fix tags

.github/workflows/build-latest-container-images.yaml

@@ -1,30 +1,10 @@
 name: Publish Latest Container Images
-on:
+on: [push, pull_request]
-  push:
-    tags:
-      - '5.*'
 
 jobs:
-  lint_dockerfiles:
-    name: Lint Dockerfile with hadolint
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        dockerfile:
-          - 5.0/apache/Dockerfile
-          - 5.0/fpm-alpine/Dockerfile
-          - 5.0/fpm/Dockerfile
-    steps:
-      - uses: actions/checkout@v2
-      - uses: hadolint/hadolint-action@v1.5.0
-        with:
-          dockerfile: ${{ matrix.dockerfile }}
-          ignore: DL4006 DL3008 DL3018
-
   push_images_to_registries:
     name: Push Container Images to registries
     runs-on: ubuntu-latest
-    needs: [lint_dockerfiles]
     environment: docker-build
     permissions:
       packages: write
@@ -52,52 +32,5 @@ jobs:
             type=match,pattern=(.+),group=1
             type=match,pattern=^(\d+),group=1
           flavor: |
-            latest=true
+            latest=false
             suffix=-apache
-      - name: 'Build and push latest Apache container images'
-        uses: docker/build-push-action@v2
-        with:
-          context: 5.0/apache
-          push: true
-          tags: ${{ steps.metadata-apache.outputs.tags }}
-          labels: ${{ steps.metadata-apache.outputs.labels }}
-
-      - name: 'FPM variant metadata'
-        id: metadata-fpm
-        uses: docker/metadata-action@v3
-        with:
-          images: |
-            docker.io/martialblog/limesurvey
-          tags: |
-            type=match,pattern=(.+),group=1
-            type=match,pattern=^(\d+),group=1
-          flavor: |
-            latest=false
-            suffix=-fpm
-      - name: 'Build and push latest fpm container images'
-        uses: docker/build-push-action@v2
-        with:
-          context: 5.0/fpm
-          push: true
-          tags: ${{ steps.metadata-fpm.outputs.tags }}
-          labels: ${{ steps.metadata-fpm.outputs.labels }}
-
-      - name: 'FPM Alpine variant metadata'
-        id: metadata-fpm-alpine
-        uses: docker/metadata-action@v3
-        with:
-          images: |
-            docker.io/martialblog/limesurvey
-          tags: |
-            type=match,pattern=(.+),group=1
-            type=match,pattern=^(\d+),group=1
-          flavor: |
-            latest=false
-            suffix=-fpm-alpine
-      - name: 'Build and push latest fpm-alpine container images'
-        uses: docker/build-push-action@v2
-        with:
-          context: 5.0/fpm-alpine
-          push: true
-          tags: ${{ steps.metadata-fpm-alpine.outputs.tags }}
-          labels: ${{ steps.metadata-fpm-alpine.outputs.labels }}

.github/workflows/build-lts-container-images.yaml

@@ -1,103 +0,0 @@
-name: Publish LTS Container Images
-on:
-  push:
-    tags:
-      - '3.*'
-
-jobs:
-  lint_dockerfiles:
-    name: 'Lint Dockerfile with hadolint'
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        dockerfile:
-          - 3.0/apache/Dockerfile
-          - 3.0/fpm-alpine/Dockerfile
-          - 3.0/fpm/Dockerfile
-    steps:
-      - uses: actions/checkout@v2
-      - uses: hadolint/hadolint-action@v1.5.0
-        with:
-          dockerfile: ${{ matrix.dockerfile }}
-          ignore: DL4006 DL3008 DL3018
-
-  push_images_to_registries:
-    name: 'Push container images to registries'
-    runs-on: ubuntu-latest
-    needs: [lint_dockerfiles]
-    environment: docker-build
-    permissions:
-      packages: write
-      contents: read
-    steps:
-      - name: 'Check out the repo'
-        uses: actions/checkout@v2
-      - name: 'Set up Docker Buildx'
-        uses: docker/setup-buildx-action@v1
-        with:
-          buildkitd-flags: --debug
-      - name: 'Log in to DockerHub'
-        if: github.event_name != 'pull_request'
-        uses: docker/login-action@v1
-        with:
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_HUB_TOKEN }}
-      - name: 'Apache variant metadata'
-        id: metadata-apache
-        uses: docker/metadata-action@v3
-        with:
-          images: |
-            docker.io/martialblog/limesurvey
-          tags: |
-            type=match,pattern=(.+),group=1
-            type=match,pattern=^(\d+),group=1
-          flavor: |
-            latest=false
-            suffix=-apache
-      - name: 'Build and push LTS apache container images'
-        uses: docker/build-push-action@v2
-        with:
-          context: 3.0/apache
-          push: true
-          tags: ${{ steps.metadata-apache.outputs.tags }}
-          labels: ${{ steps.metadata-apache.outputs.labels }}
-
-      - name: 'FPM variant metadata'
-        id: metadata-fpm
-        uses: docker/metadata-action@v3
-        with:
-          images: |
-            docker.io/martialblog/limesurvey
-          tags: |
-            type=match,pattern=(.+),group=1
-            type=match,pattern=^(\d+),group=1
-          flavor: |
-            latest=false
-            suffix=-fpm
-      - name: 'Build and push LTS fpm container images'
-        uses: docker/build-push-action@v2
-        with:
-          context: 3.0/fpm
-          push: true
-          tags: ${{ steps.metadata-fpm.outputs.tags }}
-          labels: ${{ steps.metadata-apache.outputs.labels }}
-
-      - name: 'FPM Alpine variant metadata'
-        id: metadata-fpm-alpine
-        uses: docker/metadata-action@v3
-        with:
-          images: |
-            docker.io/martialblog/limesurvey
-          tags: |
-            type=match,pattern=(.+),group=1
-            type=match,pattern=^(\d+),group=1
-          flavor: |
-            latest=false
-            suffix=-fpm-alpine
-      - name: 'Build and push LTS fpm-alpine container images'
-        uses: docker/build-push-action@v2
-        with:
-          context: 3.0/fpm-alpine
-          push: true
-          tags: ${{ steps.metadata-fpm-alpine.outputs.tags }}
-          labels: ${{ steps.metadata-apache.outputs.labels }}

