From: Vincent Vanwaelscappel Date: Thu, 20 Apr 2023 19:16:48 +0000 (+0200) Subject: fix #5780 @4 X-Git-Url: http://git.cubedesigners.com/?a=commitdiff_plain;h=8d508f8328b6fac7894818201d255d07b03a2c9a;p=fluidbook-toolbox.git fix #5780 @4 --- diff --git a/.docker/docker-compose.yml b/.docker/docker-compose.yml index 58291d4cc..e31dd2a53 100644 --- a/.docker/docker-compose.yml +++ b/.docker/docker-compose.yml @@ -70,6 +70,7 @@ services: - '/home/toolbox/www/.docker/config/passwords:/root/passwords' # Cron - '/home/toolbox/www/.docker/config/cron/crontab:/etc/crontab' + # Rclone - '/home/toolbox/www/.docker/config/rclone.conf:/application/.config/rclone/rclone.conf' # PHP - '/home/toolbox/www/.docker/config/php.ini:/etc/php/8.1/fpm/conf.d/99-overrides.ini' diff --git a/app/Http/Controllers/Admin/Operations/Tools/DockerWebContainer.php b/app/Http/Controllers/Admin/Operations/Tools/DockerWebContainer.php index d28d53c12..508ec53eb 100644 --- a/app/Http/Controllers/Admin/Operations/Tools/DockerWebContainer.php +++ b/app/Http/Controllers/Admin/Operations/Tools/DockerWebContainer.php @@ -2,6 +2,8 @@ namespace App\Http\Controllers\Admin\Operations\Tools; +use App\Notifications\DownloadReady; +use App\Notifications\ToolboxNotification; use Cubist\Backpack\Magic\Fields\Checkbox; use Cubist\Backpack\Magic\Fields\SelectFromArray; use Cubist\Backpack\Magic\Fields\Text; @@ -32,7 +34,7 @@ trait DockerWebContainer // '7.2' => '7.2', // '7.3' => '7.3', '7.4' => '7.4', - '8.0' => '8.0', +// '8.0' => '8.0', '8.1' => '8.1', '8.2' => '8.2', ], 'value' => '8.2']); @@ -49,9 +51,13 @@ trait DockerWebContainer $variables = ['$name' => $name, '$portadminer' => rand(10000, 60000), '$port' => rand(10000, 60000), + '$sshport' => rand(10000, 60000), '$domain' => $request->get('domain', ''), '$dbpassword' => Str::random(16), - '$phpfpmimage' => 'php-fpm' + '$phpfpmimage' => 'php-fpm', + '$locale' => 'fr_FR', + '$localeshort' => 'fr', + '$sshpassword' => Str::random(16), ]; if (!$variables['$domain']) { @@ -70,13 +76,9 @@ trait DockerWebContainer if (version_compare($variables['$phpversion'], '7.3', '<=')) { $variables['$phpfpmimage'] = 'php-' . $variables['$phpversion'] . '-fpm'; } - } else { - `rm -rf $dir/phpdocker`; } if ($request->get('mysql', true)) { $compose[] = 'mysql'; - } else { - `rm -rf $dir/database`; } $compose[] = 'network'; $composeFileContent = ''; @@ -90,7 +92,25 @@ trait DockerWebContainer $tmpfile = Files::tempnam() . '.zip'; Zip::archive($tmp, $tmpfile); Files::rmdir($tmp); - return response()->download($tmpfile, $name . '.zip')->deleteFileAfterSend(true); + $res = response()->download($tmpfile, $name . '.zip')->deleteFileAfterSend(true); + $notification = __('Le container web :name a été crée avec les informations suivantes', ['name' => $variables['$name']]) . "\n"; + $infos = [ + 'URL' => 'https://' . $variables['$domain'] . '/', + __('Hôte et nom de base de données') => $variables['$name'] . '-mariadb', + __('Utilisateur de la base de données') => 'root', + __('Mot de passe de la base de données') => $variables['$dbpassword'], + 'Adminer' => 'https://adminer.' . $variables['$domain'] . '/', + __('Serveur SSH/SFTP') => $variables['$domain'], + __('Port') => $variables['$sshport'], + __('Utilisateur') => $variables['$name'], + __('Mot de passe') => $variables['$sshpassword'], + ]; + foreach ($infos as $k => $v) { + $notification .= '* ' . $k . ' : ' . $v . "\n"; + } + + backpack_user()->notify(new ToolboxNotification(__('Container :name web prêt', ['name' => $variables['$name']]), $notification, [], true)); + return $res; } } diff --git a/app/Notifications/DownloadReady.php b/app/Notifications/DownloadReady.php index 3fa23a9b7..903c974ba 100644 --- a/app/Notifications/DownloadReady.php +++ b/app/Notifications/DownloadReady.php @@ -2,117 +2,7 @@ namespace App\Notifications; -use Illuminate\Bus\Queueable; -use Illuminate\Notifications\Messages\MailMessage; -use Illuminate\Notifications\Notification; -use Illuminate\Support\HtmlString; -use NotificationChannels\WebPush\WebPushChannel; -use NotificationChannels\WebPush\WebPushMessage; - -class DownloadReady extends Notification +class DownloadReady extends ToolboxNotification { - use Queueable; - - protected $subject; - protected $text; - protected $actions = []; - protected $error = false; - protected $showTextIfNotEmail = false; - - /** - * Create a new notification instance. - * - * @return void - */ - public function __construct($subject = '', $text = '', $actions = [], $showTextIfNotEmail = false) - { - $this->subject = $subject; - $this->text = $text; - $this->actions = $actions; - $this->showTextIfNotEmail = $showTextIfNotEmail; - } - - /** - * Get the notification's delivery channels. - * - * @param mixed $notifiable - * @return array - */ - public function via($notifiable) - { - if ($notifiable->slack) { - if ($notifiable->id == 5) { - return ['database', FluidbookslackChannel::class, 'mail', WebPushChannel::class]; - } - return ['database', FluidbookslackChannel::class]; - } - return ['database', 'mail', WebPushChannel::class]; - } - - /** - * Get the mail representation of the notification. - * - * @param mixed $notifiable - * @return \Illuminate\Notifications\Messages\MailMessage - */ - public function toMail($notifiable) - { - $m = (new MailMessage)->greeting(__('Bonjour !')) - ->subject($this->subject); - if ($this->text) { - $m->line($this->text); - } - foreach ($this->actions as $label => $url) { - $m->line(new HtmlString($label . __(': ') . ' ' . $url . '')); - } - $m->salutation(new HtmlString(__('Cordialement,') . "
" . __('L\'équipe Fluidbook'))); - return $m; - - } - - public function toWebPush($notifiable) - { - $res = (new WebPushMessage) - ->title($this->subject) - ->icon('/images/icons/icon-notification.png') - ->lang($notifiable->locale) - ->options(['TTL' => 150]); - - foreach ($this->actions as $label => $url) { - $res->action($label, $url); - } - if ($this->showTextIfNotEmail) { - $res->body($this->text); - } - } - - /** - * Get the array representation of the notification. - * - * @param mixed $notifiable - * @return array - */ - public function toArray($notifiable) - { - - return [ - 'subject' => $this->subject, - 'text' => $this->text, - 'actions' => $this->actions, - ]; - } - - public function toSlack($notifiable) - { - return [ - 'subject' => $this->subject, - 'text' => $this->showTextIfNotEmail ? $this->text : '', - 'actions' => $this->actions, - ]; - } - - public function toDatabase($notifiable) - { - return $this->toSlack($notifiable); - } + } diff --git a/app/Notifications/ToolboxNotification.php b/app/Notifications/ToolboxNotification.php new file mode 100644 index 000000000..ec04fccee --- /dev/null +++ b/app/Notifications/ToolboxNotification.php @@ -0,0 +1,118 @@ +subject = $subject; + $this->text = $text; + $this->actions = $actions; + $this->showTextIfNotEmail = $showTextIfNotEmail; + } + + /** + * Get the notification's delivery channels. + * + * @param mixed $notifiable + * @return array + */ + public function via($notifiable) + { + if ($notifiable->slack) { + if ($notifiable->id == 5) { + return ['database', FluidbookslackChannel::class, 'mail', WebPushChannel::class]; + } + return ['database', FluidbookslackChannel::class]; + } + return ['database', 'mail', WebPushChannel::class]; + } + + /** + * Get the mail representation of the notification. + * + * @param mixed $notifiable + * @return \Illuminate\Notifications\Messages\MailMessage + */ + public function toMail($notifiable) + { + $m = (new MailMessage)->greeting(__('Bonjour !')) + ->subject($this->subject); + if ($this->text) { + $m->line(new HtmlString($this->text)); + } + foreach ($this->actions as $label => $url) { + $m->line(new HtmlString($label . __(': ') . ' ' . $url . '')); + } + $m->salutation(new HtmlString(__('Cordialement,') . "
" . __('L\'équipe Fluidbook'))); + return $m; + + } + + public function toWebPush($notifiable) + { + $res = (new WebPushMessage) + ->title($this->subject) + ->icon('/images/icons/icon-notification.png') + ->lang($notifiable->locale) + ->options(['TTL' => 150]); + + foreach ($this->actions as $label => $url) { + $res->action($label, $url); + } + if ($this->showTextIfNotEmail) { + $res->body($this->text); + } + } + + /** + * Get the array representation of the notification. + * + * @param mixed $notifiable + * @return array + */ + public function toArray($notifiable) + { + + return [ + 'subject' => $this->subject, + 'text' => $this->text, + 'actions' => $this->actions, + ]; + } + + public function toSlack($notifiable) + { + return [ + 'subject' => $this->subject, + 'text' => $this->showTextIfNotEmail ? $this->text : '', + 'actions' => $this->actions, + ]; + } + + public function toDatabase($notifiable) + { + return $this->toSlack($notifiable); + } +} diff --git a/resources/tools/dockerwebcontainer/base b/resources/tools/dockerwebcontainer/base index 39a9f499e..93716760f 100644 --- a/resources/tools/dockerwebcontainer/base +++ b/resources/tools/dockerwebcontainer/base @@ -2,11 +2,12 @@ version: '3.1' services: webserver: container_name: $name-httpd - image: 'httpd:alpine' + build: './images/httpd' working_dir: /application volumes: - './www/public/:/usr/local/apache2/htdocs/' - - './httpd/httpd.conf:/usr/local/apache2/conf/httpd.conf' + - './www/:/application/' + - './config/httpd/httpd.conf:/usr/local/apache2/conf/httpd.conf' ports: - '$port:80' environment: diff --git a/resources/tools/dockerwebcontainer/mysql b/resources/tools/dockerwebcontainer/mysql index 1ca45641e..12156207c 100644 --- a/resources/tools/dockerwebcontainer/mysql +++ b/resources/tools/dockerwebcontainer/mysql @@ -1,5 +1,5 @@ adminer: - image: adminer:latest + image: 'adminer:latest' container_name: $name-adminer restart: unless-stopped ports: @@ -12,13 +12,22 @@ - $name mariadb: container_name: $name-mariadb - image: 'mariadb' + image: 'mariadb:latest' restart: unless-stopped environment: MARIADB_ROOT_PASSWORD: $dbpassword MARIADB_DATABASE: $name + MARIADB_AUTO_UPGRADE: 1 volumes: - - "./database:/var/lib/mysql" - - "./dump.sql:/docker-entrypoint-initdb.d/dump.sql" + - "./database/dump.sql:/docker-entrypoint-initdb.d/dump.sql" + - "./database/scripts/:/usr/local/bin/scripts/" + - "./database/data:/var/lib/mysql" + - './config/mariadb:/etc/mysql/conf.d:z' networks: - $name + logging: + driver: json-file + options: + max-size: 10M + max-file: 10 + diff --git a/resources/tools/dockerwebcontainer/php b/resources/tools/dockerwebcontainer/php index 6d887acde..73757cba6 100644 --- a/resources/tools/dockerwebcontainer/php +++ b/resources/tools/dockerwebcontainer/php @@ -1,10 +1,32 @@ php-fpm: container_name: $name - build: phpdocker/$phpfpmimage + hostname: $name + build: './images/$phpfpmimage' working_dir: /application volumes: - - '/docker/$name/www:/application' - - '/docker/$name/phpdocker/$phpfpmimage/php-ini-overrides.ini:/etc/php/$phpversion/fpm/conf.d/99-overrides.ini' + # SSH + - './config/ssh/root/:/root/.ssh/' + - './config/ssh/user/:/application/.ssh/' + - './config/ssh/server/:/etc/ssh/' + # Rsyslog + - './config/rsyslog/rsyslog.conf:/etc/rsyslog.conf' + - './config/rsyslog/50-default.conf:/etc/rsyslog.d/50-default.conf' + # Composer + - './config/composer/:/root/.config/composer/' + - './config/composer/:/application/.config/composer/' + # Sudoers + - './config/sudoers:/etc/sudoers.d/toolbox' + - './images/$phpfpmimage/php-ini-overrides.ini:/etc/php/$phpversion/fpm/conf.d/99-overrides.ini' + # ImageMagick + - './config/imagemagick/policy.xml:/etc/ImageMagick-6/policy.xml' + # Passwords + - './config/passwords:/root/passwords' + # PHP + - './config/php.ini:/etc/php/$phpversion/fpm/conf.d/99-overrides.ini' + # Web path + - './www:/application' + ports: + - '$sshport:22' networks: - $name restart: unless-stopped diff --git a/resources/tools/dockerwebcontainer/template/config/composer/.htaccess b/resources/tools/dockerwebcontainer/template/config/composer/.htaccess new file mode 100644 index 000000000..14249c50b --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/config/composer/.htaccess @@ -0,0 +1 @@ +Deny from all \ No newline at end of file diff --git a/resources/tools/dockerwebcontainer/template/config/composer/auth.json b/resources/tools/dockerwebcontainer/template/config/composer/auth.json new file mode 100644 index 000000000..6b9274a8b --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/config/composer/auth.json @@ -0,0 +1,5 @@ +{ + "github-oauth": { + "github.com": "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" + } +} diff --git a/resources/tools/dockerwebcontainer/template/config/cron/crontab b/resources/tools/dockerwebcontainer/template/config/cron/crontab new file mode 100644 index 000000000..ea5e3f9a3 --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/config/cron/crontab @@ -0,0 +1,5 @@ +MAILTO=sysadmin@cubedesigners.com +SHELL=/bin/sh +PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin + + diff --git a/resources/tools/dockerwebcontainer/template/config/cron/host b/resources/tools/dockerwebcontainer/template/config/cron/host new file mode 100644 index 000000000..5b762862c --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/config/cron/host @@ -0,0 +1 @@ +3 4 * * * root /docker/$name/build >/dev/null 2>/dev/null diff --git a/resources/tools/dockerwebcontainer/template/config/httpd/httpd.conf b/resources/tools/dockerwebcontainer/template/config/httpd/httpd.conf new file mode 100644 index 000000000..7956e5fa0 --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/config/httpd/httpd.conf @@ -0,0 +1,559 @@ +# +# This is the main Apache HTTP server configuration file. It contains the +# configuration directives that give the server its instructions. +# See for detailed information. +# In particular, see +# +# for a discussion of each configuration directive. +# +# Do NOT simply read the instructions in here without understanding +# what they do. They're here only as hints or reminders. If you are unsure +# consult the online docs. You have been warned. +# +# Configuration and logfile names: If the filenames you specify for many +# of the server's control files begin with "/" (or "drive:/" for Win32), the +# server will use that explicit path. If the filenames do *not* begin +# with "/", the value of ServerRoot is prepended -- so "logs/access_log" +# with ServerRoot set to "/usr/local/apache2" will be interpreted by the +# server as "/usr/local/apache2/logs/access_log", whereas "/logs/access_log" +# will be interpreted as '/logs/access_log'. + +# +# ServerRoot: The top of the directory tree under which the server's +# configuration, error, and log files are kept. +# +# Do not add a slash at the end of the directory path. If you point +# ServerRoot at a non-local disk, be sure to specify a local disk on the +# Mutex directive, if file-based mutexes are used. If you wish to share the +# same ServerRoot for multiple httpd daemons, you will need to change at +# least PidFile. +# +ServerRoot "/usr/local/apache2" + +# +# Mutex: Allows you to set the mutex mechanism and mutex file directory +# for individual mutexes, or change the global defaults +# +# Uncomment and change the directory if mutexes are file-based and the default +# mutex file directory is not on a local disk or is not appropriate for some +# other reason. +# +# Mutex default:logs + +# +# Listen: Allows you to bind Apache to specific IP addresses and/or +# ports, instead of the default. See also the +# directive. +# +# Change this to Listen on specific IP addresses as shown below to +# prevent Apache from glomming onto all bound IP addresses. +# +#Listen 12.34.56.78:80 +Listen 80 + +# +# Dynamic Shared Object (DSO) Support +# +# To be able to use the functionality of a module which was built as a DSO you +# have to place corresponding `LoadModule' lines at this location so the +# directives contained in it are actually available _before_ they are used. +# Statically compiled modules (those listed by `httpd -l') do not need +# to be loaded here. +# +# Example: +# LoadModule foo_module modules/mod_foo.so +# +LoadModule mpm_event_module modules/mod_mpm_event.so +#LoadModule mpm_prefork_module modules/mod_mpm_prefork.so +#LoadModule mpm_worker_module modules/mod_mpm_worker.so +LoadModule authn_file_module modules/mod_authn_file.so +#LoadModule authn_dbm_module modules/mod_authn_dbm.so +#LoadModule authn_anon_module modules/mod_authn_anon.so +#LoadModule authn_dbd_module modules/mod_authn_dbd.so +#LoadModule authn_socache_module modules/mod_authn_socache.so +LoadModule authn_core_module modules/mod_authn_core.so +LoadModule authz_host_module modules/mod_authz_host.so +LoadModule authz_groupfile_module modules/mod_authz_groupfile.so +LoadModule authz_user_module modules/mod_authz_user.so +#LoadModule authz_dbm_module modules/mod_authz_dbm.so +#LoadModule authz_owner_module modules/mod_authz_owner.so +#LoadModule authz_dbd_module modules/mod_authz_dbd.so +LoadModule authz_core_module modules/mod_authz_core.so +#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so +#LoadModule authnz_fcgi_module modules/mod_authnz_fcgi.so +LoadModule access_compat_module modules/mod_access_compat.so +LoadModule auth_basic_module modules/mod_auth_basic.so +#LoadModule auth_form_module modules/mod_auth_form.so +#LoadModule auth_digest_module modules/mod_auth_digest.so +#LoadModule allowmethods_module modules/mod_allowmethods.so +#LoadModule isapi_module modules/mod_isapi.so +#LoadModule file_cache_module modules/mod_file_cache.so +#LoadModule cache_module modules/mod_cache.so +#LoadModule cache_disk_module modules/mod_cache_disk.so +#LoadModule cache_socache_module modules/mod_cache_socache.so +#LoadModule socache_shmcb_module modules/mod_socache_shmcb.so +#LoadModule socache_dbm_module modules/mod_socache_dbm.so +#LoadModule socache_memcache_module modules/mod_socache_memcache.so +#LoadModule socache_redis_module modules/mod_socache_redis.so +#LoadModule watchdog_module modules/mod_watchdog.so +#LoadModule macro_module modules/mod_macro.so +#LoadModule dbd_module modules/mod_dbd.so +#LoadModule bucketeer_module modules/mod_bucketeer.so +#LoadModule dumpio_module modules/mod_dumpio.so +#LoadModule echo_module modules/mod_echo.so +#LoadModule example_hooks_module modules/mod_example_hooks.so +#LoadModule case_filter_module modules/mod_case_filter.so +#LoadModule case_filter_in_module modules/mod_case_filter_in.so +#LoadModule example_ipc_module modules/mod_example_ipc.so +#LoadModule