gh-mirrors/docker-php-fpm
1
0
Fork 0
mirror of https://github.com/devilbox/docker-php-fpm.git synced 2025-12-10 11:01:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
28b7aade7fc2fc520f910e82edb55f039661da06
docker-php-fpm/Dockerfiles/slim/Dockerfile-7.1
cytopia 28b7aade7f Ensure mhsendmail is available on arm64
2022-12-08 06:23:53 +01:00

499 lines
17 KiB
Docker
Raw Blame History

# vi: ft=dockerfile
# Auto-generated via Ansible: edit ./ansible/DOCKERFILES/Dockerfile-slim.j2 instead.
########################################################################################################################
########################################################################################################################
###
### Stage 1/4: Devilbox slim image (BASE BUILDER)
###
########################################################################################################################
########################################################################################################################
###
### Installs all cli tools required to run Devilbox and its intranet
###
FROM devilbox/php-fpm:7.1-prod as devilbox-slim-base-builder
###
### Install apt Tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
apt-transport-https \
ca-certificates \
curl \
dirmngr \
gnupg
###
### Add apt repositories
###
RUN set -eux \
&& apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFD622F3D138 \
&& echo "deb http://ftp.debian.org/debian buster-backports main" > /etc/apt/sources.list.d/backports.list \
&& curl -sS -L --fail "https://packages.blackfire.io/gpg.key" | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb http://packages.blackfire.io/debian any main" > /etc/apt/sources.list.d/blackfire.list \
&& true
###
### Add common build tools
###
RUN set -eux \
&& DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends --no-install-suggests \
file \
git \
mariadb-client \
redis-tools \
sqlite3
###
### Devilbox required cli tools from group_vars (slim.yml)
###
# -------------------- blackfire --------------------
RUN set -eux \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
blackfire-agent \
\
&& rm -rf /var/lib/apt/lists/* \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& DEB_HOST_ARCH="$( dpkg-architecture --query DEB_HOST_ARCH )" \
&& if [ "${DEB_HOST_ARCH}" = "amd64" ] || [ "${DEB_HOST_ARCH}" = "arm64" ]; then \
MHSENDMAIL_URL="https://github.com/devilbox/mhsendmail/releases/download/v0.3.0/mhsendmail_linux_${DEB_HOST_ARCH}" \
&& curl -sS -L --fail "${MHSENDMAIL_URL}" > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
else \
printf '%s\n%s\n%s\n' '#!/bin/sh' 'echo "Not available for this platform."' 'exit 1' > /usr/local/bin/mhsendmail \
&& chmod +x /usr/local/bin/mhsendmail; \
fi \
\
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 20691EEC35216C63CAF66CE1656408E390CFB1F5 \
&& echo "deb http://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.4 multiverse" > /etc/apt/sources.list.d/mongo.list \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
mongodb-org-tools \
mongodb-org-shell \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '7.1' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& git clone https://github.com/cytopia/mysqldump-secure.git /usr/local/src/mysqldump-secure \
&& cd /usr/local/src/mysqldump-secure \
&& git checkout $(git describe --abbrev=0 --tags) \
&& cp /usr/local/src/mysqldump-secure/bin/mysqldump-secure /usr/local/bin \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.conf /etc \
&& cp /usr/local/src/mysqldump-secure/etc/mysqldump-secure.cnf /etc \
&& touch /var/log/mysqldump-secure.log \
&& chown ${MY_USER}:${MY_GROUP} /etc/mysqldump-secure.* \
&& chown ${MY_USER}:${MY_GROUP} /var/log/mysqldump-secure.log \
&& chmod 0400 /etc/mysqldump-secure.conf \
&& chmod 0400 /etc/mysqldump-secure.cnf \
&& chmod 0644 /var/log/mysqldump-secure.log \
&& sed -i'' 's/^COMPRESS_ARG=.*/COMPRESS_ARG="-9 -c"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR=.*/DUMP_DIR="\/shared\/backups\/mysql"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_DIR_CHMOD=.*/DUMP_DIR_CHMOD="0755"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^DUMP_FILE_CHMOD=.*/DUMP_FILE_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^LOG_CHMOD=.*/LOG_CHMOD="0644"/g' /etc/mysqldump-secure.conf \
&& sed -i'' 's/^NAGIOS_LOG=.*/NAGIOS_LOG=0/g' /etc/mysqldump-secure.conf \
&& cd / \
&& rm -rf /usr/local/src/mysqldump-secure \
\
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& curl -sS -k -L --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc | APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add - \
&& echo "deb http://apt.postgresql.org/pub/repos/apt/ buster-pgdg main" > /etc/apt/sources.list.d/pgsql.list \
&& apt-get update \
\
&& apt-get install -y --no-install-recommends --no-install-suggests \
postgresql-client \
\
&& rm -rf /var/lib/apt/lists/* \
&& if echo '7.1' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Prepare required shared libraries for copying (keep symlinks)
###
RUN set -eux \
&& LIB_GNU_DIR="/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
&& USR_LIB_DIR="/usr/lib" \
&& USR_LIB_GNU_DIR="/usr/lib/$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
\
&& mkdir /tmp/lib-gnu \
&& mkdir /tmp/usr-lib \
&& mkdir /tmp/usr-lib-gnu \
\
&& LIB_GNU="libreadline" \
&& USR_LIB="libsnappy libtcmalloc libv8" \
&& USR_LIB_GNU="liblua libpq libpcrecpp libboost libjemalloc libunwind libhiredis libedit" \
\
&& for lib in ${LIB_GNU}; do \
if ls -1 "${LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${LIB_GNU_DIR}"; \
cp -r ${LIB_GNU_DIR}/${lib}* /tmp/lib-gnu/; \
fi \
done \
&& for lib in ${USR_LIB}; do \
if ls -1 "${USR_LIB_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_DIR}"; \