.github/workflows/lint-dockerfiles.yaml

@@ -1,24 +0,0 @@
----
-name: Lint Dockerfile
-
-on: [push, pull_request]
-
-jobs:
-  lint:
-    name: Lint Dockerfile with hadolint
-    strategy:
-      matrix:
-        dockerfile:
-          - 3.0/apache/Dockerfile
-          - 3.0/fpm-alpine/Dockerfile
-          - 3.0/fpm/Dockerfile
-          - 5.0/apache/Dockerfile
-          - 5.0/fpm-alpine/Dockerfile
-          - 5.0/fpm/Dockerfile
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - uses: hadolint/hadolint-action@v1.5.0
-        with:
-          dockerfile: ${{ matrix.dockerfile }}
-          ignore: DL4006 DL3008 DL3018

.github/workflows/test-latest-container-images.yaml

@@ -1,34 +0,0 @@
-name: Test Latest Container Images
-
-on: [push, pull_request]
-
-jobs:
-  test_images:
-    name: Test Latest Container Images with Trivy
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        context:
-          - apache
-          - fpm-alpine
-          - fpm
-    steps:
-      - name: 'Check out the repo'
-        uses: actions/checkout@v2
-
-      - name: 'Set up Docker Buildx'
-        uses: docker/setup-buildx-action@v1
-
-      - name: 'Build Container images'
-        uses: docker/build-push-action@v2
-        with:
-          context: 5.0/${{ matrix.context }}
-          push: false
-          load: true
-          tags: docker.io/martialblog/limesurvey:5-${{ matrix.context }}
-
-      - name: 'Run Structure tests'
-        uses: plexsystems/container-structure-test-action@v0.2.0
-        with:
-          image: docker.io/martialblog/limesurvey:5-${{ matrix.context }}
-          config: tests/${{ matrix.context }}-tests.yaml

.github/workflows/test-lts-container-images.yaml

@@ -1,34 +0,0 @@
-name: Test LTS Container Images
-
-on: [push, pull_request]
-
-jobs:
-  test_images:
-    name: Test LTS Container Images with Trivy
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        context:
-          - apache
-          - fpm-alpine
-          - fpm
-    steps:
-      - name: 'Check out the repo'
-        uses: actions/checkout@v2
-
-      - name: 'Set up Docker Buildx'
-        uses: docker/setup-buildx-action@v1
-
-      - name: 'Build Container images'
-        uses: docker/build-push-action@v2
-        with:
-          context: 3.0/${{ matrix.context }}
-          push: false
-          load: true
-          tags: docker.io/martialblog/limesurvey:3-${{ matrix.context }}
-
-      - name: 'Run Structure tests'
-        uses: plexsystems/container-structure-test-action@v0.2.0
-        with:
-          image: docker.io/martialblog/limesurvey:3-${{ matrix.context }}
-          config: tests/${{ matrix.context }}-tests.yaml

3.0/apache/Dockerfile

@@ -1,8 +1,7 @@
-FROM php:8.0-apache
+FROM php:7.4-apache
 LABEL maintainer="markus@martialblog.de"
-ARG version="3.28.13+220531"
+ARG version='3.27.25+211116'
-ARG sha256_checksum="57273ebd94c54e1501496451137f2d1cf205551c7dd0eebcb42b6aebeec6e1a7"
+ARG sha256_checksum='91ecfecffc3a437dbb14dec19054d64f07849fe1de00a1322699bd1f50185582'
-ARG archive_url="https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz"
 ARG USER=root
 ARG LISTEN_PORT=80
 
@@ -66,9 +65,9 @@ RUN a2enmod headers rewrite remoteip; \
 # Use the default production configuration
 RUN mv "$PHP_INI_DIR/php.ini-production" "$PHP_INI_DIR/php.ini"
 
-# Download, unzip and chmod LimeSurvey from GitHub (defaults to the official LimeSurvey/LimeSurvey repository) 
+# Download, unzip and chmod LimeSurvey from official GitHub repository
 RUN set -ex; \
-        curl -sSL "${archive_url}" --output /tmp/limesurvey.tar.gz && \
+        curl -sSL "https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz" --output /tmp/limesurvey.tar.gz && \
         echo "${sha256_checksum}  /tmp/limesurvey.tar.gz" | sha256sum -c - && \
         \
         tar xzvf "/tmp/limesurvey.tar.gz" --strip-components=1 -C /var/www/html/ && \

3.0/fpm-alpine/Dockerfile

@@ -1,8 +1,7 @@
-FROM php:8.0-fpm-alpine
+FROM php:7.4-fpm-alpine
 LABEL maintainer="markus@martialblog.de"
-ARG version="3.28.13+220531"
+ARG version='3.27.25+211116'
-ARG sha256_checksum="57273ebd94c54e1501496451137f2d1cf205551c7dd0eebcb42b6aebeec6e1a7"
+ARG sha256_checksum='91ecfecffc3a437dbb14dec19054d64f07849fe1de00a1322699bd1f50185582'
-ARG archive_url="https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz"
 
 # Install OS dependencies
 RUN set -ex; \
@@ -36,9 +35,9 @@ RUN set -ex; \
         tidy \
         zip
 
-# Download, unzip and chmod LimeSurvey from GitHub (defaults to the official LimeSurvey/LimeSurvey repository) 
+# Download, unzip and chmod LimeSurvey from official GitHub repository
 RUN set -ex; \
-        curl -sSL "${archive_url}" --output /tmp/limesurvey.tar.gz && \
+        curl -sSL "https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz" --output /tmp/limesurvey.tar.gz && \
         echo "${sha256_checksum}  /tmp/limesurvey.tar.gz" | sha256sum -c - && \
         \
         tar xzvf "/tmp/limesurvey.tar.gz" --strip-components=1 -C /var/www/html/ && \