buffer_module modules/mod_buffer.so +#LoadModule data_module modules/mod_data.so +#LoadModule ratelimit_module modules/mod_ratelimit.so +LoadModule reqtimeout_module modules/mod_reqtimeout.so +#LoadModule ext_filter_module modules/mod_ext_filter.so +#LoadModule request_module modules/mod_request.so +#LoadModule include_module modules/mod_include.so +LoadModule filter_module modules/mod_filter.so +#LoadModule reflector_module modules/mod_reflector.so +#LoadModule substitute_module modules/mod_substitute.so +#LoadModule sed_module modules/mod_sed.so +#LoadModule charset_lite_module modules/mod_charset_lite.so +#LoadModule deflate_module modules/mod_deflate.so +#LoadModule xml2enc_module modules/mod_xml2enc.so +#LoadModule proxy_html_module modules/mod_proxy_html.so +#LoadModule brotli_module modules/mod_brotli.so +LoadModule mime_module modules/mod_mime.so +#LoadModule ldap_module modules/mod_ldap.so +LoadModule log_config_module modules/mod_log_config.so +#LoadModule log_debug_module modules/mod_log_debug.so +#LoadModule log_forensic_module modules/mod_log_forensic.so +#LoadModule logio_module modules/mod_logio.so +#LoadModule lua_module modules/mod_lua.so +LoadModule env_module modules/mod_env.so +#LoadModule mime_magic_module modules/mod_mime_magic.so +#LoadModule cern_meta_module modules/mod_cern_meta.so +#LoadModule expires_module modules/mod_expires.so +LoadModule headers_module modules/mod_headers.so +#LoadModule ident_module modules/mod_ident.so +#LoadModule usertrack_module modules/mod_usertrack.so +#LoadModule unique_id_module modules/mod_unique_id.so +LoadModule setenvif_module modules/mod_setenvif.so +LoadModule version_module modules/mod_version.so +LoadModule remoteip_module modules/mod_remoteip.so +LoadModule proxy_module modules/mod_proxy.so +#LoadModule proxy_connect_module modules/mod_proxy_connect.so +#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so +#LoadModule proxy_http_module modules/mod_proxy_http.so +LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so +#LoadModule proxy_scgi_module modules/mod_proxy_scgi.so +#LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so +#LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so +#LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so +#LoadModule proxy_ajp_module modules/mod_proxy_ajp.so +#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so +#LoadModule proxy_express_module modules/mod_proxy_express.so +#LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so +#LoadModule session_module modules/mod_session.so +#LoadModule session_cookie_module modules/mod_session_cookie.so +#LoadModule session_crypto_module modules/mod_session_crypto.so +#LoadModule session_dbd_module modules/mod_session_dbd.so +#LoadModule slotmem_shm_module modules/mod_slotmem_shm.so +#LoadModule slotmem_plain_module modules/mod_slotmem_plain.so +#LoadModule ssl_module modules/mod_ssl.so +#LoadModule optional_hook_export_module modules/mod_optional_hook_export.so +#LoadModule optional_hook_import_module modules/mod_optional_hook_import.so +#LoadModule optional_fn_import_module modules/mod_optional_fn_import.so +#LoadModule optional_fn_export_module modules/mod_optional_fn_export.so +#LoadModule dialup_module modules/mod_dialup.so +#LoadModule http2_module modules/mod_http2.so +#LoadModule proxy_http2_module modules/mod_proxy_http2.so +#LoadModule md_module modules/mod_md.so +#LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so +#LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so +#LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so +#LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so +LoadModule unixd_module modules/mod_unixd.so +#LoadModule heartbeat_module modules/mod_heartbeat.so +#LoadModule heartmonitor_module modules/mod_heartmonitor.so +#LoadModule dav_module modules/mod_dav.so +LoadModule status_module modules/mod_status.so +LoadModule autoindex_module modules/mod_autoindex.so +#LoadModule asis_module modules/mod_asis.so +#LoadModule info_module modules/mod_info.so +#LoadModule suexec_module modules/mod_suexec.so + + #LoadModule cgid_module modules/mod_cgid.so + + + #LoadModule cgi_module modules/mod_cgi.so + +#LoadModule dav_fs_module modules/mod_dav_fs.so +#LoadModule dav_lock_module modules/mod_dav_lock.so +#LoadModule vhost_alias_module modules/mod_vhost_alias.so +#LoadModule negotiation_module modules/mod_negotiation.so +LoadModule dir_module modules/mod_dir.so +#LoadModule imagemap_module modules/mod_imagemap.so +#LoadModule actions_module modules/mod_actions.so +#LoadModule speling_module modules/mod_speling.so +#LoadModule userdir_module modules/mod_userdir.so +LoadModule alias_module modules/mod_alias.so +LoadModule rewrite_module modules/mod_rewrite.so + +LoadModule xsendfile_module /usr/lib/apache2/modules/mod_xsendfile.so + + +# +# If you wish httpd to run as a different user or group, you must run +# httpd as root initially and it will switch. +# +# User/Group: The name (or #number) of the user/group to run httpd as. +# It is usually good practice to create a dedicated user and group for +# running httpd, as with most system services. +# +User www-data +Group www-data + + + +# 'Main' server configuration +# +# The directives in this section set up the values used by the 'main' +# server, which responds to any requests that aren't handled by a +# definition. These values also provide defaults for +# any containers you may define later in the file. +# +# All of these directives may appear inside containers, +# in which case these default settings will be overridden for the +# virtual host being defined. +# + +# +# ServerAdmin: Your address, where problems with the server should be +# e-mailed. This address appears on some server-generated pages, such +# as error documents. e.g. admin@your-domain.com +# +ServerAdmin you@example.com + +# +# ServerName gives the name and port that the server uses to identify itself. +# This can often be determined automatically, but we recommend you specify +# it explicitly to prevent problems during startup. +# +# If your host doesn't have a registered DNS name, enter its IP address here. +# +#ServerName www.example.com:80 + +# +# Deny access to the entirety of your server's filesystem. You must +# explicitly permit access to web content directories in other +# blocks below. +# + + AllowOverride none + Require all denied + + +# +# Note that from this point forward you must specifically allow +# particular features to be enabled - so if something's not working as +# you might expect, make sure that you have specifically enabled it +# below. +# + +# +# DocumentRoot: The directory out of which you will serve your +# documents. By default, all requests are taken from this directory, but +# symbolic links and aliases may be used to point to other locations. +# +DocumentRoot "/application/public" + + # + # Possible values for the Options directive are "None", "All", + # or any combination of: + # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews + # + # Note that "MultiViews" must be named *explicitly* --- "Options All" + # doesn't give it to you. + # + # The Options directive is both complicated and important. Please see + # http://httpd.apache.org/docs/2.4/mod/core.html#options + # for more information. + # + Options Indexes FollowSymLinks + + # + # AllowOverride controls what directives may be placed in .htaccess files. + # It can be "All", "None", or any combination of the keywords: + # AllowOverride FileInfo AuthConfig Limit + # + AllowOverride All + + # + # Controls who can get stuff from this server. + # + Require all granted + + +ProxyPassMatch ^/(.*\.php(/.*)?)$ "fcgi://$name:9000/application/public/$1" timeout=1800 + +XSendFile on +XSendFilePath /application + + +# +# DirectoryIndex: sets the file that Apache will serve if a directory +# is requested. +# + + DirectoryIndex index.html index.php + + +# +# The following lines prevent .htaccess and .htpasswd files from being +# viewed by Web clients. +# + + Require all denied + + +# +# ErrorLog: The location of the error log file. +# If you do not specify an ErrorLog directive within a +# container, error messages relating to that virtual host will be +# logged here. If you *do* define an error logfile for a +# container, that host's errors will be logged there and not here. +# +ErrorLog /proc/self/fd/2 + +# +# LogLevel: Control the number of messages logged to the error_log. +# Possible values include: debug, info, notice, warn, error, crit, +# alert, emerg. +# +LogLevel warn + + + # + # The following directives define some format nicknames for use with + # a CustomLog directive (see below). + # + LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined + LogFormat "%h %l %u %t \"%r\" %>s %b" common + + + # You need to enable mod_logio.c to use %I and %O + LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio + + + # + # The location and format of the access logfile (Common Logfile Format). + # If you do not define any access logfiles within a + # container, they will be logged here. Contrariwise, if you *do* + # define per- access logfiles, transactions will be + # logged therein and *not* in this file. + # + CustomLog /proc/self/fd/1 common + + # + # If