Upgrading to LTS Version 3.28.47+230131

- Added known issues section

.github/workflows/build-latest-container-images.yaml

@@ -49,10 +49,11 @@ jobs:
           images: |
             docker.io/martialblog/limesurvey
           tags: |
-            type=semver,pattern={{raw}},suffix=-apache
-            type=semver,pattern={{major}},suffix=-apache
+            type=match,pattern=(.+),group=1
+            type=match,pattern=^(\d+),group=1
           flavor: |
-            latest=false
+            latest=true
+            suffix=-apache
       - name: 'Build and push latest Apache container images'
         uses: docker/build-push-action@v2
         with:
@@ -68,8 +69,11 @@ jobs:
           images: |
             docker.io/martialblog/limesurvey
           tags: |
-            type=semver,pattern={{version}},suffix=-fpm
-            type=semver,pattern={{major}},suffix=-fpm
+            type=match,pattern=(.+),group=1
+            type=match,pattern=^(\d+),group=1
+          flavor: |
+            latest=false
+            suffix=-fpm
       - name: 'Build and push latest fpm container images'
         uses: docker/build-push-action@v2
         with:
@@ -85,8 +89,11 @@ jobs:
           images: |
             docker.io/martialblog/limesurvey
           tags: |
-            type=semver,pattern={{version}},suffix=-fpm-alpine
-            type=semver,pattern={{major}},suffix=-fpm-alpine
+            type=match,pattern=(.+),group=1
+            type=match,pattern=^(\d+),group=1
+          flavor: |
+            latest=false
+            suffix=-fpm-alpine
       - name: 'Build and push latest fpm-alpine container images'
         uses: docker/build-push-action@v2
         with:

.github/workflows/build-lts-container-images.yaml

@@ -49,10 +49,11 @@ jobs:
           images: |
             docker.io/martialblog/limesurvey
           tags: |
-            type=semver,pattern={{raw}},suffix=-apache
-            type=semver,pattern={{major}},suffix=-apache
+            type=match,pattern=(.+),group=1
+            type=match,pattern=^(\d+),group=1
           flavor: |
             latest=false
+            suffix=-apache
       - name: 'Build and push LTS apache container images'
         uses: docker/build-push-action@v2
         with:
@@ -68,8 +69,11 @@ jobs:
           images: |
             docker.io/martialblog/limesurvey
           tags: |
-            type=semver,pattern={{version}},suffix=-fpm
-            type=semver,pattern={{major}},suffix=-fpm
+            type=match,pattern=(.+),group=1
+            type=match,pattern=^(\d+),group=1
+          flavor: |
+            latest=false
+            suffix=-fpm
       - name: 'Build and push LTS fpm container images'
         uses: docker/build-push-action@v2
         with:
@@ -85,8 +89,11 @@ jobs:
           images: |
             docker.io/martialblog/limesurvey
           tags: |
-            type=semver,pattern={{version}},suffix=-fpm-alpine
-            type=semver,pattern={{major}},suffix=-fpm-alpine
+            type=match,pattern=(.+),group=1
+            type=match,pattern=^(\d+),group=1
+          flavor: |
+            latest=false
+            suffix=-fpm-alpine
       - name: 'Build and push LTS fpm-alpine container images'
         uses: docker/build-push-action@v2
         with:

.github/workflows/test-latest-container-images.yaml

@@ -32,18 +32,3 @@ jobs:
         with:
           image: docker.io/martialblog/limesurvey:5-${{ matrix.context }}
           config: tests/${{ matrix.context }}-tests.yaml
-
-      - name: 'Run vulnerability scanner'
-        uses: aquasecurity/trivy-action@master
-        with:
-          image-ref: docker.io/martialblog/limesurvey:5-${{ matrix.context }}
-          format: 'template'
-          template: '@/contrib/sarif.tpl'
-          output: trivy-results-5-${{ matrix.context }}.sarif
-          severity: 'CRITICAL,HIGH'
-
-      - name: 'Upload Trivy scan results to GitHub'
-        uses: github/codeql-action/upload-sarif@v1
-        with:
-          sarif_file: trivy-results-5-${{ matrix.context }}.sarif
-          category: "${{ matrix.context }}"

.github/workflows/test-lts-container-images.yaml

@@ -32,18 +32,3 @@ jobs:
         with:
           image: docker.io/martialblog/limesurvey:3-${{ matrix.context }}
           config: tests/${{ matrix.context }}-tests.yaml
-
-      - name: 'Run vulnerability scanner'
-        uses: aquasecurity/trivy-action@master
-        with:
-          image-ref: docker.io/martialblog/limesurvey:3-${{ matrix.context }}
-          format: 'template'
-          template: '@/contrib/sarif.tpl'
-          output: trivy-results-3-${{ matrix.context }}.sarif
-          severity: 'CRITICAL,HIGH'
-
-      - name: 'Upload Trivy scan results to GitHub'
-        uses: github/codeql-action/upload-sarif@v1
-        with:
-          sarif_file: trivy-results-3-${{ matrix.context }}.sarif
-          category: "${{ matrix.context }}"

3.0/apache/Dockerfile

@@ -1,9 +1,5 @@
-FROM php:7.4-apache
+FROM docker.io/php:8.0-apache
 LABEL maintainer="markus@martialblog.de"
-ARG version='3.27.5+210624'
-ARG sha256_checksum='b534eb67521b0143f2b7f49341538e9c6946da1b2397d08bc7b75d740cd98aae'
-ARG USER=root
-ARG LISTEN_PORT=80
 
 # Install OS dependencies
 RUN set -ex; \
@@ -50,8 +46,6 @@ RUN set -ex; \
         tidy \
         zip
 
-ENV LIMESURVEY_VERSION=$version
-
 # Apache configuration
 RUN a2enmod headers rewrite remoteip; \
         {\
@@ -65,9 +59,16 @@ RUN a2enmod headers rewrite remoteip; \
 # Use the default production configuration
 RUN mv "$PHP_INI_DIR/php.ini-production" "$PHP_INI_DIR/php.ini"
 
-# Download, unzip and chmod LimeSurvey from official GitHub repository
+ARG version="3.28.47+230131"
+ARG sha256_checksum="7392921f7d47df9ef8a1932b07c76d88bd0f4b478dc44c89165f1aca05fdbea3"
+ARG archive_url="https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz"
+ARG USER=root
+ARG LISTEN_PORT=80
+ENV LIMESURVEY_VERSION=$version
+
+# Download, unzip and chmod LimeSurvey from GitHub (defaults to the official LimeSurvey/LimeSurvey repository) 
 RUN set -ex; \
-        curl -sSL "https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz" --output /tmp/limesurvey.tar.gz && \
+        curl -sSL "${archive_url}" --output /tmp/limesurvey.tar.gz && \
         echo "${sha256_checksum}  /tmp/limesurvey.tar.gz" | sha256sum -c - && \
         \
         tar xzvf "/tmp/limesurvey.tar.gz" --strip-components=1 -C /var/www/html/ && \
@@ -75,7 +76,8 @@ RUN set -ex; \
         chown -R www-data:www-data /var/www/html /etc/apache2
 
 WORKDIR /var/www/html
-COPY entrypoint.sh entrypoint.sh
+COPY entrypoint.sh /usr/local/bin/entrypoint.sh
+COPY vhosts-access-log.conf /etc/apache2/conf-enabled/other-vhosts-access-log.conf
 USER $USER
-ENTRYPOINT ["/var/www/html/entrypoint.sh"]
+ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
 CMD ["apache2-foreground"]

3.0/apache/entrypoint.sh

@@ -19,6 +19,8 @@ ADMIN_PASSWORD=${ADMIN_PASSWORD:-}
 BASE_URL=${BASE_URL:-}
 PUBLIC_URL=${PUBLIC_URL:-}
 URL_FORMAT=${URL_FORMAT:-'path'}
+SHOW_SCRIPT_NAME=${SHOW_SCRIPT_NAME:-'true'}
+TABLE_SESSION=${TABLE_SESSION:-}
 
 DEBUG=${DEBUG:-0}
 DEBUG_SQL=${DEBUG_SQL:-0}
@@ -42,7 +44,7 @@ fi
 
 # Check if database is available
 if [ -z "$DB_SOCK" ]; then
-    until nc -z -v -w30 $DB_HOST $DB_PORT
+    until nc -z -v -w30 "$DB_HOST" "$DB_PORT"
     do
         echo "Info: Waiting for database connection..."
         sleep 5
@@ -65,7 +67,7 @@ else
         DB_CHARSET=${DB_CHARSET:-'utf8'}
     fi
 
-    if [ ! -z "$DB_SOCK" ]; then
+    if [ -n "$DB_SOCK" ]; then
         echo 'Info: Using unix socket'
         DB_CONNECT='unix_socket'
     else
@@ -87,12 +89,17 @@ return array(
       'username' => '$DB_USERNAME',
       'password' => '$DB_PASSWORD',
       'charset' => '$DB_CHARSET',
-      'tablePrefix' => '$DB_TABLE_PREFIX',
+      'tablePrefix' => '${DB_TABLE_PREFIX//[[:space:]]/}',
     ),
+    //'session' => array (
+    //   'class' => 'application.core.web.DbHttpSession',
+    //   'connectionID' => 'db',
+    //   'sessionTableName' => '{{sessions}}',
+    //),
     'urlManager' => array(
       'urlFormat' => '$URL_FORMAT',
       'rules' => array(),
-      'showScriptName' => true,
+      'showScriptName' => $SHOW_SCRIPT_NAME,
     ),
     'request' => array(
       'baseUrl' => '$BASE_URL',
@@ -109,17 +116,25 @@ EOF
 
 fi
 
+# Enable Table Sessions if required
+if [ -n "$TABLE_SESSION" ]; then
+    echo 'Info: Setting Table Session'
+    # Remove the comments in the config
+    sed -i "s/\/\///g" application/config/config.php
+fi
 
 # Check if LimeSurvey database is provisioned
 echo 'Info: Check if database already provisioned. Nevermind the Stack trace.'
 php application/commands/console.php updatedb
 
-if [ $? -eq 0 ]; then
+PHP_UPDATEDB_EXIT_CODE=$?
+
+if [ $PHP_UPDATEDB_EXIT_CODE -eq 0 ]; then
     echo 'Info: Database already provisioned'
 else
     echo ''
     echo 'Running console.php install'
-    php application/commands/console.php install $ADMIN_USER $ADMIN_PASSWORD $ADMIN_NAME $ADMIN_EMAIL
+    php application/commands/console.php install "$ADMIN_USER" "$ADMIN_PASSWORD" "$ADMIN_NAME" "$ADMIN_EMAIL"
 fi
 
 exec "$@"

3.0/apache/vhosts-access-log.conf

@@ -0,0 +1,3 @@
+SetEnvIF User-Agent "(?i)(check|health|probe)" dontlog
+ErrorLog ${APACHE_LOG_DIR}/error.log
+CustomLog ${APACHE_LOG_DIR}/access.log combined env=!dontlog

