gh-mirrors/docker-php-fpm
1
0
Fork 0
mirror of https://github.com/devilbox/docker-php-fpm.git synced 2025-12-11 19:41:16 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: gh-mirrors:fix-xdebug
Branches Tags
gh-mirrors:master gh-mirrors:dependabot/github_actions/actions/checkout-4 gh-mirrors:fix-xdebug
gh-mirrors:0.151 gh-mirrors:0.150 gh-mirrors:0.149 gh-mirrors:0.148 gh-mirrors:0.147 gh-mirrors:0.146 gh-mirrors:0.145 gh-mirrors:0.144 gh-mirrors:0.143 gh-mirrors:0.142 gh-mirrors:0.141 gh-mirrors:0.140 gh-mirrors:0.139 gh-mirrors:0.138 gh-mirrors:0.137 gh-mirrors:0.136 gh-mirrors:0.135 gh-mirrors:0.134 gh-mirrors:0.133 gh-mirrors:0.132 gh-mirrors:0.131 gh-mirrors:0.130 gh-mirrors:0.129 gh-mirrors:0.128 gh-mirrors:0.127 gh-mirrors:0.126 gh-mirrors:0.125 gh-mirrors:0.124 gh-mirrors:0.123 gh-mirrors:0.122 gh-mirrors:0.121 gh-mirrors:0.120 gh-mirrors:0.119 gh-mirrors:0.118 gh-mirrors:0.117 gh-mirrors:0.116 gh-mirrors:0.115 gh-mirrors:0.114 gh-mirrors:0.113 gh-mirrors:0.112 gh-mirrors:0.111 gh-mirrors:0.110 gh-mirrors:0.109 gh-mirrors:0.108 gh-mirrors:0.107 gh-mirrors:0.106 gh-mirrors:0.105 gh-mirrors:0.104 gh-mirrors:0.103 gh-mirrors:0.102 gh-mirrors:0.101 gh-mirrors:0.100 gh-mirrors:0.99 gh-mirrors:0.98 gh-mirrors:0.97 gh-mirrors:0.96 gh-mirrors:0.95 gh-mirrors:0.94 gh-mirrors:0.93 gh-mirrors:0.92 gh-mirrors:0.91 gh-mirrors:0.90 gh-mirrors:0.89 gh-mirrors:0.88 gh-mirrors:0.87 gh-mirrors:0.86 gh-mirrors:0.85 gh-mirrors:0.84 gh-mirrors:0.83 gh-mirrors:0.82 gh-mirrors:0.81 gh-mirrors:0.80 gh-mirrors:0.79 gh-mirrors:0.78 gh-mirrors:0.77 gh-mirrors:0.76 gh-mirrors:0.75 gh-mirrors:0.74 gh-mirrors:0.73 gh-mirrors:0.72 gh-mirrors:0.71 gh-mirrors:0.70 gh-mirrors:0.69 gh-mirrors:0.68 gh-mirrors:0.67 gh-mirrors:0.66 gh-mirrors:0.65 gh-mirrors:0.64 gh-mirrors:0.63 gh-mirrors:0.62 gh-mirrors:0.61 gh-mirrors:0.60 gh-mirrors:0.59 gh-mirrors:0.58 gh-mirrors:0.57 gh-mirrors:0.56 gh-mirrors:0.55 gh-mirrors:0.54 gh-mirrors:0.53 gh-mirrors:0.52 gh-mirrors:0.51 gh-mirrors:0.50 gh-mirrors:0.49 gh-mirrors:0.48 gh-mirrors:0.47 gh-mirrors:0.46 gh-mirrors:0.45 gh-mirrors:0.44 gh-mirrors:0.43 gh-mirrors:0.42 gh-mirrors:0.41 gh-mirrors:0.40 gh-mirrors:0.39 gh-mirrors:0.38 gh-mirrors:0.37 gh-mirrors:0.36 gh-mirrors:0.35 gh-mirrors:0.34 gh-mirrors:0.33 gh-mirrors:0.32 gh-mirrors:0.31 gh-mirrors:0.30 gh-mirrors:0.29 gh-mirrors:0.28 gh-mirrors:0.27 gh-mirrors:0.26 gh-mirrors:0.25 gh-mirrors:0.24 gh-mirrors:0.23 gh-mirrors:0.22 gh-mirrors:0.21 gh-mirrors:0.20 gh-mirrors:0.19 gh-mirrors:0.18 gh-mirrors:0.17 gh-mirrors:0.16 gh-mirrors:0.15 gh-mirrors:0.14 gh-mirrors:0.13 gh-mirrors:0.12 gh-mirrors:0.11 gh-mirrors:0.10 gh-mirrors:0.9 gh-mirrors:0.8 gh-mirrors:0.7 gh-mirrors:0.6 gh-mirrors:0.5 gh-mirrors:0.4 gh-mirrors:0.3 gh-mirrors:0.2 gh-mirrors:0.1
...
compare: gh-mirrors:0.148
Branches Tags
gh-mirrors:dependabot/github_actions/actions/checkout-4 gh-mirrors:master gh-mirrors:fix-xdebug
gh-mirrors:0.151 gh-mirrors:0.150 gh-mirrors:0.149 gh-mirrors:0.148 gh-mirrors:0.147 gh-mirrors:0.146 gh-mirrors:0.145 gh-mirrors:0.144 gh-mirrors:0.143 gh-mirrors:0.142 gh-mirrors:0.141 gh-mirrors:0.140 gh-mirrors:0.139 gh-mirrors:0.138 gh-mirrors:0.137 gh-mirrors:0.136 gh-mirrors:0.135 gh-mirrors:0.134 gh-mirrors:0.133 gh-mirrors:0.132 gh-mirrors:0.131 gh-mirrors:0.130 gh-mirrors:0.129 gh-mirrors:0.128 gh-mirrors:0.127 gh-mirrors:0.126 gh-mirrors:0.125 gh-mirrors:0.124 gh-mirrors:0.123 gh-mirrors:0.122 gh-mirrors:0.121 gh-mirrors:0.120 gh-mirrors:0.119 gh-mirrors:0.118 gh-mirrors:0.117 gh-mirrors:0.116 gh-mirrors:0.115 gh-mirrors:0.114 gh-mirrors:0.113 gh-mirrors:0.112 gh-mirrors:0.111 gh-mirrors:0.110 gh-mirrors:0.109 gh-mirrors:0.108 gh-mirrors:0.107 gh-mirrors:0.106 gh-mirrors:0.105 gh-mirrors:0.104 gh-mirrors:0.103 gh-mirrors:0.102 gh-mirrors:0.101 gh-mirrors:0.100 gh-mirrors:0.99 gh-mirrors:0.98 gh-mirrors:0.97 gh-mirrors:0.96 gh-mirrors:0.95 gh-mirrors:0.94 gh-mirrors:0.93 gh-mirrors:0.92 gh-mirrors:0.91 gh-mirrors:0.90 gh-mirrors:0.89 gh-mirrors:0.88 gh-mirrors:0.87 gh-mirrors:0.86 gh-mirrors:0.85 gh-mirrors:0.84 gh-mirrors:0.83 gh-mirrors:0.82 gh-mirrors:0.81 gh-mirrors:0.80 gh-mirrors:0.79 gh-mirrors:0.78 gh-mirrors:0.77 gh-mirrors:0.76 gh-mirrors:0.75 gh-mirrors:0.74 gh-mirrors:0.73 gh-mirrors:0.72 gh-mirrors:0.71 gh-mirrors:0.70 gh-mirrors:0.69 gh-mirrors:0.68 gh-mirrors:0.67 gh-mirrors:0.66 gh-mirrors:0.65 gh-mirrors:0.64 gh-mirrors:0.63 gh-mirrors:0.62 gh-mirrors:0.61 gh-mirrors:0.60 gh-mirrors:0.59 gh-mirrors:0.58 gh-mirrors:0.57 gh-mirrors:0.56 gh-mirrors:0.55 gh-mirrors:0.54 gh-mirrors:0.53 gh-mirrors:0.52 gh-mirrors:0.51 gh-mirrors:0.50 gh-mirrors:0.49 gh-mirrors:0.48 gh-mirrors:0.47 gh-mirrors:0.46 gh-mirrors:0.45 gh-mirrors:0.44 gh-mirrors:0.43 gh-mirrors:0.42 gh-mirrors:0.41 gh-mirrors:0.40 gh-mirrors:0.39 gh-mirrors:0.38 gh-mirrors:0.37 gh-mirrors:0.36 gh-mirrors:0.35 gh-mirrors:0.34 gh-mirrors:0.33 gh-mirrors:0.32 gh-mirrors:0.31 gh-mirrors:0.30 gh-mirrors:0.29 gh-mirrors:0.28 gh-mirrors:0.27 gh-mirrors:0.26 gh-mirrors:0.25 gh-mirrors:0.24 gh-mirrors:0.23 gh-mirrors:0.22 gh-mirrors:0.21 gh-mirrors:0.20 gh-mirrors:0.19 gh-mirrors:0.18 gh-mirrors:0.17 gh-mirrors:0.16 gh-mirrors:0.15 gh-mirrors:0.14 gh-mirrors:0.13 gh-mirrors:0.12 gh-mirrors:0.11 gh-mirrors:0.10 gh-mirrors:0.9 gh-mirrors:0.8 gh-mirrors:0.7 gh-mirrors:0.6 gh-mirrors:0.5 gh-mirrors:0.4 gh-mirrors:0.3 gh-mirrors:0.2 gh-mirrors:0.1

69 Commits
fix-xdebug ... 0.148

Author SHA1 Message Date
cytopia
8e715503ff Merge pull request #265 from devilbox/release-0.148 
Release v0.148
 2022-12-26 16:17:33 +01:00
cytopia
c14d2d8881 Added wscat tool to work with websockets 2022-12-26 03:12:03 +01:00
Devilbox Bot
06cb912d1e Merge pull request #262 from devilbox/fix-tools 
Fix wkhtmltodf and wp-cli installation
 2022-12-15 10:01:34 +01:00
dvlbot
9c552b020c Make README examples copy-able 2022-12-14 18:51:40 +01:00
dvlbot
5613a40247 Ignore expired certs during version check 2022-12-14 18:50:57 +01:00
dvlbot
fada51d70e Updated changelog 2022-12-14 11:36:59 +01:00
dvlbot
d4b1fb1e9e Fix wkhtmltodf and wp-cli installation 2022-12-14 11:35:06 +01:00
Devilbox Bot
a1f7c0ccdd Merge pull request #261 from devilbox/documentation 
Update documentation
 2022-12-14 11:33:40 +01:00
dvlbot
66428717b4 Update documentation 2022-12-14 11:32:09 +01:00
Devilbox Bot
5cbf875308 Merge pull request #258 from devilbox/dependabot/github_actions/actions/checkout-3 
Bump actions/checkout from 2 to 3
 2022-12-14 11:15:41 +01:00
dependabot[bot]
a2300738b4 Bump actions/checkout from 2 to 3 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-12-14 10:14:25 +00:00
Devilbox Bot
9b3f06116a Merge pull request #260 from devilbox/issue-assignments 
Issue auto-assignment
 2022-12-14 11:11:22 +01:00
dvlbot
127c169c85 Issue auto-assignment 2022-12-14 11:10:18 +01:00
Devilbox Bot
3c28fc52d5 Merge pull request #259 from devilbox/issue-templates 
Adjust issue templates
 2022-12-14 11:08:52 +01:00
dvlbot
f2416e3801 Adjust issue templates 2022-12-14 11:07:01 +01:00
Devilbox Bot
f333e37e15 Merge pull request #257 from devilbox/repository-automation 
Setup repository automation
 2022-12-14 11:02:33 +01:00
dvlbot
7eafbdb887 Release drafter 2022-12-14 11:00:00 +01:00
dvlbot
6bbfd78a43 Split out linting workflow 2022-12-14 10:58:15 +01:00
dvlbot
737fbbc8ad Setup repository automation 2022-12-14 10:52:18 +01:00
cytopia
28a4f2ac37 Merge pull request #256 from devilbox/release-0.146 
Release 0.146
 2022-12-12 06:23:39 +01:00
cytopia
204afad4e4 Update docs for install.yml 2022-12-11 14:10:04 +01:00
cytopia
a4708249d5 Update options.yml documentation 2022-12-11 13:24:56 +01:00
cytopia
d81f406871 Update Documentaion for PHP module generation 2022-12-11 13:09:57 +01:00
cytopia
3cda0b7da3 Document PHP tool generation 2022-12-11 13:09:21 +01:00
cytopia
02b3bda76f Update flavours 2022-12-11 12:48:29 +01:00
cytopia
45924e67ba Update README 2022-12-11 12:48:16 +01:00
cytopia
e8c5a4270f Fixed Python Black linting errors 2022-12-11 11:41:21 +01:00
cytopia
364c28b248 Streamline php_modules and php_tools definitions 2022-12-11 11:38:34 +01:00
cytopia
a122d6685d Only build on specific changes 2022-12-11 10:54:07 +01:00
cytopia
be2e96d4a2 Update documentation 2022-12-11 10:36:14 +01:00
cytopia
ff61a450ac Merge pull request #255 from devilbox/doc-fixes 
Enhance documentation
 2022-12-10 18:44:13 +01:00
cytopia
7e775622a5 Enhance documentation 2022-12-10 18:43:56 +01:00
cytopia
7cc5e25528 Merge pull request #254 from devilbox/release-0.145 
Release 0.145
 2022-12-10 18:01:22 +01:00
cytopia
b6265751ba Fixed file-lint findings 2022-12-09 19:16:05 +01:00
cytopia
f09e5ad64e Re-enable workflows 2022-12-09 19:15:53 +01:00
cytopia
bfbb967cb8 Re-enabled modules 2022-12-09 19:13:35 +01:00
cytopia
ceadad5512 Adjusted documentation 2022-12-09 19:12:49 +01:00
cytopia
eec7f6c0e2 Add taskfile 2022-12-09 14:25:02 +01:00
cytopia
5567bc0a8c Fix nvm path 2022-12-09 14:24:42 +01:00
cytopia
3934fdc912 Add wkhtmltopdf 2022-12-09 12:50:34 +01:00
cytopia
e34c71f377 Renable some PHP exts for testing 2022-12-09 11:21:47 +01:00
cytopia
8f7953248f Fix mutool check 2022-12-09 11:19:43 +01:00
cytopia
30c3118a22 Backport more tools 2022-12-09 11:12:08 +01:00
cytopia
c3628171f1 Fix subset of PHP exts for testing 2022-12-09 09:48:10 +01:00
cytopia
9dea48147d Temporarily disable CI tests 2022-12-09 09:47:46 +01:00
cytopia
36bc9dc099 Backport more toole 2022-12-09 09:44:40 +01:00
cytopia
820159d95a Fix markdown 2022-12-08 21:16:27 +01:00
cytopia
a7292fdff9 Backport more tools for work flavour 2022-12-08 20:52:37 +01:00
cytopia
2bb64ccff6 Fix missing shared libraries 2022-12-08 12:45:47 +01:00
cytopia
39db14d294 Fix Python linter warnings 2022-12-08 12:41:44 +01:00
cytopia
b724ceaca3 Temporarily enable only required PHP extensions for faster builds 2022-12-08 12:35:10 +01:00
cytopia
308f435a7b Backport tools 2022-12-08 12:34:36 +01:00
cytopia
5b41a9b2f7 Fix extension chmod command on empty dir 2022-12-08 11:01:13 +01:00
cytopia
725f52eda8 Fix shared libs for mongodb 2022-12-08 09:22:42 +01:00
cytopia
796b04b457 Strip debugging information to reduce file sizes 2022-12-08 08:45:50 +01:00
cytopia
92b217fc53 Fixed shellcheck linting 2022-12-08 07:35:03 +01:00
cytopia
d79d834413 Updated CHANGELOG 2022-12-08 07:34:39 +01:00
cytopia
24c58ce57e Doc: updated available PHP tools 2022-12-08 07:26:48 +01:00
cytopia
8f363ace59 Doc: Fixed heading level 2022-12-08 07:26:28 +01:00
cytopia
0fb753511a Streamlined repository helper binaries 2022-12-08 07:26:14 +01:00
cytopia
28b7aade7f Ensure mhsendmail is available on arm64 2022-12-08 06:23:53 +01:00
cytopia
3db1b56b7b Temporarily disable modules for faster builds 2022-12-08 05:04:34 +01:00
cytopia
4cc5e57f24 Fix slim builds for arm64 2022-12-08 05:02:22 +01:00
cytopia
39b32384b6 Improve PHPUnit install 2022-12-07 19:18:33 +01:00
cytopia
887e7c67c5 Optimize 2022-12-07 18:56:44 +01:00
cytopia
0126289bf0 Split out tools 2022-12-07 16:55:17 +01:00
cytopia
101e8abb65 Add vim modeline 2022-12-07 16:41:34 +01:00
cytopia
69ffc63607 Use a single command to generate Dockerfiles 2022-12-07 12:13:41 +01:00
cytopia
fb5a242965 Speed up Ansible run 2022-12-07 06:54:08 +01:00
502 changed files with 30442 additions and 14929 deletions
Expand all files Collapse all files

1
.ansible/DOCKERFILES/Dockerfile-base.j2
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
{{ edit_comment_base }}
{% if php_version == 5.2 %}
FROM devilbox/php-fpm-5.2

3
.ansible/DOCKERFILES/Dockerfile-mods.j2
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
{{ edit_comment_mods }}
FROM devilbox/php-fpm:{{ php_version }}-base as builder
@@ -304,7 +305,7 @@ RUN set -eux \
# Fix php.ini settings for enabled extensions
RUN set -eux \
&& chmod +x "$(php -r 'echo ini_get("extension_dir");')"/*
&& find "$(php -r 'echo ini_get("extension_dir");')/" -type f -exec chmod +x {} \;
# Fix oracle dir for images that don't have oci installed
RUN set -eux \

1
.ansible/DOCKERFILES/Dockerfile-prod.j2
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
{{ edit_comment_prod }}
FROM devilbox/php-fpm:{{ php_version }}-mods
MAINTAINER "cytopia" <cytopia@everythingcli.org>

533
.ansible/DOCKERFILES/Dockerfile-slim.j2 Normal file
View File

@@ -0,0 +1,533 @@
# vi: ft=dockerfile
{{ edit_comment_slim }}
{% import './jinja2/macros-work.j2' as fn %}
########################################################################################################################
########################################################################################################################
###
### Stage 1/4: Devilbox slim image (BASE BUILDER)
###
########################################################################################################################
########################################################################################################################
###
### Installs all cli tools required to run Devilbox and its intranet
###
FROM devilbox/php-fpm:{{ php_version }}-prod as devilbox-slim-base-builder
###
### Install apt Tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
apt-transport-https \
ca-certificates \
curl \
dirmngr \
gnupg
###
### Add apt repositories
###
RUN set -eux \
{%- for repo in base_apt_repositories_enabled -%}
{#- Not disabled -#}
{%- if ('disabled' not in base_apt_repositories_available[repo]) or (php_version not in base_apt_repositories_available[repo]['disabled']) -%}
{#- -#}
{#- [PRE] -#}
{%- if fn.get_pre(php_version, repo, base_apt_repositories_available) | length -%}
{{ "\n\t" }}&& {{ fn.get_pre(php_version, repo, base_apt_repositories_available) | indent( "\t" ) }}{{ "\t\\" }}
{%- endif -%}
{#- -#}
{#- [KEY] -#}
{%- if fn.tool_repo_get_key(php_version, repo, base_apt_repositories_available) | length -%}
{{ "\n\t" }}&& APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv {{ fn.tool_repo_get_key(php_version, repo, base_apt_repositories_available) }} \
{%- endif -%}
{#- -#}
{#- [DEB] -#}
{%- if fn.tool_repo_get_deb(php_version, repo, base_apt_repositories_available) | length -%}
{{ "\n\t" }}&& echo "{{ fn.tool_repo_get_deb(php_version, repo, base_apt_repositories_available) }}" > /etc/apt/sources.list.d/{{ repo }}.list \
{%- endif -%}
{%- endif -%}
{%- endfor -%}
{{ "\n\t" }}&& true
{% set build_deps = [] -%}
{%- for ext in base_software_enabled -%}
{%- for dep in fn.get_build_dep(php_version, ext, base_software_available) | from_json -%}
{%- if dep -%}
{{- build_deps.append(dep) -}}
{%- endif -%}
{%- endfor -%}
{%- endfor -%}
{%- if build_deps -%}
###
### Install build_dep
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
{% for build_dep in build_deps | unique | sort %}
{{ build_dep }} \
{% endfor %}
&& rm -rf /var/lib/apt/lists/*
{%- endif %}
###
### Add common tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
file \
git \
{% if php_version in [7.1, 7.2, 7.3, 7.4, 8.0, 8.1, 8.2] %}
mariadb-client \
{% else %}
mysql-client \
{% endif %}
redis-tools \
sqlite3
{% set tools_apt = [] -%}
{%- for tool in base_software_enabled -%}
{%- if ('disabled' not in base_software_available[tool]) or (php_version not in base_software_available[tool]['disabled']) -%}
{%- if fn.tool_apt_get_package(php_version, tool, base_software_available) -%}
{{- tools_apt.append(fn.tool_apt_get_package(php_version, tool, base_software_available)) -}}
{%- endif -%}
{%- endif -%}
{%- endfor %}
{%- if tools_apt -%}
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
{{- "\n" -}}
{%- if tools_apt -%}
{{- "\t\t# ---------- type: apt ----------\n" -}}
{%- for apt in tools_apt | unique | sort -%}
{{- "\t\t" + apt + " \\" + "\n" -}}
{%- endfor -%}
{%- endif -%}
{{- "\t" -}}&& rm -rf /var/lib/apt/lists/*{{- "\n" -}}
{% endif %}
###
### Devilbox required cli tools from group_vars (slim.yml)
###
{% for tool in base_software_enabled -%}
{# Not disabled #}
{%- if ('disabled' not in base_software_available[tool]) or (php_version not in base_software_available[tool]['disabled']) -%}
{{- "\n" }}# -------------------- {{ tool }} --------------------
{{- "\n" }}RUN set -eux \
{#- -#}
{#- [PRE] -#}
{%- if fn.get_pre(php_version, tool, base_software_available) | length -%}
{{ "\n\t" }}&& {{ fn.get_pre(php_version, tool, base_software_available) | indent( "\t" ) }}{{ "\t\\" }}
{%- endif -%}
{#- -#}
{#- [COMMAND] -#}
{%- if fn.get_type(php_version, tool, base_software_available) == 'custom' -%}
{{ "\n\t" }}&& {{ fn.tool_custom_get_command(php_version, tool, base_software_available) | indent( "\t" ) }}{{ "\t\\" }}
{%- endif -%}
{#- -#}
{#- [POST] -#}
{%- if fn.get_post(php_version, tool, base_software_available) | length -%}
{{ "\n\t" }}&& {{ fn.get_post(php_version, tool, base_software_available) | indent( "\t" ) }}{{ "\t\\" }}
{%- endif -%}
{#- -#}
{#- [CHECK] -#}
{%- if 'check' in base_software_available[tool] -%}
{{ "\n\t" }}&& {{ base_software_available[tool]['check'] | indent( "\t" ) }}{{ "\t\\" }}
{%- endif -%}
{#- -#}
{#- Finalize -#}
{{ "\n\t" }}&& true{{ "\n" }}
{%- endif -%}
{%- endfor %}
###
### Prepare required shared libraries for copying (keep symlinks)
###
RUN set -eux \
&& LIB_GNU_DIR="/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
&& USR_LIB_DIR="/usr/lib" \
&& USR_LIB_GNU_DIR="/usr/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
\
&& mkdir /tmp/lib-gnu \
&& mkdir /tmp/usr-lib \
&& mkdir /tmp/usr-lib-gnu \
\
&& LIB_GNU="libreadline" \
&& USR_LIB="libsnappy libtcmalloc libv8" \
&& USR_LIB_GNU="liblua libpq libpcrecpp libboost libjemalloc libunwind libhiredis libedit libyaml-cpp libstemmer libsnappy libpcap libbsd liblzf" \
\
&& for lib in ${LIB_GNU}; do \
if ls -1 "${LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${LIB_GNU_DIR}"; \
cp -r ${LIB_GNU_DIR}/${lib}* /tmp/lib-gnu/; \
fi \
done \
&& for lib in ${USR_LIB}; do \
if ls -1 "${USR_LIB_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_DIR}"; \
cp -r ${USR_LIB_DIR}/${lib}* /tmp/usr-lib/; \
fi \
done \
&& for lib in ${USR_LIB_GNU}; do \
if ls -1 "${USR_LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_GNU_DIR}"; \
cp -r ${USR_LIB_GNU_DIR}/${lib}* /tmp/usr-lib-gnu/; \
fi \
done
###
### Fix expected PostgreSQL directories
###
### This might not exist on arm64 as software was not available,
### but they are still needed to be present, so we can copy them.
###
RUN set -eux \
&& if [ ! -d "/usr/lib/postgresql" ]; then \
mkdir "/usr/lib/postgresql"; \
fi \
&& if [ ! -d "/usr/share/postgresql-common" ]; then \
mkdir "/usr/share/postgresql-common"; \
fi
###
### Prepare MongoDB binaries for copying.
###
### They might not be available on all architectures (e.g.: arm64).
###
RUN set -eux \
&& mkdir /tmp/mongo \
&& if ls -1 "/usr/bin/" | grep "^mongo" >/dev/null; then \
cp -r /usr/bin/mongo* /tmp/mongo/; \
fi
###
### Strip debugging information to smallen filesize
###
RUN set -eux \
&& STRIP_USR_BINS="blackfire mongo mysql redis sqlite" \
&& STRIP_DIRS="/usr/lib/postgresql/ /usr/share/postgresql-common/ /tmp" \
\
&& for bin in ${STRIP_USR_BINS}; do \
( \
find /usr/bin/ -name "${bin}"* -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& for dir in ${STRIP_DIRS}; do \
( \
find ${dir} -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& strip --strip-all -p /usr/local/bin/mhsendmail 2>/dev/null || true \
&& strip --strip-all -p /usr/local/bin/mysqldump-secure 2>/dev/null || true
########################################################################################################################
########################################################################################################################
###
### Stage 2/4: Devilbox slim image (BASE)
###
########################################################################################################################
########################################################################################################################
###
### Copies all cli tools required to run Devilbox and its intranet into a clean image
###
FROM devilbox/php-fpm:{{ php_version }}-prod as devilbox-slim-base
ARG ARCH
{% set tools_apt = [] -%}
{%- for tool in base_software_enabled -%}
{%- if ('disabled' not in base_software_available[tool]) or (php_version not in base_software_available[tool]['disabled']) -%}
{%- if fn.tool_apt_get_package(php_version, tool, base_software_available) -%}
{{- tools_apt.append(fn.tool_apt_get_package(php_version, tool, base_software_available)) -}}
{%- endif -%}
{%- endif -%}
{%- endfor %}
{%- if tools_apt -%}
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
{{- "\n" -}}
{%- if tools_apt -%}
{{- "\t\t# ---------- type: apt ----------\n" -}}
{%- for apt in tools_apt | unique | sort -%}
{{- "\t\t" + apt + " \\" + "\n" -}}
{%- endfor -%}
{%- endif -%}
{{- "\t" -}}&& rm -rf /var/lib/apt/lists/*{{- "\n" -}}
{% endif %}
###
### Copy shared libraries (required by MongoDB, MySQL, PostgreSQL and Redis)
###
COPY --from=devilbox-slim-base-builder /tmp/lib-gnu/ /lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib-gnu/ /usr/lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib/ /usr/lib/
###
### Copy system files
###
COPY --from=devilbox-slim-base-builder /etc/group /etc/group
COPY --from=devilbox-slim-base-builder /etc/passwd /etc/passwd
COPY --from=devilbox-slim-base-builder /etc/shadow /etc/shadow
###
### Copy Blackfire
###
COPY --from=devilbox-slim-base-builder /etc/blackfire /etc/blackfire
COPY --from=devilbox-slim-base-builder /etc/default/blackfire-agent /etc/default/blackfire-agent
COPY --from=devilbox-slim-base-builder /usr/bin/blackfire* /usr/bin/
COPY --from=devilbox-slim-base-builder /var/log/blackfire /var/log/blackfire
###
### Copy mhsendmail
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mhsendmail /usr/local/bin/
###
### Copy MongoDB client (if exists)
###
COPY --from=devilbox-slim-base-builder /tmp/mongo/ /usr/bin/
###
### Copy MysQL Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/mysql* /usr/bin/
###
### Copy mysqldump-secure
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mysqldump-secure /usr/local/bin/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.conf /etc/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.cnf /etc/
COPY --from=devilbox-slim-base-builder /var/log/mysqldump-secure.log /var/log/
###
### Copy PostgreSQL
###
COPY --from=devilbox-slim-base-builder /usr/lib/postgresql /usr/lib/postgresql
COPY --from=devilbox-slim-base-builder /usr/share/postgresql-common /usr/share/postgresql-common
COPY --from=devilbox-slim-base-builder /usr/share/perl5 /usr/share/perl5
###
### Create PostgreSQL symlinks
###
RUN set -eux \
&& if [ -f "/usr/share/postgresql-common/pg_wrapper" ]; then \
ln -s ../share/postgresql-common/pg_wrapper /usr/bin/clusterdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createlang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/droplang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_basebackup \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dump \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dumpall \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_isready \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivewal \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivexlog \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_recvlogical \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_restore \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pgbench \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/psql \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/reindexdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumlo; \
fi
###
### Copy Redis Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/redis* /usr/bin/
###
### Copy SQLite Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/sqlite* /usr/bin/
###
### ADD PHP configuration files
###
COPY ./data/php-ini.d/php-{{ php_version }}.ini /usr/local/etc/php/conf.d/xxx-devilbox-default-php.ini
COPY ./data/php-fpm.conf/php-fpm-{{ php_version }}.conf /usr/local/etc/php-fpm.conf
###
### ADD Devilbox configuration files
###
COPY ./data/docker-entrypoint.sh /docker-entrypoint.sh
COPY ./data/docker-entrypoint.d/*.sh /docker-entrypoint.d/
COPY ./data/bash-devilbox /etc/bash-devilbox
COPY ./data/sudo-devilbox /etc/sudoers.d/devilbox
###
### Configure Bash
###
RUN set -eux \
&& { \
echo; \
echo "# [Devilbox] Ensure /usr/local(s)?bin is in PATH"; \
echo 'PATH="${PATH}:/usr/local/bin:/usr/local/sbin"'; \
echo "export PATH"; \
echo; \
echo "# [Devilbox] Source Devilbox main bash config"; \
echo ". /etc/bash-devilbox"; \
echo; \
echo "# [Devilbox] Source Devilbox custom configs"; \
echo "if [ -d /etc/bashrc-devilbox.d/ ]; then"; \
echo " for f in /etc/bashrc-devilbox.d/*.sh ; do"; \
echo " if [ -r \"\${f}\" ]; then"; \
echo " . \"\${f}\""; \
echo " fi"; \
echo " done"; \
echo " unset f"; \
echo "fi"; \
} | tee -a /home/${MY_USER}/.bashrc /root/.bashrc \
&& chown ${MY_USER}:${MY_GROUP} /home/${MY_USER}/.bashrc
########################################################################################################################
########################################################################################################################
###
### Stage 3/4: Devilbox slim image (BASE TEST)
###
########################################################################################################################
########################################################################################################################
###
### Test all Devilbox cli utils if copying was successful
###
FROM devilbox-slim-base as devilbox-slim-base-test
RUN set -eux \
&& mysql --version \
&& redis-cli --version \
&& sqlite3 --version
###
### Check if available tools slim
###
{% for tool in base_software_enabled -%}
{# Not disabled #}
{%- if ('disabled' not in base_software_available[tool]) or (php_version not in base_software_available[tool]['disabled']) -%}
{{- "\n" }}# -------------------- {{ tool }} --------------------
{{- "\n" }}RUN set -eux \
{#- -#}
{#- [CHECK] -#}
{%- if 'check' in base_software_available[tool] -%}
{{ "\n\t" }}&& {{ base_software_available[tool]['check'] | indent( "\t" ) }}{{ "\t\\" }}
{%- endif -%}
{#- -#}
{#- Finalize -#}
{{ "\n\t" }}&& true{{ "\n" }}
{%- endif -%}
{%- endfor %}
###
### Re-activate modules which have been deactivated in mods (for testing).
###
RUN set -eux \
&& if find /usr/local/lib/php/extensions/ -name phalcon.so | grep phalcon; then \
echo "extension=phalcon.so" > /usr/local/etc/php/conf.d/docker-php-ext-phalcon.ini; \
fi \
&& if find /usr/local/lib/php/extensions/ -name psr.so | grep psr; then \
echo "extension=psr.so" > /usr/local/etc/php/conf.d/docker-php-ext-psr.ini; \
fi
###
### Check if PHP still works
###
RUN set -eux \
&& echo "date.timezone=UTC" > /usr/local/etc/php/php.ini \
&& php -v | grep -oE 'PHP\s[.0-9]+' | grep -oE '[.0-9]+' | grep '^{{ php_version }}' \
&& /usr/local/sbin/php-fpm --test \
\
&& PHP_ERROR="$( php -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
&& PHP_ERROR="$( php -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
\
&& PHP_FPM_ERROR="$( php-fpm -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& PHP_FPM_ERROR="$( php-fpm -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& rm -f /usr/local/etc/php/php.ini
########################################################################################################################
########################################################################################################################
###
### Stage 4/4: Devilbox slim image (FINAL)
###
########################################################################################################################
########################################################################################################################
###
### Prepare final base image (STAGE: slim)
###
FROM devilbox-slim-base as slim
MAINTAINER "cytopia" <cytopia@everythingcli.org>
###
### Labels
###
# https://github.com/opencontainers/image-spec/blob/master/annotations.md
#LABEL "org.opencontainers.image.created"=""
#LABEL "org.opencontainers.image.version"=""
#LABEL "org.opencontainers.image.revision"=""
LABEL "maintainer"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.authors"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.url"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.documentation"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.source"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.vendor"="devilbox"
LABEL "org.opencontainers.image.licenses"="MIT"
LABEL "org.opencontainers.image.ref.name"="{{ php_version }}-slim"
LABEL "org.opencontainers.image.title"="PHP-FPM {{ php_version }}-slim"
LABEL "org.opencontainers.image.description"="PHP-FPM {{ php_version }}-slim"
###
### Volumes
###
VOLUME /shared/backups
VOLUME /var/log/php
VOLUME /var/mail
###
### Ports
###
EXPOSE 9000
###
### Where to start inside the container
###
WORKDIR /shared/httpd
###
### Entrypoint
###
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/supervisord.conf"]
ENTRYPOINT ["/docker-entrypoint.sh"]

1111
.ansible/DOCKERFILES/Dockerfile-work.j2
View File

File diff suppressed because it is too large Load Diff

13
.ansible/ansible.cfg
View File

@@ -1,3 +1,16 @@
[defaults]
roles_path = ./roles
inventory = inventory.ini
strategy_plugins = /usr/lib/python3.10/site-packages/ansible_mitogen/plugins/strategy
strategy = mitogen_linear
# Show timing information
callbacks_enabled = timer, profile_tasks, profile_roles
# Speed improvements
host_key_checking = False
internal_poll_interval = 0.001
[ssh_connection]
pipelining = True
ssh_args = -o ControlMaster=auto -o ControlPersist=60s

19
.ansible/group_vars/all/all-ansible.yml
View File

@@ -6,6 +6,7 @@
edit_comment_base: "# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-base.j2 instead."
edit_comment_mods: "# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-mods.j2 instead."
edit_comment_prod: "# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-prod.j2 instead."
edit_comment_slim: "# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-slim.j2 instead."
edit_comment_work: "# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-work.j2 instead."
@@ -38,7 +39,7 @@ php_all_versions:
# -------------------------------------------------------------------------------------------------
# Docker file paths for each version for base, mods, prod & work
# Docker file paths for each version for base, mods, prod, slim & work
# -------------------------------------------------------------------------------------------------
template_dockerfiles:
- src: DOCKERFILES/Dockerfile-base.j2
@@ -47,6 +48,8 @@ template_dockerfiles:
dst: "../Dockerfiles/mods/Dockerfile-{{ php_version }}"
- src: DOCKERFILES/Dockerfile-prod.j2
dst: "../Dockerfiles/prod/Dockerfile-{{ php_version }}"
- src: DOCKERFILES/Dockerfile-slim.j2
dst: "../Dockerfiles/slim/Dockerfile-{{ php_version }}"
- src: DOCKERFILES/Dockerfile-work.j2
dst: "../Dockerfiles/work/Dockerfile-{{ php_version }}"
@@ -55,6 +58,7 @@ template_dockerfiles:
# Assign php.ini & php-fpm.conf to PHP versions
# -------------------------------------------------------------------------------------------------
template_configurations:
# php.ini
- src: CONFIGURATIONS/php.ini.j2
dst: "../Dockerfiles/base/data/php-ini.d/php-{{ php_version }}.ini"
@@ -62,10 +66,11 @@ template_configurations:
key: base
alt: base
- src: CONFIGURATIONS/php.ini.j2
dst: "../Dockerfiles/work/data/php-ini.d/php-{{ php_version }}.ini"
dst: "../Dockerfiles/slim/data/php-ini.d/php-{{ php_version }}.ini"
cfg: "{{ php_settings_ini }}"
key: work
alt: base # Alternative key to use when definition is not set in 'work'
key: slim
alt: base # Alternative key to use when definition is not set in 'slim'
# php-fpm.conf
- src: CONFIGURATIONS/php-fpm.conf.j2
dst: "../Dockerfiles/base/data/php-fpm.conf/php-fpm-{{ php_version }}.conf"
@@ -73,7 +78,7 @@ template_configurations:
key: base
alt: base
- src: CONFIGURATIONS/php-fpm.conf.j2
dst: "../Dockerfiles/work/data/php-fpm.conf/php-fpm-{{ php_version }}.conf"
dst: "../Dockerfiles/slim/data/php-fpm.conf/php-fpm-{{ php_version }}.conf"
cfg: "{{ php_settings_fpm }}"
key: work
alt: base
key: slim
alt: base # Alternative key to use when definition is not set in 'slim'

