bucde
/
docker_php_apache
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 2 Wiki Activity
Browse Source

feat: add files from 15ddd64eb2/7.4/buster/apache

master
Dennis Buchhorn 3 years ago
parent
f179d56067
commit
851db18195
7 changed files with 689 additions and 0 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +286
    -0
      Dockerfile
  2. +40
    -0
      apache2-foreground
  3. +9
    -0
      docker-php-entrypoint
  4. +69
    -0
      docker-php-ext-configure
  5. +121
    -0
      docker-php-ext-enable
  6. +130
    -0
      docker-php-ext-install
  7. +34
    -0
      docker-php-source

+ 286
- 0
Dockerfile View File

@ -0,0 +1,286 @@
#
# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
#
# PLEASE DO NOT EDIT IT DIRECTLY.
#
FROM debian:buster-slim
# prevent Debian's PHP packages from being installed
# https://github.com/docker-library/php/pull/542
RUN set -eux; \
{ \
echo 'Package: php*'; \
echo 'Pin: release *'; \
echo 'Pin-Priority: -1'; \
} > /etc/apt/preferences.d/no-debian-php
# dependencies required for running "phpize"
# (see persistent deps below)
ENV PHPIZE_DEPS \
autoconf \
dpkg-dev \
file \
g++ \
gcc \
libc-dev \
make \
pkg-config \
re2c
# persistent / runtime deps
RUN set -eux; \
apt-get update; \
apt-get install -y --no-install-recommends \
$PHPIZE_DEPS \
ca-certificates \
curl \
xz-utils \
; \
rm -rf /var/lib/apt/lists/*
ENV PHP_INI_DIR /usr/local/etc/php
RUN set -eux; \
mkdir -p "$PHP_INI_DIR/conf.d"; \
# allow running as an arbitrary user (https://github.com/docker-library/php/issues/743)
[ ! -d /var/www/html ]; \
mkdir -p /var/www/html; \
chown www-data:www-data /var/www/html; \
chmod 777 /var/www/html
ENV APACHE_CONFDIR /etc/apache2
ENV APACHE_ENVVARS $APACHE_CONFDIR/envvars
RUN set -eux; \
apt-get update; \
apt-get install -y --no-install-recommends apache2; \
rm -rf /var/lib/apt/lists/*; \
\
# generically convert lines like
# export APACHE_RUN_USER=www-data
# into
# : ${APACHE_RUN_USER:=www-data}
# export APACHE_RUN_USER
# so that they can be overridden at runtime ("-e APACHE_RUN_USER=...")
sed -ri 's/^export ([^=]+)=(.*)$/: ${\1:=\2}\nexport \1/' "$APACHE_ENVVARS"; \
\
# setup directories and permissions
. "$APACHE_ENVVARS"; \
for dir in \
"$APACHE_LOCK_DIR" \
"$APACHE_RUN_DIR" \
"$APACHE_LOG_DIR" \
; do \
rm -rvf "$dir"; \
mkdir -p "$dir"; \
chown "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$dir"; \
# allow running as an arbitrary user (https://github.com/docker-library/php/issues/743)
chmod 777 "$dir"; \
done; \
\
# delete the "index.html" that installing Apache drops in here
rm -rvf /var/www/html/*; \
\
# logs should go to stdout / stderr
ln -sfT /dev/stderr "$APACHE_LOG_DIR/error.log"; \
ln -sfT /dev/stdout "$APACHE_LOG_DIR/access.log"; \
ln -sfT /dev/stdout "$APACHE_LOG_DIR/other_vhosts_access.log"; \
chown -R --no-dereference "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$APACHE_LOG_DIR"
# Apache + PHP requires preforking Apache for best results
RUN a2dismod mpm_event && a2enmod mpm_prefork
# PHP files should be handled by PHP, and should be preferred over any other file type
RUN { \
echo '<FilesMatch \.php$>'; \
echo '\tSetHandler application/x-httpd-php'; \
echo '</FilesMatch>'; \
echo; \
echo 'DirectoryIndex disabled'; \
echo 'DirectoryIndex index.php index.html'; \
echo; \
echo '<Directory /var/www/>'; \
echo '\tOptions -Indexes'; \
echo '\tAllowOverride All'; \
echo '</Directory>'; \
} | tee "$APACHE_CONFDIR/conf-available/docker-php.conf" \
&& a2enconf docker-php
# Apply stack smash protection to functions using local buffers and alloca()
# Make PHP's main executable position-independent (improves ASLR security mechanism, and has no performance impact on x86_64)
# Enable optimization (-O2)
# Enable linker optimization (this sorts the hash buckets to improve cache locality, and is non-default)
# https://github.com/docker-library/php/issues/272
# -D_LARGEFILE_SOURCE and -D_FILE_OFFSET_BITS=64 (https://www.php.net/manual/en/intro.filesystem.php)
ENV PHP_CFLAGS="-fstack-protector-strong -fpic -fpie -O2 -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"
ENV PHP_CPPFLAGS="$PHP_CFLAGS"
ENV PHP_LDFLAGS="-Wl,-O1 -pie"
ENV GPG_KEYS 42670A7FE4D0441C8E4632349E4FDC074A4EF02D 5A52880781F755608BF815FC910DEB46F53EA312
ENV PHP_VERSION 7.4.24
ENV PHP_URL="https://www.php.net/distributions/php-7.4.24.tar.xz" PHP_ASC_URL="https://www.php.net/distributions/php-7.4.24.tar.xz.asc"
ENV PHP_SHA256="ff7658ee2f6d8af05b48c21146af5f502e121def4e76e862df5ec9fa06e98734"
