diff --git a/Dockerfile b/Dockerfile
index 15c1c4a..b38ba1c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -31,7 +31,7 @@ ENV ENABLE_GCP="${ENABLE_GCP:-0}" \
# ssmtp: synchronouse mailer, very handy in CLI scripts on docker
ENV PATH="${PATH}:${WORKDIR}/docker/bin" \
BUILD_PACKAGES="ccache build-essential unzip" \
- SYSTEM_PACKAGES="ssmtp busybox-static netcat vim less tree libtcmalloc-minimal4 git postgresql-client gettext nginx" \
+ SYSTEM_PACKAGES="ssmtp busybox-static netcat vim less tree libtcmalloc-minimal4 git postgresql-client gettext nginx apache2" \
JESSIE_PACKAGE_MAP="libpng16-16:libpng12-0 libicu57:libicu52 libmagickwand-6.q16-3:libmagickwand-6.q16-2 libmagickcore-6.q16-3:libmagickcore-6.q16-2 npm:" \
ENABLE_NEWRELIC="false"
@@ -45,6 +45,16 @@ ENV NGINX_SITES_AVAILABLE="/etc/nginx/sites-available" \
COMPRESS_FILE_MATCH="^.*\.(css|js|xml|csv|txt|md|html)\$" \
COMPRESS_FILE_PATHS="public"
+# APACHE
+ENV APACHE_SITES_AVAILABLE="/etc/apache2/sites-available" \
+ APACHE_SITES_ENABLED="/etc/apache2/sites-enabled" \
+ APACHE_DIRECTORY_INDEX="index.html index.php" \
+ APACHE_OVERRIDE="none" \
+ APACHE_MODS_ENABLE="rewrite headers" \
+ PHPFPM_HOST="127.0.0.1" \
+ PHPFPM_PORT="9000" \
+ DOCUMENT_ROOT="${WORKDIR}/public"
+
# NODEJS
ENV ENABLE_NODEJS="true" \
NODEJS_VERSION="8" \
diff --git a/README.md b/README.md
index e63c0bc..52adcd7 100644
--- a/README.md
+++ b/README.md
@@ -232,6 +232,17 @@ Nginx does not support environment variables by itself (except if you enable the
| COMPRESS_FILE_MATCH | Extended regex for matching files which should be compressed for nginx |
| COMPRESS_FILE_PATHS | Where to look for files to be compressed during build time |
+### Apache2
+| Name | Description |
+|------------------------|------------------------------------------------------------------------|
+| APACHE_SITES_AVAILABLE | Path to the `sites-available/` directory |
+| APACHE_SITES_ENABLED. | Path to the `sites-enabled/` directory |
+| APACHE_DIRECTORY_INDEX | Apaceh Index Conditions |
+| APACHE_OVERRIDE | Apache Override Conditions |
+| APACHE_MODS_ENABLE | Apache Modules Enabled to run time |
+| PHPFPM_HOST | IP/Domain where to find the php-fpm fastcgi service |
+| PHPFPM_PORT | Port of the php-fpm fastcgi service |
+| DOCUMENT_ROOT | Default document root for the default vhost |
### NodeJS
diff --git a/docker/build.d/base/111_apache.sh b/docker/build.d/base/111_apache.sh
new file mode 100644
index 0000000..74c8664
--- /dev/null
+++ b/docker/build.d/base/111_apache.sh
@@ -0,0 +1,17 @@
+#!/bin/sh
+
+sectionText "Remove unused Apache configs comming from APT"
+rm -f /etc/apache2/conf-enabled/other-vhosts-access-log.conf
+rm -f /etc/apache2/conf-available/other-vhosts-access-log.conf
+rm -f /var/log/apache2/other_vhosts_access.log
+rm -f /etc/apache2/sites-enabled/000-default.conf
+rm -f /etc/apache2/sites-available/000-default.conf
+rm -f /etc/apache2/sites-available/default-ssl.conf
+
+sectionText "Enable default used Apache Modules"
+ln -fs /etc/apache2/mods-available/proxy.* /etc/apache2/mods-enabled/
+ln -fs /etc/apache2/mods-available/proxy_fcgi.* /etc/apache2/mods-enabled/
+
+sectionText "Prepare access/error log to send to stdout/stderr"
+ln -sf /dev/stdout /var/log/apache2/access.log
+ln -sf /dev/stderr /var/log/apache2/error.log
\ No newline at end of file
diff --git a/docker/common.inc.sh b/docker/common.inc.sh
index 6094c85..65bd0b4 100644
--- a/docker/common.inc.sh
+++ b/docker/common.inc.sh
@@ -147,6 +147,16 @@ enable_nginx_vhost() {
envsubst '$DOCUMENT_ROOT $PHPFPM_HOST $PHPFPM_PORT $ASSET_BUCKET_NAME' > /etc/nginx/sites-enabled/${1}.conf < /etc/nginx/sites-available/${1}.conf
}
+enable_apache2_vhost() {
+ if [ ! -e $APACHE_SITES_AVAILABLE/$1.conf ]; then
+ errorText "\t Apache vhost '$1' not found! Can't enable vhost!"