you prefer a logfile with access, agent, and referer information + # (Combined Logfile Format) you can use the following directive. + # + #CustomLog "logs/access_log" combined + + + + # + # Redirect: Allows you to tell clients about documents that used to + # exist in your server's namespace, but do not anymore. The client + # will make a new request for the document at its new location. + # Example: + # Redirect permanent /foo http://www.example.com/bar + + # + # Alias: Maps web paths into filesystem paths and is used to + # access content that does not live under the DocumentRoot. + # Example: + # Alias /webpath /full/filesystem/path + # + # If you include a trailing / on /webpath then the server will + # require it to be present in the URL. You will also likely + # need to provide a section to allow access to + # the filesystem path. + + # + # ScriptAlias: This controls which directories contain server scripts. + # ScriptAliases are essentially the same as Aliases, except that + # documents in the target directory are treated as applications and + # run by the server when requested rather than as documents sent to the + # client. The same rules about trailing "/" apply to ScriptAlias + # directives as to Alias. + # + ScriptAlias /cgi-bin/ "/usr/local/apache2/cgi-bin/" + + + + + # + # ScriptSock: On threaded servers, designate the path to the UNIX + # socket used to communicate with the CGI daemon of mod_cgid. + # + #Scriptsock cgisock + + +# +# "/usr/local/apache2/cgi-bin" should be changed to whatever your ScriptAliased +# CGI directory exists, if you have that configured. +# + + AllowOverride None + Options None + Require all granted + + + + # + # Avoid passing HTTP_PROXY environment to CGI's on this or any proxied + # backend servers which have lingering "httpoxy" defects. + # 'Proxy' request header is undefined by the IETF, not listed by IANA + # + RequestHeader unset Proxy early + + + + # + # TypesConfig points to the file containing the list of mappings from + # filename extension to MIME-type. + # + TypesConfig conf/mime.types + + # + # AddType allows you to add to or override the MIME configuration + # file specified in TypesConfig for specific file types. + # + #AddType application/x-gzip .tgz + # + # AddEncoding allows you to have certain browsers uncompress + # information on the fly. Note: Not all browsers support this. + # + #AddEncoding x-compress .Z + #AddEncoding x-gzip .gz .tgz + # + # If the AddEncoding directives above are commented-out, then you + # probably should define those extensions to indicate media types: + # + AddType application/x-compress .Z + AddType application/x-gzip .gz .tgz + + # + # AddHandler allows you to map certain file extensions to "handlers": + # actions unrelated to filetype. These can be either built into the server + # or added with the Action directive (see below) + # + # To use CGI scripts outside of ScriptAliased directories: + # (You will also need to add "ExecCGI" to the "Options" directive.) + # + #AddHandler cgi-script .cgi + + # For type maps (negotiated resources): + #AddHandler type-map var + + # + # Filters allow you to process content before it is sent to the client. + # + # To parse .shtml files for server-side includes (SSI): + # (You will also need to add "Includes" to the "Options" directive.) + # + #AddType text/html .shtml + #AddOutputFilter INCLUDES .shtml + + +# +# The mod_mime_magic module allows the server to use various hints from the +# contents of the file itself to determine its type. The MIMEMagicFile +# directive tells the module where the hint definitions are located. +# +#MIMEMagicFile conf/magic + +# +# Customizable error responses come in three flavors: +# 1) plain text 2) local redirects 3) external redirects +# +# Some examples: +#ErrorDocument 500 "The server made a boo boo." +#ErrorDocument 404 /missing.html +#ErrorDocument 404 "/cgi-bin/missing_handler.pl" +#ErrorDocument 402 http://www.example.com/subscription_info.html +# + +# +# MaxRanges: Maximum number of Ranges in a request before +# returning the entire resource, or one of the special +# values 'default', 'none' or 'unlimited'. +# Default setting is to accept 200 Ranges. +#MaxRanges unlimited + +# +# EnableMMAP and EnableSendfile: On systems that support it, +# memory-mapping or the sendfile syscall may be used to deliver +# files. This usually improves server performance, but must +# be turned off when serving from networked-mounted +# filesystems or if support for these functions is otherwise +# broken on your system. +# Defaults: EnableMMAP On, EnableSendfile Off +# +#EnableMMAP off +#EnableSendfile on + +# Supplemental configuration +# +# The configuration files in the conf/extra/ directory can be +# included to add extra features or to modify the default configuration of +# the server, or you may simply copy their contents here and change as +# necessary. + +# Server-pool management (MPM specific) +#Include conf/extra/httpd-mpm.conf + +# Multi-language error messages +#Include conf/extra/httpd-multilang-errordoc.conf + +# Fancy directory listings +#Include conf/extra/httpd-autoindex.conf + +# Language settings +#Include conf/extra/httpd-languages.conf + +# User home directories +#Include conf/extra/httpd-userdir.conf + +# Real-time info on requests and configuration +#Include conf/extra/httpd-info.conf + +# Virtual hosts +#Include conf/extra/httpd-vhosts.conf + +# Local access to the Apache HTTP Server Manual +#Include conf/extra/httpd-manual.conf + +# Distributed authoring and versioning (WebDAV) +#Include conf/extra/httpd-dav.conf + +# Various default settings +#Include conf/extra/httpd-default.conf + +# Configure mod_proxy_html to understand HTML4/XHTML1 + +Include conf/extra/proxy-html.conf + + +# Secure (SSL/TLS) connections +#Include conf/extra/httpd-ssl.conf +# +# Note: The following must must be present to support +# starting without SSL on platforms with no /dev/random equivalent +# but a statically compiled-in mod_ssl. +# + +SSLRandomSeed startup builtin +SSLRandomSeed connect builtin + + diff --git a/resources/tools/dockerwebcontainer/template/config/imagemagick/policy.xml b/resources/tools/dockerwebcontainer/template/config/imagemagick/policy.xml new file mode 100644 index 000000000..cf31ee668 --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/config/imagemagick/policy.xml @@ -0,0 +1,96 @@ + + + + + + ]> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/resources/tools/dockerwebcontainer/template/config/mariadb/charset.cnf b/resources/tools/dockerwebcontainer/template/config/mariadb/charset.cnf new file mode 100644 index 000000000..a624a1170 --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/config/mariadb/charset.cnf @@ -0,0 +1,4 @@ +[mariadb] +collation-server = utf8mb4_unicode_ci +init-connect='SET NAMES utf8mb4' +character-set-server = utf8mb4 diff --git a/resources/tools/dockerwebcontainer/template/config/mariadb/connections.cnf b/resources/tools/dockerwebcontainer/template/config/mariadb/connections.cnf new file mode 100644 index 000000000..f623ae6ab --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/config/mariadb/connections.cnf @@ -0,0 +1,2 @@ +[mariadb] +max_connections = 1024 diff --git a/resources/tools/dockerwebcontainer/template/config/mariadb/finetuning.cnf b/resources/tools/dockerwebcontainer/template/config/mariadb/finetuning.cnf new file mode 100644 index 000000000..ea9762385 --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/config/mariadb/finetuning.cnf @@ -0,0 +1,16 @@ +[mariadb] + +skip-name-resolve + +key_buffer_size = 128M +max_allowed_packet = 512M +max_heap_table_size = 512M +tmp_table_size = 256M + +innodb_buffer_pool_size = 4G + +join_buffer_size = 32M +join_buffer_space_limit = 256M +join_cache_level = 12 + +query_cache_size = 256M diff --git a/resources/tools/dockerwebcontainer/template/config/mariadb/json.cnf b/resources/tools/dockerwebcontainer/template/config/mariadb/json.cnf new file mode 100644 index 000000000..a452aff44 --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/config/mariadb/json.cnf @@ -0,0 +1,3 @@ +[mariadb] +plugin-maturity=alpha +plugin-load-add=type_mysql_json diff --git a/resources/tools/dockerwebcontainer/template/config/mariadb/logs.cnf b/resources/tools/dockerwebcontainer/template/config/mariadb/logs.cnf new file mode 100644 index 000000000..2a54d170e --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/config/mariadb/logs.cnf @@ -0,0 +1,8 @@ +[mariadb] +skip-log-error + +general_log = 0 +general_log_file = /var/log/mysql/queries.log + +slow_query_log = 0 +slow_query_log_file = /var/log/mysql/slow_queries.log diff --git a/resources/tools/dockerwebcontainer/template/config/mariadb/sql_mode.cnf b/resources/tools/dockerwebcontainer/template/config/mariadb/sql_mode.cnf new file mode 100644 index 000000000..606395376 --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/config/mariadb/sql_mode.cnf @@ -0,0 +1,2 @@ +[mariadb] +sql_mode = ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION diff --git a/resources/tools/dockerwebcontainer/template/config/passwords b/resources/tools/dockerwebcontainer/template/config/passwords new file mode 100644 index 000000000..5f9db609a --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/config/passwords @@ -0,0 +1 @@ +$name:$sshpassword diff --git a/resources/tools/dockerwebcontainer/template/config/php.ini b/resources/tools/dockerwebcontainer/template/config/php.ini new file mode 100644 index 000000000..c0ef7ab55 --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/config/php.ini @@ -0,0 +1,6 @@ +upload_max_filesize = 8G +post_max_size = 8G +error_log = /proc/self/fd/2 +log_errors = 1 +memory_limit = 12G +max_input_vars = 1000000 diff --git a/resources/tools/dockerwebcontainer/template/config/rsyslog/50-default.conf b/resources/tools/dockerwebcontainer/template/config/rsyslog/50-default.conf new file mode 100644 index 000000000..f939a484b --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/config/rsyslog/50-default.conf @@ -0,0 +1,48 @@ +# Default rules for rsyslog. +# +# For more information see rsyslog.conf(5) and /etc/rsyslog.conf + +# +# First some standard log files. Log by facility. +# +auth,authpriv.