3.0/fpm-alpine/Dockerfile

@@ -1,7 +1,5 @@
-FROM php:7.4-fpm-alpine
+FROM docker.io/php:8.0-fpm-alpine
 LABEL maintainer="markus@martialblog.de"
-ARG version='3.27.5+210624'
-ARG sha256_checksum='b534eb67521b0143f2b7f49341538e9c6946da1b2397d08bc7b75d740cd98aae'
 
 # Install OS dependencies
 RUN set -ex; \
@@ -35,9 +33,14 @@ RUN set -ex; \
         tidy \
         zip
 
-# Download, unzip and chmod LimeSurvey from official GitHub repository
+ARG version="3.28.47+230131"
+ARG sha256_checksum="7392921f7d47df9ef8a1932b07c76d88bd0f4b478dc44c89165f1aca05fdbea3"
+ARG archive_url="https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz"
+ENV LIMESURVEY_VERSION=$version
+
+# Download, unzip and chmod LimeSurvey from GitHub (defaults to the official LimeSurvey/LimeSurvey repository) 
 RUN set -ex; \
-        curl -sSL "https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz" --output /tmp/limesurvey.tar.gz && \
+        curl -sSL "${archive_url}" --output /tmp/limesurvey.tar.gz && \
         echo "${sha256_checksum}  /tmp/limesurvey.tar.gz" | sha256sum -c - && \
         \
         tar xzvf "/tmp/limesurvey.tar.gz" --strip-components=1 -C /var/www/html/ && \
@@ -52,6 +55,6 @@ RUN set -ex; \
 EXPOSE 9000
 
 WORKDIR /var/www/html
-COPY entrypoint.sh entrypoint.sh
-ENTRYPOINT ["/var/www/html/entrypoint.sh"]
+COPY entrypoint.sh /usr/local/bin/entrypoint.sh
+ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
 CMD ["php-fpm"]

3.0/fpm-alpine/entrypoint.sh

@@ -19,6 +19,8 @@ ADMIN_PASSWORD=${ADMIN_PASSWORD:-}
 BASE_URL=${BASE_URL:-}
 PUBLIC_URL=${PUBLIC_URL:-}
 URL_FORMAT=${URL_FORMAT:-'path'}
+SHOW_SCRIPT_NAME=${SHOW_SCRIPT_NAME:-'true'}
+TABLE_SESSION=${TABLE_SESSION:-}
 
 DEBUG=${DEBUG:-0}
 DEBUG_SQL=${DEBUG_SQL:-0}
@@ -35,7 +37,7 @@ fi
 
 # Check if database is available
 if [ -z "$DB_SOCK" ]; then
-    until nc -z -v -w30 $DB_HOST $DB_PORT
+    until nc -z -v -w30 "$DB_HOST" "$DB_PORT"
     do
         echo "Info: Waiting for database connection..."
         sleep 5
@@ -58,7 +60,7 @@ else
         DB_CHARSET=${DB_CHARSET:-'utf8'}
     fi
 
-    if [ ! -z "$DB_SOCK" ]; then
+    if [ -n "$DB_SOCK" ]; then
         echo 'Info: Using unix socket'
         DB_CONNECT='unix_socket'
     else
@@ -80,12 +82,17 @@ return array(
       'username' => '$DB_USERNAME',
       'password' => '$DB_PASSWORD',
       'charset' => '$DB_CHARSET',
-      'tablePrefix' => '$DB_TABLE_PREFIX',
+      'tablePrefix' => '${DB_TABLE_PREFIX//[[:space:]]/}',
     ),
+    //'session' => array (
+    //   'class' => 'application.core.web.DbHttpSession',
+    //   'connectionID' => 'db',
+    //   'sessionTableName' => '{{sessions}}',
+    //),
     'urlManager' => array(
       'urlFormat' => '$URL_FORMAT',
       'rules' => array(),
-      'showScriptName' => true,
+      'showScriptName' => $SHOW_SCRIPT_NAME,
     ),
     'request' => array(
       'baseUrl' => '$BASE_URL',
@@ -102,17 +109,25 @@ EOF
 
 fi
 
+# Enable Table Sessions if required
+if [ -n "$TABLE_SESSION" ]; then
+    echo 'Info: Setting Table Session'
+    # Remove the comments in the config
+    sed -i "s/\/\///g" application/config/config.php
+fi
 
 # Check if LimeSurvey database is provisioned
 echo 'Info: Check if database already provisioned. Nevermind the Stack trace.'
 php application/commands/console.php updatedb
 
-if [ $? -eq 0 ]; then
+PHP_UPDATEDB_EXIT_CODE=$?
+
+if [ $PHP_UPDATEDB_EXIT_CODE -eq 0 ]; then
     echo 'Info: Database already provisioned'
 else
     echo ''
     echo 'Running console.php install'
-    php application/commands/console.php install $ADMIN_USER $ADMIN_PASSWORD $ADMIN_NAME $ADMIN_EMAIL
+    php application/commands/console.php install "$ADMIN_USER" "$ADMIN_PASSWORD" "$ADMIN_NAME" "$ADMIN_EMAIL"
 fi
 
 exec "$@"

3.0/fpm/Dockerfile

@@ -1,7 +1,5 @@
-FROM php:7.4-fpm
+FROM docker.io/php:8.0-fpm
 LABEL maintainer="markus@martialblog.de"
-ARG version='3.27.5+210624'
-ARG sha256_checksum='b534eb67521b0143f2b7f49341538e9c6946da1b2397d08bc7b75d740cd98aae'
 
 # Install OS dependencies
 RUN set -ex; \
@@ -48,11 +46,14 @@ RUN set -ex; \
         tidy \
         zip
 
+ARG version="3.28.47+230131"
+ARG sha256_checksum="7392921f7d47df9ef8a1932b07c76d88bd0f4b478dc44c89165f1aca05fdbea3"
+ARG archive_url="https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz"
 ENV LIMESURVEY_VERSION=$version
 
-# Download, unzip and chmod LimeSurvey from official GitHub repository
+# Download, unzip and chmod LimeSurvey from GitHub (defaults to the official LimeSurvey/LimeSurvey repository) 
 RUN set -ex; \
-        curl -sSL "https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz" --output /tmp/limesurvey.tar.gz && \
+        curl -sSL "${archive_url}" --output /tmp/limesurvey.tar.gz && \
         echo "${sha256_checksum}  /tmp/limesurvey.tar.gz" | sha256sum -c - && \
         \
         tar xzvf "/tmp/limesurvey.tar.gz" --strip-components=1 -C /var/www/html/ && \
@@ -62,6 +63,6 @@ RUN set -ex; \
 EXPOSE 9000
 
 WORKDIR /var/www/html
-COPY entrypoint.sh entrypoint.sh
-ENTRYPOINT ["/var/www/html/entrypoint.sh"]
+COPY entrypoint.sh /usr/local/bin/entrypoint.sh
+ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
 CMD ["php-fpm"]

3.0/fpm/entrypoint.sh

@@ -19,6 +19,8 @@ ADMIN_PASSWORD=${ADMIN_PASSWORD:-}
 BASE_URL=${BASE_URL:-}
 PUBLIC_URL=${PUBLIC_URL:-}
 URL_FORMAT=${URL_FORMAT:-'path'}
+SHOW_SCRIPT_NAME=${SHOW_SCRIPT_NAME:-'true'}
+TABLE_SESSION=${TABLE_SESSION:-}
 
 DEBUG=${DEBUG:-0}
 DEBUG_SQL=${DEBUG_SQL:-0}
@@ -35,7 +37,7 @@ fi
 
 # Check if database is available
 if [ -z "$DB_SOCK" ]; then
-    until nc -z -v -w30 $DB_HOST $DB_PORT
+    until nc -z -v -w30 "$DB_HOST" "$DB_PORT"
     do
         echo "Info: Waiting for database connection..."
         sleep 5
@@ -58,7 +60,7 @@ else
         DB_CHARSET=${DB_CHARSET:-'utf8'}
     fi
 
-    if [ ! -z "$DB_SOCK" ]; then
+    if [ -n "$DB_SOCK" ]; then
         echo 'Info: Using unix socket'
         DB_CONNECT='unix_socket'
     else
@@ -80,12 +82,17 @@ return array(
       'username' => '$DB_USERNAME',
       'password' => '$DB_PASSWORD',
       'charset' => '$DB_CHARSET',
-      'tablePrefix' => '$DB_TABLE_PREFIX',
+      'tablePrefix' => '${DB_TABLE_PREFIX//[[:space:]]/}',
     ),
+    //'session' => array (
+    //   'class' => 'application.core.web.DbHttpSession',
+    //   'connectionID' => 'db',
+    //   'sessionTableName' => '{{sessions}}',
+    //),
     'urlManager' => array(
       'urlFormat' => '$URL_FORMAT',
       'rules' => array(),
-      'showScriptName' => true,
+      'showScriptName' => $SHOW_SCRIPT_NAME,
     ),
     'request' => array(
       'baseUrl' => '$BASE_URL',
@@ -102,17 +109,25 @@ EOF
 
 fi
 
+# Enable Table Sessions if required
+if [ -n "$TABLE_SESSION" ]; then
+    echo 'Info: Setting Table Session'
+    # Remove the comments in the config
+    sed -i "s/\/\///g" application/config/config.php
+fi
 
 # Check if LimeSurvey database is provisioned
 echo 'Info: Check if database already provisioned. Nevermind the Stack trace.'
 php application/commands/console.php updatedb
 
-if [ $? -eq 0 ]; then
+PHP_UPDATEDB_EXIT_CODE=$?
+
+if [ $PHP_UPDATEDB_EXIT_CODE -eq 0 ]; then
     echo 'Info: Database already provisioned'
 else
     echo ''
     echo 'Running console.php install'
-    php application/commands/console.php install $ADMIN_USER $ADMIN_PASSWORD $ADMIN_NAME $ADMIN_EMAIL
+    php application/commands/console.php install "$ADMIN_USER" "$ADMIN_PASSWORD" "$ADMIN_NAME" "$ADMIN_EMAIL"
 fi
 
 exec "$@"