8
.ansible/group_vars/all/all-php-settings.yml
View File

@@ -54,7 +54,7 @@ php_settings_ini:
# ---- Inherits from base ----
prod:
# ---- Inherits from base and overwrites certain values ----
work:
slim:
# Error reporting
error_reporting: E_ALL | E_NOTICE | E_STRICT | E_DEPRECATED
xmlrpc_errors: 'Off'
@@ -73,6 +73,8 @@ php_settings_ini:
xdebug3_mode: 'Off'
xdebug3_start_with_request: 'default'
xdebug3_client_port: '9000'
# ---- Inherits from slim ----
work:
# -------------------------------------------------------------------------------------------------
# php-fpm.conf
@@ -109,5 +111,7 @@ php_settings_fpm:
mods:
# ---- Inherits from base ----
prod:
# ---- Inherits from base and overwrites certain values ----
# ---- Inherits from base ----
slim:
# ---- Inherits from base ----
work:

20
.ansible/group_vars/all/mods.yml
View File

@@ -1517,17 +1517,15 @@ extensions_available:
disabled: []
all:
type: pecl
8.2:
type: git
git_url: https://github.com/xdebug/xdebug
# FIXME: revert to latest tag once PHP 8.2 support is out of alpha/beta
git_ref: 3.2.0RC2
configure: --enable-xdebug
8.1:
type: git
git_url: https://github.com/xdebug/xdebug
git_ref: $(git tag | grep -E '^[.0-9]+$' | sort -V | tail -1)
configure: --enable-xdebug
7.4:
type: pecl
version: 3.1.6
7.3:
type: pecl
version: 3.1.6
7.2:
type: pecl
version: 3.1.6
7.1:
type: pecl
version: 2.9.8

573
.ansible/group_vars/all/slim.yml Normal file
View File

@@ -0,0 +1,573 @@
---
###################################################################################################
# Docker: slim
###################################################################################################
#
# This file holds definition for all devibox/php-fpm:x.y-slim images
#
###
### Define operating system versions
###
os_release:
# Bullseye (Ubuntu: focal, groovy, hirsute, impish)
all:
debian: bullseye
ubuntu: focal
8.2:
debian: bullseye
ubuntu: focal
8.1:
debian: bullseye
ubuntu: focal
8.0:
debian: bullseye
ubuntu: focal
7.4:
debian: bullseye
ubuntu: focal
7.3:
debian: bullseye
ubuntu: focal
# Buster (Ubuntu: bionic, cosmic, disco, eoan)
7.2:
debian: buster
ubuntu: bionic
7.1:
debian: buster
ubuntu: bionic
# Strech (Ubuntu: xenial, yakkety, zesty, artful)
7.0:
debian: stretch
ubuntu: xenial
5.6:
debian: stretch
ubuntu: xenial
# Jessie (Ubuntu: trusty, utopic, vivid, wily)
5.5:
debian: jessie
ubuntu: trusty
5.4:
debian: jessie
ubuntu: trusty
5.3:
debian: jessie
ubuntu: trusty
5.2:
debian: jessie
ubuntu: trusty
# -------------------------------------------------------------------------------------------------
# Apt repositories to enable (in defined order)
# -------------------------------------------------------------------------------------------------
base_apt_repositories_enabled:
- backports
- blackfire
# - mongo # Note: This is done separately in tools (to check ARCH as well)
# - pgsql # Note: This is done separately in tools (to check ARCH as well)
# -------------------------------------------------------------------------------------------------
# Software to install (in defined order)
# -------------------------------------------------------------------------------------------------
base_software_enabled:
- dig # required by Devilbox Intranet
- netcat # required by Devilbox Intranet
- ping # required by Devilbox Intranet
- sudo # required by /etc/sudoers.d/devilbox config file
- blackfire
- mhsendmail
- mongo_client
- mysqldumpsecure
- pgsql_client
# -------------------------------------------------------------------------------------------------
# Apt repository definition
# -------------------------------------------------------------------------------------------------
# all: is generic version of defines
# 7.2: is specific version of defines
# disabled: [optional] Array of PHP versions for which to disable this module
#
# all, 7.2, 7.1, 7.0, 5.6, 5.5, 5.4:
# deb: Deb line to add to sources list
# key: [optional] Key id to add for repository
# pre: [optional] Run custom command to add gpg key for repository
#
base_apt_repositories_available:
###
### Backports
###
backports:
# [Bullseye]
all:
type: repo
pre: apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFD622F3D138
deb: deb http://ftp.debian.org/debian {{ os_release['all'].debian }}-backports main
# [Buster]
7.2:
type: repo
pre: apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFD622F3D138
deb: deb http://ftp.debian.org/debian {{ os_release[7.2].debian }}-backports main
# [Buster]
7.1:
type: repo
pre: apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFD622F3D138
deb: deb http://ftp.debian.org/debian {{ os_release[7.1].debian }}-backports main
# [Stretch]
7.0:
type: repo
pre: apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFD622F3D138
deb: deb http://ftp.debian.org/debian {{ os_release[7.0].debian }}-backports main
# [Stretch]
5.6:
type: repo
pre: apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFD622F3D138
deb: deb http://ftp.debian.org/debian {{ os_release[5.6].debian }}-backports main
# [Jessie]
5.5:
type: repo
pre: echo 'Acquire::Check-Valid-Until no;' > /etc/apt/apt.conf.d/99no-check-valid-until
deb: deb [trusted=yes] http://archive.debian.org/debian {{ os_release[5.5].debian }}-backports main
# [Jessie]
5.4:
type: repo
pre: echo 'Acquire::Check-Valid-Until no;' > /etc/apt/apt.conf.d/99no-check-valid-until
deb: deb [trusted=yes] http://archive.debian.org/debian {{ os_release[5.4].debian }}-backports main
# [Jessie]
5.3:
type: repo
pre: echo 'Acquire::Check-Valid-Until no;' > /etc/apt/apt.conf.d/99no-check-valid-until
deb: deb [trusted=yes] http://archive.debian.org/debian {{ os_release[5.3].debian }}-backports main
# [Jessie]
5.2:
type: repo
pre: echo 'Acquire::Check-Valid-Until no;' > /etc/apt/apt.conf.d/99no-check-valid-until
deb: deb [trusted=yes] http://archive.debian.org/debian {{ os_release[5.2].debian }}-backports main
###
### Blackfire
###
blackfire:
all:
type: repo
deb: deb http://packages.blackfire.io/debian any main
pre: curl -sS -L --fail "https://packages.blackfire.io/gpg.key" | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add -
###
### MongoDB (currently obsolete)
###
mongo:
# 8.2: mongodb-org-(tools|shell) (amd64, arm64)
# 8.1: mongodb-org-(tools|shell) (amd64, arm64)
# 8.0: mongodb-org-(tools|shell) (amd64, arm64)
# 7.4: mongodb-org-(tools|shell) (amd64, arm64)
# 7.3: mongodb-org-(tools|shell) (amd64, arm64)
# 7.2: mongo-tools OR mongodb-org-(tools|shell) (amd64, arm64)
# 7.1: mongo-tools OR mongodb-org-(tools|shell) (amd64, arm64)
# 7.0: mongodb-clients & mongo-tools (amd64, arm64)
# 5.6: mongodb-clients & mongo-tools (amd64, arm64)
# 5.5: mongodb-clients (amd64)
# 5.4: mongodb-clients (amd64)
# 5.3: mongodb-clients (amd64)
# 5.2: mongodb-clients (amd64)
disabled: [5.2, 5.3, 5.4, 5.5, 5.6, 7.0] # TODO: Why were those disabled?
# [Bullseye] Ubuntu repository required for arm64 support instead
all:
type: repo
# gpg --dry-run --with-fingerprint < <(curl https://www.mongodb.org/static/pgp/server-4.4.asc) | grep fingerprint | sed 's/.*=//g' | sed 's/ //g'
deb: deb http://repo.mongodb.org/apt/ubuntu {{ os_release['all'].ubuntu }}/mongodb-org/4.4 multiverse
key: 20691EEC35216C63CAF66CE1656408E390CFB1F5
# [Buster] Ubuntu repository required for arm64 support instead
7.2:
type: repo
# gpg --dry-run --with-fingerprint < <(curl https://www.mongodb.org/static/pgp/server-4.4.asc) | grep fingerprint | sed 's/.*=//g' | sed 's/ //g'
deb: deb http://repo.mongodb.org/apt/ubuntu {{ os_release[7.2].ubuntu }}/mongodb-org/4.4 multiverse
key: 20691EEC35216C63CAF66CE1656408E390CFB1F5
# [Buster] Ubuntu repository required for arm64 support instead
7.1:
type: repo
# gpg --dry-run --with-fingerprint < <(curl https://www.mongodb.org/static/pgp/server-4.4.asc) | grep fingerprint | sed 's/.*=//g' | sed 's/ //g'
deb: deb http://repo.mongodb.org/apt/ubuntu {{ os_release[7.1].ubuntu }}/mongodb-org/4.4 multiverse
key: 20691EEC35216C63CAF66CE1656408E390CFB1F5
###
### PostgrSQL (currently obsolete)
###
pgsql:
# [Bullseye]
all:
type: repo
deb: deb http://apt.postgresql.org/pub/repos/apt/ {{ os_release['all'].debian }}-pgdg main
pre: curl -sS -k -L --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add -
# [Buster]
7.2:
type: repo
deb: deb http://apt.postgresql.org/pub/repos/apt/ {{ os_release[7.2].debian }}-pgdg main
pre: curl -sS -k -L --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add -
# [Buster]
7.1:
type: repo
deb: deb http://apt.postgresql.org/pub/repos/apt/ {{ os_release[7.1].debian }}-pgdg main
pre: curl -sS -k -L --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add -
# [Stretch]
7.0:
type: repo
deb: deb https://apt-archive.postgresql.org/pub/repos/apt/ {{ os_release[7.0].debian }}-pgdg main
# [Stretch]
5.6:
type: repo
deb: deb https://apt-archive.postgresql.org/pub/repos/apt/ {{ os_release[5.6].debian }}-pgdg main
# [Jessie]
5.5:
type: repo
deb: deb https://apt-archive.postgresql.org/pub/repos/apt/ {{ os_release[5.5].debian }}-pgdg main
# [Jessie]
5.4:
type: repo
deb: deb https://apt-archive.postgresql.org/pub/repos/apt/ {{ os_release[5.4].debian }}-pgdg main
# [Jessie]
5.3:
type: repo
deb: deb https://apt-archive.postgresql.org/pub/repos/apt/ {{ os_release[5.3].debian }}-pgdg main
# [Jessie]
5.2:
type: repo
deb: deb https://apt-archive.postgresql.org/pub/repos/apt/ {{ os_release[5.2].debian }}-pgdg main
# -------------------------------------------------------------------------------------------------
# Essential Software definition
# -------------------------------------------------------------------------------------------------
# all: is generic version of defines
# 7.2: is specific version of defines
# disabled: [optional] Array of PHP versions for which to disable this module
# check: [optional] Include a check command to test if it was installed successfully
#
# all, 7.2, 7.1, 7.0, 5.6, 5.5, 5.4:
# pre: [optional] Run command before 'command:' statement
# command: Command to execute
# post: [optional] Run command after 'command:' statement
#
base_software_available:
###
### dig
###
dig:
check: dig -v 2>&1 | grep -E '[0-9]\.[0-9]'
all:
type: apt
package: dnsutils
###
### netcat
###
netcat:
check: nc -h 2>&1 | grep netcat
all:
type: apt
package: netcat-openbsd
###
### ping
###
ping:
check: ping -V | grep ^ping
all:
type: apt
package: iputils-ping
###
### sudo
###
sudo:
check: sudo --version | grep -E 'version [0-9]+\.[0-9]+'
all:
type: apt
package: sudo
###
### Blackfire
###
blackfire:
check: |
blackfire version \
&& blackfire-agent -v \
all:
type: custom
pre: |
apt-get update \
command: |
apt-get install -y --no-install-recommends --no-install-suggests \
blackfire-agent \
post: rm -rf /var/lib/apt/lists/*
###
### mhsendmail
###
mhsendmail:
check: mhsendmail -h 2>&1 | grep 'Usage'
all:
type: custom
command: |
DEB_HOST_ARCH="$( dpkg-architecture --query DEB_HOST_ARCH )" \
&& if [ "${DEB_HOST_ARCH}" = "amd64" ] || [ "${DEB_HOST_ARCH}" = "arm64" ]; then \
MHSENDMAIL_URL="https://github.com/devilbox/mhsendmail/releases/download/v0.3.0/mhsendmail_linux_${DEB_HOST_ARCH}" \
&& curl -sS -L --fail "${MHSENDMAIL_URL}" > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
else \
printf '%s\n%s\n%s\n' '#!/bin/sh' 'echo "Not available for this platform."' 'exit 1' > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
fi \
###
### MongoDB Command line client
###
# 8.2: mongodb-org-(tools|shell) (amd64, arm64)
# 8.1: mongodb-org-(tools|shell) (amd64, arm64)
# 8.0: mongodb-org-(tools|shell) (amd64, arm64)
# 7.4: mongodb-org-(tools|shell) (amd64, arm64)
# 7.3: mongodb-org-(tools|shell) (amd64, arm64)
# 7.2: mongodb-org-(tools|shell) (amd64, arm64)
# 7.1: mongodb-org-(tools|shell) (amd64, arm64)
# 7.0: mongodb-clients & mongo-tools (amd64, arm64)
# 5.6: mongodb-clients & mongo-tools (amd64, arm64)
# 5.5: mongodb-clients (amd64)
# 5.4: mongodb-clients (amd64)
# 5.3: mongodb-clients (amd64)
# 5.2: mongodb-clients (amd64)
mongo_client:
check: |
if echo '{{ php_version }}' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '{{ php_version }}' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
all:
type: custom
pre: |
APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 20691EEC35216C63CAF66CE1656408E390CFB1F5 \
&& echo "deb http://repo.mongodb.org/apt/ubuntu {{ os_release[php_version].ubuntu }}/mongodb-org/4.4 multiverse" > /etc/apt/sources.list.d/mongo.list \
&& apt-get update \
command: |
apt-get install -y --no-install-recommends --no-install-suggests \
mongodb-org-tools \
mongodb-org-shell \
post: rm -rf /var/lib/apt/lists/*
build_dep: [libsnappy-dev] # Required to copy libsnappy.so to next stage
7.0:
type: custom
pre: apt-get update
command: |
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
apt-get install -y --no-install-recommends --no-install-suggests \
mongodb-clients \
mongo-tools; \
else \
apt-get install -y --no-install-recommends --no-install-suggests \
mongodb-clients; \
fi \
5.6:
type: custom
pre: apt-get update
command: |
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
apt-get install -y --no-install-recommends --no-install-suggests \
mongodb-clients \
mongo-tools; \
else \
apt-get install -y --no-install-recommends --no-install-suggests \
mongodb-clients; \
fi \
5.5:
type: custom
pre: apt-get update
command: |
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
apt-get install -y --no-install-recommends --no-install-suggests \
mongodb-clients; \
fi \
5.4:
type: custom
pre: apt-get update
command: |
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
apt-get install -y --no-install-recommends --no-install-suggests \
mongodb-clients; \
fi \
5.3:
type: custom
pre: apt-get update
command: |
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
apt-get install -y --no-install-recommends --no-install-suggests \
mongodb-clients; \
fi \
5.2:
type: custom
pre: apt-get update
command: |
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
apt-get install -y --no-install-recommends --no-install-suggests \
mongodb-clients; \
fi \
###
### mysqldump-secure
###
mysqldumpsecure:
check: mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+'
all:
type: custom
command: |
git clone https://github.com/cytopia/mysqldump-secure.git /usr/local/src/mysqldump-secure \
&& cd /usr/local/src/mysqldump-secure \
&& git checkout $(git describe --abbrev=0 --tags) \
&& cp /usr/local/src/mysqldump-secure/bin/mysqldump-secure /usr/local/bin \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.conf /etc \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.cnf /etc \
&& touch /var/log/mysqldump-secure.log \
&& chown ${MY_USER}:${MY_GROUP} /etc/mysqldump-secure.* \
&& chown ${MY_USER}:${MY_GROUP} /var/log/mysqldump-secure.log \
&& chmod 0400 /etc/mysqldump-secure.conf \
&& chmod 0400 /etc/mysqldump-secure.cnf \
&& chmod 0644 /var/log/mysqldump-secure.log \
&& sed -i'' 's/^COMPRESS_ARG=.*/COMPRESS_ARG="-9 -c"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR=.*/DUMP_DIR="\/shared\/backups\/mysql"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR_CHMOD=.*/DUMP_DIR_CHMOD="0755"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_FILE_CHMOD=.*/DUMP_FILE_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^LOG_CHMOD=.*/LOG_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^NAGIOS_LOG=.*/NAGIOS_LOG=0/g' /etc/mysqldump-secure.conf \
&& cd / \
&& rm -rf /usr/local/src/mysqldump-secure \
###
### PostgrSQL Command line client
###
# 8.2: (amd64, arm64)
# 8.1: (amd64, arm64)
# 8.0: (amd64, arm64)
# 7.4: (amd64, arm64)
# 7.3: (amd64, arm64)
# 7.2: (amd64, arm64)
# 7.1: (amd64, arm64)
# 7.0: (amd64)
# 5.6: (amd64)
# 5.5: (amd64)
# 5.4: (amd64)
# 5.3: (amd64)
# 5.2: (amd64)
pgsql_client:
check: |
if echo '{{ php_version }}' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
all:
type: custom
pre: |
curl -sS -k -L --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb http://apt.postgresql.org/pub/repos/apt/ {{ os_release[php_version].debian }}-pgdg main" > /etc/apt/sources.list.d/pgsql.list \
&& apt-get update \
command: |
apt-get install -y --no-install-recommends --no-install-suggests \
postgresql-client \
post: rm -rf /var/lib/apt/lists/*
7.0:
type: custom
pre: |
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
curl -sS -k -L --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb https://apt-archive.postgresql.org/pub/repos/apt/ {{ os_release[php_version].debian }}-pgdg main" > /etc/apt/sources.list.d/pgsql.list \
&& apt-get update; \
fi \
command: |
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
apt-get install -y --no-install-recommends --no-install-suggests \
postgresql-client; \
fi \
5.6:
type: custom
pre: |
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
curl -sS -k -L --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb https://apt-archive.postgresql.org/pub/repos/apt/ {{ os_release[php_version].debian }}-pgdg main" > /etc/apt/sources.list.d/pgsql.list \
&& apt-get update; \
fi \
command: |
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
apt-get install -y --no-install-recommends --no-install-suggests \
postgresql-client; \
fi \
5.5:
type: custom
pre: |
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
curl -sS -k -L --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb https://apt-archive.postgresql.org/pub/repos/apt/ {{ os_release[php_version].debian }}-pgdg main" > /etc/apt/sources.list.d/pgsql.list \
&& apt-get update; \
fi \
command: |
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
apt-get install -y --no-install-recommends --no-install-suggests \
postgresql-client; \
fi \
5.4:
type: custom
pre: |
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
curl -sS -k -L --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb https://apt-archive.postgresql.org/pub/repos/apt/ {{ os_release[php_version].debian }}-pgdg main" > /etc/apt/sources.list.d/pgsql.list \
&& apt-get update; \
fi \
command: |
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
apt-get install -y --no-install-recommends --no-install-suggests \
postgresql-client; \
fi \
5.3:
type: custom
pre: |
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
curl -sS -k -L --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb https://apt-archive.postgresql.org/pub/repos/apt/ {{ os_release[php_version].debian }}-pgdg main" > /etc/apt/sources.list.d/pgsql.list \
&& apt-get update; \
fi \
command: |
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
apt-get install -y --no-install-recommends --no-install-suggests \
postgresql-client; \
fi \
5.2:
type: custom
pre: |
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
curl -sS -k -L --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb https://apt-archive.postgresql.org/pub/repos/apt/ {{ os_release[php_version].debian }}-pgdg main" > /etc/apt/sources.list.d/pgsql.list \
&& apt-get update; \
fi \
command: |
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
apt-get install -y --no-install-recommends --no-install-suggests \
postgresql-client; \
fi \

239
.ansible/group_vars/all/work-help.yml Normal file
View File

@@ -0,0 +1,239 @@
---
###################################################################################################
# Docker: work (docker stage: help)
###################################################################################################
#
# This file holds definition for all devibox/php-fpm:x.y-work images
#
# -------------------------------------------------------------------------------------------------
# Global variables
# -------------------------------------------------------------------------------------------------
composer_home: /usr/local/src/composer
nvm_home: /opt/nvm
node_version: --lts
# -------------------------------------------------------------------------------------------------
# Software to install (in defined order)
# -------------------------------------------------------------------------------------------------
help_software_enabled:
- composer
- nvm
- pip
## -------------------------------------------------------------------------------------------------
## Software definition
## -------------------------------------------------------------------------------------------------
#
# all: is generic version of defines
# 7.2: is specific version of defines
# disabled: [optional] Array of PHP versions for which to disable this module
# check: [optional] Include a check command to test if it was installed successfully
#
# all, 7.2, 7.1, 7.0, 5.6, 5.5, 5.4:
# pre: [optional] Run command before 'command:' statement
# command: Command to execute
# post: [optional] Run command after 'command:' statement
#
help_software_available:
###
### Composer
###
composer:
disabled: [5.2]
check: composer --version 2>/dev/null | grep -Ei '(composer|version)\s*[0-9][.0-9]+'
all:
type: custom
pre: |
COMPOSER_1_VERSION="latest-1.x" \
&& COMPOSER_2_VERSION="latest-2.x" \
command: |
curl -sS -L --fail "https://getcomposer.org/download/${COMPOSER_1_VERSION}/composer.phar" > /usr/local/bin/composer-1 \
&& curl -sS -L --fail "https://getcomposer.org/download/${COMPOSER_2_VERSION}/composer.phar" > /usr/local/bin/composer-2 \
&& chmod +x /usr/local/bin/composer-1 \
&& chmod +x /usr/local/bin/composer-2 \
post: |
ln -sf /usr/local/bin/composer-2 /usr/local/bin/composer \
run_dep: [unzip] # Required for composer to unzip packages
7.1:
type: custom
pre: |
COMPOSER_1_VERSION="latest-1.x" \
&& COMPOSER_2_VERSION="latest-2.2.x" \
7.0:
type: custom
pre: |
COMPOSER_1_VERSION="latest-1.x" \
&& COMPOSER_2_VERSION="latest-2.2.x" \
5.6:
type: custom
pre: |
COMPOSER_1_VERSION="latest-1.x" \
&& COMPOSER_2_VERSION="latest-2.2.x" \
5.5:
type: custom
pre: |
COMPOSER_1_VERSION="latest-1.x" \
&& COMPOSER_2_VERSION="latest-2.2.x" \
5.4:
type: custom
pre: |
COMPOSER_1_VERSION="latest-1.x" \
&& COMPOSER_2_VERSION="latest-2.2.x" \
5.3:
type: custom
pre: |
COMPOSER_1_VERSION="latest-1.x" \
&& COMPOSER_2_VERSION="latest-2.2.x" \
post: |
ln -sf /usr/local/bin/composer-1 /usr/local/bin/composer \
###
### nvm
###
nvm:
check: |
su -c '. {{ nvm_home }}/nvm.sh; nvm --version' devilbox | grep -E '^v?[0-9][.0-9]+' \
&& su -c '. {{ nvm_home }}/nvm.sh; node --version' devilbox | grep -E '^v?[0-9][.0-9]+' \
&& su -c '. {{ nvm_home }}/nvm.sh; yarn --version' devilbox | grep -E '^v?[0-9][.0-9]+' \
all:
type: custom
pre: |
NODE_VERSION="{{ node_version }}" \
command: |
NVM_VERSION="$( \
curl -sS 'https://github.com/nvm-sh/nvm/releases' \
| grep -Eo '/nvm-sh/nvm/releases/tag/v?[.0-9]+"' \
| grep -Eo 'v?[.0-9]+' \
| sort -V \
| tail -1 \
)" \
&& mkdir -p {{ nvm_home }} \
&& curl -o- "https://raw.githubusercontent.com/nvm-sh/nvm/${NVM_VERSION}/install.sh" \
| NVM_DIR="{{ nvm_home }}" bash \
\
&& chown -R devilbox:devilbox "{{ nvm_home }}" \
# Install latest and LTS version and yarn
post: |
su -c ". {{ nvm_home }}/nvm.sh; nvm install ${NODE_VERSION}" devilbox \
&& su -c ". {{ nvm_home }}/nvm.sh; nvm use ${NODE_VERSION}" devilbox \
&& su -c ". {{ nvm_home }}/nvm.sh; corepack enable" devilbox \
\
&& ln -s "{{ nvm_home }}/versions/node/$(su -c '. {{ nvm_home }}/nvm.sh; node --version' devilbox)/bin/corepack" /usr/local/bin/ \
&& ln -s "{{ nvm_home }}/versions/node/$(su -c '. {{ nvm_home }}/nvm.sh; node --version' devilbox)/bin/node" /usr/local/bin/ \
&& ln -s "{{ nvm_home }}/versions/node/$(su -c '. {{ nvm_home }}/nvm.sh; node --version' devilbox)/bin/npm" /usr/local/bin/ \
&& ln -s "{{ nvm_home }}/versions/node/$(su -c '. {{ nvm_home }}/nvm.sh; node --version' devilbox)/bin/npx" /usr/local/bin/ \
&& ln -s "{{ nvm_home }}/versions/node/$(su -c '. {{ nvm_home }}/nvm.sh; node --version' devilbox)/bin/yarn" /usr/local/bin/ \
\
&& chmod 0777 {{ nvm_home }} \
&& find {{ nvm_home }} -type f -print0 | xargs -n1 -0 chmod go+w \
&& find {{ nvm_home }} -type d -print0 | xargs -n1 -0 chmod 0777 \
\
&& rm -rf {{ nvm_home }}/.cache \
&& rm -rf {{ nvm_home }}/versions/node/$(su -c '. /opt/nvm/nvm.sh; node --version' devilbox)/share \
&& rm -rf {{ nvm_home }}/versions/node/$(su -c '. /opt/nvm/nvm.sh; node --version' devilbox)/include \
7.0:
type: custom
pre: |
NODE_VERSION="17" \
5.6:
type: custom
pre: |
NODE_VERSION="17" \
5.5:
type: custom
pre: |
NODE_VERSION="17" \
5.4:
type: custom
pre: |
NODE_VERSION="17" \
5.3:
type: custom
pre: |
NODE_VERSION="17" \
5.2:
type: custom
pre: |
NODE_VERSION="17" \
###
### Python pip
###
pip:
check: pip --version
all:
type: custom
command: |
curl -sS -L --fail https://bootstrap.pypa.io/get-pip.py | python3 \
# Cleanup
post: |
/bin/ls -1 /usr/local/lib/ | grep ^python | while read -r version; do \
cd "/usr/local/lib/${version}/" \
&& find . -name '*.pyc' -print0 | xargs -0 -n1 rm -rf \
&& find . -name '*.exe' -print0 | xargs -0 -n1 rm -rf \
&& find . -name '__pycache__' -print0 | xargs -0 -n1 rm -rf \
\
&& if [ -d "dist-packages" ]; then \
cd "dist-packages" \
&& pwd \
&& if /bin/ls -1 | grep -v '^pip'; then \
/bin/ls -1 | grep -v '^pip' | xargs -n1 rm -rf; \
fi \
fi \
done \
run_dep: [python3-distutils]
build_dep: [libpython3-dev]
7.2:
type: custom
command: |
curl -sS -L --fail https://bootstrap.pypa.io/pip/2.7/get-pip.py | python \
run_dep: []
build_dep: [libpython-dev]
7.1:
type: custom
command: |
curl -sS -L --fail https://bootstrap.pypa.io/pip/2.7/get-pip.py | python \
run_dep: []
build_dep: [libpython-dev]
7.0:
type: custom
command: |
curl -sS -L --fail https://bootstrap.pypa.io/pip/2.7/get-pip.py | python \
run_dep: []
build_dep: [libpython-dev]
5.6:
type: custom
command: |
curl -sS -L --fail https://bootstrap.pypa.io/pip/2.7/get-pip.py | python \
run_dep: []
build_dep: [libpython-dev]
5.5:
type: custom
command: |
curl -sS -L --fail https://bootstrap.pypa.io/pip/2.7/get-pip.py | python \
run_dep: []
build_dep: [libpython-dev]
5.4:
type: custom
command: |
curl -sS -L --fail https://bootstrap.pypa.io/pip/2.7/get-pip.py | python \
run_dep: []
build_dep: [libpython-dev]
5.3:
type: custom
run_dep: []
build_dep: [libpython-dev]
command: |
curl -sS -L --fail https://bootstrap.pypa.io/pip/2.7/get-pip.py | python \
5.2:
type: custom
command: |
curl -sS -L --fail https://bootstrap.pypa.io/pip/2.7/get-pip.py | python \
run_dep: []
build_dep: [libpython-dev]

2023
.ansible/group_vars/all/work.yml
View File

File diff suppressed because it is too large Load Diff

283
.ansible/jinja2/macros-work.j2 Normal file
View File

@@ -0,0 +1,283 @@
{##################################################################################################
# IMPORTS
##################################################################################################}
{% import './jinja2/macros.j2' as fn %}
{##################################################################################################
# GENERIC MACROS
##################################################################################################}
{#-
###
### Check if not disabled
###
### Returns 'true' string if not disabled, otherwise returns nothing
###
-#}
{%- macro is_not_disabled(php, name, items) -%}
{%- if ('disabled' not in items[name]) or (php not in items[name]['disabled']) -%}
{{- 'true' -}}
{%- endif -%}
{%- endmacro -%}
{#-
###
### Get 'type'
###
### Returns type string
###
-#}
{%- macro get_type(php, name, items) -%}
{{- fn.get_val(php, name, items, 'type', '<WRONG TYPE>') -}}
{%- endmacro -%}
{#-
###
### Get 'pre'
###
### Returns pre string
###
-#}
{%- macro get_pre(php, name, items) -%}
{{- fn.get_val(php, name, items, 'pre', '') -}}
{%- endmacro -%}
{#-
###
### Get 'post'
###
### Returns post string
###
-#}
{%- macro get_post(php, name, items) -%}
{{- fn.get_val(php, name, items, 'post', '') -}}
{%- endmacro -%}
{#-
###
### Get 'build_dep'
###
### Returns json string (jsonified list) of build_dep (use '| to_json' to eval)
###
-#}
{%- macro get_build_dep(php, name, items) -%}
{{- fn.get_list_if_enabled(php, name, items, 'build_dep') -}}
{%- endmacro -%}
{#-
###
### Get 'run_dep'
###
### Returns json string (jsonified list) of run_dep (use '| to_json' to eval)
###
-#}
{%- macro get_run_dep(php, name, items) -%}
{{- fn.get_list_if_enabled(php, name, items, 'run_dep') -}}
{%- endmacro -%}
{##################################################################################################
# TOOLS SPECIFIC MACROS
##################################################################################################}
{# --------------------------------------------- REPO ----------------------------------------- -#}
{#-
###
### Get 'deb'
### type: repo
###
-#}
{%- macro tool_repo_get_deb(php, name, items) -%}
{{- fn.get_val_by_type(php, name, items, 'deb', 'repo', '') -}}
{%- endmacro -%}
{#-
###
### Get 'key'
### type: repo
###
-#}
{%- macro tool_repo_get_key(php, name, items) -%}
{{- fn.get_val_by_type(php, name, items, 'key', 'repo', '') -}}
{%- endmacro -%}
{# --------------------------------------------- CUSTOM --------------------------------------- -#}
{#-
###
### Get 'command'
### type: custom
###
-#}
{%- macro tool_custom_get_command(php, name, items) -%}
{{- fn.get_val_by_type(php, name, items, 'command', 'custom', '') -}}
{%- endmacro -%}
{# --------------------------------------------- NPM ------------------------------------------ -#}
{#-
###
### Get 'package'
### type: npm
###
-#}
{%- macro tool_npm_get_package(php, name, items) -%}
{{- fn.get_val_by_type(php, name, items, 'package', 'npm', name) -}}
{%- endmacro -%}
{#-
###
### Get 'version'
### type: npm
###
-#}
{%- macro tool_npm_get_version(php, name, items) -%}
{%- set version = fn.get_val_by_type(php, name, items, 'version', 'npm', '') -%}
{%- if version | length -%}
{{- '@' ~ version -}}
{%- else -%}
{{- '' -}}
{%- endif -%}
{%- endmacro -%}
{#-
###
### Get 'binary'
### type: npm
###
-#}
{%- macro tool_npm_get_binary(php, name, items) -%}
{{- fn.get_val_by_type(php, name, items, 'binary', 'npm', '') -}}
{%- endmacro -%}
{# --------------------------------------------- COMPOSER ------------------------------------- -#}
{#-
###
### Get 'composer'
### type: composer
###
-#}
{%- macro tool_composer_get_composer(php, name, items) -%}
{{- fn.get_val_by_type(php, name, items, 'composer', 'composer', '') -}}
{%- endmacro -%}
{#-
###
### Get 'package'
### type: composer
###
-#}
{%- macro tool_composer_get_package(php, name, items) -%}
{{- fn.get_val_by_type(php, name, items, 'package', 'composer', '') -}}
{%- endmacro -%}
{#-
###
### Get 'version'
### type: composer
###
-#}
{%- macro tool_composer_get_version(php, name, items) -%}
{%- set version = fn.get_val_by_type(php, name, items, 'version', 'composer', '') -%}
{%- if version | length -%}
{{- ':' ~ version -}}
{%- else -%}
{{- '' -}}
{%- endif -%}
{%- endmacro -%}
{#-
###
### Get 'flags'
### type: composer
###
-#}
{%- macro tool_composer_get_flags(php, name, items) -%}
{{- fn.get_val_by_type(php, name, items, 'flags', 'composer', '') -}}
{%- endmacro -%}
{#-
###
### Get 'binary'
### type: composer
###
-#}
{%- macro tool_composer_get_binary(php, name, items) -%}
{{- fn.get_val_by_type(php, name, items, 'binary', 'composer', '') -}}
{%- endmacro -%}
{# --------------------------------------------- RUBYGEM -------------------------------------- -#}
{#-
###
### Get 'package'
### type: rubygem
###
-#}
{%- macro tool_rubygem_get_package(php, name, items) -%}
{{- fn.get_val_by_type(php, name, items, 'package', 'rubygem', '') -}}
{%- endmacro -%}
{#-
###
### Get 'version'
### type: rubygem
###
-#}
{%- macro tool_rubygem_get_version(php, name, items) -%}
{%- set version = fn.get_val_by_type(php, name, items, 'version', 'rubygem', '') -%}
{%- if version | length -%}
{{- ' -v ' ~ version -}}
{%- else -%}
{{- '' -}}
{%- endif -%}
{%- endmacro -%}
{# --------------------------------------------- PIP ------------------------------------------ -#}
{#-
###
### Get 'package'
### type: pip
###
-#}
{%- macro tool_pip_get_package(php, name, items) -%}
{{- fn.get_val_by_type(php, name, items, 'package', 'pip', name) -}}
{%- endmacro -%}
{#-
###
### Get 'version'
### type: pip
###
-#}
{%- macro tool_pip_get_version(php, name, items) -%}
{%- set version = fn.get_val_by_type(php, name, items, 'version', 'pip', '') -%}
{%- if version | length -%}
{{- '==' ~ version -}}
{%- else -%}
{{- '' -}}
{%- endif -%}
{%- endmacro -%}
{# --------------------------------------------- APT ------------------------------------------ -#}
{#-
###
### Get 'package'
### type: apt
###
-#}
{%- macro tool_apt_get_package(php, name, items) -%}
{%- if is_not_disabled(php, name, items) -%}
{{- fn.get_val_by_type(php, name, items, 'package', 'apt', '') -}}
{%- endif -%}
{%- endmacro -%}

90
.ansible/jinja2/macros.j2 Normal file
View File

@@ -0,0 +1,90 @@
{##################################################################################################
# HELPER MACROS
##################################################################################################}
{#
### Get generic string value of key if type value matches.
###
### php: The PHP Version
### name: The item name
### items: The items_available list
### key: The key to retrieve the value for
### type: The type key must match this type string
### default: Default value to return if none was found
#}
{%- macro get_val_by_type(php, name, items, key, type, default='' ) -%}
{#- Default return value -#}
{%- set result = default -%}
{#- PHP Version specific -#}
{%- if php in items[name] and items[name][php]['type'] == type -%}
{%- if key in items[name][php] and items[name][php][key] -%}
{%- set result = items[name][php][key] -%}
{%- elif key in items[name]['all'] and items[name]['all'][key] -%}
{%- set result = items[name]['all'][key] -%}
{%- endif -%}
{#- Defined in 'all' -#}
{%- elif 'all' in items[name] and items[name]['all']['type'] == type -%}
{%- if key in items[name]['all'] and items[name]['all'][key] -%}
{%- set result = items[name]['all'][key] -%}
{%- endif -%}
{%- endif -%}
{{- result -}}
{%- endmacro -%}
{#-
### Get generic string value of key.
###
### php: The PHP Version
### name: The item name
### items: The items_available list
### key: The key to retrieve the value for
### default: Default value to return if none was found
-#}
{%- macro get_val(php, name, items, key, default='') -%}
{%- if php in items[name] and key in items[name][php] and items[name][php][key] -%}
{{- items[name][php][key] -}}
{%- elif 'all' in items[name] and key in items[name]['all'] and items[name]['all'][key] -%}
{{- items[name]['all'][key] -}}
{%- else -%}
{{- default -}}
{%- endif -%}
{%- endmacro -%}
{#-
### Get generic list value (space separated) of not disabled PHP versions.
###
### Returns jsonified string of a list.
###
### Usage:
### {%- set list = [] -%}
### {%- for val in get_enabled_list(php_version, item, items_available) | from_json -%}
### {%- if val -%}
### {{- list.append(val) -}}
### {%- endif -%}
### {%- endfor -%}
###
### php: The PHP Version
### name: The item name
### items: The items_available list
### key: The key to retrieve the value for
-#}
{%- macro get_list_if_enabled(php, name, items, key) -%}
{%- set list = [] %}
{# Not disabled #}
{%- if ('disabled' not in items[name]) or (php not in items[name]['disabled']) -%}
{#- Version specific build dependency available? -#}
{%- if php in items[name] and key in items[name][php] -%}
{%- for val in items[name][php][key] -%}
{{- list.append(val) -}}
{%- endfor -%}
{#- Generic build dependency available? -#}
{%- elif 'all' in items[name] and key in items[name]['all'] -%}
{%- for val in items[name]['all'][key] -%}
{{- list.append(val) -}}
{%- endfor -%}
{%- endif -%}
{%- endif -%}
{{- list | to_json -}}
{%- endmacro -%}

4
.ansible/roles/template/tasks/main.yml
View File

@@ -1,7 +1,7 @@
---
- name: generate Dockerfiles
template:
ansible.builtin.template:
src: "{{ item.src }}"
dest: "{{ item.dst }}"
force: True
@@ -10,7 +10,7 @@
- "{{ template_dockerfiles }}"
- name: generate php configuration files
template:
ansible.builtin.template:
src: "{{ item.src }}"
dest: "{{ item.dst }}"
force: True

106
.github/ISSUE_TEMPLATE/bug_report.yml vendored Normal file
View File

@@ -0,0 +1,106 @@
---
name: "\U0001F41B Bug report"
description: File a bug report
title: "[Bug]: "
labels: ["bug", "status:triage"]
assignees:
- cytopia
body:
- type: markdown
attributes:
value: |
Thanks for taking the time to fill out this bug report!
- type: input
attributes:
label: (Optional) Error message
description: If you encountered any error message, copy and paste it here. This will be used for googling the issue.
validations:
required: false
- type: textarea
id: what-happened
attributes:
label: What went wrong?
description: What exactly went wrong and what bug did you encounter?
validations:
required: true
- type: textarea
id: expected-behaviour
attributes:
label: Expected behaviour
description: What did you expect to happen instead?
validations:
required: true
- type: textarea
id: steps-to-reproduce
attributes:
label: How can we reproduce the bug?
description: How do you trigger this bug? Please walk us through it step by step in detail. This is crucial in order to triage the bug and support you in resolving it.
validations:
required: true
- type: dropdown
id: host-os
attributes:
label: Host Operating System
description: What operating system are you using?
multiple: false
options:
- Linux
- macOS
- Windows
validations:
required: true
- type: dropdown
id: host-platform
attributes:
label: Host Platform (amd64, arm64, other)
description: What host platform are you running on?
options:
- amd64
- arm64
- other
validations:
required: true
- type: dropdown
attributes:
label: (Linux only) Is SELinux enabled?
description: When using Linux as your host operating system, check if SELinux is enabled or not.
options:
- Yes, SELinux is enabled
- No, SELinux is disabled
- I don't know
- I am not on Linux
validations:
required: true
- type: input
id: docker-version
attributes:
label: Docker version
description: "What Docker version are you using? Please copy and paste the output of `docker --version` into this text area."
validations:
required: true
- type: textarea
id: log-docker
attributes:
label: "Log: docker logs"
description: "Please copy and paste the output of `docker logs` into this text area"
render: shell
validations:
required: true
- type: textarea
attributes:
label: (Optional) Additional information
description: Add any additional information that might help with this bug report.
validations:
required: false

12
.github/ISSUE_TEMPLATE/config.yml vendored Normal file
View File

@@ -0,0 +1,12 @@
---
blank_issues_enabled: false
contact_links:
- name: Devilbox Discord Chat
url: https://discord.gg/2wP3V6kBj4
about: Please notify or discuss about any other requests here.
- name: Devilbox Discourse Forum
url: https://devilbox.discourse.group/
about: Please ask and answer general questions here.
- name: Devilbox documentation
url: https://devilbox.readthedocs.io/
about: Find the Devilbox documentation here.

