diff --git a/3.10/php7.4/apache/Dockerfile b/3.10/php7.4/apache/Dockerfile index fc95e16..f1fd1f4 100644 --- a/3.10/php7.4/apache/Dockerfile +++ b/3.10/php7.4/apache/Dockerfile @@ -10,9 +10,15 @@ LABEL maintainer="Llewellyn van der Merwe /dev/null; \ apt-mark manual $savedAptMark; \ - ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ + ldd "$extDir"/*.so \ | awk '/=>/ { print $3 }' \ | sort -u \ | xargs -r dpkg-query -S \ @@ -69,7 +96,55 @@ RUN set -ex; \ | xargs -rt apt-mark manual; \ \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ - rm -rf /var/lib/apt/lists/* + rm -rf /var/lib/apt/lists/*; \ + \ + ! { ldd "$extDir"/*.so | grep 'not found'; }; \ +# check for output like "PHP Warning: PHP Startup: Unable to load dynamic library 'foo' (tried: ...) + err="$(php --version 3>&1 1>&2 2>&3)"; \ + [ -z "$err" ] + +# set recommended PHP.ini settings +# see https://secure.php.net/manual/en/opcache.installation.php +RUN set -eux; \ + docker-php-ext-enable opcache; \ + { \ + echo 'opcache.memory_consumption=128'; \ + echo 'opcache.interned_strings_buffer=8'; \ + echo 'opcache.max_accelerated_files=4000'; \ + echo 'opcache.revalidate_freq=2'; \ + echo 'opcache.fast_shutdown=1'; \ + } > /usr/local/etc/php/conf.d/opcache-recommended.ini +# set recommended error logging +RUN { \ +# https://www.php.net/manual/en/errorfunc.constants.php + echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \ + echo 'display_errors = Off'; \ + echo 'display_startup_errors = Off'; \ + echo 'log_errors = On'; \ + echo 'error_log = /dev/stderr'; \ + echo 'log_errors_max_len = 1024'; \ + echo 'ignore_repeated_errors = On'; \ + echo 'ignore_repeated_source = Off'; \ + echo 'html_errors = Off'; \ + } > /usr/local/etc/php/conf.d/error-logging.ini + +RUN set -eux; \ + a2enmod rewrite expires; \ + \ +# https://httpd.apache.org/docs/2.4/mod/mod_remoteip.html + a2enmod remoteip; \ + { \ + echo 'RemoteIPHeader X-Forwarded-For'; \ +# these IP ranges are reserved for "private" use and should thus *usually* be safe inside Docker + echo 'RemoteIPTrustedProxy 10.0.0.0/8'; \ + echo 'RemoteIPTrustedProxy 172.16.0.0/12'; \ + echo 'RemoteIPTrustedProxy 192.168.0.0/16'; \ + echo 'RemoteIPTrustedProxy 169.254.0.0/16'; \ + echo 'RemoteIPTrustedProxy 127.0.0.0/8'; \ + } > /etc/apache2/conf-available/remoteip.conf; \ + a2enconf remoteip; \ +# (replace all instances of "%h" with "%a" in LogFormat) + find /etc/apache2 -type f -name '*.conf' -exec sed -ri 's/([[:space:]]*LogFormat[[:space:]]+"[^"]*)%h([^"]*")/\1%a\2/g' '{}' + VOLUME /var/www/html @@ -79,18 +154,18 @@ ENV JOOMLA_SHA512 f3ca0ae9da4c2d97f2f89a3c215111bfa56b9e7e3c8ec83f627d58bfa2c621 # Download package and extract to web volume RUN set -ex; \ - curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/${JOOMLA_VERSION}/Joomla_${JOOMLA_VERSION}-Stable-Full_Package.tar.bz2; \ + curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/3.10.9/Joomla_3.10.9-Stable-Full_Package.tar.bz2; \ echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \ mkdir /usr/src/joomla; \ tar -xf joomla.tar.bz2 -C /usr/src/joomla; \ rm joomla.tar.bz2; \ chown -R www-data:www-data /usr/src/joomla -# Copy init scripts and custom .htaccess +# Copy init scripts COPY docker-entrypoint.sh /entrypoint.sh COPY makedb.php /makedb.php ENTRYPOINT ["/entrypoint.sh"] CMD ["apache2-foreground"] -# vim:set ft=dockerfile: + diff --git a/3.10/php7.4/fpm-alpine/Dockerfile b/3.10/php7.4/fpm-alpine/Dockerfile index 9677fe7..3e85df4 100644 --- a/3.10/php7.4/fpm-alpine/Dockerfile +++ b/3.10/php7.4/fpm-alpine/Dockerfile @@ -10,10 +10,17 @@ LABEL maintainer="Llewellyn van der Merwe /usr/local/etc/php/conf.d/opcache-recommended.ini +# set recommended error logging +RUN { \ +# https://www.php.net/manual/en/errorfunc.constants.php + echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \ + echo 'display_errors = Off'; \ + echo 'display_startup_errors = Off'; \ + echo 'log_errors = On'; \ + echo 'error_log = /dev/stderr'; \ + echo 'log_errors_max_len = 1024'; \ + echo 'ignore_repeated_errors = On'; \ + echo 'ignore_repeated_source = Off'; \ + echo 'html_errors = Off'; \ + } > /usr/local/etc/php/conf.d/error-logging.ini VOLUME /var/www/html @@ -76,14 +136,14 @@ ENV JOOMLA_SHA512 f3ca0ae9da4c2d97f2f89a3c215111bfa56b9e7e3c8ec83f627d58bfa2c621 # Download package and extract to web volume RUN set -ex; \ - curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/${JOOMLA_VERSION}/Joomla_${JOOMLA_VERSION}-Stable-Full_Package.tar.bz2; \ + curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/3.10.9/Joomla_3.10.9-Stable-Full_Package.tar.bz2; \ echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \ mkdir /usr/src/joomla; \ tar -xf joomla.tar.bz2 -C /usr/src/joomla; \ rm joomla.tar.bz2; \ chown -R www-data:www-data /usr/src/joomla -# Copy init scripts and custom .htaccess +# Copy init scripts COPY docker-entrypoint.sh /entrypoint.sh COPY makedb.php /makedb.php @@ -91,4 +151,4 @@ ENTRYPOINT ["/entrypoint.sh"] CMD ["php-fpm"] -# vim:set ft=dockerfile: + diff --git a/3.10/php7.4/fpm/Dockerfile b/3.10/php7.4/fpm/Dockerfile index 7e54331..8d50f33 100644 --- a/3.10/php7.4/fpm/Dockerfile +++ b/3.10/php7.4/fpm/Dockerfile @@ -10,7 +10,15 @@ LABEL maintainer="Llewellyn van der Merwe /dev/null; \ apt-mark manual $savedAptMark; \ - ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ + ldd "$extDir"/*.so \ | awk '/=>/ { print $3 }' \ | sort -u \ | xargs -r dpkg-query -S \ @@ -67,7 +96,37 @@ RUN set -ex; \ | xargs -rt apt-mark manual; \ \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ - rm -rf /var/lib/apt/lists/* + rm -rf /var/lib/apt/lists/*; \ + \ + ! { ldd "$extDir"/*.so | grep 'not found'; }; \ +# check for output like "PHP Warning: PHP Startup: Unable to load dynamic library 'foo' (tried: ...) + err="$(php --version 3>&1 1>&2 2>&3)"; \ + [ -z "$err" ] + +# set recommended PHP.ini settings +# see https://secure.php.net/manual/en/opcache.installation.php +RUN set -eux; \ + docker-php-ext-enable opcache; \ + { \ + echo 'opcache.memory_consumption=128'; \ + echo 'opcache.interned_strings_buffer=8'; \ + echo 'opcache.max_accelerated_files=4000'; \ + echo 'opcache.revalidate_freq=2'; \ + echo 'opcache.fast_shutdown=1'; \ + } > /usr/local/etc/php/conf.d/opcache-recommended.ini +# set recommended error logging +RUN { \ +# https://www.php.net/manual/en/errorfunc.constants.php + echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \ + echo 'display_errors = Off'; \ + echo 'display_startup_errors = Off'; \ + echo 'log_errors = On'; \ + echo 'error_log = /dev/stderr'; \ + echo 'log_errors_max_len = 1024'; \ + echo 'ignore_repeated_errors = On'; \ + echo 'ignore_repeated_source = Off'; \ + echo 'html_errors = Off'; \ + } > /usr/local/etc/php/conf.d/error-logging.ini VOLUME /var/www/html @@ -77,14 +136,14 @@ ENV JOOMLA_SHA512 f3ca0ae9da4c2d97f2f89a3c215111bfa56b9e7e3c8ec83f627d58bfa2c621 # Download package and extract to web volume RUN set -ex; \ - curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/${JOOMLA_VERSION}/Joomla_${JOOMLA_VERSION}-Stable-Full_Package.tar.bz2; \ + curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/3.10.9/Joomla_3.10.9-Stable-Full_Package.tar.bz2; \ echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \ mkdir /usr/src/joomla; \ tar -xf joomla.tar.bz2 -C /usr/src/joomla; \ rm joomla.tar.bz2; \ chown -R www-data:www-data /usr/src/joomla -# Copy init scripts and custom .htaccess +# Copy init scripts COPY docker-entrypoint.sh /entrypoint.sh COPY makedb.php /makedb.php @@ -92,4 +151,4 @@ ENTRYPOINT ["/entrypoint.sh"] CMD ["php-fpm"] -# vim:set ft=dockerfile: + diff --git a/4.1/php7.4/apache/Dockerfile b/4.1/php7.4/apache/Dockerfile index eeedb25..c8f710f 100644 --- a/4.1/php7.4/apache/Dockerfile +++ b/4.1/php7.4/apache/Dockerfile @@ -10,9 +10,15 @@ LABEL maintainer="Llewellyn van der Merwe /dev/null; \ apt-mark manual $savedAptMark; \ - ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ + ldd "$extDir"/*.so \ | awk '/=>/ { print $3 }' \ | sort -u \ | xargs -r dpkg-query -S \ @@ -70,7 +97,55 @@ RUN set -ex; \ | xargs -rt apt-mark manual; \ \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ - rm -rf /var/lib/apt/lists/* + rm -rf /var/lib/apt/lists/*; \ + \ + ! { ldd "$extDir"/*.so | grep 'not found'; }; \ +# check for output like "PHP Warning: PHP Startup: Unable to load dynamic library 'foo' (tried: ...) + err="$(php --version 3>&1 1>&2 2>&3)"; \ + [ -z "$err" ] + +# set recommended PHP.ini settings +# see https://secure.php.net/manual/en/opcache.installation.php +RUN set -eux; \ + docker-php-ext-enable opcache; \ + { \ + echo 'opcache.memory_consumption=128'; \ + echo 'opcache.interned_strings_buffer=8'; \ + echo 'opcache.max_accelerated_files=4000'; \ + echo 'opcache.revalidate_freq=2'; \ + echo 'opcache.fast_shutdown=1'; \ + } > /usr/local/etc/php/conf.d/opcache-recommended.ini +# set recommended error logging +RUN { \ +# https://www.php.net/manual/en/errorfunc.constants.php + echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \ + echo 'display_errors = Off'; \ + echo 'display_startup_errors = Off'; \ + echo 'log_errors = On'; \ + echo 'error_log = /dev/stderr'; \ + echo 'log_errors_max_len = 1024'; \ + echo 'ignore_repeated_errors = On'; \ + echo 'ignore_repeated_source = Off'; \ + echo 'html_errors = Off'; \ + } > /usr/local/etc/php/conf.d/error-logging.ini + +RUN set -eux; \ + a2enmod rewrite expires; \ + \ +# https://httpd.apache.org/docs/2.4/mod/mod_remoteip.html + a2enmod remoteip; \ + { \ + echo 'RemoteIPHeader X-Forwarded-For'; \ +# these IP ranges are reserved for "private" use and should thus *usually* be safe inside Docker + echo 'RemoteIPTrustedProxy 10.0.0.0/8'; \ + echo 'RemoteIPTrustedProxy 172.16.0.0/12'; \ + echo 'RemoteIPTrustedProxy 192.168.0.0/16'; \ + echo 'RemoteIPTrustedProxy 169.254.0.0/16'; \ + echo 'RemoteIPTrustedProxy 127.0.0.0/8'; \ + } > /etc/apache2/conf-available/remoteip.conf; \ + a2enconf remoteip; \ +# (replace all instances of "%h" with "%a" in LogFormat) + find /etc/apache2 -type f -name '*.conf' -exec sed -ri 's/([[:space:]]*LogFormat[[:space:]]+"[^"]*)%h([^"]*")/\1%a\2/g' '{}' + VOLUME /var/www/html @@ -80,18 +155,18 @@ ENV JOOMLA_SHA512 a9ffd64d8320d3df2f58df924b750f4b75a15eac194b4a8ef98671208ad2ca # Download package and extract to web volume RUN set -ex; \ - curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/${JOOMLA_VERSION}/Joomla_${JOOMLA_VERSION}-Stable-Full_Package.tar.bz2; \ + curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/4.1.4/Joomla_4.1.4-Stable-Full_Package.tar.bz2; \ echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \ mkdir /usr/src/joomla; \ tar -xf joomla.tar.bz2 -C /usr/src/joomla; \ rm joomla.tar.bz2; \ chown -R www-data:www-data /usr/src/joomla -# Copy init scripts and custom .htaccess +# Copy init scripts COPY docker-entrypoint.sh /entrypoint.sh COPY makedb.php /makedb.php ENTRYPOINT ["/entrypoint.sh"] CMD ["apache2-foreground"] -# vim:set ft=dockerfile: + diff --git a/4.1/php7.4/fpm-alpine/Dockerfile b/4.1/php7.4/fpm-alpine/Dockerfile index 0ae8c57..493f01c 100644 --- a/4.1/php7.4/fpm-alpine/Dockerfile +++ b/4.1/php7.4/fpm-alpine/Dockerfile @@ -10,10 +10,17 @@ LABEL maintainer="Llewellyn van der Merwe /usr/local/etc/php/conf.d/opcache-recommended.ini +# set recommended error logging +RUN { \ +# https://www.php.net/manual/en/errorfunc.constants.php + echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \ + echo 'display_errors = Off'; \ + echo 'display_startup_errors = Off'; \ + echo 'log_errors = On'; \ + echo 'error_log = /dev/stderr'; \ + echo 