php7.4 image

2024-12-19 11:37:57 +01:00 · 2024-12-19 11:37:57 +01:00 · d5e3e0148f
commit d5e3e0148f
parent b043c27790
12 changed files with 230 additions and 0 deletions
--- a/.drone.yml
+++ b/.drone.yml
@ -24,3 +24,24 @@ steps:
      event:
        - push
        - cron
+
+  - name: build_and_publish_php74
+    image: plugins/docker:linux-amd64
+    settings:
+      force_tag: true
+      password:
+        from_secret: docker_password
+      registry: docker.asperti.com
+      repo: docker.asperti.com/paspo/webserver-nginx
+      context: .
+      dockerfile: ./Dockerfile-php74
+      username:
+        from_secret: docker_username
+      tags:
+        - latest-php74
+    when:
+      branch:
+        - master
+      event:
+        - push
+        - cron
--- a/20
+++ b/20
@ -0,0 +1,20 @@
+FROM alpine:3.15
+
+RUN \
+  apk -U upgrade && \
+  apk add tini nginx openssh-server \
+    php7 php7-fpm php7-mbstring php7-curl php7-ctype php7-dom php7-gd php7-json php7-openssl php7-session php7-simplexml php7-xml php7-zip \
+    php7-apcu php7-opcache php7-pecl-yaml php7-sqlite3 php7-mysqli
+
+COPY rootfs-php74 /
+
+VOLUME [ "/data/www", "/ssh" ]
+
+ENV \
+  USERNAME=theuser \
+  PHP=none \
+  PUID=1000 \
+  PGID=1000 \
+  TZ=Etc/UTC
+
+ENTRYPOINT [ "/sbin/tini", "/app/entrypoint.sh" ]
--- a/rootfs-php74/app/entrypoint.sh
+++ b/rootfs-php74/app/entrypoint.sh
@ -0,0 +1,67 @@
+#!/bin/sh
+
+WEBROOT=/data/www
+PHP=${PHP:-none}
+USERNAME=${USERNAME:-theuser}
+PUID=${PUID:-1000}
+GROUPNAME=${GROUPNAME:-thegroup}
+PGID=${PGID:-1000}
+RANDOMPWD=$(tr -dc A-Za-z0-9 </dev/urandom | head -c 13)
+addgroup -g "${PGID}" "${GROUPNAME}"
+addgroup nginx "${GROUPNAME}"
+adduser -DH -h "${WEBROOT}" -G "${GROUPNAME}" -u "${PUID}" "${USERNAME}"
+printf '%s\n%s' "${RANDOMPWD}" "${RANDOMPWD}" | passwd "${USERNAME}"
+echo "password for the user \"${USERNAME}\" is: ${RANDOMPWD}"
+
+chown "${PUID}:${GROUPNAME}" "${WEBROOT}" -R
+find "${WEBROOT}" -type d -exec chmod 0755 {} \;
+find "${WEBROOT}" -type f -exec chmod 0644 {} \;
+
+FPM_MAX_CHILDREN=${FPM_MAX_CHILDREN:-5}
+FPM_START_SERVERS=${FPM_START_SERVERS:-1}
+FPM_MIN_SPARE_SERVERS=${FPM_MIN_SPARE_SERVERS:-1}
+FPM_MAX_SPARE_SERVERS=${FPM_MAX_SPARE_SERVERS:-3}
+
+# set php config
+case "${PHP}" in
+  "php7")
+    cat >"/etc/${PHP}/php-fpm-d/www.conf" <<EOF
+[www]
+user = ${USERNAME}
+group = ${GROUPNAME}
+listen = 127.0.0.1:9000
+pm = dynamic
+pm.max_children = ${FPM_MAX_CHILDREN}
+pm.start_servers = ${FPM_START_SERVERS}
+pm.min_spare_servers = ${FPM_MIN_SPARE_SERVERS}
+pm.max_spare_servers = ${FPM_MAX_SPARE_SERVERS}
+EOF
+    ;;
+    *) ;;
+esac
+
+# start php
+case "${PHP}" in
+    "php7") 
+      cp /app/nginx/php7.conf /etc/nginx/custom.d/
+      cp /app/nginx/default_php.conf /etc/nginx/http.d/default.conf
+      /usr/sbin/php-fpm7 -D
+      ;;
+    *)
+      cp /app/nginx/default_nophp.conf /etc/nginx/http.d/default.conf
+      ;;
+esac
+
+# start ssh
+for keytype in ecdsa rsa ed25519 ; do
+  if [ ! -r "/ssh/ssh_host_${keytype}_key" ] ; then
+    /usr/bin/ssh-keygen -t "${keytype}" -f "/ssh/ssh_host_${keytype}_key" -N ""
+  fi
+  chmod 0600 "/ssh/ssh_host_${keytype}_key"
+  chmod 0644 "/ssh/ssh_host_${keytype}_key.pub"
+done
+chmod 0700 "${WEBROOT}/.ssh"
+/usr/sbin/sshd -e
+
+# start nginx
+nginx
--- a/rootfs-php74/app/nginx/default_nophp.conf
+++ b/rootfs-php74/app/nginx/default_nophp.conf
@ -0,0 +1,33 @@
+error_log /dev/stdout info;
+access_log /dev/stdout;
+
+server {
+    listen 80 default_server;
+    listen [::]:80 default_server;
+    root   /data/www;
+    # server_name  localhost;
+
+    #access_log  /var/log/nginx/host.access.log  main;
+
+    location / {
+        index index.html index.htm;