4.0/apache/Dockerfile

@@ -1,82 +0,0 @@
-FROM php:7.4-apache
-LABEL maintainer="markus@martialblog.de"
-ARG version='4.6.3+210518'
-ARG sha256_checksum='3c59afc13d0cf974c465c5f851cb8837117518e94031f5e3a28ba468ad734ce2'
-ARG USER=root
-ARG LISTEN_PORT=80
-
-# Install OS dependencies
-RUN set -ex; \
-        apt-get update && \
-        DEBIAN_FRONTEND=noninteractive \
-        apt-get install --no-install-recommends -y \
-        \
-        libldap2-dev \
-        libfreetype6-dev \
-        libjpeg-dev \
-        libonig-dev \
-        zlib1g-dev \
-        libc-client-dev \
-        libkrb5-dev \
-        libpng-dev \
-        libpq-dev \
-        libzip-dev \
-        libtidy-dev \
-        libsodium-dev \
-        netcat \
-        curl \
-        \
-        && apt-get -y autoclean; apt-get -y autoremove; \
-        rm -rf /var/lib/apt/lists/*
-
-# Link LDAP library for PHP ldap extension
-RUN set -ex; \
-        ln -fs /usr/lib/x86_64-linux-gnu/libldap.so /usr/lib/
-
-# Install PHP Plugins and Configure PHP imap plugin
-RUN set -ex; \
-        docker-php-ext-configure gd --with-freetype=/usr/include/ --with-jpeg=/usr && \
-        docker-php-ext-configure imap --with-kerberos --with-imap-ssl && \
-        docker-php-ext-install -j5 \
-        exif \
-        gd \
-        imap \
-        ldap \
-        mbstring \
-        pdo \
-        pdo_mysql \
-        pdo_pgsql \
-        pgsql \
-        sodium \
-        tidy \
-        zip
-
-ENV LIMESURVEY_VERSION=$version
-
-# Apache configuration
-RUN a2enmod headers rewrite remoteip; \
-        {\
-        echo RemoteIPHeader X-Real-IP ;\
-        echo RemoteIPTrustedProxy 10.0.0.0/8 ;\
-        echo RemoteIPTrustedProxy 172.16.0.0/12 ;\
-        echo RemoteIPTrustedProxy 192.168.0.0/16 ;\
-        } > /etc/apache2/conf-available/remoteip.conf;\
-        a2enconf remoteip
-
-# Use the default production configuration
-RUN mv "$PHP_INI_DIR/php.ini-production" "$PHP_INI_DIR/php.ini"
-
-# Download, unzip and chmod LimeSurvey from official GitHub repository
-RUN set -ex; \
-        curl -sSL "https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz" --output /tmp/limesurvey.tar.gz && \
-        echo "${sha256_checksum}  /tmp/limesurvey.tar.gz" | sha256sum -c - && \
-        \
-        tar xzvf "/tmp/limesurvey.tar.gz" --strip-components=1 -C /var/www/html/ && \
-        rm -f "/tmp/limesurvey.tar.gz" && \
-        chown -R www-data:www-data /var/www/html /etc/apache2
-
-WORKDIR /var/www/html
-COPY entrypoint.sh entrypoint.sh
-USER $USER
-ENTRYPOINT ["/var/www/html/entrypoint.sh"]
-CMD ["apache2-foreground"]

4.0/apache/entrypoint.sh

@@ -1,150 +0,0 @@
-#!/bin/bash
-# Entrypoint for Docker Container
-
-
-DB_TYPE=${DB_TYPE:-'mysql'}
-DB_HOST=${DB_HOST:-'mysql'}
-DB_PORT=${DB_PORT:-'3306'}
-DB_SOCK=${DB_SOCK:-}
-DB_NAME=${DB_NAME:-'limesurvey'}
-DB_TABLE_PREFIX=${DB_TABLE_PREFIX:-'lime_'}
-DB_USERNAME=${DB_USERNAME:-'limesurvey'}
-DB_PASSWORD=${DB_PASSWORD:-}
-
-ENCRYPT_KEYPAIR=${ENCRYPT_KEYPAIR:-}
-ENCRYPT_PUBLIC_KEY=${ENCRYPT_PUBLIC_KEY:-}
-ENCRYPT_SECRET_KEY=${ENCRYPT_SECRET_KEY:-}
-
-ADMIN_USER=${ADMIN_USER:-'admin'}
-ADMIN_NAME=${ADMIN_NAME:-'admin'}
-ADMIN_EMAIL=${ADMIN_EMAIL:-'foobar@example.com'}
-ADMIN_PASSWORD=${ADMIN_PASSWORD:-}
-
-BASE_URL=${BASE_URL:-}
-PUBLIC_URL=${PUBLIC_URL:-}
-URL_FORMAT=${URL_FORMAT:-'path'}
-
-DEBUG=${DEBUG:-0}
-DEBUG_SQL=${DEBUG_SQL:-0}
-
-LISTEN_PORT=${LISTEN_PORT:-"80"}
-
-if [ -z "$DB_PASSWORD" ]; then
-    echo >&2 'Error: Missing DB_PASSWORD'
-    exit 1
-fi
-
-if [ -z "$ADMIN_PASSWORD" ]; then
-    echo >&2 'Error: Missing ADMIN_PASSWORD'
-    exit 1
-fi
-
-if [ "$LISTEN_PORT" != "80" ]; then
-    echo "Info: Customizing Apache Listen port to $LISTEN_PORT"
-    sed -i "s/Listen 80\$/Listen $LISTEN_PORT/" /etc/apache2/ports.conf /etc/apache2/sites-available/000-default.conf
-fi
-
-# Check if database is available
-if [ -z "$DB_SOCK" ]; then
-    until nc -z -v -w30 $DB_HOST $DB_PORT
-    do
-        echo "Info: Waiting for database connection..."
-        sleep 5
-    done
-fi
-
-# Check if config already provisioned
-if [ -f application/config/config.php ]; then
-    echo 'Info: config.php already provisioned'
-else
-    echo 'Info: Generating config.php'
-
-    if [ "$DB_TYPE" = 'mysql' ]; then
-        echo 'Info: Using MySQL configuration'
-        DB_CHARSET=${DB_CHARSET:-'utf8mb4'}
-    fi
-
-    if [ "$DB_TYPE" = 'pgsql' ]; then
-        echo 'Info: Using PostgreSQL configuration'
-        DB_CHARSET=${DB_CHARSET:-'utf8'}
-    fi
-
-    if [ ! -z "$DB_SOCK" ]; then
-        echo 'Info: Using unix socket'
-        DB_CONNECT='unix_socket'
-    else
-        echo 'Info: Using TCP connection'
-        DB_CONNECT='host'
-    fi
-
-    if [ -z "$PUBLIC_URL" ]; then
-        echo 'Info: Setting PublicURL'
-    fi
-
-    cat <<EOF > application/config/config.php
-<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
-return array(
-  'components' => array(
-    'db' => array(
-      'connectionString' => '$DB_TYPE:$DB_CONNECT=$DB_HOST;port=$DB_PORT;dbname=$DB_NAME;',
-      'emulatePrepare' => true,
-      'username' => '$DB_USERNAME',
-      'password' => '$DB_PASSWORD',
-      'charset' => '$DB_CHARSET',
-      'tablePrefix' => '$DB_TABLE_PREFIX',
-    ),
-    'urlManager' => array(
-      'urlFormat' => '$URL_FORMAT',
-      'rules' => array(),
-      'showScriptName' => true,
-    ),
-    'request' => array(
-      'baseUrl' => '$BASE_URL',
-     ),
-  ),
-  'config'=>array(
-    'publicurl'=>'$PUBLIC_URL',
-    'debug'=>$DEBUG,
-    'debugsql'=>$DEBUG_SQL,
-  )
-);
-
-EOF
-
-fi
-
-# Check if security config already provisioned
-if [ -f application/config/security.php ]; then
-    echo 'Info: security.php already provisioned'
-else
-    echo 'Info: Creating security.php'
-    if [ ! -z "$ENCRYPT_KEYPAIR" ]; then
-
-        cat <<EOF > application/config/security.php
-<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
-\$config = array();
-\$config['encryptionkeypair'] = '$ENCRYPT_KEYPAIR';
-\$config['encryptionpublickey'] = '$ENCRYPT_PUBLIC_KEY';
-\$config['encryptionsecretkey'] = '$ENCRYPT_SECRET_KEY';
-return \$config;
-EOF
-    else
-        echo >&2 'Warning: No encryption keys were provided'
-        echo >&2 'Warning: A security.php config will be created by the application'
-        echo >&2 'Warning: THIS FILE NEEDS TO BE PERSISTENT'
-    fi
-fi
-
-# Check if LimeSurvey database is provisioned
-echo 'Info: Check if database already provisioned. Nevermind the Stack trace.'
-php application/commands/console.php updatedb
-
-if [ $? -eq 0 ]; then
-    echo 'Info: Database already provisioned'
-else
-    echo ''
-    echo 'Running console.php install'
-    php application/commands/console.php install $ADMIN_USER $ADMIN_PASSWORD $ADMIN_NAME $ADMIN_EMAIL
-fi
-
-exec "$@"

4.0/fpm-alpine/Dockerfile

@@ -1,58 +0,0 @@
-FROM php:7.4-fpm-alpine
-LABEL maintainer="markus@martialblog.de"
-ARG version='4.6.3+210518'
-ARG sha256_checksum='3c59afc13d0cf974c465c5f851cb8837117518e94031f5e3a28ba468ad734ce2'
-
-# Install OS dependencies
-RUN set -ex; \
-        apk add --no-cache --virtual .build-deps \
-        freetype-dev \
-        libpng-dev \
-        libzip-dev \
-        libjpeg-turbo-dev \
-        tidyhtml-dev \
-        libsodium-dev \
-        openldap-dev \
-        oniguruma-dev \
-        imap-dev \
-        postgresql-dev && \
-        apk add --no-cache netcat-openbsd bash
-
-# Install PHP Plugins
-RUN set -ex; \
-        docker-php-ext-configure gd --with-freetype=/usr/include/ --with-jpeg=/usr && \
-        docker-php-ext-configure imap --with-imap-ssl && \
-        docker-php-ext-install \
-        exif \
-        gd \
-        imap \
-        ldap \
-        mbstring \
-        pdo \
-        pdo_mysql \
-        pdo_pgsql \
-        pgsql \
-        sodium \
-        tidy \
-        zip
-
-# Download, unzip and chmod LimeSurvey from official GitHub repository
-RUN set -ex; \
-        curl -sSL "https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz" --output /tmp/limesurvey.tar.gz && \
-        echo "${sha256_checksum}  /tmp/limesurvey.tar.gz" | sha256sum -c - && \
-        \
-        tar xzvf "/tmp/limesurvey.tar.gz" --strip-components=1 -C /var/www/html/ && \
-        \
-        rm -rf "/tmp/limesurvey.tar.gz" \
-        /var/www/html/docs \
-        /var/www/html/tests \
-        /var/www/html/*.md && \
-        chown -R www-data:root /var/www/ ; \
-        chmod -R g=u /var/www
-
-EXPOSE 9000
-
-WORKDIR /var/www/html
-COPY entrypoint.sh entrypoint.sh
-ENTRYPOINT ["/var/www/html/entrypoint.sh"]
-CMD ["php-fpm"]

