From dfcceb56852fdaab2a5c5c7d228559e6fe65aabe Mon Sep 17 00:00:00 2001 From: Maik Wichmann Date: Tue, 2 Oct 2018 11:35:28 +0200 Subject: [PATCH 1/3] php_ldap fix for php7.0 --- docker/shared_steps/install_php_extensions.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/docker/shared_steps/install_php_extensions.sh b/docker/shared_steps/install_php_extensions.sh index 51f2cbe..3ba2b50 100644 --- a/docker/shared_steps/install_php_extensions.sh +++ b/docker/shared_steps/install_php_extensions.sh @@ -10,6 +10,17 @@ php_install_gd() { eatmydata docker-php-ext-install -j$COMPILE_JOBS $ext } +php_install_ldap() { + local php=$(which php) + local php_version=$($php --version | head -n1 | cut -d " " -f 2 | cut -d . -f 1,2) + if [ $php_version = "7.0" ]; then + install_packages "libldb-dev" + ln -s /usr/lib/x86_64-linux-gnu/libldap.so /usr/lib/libldap.so + fi + sectionText "Use core install" + eatmydata docker-php-ext-install -j$COMPILE_JOBS $ext &>> $BUILD_LOG +} + php_install_extensions() { local extensions="$*" install_packages --build $PHP_BUILD_PACKAGES From 4244d7fbc41dd0adf0629675fb3354572df3c73e Mon Sep 17 00:00:00 2001 From: MaWich Date: Wed, 3 Oct 2018 13:53:11 +0200 Subject: [PATCH 2/3] Apply PullRequest comments --- docker/shared_steps/install_php_extensions.sh | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/docker/shared_steps/install_php_extensions.sh b/docker/shared_steps/install_php_extensions.sh index 3ba2b50..b12ef0b 100644 --- a/docker/shared_steps/install_php_extensions.sh +++ b/docker/shared_steps/install_php_extensions.sh @@ -11,14 +11,13 @@ php_install_gd() { } php_install_ldap() { - local php=$(which php) - local php_version=$($php --version | head -n1 | cut -d " " -f 2 | cut -d . -f 1,2) + local php_version=$($PHP --version | head -n1 | cut -d " " -f 2 | cut -d . -f 1,2) if [ $php_version = "7.0" ]; then - install_packages "libldb-dev" + install_packages --build "libldb-dev" ln -s /usr/lib/x86_64-linux-gnu/libldap.so /usr/lib/libldap.so fi - sectionText "Use core install" - eatmydata docker-php-ext-install -j$COMPILE_JOBS $ext &>> $BUILD_LOG + sectionText "Use core install" + eatmydata docker-php-ext-install -j$COMPILE_JOBS $ext &>> $BUILD_LOG } php_install_extensions() { From c89b10d330d7dee84632fed6a1ccb1fb614efbf2 Mon Sep 17 00:00:00 2001 From: Maik Wichmann Date: Thu, 4 Oct 2018 11:20:11 +0200 Subject: [PATCH 3/3] Add Apache Support to use from other Applications --- Dockerfile | 12 +++++++++++- README.md | 11 +++++++++++ docker/build.d/base/111_apache.sh | 17 +++++++++++++++++ docker/common.inc.sh | 10 ++++++++++ docker/etc/apache2/conf-available/security.conf | 15 +++++++++++++++ docker/etc/apache2/sites-available/default.conf | 12 ++++++++++++ .../start.d/apache2/200_enable_apache_vhost.sh | 3 +++ .../apache2/201_enable_apache_modules.sh | 15 +++++++++++++++ docker/start.d/apache2/599_start_apache2.sh | 4 ++++ docker/start.d/apache2/META | 1 + 10 files changed, 99 insertions(+), 1 deletion(-) create mode 100644 docker/build.d/base/111_apache.sh create mode 100644 docker/etc/apache2/conf-available/security.conf create mode 100644 docker/etc/apache2/sites-available/default.conf create mode 100644 docker/start.d/apache2/200_enable_apache_vhost.sh create mode 100644 docker/start.d/apache2/201_enable_apache_modules.sh create mode 100644 docker/start.d/apache2/599_start_apache2.sh