* /var/log/auth.log +*.*;auth,authpriv.none -/var/log/syslog +#cron.* /var/log/cron.log +#daemon.* -/var/log/daemon.log +kern.* -/var/log/kern.log +#lpr.* -/var/log/lpr.log +mail.* -/var/log/mail.log +#user.* -/var/log/user.log + +# +# Logging for the mail system. Split it up so that +# it is easy to write scripts to parse these files. +# +#mail.info -/var/log/mail.info +#mail.warn -/var/log/mail.warn +mail.err /var/log/mail.err + +# +# Some "catch-all" log files. +# +#*.=debug;\ +# auth,authpriv.none;\ +# news.none;mail.none -/var/log/debug +#*.=info;*.=notice;*.=warn;\ +# auth,authpriv.none;\ +# cron,daemon.none;\ +# mail,news.none -/var/log/messages + +# +# Emergencies are sent to everybody logged in. +# +*.emerg :omusrmsg:* + +# +# I like to have messages displayed on the console, but only on a virtual +# console I usually leave idle. +# +#daemon,mail.*;\ +# news.=crit;news.=err;news.=notice;\ +# *.=debug;*.=info;\ +# *.=notice;*.=warn /dev/tty8 diff --git a/resources/tools/dockerwebcontainer/template/config/rsyslog/init.d b/resources/tools/dockerwebcontainer/template/config/rsyslog/init.d new file mode 100644 index 000000000..96ddd1499 --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/config/rsyslog/init.d @@ -0,0 +1,137 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: rsyslog +# Required-Start: $remote_fs $time +# Required-Stop: umountnfs $time +# X-Stop-After: sendsigs +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: enhanced syslogd +# Description: Rsyslog is an enhanced multi-threaded syslogd. +# It is quite compatible to stock sysklogd and can be +# used as a drop-in replacement. +### END INIT INFO + +# +# Author: Michael Biebl +# + +# PATH should only include /usr/* if it runs after the mountnfs.sh script +PATH=/sbin:/usr/sbin:/bin:/usr/bin +DESC="enhanced syslogd" +NAME=rsyslog + +RSYSLOGD=rsyslogd +RSYSLOGD_BIN=/usr/sbin/rsyslogd +RSYSLOGD_OPTIONS="-c5" +RSYSLOGD_PIDFILE=/var/run/rsyslogd.pid + +SCRIPTNAME=/etc/init.d/$NAME + +# Exit if the package is not installed +[ -x "$RSYSLOGD_BIN" ] || exit 0 + +# Read configuration variable file if it is present +[ -r /etc/default/$NAME ] && . /etc/default/$NAME + +# Define LSB log_* functions. +. /lib/lsb/init-functions + +do_start() +{ + DAEMON="$RSYSLOGD_BIN" + DAEMON_ARGS="$RSYSLOGD_OPTIONS" + PIDFILE="$RSYSLOGD_PIDFILE" + + # Return + # 0 if daemon has been started + # 1 if daemon was already running + # other if daemon could not be started or a failure occured + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- $DAEMON_ARGS +} + +do_stop() +{ + DAEMON="$RSYSLOGD_BIN" + PIDFILE="$RSYSLOGD_PIDFILE" + + # Return + # 0 if daemon has been stopped + # 1 if daemon was already stopped + # other if daemon could not be stopped or a failure occurred + start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --exec $DAEMON +} + +# +# Tell rsyslogd to close all open files +# +do_rotate() { + DAEMON="$RSYSLOGD_BIN" + PIDFILE="$RSYSLOGD_PIDFILE" + + start-stop-daemon --stop --signal HUP --quiet --pidfile $PIDFILE --exec $DAEMON +} + +create_xconsole() { + XCONSOLE=/dev/xconsole + if [ "$(uname -s)" != "Linux" ]; then + XCONSOLE=/run/xconsole + ln -sf $XCONSOLE /dev/xconsole + fi + if [ ! -e $XCONSOLE ]; then + mknod -m 640 $XCONSOLE p + chown root:adm $XCONSOLE + [ -x /sbin/restorecon ] && /sbin/restorecon $XCONSOLE + fi +} + +sendsigs_omit() { + OMITDIR=/run/sendsigs.omit.d + mkdir -p $OMITDIR + ln -sf $RSYSLOGD_PIDFILE $OMITDIR/rsyslog +} + +case "$1" in + start) + log_daemon_msg "Starting $DESC" "$RSYSLOGD" + create_xconsole + do_start + case "$?" in + 0) sendsigs_omit + log_end_msg 0 ;; + 1) log_progress_msg "already started" + log_end_msg 0 ;; + *) log_end_msg 1 ;; + esac + + ;; + stop) + log_daemon_msg "Stopping $DESC" "$RSYSLOGD" + do_stop + case "$?" in + 0) log_end_msg 0 ;; + 1) log_progress_msg "already stopped" + log_end_msg 0 ;; + *) log_end_msg 1 ;; + esac + + ;; + rotate) + log_daemon_msg "Closing open files" "$RSYSLOGD" + do_rotate + log_end_msg $? + ;; + restart|force-reload) + $0 stop + $0 start + ;; + status) + status_of_proc -p $RSYSLOGD_PIDFILE $RSYSLOGD_BIN $RSYSLOGD && exit 0 || exit $? + ;; + *) + echo "Usage: $SCRIPTNAME {start|stop|rotate|restart|force-reload|status}" >&2 + exit 3 + ;; +esac + +: \ No newline at end of file diff --git a/resources/tools/dockerwebcontainer/template/config/rsyslog/rsyslog.conf b/resources/tools/dockerwebcontainer/template/config/rsyslog/rsyslog.conf new file mode 100644 index 000000000..94bc18f26 --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/config/rsyslog/rsyslog.conf @@ -0,0 +1,60 @@ +# /etc/rsyslog.conf configuration file for rsyslog +# +# For more information install rsyslog-doc and see +# /usr/share/doc/rsyslog-doc/html/configuration/index.html +# +# Default logging rules can be found in /etc/rsyslog.d/50-default.conf + + +################# +#### MODULES #### +################# + +module(load="imuxsock") # provides support for local system logging +#module(load="immark") # provides --MARK-- message capability + +# provides UDP syslog reception +#module(load="imudp") +#input(type="imudp" port="514") + +# provides TCP syslog reception +#module(load="imtcp") +#input(type="imtcp" port="514") + +# provides kernel logging support and enable non-kernel klog messages +# module(load="imklog" permitnonkernelfacility="on") + + +########################### +#### GLOBAL DIRECTIVES #### +########################### + +# +# Use traditional timestamp format. +# To enable high precision timestamps, comment out the following line. +# +$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat + +# Filter duplicated messages +$RepeatedMsgReduction on + +# +# Set the default permissions for all log files. +# +$FileOwner syslog +$FileGroup adm +$FileCreateMode 0640 +$DirCreateMode 0755 +$Umask 0022 +$PrivDropToUser syslog +$PrivDropToGroup syslog + +# +# Where to place spool and state files +# +$WorkDirectory /var/spool/rsyslog + +# +# Include all config files in /etc/rsyslog.d/ +# +$IncludeConfig /etc/rsyslog.d/*.conf \ No newline at end of file diff --git a/resources/tools/dockerwebcontainer/template/config/ssh/root/authorized_keys2 b/resources/tools/dockerwebcontainer/template/config/ssh/root/authorized_keys2 new file mode 100644 index 000000000..c5de45b88 --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/config/ssh/root/authorized_keys2 @@ -0,0 +1,2 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAtabxRZZMjtmq+r8uXsBmfLgAtkxqwigGpx0e6Mx066ukIWIafFsguity6aV5QNI4UfxXnX3QXROcWeIiyLBV4yDGxuq7ah4r0X1CjqHUvHoGpXwJ2DIWPeaa8XyXnavmj0SNtKn0f1T+oJS0fcryUTLyxY7eOgNsr+pp1fVmgca9Efj0BKUXV/SUIjp8JX3x0/E/3PAqG81zus2SxzuOO1b0FKXDq43Gx6Ov3Ok7+Pje4G4pB56rJiiXlPxrBlY0e8Pz/7+kFF8izCiztJLtZig32Dx0HbLYGtSvIPJKYxK8DDD/RWWpL3mgNPYZ2PE3wHf4c7CTlxLCDP+NeRS1yQ== vincent+2021@cubedesigners.com +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDYAQ/tdQpfweVSyxgvF7hFtl4ax+0g8uI102LeH4NmZtzh85DmD3ccoN5UvAf3SOU6nTGLBN2i/YGRruYmm3PDDYBwyKmq3d1ZqUd8ItNfmTlVbRQme0qE6uOVfHgiejDqm9SS0kbI0lYi/BHp7sWK0UM18iE6NbsSgxw468FwBhtSiR78dw1yEhZQdtQDxusD6LbsGDsj37bV9YHFPVslzc6Bkf4fg9igm5YStCdmcYG86t0RUZDfHw6YGuIxXWkDRh1fpC6yj3Wv+n4+Zho5Bjlryg+YRhxFzno2VxgIeScIAernhUq3yy2whZU3jrWfXKfxutPmpCowl17ydcMXUr8Zt44RaYSVJI6V2lbw/B3HWW8BjkVmHlzDhulw4sJzWYoQOhiDLrUFprdF49CtYFrfsuVOx1IwETfnKKI0w5JqID+sa1iYCtgP9BdfO/H04iW3pFeaNhKW89c7GNZHhNuAS9x5wmcDpYiu2DH/ZIZIQ2wGKcyiZ0sMXQqBS4U= 33610@AYOR diff --git a/resources/tools/dockerwebcontainer/template/config/ssh/server/moduli b/resources/tools/dockerwebcontainer/template/config/ssh/server/moduli new file mode 100644 index 000000000..e69de29bb diff --git a/resources/tools/dockerwebcontainer/template/config/ssh/server/ssh_config b/resources/tools/dockerwebcontainer/template/config/ssh/server/ssh_config new file mode 100644 index 000000000..e69de29bb diff --git a/resources/tools/dockerwebcontainer/template/config/ssh/server/sshd_config b/resources/tools/dockerwebcontainer/template/config/ssh/server/sshd_config new file mode 100644 index 000000000..f9386d2a9 --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/config/ssh/server/sshd_config @@ -0,0 +1,115 @@ + +# This is the sshd server system-wide configuration file. See +# sshd_config(5) for more information. + +# This sshd was