'log_errors_max_len = 1024'; \ + echo 'ignore_repeated_errors = On'; \ + echo 'ignore_repeated_source = Off'; \ + echo 'html_errors = Off'; \ + } > /usr/local/etc/php/conf.d/error-logging.ini VOLUME /var/www/html @@ -75,14 +135,14 @@ ENV JOOMLA_SHA512 a9ffd64d8320d3df2f58df924b750f4b75a15eac194b4a8ef98671208ad2ca # Download package and extract to web volume RUN set -ex; \ - curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/${JOOMLA_VERSION}/Joomla_${JOOMLA_VERSION}-Stable-Full_Package.tar.bz2; \ + curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/4.1.4/Joomla_4.1.4-Stable-Full_Package.tar.bz2; \ echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \ mkdir /usr/src/joomla; \ tar -xf joomla.tar.bz2 -C /usr/src/joomla; \ rm joomla.tar.bz2; \ chown -R www-data:www-data /usr/src/joomla -# Copy init scripts and custom .htaccess +# Copy init scripts COPY docker-entrypoint.sh /entrypoint.sh COPY makedb.php /makedb.php @@ -90,4 +150,4 @@ ENTRYPOINT ["/entrypoint.sh"] CMD ["php-fpm"] -# vim:set ft=dockerfile: + diff --git a/4.1/php7.4/fpm/Dockerfile b/4.1/php7.4/fpm/Dockerfile index c06aebd..35e8af9 100644 --- a/4.1/php7.4/fpm/Dockerfile +++ b/4.1/php7.4/fpm/Dockerfile @@ -10,7 +10,15 @@ LABEL maintainer="Llewellyn van der Merwe /dev/null; \ apt-mark manual $savedAptMark; \ - ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ + ldd "$extDir"/*.so \ | awk '/=>/ { print $3 }' \ | sort -u \ | xargs -r dpkg-query -S \ @@ -68,7 +97,37 @@ RUN set -ex; \ | xargs -rt apt-mark manual; \ \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ - rm -rf /var/lib/apt/lists/* + rm -rf /var/lib/apt/lists/*; \ + \ + ! { ldd "$extDir"/*.so | grep 'not found'; }; \ +# check for output like "PHP Warning: PHP Startup: Unable to load dynamic library 'foo' (tried: ...) + err="$(php --version 3>&1 1>&2 2>&3)"; \ + [ -z "$err" ] + +# set recommended PHP.ini settings +# see https://secure.php.net/manual/en/opcache.installation.php +RUN set -eux; \ + docker-php-ext-enable opcache; \ + { \ + echo 'opcache.memory_consumption=128'; \ + echo 'opcache.interned_strings_buffer=8'; \ + echo 'opcache.max_accelerated_files=4000'; \ + echo 'opcache.revalidate_freq=2'; \ + echo 'opcache.fast_shutdown=1'; \ + } > /usr/local/etc/php/conf.d/opcache-recommended.ini +# set recommended error logging +RUN { \ +# https://www.php.net/manual/en/errorfunc.constants.php + echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \ + echo 'display_errors = Off'; \ + echo 'display_startup_errors = Off'; \ + echo 'log_errors = On'; \ + echo 'error_log = /dev/stderr'; \ + echo 'log_errors_max_len = 1024'; \ + echo 'ignore_repeated_errors = On'; \ + echo 'ignore_repeated_source = Off'; \ + echo 'html_errors = Off'; \ + } > /usr/local/etc/php/conf.d/error-logging.ini VOLUME /var/www/html @@ -78,14 +137,14 @@ ENV JOOMLA_SHA512 a9ffd64d8320d3df2f58df924b750f4b75a15eac194b4a8ef98671208ad2ca # Download package and extract to web volume RUN set -ex; \ - curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/${JOOMLA_VERSION}/Joomla_${JOOMLA_VERSION}-Stable-Full_Package.tar.bz2; \ + curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/4.1.4/Joomla_4.1.4-Stable-Full_Package.tar.bz2; \ echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \ mkdir /usr/src/joomla; \ tar -xf joomla.tar.bz2 -C /usr/src/joomla; \ rm joomla.tar.bz2; \ chown -R www-data:www-data /usr/src/joomla -# Copy init scripts and custom .htaccess +# Copy init scripts COPY docker-entrypoint.sh /entrypoint.sh COPY makedb.php /makedb.php @@ -93,4 +152,4 @@ ENTRYPOINT ["/entrypoint.sh"] CMD ["php-fpm"] -# vim:set ft=dockerfile: + diff --git a/4.1/php8.0/apache/Dockerfile b/4.1/php8.0/apache/Dockerfile index 17b80c3..4ef5f76 100644 --- a/4.1/php8.0/apache/Dockerfile +++ b/4.1/php8.0/apache/Dockerfile @@ -10,9 +10,15 @@ LABEL maintainer="Llewellyn van der Merwe /dev/null; \ apt-mark manual $savedAptMark; \ - ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ + ldd "$extDir"/*.so \ | awk '/=>/ { print $3 }' \ | sort -u \ | xargs -r dpkg-query -S \ @@ -70,7 +97,55 @@ RUN set -ex; \ | xargs -rt apt-mark manual; \ \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ - rm -rf /var/lib/apt/lists/* + rm -rf /var/lib/apt/lists/*; \ + \ + ! { ldd "$extDir"/*.so | grep 'not found'; }; \ +# check for output like "PHP Warning: PHP Startup: Unable to load dynamic library 'foo' (tried: ...) + err="$(php --version 3>&1 1>&2 2>&3)"; \ + [ -z "$err" ] + +# set recommended PHP.ini settings +# see https://secure.php.net/manual/en/opcache.installation.php +RUN set -eux; \ + docker-php-ext-enable opcache; \ + { \ + echo 'opcache.memory_consumption=128'; \ + echo 'opcache.interned_strings_buffer=8'; \ + echo 'opcache.max_accelerated_files=4000'; \ + echo 'opcache.revalidate_freq=2'; \ + echo 'opcache.fast_shutdown=1'; \ + } > /usr/local/etc/php/conf.d/opcache-recommended.ini +# set recommended error logging +RUN { \ +# https://www.php.net/manual/en/errorfunc.constants.php + echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \ + echo 'display_errors = Off'; \ + echo 'display_startup_errors = Off'; \ + echo 'log_errors = On'; \ + echo 'error_log = /dev/stderr'; \ + echo 'log_errors_max_len = 1024'; \ + echo 'ignore_repeated_errors = On'; \ + echo 'ignore_repeated_source = Off'; \ + echo 'html_errors = Off'; \ + } > /usr/local/etc/php/conf.d/error-logging.ini + +RUN set -eux; \ + a2enmod rewrite expires; \ + \ +# https://httpd.apache.org/docs/2.4/mod/mod_remoteip.html + a2enmod remoteip; \ + { \ + echo 'RemoteIPHeader X-Forwarded-For'; \ +# these IP ranges are reserved for "private" use and should thus *usually* be safe inside Docker + echo 'RemoteIPTrustedProxy 10.0.0.0/8'; \ + echo 'RemoteIPTrustedProxy 172.16.0.0/12'; \ + echo 'RemoteIPTrustedProxy 192.168.0.0/16'; \ + echo 'RemoteIPTrustedProxy 169.254.0.0/16'; \ + echo 'RemoteIPTrustedProxy 127.0.0.0/8'; \ + } > /etc/apache2/conf-available/remoteip.conf; \ + a2enconf remoteip; \ +# (replace all instances of "%h" with "%a" in LogFormat) + find /etc/apache2 -type f -name '*.conf' -exec sed -ri 's/([[:space:]]*LogFormat[[:space:]]+"[^"]*)%h([^"]*")/\1%a\2/g' '{}' + VOLUME /var/www/html @@ -80,18 +155,18 @@ ENV JOOMLA_SHA512 a9ffd64d8320d3df2f58df924b750f4b75a15eac194b4a8ef98671208ad2ca # Download package and extract to web volume RUN set -ex; \ - curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/${JOOMLA_VERSION}/Joomla_${JOOMLA_VERSION}-Stable-Full_Package.tar.bz2; \ + curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/4.1.4/Joomla_4.1.4-Stable-Full_Package.tar.bz2; \ echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \ mkdir /usr/src/joomla; \ tar -xf joomla.tar.bz2 -C /usr/src/joomla; \ rm joomla.tar.bz2; \ chown -R www-data:www-data /usr/src/joomla -# Copy init scripts and custom .htaccess +# Copy init scripts COPY docker-entrypoint.sh /entrypoint.sh COPY makedb.php /makedb.php ENTRYPOINT ["/entrypoint.sh"] CMD ["apache2-foreground"] -# vim:set ft=dockerfile: + diff --git a/4.1/php8.0/fpm-alpine/Dockerfile b/4.1/php8.0/fpm-alpine/Dockerfile index 400c26f..546f060 100644 --- a/4.1/php8.0/fpm-alpine/Dockerfile +++ b/4.1/php8.0/fpm-alpine/Dockerfile @@ -10,10 +10,17 @@ LABEL maintainer="Llewellyn van der Merwe /usr/local/etc/php/conf.d/opcache-recommended.ini +# set recommended error logging +RUN { \ +# https://www.php.net/manual/en/errorfunc.constants.php + echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \ + echo 'display_errors = Off'; \ + echo 'display_startup_errors = Off'; \ + echo 'log_errors = On'; \ + echo 'error_log = /dev/stderr'; \ + echo 'log_errors_max_len = 1024'; \ + echo 'ignore_repeated_errors = On'; \ + echo 'ignore_repeated_source = Off'; \ + echo 'html_errors = Off'; \ + } > /usr/local/etc/php/conf.d/error-logging.ini VOLUME /var/www/html @@ -75,14 +135,14 @@ ENV JOOMLA_SHA512 a9ffd64d8320d3df2f58df924b750f4b75a15eac194b4a8ef98671208ad2ca # Download package and extract to web volume RUN set -ex; \ - curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/${JOOMLA_VERSION}/Joomla_${JOOMLA_VERSION}-Stable-Full_Package.tar.bz2; \ + curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/4.1.4/Joomla_4.1.4-Stable-Full_Package.tar.bz2; \ echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \ mkdir /usr/src/joomla; \ tar -xf joomla.tar.bz2 -C /usr/src/joomla; \ rm joomla.tar.bz2; \ chown -R www-data:www-data /usr/src/joomla -# Copy init scripts and custom .htaccess +# Copy init scripts COPY docker-entrypoint.sh /entrypoint.sh COPY makedb.php /makedb.php @@ -90,4 +150,4 @@ ENTRYPOINT ["/entrypoint.sh"] CMD ["php-fpm"] -# vim:set ft=dockerfile: + diff --git a/4.1/php8.0/fpm/Dockerfile b/4.1/php8.0/fpm/Dockerfile index 92eab61..79363a9 100644 --- a/4.1/php8.0/fpm/Dockerfile +++ b/4.1/php8.0/fpm/Dockerfile @@ -10,7 +10,15 @@ LABEL maintainer="Llewellyn van der Merwe /dev/null; \ apt-mark manual $savedAptMark; \ - ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ + ldd "$extDir"/*.so \ | awk '/=>/ { print $3 }' \ | sort -u \ | xargs -r dpkg-query -S \ @@ -68,7 +97,37 @@ RUN set -ex; \ | xargs -rt apt-mark manual; \ \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ - rm -rf /var/lib/apt/lists/* + rm -rf /var/lib/apt/lists/*; \ + \ + ! { ldd "$extDir"/*.so | grep 'not found'; }; \ +# check for output like "PHP Warning: PHP Startup: Unable to load dynamic library 'foo' (tried: ...) + err="$(php --version 3>&1 1>&2 2>&3)"; \ + [ -z "$err" ] + +# set recommended PHP.ini settings +# see https://secure.php.net/manual/en/opcache.installation.php +RUN set -eux; \ + docker-php-ext-enable opcache; \ + { \ + echo 'opcache.memory_consumption=128'; \ + echo 'opcache.interned_strings_buffer=8'; \ + echo 'opcache.max_accelerated_files=4000'; \ + echo 'opcache.revalidate_freq=2'; \ + echo 'opcache.fast_shutdown=1'; \ + } > /usr/local/etc/php/conf.d/opcache-recommended.ini +# set recommended error logging +RUN { \ +# https://www.php.net/manual/en/errorfunc.constants.php + echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \ + echo 'display_errors = Off'; \ + echo 'display_startup_errors = Off'; \ + echo 'log_errors = On'; \ + echo 'error_log = /dev/stderr'; \ + echo 'log_errors_max_len = 1024'; \ + echo 'ignore_repeated_errors = On'; \ + echo 'ignore_repeated_source = Off'; \ + echo 'html_errors = Off'; \ + } > /usr/local/etc/php/conf.d/error-logging.ini VOLUME /var/www/html @@ -78,14 +137,14 @@ ENV JOOMLA_SHA512 a9ffd64d8320d3df2f58df924b750f4b75a15eac194b4a8ef98671208ad2ca # Download package and extract to web volume RUN set -ex; \ - curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/${JOOMLA_VERSION}/Joomla_${JOOMLA_VERSION}-Stable-Full_Package.tar.bz2; \ + curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/4.1.4/Joomla_4.1.4-Stable-Full_Package.tar.bz2; \ echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \ mkdir /usr/src/joomla; \ tar -xf joomla.tar.bz2 -C /usr/src/joomla; \ rm joomla.tar.bz2; \ chown -R www-data:www-data /usr/src/joomla -# Copy init scripts and custom .htaccess +# Copy init scripts COPY docker-entrypoint.sh /entrypoint.sh COPY makedb.php /makedb.php @@ -93,4 +152,4 @@ ENTRYPOINT ["/entrypoint.sh"] CMD ["php-fpm"] -# vim:set ft=dockerfile: + diff --git a/4.1/php8.1/apache/Dockerfile b/4.1/php8.1/apache/Dockerfile index b22f83f..28113e6 100644 --- a/4.1/php8.1/apache/Dockerfile +++ b/4.1/php8.1/apache/Dockerfile @@ -10,9 +10,15 @@ LABEL maintainer="Llewellyn van der Merwe /dev/null; \ apt-mark manual $savedAptMark; \ - ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ + ldd "$extDir"/*.so \ | awk '/=>/ { print $3 }' \ | sort -u \ | xargs -r dpkg-query -S \ @@ -70,7 +97,55 @@ RUN set -ex; \ | xargs -rt apt-mark manual; \ \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ - rm -rf /var/lib/apt/lists/* + rm -rf /var/lib/apt/lists/*; \ + \ + ! { ldd "$extDir"/*.so | grep 'not found'; }; \ +# check for output like "PHP Warning: PHP Startup: Unable to load dynamic library 'foo' (tried: ...) + err="$(php --version 3>&1 1>&2 2>&3)"; \ + [ -z "$err" ] + +# set recommended PHP.ini settings +# see https://secure.php.net/manual/en/opcache.installation.php +RUN set -eux; \ + docker-php-ext-enable opcache; \ + { \ + echo 'opcache.memory_consumption=128'; \ + echo 'opcache.interned_strings_buffer=8'; \ + echo 'opcache.max_accelerated_files=4000'; \ + echo 'opcache.revalidate_freq=2'; \ + echo 'opcache.fast_shutdown=1'; \ + } > /usr/local/etc/php/conf.d/opcache-recommended.ini +# set recommended error logging +RUN { \ +# https://www.php.net/manual/en/errorfunc.constants.php + echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \ + echo 'display_errors = Off'; \ + echo 'display_startup_errors = Off'; \ + echo 'log_errors = On'; \ + echo 'error_log = /dev/stderr'; \ + echo 'log_errors_max_len = 1024'; \ + echo 'ignore_repeated_errors = On'; \ + echo 'ignore_repeated_source = Off'; \ + echo 'html_errors = Off'; \ + } > /usr/local/etc/php/conf.d/error-logging.ini + +RUN set -eux; \ + a2enmod rewrite expires; \ + \ +# https://httpd.apache.org/docs/2.4/mod/mod_remoteip.html + a2enmod remoteip; \ + { \ + echo 'RemoteIPHeader X-Forwarded-For'; \ +# these IP ranges are reserved for "private" use and should thus *usually* be safe inside Docker + echo 'RemoteIPTrustedProxy 10.0.0.0/8'; \ + echo 'RemoteIPTrustedProxy 172.16.0.0/12'; \ + echo 'RemoteIPTrustedProxy 192.168.0.0/16'; \ + echo 'RemoteIPTrustedProxy 169.254.0.0/16'; \ + echo 'RemoteIPTrustedProxy 127.0.0.0/8'; \ + } > /etc/apache2/conf-available/remoteip.conf; \ + a2enconf remoteip; \ +# (replace all instances of "%h" with "%a" in LogFormat) + find /etc/apache2 -type f -name '*.conf' -exec sed -ri 's/([[:space:]]*LogFormat[[:space:]]+"[^"]*)%h([^"]*")/\1%a\2/g' '{}' + VOLUME /var/www/html @@ -80,18 +155,18 @@ ENV JOOMLA_SHA512 a9ffd64d8320d3df2f58df924b750f4b75a15eac194b4a8ef98671208ad2ca # Download package and extract to web volume RUN set -ex; \ - curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/${JOOMLA_VERSION}/Joomla_${JOOMLA_VERSION}-Stable-Full_Package.tar.bz2; \ + curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/4.1.4/Joomla_4.1.4-Stable-Full_Package.tar.bz2; \ echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \ mkdir /usr/src/joomla; \ tar -xf joomla.tar.bz2 -C /usr/src/joomla; \ rm joomla.tar.bz2; \ chown -R www-data:www-data /usr/src/joomla -# Copy init scripts and custom .htaccess +# Copy init scripts COPY docker-entrypoint.sh /entrypoint.sh COPY makedb.php /makedb.php ENTRYPOINT ["/entrypoint.sh"] CMD ["apache2-foreground"] -# vim:set ft=dockerfile: + diff --git a/4.1/php8.1/fpm-alpine/Dockerfile b/4.1/php8.1/fpm-alpine/Dockerfile index 3d408c2..f3d480a 100644 --- a/4.1/php8.1/fpm-alpine/Dockerfile +++ b/4.1/php8.1/fpm-alpine/Dockerfile @@ -10,10 +10,17 @@ LABEL maintainer="Llewellyn van der Merwe /usr/local/etc/php/conf.d/opcache-recommended.ini +# set recommended error logging +RUN { \ +# https://www.php.net/manual/en/errorfunc.constants.php + echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \ + echo 'display_errors = Off'; \ + echo 'display_startup_errors = Off'; \ + echo 'log_errors = On'; \ + echo 'error_log = /dev/stderr'; \ + echo 'log_errors_max_len = 1024'; \ + echo 'ignore_repeated_errors = On'; \ + echo 'ignore_repeated_source = Off'; \ + echo 'html_errors = Off'; \ + } > /usr/local/etc/php/conf.d/error-logging.ini VOLUME /var/www/html @@ -75,14 +135,14 @@ ENV JOOMLA_SHA512 