create mode 100644 docker/start.d/apache2/META diff --git a/Dockerfile b/Dockerfile index 15c1c4a..b38ba1c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -31,7 +31,7 @@ ENV ENABLE_GCP="${ENABLE_GCP:-0}" \ # ssmtp: synchronouse mailer, very handy in CLI scripts on docker ENV PATH="${PATH}:${WORKDIR}/docker/bin" \ BUILD_PACKAGES="ccache build-essential unzip" \ - SYSTEM_PACKAGES="ssmtp busybox-static netcat vim less tree libtcmalloc-minimal4 git postgresql-client gettext nginx" \ + SYSTEM_PACKAGES="ssmtp busybox-static netcat vim less tree libtcmalloc-minimal4 git postgresql-client gettext nginx apache2" \ JESSIE_PACKAGE_MAP="libpng16-16:libpng12-0 libicu57:libicu52 libmagickwand-6.q16-3:libmagickwand-6.q16-2 libmagickcore-6.q16-3:libmagickcore-6.q16-2 npm:" \ ENABLE_NEWRELIC="false" @@ -45,6 +45,16 @@ ENV NGINX_SITES_AVAILABLE="/etc/nginx/sites-available" \ COMPRESS_FILE_MATCH="^.*\.(css|js|xml|csv|txt|md|html)\$" \ COMPRESS_FILE_PATHS="public" +# APACHE +ENV APACHE_SITES_AVAILABLE="/etc/apache2/sites-available" \ + APACHE_SITES_ENABLED="/etc/apache2/sites-enabled" \ + APACHE_DIRECTORY_INDEX="index.html index.php" \ + APACHE_OVERRIDE="none" \ + APACHE_MODS_ENABLE="rewrite headers" \ + PHPFPM_HOST="127.0.0.1" \ + PHPFPM_PORT="9000" \ + DOCUMENT_ROOT="${WORKDIR}/public" + # NODEJS ENV ENABLE_NODEJS="true" \ NODEJS_VERSION="8" \ diff --git a/README.md b/README.md index e63c0bc..52adcd7 100644 --- a/README.md +++ b/README.md @@ -232,6 +232,17 @@ Nginx does not support environment variables by itself (except if you enable the | COMPRESS_FILE_MATCH | Extended regex for matching files which should be compressed for nginx | | COMPRESS_FILE_PATHS | Where to look for files to be compressed during build time | +### Apache2 +| Name | Description | +|------------------------|------------------------------------------------------------------------| +| APACHE_SITES_AVAILABLE | Path to the `sites-available/` directory | +| APACHE_SITES_ENABLED. | Path to the `sites-enabled/` directory | +| APACHE_DIRECTORY_INDEX | Apaceh Index Conditions | +| APACHE_OVERRIDE | Apache Override Conditions | +| APACHE_MODS_ENABLE | Apache Modules Enabled to run time | +| PHPFPM_HOST | IP/Domain where to find the php-fpm fastcgi service | +| PHPFPM_PORT | Port of the php-fpm fastcgi service | +| DOCUMENT_ROOT | Default document root for the default vhost | ### NodeJS diff --git a/docker/build.d/base/111_apache.sh b/docker/build.d/base/111_apache.sh new file mode 100644 index 0000000..74c8664 --- /dev/null +++ b/docker/build.d/base/111_apache.sh @@ -0,0 +1,17 @@ +#!/bin/sh + +sectionText "Remove unused Apache configs comming from APT" +rm -f /etc/apache2/conf-enabled/other-vhosts-access-log.conf +rm -f /etc/apache2/conf-available/other-vhosts-access-log.conf +rm -f /var/log/apache2/other_vhosts_access.log +rm -f /etc/apache2/sites-enabled/000-default.conf +rm -f /etc/apache2/sites-available/000-default.conf +rm -f /etc/apache2/sites-available/default-ssl.conf + +sectionText "Enable default used Apache Modules" +ln -fs /etc/apache2/mods-available/proxy.* /etc/apache2/mods-enabled/ +ln -fs /etc/apache2/mods-available/proxy_fcgi.