37
.github/ISSUE_TEMPLATE/documentation.yml vendored Normal file
View File

@@ -0,0 +1,37 @@
---
name: "\U0001F4DD Documentation"
description: Something is missing, unclear or wrong in the documentation.
title: "[Docs]: "
labels: ["documentation", "status:triage"]
assignees:
- cytopia
body:
- type: textarea
attributes:
label: What is wrong in the documentation?
description: Tell us, what is wrong in the documentation?
validations:
required: false
- type: textarea
attributes:
label: What is unclear in the documentation?
description: Tell us, what is unclear in the documentation?
validations:
required: false
- type: textarea
attributes:
label: What is missing in the documentation?
description: Tell us, what is missing in the documentation?
validations:
required: false
- type: dropdown
attributes:
label: Are you willing to provide a PR to address this?
options:
- "Yes"
- "No"

36
.github/ISSUE_TEMPLATE/feature_request.yml vendored Normal file
View File

@@ -0,0 +1,36 @@
---
name: "✨ Feature request"
description: Suggest an idea or feature for this project
title: "[Feature]: "
labels: ["feature", "status:triage"]
assignees: [cytopia]
body:
- type: textarea
attributes:
label: What is your idea or feature suggestion?
description: Tell us, what idea or feature you suggest to be added.
validations:
required: true
- type: textarea
attributes:
label: Benefits
description: Tell us, how this will be beneficial.
validations:
required: false
- type: textarea
attributes:
label: Where can we find information about this?
description: If you are proposing a software or tool, please add relevant links and documentation.
validations:
required: false
- type: dropdown
attributes:
label: Are you willing to provide a PR to address this?
options:
- "Yes"
- "No"

45
.github/ISSUE_TEMPLATE/howto.yml vendored Normal file
View File

@@ -0,0 +1,45 @@
---
name: "❔ Question"
description: How do I do X or Y?
title: "[Question]: "
labels: ["question", "status:triage"]
assignees: [cytopia]
body:
- type: markdown
attributes:
value: |
If this is a generic question, please consider using the [Discord Chat](https://discord.gg/2wP3V6kBj4) or the [Devilbox forum](https://devilbox.discourse.group/) instead.
- type: checkboxes
attributes:
label: Have you already checked elsewhere?
description: You may select more than one.
options:
- label: I have checked existing issues
- label: I have googled already with no luck
- label: I have not done any of the above
validations:
required: true
- type: textarea
attributes:
label: What is your question?
description: Tell the community, what your question is. Be as specific as possible to make it easier for other people to answer your question.
validations:
required: true
- type: textarea
attributes:
label: What have you tried already?
description: Add some details on what you have tried already, so this can be ruled out.
validations:
required: true
- type: textarea
attributes:
label: What is your goal?
description: Tell the community, what you want to accomplish? This might be helpful to know in order to prevent [XY problems](https://en.wikipedia.org/wiki/XY_problem).
validations:
required: true

21
.github/ISSUE_TEMPLATE/report.yml vendored Normal file
View File

@@ -0,0 +1,21 @@
---
name: "🕬 Report"
description: Report something to the maintainer
title: "[Report]: "
labels: ["report", "status:triage"]
assignees:
- cytopia
body:
- type: markdown
attributes:
value: |
Report something to the maintainer such as versions are outdated or pipelines are not running, etc. For anything else please use other issue types. Thanks for taking the time!
- type: textarea
attributes:
label: Report
description: What do you want to report?
validations:
required: true

8
.github/dependabot.yml vendored Normal file
View File

@@ -0,0 +1,8 @@
---
version: 2
updates:
# Maintain dependencies for GitHub Actions
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "daily"

105
.github/labels.yml vendored Normal file
View File

@@ -0,0 +1,105 @@
# The labels in this file are automatically synced with the repository
# using the micnncim/action-label-syncer action.
---
###
### Pull Requests
###
- name: C-dependency
color: 1abc9c
description: "Category: Dependency"
- name: PR-block
color: 3498db
description: "Pull Request: Do not merge"
- name: PR-merge
color: 3498db
description: "Pull Request: Merge when ready"
###
### General Issues
###
- name: bug
description: "Bug Report"
color: ee0701
- name: report
description: "General Report"
color: ef561f
- name: feature
description: "Feature Request"
color: dc8b10
- name: question
description: "General question"
color: cc317c
- name: documentation
description: "Documentation related"
color: 45b046
###
### Status: Issue progress
###
- name: "status:triage"
description: "Issue needs Triaging"
color: f2a7cf
- name: "status:confirmed"
description: "Issue is confirmed"
color: f2a7cf
- name: "status:needs-more-info"
description: "Issue needs more info"
color: f2a7cf
###
### Close
###
- name: "issue:invalid"
description: ""
color: f5c7fc
- name: "issue:invalid-type"
description: ""
color: f5c7fc
- name: "issue:duplicate"
description: ""
color: f5c7fc
- name: "issue:wontfix"
description: ""
color: f5c7fc
- name: "issue:stale"
description: ""
color: f5c7fc
###
### Issue types
###
- name: "type:extension"
description: ""
color: 0c9cf2
- name: "type:tool"
description: ""
color: 0c9cf2
- name: "type:env-var"
description: ""
color: 0c9cf2
- name: "type:config"
description: ""
color: 0c9cf2
###
### Issue Host specific
###
- name: "host:linux"
description: ""
color: fbca04
- name: "host:macos"
description: ""
color: fbca04
- name: "host:windows"
description: ""
color: fbca04
- name: "arch:amd64"
description: ""
color: fbca04
- name: "arch:arm64"
description: ""
color: fbca04
- name: "arch:other"
description: ""
color: fbca04

33
.github/release-drafter.yml vendored Normal file
View File

@@ -0,0 +1,33 @@
---
name-template: '$RESOLVED_VERSION 🌈'
tag-template: '$RESOLVED_VERSION'
version-template: '$MAJOR.$MINOR'
categories:
- title: '🚀 Features'
labels:
- 'feature'
- 'enhancement'
- title: '🐛 Bug Fixes'
labels:
- 'fix'
- 'bugfix'
- 'bug'
- title: '🧰 Maintenance'
label: 'chore'
change-template: '- $TITLE @$AUTHOR (#$NUMBER)'
change-title-escapes: '\<*_&' # You can add # and @ to disable mentions, and add ` to disable code blocks.
version-resolver:
major:
labels:
- 'major'
minor:
labels:
- 'minor'
patch:
labels:
- 'patch'
default: minor
template: |
## Changes
$CHANGES

95
.github/workflows/action-schedule_master.yml vendored
View File

@@ -20,14 +20,14 @@ on:
jobs:
# -----------------------------------------------------------------------------------------------
# (1/8) Determine parameter settings
# (1/9) Determine parameter settings
# -----------------------------------------------------------------------------------------------
params:
uses: ./.github/workflows/params-nightly_master.yml
# -----------------------------------------------------------------------------------------------
# (2/8) Configure Build and Deploy Matrices
# (2/9) Configure Build and Deploy Matrices
# -----------------------------------------------------------------------------------------------
configure:
needs: [params]
@@ -43,7 +43,7 @@ jobs:
# -----------------------------------------------------------------------------------------------
# (3/8) Build & Test base
# (3/9) Build & Test base
# -----------------------------------------------------------------------------------------------
build-base:
needs:
@@ -72,7 +72,7 @@ jobs:
# -----------------------------------------------------------------------------------------------
# (4/8) Build & Test mods
# (4/9) Build & Test mods
# -----------------------------------------------------------------------------------------------
build-mods:
needs:
@@ -101,7 +101,7 @@ jobs:
# -----------------------------------------------------------------------------------------------
# (5/8) Build & Test prod
# (5/9) Build & Test prod
# -----------------------------------------------------------------------------------------------
build-prod:
needs:
@@ -130,9 +130,9 @@ jobs:
# -----------------------------------------------------------------------------------------------
# (6/8) Build & Test work
# (6/9) Build & Test slim
# -----------------------------------------------------------------------------------------------
build-work:
build-slim:
needs:
- configure
- build-prod
@@ -143,9 +143,38 @@ jobs:
upload_artifact: true
matrix: ${{ needs.configure.outputs.matrix_build }}
artifact_prefix: ${{ needs.configure.outputs.artifact_prefix }}
stage: work
stage: slim
stage_prev: prod
test-slim:
needs:
- configure
- build-slim
uses: devilbox/github-actions/.github/workflows/docker-multistage-test.yml@master
with:
has_refs: ${{ needs.configure.outputs.has_refs == 'true' }}
matrix: ${{ needs.configure.outputs.matrix_build }}
artifact_prefix: ${{ needs.configure.outputs.artifact_prefix }}
stage: slim
# -----------------------------------------------------------------------------------------------
# (7/9) Build & Test work
# -----------------------------------------------------------------------------------------------
build-work:
needs:
- configure
- build-slim
uses: devilbox/github-actions/.github/workflows/docker-multistage-build.yml@master
with:
has_refs: ${{ needs.configure.outputs.has_refs == 'true' }}
run_tests: false
upload_artifact: true
matrix: ${{ needs.configure.outputs.matrix_build }}
artifact_prefix: ${{ needs.configure.outputs.artifact_prefix }}
stage: work
stage_prev: slim
test-work:
needs:
- configure
@@ -159,14 +188,15 @@ jobs:
# -----------------------------------------------------------------------------------------------
# (7/8) Push images
# (8/9) Push images
# -----------------------------------------------------------------------------------------------
push-base:
needs:
- configure
- test-base
- test-prod
- test-mods
- test-prod
- test-slim
- test-work
uses: devilbox/github-actions/.github/workflows/docker-multistage-push-image.yml@master
with:
@@ -183,8 +213,9 @@ jobs:
needs:
- configure
- test-base
- test-prod
- test-mods
- test-prod
- test-slim
- test-work
uses: devilbox/github-actions/.github/workflows/docker-multistage-push-image.yml@master
with:
@@ -201,8 +232,9 @@ jobs:
needs:
- configure
- test-base
- test-prod
- test-mods
- test-prod
- test-slim
- test-work
uses: devilbox/github-actions/.github/workflows/docker-multistage-push-image.yml@master
with:
@@ -215,12 +247,32 @@ jobs:
dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }}
dockerhub_password: ${{ secrets.DOCKERHUB_PASSWORD }}
push-slim:
needs:
- configure
- test-base
- test-mods
- test-prod
- test-slim
- test-work
uses: devilbox/github-actions/.github/workflows/docker-multistage-push-image.yml@master
with:
can_deploy: ${{ needs.configure.outputs.can_login == 'true' && needs.configure.outputs.can_push == 'true' }}
has_refs: ${{ needs.configure.outputs.has_refs == 'true' }}
matrix: ${{ needs.configure.outputs.matrix_build }}
artifact_prefix: ${{ needs.configure.outputs.artifact_prefix }}
stage: slim
secrets:
dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }}
dockerhub_password: ${{ secrets.DOCKERHUB_PASSWORD }}
push-work:
needs:
- configure
- test-base
- test-prod
- test-mods
- test-prod
- test-slim
- test-work
uses: devilbox/github-actions/.github/workflows/docker-multistage-push-image.yml@master
with:
@@ -235,7 +287,7 @@ jobs:
# -----------------------------------------------------------------------------------------------
# (8/8) Push Manifests
# (9/9) Push Manifests
# -----------------------------------------------------------------------------------------------
manifest-base:
needs:
@@ -282,6 +334,21 @@ jobs:
dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }}
dockerhub_password: ${{ secrets.DOCKERHUB_PASSWORD }}
manifest-slim:
needs:
- configure
- push-slim
uses: devilbox/github-actions/.github/workflows/docker-multistage-push-manifest.yml@master
with:
can_deploy: ${{ needs.configure.outputs.can_login == 'true' && needs.configure.outputs.can_push == 'true' }}
has_refs: ${{ needs.configure.outputs.has_refs == 'true' }}
matrix: ${{ needs.configure.outputs.matrix_deploy }}
versions: ${{ needs.configure.outputs.versions }}
stage: slim
secrets:
dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }}
dockerhub_password: ${{ secrets.DOCKERHUB_PASSWORD }}
manifest-work:
needs:
- configure

95
.github/workflows/action-schedule_tags.yml vendored
View File

@@ -20,14 +20,14 @@ on:
jobs:
# -----------------------------------------------------------------------------------------------
# (1/8) Determine parameter settings
# (1/9) Determine parameter settings
# -----------------------------------------------------------------------------------------------
params:
uses: ./.github/workflows/params-nightly_tags.yml
# -----------------------------------------------------------------------------------------------
# (2/8) Configure Build and Deploy Matrices
# (2/9) Configure Build and Deploy Matrices
# -----------------------------------------------------------------------------------------------
configure:
needs: [params]
@@ -43,7 +43,7 @@ jobs:
# -----------------------------------------------------------------------------------------------
# (3/8) Build & Test base
# (3/9) Build & Test base
# -----------------------------------------------------------------------------------------------
build-base:
needs:
@@ -72,7 +72,7 @@ jobs:
# -----------------------------------------------------------------------------------------------
# (4/8) Build & Test mods
# (4/9) Build & Test mods
# -----------------------------------------------------------------------------------------------
build-mods:
needs:
@@ -101,7 +101,7 @@ jobs:
# -----------------------------------------------------------------------------------------------
# (5/8) Build & Test prod
# (5/9) Build & Test prod
# -----------------------------------------------------------------------------------------------
build-prod:
needs:
@@ -130,9 +130,9 @@ jobs:
# -----------------------------------------------------------------------------------------------
# (6/8) Build & Test work
# (6/9) Build & Test slim
# -----------------------------------------------------------------------------------------------
build-work:
build-slim:
needs:
- configure
- build-prod
@@ -143,9 +143,38 @@ jobs:
upload_artifact: true
matrix: ${{ needs.configure.outputs.matrix_build }}
artifact_prefix: ${{ needs.configure.outputs.artifact_prefix }}
stage: work
stage: slim
stage_prev: prod
test-slim:
needs:
- configure
- build-slim
uses: devilbox/github-actions/.github/workflows/docker-multistage-test.yml@master
with:
has_refs: ${{ needs.configure.outputs.has_refs == 'true' }}
matrix: ${{ needs.configure.outputs.matrix_build }}
artifact_prefix: ${{ needs.configure.outputs.artifact_prefix }}
stage: slim
# -----------------------------------------------------------------------------------------------
# (7/9) Build & Test work
# -----------------------------------------------------------------------------------------------
build-work:
needs:
- configure
- build-slim
uses: devilbox/github-actions/.github/workflows/docker-multistage-build.yml@master
with:
has_refs: ${{ needs.configure.outputs.has_refs == 'true' }}
run_tests: false
upload_artifact: true
matrix: ${{ needs.configure.outputs.matrix_build }}
artifact_prefix: ${{ needs.configure.outputs.artifact_prefix }}
stage: work
stage_prev: slim
test-work:
needs:
- configure
@@ -159,14 +188,15 @@ jobs:
# -----------------------------------------------------------------------------------------------
# (7/8) Push images
# (8/9) Push images
# -----------------------------------------------------------------------------------------------
push-base:
needs:
- configure
- test-base
- test-prod
- test-mods
- test-prod
- test-slim
- test-work
uses: devilbox/github-actions/.github/workflows/docker-multistage-push-image.yml@master
with:
@@ -183,8 +213,9 @@ jobs:
needs:
- configure
- test-base
- test-prod
- test-mods
- test-prod
- test-slim
- test-work
uses: devilbox/github-actions/.github/workflows/docker-multistage-push-image.yml@master
with:
@@ -201,8 +232,9 @@ jobs:
needs:
- configure
- test-base
- test-prod
- test-mods
- test-prod
- test-slim
- test-work
uses: devilbox/github-actions/.github/workflows/docker-multistage-push-image.yml@master
with:
@@ -215,12 +247,32 @@ jobs:
dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }}
dockerhub_password: ${{ secrets.DOCKERHUB_PASSWORD }}
push-slim:
needs:
- configure
- test-base
- test-mods
- test-prod
- test-slim
- test-work
uses: devilbox/github-actions/.github/workflows/docker-multistage-push-image.yml@master
with:
can_deploy: ${{ needs.configure.outputs.can_login == 'true' && needs.configure.outputs.can_push == 'true' }}
has_refs: ${{ needs.configure.outputs.has_refs == 'true' }}
matrix: ${{ needs.configure.outputs.matrix_build }}
artifact_prefix: ${{ needs.configure.outputs.artifact_prefix }}
stage: slim
secrets:
dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }}
dockerhub_password: ${{ secrets.DOCKERHUB_PASSWORD }}
push-work:
needs:
- configure
- test-base
- test-prod
- test-mods
- test-prod
- test-slim
- test-work
uses: devilbox/github-actions/.github/workflows/docker-multistage-push-image.yml@master
with:
@@ -235,7 +287,7 @@ jobs:
# -----------------------------------------------------------------------------------------------
# (8/8) Push Manifests
# (9/9) Push Manifests
# -----------------------------------------------------------------------------------------------
manifest-base:
needs:
@@ -282,6 +334,21 @@ jobs:
dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }}
dockerhub_password: ${{ secrets.DOCKERHUB_PASSWORD }}
manifest-slim:
needs:
- configure
- push-slim
uses: devilbox/github-actions/.github/workflows/docker-multistage-push-manifest.yml@master
with:
can_deploy: ${{ needs.configure.outputs.can_login == 'true' && needs.configure.outputs.can_push == 'true' }}
has_refs: ${{ needs.configure.outputs.has_refs == 'true' }}
matrix: ${{ needs.configure.outputs.matrix_deploy }}
versions: ${{ needs.configure.outputs.versions }}
stage: slim
secrets:
dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }}
dockerhub_password: ${{ secrets.DOCKERHUB_PASSWORD }}
manifest-work:
needs:
- configure

117
.github/workflows/action.yml vendored
View File

@@ -12,7 +12,29 @@ name: build
on:
# Push or pull_request will be determined in jobs.configure.enabled
push:
paths:
- '.ansible/**'
- '.github/workflows/action.yml'
- '.github/workflows/params.yml'
- 'Dockerfiles/**'
- 'php_modules/**'
- 'php_tools/**'
- 'tests/**'
- 'Makefile'
- '!**.md'
- '!.ansible/ansible.cfg'
pull_request:
paths:
- '.ansible/**'
- '.github/workflows/action.yml'
- '.github/workflows/params.yml'
- 'Dockerfiles/**'
- 'php_modules/**'
- 'php_tools/**'
- 'tests/**'
- 'Makefile'
- '!**.md'
- '!.ansible/ansible.cfg'
# Dispatch: allows for manual trigger via GH UI
workflow_dispatch:
@@ -20,14 +42,14 @@ on:
jobs:
# -----------------------------------------------------------------------------------------------
# (1/8) Determine parameter settings
# (1/9) Determine parameter settings
# -----------------------------------------------------------------------------------------------
params:
uses: ./.github/workflows/params.yml
# -----------------------------------------------------------------------------------------------
# (2/8) Configure Build and Deploy Matrices
# (2/9) Configure Build and Deploy Matrices
# -----------------------------------------------------------------------------------------------
configure:
needs: [params]
@@ -43,7 +65,7 @@ jobs:
# -----------------------------------------------------------------------------------------------
# (3/8) Build & Test base
# (3/9) Build & Test base
# -----------------------------------------------------------------------------------------------
build-base:
needs:
@@ -72,7 +94,7 @@ jobs:
# -----------------------------------------------------------------------------------------------
# (4/8) Build & Test mods
# (4/9) Build & Test mods
# -----------------------------------------------------------------------------------------------
build-mods:
needs:
@@ -101,7 +123,7 @@ jobs:
# -----------------------------------------------------------------------------------------------
# (5/8) Build & Test prod
# (5/9) Build & Test prod
# -----------------------------------------------------------------------------------------------
build-prod:
needs:
@@ -130,9 +152,9 @@ jobs:
# -----------------------------------------------------------------------------------------------
# (6/8) Build & Test work
# (6/9) Build & Test slim
# -----------------------------------------------------------------------------------------------
build-work:
build-slim:
needs:
- configure
- build-prod
@@ -143,9 +165,38 @@ jobs:
upload_artifact: true
matrix: ${{ needs.configure.outputs.matrix_build }}
artifact_prefix: ${{ needs.configure.outputs.artifact_prefix }}
stage: work
stage: slim
stage_prev: prod
test-slim:
needs:
- configure
- build-slim
uses: devilbox/github-actions/.github/workflows/docker-multistage-test.yml@master
with:
has_refs: ${{ needs.configure.outputs.has_refs == 'true' }}
matrix: ${{ needs.configure.outputs.matrix_build }}
artifact_prefix: ${{ needs.configure.outputs.artifact_prefix }}
stage: slim
# -----------------------------------------------------------------------------------------------
# (7/9) Build & Test work
# -----------------------------------------------------------------------------------------------
build-work:
needs:
- configure
- build-slim
uses: devilbox/github-actions/.github/workflows/docker-multistage-build.yml@master
with:
has_refs: ${{ needs.configure.outputs.has_refs == 'true' }}
run_tests: false
upload_artifact: true
matrix: ${{ needs.configure.outputs.matrix_build }}
artifact_prefix: ${{ needs.configure.outputs.artifact_prefix }}
stage: work
stage_prev: slim
test-work:
needs:
- configure
@@ -159,14 +210,15 @@ jobs:
# -----------------------------------------------------------------------------------------------
# (7/8) Push images
# (8/9) Push images
# -----------------------------------------------------------------------------------------------
push-base:
needs:
- configure
- test-base
- test-prod
- test-mods
- test-prod
- test-slim
- test-work
uses: devilbox/github-actions/.github/workflows/docker-multistage-push-image.yml@master
with:
@@ -183,8 +235,9 @@ jobs:
needs:
- configure
- test-base
- test-prod
- test-mods
- test-prod
- test-slim
- test-work
uses: devilbox/github-actions/.github/workflows/docker-multistage-push-image.yml@master
with:
@@ -201,8 +254,9 @@ jobs:
needs:
- configure
- test-base
- test-prod
- test-mods
- test-prod
- test-slim
- test-work
uses: devilbox/github-actions/.github/workflows/docker-multistage-push-image.yml@master
with:
@@ -215,12 +269,32 @@ jobs:
dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }}
dockerhub_password: ${{ secrets.DOCKERHUB_PASSWORD }}
push-slim:
needs:
- configure
- test-base
- test-mods
- test-prod
- test-slim
- test-work
uses: devilbox/github-actions/.github/workflows/docker-multistage-push-image.yml@master
with:
can_deploy: ${{ needs.configure.outputs.can_login == 'true' && needs.configure.outputs.can_push == 'true' }}
has_refs: ${{ needs.configure.outputs.has_refs == 'true' }}
matrix: ${{ needs.configure.outputs.matrix_build }}
artifact_prefix: ${{ needs.configure.outputs.artifact_prefix }}
stage: slim
secrets:
dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }}
dockerhub_password: ${{ secrets.DOCKERHUB_PASSWORD }}
push-work:
needs:
- configure
- test-base
- test-prod
- test-mods
- test-prod
- test-slim
- test-work
uses: devilbox/github-actions/.github/workflows/docker-multistage-push-image.yml@master
with:
@@ -235,7 +309,7 @@ jobs:
# -----------------------------------------------------------------------------------------------
# (8/8) Push Manifests
# (9/9) Push Manifests
# -----------------------------------------------------------------------------------------------
manifest-base:
needs:
@@ -282,6 +356,21 @@ jobs:
dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }}
dockerhub_password: ${{ secrets.DOCKERHUB_PASSWORD }}
manifest-slim:
needs:
- configure
- push-slim
uses: devilbox/github-actions/.github/workflows/docker-multistage-push-manifest.yml@master
with:
can_deploy: ${{ needs.configure.outputs.can_login == 'true' && needs.configure.outputs.can_push == 'true' }}
has_refs: ${{ needs.configure.outputs.has_refs == 'true' }}
matrix: ${{ needs.configure.outputs.matrix_deploy }}
versions: ${{ needs.configure.outputs.versions }}
stage: slim
secrets:
dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }}
dockerhub_password: ${{ secrets.DOCKERHUB_PASSWORD }}
manifest-work:
needs:
- configure

65
.github/workflows/generator.yml vendored Normal file
View File

@@ -0,0 +1,65 @@
---
# -------------------------------------------------------------------------------------------------
# Job Name
# -------------------------------------------------------------------------------------------------
name: generator
# -------------------------------------------------------------------------------------------------
# When to run
# -------------------------------------------------------------------------------------------------
on:
# Runs on Pull Requests
workflow_dispatch:
pull_request:
paths:
- '.ansible/**'
- '.github/workflows/action.yml'
- '.github/workflows/params.yml'
- 'Dockerfiles/**'
- 'php_modules/**'
- 'php_tools/**'
- 'tests/**'
- 'Makefile'
- '!**.md'
- '!.ansible/ansible.cfg'
# -------------------------------------------------------------------------------------------------
# What to run
# -------------------------------------------------------------------------------------------------
jobs:
generator:
name: "Generator"
runs-on: ubuntu-latest
steps:
# ------------------------------------------------------------
# Setup repository
# ------------------------------------------------------------
- name: Checkout repository
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Install Python 3.9
uses: actions/setup-python@v4
with:
python-version: '3.9'
- name: Install required Python packages
run: |
pip install yamllib
pip install typing
# ------------------------------------------------------------
# Lint repository
# ------------------------------------------------------------
- name: Lint Changelog
run: |
make lint-changelog
- name: Diff generated Docker files
run: |
make gen-dockerfiles
git diff --quiet || { echo "Build Changes"; git diff; git status; false; }

26
.github/workflows/linting.yml vendored
View File

@@ -27,20 +27,10 @@ jobs:
# Setup repository
# ------------------------------------------------------------
- name: Checkout repository
uses: actions/checkout@v2
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Install Python 3.9
uses: actions/setup-python@v4
with:
python-version: '3.9'
- name: Install required Python packages
run: |
pip install yamllib
pip install typing
# ------------------------------------------------------------
# Lint repository
# ------------------------------------------------------------
@@ -51,17 +41,3 @@ jobs:
- name: Lint Yaml
run: |
make lint-yaml
- name: Lint Changelog
run: |
make lint-changelog
- name: Diff generated PHP modules
run: |
make gen-modules
git diff --quiet || { echo "Build Changes"; git diff; git status; false; }
- name: Diff generated Docker files
run: |
make gen-dockerfiles
git diff --quiet || { echo "Build Changes"; git diff; git status; false; }

19
.github/workflows/release-drafter.yml vendored Normal file
View File

@@ -0,0 +1,19 @@
---
name: Release Drafter
on:
push:
# branches to consider in the event; optional, defaults to all
branches:
- master
jobs:
update_release_draft:
runs-on: ubuntu-latest
steps:
# Drafts your next Release notes as Pull Requests are merged into "master"
- uses: release-drafter/release-drafter@v5
with:
publish: false
env:
GITHUB_TOKEN: ${{ secrets.RELEASE_DRAFTER_TOKEN }}

25
.github/workflows/repository.yml vendored Normal file
View File

@@ -0,0 +1,25 @@
---
name: Repository
on:
push:
branches:
- master
paths:
- .github/labels.yml
jobs:
labels:
name: Labels
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Sync labels
uses: micnncim/action-label-syncer@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
manifest: .github/labels.yml

43
CHANGELOG.md
View File

@@ -4,6 +4,49 @@
## Unreleased
## Release 0.148
### Added
- Added `wscat` to work with websockets
## Release 0.147
### Fixed
- Fixed wkhtmltopdf version finder during install
- Fixed wp-cli runtime requirements (needs `less` in order to function)
## Release 0.146
This release adds lots of documentation about recently added features.
### Added
- Documentation
## Release 0.145
This is a massive restructuring release, which adds another layer on top of Ansible to easily manage/edit/add PHP tools and to configure their respective order of building and installing.
Additionally it introduces a new flavour: `slim` which is an intermediated stage between `prod` and `work`. It allows for a slim image with only required cli tools to work with the Devilbox.
### Added
- New PHP Flavour: `slim`
- Added `mhsendmail` for `arm64` architecture
- Added `wkhtmltopdf` for `arm64 architecture [#252](https://github.com/devilbox/docker-php-fpm/issues/252)
- Added `taskfile` (https://taskfile.dev/)
- Added mechanism to easily build custom images with custom set of PHP tools
- Added automated PHP tools dependency resolver (order of built is always correct)
- Added tons of documentation
### Changed
- Split out PHP tools into separate directories
### Fixed
- Fixed `xdebug` build
## Release 0.144
This is a massive restructuring release, which adds another layer on top of Ansible to easily manage/edit/add PHP extensions and to configure their respective order of building and loading.