cp -r ${USR_LIB_DIR}/${lib}* /tmp/usr-lib/; \
fi \
done \
&& for lib in ${USR_LIB_GNU}; do \
if ls -1 "${USR_LIB_GNU_DIR}/" | grep "^${lib}" >/dev/null; then \
echo "Coping '${lib}' from: ${USR_LIB_GNU_DIR}"; \
cp -r ${USR_LIB_GNU_DIR}/${lib}* /tmp/usr-lib-gnu/; \
fi \
done
###
### Fix expected PostgreSQL directories
###
### This might not exist on arm64 as software was not available,
### but they are still needed to be present, so we can copy them.
###
RUN set -eux \
&& if [ ! -d "/usr/lib/postgresql" ]; then \
mkdir "/usr/lib/postgresql"; \
fi \
&& if [ ! -d "/usr/share/postgresql-common" ]; then \
mkdir "/usr/share/postgresql-common"; \
fi
###
### Prepare MongoDB binaries for copying.
###
### They might not be available on all architectures (e.g.: arm64).
###
RUN set -eux \
&& mkdir /tmp/mongo \
&& if ls -1 "/usr/bin/" | grep "^mongo" >/dev/null; then \
cp -r /usr/bin/mongo* /tmp/mongo/; \
fi
########################################################################################################################
########################################################################################################################
###
### Stage 2/4: Devilbox slim image (BASE)
###
########################################################################################################################
########################################################################################################################
###
### Copies all cli tools required to run Devilbox and its intranet into a clean image
###
FROM devilbox/php-fpm:7.1-prod as devilbox-slim-base
ARG ARCH
###
### Copy shared libraries
###
COPY --from=devilbox-slim-base-builder /tmp/lib-gnu/ /lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib-gnu/ /usr/lib/${ARCH}-linux-gnu/
COPY --from=devilbox-slim-base-builder /tmp/usr-lib/ /usr/lib/
###
### Copy system files
###
COPY --from=devilbox-slim-base-builder /etc/group /etc/group
COPY --from=devilbox-slim-base-builder /etc/passwd /etc/passwd
COPY --from=devilbox-slim-base-builder /etc/shadow /etc/shadow
###
### Copy Blackfire
###
COPY --from=devilbox-slim-base-builder /etc/blackfire /etc/blackfire
COPY --from=devilbox-slim-base-builder /etc/default/blackfire-agent /etc/default/blackfire-agent
COPY --from=devilbox-slim-base-builder /usr/bin/blackfire* /usr/bin/
COPY --from=devilbox-slim-base-builder /var/log/blackfire /var/log/blackfire
###
### Copy mhsendmail
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mhsendmail /usr/local/bin/
###
### Copy MongoDB client (if exists)
###
COPY --from=devilbox-slim-base-builder /tmp/mongo/ /usr/bin/
###
### Copy MysQL Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/mysql* /usr/bin/
###
### Copy mysqldump-secure
###
COPY --from=devilbox-slim-base-builder /usr/local/bin/mysqldump-secure /usr/local/bin/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.conf /etc/
COPY --from=devilbox-slim-base-builder /etc/mysqldump-secure.cnf /etc/
COPY --from=devilbox-slim-base-builder /var/log/mysqldump-secure.log /var/log/
###
### Copy PostgreSQL
###
COPY --from=devilbox-slim-base-builder /usr/lib/postgresql /usr/lib/postgresql