4.0/fpm-alpine/entrypoint.sh

@@ -1,143 +0,0 @@
-#!/bin/bash
-# Entrypoint for Docker Container
-
-
-DB_TYPE=${DB_TYPE:-'mysql'}
-DB_HOST=${DB_HOST:-'mysql'}
-DB_PORT=${DB_PORT:-'3306'}
-DB_SOCK=${DB_SOCK:-}
-DB_NAME=${DB_NAME:-'limesurvey'}
-DB_TABLE_PREFIX=${DB_TABLE_PREFIX:-'lime_'}
-DB_USERNAME=${DB_USERNAME:-'limesurvey'}
-DB_PASSWORD=${DB_PASSWORD:-}
-
-ENCRYPT_KEYPAIR=${ENCRYPT_KEYPAIR:-}
-ENCRYPT_PUBLIC_KEY=${ENCRYPT_PUBLIC_KEY:-}
-ENCRYPT_SECRET_KEY=${ENCRYPT_SECRET_KEY:-}
-
-ADMIN_USER=${ADMIN_USER:-'admin'}
-ADMIN_NAME=${ADMIN_NAME:-'admin'}
-ADMIN_EMAIL=${ADMIN_EMAIL:-'foobar@example.com'}
-ADMIN_PASSWORD=${ADMIN_PASSWORD:-}
-
-BASE_URL=${BASE_URL:-}
-PUBLIC_URL=${PUBLIC_URL:-}
-URL_FORMAT=${URL_FORMAT:-'path'}
-
-DEBUG=${DEBUG:-0}
-DEBUG_SQL=${DEBUG_SQL:-0}
-
-if [ -z "$DB_PASSWORD" ]; then
-    echo >&2 'Error: Missing DB_PASSWORD'
-    exit 1
-fi
-
-if [ -z "$ADMIN_PASSWORD" ]; then
-    echo >&2 'Error: Missing ADMIN_PASSWORD'
-    exit 1
-fi
-
-# Check if database is available
-if [ -z "$DB_SOCK" ]; then
-    until nc -z -v -w30 $DB_HOST $DB_PORT
-    do
-        echo "Info: Waiting for database connection..."
-        sleep 5
-    done
-fi
-
-# Check if config already provisioned
-if [ -f application/config/config.php ]; then
-    echo 'Info: config.php already provisioned'
-else
-    echo 'Info: Generating config.php'
-
-    if [ "$DB_TYPE" = 'mysql' ]; then
-        echo 'Info: Using MySQL configuration'
-        DB_CHARSET=${DB_CHARSET:-'utf8mb4'}
-    fi
-
-    if [ "$DB_TYPE" = 'pgsql' ]; then
-        echo 'Info: Using PostgreSQL configuration'
-        DB_CHARSET=${DB_CHARSET:-'utf8'}
-    fi
-
-    if [ ! -z "$DB_SOCK" ]; then
-        echo 'Info: Using unix socket'
-        DB_CONNECT='unix_socket'
-    else
-        echo 'Info: Using TCP connection'
-        DB_CONNECT='host'
-    fi
-
-    if [ -z "$PUBLIC_URL" ]; then
-        echo 'Info: Setting PublicURL'
-    fi
-
-    cat <<EOF > application/config/config.php
-<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
-return array(
-  'components' => array(
-    'db' => array(
-      'connectionString' => '$DB_TYPE:$DB_CONNECT=$DB_HOST;port=$DB_PORT;dbname=$DB_NAME;',
-      'emulatePrepare' => true,
-      'username' => '$DB_USERNAME',
-      'password' => '$DB_PASSWORD',
-      'charset' => '$DB_CHARSET',
-      'tablePrefix' => '$DB_TABLE_PREFIX',
-    ),
-    'urlManager' => array(
-      'urlFormat' => '$URL_FORMAT',
-      'rules' => array(),
-      'showScriptName' => true,
-    ),
-    'request' => array(
-      'baseUrl' => '$BASE_URL',
-     ),
-  ),
-  'config'=>array(
-    'publicurl'=>'$PUBLIC_URL',
-    'debug'=>$DEBUG,
-    'debugsql'=>$DEBUG_SQL,
-  )
-);
-
-EOF
-
-fi
-
-# Check if security config already provisioned
-if [ -f application/config/security.php ]; then
-    echo 'Info: security.php already provisioned'
-else
-    echo 'Info: Creating security.php'
-    if [ ! -z "$ENCRYPT_KEYPAIR" ]; then
-
-        cat <<EOF > application/config/security.php
-<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
-\$config = array();
-\$config['encryptionkeypair'] = '$ENCRYPT_KEYPAIR';
-\$config['encryptionpublickey'] = '$ENCRYPT_PUBLIC_KEY';
-\$config['encryptionsecretkey'] = '$ENCRYPT_SECRET_KEY';
-return \$config;
-EOF
-    else
-        echo >&2 'Warning: No encryption keys were provided'
-        echo >&2 'Warning: A security.php config will be created by the application'
-        echo >&2 'Warning: THIS FILE NEEDS TO BE PERSISTENT'
-    fi
-fi
-
-# Check if LimeSurvey database is provisioned
-echo 'Info: Check if database already provisioned. Nevermind the Stack trace.'
-php application/commands/console.php updatedb
-
-if [ $? -eq 0 ]; then
-    echo 'Info: Database already provisioned'
-else
-    echo ''
-    echo 'Running console.php install'
-    php application/commands/console.php install $ADMIN_USER $ADMIN_PASSWORD $ADMIN_NAME $ADMIN_EMAIL
-fi
-
-exec "$@"

4.0/fpm/Dockerfile

@@ -1,67 +0,0 @@
-FROM php:7.4-fpm
-LABEL maintainer="markus@martialblog.de"
-ARG version='4.6.3+210518'
-ARG sha256_checksum='3c59afc13d0cf974c465c5f851cb8837117518e94031f5e3a28ba468ad734ce2'
-
-# Install OS dependencies
-RUN set -ex; \
-        apt-get update && \
-        DEBIAN_FRONTEND=noninteractive \
-        apt-get install --no-install-recommends -y \
-        \
-        libldap2-dev \
-        libfreetype6-dev \
-        libjpeg-dev \
-        libonig-dev \
-        zlib1g-dev \
-        libc-client-dev \
-        libkrb5-dev \
-        libpng-dev \
-        libpq-dev \
-        libzip-dev \
-        libtidy-dev \
-        libsodium-dev \
-        netcat \
-        \
-        && apt-get -y autoclean; apt-get -y autoremove; \
-        rm -rf /var/lib/apt/lists/*
-
-# Link LDAP library for PHP ldap extension
-RUN set -ex; \
-        ln -fs /usr/lib/x86_64-linux-gnu/libldap.so /usr/lib/
-
-# Install PHP Plugins and Configure PHP imap plugin
-RUN set -ex; \
-        docker-php-ext-configure gd --with-freetype=/usr/include/ --with-jpeg=/usr && \
-        docker-php-ext-configure imap --with-kerberos --with-imap-ssl && \
-        docker-php-ext-install -j5 \
-        exif \
-        gd \
-        imap \
-        ldap \
-        mbstring \
-        pdo \
-        pdo_mysql \
-        pdo_pgsql \
-        pgsql \
-        sodium \
-        tidy \
-        zip
-
-ENV LIMESURVEY_VERSION=$version
-
-# Download, unzip and chmod LimeSurvey from official GitHub repository
-RUN set -ex; \
-        curl -sSL "https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz" --output /tmp/limesurvey.tar.gz && \
-        echo "${sha256_checksum}  /tmp/limesurvey.tar.gz" | sha256sum -c - && \
-        \
-        tar xzvf "/tmp/limesurvey.tar.gz" --strip-components=1 -C /var/www/html/ && \
-        rm -f "/tmp/limesurvey.tar.gz" && \
-        chown -R www-data:www-data /var/www/html
-
-EXPOSE 9000
-
-WORKDIR /var/www/html
-COPY entrypoint.sh entrypoint.sh
-ENTRYPOINT ["/var/www/html/entrypoint.sh"]
-CMD ["php-fpm"]

4.0/fpm/entrypoint.sh

@@ -1,143 +0,0 @@
-#!/bin/bash
-# Entrypoint for Docker Container
-
-
-DB_TYPE=${DB_TYPE:-'mysql'}
-DB_HOST=${DB_HOST:-'mysql'}
-DB_PORT=${DB_PORT:-'3306'}
-DB_SOCK=${DB_SOCK:-}
-DB_NAME=${DB_NAME:-'limesurvey'}
-DB_TABLE_PREFIX=${DB_TABLE_PREFIX:-'lime_'}
-DB_USERNAME=${DB_USERNAME:-'limesurvey'}
-DB_PASSWORD=${DB_PASSWORD:-}
-
-ENCRYPT_KEYPAIR=${ENCRYPT_KEYPAIR:-}
-ENCRYPT_PUBLIC_KEY=${ENCRYPT_PUBLIC_KEY:-}
-ENCRYPT_SECRET_KEY=${ENCRYPT_SECRET_KEY:-}
-
-ADMIN_USER=${ADMIN_USER:-'admin'}
-ADMIN_NAME=${ADMIN_NAME:-'admin'}
-ADMIN_EMAIL=${ADMIN_EMAIL:-'foobar@example.com'}
-ADMIN_PASSWORD=${ADMIN_PASSWORD:-}
-
-BASE_URL=${BASE_URL:-}
-PUBLIC_URL=${PUBLIC_URL:-}
-URL_FORMAT=${URL_FORMAT:-'path'}
-
-DEBUG=${DEBUG:-0}
-DEBUG_SQL=${DEBUG_SQL:-0}
-
-if [ -z "$DB_PASSWORD" ]; then
-    echo >&2 'Error: Missing DB_PASSWORD'
-    exit 1
-fi
-
-if [ -z "$ADMIN_PASSWORD" ]; then
-    echo >&2 'Error: Missing ADMIN_PASSWORD'
-    exit 1
-fi
-
-# Check if database is available
-if [ -z "$DB_SOCK" ]; then
-    until nc -z -v -w30 $DB_HOST $DB_PORT
-    do
-        echo "Info: Waiting for database connection..."
-        sleep 5
-    done
-fi
-
-# Check if config already provisioned
-if [ -f application/config/config.php ]; then
-    echo 'Info: config.php already provisioned'
-else
-    echo 'Info: Generating config.php'
-
-    if [ "$DB_TYPE" = 'mysql' ]; then
-        echo 'Info: Using MySQL configuration'
-        DB_CHARSET=${DB_CHARSET:-'utf8mb4'}
-    fi
-
-    if [ "$DB_TYPE" = 'pgsql' ]; then
-        echo 'Info: Using PostgreSQL configuration'
-        DB_CHARSET=${DB_CHARSET:-'utf8'}
-    fi
-
-    if [ ! -z "$DB_SOCK" ]; then
-        echo 'Info: Using unix socket'
-        DB_CONNECT='unix_socket'
-    else
-        echo 'Info: Using TCP connection'
-        DB_CONNECT='host'
-    fi
-
-    if [ -z "$PUBLIC_URL" ]; then
-        echo 'Info: Setting PublicURL'
-    fi
-
-    cat <<EOF > application/config/config.php
-<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
-return array(
-  'components' => array(
-    'db' => array(
-      'connectionString' => '$DB_TYPE:$DB_CONNECT=$DB_HOST;port=$DB_PORT;dbname=$DB_NAME;',
-      'emulatePrepare' => true,
-      'username' => '$DB_USERNAME',
-      'password' => '$DB_PASSWORD',
-      'charset' => '$DB_CHARSET',
-      'tablePrefix' => '$DB_TABLE_PREFIX',
-    ),
-    'urlManager' => array(
-      'urlFormat' => '$URL_FORMAT',
-      'rules' => array(),
-      'showScriptName' => true,
-    ),
-    'request' => array(
-      'baseUrl' => '$BASE_URL',
-     ),
-  ),
-  'config'=>array(
-    'publicurl'=>'$PUBLIC_URL',
-    'debug'=>$DEBUG,
-    'debugsql'=>$DEBUG_SQL,
-  )
-);
-
-EOF
-
-fi
-
-# Check if security config already provisioned
-if [ -f application/config/security.php ]; then
-    echo 'Info: security.php already provisioned'
-else
-    echo 'Info: Creating security.php'
-    if [ ! -z "$ENCRYPT_KEYPAIR" ]; then
-
-        cat <<EOF > application/config/security.php
-<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
-\$config = array();
-\$config['encryptionkeypair'] = '$ENCRYPT_KEYPAIR';
-\$config['encryptionpublickey'] = '$ENCRYPT_PUBLIC_KEY';
-\$config['encryptionsecretkey'] = '$ENCRYPT_SECRET_KEY';
-return \$config;
-EOF
-    else
-        echo >&2 'Warning: No encryption keys were provided'
-        echo >&2 'Warning: A security.php config will be created by the application'
-        echo >&2 'Warning: THIS FILE NEEDS TO BE PERSISTENT'
-    fi
-fi
-
-# Check if LimeSurvey database is provisioned
-echo 'Info: Check if database already provisioned. Nevermind the Stack trace.'
-php application/commands/console.php updatedb
-
-if [ $? -eq 0 ]; then
-    echo 'Info: Database already provisioned'
-else
-    echo ''
-    echo 'Running console.php install'
-    php application/commands/console.php install $ADMIN_USER $ADMIN_PASSWORD $ADMIN_NAME $ADMIN_EMAIL
-fi
-
-exec "$@"