1
Dockerfiles/base/Dockerfile-5.2
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-base.j2 instead.
FROM devilbox/php-fpm-5.2
MAINTAINER "cytopia" <cytopia@everythingcli.org>

1
Dockerfiles/base/Dockerfile-5.3
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-base.j2 instead.
FROM devilbox/php-fpm-5.3
MAINTAINER "cytopia" <cytopia@everythingcli.org>

1
Dockerfiles/base/Dockerfile-5.4
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-base.j2 instead.
FROM devilbox/php-fpm-5.4
MAINTAINER "cytopia" <cytopia@everythingcli.org>

1
Dockerfiles/base/Dockerfile-5.5
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-base.j2 instead.
FROM devilbox/php-fpm-5.5
MAINTAINER "cytopia" <cytopia@everythingcli.org>

1
Dockerfiles/base/Dockerfile-5.6
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-base.j2 instead.
FROM php:5.6-fpm
MAINTAINER "cytopia" <cytopia@everythingcli.org>

1
Dockerfiles/base/Dockerfile-7.0
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-base.j2 instead.
FROM php:7.0-fpm
MAINTAINER "cytopia" <cytopia@everythingcli.org>

1
Dockerfiles/base/Dockerfile-7.1
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-base.j2 instead.
FROM php:7.1-fpm
MAINTAINER "cytopia" <cytopia@everythingcli.org>

1
Dockerfiles/base/Dockerfile-7.2
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-base.j2 instead.
FROM php:7.2-fpm
MAINTAINER "cytopia" <cytopia@everythingcli.org>

1
Dockerfiles/base/Dockerfile-7.3
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-base.j2 instead.
FROM php:7.3-fpm
MAINTAINER "cytopia" <cytopia@everythingcli.org>

1
Dockerfiles/base/Dockerfile-7.4
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-base.j2 instead.
FROM php:7.4-fpm
MAINTAINER "cytopia" <cytopia@everythingcli.org>

1
Dockerfiles/base/Dockerfile-8.0
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-base.j2 instead.
FROM devilbox/php-fpm-8.0
MAINTAINER "cytopia" <cytopia@everythingcli.org>

1
Dockerfiles/base/Dockerfile-8.1
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-base.j2 instead.
FROM devilbox/php-fpm-8.1
MAINTAINER "cytopia" <cytopia@everythingcli.org>

1
Dockerfiles/base/Dockerfile-8.2
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-base.j2 instead.
FROM devilbox/php-fpm-8.2
MAINTAINER "cytopia" <cytopia@everythingcli.org>

3
Dockerfiles/mods/Dockerfile-5.2
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-mods.j2 instead.
FROM devilbox/php-fpm:5.2-base as builder
@@ -549,7 +550,7 @@ RUN set -eux \
# Fix php.ini settings for enabled extensions
RUN set -eux \
&& chmod +x "$(php -r 'echo ini_get("extension_dir");')"/*
&& find "$(php -r 'echo ini_get("extension_dir");')/" -type f -exec chmod +x {} \;
# Fix oracle dir for images that don't have oci installed
RUN set -eux \

3
Dockerfiles/mods/Dockerfile-5.3
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-mods.j2 instead.
FROM devilbox/php-fpm:5.3-base as builder
@@ -672,7 +673,7 @@ RUN set -eux \
# Fix php.ini settings for enabled extensions
RUN set -eux \
&& chmod +x "$(php -r 'echo ini_get("extension_dir");')"/*
&& find "$(php -r 'echo ini_get("extension_dir");')/" -type f -exec chmod +x {} \;
# Fix oracle dir for images that don't have oci installed
RUN set -eux \

3
Dockerfiles/mods/Dockerfile-5.4
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-mods.j2 instead.
FROM devilbox/php-fpm:5.4-base as builder
@@ -683,7 +684,7 @@ RUN set -eux \
# Fix php.ini settings for enabled extensions
RUN set -eux \
&& chmod +x "$(php -r 'echo ini_get("extension_dir");')"/*
&& find "$(php -r 'echo ini_get("extension_dir");')/" -type f -exec chmod +x {} \;
# Fix oracle dir for images that don't have oci installed
RUN set -eux \

3
Dockerfiles/mods/Dockerfile-5.5
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-mods.j2 instead.
FROM devilbox/php-fpm:5.5-base as builder
@@ -721,7 +722,7 @@ RUN set -eux \
# Fix php.ini settings for enabled extensions
RUN set -eux \
&& chmod +x "$(php -r 'echo ini_get("extension_dir");')"/*
&& find "$(php -r 'echo ini_get("extension_dir");')/" -type f -exec chmod +x {} \;
# Fix oracle dir for images that don't have oci installed
RUN set -eux \

3
Dockerfiles/mods/Dockerfile-5.6
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-mods.j2 instead.
FROM devilbox/php-fpm:5.6-base as builder
@@ -740,7 +741,7 @@ RUN set -eux \
# Fix php.ini settings for enabled extensions
RUN set -eux \
&& chmod +x "$(php -r 'echo ini_get("extension_dir");')"/*
&& find "$(php -r 'echo ini_get("extension_dir");')/" -type f -exec chmod +x {} \;
# Fix oracle dir for images that don't have oci installed
RUN set -eux \

3
Dockerfiles/mods/Dockerfile-7.0
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-mods.j2 instead.
FROM devilbox/php-fpm:7.0-base as builder
@@ -876,7 +877,7 @@ RUN set -eux \
# Fix php.ini settings for enabled extensions
RUN set -eux \
&& chmod +x "$(php -r 'echo ini_get("extension_dir");')"/*
&& find "$(php -r 'echo ini_get("extension_dir");')/" -type f -exec chmod +x {} \;
# Fix oracle dir for images that don't have oci installed
RUN set -eux \

3
Dockerfiles/mods/Dockerfile-7.1
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-mods.j2 instead.
FROM devilbox/php-fpm:7.1-base as builder
@@ -894,7 +895,7 @@ RUN set -eux \
# Fix php.ini settings for enabled extensions
RUN set -eux \
&& chmod +x "$(php -r 'echo ini_get("extension_dir");')"/*
&& find "$(php -r 'echo ini_get("extension_dir");')/" -type f -exec chmod +x {} \;
# Fix oracle dir for images that don't have oci installed
RUN set -eux \

7
Dockerfiles/mods/Dockerfile-7.2
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-mods.j2 instead.
FROM devilbox/php-fpm:7.2-base as builder
@@ -844,10 +845,10 @@ RUN set -eux \
# -------------------- Installing PHP Extension: xdebug --------------------
RUN set -eux \
# Installation: Generic
# Installation: Version specific
# Type: PECL extension
# Default: Pecl command
&& pecl install xdebug \
&& pecl install xdebug-3.1.6 \
# Enabling
&& docker-php-ext-enable xdebug \
&& true
@@ -897,7 +898,7 @@ RUN set -eux \
# Fix php.ini settings for enabled extensions
RUN set -eux \
&& chmod +x "$(php -r 'echo ini_get("extension_dir");')"/*
&& find "$(php -r 'echo ini_get("extension_dir");')/" -type f -exec chmod +x {} \;
# Fix oracle dir for images that don't have oci installed
RUN set -eux \

7
Dockerfiles/mods/Dockerfile-7.3
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-mods.j2 instead.
FROM devilbox/php-fpm:7.3-base as builder
@@ -838,10 +839,10 @@ RUN set -eux \
# -------------------- Installing PHP Extension: xdebug --------------------
RUN set -eux \
# Installation: Generic
# Installation: Version specific
# Type: PECL extension
# Default: Pecl command
&& pecl install xdebug \
&& pecl install xdebug-3.1.6 \
# Enabling
&& docker-php-ext-enable xdebug \
&& true
@@ -891,7 +892,7 @@ RUN set -eux \
# Fix php.ini settings for enabled extensions
RUN set -eux \
&& chmod +x "$(php -r 'echo ini_get("extension_dir");')"/*
&& find "$(php -r 'echo ini_get("extension_dir");')/" -type f -exec chmod +x {} \;
# Fix oracle dir for images that don't have oci installed
RUN set -eux \

7
Dockerfiles/mods/Dockerfile-7.4
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-mods.j2 instead.
FROM devilbox/php-fpm:7.4-base as builder
@@ -825,10 +826,10 @@ RUN set -eux \
# -------------------- Installing PHP Extension: xdebug --------------------
RUN set -eux \
# Installation: Generic
# Installation: Version specific
# Type: PECL extension
# Default: Pecl command
&& pecl install xdebug \
&& pecl install xdebug-3.1.6 \
# Enabling
&& docker-php-ext-enable xdebug \
&& true
@@ -879,7 +880,7 @@ RUN set -eux \
# Fix php.ini settings for enabled extensions
RUN set -eux \
&& chmod +x "$(php -r 'echo ini_get("extension_dir");')"/*
&& find "$(php -r 'echo ini_get("extension_dir");')/" -type f -exec chmod +x {} \;
# Fix oracle dir for images that don't have oci installed
RUN set -eux \

3
Dockerfiles/mods/Dockerfile-8.0
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-mods.j2 instead.
FROM devilbox/php-fpm:8.0-base as builder
@@ -852,7 +853,7 @@ RUN set -eux \
# Fix php.ini settings for enabled extensions
RUN set -eux \
&& chmod +x "$(php -r 'echo ini_get("extension_dir");')"/*
&& find "$(php -r 'echo ini_get("extension_dir");')/" -type f -exec chmod +x {} \;
# Fix oracle dir for images that don't have oci installed
RUN set -eux \

18
Dockerfiles/mods/Dockerfile-8.1
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-mods.j2 instead.
FROM devilbox/php-fpm:8.1-base as builder
@@ -787,17 +788,10 @@ RUN set -eux \
# -------------------- Installing PHP Extension: xdebug --------------------
RUN set -eux \
# Installation: Version specific
# Type: GIT extension
&& git clone https://github.com/xdebug/xdebug /tmp/xdebug \
&& cd /tmp/xdebug \
# Custom: Branch
&& git checkout $(git tag | grep -E '^[.0-9]+$' | sort -V | tail -1) \
# Default: Install command
&& phpize \
&& ./configure --enable-xdebug \
&& make -j$(getconf _NPROCESSORS_ONLN) \
&& make install \
# Installation: Generic
# Type: PECL extension
# Default: Pecl command
&& pecl install xdebug \
# Enabling
&& docker-php-ext-enable xdebug \
&& true
@@ -837,7 +831,7 @@ RUN set -eux \
# Fix php.ini settings for enabled extensions
RUN set -eux \
&& chmod +x "$(php -r 'echo ini_get("extension_dir");')"/*
&& find "$(php -r 'echo ini_get("extension_dir");')/" -type f -exec chmod +x {} \;
# Fix oracle dir for images that don't have oci installed
RUN set -eux \

18
Dockerfiles/mods/Dockerfile-8.2
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-mods.j2 instead.
FROM devilbox/php-fpm:8.2-base as builder
@@ -739,17 +740,10 @@ RUN set -eux \
# -------------------- Installing PHP Extension: xdebug --------------------
RUN set -eux \
# Installation: Version specific
# Type: GIT extension
&& git clone https://github.com/xdebug/xdebug /tmp/xdebug \
&& cd /tmp/xdebug \
# Custom: Branch
&& git checkout 3.2.0RC2 \
# Default: Install command
&& phpize \
&& ./configure --enable-xdebug \
&& make -j$(getconf _NPROCESSORS_ONLN) \
&& make install \
# Installation: Generic
# Type: PECL extension
# Default: Pecl command
&& pecl install xdebug \
# Enabling
&& docker-php-ext-enable xdebug \
&& true
@@ -789,7 +783,7 @@ RUN set -eux \
# Fix php.ini settings for enabled extensions
RUN set -eux \
&& chmod +x "$(php -r 'echo ini_get("extension_dir");')"/*
&& find "$(php -r 'echo ini_get("extension_dir");')/" -type f -exec chmod +x {} \;
# Fix oracle dir for images that don't have oci installed
RUN set -eux \

1
Dockerfiles/prod/Dockerfile-5.2
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-prod.j2 instead.
FROM devilbox/php-fpm:5.2-mods
MAINTAINER "cytopia" <cytopia@everythingcli.org>

1
Dockerfiles/prod/Dockerfile-5.3
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-prod.j2 instead.
FROM devilbox/php-fpm:5.3-mods
MAINTAINER "cytopia" <cytopia@everythingcli.org>

1
Dockerfiles/prod/Dockerfile-5.4
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-prod.j2 instead.
FROM devilbox/php-fpm:5.4-mods
MAINTAINER "cytopia" <cytopia@everythingcli.org>

1
Dockerfiles/prod/Dockerfile-5.5
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-prod.j2 instead.
FROM devilbox/php-fpm:5.5-mods
MAINTAINER "cytopia" <cytopia@everythingcli.org>

1
Dockerfiles/prod/Dockerfile-5.6
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-prod.j2 instead.
FROM devilbox/php-fpm:5.6-mods
MAINTAINER "cytopia" <cytopia@everythingcli.org>

1
Dockerfiles/prod/Dockerfile-7.0
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-prod.j2 instead.
FROM devilbox/php-fpm:7.0-mods
MAINTAINER "cytopia" <cytopia@everythingcli.org>

1
Dockerfiles/prod/Dockerfile-7.1
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-prod.j2 instead.
FROM devilbox/php-fpm:7.1-mods
MAINTAINER "cytopia" <cytopia@everythingcli.org>

1
Dockerfiles/prod/Dockerfile-7.2
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-prod.j2 instead.
FROM devilbox/php-fpm:7.2-mods
MAINTAINER "cytopia" <cytopia@everythingcli.org>

1
Dockerfiles/prod/Dockerfile-7.3
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-prod.j2 instead.
FROM devilbox/php-fpm:7.3-mods
MAINTAINER "cytopia" <cytopia@everythingcli.org>

1
Dockerfiles/prod/Dockerfile-7.4
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-prod.j2 instead.
FROM devilbox/php-fpm:7.4-mods
MAINTAINER "cytopia" <cytopia@everythingcli.org>

1
Dockerfiles/prod/Dockerfile-8.0
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-prod.j2 instead.
FROM devilbox/php-fpm:8.0-mods
MAINTAINER "cytopia" <cytopia@everythingcli.org>

1
Dockerfiles/prod/Dockerfile-8.1
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-prod.j2 instead.
FROM devilbox/php-fpm:8.1-mods
MAINTAINER "cytopia" <cytopia@everythingcli.org>

1
Dockerfiles/prod/Dockerfile-8.2
View File

@@ -1,3 +1,4 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-prod.j2 instead.
FROM devilbox/php-fpm:8.2-mods
MAINTAINER "cytopia" <cytopia@everythingcli.org>

622
Dockerfiles/slim/Dockerfile-5.2 Normal file
View File

@@ -0,0 +1,622 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-slim.j2 instead.
########################################################################################################################
########################################################################################################################
###
### Stage 1/4: Devilbox slim image (BASE BUILDER)
###
########################################################################################################################
########################################################################################################################
###
### Installs all cli tools required to run Devilbox and its intranet
###
FROM devilbox/php-fpm:5.2-prod as devilbox-slim-base-builder
###
### Install apt Tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
apt-transport-https \
ca-certificates \
curl \
dirmngr \
gnupg
###
### Add apt repositories
###
RUN set -eux \
&& echo 'Acquire::Check-Valid-Until no;' > /etc/apt/apt.conf.d/99no-check-valid-until \
&& echo "deb [trusted=yes] http://archive.debian.org/debian jessie-backports main" > /etc/apt/sources.list.d/backports.list \
&& curl -sS -L --fail "https://packages.blackfire.io/gpg.key" | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb http://packages.blackfire.io/debian any main" > /etc/apt/sources.list.d/blackfire.list \
&& true
###
### Install build_dep
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
libsnappy-dev \
&& rm -rf /var/lib/apt/lists/*
###
### Add common tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
file \
git \
mysql-client \
redis-tools \
sqlite3
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Devilbox required cli tools from group_vars (slim.yml)
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
blackfire-agent \
\
&& rm -rf /var/lib/apt/lists/* \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& DEB_HOST_ARCH="$( dpkg-architecture --query DEB_HOST_ARCH )" \
&& if [ "${DEB_HOST_ARCH}" = "amd64" ] || [ "${DEB_HOST_ARCH}" = "arm64" ]; then \
MHSENDMAIL_URL="https://github.com/devilbox/mhsendmail/releases/download/v0.3.0/mhsendmail_linux_${DEB_HOST_ARCH}" \
&& curl -sS -L --fail "${MHSENDMAIL_URL}" > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
else \
printf '%s\n%s\n%s\n' '#!/bin/sh' 'echo "Not available for this platform."' 'exit 1' > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
fi \
\
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& apt-get update \
&& if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
apt-get install -y --no-install-recommends --no-install-suggests \
mongodb-clients; \
fi \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '5.2' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '5.2' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& git clone https://github.com/cytopia/mysqldump-secure.git /usr/local/src/mysqldump-secure \
&& cd /usr/local/src/mysqldump-secure \
&& git checkout $(git describe --abbrev=0 --tags) \
&& cp /usr/local/src/mysqldump-secure/bin/mysqldump-secure /usr/local/bin \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.conf /etc \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.cnf /etc \
&& touch /var/log/mysqldump-secure.log \
&& chown ${MY_USER}:${MY_GROUP} /etc/mysqldump-secure.* \
&& chown ${MY_USER}:${MY_GROUP} /var/log/mysqldump-secure.log \
&& chmod 0400 /etc/mysqldump-secure.conf \
&& chmod 0400 /etc/mysqldump-secure.cnf \
&& chmod 0644 /var/log/mysqldump-secure.log \
&& sed -i'' 's/^COMPRESS_ARG=.*/COMPRESS_ARG="-9 -c"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR=.*/DUMP_DIR="\/shared\/backups\/mysql"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR_CHMOD=.*/DUMP_DIR_CHMOD="0755"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_FILE_CHMOD=.*/DUMP_FILE_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^LOG_CHMOD=.*/LOG_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^NAGIOS_LOG=.*/NAGIOS_LOG=0/g' /etc/mysqldump-secure.conf \
&& cd / \
&& rm -rf /usr/local/src/mysqldump-secure \
\
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
curl -sS -k -L --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb https://apt-archive.postgresql.org/pub/repos/apt/ jessie-pgdg main" > /etc/apt/sources.list.d/pgsql.list \
&& apt-get update; \
fi \
\
&& if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
apt-get install -y --no-install-recommends --no-install-suggests \
postgresql-client; \
fi \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '5.2' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Prepare required shared libraries for copying (keep symlinks)
###
RUN set -eux \
&& LIB_GNU_DIR="/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
&& USR_LIB_DIR="/usr/lib" \
&& USR_LIB_GNU_DIR="/usr/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
\
&& mkdir /tmp/lib-gnu \
&& mkdir /tmp/usr-lib \
&& mkdir /tmp/usr-lib-gnu \
\
&& LIB_GNU="libreadline" \
&& USR_LIB="libsnappy libtcmalloc libv8" \
&& USR_LIB_GNU="liblua libpq libpcrecpp libboost libjemalloc libunwind libhiredis libedit libyaml-cpp libstemmer libsnappy libpcap libbsd liblzf" \
\
&& for lib in ${LIB_GNU}; do \
if ls -1 "${LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${LIB_GNU_DIR}"; \
cp -r ${LIB_GNU_DIR}/${lib}* /tmp/lib-gnu/; \
fi \
done \
&& for lib in ${USR_LIB}; do \
if ls -1 "${USR_LIB_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_DIR}"; \
cp -r ${USR_LIB_DIR}/${lib}* /tmp/usr-lib/; \
fi \
done \
&& for lib in ${USR_LIB_GNU}; do \
if ls -1 "${USR_LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_GNU_DIR}"; \
cp -r ${USR_LIB_GNU_DIR}/${lib}* /tmp/usr-lib-gnu/; \
fi \
done
###
### Fix expected PostgreSQL directories
###
### This might not exist on arm64 as software was not available,
### but they are still needed to be present, so we can copy them.
###
RUN set -eux \
&& if [ ! -d "/usr/lib/postgresql" ]; then \
mkdir "/usr/lib/postgresql"; \
fi \
&& if [ ! -d "/usr/share/postgresql-common" ]; then \
mkdir "/usr/share/postgresql-common"; \
fi
###
### Prepare MongoDB binaries for copying.
###
### They might not be available on all architectures (e.g.: arm64).
###
RUN set -eux \
&& mkdir /tmp/mongo \
&& if ls -1 "/usr/bin/" | grep "^mongo" >/dev/null; then \
cp -r /usr/bin/mongo* /tmp/mongo/; \
fi
###
### Strip debugging information to smallen filesize
###
RUN set -eux \
&& STRIP_USR_BINS="blackfire mongo mysql redis sqlite" \
&& STRIP_DIRS="/usr/lib/postgresql/ /usr/share/postgresql-common/ /tmp" \
\
&& for bin in ${STRIP_USR_BINS}; do \
( \
find /usr/bin/ -name "${bin}"* -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& for dir in ${STRIP_DIRS}; do \
( \
find ${dir} -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& strip --strip-all -p /usr/local/bin/mhsendmail 2>/dev/null || true \
&& strip --strip-all -p /usr/local/bin/mysqldump-secure 2>/dev/null || true
########################################################################################################################
########################################################################################################################
###
### Stage 2/4: Devilbox slim image (BASE)
###
########################################################################################################################
########################################################################################################################
###
### Copies all cli tools required to run Devilbox and its intranet into a clean image
###
FROM devilbox/php-fpm:5.2-prod as devilbox-slim-base
ARG ARCH
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Copy shared libraries (required by MongoDB, MySQL, PostgreSQL and Redis)
###
COPY --from=devilbox-slim-base-builder /tmp/lib-gnu/ /lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib-gnu/ /usr/lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib/ /usr/lib/
###
### Copy system files
###
COPY --from=devilbox-slim-base-builder /etc/group /etc/group
COPY --from=devilbox-slim-base-builder /etc/passwd /etc/passwd
COPY --from=devilbox-slim-base-builder /etc/shadow /etc/shadow
###
### Copy Blackfire
###
COPY --from=devilbox-slim-base-builder /etc/blackfire /etc/blackfire
COPY --from=devilbox-slim-base-builder /etc/default/blackfire-agent /etc/default/blackfire-agent
COPY --from=devilbox-slim-base-builder /usr/bin/blackfire* /usr/bin/
COPY --from=devilbox-slim-base-builder /var/log/blackfire /var/log/blackfire
###
### Copy mhsendmail
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mhsendmail /usr/local/bin/
###
### Copy MongoDB client (if exists)
###
COPY --from=devilbox-slim-base-builder /tmp/mongo/ /usr/bin/
###
### Copy MysQL Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/mysql* /usr/bin/
###
### Copy mysqldump-secure
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mysqldump-secure /usr/local/bin/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.conf /etc/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.cnf /etc/
COPY --from=devilbox-slim-base-builder /var/log/mysqldump-secure.log /var/log/
###
### Copy PostgreSQL
###
COPY --from=devilbox-slim-base-builder /usr/lib/postgresql /usr/lib/postgresql
COPY --from=devilbox-slim-base-builder /usr/share/postgresql-common /usr/share/postgresql-common
COPY --from=devilbox-slim-base-builder /usr/share/perl5 /usr/share/perl5
###
### Create PostgreSQL symlinks
###
RUN set -eux \
&& if [ -f "/usr/share/postgresql-common/pg_wrapper" ]; then \
ln -s ../share/postgresql-common/pg_wrapper /usr/bin/clusterdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createlang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/droplang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_basebackup \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dump \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dumpall \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_isready \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivewal \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivexlog \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_recvlogical \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_restore \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pgbench \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/psql \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/reindexdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumlo; \
fi
###
### Copy Redis Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/redis* /usr/bin/
###
### Copy SQLite Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/sqlite* /usr/bin/
###
### ADD PHP configuration files
###
COPY ./data/php-ini.d/php-5.2.ini /usr/local/etc/php/conf.d/xxx-devilbox-default-php.ini
COPY ./data/php-fpm.conf/php-fpm-5.2.conf /usr/local/etc/php-fpm.conf
###
### ADD Devilbox configuration files
###
COPY ./data/docker-entrypoint.sh /docker-entrypoint.sh
COPY ./data/docker-entrypoint.d/*.sh /docker-entrypoint.d/
COPY ./data/bash-devilbox /etc/bash-devilbox
COPY ./data/sudo-devilbox /etc/sudoers.d/devilbox
###
### Configure Bash
###
RUN set -eux \
&& { \
echo; \
echo "# [Devilbox] Ensure /usr/local(s)?bin is in PATH"; \
echo 'PATH="${PATH}:/usr/local/bin:/usr/local/sbin"'; \
echo "export PATH"; \
echo; \
echo "# [Devilbox] Source Devilbox main bash config"; \
echo ". /etc/bash-devilbox"; \
echo; \
echo "# [Devilbox] Source Devilbox custom configs"; \
echo "if [ -d /etc/bashrc-devilbox.d/ ]; then"; \
echo " for f in /etc/bashrc-devilbox.d/*.sh ; do"; \
echo " if [ -r \"\${f}\" ]; then"; \
echo " . \"\${f}\""; \
echo " fi"; \
echo " done"; \
echo " unset f"; \
echo "fi"; \
} | tee -a /home/${MY_USER}/.bashrc /root/.bashrc \
&& chown ${MY_USER}:${MY_GROUP} /home/${MY_USER}/.bashrc
########################################################################################################################
########################################################################################################################
###
### Stage 3/4: Devilbox slim image (BASE TEST)
###
########################################################################################################################
########################################################################################################################
###
### Test all Devilbox cli utils if copying was successful
###
FROM devilbox-slim-base as devilbox-slim-base-test
RUN set -eux \
&& mysql --version \
&& redis-cli --version \
&& sqlite3 --version
###
### Check if available tools slim
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& if echo '5.2' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '5.2' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& if echo '5.2' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Re-activate modules which have been deactivated in mods (for testing).
###
RUN set -eux \
&& if find /usr/local/lib/php/extensions/ -name phalcon.so | grep phalcon; then \
echo "extension=phalcon.so" > /usr/local/etc/php/conf.d/docker-php-ext-phalcon.ini; \
fi \
&& if find /usr/local/lib/php/extensions/ -name psr.so | grep psr; then \
echo "extension=psr.so" > /usr/local/etc/php/conf.d/docker-php-ext-psr.ini; \
fi
###
### Check if PHP still works
###
RUN set -eux \
&& echo "date.timezone=UTC" > /usr/local/etc/php/php.ini \
&& php -v | grep -oE 'PHP\s[.0-9]+' | grep -oE '[.0-9]+' | grep '^5.2' \
&& /usr/local/sbin/php-fpm --test \
\
&& PHP_ERROR="$( php -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
&& PHP_ERROR="$( php -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
\
&& PHP_FPM_ERROR="$( php-fpm -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& PHP_FPM_ERROR="$( php-fpm -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& rm -f /usr/local/etc/php/php.ini
########################################################################################################################
########################################################################################################################
###
### Stage 4/4: Devilbox slim image (FINAL)
###
########################################################################################################################
########################################################################################################################
###
### Prepare final base image (STAGE: slim)
###
FROM devilbox-slim-base as slim
MAINTAINER "cytopia" <cytopia@everythingcli.org>
###
### Labels
###
# https://github.com/opencontainers/image-spec/blob/master/annotations.md
#LABEL "org.opencontainers.image.created"=""
#LABEL "org.opencontainers.image.version"=""
#LABEL "org.opencontainers.image.revision"=""
LABEL "maintainer"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.authors"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.url"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.documentation"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.source"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.vendor"="devilbox"
LABEL "org.opencontainers.image.licenses"="MIT"
LABEL "org.opencontainers.image.ref.name"="5.2-slim"
LABEL "org.opencontainers.image.title"="PHP-FPM 5.2-slim"
LABEL "org.opencontainers.image.description"="PHP-FPM 5.2-slim"
###
### Volumes
###
VOLUME /shared/backups
VOLUME /var/log/php
VOLUME /var/mail
###
### Ports
###
EXPOSE 9000
###
### Where to start inside the container
###
WORKDIR /shared/httpd
###
### Entrypoint
###
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/supervisord.conf"]
ENTRYPOINT ["/docker-entrypoint.sh"]

622
Dockerfiles/slim/Dockerfile-5.3 Normal file
View File

@@ -0,0 +1,622 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-slim.j2 instead.
########################################################################################################################
########################################################################################################################
###
### Stage 1/4: Devilbox slim image (BASE BUILDER)
###
########################################################################################################################
########################################################################################################################
###
### Installs all cli tools required to run Devilbox and its intranet
###
FROM devilbox/php-fpm:5.3-prod as devilbox-slim-base-builder
###
### Install apt Tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
apt-transport-https \
ca-certificates \
curl \
dirmngr \
gnupg
###
### Add apt repositories
###
RUN set -eux \
&& echo 'Acquire::Check-Valid-Until no;' > /etc/apt/apt.conf.d/99no-check-valid-until \
&& echo "deb [trusted=yes] http://archive.debian.org/debian jessie-backports main" > /etc/apt/sources.list.d/backports.list \
&& curl -sS -L --fail "https://packages.blackfire.io/gpg.key" | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb http://packages.blackfire.io/debian any main" > /etc/apt/sources.list.d/blackfire.list \
&& true
###
### Install build_dep
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
libsnappy-dev \
&& rm -rf /var/lib/apt/lists/*
###
### Add common tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
file \
git \
mysql-client \
redis-tools \
sqlite3
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Devilbox required cli tools from group_vars (slim.yml)
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
blackfire-agent \
\
&& rm -rf /var/lib/apt/lists/* \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& DEB_HOST_ARCH="$( dpkg-architecture --query DEB_HOST_ARCH )" \
&& if [ "${DEB_HOST_ARCH}" = "amd64" ] || [ "${DEB_HOST_ARCH}" = "arm64" ]; then \
MHSENDMAIL_URL="https://github.com/devilbox/mhsendmail/releases/download/v0.3.0/mhsendmail_linux_${DEB_HOST_ARCH}" \
&& curl -sS -L --fail "${MHSENDMAIL_URL}" > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
else \
printf '%s\n%s\n%s\n' '#!/bin/sh' 'echo "Not available for this platform."' 'exit 1' > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
fi \
\
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& apt-get update \
&& if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
apt-get install -y --no-install-recommends --no-install-suggests \
mongodb-clients; \
fi \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '5.3' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '5.3' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& git clone https://github.com/cytopia/mysqldump-secure.git /usr/local/src/mysqldump-secure \
&& cd /usr/local/src/mysqldump-secure \
&& git checkout $(git describe --abbrev=0 --tags) \
&& cp /usr/local/src/mysqldump-secure/bin/mysqldump-secure /usr/local/bin \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.conf /etc \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.cnf /etc \
&& touch /var/log/mysqldump-secure.log \
&& chown ${MY_USER}:${MY_GROUP} /etc/mysqldump-secure.* \
&& chown ${MY_USER}:${MY_GROUP} /var/log/mysqldump-secure.log \
&& chmod 0400 /etc/mysqldump-secure.conf \
&& chmod 0400 /etc/mysqldump-secure.cnf \
&& chmod 0644 /var/log/mysqldump-secure.log \
&& sed -i'' 's/^COMPRESS_ARG=.*/COMPRESS_ARG="-9 -c"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR=.*/DUMP_DIR="\/shared\/backups\/mysql"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR_CHMOD=.*/DUMP_DIR_CHMOD="0755"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_FILE_CHMOD=.*/DUMP_FILE_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^LOG_CHMOD=.*/LOG_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^NAGIOS_LOG=.*/NAGIOS_LOG=0/g' /etc/mysqldump-secure.conf \
&& cd / \
&& rm -rf /usr/local/src/mysqldump-secure \
\
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
curl -sS -k -L --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb https://apt-archive.postgresql.org/pub/repos/apt/ jessie-pgdg main" > /etc/apt/sources.list.d/pgsql.list \
&& apt-get update; \
fi \
\
&& if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
apt-get install -y --no-install-recommends --no-install-suggests \
postgresql-client; \
fi \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '5.3' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Prepare required shared libraries for copying (keep symlinks)
###
RUN set -eux \
&& LIB_GNU_DIR="/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
&& USR_LIB_DIR="/usr/lib" \
&& USR_LIB_GNU_DIR="/usr/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
\
&& mkdir /tmp/lib-gnu \
&& mkdir /tmp/usr-lib \
&& mkdir /tmp/usr-lib-gnu \
\
&& LIB_GNU="libreadline" \
&& USR_LIB="libsnappy libtcmalloc libv8" \
&& USR_LIB_GNU="liblua libpq libpcrecpp libboost libjemalloc libunwind libhiredis libedit libyaml-cpp libstemmer libsnappy libpcap libbsd liblzf" \
\
&& for lib in ${LIB_GNU}; do \
if ls -1 "${LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${LIB_GNU_DIR}"; \
cp -r ${LIB_GNU_DIR}/${lib}* /tmp/lib-gnu/; \
fi \
done \
&& for lib in ${USR_LIB}; do \
if ls -1 "${USR_LIB_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_DIR}"; \
cp -r ${USR_LIB_DIR}/${lib}* /tmp/usr-lib/; \
fi \
done \
&& for lib in ${USR_LIB_GNU}; do \
if ls -1 "${USR_LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_GNU_DIR}"; \
cp -r ${USR_LIB_GNU_DIR}/${lib}* /tmp/usr-lib-gnu/; \
fi \
done
###
### Fix expected PostgreSQL directories
###
### This might not exist on arm64 as software was not available,
### but they are still needed to be present, so we can copy them.
###
RUN set -eux \
&& if [ ! -d "/usr/lib/postgresql" ]; then \
mkdir "/usr/lib/postgresql"; \
fi \
&& if [ ! -d "/usr/share/postgresql-common" ]; then \
mkdir "/usr/share/postgresql-common"; \
fi
###
### Prepare MongoDB binaries for copying.
###
### They might not be available on all architectures (e.g.: arm64).
###
RUN set -eux \
&& mkdir /tmp/mongo \
&& if ls -1 "/usr/bin/" | grep "^mongo" >/dev/null; then \
cp -r /usr/bin/mongo* /tmp/mongo/; \
fi
###
### Strip debugging information to smallen filesize
###
RUN set -eux \
&& STRIP_USR_BINS="blackfire mongo mysql redis sqlite" \
&& STRIP_DIRS="/usr/lib/postgresql/ /usr/share/postgresql-common/ /tmp" \
\
&& for bin in ${STRIP_USR_BINS}; do \
( \
find /usr/bin/ -name "${bin}"* -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& for dir in ${STRIP_DIRS}; do \
( \
find ${dir} -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& strip --strip-all -p /usr/local/bin/mhsendmail 2>/dev/null || true \
&& strip --strip-all -p /usr/local/bin/mysqldump-secure 2>/dev/null || true
########################################################################################################################
########################################################################################################################
###
### Stage 2/4: Devilbox slim image (BASE)
###
########################################################################################################################
########################################################################################################################
###
### Copies all cli tools required to run Devilbox and its intranet into a clean image
###
FROM devilbox/php-fpm:5.3-prod as devilbox-slim-base
ARG ARCH
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Copy shared libraries (required by MongoDB, MySQL, PostgreSQL and Redis)
###
COPY --from=devilbox-slim-base-builder /tmp/lib-gnu/ /lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib-gnu/ /usr/lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib/ /usr/lib/
###
### Copy system files
###
COPY --from=devilbox-slim-base-builder /etc/group /etc/group
COPY --from=devilbox-slim-base-builder /etc/passwd /etc/passwd
COPY --from=devilbox-slim-base-builder /etc/shadow /etc/shadow
###
### Copy Blackfire
###
COPY --from=devilbox-slim-base-builder /etc/blackfire /etc/blackfire
COPY --from=devilbox-slim-base-builder /etc/default/blackfire-agent /etc/default/blackfire-agent
COPY --from=devilbox-slim-base-builder /usr/bin/blackfire* /usr/bin/
COPY --from=devilbox-slim-base-builder /var/log/blackfire /var/log/blackfire
###
### Copy mhsendmail
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mhsendmail /usr/local/bin/
###
### Copy MongoDB client (if exists)
###
COPY --from=devilbox-slim-base-builder /tmp/mongo/ /usr/bin/
###
### Copy MysQL Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/mysql* /usr/bin/
###
### Copy mysqldump-secure
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mysqldump-secure /usr/local/bin/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.conf /etc/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.cnf /etc/
COPY --from=devilbox-slim-base-builder /var/log/mysqldump-secure.log /var/log/
###
### Copy PostgreSQL
###
COPY --from=devilbox-slim-base-builder /usr/lib/postgresql /usr/lib/postgresql
COPY --from=devilbox-slim-base-builder /usr/share/postgresql-common /usr/share/postgresql-common
COPY --from=devilbox-slim-base-builder /usr/share/perl5 /usr/share/perl5
###
### Create PostgreSQL symlinks
###
RUN set -eux \
&& if [ -f "/usr/share/postgresql-common/pg_wrapper" ]; then \
ln -s ../share/postgresql-common/pg_wrapper /usr/bin/clusterdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createlang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/droplang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_basebackup \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dump \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dumpall \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_isready \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivewal \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivexlog \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_recvlogical \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_restore \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pgbench \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/psql \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/reindexdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumlo; \
fi
###
### Copy Redis Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/redis* /usr/bin/
###
### Copy SQLite Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/sqlite* /usr/bin/
###
### ADD PHP configuration files
###
COPY ./data/php-ini.d/php-5.3.ini /usr/local/etc/php/conf.d/xxx-devilbox-default-php.ini
COPY ./data/php-fpm.conf/php-fpm-5.3.conf /usr/local/etc/php-fpm.conf
###
### ADD Devilbox configuration files
###
COPY ./data/docker-entrypoint.sh /docker-entrypoint.sh
COPY ./data/docker-entrypoint.d/*.sh /docker-entrypoint.d/
COPY ./data/bash-devilbox /etc/bash-devilbox
COPY ./data/sudo-devilbox /etc/sudoers.d/devilbox
###
### Configure Bash
###
RUN set -eux \
&& { \
echo; \
echo "# [Devilbox] Ensure /usr/local(s)?bin is in PATH"; \
echo 'PATH="${PATH}:/usr/local/bin:/usr/local/sbin"'; \
echo "export PATH"; \
echo; \
echo "# [Devilbox] Source Devilbox main bash config"; \
echo ". /etc/bash-devilbox"; \
echo; \
echo "# [Devilbox] Source Devilbox custom configs"; \
echo "if [ -d /etc/bashrc-devilbox.d/ ]; then"; \
echo " for f in /etc/bashrc-devilbox.d/*.sh ; do"; \
echo " if [ -r \"\${f}\" ]; then"; \
echo " . \"\${f}\""; \
echo " fi"; \
echo " done"; \
echo " unset f"; \
echo "fi"; \
} | tee -a /home/${MY_USER}/.bashrc /root/.bashrc \
&& chown ${MY_USER}:${MY_GROUP} /home/${MY_USER}/.bashrc
########################################################################################################################
########################################################################################################################
###
### Stage 3/4: Devilbox slim image (BASE TEST)
###
########################################################################################################################
########################################################################################################################
###
### Test all Devilbox cli utils if copying was successful
###
FROM devilbox-slim-base as devilbox-slim-base-test
RUN set -eux \
&& mysql --version \
&& redis-cli --version \
&& sqlite3 --version
###
### Check if available tools slim
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& if echo '5.3' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '5.3' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& if echo '5.3' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Re-activate modules which have been deactivated in mods (for testing).
###
RUN set -eux \
&& if find /usr/local/lib/php/extensions/ -name phalcon.so | grep phalcon; then \
echo "extension=phalcon.so" > /usr/local/etc/php/conf.d/docker-php-ext-phalcon.ini; \
fi \
&& if find /usr/local/lib/php/extensions/ -name psr.so | grep psr; then \
echo "extension=psr.so" > /usr/local/etc/php/conf.d/docker-php-ext-psr.ini; \
fi
###
### Check if PHP still works
###
RUN set -eux \
&& echo "date.timezone=UTC" > /usr/local/etc/php/php.ini \
&& php -v | grep -oE 'PHP\s[.0-9]+' | grep -oE '[.0-9]+' | grep '^5.3' \
&& /usr/local/sbin/php-fpm --test \
\
&& PHP_ERROR="$( php -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
&& PHP_ERROR="$( php -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
\
&& PHP_FPM_ERROR="$( php-fpm -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& PHP_FPM_ERROR="$( php-fpm -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& rm -f /usr/local/etc/php/php.ini
########################################################################################################################
########################################################################################################################
###
### Stage 4/4: Devilbox slim image (FINAL)
###
########################################################################################################################
########################################################################################################################
###
### Prepare final base image (STAGE: slim)
###
FROM devilbox-slim-base as slim
MAINTAINER "cytopia" <cytopia@everythingcli.org>
###
### Labels
###
# https://github.com/opencontainers/image-spec/blob/master/annotations.md
#LABEL "org.opencontainers.image.created"=""
#LABEL "org.opencontainers.image.version"=""
#LABEL "org.opencontainers.image.revision"=""
LABEL "maintainer"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.authors"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.url"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.documentation"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.source"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.vendor"="devilbox"
LABEL "org.opencontainers.image.licenses"="MIT"
LABEL "org.opencontainers.image.ref.name"="5.3-slim"
LABEL "org.opencontainers.image.title"="PHP-FPM 5.3-slim"
LABEL "org.opencontainers.image.description"="PHP-FPM 5.3-slim"
###
### Volumes
###
VOLUME /shared/backups
VOLUME /var/log/php
VOLUME /var/mail
###
### Ports
###
EXPOSE 9000
###
### Where to start inside the container
###
WORKDIR /shared/httpd
###
### Entrypoint
###
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/supervisord.conf"]
ENTRYPOINT ["/docker-entrypoint.sh"]