a9ffd64d8320d3df2f58df924b750f4b75a15eac194b4a8ef98671208ad2ca # Download package and extract to web volume RUN set -ex; \ - curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/${JOOMLA_VERSION}/Joomla_${JOOMLA_VERSION}-Stable-Full_Package.tar.bz2; \ + curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/4.1.4/Joomla_4.1.4-Stable-Full_Package.tar.bz2; \ echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \ mkdir /usr/src/joomla; \ tar -xf joomla.tar.bz2 -C /usr/src/joomla; \ rm joomla.tar.bz2; \ chown -R www-data:www-data /usr/src/joomla -# Copy init scripts and custom .htaccess +# Copy init scripts COPY docker-entrypoint.sh /entrypoint.sh COPY makedb.php /makedb.php @@ -90,4 +150,4 @@ ENTRYPOINT ["/entrypoint.sh"] CMD ["php-fpm"] -# vim:set ft=dockerfile: + diff --git a/4.1/php8.1/fpm/Dockerfile b/4.1/php8.1/fpm/Dockerfile index dc4a4b9..db07387 100644 --- a/4.1/php8.1/fpm/Dockerfile +++ b/4.1/php8.1/fpm/Dockerfile @@ -10,7 +10,15 @@ LABEL maintainer="Llewellyn van der Merwe /dev/null; \ apt-mark manual $savedAptMark; \ - ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ + ldd "$extDir"/*.so \ | awk '/=>/ { print $3 }' \ | sort -u \ | xargs -r dpkg-query -S \ @@ -68,7 +97,37 @@ RUN set -ex; \ | xargs -rt apt-mark manual; \ \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ - rm -rf /var/lib/apt/lists/* + rm -rf /var/lib/apt/lists/*; \ + \ + ! { ldd "$extDir"/*.so | grep 'not found'; }; \ +# check for output like "PHP Warning: PHP Startup: Unable to load dynamic library 'foo' (tried: ...) + err="$(php --version 3>&1 1>&2 2>&3)"; \ + [ -z "$err" ] + +# set recommended PHP.ini settings +# see https://secure.php.net/manual/en/opcache.installation.php +RUN set -eux; \ + docker-php-ext-enable opcache; \ + { \ + echo 'opcache.memory_consumption=128'; \ + echo 'opcache.interned_strings_buffer=8'; \ + echo 'opcache.max_accelerated_files=4000'; \ + echo 'opcache.revalidate_freq=2'; \ + echo 'opcache.fast_shutdown=1'; \ + } > /usr/local/etc/php/conf.d/opcache-recommended.ini +# set recommended error logging +RUN { \ +# https://www.php.net/manual/en/errorfunc.constants.php + echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \ + echo 'display_errors = Off'; \ + echo 'display_startup_errors = Off'; \ + echo 'log_errors = On'; \ + echo 'error_log = /dev/stderr'; \ + echo 'log_errors_max_len = 1024'; \ + echo 'ignore_repeated_errors = On'; \ + echo 'ignore_repeated_source = Off'; \ + echo 'html_errors = Off'; \ + } > /usr/local/etc/php/conf.d/error-logging.ini VOLUME /var/www/html @@ -78,14 +137,14 @@ ENV JOOMLA_SHA512 a9ffd64d8320d3df2f58df924b750f4b75a15eac194b4a8ef98671208ad2ca # Download package and extract to web volume RUN set -ex; \ - curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/${JOOMLA_VERSION}/Joomla_${JOOMLA_VERSION}-Stable-Full_Package.tar.bz2; \ + curl -o joomla.tar.bz2 -SL https://github.com/joomla/joomla-cms/releases/download/4.1.4/Joomla_4.1.4-Stable-Full_Package.tar.bz2; \ echo "$JOOMLA_SHA512 *joomla.tar.bz2" | sha512sum -c -; \ mkdir /usr/src/joomla; \ tar -xf joomla.tar.bz2 -C /usr/src/joomla; \ rm joomla.tar.bz2; \ chown -R www-data:www-data /usr/src/joomla -# Copy init scripts and custom .htaccess +# Copy init scripts COPY docker-entrypoint.sh /entrypoint.sh COPY makedb.php /makedb.php @@ -93,4 +152,4 @@ ENTRYPOINT ["/entrypoint.sh"] CMD ["php-fpm"] -# vim:set ft=dockerfile: + diff --git a/versions.json b/versions.json index d94f436..5fbf274 100644 --- a/versions.json +++ b/versions.json @@ -3,6 +3,7 @@ "aliases": [ 3 ], + "package": "https://github.com/joomla/joomla-cms/releases/download/3.10.9/Joomla_3.10.9-Stable-Full_Package.tar.bz2", "php": "7.4", "phpVersions": [ "7.4" @@ -21,6 +22,7 @@ 4, "latest" ], + "package": "https://github.com/joomla/joomla-cms/releases/download/4.1.4/Joomla_4.1.4-Stable-Full_Package.tar.bz2", "php": "8.0", "phpVersions": [ "7.4",