5.0/apache/Dockerfile

@@ -1,9 +1,5 @@
-FROM php:8-apache
+FROM docker.io/php:8.0-apache
 LABEL maintainer="markus@martialblog.de"
-ARG version='5.0.6+210625'
-ARG sha256_checksum='e56227439faeb3c0a45cf0d845c415f3c2041564a668f44298d440bd917b3c8e'
-ARG USER=www-data
-ARG LISTEN_PORT=8080
 
 # Install OS dependencies
 RUN set -ex; \
@@ -51,8 +47,6 @@ RUN set -ex; \
         tidy \
         zip
 
-ENV LIMESURVEY_VERSION=$version
-
 # Apache configuration
 RUN a2enmod headers rewrite remoteip; \
         {\
@@ -66,9 +60,16 @@ RUN a2enmod headers rewrite remoteip; \
 # Use the default production configuration
 RUN mv "$PHP_INI_DIR/php.ini-production" "$PHP_INI_DIR/php.ini"
 
-# Download, unzip and chmod LimeSurvey from official GitHub repository
+ARG version="5.6.2+230125"
+ARG sha256_checksum="c644e13ae0bd409deb348c6b57805ddfb701eaa74f3b80c141593150a59e1fe1"
+ARG archive_url="https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz"
+ARG USER=www-data
+ARG LISTEN_PORT=8080
+ENV LIMESURVEY_VERSION=$version
+
+# Download, unzip and chmod LimeSurvey from GitHub (defaults to the official LimeSurvey/LimeSurvey repository) 
 RUN set -ex; \
-        curl -sSL "https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz" --output /tmp/limesurvey.tar.gz && \
+        curl -sSL "${archive_url}" --output /tmp/limesurvey.tar.gz && \
         echo "${sha256_checksum}  /tmp/limesurvey.tar.gz" | sha256sum -c - && \
         \
         tar xzvf "/tmp/limesurvey.tar.gz" --strip-components=1 -C /var/www/html/ && \
@@ -78,7 +79,8 @@ RUN set -ex; \
 EXPOSE $LISTEN_PORT
 
 WORKDIR /var/www/html
-COPY entrypoint.sh entrypoint.sh
+COPY entrypoint.sh /usr/local/bin/entrypoint.sh
+COPY vhosts-access-log.conf /etc/apache2/conf-enabled/other-vhosts-access-log.conf
 USER $USER
-ENTRYPOINT ["/var/www/html/entrypoint.sh"]
+ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
 CMD ["apache2-foreground"]

5.0/apache/entrypoint.sh

@@ -10,10 +10,13 @@ DB_NAME=${DB_NAME:-'limesurvey'}
 DB_TABLE_PREFIX=${DB_TABLE_PREFIX:-'lime_'}
 DB_USERNAME=${DB_USERNAME:-'limesurvey'}
 DB_PASSWORD=${DB_PASSWORD:-}
+DB_MYSQL_ENGINE=${DB_MYSQL_ENGINE:-'MyISAM'}
 
 ENCRYPT_KEYPAIR=${ENCRYPT_KEYPAIR:-}
 ENCRYPT_PUBLIC_KEY=${ENCRYPT_PUBLIC_KEY:-}
 ENCRYPT_SECRET_KEY=${ENCRYPT_SECRET_KEY:-}
+ENCRYPT_NONCE=${ENCRYPT_NONCE:-}
+ENCRYPT_SECRET_BOX_KEY=${ENCRYPT_SECRET_BOX_KEY:-}
 
 ADMIN_USER=${ADMIN_USER:-'admin'}
 ADMIN_NAME=${ADMIN_NAME:-'admin'}
@@ -24,6 +27,7 @@ BASE_URL=${BASE_URL:-}
 PUBLIC_URL=${PUBLIC_URL:-}
 URL_FORMAT=${URL_FORMAT:-'path'}
 SHOW_SCRIPT_NAME=${SHOW_SCRIPT_NAME:-'true'}
+TABLE_SESSION=${TABLE_SESSION:-}
 
 DEBUG=${DEBUG:-0}
 DEBUG_SQL=${DEBUG_SQL:-0}
@@ -47,7 +51,7 @@ fi
 
 # Check if database is available
 if [ -z "$DB_SOCK" ]; then
-    until nc -z -v -w30 $DB_HOST $DB_PORT
+    until nc -z -v -w30 "$DB_HOST" "$DB_PORT"
     do
         echo "Info: Waiting for database connection..."
         sleep 5
@@ -70,7 +74,7 @@ else
         DB_CHARSET=${DB_CHARSET:-'utf8'}
     fi
 
-    if [ ! -z "$DB_SOCK" ]; then
+    if [ -n "$DB_SOCK" ]; then
         echo 'Info: Using unix socket'
         DB_CONNECT='unix_socket'
     else
@@ -92,8 +96,13 @@ return array(
       'username' => '$DB_USERNAME',
       'password' => '$DB_PASSWORD',
       'charset' => '$DB_CHARSET',
-      'tablePrefix' => '$DB_TABLE_PREFIX',
+      'tablePrefix' => '${DB_TABLE_PREFIX//[[:space:]]/}',
     ),
+    //'session' => array (
+    //   'class' => 'application.core.web.DbHttpSession',
+    //   'connectionID' => 'db',
+    //   'sessionTableName' => '{{sessions}}',
+    //),
     'urlManager' => array(
       'urlFormat' => '$URL_FORMAT',
       'rules' => array(),
@@ -107,6 +116,7 @@ return array(
     'publicurl'=>'$PUBLIC_URL',
     'debug'=>$DEBUG,
     'debugsql'=>$DEBUG_SQL,
+    'mysqlEngine' => '$DB_MYSQL_ENGINE',
   )
 );
 
@@ -114,12 +124,19 @@ EOF
 
 fi
 
+# Enable Table Sessions if required
+if [ -n "$TABLE_SESSION" ]; then
+    echo 'Info: Setting Table Session'
+    # Remove the comments in the config
+    sed -i "s/\/\///g" application/config/config.php
+fi
+
 # Check if security config already provisioned
 if [ -f application/config/security.php ]; then
     echo 'Info: security.php already provisioned'
 else
     echo 'Info: Creating security.php'
-    if [ ! -z "$ENCRYPT_KEYPAIR" ]; then
+    if [ -n "$ENCRYPT_KEYPAIR" ]; then
 
         cat <<EOF > application/config/security.php
 <?php if (!defined('BASEPATH')) exit('No direct script access allowed');
@@ -127,6 +144,8 @@ else
 \$config['encryptionkeypair'] = '$ENCRYPT_KEYPAIR';
 \$config['encryptionpublickey'] = '$ENCRYPT_PUBLIC_KEY';
 \$config['encryptionsecretkey'] = '$ENCRYPT_SECRET_KEY';
+\$config['encryptionnonce'] = '$ENCRYPT_NONCE';
+\$config['encryptionsecretboxkey'] = '$ENCRYPT_SECRET_BOX_KEY';
 return \$config;
 EOF
     else
@@ -140,12 +159,14 @@ fi
 echo 'Info: Check if database already provisioned. Nevermind the Stack trace.'
 php application/commands/console.php updatedb
 
-if [ $? -eq 0 ]; then
+PHP_UPDATEDB_EXIT_CODE=$?
+
+if [ $PHP_UPDATEDB_EXIT_CODE -eq 0 ]; then
     echo 'Info: Database already provisioned'
 else
     echo ''
     echo 'Running console.php install'
-    php application/commands/console.php install $ADMIN_USER $ADMIN_PASSWORD $ADMIN_NAME $ADMIN_EMAIL
+    php application/commands/console.php install "$ADMIN_USER" "$ADMIN_PASSWORD" "$ADMIN_NAME" "$ADMIN_EMAIL"
 fi
 
 exec "$@"

5.0/apache/vhosts-access-log.conf

@@ -0,0 +1,3 @@
+SetEnvIF User-Agent "(?i)(check|health|probe)" dontlog
+ErrorLog ${APACHE_LOG_DIR}/error.log
+CustomLog ${APACHE_LOG_DIR}/access.log combined env=!dontlog

5.0/fpm-alpine/Dockerfile

@@ -1,8 +1,5 @@
-FROM php:8-fpm-alpine
+FROM docker.io/php:8.0-fpm-alpine
 LABEL maintainer="markus@martialblog.de"
-ARG version='5.0.6+210625'
-ARG sha256_checksum='e56227439faeb3c0a45cf0d845c415f3c2041564a668f44298d440bd917b3c8e'
-ARG USER=www-data
 
 # Install OS dependencies
 RUN set -ex; \
@@ -37,9 +34,15 @@ RUN set -ex; \
         tidy \
         zip
 
-# Download, unzip and chmod LimeSurvey from official GitHub repository
+ARG version="5.6.2+230125"
+ARG sha256_checksum="c644e13ae0bd409deb348c6b57805ddfb701eaa74f3b80c141593150a59e1fe1"
+ARG archive_url="https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz"
+ARG USER=www-data
+ENV LIMESURVEY_VERSION=$version
+
+# Download, unzip and chmod LimeSurvey from GitHub (defaults to the official LimeSurvey/LimeSurvey repository) 
 RUN set -ex; \
-        curl -sSL "https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz" --output /tmp/limesurvey.tar.gz && \
+        curl -sSL "${archive_url}" --output /tmp/limesurvey.tar.gz && \
         echo "${sha256_checksum}  /tmp/limesurvey.tar.gz" | sha256sum -c - && \
         \
         tar xzvf "/tmp/limesurvey.tar.gz" --strip-components=1 -C /var/www/html/ && \
@@ -54,7 +57,7 @@ RUN set -ex; \
 EXPOSE 9000
 