+
+        # autoindex on;
+        # autoindex_exact_size off;
+        # autoindex_format html;
+        # autoindex_localtime on;
+    }
+
+    gzip on;
+    gzip_proxied any;
+    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript text/x-js image/x-icon font/woff2 font/woff application/x-font-woff;
+    gzip_vary on;
+    gzip_disable "msie6";
+
+    etag on;
+    if_modified_since exact;
+    add_header Pragma "public";
+    add_header Cache-Control "max-age=31536000, public";
+
+    include /etc/nginx/custom.d/*.conf;
+}
--- a/rootfs-php74/app/nginx/default_php.conf
+++ b/rootfs-php74/app/nginx/default_php.conf
@ -0,0 +1,33 @@
+error_log /dev/stdout info;
+access_log /dev/stdout;
+
+server {
+    listen 80 default_server;
+    listen [::]:80 default_server;
+    root   /data/www;
+    # server_name  localhost;
+
+    #access_log  /var/log/nginx/host.access.log  main;
+
+    location / {
+        index index.php index.html index.htm;
+
+        # autoindex on;
+        # autoindex_exact_size off;
+        # autoindex_format html;
+        # autoindex_localtime on;
+    }
+
+    gzip on;
+    gzip_proxied any;
+    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript text/x-js image/x-icon font/woff2 font/woff application/x-font-woff;
+    gzip_vary on;
+    gzip_disable "msie6";
+
+    etag on;
+    if_modified_since exact;
+    add_header Pragma "public";
+    add_header Cache-Control "max-age=31536000, public";
+
+    include /etc/nginx/custom.d/*.conf;
+}
--- a/rootfs-php74/app/nginx/php7.conf
+++ b/rootfs-php74/app/nginx/php7.conf
@ -0,0 +1,6 @@
+location ~ \.php$ {    
+    fastcgi_split_path_info     ^(.+\.php)(/.*)$;
+    fastcgi_pass                127.0.0.1:9000;
+    include                     fastcgi.conf;
+    fastcgi_param               SCRIPT_FILENAME $document_root$fastcgi_script_name;
+}
--- a/rootfs-php74/data/www/index.html
+++ b/rootfs-php74/data/www/index.html
@ -0,0 +1,23 @@
+<!DOCTYPE html>
+<html>
+<head>
+<title>Welcome to nginx!</title>
+<style>
+html { color-scheme: light dark; }
+body { width: 35em; margin: 0 auto;
+font-family: Tahoma, Verdana, Arial, sans-serif; }
+</style>
+</head>
+<body>
+<h1>Welcome to nginx!</h1>
+<p>If you see this page, the nginx web server is successfully installed and
+working. Further configuration is required.</p>
+
+<p>For online documentation and support please refer to
+<a href="http://nginx.org/">nginx.org</a>.<br/>
+Commercial support is available at
+<a href="http://nginx.com/">nginx.com</a>.</p>
+
+<p><em>Thank you for using nginx.</em></p>
+</body>
+</html>
--- a/rootfs-php74/etc/nginx/conf.d/nodaemon.conf
+++ b/rootfs-php74/etc/nginx/conf.d/nodaemon.conf
@ -0,0 +1 @@
+daemon off;
--- a/rootfs-php74/etc/nginx/custom.d/.placeholder
+++ b/rootfs-php74/etc/nginx/custom.d/.placeholder
--- a/rootfs-php74/etc/php7/php-fpm.d/errlog.conf
+++ b/rootfs-php74/etc/php7/php-fpm.d/errlog.conf
@ -0,0 +1 @@
+error_log = /dev/stderr
--- a/rootfs-php74/etc/ssh/sshd_config.d/port.conf
+++ b/rootfs-php74/etc/ssh/sshd_config.d/port.conf
@ -0,0 +1 @@
+Port 22
--- a/rootfs-php74/etc/ssh/sshd_config.d/sshd.conf
+++ b/rootfs-php74/etc/ssh/sshd_config.d/sshd.conf
@ -0,0 +1,24 @@
+HostKey /ssh/ssh_host_rsa_key
+HostKey /ssh/ssh_host_ecdsa_key
+HostKey /ssh/ssh_host_ed25519_key
+
+#SyslogFacility AUTH
+LogLevel INFO
+LoginGraceTime 1m
+PermitRootLogin no
+PubkeyAuthentication yes
+MaxAuthTries 3
+PrintMotd no
+
+AuthorizedKeysFile      /ssh/authorized_keys
+PasswordAuthentication no
+
+AllowAgentForwarding no
+AllowTcpForwarding no
+GatewayPorts no
+X11Forwarding no
+
+Subsystem       sftp    internal-sftp
+
+ChrootDirectory /data
+ForceCommand internal-sftp -d /data/www