622
Dockerfiles/slim/Dockerfile-5.4 Normal file
View File

@@ -0,0 +1,622 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-slim.j2 instead.
########################################################################################################################
########################################################################################################################
###
### Stage 1/4: Devilbox slim image (BASE BUILDER)
###
########################################################################################################################
########################################################################################################################
###
### Installs all cli tools required to run Devilbox and its intranet
###
FROM devilbox/php-fpm:5.4-prod as devilbox-slim-base-builder
###
### Install apt Tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
apt-transport-https \
ca-certificates \
curl \
dirmngr \
gnupg
###
### Add apt repositories
###
RUN set -eux \
&& echo 'Acquire::Check-Valid-Until no;' > /etc/apt/apt.conf.d/99no-check-valid-until \
&& echo "deb [trusted=yes] http://archive.debian.org/debian jessie-backports main" > /etc/apt/sources.list.d/backports.list \
&& curl -sS -L --fail "https://packages.blackfire.io/gpg.key" | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb http://packages.blackfire.io/debian any main" > /etc/apt/sources.list.d/blackfire.list \
&& true
###
### Install build_dep
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
libsnappy-dev \
&& rm -rf /var/lib/apt/lists/*
###
### Add common tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
file \
git \
mysql-client \
redis-tools \
sqlite3
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Devilbox required cli tools from group_vars (slim.yml)
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
blackfire-agent \
\
&& rm -rf /var/lib/apt/lists/* \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& DEB_HOST_ARCH="$( dpkg-architecture --query DEB_HOST_ARCH )" \
&& if [ "${DEB_HOST_ARCH}" = "amd64" ] || [ "${DEB_HOST_ARCH}" = "arm64" ]; then \
MHSENDMAIL_URL="https://github.com/devilbox/mhsendmail/releases/download/v0.3.0/mhsendmail_linux_${DEB_HOST_ARCH}" \
&& curl -sS -L --fail "${MHSENDMAIL_URL}" > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
else \
printf '%s\n%s\n%s\n' '#!/bin/sh' 'echo "Not available for this platform."' 'exit 1' > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
fi \
\
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& apt-get update \
&& if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
apt-get install -y --no-install-recommends --no-install-suggests \
mongodb-clients; \
fi \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '5.4' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '5.4' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& git clone https://github.com/cytopia/mysqldump-secure.git /usr/local/src/mysqldump-secure \
&& cd /usr/local/src/mysqldump-secure \
&& git checkout $(git describe --abbrev=0 --tags) \
&& cp /usr/local/src/mysqldump-secure/bin/mysqldump-secure /usr/local/bin \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.conf /etc \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.cnf /etc \
&& touch /var/log/mysqldump-secure.log \
&& chown ${MY_USER}:${MY_GROUP} /etc/mysqldump-secure.* \
&& chown ${MY_USER}:${MY_GROUP} /var/log/mysqldump-secure.log \
&& chmod 0400 /etc/mysqldump-secure.conf \
&& chmod 0400 /etc/mysqldump-secure.cnf \
&& chmod 0644 /var/log/mysqldump-secure.log \
&& sed -i'' 's/^COMPRESS_ARG=.*/COMPRESS_ARG="-9 -c"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR=.*/DUMP_DIR="\/shared\/backups\/mysql"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR_CHMOD=.*/DUMP_DIR_CHMOD="0755"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_FILE_CHMOD=.*/DUMP_FILE_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^LOG_CHMOD=.*/LOG_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^NAGIOS_LOG=.*/NAGIOS_LOG=0/g' /etc/mysqldump-secure.conf \
&& cd / \
&& rm -rf /usr/local/src/mysqldump-secure \
\
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
curl -sS -k -L --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb https://apt-archive.postgresql.org/pub/repos/apt/ jessie-pgdg main" > /etc/apt/sources.list.d/pgsql.list \
&& apt-get update; \
fi \
\
&& if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
apt-get install -y --no-install-recommends --no-install-suggests \
postgresql-client; \
fi \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '5.4' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Prepare required shared libraries for copying (keep symlinks)
###
RUN set -eux \
&& LIB_GNU_DIR="/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
&& USR_LIB_DIR="/usr/lib" \
&& USR_LIB_GNU_DIR="/usr/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
\
&& mkdir /tmp/lib-gnu \
&& mkdir /tmp/usr-lib \
&& mkdir /tmp/usr-lib-gnu \
\
&& LIB_GNU="libreadline" \
&& USR_LIB="libsnappy libtcmalloc libv8" \
&& USR_LIB_GNU="liblua libpq libpcrecpp libboost libjemalloc libunwind libhiredis libedit libyaml-cpp libstemmer libsnappy libpcap libbsd liblzf" \
\
&& for lib in ${LIB_GNU}; do \
if ls -1 "${LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${LIB_GNU_DIR}"; \
cp -r ${LIB_GNU_DIR}/${lib}* /tmp/lib-gnu/; \
fi \
done \
&& for lib in ${USR_LIB}; do \
if ls -1 "${USR_LIB_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_DIR}"; \
cp -r ${USR_LIB_DIR}/${lib}* /tmp/usr-lib/; \
fi \
done \
&& for lib in ${USR_LIB_GNU}; do \
if ls -1 "${USR_LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_GNU_DIR}"; \
cp -r ${USR_LIB_GNU_DIR}/${lib}* /tmp/usr-lib-gnu/; \
fi \
done
###
### Fix expected PostgreSQL directories
###
### This might not exist on arm64 as software was not available,
### but they are still needed to be present, so we can copy them.
###
RUN set -eux \
&& if [ ! -d "/usr/lib/postgresql" ]; then \
mkdir "/usr/lib/postgresql"; \
fi \
&& if [ ! -d "/usr/share/postgresql-common" ]; then \
mkdir "/usr/share/postgresql-common"; \
fi
###
### Prepare MongoDB binaries for copying.
###
### They might not be available on all architectures (e.g.: arm64).
###
RUN set -eux \
&& mkdir /tmp/mongo \
&& if ls -1 "/usr/bin/" | grep "^mongo" >/dev/null; then \
cp -r /usr/bin/mongo* /tmp/mongo/; \
fi
###
### Strip debugging information to smallen filesize
###
RUN set -eux \
&& STRIP_USR_BINS="blackfire mongo mysql redis sqlite" \
&& STRIP_DIRS="/usr/lib/postgresql/ /usr/share/postgresql-common/ /tmp" \
\
&& for bin in ${STRIP_USR_BINS}; do \
( \
find /usr/bin/ -name "${bin}"* -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& for dir in ${STRIP_DIRS}; do \
( \
find ${dir} -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& strip --strip-all -p /usr/local/bin/mhsendmail 2>/dev/null || true \
&& strip --strip-all -p /usr/local/bin/mysqldump-secure 2>/dev/null || true
########################################################################################################################
########################################################################################################################
###
### Stage 2/4: Devilbox slim image (BASE)
###
########################################################################################################################
########################################################################################################################
###
### Copies all cli tools required to run Devilbox and its intranet into a clean image
###
FROM devilbox/php-fpm:5.4-prod as devilbox-slim-base
ARG ARCH
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Copy shared libraries (required by MongoDB, MySQL, PostgreSQL and Redis)
###
COPY --from=devilbox-slim-base-builder /tmp/lib-gnu/ /lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib-gnu/ /usr/lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib/ /usr/lib/
###
### Copy system files
###
COPY --from=devilbox-slim-base-builder /etc/group /etc/group
COPY --from=devilbox-slim-base-builder /etc/passwd /etc/passwd
COPY --from=devilbox-slim-base-builder /etc/shadow /etc/shadow
###
### Copy Blackfire
###
COPY --from=devilbox-slim-base-builder /etc/blackfire /etc/blackfire
COPY --from=devilbox-slim-base-builder /etc/default/blackfire-agent /etc/default/blackfire-agent
COPY --from=devilbox-slim-base-builder /usr/bin/blackfire* /usr/bin/
COPY --from=devilbox-slim-base-builder /var/log/blackfire /var/log/blackfire
###
### Copy mhsendmail
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mhsendmail /usr/local/bin/
###
### Copy MongoDB client (if exists)
###
COPY --from=devilbox-slim-base-builder /tmp/mongo/ /usr/bin/
###
### Copy MysQL Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/mysql* /usr/bin/
###
### Copy mysqldump-secure
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mysqldump-secure /usr/local/bin/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.conf /etc/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.cnf /etc/
COPY --from=devilbox-slim-base-builder /var/log/mysqldump-secure.log /var/log/
###
### Copy PostgreSQL
###
COPY --from=devilbox-slim-base-builder /usr/lib/postgresql /usr/lib/postgresql
COPY --from=devilbox-slim-base-builder /usr/share/postgresql-common /usr/share/postgresql-common
COPY --from=devilbox-slim-base-builder /usr/share/perl5 /usr/share/perl5
###
### Create PostgreSQL symlinks
###
RUN set -eux \
&& if [ -f "/usr/share/postgresql-common/pg_wrapper" ]; then \
ln -s ../share/postgresql-common/pg_wrapper /usr/bin/clusterdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createlang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/droplang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_basebackup \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dump \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dumpall \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_isready \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivewal \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivexlog \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_recvlogical \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_restore \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pgbench \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/psql \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/reindexdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumlo; \
fi
###
### Copy Redis Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/redis* /usr/bin/
###
### Copy SQLite Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/sqlite* /usr/bin/
###
### ADD PHP configuration files
###
COPY ./data/php-ini.d/php-5.4.ini /usr/local/etc/php/conf.d/xxx-devilbox-default-php.ini
COPY ./data/php-fpm.conf/php-fpm-5.4.conf /usr/local/etc/php-fpm.conf
###
### ADD Devilbox configuration files
###
COPY ./data/docker-entrypoint.sh /docker-entrypoint.sh
COPY ./data/docker-entrypoint.d/*.sh /docker-entrypoint.d/
COPY ./data/bash-devilbox /etc/bash-devilbox
COPY ./data/sudo-devilbox /etc/sudoers.d/devilbox
###
### Configure Bash
###
RUN set -eux \
&& { \
echo; \
echo "# [Devilbox] Ensure /usr/local(s)?bin is in PATH"; \
echo 'PATH="${PATH}:/usr/local/bin:/usr/local/sbin"'; \
echo "export PATH"; \
echo; \
echo "# [Devilbox] Source Devilbox main bash config"; \
echo ". /etc/bash-devilbox"; \
echo; \
echo "# [Devilbox] Source Devilbox custom configs"; \
echo "if [ -d /etc/bashrc-devilbox.d/ ]; then"; \
echo " for f in /etc/bashrc-devilbox.d/*.sh ; do"; \
echo " if [ -r \"\${f}\" ]; then"; \
echo " . \"\${f}\""; \
echo " fi"; \
echo " done"; \
echo " unset f"; \
echo "fi"; \
} | tee -a /home/${MY_USER}/.bashrc /root/.bashrc \
&& chown ${MY_USER}:${MY_GROUP} /home/${MY_USER}/.bashrc
########################################################################################################################
########################################################################################################################
###
### Stage 3/4: Devilbox slim image (BASE TEST)
###
########################################################################################################################
########################################################################################################################
###
### Test all Devilbox cli utils if copying was successful
###
FROM devilbox-slim-base as devilbox-slim-base-test
RUN set -eux \
&& mysql --version \
&& redis-cli --version \
&& sqlite3 --version
###
### Check if available tools slim
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& if echo '5.4' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '5.4' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& if echo '5.4' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Re-activate modules which have been deactivated in mods (for testing).
###
RUN set -eux \
&& if find /usr/local/lib/php/extensions/ -name phalcon.so | grep phalcon; then \
echo "extension=phalcon.so" > /usr/local/etc/php/conf.d/docker-php-ext-phalcon.ini; \
fi \
&& if find /usr/local/lib/php/extensions/ -name psr.so | grep psr; then \
echo "extension=psr.so" > /usr/local/etc/php/conf.d/docker-php-ext-psr.ini; \
fi
###
### Check if PHP still works
###
RUN set -eux \
&& echo "date.timezone=UTC" > /usr/local/etc/php/php.ini \
&& php -v | grep -oE 'PHP\s[.0-9]+' | grep -oE '[.0-9]+' | grep '^5.4' \
&& /usr/local/sbin/php-fpm --test \
\
&& PHP_ERROR="$( php -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
&& PHP_ERROR="$( php -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
\
&& PHP_FPM_ERROR="$( php-fpm -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& PHP_FPM_ERROR="$( php-fpm -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& rm -f /usr/local/etc/php/php.ini
########################################################################################################################
########################################################################################################################
###
### Stage 4/4: Devilbox slim image (FINAL)
###
########################################################################################################################
########################################################################################################################
###
### Prepare final base image (STAGE: slim)
###
FROM devilbox-slim-base as slim
MAINTAINER "cytopia" <cytopia@everythingcli.org>
###
### Labels
###
# https://github.com/opencontainers/image-spec/blob/master/annotations.md
#LABEL "org.opencontainers.image.created"=""
#LABEL "org.opencontainers.image.version"=""
#LABEL "org.opencontainers.image.revision"=""
LABEL "maintainer"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.authors"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.url"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.documentation"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.source"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.vendor"="devilbox"
LABEL "org.opencontainers.image.licenses"="MIT"
LABEL "org.opencontainers.image.ref.name"="5.4-slim"
LABEL "org.opencontainers.image.title"="PHP-FPM 5.4-slim"
LABEL "org.opencontainers.image.description"="PHP-FPM 5.4-slim"
###
### Volumes
###
VOLUME /shared/backups
VOLUME /var/log/php
VOLUME /var/mail
###
### Ports
###
EXPOSE 9000
###
### Where to start inside the container
###
WORKDIR /shared/httpd
###
### Entrypoint
###
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/supervisord.conf"]
ENTRYPOINT ["/docker-entrypoint.sh"]

622
Dockerfiles/slim/Dockerfile-5.5 Normal file
View File

@@ -0,0 +1,622 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-slim.j2 instead.
########################################################################################################################
########################################################################################################################
###
### Stage 1/4: Devilbox slim image (BASE BUILDER)
###
########################################################################################################################
########################################################################################################################
###
### Installs all cli tools required to run Devilbox and its intranet
###
FROM devilbox/php-fpm:5.5-prod as devilbox-slim-base-builder
###
### Install apt Tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
apt-transport-https \
ca-certificates \
curl \
dirmngr \
gnupg
###
### Add apt repositories
###
RUN set -eux \
&& echo 'Acquire::Check-Valid-Until no;' > /etc/apt/apt.conf.d/99no-check-valid-until \
&& echo "deb [trusted=yes] http://archive.debian.org/debian jessie-backports main" > /etc/apt/sources.list.d/backports.list \
&& curl -sS -L --fail "https://packages.blackfire.io/gpg.key" | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb http://packages.blackfire.io/debian any main" > /etc/apt/sources.list.d/blackfire.list \
&& true
###
### Install build_dep
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
libsnappy-dev \
&& rm -rf /var/lib/apt/lists/*
###
### Add common tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
file \
git \
mysql-client \
redis-tools \
sqlite3
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Devilbox required cli tools from group_vars (slim.yml)
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
blackfire-agent \
\
&& rm -rf /var/lib/apt/lists/* \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& DEB_HOST_ARCH="$( dpkg-architecture --query DEB_HOST_ARCH )" \
&& if [ "${DEB_HOST_ARCH}" = "amd64" ] || [ "${DEB_HOST_ARCH}" = "arm64" ]; then \
MHSENDMAIL_URL="https://github.com/devilbox/mhsendmail/releases/download/v0.3.0/mhsendmail_linux_${DEB_HOST_ARCH}" \
&& curl -sS -L --fail "${MHSENDMAIL_URL}" > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
else \
printf '%s\n%s\n%s\n' '#!/bin/sh' 'echo "Not available for this platform."' 'exit 1' > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
fi \
\
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& apt-get update \
&& if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
apt-get install -y --no-install-recommends --no-install-suggests \
mongodb-clients; \
fi \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '5.5' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '5.5' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& git clone https://github.com/cytopia/mysqldump-secure.git /usr/local/src/mysqldump-secure \
&& cd /usr/local/src/mysqldump-secure \
&& git checkout $(git describe --abbrev=0 --tags) \
&& cp /usr/local/src/mysqldump-secure/bin/mysqldump-secure /usr/local/bin \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.conf /etc \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.cnf /etc \
&& touch /var/log/mysqldump-secure.log \
&& chown ${MY_USER}:${MY_GROUP} /etc/mysqldump-secure.* \
&& chown ${MY_USER}:${MY_GROUP} /var/log/mysqldump-secure.log \
&& chmod 0400 /etc/mysqldump-secure.conf \
&& chmod 0400 /etc/mysqldump-secure.cnf \
&& chmod 0644 /var/log/mysqldump-secure.log \
&& sed -i'' 's/^COMPRESS_ARG=.*/COMPRESS_ARG="-9 -c"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR=.*/DUMP_DIR="\/shared\/backups\/mysql"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR_CHMOD=.*/DUMP_DIR_CHMOD="0755"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_FILE_CHMOD=.*/DUMP_FILE_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^LOG_CHMOD=.*/LOG_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^NAGIOS_LOG=.*/NAGIOS_LOG=0/g' /etc/mysqldump-secure.conf \
&& cd / \
&& rm -rf /usr/local/src/mysqldump-secure \
\
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
curl -sS -k -L --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb https://apt-archive.postgresql.org/pub/repos/apt/ jessie-pgdg main" > /etc/apt/sources.list.d/pgsql.list \
&& apt-get update; \
fi \
\
&& if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
apt-get install -y --no-install-recommends --no-install-suggests \
postgresql-client; \
fi \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '5.5' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Prepare required shared libraries for copying (keep symlinks)
###
RUN set -eux \
&& LIB_GNU_DIR="/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
&& USR_LIB_DIR="/usr/lib" \
&& USR_LIB_GNU_DIR="/usr/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
\
&& mkdir /tmp/lib-gnu \
&& mkdir /tmp/usr-lib \
&& mkdir /tmp/usr-lib-gnu \
\
&& LIB_GNU="libreadline" \
&& USR_LIB="libsnappy libtcmalloc libv8" \
&& USR_LIB_GNU="liblua libpq libpcrecpp libboost libjemalloc libunwind libhiredis libedit libyaml-cpp libstemmer libsnappy libpcap libbsd liblzf" \
\
&& for lib in ${LIB_GNU}; do \
if ls -1 "${LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${LIB_GNU_DIR}"; \
cp -r ${LIB_GNU_DIR}/${lib}* /tmp/lib-gnu/; \
fi \
done \
&& for lib in ${USR_LIB}; do \
if ls -1 "${USR_LIB_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_DIR}"; \
cp -r ${USR_LIB_DIR}/${lib}* /tmp/usr-lib/; \
fi \
done \
&& for lib in ${USR_LIB_GNU}; do \
if ls -1 "${USR_LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_GNU_DIR}"; \
cp -r ${USR_LIB_GNU_DIR}/${lib}* /tmp/usr-lib-gnu/; \
fi \
done
###
### Fix expected PostgreSQL directories
###
### This might not exist on arm64 as software was not available,
### but they are still needed to be present, so we can copy them.
###
RUN set -eux \
&& if [ ! -d "/usr/lib/postgresql" ]; then \
mkdir "/usr/lib/postgresql"; \
fi \
&& if [ ! -d "/usr/share/postgresql-common" ]; then \
mkdir "/usr/share/postgresql-common"; \
fi
###
### Prepare MongoDB binaries for copying.
###
### They might not be available on all architectures (e.g.: arm64).
###
RUN set -eux \
&& mkdir /tmp/mongo \
&& if ls -1 "/usr/bin/" | grep "^mongo" >/dev/null; then \
cp -r /usr/bin/mongo* /tmp/mongo/; \
fi
###
### Strip debugging information to smallen filesize
###
RUN set -eux \
&& STRIP_USR_BINS="blackfire mongo mysql redis sqlite" \
&& STRIP_DIRS="/usr/lib/postgresql/ /usr/share/postgresql-common/ /tmp" \
\
&& for bin in ${STRIP_USR_BINS}; do \
( \
find /usr/bin/ -name "${bin}"* -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& for dir in ${STRIP_DIRS}; do \
( \
find ${dir} -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& strip --strip-all -p /usr/local/bin/mhsendmail 2>/dev/null || true \
&& strip --strip-all -p /usr/local/bin/mysqldump-secure 2>/dev/null || true
########################################################################################################################
########################################################################################################################
###
### Stage 2/4: Devilbox slim image (BASE)
###
########################################################################################################################
########################################################################################################################
###
### Copies all cli tools required to run Devilbox and its intranet into a clean image
###
FROM devilbox/php-fpm:5.5-prod as devilbox-slim-base
ARG ARCH
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Copy shared libraries (required by MongoDB, MySQL, PostgreSQL and Redis)
###
COPY --from=devilbox-slim-base-builder /tmp/lib-gnu/ /lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib-gnu/ /usr/lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib/ /usr/lib/
###
### Copy system files
###
COPY --from=devilbox-slim-base-builder /etc/group /etc/group
COPY --from=devilbox-slim-base-builder /etc/passwd /etc/passwd
COPY --from=devilbox-slim-base-builder /etc/shadow /etc/shadow
###
### Copy Blackfire
###
COPY --from=devilbox-slim-base-builder /etc/blackfire /etc/blackfire
COPY --from=devilbox-slim-base-builder /etc/default/blackfire-agent /etc/default/blackfire-agent
COPY --from=devilbox-slim-base-builder /usr/bin/blackfire* /usr/bin/
COPY --from=devilbox-slim-base-builder /var/log/blackfire /var/log/blackfire
###
### Copy mhsendmail
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mhsendmail /usr/local/bin/
###
### Copy MongoDB client (if exists)
###
COPY --from=devilbox-slim-base-builder /tmp/mongo/ /usr/bin/
###
### Copy MysQL Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/mysql* /usr/bin/
###
### Copy mysqldump-secure
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mysqldump-secure /usr/local/bin/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.conf /etc/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.cnf /etc/
COPY --from=devilbox-slim-base-builder /var/log/mysqldump-secure.log /var/log/
###
### Copy PostgreSQL
###
COPY --from=devilbox-slim-base-builder /usr/lib/postgresql /usr/lib/postgresql
COPY --from=devilbox-slim-base-builder /usr/share/postgresql-common /usr/share/postgresql-common
COPY --from=devilbox-slim-base-builder /usr/share/perl5 /usr/share/perl5
###
### Create PostgreSQL symlinks
###
RUN set -eux \
&& if [ -f "/usr/share/postgresql-common/pg_wrapper" ]; then \
ln -s ../share/postgresql-common/pg_wrapper /usr/bin/clusterdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createlang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/droplang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_basebackup \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dump \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dumpall \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_isready \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivewal \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivexlog \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_recvlogical \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_restore \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pgbench \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/psql \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/reindexdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumlo; \
fi
###
### Copy Redis Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/redis* /usr/bin/
###
### Copy SQLite Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/sqlite* /usr/bin/
###
### ADD PHP configuration files
###
COPY ./data/php-ini.d/php-5.5.ini /usr/local/etc/php/conf.d/xxx-devilbox-default-php.ini
COPY ./data/php-fpm.conf/php-fpm-5.5.conf /usr/local/etc/php-fpm.conf
###
### ADD Devilbox configuration files
###
COPY ./data/docker-entrypoint.sh /docker-entrypoint.sh
COPY ./data/docker-entrypoint.d/*.sh /docker-entrypoint.d/
COPY ./data/bash-devilbox /etc/bash-devilbox
COPY ./data/sudo-devilbox /etc/sudoers.d/devilbox
###
### Configure Bash
###
RUN set -eux \
&& { \
echo; \
echo "# [Devilbox] Ensure /usr/local(s)?bin is in PATH"; \
echo 'PATH="${PATH}:/usr/local/bin:/usr/local/sbin"'; \
echo "export PATH"; \
echo; \
echo "# [Devilbox] Source Devilbox main bash config"; \
echo ". /etc/bash-devilbox"; \
echo; \
echo "# [Devilbox] Source Devilbox custom configs"; \
echo "if [ -d /etc/bashrc-devilbox.d/ ]; then"; \
echo " for f in /etc/bashrc-devilbox.d/*.sh ; do"; \
echo " if [ -r \"\${f}\" ]; then"; \
echo " . \"\${f}\""; \
echo " fi"; \
echo " done"; \
echo " unset f"; \
echo "fi"; \
} | tee -a /home/${MY_USER}/.bashrc /root/.bashrc \
&& chown ${MY_USER}:${MY_GROUP} /home/${MY_USER}/.bashrc
########################################################################################################################
########################################################################################################################
###
### Stage 3/4: Devilbox slim image (BASE TEST)
###
########################################################################################################################
########################################################################################################################
###
### Test all Devilbox cli utils if copying was successful
###
FROM devilbox-slim-base as devilbox-slim-base-test
RUN set -eux \
&& mysql --version \
&& redis-cli --version \
&& sqlite3 --version
###
### Check if available tools slim
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& if echo '5.5' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '5.5' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& if echo '5.5' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Re-activate modules which have been deactivated in mods (for testing).
###
RUN set -eux \
&& if find /usr/local/lib/php/extensions/ -name phalcon.so | grep phalcon; then \
echo "extension=phalcon.so" > /usr/local/etc/php/conf.d/docker-php-ext-phalcon.ini; \
fi \
&& if find /usr/local/lib/php/extensions/ -name psr.so | grep psr; then \
echo "extension=psr.so" > /usr/local/etc/php/conf.d/docker-php-ext-psr.ini; \
fi
###
### Check if PHP still works
###
RUN set -eux \
&& echo "date.timezone=UTC" > /usr/local/etc/php/php.ini \
&& php -v | grep -oE 'PHP\s[.0-9]+' | grep -oE '[.0-9]+' | grep '^5.5' \
&& /usr/local/sbin/php-fpm --test \
\
&& PHP_ERROR="$( php -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
&& PHP_ERROR="$( php -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
\
&& PHP_FPM_ERROR="$( php-fpm -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& PHP_FPM_ERROR="$( php-fpm -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& rm -f /usr/local/etc/php/php.ini
########################################################################################################################
########################################################################################################################
###
### Stage 4/4: Devilbox slim image (FINAL)
###
########################################################################################################################
########################################################################################################################
###
### Prepare final base image (STAGE: slim)
###
FROM devilbox-slim-base as slim
MAINTAINER "cytopia" <cytopia@everythingcli.org>
###
### Labels
###
# https://github.com/opencontainers/image-spec/blob/master/annotations.md
#LABEL "org.opencontainers.image.created"=""
#LABEL "org.opencontainers.image.version"=""
#LABEL "org.opencontainers.image.revision"=""
LABEL "maintainer"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.authors"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.url"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.documentation"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.source"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.vendor"="devilbox"
LABEL "org.opencontainers.image.licenses"="MIT"
LABEL "org.opencontainers.image.ref.name"="5.5-slim"
LABEL "org.opencontainers.image.title"="PHP-FPM 5.5-slim"
LABEL "org.opencontainers.image.description"="PHP-FPM 5.5-slim"
###
### Volumes
###
VOLUME /shared/backups
VOLUME /var/log/php
VOLUME /var/mail
###
### Ports
###
EXPOSE 9000
###
### Where to start inside the container
###
WORKDIR /shared/httpd
###
### Entrypoint
###
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/supervisord.conf"]
ENTRYPOINT ["/docker-entrypoint.sh"]

626
Dockerfiles/slim/Dockerfile-5.6 Normal file
View File

@@ -0,0 +1,626 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-slim.j2 instead.
########################################################################################################################
########################################################################################################################
###
### Stage 1/4: Devilbox slim image (BASE BUILDER)
###
########################################################################################################################
########################################################################################################################
###
### Installs all cli tools required to run Devilbox and its intranet
###
FROM devilbox/php-fpm:5.6-prod as devilbox-slim-base-builder
###
### Install apt Tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
apt-transport-https \
ca-certificates \
curl \
dirmngr \
gnupg
###
### Add apt repositories
###
RUN set -eux \
&& apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFD622F3D138 \
&& echo "deb http://ftp.debian.org/debian stretch-backports main" > /etc/apt/sources.list.d/backports.list \
&& curl -sS -L --fail "https://packages.blackfire.io/gpg.key" | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb http://packages.blackfire.io/debian any main" > /etc/apt/sources.list.d/blackfire.list \
&& true
###
### Install build_dep
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
libsnappy-dev \
&& rm -rf /var/lib/apt/lists/*
###
### Add common tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
file \
git \
mysql-client \
redis-tools \
sqlite3
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Devilbox required cli tools from group_vars (slim.yml)
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
blackfire-agent \
\
&& rm -rf /var/lib/apt/lists/* \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& DEB_HOST_ARCH="$( dpkg-architecture --query DEB_HOST_ARCH )" \
&& if [ "${DEB_HOST_ARCH}" = "amd64" ] || [ "${DEB_HOST_ARCH}" = "arm64" ]; then \
MHSENDMAIL_URL="https://github.com/devilbox/mhsendmail/releases/download/v0.3.0/mhsendmail_linux_${DEB_HOST_ARCH}" \
&& curl -sS -L --fail "${MHSENDMAIL_URL}" > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
else \
printf '%s\n%s\n%s\n' '#!/bin/sh' 'echo "Not available for this platform."' 'exit 1' > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
fi \
\
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& apt-get update \
&& if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
apt-get install -y --no-install-recommends --no-install-suggests \
mongodb-clients \
mongo-tools; \
else \
apt-get install -y --no-install-recommends --no-install-suggests \
mongodb-clients; \
fi \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '5.6' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '5.6' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& git clone https://github.com/cytopia/mysqldump-secure.git /usr/local/src/mysqldump-secure \
&& cd /usr/local/src/mysqldump-secure \
&& git checkout $(git describe --abbrev=0 --tags) \
&& cp /usr/local/src/mysqldump-secure/bin/mysqldump-secure /usr/local/bin \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.conf /etc \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.cnf /etc \
&& touch /var/log/mysqldump-secure.log \
&& chown ${MY_USER}:${MY_GROUP} /etc/mysqldump-secure.* \
&& chown ${MY_USER}:${MY_GROUP} /var/log/mysqldump-secure.log \
&& chmod 0400 /etc/mysqldump-secure.conf \
&& chmod 0400 /etc/mysqldump-secure.cnf \
&& chmod 0644 /var/log/mysqldump-secure.log \
&& sed -i'' 's/^COMPRESS_ARG=.*/COMPRESS_ARG="-9 -c"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR=.*/DUMP_DIR="\/shared\/backups\/mysql"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR_CHMOD=.*/DUMP_DIR_CHMOD="0755"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_FILE_CHMOD=.*/DUMP_FILE_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^LOG_CHMOD=.*/LOG_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^NAGIOS_LOG=.*/NAGIOS_LOG=0/g' /etc/mysqldump-secure.conf \
&& cd / \
&& rm -rf /usr/local/src/mysqldump-secure \
\
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
curl -sS -k -L --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb https://apt-archive.postgresql.org/pub/repos/apt/ stretch-pgdg main" > /etc/apt/sources.list.d/pgsql.list \
&& apt-get update; \
fi \
\
&& if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
apt-get install -y --no-install-recommends --no-install-suggests \
postgresql-client; \
fi \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '5.6' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Prepare required shared libraries for copying (keep symlinks)
###
RUN set -eux \
&& LIB_GNU_DIR="/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
&& USR_LIB_DIR="/usr/lib" \
&& USR_LIB_GNU_DIR="/usr/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
\
&& mkdir /tmp/lib-gnu \
&& mkdir /tmp/usr-lib \
&& mkdir /tmp/usr-lib-gnu \
\
&& LIB_GNU="libreadline" \
&& USR_LIB="libsnappy libtcmalloc libv8" \
&& USR_LIB_GNU="liblua libpq libpcrecpp libboost libjemalloc libunwind libhiredis libedit libyaml-cpp libstemmer libsnappy libpcap libbsd liblzf" \
\
&& for lib in ${LIB_GNU}; do \
if ls -1 "${LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${LIB_GNU_DIR}"; \
cp -r ${LIB_GNU_DIR}/${lib}* /tmp/lib-gnu/; \
fi \
done \
&& for lib in ${USR_LIB}; do \
if ls -1 "${USR_LIB_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_DIR}"; \
cp -r ${USR_LIB_DIR}/${lib}* /tmp/usr-lib/; \
fi \
done \
&& for lib in ${USR_LIB_GNU}; do \
if ls -1 "${USR_LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_GNU_DIR}"; \
cp -r ${USR_LIB_GNU_DIR}/${lib}* /tmp/usr-lib-gnu/; \
fi \
done
###
### Fix expected PostgreSQL directories
###
### This might not exist on arm64 as software was not available,
### but they are still needed to be present, so we can copy them.
###
RUN set -eux \
&& if [ ! -d "/usr/lib/postgresql" ]; then \
mkdir "/usr/lib/postgresql"; \
fi \
&& if [ ! -d "/usr/share/postgresql-common" ]; then \
mkdir "/usr/share/postgresql-common"; \
fi
###
### Prepare MongoDB binaries for copying.
###
### They might not be available on all architectures (e.g.: arm64).
###
RUN set -eux \
&& mkdir /tmp/mongo \
&& if ls -1 "/usr/bin/" | grep "^mongo" >/dev/null; then \
cp -r /usr/bin/mongo* /tmp/mongo/; \
fi
###
### Strip debugging information to smallen filesize
###
RUN set -eux \
&& STRIP_USR_BINS="blackfire mongo mysql redis sqlite" \
&& STRIP_DIRS="/usr/lib/postgresql/ /usr/share/postgresql-common/ /tmp" \
\
&& for bin in ${STRIP_USR_BINS}; do \
( \
find /usr/bin/ -name "${bin}"* -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& for dir in ${STRIP_DIRS}; do \
( \
find ${dir} -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& strip --strip-all -p /usr/local/bin/mhsendmail 2>/dev/null || true \
&& strip --strip-all -p /usr/local/bin/mysqldump-secure 2>/dev/null || true
########################################################################################################################
########################################################################################################################
###
### Stage 2/4: Devilbox slim image (BASE)
###
########################################################################################################################
########################################################################################################################
###
### Copies all cli tools required to run Devilbox and its intranet into a clean image
###
FROM devilbox/php-fpm:5.6-prod as devilbox-slim-base
ARG ARCH
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Copy shared libraries (required by MongoDB, MySQL, PostgreSQL and Redis)
###
COPY --from=devilbox-slim-base-builder /tmp/lib-gnu/ /lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib-gnu/ /usr/lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib/ /usr/lib/
###
### Copy system files
###
COPY --from=devilbox-slim-base-builder /etc/group /etc/group
COPY --from=devilbox-slim-base-builder /etc/passwd /etc/passwd
COPY --from=devilbox-slim-base-builder /etc/shadow /etc/shadow
###
### Copy Blackfire
###
COPY --from=devilbox-slim-base-builder /etc/blackfire /etc/blackfire
COPY --from=devilbox-slim-base-builder /etc/default/blackfire-agent /etc/default/blackfire-agent
COPY --from=devilbox-slim-base-builder /usr/bin/blackfire* /usr/bin/
COPY --from=devilbox-slim-base-builder /var/log/blackfire /var/log/blackfire
###
### Copy mhsendmail
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mhsendmail /usr/local/bin/
###
### Copy MongoDB client (if exists)
###
COPY --from=devilbox-slim-base-builder /tmp/mongo/ /usr/bin/
###
### Copy MysQL Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/mysql* /usr/bin/
###
### Copy mysqldump-secure
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mysqldump-secure /usr/local/bin/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.conf /etc/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.cnf /etc/
COPY --from=devilbox-slim-base-builder /var/log/mysqldump-secure.log /var/log/
###
### Copy PostgreSQL
###
COPY --from=devilbox-slim-base-builder /usr/lib/postgresql /usr/lib/postgresql
COPY --from=devilbox-slim-base-builder /usr/share/postgresql-common /usr/share/postgresql-common
COPY --from=devilbox-slim-base-builder /usr/share/perl5 /usr/share/perl5
###
### Create PostgreSQL symlinks
###
RUN set -eux \
&& if [ -f "/usr/share/postgresql-common/pg_wrapper" ]; then \
ln -s ../share/postgresql-common/pg_wrapper /usr/bin/clusterdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createlang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/droplang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_basebackup \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dump \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dumpall \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_isready \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivewal \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivexlog \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_recvlogical \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_restore \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pgbench \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/psql \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/reindexdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumlo; \
fi
###
### Copy Redis Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/redis* /usr/bin/
###
### Copy SQLite Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/sqlite* /usr/bin/
###
### ADD PHP configuration files
###
COPY ./data/php-ini.d/php-5.6.ini /usr/local/etc/php/conf.d/xxx-devilbox-default-php.ini
COPY ./data/php-fpm.conf/php-fpm-5.6.conf /usr/local/etc/php-fpm.conf
###
### ADD Devilbox configuration files
###
COPY ./data/docker-entrypoint.sh /docker-entrypoint.sh
COPY ./data/docker-entrypoint.d/*.sh /docker-entrypoint.d/
COPY ./data/bash-devilbox /etc/bash-devilbox
COPY ./data/sudo-devilbox /etc/sudoers.d/devilbox
###
### Configure Bash
###
RUN set -eux \
&& { \
echo; \
echo "# [Devilbox] Ensure /usr/local(s)?bin is in PATH"; \
echo 'PATH="${PATH}:/usr/local/bin:/usr/local/sbin"'; \
echo "export PATH"; \
echo; \
echo "# [Devilbox] Source Devilbox main bash config"; \
echo ". /etc/bash-devilbox"; \
echo; \
echo "# [Devilbox] Source Devilbox custom configs"; \
echo "if [ -d /etc/bashrc-devilbox.d/ ]; then"; \
echo " for f in /etc/bashrc-devilbox.d/*.sh ; do"; \
echo " if [ -r \"\${f}\" ]; then"; \
echo " . \"\${f}\""; \
echo " fi"; \
echo " done"; \
echo " unset f"; \
echo "fi"; \
} | tee -a /home/${MY_USER}/.bashrc /root/.bashrc \
&& chown ${MY_USER}:${MY_GROUP} /home/${MY_USER}/.bashrc
########################################################################################################################
########################################################################################################################
###
### Stage 3/4: Devilbox slim image (BASE TEST)
###
########################################################################################################################
########################################################################################################################
###
### Test all Devilbox cli utils if copying was successful
###
FROM devilbox-slim-base as devilbox-slim-base-test
RUN set -eux \
&& mysql --version \
&& redis-cli --version \
&& sqlite3 --version
###
### Check if available tools slim
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& if echo '5.6' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '5.6' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& if echo '5.6' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Re-activate modules which have been deactivated in mods (for testing).
###
RUN set -eux \
&& if find /usr/local/lib/php/extensions/ -name phalcon.so | grep phalcon; then \
echo "extension=phalcon.so" > /usr/local/etc/php/conf.d/docker-php-ext-phalcon.ini; \
fi \
&& if find /usr/local/lib/php/extensions/ -name psr.so | grep psr; then \
echo "extension=psr.so" > /usr/local/etc/php/conf.d/docker-php-ext-psr.ini; \
fi
###
### Check if PHP still works
###
RUN set -eux \
&& echo "date.timezone=UTC" > /usr/local/etc/php/php.ini \
&& php -v | grep -oE 'PHP\s[.0-9]+' | grep -oE '[.0-9]+' | grep '^5.6' \
&& /usr/local/sbin/php-fpm --test \
\
&& PHP_ERROR="$( php -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
&& PHP_ERROR="$( php -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
\
&& PHP_FPM_ERROR="$( php-fpm -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& PHP_FPM_ERROR="$( php-fpm -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& rm -f /usr/local/etc/php/php.ini
########################################################################################################################
########################################################################################################################
###
### Stage 4/4: Devilbox slim image (FINAL)
###
########################################################################################################################
########################################################################################################################
###
### Prepare final base image (STAGE: slim)
###
FROM devilbox-slim-base as slim
MAINTAINER "cytopia" <cytopia@everythingcli.org>
###
### Labels
###
# https://github.com/opencontainers/image-spec/blob/master/annotations.md
#LABEL "org.opencontainers.image.created"=""
#LABEL "org.opencontainers.image.version"=""
#LABEL "org.opencontainers.image.revision"=""
LABEL "maintainer"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.authors"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.url"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.documentation"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.source"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.vendor"="devilbox"
LABEL "org.opencontainers.image.licenses"="MIT"
LABEL "org.opencontainers.image.ref.name"="5.6-slim"
LABEL "org.opencontainers.image.title"="PHP-FPM 5.6-slim"
LABEL "org.opencontainers.image.description"="PHP-FPM 5.6-slim"
###
### Volumes
###
VOLUME /shared/backups
VOLUME /var/log/php
VOLUME /var/mail
###
### Ports
###
EXPOSE 9000
###
### Where to start inside the container
###
WORKDIR /shared/httpd
###
### Entrypoint
###
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/supervisord.conf"]
ENTRYPOINT ["/docker-entrypoint.sh"]