 WORKDIR /var/www/html
-COPY entrypoint.sh entrypoint.sh
+COPY entrypoint.sh /usr/local/bin/entrypoint.sh
 USER $USER
-ENTRYPOINT ["/var/www/html/entrypoint.sh"]
+ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
 CMD ["php-fpm"]

5.0/fpm-alpine/entrypoint.sh

@@ -10,10 +10,13 @@ DB_NAME=${DB_NAME:-'limesurvey'}
 DB_TABLE_PREFIX=${DB_TABLE_PREFIX:-'lime_'}
 DB_USERNAME=${DB_USERNAME:-'limesurvey'}
 DB_PASSWORD=${DB_PASSWORD:-}
+DB_MYSQL_ENGINE=${DB_MYSQL_ENGINE:-'MyISAM'}
 
 ENCRYPT_KEYPAIR=${ENCRYPT_KEYPAIR:-}
 ENCRYPT_PUBLIC_KEY=${ENCRYPT_PUBLIC_KEY:-}
 ENCRYPT_SECRET_KEY=${ENCRYPT_SECRET_KEY:-}
+ENCRYPT_NONCE=${ENCRYPT_NONCE:-}
+ENCRYPT_SECRET_BOX_KEY=${ENCRYPT_SECRET_BOX_KEY:-}
 
 ADMIN_USER=${ADMIN_USER:-'admin'}
 ADMIN_NAME=${ADMIN_NAME:-'admin'}
@@ -24,6 +27,7 @@ BASE_URL=${BASE_URL:-}
 PUBLIC_URL=${PUBLIC_URL:-}
 URL_FORMAT=${URL_FORMAT:-'path'}
 SHOW_SCRIPT_NAME=${SHOW_SCRIPT_NAME:-'true'}
+TABLE_SESSION=${TABLE_SESSION:-}
 
 DEBUG=${DEBUG:-0}
 DEBUG_SQL=${DEBUG_SQL:-0}
@@ -40,7 +44,7 @@ fi
 
 # Check if database is available
 if [ -z "$DB_SOCK" ]; then
-    until nc -z -v -w30 $DB_HOST $DB_PORT
+    until nc -z -v -w30 "$DB_HOST" "$DB_PORT"
     do
         echo "Info: Waiting for database connection..."
         sleep 5
@@ -63,7 +67,7 @@ else
         DB_CHARSET=${DB_CHARSET:-'utf8'}
     fi
 
-    if [ ! -z "$DB_SOCK" ]; then
+    if [ -n "$DB_SOCK" ]; then
         echo 'Info: Using unix socket'
         DB_CONNECT='unix_socket'
     else
@@ -85,8 +89,13 @@ return array(
       'username' => '$DB_USERNAME',
       'password' => '$DB_PASSWORD',
       'charset' => '$DB_CHARSET',
-      'tablePrefix' => '$DB_TABLE_PREFIX',
+      'tablePrefix' => '${DB_TABLE_PREFIX//[[:space:]]/}',
     ),
+    //'session' => array (
+    //   'class' => 'application.core.web.DbHttpSession',
+    //   'connectionID' => 'db',
+    //   'sessionTableName' => '{{sessions}}',
+    //),
     'urlManager' => array(
       'urlFormat' => '$URL_FORMAT',
       'rules' => array(),
@@ -100,6 +109,7 @@ return array(
     'publicurl'=>'$PUBLIC_URL',
     'debug'=>$DEBUG,
     'debugsql'=>$DEBUG_SQL,
+    'mysqlEngine' => '$DB_MYSQL_ENGINE',
   )
 );
 
@@ -107,12 +117,19 @@ EOF
 
 fi
 
+# Enable Table Sessions if required
+if [ -n "$TABLE_SESSION" ]; then
+    echo 'Info: Setting Table Session'
+    # Remove the comments in the config
+    sed -i "s/\/\///g" application/config/config.php
+fi
+
 # Check if security config already provisioned
 if [ -f application/config/security.php ]; then
     echo 'Info: security.php already provisioned'
 else
     echo 'Info: Creating security.php'
-    if [ ! -z "$ENCRYPT_KEYPAIR" ]; then
+    if [ -n "$ENCRYPT_KEYPAIR" ]; then
 
         cat <<EOF > application/config/security.php
 <?php if (!defined('BASEPATH')) exit('No direct script access allowed');
@@ -120,6 +137,8 @@ else
 \$config['encryptionkeypair'] = '$ENCRYPT_KEYPAIR';
 \$config['encryptionpublickey'] = '$ENCRYPT_PUBLIC_KEY';
 \$config['encryptionsecretkey'] = '$ENCRYPT_SECRET_KEY';
+\$config['encryptionnonce'] = '$ENCRYPT_NONCE';
+\$config['encryptionsecretboxkey'] = '$ENCRYPT_SECRET_BOX_KEY';
 return \$config;
 EOF
     else
@@ -133,12 +152,14 @@ fi
 echo 'Info: Check if database already provisioned. Nevermind the Stack trace.'
 php application/commands/console.php updatedb
 
-if [ $? -eq 0 ]; then
+PHP_UPDATEDB_EXIT_CODE=$?
+
+if [ $PHP_UPDATEDB_EXIT_CODE -eq 0 ]; then
     echo 'Info: Database already provisioned'
 else
     echo ''
     echo 'Running console.php install'
-    php application/commands/console.php install $ADMIN_USER $ADMIN_PASSWORD $ADMIN_NAME $ADMIN_EMAIL
+    php application/commands/console.php install "$ADMIN_USER" "$ADMIN_PASSWORD" "$ADMIN_NAME" "$ADMIN_EMAIL"
 fi
 
 exec "$@"

5.0/fpm/Dockerfile

@@ -1,8 +1,5 @@
-FROM php:8-fpm
+FROM docker.io/php:8.0-fpm
 LABEL maintainer="markus@martialblog.de"
-ARG version='5.0.6+210625'
-ARG sha256_checksum='e56227439faeb3c0a45cf0d845c415f3c2041564a668f44298d440bd917b3c8e'
-ARG USER=www-data
 
 # Install OS dependencies
 RUN set -ex; \
@@ -49,11 +46,15 @@ RUN set -ex; \
         tidy \
         zip
 
+ARG version="5.6.2+230125"
+ARG sha256_checksum="c644e13ae0bd409deb348c6b57805ddfb701eaa74f3b80c141593150a59e1fe1"
+ARG archive_url="https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz"
+ARG USER=www-data
 ENV LIMESURVEY_VERSION=$version
 
-# Download, unzip and chmod LimeSurvey from official GitHub repository
+# Download, unzip and chmod LimeSurvey from GitHub (defaults to the official LimeSurvey/LimeSurvey repository) 
 RUN set -ex; \
-        curl -sSL "https://github.com/LimeSurvey/LimeSurvey/archive/${version}.tar.gz" --output /tmp/limesurvey.tar.gz && \
+        curl -sSL "${archive_url}" --output /tmp/limesurvey.tar.gz && \
         echo "${sha256_checksum}  /tmp/limesurvey.tar.gz" | sha256sum -c - && \
         \
         tar xzvf "/tmp/limesurvey.tar.gz" --strip-components=1 -C /var/www/html/ && \
@@ -63,7 +64,7 @@ RUN set -ex; \
 EXPOSE 9000
 
 WORKDIR /var/www/html
-COPY entrypoint.sh entrypoint.sh
+COPY entrypoint.sh /usr/local/bin/entrypoint.sh
 USER $USER
-ENTRYPOINT ["/var/www/html/entrypoint.sh"]
+ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
 CMD ["php-fpm"]

5.0/fpm/entrypoint.sh

@@ -10,10 +10,13 @@ DB_NAME=${DB_NAME:-'limesurvey'}
 DB_TABLE_PREFIX=${DB_TABLE_PREFIX:-'lime_'}
 DB_USERNAME=${DB_USERNAME:-'limesurvey'}
 DB_PASSWORD=${DB_PASSWORD:-}
+DB_MYSQL_ENGINE=${DB_MYSQL_ENGINE:-'MyISAM'}
 
 ENCRYPT_KEYPAIR=${ENCRYPT_KEYPAIR:-}
 ENCRYPT_PUBLIC_KEY=${ENCRYPT_PUBLIC_KEY:-}
 ENCRYPT_SECRET_KEY=${ENCRYPT_SECRET_KEY:-}
+ENCRYPT_NONCE=${ENCRYPT_NONCE:-}
+ENCRYPT_SECRET_BOX_KEY=${ENCRYPT_SECRET_BOX_KEY:-}
 
 ADMIN_USER=${ADMIN_USER:-'admin'}
 ADMIN_NAME=${ADMIN_NAME:-'admin'}
@@ -24,6 +27,7 @@ BASE_URL=${BASE_URL:-}
 PUBLIC_URL=${PUBLIC_URL:-}
 URL_FORMAT=${URL_FORMAT:-'path'}
 SHOW_SCRIPT_NAME=${SHOW_SCRIPT_NAME:-'true'}
+TABLE_SESSION=${TABLE_SESSION:-}
 
 DEBUG=${DEBUG:-0}
 DEBUG_SQL=${DEBUG_SQL:-0}
@@ -40,7 +44,7 @@ fi
 
 # Check if database is available
 if [ -z "$DB_SOCK" ]; then
-    until nc -z -v -w30 $DB_HOST $DB_PORT
+    until nc -z -v -w30 "$DB_HOST" "$DB_PORT"
     do
         echo "Info: Waiting for database connection..."
         sleep 5
@@ -63,7 +67,7 @@ else
         DB_CHARSET=${DB_CHARSET:-'utf8'}
     fi
 
-    if [ ! -z "$DB_SOCK" ]; then
+    if [ -n "$DB_SOCK" ]; then
         echo 'Info: Using unix socket'
         DB_CONNECT='unix_socket'
     else
@@ -85,8 +89,13 @@ return array(
       'username' => '$DB_USERNAME',
       'password' => '$DB_PASSWORD',
       'charset' => '$DB_CHARSET',
-      'tablePrefix' => '$DB_TABLE_PREFIX',
+      'tablePrefix' => '${DB_TABLE_PREFIX//[[:space:]]/}',
     ),
+    //'session' => array (
+    //   'class' => 'application.core.web.DbHttpSession',
+    //   'connectionID' => 'db',
+    //   'sessionTableName' => '{{sessions}}',
+    //),
     'urlManager' => array(
       'urlFormat' => '$URL_FORMAT',
       'rules' => array(),
@@ -100,6 +109,7 @@ return array(
     'publicurl'=>'$PUBLIC_URL',
     'debug'=>$DEBUG,
     'debugsql'=>$DEBUG_SQL,
+    'mysqlEngine' => '$DB_MYSQL_ENGINE',
   )
 );
 