RUN set -eux; \
\
savedAptMark="$(apt-mark showmanual)"; \
apt-get update; \
apt-get install -y --no-install-recommends gnupg dirmngr; \
rm -rf /var/lib/apt/lists/*; \
\
mkdir -p /usr/src; \
cd /usr/src; \
\
curl -fsSL -o php.tar.xz "$PHP_URL"; \
\
if [ -n "$PHP_SHA256" ]; then \
echo "$PHP_SHA256 *php.tar.xz" | sha256sum -c -; \
fi; \
\
if [ -n "$PHP_ASC_URL" ]; then \
curl -fsSL -o php.tar.xz.asc "$PHP_ASC_URL"; \
export GNUPGHOME="$(mktemp -d)"; \
for key in $GPG_KEYS; do \
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
done; \
gpg --batch --verify php.tar.xz.asc php.tar.xz; \
gpgconf --kill all; \
rm -rf "$GNUPGHOME"; \
fi; \
\
apt-mark auto '.*' > /dev/null; \
apt-mark manual $savedAptMark > /dev/null; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false
COPY docker-php-source /usr/local/bin/
RUN set -eux; \
\
savedAptMark="$(apt-mark showmanual)"; \
apt-get update; \
apt-get install -y --no-install-recommends \
apache2-dev \
libargon2-dev \
libcurl4-openssl-dev \
libonig-dev \
libreadline-dev \
libsodium-dev \
libsqlite3-dev \
libssl-dev \
libxml2-dev \
zlib1g-dev \
; \
\
export \
CFLAGS="$PHP_CFLAGS" \
CPPFLAGS="$PHP_CPPFLAGS" \
LDFLAGS="$PHP_LDFLAGS" \
; \
docker-php-source extract; \
cd /usr/src/php; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \
# https://bugs.php.net/bug.php?id=74125
if [ ! -d /usr/include/curl ]; then \
ln -sT "/usr/include/$debMultiarch/curl" /usr/local/include/curl; \
fi; \
./configure \
--build="$gnuArch" \
--with-config-file-path="$PHP_INI_DIR" \
--with-config-file-scan-dir="$PHP_INI_DIR/conf.d" \
\
# make sure invalid --configure-flags are fatal errors instead of just warnings
--enable-option-checking=fatal \
\
# https://github.com/docker-library/php/issues/439
--with-mhash \
\
# https://github.com/docker-library/php/issues/822
--with-pic \
\
# --enable-ftp is included here because ftp_ssl_connect() needs ftp to be compiled statically (see https://github.com/docker-library/php/issues/236)
--enable-ftp \
# --enable-mbstring is included here because otherwise there's no way to get pecl to use it properly (see https://github.com/docker-library/php/issues/195)
--enable-mbstring \
# --enable-mysqlnd is included here because it's harder to compile after the fact than extensions are (since it's a plugin for several extensions, not an extension in itself)
--enable-mysqlnd \
# https://wiki.php.net/rfc/argon2_password_hash
--with-password-argon2 \
# https://wiki.php.net/rfc/libsodium
--with-sodium=shared \
# always build against system sqlite3 (https://github.com/php/php-src/commit/6083a387a81dbbd66d6316a3a12a63f06d5f7109)
--with-pdo-sqlite=/usr \
--with-sqlite3=/usr \
\
--with-curl \
--with-openssl \
--with-readline \
--with-zlib \
\
# in PHP 7.4+, the pecl/pear installers are officially deprecated (requiring an explicit "--with-pear")
--with-pear \
\
# bundled pcre does not support JIT on s390x
# https://manpages.debian.org/bullseye/libpcre3-dev/pcrejit.3.en.html#AVAILABILITY_OF_JIT_SUPPORT
$(test "$gnuArch" = 's390x-linux-gnu' && echo '--without-pcre-jit') \
--with-libdir="lib/$debMultiarch" \
\
--disable-cgi \
\
--with-apxs2 \
; \
make -j "$(nproc)"; \
find -type f -name '*.a' -delete; \
make install; \
find \
/usr/local \
-type f \
-perm '/0111' \
-exec sh -euxc ' \
strip --strip-all "$@" || : \
' -- '{}' + \
; \
make clean; \
\
# https://github.com/docker-library/php/issues/692 (copy default example "php.ini" files somewhere easily discoverable)
cp -v php.ini-* "$PHP_INI_DIR/"; \
\
cd /; \
docker-php-source delete; \
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
find /usr/local -type f -executable -exec ldd '{}' ';' \
| awk '/=>/ { print $(NF-1) }' \
| sort -u \
| xargs -r dpkg-query --search \
| cut -d: -f1 \
| sort -u \
| xargs -r apt-mark manual \
; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
# update pecl channel definitions https://github.com/docker-library/php/issues/443
pecl update-channels; \
rm -rf /tmp/pear ~/.pearrc; \
\
# smoke test
php --version
COPY docker-php-ext-* docker-php-entrypoint /usr/local/bin/
# sodium was built as a shared module (so that it can be replaced later if so desired), so let's enable it too (https://github.com/docker-library/php/issues/598)
RUN docker-php-ext-enable sodium
ENTRYPOINT ["docker-php-entrypoint"]
# https://httpd.apache.org/docs/2.4/stopping.html#gracefulstop
STOPSIGNAL SIGWINCH
COPY apache2-foreground /usr/local/bin/
WORKDIR /var/www/html
EXPOSE 80
CMD ["apache2-foreground"]

