trimmed down docker image, added GD support, enabled file upload
This commit is contained in:
parent
40cb55b3d5
commit
aa1cabad94
@ -4,8 +4,5 @@ examples/
|
||||
# Git
|
||||
.git/
|
||||
|
||||
# PHPStorm
|
||||
.idea/
|
||||
|
||||
# OSX
|
||||
.DS_Store
|
||||
|
49
Dockerfile
49
Dockerfile
@ -1,20 +1,24 @@
|
||||
FROM php:fpm-alpine
|
||||
|
||||
MAINTAINER Michael Contento <mail@michaelcontento.de>
|
||||
MAINTAINER PrivateBin <support@privatebin.org>
|
||||
|
||||
RUN \
|
||||
# Install dependencies
|
||||
apk add --no-cache nginx supervisor \
|
||||
# Install PHP extension: opcache
|
||||
&& docker-php-ext-install opcache \
|
||||
&& docker-php-ext-install -j$(nproc) opcache \
|
||||
&& rm -f /usr/local/etc/php/conf.d/docker-php-ext-opcache.ini \
|
||||
# Install PHP extension: xdebug
|
||||
&& apk add --no-cache g++ make autoconf \
|
||||
&& pecl install xdebug \
|
||||
&& apk del g++ make autoconf \
|
||||
&& rm -rf /tmp/pear \
|
||||
# Install PHP extension: gd
|
||||
&& apk add --no-cache freetype libpng libjpeg-turbo freetype-dev libpng-dev libjpeg-turbo-dev \
|
||||
&& docker-php-ext-configure gd \
|
||||
--with-freetype-dir=/usr/include/ \
|
||||
--with-png-dir=/usr/include/ \
|
||||
--with-jpeg-dir=/usr/include/ \
|
||||
&& docker-php-ext-install -j$(nproc) gd \
|
||||
&& apk del --no-cache freetype-dev libpng-dev libjpeg-turbo-dev \
|
||||
# Remove (some of the) default nginx config
|
||||
&& rm -f /etc/nginx.conf \
|
||||
&& rm -f /etc/nginx/conf.d/default.conf \
|
||||
&& rm -rf /etc/nginx/sites-* \
|
||||
&& rm -rf /var/log/nginx \
|
||||
# Ensure nginx logs, even if the config has errors, are written to stderr
|
||||
@ -38,35 +42,12 @@ RUN \
|
||||
|
||||
WORKDIR /var/www
|
||||
|
||||
# Where nginx should serve from
|
||||
ENV DOCUMENT_ROOT=/var/www
|
||||
|
||||
# Should we instantiate a redirect for apex-to-www? Or www-to-apex?
|
||||
# Valid values are "none", "www-to-apex" or "apex-to-www"
|
||||
ENV REDIRECT_MODE="none"
|
||||
|
||||
# Which HTTP code should we use for the above redirect
|
||||
ENV REDIRECT_CODE=302
|
||||
|
||||
# Which protocol should we use to do the above redirect? Valid options are
|
||||
# "http", "https" or "auto" (which will trust X-Forwarded-Proto)
|
||||
ENV REDIRECT_PROTO="auto"