626
Dockerfiles/slim/Dockerfile-7.0 Normal file
View File

@@ -0,0 +1,626 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-slim.j2 instead.
########################################################################################################################
########################################################################################################################
###
### Stage 1/4: Devilbox slim image (BASE BUILDER)
###
########################################################################################################################
########################################################################################################################
###
### Installs all cli tools required to run Devilbox and its intranet
###
FROM devilbox/php-fpm:7.0-prod as devilbox-slim-base-builder
###
### Install apt Tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
apt-transport-https \
ca-certificates \
curl \
dirmngr \
gnupg
###
### Add apt repositories
###
RUN set -eux \
&& apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFD622F3D138 \
&& echo "deb http://ftp.debian.org/debian stretch-backports main" > /etc/apt/sources.list.d/backports.list \
&& curl -sS -L --fail "https://packages.blackfire.io/gpg.key" | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb http://packages.blackfire.io/debian any main" > /etc/apt/sources.list.d/blackfire.list \
&& true
###
### Install build_dep
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
libsnappy-dev \
&& rm -rf /var/lib/apt/lists/*
###
### Add common tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
file \
git \
mysql-client \
redis-tools \
sqlite3
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Devilbox required cli tools from group_vars (slim.yml)
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
blackfire-agent \
\
&& rm -rf /var/lib/apt/lists/* \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& DEB_HOST_ARCH="$( dpkg-architecture --query DEB_HOST_ARCH )" \
&& if [ "${DEB_HOST_ARCH}" = "amd64" ] || [ "${DEB_HOST_ARCH}" = "arm64" ]; then \
MHSENDMAIL_URL="https://github.com/devilbox/mhsendmail/releases/download/v0.3.0/mhsendmail_linux_${DEB_HOST_ARCH}" \
&& curl -sS -L --fail "${MHSENDMAIL_URL}" > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
else \
printf '%s\n%s\n%s\n' '#!/bin/sh' 'echo "Not available for this platform."' 'exit 1' > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
fi \
\
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& apt-get update \
&& if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
apt-get install -y --no-install-recommends --no-install-suggests \
mongodb-clients \
mongo-tools; \
else \
apt-get install -y --no-install-recommends --no-install-suggests \
mongodb-clients; \
fi \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '7.0' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '7.0' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& git clone https://github.com/cytopia/mysqldump-secure.git /usr/local/src/mysqldump-secure \
&& cd /usr/local/src/mysqldump-secure \
&& git checkout $(git describe --abbrev=0 --tags) \
&& cp /usr/local/src/mysqldump-secure/bin/mysqldump-secure /usr/local/bin \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.conf /etc \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.cnf /etc \
&& touch /var/log/mysqldump-secure.log \
&& chown ${MY_USER}:${MY_GROUP} /etc/mysqldump-secure.* \
&& chown ${MY_USER}:${MY_GROUP} /var/log/mysqldump-secure.log \
&& chmod 0400 /etc/mysqldump-secure.conf \
&& chmod 0400 /etc/mysqldump-secure.cnf \
&& chmod 0644 /var/log/mysqldump-secure.log \
&& sed -i'' 's/^COMPRESS_ARG=.*/COMPRESS_ARG="-9 -c"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR=.*/DUMP_DIR="\/shared\/backups\/mysql"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR_CHMOD=.*/DUMP_DIR_CHMOD="0755"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_FILE_CHMOD=.*/DUMP_FILE_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^LOG_CHMOD=.*/LOG_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^NAGIOS_LOG=.*/NAGIOS_LOG=0/g' /etc/mysqldump-secure.conf \
&& cd / \
&& rm -rf /usr/local/src/mysqldump-secure \
\
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
curl -sS -k -L --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb https://apt-archive.postgresql.org/pub/repos/apt/ stretch-pgdg main" > /etc/apt/sources.list.d/pgsql.list \
&& apt-get update; \
fi \
\
&& if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
apt-get install -y --no-install-recommends --no-install-suggests \
postgresql-client; \
fi \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '7.0' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Prepare required shared libraries for copying (keep symlinks)
###
RUN set -eux \
&& LIB_GNU_DIR="/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
&& USR_LIB_DIR="/usr/lib" \
&& USR_LIB_GNU_DIR="/usr/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
\
&& mkdir /tmp/lib-gnu \
&& mkdir /tmp/usr-lib \
&& mkdir /tmp/usr-lib-gnu \
\
&& LIB_GNU="libreadline" \
&& USR_LIB="libsnappy libtcmalloc libv8" \
&& USR_LIB_GNU="liblua libpq libpcrecpp libboost libjemalloc libunwind libhiredis libedit libyaml-cpp libstemmer libsnappy libpcap libbsd liblzf" \
\
&& for lib in ${LIB_GNU}; do \
if ls -1 "${LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${LIB_GNU_DIR}"; \
cp -r ${LIB_GNU_DIR}/${lib}* /tmp/lib-gnu/; \
fi \
done \
&& for lib in ${USR_LIB}; do \
if ls -1 "${USR_LIB_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_DIR}"; \
cp -r ${USR_LIB_DIR}/${lib}* /tmp/usr-lib/; \
fi \
done \
&& for lib in ${USR_LIB_GNU}; do \
if ls -1 "${USR_LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_GNU_DIR}"; \
cp -r ${USR_LIB_GNU_DIR}/${lib}* /tmp/usr-lib-gnu/; \
fi \
done
###
### Fix expected PostgreSQL directories
###
### This might not exist on arm64 as software was not available,
### but they are still needed to be present, so we can copy them.
###
RUN set -eux \
&& if [ ! -d "/usr/lib/postgresql" ]; then \
mkdir "/usr/lib/postgresql"; \
fi \
&& if [ ! -d "/usr/share/postgresql-common" ]; then \
mkdir "/usr/share/postgresql-common"; \
fi
###
### Prepare MongoDB binaries for copying.
###
### They might not be available on all architectures (e.g.: arm64).
###
RUN set -eux \
&& mkdir /tmp/mongo \
&& if ls -1 "/usr/bin/" | grep "^mongo" >/dev/null; then \
cp -r /usr/bin/mongo* /tmp/mongo/; \
fi
###
### Strip debugging information to smallen filesize
###
RUN set -eux \
&& STRIP_USR_BINS="blackfire mongo mysql redis sqlite" \
&& STRIP_DIRS="/usr/lib/postgresql/ /usr/share/postgresql-common/ /tmp" \
\
&& for bin in ${STRIP_USR_BINS}; do \
( \
find /usr/bin/ -name "${bin}"* -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& for dir in ${STRIP_DIRS}; do \
( \
find ${dir} -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& strip --strip-all -p /usr/local/bin/mhsendmail 2>/dev/null || true \
&& strip --strip-all -p /usr/local/bin/mysqldump-secure 2>/dev/null || true
########################################################################################################################
########################################################################################################################
###
### Stage 2/4: Devilbox slim image (BASE)
###
########################################################################################################################
########################################################################################################################
###
### Copies all cli tools required to run Devilbox and its intranet into a clean image
###
FROM devilbox/php-fpm:7.0-prod as devilbox-slim-base
ARG ARCH
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Copy shared libraries (required by MongoDB, MySQL, PostgreSQL and Redis)
###
COPY --from=devilbox-slim-base-builder /tmp/lib-gnu/ /lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib-gnu/ /usr/lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib/ /usr/lib/
###
### Copy system files
###
COPY --from=devilbox-slim-base-builder /etc/group /etc/group
COPY --from=devilbox-slim-base-builder /etc/passwd /etc/passwd
COPY --from=devilbox-slim-base-builder /etc/shadow /etc/shadow
###
### Copy Blackfire
###
COPY --from=devilbox-slim-base-builder /etc/blackfire /etc/blackfire
COPY --from=devilbox-slim-base-builder /etc/default/blackfire-agent /etc/default/blackfire-agent
COPY --from=devilbox-slim-base-builder /usr/bin/blackfire* /usr/bin/
COPY --from=devilbox-slim-base-builder /var/log/blackfire /var/log/blackfire
###
### Copy mhsendmail
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mhsendmail /usr/local/bin/
###
### Copy MongoDB client (if exists)
###
COPY --from=devilbox-slim-base-builder /tmp/mongo/ /usr/bin/
###
### Copy MysQL Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/mysql* /usr/bin/
###
### Copy mysqldump-secure
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mysqldump-secure /usr/local/bin/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.conf /etc/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.cnf /etc/
COPY --from=devilbox-slim-base-builder /var/log/mysqldump-secure.log /var/log/
###
### Copy PostgreSQL
###
COPY --from=devilbox-slim-base-builder /usr/lib/postgresql /usr/lib/postgresql
COPY --from=devilbox-slim-base-builder /usr/share/postgresql-common /usr/share/postgresql-common
COPY --from=devilbox-slim-base-builder /usr/share/perl5 /usr/share/perl5
###
### Create PostgreSQL symlinks
###
RUN set -eux \
&& if [ -f "/usr/share/postgresql-common/pg_wrapper" ]; then \
ln -s ../share/postgresql-common/pg_wrapper /usr/bin/clusterdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createlang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/droplang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_basebackup \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dump \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dumpall \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_isready \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivewal \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivexlog \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_recvlogical \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_restore \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pgbench \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/psql \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/reindexdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumlo; \
fi
###
### Copy Redis Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/redis* /usr/bin/
###
### Copy SQLite Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/sqlite* /usr/bin/
###
### ADD PHP configuration files
###
COPY ./data/php-ini.d/php-7.0.ini /usr/local/etc/php/conf.d/xxx-devilbox-default-php.ini
COPY ./data/php-fpm.conf/php-fpm-7.0.conf /usr/local/etc/php-fpm.conf
###
### ADD Devilbox configuration files
###
COPY ./data/docker-entrypoint.sh /docker-entrypoint.sh
COPY ./data/docker-entrypoint.d/*.sh /docker-entrypoint.d/
COPY ./data/bash-devilbox /etc/bash-devilbox
COPY ./data/sudo-devilbox /etc/sudoers.d/devilbox
###
### Configure Bash
###
RUN set -eux \
&& { \
echo; \
echo "# [Devilbox] Ensure /usr/local(s)?bin is in PATH"; \
echo 'PATH="${PATH}:/usr/local/bin:/usr/local/sbin"'; \
echo "export PATH"; \
echo; \
echo "# [Devilbox] Source Devilbox main bash config"; \
echo ". /etc/bash-devilbox"; \
echo; \
echo "# [Devilbox] Source Devilbox custom configs"; \
echo "if [ -d /etc/bashrc-devilbox.d/ ]; then"; \
echo " for f in /etc/bashrc-devilbox.d/*.sh ; do"; \
echo " if [ -r \"\${f}\" ]; then"; \
echo " . \"\${f}\""; \
echo " fi"; \
echo " done"; \
echo " unset f"; \
echo "fi"; \
} | tee -a /home/${MY_USER}/.bashrc /root/.bashrc \
&& chown ${MY_USER}:${MY_GROUP} /home/${MY_USER}/.bashrc
########################################################################################################################
########################################################################################################################
###
### Stage 3/4: Devilbox slim image (BASE TEST)
###
########################################################################################################################
########################################################################################################################
###
### Test all Devilbox cli utils if copying was successful
###
FROM devilbox-slim-base as devilbox-slim-base-test
RUN set -eux \
&& mysql --version \
&& redis-cli --version \
&& sqlite3 --version
###
### Check if available tools slim
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& if echo '7.0' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '7.0' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& if echo '7.0' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Re-activate modules which have been deactivated in mods (for testing).
###
RUN set -eux \
&& if find /usr/local/lib/php/extensions/ -name phalcon.so | grep phalcon; then \
echo "extension=phalcon.so" > /usr/local/etc/php/conf.d/docker-php-ext-phalcon.ini; \
fi \
&& if find /usr/local/lib/php/extensions/ -name psr.so | grep psr; then \
echo "extension=psr.so" > /usr/local/etc/php/conf.d/docker-php-ext-psr.ini; \
fi
###
### Check if PHP still works
###
RUN set -eux \
&& echo "date.timezone=UTC" > /usr/local/etc/php/php.ini \
&& php -v | grep -oE 'PHP\s[.0-9]+' | grep -oE '[.0-9]+' | grep '^7.0' \
&& /usr/local/sbin/php-fpm --test \
\
&& PHP_ERROR="$( php -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
&& PHP_ERROR="$( php -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
\
&& PHP_FPM_ERROR="$( php-fpm -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& PHP_FPM_ERROR="$( php-fpm -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& rm -f /usr/local/etc/php/php.ini
########################################################################################################################
########################################################################################################################
###
### Stage 4/4: Devilbox slim image (FINAL)
###
########################################################################################################################
########################################################################################################################
###
### Prepare final base image (STAGE: slim)
###
FROM devilbox-slim-base as slim
MAINTAINER "cytopia" <cytopia@everythingcli.org>
###
### Labels
###
# https://github.com/opencontainers/image-spec/blob/master/annotations.md
#LABEL "org.opencontainers.image.created"=""
#LABEL "org.opencontainers.image.version"=""
#LABEL "org.opencontainers.image.revision"=""
LABEL "maintainer"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.authors"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.url"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.documentation"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.source"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.vendor"="devilbox"
LABEL "org.opencontainers.image.licenses"="MIT"
LABEL "org.opencontainers.image.ref.name"="7.0-slim"
LABEL "org.opencontainers.image.title"="PHP-FPM 7.0-slim"
LABEL "org.opencontainers.image.description"="PHP-FPM 7.0-slim"
###
### Volumes
###
VOLUME /shared/backups
VOLUME /var/log/php
VOLUME /var/mail
###
### Ports
###
EXPOSE 9000
###
### Where to start inside the container
###
WORKDIR /shared/httpd
###
### Entrypoint
###
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/supervisord.conf"]
ENTRYPOINT ["/docker-entrypoint.sh"]

620
Dockerfiles/slim/Dockerfile-7.1 Normal file
View File

@@ -0,0 +1,620 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-slim.j2 instead.
########################################################################################################################
########################################################################################################################
###
### Stage 1/4: Devilbox slim image (BASE BUILDER)
###
########################################################################################################################
########################################################################################################################
###
### Installs all cli tools required to run Devilbox and its intranet
###
FROM devilbox/php-fpm:7.1-prod as devilbox-slim-base-builder
###
### Install apt Tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
apt-transport-https \
ca-certificates \
curl \
dirmngr \
gnupg
###
### Add apt repositories
###
RUN set -eux \
&& apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFD622F3D138 \
&& echo "deb http://ftp.debian.org/debian buster-backports main" > /etc/apt/sources.list.d/backports.list \
&& curl -sS -L --fail "https://packages.blackfire.io/gpg.key" | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb http://packages.blackfire.io/debian any main" > /etc/apt/sources.list.d/blackfire.list \
&& true
###
### Install build_dep
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
libsnappy-dev \
&& rm -rf /var/lib/apt/lists/*
###
### Add common tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
file \
git \
mariadb-client \
redis-tools \
sqlite3
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Devilbox required cli tools from group_vars (slim.yml)
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
blackfire-agent \
\
&& rm -rf /var/lib/apt/lists/* \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& DEB_HOST_ARCH="$( dpkg-architecture --query DEB_HOST_ARCH )" \
&& if [ "${DEB_HOST_ARCH}" = "amd64" ] || [ "${DEB_HOST_ARCH}" = "arm64" ]; then \
MHSENDMAIL_URL="https://github.com/devilbox/mhsendmail/releases/download/v0.3.0/mhsendmail_linux_${DEB_HOST_ARCH}" \
&& curl -sS -L --fail "${MHSENDMAIL_URL}" > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
else \
printf '%s\n%s\n%s\n' '#!/bin/sh' 'echo "Not available for this platform."' 'exit 1' > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
fi \
\
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 20691EEC35216C63CAF66CE1656408E390CFB1F5 \
&& echo "deb http://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.4 multiverse" > /etc/apt/sources.list.d/mongo.list \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
mongodb-org-tools \
mongodb-org-shell \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '7.1' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '7.1' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& git clone https://github.com/cytopia/mysqldump-secure.git /usr/local/src/mysqldump-secure \
&& cd /usr/local/src/mysqldump-secure \
&& git checkout $(git describe --abbrev=0 --tags) \
&& cp /usr/local/src/mysqldump-secure/bin/mysqldump-secure /usr/local/bin \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.conf /etc \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.cnf /etc \
&& touch /var/log/mysqldump-secure.log \
&& chown ${MY_USER}:${MY_GROUP} /etc/mysqldump-secure.* \
&& chown ${MY_USER}:${MY_GROUP} /var/log/mysqldump-secure.log \
&& chmod 0400 /etc/mysqldump-secure.conf \
&& chmod 0400 /etc/mysqldump-secure.cnf \
&& chmod 0644 /var/log/mysqldump-secure.log \
&& sed -i'' 's/^COMPRESS_ARG=.*/COMPRESS_ARG="-9 -c"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR=.*/DUMP_DIR="\/shared\/backups\/mysql"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR_CHMOD=.*/DUMP_DIR_CHMOD="0755"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_FILE_CHMOD=.*/DUMP_FILE_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^LOG_CHMOD=.*/LOG_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^NAGIOS_LOG=.*/NAGIOS_LOG=0/g' /etc/mysqldump-secure.conf \
&& cd / \
&& rm -rf /usr/local/src/mysqldump-secure \
\
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& curl -sS -k -L --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb http://apt.postgresql.org/pub/repos/apt/ buster-pgdg main" > /etc/apt/sources.list.d/pgsql.list \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
postgresql-client \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '7.1' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Prepare required shared libraries for copying (keep symlinks)
###
RUN set -eux \
&& LIB_GNU_DIR="/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
&& USR_LIB_DIR="/usr/lib" \
&& USR_LIB_GNU_DIR="/usr/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
\
&& mkdir /tmp/lib-gnu \
&& mkdir /tmp/usr-lib \
&& mkdir /tmp/usr-lib-gnu \
\
&& LIB_GNU="libreadline" \
&& USR_LIB="libsnappy libtcmalloc libv8" \
&& USR_LIB_GNU="liblua libpq libpcrecpp libboost libjemalloc libunwind libhiredis libedit libyaml-cpp libstemmer libsnappy libpcap libbsd liblzf" \
\
&& for lib in ${LIB_GNU}; do \
if ls -1 "${LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${LIB_GNU_DIR}"; \
cp -r ${LIB_GNU_DIR}/${lib}* /tmp/lib-gnu/; \
fi \
done \
&& for lib in ${USR_LIB}; do \
if ls -1 "${USR_LIB_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_DIR}"; \
cp -r ${USR_LIB_DIR}/${lib}* /tmp/usr-lib/; \
fi \
done \
&& for lib in ${USR_LIB_GNU}; do \
if ls -1 "${USR_LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_GNU_DIR}"; \
cp -r ${USR_LIB_GNU_DIR}/${lib}* /tmp/usr-lib-gnu/; \
fi \
done
###
### Fix expected PostgreSQL directories
###
### This might not exist on arm64 as software was not available,
### but they are still needed to be present, so we can copy them.
###
RUN set -eux \
&& if [ ! -d "/usr/lib/postgresql" ]; then \
mkdir "/usr/lib/postgresql"; \
fi \
&& if [ ! -d "/usr/share/postgresql-common" ]; then \
mkdir "/usr/share/postgresql-common"; \
fi
###
### Prepare MongoDB binaries for copying.
###
### They might not be available on all architectures (e.g.: arm64).
###
RUN set -eux \
&& mkdir /tmp/mongo \
&& if ls -1 "/usr/bin/" | grep "^mongo" >/dev/null; then \
cp -r /usr/bin/mongo* /tmp/mongo/; \
fi
###
### Strip debugging information to smallen filesize
###
RUN set -eux \
&& STRIP_USR_BINS="blackfire mongo mysql redis sqlite" \
&& STRIP_DIRS="/usr/lib/postgresql/ /usr/share/postgresql-common/ /tmp" \
\
&& for bin in ${STRIP_USR_BINS}; do \
( \
find /usr/bin/ -name "${bin}"* -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& for dir in ${STRIP_DIRS}; do \
( \
find ${dir} -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& strip --strip-all -p /usr/local/bin/mhsendmail 2>/dev/null || true \
&& strip --strip-all -p /usr/local/bin/mysqldump-secure 2>/dev/null || true
########################################################################################################################
########################################################################################################################
###
### Stage 2/4: Devilbox slim image (BASE)
###
########################################################################################################################
########################################################################################################################
###
### Copies all cli tools required to run Devilbox and its intranet into a clean image
###
FROM devilbox/php-fpm:7.1-prod as devilbox-slim-base
ARG ARCH
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Copy shared libraries (required by MongoDB, MySQL, PostgreSQL and Redis)
###
COPY --from=devilbox-slim-base-builder /tmp/lib-gnu/ /lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib-gnu/ /usr/lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib/ /usr/lib/
###
### Copy system files
###
COPY --from=devilbox-slim-base-builder /etc/group /etc/group
COPY --from=devilbox-slim-base-builder /etc/passwd /etc/passwd
COPY --from=devilbox-slim-base-builder /etc/shadow /etc/shadow
###
### Copy Blackfire
###
COPY --from=devilbox-slim-base-builder /etc/blackfire /etc/blackfire
COPY --from=devilbox-slim-base-builder /etc/default/blackfire-agent /etc/default/blackfire-agent
COPY --from=devilbox-slim-base-builder /usr/bin/blackfire* /usr/bin/
COPY --from=devilbox-slim-base-builder /var/log/blackfire /var/log/blackfire
###
### Copy mhsendmail
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mhsendmail /usr/local/bin/
###
### Copy MongoDB client (if exists)
###
COPY --from=devilbox-slim-base-builder /tmp/mongo/ /usr/bin/
###
### Copy MysQL Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/mysql* /usr/bin/
###
### Copy mysqldump-secure
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mysqldump-secure /usr/local/bin/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.conf /etc/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.cnf /etc/
COPY --from=devilbox-slim-base-builder /var/log/mysqldump-secure.log /var/log/
###
### Copy PostgreSQL
###
COPY --from=devilbox-slim-base-builder /usr/lib/postgresql /usr/lib/postgresql
COPY --from=devilbox-slim-base-builder /usr/share/postgresql-common /usr/share/postgresql-common
COPY --from=devilbox-slim-base-builder /usr/share/perl5 /usr/share/perl5
###
### Create PostgreSQL symlinks
###
RUN set -eux \
&& if [ -f "/usr/share/postgresql-common/pg_wrapper" ]; then \
ln -s ../share/postgresql-common/pg_wrapper /usr/bin/clusterdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createlang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/droplang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_basebackup \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dump \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dumpall \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_isready \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivewal \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivexlog \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_recvlogical \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_restore \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pgbench \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/psql \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/reindexdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumlo; \
fi
###
### Copy Redis Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/redis* /usr/bin/
###
### Copy SQLite Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/sqlite* /usr/bin/
###
### ADD PHP configuration files
###
COPY ./data/php-ini.d/php-7.1.ini /usr/local/etc/php/conf.d/xxx-devilbox-default-php.ini
COPY ./data/php-fpm.conf/php-fpm-7.1.conf /usr/local/etc/php-fpm.conf
###
### ADD Devilbox configuration files
###
COPY ./data/docker-entrypoint.sh /docker-entrypoint.sh
COPY ./data/docker-entrypoint.d/*.sh /docker-entrypoint.d/
COPY ./data/bash-devilbox /etc/bash-devilbox
COPY ./data/sudo-devilbox /etc/sudoers.d/devilbox
###
### Configure Bash
###
RUN set -eux \
&& { \
echo; \
echo "# [Devilbox] Ensure /usr/local(s)?bin is in PATH"; \
echo 'PATH="${PATH}:/usr/local/bin:/usr/local/sbin"'; \
echo "export PATH"; \
echo; \
echo "# [Devilbox] Source Devilbox main bash config"; \
echo ". /etc/bash-devilbox"; \
echo; \
echo "# [Devilbox] Source Devilbox custom configs"; \
echo "if [ -d /etc/bashrc-devilbox.d/ ]; then"; \
echo " for f in /etc/bashrc-devilbox.d/*.sh ; do"; \
echo " if [ -r \"\${f}\" ]; then"; \
echo " . \"\${f}\""; \
echo " fi"; \
echo " done"; \
echo " unset f"; \
echo "fi"; \
} | tee -a /home/${MY_USER}/.bashrc /root/.bashrc \
&& chown ${MY_USER}:${MY_GROUP} /home/${MY_USER}/.bashrc
########################################################################################################################
########################################################################################################################
###
### Stage 3/4: Devilbox slim image (BASE TEST)
###
########################################################################################################################
########################################################################################################################
###
### Test all Devilbox cli utils if copying was successful
###
FROM devilbox-slim-base as devilbox-slim-base-test
RUN set -eux \
&& mysql --version \
&& redis-cli --version \
&& sqlite3 --version
###
### Check if available tools slim
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& if echo '7.1' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '7.1' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& if echo '7.1' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Re-activate modules which have been deactivated in mods (for testing).
###
RUN set -eux \
&& if find /usr/local/lib/php/extensions/ -name phalcon.so | grep phalcon; then \
echo "extension=phalcon.so" > /usr/local/etc/php/conf.d/docker-php-ext-phalcon.ini; \
fi \
&& if find /usr/local/lib/php/extensions/ -name psr.so | grep psr; then \
echo "extension=psr.so" > /usr/local/etc/php/conf.d/docker-php-ext-psr.ini; \
fi
###
### Check if PHP still works
###
RUN set -eux \
&& echo "date.timezone=UTC" > /usr/local/etc/php/php.ini \
&& php -v | grep -oE 'PHP\s[.0-9]+' | grep -oE '[.0-9]+' | grep '^7.1' \
&& /usr/local/sbin/php-fpm --test \
\
&& PHP_ERROR="$( php -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
&& PHP_ERROR="$( php -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
\
&& PHP_FPM_ERROR="$( php-fpm -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& PHP_FPM_ERROR="$( php-fpm -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& rm -f /usr/local/etc/php/php.ini
########################################################################################################################
########################################################################################################################
###
### Stage 4/4: Devilbox slim image (FINAL)
###
########################################################################################################################
########################################################################################################################
###
### Prepare final base image (STAGE: slim)
###
FROM devilbox-slim-base as slim
MAINTAINER "cytopia" <cytopia@everythingcli.org>
###
### Labels
###
# https://github.com/opencontainers/image-spec/blob/master/annotations.md
#LABEL "org.opencontainers.image.created"=""
#LABEL "org.opencontainers.image.version"=""
#LABEL "org.opencontainers.image.revision"=""
LABEL "maintainer"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.authors"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.url"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.documentation"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.source"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.vendor"="devilbox"
LABEL "org.opencontainers.image.licenses"="MIT"
LABEL "org.opencontainers.image.ref.name"="7.1-slim"
LABEL "org.opencontainers.image.title"="PHP-FPM 7.1-slim"
LABEL "org.opencontainers.image.description"="PHP-FPM 7.1-slim"
###
### Volumes
###
VOLUME /shared/backups
VOLUME /var/log/php
VOLUME /var/mail
###
### Ports
###
EXPOSE 9000
###
### Where to start inside the container
###
WORKDIR /shared/httpd
###
### Entrypoint
###
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/supervisord.conf"]
ENTRYPOINT ["/docker-entrypoint.sh"]

620
Dockerfiles/slim/Dockerfile-7.2 Normal file
View File

@@ -0,0 +1,620 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-slim.j2 instead.
########################################################################################################################
########################################################################################################################
###
### Stage 1/4: Devilbox slim image (BASE BUILDER)
###
########################################################################################################################
########################################################################################################################
###
### Installs all cli tools required to run Devilbox and its intranet
###
FROM devilbox/php-fpm:7.2-prod as devilbox-slim-base-builder
###
### Install apt Tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
apt-transport-https \
ca-certificates \
curl \
dirmngr \
gnupg
###
### Add apt repositories
###
RUN set -eux \
&& apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFD622F3D138 \
&& echo "deb http://ftp.debian.org/debian buster-backports main" > /etc/apt/sources.list.d/backports.list \
&& curl -sS -L --fail "https://packages.blackfire.io/gpg.key" | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb http://packages.blackfire.io/debian any main" > /etc/apt/sources.list.d/blackfire.list \
&& true
###
### Install build_dep
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
libsnappy-dev \
&& rm -rf /var/lib/apt/lists/*
###
### Add common tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
file \
git \
mariadb-client \
redis-tools \
sqlite3
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Devilbox required cli tools from group_vars (slim.yml)
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
blackfire-agent \
\
&& rm -rf /var/lib/apt/lists/* \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& DEB_HOST_ARCH="$( dpkg-architecture --query DEB_HOST_ARCH )" \
&& if [ "${DEB_HOST_ARCH}" = "amd64" ] || [ "${DEB_HOST_ARCH}" = "arm64" ]; then \
MHSENDMAIL_URL="https://github.com/devilbox/mhsendmail/releases/download/v0.3.0/mhsendmail_linux_${DEB_HOST_ARCH}" \
&& curl -sS -L --fail "${MHSENDMAIL_URL}" > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
else \
printf '%s\n%s\n%s\n' '#!/bin/sh' 'echo "Not available for this platform."' 'exit 1' > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
fi \
\
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 20691EEC35216C63CAF66CE1656408E390CFB1F5 \
&& echo "deb http://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.4 multiverse" > /etc/apt/sources.list.d/mongo.list \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
mongodb-org-tools \
mongodb-org-shell \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '7.2' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '7.2' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& git clone https://github.com/cytopia/mysqldump-secure.git /usr/local/src/mysqldump-secure \
&& cd /usr/local/src/mysqldump-secure \
&& git checkout $(git describe --abbrev=0 --tags) \
&& cp /usr/local/src/mysqldump-secure/bin/mysqldump-secure /usr/local/bin \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.conf /etc \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.cnf /etc \
&& touch /var/log/mysqldump-secure.log \
&& chown ${MY_USER}:${MY_GROUP} /etc/mysqldump-secure.* \
&& chown ${MY_USER}:${MY_GROUP} /var/log/mysqldump-secure.log \
&& chmod 0400 /etc/mysqldump-secure.conf \
&& chmod 0400 /etc/mysqldump-secure.cnf \
&& chmod 0644 /var/log/mysqldump-secure.log \
&& sed -i'' 's/^COMPRESS_ARG=.*/COMPRESS_ARG="-9 -c"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR=.*/DUMP_DIR="\/shared\/backups\/mysql"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR_CHMOD=.*/DUMP_DIR_CHMOD="0755"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_FILE_CHMOD=.*/DUMP_FILE_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^LOG_CHMOD=.*/LOG_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^NAGIOS_LOG=.*/NAGIOS_LOG=0/g' /etc/mysqldump-secure.conf \
&& cd / \
&& rm -rf /usr/local/src/mysqldump-secure \
\
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& curl -sS -k -L --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb http://apt.postgresql.org/pub/repos/apt/ buster-pgdg main" > /etc/apt/sources.list.d/pgsql.list \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
postgresql-client \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '7.2' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Prepare required shared libraries for copying (keep symlinks)
###
RUN set -eux \
&& LIB_GNU_DIR="/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
&& USR_LIB_DIR="/usr/lib" \
&& USR_LIB_GNU_DIR="/usr/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
\
&& mkdir /tmp/lib-gnu \
&& mkdir /tmp/usr-lib \
&& mkdir /tmp/usr-lib-gnu \
\
&& LIB_GNU="libreadline" \
&& USR_LIB="libsnappy libtcmalloc libv8" \
&& USR_LIB_GNU="liblua libpq libpcrecpp libboost libjemalloc libunwind libhiredis libedit libyaml-cpp libstemmer libsnappy libpcap libbsd liblzf" \
\
&& for lib in ${LIB_GNU}; do \
if ls -1 "${LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${LIB_GNU_DIR}"; \
cp -r ${LIB_GNU_DIR}/${lib}* /tmp/lib-gnu/; \
fi \
done \
&& for lib in ${USR_LIB}; do \
if ls -1 "${USR_LIB_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_DIR}"; \
cp -r ${USR_LIB_DIR}/${lib}* /tmp/usr-lib/; \
fi \
done \
&& for lib in ${USR_LIB_GNU}; do \
if ls -1 "${USR_LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_GNU_DIR}"; \
cp -r ${USR_LIB_GNU_DIR}/${lib}* /tmp/usr-lib-gnu/; \
fi \
done
###
### Fix expected PostgreSQL directories
###
### This might not exist on arm64 as software was not available,
### but they are still needed to be present, so we can copy them.
###
RUN set -eux \
&& if [ ! -d "/usr/lib/postgresql" ]; then \
mkdir "/usr/lib/postgresql"; \
fi \
&& if [ ! -d "/usr/share/postgresql-common" ]; then \
mkdir "/usr/share/postgresql-common"; \
fi
###
### Prepare MongoDB binaries for copying.
###
### They might not be available on all architectures (e.g.: arm64).
###
RUN set -eux \
&& mkdir /tmp/mongo \
&& if ls -1 "/usr/bin/" | grep "^mongo" >/dev/null; then \
cp -r /usr/bin/mongo* /tmp/mongo/; \
fi
###
### Strip debugging information to smallen filesize
###
RUN set -eux \
&& STRIP_USR_BINS="blackfire mongo mysql redis sqlite" \
&& STRIP_DIRS="/usr/lib/postgresql/ /usr/share/postgresql-common/ /tmp" \
\
&& for bin in ${STRIP_USR_BINS}; do \
( \
find /usr/bin/ -name "${bin}"* -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& for dir in ${STRIP_DIRS}; do \
( \
find ${dir} -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& strip --strip-all -p /usr/local/bin/mhsendmail 2>/dev/null || true \
&& strip --strip-all -p /usr/local/bin/mysqldump-secure 2>/dev/null || true
########################################################################################################################
########################################################################################################################
###
### Stage 2/4: Devilbox slim image (BASE)
###
########################################################################################################################
########################################################################################################################
###
### Copies all cli tools required to run Devilbox and its intranet into a clean image
###
FROM devilbox/php-fpm:7.2-prod as devilbox-slim-base
ARG ARCH
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Copy shared libraries (required by MongoDB, MySQL, PostgreSQL and Redis)
###
COPY --from=devilbox-slim-base-builder /tmp/lib-gnu/ /lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib-gnu/ /usr/lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib/ /usr/lib/
###
### Copy system files
###
COPY --from=devilbox-slim-base-builder /etc/group /etc/group
COPY --from=devilbox-slim-base-builder /etc/passwd /etc/passwd
COPY --from=devilbox-slim-base-builder /etc/shadow /etc/shadow
###
### Copy Blackfire
###
COPY --from=devilbox-slim-base-builder /etc/blackfire /etc/blackfire
COPY --from=devilbox-slim-base-builder /etc/default/blackfire-agent /etc/default/blackfire-agent
COPY --from=devilbox-slim-base-builder /usr/bin/blackfire* /usr/bin/
COPY --from=devilbox-slim-base-builder /var/log/blackfire /var/log/blackfire
###
### Copy mhsendmail
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mhsendmail /usr/local/bin/
###
### Copy MongoDB client (if exists)
###
COPY --from=devilbox-slim-base-builder /tmp/mongo/ /usr/bin/
###
### Copy MysQL Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/mysql* /usr/bin/
###
### Copy mysqldump-secure
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mysqldump-secure /usr/local/bin/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.conf /etc/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.cnf /etc/
COPY --from=devilbox-slim-base-builder /var/log/mysqldump-secure.log /var/log/
###
### Copy PostgreSQL
###
COPY --from=devilbox-slim-base-builder /usr/lib/postgresql /usr/lib/postgresql
COPY --from=devilbox-slim-base-builder /usr/share/postgresql-common /usr/share/postgresql-common
COPY --from=devilbox-slim-base-builder /usr/share/perl5 /usr/share/perl5
###
### Create PostgreSQL symlinks
###
RUN set -eux \
&& if [ -f "/usr/share/postgresql-common/pg_wrapper" ]; then \
ln -s ../share/postgresql-common/pg_wrapper /usr/bin/clusterdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createlang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/droplang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_basebackup \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dump \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dumpall \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_isready \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivewal \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivexlog \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_recvlogical \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_restore \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pgbench \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/psql \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/reindexdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumlo; \
fi
###
### Copy Redis Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/redis* /usr/bin/
###
### Copy SQLite Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/sqlite* /usr/bin/
###
### ADD PHP configuration files
###
COPY ./data/php-ini.d/php-7.2.ini /usr/local/etc/php/conf.d/xxx-devilbox-default-php.ini
COPY ./data/php-fpm.conf/php-fpm-7.2.conf /usr/local/etc/php-fpm.conf
###
### ADD Devilbox configuration files
###
COPY ./data/docker-entrypoint.sh /docker-entrypoint.sh
COPY ./data/docker-entrypoint.d/*.sh /docker-entrypoint.d/
COPY ./data/bash-devilbox /etc/bash-devilbox
COPY ./data/sudo-devilbox /etc/sudoers.d/devilbox
###
### Configure Bash
###
RUN set -eux \
&& { \
echo; \
echo "# [Devilbox] Ensure /usr/local(s)?bin is in PATH"; \
echo 'PATH="${PATH}:/usr/local/bin:/usr/local/sbin"'; \
echo "export PATH"; \
echo; \
echo "# [Devilbox] Source Devilbox main bash config"; \
echo ". /etc/bash-devilbox"; \
echo; \
echo "# [Devilbox] Source Devilbox custom configs"; \
echo "if [ -d /etc/bashrc-devilbox.d/ ]; then"; \
echo " for f in /etc/bashrc-devilbox.d/*.sh ; do"; \
echo " if [ -r \"\${f}\" ]; then"; \
echo " . \"\${f}\""; \
echo " fi"; \
echo " done"; \
echo " unset f"; \
echo "fi"; \
} | tee -a /home/${MY_USER}/.bashrc /root/.bashrc \
&& chown ${MY_USER}:${MY_GROUP} /home/${MY_USER}/.bashrc
########################################################################################################################
########################################################################################################################
###
### Stage 3/4: Devilbox slim image (BASE TEST)
###
########################################################################################################################
########################################################################################################################
###
### Test all Devilbox cli utils if copying was successful
###
FROM devilbox-slim-base as devilbox-slim-base-test
RUN set -eux \
&& mysql --version \
&& redis-cli --version \
&& sqlite3 --version
###
### Check if available tools slim
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& if echo '7.2' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '7.2' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& if echo '7.2' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Re-activate modules which have been deactivated in mods (for testing).
###
RUN set -eux \
&& if find /usr/local/lib/php/extensions/ -name phalcon.so | grep phalcon; then \
echo "extension=phalcon.so" > /usr/local/etc/php/conf.d/docker-php-ext-phalcon.ini; \
fi \
&& if find /usr/local/lib/php/extensions/ -name psr.so | grep psr; then \
echo "extension=psr.so" > /usr/local/etc/php/conf.d/docker-php-ext-psr.ini; \
fi
###
### Check if PHP still works
###
RUN set -eux \
&& echo "date.timezone=UTC" > /usr/local/etc/php/php.ini \
&& php -v | grep -oE 'PHP\s[.0-9]+' | grep -oE '[.0-9]+' | grep '^7.2' \
&& /usr/local/sbin/php-fpm --test \
\
&& PHP_ERROR="$( php -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
&& PHP_ERROR="$( php -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
\
&& PHP_FPM_ERROR="$( php-fpm -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& PHP_FPM_ERROR="$( php-fpm -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& rm -f /usr/local/etc/php/php.ini
########################################################################################################################
########################################################################################################################
###
### Stage 4/4: Devilbox slim image (FINAL)
###
########################################################################################################################
########################################################################################################################
###
### Prepare final base image (STAGE: slim)
###
FROM devilbox-slim-base as slim
MAINTAINER "cytopia" <cytopia@everythingcli.org>
###
### Labels
###
# https://github.com/opencontainers/image-spec/blob/master/annotations.md
#LABEL "org.opencontainers.image.created"=""
#LABEL "org.opencontainers.image.version"=""
#LABEL "org.opencontainers.image.revision"=""
LABEL "maintainer"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.authors"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.url"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.documentation"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.source"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.vendor"="devilbox"
LABEL "org.opencontainers.image.licenses"="MIT"
LABEL "org.opencontainers.image.ref.name"="7.2-slim"
LABEL "org.opencontainers.image.title"="PHP-FPM 7.2-slim"
LABEL "org.opencontainers.image.description"="PHP-FPM 7.2-slim"
###
### Volumes
###
VOLUME /shared/backups
VOLUME /var/log/php
VOLUME /var/mail
###
### Ports
###
EXPOSE 9000
###
### Where to start inside the container
###
WORKDIR /shared/httpd
###
### Entrypoint
###
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/supervisord.conf"]
ENTRYPOINT ["/docker-entrypoint.sh"]