+ 40
- 0
apache2-foreground View File

@ -0,0 +1,40 @@
#!/bin/bash
set -e
# Note: we don't just use "apache2ctl" here because it itself is just a shell-script wrapper around apache2 which provides extra functionality like "apache2ctl start" for launching apache2 in the background.
# (also, when run as "apache2ctl <apache args>", it does not use "exec", which leaves an undesirable resident shell process)
: "${APACHE_CONFDIR:=/etc/apache2}"
: "${APACHE_ENVVARS:=$APACHE_CONFDIR/envvars}"
if test -f "$APACHE_ENVVARS"; then
. "$APACHE_ENVVARS"
fi
# Apache gets grumpy about PID files pre-existing
: "${APACHE_RUN_DIR:=/var/run/apache2}"
: "${APACHE_PID_FILE:=$APACHE_RUN_DIR/apache2.pid}"
rm -f "$APACHE_PID_FILE"
# create missing directories
# (especially APACHE_RUN_DIR, APACHE_LOCK_DIR, and APACHE_LOG_DIR)
for e in "${!APACHE_@}"; do
if [[ "$e" == *_DIR ]] && [[ "${!e}" == /* ]]; then
# handle "/var/lock" being a symlink to "/run/lock", but "/run/lock" not existing beforehand, so "/var/lock/something" fails to mkdir
# mkdir: cannot create directory '/var/lock': File exists
dir="${!e}"
while [ "$dir" != "$(dirname "$dir")" ]; do
dir="$(dirname "$dir")"
if [ -d "$dir" ]; then
break
fi
absDir="$(readlink -f "$dir" 2>/dev/null || :)"
if [ -n "$absDir" ]; then
mkdir -p "$absDir"
fi
done
mkdir -p "${!e}"
fi
done
exec apache2 -DFOREGROUND "$@"

+ 9
- 0
docker-php-entrypoint View File

@ -0,0 +1,9 @@
#!/bin/sh
set -e
# first arg is `-f` or `--some-option`
if [ "${1#-}" != "$1" ]; then
set -- apache2-foreground "$@"
fi
exec "$@"