|
||||
|
||||
# Change this to true/1 to enable the xdebug extension for php. You need to change
|
||||
# some xdebug settings? E.g. xdebug.idekey? Just set a environment variable with the dot
|
||||
# replaced with an underscore (xdebug.idekey => XDEBUG_IDEKEY) and they xdebug config will
|
||||
# be changed on container start. This is a fast and simple alternative to adding a custom
|
||||
# config ini in /usr/local/etc/php/conf.d/
|
||||
ENV XDEBUG=false
|
||||
|
||||
# Which environment variables should be available to PHP? For security reasons we do not expose
|
||||
# any of them to PHP by default.
|
||||
# Valid values are "none" and "all"
|
||||
ENV ENV_WHITELIST="none"
|
||||
|
||||
ADD etc/ /etc/
|
||||
ADD usr/ /usr/
|
||||
|
||||
# mark dirs as volumes that need to be writable, allows running the container --read-only
|
||||
VOLUME /tmp /var/tmp /var/run /var/log
|
||||
|
||||
EXPOSE 80
|
||||
|
||||
CMD ["/usr/bin/docker-start"]
|
||||
ENTRYPOINT ["/usr/bin/supervisord","-c","/etc/supervisord.conf"]
|
||||
|
@ -1,7 +0,0 @@
|
||||
server {
|
||||
listen 80;
|
||||
server_name ~^(?!www.)(?<domain>.+)$;
|
||||
|
||||
include /etc/nginx/server.d/*.conf;
|
||||
return {{REDIRECT_CODE}} {{REDIRECT_PROTO}}://www.$domain$request_uri;
|
||||
}
|
@ -1,7 +0,0 @@
|
||||
server {
|
||||
listen 80;
|
||||
server_name ~^www.(?<domain>.+)$;
|
||||
|
||||
include /etc/nginx/server.d/*.conf;
|
||||
return {{REDIRECT_CODE}} {{REDIRECT_PROTO}}://$domain$request_uri;
|
||||
}
|
@ -1,7 +1,7 @@
|
||||
server {
|
||||
listen 80 default_server;
|
||||
|
||||
root {{DOCUMENT_ROOT}};
|
||||
root /var/www;
|
||||
index index.php index.html index.htm;
|
||||
|
||||
location / {
|
@ -1,51 +0,0 @@
|
||||
#!/usr/bin/env sh
|
||||
set -eu
|
||||
|
||||
# Properly detect requested redirect
|
||||
if [ "${REDIRECT_PROTO}" == "auto" ]; then
|
||||
REDIRECT_PROTO="\$http_x_forwarded_proto";
|
||||
elif [ "${REDIRECT_PROTO}" != "http" ] && [ "${REDIRECT_PROTO}" != "https" ]; then
|
||||
echo "ERROR: Invalid value for REDIRECT_PROTO, got '${REDIRECT_PROTO}'" >&2
|
||||
echo "ERROR: Valid values are: 'auto', 'http' or 'https'" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Replace templates in nginx config
|
||||
for file in /etc/nginx/*/*.tpl; do
|
||||
sed \
|
||||
-e "s#{{DOCUMENT_ROOT}}#${DOCUMENT_ROOT}#g" \
|
||||
-e "s#{{REDIRECT_CODE}}#${REDIRECT_CODE}#g" \
|
||||
-e "s#{{REDIRECT_PROTO}}#${REDIRECT_PROTO}#g" \
|
||||
"${file}" \
|
||||
> "${file%.tpl}"
|
||||
done
|
||||
|
||||
# Activate the right
|
||||
rm -f /etc/nginx/sites-enabled/redirect-*.conf
|
||||
if [[ -f "/etc/nginx/sites-available/redirect-${REDIRECT_MODE}.conf" ]]; then
|
||||
ln -s \
|
||||
"/etc/nginx/sites-available/redirect-${REDIRECT_MODE}.conf" \
|
||||
"/etc/nginx/sites-enabled/redirect-${REDIRECT_MODE}.conf"
|
||||
fi
|
||||
|
||||
# Configure or disable XDebug as requested
|
||||
XDEBUG_INI="/usr/local/etc/php/conf.d/10-xdebug.ini"
|
||||
if [ ${XDEBUG} = true ] || [ "${XDEBUG}" == "1" ]; then
|
||||
for setting in $(env | egrep '^XDEBUG_'); do
|
||||
key=$(echo "${setting}" | cut -d'=' -f1 | sed -e 's/XDEBUG_/xdebug./' | tr 'A-Z' 'a-z')
|
||||
value=$(echo "${setting}" | cut -d'=' -f2-)
|
||||
echo "${key}=${value}" >> "${XDEBUG_INI}"
|
||||
done
|
||||
else
|
||||
rm -f "${XDEBUG_INI}"
|
||||
fi
|
||||
|
||||
if [ "${ENV_WHITELIST}" == "all" ]; then
|
||||
rm -rf /usr/local/etc/php-fpm.d/50-clear-env.conf
|
||||
elif [ "${ENV_WHITELIST}" != "none" ]; then
|
||||
echo "ERROR: Invalid value for ENV_WHITELIST, got '${ENV_WHITELIST}'" >&2
|
||||
echo "ERROR: Valid values are: 'none' or 'all'" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
exec /usr/bin/supervisord -c /etc/supervisord.conf
|
@ -1,7 +1,3 @@
|
||||
; Disable file uploads by default for security reasons. Your service needs file uploads? Please
|
||||
; add a overwriting php.ini in your custom Dockerfile!
|
||||
file_uploads=Off
|
||||
|
||||
; session.use_strict_mode specifies whether the module will use strict session id mode. If this
|
||||
; mode is enabled, the module does not accept uninitialized session ID. If uninitialized session ID
|
||||
; is sent from browser, new session ID is sent to browser. Applications are protected from session
|
||||
|
@ -1,4 +0,0 @@
|
||||
zend_extension=xdebug.so
|
||||
xdebug.remote_autostart=On
|
||||
xdebug.remote_enable=On
|
||||
xdebug.remote_connect_back=On
|
Loading…
Reference in New Issue
Block a user