620
Dockerfiles/slim/Dockerfile-7.3 Normal file
View File

@@ -0,0 +1,620 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-slim.j2 instead.
########################################################################################################################
########################################################################################################################
###
### Stage 1/4: Devilbox slim image (BASE BUILDER)
###
########################################################################################################################
########################################################################################################################
###
### Installs all cli tools required to run Devilbox and its intranet
###
FROM devilbox/php-fpm:7.3-prod as devilbox-slim-base-builder
###
### Install apt Tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
apt-transport-https \
ca-certificates \
curl \
dirmngr \
gnupg
###
### Add apt repositories
###
RUN set -eux \
&& apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFD622F3D138 \
&& echo "deb http://ftp.debian.org/debian bullseye-backports main" > /etc/apt/sources.list.d/backports.list \
&& curl -sS -L --fail "https://packages.blackfire.io/gpg.key" | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb http://packages.blackfire.io/debian any main" > /etc/apt/sources.list.d/blackfire.list \
&& true
###
### Install build_dep
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
libsnappy-dev \
&& rm -rf /var/lib/apt/lists/*
###
### Add common tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
file \
git \
mariadb-client \
redis-tools \
sqlite3
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Devilbox required cli tools from group_vars (slim.yml)
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
blackfire-agent \
\
&& rm -rf /var/lib/apt/lists/* \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& DEB_HOST_ARCH="$( dpkg-architecture --query DEB_HOST_ARCH )" \
&& if [ "${DEB_HOST_ARCH}" = "amd64" ] || [ "${DEB_HOST_ARCH}" = "arm64" ]; then \
MHSENDMAIL_URL="https://github.com/devilbox/mhsendmail/releases/download/v0.3.0/mhsendmail_linux_${DEB_HOST_ARCH}" \
&& curl -sS -L --fail "${MHSENDMAIL_URL}" > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
else \
printf '%s\n%s\n%s\n' '#!/bin/sh' 'echo "Not available for this platform."' 'exit 1' > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
fi \
\
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 20691EEC35216C63CAF66CE1656408E390CFB1F5 \
&& echo "deb http://repo.mongodb.org/apt/ubuntu focal/mongodb-org/4.4 multiverse" > /etc/apt/sources.list.d/mongo.list \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
mongodb-org-tools \
mongodb-org-shell \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '7.3' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '7.3' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& git clone https://github.com/cytopia/mysqldump-secure.git /usr/local/src/mysqldump-secure \
&& cd /usr/local/src/mysqldump-secure \
&& git checkout $(git describe --abbrev=0 --tags) \
&& cp /usr/local/src/mysqldump-secure/bin/mysqldump-secure /usr/local/bin \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.conf /etc \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.cnf /etc \
&& touch /var/log/mysqldump-secure.log \
&& chown ${MY_USER}:${MY_GROUP} /etc/mysqldump-secure.* \
&& chown ${MY_USER}:${MY_GROUP} /var/log/mysqldump-secure.log \
&& chmod 0400 /etc/mysqldump-secure.conf \
&& chmod 0400 /etc/mysqldump-secure.cnf \
&& chmod 0644 /var/log/mysqldump-secure.log \
&& sed -i'' 's/^COMPRESS_ARG=.*/COMPRESS_ARG="-9 -c"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR=.*/DUMP_DIR="\/shared\/backups\/mysql"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR_CHMOD=.*/DUMP_DIR_CHMOD="0755"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_FILE_CHMOD=.*/DUMP_FILE_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^LOG_CHMOD=.*/LOG_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^NAGIOS_LOG=.*/NAGIOS_LOG=0/g' /etc/mysqldump-secure.conf \
&& cd / \
&& rm -rf /usr/local/src/mysqldump-secure \
\
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& curl -sS -k -L --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb http://apt.postgresql.org/pub/repos/apt/ bullseye-pgdg main" > /etc/apt/sources.list.d/pgsql.list \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
postgresql-client \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '7.3' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Prepare required shared libraries for copying (keep symlinks)
###
RUN set -eux \
&& LIB_GNU_DIR="/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
&& USR_LIB_DIR="/usr/lib" \
&& USR_LIB_GNU_DIR="/usr/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
\
&& mkdir /tmp/lib-gnu \
&& mkdir /tmp/usr-lib \
&& mkdir /tmp/usr-lib-gnu \
\
&& LIB_GNU="libreadline" \
&& USR_LIB="libsnappy libtcmalloc libv8" \
&& USR_LIB_GNU="liblua libpq libpcrecpp libboost libjemalloc libunwind libhiredis libedit libyaml-cpp libstemmer libsnappy libpcap libbsd liblzf" \
\
&& for lib in ${LIB_GNU}; do \
if ls -1 "${LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${LIB_GNU_DIR}"; \
cp -r ${LIB_GNU_DIR}/${lib}* /tmp/lib-gnu/; \
fi \
done \
&& for lib in ${USR_LIB}; do \
if ls -1 "${USR_LIB_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_DIR}"; \
cp -r ${USR_LIB_DIR}/${lib}* /tmp/usr-lib/; \
fi \
done \
&& for lib in ${USR_LIB_GNU}; do \
if ls -1 "${USR_LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_GNU_DIR}"; \
cp -r ${USR_LIB_GNU_DIR}/${lib}* /tmp/usr-lib-gnu/; \
fi \
done
###
### Fix expected PostgreSQL directories
###
### This might not exist on arm64 as software was not available,
### but they are still needed to be present, so we can copy them.
###
RUN set -eux \
&& if [ ! -d "/usr/lib/postgresql" ]; then \
mkdir "/usr/lib/postgresql"; \
fi \
&& if [ ! -d "/usr/share/postgresql-common" ]; then \
mkdir "/usr/share/postgresql-common"; \
fi
###
### Prepare MongoDB binaries for copying.
###
### They might not be available on all architectures (e.g.: arm64).
###
RUN set -eux \
&& mkdir /tmp/mongo \
&& if ls -1 "/usr/bin/" | grep "^mongo" >/dev/null; then \
cp -r /usr/bin/mongo* /tmp/mongo/; \
fi
###
### Strip debugging information to smallen filesize
###
RUN set -eux \
&& STRIP_USR_BINS="blackfire mongo mysql redis sqlite" \
&& STRIP_DIRS="/usr/lib/postgresql/ /usr/share/postgresql-common/ /tmp" \
\
&& for bin in ${STRIP_USR_BINS}; do \
( \
find /usr/bin/ -name "${bin}"* -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& for dir in ${STRIP_DIRS}; do \
( \
find ${dir} -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& strip --strip-all -p /usr/local/bin/mhsendmail 2>/dev/null || true \
&& strip --strip-all -p /usr/local/bin/mysqldump-secure 2>/dev/null || true
########################################################################################################################
########################################################################################################################
###
### Stage 2/4: Devilbox slim image (BASE)
###
########################################################################################################################
########################################################################################################################
###
### Copies all cli tools required to run Devilbox and its intranet into a clean image
###
FROM devilbox/php-fpm:7.3-prod as devilbox-slim-base
ARG ARCH
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Copy shared libraries (required by MongoDB, MySQL, PostgreSQL and Redis)
###
COPY --from=devilbox-slim-base-builder /tmp/lib-gnu/ /lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib-gnu/ /usr/lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib/ /usr/lib/
###
### Copy system files
###
COPY --from=devilbox-slim-base-builder /etc/group /etc/group
COPY --from=devilbox-slim-base-builder /etc/passwd /etc/passwd
COPY --from=devilbox-slim-base-builder /etc/shadow /etc/shadow
###
### Copy Blackfire
###
COPY --from=devilbox-slim-base-builder /etc/blackfire /etc/blackfire
COPY --from=devilbox-slim-base-builder /etc/default/blackfire-agent /etc/default/blackfire-agent
COPY --from=devilbox-slim-base-builder /usr/bin/blackfire* /usr/bin/
COPY --from=devilbox-slim-base-builder /var/log/blackfire /var/log/blackfire
###
### Copy mhsendmail
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mhsendmail /usr/local/bin/
###
### Copy MongoDB client (if exists)
###
COPY --from=devilbox-slim-base-builder /tmp/mongo/ /usr/bin/
###
### Copy MysQL Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/mysql* /usr/bin/
###
### Copy mysqldump-secure
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mysqldump-secure /usr/local/bin/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.conf /etc/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.cnf /etc/
COPY --from=devilbox-slim-base-builder /var/log/mysqldump-secure.log /var/log/
###
### Copy PostgreSQL
###
COPY --from=devilbox-slim-base-builder /usr/lib/postgresql /usr/lib/postgresql
COPY --from=devilbox-slim-base-builder /usr/share/postgresql-common /usr/share/postgresql-common
COPY --from=devilbox-slim-base-builder /usr/share/perl5 /usr/share/perl5
###
### Create PostgreSQL symlinks
###
RUN set -eux \
&& if [ -f "/usr/share/postgresql-common/pg_wrapper" ]; then \
ln -s ../share/postgresql-common/pg_wrapper /usr/bin/clusterdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createlang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/droplang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_basebackup \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dump \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dumpall \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_isready \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivewal \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivexlog \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_recvlogical \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_restore \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pgbench \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/psql \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/reindexdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumlo; \
fi
###
### Copy Redis Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/redis* /usr/bin/
###
### Copy SQLite Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/sqlite* /usr/bin/
###
### ADD PHP configuration files
###
COPY ./data/php-ini.d/php-7.3.ini /usr/local/etc/php/conf.d/xxx-devilbox-default-php.ini
COPY ./data/php-fpm.conf/php-fpm-7.3.conf /usr/local/etc/php-fpm.conf
###
### ADD Devilbox configuration files
###
COPY ./data/docker-entrypoint.sh /docker-entrypoint.sh
COPY ./data/docker-entrypoint.d/*.sh /docker-entrypoint.d/
COPY ./data/bash-devilbox /etc/bash-devilbox
COPY ./data/sudo-devilbox /etc/sudoers.d/devilbox
###
### Configure Bash
###
RUN set -eux \
&& { \
echo; \
echo "# [Devilbox] Ensure /usr/local(s)?bin is in PATH"; \
echo 'PATH="${PATH}:/usr/local/bin:/usr/local/sbin"'; \
echo "export PATH"; \
echo; \
echo "# [Devilbox] Source Devilbox main bash config"; \
echo ". /etc/bash-devilbox"; \
echo; \
echo "# [Devilbox] Source Devilbox custom configs"; \
echo "if [ -d /etc/bashrc-devilbox.d/ ]; then"; \
echo " for f in /etc/bashrc-devilbox.d/*.sh ; do"; \
echo " if [ -r \"\${f}\" ]; then"; \
echo " . \"\${f}\""; \
echo " fi"; \
echo " done"; \
echo " unset f"; \
echo "fi"; \
} | tee -a /home/${MY_USER}/.bashrc /root/.bashrc \
&& chown ${MY_USER}:${MY_GROUP} /home/${MY_USER}/.bashrc
########################################################################################################################
########################################################################################################################
###
### Stage 3/4: Devilbox slim image (BASE TEST)
###
########################################################################################################################
########################################################################################################################
###
### Test all Devilbox cli utils if copying was successful
###
FROM devilbox-slim-base as devilbox-slim-base-test
RUN set -eux \
&& mysql --version \
&& redis-cli --version \
&& sqlite3 --version
###
### Check if available tools slim
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& if echo '7.3' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '7.3' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& if echo '7.3' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Re-activate modules which have been deactivated in mods (for testing).
###
RUN set -eux \
&& if find /usr/local/lib/php/extensions/ -name phalcon.so | grep phalcon; then \
echo "extension=phalcon.so" > /usr/local/etc/php/conf.d/docker-php-ext-phalcon.ini; \
fi \
&& if find /usr/local/lib/php/extensions/ -name psr.so | grep psr; then \
echo "extension=psr.so" > /usr/local/etc/php/conf.d/docker-php-ext-psr.ini; \
fi
###
### Check if PHP still works
###
RUN set -eux \
&& echo "date.timezone=UTC" > /usr/local/etc/php/php.ini \
&& php -v | grep -oE 'PHP\s[.0-9]+' | grep -oE '[.0-9]+' | grep '^7.3' \
&& /usr/local/sbin/php-fpm --test \
\
&& PHP_ERROR="$( php -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
&& PHP_ERROR="$( php -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
\
&& PHP_FPM_ERROR="$( php-fpm -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& PHP_FPM_ERROR="$( php-fpm -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& rm -f /usr/local/etc/php/php.ini
########################################################################################################################
########################################################################################################################
###
### Stage 4/4: Devilbox slim image (FINAL)
###
########################################################################################################################
########################################################################################################################
###
### Prepare final base image (STAGE: slim)
###
FROM devilbox-slim-base as slim
MAINTAINER "cytopia" <cytopia@everythingcli.org>
###
### Labels
###
# https://github.com/opencontainers/image-spec/blob/master/annotations.md
#LABEL "org.opencontainers.image.created"=""
#LABEL "org.opencontainers.image.version"=""
#LABEL "org.opencontainers.image.revision"=""
LABEL "maintainer"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.authors"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.url"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.documentation"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.source"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.vendor"="devilbox"
LABEL "org.opencontainers.image.licenses"="MIT"
LABEL "org.opencontainers.image.ref.name"="7.3-slim"
LABEL "org.opencontainers.image.title"="PHP-FPM 7.3-slim"
LABEL "org.opencontainers.image.description"="PHP-FPM 7.3-slim"
###
### Volumes
###
VOLUME /shared/backups
VOLUME /var/log/php
VOLUME /var/mail
###
### Ports
###
EXPOSE 9000
###
### Where to start inside the container
###
WORKDIR /shared/httpd
###
### Entrypoint
###
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/supervisord.conf"]
ENTRYPOINT ["/docker-entrypoint.sh"]

620
Dockerfiles/slim/Dockerfile-7.4 Normal file
View File

@@ -0,0 +1,620 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-slim.j2 instead.
########################################################################################################################
########################################################################################################################
###
### Stage 1/4: Devilbox slim image (BASE BUILDER)
###
########################################################################################################################
########################################################################################################################
###
### Installs all cli tools required to run Devilbox and its intranet
###
FROM devilbox/php-fpm:7.4-prod as devilbox-slim-base-builder
###
### Install apt Tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
apt-transport-https \
ca-certificates \
curl \
dirmngr \
gnupg
###
### Add apt repositories
###
RUN set -eux \
&& apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFD622F3D138 \
&& echo "deb http://ftp.debian.org/debian bullseye-backports main" > /etc/apt/sources.list.d/backports.list \
&& curl -sS -L --fail "https://packages.blackfire.io/gpg.key" | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb http://packages.blackfire.io/debian any main" > /etc/apt/sources.list.d/blackfire.list \
&& true
###
### Install build_dep
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
libsnappy-dev \
&& rm -rf /var/lib/apt/lists/*
###
### Add common tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
file \
git \
mariadb-client \
redis-tools \
sqlite3
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Devilbox required cli tools from group_vars (slim.yml)
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
blackfire-agent \
\
&& rm -rf /var/lib/apt/lists/* \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& DEB_HOST_ARCH="$( dpkg-architecture --query DEB_HOST_ARCH )" \
&& if [ "${DEB_HOST_ARCH}" = "amd64" ] || [ "${DEB_HOST_ARCH}" = "arm64" ]; then \
MHSENDMAIL_URL="https://github.com/devilbox/mhsendmail/releases/download/v0.3.0/mhsendmail_linux_${DEB_HOST_ARCH}" \
&& curl -sS -L --fail "${MHSENDMAIL_URL}" > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
else \
printf '%s\n%s\n%s\n' '#!/bin/sh' 'echo "Not available for this platform."' 'exit 1' > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
fi \
\
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 20691EEC35216C63CAF66CE1656408E390CFB1F5 \
&& echo "deb http://repo.mongodb.org/apt/ubuntu focal/mongodb-org/4.4 multiverse" > /etc/apt/sources.list.d/mongo.list \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
mongodb-org-tools \
mongodb-org-shell \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '7.4' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '7.4' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& git clone https://github.com/cytopia/mysqldump-secure.git /usr/local/src/mysqldump-secure \
&& cd /usr/local/src/mysqldump-secure \
&& git checkout $(git describe --abbrev=0 --tags) \
&& cp /usr/local/src/mysqldump-secure/bin/mysqldump-secure /usr/local/bin \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.conf /etc \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.cnf /etc \
&& touch /var/log/mysqldump-secure.log \
&& chown ${MY_USER}:${MY_GROUP} /etc/mysqldump-secure.* \
&& chown ${MY_USER}:${MY_GROUP} /var/log/mysqldump-secure.log \
&& chmod 0400 /etc/mysqldump-secure.conf \
&& chmod 0400 /etc/mysqldump-secure.cnf \
&& chmod 0644 /var/log/mysqldump-secure.log \
&& sed -i'' 's/^COMPRESS_ARG=.*/COMPRESS_ARG="-9 -c"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR=.*/DUMP_DIR="\/shared\/backups\/mysql"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR_CHMOD=.*/DUMP_DIR_CHMOD="0755"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_FILE_CHMOD=.*/DUMP_FILE_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^LOG_CHMOD=.*/LOG_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^NAGIOS_LOG=.*/NAGIOS_LOG=0/g' /etc/mysqldump-secure.conf \
&& cd / \
&& rm -rf /usr/local/src/mysqldump-secure \
\
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& curl -sS -k -L --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb http://apt.postgresql.org/pub/repos/apt/ bullseye-pgdg main" > /etc/apt/sources.list.d/pgsql.list \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
postgresql-client \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '7.4' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Prepare required shared libraries for copying (keep symlinks)
###
RUN set -eux \
&& LIB_GNU_DIR="/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
&& USR_LIB_DIR="/usr/lib" \
&& USR_LIB_GNU_DIR="/usr/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
\
&& mkdir /tmp/lib-gnu \
&& mkdir /tmp/usr-lib \
&& mkdir /tmp/usr-lib-gnu \
\
&& LIB_GNU="libreadline" \
&& USR_LIB="libsnappy libtcmalloc libv8" \
&& USR_LIB_GNU="liblua libpq libpcrecpp libboost libjemalloc libunwind libhiredis libedit libyaml-cpp libstemmer libsnappy libpcap libbsd liblzf" \
\
&& for lib in ${LIB_GNU}; do \
if ls -1 "${LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${LIB_GNU_DIR}"; \
cp -r ${LIB_GNU_DIR}/${lib}* /tmp/lib-gnu/; \
fi \
done \
&& for lib in ${USR_LIB}; do \
if ls -1 "${USR_LIB_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_DIR}"; \
cp -r ${USR_LIB_DIR}/${lib}* /tmp/usr-lib/; \
fi \
done \
&& for lib in ${USR_LIB_GNU}; do \
if ls -1 "${USR_LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_GNU_DIR}"; \
cp -r ${USR_LIB_GNU_DIR}/${lib}* /tmp/usr-lib-gnu/; \
fi \
done
###
### Fix expected PostgreSQL directories
###
### This might not exist on arm64 as software was not available,
### but they are still needed to be present, so we can copy them.
###
RUN set -eux \
&& if [ ! -d "/usr/lib/postgresql" ]; then \
mkdir "/usr/lib/postgresql"; \
fi \
&& if [ ! -d "/usr/share/postgresql-common" ]; then \
mkdir "/usr/share/postgresql-common"; \
fi
###
### Prepare MongoDB binaries for copying.
###
### They might not be available on all architectures (e.g.: arm64).
###
RUN set -eux \
&& mkdir /tmp/mongo \
&& if ls -1 "/usr/bin/" | grep "^mongo" >/dev/null; then \
cp -r /usr/bin/mongo* /tmp/mongo/; \
fi
###
### Strip debugging information to smallen filesize
###
RUN set -eux \
&& STRIP_USR_BINS="blackfire mongo mysql redis sqlite" \
&& STRIP_DIRS="/usr/lib/postgresql/ /usr/share/postgresql-common/ /tmp" \
\
&& for bin in ${STRIP_USR_BINS}; do \
( \
find /usr/bin/ -name "${bin}"* -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& for dir in ${STRIP_DIRS}; do \
( \
find ${dir} -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& strip --strip-all -p /usr/local/bin/mhsendmail 2>/dev/null || true \
&& strip --strip-all -p /usr/local/bin/mysqldump-secure 2>/dev/null || true
########################################################################################################################
########################################################################################################################
###
### Stage 2/4: Devilbox slim image (BASE)
###
########################################################################################################################
########################################################################################################################
###
### Copies all cli tools required to run Devilbox and its intranet into a clean image
###
FROM devilbox/php-fpm:7.4-prod as devilbox-slim-base
ARG ARCH
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Copy shared libraries (required by MongoDB, MySQL, PostgreSQL and Redis)
###
COPY --from=devilbox-slim-base-builder /tmp/lib-gnu/ /lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib-gnu/ /usr/lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib/ /usr/lib/
###
### Copy system files
###
COPY --from=devilbox-slim-base-builder /etc/group /etc/group
COPY --from=devilbox-slim-base-builder /etc/passwd /etc/passwd
COPY --from=devilbox-slim-base-builder /etc/shadow /etc/shadow
###
### Copy Blackfire
###
COPY --from=devilbox-slim-base-builder /etc/blackfire /etc/blackfire
COPY --from=devilbox-slim-base-builder /etc/default/blackfire-agent /etc/default/blackfire-agent
COPY --from=devilbox-slim-base-builder /usr/bin/blackfire* /usr/bin/
COPY --from=devilbox-slim-base-builder /var/log/blackfire /var/log/blackfire
###
### Copy mhsendmail
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mhsendmail /usr/local/bin/
###
### Copy MongoDB client (if exists)
###
COPY --from=devilbox-slim-base-builder /tmp/mongo/ /usr/bin/
###
### Copy MysQL Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/mysql* /usr/bin/
###
### Copy mysqldump-secure
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mysqldump-secure /usr/local/bin/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.conf /etc/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.cnf /etc/
COPY --from=devilbox-slim-base-builder /var/log/mysqldump-secure.log /var/log/
###
### Copy PostgreSQL
###
COPY --from=devilbox-slim-base-builder /usr/lib/postgresql /usr/lib/postgresql
COPY --from=devilbox-slim-base-builder /usr/share/postgresql-common /usr/share/postgresql-common
COPY --from=devilbox-slim-base-builder /usr/share/perl5 /usr/share/perl5
###
### Create PostgreSQL symlinks
###
RUN set -eux \
&& if [ -f "/usr/share/postgresql-common/pg_wrapper" ]; then \
ln -s ../share/postgresql-common/pg_wrapper /usr/bin/clusterdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createlang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/droplang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_basebackup \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dump \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dumpall \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_isready \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivewal \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivexlog \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_recvlogical \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_restore \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pgbench \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/psql \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/reindexdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumlo; \
fi
###
### Copy Redis Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/redis* /usr/bin/
###
### Copy SQLite Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/sqlite* /usr/bin/
###
### ADD PHP configuration files
###
COPY ./data/php-ini.d/php-7.4.ini /usr/local/etc/php/conf.d/xxx-devilbox-default-php.ini
COPY ./data/php-fpm.conf/php-fpm-7.4.conf /usr/local/etc/php-fpm.conf
###
### ADD Devilbox configuration files
###
COPY ./data/docker-entrypoint.sh /docker-entrypoint.sh
COPY ./data/docker-entrypoint.d/*.sh /docker-entrypoint.d/
COPY ./data/bash-devilbox /etc/bash-devilbox
COPY ./data/sudo-devilbox /etc/sudoers.d/devilbox
###
### Configure Bash
###
RUN set -eux \
&& { \
echo; \
echo "# [Devilbox] Ensure /usr/local(s)?bin is in PATH"; \
echo 'PATH="${PATH}:/usr/local/bin:/usr/local/sbin"'; \
echo "export PATH"; \
echo; \
echo "# [Devilbox] Source Devilbox main bash config"; \
echo ". /etc/bash-devilbox"; \
echo; \
echo "# [Devilbox] Source Devilbox custom configs"; \
echo "if [ -d /etc/bashrc-devilbox.d/ ]; then"; \
echo " for f in /etc/bashrc-devilbox.d/*.sh ; do"; \
echo " if [ -r \"\${f}\" ]; then"; \
echo " . \"\${f}\""; \
echo " fi"; \
echo " done"; \
echo " unset f"; \
echo "fi"; \
} | tee -a /home/${MY_USER}/.bashrc /root/.bashrc \
&& chown ${MY_USER}:${MY_GROUP} /home/${MY_USER}/.bashrc
########################################################################################################################
########################################################################################################################
###
### Stage 3/4: Devilbox slim image (BASE TEST)
###
########################################################################################################################
########################################################################################################################
###
### Test all Devilbox cli utils if copying was successful
###
FROM devilbox-slim-base as devilbox-slim-base-test
RUN set -eux \
&& mysql --version \
&& redis-cli --version \
&& sqlite3 --version
###
### Check if available tools slim
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& if echo '7.4' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '7.4' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& if echo '7.4' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Re-activate modules which have been deactivated in mods (for testing).
###
RUN set -eux \
&& if find /usr/local/lib/php/extensions/ -name phalcon.so | grep phalcon; then \
echo "extension=phalcon.so" > /usr/local/etc/php/conf.d/docker-php-ext-phalcon.ini; \
fi \
&& if find /usr/local/lib/php/extensions/ -name psr.so | grep psr; then \
echo "extension=psr.so" > /usr/local/etc/php/conf.d/docker-php-ext-psr.ini; \
fi
###
### Check if PHP still works
###
RUN set -eux \
&& echo "date.timezone=UTC" > /usr/local/etc/php/php.ini \
&& php -v | grep -oE 'PHP\s[.0-9]+' | grep -oE '[.0-9]+' | grep '^7.4' \
&& /usr/local/sbin/php-fpm --test \
\
&& PHP_ERROR="$( php -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
&& PHP_ERROR="$( php -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
\
&& PHP_FPM_ERROR="$( php-fpm -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& PHP_FPM_ERROR="$( php-fpm -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& rm -f /usr/local/etc/php/php.ini
########################################################################################################################
########################################################################################################################
###
### Stage 4/4: Devilbox slim image (FINAL)
###
########################################################################################################################
########################################################################################################################
###
### Prepare final base image (STAGE: slim)
###
FROM devilbox-slim-base as slim
MAINTAINER "cytopia" <cytopia@everythingcli.org>
###
### Labels
###
# https://github.com/opencontainers/image-spec/blob/master/annotations.md
#LABEL "org.opencontainers.image.created"=""
#LABEL "org.opencontainers.image.version"=""
#LABEL "org.opencontainers.image.revision"=""
LABEL "maintainer"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.authors"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.url"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.documentation"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.source"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.vendor"="devilbox"
LABEL "org.opencontainers.image.licenses"="MIT"
LABEL "org.opencontainers.image.ref.name"="7.4-slim"
LABEL "org.opencontainers.image.title"="PHP-FPM 7.4-slim"
LABEL "org.opencontainers.image.description"="PHP-FPM 7.4-slim"
###
### Volumes
###
VOLUME /shared/backups
VOLUME /var/log/php
VOLUME /var/mail
###
### Ports
###
EXPOSE 9000
###
### Where to start inside the container
###
WORKDIR /shared/httpd
###
### Entrypoint
###
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/supervisord.conf"]
ENTRYPOINT ["/docker-entrypoint.sh"]

620
Dockerfiles/slim/Dockerfile-8.0 Normal file
View File

@@ -0,0 +1,620 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-slim.j2 instead.
########################################################################################################################
########################################################################################################################
###
### Stage 1/4: Devilbox slim image (BASE BUILDER)
###
########################################################################################################################
########################################################################################################################
###
### Installs all cli tools required to run Devilbox and its intranet
###
FROM devilbox/php-fpm:8.0-prod as devilbox-slim-base-builder
###
### Install apt Tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
apt-transport-https \
ca-certificates \
curl \
dirmngr \
gnupg
###
### Add apt repositories
###
RUN set -eux \
&& apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFD622F3D138 \
&& echo "deb http://ftp.debian.org/debian bullseye-backports main" > /etc/apt/sources.list.d/backports.list \
&& curl -sS -L --fail "https://packages.blackfire.io/gpg.key" | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb http://packages.blackfire.io/debian any main" > /etc/apt/sources.list.d/blackfire.list \
&& true
###
### Install build_dep
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
libsnappy-dev \
&& rm -rf /var/lib/apt/lists/*
###
### Add common tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
file \
git \
mariadb-client \
redis-tools \
sqlite3
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Devilbox required cli tools from group_vars (slim.yml)
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
blackfire-agent \
\
&& rm -rf /var/lib/apt/lists/* \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& DEB_HOST_ARCH="$( dpkg-architecture --query DEB_HOST_ARCH )" \
&& if [ "${DEB_HOST_ARCH}" = "amd64" ] || [ "${DEB_HOST_ARCH}" = "arm64" ]; then \
MHSENDMAIL_URL="https://github.com/devilbox/mhsendmail/releases/download/v0.3.0/mhsendmail_linux_${DEB_HOST_ARCH}" \
&& curl -sS -L --fail "${MHSENDMAIL_URL}" > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
else \
printf '%s\n%s\n%s\n' '#!/bin/sh' 'echo "Not available for this platform."' 'exit 1' > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
fi \
\
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 20691EEC35216C63CAF66CE1656408E390CFB1F5 \
&& echo "deb http://repo.mongodb.org/apt/ubuntu focal/mongodb-org/4.4 multiverse" > /etc/apt/sources.list.d/mongo.list \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
mongodb-org-tools \
mongodb-org-shell \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '8.0' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '8.0' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& git clone https://github.com/cytopia/mysqldump-secure.git /usr/local/src/mysqldump-secure \
&& cd /usr/local/src/mysqldump-secure \
&& git checkout $(git describe --abbrev=0 --tags) \
&& cp /usr/local/src/mysqldump-secure/bin/mysqldump-secure /usr/local/bin \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.conf /etc \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.cnf /etc \
&& touch /var/log/mysqldump-secure.log \
&& chown ${MY_USER}:${MY_GROUP} /etc/mysqldump-secure.* \
&& chown ${MY_USER}:${MY_GROUP} /var/log/mysqldump-secure.log \
&& chmod 0400 /etc/mysqldump-secure.conf \
&& chmod 0400 /etc/mysqldump-secure.cnf \
&& chmod 0644 /var/log/mysqldump-secure.log \
&& sed -i'' 's/^COMPRESS_ARG=.*/COMPRESS_ARG="-9 -c"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR=.*/DUMP_DIR="\/shared\/backups\/mysql"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR_CHMOD=.*/DUMP_DIR_CHMOD="0755"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_FILE_CHMOD=.*/DUMP_FILE_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^LOG_CHMOD=.*/LOG_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^NAGIOS_LOG=.*/NAGIOS_LOG=0/g' /etc/mysqldump-secure.conf \
&& cd / \
&& rm -rf /usr/local/src/mysqldump-secure \
\
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& curl -sS -k -L --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb http://apt.postgresql.org/pub/repos/apt/ bullseye-pgdg main" > /etc/apt/sources.list.d/pgsql.list \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
postgresql-client \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '8.0' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Prepare required shared libraries for copying (keep symlinks)
###
RUN set -eux \
&& LIB_GNU_DIR="/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
&& USR_LIB_DIR="/usr/lib" \
&& USR_LIB_GNU_DIR="/usr/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
\
&& mkdir /tmp/lib-gnu \
&& mkdir /tmp/usr-lib \
&& mkdir /tmp/usr-lib-gnu \
\
&& LIB_GNU="libreadline" \
&& USR_LIB="libsnappy libtcmalloc libv8" \
&& USR_LIB_GNU="liblua libpq libpcrecpp libboost libjemalloc libunwind libhiredis libedit libyaml-cpp libstemmer libsnappy libpcap libbsd liblzf" \
\
&& for lib in ${LIB_GNU}; do \
if ls -1 "${LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${LIB_GNU_DIR}"; \
cp -r ${LIB_GNU_DIR}/${lib}* /tmp/lib-gnu/; \
fi \
done \
&& for lib in ${USR_LIB}; do \
if ls -1 "${USR_LIB_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_DIR}"; \
cp -r ${USR_LIB_DIR}/${lib}* /tmp/usr-lib/; \
fi \
done \
&& for lib in ${USR_LIB_GNU}; do \
if ls -1 "${USR_LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_GNU_DIR}"; \
cp -r ${USR_LIB_GNU_DIR}/${lib}* /tmp/usr-lib-gnu/; \
fi \
done
###
### Fix expected PostgreSQL directories
###
### This might not exist on arm64 as software was not available,
### but they are still needed to be present, so we can copy them.
###
RUN set -eux \
&& if [ ! -d "/usr/lib/postgresql" ]; then \
mkdir "/usr/lib/postgresql"; \
fi \
&& if [ ! -d "/usr/share/postgresql-common" ]; then \
mkdir "/usr/share/postgresql-common"; \
fi
###
### Prepare MongoDB binaries for copying.
###
### They might not be available on all architectures (e.g.: arm64).
###
RUN set -eux \
&& mkdir /tmp/mongo \
&& if ls -1 "/usr/bin/" | grep "^mongo" >/dev/null; then \
cp -r /usr/bin/mongo* /tmp/mongo/; \
fi
###
### Strip debugging information to smallen filesize
###
RUN set -eux \
&& STRIP_USR_BINS="blackfire mongo mysql redis sqlite" \
&& STRIP_DIRS="/usr/lib/postgresql/ /usr/share/postgresql-common/ /tmp" \
\
&& for bin in ${STRIP_USR_BINS}; do \
( \
find /usr/bin/ -name "${bin}"* -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& for dir in ${STRIP_DIRS}; do \
( \
find ${dir} -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& strip --strip-all -p /usr/local/bin/mhsendmail 2>/dev/null || true \
&& strip --strip-all -p /usr/local/bin/mysqldump-secure 2>/dev/null || true
########################################################################################################################
########################################################################################################################
###
### Stage 2/4: Devilbox slim image (BASE)
###
########################################################################################################################
########################################################################################################################
###
### Copies all cli tools required to run Devilbox and its intranet into a clean image
###
FROM devilbox/php-fpm:8.0-prod as devilbox-slim-base
ARG ARCH
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Copy shared libraries (required by MongoDB, MySQL, PostgreSQL and Redis)
###
COPY --from=devilbox-slim-base-builder /tmp/lib-gnu/ /lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib-gnu/ /usr/lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib/ /usr/lib/
###
### Copy system files
###
COPY --from=devilbox-slim-base-builder /etc/group /etc/group
COPY --from=devilbox-slim-base-builder /etc/passwd /etc/passwd
COPY --from=devilbox-slim-base-builder /etc/shadow /etc/shadow
###
### Copy Blackfire
###
COPY --from=devilbox-slim-base-builder /etc/blackfire /etc/blackfire
COPY --from=devilbox-slim-base-builder /etc/default/blackfire-agent /etc/default/blackfire-agent
COPY --from=devilbox-slim-base-builder /usr/bin/blackfire* /usr/bin/
COPY --from=devilbox-slim-base-builder /var/log/blackfire /var/log/blackfire
###
### Copy mhsendmail
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mhsendmail /usr/local/bin/
###
### Copy MongoDB client (if exists)
###
COPY --from=devilbox-slim-base-builder /tmp/mongo/ /usr/bin/
###
### Copy MysQL Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/mysql* /usr/bin/
###
### Copy mysqldump-secure
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mysqldump-secure /usr/local/bin/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.conf /etc/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.cnf /etc/
COPY --from=devilbox-slim-base-builder /var/log/mysqldump-secure.log /var/log/
###
### Copy PostgreSQL
###
COPY --from=devilbox-slim-base-builder /usr/lib/postgresql /usr/lib/postgresql
COPY --from=devilbox-slim-base-builder /usr/share/postgresql-common /usr/share/postgresql-common
COPY --from=devilbox-slim-base-builder /usr/share/perl5 /usr/share/perl5
###
### Create PostgreSQL symlinks
###
RUN set -eux \
&& if [ -f "/usr/share/postgresql-common/pg_wrapper" ]; then \
ln -s ../share/postgresql-common/pg_wrapper /usr/bin/clusterdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createlang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/droplang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_basebackup \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dump \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dumpall \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_isready \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivewal \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivexlog \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_recvlogical \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_restore \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pgbench \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/psql \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/reindexdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumlo; \
fi
###
### Copy Redis Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/redis* /usr/bin/
###
### Copy SQLite Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/sqlite* /usr/bin/
###
### ADD PHP configuration files
###
COPY ./data/php-ini.d/php-8.0.ini /usr/local/etc/php/conf.d/xxx-devilbox-default-php.ini
COPY ./data/php-fpm.conf/php-fpm-8.0.conf /usr/local/etc/php-fpm.conf
###
### ADD Devilbox configuration files
###
COPY ./data/docker-entrypoint.sh /docker-entrypoint.sh
COPY ./data/docker-entrypoint.d/*.sh /docker-entrypoint.d/
COPY ./data/bash-devilbox /etc/bash-devilbox
COPY ./data/sudo-devilbox /etc/sudoers.d/devilbox
###
### Configure Bash
###
RUN set -eux \
&& { \
echo; \
echo "# [Devilbox] Ensure /usr/local(s)?bin is in PATH"; \
echo 'PATH="${PATH}:/usr/local/bin:/usr/local/sbin"'; \
echo "export PATH"; \
echo; \
echo "# [Devilbox] Source Devilbox main bash config"; \
echo ". /etc/bash-devilbox"; \
echo; \
echo "# [Devilbox] Source Devilbox custom configs"; \
echo "if [ -d /etc/bashrc-devilbox.d/ ]; then"; \
echo " for f in /etc/bashrc-devilbox.d/*.sh ; do"; \
echo " if [ -r \"\${f}\" ]; then"; \
echo " . \"\${f}\""; \
echo " fi"; \
echo " done"; \
echo " unset f"; \
echo "fi"; \
} | tee -a /home/${MY_USER}/.bashrc /root/.bashrc \
&& chown ${MY_USER}:${MY_GROUP} /home/${MY_USER}/.bashrc
########################################################################################################################
########################################################################################################################
###
### Stage 3/4: Devilbox slim image (BASE TEST)
###
########################################################################################################################
########################################################################################################################
###
### Test all Devilbox cli utils if copying was successful
###
FROM devilbox-slim-base as devilbox-slim-base-test
RUN set -eux \
&& mysql --version \
&& redis-cli --version \
&& sqlite3 --version
###
### Check if available tools slim
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& if echo '8.0' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '8.0' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& if echo '8.0' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Re-activate modules which have been deactivated in mods (for testing).
###
RUN set -eux \
&& if find /usr/local/lib/php/extensions/ -name phalcon.so | grep phalcon; then \
echo "extension=phalcon.so" > /usr/local/etc/php/conf.d/docker-php-ext-phalcon.ini; \
fi \
&& if find /usr/local/lib/php/extensions/ -name psr.so | grep psr; then \
echo "extension=psr.so" > /usr/local/etc/php/conf.d/docker-php-ext-psr.ini; \
fi
###
### Check if PHP still works
###
RUN set -eux \
&& echo "date.timezone=UTC" > /usr/local/etc/php/php.ini \
&& php -v | grep -oE 'PHP\s[.0-9]+' | grep -oE '[.0-9]+' | grep '^8.0' \
&& /usr/local/sbin/php-fpm --test \
\
&& PHP_ERROR="$( php -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
&& PHP_ERROR="$( php -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
\
&& PHP_FPM_ERROR="$( php-fpm -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& PHP_FPM_ERROR="$( php-fpm -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& rm -f /usr/local/etc/php/php.ini
########################################################################################################################
########################################################################################################################
###
### Stage 4/4: Devilbox slim image (FINAL)
###
########################################################################################################################
########################################################################################################################
###
### Prepare final base image (STAGE: slim)
###
FROM devilbox-slim-base as slim
MAINTAINER "cytopia" <cytopia@everythingcli.org>
###
### Labels
###
# https://github.com/opencontainers/image-spec/blob/master/annotations.md
#LABEL "org.opencontainers.image.created"=""
#LABEL "org.opencontainers.image.version"=""
#LABEL "org.opencontainers.image.revision"=""
LABEL "maintainer"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.authors"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.url"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.documentation"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.source"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.vendor"="devilbox"
LABEL "org.opencontainers.image.licenses"="MIT"
LABEL "org.opencontainers.image.ref.name"="8.0-slim"
LABEL "org.opencontainers.image.title"="PHP-FPM 8.0-slim"
LABEL "org.opencontainers.image.description"="PHP-FPM 8.0-slim"
###
### Volumes
###
VOLUME /shared/backups
VOLUME /var/log/php
VOLUME /var/mail
###
### Ports
###
EXPOSE 9000
###
### Where to start inside the container
###
WORKDIR /shared/httpd
###
### Entrypoint
###
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/supervisord.conf"]
ENTRYPOINT ["/docker-entrypoint.sh"]