compiled with PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games + +# The strategy used for options in the default sshd_config shipped with +# OpenSSH is to specify options with their default value where +# possible, but leave them commented. Uncommented options override the +# default value. + +Include /etc/ssh/sshd_config.d/*.conf + +#Port 22 +#AddressFamily any +#ListenAddress 0.0.0.0 +#ListenAddress :: + +#HostKey /etc/ssh/ssh_host_rsa_key +#HostKey /etc/ssh/ssh_host_ecdsa_key +#HostKey /etc/ssh/ssh_host_ed25519_key + +# Ciphers and keying +#RekeyLimit default none + +# Logging +#SyslogFacility AUTH +#LogLevel INFO + +# Authentication: + +#LoginGraceTime 2m +#PermitRootLogin prohibit-password +#StrictModes yes +#MaxAuthTries 6 +#MaxSessions 10 + +#PubkeyAuthentication yes + +# Expect .ssh/authorized_keys2 to be disregarded by default in future. +#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2 + +#AuthorizedPrincipalsFile none + +#AuthorizedKeysCommand none +#AuthorizedKeysCommandUser nobody + +# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts +#HostbasedAuthentication no +# Change to yes if you don't trust ~/.ssh/known_hosts for +# HostbasedAuthentication +#IgnoreUserKnownHosts no +# Don't read the user's ~/.rhosts and ~/.shosts files +#IgnoreRhosts yes + +# To disable tunneled clear text passwords, change to no here! +#PasswordAuthentication yes +#PermitEmptyPasswords no + +# Change to yes to enable challenge-response passwords (beware issues with +# some PAM modules and threads) +KbdInteractiveAuthentication no + +# Kerberos options +#KerberosAuthentication no +#KerberosOrLocalPasswd yes +#KerberosTicketCleanup yes +#KerberosGetAFSToken no + +# GSSAPI options +#GSSAPIAuthentication no +#GSSAPICleanupCredentials yes +#GSSAPIStrictAcceptorCheck yes +#GSSAPIKeyExchange no + +# Set this to 'yes' to enable PAM authentication, account processing, +# and session processing. If this is enabled, PAM authentication will +# be allowed through the KbdInteractiveAuthentication and +# PasswordAuthentication. Depending on your PAM configuration, +# PAM authentication via KbdInteractiveAuthentication may bypass +# the setting of "PermitRootLogin without-password". +# If you just want the PAM account and session checks to run without +# PAM authentication, then enable this but set PasswordAuthentication +# and KbdInteractiveAuthentication to 'no'. +UsePAM yes + +#AllowAgentForwarding yes +#AllowTcpForwarding yes +#GatewayPorts no +X11Forwarding yes +#X11DisplayOffset 10 +#X11UseLocalhost yes +#PermitTTY yes +PrintMotd no +#PrintLastLog yes +#TCPKeepAlive yes +#PermitUserEnvironment no +#Compression delayed +#ClientAliveInterval 0 +#ClientAliveCountMax 3 +#UseDNS no +#PidFile /run/sshd.pid +#MaxStartups 10:30:100 +#PermitTunnel no +#ChrootDirectory none +#VersionAddendum none + +# no default banner path +#Banner none + +# Allow client to pass locale environment variables +AcceptEnv LANG LC_* + +# override default of no subsystems +Subsystem sftp /usr/lib/openssh/sftp-server diff --git a/resources/tools/dockerwebcontainer/template/config/ssh/user/authorized_keys2 b/resources/tools/dockerwebcontainer/template/config/ssh/user/authorized_keys2 new file mode 100644 index 000000000..c5de45b88 --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/config/ssh/user/authorized_keys2 @@ -0,0 +1,2 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAtabxRZZMjtmq+r8uXsBmfLgAtkxqwigGpx0e6Mx066ukIWIafFsguity6aV5QNI4UfxXnX3QXROcWeIiyLBV4yDGxuq7ah4r0X1CjqHUvHoGpXwJ2DIWPeaa8XyXnavmj0SNtKn0f1T+oJS0fcryUTLyxY7eOgNsr+pp1fVmgca9Efj0BKUXV/SUIjp8JX3x0/E/3PAqG81zus2SxzuOO1b0FKXDq43Gx6Ov3Ok7+Pje4G4pB56rJiiXlPxrBlY0e8Pz/7+kFF8izCiztJLtZig32Dx0HbLYGtSvIPJKYxK8DDD/RWWpL3mgNPYZ2PE3wHf4c7CTlxLCDP+NeRS1yQ== vincent+2021@cubedesigners.com +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDYAQ/tdQpfweVSyxgvF7hFtl4ax+0g8uI102LeH4NmZtzh85DmD3ccoN5UvAf3SOU6nTGLBN2i/YGRruYmm3PDDYBwyKmq3d1ZqUd8ItNfmTlVbRQme0qE6uOVfHgiejDqm9SS0kbI0lYi/BHp7sWK0UM18iE6NbsSgxw468FwBhtSiR78dw1yEhZQdtQDxusD6LbsGDsj37bV9YHFPVslzc6Bkf4fg9igm5YStCdmcYG86t0RUZDfHw6YGuIxXWkDRh1fpC6yj3Wv+n4+Zho5Bjlryg+YRhxFzno2VxgIeScIAernhUq3yy2whZU3jrWfXKfxutPmpCowl17ydcMXUr8Zt44RaYSVJI6V2lbw/B3HWW8BjkVmHlzDhulw4sJzWYoQOhiDLrUFprdF49CtYFrfsuVOx1IwETfnKKI0w5JqID+sa1iYCtgP9BdfO/H04iW3pFeaNhKW89c7GNZHhNuAS9x5wmcDpYiu2DH/ZIZIQ2wGKcyiZ0sMXQqBS4U= 33610@AYOR diff --git a/resources/tools/dockerwebcontainer/template/config/sudoers b/resources/tools/dockerwebcontainer/template/config/sudoers new file mode 100644 index 000000000..d7663ef75 --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/config/sudoers @@ -0,0 +1 @@ +toolbox ALL=(ALL) NOPASSWD:ALL diff --git a/resources/tools/dockerwebcontainer/template/httpd/httpd.conf b/resources/tools/dockerwebcontainer/template/httpd/httpd.conf deleted file mode 100644 index 10f77b655..000000000 --- a/resources/tools/dockerwebcontainer/template/httpd/httpd.conf +++ /dev/null @@ -1,554 +0,0 @@ -# -# This is the main Apache HTTP server configuration file. It contains the -# configuration directives that give the server its instructions. -# See for detailed information. -# In particular, see -# -# for a discussion of each configuration directive. -# -# Do NOT simply read the instructions in here without understanding -# what they do. They're here only as hints or reminders. If you are unsure -# consult the online docs. You have been warned. -# -# Configuration and logfile names: If the filenames you specify for many -# of the server's control files begin with "/" (or "drive:/" for Win32), the -# server will use that explicit path. If the filenames do *not* begin -# with "/", the value of ServerRoot is prepended -- so "logs/access_log" -# with ServerRoot set to "/usr/local/apache2" will be interpreted by the -# server as "/usr/local/apache2/logs/access_log", whereas "/logs/access_log" -# will be interpreted as '/logs/access_log'. - -# -# ServerRoot: The top of the directory tree under which the server's -# configuration, error, and log files are kept. -# -# Do not add a slash at the end of the directory path. If you point -# ServerRoot at a non-local disk, be sure to specify a local disk on the -# Mutex directive, if file-based mutexes are used. If you wish to share the -# same ServerRoot for multiple httpd daemons, you will need to change at -# least PidFile. -# -ServerRoot "/usr/local/apache2" - -# -# Mutex: Allows you to set the mutex mechanism and mutex file directory -# for individual mutexes, or change the global defaults -# -# Uncomment and change the directory if mutexes are file-based and the default -# mutex file directory is not on a local disk or is not appropriate for some -# other reason. -# -# Mutex default:logs - -# -# Listen: Allows you to bind Apache to specific IP addresses and/or -# ports, instead of the default. See also the -# directive. -# -# Change this to Listen on specific IP addresses as shown below to -# prevent Apache from glomming onto all bound IP addresses. -# -#Listen 12.34.56.78:80 -Listen 80 - -# -# Dynamic Shared Object (DSO) Support -# -# To be able to use the functionality of a module which was built as a DSO you -# have to place corresponding `LoadModule' lines at this location so the -# directives contained in it are actually available _before_ they are used. -# Statically compiled modules (those listed by `httpd -l') do not need -# to be loaded here. -# -# Example: -# LoadModule foo_module modules/mod_foo.so -# -LoadModule mpm_event_module modules/mod_mpm_event.so -#LoadModule mpm_prefork_module modules/mod_mpm_prefork.so -#LoadModule mpm_worker_module modules/mod_mpm_worker.so -LoadModule authn_file_module modules/mod_authn_file.so -#LoadModule authn_dbm_module modules/mod_authn_dbm.so -#LoadModule authn_anon_module modules/mod_authn_anon.so -#LoadModule authn_dbd_module modules/mod_authn_dbd.so -#LoadModule authn_socache_module modules/mod_authn_socache.so -LoadModule authn_core_module modules/mod_authn_core.so -LoadModule authz_host_module modules/mod_authz_host.so -LoadModule authz_groupfile_module modules/mod_authz_groupfile.so -LoadModule authz_user_module modules/mod_authz_user.so -#LoadModule authz_dbm_module modules/mod_authz_dbm.so -#LoadModule authz_owner_module modules/mod_authz_owner.so -#LoadModule authz_dbd_module modules/mod_authz_dbd.so -LoadModule authz_core_module modules/mod_authz_core.so -#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so -#LoadModule authnz_fcgi_module modules/mod_authnz_fcgi.so -LoadModule access_compat_module modules/mod_access_compat.so -LoadModule auth_basic_module modules/mod_auth_basic.so -#LoadModule auth_form_module modules/mod_auth_form.so -#LoadModule auth_digest_module modules/mod_auth_digest.so -#LoadModule allowmethods_module modules/mod_allowmethods.so -#LoadModule isapi_module modules/mod_isapi.so -#LoadModule file_cache_module modules/mod_file_cache.so -#LoadModule cache_module modules/mod_cache.so -#LoadModule cache_disk_module modules/mod_cache_disk.so -#LoadModule cache_socache_module modules/mod_cache_socache.so -#LoadModule socache_shmcb_module modules/mod_socache_shmcb.so -#LoadModule socache_dbm_module modules/mod_socache_dbm.so -#LoadModule socache_memcache_module