Page MenuHomeDevCentral

No OneTemporary

diff --git a/.arcconfig b/.arcconfig
index 4e8e59a..bd40857 100644
--- a/.arcconfig
+++ b/.arcconfig
@@ -1,4 +1,4 @@
{
"phabricator.uri": "https://devcentral.nasqueron.org",
- "repository.callsign": "DPHPFPM"
+ "repository.callsign": "DPHPVIIFPM"
}
diff --git a/Dockerfile b/Dockerfile
index 6a48309..28b779f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,97 +1,118 @@
#
# Nasqueron - Base nginx / php-fpm image
#
-FROM debian:jessie
+FROM debian:bullseye-slim
MAINTAINER Sébastien Santoro aka Dereckson <dereckson+nasqueron-docker@espace-win.org>
#
# Prepare the container
#
-ENV PHP_VERSION 5.6.40
+ENV PHP_VERSION 7.4.27
+ENV ONIGURAMA_VERSION=6.9.7.1
ENV PHP_EXTRA_CONFIGURE_ARGS --enable-fpm --with-fpm-user=app --with-fpm-group=app
ENV PHP_INI_DIR /usr/local/etc/php
ENV PHP_BUILD_DEPS bzip2 \
file \
libbz2-dev \
+ libzip-dev \
libcurl4-openssl-dev \
libjpeg-dev \
- libmcrypt-dev \
- libpng12-dev \
+ libpng-dev \
+ libxpm-dev \
+ libwebp-dev \
+ libfreetype6-dev \
libreadline6-dev \
libssl-dev \
libxslt1-dev \
libxml2-dev
ENV LANG C.UTF-8
RUN apt-get update && apt-get install -y ca-certificates curl libxml2 autoconf \
- gcc libc-dev make pkg-config nginx-full \
+ libedit-dev libsqlite3-dev xz-utils \
+ gcc libc-dev make pkg-config nginx-full gnupg \
runit nano less tmux wget git locales unzip \
$PHP_BUILD_DEPS $PHP_EXTRA_BUILD_DEPS \
- --no-install-recommends && rm -r /var/lib/apt/lists/* \
- && dpkg-reconfigure locales
+ --no-install-recommends && apt-get autoremove -y && apt-get clean && \
+ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* && \
+ dpkg-reconfigure locales
-RUN gpg --keyserver keyserver.ubuntu.com --recv-keys 6E4F6AB321FDC07F2C332E3AC2BF0BC433CFC8B3 0BD78B5F97500D450838F95DFE857D9A90D90EC1 \
+RUN gpg --keyserver keyserver.ubuntu.com --recv-keys \
+ 5A52880781F755608BF815FC910DEB46F53EA312 \
+ 42670A7FE4D0441C8E4632349E4FDC074A4EF02D \
&& mkdir -p $PHP_INI_DIR/conf.d \
&& set -x \
&& curl -SL "http://php.net/get/php-$PHP_VERSION.tar.bz2/from/this/mirror" -o php.tar.bz2 \
&& curl -SL "http://php.net/get/php-$PHP_VERSION.tar.bz2.asc/from/this/mirror" -o php.tar.bz2.asc \
&& gpg --verify php.tar.bz2.asc \
&& mkdir -p /usr/src/php \
&& tar -xof php.tar.bz2 -C /usr/src/php --strip-components=1 \
&& rm php.tar.bz2* \
+ && wget -O /usr/src/onigurama.tar.gz https://github.com/kkos/oniguruma/releases/download/v$ONIGURAMA_VERSION/onig-$ONIGURAMA_VERSION.tar.gz \
+ && mkdir /usr/src/onigurama \
+ && cd /usr/src/onigurama \
+ && tar xzf ../onigurama.tar.gz --strip-components=1 \
+ && ./configure && make && make install \
&& cd /usr/src/php \
+ && export CFLAGS="-fstack-protector-strong -fpic -fpie -O2" \
+ && export CPPFLAGS="$CFLAGS" \
+ && export LDFLAGS="-Wl,-O1 -Wl,--hash-style=both -pie" \
&& ./configure \
--with-config-file-path="$PHP_INI_DIR" \
--with-config-file-scan-dir="$PHP_INI_DIR/conf.d" \
$PHP_EXTRA_CONFIGURE_ARGS \
--disable-cgi \
--enable-mysqlnd \
--enable-bcmath \
--with-bz2 \
--enable-calendar \
--with-curl \
- --with-gd \
- --with-jpeg-dir \
- --enable-gd-native-ttf \
+ --enable-gd \
+ --with-jpeg \
+ --with-freetype \
+ --with-xpm \
+ --with-webp \
+ --enable-exif \
+ --enable-ftp \
+ --with-libedit \
--enable-mbstring \
- --with-mcrypt \
--with-mysqli \
--with-pdo-mysql \
--enable-pcntl \
--with-openssl \
--with-xsl \
--with-readline \
--with-zlib \
- --enable-zip \
+ --with-zip \
+ --with-pear \
&& make -j"$(nproc)" \
&& make install \
&& { find /usr/local/bin /usr/local/sbin -type f -executable -exec strip --strip-all '{}' + || true; } \
&& apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false -o APT::AutoRemove::SuggestsImportant=false $buildDeps \
&& make clean \
- && pecl install APCu-4.0.10 \
+ && pecl install APCu \
&& cd /opt \
&& curl -sS https://getcomposer.org/installer | php \
&& ln -s /opt/composer.phar /usr/local/bin/composer
RUN groupadd -r app -g 433 && \
mkdir /home/app && \
mkdir -p /var/wwwroot/default && \
useradd -u 431 -r -g app -d /home/app -s /usr/sbin/nologin -c "Docker image user for web application" app && \
chown -R app:app /home/app /var/wwwroot/default && \
chmod 700 /home/app && \
chmod 711 /var/wwwroot/default
COPY files /
#
# Docker properties
#
VOLUME ["/var/wwwroot/default", "/etc/nginx"]
EXPOSE 80
EXPOSE 443
CMD ["/usr/local/sbin/runsvdir-init"]
diff --git a/README.md b/README.md
index 5d3ccdf..f7de247 100644
--- a/README.md
+++ b/README.md
@@ -1,59 +1,59 @@
# Nginx, php-fpm and runit base image
## Description
Out of the box, this image offers a working nginx and php-fpm webserver.
This image is intended to allow to run a PHP application either passing
a PHP application folder webroot as argument, either writing a Dockerfile
-with `nasqueron/nginx-php-fpm` image as base image.
+with `nasqueron/nginx-php7-fpm` image as base image.
Your web directory — if you don't add vhosts — is
`/var/wwwroot/default` (mounted as volume).
-The PHP last 5.6 version is compiled through a build process borrowed from
+The PHP last 7 version is compiled through a build process borrowed from
the official PHP Docker image, with [this Dockerfile used](https://github.com/docker-library/php/blob/08bf31dfd492f02a2696c9a30eb85326b1570abd/5.6/fpm/Dockerfile).
We add common extensions like calendar, curl, gd, iconv, libxml, mbstring,
-mcrypt, mysqli, PDO MySQL and pcntl. The Pear, PECL executables and utilities
+mysqli, PDO MySQL and pcntl. The Pear, PECL executables and utilities
(including build stuff like phpize) are available too.
Once running, you can quickly add PHP extensions to this image,
with `docker-php-ext-configure` and `docker-php-ext-install` scripts.
Nginx is installed through the [nginx-full Debian package](https://wiki.debian.org/Nginx).
SSL is ready if needed at the container level (we expose ports 80 and 443).
-Services are managed by [runit](http://smarden.org/runit/) in `/etc/service` directory.
+Services are managed by [runit](http://smarden.org/runit/) in `/var/service` directory.
## How to use it
To rebuild this image:
- docker build --tag nasqueron/nginx-php-fpm .
+ docker build --tag nasqueron/nginx-php7-fpm .
To rebuild a fork of this image based on a modified Dockerfile:
docker build --tag your-image-name-tag .
To launch a container to execute a PHP application in /data/awesome-php-app
with http://localhost:8080 as address:
- docker run -d -v /data/awesome-php-app:/var/wwwroot/default -p 8080:80 nasqueron/nginx-php-fpm
+ docker run -d -v /data/awesome-php-app:/var/wwwroot/default -p 8080:80 nasqueron/nginx-php7-fpm
-To create an image for an application with thisas base, create a Dockerfile:
+To create an image for an application with this as base, create a Dockerfile:
- FROM nasqueron/docker-nginx-php-fpm
+ FROM nasqueron/docker-nginx-php7-fpm
# Debian commands to deploy your application code
- # If you need other processes, adds a /etc/service/<service name>/run file
+ # If you need other processes, add a /var/service/<service name>/run file
That's it.
## How to upgrade this image?
As noted in https://devcentral.nasqueron.org/T787 we need to sync files and novolume/files.