* /etc/apache2/mods-enabled/ + +sectionText "Prepare access/error log to send to stdout/stderr" +ln -sf /dev/stdout /var/log/apache2/access.log +ln -sf /dev/stderr /var/log/apache2/error.log \ No newline at end of file diff --git a/docker/common.inc.sh b/docker/common.inc.sh index 6094c85..65bd0b4 100644 --- a/docker/common.inc.sh +++ b/docker/common.inc.sh @@ -147,6 +147,16 @@ enable_nginx_vhost() { envsubst '$DOCUMENT_ROOT $PHPFPM_HOST $PHPFPM_PORT $ASSET_BUCKET_NAME' > /etc/nginx/sites-enabled/${1}.conf < /etc/nginx/sites-available/${1}.conf } +enable_apache2_vhost() { + if [ ! -e $APACHE_SITES_AVAILABLE/$1.conf ]; then + errorText "\t Apache vhost '$1' not found! Can't enable vhost!" + exit 1 + fi + + sectionText "Enable Apache vhost $1" + ln -sf /etc/apache2/sites-available/${1}.conf /etc/apache2/sites-enabled/${1}.conf +} + npm_install() { local npm_dir="$1"; shift diff --git a/docker/etc/apache2/conf-available/security.conf b/docker/etc/apache2/conf-available/security.conf new file mode 100644 index 0000000..5913d6d --- /dev/null +++ b/docker/etc/apache2/conf-available/security.conf @@ -0,0 +1,15 @@ + + AllowOverride none + Options -Indexes -Multiviews -Includes -ExecCGI + Require all denied + + Require valid-user + + + + Require all denied + +ServerTokens Prod +ServerSignature Off +TraceEnable Off +LimitRequestBody 20971520 \ No newline at end of file diff --git a/docker/etc/apache2/sites-available/default.conf b/docker/etc/apache2/sites-available/default.conf new file mode 100644 index 0000000..7947007 --- /dev/null +++ b/docker/etc/apache2/sites-available/default.conf @@ -0,0 +1,12 @@ + + ServerName localhost + ServerAdmin webmaster@localhost + DocumentRoot ${DOCUMENT_ROOT}/ + ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://${PHPFPM_HOST}:${PHPFPM_PORT}${DOCUMENT_ROOT}/$1 + + DirectoryIndex ${APACHE_DIRECTORY_INDEX} + Require all granted + AllowOverride ${APACHE_OVERRIDE} + + CustomLog ${APACHE_LOG_DIR}/access.log vhost_combined + \ No newline at end of file diff --git a/docker/start.d/apache2/200_enable_apache_vhost.sh b/docker/start.d/apache2/200_enable_apache_vhost.sh new file mode 100644 index 0000000..3a224e5 --- /dev/null +++ b/docker/start.d/apache2/200_enable_apache_vhost.sh @@ -0,0 +1,3 @@ +#!/bin/sh + +enable_apache2_vhost ${SUBSECTION_ARGS:-default} \ No newline at end of file diff --git a/docker/start.d/apache2/201_enable_apache_modules.sh b/docker/start.d/apache2/201_enable_apache_modules.sh new file mode 100644 index 0000000..7dfd91b --- /dev/null +++ b/docker/start.d/apache2/201_enable_apache_modules.sh @@ -0,0 +1,15 @@ +#!/bin/sh + +if [ -z "$APACHE_MODS_ENABLE" ]; then + sectionText "SKIP: no Modules given" + return 0 +fi + +apache2_enable_modules() { + local modules="$*" + for mod in $modules; do + ln -sf /etc/apache2/mods-available/$mod.* /etc/apache2/mods-enabled/ + done +} + +apache2_enable_modules $APACHE_MODS_ENABLE \ No newline at end of file diff --git a/docker/start.d/apache2/599_start_apache2.sh b/docker/start.d/apache2/599_start_apache2.sh new file mode 100644 index 0000000..d3ceb1b --- /dev/null +++ b/docker/start.d/apache2/599_start_apache2.sh @@ -0,0 +1,4 @@ +#!/bin/sh + +# start apache2 in foreground to print to stdout +/usr/sbin/apachectl -DFOREGROUND diff --git a/docker/start.d/apache2/META b/docker/start.d/apache2/META new file mode 100644 index 0000000..b046462 --- /dev/null +++ b/docker/start.d/apache2/META @@ -0,0 +1 @@ +SECTION_DESCRIPTION="Starts Apache2 in foreground, logging to stdout/stderr" \ No newline at end of file