3.0/fpm/Dockerfile

@@ -1,8 +1,7 @@
-FROM php:8.0-fpm
+FROM php:7.4-fpm
 LABEL maintainer="markus@martialblog.de"
-ARG version="3.28.13+220531"
+ARG version='3.27.25+211116'
-ARG sha256_checksum="57273ebd94c54e1501496451137f2d1cf205551c7dd0eebcb42b6aebeec6e1a7"
+ARG sha256_checksum='91ecfecffc3a437dbb14dec19054d64f07849fe1de00a1322699bd1f50185582'
-ARG archive_url="https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz"
 
 # Install OS dependencies
 RUN set -ex; \
@@ -51,9 +50,9 @@ RUN set -ex; \
 
 ENV LIMESURVEY_VERSION=$version
 
-# Download, unzip and chmod LimeSurvey from GitHub (defaults to the official LimeSurvey/LimeSurvey repository) 
+# Download, unzip and chmod LimeSurvey from official GitHub repository
 RUN set -ex; \
-        curl -sSL "${archive_url}" --output /tmp/limesurvey.tar.gz && \
+        curl -sSL "https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz" --output /tmp/limesurvey.tar.gz && \
         echo "${sha256_checksum}  /tmp/limesurvey.tar.gz" | sha256sum -c - && \
         \
         tar xzvf "/tmp/limesurvey.tar.gz" --strip-components=1 -C /var/www/html/ && \

4.0/apache/Dockerfile

@@ -0,0 +1,82 @@
+FROM php:7.4-apache
+LABEL maintainer="markus@martialblog.de"
+ARG version='4.6.3+210518'
+ARG sha256_checksum='3c59afc13d0cf974c465c5f851cb8837117518e94031f5e3a28ba468ad734ce2'
+ARG USER=root
+ARG LISTEN_PORT=80
+
+# Install OS dependencies
+RUN set -ex; \
+        apt-get update && \
+        DEBIAN_FRONTEND=noninteractive \
+        apt-get install --no-install-recommends -y \
+        \
+        libldap2-dev \
+        libfreetype6-dev \
+        libjpeg-dev \
+        libonig-dev \
+        zlib1g-dev \
+        libc-client-dev \
+        libkrb5-dev \
+        libpng-dev \
+        libpq-dev \
+        libzip-dev \
+        libtidy-dev \
+        libsodium-dev \
+        netcat \
+        curl \
+        \
+        && apt-get -y autoclean; apt-get -y autoremove; \
+        rm -rf /var/lib/apt/lists/*
+
+# Link LDAP library for PHP ldap extension
+RUN set -ex; \
+        ln -fs /usr/lib/x86_64-linux-gnu/libldap.so /usr/lib/
+
+# Install PHP Plugins and Configure PHP imap plugin
+RUN set -ex; \
+        docker-php-ext-configure gd --with-freetype=/usr/include/ --with-jpeg=/usr && \
+        docker-php-ext-configure imap --with-kerberos --with-imap-ssl && \
+        docker-php-ext-install -j5 \
+        exif \
+        gd \
+        imap \
+        ldap \
+        mbstring \
+        pdo \
+        pdo_mysql \
+        pdo_pgsql \
+        pgsql \
+        sodium \
+        tidy \
+        zip
+
+ENV LIMESURVEY_VERSION=$version
+
+# Apache configuration
+RUN a2enmod headers rewrite remoteip; \
+        {\
+        echo RemoteIPHeader X-Real-IP ;\
+        echo RemoteIPTrustedProxy 10.0.0.0/8 ;\
+        echo RemoteIPTrustedProxy 172.16.0.0/12 ;\
+        echo RemoteIPTrustedProxy 192.168.0.0/16 ;\
+        } > /etc/apache2/conf-available/remoteip.conf;\
+        a2enconf remoteip
+
+# Use the default production configuration
+RUN mv "$PHP_INI_DIR/php.ini-production" "$PHP_INI_DIR/php.ini"
+
+# Download, unzip and chmod LimeSurvey from official GitHub repository
+RUN set -ex; \
+        curl -sSL "https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz" --output /tmp/limesurvey.tar.gz && \
+        echo "${sha256_checksum}  /tmp/limesurvey.tar.gz" | sha256sum -c - && \
+        \
+        tar xzvf "/tmp/limesurvey.tar.gz" --strip-components=1 -C /var/www/html/ && \
+        rm -f "/tmp/limesurvey.tar.gz" && \
+        chown -R www-data:www-data /var/www/html /etc/apache2
+
+WORKDIR /var/www/html
+COPY entrypoint.sh entrypoint.sh
+USER $USER
+ENTRYPOINT ["/var/www/html/entrypoint.sh"]
+CMD ["apache2-foreground"]