For that, you can use our helper Makefile:
```
cd novolume
make update
```
diff --git a/files/usr/local/etc/php/conf.d/disable-legacy-behavior.ini b/files/usr/local/etc/php/conf.d/disable-legacy-behavior.ini
deleted file mode 100644
index 904df42..0000000
--- a/files/usr/local/etc/php/conf.d/disable-legacy-behavior.ini
+++ /dev/null
@@ -1 +0,0 @@
-always_populate_raw_post_data=-1
diff --git a/files/usr/local/sbin/runsvdir-init b/files/usr/local/sbin/runsvdir-init
index 7c16fd2..c4cee75 100755
--- a/files/usr/local/sbin/runsvdir-init
+++ b/files/usr/local/sbin/runsvdir-init
@@ -1,3 +1,2 @@
-#!/bin/bash
-export > /usr/local/etc/envvars
-exec /usr/sbin/runsvdir-start
+#!/bin/sh
+/usr/bin/runsvdir -P /var/service
diff --git a/novolume/files/etc/service/nginx/run b/files/var/service/nginx/run
similarity index 58%
rename from novolume/files/etc/service/nginx/run
rename to files/var/service/nginx/run
index 384d533..21060ee 100755
--- a/novolume/files/etc/service/nginx/run
+++ b/files/var/service/nginx/run
@@ -1,4 +1,3 @@
#!/bin/bash
exec 2>&1
-source /usr/local/etc/envvars
exec /usr/sbin/nginx
diff --git a/files/etc/service/php-fpm/run b/files/var/service/php-fpm/run
similarity index 78%
rename from files/etc/service/php-fpm/run
rename to files/var/service/php-fpm/run
index e440441..2dce83f 100755
--- a/files/etc/service/php-fpm/run
+++ b/files/var/service/php-fpm/run
@@ -1,5 +1,4 @@
#!/bin/bash
exec 2>&1
-source /usr/local/etc/envvars
php-fpm-env > /usr/local/etc/php-fpm-env.conf
exec /usr/local/sbin/php-fpm --nodaemonize
diff --git a/novolume/Dockerfile b/novolume/Dockerfile
index 3314227..1f31d2f 100644
--- a/novolume/Dockerfile
+++ b/novolume/Dockerfile
@@ -1,95 +1,116 @@
#
# Nasqueron - Base nginx / php-fpm image
#
-FROM debian:jessie
+FROM debian:bullseye-slim
MAINTAINER Sébastien Santoro aka Dereckson <dereckson+nasqueron-docker@espace-win.org>
#
# Prepare the container
#
-ENV PHP_VERSION 5.6.40
+ENV PHP_VERSION 7.4.27
+ENV ONIGURAMA_VERSION 6.9.7.1
ENV PHP_EXTRA_CONFIGURE_ARGS --enable-fpm --with-fpm-user=app --with-fpm-group=app
ENV PHP_INI_DIR /usr/local/etc/php
ENV PHP_BUILD_DEPS bzip2 \
file \
libbz2-dev \
+ libzip-dev \
libcurl4-openssl-dev \
libjpeg-dev \
- libmcrypt-dev \
- libpng12-dev \
+ libpng-dev \
+ libxpm-dev \
+ libwebp-dev \
+ libfreetype6-dev \
libreadline6-dev \
libssl-dev \
libxslt1-dev \
libxml2-dev
ENV LANG C.UTF-8
RUN apt-get update && apt-get install -y ca-certificates curl libxml2 autoconf \
- gcc libc-dev make pkg-config nginx-full \
+ libedit-dev libsqlite3-dev xz-utils \
+ gcc libc-dev make pkg-config nginx-full gnupg \
runit nano less tmux wget git locales unzip \
$PHP_BUILD_DEPS $PHP_EXTRA_BUILD_DEPS \
- --no-install-recommends && rm -r /var/lib/apt/lists/* \
+ --no-install-recommends && apt-get autoremove -y && apt-get clean && \
+ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* \
&& dpkg-reconfigure locales
-RUN gpg --keyserver keyserver.ubuntu.com --recv-keys 6E4F6AB321FDC07F2C332E3AC2BF0BC433CFC8B3 0BD78B5F97500D450838F95DFE857D9A90D90EC1 \
+RUN gpg --keyserver keyserver.ubuntu.com --recv-keys \
+ 5A52880781F755608BF815FC910DEB46F53EA312 \
+ 42670A7FE4D0441C8E4632349E4FDC074A4EF02D \
&& mkdir -p $PHP_INI_DIR/conf.d \
&& set -x \
&& curl -SL "http://php.net/get/php-$PHP_VERSION.tar.bz2/from/this/mirror" -o php.tar.bz2 \
&& curl -SL "http://php.net/get/php-$PHP_VERSION.tar.bz2.asc/from/this/mirror" -o php.tar.bz2.asc \
&& gpg --verify php.tar.bz2.asc \
&& mkdir -p /usr/src/php \
&& tar -xof php.tar.bz2 -C /usr/src/php --strip-components=1 \
&& rm php.tar.bz2* \
+ && wget -O /usr/src/onigurama.tar.gz https://github.com/kkos/oniguruma/releases/download/v$ONIGURAMA_VERSION/onig-$ONIGURAMA_VERSION.tar.gz \
