From 90c03f7b920b18fc6b7efda5fe7a3ef62b3e2978 Mon Sep 17 00:00:00 2001 From: Markus Opolka Date: Tue, 19 Feb 2019 10:34:05 +0100 Subject: [PATCH] Add sha256 check, shell debug log and PHP production config --- apache/Dockerfile | 86 +++++++++++++++++++++++++++---------------- fpm-alpine/Dockerfile | 55 +++++++++++++++------------ fpm/Dockerfile | 68 +++++++++++++++++++--------------- 3 files changed, 124 insertions(+), 85 deletions(-) diff --git a/apache/Dockerfile b/apache/Dockerfile index d038b6e..aef6d6f 100644 --- a/apache/Dockerfile +++ b/apache/Dockerfile @@ -1,47 +1,69 @@ FROM php:7.2-apache LABEL maintainer="markus@martialblog.de" ARG version='3.15.8+190130' +ARG sha256_checksum='0eb46c81c8fce8eb40625a899ed3a32a2f63a4dd9158da7ee2df2d78a67d4c0b' # Install OS dependencies -RUN apt-get update && \ - DEBIAN_FRONTEND=noninteractive \ - apt-get install --no-install-recommends -y \ - libldap2-dev \ - zlib1g-dev \ - libc-client-dev \ - libkrb5-dev \ - libpng-dev \ - libpq-dev \ - netcat \ - && apt-get autoclean; apt-get autoremove && \ - rm -rf /var/lib/apt/lists/* +RUN set -ex; \ + apt-get update && \ + DEBIAN_FRONTEND=noninteractive \ + apt-get install --no-install-recommends -y \ + \ + libldap2-dev \ + zlib1g-dev \ + libc-client-dev \ + libkrb5-dev \ + libpng-dev \ + libpq-dev \ + netcat \ + \ + && apt-get autoclean; apt-get autoremove; \ + rm -rf /var/lib/apt/lists/* # Link LDAP library for PHP ldap extension -RUN ln -fs /usr/lib/x86_64-linux-gnu/libldap.so /usr/lib/ -# Configure PHP imap plugin -RUN docker-php-ext-configure imap --with-kerberos --with-imap-ssl +RUN set -ex; \ + ln -fs /usr/lib/x86_64-linux-gnu/libldap.so /usr/lib/ -# Install PHP Plugins -RUN docker-php-ext-install -j5 \ - gd \ - imap \ - ldap \ - mbstring \ - pdo \ - pdo_mysql \ - pdo_pgsql \ - pgsql \ - zip +# Install PHP Plugins and Configure PHP imap plugin +RUN set -ex; \ + docker-php-ext-configure imap --with-kerberos --with-imap-ssl && \ + docker-php-ext-install -j5 \ + gd \ + imap \ + ldap \ + mbstring \ + pdo \ + pdo_mysql \ + pdo_pgsql \ + pgsql \ + zip -# Download, unzip and chmod of LimeSurvey +ENV LIMESURVEY_VERSION=$version + +# Apache configuration +RUN a2enmod headers rewrite remoteip; \ + {\ + echo RemoteIPHeader X-Real-IP ;\ + echo RemoteIPTrustedProxy 10.0.0.0/8 ;\ + echo RemoteIPTrustedProxy 172.16.0.0/12 ;\ + echo RemoteIPTrustedProxy 192.168.0.0/16 ;\ + } > /etc/apache2/conf-available/remoteip.conf;\ + a2enconf remoteip + +# Use the default production configuration +RUN mv "$PHP_INI_DIR/php.ini-production" "$PHP_INI_DIR/php.ini" + +# Download, unzip and chmod LimeSurvey from official GitHub repository ADD "https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz" /tmp -RUN tar xzvf "/tmp/${version}.tar.gz" --strip-components=1 -C /var/www/html/ && \ - rm "/tmp/${version}.tar.gz" && \ - chown -R www-data:www-data /var/www/html - -RUN a2enmod headers rewrite remoteip +RUN set -ex; \ + echo "${sha256_checksum} /tmp/${version}.tar.gz" | sha256sum -c - && \ + \ + tar xzvf "/tmp/${version}.tar.gz" --strip-components=1 -C /var/www/html/ && \ + rm -f "/tmp/${version}.tar.gz" && \ + chown -R www-data:www-data /var/www/html COPY entrypoint.sh entrypoint.sh + ENTRYPOINT ["/var/www/html/entrypoint.sh"] CMD ["apache2-foreground"] diff --git a/fpm-alpine/Dockerfile b/fpm-alpine/Dockerfile index c0795f1..9bc0236 100644 --- a/fpm-alpine/Dockerfile +++ b/fpm-alpine/Dockerfile @@ -1,38 +1,45 @@ FROM php:7.2-fpm-alpine LABEL maintainer="markus@martialblog.de" ARG version='3.15.8+190130' +ARG sha256_checksum='0eb46c81c8fce8eb40625a899ed3a32a2f63a4dd9158da7ee2df2d78a67d4c0b' # Install OS dependencies -RUN apk add --no-cache --virtual .build-deps \ - libpng-dev \ - openldap-dev \ - imap-dev \ - postgresql-dev && \ - apk add --no-cache netcat-openbsd bash +RUN set -ex; \ + apk add --no-cache --virtual .build-deps \ + libpng-dev \ + openldap-dev \ + imap-dev \ + postgresql-dev && \ + apk add --no-cache netcat-openbsd bash # Install PHP Plugins -RUN docker-php-ext-configure imap --with-imap-ssl && \ - docker-php-ext-install \ - gd \ - imap \ - ldap \ - mbstring \ - pdo \ - pdo_mysql \ - pdo_pgsql \ - pgsql \ - zip +RUN set -ex; \ + docker-php-ext-configure imap --with-imap-ssl && \ + docker-php-ext-install \ + gd \ + imap \ + ldap \ + mbstring \ + pdo \ + pdo_mysql \ + pdo_pgsql \ + pgsql \ + zip # Download, unzip and chmod of LimeSurvey ADD "https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz" /tmp -RUN tar xzvf "/tmp/${version}.tar.gz" --strip-components=1 -C /var/www/html/ && \ - rm -rf "/tmp/${version}.tar.gz" \ - /var/www/html/docs \ - /var/www/html/tests \ - /var/www/html/*.md && \ - chown -R www-data:root /var/www/ ; \ - chmod -R g=u /var/www +RUN set -ex; \ + echo "${sha256_checksum} /tmp/${version}.tar.gz" | sha256sum -c - && \ + \ + tar xzvf "/tmp/${version}.tar.gz" --strip-components=1 -C /var/www/html/ && \ + \ + rm -rf "/tmp/${version}.tar.gz" \ + /var/www/html/docs \ + /var/www/html/tests \ + /var/www/html/*.md && \ + chown -R www-data:root /var/www/ ; \ + chmod -R g=u /var/www EXPOSE 9000 diff --git a/fpm/Dockerfile b/fpm/Dockerfile index 533a0dc..73339d2 100644 --- a/fpm/Dockerfile +++ b/fpm/Dockerfile @@ -1,44 +1,54 @@ FROM php:7.2-fpm LABEL maintainer="markus@martialblog.de" ARG version='3.15.8+190130' +ARG sha256_checksum='0eb46c81c8fce8eb40625a899ed3a32a2f63a4dd9158da7ee2df2d78a67d4c0b' # Install OS dependencies -RUN apt-get update && \ - DEBIAN_FRONTEND=noninteractive \ - apt-get install --no-install-recommends -y \ - libldap2-dev \ - zlib1g-dev \ - libc-client-dev \ - libkrb5-dev \ - libpng-dev \ - libpq-dev \ - netcat \ - && apt-get autoclean; apt-get autoremove && \ - rm -rf /var/lib/apt/lists/* +RUN set -ex; \ + apt-get update && \ + DEBIAN_FRONTEND=noninteractive \ + apt-get install --no-install-recommends -y \ + \ + libldap2-dev \ + zlib1g-dev \ + libc-client-dev \ + libkrb5-dev \ + libpng-dev \ + libpq-dev \ + netcat \ + \ + && apt-get autoclean; apt-get autoremove; \ + rm -rf /var/lib/apt/lists/* # Link LDAP library for PHP ldap extension -RUN ln -fs /usr/lib/x86_64-linux-gnu/libldap.so /usr/lib/ +RUN set -ex; \ + ln -fs /usr/lib/x86_64-linux-gnu/libldap.so /usr/lib/ -RUN docker-php-ext-configure imap --with-kerberos --with-imap-ssl +# Install PHP Plugins and Configure PHP imap plugin +RUN set -ex; \ + docker-php-ext-configure imap --with-kerberos --with-imap-ssl && \ + docker-php-ext-install -j5 \ + gd \ + imap \ + ldap \ + mbstring \ + pdo \ + pdo_mysql \ + pdo_pgsql \ + pgsql \ + zip -# Install PHP Plugins -RUN docker-php-ext-install -j5 \ - gd \ - imap \ - ldap \ - mbstring \ - pdo \ - pdo_mysql \ - pdo_pgsql \ - pgsql \ - zip +ENV LIMESURVEY_VERSION=$version -# Download, unzip and chmod of LimeSurvey +# Download, unzip and chmod LimeSurvey from official GitHub repository ADD "https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz" /tmp -RUN tar xzvf "/tmp/${version}.tar.gz" --strip-components=1 -C /var/www/html/ && \ - rm "/tmp/${version}.tar.gz" && \ - chown -R www-data:www-data /var/www/html +RUN set -ex; \ + echo "${sha256_checksum} /tmp/${version}.tar.gz" | sha256sum -c - && \ + \ + tar xzvf "/tmp/${version}.tar.gz" --strip-components=1 -C /var/www/html/ && \ + rm -f "/tmp/${version}.tar.gz" && \ + chown -R www-data:www-data /var/www/html EXPOSE 9000