4.0/apache/entrypoint.sh

@@ -0,0 +1,154 @@
+#!/bin/bash
+# Entrypoint for Docker Container
+
+
+DB_TYPE=${DB_TYPE:-'mysql'}
+DB_HOST=${DB_HOST:-'mysql'}
+DB_PORT=${DB_PORT:-'3306'}
+DB_SOCK=${DB_SOCK:-}
+DB_NAME=${DB_NAME:-'limesurvey'}
+DB_TABLE_PREFIX=${DB_TABLE_PREFIX:-'lime_'}
+DB_USERNAME=${DB_USERNAME:-'limesurvey'}
+DB_PASSWORD=${DB_PASSWORD:-}
+DB_MYSQL_ENGINE=${DB_MYSQL_ENGINE:-'MyISAM'}
+
+ENCRYPT_KEYPAIR=${ENCRYPT_KEYPAIR:-}
+ENCRYPT_PUBLIC_KEY=${ENCRYPT_PUBLIC_KEY:-}
+ENCRYPT_SECRET_KEY=${ENCRYPT_SECRET_KEY:-}
+
+ADMIN_USER=${ADMIN_USER:-'admin'}
+ADMIN_NAME=${ADMIN_NAME:-'admin'}
+ADMIN_EMAIL=${ADMIN_EMAIL:-'foobar@example.com'}
+ADMIN_PASSWORD=${ADMIN_PASSWORD:-}
+
+BASE_URL=${BASE_URL:-}
+PUBLIC_URL=${PUBLIC_URL:-}
+URL_FORMAT=${URL_FORMAT:-'path'}
+
+DEBUG=${DEBUG:-0}
+DEBUG_SQL=${DEBUG_SQL:-0}
+
+LISTEN_PORT=${LISTEN_PORT:-"80"}
+
+if [ -z "$DB_PASSWORD" ]; then
+    echo >&2 'Error: Missing DB_PASSWORD'
+    exit 1
+fi
+
+if [ -z "$ADMIN_PASSWORD" ]; then
+    echo >&2 'Error: Missing ADMIN_PASSWORD'
+    exit 1
+fi
+
+if [ "$LISTEN_PORT" != "80" ]; then
+    echo "Info: Customizing Apache Listen port to $LISTEN_PORT"
+    sed -i "s/Listen 80\$/Listen $LISTEN_PORT/" /etc/apache2/ports.conf /etc/apache2/sites-available/000-default.conf
+fi
+
+# Check if database is available
+if [ -z "$DB_SOCK" ]; then
+    until nc -z -v -w30 "$DB_HOST" "$DB_PORT"
+    do
+        echo "Info: Waiting for database connection..."
+        sleep 5
+    done
+fi
+
+# Check if config already provisioned
+if [ -f application/config/config.php ]; then
+    echo 'Info: config.php already provisioned'
+else
+    echo 'Info: Generating config.php'
+
+    if [ "$DB_TYPE" = 'mysql' ]; then
+        echo 'Info: Using MySQL configuration'
+        DB_CHARSET=${DB_CHARSET:-'utf8mb4'}
+    fi
+
+    if [ "$DB_TYPE" = 'pgsql' ]; then
+        echo 'Info: Using PostgreSQL configuration'
+        DB_CHARSET=${DB_CHARSET:-'utf8'}
+    fi
+
+    if [ -n "$DB_SOCK" ]; then
+        echo 'Info: Using unix socket'
+        DB_CONNECT='unix_socket'
+    else
+        echo 'Info: Using TCP connection'
+        DB_CONNECT='host'
+    fi
+
+    if [ -z "$PUBLIC_URL" ]; then
+        echo 'Info: Setting PublicURL'
+    fi
+
+    cat <<EOF > application/config/config.php
+<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
+return array(
+  'components' => array(
+    'db' => array(
+      'connectionString' => '$DB_TYPE:$DB_CONNECT=$DB_HOST;port=$DB_PORT;dbname=$DB_NAME;',
+      'emulatePrepare' => true,
+      'username' => '$DB_USERNAME',
+      'password' => '$DB_PASSWORD',
+      'charset' => '$DB_CHARSET',
+      'tablePrefix' => '$DB_TABLE_PREFIX',
+    ),
+    'urlManager' => array(
+      'urlFormat' => '$URL_FORMAT',
+      'rules' => array(),
+      'showScriptName' => true,
+    ),
+    'request' => array(
+      'baseUrl' => '$BASE_URL',
+     ),
+  ),
+  'config'=>array(
+    'publicurl'=>'$PUBLIC_URL',
+    'debug'=>$DEBUG,
+    'debugsql'=>$DEBUG_SQL,
+    'mysqlEngine' => '$DB_MYSQL_ENGINE',
+  )
+);
+
+EOF
+
+fi
+
+# Check if security config already provisioned
+if [ -f application/config/security.php ]; then
+    echo 'Info: security.php already provisioned'
+else
+    echo 'Info: Creating security.php'
+    if [ -n "$ENCRYPT_KEYPAIR" ]; then
+
+        cat <<EOF > application/config/security.php
+<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
+\$config = array();
+\$config['encryptionkeypair'] = '$ENCRYPT_KEYPAIR';
+\$config['encryptionpublickey'] = '$ENCRYPT_PUBLIC_KEY';
+\$config['encryptionsecretkey'] = '$ENCRYPT_SECRET_KEY';
+return \$config;
+EOF
+    else
+        echo >&2 'Warning: No encryption keys were provided'
+        echo >&2 'Warning: A security.php config will be created by the application'
+        echo >&2 'Warning: THIS FILE NEEDS TO BE PERSISTENT'
+    fi
+fi
+
+# Check if LimeSurvey database is provisioned
+echo 'Info: Check if database already provisioned. Nevermind the Stack trace.'
+php application/commands/console.php updatedb
+
+PHP_UPDATEDB_EXIT_CODE=$?
+
+if [ $PHP_UPDATEDB_EXIT_CODE -eq 0 ]; then
+    echo 'Info: Database already provisioned'
+else
+    echo ''
+    echo 'Running console.php install'
+    php application/commands/console.php install "$ADMIN_USER" "$ADMIN_PASSWORD" "$ADMIN_NAME" "$ADMIN_EMAIL"
+fi
+
+exec "$@"

4.0/fpm-alpine/Dockerfile

@@ -0,0 +1,58 @@
+FROM php:7.4-fpm-alpine
+LABEL maintainer="markus@martialblog.de"
+ARG version='4.6.3+210518'
+ARG sha256_checksum='3c59afc13d0cf974c465c5f851cb8837117518e94031f5e3a28ba468ad734ce2'
+
+# Install OS dependencies
+RUN set -ex; \
+        apk add --no-cache --virtual .build-deps \
+        freetype-dev \
+        libpng-dev \
+        libzip-dev \
+        libjpeg-turbo-dev \
+        tidyhtml-dev \
+        libsodium-dev \
+        openldap-dev \
+        oniguruma-dev \
+        imap-dev \
+        postgresql-dev && \
+        apk add --no-cache netcat-openbsd bash
+
+# Install PHP Plugins
+RUN set -ex; \
+        docker-php-ext-configure gd --with-freetype=/usr/include/ --with-jpeg=/usr && \
+        docker-php-ext-configure imap --with-imap-ssl && \
+        docker-php-ext-install \
+        exif \
+        gd \
+        imap \
+        ldap \
+        mbstring \
+        pdo \
+        pdo_mysql \
+        pdo_pgsql \
+        pgsql \
+        sodium \
+        tidy \
+        zip
+
+# Download, unzip and chmod LimeSurvey from official GitHub repository
+RUN set -ex; \
+        curl -sSL "https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz" --output /tmp/limesurvey.tar.gz && \
+        echo "${sha256_checksum}  /tmp/limesurvey.tar.gz" | sha256sum -c - && \
+        \
+        tar xzvf "/tmp/limesurvey.tar.gz" --strip-components=1 -C /var/www/html/ && \
+        \
+        rm -rf "/tmp/limesurvey.tar.gz" \
+        /var/www/html/docs \
+        /var/www/html/tests \
+        /var/www/html/*.md && \
+        chown -R www-data:root /var/www/ ; \
+        chmod -R g=u /var/www
+
+EXPOSE 9000
+
+WORKDIR /var/www/html
+COPY entrypoint.sh entrypoint.sh
+ENTRYPOINT ["/var/www/html/entrypoint.sh"]
+CMD ["php-fpm"]