+ 69
- 0
docker-php-ext-configure View File

@ -0,0 +1,69 @@
#!/bin/sh
set -e
# prefer user supplied CFLAGS, but default to our PHP_CFLAGS
: ${CFLAGS:=$PHP_CFLAGS}
: ${CPPFLAGS:=$PHP_CPPFLAGS}
: ${LDFLAGS:=$PHP_LDFLAGS}
export CFLAGS CPPFLAGS LDFLAGS
srcExists=
if [ -d /usr/src/php ]; then
srcExists=1
fi
docker-php-source extract
if [ -z "$srcExists" ]; then
touch /usr/src/php/.docker-delete-me
fi
cd /usr/src/php/ext
usage() {
echo "usage: $0 ext-name [configure flags]"
echo " ie: $0 gd --with-jpeg-dir=/usr/local/something"
echo
echo 'Possible values for ext-name:'
find . \
-mindepth 2 \
-maxdepth 2 \
-type f \
-name 'config.m4' \
| xargs -n1 dirname \
| xargs -n1 basename \
| sort \
| xargs
echo
echo 'Some of the above modules are already compiled into PHP; please check'
echo 'the output of "php -i" to see which modules are already loaded.'
}
ext="$1"
if [ -z "$ext" ] || [ ! -d "$ext" ]; then
usage >&2
exit 1
fi
shift
pm='unknown'
if [ -e /lib/apk/db/installed ]; then
pm='apk'
fi
if [ "$pm" = 'apk' ]; then
if \
[ -n "$PHPIZE_DEPS" ] \
&& ! apk info --installed .phpize-deps > /dev/null \
&& ! apk info --installed .phpize-deps-configure > /dev/null \
; then
apk add --no-cache --virtual .phpize-deps-configure $PHPIZE_DEPS
fi
fi
if command -v dpkg-architecture > /dev/null; then
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"
set -- --build="$gnuArch" "$@"
fi
cd "$ext"
phpize
./configure --enable-option-checking=fatal "$@"

+ 121
- 0
docker-php-ext-enable View File

@ -0,0 +1,121 @@
#!/bin/sh
set -e
extDir="$(php -d 'display_errors=stderr' -r 'echo ini_get("extension_dir");')"
cd "$extDir"
usage() {
echo "usage: $0 [options] module-name [module-name ...]"
echo " ie: $0 gd mysqli"
echo " $0 pdo pdo_mysql"
echo " $0 --ini-name 0-apc.ini apcu apc"
echo
echo 'Possible values for module-name:'
find -maxdepth 1 \
-type f \
-name '*.so' \
-exec basename '{}' ';' \
| sort \
| xargs
echo
echo 'Some of the above modules are already compiled into PHP; please check'
echo 'the output of "php -i" to see which modules are already loaded.'
}
opts="$(getopt -o 'h?' --long 'help,ini-name:' -- "$@" || { usage >&2 && false; })"
eval set -- "$opts"
iniName=
while true; do
flag="$1"
shift
case "$flag" in
--help|-h|'-?') usage && exit 0 ;;
--ini-name) iniName="$1" && shift ;;
--) break ;;
*)
{
echo "error: unknown flag: $flag"
usage
} >&2
exit 1
;;
esac
done
modules=
for module; do
if [ -z "$module" ]; then
continue
fi
if ! [ -f "$module" ] && ! [ -f "$module.so" ]; then
echo >&2 "error: '$module' does not exist"
echo >&2
usage >&2
exit 1
fi
modules="$modules $module"
done
if [ -z "$modules" ]; then
usage >&2
exit 1
fi
pm='unknown'
if [ -e /lib/apk/db/installed ]; then
pm='apk'
fi
apkDel=
if [ "$pm" = 'apk' ]; then
if \
[ -n "$PHPIZE_DEPS" ] \
&& ! apk info --installed .phpize-deps > /dev/null \
&& ! apk info --installed .phpize-deps-configure > /dev/null \
; then
apk add --no-cache --virtual '.docker-php-ext-enable-deps' binutils
apkDel='.docker-php-ext-enable-deps'
fi
fi
for module in $modules; do
moduleFile="$module"
if [ -f "$module.so" ] && ! [ -f "$module" ]; then
moduleFile="$module.so"
fi
if readelf --wide --syms "$moduleFile" | grep -q ' zend_extension_entry$'; then
# https://wiki.php.net/internals/extensions#loading_zend_extensions
line="zend_extension=$module"
else
line="extension=$module"
fi
ext="$(basename "$module")"
ext="${ext%.*}"
if php -d 'display_errors=stderr' -r 'exit(extension_loaded("'"$ext"'") ? 0 : 1);'; then
# this isn't perfect, but it's better than nothing
# (for example, 'opcache.so' presents inside PHP as 'Zend OPcache', not 'opcache')
echo >&2
echo >&2 "warning: $ext ($module) is already loaded!"
echo >&2
continue
fi
case "$iniName" in
/*)
# allow an absolute path
ini="$iniName"
;;
*)
ini="$PHP_INI_DIR/conf.d/${iniName:-"docker-php-ext-$ext.ini"}"
;;
esac
if ! grep -qFx -e "$line" -e "$line.so" "$ini" 2>/dev/null; then
echo "$line" >> "$ini"
fi
done
if [ "$pm" = 'apk' ] && [ -n "$apkDel" ]; then
apk del --no-network $apkDel
fi