+ && mkdir /usr/src/onigurama \
+ && cd /usr/src/onigurama \
+ && tar xzf ../onigurama.tar.gz --strip-components=1 \
+ && ./configure && make && make install \
&& cd /usr/src/php \
+ && export CFLAGS="-fstack-protector-strong -fpic -fpie -O2" \
+ && export CPPFLAGS="$CFLAGS" \
+ && export LDFLAGS="-Wl,-O1 -Wl,--hash-style=both -pie" \
&& ./configure \
--with-config-file-path="$PHP_INI_DIR" \
--with-config-file-scan-dir="$PHP_INI_DIR/conf.d" \
$PHP_EXTRA_CONFIGURE_ARGS \
--disable-cgi \
--enable-mysqlnd \
--enable-bcmath \
--with-bz2 \
--enable-calendar \
--with-curl \
- --with-gd \
- --with-jpeg-dir \
- --enable-gd-native-ttf \
+ --enable-gd \
+ --with-jpeg \
+ --with-freetype \
+ --with-xpm \
+ --with-webp \
+ --enable-exif \
+ --enable-ftp \
+ --with-libedit \
--enable-mbstring \
- --with-mcrypt \
--with-mysqli \
--with-pdo-mysql \
--enable-pcntl \
--with-openssl \
--with-xsl \
--with-readline \
--with-zlib \
- --enable-zip \
+ --with-zip \
+ --with-pear \
&& make -j"$(nproc)" \
&& make install \
&& { find /usr/local/bin /usr/local/sbin -type f -executable -exec strip --strip-all '{}' + || true; } \
&& apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false -o APT::AutoRemove::SuggestsImportant=false $buildDeps \
&& make clean \
- && pecl install APCu-4.0.10 \
+ && pecl install APCu \
&& cd /opt \
&& curl -sS https://getcomposer.org/installer | php \
&& ln -s /opt/composer.phar /usr/local/bin/composer
RUN groupadd -r app -g 433 && \
mkdir /home/app && \
mkdir -p /var/wwwroot/default && \
useradd -u 431 -r -g app -d /home/app -s /usr/sbin/nologin -c "Docker image user for web application" app && \
chown -R app:app /home/app /var/wwwroot/default && \
chmod 700 /home/app && \
chmod 711 /var/wwwroot/default
-COPY files /
+COPY files /
#
# Docker properties
#
EXPOSE 80
EXPOSE 443
CMD ["/usr/local/sbin/runsvdir-init"]
diff --git a/novolume/files/usr/local/etc/php/conf.d/disable-legacy-behavior.ini b/novolume/files/usr/local/etc/php/conf.d/disable-legacy-behavior.ini
deleted file mode 100644
index 904df42..0000000
--- a/novolume/files/usr/local/etc/php/conf.d/disable-legacy-behavior.ini
+++ /dev/null
@@ -1 +0,0 @@
-always_populate_raw_post_data=-1
diff --git a/novolume/files/usr/local/sbin/runsvdir-init b/novolume/files/usr/local/sbin/runsvdir-init
index 7c16fd2..c4cee75 100755
--- a/novolume/files/usr/local/sbin/runsvdir-init
+++ b/novolume/files/usr/local/sbin/runsvdir-init
@@ -1,3 +1,2 @@
-#!/bin/bash
-export > /usr/local/etc/envvars
-exec /usr/sbin/runsvdir-start
+#!/bin/sh
+/usr/bin/runsvdir -P /var/service
diff --git a/files/etc/service/nginx/run b/novolume/files/var/service/nginx/run
similarity index 58%
rename from files/etc/service/nginx/run
rename to novolume/files/var/service/nginx/run
index 384d533..21060ee 100755
--- a/files/etc/service/nginx/run
+++ b/novolume/files/var/service/nginx/run
@@ -1,4 +1,3 @@
#!/bin/bash
exec 2>&1
-source /usr/local/etc/envvars
exec /usr/sbin/nginx
diff --git a/novolume/files/etc/service/php-fpm/run b/novolume/files/var/service/php-fpm/run
similarity index 78%
rename from novolume/files/etc/service/php-fpm/run
rename to novolume/files/var/service/php-fpm/run
index e440441..2dce83f 100755
--- a/novolume/files/etc/service/php-fpm/run
+++ b/novolume/files/var/service/php-fpm/run
@@ -1,5 +1,4 @@
#!/bin/bash
exec 2>&1
-source /usr/local/etc/envvars
php-fpm-env > /usr/local/etc/php-fpm-env.conf
exec /usr/local/sbin/php-fpm --nodaemonize

File Metadata

Mime Type
text/x-diff
Expires
Sun, Nov 24, 17:50 (1 h, 19 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2258584
Default Alt Text
(14 KB)

Event Timeline