4.0/fpm-alpine/entrypoint.sh

@@ -0,0 +1,147 @@
+#!/bin/bash
+# Entrypoint for Docker Container
+
+
+DB_TYPE=${DB_TYPE:-'mysql'}
+DB_HOST=${DB_HOST:-'mysql'}
+DB_PORT=${DB_PORT:-'3306'}
+DB_SOCK=${DB_SOCK:-}
+DB_NAME=${DB_NAME:-'limesurvey'}
+DB_TABLE_PREFIX=${DB_TABLE_PREFIX:-'lime_'}
+DB_USERNAME=${DB_USERNAME:-'limesurvey'}
+DB_PASSWORD=${DB_PASSWORD:-}
+DB_MYSQL_ENGINE=${DB_MYSQL_ENGINE:-'MyISAM'}
+
+ENCRYPT_KEYPAIR=${ENCRYPT_KEYPAIR:-}
+ENCRYPT_PUBLIC_KEY=${ENCRYPT_PUBLIC_KEY:-}
+ENCRYPT_SECRET_KEY=${ENCRYPT_SECRET_KEY:-}
+
+ADMIN_USER=${ADMIN_USER:-'admin'}
+ADMIN_NAME=${ADMIN_NAME:-'admin'}
+ADMIN_EMAIL=${ADMIN_EMAIL:-'foobar@example.com'}
+ADMIN_PASSWORD=${ADMIN_PASSWORD:-}
+
+BASE_URL=${BASE_URL:-}
+PUBLIC_URL=${PUBLIC_URL:-}
+URL_FORMAT=${URL_FORMAT:-'path'}
+
+DEBUG=${DEBUG:-0}
+DEBUG_SQL=${DEBUG_SQL:-0}
+
+if [ -z "$DB_PASSWORD" ]; then
+    echo >&2 'Error: Missing DB_PASSWORD'
+    exit 1
+fi
+
+if [ -z "$ADMIN_PASSWORD" ]; then
+    echo >&2 'Error: Missing ADMIN_PASSWORD'
+    exit 1
+fi
+
+# Check if database is available
+if [ -z "$DB_SOCK" ]; then
+    until nc -z -v -w30 "$DB_HOST" "$DB_PORT"
+    do
+        echo "Info: Waiting for database connection..."
+        sleep 5
+    done
+fi
+
+# Check if config already provisioned
+if [ -f application/config/config.php ]; then
+    echo 'Info: config.php already provisioned'
+else
+    echo 'Info: Generating config.php'
+
+    if [ "$DB_TYPE" = 'mysql' ]; then
+        echo 'Info: Using MySQL configuration'
+        DB_CHARSET=${DB_CHARSET:-'utf8mb4'}
+    fi
+
+    if [ "$DB_TYPE" = 'pgsql' ]; then
+        echo 'Info: Using PostgreSQL configuration'
+        DB_CHARSET=${DB_CHARSET:-'utf8'}
+    fi
+
+    if [ -n "$DB_SOCK" ]; then
+        echo 'Info: Using unix socket'
+        DB_CONNECT='unix_socket'
+    else
+        echo 'Info: Using TCP connection'
+        DB_CONNECT='host'
+    fi
+
+    if [ -z "$PUBLIC_URL" ]; then
+        echo 'Info: Setting PublicURL'
+    fi
+
+    cat <<EOF > application/config/config.php
+<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
+return array(
+  'components' => array(
+    'db' => array(
+      'connectionString' => '$DB_TYPE:$DB_CONNECT=$DB_HOST;port=$DB_PORT;dbname=$DB_NAME;',
+      'emulatePrepare' => true,
+      'username' => '$DB_USERNAME',
+      'password' => '$DB_PASSWORD',
+      'charset' => '$DB_CHARSET',
+      'tablePrefix' => '$DB_TABLE_PREFIX',
+    ),
+    'urlManager' => array(
+      'urlFormat' => '$URL_FORMAT',
+      'rules' => array(),
+      'showScriptName' => true,
+    ),
+    'request' => array(
+      'baseUrl' => '$BASE_URL',
+     ),
+  ),
+  'config'=>array(
+    'publicurl'=>'$PUBLIC_URL',
+    'debug'=>$DEBUG,
+    'debugsql'=>$DEBUG_SQL,
+    'mysqlEngine' => '$DB_MYSQL_ENGINE',
+  )
+);
+
+EOF
+
+fi
+
+# Check if security config already provisioned
+if [ -f application/config/security.php ]; then
+    echo 'Info: security.php already provisioned'
+else
+    echo 'Info: Creating security.php'
+    if [ -n "$ENCRYPT_KEYPAIR" ]; then
+
+        cat <<EOF > application/config/security.php
+<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
+\$config = array();
+\$config['encryptionkeypair'] = '$ENCRYPT_KEYPAIR';
+\$config['encryptionpublickey'] = '$ENCRYPT_PUBLIC_KEY';
+\$config['encryptionsecretkey'] = '$ENCRYPT_SECRET_KEY';
+return \$config;
+EOF
+    else
+        echo >&2 'Warning: No encryption keys were provided'
+        echo >&2 'Warning: A security.php config will be created by the application'
+        echo >&2 'Warning: THIS FILE NEEDS TO BE PERSISTENT'
+    fi
+fi
+
+# Check if LimeSurvey database is provisioned
+echo 'Info: Check if database already provisioned. Nevermind the Stack trace.'
+php application/commands/console.php updatedb
+
+PHP_UPDATEDB_EXIT_CODE=$?
+
+if [ $PHP_UPDATEDB_EXIT_CODE -eq 0 ]; then
+    echo 'Info: Database already provisioned'
+else
+    echo ''
+    echo 'Running console.php install'
+    php application/commands/console.php install "$ADMIN_USER" "$ADMIN_PASSWORD" "$ADMIN_NAME" "$ADMIN_EMAIL"
+fi
+
+exec "$@"