@@ -107,12 +117,19 @@ EOF
 
 fi
 
+# Enable Table Sessions if required
+if [ -n "$TABLE_SESSION" ]; then
+    echo 'Info: Setting Table Session'
+    # Remove the comments in the config
+    sed -i "s/\/\///g" application/config/config.php
+fi
+
 # Check if security config already provisioned
 if [ -f application/config/security.php ]; then
     echo 'Info: security.php already provisioned'
 else
     echo 'Info: Creating security.php'
-    if [ ! -z "$ENCRYPT_KEYPAIR" ]; then
+    if [ -n "$ENCRYPT_KEYPAIR" ]; then
 
         cat <<EOF > application/config/security.php
 <?php if (!defined('BASEPATH')) exit('No direct script access allowed');
@@ -120,6 +137,8 @@ else
 \$config['encryptionkeypair'] = '$ENCRYPT_KEYPAIR';
 \$config['encryptionpublickey'] = '$ENCRYPT_PUBLIC_KEY';
 \$config['encryptionsecretkey'] = '$ENCRYPT_SECRET_KEY';
+\$config['encryptionnonce'] = '$ENCRYPT_NONCE';
+\$config['encryptionsecretboxkey'] = '$ENCRYPT_SECRET_BOX_KEY';
 return \$config;
 EOF
     else
@@ -133,12 +152,14 @@ fi
 echo 'Info: Check if database already provisioned. Nevermind the Stack trace.'
 php application/commands/console.php updatedb
 
-if [ $? -eq 0 ]; then
+PHP_UPDATEDB_EXIT_CODE=$?
+
+if [ $PHP_UPDATEDB_EXIT_CODE -eq 0 ]; then
     echo 'Info: Database already provisioned'
 else
     echo ''
     echo 'Running console.php install'
-    php application/commands/console.php install $ADMIN_USER $ADMIN_PASSWORD $ADMIN_NAME $ADMIN_EMAIL
+    php application/commands/console.php install "$ADMIN_USER" "$ADMIN_PASSWORD" "$ADMIN_NAME" "$ADMIN_EMAIL"
 fi
 
 exec "$@"

CONTRIBUTING.md

@@ -2,6 +2,15 @@
 
 Every Pull Request is welcome.
 
+## Branches
+Choosing a proper name for a branch helps us identify its purpose and possibly find an associated bug or feature. Generally a branch name should include a topic such as `fix` or `feature` followed by a description. Branches should have only changes relevant to a specific issue.
+
+```
+git checkout -b fix/bug-in-connection
+git checkout -b feature/improved-config-handling
+git checkout -b doc/fix-typo
+```
+
 ## Upgrading the Version
 
 The versions in this repository should correspond to the [GitHub LimeSurvey Releases](https://github.com/LimeSurvey/LimeSurvey/releases)
@@ -12,27 +21,41 @@ To update the version, simply update ARG variables for version and corresponding
 # Version from GitHub Tags
 # sha256 of tar.gz from GitHub Releases
 
-$ grep ARG 4.0/apache/Dockerfile
-ARG version='4.3.13+200824'
+$ grep ARG 5.0/apache/Dockerfile
+ARG version='5.3.13+200824'
 ARG sha256_checksum='4e9c6f20e'
 ```
 
 It is best to use the upgrade shell script:
 
 ```bash
-./upgrade.sh 4.3.13+200824
+./upgrade.sh 5.3.13+200824
 # Check if sha256 is correct
 
-git add 4.0/ && git commit -m 'Upgrading to Version 4.3.13+200824'
-git tag 4.3.13+200824
+git add 5.0/ && git commit -m 'Upgrading to Version 5.3.13+200824'
+git tag 5.3.13-200824
 ```
 
 ## Testing
 
-In order to make sure the image works as promised, some tests are provided:
-
-```bash
-./tests/run.sh
-```
+In order to make sure the image works as promised, some container-structure-tests are provided. The tests require the `container-structure-test` tool to be installed.
 
 For further information:  https://github.com/GoogleContainerTools/container-structure-test
+
+```bash
+make apache-latest
+
+container-structure-test test --image docker.io/martialblog/limesurvey:5-apache --config tests/apache-tests.yaml
+```
+
+```bash
+make fpm-latest
+
+container-structure-test test --image  docker.io/martialblog/limesurvey:5-fpm-alpine --config tests/fpm-alpine-tests.yaml
+```
+
+```bash
+make fpm-alpine-latest
+
+container-structure-test test --image  docker.io/martialblog/limesurvey:5-fpm --config tests/fpm-tests.yaml
+```

Makefile

@@ -1,14 +1,14 @@
-# .PHONY: apache fpm fpm-alpine
+RUNTIME?=podman
 
 apache-lts:
-	docker build --pull -t docker.io/martialblog/limesurvey:3-apache 3.0/apache
+	$(RUNTIME) build --pull -t docker.io/martialblog/limesurvey:3-apache 3.0/apache
 apache-latest:
-	docker build --pull -t docker.io/martialblog/limesurvey:5-apache 5.0/apache
+	$(RUNTIME) build --pull -t docker.io/martialblog/limesurvey:5-apache 5.0/apache
 fpm-alpine-lts:
-	docker build --pull -t docker.io/martialblog/limesurvey:3-fpm-alpine 3.0/fpm-alpine
+	$(RUNTIME) build --pull -t docker.io/martialblog/limesurvey:3-fpm-alpine 3.0/fpm-alpine
 fpm-alpine-latest:
-	docker build --pull -t docker.io/martialblog/limesurvey:5-fpm-alpine 5.0/fpm-alpine
+	$(RUNTIME) build --pull -t docker.io/martialblog/limesurvey:5-fpm-alpine 5.0/fpm-alpine
 fpm-lts:
-	docker build --pull -t docker.io/martialblog/limesurvey:3-fpm 3.0/fpm
+	$(RUNTIME) build --pull -t docker.io/martialblog/limesurvey:3-fpm 3.0/fpm
 fpm-latest:
-	docker build --pull -t docker.io/martialblog/limesurvey:5-fpm 5.0/fpm
+	$(RUNTIME) build --pull -t docker.io/martialblog/limesurvey:5-fpm 5.0/fpm

README.md

@@ -87,6 +87,8 @@ For further details on the settings see: https://manual.limesurvey.org/Data_encr
 
 ## Traefik example
 
+**Hint**: if you want to deploy LimeSurvey on a sub-path (e.g. https://example.com/limesurvey) you have to set the BASE_URL and adjust the Containers Webservers. See the docker-compose Traefik example in the repository.
+
 ```
 # BASE_URL = /limesurvey
 "traefik.http.routers.limesurvey.rule=PathPrefix(`/limesurvey`)",
@@ -103,7 +105,8 @@ For further details on the settings see: https://manual.limesurvey.org/Data_encr
 | DB_PORT         | Database server port                      |
 | DB_SOCK         | Database unix socket instead of host/port |
 | DB_NAME         | Database name                             |
-| DB_TABLE_PREFIX | Database table prefix                     |
+| DB_TABLE_PREFIX | Database table prefix; set this to a single whitespace if you don't want a table prefix. |
+| DB_MYSQL_ENGINE | MySQL engine used for survey tables (values: MyISAM, InnoDB, default: MyISAM)       |
 | DB_USERNAME     | Database user                             |
 | DB_PASSWORD     | Database user's password                  |
 | ADMIN_USER      | Initial LimeSurvey Admin User             |
@@ -113,17 +116,20 @@ For further details on the settings see: https://manual.limesurvey.org/Data_encr
 | PUBLIC_URL      | Public URL for public scripts             |
 | BASE_URL        | Application Base URL                      |
 | URL_FORMAT      | URL Format. path or get                   |
-| SHOW_SCRIPT_NAME | Script name in URL (true|false). Default: true |
+| TABLE_SESSION   | Enable table sessions (true)              |
+| SHOW_SCRIPT_NAME | Script name in URL (true\|false). Default: true |
 | DEBUG           | Debug level (0, 1, 2). Default: 0         |
 | DEBUG_SQL       | SQL Debug level (0, 1, 2). Default 0      |
 | ENCRYPT_KEYPAIR  | Data encryption keypair                  |
 | ENCRYPT_PUBLIC_KEY | Data encryption public key             |
 | ENCRYPT_SECRET_KEY | Data encryption secret key             |
+| ENCRYPT_NONCE      | Data encryption nonce (used in 5.0)    |
+| ENCRYPT_SECRET_BOX_KEY | Data encryption secret box key (used in 5.0)             |
 | LISTEN_PORT     | Apache: Listen port. Default: 8080        |
 
 For further details on the settings see: https://manual.limesurvey.org/Optional_settings#Advanced_Path_Settings
 
-# Running this Image with docker-compose
+# Running LimeSurvey with docker-compose
 
 The easiest way to get a fully featured and functional setup is using a docker-compose file. Several examples are provided in the [repository](https://github.com/martialblog/docker-limesurvey).
 