modules/mod_socache_memcache.so -#LoadModule socache_redis_module modules/mod_socache_redis.so -#LoadModule watchdog_module modules/mod_watchdog.so -#LoadModule macro_module modules/mod_macro.so -#LoadModule dbd_module modules/mod_dbd.so -#LoadModule bucketeer_module modules/mod_bucketeer.so -#LoadModule dumpio_module modules/mod_dumpio.so -#LoadModule echo_module modules/mod_echo.so -#LoadModule example_hooks_module modules/mod_example_hooks.so -#LoadModule case_filter_module modules/mod_case_filter.so -#LoadModule case_filter_in_module modules/mod_case_filter_in.so -#LoadModule example_ipc_module modules/mod_example_ipc.so -#LoadModule buffer_module modules/mod_buffer.so -#LoadModule data_module modules/mod_data.so -#LoadModule ratelimit_module modules/mod_ratelimit.so -LoadModule reqtimeout_module modules/mod_reqtimeout.so -#LoadModule ext_filter_module modules/mod_ext_filter.so -#LoadModule request_module modules/mod_request.so -#LoadModule include_module modules/mod_include.so -LoadModule filter_module modules/mod_filter.so -#LoadModule reflector_module modules/mod_reflector.so -#LoadModule substitute_module modules/mod_substitute.so -#LoadModule sed_module modules/mod_sed.so -#LoadModule charset_lite_module modules/mod_charset_lite.so -#LoadModule deflate_module modules/mod_deflate.so -#LoadModule xml2enc_module modules/mod_xml2enc.so -#LoadModule proxy_html_module modules/mod_proxy_html.so -#LoadModule brotli_module modules/mod_brotli.so -LoadModule mime_module modules/mod_mime.so -#LoadModule ldap_module modules/mod_ldap.so -LoadModule log_config_module modules/mod_log_config.so -#LoadModule log_debug_module modules/mod_log_debug.so -#LoadModule log_forensic_module modules/mod_log_forensic.so -#LoadModule logio_module modules/mod_logio.so -#LoadModule lua_module modules/mod_lua.so -LoadModule env_module modules/mod_env.so -#LoadModule mime_magic_module modules/mod_mime_magic.so -#LoadModule cern_meta_module modules/mod_cern_meta.so -#LoadModule expires_module modules/mod_expires.so -LoadModule headers_module modules/mod_headers.so -#LoadModule ident_module modules/mod_ident.so -#LoadModule usertrack_module modules/mod_usertrack.so -#LoadModule unique_id_module modules/mod_unique_id.so -LoadModule setenvif_module modules/mod_setenvif.so -LoadModule version_module modules/mod_version.so -LoadModule remoteip_module modules/mod_remoteip.so -LoadModule proxy_module modules/mod_proxy.so -#LoadModule proxy_connect_module modules/mod_proxy_connect.so -#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so -#LoadModule proxy_http_module modules/mod_proxy_http.so -LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so -#LoadModule proxy_scgi_module modules/mod_proxy_scgi.so -#LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so -#LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so -#LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so -#LoadModule proxy_ajp_module modules/mod_proxy_ajp.so -#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so -#LoadModule proxy_express_module modules/mod_proxy_express.so -#LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so -#LoadModule session_module modules/mod_session.so -#LoadModule session_cookie_module modules/mod_session_cookie.so -#LoadModule session_crypto_module modules/mod_session_crypto.so -#LoadModule session_dbd_module modules/mod_session_dbd.so -#LoadModule slotmem_shm_module modules/mod_slotmem_shm.so -#LoadModule slotmem_plain_module modules/mod_slotmem_plain.so -#LoadModule ssl_module modules/mod_ssl.so -#LoadModule optional_hook_export_module modules/mod_optional_hook_export.so -#LoadModule optional_hook_import_module modules/mod_optional_hook_import.so -#LoadModule optional_fn_import_module modules/mod_optional_fn_import.so -#LoadModule optional_fn_export_module modules/mod_optional_fn_export.so -#LoadModule dialup_module modules/mod_dialup.so -#LoadModule http2_module modules/mod_http2.so -#LoadModule proxy_http2_module modules/mod_proxy_http2.so -#LoadModule md_module modules/mod_md.so -#LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so -#LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so -#LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so -#LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so -LoadModule unixd_module modules/mod_unixd.so -#LoadModule heartbeat_module modules/mod_heartbeat.so -#LoadModule heartmonitor_module modules/mod_heartmonitor.so -#LoadModule dav_module modules/mod_dav.so -LoadModule status_module modules/mod_status.so -LoadModule autoindex_module modules/mod_autoindex.so -#LoadModule asis_module modules/mod_asis.so -#LoadModule info_module modules/mod_info.so -#LoadModule suexec_module modules/mod_suexec.so - - #LoadModule cgid_module modules/mod_cgid.so - - - #LoadModule cgi_module modules/mod_cgi.so - -#LoadModule dav_fs_module modules/mod_dav_fs.so -#LoadModule dav_lock_module modules/mod_dav_lock.so -#LoadModule vhost_alias_module modules/mod_vhost_alias.so -#LoadModule negotiation_module modules/mod_negotiation.so -LoadModule dir_module modules/mod_dir.so -#LoadModule imagemap_module modules/mod_imagemap.so -#LoadModule actions_module modules/mod_actions.so -#LoadModule speling_module modules/mod_speling.so -#LoadModule userdir_module modules/mod_userdir.so -LoadModule alias_module modules/mod_alias.so -LoadModule rewrite_module modules/mod_rewrite.so - - -# -# If you wish httpd to run as a different user or group, you must run -# httpd as root initially and it will switch. -# -# User/Group: The name (or #number) of the user/group to run httpd as. -# It is usually good practice to create a dedicated user and group for -# running httpd, as with most system services. -# -User www-data -Group www-data - - - -# 'Main' server configuration -# -# The directives in this section set up the values used by the 'main' -# server, which responds to any requests that aren't handled by a -# definition. These values also provide defaults for -# any containers you may define later in the file. -# -# All of these directives may appear inside containers, -# in which case these default settings will be overridden for the -# virtual host being defined. -# - -# -# ServerAdmin: Your address, where problems with the server should be -# e-mailed. This address appears on some server-generated pages, such -# as error documents. e.g. admin@your-domain.com -# -ServerAdmin you@example.com - -# -# ServerName gives the name and port that the server uses to identify itself. -# This can often be determined automatically, but we recommend you specify -# it explicitly to prevent problems during startup. -# -# If your host doesn't have a registered DNS name, enter its IP address here. -# -#ServerName www.example.com:80 - -# -# Deny access to the entirety of your server's filesystem. You must -# explicitly permit access to web content directories in other -# blocks below. -# - - AllowOverride none - Require all denied - - -# -# Note that from this point forward you must specifically allow -# particular features to be enabled - so if something's not working as -# you might expect, make sure that you have specifically enabled it -# below. -# - -# -# DocumentRoot: The directory out of which you will serve your -# documents. By default, all requests are taken from this directory, but -# symbolic links and aliases may be used to point to other locations. -# -DocumentRoot "/usr/local/apache2/htdocs" - - # - # Possible values for the Options directive are "None", "All", - # or any combination of: - # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews - # - # Note that "MultiViews" must be named *explicitly* --- "Options All" - # doesn't give it to you. - # - # The Options directive is both complicated and important. Please see - # http://httpd.apache.org/docs/2.4/mod/core.html#options - # for more information. - # - Options Indexes FollowSymLinks - - # - # AllowOverride controls what directives may be placed in .htaccess files. - # It can be "All", "None", or any combination of the keywords: - # AllowOverride FileInfo AuthConfig Limit - # - AllowOverride All - - # - # Controls who can get stuff from this server. - # - Require all granted - - -RemoteIPHeader X-Forwarded-For -ProxyPassMatch ^/(.*\.php(/.*)?)