620
Dockerfiles/slim/Dockerfile-8.1 Normal file
View File

@@ -0,0 +1,620 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-slim.j2 instead.
########################################################################################################################
########################################################################################################################
###
### Stage 1/4: Devilbox slim image (BASE BUILDER)
###
########################################################################################################################
########################################################################################################################
###
### Installs all cli tools required to run Devilbox and its intranet
###
FROM devilbox/php-fpm:8.1-prod as devilbox-slim-base-builder
###
### Install apt Tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
apt-transport-https \
ca-certificates \
curl \
dirmngr \
gnupg
###
### Add apt repositories
###
RUN set -eux \
&& apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFD622F3D138 \
&& echo "deb http://ftp.debian.org/debian bullseye-backports main" > /etc/apt/sources.list.d/backports.list \
&& curl -sS -L --fail "https://packages.blackfire.io/gpg.key" | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb http://packages.blackfire.io/debian any main" > /etc/apt/sources.list.d/blackfire.list \
&& true
###
### Install build_dep
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
libsnappy-dev \
&& rm -rf /var/lib/apt/lists/*
###
### Add common tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
file \
git \
mariadb-client \
redis-tools \
sqlite3
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Devilbox required cli tools from group_vars (slim.yml)
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
blackfire-agent \
\
&& rm -rf /var/lib/apt/lists/* \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& DEB_HOST_ARCH="$( dpkg-architecture --query DEB_HOST_ARCH )" \
&& if [ "${DEB_HOST_ARCH}" = "amd64" ] || [ "${DEB_HOST_ARCH}" = "arm64" ]; then \
MHSENDMAIL_URL="https://github.com/devilbox/mhsendmail/releases/download/v0.3.0/mhsendmail_linux_${DEB_HOST_ARCH}" \
&& curl -sS -L --fail "${MHSENDMAIL_URL}" > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
else \
printf '%s\n%s\n%s\n' '#!/bin/sh' 'echo "Not available for this platform."' 'exit 1' > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
fi \
\
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 20691EEC35216C63CAF66CE1656408E390CFB1F5 \
&& echo "deb http://repo.mongodb.org/apt/ubuntu focal/mongodb-org/4.4 multiverse" > /etc/apt/sources.list.d/mongo.list \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
mongodb-org-tools \
mongodb-org-shell \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '8.1' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '8.1' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& git clone https://github.com/cytopia/mysqldump-secure.git /usr/local/src/mysqldump-secure \
&& cd /usr/local/src/mysqldump-secure \
&& git checkout $(git describe --abbrev=0 --tags) \
&& cp /usr/local/src/mysqldump-secure/bin/mysqldump-secure /usr/local/bin \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.conf /etc \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.cnf /etc \
&& touch /var/log/mysqldump-secure.log \
&& chown ${MY_USER}:${MY_GROUP} /etc/mysqldump-secure.* \
&& chown ${MY_USER}:${MY_GROUP} /var/log/mysqldump-secure.log \
&& chmod 0400 /etc/mysqldump-secure.conf \
&& chmod 0400 /etc/mysqldump-secure.cnf \
&& chmod 0644 /var/log/mysqldump-secure.log \
&& sed -i'' 's/^COMPRESS_ARG=.*/COMPRESS_ARG="-9 -c"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR=.*/DUMP_DIR="\/shared\/backups\/mysql"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR_CHMOD=.*/DUMP_DIR_CHMOD="0755"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_FILE_CHMOD=.*/DUMP_FILE_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^LOG_CHMOD=.*/LOG_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^NAGIOS_LOG=.*/NAGIOS_LOG=0/g' /etc/mysqldump-secure.conf \
&& cd / \
&& rm -rf /usr/local/src/mysqldump-secure \
\
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& curl -sS -k -L --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb http://apt.postgresql.org/pub/repos/apt/ bullseye-pgdg main" > /etc/apt/sources.list.d/pgsql.list \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
postgresql-client \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '8.1' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Prepare required shared libraries for copying (keep symlinks)
###
RUN set -eux \
&& LIB_GNU_DIR="/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
&& USR_LIB_DIR="/usr/lib" \
&& USR_LIB_GNU_DIR="/usr/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
\
&& mkdir /tmp/lib-gnu \
&& mkdir /tmp/usr-lib \
&& mkdir /tmp/usr-lib-gnu \
\
&& LIB_GNU="libreadline" \
&& USR_LIB="libsnappy libtcmalloc libv8" \
&& USR_LIB_GNU="liblua libpq libpcrecpp libboost libjemalloc libunwind libhiredis libedit libyaml-cpp libstemmer libsnappy libpcap libbsd liblzf" \
\
&& for lib in ${LIB_GNU}; do \
if ls -1 "${LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${LIB_GNU_DIR}"; \
cp -r ${LIB_GNU_DIR}/${lib}* /tmp/lib-gnu/; \
fi \
done \
&& for lib in ${USR_LIB}; do \
if ls -1 "${USR_LIB_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_DIR}"; \
cp -r ${USR_LIB_DIR}/${lib}* /tmp/usr-lib/; \
fi \
done \
&& for lib in ${USR_LIB_GNU}; do \
if ls -1 "${USR_LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_GNU_DIR}"; \
cp -r ${USR_LIB_GNU_DIR}/${lib}* /tmp/usr-lib-gnu/; \
fi \
done
###
### Fix expected PostgreSQL directories
###
### This might not exist on arm64 as software was not available,
### but they are still needed to be present, so we can copy them.
###
RUN set -eux \
&& if [ ! -d "/usr/lib/postgresql" ]; then \
mkdir "/usr/lib/postgresql"; \
fi \
&& if [ ! -d "/usr/share/postgresql-common" ]; then \
mkdir "/usr/share/postgresql-common"; \
fi
###
### Prepare MongoDB binaries for copying.
###
### They might not be available on all architectures (e.g.: arm64).
###
RUN set -eux \
&& mkdir /tmp/mongo \
&& if ls -1 "/usr/bin/" | grep "^mongo" >/dev/null; then \
cp -r /usr/bin/mongo* /tmp/mongo/; \
fi
###
### Strip debugging information to smallen filesize
###
RUN set -eux \
&& STRIP_USR_BINS="blackfire mongo mysql redis sqlite" \
&& STRIP_DIRS="/usr/lib/postgresql/ /usr/share/postgresql-common/ /tmp" \
\
&& for bin in ${STRIP_USR_BINS}; do \
( \
find /usr/bin/ -name "${bin}"* -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& for dir in ${STRIP_DIRS}; do \
( \
find ${dir} -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& strip --strip-all -p /usr/local/bin/mhsendmail 2>/dev/null || true \
&& strip --strip-all -p /usr/local/bin/mysqldump-secure 2>/dev/null || true
########################################################################################################################
########################################################################################################################
###
### Stage 2/4: Devilbox slim image (BASE)
###
########################################################################################################################
########################################################################################################################
###
### Copies all cli tools required to run Devilbox and its intranet into a clean image
###
FROM devilbox/php-fpm:8.1-prod as devilbox-slim-base
ARG ARCH
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Copy shared libraries (required by MongoDB, MySQL, PostgreSQL and Redis)
###
COPY --from=devilbox-slim-base-builder /tmp/lib-gnu/ /lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib-gnu/ /usr/lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib/ /usr/lib/
###
### Copy system files
###
COPY --from=devilbox-slim-base-builder /etc/group /etc/group
COPY --from=devilbox-slim-base-builder /etc/passwd /etc/passwd
COPY --from=devilbox-slim-base-builder /etc/shadow /etc/shadow
###
### Copy Blackfire
###
COPY --from=devilbox-slim-base-builder /etc/blackfire /etc/blackfire
COPY --from=devilbox-slim-base-builder /etc/default/blackfire-agent /etc/default/blackfire-agent
COPY --from=devilbox-slim-base-builder /usr/bin/blackfire* /usr/bin/
COPY --from=devilbox-slim-base-builder /var/log/blackfire /var/log/blackfire
###
### Copy mhsendmail
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mhsendmail /usr/local/bin/
###
### Copy MongoDB client (if exists)
###
COPY --from=devilbox-slim-base-builder /tmp/mongo/ /usr/bin/
###
### Copy MysQL Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/mysql* /usr/bin/
###
### Copy mysqldump-secure
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mysqldump-secure /usr/local/bin/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.conf /etc/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.cnf /etc/
COPY --from=devilbox-slim-base-builder /var/log/mysqldump-secure.log /var/log/
###
### Copy PostgreSQL
###
COPY --from=devilbox-slim-base-builder /usr/lib/postgresql /usr/lib/postgresql
COPY --from=devilbox-slim-base-builder /usr/share/postgresql-common /usr/share/postgresql-common
COPY --from=devilbox-slim-base-builder /usr/share/perl5 /usr/share/perl5
###
### Create PostgreSQL symlinks
###
RUN set -eux \
&& if [ -f "/usr/share/postgresql-common/pg_wrapper" ]; then \
ln -s ../share/postgresql-common/pg_wrapper /usr/bin/clusterdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createlang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/droplang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_basebackup \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dump \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dumpall \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_isready \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivewal \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivexlog \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_recvlogical \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_restore \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pgbench \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/psql \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/reindexdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumlo; \
fi
###
### Copy Redis Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/redis* /usr/bin/
###
### Copy SQLite Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/sqlite* /usr/bin/
###
### ADD PHP configuration files
###
COPY ./data/php-ini.d/php-8.1.ini /usr/local/etc/php/conf.d/xxx-devilbox-default-php.ini
COPY ./data/php-fpm.conf/php-fpm-8.1.conf /usr/local/etc/php-fpm.conf
###
### ADD Devilbox configuration files
###
COPY ./data/docker-entrypoint.sh /docker-entrypoint.sh
COPY ./data/docker-entrypoint.d/*.sh /docker-entrypoint.d/
COPY ./data/bash-devilbox /etc/bash-devilbox
COPY ./data/sudo-devilbox /etc/sudoers.d/devilbox
###
### Configure Bash
###
RUN set -eux \
&& { \
echo; \
echo "# [Devilbox] Ensure /usr/local(s)?bin is in PATH"; \
echo 'PATH="${PATH}:/usr/local/bin:/usr/local/sbin"'; \
echo "export PATH"; \
echo; \
echo "# [Devilbox] Source Devilbox main bash config"; \
echo ". /etc/bash-devilbox"; \
echo; \
echo "# [Devilbox] Source Devilbox custom configs"; \
echo "if [ -d /etc/bashrc-devilbox.d/ ]; then"; \
echo " for f in /etc/bashrc-devilbox.d/*.sh ; do"; \
echo " if [ -r \"\${f}\" ]; then"; \
echo " . \"\${f}\""; \
echo " fi"; \
echo " done"; \
echo " unset f"; \
echo "fi"; \
} | tee -a /home/${MY_USER}/.bashrc /root/.bashrc \
&& chown ${MY_USER}:${MY_GROUP} /home/${MY_USER}/.bashrc
########################################################################################################################
########################################################################################################################
###
### Stage 3/4: Devilbox slim image (BASE TEST)
###
########################################################################################################################
########################################################################################################################
###
### Test all Devilbox cli utils if copying was successful
###
FROM devilbox-slim-base as devilbox-slim-base-test
RUN set -eux \
&& mysql --version \
&& redis-cli --version \
&& sqlite3 --version
###
### Check if available tools slim
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& if echo '8.1' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '8.1' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& if echo '8.1' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Re-activate modules which have been deactivated in mods (for testing).
###
RUN set -eux \
&& if find /usr/local/lib/php/extensions/ -name phalcon.so | grep phalcon; then \
echo "extension=phalcon.so" > /usr/local/etc/php/conf.d/docker-php-ext-phalcon.ini; \
fi \
&& if find /usr/local/lib/php/extensions/ -name psr.so | grep psr; then \
echo "extension=psr.so" > /usr/local/etc/php/conf.d/docker-php-ext-psr.ini; \
fi
###
### Check if PHP still works
###
RUN set -eux \
&& echo "date.timezone=UTC" > /usr/local/etc/php/php.ini \
&& php -v | grep -oE 'PHP\s[.0-9]+' | grep -oE '[.0-9]+' | grep '^8.1' \
&& /usr/local/sbin/php-fpm --test \
\
&& PHP_ERROR="$( php -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
&& PHP_ERROR="$( php -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
\
&& PHP_FPM_ERROR="$( php-fpm -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& PHP_FPM_ERROR="$( php-fpm -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& rm -f /usr/local/etc/php/php.ini
########################################################################################################################
########################################################################################################################
###
### Stage 4/4: Devilbox slim image (FINAL)
###
########################################################################################################################
########################################################################################################################
###
### Prepare final base image (STAGE: slim)
###
FROM devilbox-slim-base as slim
MAINTAINER "cytopia" <cytopia@everythingcli.org>
###
### Labels
###
# https://github.com/opencontainers/image-spec/blob/master/annotations.md
#LABEL "org.opencontainers.image.created"=""
#LABEL "org.opencontainers.image.version"=""
#LABEL "org.opencontainers.image.revision"=""
LABEL "maintainer"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.authors"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.url"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.documentation"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.source"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.vendor"="devilbox"
LABEL "org.opencontainers.image.licenses"="MIT"
LABEL "org.opencontainers.image.ref.name"="8.1-slim"
LABEL "org.opencontainers.image.title"="PHP-FPM 8.1-slim"
LABEL "org.opencontainers.image.description"="PHP-FPM 8.1-slim"
###
### Volumes
###
VOLUME /shared/backups
VOLUME /var/log/php
VOLUME /var/mail
###
### Ports
###
EXPOSE 9000
###
### Where to start inside the container
###
WORKDIR /shared/httpd
###
### Entrypoint
###
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/supervisord.conf"]
ENTRYPOINT ["/docker-entrypoint.sh"]

620
Dockerfiles/slim/Dockerfile-8.2 Normal file
View File

@@ -0,0 +1,620 @@
# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-slim.j2 instead.
########################################################################################################################
########################################################################################################################
###
### Stage 1/4: Devilbox slim image (BASE BUILDER)
###
########################################################################################################################
########################################################################################################################
###
### Installs all cli tools required to run Devilbox and its intranet
###
FROM devilbox/php-fpm:8.2-prod as devilbox-slim-base-builder
###
### Install apt Tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
apt-transport-https \
ca-certificates \
curl \
dirmngr \
gnupg
###
### Add apt repositories
###
RUN set -eux \
&& apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFD622F3D138 \
&& echo "deb http://ftp.debian.org/debian bullseye-backports main" > /etc/apt/sources.list.d/backports.list \
&& curl -sS -L --fail "https://packages.blackfire.io/gpg.key" | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb http://packages.blackfire.io/debian any main" > /etc/apt/sources.list.d/blackfire.list \
&& true
###
### Install build_dep
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
libsnappy-dev \
&& rm -rf /var/lib/apt/lists/*
###
### Add common tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
file \
git \
mariadb-client \
redis-tools \
sqlite3
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Devilbox required cli tools from group_vars (slim.yml)
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
blackfire-agent \
\
&& rm -rf /var/lib/apt/lists/* \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& DEB_HOST_ARCH="$( dpkg-architecture --query DEB_HOST_ARCH )" \
&& if [ "${DEB_HOST_ARCH}" = "amd64" ] || [ "${DEB_HOST_ARCH}" = "arm64" ]; then \
MHSENDMAIL_URL="https://github.com/devilbox/mhsendmail/releases/download/v0.3.0/mhsendmail_linux_${DEB_HOST_ARCH}" \
&& curl -sS -L --fail "${MHSENDMAIL_URL}" > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
else \
printf '%s\n%s\n%s\n' '#!/bin/sh' 'echo "Not available for this platform."' 'exit 1' > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
fi \
\
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 20691EEC35216C63CAF66CE1656408E390CFB1F5 \
&& echo "deb http://repo.mongodb.org/apt/ubuntu focal/mongodb-org/4.4 multiverse" > /etc/apt/sources.list.d/mongo.list \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
mongodb-org-tools \
mongodb-org-shell \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '8.2' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '8.2' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& git clone https://github.com/cytopia/mysqldump-secure.git /usr/local/src/mysqldump-secure \
&& cd /usr/local/src/mysqldump-secure \
&& git checkout $(git describe --abbrev=0 --tags) \
&& cp /usr/local/src/mysqldump-secure/bin/mysqldump-secure /usr/local/bin \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.conf /etc \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.cnf /etc \
&& touch /var/log/mysqldump-secure.log \
&& chown ${MY_USER}:${MY_GROUP} /etc/mysqldump-secure.* \
&& chown ${MY_USER}:${MY_GROUP} /var/log/mysqldump-secure.log \
&& chmod 0400 /etc/mysqldump-secure.conf \
&& chmod 0400 /etc/mysqldump-secure.cnf \
&& chmod 0644 /var/log/mysqldump-secure.log \
&& sed -i'' 's/^COMPRESS_ARG=.*/COMPRESS_ARG="-9 -c"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR=.*/DUMP_DIR="\/shared\/backups\/mysql"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR_CHMOD=.*/DUMP_DIR_CHMOD="0755"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_FILE_CHMOD=.*/DUMP_FILE_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^LOG_CHMOD=.*/LOG_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^NAGIOS_LOG=.*/NAGIOS_LOG=0/g' /etc/mysqldump-secure.conf \
&& cd / \
&& rm -rf /usr/local/src/mysqldump-secure \
\
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& curl -sS -k -L --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb http://apt.postgresql.org/pub/repos/apt/ bullseye-pgdg main" > /etc/apt/sources.list.d/pgsql.list \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
postgresql-client \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '8.2' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Prepare required shared libraries for copying (keep symlinks)
###
RUN set -eux \
&& LIB_GNU_DIR="/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
&& USR_LIB_DIR="/usr/lib" \
&& USR_LIB_GNU_DIR="/usr/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
\
&& mkdir /tmp/lib-gnu \
&& mkdir /tmp/usr-lib \
&& mkdir /tmp/usr-lib-gnu \
\
&& LIB_GNU="libreadline" \
&& USR_LIB="libsnappy libtcmalloc libv8" \
&& USR_LIB_GNU="liblua libpq libpcrecpp libboost libjemalloc libunwind libhiredis libedit libyaml-cpp libstemmer libsnappy libpcap libbsd liblzf" \
\
&& for lib in ${LIB_GNU}; do \
if ls -1 "${LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${LIB_GNU_DIR}"; \
cp -r ${LIB_GNU_DIR}/${lib}* /tmp/lib-gnu/; \
fi \
done \
&& for lib in ${USR_LIB}; do \
if ls -1 "${USR_LIB_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_DIR}"; \
cp -r ${USR_LIB_DIR}/${lib}* /tmp/usr-lib/; \
fi \
done \
&& for lib in ${USR_LIB_GNU}; do \
if ls -1 "${USR_LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_GNU_DIR}"; \
cp -r ${USR_LIB_GNU_DIR}/${lib}* /tmp/usr-lib-gnu/; \
fi \
done
###
### Fix expected PostgreSQL directories
###
### This might not exist on arm64 as software was not available,
### but they are still needed to be present, so we can copy them.
###
RUN set -eux \
&& if [ ! -d "/usr/lib/postgresql" ]; then \
mkdir "/usr/lib/postgresql"; \
fi \
&& if [ ! -d "/usr/share/postgresql-common" ]; then \
mkdir "/usr/share/postgresql-common"; \
fi
###
### Prepare MongoDB binaries for copying.
###
### They might not be available on all architectures (e.g.: arm64).
###
RUN set -eux \
&& mkdir /tmp/mongo \
&& if ls -1 "/usr/bin/" | grep "^mongo" >/dev/null; then \
cp -r /usr/bin/mongo* /tmp/mongo/; \
fi
###
### Strip debugging information to smallen filesize
###
RUN set -eux \
&& STRIP_USR_BINS="blackfire mongo mysql redis sqlite" \
&& STRIP_DIRS="/usr/lib/postgresql/ /usr/share/postgresql-common/ /tmp" \
\
&& for bin in ${STRIP_USR_BINS}; do \
( \
find /usr/bin/ -name "${bin}"* -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& for dir in ${STRIP_DIRS}; do \
( \
find ${dir} -type f -print0 \
| xargs -n1 -0 -P$(getconf _NPROCESSORS_ONLN) sh -c \
'if [ -f "${1}" ]; then echo "Strip: ${1}"; strip --strip-all -p "${1}" 2>/dev/null || true; fi' -- \
) \
done \
\
&& strip --strip-all -p /usr/local/bin/mhsendmail 2>/dev/null || true \
&& strip --strip-all -p /usr/local/bin/mysqldump-secure 2>/dev/null || true
########################################################################################################################
########################################################################################################################
###
### Stage 2/4: Devilbox slim image (BASE)
###
########################################################################################################################
########################################################################################################################
###
### Copies all cli tools required to run Devilbox and its intranet into a clean image
###
FROM devilbox/php-fpm:8.2-prod as devilbox-slim-base
ARG ARCH
###
### Install tools type: apt
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
# ---------- type: apt ----------
dnsutils \
iputils-ping \
netcat-openbsd \
sudo \
&& rm -rf /var/lib/apt/lists/*
###
### Copy shared libraries (required by MongoDB, MySQL, PostgreSQL and Redis)
###
COPY --from=devilbox-slim-base-builder /tmp/lib-gnu/ /lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib-gnu/ /usr/lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib/ /usr/lib/
###
### Copy system files
###
COPY --from=devilbox-slim-base-builder /etc/group /etc/group
COPY --from=devilbox-slim-base-builder /etc/passwd /etc/passwd
COPY --from=devilbox-slim-base-builder /etc/shadow /etc/shadow
###
### Copy Blackfire
###
COPY --from=devilbox-slim-base-builder /etc/blackfire /etc/blackfire
COPY --from=devilbox-slim-base-builder /etc/default/blackfire-agent /etc/default/blackfire-agent
COPY --from=devilbox-slim-base-builder /usr/bin/blackfire* /usr/bin/
COPY --from=devilbox-slim-base-builder /var/log/blackfire /var/log/blackfire
###
### Copy mhsendmail
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mhsendmail /usr/local/bin/
###
### Copy MongoDB client (if exists)
###
COPY --from=devilbox-slim-base-builder /tmp/mongo/ /usr/bin/
###
### Copy MysQL Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/mysql* /usr/bin/
###
### Copy mysqldump-secure
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mysqldump-secure /usr/local/bin/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.conf /etc/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.cnf /etc/
COPY --from=devilbox-slim-base-builder /var/log/mysqldump-secure.log /var/log/
###
### Copy PostgreSQL
###
COPY --from=devilbox-slim-base-builder /usr/lib/postgresql /usr/lib/postgresql
COPY --from=devilbox-slim-base-builder /usr/share/postgresql-common /usr/share/postgresql-common
COPY --from=devilbox-slim-base-builder /usr/share/perl5 /usr/share/perl5
###
### Create PostgreSQL symlinks
###
RUN set -eux \
&& if [ -f "/usr/share/postgresql-common/pg_wrapper" ]; then \
ln -s ../share/postgresql-common/pg_wrapper /usr/bin/clusterdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createlang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/droplang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_basebackup \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dump \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dumpall \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_isready \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivewal \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivexlog \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_recvlogical \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_restore \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pgbench \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/psql \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/reindexdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumlo; \
fi
###
### Copy Redis Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/redis* /usr/bin/
###
### Copy SQLite Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/sqlite* /usr/bin/
###
### ADD PHP configuration files
###
COPY ./data/php-ini.d/php-8.2.ini /usr/local/etc/php/conf.d/xxx-devilbox-default-php.ini
COPY ./data/php-fpm.conf/php-fpm-8.2.conf /usr/local/etc/php-fpm.conf
###
### ADD Devilbox configuration files
###
COPY ./data/docker-entrypoint.sh /docker-entrypoint.sh
COPY ./data/docker-entrypoint.d/*.sh /docker-entrypoint.d/
COPY ./data/bash-devilbox /etc/bash-devilbox
COPY ./data/sudo-devilbox /etc/sudoers.d/devilbox
###
### Configure Bash
###
RUN set -eux \
&& { \
echo; \
echo "# [Devilbox] Ensure /usr/local(s)?bin is in PATH"; \
echo 'PATH="${PATH}:/usr/local/bin:/usr/local/sbin"'; \
echo "export PATH"; \
echo; \
echo "# [Devilbox] Source Devilbox main bash config"; \
echo ". /etc/bash-devilbox"; \
echo; \
echo "# [Devilbox] Source Devilbox custom configs"; \
echo "if [ -d /etc/bashrc-devilbox.d/ ]; then"; \
echo " for f in /etc/bashrc-devilbox.d/*.sh ; do"; \
echo " if [ -r \"\${f}\" ]; then"; \
echo " . \"\${f}\""; \
echo " fi"; \
echo " done"; \
echo " unset f"; \
echo "fi"; \
} | tee -a /home/${MY_USER}/.bashrc /root/.bashrc \
&& chown ${MY_USER}:${MY_GROUP} /home/${MY_USER}/.bashrc
########################################################################################################################
########################################################################################################################
###
### Stage 3/4: Devilbox slim image (BASE TEST)
###
########################################################################################################################
########################################################################################################################
###
### Test all Devilbox cli utils if copying was successful
###
FROM devilbox-slim-base as devilbox-slim-base-test
RUN set -eux \
&& mysql --version \
&& redis-cli --version \
&& sqlite3 --version
###
### Check if available tools slim
###
# -------------------- dig --------------------
RUN set -eux \
&& dig -v 2>&1 | grep -E '[0-9]\.[0-9]' \
&& true
# -------------------- netcat --------------------
RUN set -eux \
&& nc -h 2>&1 | grep netcat \
&& true
# -------------------- ping --------------------
RUN set -eux \
&& ping -V | grep ^ping \
&& true
# -------------------- sudo --------------------
RUN set -eux \
&& sudo --version | grep -E 'version [0-9]+\.[0-9]+' \
&& true
# -------------------- blackfire --------------------
RUN set -eux \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& if echo '8.2' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& if echo '8.2' | grep -E '^(5.2|5.3|5.4|5.5)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongo --version; \
fi \
else \
mongo --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& if echo '8.2' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Re-activate modules which have been deactivated in mods (for testing).
###
RUN set -eux \
&& if find /usr/local/lib/php/extensions/ -name phalcon.so | grep phalcon; then \
echo "extension=phalcon.so" > /usr/local/etc/php/conf.d/docker-php-ext-phalcon.ini; \
fi \
&& if find /usr/local/lib/php/extensions/ -name psr.so | grep psr; then \
echo "extension=psr.so" > /usr/local/etc/php/conf.d/docker-php-ext-psr.ini; \
fi
###
### Check if PHP still works
###
RUN set -eux \
&& echo "date.timezone=UTC" > /usr/local/etc/php/php.ini \
&& php -v | grep -oE 'PHP\s[.0-9]+' | grep -oE '[.0-9]+' | grep '^8.2' \
&& /usr/local/sbin/php-fpm --test \
\
&& PHP_ERROR="$( php -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
&& PHP_ERROR="$( php -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
\
&& PHP_FPM_ERROR="$( php-fpm -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& PHP_FPM_ERROR="$( php-fpm -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& rm -f /usr/local/etc/php/php.ini
########################################################################################################################
########################################################################################################################
###
### Stage 4/4: Devilbox slim image (FINAL)
###
########################################################################################################################
########################################################################################################################
###
### Prepare final base image (STAGE: slim)
###
FROM devilbox-slim-base as slim
MAINTAINER "cytopia" <cytopia@everythingcli.org>
###
### Labels
###
# https://github.com/opencontainers/image-spec/blob/master/annotations.md
#LABEL "org.opencontainers.image.created"=""
#LABEL "org.opencontainers.image.version"=""
#LABEL "org.opencontainers.image.revision"=""
LABEL "maintainer"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.authors"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.url"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.documentation"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.source"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.vendor"="devilbox"
LABEL "org.opencontainers.image.licenses"="MIT"
LABEL "org.opencontainers.image.ref.name"="8.2-slim"
LABEL "org.opencontainers.image.title"="PHP-FPM 8.2-slim"
LABEL "org.opencontainers.image.description"="PHP-FPM 8.2-slim"
###
### Volumes
###
VOLUME /shared/backups
VOLUME /var/log/php
VOLUME /var/mail
###
### Ports
###
EXPOSE 9000
###
### Where to start inside the container
###
WORKDIR /shared/httpd
###
### Entrypoint
###
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/supervisord.conf"]
ENTRYPOINT ["/docker-entrypoint.sh"]

0
Dockerfiles/work/data/bash-devilbox → Dockerfiles/slim/data/bash-devilbox
View File

0
Dockerfiles/work/data/docker-entrypoint.d/400-mysqldump-secure.sh → Dockerfiles/slim/data/docker-entrypoint.d/400-mysqldump-secure.sh
View File

1
Dockerfiles/work/data/docker-entrypoint.d/401-update-ca-certificates.sh → Dockerfiles/slim/data/docker-entrypoint.d/401-update-ca-certificates.sh
View File

@@ -17,6 +17,7 @@ update_ca_certificates() {
local debug="${2}"
if [ -d "${dir}" ]; then
# shellcheck disable=SC2044
for cert in $( find "${dir}" -name \*.crt ); do
name="$( basename "${cert}" )"
run "cp ${cert} /usr/local/share/ca-certificates/devilbox-${name}" "${debug}"

0
Dockerfiles/work/data/docker-entrypoint.sh → Dockerfiles/slim/data/docker-entrypoint.sh
View File

0
Dockerfiles/work/data/php-fpm.conf/php-fpm-5.2.conf → Dockerfiles/slim/data/php-fpm.conf/php-fpm-5.2.conf
View File

0
Dockerfiles/work/data/php-fpm.conf/php-fpm-5.3.conf → Dockerfiles/slim/data/php-fpm.conf/php-fpm-5.3.conf
View File

0
Dockerfiles/work/data/php-fpm.conf/php-fpm-5.4.conf → Dockerfiles/slim/data/php-fpm.conf/php-fpm-5.4.conf
View File

0
Dockerfiles/work/data/php-fpm.conf/php-fpm-5.5.conf → Dockerfiles/slim/data/php-fpm.conf/php-fpm-5.5.conf
View File

0
Dockerfiles/work/data/php-fpm.conf/php-fpm-5.6.conf → Dockerfiles/slim/data/php-fpm.conf/php-fpm-5.6.conf
View File

0
Dockerfiles/work/data/php-fpm.conf/php-fpm-7.0.conf → Dockerfiles/slim/data/php-fpm.conf/php-fpm-7.0.conf
View File

0
Dockerfiles/work/data/php-fpm.conf/php-fpm-7.1.conf → Dockerfiles/slim/data/php-fpm.conf/php-fpm-7.1.conf
View File

0
Dockerfiles/work/data/php-fpm.conf/php-fpm-7.2.conf → Dockerfiles/slim/data/php-fpm.conf/php-fpm-7.2.conf
View File

0
Dockerfiles/work/data/php-fpm.conf/php-fpm-7.3.conf → Dockerfiles/slim/data/php-fpm.conf/php-fpm-7.3.conf
View File

0
Dockerfiles/work/data/php-fpm.conf/php-fpm-7.4.conf → Dockerfiles/slim/data/php-fpm.conf/php-fpm-7.4.conf
View File

0
Dockerfiles/work/data/php-fpm.conf/php-fpm-8.0.conf → Dockerfiles/slim/data/php-fpm.conf/php-fpm-8.0.conf
View File

0
Dockerfiles/work/data/php-fpm.conf/php-fpm-8.1.conf → Dockerfiles/slim/data/php-fpm.conf/php-fpm-8.1.conf
View File

Some files were not shown because too many files have changed in this diff Show More