4.0/fpm/Dockerfile

@@ -0,0 +1,67 @@
+FROM php:7.4-fpm
+LABEL maintainer="markus@martialblog.de"
+ARG version='4.6.3+210518'
+ARG sha256_checksum='3c59afc13d0cf974c465c5f851cb8837117518e94031f5e3a28ba468ad734ce2'
+
+# Install OS dependencies
+RUN set -ex; \
+        apt-get update && \
+        DEBIAN_FRONTEND=noninteractive \
+        apt-get install --no-install-recommends -y \
+        \
+        libldap2-dev \
+        libfreetype6-dev \
+        libjpeg-dev \
+        libonig-dev \
+        zlib1g-dev \
+        libc-client-dev \
+        libkrb5-dev \
+        libpng-dev \
+        libpq-dev \
+        libzip-dev \
+        libtidy-dev \
+        libsodium-dev \
+        netcat \
+        \
+        && apt-get -y autoclean; apt-get -y autoremove; \
+        rm -rf /var/lib/apt/lists/*
+
+# Link LDAP library for PHP ldap extension
+RUN set -ex; \
+        ln -fs /usr/lib/x86_64-linux-gnu/libldap.so /usr/lib/
+
+# Install PHP Plugins and Configure PHP imap plugin
+RUN set -ex; \
+        docker-php-ext-configure gd --with-freetype=/usr/include/ --with-jpeg=/usr && \
+        docker-php-ext-configure imap --with-kerberos --with-imap-ssl && \
+        docker-php-ext-install -j5 \
+        exif \
+        gd \
+        imap \
+        ldap \
+        mbstring \
+        pdo \
+        pdo_mysql \
+        pdo_pgsql \
+        pgsql \
+        sodium \
+        tidy \
+        zip
+
+ENV LIMESURVEY_VERSION=$version
+
+# Download, unzip and chmod LimeSurvey from official GitHub repository
+RUN set -ex; \
+        curl -sSL "https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz" --output /tmp/limesurvey.tar.gz && \
+        echo "${sha256_checksum}  /tmp/limesurvey.tar.gz" | sha256sum -c - && \
+        \
+        tar xzvf "/tmp/limesurvey.tar.gz" --strip-components=1 -C /var/www/html/ && \
+        rm -f "/tmp/limesurvey.tar.gz" && \
+        chown -R www-data:www-data /var/www/html
+
+EXPOSE 9000
+
+WORKDIR /var/www/html
+COPY entrypoint.sh entrypoint.sh
+ENTRYPOINT ["/var/www/html/entrypoint.sh"]
+CMD ["php-fpm"]