COPY --from=devilbox-slim-base-builder /usr/share/postgresql-common /usr/share/postgresql-common
COPY --from=devilbox-slim-base-builder /usr/share/perl5 /usr/share/perl5
###
### Create PostgreSQL symlinks
###
RUN set -eux \
&& if [ -f "/usr/share/postgresql-common/pg_wrapper" ]; then \
ln -s ../share/postgresql-common/pg_wrapper /usr/bin/clusterdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createlang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/createuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/droplang \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/dropuser \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_basebackup \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dump \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_dumpall \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_isready \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivewal \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_receivexlog \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_recvlogical \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pg_restore \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/pgbench \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/psql \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/reindexdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumdb \
&& ln -s ../share/postgresql-common/pg_wrapper /usr/bin/vacuumlo; \
fi
###
### Copy Redis Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/redis* /usr/bin/
###
### Copy SQLite Client
###
COPY --from=devilbox-slim-base-builder /usr/bin/sqlite* /usr/bin/
###
### ADD PHP configuration files
###
COPY ./data/php-ini.d/php-7.1.ini /usr/local/etc/php/conf.d/xxx-devilbox-default-php.ini
COPY ./data/php-fpm.conf/php-fpm-7.1.conf /usr/local/etc/php-fpm.conf
###
### ADD Devilbox configuration files
###
COPY ./data/docker-entrypoint.sh /docker-entrypoint.sh
COPY ./data/docker-entrypoint.d/*.sh /docker-entrypoint.d/
COPY ./data/bash-devilbox /etc/bash-devilbox
COPY ./data/sudo-devilbox /etc/sudoers.d/devilbox
###
### Configure Bash
###
RUN set -eux \
&& { \
echo 'PATH="${PATH}:/usr/local/bin:/usr/local/sbin"'; \
echo "export PATH"; \
echo ". /etc/bash-devilbox"; \
echo "if [ -d /etc/bashrc-devilbox.d/ ]; then"; \
echo " for f in /etc/bashrc-devilbox.d/*.sh ; do"; \
echo " if [ -r \"\${f}\" ]; then"; \
echo " . \"\${f}\""; \
echo " fi"; \
echo " done"; \
echo " unset f"; \
echo "fi"; \
} | tee -a /home/${MY_USER}/.bashrc /root/.bashrc \
&& chown ${MY_USER}:${MY_GROUP} /home/${MY_USER}/.bashrc
########################################################################################################################
########################################################################################################################
###
### Stage 3/4: Devilbox slim image (BASE TEST)
###
########################################################################################################################
########################################################################################################################
