
a2enmod rewrite expires; \
\
# https://httpd.apache.org/docs/2.4/mod/mod_remoteip.html
a2enmod remoteip; \
{ \
echo 'RemoteIPHeader X-Forwarded-For'; \
# these IP ranges are reserved for "private" use and should thus *usually* be safe inside Docker
echo 'RemoteIPTrustedProxy 10.0.0.0/8'; \
echo 'RemoteIPTrustedProxy 172.16.0.0/12'; \
echo 'RemoteIPTrustedProxy 192.168.0.0/16'; \
echo 'RemoteIPTrustedProxy 169.254.0.0/16'; \
echo 'RemoteIPTrustedProxy 127.0.0.0/8'; \
} > /etc/apache2/conf-available/remoteip.conf; \
a2enconf remoteip; \
# (replace all instances of "%h" with "%a" in LogFormat)
find /etc/apache2 -type f -name '*.conf' -exec sed -ri 's/([[:space:]]*LogFormat[[:space:]]+"[^"]*)%h([^"]*")/\1%a\2/g' '{}' +
VOLUME /var/www/html VOLUME /var/www/html
@ -79,18 +154,18 @@ ENV JOOMLA_SHA512 f3ca0ae9da4c2d97f2f89a3c215111bfa56b9e7e3c8ec83f627d58bfa2c621
# Download package and extract to web volume # Download package and extract to web volume
RUN set -ex; \ RUN set -ex; \
curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/${JOOMLA_VERSION}/Joomla_${JOOMLA_VERSION}-Stable-Full_Package.tar.bz2; \ curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/3.10.9/Joomla_3.10.9-Stable-Full_Package.tar.bz2; \
echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \ echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \
mkdir /usr/src/joomla; \ mkdir /usr/src/joomla; \
tar -xf joomla.tar.bz2 -C /usr/src/joomla; \ tar -xf joomla.tar.bz2 -C /usr/src/joomla; \
rm joomla.tar.bz2; \ rm joomla.tar.bz2; \
chown -R www-data:www-data /usr/src/joomla chown -R www-data:www-data /usr/src/joomla
# Copy init scripts and custom .htaccess # Copy init scripts
COPY docker-entrypoint.sh /entrypoint.sh COPY docker-entrypoint.sh /entrypoint.sh
COPY makedb.php /makedb.php COPY makedb.php /makedb.php
ENTRYPOINT ["/entrypoint.sh"] ENTRYPOINT ["/entrypoint.sh"]
CMD ["apache2-foreground"] CMD ["apache2-foreground"]
# vim:set ft=dockerfile:

View File

@ -10,10 +10,17 @@ LABEL maintainer="Llewellyn van der Merwe <llewellyn.van-der-merwe@community.joo
# Disable remote database security requirements. # Disable remote database security requirements.
ENV JOOMLA_INSTALLATION_DISABLE_LOCALHOST_CHECK=1 ENV JOOMLA_INSTALLATION_DISABLE_LOCALHOST_CHECK=1
# entrypoint.sh dependencies RUN set -eux; \
RUN apk add --no-cache \ apk add --no-cache \
bash # in theory, docker-entrypoint.sh is POSIX-compliant, but priority is a working, consistent image
# Install the PHP extensions bash \
# Ghostscript is required for rendering PDF previews
ghostscript \
# Alpine package for "imagemagick" contains ~120 .so files
imagemagick \
;
# install the PHP extensions we need.
RUN set -ex; \ RUN set -ex; \
\ \
apk add --no-cache --virtual .build-deps \ apk add --no-cache --virtual .build-deps \
@ -21,20 +28,29 @@ RUN set -ex; \
autoconf \ autoconf \
bzip2-dev \ bzip2-dev \
gmp-dev \ gmp-dev \
freetype-dev \
imagemagick-dev \
libjpeg-turbo-dev \ libjpeg-turbo-dev \
libmcrypt-dev \ libmcrypt-dev \
libmemcached-dev \ libmemcached-dev \
libpng-dev \ libpng-dev \
libwebp-dev \
libzip-dev \ libzip-dev \
openldap-dev \ openldap-dev \
pcre-dev \ pcre-dev \
postgresql-dev \ postgresql-dev \
; \ ; \
\ \
docker-php-ext-configure gd --with-jpeg; \ docker-php-ext-configure gd \
--with-freetype \
--with-jpeg \
--with-webp \
; \
docker-php-ext-configure ldap; \ docker-php-ext-configure ldap; \
docker-php-ext-install -j "$(nproc)" \ docker-php-ext-install -j "$(nproc)" \
bz2 \ bz2 \
bcmath \
exif \
gd \ gd \
gmp \ gmp \
ldap \ ldap \
@ -44,6 +60,20 @@ RUN set -ex; \
pgsql \ pgsql \
zip \ zip \
; \ ; \
# WARNING: imagick is likely not supported on Alpine: https://github.com/Imagick/imagick/issues/328
# https://pecl.php.net/package/imagick
pecl install imagick-3.6.0; \
docker-php-ext-enable imagick; \
rm -r /tmp/pear; \
\
# some misbehaving extensions end up outputting to stdout
out="$(php -r 'exit(0);')"; \
[ -z "$out" ]; \
err="$(php -r 'exit(0);' 3>&1 1>&2 2>&3)"; \
[ -z "$err" ]; \
\
extDir="$(php -r 'echo ini_get("extension_dir");')"; \
[ -d "$extDir" ]; \
\ \
# pecl will claim success even if one install fails, so we need to perform each install separately # pecl will claim success even if one install fails, so we need to perform each install separately
pecl install APCu-5.1.21; \ pecl install APCu-5.1.21; \
@ -60,13 +90,43 @@ RUN set -ex; \
rm -r /tmp/pear; \ rm -r /tmp/pear; \
\ \
runDeps="$( \ runDeps="$( \
scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/lib/php/extensions \ scanelf --needed --nobanner --format '%n#p' --recursive "$extDir" \
| tr ',' '\n' \ | tr ',' '\n' \
| sort -u \ | sort -u \
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
)"; \ )"; \
apk add --virtual .joomla-phpext-rundeps $runDeps; \ apk add --no-network --virtual .joomla-phpexts-rundeps $runDeps; \
apk del .build-deps apk del --no-network .build-deps; \
\
! { ldd "$extDir"/*.so | grep 'not found'; }; \
# check for output like "PHP Warning: PHP Startup: Unable to load dynamic library 'foo' (tried: ...)
err="$(php --version 3>&1 1>&2 2>&3)"; \
[ -z "$err" ]
# set recommended PHP.ini settings
# see https://secure.php.net/manual/en/opcache.installation.php
RUN set -eux; \
docker-php-ext-enable opcache; \
{ \
echo 'opcache.memory_consumption=128'; \
echo 'opcache.interned_strings_buffer=8'; \
echo 'opcache.max_accelerated_files=4000'; \
echo 'opcache.revalidate_freq=2'; \
echo 'opcache.fast_shutdown=1'; \
} > /usr/local/etc/php/conf.d/opcache-recommended.ini
# set recommended error logging
RUN { \
# https://www.php.net/manual/en/errorfunc.constants.php
echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \
echo 'display_errors = Off'; \
echo 'display_startup_errors = Off'; \
echo 'log_errors = On'; \
echo 'error_log = /dev/stderr'; \
echo 'log_errors_max_len = 1024'; \
echo 'ignore_repeated_errors = On'; \
echo 'ignore_repeated_source = Off'; \
echo 'html_errors = Off'; \
} > /usr/local/etc/php/conf.d/error-logging.ini
VOLUME /var/www/html VOLUME /var/www/html
@ -76,14 +136,14 @@ ENV JOOMLA_SHA512 f3ca0ae9da4c2d97f2f89a3c215111bfa56b9e7e3c8ec83f627d58bfa2c621
# Download package and extract to web volume # Download package and extract to web volume
RUN set -ex; \ RUN set -ex; \
curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/${JOOMLA_VERSION}/Joomla_${JOOMLA_VERSION}-Stable-Full_Package.tar.bz2; \ curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/3.10.9/Joomla_3.10.9-Stable-Full_Package.tar.bz2; \
echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \ echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \
mkdir /usr/src/joomla; \ mkdir /usr/src/joomla; \
tar -xf joomla.tar.bz2 -C /usr/src/joomla; \ tar -xf joomla.tar.bz2 -C /usr/src/joomla; \
rm joomla.tar.bz2; \ rm joomla.tar.bz2; \
chown -R www-data:www-data /usr/src/joomla chown -R www-data:www-data /usr/src/joomla
# Copy init scripts and custom .htaccess # Copy init scripts
COPY docker-entrypoint.sh /entrypoint.sh COPY docker-entrypoint.sh /entrypoint.sh
COPY makedb.php /makedb.php COPY makedb.php /makedb.php
@ -91,4 +151,4 @@ ENTRYPOINT ["/entrypoint.sh"]
CMD ["php-fpm"] CMD ["php-fpm"]
# vim:set ft=dockerfile:

View File

@ -10,7 +10,15 @@ LABEL maintainer="Llewellyn van der Merwe <llewellyn.van-der-merwe@community.joo
# Disable remote database security requirements. # Disable remote database security requirements.
ENV JOOMLA_INSTALLATION_DISABLE_LOCALHOST_CHECK=1 ENV JOOMLA_INSTALLATION_DISABLE_LOCALHOST_CHECK=1
# Install the PHP extensions RUN set -eux; \
apt-get update; \
apt-get install -y --no-install-recommends \
# Ghostscript is required for rendering PDF previews
ghostscript \
; \
rm -rf /var/lib/apt/lists/*
# install the PHP extensions we need.
RUN set -ex; \ RUN set -ex; \
\ \
savedAptMark="$(apt-mark showmanual)"; \ savedAptMark="$(apt-mark showmanual)"; \
@ -19,20 +27,29 @@ RUN set -ex; \
apt-get install -y --no-install-recommends \ apt-get install -y --no-install-recommends \
libbz2-dev \ libbz2-dev \
libgmp-dev \ libgmp-dev \
libfreetype6-dev \
libjpeg-dev \ libjpeg-dev \
libldap2-dev \ libldap2-dev \
libmcrypt-dev \ libmcrypt-dev \
libmemcached-dev \ libmemcached-dev \
libpng-dev \ libmagickwand-dev \
libpq-dev \ libpq-dev \
libpng-dev \
libwebp-dev \
libzip-dev \ libzip-dev \
; \ ; \
\ \
docker-php-ext-configure gd --with-jpeg; \ docker-php-ext-configure gd \
--with-freetype \
--with-jpeg \
--with-webp \
; \
debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \ debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \
docker-php-ext-configure ldap --with-libdir="lib/$debMultiarch"; \ docker-php-ext-configure ldap --with-libdir="lib/$debMultiarch"; \
docker-php-ext-install -j "$(nproc)" \ docker-php-ext-install -j "$(nproc)" \
bz2 \ bz2 \
bcmath \
exif \
gd \ gd \
gmp \ gmp \
ldap \ ldap \
@ -42,7 +59,19 @@ RUN set -ex; \
pgsql \ pgsql \
zip \ zip \
; \ ; \
# https://pecl.php.net/package/imagick
pecl install imagick-3.6.0; \
docker-php-ext-enable imagick; \
rm -r /tmp/pear; \
\ \
# some misbehaving extensions end up outputting to stdout
out="$(php -r 'exit(0);')"; \
[ -z "$out" ]; \
err="$(php -r 'exit(0);' 3>&1 1>&2 2>&3)"; \
[ -z "$err" ]; \
\
extDir="$(php -r 'echo ini_get("extension_dir");')"; \
[ -d "$extDir" ]; \
# pecl will claim success even if one install fails, so we need to perform each install separately # pecl will claim success even if one install fails, so we need to perform each install separately
pecl install APCu-5.1.21; \ pecl install APCu-5.1.21; \
pecl install memcached-3.2.0; \ pecl install memcached-3.2.0; \
@ -58,7 +87,7 @@ RUN set -ex; \
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \ apt-mark auto '.*' > /dev/null; \
apt-mark manual $savedAptMark; \ apt-mark manual $savedAptMark; \
ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ ldd "$extDir"/*.so \
| awk '/=>/ { print $3 }' \ | awk '/=>/ { print $3 }' \
| sort -u \ | sort -u \
| xargs -r dpkg-query -S \ | xargs -r dpkg-query -S \
@ -67,7 +96,37 @@ RUN set -ex; \
| xargs -rt apt-mark manual; \ | xargs -rt apt-mark manual; \
\ \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/* rm -rf /var/lib/apt/lists/*; \
\
! { ldd "$extDir"/*.so | grep 'not found'; }; \
# check for output like "PHP Warning: PHP Startup: Unable to load dynamic library 'foo' (tried: ...)
err="$(php --version 3>&1 1>&2 2>&3)"; \
[ -z "$err" ]
# set recommended PHP.ini settings
# see https://secure.php.net/manual/en/opcache.installation.php
RUN set -eux; \
docker-php-ext-enable opcache; \
{ \
echo 'opcache.memory_consumption=128'; \
echo 'opcache.interned_strings_buffer=8'; \
echo 'opcache.max_accelerated_files=4000'; \
echo 'opcache.revalidate_freq=2'; \
echo 'opcache.fast_shutdown=1'; \
} > /usr/local/etc/php/conf.d/opcache-recommended.ini
# set recommended error logging
RUN { \
# https://www.php.net/manual/en/errorfunc.constants.php
echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \
echo 'display_errors = Off'; \
echo 'display_startup_errors = Off'; \
echo 'log_errors = On'; \
echo 'error_log = /dev/stderr'; \
echo 'log_errors_max_len = 1024'; \
echo 'ignore_repeated_errors = On'; \
echo 'ignore_repeated_source = Off'; \
echo 'html_errors = Off'; \
} > /usr/local/etc/php/conf.d/error-logging.ini
VOLUME /var/www/html VOLUME /var/www/html
@ -77,14 +136,14 @@ ENV JOOMLA_SHA512 f3ca0ae9da4c2d97f2f89a3c215111bfa56b9e7e3c8ec83f627d58bfa2c621
# Download package and extract to web volume # Download package and extract to web volume
RUN set -ex; \ RUN set -ex; \
curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/${JOOMLA_VERSION}/Joomla_${JOOMLA_VERSION}-Stable-Full_Package.tar.bz2; \ curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/3.10.9/Joomla_3.10.9-Stable-Full_Package.tar.bz2; \
echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \ echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \
mkdir /usr/src/joomla; \ mkdir /usr/src/joomla; \
tar -xf joomla.tar.bz2 -C /usr/src/joomla; \ tar -xf joomla.tar.bz2 -C /usr/src/joomla; \
rm joomla.tar.bz2; \ rm joomla.tar.bz2; \
chown -R www-data:www-data /usr/src/joomla chown -R www-data:www-data /usr/src/joomla
# Copy init scripts and custom .htaccess # Copy init scripts
COPY docker-entrypoint.sh /entrypoint.sh COPY docker-entrypoint.sh /entrypoint.sh
COPY makedb.php /makedb.php COPY makedb.php /makedb.php
@ -92,4 +151,4 @@ ENTRYPOINT ["/entrypoint.sh"]
CMD ["php-fpm"] CMD ["php-fpm"]
# vim:set ft=dockerfile:

View File

@ -10,9 +10,15 @@ LABEL maintainer="Llewellyn van der Merwe <llewellyn.van-der-merwe@community.joo
# Disable remote database security requirements. # Disable remote database security requirements.
ENV JOOMLA_INSTALLATION_DISABLE_LOCALHOST_CHECK=1 ENV JOOMLA_INSTALLATION_DISABLE_LOCALHOST_CHECK=1
# Enable Apache Rewrite Module RUN set -eux; \
RUN a2enmod rewrite apt-get update; \
# Install the PHP extensions apt-get install -y --no-install-recommends \
# Ghostscript is required for rendering PDF previews
ghostscript \
; \
rm -rf /var/lib/apt/lists/*
# install the PHP extensions we need.
RUN set -ex; \ RUN set -ex; \
\ \
savedAptMark="$(apt-mark showmanual)"; \ savedAptMark="$(apt-mark showmanual)"; \
@ -22,19 +28,28 @@ RUN set -ex; \
libbz2-dev \ libbz2-dev \
libgmp-dev \ libgmp-dev \
libicu-dev \ libicu-dev \
libfreetype6-dev \
libjpeg-dev \ libjpeg-dev \
libldap2-dev \ libldap2-dev \
libmemcached-dev \ libmemcached-dev \
libpng-dev \ libmagickwand-dev \
libpq-dev \ libpq-dev \
libpng-dev \
libwebp-dev \
libzip-dev \ libzip-dev \
; \ ; \
\ \
docker-php-ext-configure gd --with-jpeg; \ docker-php-ext-configure gd \
--with-freetype \
--with-jpeg \
--with-webp \
; \
debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \ debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \
docker-php-ext-configure ldap --with-libdir="lib/$debMultiarch"; \ docker-php-ext-configure ldap --with-libdir="lib/$debMultiarch"; \
docker-php-ext-install -j "$(nproc)" \ docker-php-ext-install -j "$(nproc)" \
bz2 \ bz2 \
bcmath \
exif \
gd \ gd \
gmp \ gmp \
intl \ intl \
@ -45,7 +60,19 @@ RUN set -ex; \
pgsql \ pgsql \
zip \ zip \
; \ ; \
# https://pecl.php.net/package/imagick
pecl install imagick-3.6.0; \
docker-php-ext-enable imagick; \
rm -r /tmp/pear; \
\ \
# some misbehaving extensions end up outputting to stdout
out="$(php -r 'exit(0);')"; \
[ -z "$out" ]; \
err="$(php -r 'exit(0);' 3>&1 1>&2 2>&3)"; \
[ -z "$err" ]; \
\
extDir="$(php -r 'echo ini_get("extension_dir");')"; \
[ -d "$extDir" ]; \
# pecl will claim success even if one install fails, so we need to perform each install separately # pecl will claim success even if one install fails, so we need to perform each install separately
pecl install APCu-5.1.21; \ pecl install APCu-5.1.21; \
pecl install memcached-3.2.0; \ pecl install memcached-3.2.0; \
@ -61,7 +88,7 @@ RUN set -ex; \
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \ apt-mark auto '.*' > /dev/null; \
apt-mark manual $savedAptMark; \ apt-mark manual $savedAptMark; \
ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ ldd "$extDir"/*.so \
| awk '/=>/ { print $3 }' \ | awk '/=>/ { print $3 }' \
| sort -u \ | sort -u \
| xargs -r dpkg-query -S \ | xargs -r dpkg-query -S \
@ -70,7 +97,55 @@ RUN set -ex; \
| xargs -rt apt-mark manual; \ | xargs -rt apt-mark manual; \
\ \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/* rm -rf /var/lib/apt/lists/*; \
\
! { ldd "$extDir"/*.so | grep 'not found'; }; \
# check for output like "PHP Warning: PHP Startup: Unable to load dynamic library 'foo' (tried: ...)
err="$(php --version 3>&1 1>&2 2>&3)"; \
[ -z "$err" ]
# set recommended PHP.ini settings
# see https://secure.php.net/manual/en/opcache.installation.php
RUN set -eux; \
docker-php-ext-enable opcache; \
{ \
echo 'opcache.memory_consumption=128'; \
echo 'opcache.interned_strings_buffer=8'; \
echo 'opcache.max_accelerated_files=4000'; \
echo 'opcache.revalidate_freq=2'; \
echo 'opcache.fast_shutdown=1'; \
} > /usr/local/etc/php/conf.d/opcache-recommended.ini
# set recommended error logging
RUN { \
# https://www.php.net/manual/en/errorfunc.constants.php
echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \
echo 'display_errors = Off'; \
echo 'display_startup_errors = Off'; \
echo 'log_errors = On'; \
echo 'error_log = /dev/stderr'; \
echo 'log_errors_max_len = 1024'; \
echo 'ignore_repeated_errors = On'; \
echo 'ignore_repeated_source = Off'; \
echo 'html_errors = Off'; \
} > /usr/local/etc/php/conf.d/error-logging.ini
RUN set -eux; \
a2enmod rewrite expires; \
\
# https://httpd.apache.org/docs/2.4/mod/mod_remoteip.html
a2enmod remoteip; \
{ \
echo 'RemoteIPHeader X-Forwarded-For'; \
# these IP ranges are reserved for "private" use and should thus *usually* be safe inside Docker
echo 'RemoteIPTrustedProxy 10.0.0.0/8'; \
echo 'RemoteIPTrustedProxy 172.16.0.0/12'; \
echo 'RemoteIPTrustedProxy 192.168.0.0/16'; \
echo 'RemoteIPTrustedProxy 169.254.0.0/16'; \
echo 'RemoteIPTrustedProxy 127.0.0.0/8'; \
} > /etc/apache2/conf-available/remoteip.conf; \
a2enconf remoteip; \
# (replace all instances of "%h" with "%a" in LogFormat)
find /etc/apache2 -type f -name '*.conf' -exec sed -ri 's/([[:space:]]*LogFormat[[:space:]]+"[^"]*)%h([^"]*")/\1%a\2/g' '{}' +
VOLUME /var/www/html VOLUME /var/www/html
@ -80,18 +155,18 @@ ENV JOOMLA_SHA512 a9ffd64d8320d3df2f58df924b750f4b75a15eac194b4a8ef98671208ad2ca
# Download package and extract to web volume # Download package and extract to web volume
RUN set -ex; \ RUN set -ex; \
curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/${JOOMLA_VERSION}/Joomla_${JOOMLA_VERSION}-Stable-Full_Package.tar.bz2; \ curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/4.1.4/Joomla_4.1.4-Stable-Full_Package.tar.bz2; \
echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \ echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \
mkdir /usr/src/joomla; \ mkdir /usr/src/joomla; \
tar -xf joomla.tar.bz2 -C /usr/src/joomla; \ tar -xf joomla.tar.bz2 -C /usr/src/joomla; \
rm joomla.tar.bz2; \ rm joomla.tar.bz2; \
chown -R www-data:www-data /usr/src/joomla chown -R www-data:www-data /usr/src/joomla
# Copy init scripts and custom .htaccess # Copy init scripts
COPY docker-entrypoint.sh /entrypoint.sh COPY docker-entrypoint.sh /entrypoint.sh
COPY makedb.php /makedb.php COPY makedb.php /makedb.php
ENTRYPOINT ["/entrypoint.sh"] ENTRYPOINT ["/entrypoint.sh"]
CMD ["apache2-foreground"] CMD ["apache2-foreground"]
# vim:set ft=dockerfile:

View File

@ -10,10 +10,17 @@ LABEL maintainer="Llewellyn van der Merwe <llewellyn.van-der-merwe@community.joo
# Disable remote database security requirements. # Disable remote database security requirements.
ENV JOOMLA_INSTALLATION_DISABLE_LOCALHOST_CHECK=1 ENV JOOMLA_INSTALLATION_DISABLE_LOCALHOST_CHECK=1
# entrypoint.sh dependencies RUN set -eux; \
RUN apk add --no-cache \ apk add --no-cache \
bash # in theory, docker-entrypoint.sh is POSIX-compliant, but priority is a working, consistent image
# Install the PHP extensions bash \
# Ghostscript is required for rendering PDF previews
ghostscript \
# Alpine package for "imagemagick" contains ~120 .so files
imagemagick \
;
# install the PHP extensions we need.
RUN set -ex; \ RUN set -ex; \
\ \
apk add --no-cache --virtual .build-deps \ apk add --no-cache --virtual .build-deps \
@ -22,19 +29,28 @@ RUN set -ex; \
bzip2-dev \ bzip2-dev \
gmp-dev \ gmp-dev \
icu-dev \ icu-dev \
freetype-dev \
imagemagick-dev \
libjpeg-turbo-dev \ libjpeg-turbo-dev \
libmemcached-dev \ libmemcached-dev \
libpng-dev \ libpng-dev \
libwebp-dev \
libzip-dev \ libzip-dev \
openldap-dev \ openldap-dev \
pcre-dev \ pcre-dev \
postgresql-dev \ postgresql-dev \
; \ ; \
\ \
docker-php-ext-configure gd --with-jpeg; \ docker-php-ext-configure gd \
--with-freetype \
--with-jpeg \
--with-webp \
; \
docker-php-ext-configure ldap; \ docker-php-ext-configure ldap; \
docker-php-ext-install -j "$(nproc)" \ docker-php-ext-install -j "$(nproc)" \
bz2 \ bz2 \
bcmath \
exif \
gd \ gd \
gmp \ gmp \
intl \ intl \
@ -45,6 +61,20 @@ RUN set -ex; \
pgsql \ pgsql \
zip \ zip \
; \ ; \
# WARNING: imagick is likely not supported on Alpine: https://github.com/Imagick/imagick/issues/328
# https://pecl.php.net/package/imagick
pecl install imagick-3.6.0; \
docker-php-ext-enable imagick; \
rm -r /tmp/pear; \
\
# some misbehaving extensions end up outputting to stdout
out="$(php -r 'exit(0);')"; \
[ -z "$out" ]; \
err="$(php -r 'exit(0);' 3>&1 1>&2 2>&3)"; \
[ -z "$err" ]; \
\
extDir="$(php -r 'echo ini_get("extension_dir");')"; \
[ -d "$extDir" ]; \
\ \
# pecl will claim success even if one install fails, so we need to perform each install separately # pecl will claim success even if one install fails, so we need to perform each install separately
pecl install APCu-5.1.21; \ pecl install APCu-5.1.21; \
@ -59,13 +89,43 @@ RUN set -ex; \
rm -r /tmp/pear; \ rm -r /tmp/pear; \
\ \
runDeps="$( \ runDeps="$( \
scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/lib/php/extensions \ scanelf --needed --nobanner --format '%n#p' --recursive "$extDir" \
| tr ',' '\n' \ | tr ',' '\n' \
| sort -u \ | sort -u \
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
)"; \ )"; \
apk add --virtual .joomla-phpext-rundeps $runDeps; \ apk add --no-network --virtual .joomla-phpexts-rundeps $runDeps; \
apk del .build-deps apk del --no-network .build-deps; \
\
! { ldd "$extDir"/*.so | grep 'not found'; }; \
# check for output like "PHP Warning: PHP Startup: Unable to load dynamic library 'foo' (tried: ...)
err="$(php --version 3>&1 1>&2 2>&3)"; \
[ -z "$err" ]
# set recommended PHP.ini settings
# see https://secure.php.net/manual/en/opcache.installation.php
RUN set -eux; \
docker-php-ext-enable opcache; \
{ \
echo 'opcache.memory_consumption=128'; \
echo 'opcache.interned_strings_buffer=8'; \
echo 'opcache.max_accelerated_files=4000'; \
echo 'opcache.revalidate_freq=2'; \
echo 'opcache.fast_shutdown=1'; \
} > /usr/local/etc/php/conf.d/opcache-recommended.ini
# set recommended error logging
RUN { \
# https://www.php.net/manual/en/errorfunc.constants.php
echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \
echo 'display_errors = Off'; \
echo 'display_startup_errors = Off'; \
echo 'log_errors = On'; \
echo 'error_log = /dev/stderr'; \
echo 'log_errors_max_len = 1024'; \
echo 'ignore_repeated_errors = On'; \
echo 'ignore_repeated_source = Off'; \
echo 'html_errors = Off'; \
} > /usr/local/etc/php/conf.d/error-logging.ini
VOLUME /var/www/html VOLUME /var/www/html
@ -75,14 +135,14 @@ ENV JOOMLA_SHA512 a9ffd64d8320d3df2f58df924b750f4b75a15eac194b4a8ef98671208ad2ca
# Download package and extract to web volume # Download package and extract to web volume
RUN set -ex; \ RUN set -ex; \
curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/${JOOMLA_VERSION}/Joomla_${JOOMLA_VERSION}-Stable-Full_Package.tar.bz2; \ curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/4.1.4/Joomla_4.1.4-Stable-Full_Package.tar.bz2; \
echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \ echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \
mkdir /usr/src/joomla; \ mkdir /usr/src/joomla; \
tar -xf joomla.tar.bz2 -C /usr/src/joomla; \ tar -xf joomla.tar.bz2 -C /usr/src/joomla; \
rm joomla.tar.bz2; \ rm joomla.tar.bz2; \
chown -R www-data:www-data /usr/src/joomla chown -R www-data:www-data /usr/src/joomla
# Copy init scripts and custom .htaccess # Copy init scripts
COPY docker-entrypoint.sh /entrypoint.sh COPY docker-entrypoint.sh /entrypoint.sh
COPY makedb.php /makedb.php COPY makedb.php /makedb.php
@ -90,4 +150,4 @@ ENTRYPOINT ["/entrypoint.sh"]
CMD ["php-fpm"] CMD ["php-fpm"]
# vim:set ft=dockerfile:

View File

@ -10,7 +10,15 @@ LABEL maintainer="Llewellyn van der Merwe <llewellyn.van-der-merwe@community.joo
# Disable remote database security requirements. # Disable remote database security requirements.
ENV JOOMLA_INSTALLATION_DISABLE_LOCALHOST_CHECK=1 ENV JOOMLA_INSTALLATION_DISABLE_LOCALHOST_CHECK=1
# Install the PHP extensions RUN set -eux; \
apt-get update; \
apt-get install -y --no-install-recommends \
# Ghostscript is required for rendering PDF previews
ghostscript \
; \
rm -rf /var/lib/apt/lists/*
# install the PHP extensions we need.
RUN set -ex; \ RUN set -ex; \
\ \
savedAptMark="$(apt-mark showmanual)"; \ savedAptMark="$(apt-mark showmanual)"; \
@ -20,19 +28,28 @@ RUN set -ex; \
libbz2-dev \ libbz2-dev \
libgmp-dev \ libgmp-dev \
libicu-dev \ libicu-dev \
libfreetype6-dev \
libjpeg-dev \ libjpeg-dev \
libldap2-dev \ libldap2-dev \
libmemcached-dev \ libmemcached-dev \
libpng-dev \ libmagickwand-dev \
libpq-dev \ libpq-dev \
libpng-dev \
libwebp-dev \
libzip-dev \ libzip-dev \
; \ ; \
\ \
docker-php-ext-configure gd --with-jpeg; \ docker-php-ext-configure gd \
--with-freetype \
--with-jpeg \
--with-webp \
; \
debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \ debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \
docker-php-ext-configure ldap --with-libdir="lib/$debMultiarch"; \ docker-php-ext-configure ldap --with-libdir="lib/$debMultiarch"; \
docker-php-ext-install -j "$(nproc)" \ docker-php-ext-install -j "$(nproc)" \
bz2 \ bz2 \
bcmath \
exif \
gd \ gd \
gmp \ gmp \
intl \ intl \
@ -43,7 +60,19 @@ RUN set -ex; \
pgsql \ pgsql \
zip \ zip \
; \ ; \
# https://pecl.php.net/package/imagick
pecl install imagick-3.6.0; \
docker-php-ext-enable imagick; \
rm -r /tmp/pear; \
\ \
# some misbehaving extensions end up outputting to stdout
out="$(php -r 'exit(0);')"; \
[ -z "$out" ]; \
err="$(php -r 'exit(0);' 3>&1 1>&2 2>&3)"; \
[ -z "$err" ]; \
\
extDir="$(php -r 'echo ini_get("extension_dir");')"; \
[ -d "$extDir" ]; \
# pecl will claim success even if one install fails, so we need to perform each install separately # pecl will claim success even if one install fails, so we need to perform each install separately
pecl install APCu-5.1.21; \ pecl install APCu-5.1.21; \
pecl install memcached-3.2.0; \ pecl install memcached-3.2.0; \
@ -59,7 +88,7 @@ RUN set -ex; \
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \ apt-mark auto '.*' > /dev/null; \
apt-mark manual $savedAptMark; \ apt-mark manual $savedAptMark; \
ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ ldd "$extDir"/*.so \
| awk '/=>/ { print $3 }' \ | awk '/=>/ { print $3 }' \
| sort -u \ | sort -u \
| xargs -r dpkg-query -S \ | xargs -r dpkg-query -S \
@ -68,7 +97,37 @@ RUN set -ex; \
| xargs -rt apt-mark manual; \ | xargs -rt apt-mark manual; \
\ \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/* rm -rf /var/lib/apt/lists/*; \
\
! { ldd "$extDir"/*.so | grep 'not found'; }; \
# check for output like "PHP Warning: PHP Startup: Unable to load dynamic library 'foo' (tried: ...)
err="$(php --version 3>&1 1>&2 2>&3)"; \
[ -z "$err" ]
# set recommended PHP.ini settings
# see https://secure.php.net/manual/en/opcache.installation.php
RUN set -eux; \
docker-php-ext-enable opcache; \
{ \
echo 'opcache.memory_consumption=128'; \
echo 'opcache.interned_strings_buffer=8'; \
echo 'opcache.max_accelerated_files=4000'; \
echo 'opcache.revalidate_freq=2'; \
echo 'opcache.fast_shutdown=1'; \
} > /usr/local/etc/php/conf.d/opcache-recommended.ini
# set recommended error logging
RUN { \
# https://www.php.net/manual/en/errorfunc.constants.php
echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \
echo 'display_errors = Off'; \
echo 'display_startup_errors = Off'; \
echo 'log_errors = On'; \
echo 'error_log = /dev/stderr'; \
echo 'log_errors_max_len = 1024'; \
echo 'ignore_repeated_errors = On'; \
echo 'ignore_repeated_source = Off'; \
echo 'html_errors = Off'; \
} > /usr/local/etc/php/conf.d/error-logging.ini
VOLUME /var/www/html VOLUME /var/www/html
@ -78,14 +137,14 @@ ENV JOOMLA_SHA512 a9ffd64d8320d3df2f58df924b750f4b75a15eac194b4a8ef98671208ad2ca
# Download package and extract to web volume # Download package and extract to web volume
RUN set -ex; \ RUN set -ex; \
curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/${JOOMLA_VERSION}/Joomla_${JOOMLA_VERSION}-Stable-Full_Package.tar.bz2; \ curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/4.1.4/Joomla_4.1.4-Stable-Full_Package.tar.bz2; \
echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \ echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \
mkdir /usr/src/joomla; \ mkdir /usr/src/joomla; \
tar -xf joomla.tar.bz2 -C /usr/src/joomla; \ tar -xf joomla.tar.bz2 -C /usr/src/joomla; \
rm joomla.tar.bz2; \ rm joomla.tar.bz2; \
chown -R www-data:www-data /usr/src/joomla chown -R www-data:www-data /usr/src/joomla
# Copy init scripts and custom .htaccess # Copy init scripts
COPY docker-entrypoint.sh /entrypoint.sh COPY docker-entrypoint.sh /entrypoint.sh
COPY makedb.php /makedb.php COPY makedb.php /makedb.php
@ -93,4 +152,4 @@ ENTRYPOINT ["/entrypoint.sh"]
CMD ["php-fpm"] CMD ["php-fpm"]
# vim:set ft=dockerfile:

View File

@ -10,9 +10,15 @@ LABEL maintainer="Llewellyn van der Merwe <llewellyn.van-der-merwe@community.joo
# Disable remote database security requirements. # Disable remote database security requirements.
ENV JOOMLA_INSTALLATION_DISABLE_LOCALHOST_CHECK=1 ENV JOOMLA_INSTALLATION_DISABLE_LOCALHOST_CHECK=1
# Enable Apache Rewrite Module RUN set -eux; \
RUN a2enmod rewrite apt-get update; \
# Install the PHP extensions apt-get install -y --no-install-recommends \
# Ghostscript is required for rendering PDF previews
ghostscript \
; \
rm -rf /var/lib/apt/lists/*
# install the PHP extensions we need.
RUN set -ex; \ RUN set -ex; \
\ \
savedAptMark="$(apt-mark showmanual)"; \ savedAptMark="$(apt-mark showmanual)"; \
@ -22,19 +28,28 @@ RUN set -ex; \
libbz2-dev \ libbz2-dev \
libgmp-dev \ libgmp-dev \
libicu-dev \ libicu-dev \
libfreetype6-dev \
libjpeg-dev \ libjpeg-dev \
libldap2-dev \ libldap2-dev \
libmemcached-dev \ libmemcached-dev \
libpng-dev \ libmagickwand-dev \
libpq-dev \ libpq-dev \
libpng-dev \
libwebp-dev \
libzip-dev \ libzip-dev \
; \ ; \
\ \
docker-php-ext-configure gd --with-jpeg; \ docker-php-ext-configure gd \
--with-freetype \
--with-jpeg \
--with-webp \
; \
debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \ debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \
docker-php-ext-configure ldap --with-libdir="lib/$debMultiarch"; \ docker-php-ext-configure ldap --with-libdir="lib/$debMultiarch"; \
docker-php-ext-install -j "$(nproc)" \ docker-php-ext-install -j "$(nproc)" \
bz2 \ bz2 \
bcmath \
exif \
gd \ gd \
gmp \ gmp \
intl \ intl \
@ -45,7 +60,19 @@ RUN set -ex; \
pgsql \ pgsql \
zip \ zip \
; \ ; \
# https://pecl.php.net/package/imagick
pecl install imagick-3.6.0; \
docker-php-ext-enable imagick; \
rm -r /tmp/pear; \
\ \
# some misbehaving extensions end up outputting to stdout
out="$(php -r 'exit(0);')"; \
[ -z "$out" ]; \
err="$(php -r 'exit(0);' 3>&1 1>&2 2>&3)"; \
[ -z "$err" ]; \
\
extDir="$(php -r 'echo ini_get("extension_dir");')"; \
[ -d "$extDir" ]; \
# pecl will claim success even if one install fails, so we need to perform each install separately # pecl will claim success even if one install fails, so we need to perform each install separately
pecl install APCu-5.1.21; \ pecl install APCu-5.1.21; \
pecl install memcached-3.2.0; \ pecl install memcached-3.2.0; \
@ -61,7 +88,7 @@ RUN set -ex; \
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \ apt-mark auto '.*' > /dev/null; \
apt-mark manual $savedAptMark; \ apt-mark manual $savedAptMark; \
ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ ldd "$extDir"/*.so \
| awk '/=>/ { print $3 }' \ | awk '/=>/ { print $3 }' \
| sort -u \ | sort -u \
| xargs -r dpkg-query -S \ | xargs -r dpkg-query -S \
@ -70,7 +97,55 @@ RUN set -ex; \
| xargs -rt apt-mark manual; \ | xargs -rt apt-mark manual; \
\ \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/* rm -rf /var/lib/apt/lists/*; \
\
! { ldd "$extDir"/*.so | grep 'not found'; }; \
# check for output like "PHP Warning: PHP Startup: Unable to load dynamic library 'foo' (tried: ...)
err="$(php --version 3>&1 1>&2 2>&3)"; \
[ -z "$err" ]
# set recommended PHP.ini settings
# see https://secure.php.net/manual/en/opcache.installation.php
RUN set -eux; \
docker-php-ext-enable opcache; \
{ \
echo 'opcache.memory_consumption=128'; \
echo 'opcache.interned_strings_buffer=8'; \
echo 'opcache.max_accelerated_files=4000'; \
echo 'opcache.revalidate_freq=2'; \
echo 'opcache.fast_shutdown=1'; \
} > /usr/local/etc/php/conf.d/opcache-recommended.ini
# set recommended error logging
RUN { \
# https://www.php.net/manual/en/errorfunc.constants.php
echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \
echo 'display_errors = Off'; \
echo 'display_startup_errors = Off'; \
echo 'log_errors = On'; \
echo 'error_log = /dev/stderr'; \
echo 'log_errors_max_len = 1024'; \
echo 'ignore_repeated_errors = On'; \
echo 'ignore_repeated_source = Off'; \
echo 'html_errors = Off'; \
} > /usr/local/etc/php/conf.d/error-logging.ini
RUN set -eux; \
a2enmod rewrite expires; \
\
# https://httpd.apache.org/docs/2.4/mod/mod_remoteip.html
a2enmod remoteip; \
{ \
echo 'RemoteIPHeader X-Forwarded-For'; \
# these IP ranges are reserved for "private" use and should thus *usually* be safe inside Docker
echo 'RemoteIPTrustedProxy 10.0.0.0/8'; \
echo 'RemoteIPTrustedProxy 172.16.0.0/12'; \
echo 'RemoteIPTrustedProxy 192.168.0.0/16'; \
echo 'RemoteIPTrustedProxy 169.254.0.0/16'; \
echo 'RemoteIPTrustedProxy 127.0.0.0/8'; \
} > /etc/apache2/conf-available/remoteip.conf; \
a2enconf remoteip; \
# (replace all instances of "%h" with "%a" in LogFormat)
find /etc/apache2 -type f -name '*.conf' -exec sed -ri 's/([[:space:]]*LogFormat[[:space:]]+"[^"]*)%h([^"]*")/\1%a\2/g' '{}' +
VOLUME /var/www/html VOLUME /var/www/html
@ -80,18 +155,18 @@ ENV JOOMLA_SHA512 a9ffd64d8320d3df2f58df924b750f4b75a15eac194b4a8ef98671208ad2ca
# Download package and extract to web volume # Download package and extract to web volume
RUN set -ex; \ RUN set -ex; \
curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/${JOOMLA_VERSION}/Joomla_${JOOMLA_VERSION}-Stable-Full_Package.tar.bz2; \ curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/4.1.4/Joomla_4.1.4-Stable-Full_Package.tar.bz2; \
echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \ echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \
mkdir /usr/src/joomla; \ mkdir /usr/src/joomla; \
tar -xf joomla.tar.bz2 -C /usr/src/joomla; \ tar -xf joomla.tar.bz2 -C /usr/src/joomla; \
rm joomla.tar.bz2; \ rm joomla.tar.bz2; \
chown -R www-data:www-data /usr/src/joomla chown -R www-data:www-data /usr/src/joomla
# Copy init scripts and custom .htaccess # Copy init scripts
COPY docker-entrypoint.sh /entrypoint.sh COPY docker-entrypoint.sh /entrypoint.sh
COPY makedb.php /makedb.php COPY makedb.php /makedb.php
ENTRYPOINT ["/entrypoint.sh"] ENTRYPOINT ["/entrypoint.sh"]
CMD ["apache2-foreground"] CMD ["apache2-foreground"]
# vim:set ft=dockerfile:

View File

@ -10,10 +10,17 @@ LABEL maintainer="Llewellyn van der Merwe <llewellyn.van-der-merwe@community.joo
# Disable remote database security requirements. # Disable remote database security requirements.
ENV JOOMLA_INSTALLATION_DISABLE_LOCALHOST_CHECK=1 ENV JOOMLA_INSTALLATION_DISABLE_LOCALHOST_CHECK=1
# entrypoint.sh dependencies RUN set -eux; \
RUN apk add --no-cache \ apk add --no-cache \
bash # in theory, docker-entrypoint.sh is POSIX-compliant, but priority is a working, consistent image
# Install the PHP extensions bash \
# Ghostscript is required for rendering PDF previews
ghostscript \
# Alpine package for "imagemagick" contains ~120 .so files
imagemagick \
;
# install the PHP extensions we need.
RUN set -ex; \ RUN set -ex; \
\ \
apk add --no-cache --virtual .build-deps \ apk add --no-cache --virtual .build-deps \
@ -22,19 +29,28 @@ RUN set -ex; \
bzip2-dev \ bzip2-dev \
gmp-dev \ gmp-dev \
icu-dev \ icu-dev \
freetype-dev \
imagemagick-dev \
libjpeg-turbo-dev \ libjpeg-turbo-dev \
libmemcached-dev \ libmemcached-dev \
libpng-dev \ libpng-dev \
libwebp-dev \
libzip-dev \ libzip-dev \
openldap-dev \ openldap-dev \
pcre-dev \ pcre-dev \
postgresql-dev \ postgresql-dev \
; \ ; \
\ \
docker-php-ext-configure gd --with-jpeg; \ docker-php-ext-configure gd \
--with-freetype \
--with-jpeg \
--with-webp \
; \
docker-php-ext-configure ldap; \ docker-php-ext-configure ldap; \
docker-php-ext-install -j "$(nproc)" \ docker-php-ext-install -j "$(nproc)" \
bz2 \ bz2 \
bcmath \
exif \
gd \ gd \
gmp \ gmp \
intl \ intl \
@ -45,6 +61,20 @@ RUN set -ex; \
pgsql \ pgsql \
zip \ zip \
; \ ; \
# WARNING: imagick is likely not supported on Alpine: https://github.com/Imagick/imagick/issues/328
# https://pecl.php.net/package/imagick
pecl install imagick-3.6.0; \
docker-php-ext-enable imagick; \
rm -r /tmp/pear; \
\
# some misbehaving extensions end up outputting to stdout
out="$(php -r 'exit(0);')"; \
[ -z "$out" ]; \
err="$(php -r 'exit(0);' 3>&1 1>&2 2>&3)"; \
[ -z "$err" ]; \
\
extDir="$(php -r 'echo ini_get("extension_dir");')"; \
[ -d "$extDir" ]; \
\ \
# pecl will claim success even if one install fails, so we need to perform each install separately # pecl will claim success even if one install fails, so we need to perform each install separately
pecl install APCu-5.1.21; \ pecl install APCu-5.1.21; \
@ -59,13 +89,43 @@ RUN set -ex; \
rm -r /tmp/pear; \ rm -r /tmp/pear; \
\ \
runDeps="$( \ runDeps="$( \
scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/lib/php/extensions \ scanelf --needed --nobanner --format '%n#p' --recursive "$extDir" \
| tr ',' '\n' \ | tr ',' '\n' \
| sort -u \ | sort -u \
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
)"; \ )"; \
apk add --virtual .joomla-phpext-rundeps $runDeps; \ apk add --no-network --virtual .joomla-phpexts-rundeps $runDeps; \
apk del .build-deps apk del --no-network .build-deps; \
\
! { ldd "$extDir"/*.so | grep 'not found'; }; \
# check for output like "PHP Warning: PHP Startup: Unable to load dynamic library 'foo' (tried: ...)
err="$(php --version 3>&1 1>&2 2>&3)"; \
[ -z "$err" ]
# set recommended PHP.ini settings
# see https://secure.php.net/manual/en/opcache.installation.php
RUN set -eux; \
docker-php-ext-enable opcache; \
{ \
echo 'opcache.memory_consumption=128'; \
echo 'opcache.interned_strings_buffer=8'; \
echo 'opcache.max_accelerated_files=4000'; \
echo 'opcache.revalidate_freq=2'; \
echo 'opcache.fast_shutdown=1'; \
} > /usr/local/etc/php/conf.d/opcache-recommended.ini
# set recommended error logging
RUN { \
# https://www.php.net/manual/en/errorfunc.constants.php
echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \
echo 'display_errors = Off'; \
echo 'display_startup_errors = Off'; \
echo 'log_errors = On'; \
echo 'error_log = /dev/stderr'; \
echo 'log_errors_max_len = 1024'; \
echo 'ignore_repeated_errors = On'; \
echo 'ignore_repeated_source = Off'; \
echo 'html_errors = Off'; \
} > /usr/local/etc/php/conf.d/error-logging.ini
VOLUME /var/www/html VOLUME /var/www/html
@ -75,14 +135,14 @@ ENV JOOMLA_SHA512 a9ffd64d8320d3df2f58df924b750f4b75a15eac194b4a8ef98671208ad2ca
# Download package and extract to web volume # Download package and extract to web volume
RUN set -ex; \ RUN set -ex; \
curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/${JOOMLA_VERSION}/Joomla_${JOOMLA_VERSION}-Stable-Full_Package.tar.bz2; \ curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/4.1.4/Joomla_4.1.4-Stable-Full_Package.tar.bz2; \
echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \ echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \
mkdir /usr/src/joomla; \ mkdir /usr/src/joomla; \
tar -xf joomla.tar.bz2 -C /usr/src/joomla; \ tar -xf joomla.tar.bz2 -C /usr/src/joomla; \
rm joomla.tar.bz2; \ rm joomla.tar.bz2; \
chown -R www-data:www-data /usr/src/joomla chown -R www-data:www-data /usr/src/joomla
# Copy init scripts and custom .htaccess # Copy init scripts
COPY docker-entrypoint.sh /entrypoint.sh COPY docker-entrypoint.sh /entrypoint.sh
COPY makedb.php /makedb.php COPY makedb.php /makedb.php
@ -90,4 +150,4 @@ ENTRYPOINT ["/entrypoint.sh"]
CMD ["php-fpm"] CMD ["php-fpm"]
# vim:set ft=dockerfile:

View File

@ -10,7 +10,15 @@ LABEL maintainer="Llewellyn van der Merwe <llewellyn.van-der-merwe@community.joo
# Disable remote database security requirements. # Disable remote database security requirements.
ENV JOOMLA_INSTALLATION_DISABLE_LOCALHOST_CHECK=1 ENV JOOMLA_INSTALLATION_DISABLE_LOCALHOST_CHECK=1
# Install the PHP extensions RUN set -eux; \
apt-get update; \
apt-get install -y --no-install-recommends \
# Ghostscript is required for rendering PDF previews
ghostscript \
; \
rm -rf /var/lib/apt/lists/*
# install the PHP extensions we need.
RUN set -ex; \ RUN set -ex; \
\ \
savedAptMark="$(apt-mark showmanual)"; \ savedAptMark="$(apt-mark showmanual)"; \
@ -20,19 +28,28 @@ RUN set -ex; \
libbz2-dev \ libbz2-dev \
libgmp-dev \ libgmp-dev \
libicu-dev \ libicu-dev \
libfreetype6-dev \
libjpeg-dev \ libjpeg-dev \
libldap2-dev \ libldap2-dev \
libmemcached-dev \ libmemcached-dev \
libpng-dev \ libmagickwand-dev \
libpq-dev \ libpq-dev \
libpng-dev \
libwebp-dev \
libzip-dev \ libzip-dev \
; \ ; \
\ \
docker-php-ext-configure gd --with-jpeg; \ docker-php-ext-configure gd \
--with-freetype \
--with-jpeg \
--with-webp \
; \
debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \ debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \
docker-php-ext-configure ldap --with-libdir="lib/$debMultiarch"; \ docker-php-ext-configure ldap --with-libdir="lib/$debMultiarch"; \
docker-php-ext-install -j "$(nproc)" \ docker-php-ext-install -j "$(nproc)" \
bz2 \ bz2 \
bcmath \
exif \
gd \ gd \
gmp \ gmp \
intl \ intl \
@ -43,7 +60,19 @@ RUN set -ex; \
pgsql \ pgsql \
zip \ zip \
; \ ; \
# https://pecl.php.net/package/imagick
pecl install imagick-3.6.0; \
docker-php-ext-enable imagick; \
rm -r /tmp/pear; \
\ \
# some misbehaving extensions end up outputting to stdout
out="$(php -r 'exit(0);')"; \
[ -z "$out" ]; \
err="$(php -r 'exit(0);' 3>&1 1>&2 2>&3)"; \
[ -z "$err" ]; \
\
extDir="$(php -r 'echo ini_get("extension_dir");')"; \
[ -d "$extDir" ]; \
# pecl will claim success even if one install fails, so we need to perform each install separately # pecl will claim success even if one install fails, so we need to perform each install separately
pecl install APCu-5.1.21; \ pecl install APCu-5.1.21; \
pecl install memcached-3.2.0; \ pecl install memcached-3.2.0; \
@ -59,7 +88,7 @@ RUN set -ex; \
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \ apt-mark auto '.*' > /dev/null; \
apt-mark manual $savedAptMark; \ apt-mark manual $savedAptMark; \
ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ ldd "$extDir"/*.so \
| awk '/=>/ { print $3 }' \ | awk '/=>/ { print $3 }' \
| sort -u \ | sort -u \
| xargs -r dpkg-query -S \ | xargs -r dpkg-query -S \
@ -68,7 +97,37 @@ RUN set -ex; \
| xargs -rt apt-mark manual; \ | xargs -rt apt-mark manual; \
\ \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/* rm -rf /var/lib/apt/lists/*; \
\
! { ldd "$extDir"/*.so | grep 'not found'; }; \
# check for output like "PHP Warning: PHP Startup: Unable to load dynamic library 'foo' (tried: ...)
err="$(php --version 3>&1 1>&2 2>&3)"; \
[ -z "$err" ]
# set recommended PHP.ini settings
# see https://secure.php.net/manual/en/opcache.installation.php
RUN set -eux; \
docker-php-ext-enable opcache; \
{ \
echo 'opcache.memory_consumption=128'; \
echo 'opcache.interned_strings_buffer=8'; \
echo 'opcache.max_accelerated_files=4000'; \
echo 'opcache.revalidate_freq=2'; \
echo 'opcache.fast_shutdown=1'; \
} > /usr/local/etc/php/conf.d/opcache-recommended.ini
# set recommended error logging
RUN { \
# https://www.php.net/manual/en/errorfunc.constants.php
echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \
echo 'display_errors = Off'; \
echo 'display_startup_errors = Off'; \
echo 'log_errors = On'; \
echo 'error_log = /dev/stderr'; \
echo 'log_errors_max_len = 1024'; \
echo 'ignore_repeated_errors = On'; \
echo 'ignore_repeated_source = Off'; \
echo 'html_errors = Off'; \
} > /usr/local/etc/php/conf.d/error-logging.ini
VOLUME /var/www/html VOLUME /var/www/html
@ -78,14 +137,14 @@ ENV JOOMLA_SHA512 a9ffd64d8320d3df2f58df924b750f4b75a15eac194b4a8ef98671208ad2ca
# Download package and extract to web volume # Download package and extract to web volume
RUN set -ex; \ RUN set -ex; \
curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/${JOOMLA_VERSION}/Joomla_${JOOMLA_VERSION}-Stable-Full_Package.tar.bz2; \ curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/4.1.4/Joomla_4.1.4-Stable-Full_Package.tar.bz2; \
echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \ echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \
mkdir /usr/src/joomla; \ mkdir /usr/src/joomla; \
tar -xf joomla.tar.bz2 -C /usr/src/joomla; \ tar -xf joomla.tar.bz2 -C /usr/src/joomla; \
rm joomla.tar.bz2; \ rm joomla.tar.bz2; \
chown -R www-data:www-data /usr/src/joomla chown -R www-data:www-data /usr/src/joomla
# Copy init scripts and custom .htaccess # Copy init scripts
COPY docker-entrypoint.sh /entrypoint.sh COPY docker-entrypoint.sh /entrypoint.sh
COPY makedb.php /makedb.php COPY makedb.php /makedb.php
@ -93,4 +152,4 @@ ENTRYPOINT ["/entrypoint.sh"]
CMD ["php-fpm"] CMD ["php-fpm"]
# vim:set ft=dockerfile:

View File

@ -10,9 +10,15 @@ LABEL maintainer="Llewellyn van der Merwe <llewellyn.van-der-merwe@community.joo
# Disable remote database security requirements. # Disable remote database security requirements.
ENV JOOMLA_INSTALLATION_DISABLE_LOCALHOST_CHECK=1 ENV JOOMLA_INSTALLATION_DISABLE_LOCALHOST_CHECK=1
# Enable Apache Rewrite Module RUN set -eux; \
RUN a2enmod rewrite apt-get update; \
# Install the PHP extensions apt-get install -y --no-install-recommends \
# Ghostscript is required for rendering PDF previews
ghostscript \
; \
rm -rf /var/lib/apt/lists/*
# install the PHP extensions we need.
RUN set -ex; \ RUN set -ex; \
\ \
savedAptMark="$(apt-mark showmanual)"; \ savedAptMark="$(apt-mark showmanual)"; \
@ -22,19 +28,28 @@ RUN set -ex; \
libbz2-dev \ libbz2-dev \
libgmp-dev \ libgmp-dev \
libicu-dev \ libicu-dev \
libfreetype6-dev \
libjpeg-dev \ libjpeg-dev \
libldap2-dev \ libldap2-dev \
libmemcached-dev \ libmemcached-dev \
libpng-dev \ libmagickwand-dev \
libpq-dev \ libpq-dev \
libpng-dev \
libwebp-dev \
libzip-dev \ libzip-dev \
; \ ; \
\ \
docker-php-ext-configure gd --with-jpeg; \ docker-php-ext-configure gd \
--with-freetype \
--with-jpeg \
--with-webp \
; \
debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \ debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \
docker-php-ext-configure ldap --with-libdir="lib/$debMultiarch"; \ docker-php-ext-configure ldap --with-libdir="lib/$debMultiarch"; \
docker-php-ext-install -j "$(nproc)" \ docker-php-ext-install -j "$(nproc)" \
bz2 \ bz2 \
bcmath \
exif \
gd \ gd \
gmp \ gmp \
intl \ intl \
@ -45,7 +60,19 @@ RUN set -ex; \
pgsql \ pgsql \
zip \ zip \
; \ ; \
# https://pecl.php.net/package/imagick
pecl install imagick-3.6.0; \
docker-php-ext-enable imagick; \
rm -r /tmp/pear; \
\ \
# some misbehaving extensions end up outputting to stdout
out="$(php -r 'exit(0);')"; \
[ -z "$out" ]; \
err="$(php -r 'exit(0);' 3>&1 1>&2 2>&3)"; \
[ -z "$err" ]; \
\
extDir="$(php -r 'echo ini_get("extension_dir");')"; \
[ -d "$extDir" ]; \
# pecl will claim success even if one install fails, so we need to perform each install separately # pecl will claim success even if one install fails, so we need to perform each install separately
pecl install APCu-5.1.21; \ pecl install APCu-5.1.21; \
pecl install memcached-3.2.0; \ pecl install memcached-3.2.0; \
@ -61,7 +88,7 @@ RUN set -ex; \
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \ apt-mark auto '.*' > /dev/null; \
apt-mark manual $savedAptMark; \ apt-mark manual $savedAptMark; \
ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ ldd "$extDir"/*.so \
| awk '/=>/ { print $3 }' \ | awk '/=>/ { print $3 }' \
| sort -u \ | sort -u \
| xargs -r dpkg-query -S \ | xargs -r dpkg-query -S \
@ -70,7 +97,55 @@ RUN set -ex; \
| xargs -rt apt-mark manual; \ | xargs -rt apt-mark manual; \
\ \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/* rm -rf /var/lib/apt/lists/*; \
\
! { ldd "$extDir"/*.so | grep 'not found'; }; \
# check for output like "PHP Warning: PHP Startup: Unable to load dynamic library 'foo' (tried: ...)
err="$(php --version 3>&1 1>&2 2>&3)"; \
[ -z "$err" ]
# set recommended PHP.ini settings
# see https://secure.php.net/manual/en/opcache.installation.php
RUN set -eux; \
docker-php-ext-enable opcache; \
{ \
echo 'opcache.memory_consumption=128'; \
echo 'opcache.interned_strings_buffer=8'; \
echo 'opcache.max_accelerated_files=4000'; \
echo 'opcache.revalidate_freq=2'; \
echo 'opcache.fast_shutdown=1'; \
} > /usr/local/etc/php/conf.d/opcache-recommended.ini
# set recommended error logging
RUN { \
# https://www.php.net/manual/en/errorfunc.constants.php
echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \
echo 'display_errors = Off'; \
echo 'display_startup_errors = Off'; \
echo 'log_errors = On'; \
echo 'error_log = /dev/stderr'; \
echo 'log_errors_max_len = 1024'; \
echo 'ignore_repeated_errors = On'; \
echo 'ignore_repeated_source = Off'; \
echo 'html_errors = Off'; \
} > /usr/local/etc/php/conf.d/error-logging.ini
RUN set -eux; \
a2enmod rewrite expires; \
\
# https://httpd.apache.org/docs/2.4/mod/mod_remoteip.html
a2enmod remoteip; \
{ \
echo 'RemoteIPHeader X-Forwarded-For'; \
# these IP ranges are reserved for "private" use and should thus *usually* be safe inside Docker
echo 'RemoteIPTrustedProxy 10.0.0.0/8'; \
echo 'RemoteIPTrustedProxy 172.16.0.0/12'; \
echo 'RemoteIPTrustedProxy 192.168.0.0/16'; \
echo 'RemoteIPTrustedProxy 169.254.0.0/16'; \
echo 'RemoteIPTrustedProxy 127.0.0.0/8'; \
} > /etc/apache2/conf-available/remoteip.conf; \
a2enconf remoteip; \
# (replace all instances of "%h" with "%a" in LogFormat)
find /etc/apache2 -type f -name '*.conf' -exec sed -ri 's/([[:space:]]*LogFormat[[:space:]]+"[^"]*)%h([^"]*")/\1%a\2/g' '{}' +
VOLUME /var/www/html VOLUME /var/www/html
@ -80,18 +155,18 @@ ENV JOOMLA_SHA512 a9ffd64d8320d3df2f58df924b750f4b75a15eac194b4a8ef98671208ad2ca
# Download package and extract to web volume # Download package and extract to web volume
RUN set -ex; \ RUN set -ex; \
curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/${JOOMLA_VERSION}/Joomla_${JOOMLA_VERSION}-Stable-Full_Package.tar.bz2; \ curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/4.1.4/Joomla_4.1.4-Stable-Full_Package.tar.bz2; \
echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \ echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \
mkdir /usr/src/joomla; \ mkdir /usr/src/joomla; \
tar -xf joomla.tar.bz2 -C /usr/src/joomla; \ tar -xf joomla.tar.bz2 -C /usr/src/joomla; \
rm joomla.tar.bz2; \ rm joomla.tar.bz2; \
chown -R www-data:www-data /usr/src/joomla chown -R www-data:www-data /usr/src/joomla
# Copy init scripts and custom .htaccess # Copy init scripts
COPY docker-entrypoint.sh /entrypoint.sh COPY docker-entrypoint.sh /entrypoint.sh
COPY makedb.php /makedb.php COPY makedb.php /makedb.php
ENTRYPOINT ["/entrypoint.sh"] ENTRYPOINT ["/entrypoint.sh"]
CMD ["apache2-foreground"] CMD ["apache2-foreground"]
# vim:set ft=dockerfile:

View File

@ -10,10 +10,17 @@ LABEL maintainer="Llewellyn van der Merwe <llewellyn.van-der-merwe@community.joo
# Disable remote database security requirements. # Disable remote database security requirements.
ENV JOOMLA_INSTALLATION_DISABLE_LOCALHOST_CHECK=1 ENV JOOMLA_INSTALLATION_DISABLE_LOCALHOST_CHECK=1
# entrypoint.sh dependencies RUN set -eux; \
RUN apk add --no-cache \ apk add --no-cache \
bash # in theory, docker-entrypoint.sh is POSIX-compliant, but priority is a working, consistent image
# Install the PHP extensions bash \
# Ghostscript is required for rendering PDF previews
ghostscript \
# Alpine package for "imagemagick" contains ~120 .so files
imagemagick \
;
# install the PHP extensions we need.
RUN set -ex; \ RUN set -ex; \
\ \
apk add --no-cache --virtual .build-deps \ apk add --no-cache --virtual .build-deps \
@ -22,19 +29,28 @@ RUN set -ex; \
bzip2-dev \ bzip2-dev \
gmp-dev \ gmp-dev \
icu-dev \ icu-dev \
freetype-dev \
imagemagick-dev \
libjpeg-turbo-dev \ libjpeg-turbo-dev \
libmemcached-dev \ libmemcached-dev \
libpng-dev \ libpng-dev \
libwebp-dev \
libzip-dev \ libzip-dev \
openldap-dev \ openldap-dev \
pcre-dev \ pcre-dev \
postgresql-dev \ postgresql-dev \
; \ ; \
\ \
docker-php-ext-configure gd --with-jpeg; \ docker-php-ext-configure gd \
--with-freetype \
--with-jpeg \
--with-webp \
; \
docker-php-ext-configure ldap; \ docker-php-ext-configure ldap; \
docker-php-ext-install -j "$(nproc)" \ docker-php-ext-install -j "$(nproc)" \
bz2 \ bz2 \
bcmath \
exif \
gd \ gd \
gmp \ gmp \
intl \ intl \
@ -45,6 +61,20 @@ RUN set -ex; \
pgsql \ pgsql \
zip \ zip \
; \ ; \
# WARNING: imagick is likely not supported on Alpine: https://github.com/Imagick/imagick/issues/328
# https://pecl.php.net/package/imagick
pecl install imagick-3.6.0; \
docker-php-ext-enable imagick; \
rm -r /tmp/pear; \
\
# some misbehaving extensions end up outputting to stdout
out="$(php -r 'exit(0);')"; \
[ -z "$out" ]; \
err="$(php -r 'exit(0);' 3>&1 1>&2 2>&3)"; \
[ -z "$err" ]; \
\
extDir="$(php -r 'echo ini_get("extension_dir");')"; \
[ -d "$extDir" ]; \
\ \
# pecl will claim success even if one install fails, so we need to perform each install separately # pecl will claim success even if one install fails, so we need to perform each install separately
pecl install APCu-5.1.21; \ pecl install APCu-5.1.21; \
@ -59,13 +89,43 @@ RUN set -ex; \
rm -r /tmp/pear; \ rm -r /tmp/pear; \
\ \
runDeps="$( \ runDeps="$( \
scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/lib/php/extensions \ scanelf --needed --nobanner --format '%n#p' --recursive "$extDir" \
| tr ',' '\n' \ | tr ',' '\n' \
| sort -u \ | sort -u \
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
)"; \ )"; \
apk add --virtual .joomla-phpext-rundeps $runDeps; \ apk add --no-network --virtual .joomla-phpexts-rundeps $runDeps; \
apk del .build-deps apk del --no-network .build-deps; \
\
! { ldd "$extDir"/*.so | grep 'not found'; }; \
# check for output like "PHP Warning: PHP Startup: Unable to load dynamic library 'foo' (tried: ...)
err="$(php --version 3>&1 1>&2 2>&3)"; \
[ -z "$err" ]
# set recommended PHP.ini settings
# see https://secure.php.net/manual/en/opcache.installation.php
RUN set -eux; \
docker-php-ext-enable opcache; \
{ \
echo 'opcache.memory_consumption=128'; \
echo 'opcache.interned_strings_buffer=8'; \
echo 'opcache.max_accelerated_files=4000'; \
echo 'opcache.revalidate_freq=2'; \
echo 'opcache.fast_shutdown=1'; \
} > /usr/local/etc/php/conf.d/opcache-recommended.ini
# set recommended error logging
RUN { \
# https://www.php.net/manual/en/errorfunc.constants.php
echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \
echo 'display_errors = Off'; \
echo 'display_startup_errors = Off'; \
echo 'log_errors = On'; \
echo 'error_log = /dev/stderr'; \
echo 'log_errors_max_len = 1024'; \
echo 'ignore_repeated_errors = On'; \
echo 'ignore_repeated_source = Off'; \
echo 'html_errors = Off'; \
} > /usr/local/etc/php/conf.d/error-logging.ini
VOLUME /var/www/html VOLUME /var/www/html
@ -75,14 +135,14 @@ ENV JOOMLA_SHA512 a9ffd64d8320d3df2f58df924b750f4b75a15eac194b4a8ef98671208ad2ca
# Download package and extract to web volume # Download package and extract to web volume
RUN set -ex; \ RUN set -ex; \
curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/${JOOMLA_VERSION}/Joomla_${JOOMLA_VERSION}-Stable-Full_Package.tar.bz2; \ curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/4.1.4/Joomla_4.1.4-Stable-Full_Package.tar.bz2; \
echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \ echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \
mkdir /usr/src/joomla; \ mkdir /usr/src/joomla; \
tar -xf joomla.tar.bz2 -C /usr/src/joomla; \ tar -xf joomla.tar.bz2 -C /usr/src/joomla; \
rm joomla.tar.bz2; \ rm joomla.tar.bz2; \
chown -R www-data:www-data /usr/src/joomla chown -R www-data:www-data /usr/src/joomla
# Copy init scripts and custom .htaccess # Copy init scripts
COPY docker-entrypoint.sh /entrypoint.sh COPY docker-entrypoint.sh /entrypoint.sh
COPY makedb.php /makedb.php COPY makedb.php /makedb.php
@ -90,4 +150,4 @@ ENTRYPOINT ["/entrypoint.sh"]
CMD ["php-fpm"] CMD ["php-fpm"]
# vim:set ft=dockerfile:

View File

@ -10,7 +10,15 @@ LABEL maintainer="Llewellyn van der Merwe <llewellyn.van-der-merwe@community.joo
# Disable remote database security requirements. # Disable remote database security requirements.
ENV JOOMLA_INSTALLATION_DISABLE_LOCALHOST_CHECK=1 ENV JOOMLA_INSTALLATION_DISABLE_LOCALHOST_CHECK=1
# Install the PHP extensions RUN set -eux; \
apt-get update; \
apt-get install -y --no-install-recommends \
# Ghostscript is required for rendering PDF previews
ghostscript \
; \
rm -rf /var/lib/apt/lists/*
# install the PHP extensions we need.
RUN set -ex; \ RUN set -ex; \
\ \
savedAptMark="$(apt-mark showmanual)"; \ savedAptMark="$(apt-mark showmanual)"; \
@ -20,19 +28,28 @@ RUN set -ex; \
libbz2-dev \ libbz2-dev \
libgmp-dev \ libgmp-dev \
libicu-dev \ libicu-dev \
libfreetype6-dev \
libjpeg-dev \ libjpeg-dev \
libldap2-dev \ libldap2-dev \
libmemcached-dev \ libmemcached-dev \
libpng-dev \ libmagickwand-dev \
libpq-dev \ libpq-dev \
libpng-dev \
libwebp-dev \
libzip-dev \ libzip-dev \
; \ ; \
\ \
docker-php-ext-configure gd --with-jpeg; \ docker-php-ext-configure gd \
--with-freetype \
--with-jpeg \
--with-webp \
; \
debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \ debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \
docker-php-ext-configure ldap --with-libdir="lib/$debMultiarch"; \ docker-php-ext-configure ldap --with-libdir="lib/$debMultiarch"; \
docker-php-ext-install -j "$(nproc)" \ docker-php-ext-install -j "$(nproc)" \
bz2 \ bz2 \
bcmath \
exif \
gd \ gd \
gmp \ gmp \
intl \ intl \
@ -43,7 +60,19 @@ RUN set -ex; \
pgsql \ pgsql \
zip \ zip \
; \ ; \
# https://pecl.php.net/package/imagick
pecl install imagick-3.6.0; \
docker-php-ext-enable imagick; \
rm -r /tmp/pear; \
\ \
# some misbehaving extensions end up outputting to stdout
out="$(php -r 'exit(0);')"; \
[ -z "$out" ]; \
err="$(php -r 'exit(0);' 3>&1 1>&2 2>&3)"; \
[ -z "$err" ]; \
\
extDir="$(php -r 'echo ini_get("extension_dir");')"; \
[ -d "$extDir" ]; \
# pecl will claim success even if one install fails, so we need to perform each install separately # pecl will claim success even if one install fails, so we need to perform each install separately
pecl install APCu-5.1.21; \ pecl install APCu-5.1.21; \
pecl install memcached-3.2.0; \ pecl install memcached-3.2.0; \
@ -59,7 +88,7 @@ RUN set -ex; \
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \ apt-mark auto '.*' > /dev/null; \
apt-mark manual $savedAptMark; \ apt-mark manual $savedAptMark; \
ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ ldd "$extDir"/*.so \
| awk '/=>/ { print $3 }' \ | awk '/=>/ { print $3 }' \
| sort -u \ | sort -u \
| xargs -r dpkg-query -S \ | xargs -r dpkg-query -S \
@ -68,7 +97,37 @@ RUN set -ex; \
| xargs -rt apt-mark manual; \ | xargs -rt apt-mark manual; \
\ \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/* rm -rf /var/lib/apt/lists/*; \
\
! { ldd "$extDir"/*.so | grep 'not found'; }; \
# check for output like "PHP Warning: PHP Startup: Unable to load dynamic library 'foo' (tried: ...)
err="$(php --version 3>&1 1>&2 2>&3)"; \
[ -z "$err" ]
# set recommended PHP.ini settings
# see https://secure.php.net/manual/en/opcache.installation.php
RUN set -eux; \
docker-php-ext-enable opcache; \
{ \
echo 'opcache.memory_consumption=128'; \
echo 'opcache.interned_strings_buffer=8'; \
echo 'opcache.max_accelerated_files=4000'; \
echo 'opcache.revalidate_freq=2'; \
echo 'opcache.fast_shutdown=1'; \
} > /usr/local/etc/php/conf.d/opcache-recommended.ini
# set recommended error logging
RUN { \
# https://www.php.net/manual/en/errorfunc.constants.php
echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \
echo 'display_errors = Off'; \
echo 'display_startup_errors = Off'; \
echo 'log_errors = On'; \
echo 'error_log = /dev/stderr'; \
echo 'log_errors_max_len = 1024'; \
echo 'ignore_repeated_errors = On'; \
echo 'ignore_repeated_source = Off'; \
echo 'html_errors = Off'; \
} > /usr/local/etc/php/conf.d/error-logging.ini
VOLUME /var/www/html VOLUME /var/www/html
@ -78,14 +137,14 @@ ENV JOOMLA_SHA512 a9ffd64d8320d3df2f58df924b750f4b75a15eac194b4a8ef98671208ad2ca
# Download package and extract to web volume # Download package and extract to web volume
RUN set -ex; \ RUN set -ex; \
curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/${JOOMLA_VERSION}/Joomla_${JOOMLA_VERSION}-Stable-Full_Package.tar.bz2; \ curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/4.1.4/Joomla_4.1.4-Stable-Full_Package.tar.bz2; \
echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \ echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \
mkdir /usr/src/joomla; \ mkdir /usr/src/joomla; \
tar -xf joomla.tar.bz2 -C /usr/src/joomla; \ tar -xf joomla.tar.bz2 -C /usr/src/joomla; \
rm joomla.tar.bz2; \ rm joomla.tar.bz2; \
chown -R www-data:www-data /usr/src/joomla chown -R www-data:www-data /usr/src/joomla
# Copy init scripts and custom .htaccess # Copy init scripts
COPY docker-entrypoint.sh /entrypoint.sh COPY docker-entrypoint.sh /entrypoint.sh
COPY makedb.php /makedb.php COPY makedb.php /makedb.php
@ -93,4 +152,4 @@ ENTRYPOINT ["/entrypoint.sh"]
CMD ["php-fpm"] CMD ["php-fpm"]
# vim:set ft=dockerfile:

View File

@ -3,6 +3,7 @@
"aliases": [ "aliases": [
3 3
], ],
"package": "https://github.com/joomla/joomla-cms/releases/download/3.10.9/Joomla_3.10.9-Stable-Full_Package.tar.bz2",
"php": "7.4", "php": "7.4",
"phpVersions": [ "phpVersions": [
"7.4" "7.4"
@ -21,6 +22,7 @@
4, 4,
"latest" "latest"
], ],
"package": "https://github.com/joomla/joomla-cms/releases/download/4.1.4/Joomla_4.1.4-Stable-Full_Package.tar.bz2",
"php": "8.0", "php": "8.0",
"phpVersions": [ "phpVersions": [
"7.4", "7.4",