4.0/fpm/entrypoint.sh

@@ -0,0 +1,147 @@
+#!/bin/bash
+# Entrypoint for Docker Container
+
+
+DB_TYPE=${DB_TYPE:-'mysql'}
+DB_HOST=${DB_HOST:-'mysql'}
+DB_PORT=${DB_PORT:-'3306'}
+DB_SOCK=${DB_SOCK:-}
+DB_NAME=${DB_NAME:-'limesurvey'}
+DB_TABLE_PREFIX=${DB_TABLE_PREFIX:-'lime_'}
+DB_USERNAME=${DB_USERNAME:-'limesurvey'}
+DB_PASSWORD=${DB_PASSWORD:-}
+DB_MYSQL_ENGINE=${DB_MYSQL_ENGINE:-'MyISAM'}
+
+ENCRYPT_KEYPAIR=${ENCRYPT_KEYPAIR:-}
+ENCRYPT_PUBLIC_KEY=${ENCRYPT_PUBLIC_KEY:-}
+ENCRYPT_SECRET_KEY=${ENCRYPT_SECRET_KEY:-}
+
+ADMIN_USER=${ADMIN_USER:-'admin'}
+ADMIN_NAME=${ADMIN_NAME:-'admin'}
+ADMIN_EMAIL=${ADMIN_EMAIL:-'foobar@example.com'}
+ADMIN_PASSWORD=${ADMIN_PASSWORD:-}
+
+BASE_URL=${BASE_URL:-}
+PUBLIC_URL=${PUBLIC_URL:-}
+URL_FORMAT=${URL_FORMAT:-'path'}
+
+DEBUG=${DEBUG:-0}
+DEBUG_SQL=${DEBUG_SQL:-0}
+
+if [ -z "$DB_PASSWORD" ]; then
+    echo >&2 'Error: Missing DB_PASSWORD'
+    exit 1
+fi
+
+if [ -z "$ADMIN_PASSWORD" ]; then
+    echo >&2 'Error: Missing ADMIN_PASSWORD'
+    exit 1
+fi
+
+# Check if database is available
+if [ -z "$DB_SOCK" ]; then
+    until nc -z -v -w30 "$DB_HOST" "$DB_PORT"
+    do
+        echo "Info: Waiting for database connection..."
+        sleep 5
+    done
+fi
+
+# Check if config already provisioned
+if [ -f application/config/config.php ]; then
+    echo 'Info: config.php already provisioned'
+else
+    echo 'Info: Generating config.php'
+
+    if [ "$DB_TYPE" = 'mysql' ]; then
+        echo 'Info: Using MySQL configuration'
+        DB_CHARSET=${DB_CHARSET:-'utf8mb4'}
+    fi
+
+    if [ "$DB_TYPE" = 'pgsql' ]; then
+        echo 'Info: Using PostgreSQL configuration'
+        DB_CHARSET=${DB_CHARSET:-'utf8'}
+    fi
+
+    if [ -n "$DB_SOCK" ]; then
+        echo 'Info: Using unix socket'
+        DB_CONNECT='unix_socket'
+    else
+        echo 'Info: Using TCP connection'
+        DB_CONNECT='host'
+    fi
+
+    if [ -z "$PUBLIC_URL" ]; then
+        echo 'Info: Setting PublicURL'
+    fi
+
+    cat <<EOF > application/config/config.php
+<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
+return array(
+  'components' => array(
+    'db' => array(
+      'connectionString' => '$DB_TYPE:$DB_CONNECT=$DB_HOST;port=$DB_PORT;dbname=$DB_NAME;',
+      'emulatePrepare' => true,
+      'username' => '$DB_USERNAME',
+      'password' => '$DB_PASSWORD',
+      'charset' => '$DB_CHARSET',
+      'tablePrefix' => '$DB_TABLE_PREFIX',
+    ),
+    'urlManager' => array(
+      'urlFormat' => '$URL_FORMAT',
+      'rules' => array(),
+      'showScriptName' => true,
+    ),
+    'request' => array(
+      'baseUrl' => '$BASE_URL',
+     ),
+  ),
+  'config'=>array(
+    'publicurl'=>'$PUBLIC_URL',
+    'debug'=>$DEBUG,
+    'debugsql'=>$DEBUG_SQL,
+    'mysqlEngine' => '$DB_MYSQL_ENGINE',
+  )
+);
+
+EOF
+
+fi
+
+# Check if security config already provisioned
+if [ -f application/config/security.php ]; then
+    echo 'Info: security.php already provisioned'
+else
+    echo 'Info: Creating security.php'
+    if [ -n "$ENCRYPT_KEYPAIR" ]; then
+
+        cat <<EOF > application/config/security.php
+<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
+\$config = array();
+\$config['encryptionkeypair'] = '$ENCRYPT_KEYPAIR';
+\$config['encryptionpublickey'] = '$ENCRYPT_PUBLIC_KEY';
+\$config['encryptionsecretkey'] = '$ENCRYPT_SECRET_KEY';
+return \$config;
+EOF
+    else
+        echo >&2 'Warning: No encryption keys were provided'
+        echo >&2 'Warning: A security.php config will be created by the application'
+        echo >&2 'Warning: THIS FILE NEEDS TO BE PERSISTENT'
+    fi
+fi
+
+# Check if LimeSurvey database is provisioned
+echo 'Info: Check if database already provisioned. Nevermind the Stack trace.'
+php application/commands/console.php updatedb
+
+PHP_UPDATEDB_EXIT_CODE=$?
+
+if [ $PHP_UPDATEDB_EXIT_CODE -eq 0 ]; then
+    echo 'Info: Database already provisioned'
+else
+    echo ''
+    echo 'Running console.php install'
+    php application/commands/console.php install "$ADMIN_USER" "$ADMIN_PASSWORD" "$ADMIN_NAME" "$ADMIN_EMAIL"
+fi
+
+exec "$@"

5.0/apache/Dockerfile

@@ -1,8 +1,7 @@
-FROM php:8.0-apache
+FROM php:8-apache
 LABEL maintainer="markus@martialblog.de"
-ARG version="5.3.17+220525"
+ARG version='5.2.2+211115'
-ARG sha256_checksum="fe94c4d9dc11bf0742855c70ce496be48e5556365f403fe9fcb433ed0b0494a8"
+ARG sha256_checksum='61148c6131ea99a699d95117d1b53f1ba7971c609c93353e7b6221dd13515659'
-ARG archive_url="https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz"
 ARG USER=www-data
 ARG LISTEN_PORT=8080
 
@@ -67,9 +66,9 @@ RUN a2enmod headers rewrite remoteip; \
 # Use the default production configuration
 RUN mv "$PHP_INI_DIR/php.ini-production" "$PHP_INI_DIR/php.ini"
 
-# Download, unzip and chmod LimeSurvey from GitHub (defaults to the official LimeSurvey/LimeSurvey repository) 
+# Download, unzip and chmod LimeSurvey from official GitHub repository
 RUN set -ex; \
-        curl -sSL "${archive_url}" --output /tmp/limesurvey.tar.gz && \
+        curl -sSL "https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz" --output /tmp/limesurvey.tar.gz && \
         echo "${sha256_checksum}  /tmp/limesurvey.tar.gz" | sha256sum -c - && \
         \
         tar xzvf "/tmp/limesurvey.tar.gz" --strip-components=1 -C /var/www/html/ && \

5.0/fpm-alpine/Dockerfile

@@ -1,8 +1,7 @@
-FROM php:8.0-fpm-alpine
+FROM php:8-fpm-alpine
 LABEL maintainer="markus@martialblog.de"
-ARG version="5.3.17+220525"
+ARG version='5.2.2+211115'
-ARG sha256_checksum="fe94c4d9dc11bf0742855c70ce496be48e5556365f403fe9fcb433ed0b0494a8"
+ARG sha256_checksum='61148c6131ea99a699d95117d1b53f1ba7971c609c93353e7b6221dd13515659'
-ARG archive_url="https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz"
 ARG USER=www-data
 
 # Install OS dependencies
@@ -38,9 +37,9 @@ RUN set -ex; \
         tidy \
         zip
 
-# Download, unzip and chmod LimeSurvey from GitHub (defaults to the official LimeSurvey/LimeSurvey repository) 
+# Download, unzip and chmod LimeSurvey from official GitHub repository
 RUN set -ex; \
-        curl -sSL "${archive_url}" --output /tmp/limesurvey.tar.gz && \
+        curl -sSL "https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz" --output /tmp/limesurvey.tar.gz && \
         echo "${sha256_checksum}  /tmp/limesurvey.tar.gz" | sha256sum -c - && \
         \
         tar xzvf "/tmp/limesurvey.tar.gz" --strip-components=1 -C /var/www/html/ && \