+ exit 1
+ fi
+
+ sectionText "Enable Apache vhost $1"
+ ln -sf /etc/apache2/sites-available/${1}.conf /etc/apache2/sites-enabled/${1}.conf
+}
+
npm_install() {
local npm_dir="$1"; shift
diff --git a/docker/etc/apache2/conf-available/security.conf b/docker/etc/apache2/conf-available/security.conf
new file mode 100644
index 0000000..5913d6d
--- /dev/null
+++ b/docker/etc/apache2/conf-available/security.conf
@@ -0,0 +1,15 @@
+
+ AllowOverride none
+ Options -Indexes -Multiviews -Includes -ExecCGI
+ Require all denied
+
+ Require valid-user
+
+
+
+ Require all denied
+
+ServerTokens Prod
+ServerSignature Off
+TraceEnable Off
+LimitRequestBody 20971520
\ No newline at end of file
diff --git a/docker/etc/apache2/sites-available/default.conf b/docker/etc/apache2/sites-available/default.conf
new file mode 100644
index 0000000..7947007
--- /dev/null
+++ b/docker/etc/apache2/sites-available/default.conf
@@ -0,0 +1,12 @@
+
+ ServerName localhost
+ ServerAdmin webmaster@localhost
+ DocumentRoot ${DOCUMENT_ROOT}/
+ ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://${PHPFPM_HOST}:${PHPFPM_PORT}${DOCUMENT_ROOT}/$1
+
+ DirectoryIndex ${APACHE_DIRECTORY_INDEX}
+ Require all granted
+ AllowOverride ${APACHE_OVERRIDE}
+
+ CustomLog ${APACHE_LOG_DIR}/access.log vhost_combined
+
\ No newline at end of file
diff --git a/docker/shared_steps/install_php_extensions.sh b/docker/shared_steps/install_php_extensions.sh
index 51f2cbe..b12ef0b 100644
--- a/docker/shared_steps/install_php_extensions.sh
+++ b/docker/shared_steps/install_php_extensions.sh
@@ -10,6 +10,16 @@ php_install_gd() {
eatmydata docker-php-ext-install -j$COMPILE_JOBS $ext
}
+php_install_ldap() {
+ local php_version=$($PHP --version | head -n1 | cut -d " " -f 2 | cut -d . -f 1,2)
+ if [ $php_version = "7.0" ]; then
+ install_packages --build "libldb-dev"
+ ln -s /usr/lib/x86_64-linux-gnu/libldap.so /usr/lib/libldap.so
+ fi
+ sectionText "Use core install"
+ eatmydata docker-php-ext-install -j$COMPILE_JOBS $ext &>> $BUILD_LOG
+}
+
php_install_extensions() {
local extensions="$*"
install_packages --build $PHP_BUILD_PACKAGES
diff --git a/docker/start.d/apache2/200_enable_apache_vhost.sh b/docker/start.d/apache2/200_enable_apache_vhost.sh
new file mode 100644
index 0000000..3a224e5
--- /dev/null
+++ b/docker/start.d/apache2/200_enable_apache_vhost.sh
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+enable_apache2_vhost ${SUBSECTION_ARGS:-default}
\ No newline at end of file
diff --git a/docker/start.d/apache2/201_enable_apache_modules.sh b/docker/start.d/apache2/201_enable_apache_modules.sh
new file mode 100644
index 0000000..7dfd91b
--- /dev/null
+++ b/docker/start.d/apache2/201_enable_apache_modules.sh
@@ -0,0 +1,15 @@
+#!/bin/sh
+
+if [ -z "$APACHE_MODS_ENABLE" ]; then
+ sectionText "SKIP: no Modules given"
+ return 0
+fi
+
+apache2_enable_modules() {
+ local modules="$*"
+ for mod in $modules; do
+ ln -sf /etc/apache2/mods-available/$mod.* /etc/apache2/mods-enabled/
+ done
+}
+
+apache2_enable_modules $APACHE_MODS_ENABLE
\ No newline at end of file
diff --git a/docker/start.d/apache2/599_start_apache2.sh b/docker/start.d/apache2/599_start_apache2.sh
new file mode 100644
index 0000000..d3ceb1b
--- /dev/null
+++ b/docker/start.d/apache2/599_start_apache2.sh
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+# start apache2 in foreground to print to stdout
+/usr/sbin/apachectl -DFOREGROUND
diff --git a/docker/start.d/apache2/META b/docker/start.d/apache2/META
new file mode 100644
index 0000000..b046462
--- /dev/null
+++ b/docker/start.d/apache2/META
@@ -0,0 +1 @@
+SECTION_DESCRIPTION="Starts Apache2 in foreground, logging to stdout/stderr"
\ No newline at end of file