+ 130
- 0
docker-php-ext-install View File

@ -0,0 +1,130 @@
#!/bin/sh
set -e
# prefer user supplied CFLAGS, but default to our PHP_CFLAGS
: ${CFLAGS:=$PHP_CFLAGS}
: ${CPPFLAGS:=$PHP_CPPFLAGS}
: ${LDFLAGS:=$PHP_LDFLAGS}
export CFLAGS CPPFLAGS LDFLAGS
srcExists=
if [ -d /usr/src/php ]; then
srcExists=1
fi
docker-php-source extract
if [ -z "$srcExists" ]; then
touch /usr/src/php/.docker-delete-me
fi
cd /usr/src/php/ext
usage() {
echo "usage: $0 [-jN] [--ini-name file.ini] ext-name [ext-name ...]"
echo " ie: $0 gd mysqli"
echo " $0 pdo pdo_mysql"
echo " $0 -j5 gd mbstring mysqli pdo pdo_mysql shmop"
echo
echo 'if custom ./configure arguments are necessary, see docker-php-ext-configure'
echo
echo 'Possible values for ext-name:'
find . \
-mindepth 2 \
-maxdepth 2 \
-type f \
-name 'config.m4' \
| xargs -n1 dirname \
| xargs -n1 basename \
| sort \
| xargs
echo
echo 'Some of the above modules are already compiled into PHP; please check'
echo 'the output of "php -i" to see which modules are already loaded.'
}
opts="$(getopt -o 'h?j:' --long 'help,ini-name:,jobs:' -- "$@" || { usage >&2 && false; })"
eval set -- "$opts"
j=1
iniName=
while true; do
flag="$1"
shift
case "$flag" in
--help|-h|'-?') usage && exit 0 ;;
--ini-name) iniName="$1" && shift ;;
--jobs|-j) j="$1" && shift ;;
--) break ;;
*)
{
echo "error: unknown flag: $flag"
usage
} >&2
exit 1
;;
esac
done
exts=
for ext; do
if [ -z "$ext" ]; then
continue
fi
if [ ! -d "$ext" ]; then
echo >&2 "error: $PWD/$ext does not exist"
echo >&2
usage >&2
exit 1
fi
exts="$exts $ext"
done
if [ -z "$exts" ]; then
usage >&2
exit 1
fi
pm='unknown'
if [ -e /lib/apk/db/installed ]; then
pm='apk'
fi
apkDel=
if [ "$pm" = 'apk' ]; then
if [ -n "$PHPIZE_DEPS" ]; then
if apk info --installed .phpize-deps-configure > /dev/null; then
apkDel='.phpize-deps-configure'
elif ! apk info --installed .phpize-deps > /dev/null; then
apk add --no-cache --virtual .phpize-deps $PHPIZE_DEPS
apkDel='.phpize-deps'
fi
fi
fi
popDir="$PWD"
for ext in $exts; do
cd "$ext"
[ -e Makefile ] || docker-php-ext-configure "$ext"
make -j"$j"
find modules \
-maxdepth 1 \
-name '*.so' \
-exec sh -euxc ' \
strip --strip-all "$@" || :
' -- '{}' +
make -j"$j" install
find modules \
-maxdepth 1 \
-name '*.so' \
-exec basename '{}' ';' \
| xargs -r docker-php-ext-enable ${iniName:+--ini-name "$iniName"}
make -j"$j" clean
cd "$popDir"
done
if [ "$pm" = 'apk' ] && [ -n "$apkDel" ]; then
apk del --no-network $apkDel
fi
if [ -e /usr/src/php/.docker-delete-me ]; then
docker-php-source delete
fi

+ 34
- 0
docker-php-source View File

@ -0,0 +1,34 @@
#!/bin/sh
set -e
dir=/usr/src/php
usage() {
echo "usage: $0 COMMAND"
echo
echo "Manage php source tarball lifecycle."
echo
echo "Commands:"
echo " extract extract php source tarball into directory $dir if not already done."
echo " delete delete extracted php source located into $dir if not already done."
echo
}
case "$1" in
extract)
mkdir -p "$dir"
if [ ! -f "$dir/.docker-extracted" ]; then
tar -Jxf /usr/src/php.tar.xz -C "$dir" --strip-components=1
touch "$dir/.docker-extracted"
fi
;;
delete)
rm -rf "$dir"
;;
*)
usage
exit 1
;;
esac

Write Preview
Loading…
Cancel
Save