###
### Test all Devilbox cli utils if copying was successful
###
FROM devilbox-slim-base as devilbox-slim-base-test
RUN set -eux \
&& mysql --version \
&& redis-cli --version \
&& sqlite3 --version
###
### Check if available tools slim
###
# -------------------- blackfire --------------------
RUN set -eux \
&& blackfire version \
&& blackfire-agent -v \
\
&& true
# -------------------- mhsendmail --------------------
RUN set -eux \
&& mhsendmail -h 2>&1 | grep 'Usage' \
&& true
# -------------------- mongo_client --------------------
RUN set -eux \
&& if echo '7.1' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
mongofiles --version; \
fi \
else \
mongofiles --version; \
fi \
\
&& true
# -------------------- mysqldumpsecure --------------------
RUN set -eux \
&& mysqldump-secure --version | grep -E 'Version:\s*[0-9][.0-9]+' \
&& true
# -------------------- pgsql_client --------------------
RUN set -eux \
&& if echo '7.1' | grep -E '^(5.2|5.3|5.4|5.5|5.6|7.0)$' >/dev/null; then \
if [ "$(dpkg-architecture --query DEB_BUILD_ARCH)" = "amd64" ]; then \
pg_isready --version; \
fi \
else \
pg_isready --version; \
fi \
\
&& true
###
### Re-activate modules which have been deactivated in mods (for testing).
###
RUN set -eux \
&& if find /usr/local/lib/php/extensions/ -name phalcon.so | grep phalcon; then \
echo "extension=phalcon.so" > /usr/local/etc/php/conf.d/docker-php-ext-phalcon.ini; \
fi \
&& if find /usr/local/lib/php/extensions/ -name psr.so | grep psr; then \
echo "extension=psr.so" > /usr/local/etc/php/conf.d/docker-php-ext-psr.ini; \
fi
###
### Check if PHP still works
###
RUN set -eux \
&& echo "date.timezone=UTC" > /usr/local/etc/php/php.ini \
&& php -v | grep -oE 'PHP\s[.0-9]+' | grep -oE '[.0-9]+' | grep '^7.1' \
&& /usr/local/sbin/php-fpm --test \
\
&& PHP_ERROR="$( php -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
&& PHP_ERROR="$( php -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_ERROR}" ]; then echo "${PHP_ERROR}"; false; fi \
\
&& PHP_FPM_ERROR="$( php-fpm -v 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& PHP_FPM_ERROR="$( php-fpm -i 2>&1 1>/dev/null )" \
&& if [ -n "${PHP_FPM_ERROR}" ]; then echo "${PHP_FPM_ERROR}"; false; fi \
&& rm -f /usr/local/etc/php/php.ini
########################################################################################################################
########################################################################################################################
###
### Stage 4/4: Devilbox slim image (FINAL)
###
########################################################################################################################
########################################################################################################################
###
### Prepare final base image (STAGE: slim)
###
FROM devilbox-slim-base as slim
MAINTAINER "cytopia" <cytopia@everythingcli.org>
###
### Labels
###
# https://github.com/opencontainers/image-spec/blob/master/annotations.md
#LABEL "org.opencontainers.image.created"=""
#LABEL "org.opencontainers.image.version"=""
#LABEL "org.opencontainers.image.revision"=""
LABEL "maintainer"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.authors"="cytopia <cytopia@everythingcli.org>"
LABEL "org.opencontainers.image.url"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.documentation"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.source"="https://github.com/devilbox/docker-php-fpm"
LABEL "org.opencontainers.image.vendor"="devilbox"
LABEL "org.opencontainers.image.licenses"="MIT"
LABEL "org.opencontainers.image.ref.name"="7.1-slim"
LABEL "org.opencontainers.image.title"="PHP-FPM 7.1-slim"
LABEL "org.opencontainers.image.description"="PHP-FPM 7.1-slim"
###
### Volumes
###
VOLUME /shared/backups
VOLUME /var/log/php
VOLUME /var/mail
###
### Ports
###
EXPOSE 9000
###
### Where to start inside the container
###
WORKDIR /shared/httpd
###
### Entrypoint
###
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/supervisord.conf"]
ENTRYPOINT ["/docker-entrypoint.sh"]
Reference in New Issue View Git Blame Copy Permalink