@@ -137,6 +143,12 @@ http://localhost:8080/
 http://localhost:8080/index.php/admin
 ```
 
+# Running LimeSurvey with Helm
+
+A Helm Chart for this Image can be used for deployments. Please refer to the Helm Repository for further details:
+
+https://github.com/martialblog/helm-charts
+
 # Upgrade Guide
 
 These guides are only referring to the Docker Image, for details on the application users should consult the [official LimeSurvey documentation](https://manual.limesurvey.org/Upgrading_from_a_previous_version) for details.
@@ -173,6 +185,15 @@ drwxr-xr-x 3 82 82 4096 Jun  3 13:51 surveys
 
 If you are using the Apache2 Images, the default port will now be **8080**. Depending on your setup the port configurations might need adjustment.
 
+# Known Issues
+
+## LimeSurvey behind a reverse proxy with a subdirectory
+
+When running LimeSurvey behind a reverse proxy with a subdirectory (i.e. example.com/limesurvey), the admin area might not be displayed correctly due to a routing issue. The application will forward you to the base url regardless. See:
+- https://github.com/martialblog/docker-limesurvey/issues/49
+- https://github.com/martialblog/docker-limesurvey/issues/127
+- https://github.com/martialblog/docker-limesurvey/issues/106
+
 # References
 
 - https://www.limesurvey.org/

docker-compose.example.yml

@@ -1,7 +1,7 @@
 version: '3'
 services:
   limesurvey:
-    image: martialblog/limesurvey:latest
+    image: docker.io/martialblog/limesurvey:latest
     restart: always
     environment:
       - DB_TYPE=pgsql
@@ -22,7 +22,7 @@ services:
     depends_on:
       - db
   db:
-    image: postgres:10-alpine
+    image: docker.io/postgres:10-alpine
     restart: always
     volumes:
       - db-data:/var/lib/postgresql

docker-compose.fpm-certbot.yml

@@ -33,14 +33,14 @@ services:
     environment:
       - "HOSTNAMES=www.example.com example.com"
   certbot:
-    image: certbot/certbot
+    image: docker.io/certbot/certbot
     restart: unless-stopped
     volumes:
       - ./certbot/conf:/etc/letsencrypt
       - ./certbot/www:/var/www/certbot
     entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
   lime-db:
-    image: mysql:5.7
+    image: docker.io/mysql:5.7
     environment:
       - "MYSQL_USER=limesurvey"
       - "MYSQL_DATABASE=limesurvey"

docker-compose.fpm.alpine.yml

@@ -17,16 +17,18 @@ services:
       - "DB_PASSWORD=secret"
       - "ADMIN_PASSWORD=foobar"
   lime-web:
-    image: nginx:alpine
+    image: docker.io/nginx:alpine
     links:
       - limesurvey
+    depends_on:
+      - limesurvey
     ports:
       - "8080:80"
     volumes:
       - ./examples/nginx.conf:/etc/nginx/nginx.conf:ro
       - lime:/var/www/html
   lime-db:
-    image: mysql:5.7
+    image: docker.io/mysql:5.7
     environment:
       - "MYSQL_USER=limesurvey"
       - "MYSQL_DATABASE=limesurvey"

docker-compose.fpm.yml

@@ -17,7 +17,7 @@ services:
       - "DB_PASSWORD=secret"
       - "ADMIN_PASSWORD=foobar"
   lime-web:
-    image: nginx
+    image: docker.io/nginx
     links:
       - limesurvey
     ports:
@@ -26,7 +26,7 @@ services:
       - ./examples/nginx.conf:/etc/nginx/nginx.conf:ro
       - lime:/var/www/html
   lime-db:
-    image: mysql:5.7
+    image: docker.io/mysql:5.7
     environment:
       - "MYSQL_USER=limesurvey"
       - "MYSQL_DATABASE=limesurvey"

docker-compose.pgsql.yml

@@ -2,6 +2,7 @@ version: "3.0"
 services:
   limesurvey:
     build:
+      # Hint: Change it to 3.0/apache/ if you want to use LimeSurvey 3.*
       context: 5.0/apache/
       dockerfile: Dockerfile
     volumes:
@@ -12,6 +13,7 @@ services:
     depends_on:
       - lime-db
     ports:
+      # Hint: Change it to 80:8080 if you are using LimeSurvey 3.*
       - "8080:8080"
     environment:
       - "DB_TYPE=pgsql"
@@ -20,9 +22,9 @@ services:
       - "DB_PASSWORD=secret"
       - "ADMIN_PASSWORD=foobar"
   lime-db:
-    image: postgres:10
+    image: docker.io/postgres:10
     volumes:
-      - db-data:/var/lib/postgresql
+      - db-data:/var/lib/postgresql/data
     environment:
       - "POSTGRES_USER=limesurvey"
       - "POSTGRES_DB=limesurvey"

docker-compose.traefik.yml

@@ -0,0 +1,46 @@
+version: "3.0"
+services:
+  limesurvey:
+    build:
+      context: 5.0/apache/
+      dockerfile: Dockerfile
+    labels:
+      traefik.enable: 'true'
+      traefik.http.routers.limesurvey-http-router.entrypoints: "http"
+      traefik.http.routers.limesurvey-http-router.rule: "PathPrefix(`/limesurvey`)"
+      traefik.http.services.limesurvey-service.loadbalancer.server.port: "8080"
+    links:
+      - lime-db
+    depends_on:
+      - lime-db
+    volumes:
+      # Unfortunately the StripPrefix Function in Traefik won't work;
+      # Meaning, we will have to set 'Alias /limesurvey "/var/www/html"' in the Apache Config
+      - "./examples/apache-example.conf:/etc/apache2/sites-available/000-default.conf:ro"
+    environment:
+      - "DB_HOST=lime-db"
+      - "DB_PASSWORD=secret"
+      - "ADMIN_PASSWORD=foobar"
+      - "PUBLIC_URL=http://localhost:8888/limesurvey"
+      - "BASE_URL=http://localhost:8888/limesurvey"
+  traefik:
+    image: docker.io/traefik:v2.5
+    container_name: "traefik"
+    command:
+      - "--api.insecure=true"
+      - "--providers.docker=true"
+      - "--providers.docker.exposedbydefault=false"
+      - "--entrypoints.http.address=:8888"
+    ports:
+      - "8888:8888"
+      - "8080:8080"
+    volumes:
+      - "/var/run/docker.sock:/var/run/docker.sock:ro"
+  lime-db:
+    image: docker.io/mysql:5.7
+    environment:
+      - "MYSQL_USER=limesurvey"
+      - "MYSQL_DATABASE=limesurvey"
+      - "MYSQL_PASSWORD=secret"
+      - "MYSQL_ROOT_PASSWORD=secret"
+

docker-compose.yml

@@ -17,8 +17,10 @@ services:
       - "DB_HOST=lime-db"
       - "DB_PASSWORD=secret"
       - "ADMIN_PASSWORD=foobar"
+      # If you require an empty table prefix, use a space as the DB_TABLE_PREFIX
+      # - "DB_TABLE_PREFIX= "
   lime-db:
-    image: mysql:5.7
+    image: docker.io/mysql:5.7
     environment:
       - "MYSQL_USER=limesurvey"
       - "MYSQL_DATABASE=limesurvey"

examples/apache-example.conf

@@ -1,7 +1,7 @@
 <VirtualHost *:8080>
 	ServerAdmin foo@bar.com
 	DocumentRoot /var/www/html
-        Alias /lime "/var/www/html"
+        Alias /limesurvey "/var/www/html"
 
         <Directory />
                 Options FollowSymLinks

examples/nginx.conf

@@ -19,7 +19,7 @@ http {
         location / {
             try_files $uri /index.php?$args;
         }
-        location ~ ^/(protected|framework|themes/\w+/views) {
+        location ~ ^/(protected|application|framework|themes/\w+/views) {
             deny  all;
         }
         location ~ \.(js|css|png|jpg|gif|swf|ico|pdf|mov|fla|zip|rar)$ {

nginx-certbot/entrypoint.sh

@@ -1,25 +1,25 @@
 #!/bin/sh
 
-cert_path=/etc/letsencrypt/live/$(echo $HOSTNAMES | awk '{print $1}')
-mkdir -p cert_path
+cert_path=/etc/letsencrypt/live/$(echo "$HOSTNAMES" | awk '{print $1}')
+mkdir -p $cert_path
 
 # if there is no certificate yet, get one
 email="--email $CERT_EMAIL"
-if [ -z $CERT_EMAIL ]
+if [ -z "$CERT_EMAIL" ]
 then
     email='--register-unsafely-without-email'
 fi
-if [ ! -e $cert_path/privkey.pem ]
+if [ ! -e "$cert_path/privkey.pem" ]
 then
     names=""
     for h in $HOSTNAMES
     do
-        names=$(echo "$names -d $h")
+        names="$names -d $h"
     done
     echo "Getting new certificate..."
     /usr/bin/curl -s https://raw.githubusercontent.com/certbot/certbot/master/certbot-nginx/certbot_nginx/_internal/tls_configs/options-ssl-nginx.conf > /etc/letsencrypt/options-ssl-nginx.conf
     /usr/bin/curl -s https://raw.githubusercontent.com/certbot/certbot/master/certbot/certbot/ssl-dhparams.pem > /etc/letsencrypt/ssl-dhparams.pem
-    /usr/bin/certbot certonly --standalone $names --agree-tos $email
+    /usr/bin/certbot certonly --standalone $names --agree-tos "$email"
 fi
 
-nginx -g "daemon off;"
+nginx -g "daemon off;"

tests/apache-tests.yaml

@@ -9,7 +9,7 @@ fileContentTests:
     path: '/var/www/html/admin/index.php'
     expectedContents: ['LimeSurvey']
   - name: 'Entrypoint file content'
-    path: '/var/www/html/entrypoint.sh'
+    path: '/usr/local/bin/entrypoint.sh'
     expectedContents: ['console.php', 'ADMIN_USER']
 
 fileExistenceTests:

tests/fpm-alpine-tests.yaml

@@ -9,7 +9,7 @@ fileContentTests:
     path: '/var/www/html/admin/index.php'
     expectedContents: ['LimeSurvey']
   - name: 'Entrypoint file content'
-    path: '/var/www/html/entrypoint.sh'
+    path: '/usr/local/bin/entrypoint.sh'
     expectedContents: ['console.php', 'ADMIN_USER']
 
 fileExistenceTests:

upgrade.sh

@@ -11,12 +11,14 @@ if [ $# -eq 0 ]
 fi
 
 NEW_VERSION=$1
-MAJOR_VERSION=$(echo $NEW_VERSION | cut -c 1 | awk '{print $1".0"}')
-NEW_TAG=$(echo $NEW_VERSION | sed "s/+/-/")
+MAJOR_VERSION="${NEW_VERSION%%.*}.0"
+NEW_TAG="${NEW_VERSION%+*}-${NEW_VERSION#*+}"
 
-grep -qc $NEW_VERSION $MAJOR_VERSION/apache/Dockerfile $MAJOR_VERSION/fpm/Dockerfile $MAJOR_VERSION/fpm-alpine/Dockerfile
+grep -qc "$NEW_VERSION" "$MAJOR_VERSION/apache/Dockerfile" "$MAJOR_VERSION/fpm/Dockerfile" "$MAJOR_VERSION/fpm-alpine/Dockerfile"
 
-if [ $? -eq 0 ]
+GREP_NEW_VERSION_EXIT_CODE=$?
+
+if [ $GREP_NEW_VERSION_EXIT_CODE -eq 0 ]
    then
        echo "Already at version ${NEW_VERSION}"
        exit 0
@@ -28,8 +30,8 @@ wget -P /tmp "https://github.com/LimeSurvey/LimeSurvey/archive/${NEW_VERSION}.ta
 SHA256_CHECKSUM=$(sha256sum "/tmp/${NEW_VERSION}.tar.gz" | awk '{ print $1 }')
 
 # Update lines in the files
-sed -r -i -e "s/[0-9]+(\.[0-9]+)+\+[0-9]+/$NEW_VERSION/" $MAJOR_VERSION/apache/Dockerfile $MAJOR_VERSION/fpm/Dockerfile $MAJOR_VERSION/fpm-alpine/Dockerfile
-sed -r -i -e "s/[A-Fa-f0-9]{64}/$SHA256_CHECKSUM/" $MAJOR_VERSION/apache/Dockerfile $MAJOR_VERSION/fpm/Dockerfile $MAJOR_VERSION/fpm-alpine/Dockerfile
+sed -r -i -e "s/[0-9]+(\.[0-9]+)+\+[0-9]+/$NEW_VERSION/" "$MAJOR_VERSION/apache/Dockerfile" "$MAJOR_VERSION/fpm/Dockerfile" "$MAJOR_VERSION/fpm-alpine/Dockerfile"
+sed -r -i -e "s/[A-Fa-f0-9]{64}/$SHA256_CHECKSUM/" "$MAJOR_VERSION/apache/Dockerfile" "$MAJOR_VERSION/fpm/Dockerfile" "$MAJOR_VERSION/fpm-alpine/Dockerfile"
 
 # After that, check and commit
 echo "git add 3.0 ; git commit -m 'Upgrading to LTS Version ${NEW_VERSION}' && git tag ${NEW_TAG}"