5.0/fpm/Dockerfile

@@ -1,8 +1,7 @@
-FROM php:8.0-fpm
+FROM php:8-fpm
 LABEL maintainer="markus@martialblog.de"
-ARG version="5.3.17+220525"
+ARG version='5.2.2+211115'
-ARG sha256_checksum="fe94c4d9dc11bf0742855c70ce496be48e5556365f403fe9fcb433ed0b0494a8"
+ARG sha256_checksum='61148c6131ea99a699d95117d1b53f1ba7971c609c93353e7b6221dd13515659'
-ARG archive_url="https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz"
 ARG USER=www-data
 
 # Install OS dependencies
@@ -52,9 +51,9 @@ RUN set -ex; \
 
 ENV LIMESURVEY_VERSION=$version
 
-# Download, unzip and chmod LimeSurvey from GitHub (defaults to the official LimeSurvey/LimeSurvey repository) 
+# Download, unzip and chmod LimeSurvey from official GitHub repository
 RUN set -ex; \
-        curl -sSL "${archive_url}" --output /tmp/limesurvey.tar.gz && \
+        curl -sSL "https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz" --output /tmp/limesurvey.tar.gz && \
         echo "${sha256_checksum}  /tmp/limesurvey.tar.gz" | sha256sum -c - && \
         \
         tar xzvf "/tmp/limesurvey.tar.gz" --strip-components=1 -C /var/www/html/ && \

5.0/fpm/entrypoint.sh

@@ -159,7 +159,7 @@ if [ $PHP_UPDATEDB_EXIT_CODE -eq 0 ]; then
 else
     echo ''
     echo 'Running console.php install'
-    php application/commands/console.php install "$ADMIN_USER" "$ADMIN_PASSWORD" "$ADMIN_NAME" "$ADMIN_EMAIL"
+    php application/commands/console.php install "$ADMIN_USER" "$ADMIN_PASSWORD" "$ADMIN_NAME $ADMIN_EMAIL"
 fi
 
 exec "$@"

CONTRIBUTING.md

@@ -12,19 +12,19 @@ To update the version, simply update ARG variables for version and corresponding
 # Version from GitHub Tags
 # sha256 of tar.gz from GitHub Releases
 
-$ grep ARG 5.0/apache/Dockerfile
+$ grep ARG 4.0/apache/Dockerfile
-ARG version='5.3.13+200824'
+ARG version='4.3.13+200824'
 ARG sha256_checksum='4e9c6f20e'
 ```
 
 It is best to use the upgrade shell script:
 
 ```bash
-./upgrade.sh 5.3.13+200824
+./upgrade.sh 4.3.13+200824
 # Check if sha256 is correct
 
-git add 5.0/ && git commit -m 'Upgrading to Version 5.3.13+200824'
+git add 4.0/ && git commit -m 'Upgrading to Version 4.3.13+200824'
-git tag 5.3.13-200824
+git tag 4.3.13-200824
 ```
 
 ## Testing

README.md

@@ -87,8 +87,6 @@ For further details on the settings see: https://manual.limesurvey.org/Data_encr
 
 ## Traefik example
 
-**Hint**: if you want to deploy LimeSurvey on a sub-path (e.g. https://example.com/limesurvey) you have to set the BASE_URL and adjust the Containers Webservers. See the docker-compose Traefik example in the repository.
-
 ```
 # BASE_URL = /limesurvey
 "traefik.http.routers.limesurvey.rule=PathPrefix(`/limesurvey`)",

docker-compose.pgsql.yml

@@ -24,7 +24,7 @@ services:
   lime-db:
     image: postgres:10
     volumes:
-      - db-data:/var/lib/postgresql/data
+      - db-data:/var/lib/postgresql
     environment:
       - "POSTGRES_USER=limesurvey"
       - "POSTGRES_DB=limesurvey"

docker-compose.traefik.yml

@@ -1,46 +0,0 @@
-version: "3.0"
-services:
-  limesurvey:
-    build:
-      context: 5.0/apache/
-      dockerfile: Dockerfile
-    labels:
-      traefik.enable: 'true'
-      traefik.http.routers.limesurvey-http-router.entrypoints: "http"
-      traefik.http.routers.limesurvey-http-router.rule: "PathPrefix(`/limesurvey`)"
-      traefik.http.services.limesurvey-service.loadbalancer.server.port: "8080"
-    links:
-      - lime-db
-    depends_on:
-      - lime-db
-    volumes:
-      # Unfortunately the StripPrefix Function in Traefik won't work;
-      # Meaning, we will have to set 'Alias /limesurvey "/var/www/html"' in the Apache Config
-      - "./examples/apache-example.conf:/etc/apache2/sites-available/000-default.conf:ro"
-    environment:
-      - "DB_HOST=lime-db"
-      - "DB_PASSWORD=secret"
-      - "ADMIN_PASSWORD=foobar"
-      - "PUBLIC_URL=http://localhost:8888/limesurvey"
-      - "BASE_URL=http://localhost:8888/limesurvey"
-  traefik:
-    image: "traefik:v2.5"
-    container_name: "traefik"
-    command:
-      - "--api.insecure=true"
-      - "--providers.docker=true"
-      - "--providers.docker.exposedbydefault=false"
-      - "--entrypoints.http.address=:8888"
-    ports:
-      - "8888:8888"
-      - "8080:8080"
-    volumes:
-      - "/var/run/docker.sock:/var/run/docker.sock:ro"
-  lime-db:
-    image: mysql:5.7
-    environment:
-      - "MYSQL_USER=limesurvey"
-      - "MYSQL_DATABASE=limesurvey"
-      - "MYSQL_PASSWORD=secret"
-      - "MYSQL_ROOT_PASSWORD=secret"
-

examples/apache-example.conf

@@ -1,7 +1,7 @@
 <VirtualHost *:8080>
 	ServerAdmin foo@bar.com
 	DocumentRoot /var/www/html
-        Alias /limesurvey "/var/www/html"
+        Alias /lime "/var/www/html"
 
         <Directory />
                 Options FollowSymLinks