$ "fcgi://$name:9000/application/$1" timeout=1800 - -# -# DirectoryIndex: sets the file that Apache will serve if a directory -# is requested. -# - - DirectoryIndex index.html index.php - - -# -# The following lines prevent .htaccess and .htpasswd files from being -# viewed by Web clients. -# - - Require all denied - - -# -# ErrorLog: The location of the error log file. -# If you do not specify an ErrorLog directive within a -# container, error messages relating to that virtual host will be -# logged here. If you *do* define an error logfile for a -# container, that host's errors will be logged there and not here. -# -ErrorLog /proc/self/fd/2 - -# -# LogLevel: Control the number of messages logged to the error_log. -# Possible values include: debug, info, notice, warn, error, crit, -# alert, emerg. -# -LogLevel warn - - - # - # The following directives define some format nicknames for use with - # a CustomLog directive (see below). - # - LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined - LogFormat "%h %l %u %t \"%r\" %>s %b" common - - - # You need to enable mod_logio.c to use %I and %O - LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio - - - # - # The location and format of the access logfile (Common Logfile Format). - # If you do not define any access logfiles within a - # container, they will be logged here. Contrariwise, if you *do* - # define per- access logfiles, transactions will be - # logged therein and *not* in this file. - # - CustomLog /proc/self/fd/1 common - - # - # If you prefer a logfile with access, agent, and referer information - # (Combined Logfile Format) you can use the following directive. - # - #CustomLog "logs/access_log" combined - - - - # - # Redirect: Allows you to tell clients about documents that used to - # exist in your server's namespace, but do not anymore. The client - # will make a new request for the document at its new location. - # Example: - # Redirect permanent /foo http://www.example.com/bar - - # - # Alias: Maps web paths into filesystem paths and is used to - # access content that does not live under the DocumentRoot. - # Example: - # Alias /webpath /full/filesystem/path - # - # If you include a trailing / on /webpath then the server will - # require it to be present in the URL. You will also likely - # need to provide a section to allow access to - # the filesystem path. - - # - # ScriptAlias: This controls which directories contain server scripts. - # ScriptAliases are essentially the same as Aliases, except that - # documents in the target directory are treated as applications and - # run by the server when requested rather than as documents sent to the - # client. The same rules about trailing "/" apply to ScriptAlias - # directives as to Alias. - # - ScriptAlias /cgi-bin/ "/usr/local/apache2/cgi-bin/" - - - - - # - # ScriptSock: On threaded servers, designate the path to the UNIX - # socket used to communicate with the CGI daemon of mod_cgid. - # - #Scriptsock cgisock - - -# -# "/usr/local/apache2/cgi-bin" should be changed to whatever your ScriptAliased -# CGI directory exists, if you have that configured. -# - - AllowOverride None - Options None - Require all granted - - - - # - # Avoid passing HTTP_PROXY environment to CGI's on this or any proxied - # backend servers which have lingering "httpoxy" defects. - # 'Proxy' request header is undefined by the IETF, not listed by IANA - # - RequestHeader unset Proxy early - - - - # - # TypesConfig points to the file containing the list of mappings from - # filename extension to MIME-type. - # - TypesConfig conf/mime.types - - # - # AddType allows you to add to or override the MIME configuration - # file specified in TypesConfig for specific file types. - # - #AddType application/x-gzip .tgz - # - # AddEncoding allows you to have certain browsers uncompress - # information on the fly. Note: Not all browsers support this. - # - #AddEncoding x-compress .Z - #AddEncoding x-gzip .gz .tgz - # - # If the AddEncoding directives above are commented-out, then you - # probably should define those extensions to indicate media types: - # - AddType application/x-compress .Z - AddType application/x-gzip .gz .tgz - - # - # AddHandler allows you to map certain file extensions to "handlers": - # actions unrelated to filetype. These can be either built into the server - # or added with the Action directive (see below) - # - # To use CGI scripts outside of ScriptAliased directories: - # (You will also need to add "ExecCGI" to the "Options" directive.) - # - #AddHandler cgi-script .cgi - - # For type maps (negotiated resources): - #AddHandler type-map var - - # - # Filters allow you to process content before it is sent to the client. - # - # To parse .shtml files for server-side includes (SSI): - # (You will also need to add "Includes" to the "Options" directive.) - # - #AddType text/html .shtml - #AddOutputFilter INCLUDES .shtml - - -# -# The mod_mime_magic module allows the server to use various hints from the -# contents of the file itself to determine its type. The MIMEMagicFile -# directive tells the module where the hint definitions are located. -# -#MIMEMagicFile conf/magic - -# -# Customizable error responses come in three flavors: -# 1) plain text 2) local redirects 3) external redirects -# -# Some examples: -#ErrorDocument 500 "The server made a boo boo." -#ErrorDocument 404 /missing.html -#ErrorDocument 404 "/cgi-bin/missing_handler.pl" -#ErrorDocument 402 http://www.example.com/subscription_info.html -# - -# -# MaxRanges: Maximum number of Ranges in a request before -# returning the entire resource, or one of the special -# values 'default', 'none' or 'unlimited'. -# Default setting is to accept 200 Ranges. -#MaxRanges unlimited - -# -# EnableMMAP and EnableSendfile: On systems that support it, -# memory-mapping or the sendfile syscall may be used to deliver -# files. This usually improves server performance, but must -# be turned off when serving from networked-mounted -# filesystems or if support for these functions is otherwise -# broken on your system. -# Defaults: EnableMMAP On, EnableSendfile Off -# -#EnableMMAP off -#EnableSendfile on - -# Supplemental configuration -# -# The configuration files in the conf/extra/ directory can be -# included to add extra features or to modify the default configuration of -# the server, or you may simply copy their contents here and change as -# necessary. - -# Server-pool management (MPM specific) -#Include conf/extra/httpd-mpm.conf - -# Multi-language error messages -#Include conf/extra/httpd-multilang-errordoc.conf - -# Fancy directory listings -#Include conf/extra/httpd-autoindex.conf - -# Language settings -#Include conf/extra/httpd-languages.conf - -# User home directories -#Include conf/extra/httpd-userdir.conf - -# Real-time info on requests and configuration -#Include conf/extra/httpd-info.conf - -# Virtual hosts -#Include conf/extra/httpd-vhosts.conf - -# Local access to the Apache HTTP Server Manual -#Include conf/extra/httpd-manual.conf - -# Distributed authoring and versioning (WebDAV) -#Include conf/extra/httpd-dav.conf - -# Various default settings -#Include conf/extra/httpd-default.conf - -# Configure mod_proxy_html to understand HTML4/XHTML1 - -Include conf/extra/proxy-html.conf - - -# Secure (SSL/TLS) connections -#Include conf/extra/httpd-ssl.conf -# -# Note: The following must must be present to support -# starting without SSL on platforms with no /dev/random equivalent -# but a statically compiled-in mod_ssl. -# - -SSLRandomSeed startup builtin -SSLRandomSeed connect builtin - - diff --git a/resources/tools/dockerwebcontainer/template/images/httpd/Dockerfile b/resources/tools/dockerwebcontainer/template/images/httpd/Dockerfile new file mode 100644 index 000000000..aab8bc21c --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/images/httpd/Dockerfile @@ -0,0 +1,3 @@ +FROM httpd +RUN apt-get update && apt-get install -y --no-install-recommends nano less bash libapache2-mod-xsendfile +RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/share/doc/* diff --git a/resources/tools/dockerwebcontainer/template/images/php-5.6-fpm/Dockerfile b/resources/tools/dockerwebcontainer/template/images/php-5.6-fpm/Dockerfile new file mode 100644 index 000000000..94587999a --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/images/php-5.6-fpm/Dockerfile @@ -0,0 +1,81 @@ +FROM ubuntu:bionic AS cli + +WORKDIR "/application" + +# Fixes some weird terminal issues such as broken clear / CTRL+L +ENV TERM=linux + +# Install Ondrej repos for Ubuntu Bionic, PHP7.2, composer and selected extensions - better selection than +# the distro's packages +RUN apt-get update \ + && apt-get install -y --no-install-recommends gnupg \ + && echo "deb http://ppa.launchpad.net/ondrej/php/ubuntu bionic main" > /etc/apt/sources.list.d/ondrej-php.list \ + && apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 4F4EA0AAE5267A6C \ + && apt-get update \ + && apt-get update \ + && apt-get -y --no-install-recommends install \ + curl \ + ca-certificates \ + unzip \ + php5.6-cli \ + php5.6-curl \ + php5.6-json \ + php5.6-mbstring \ + php5.6-opcache \ + php5.6-readline \ + php5.6-xml \ + php5.6-zip \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/share/doc/* + +COPY --from=composer:2 /usr/bin/composer /usr/bin/composer + +CMD ["php", "-a"] + +# If you'd like to be able to use this container on a docker-compose environment as a quiescent PHP CLI container +# you can /bin/bash into, override CMD with the following - bear in mind that this will make docker-compose stop +# slow on such a container, docker-compose kill might do if you're in a hurry +# CMD ["tail", "-f", "/dev/null"] + +FROM cli AS fpm + +# Install FPM +RUN export DEBIAN_FRONTEND=noninteractive \ + && apt-get update \ + && apt-get -y --no-install-recommends install php5.6-fpm \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/share/doc/* + +# PHP-FPM packages need a nudge to make them docker-friendly +COPY overrides.conf /etc/php/5.6/fpm/pool.d/z-overrides.conf + +# PHP-FPM has really dirty logs, certainly not good for dockerising +# The following startup script contains some magic to clean these up +COPY --chmod=755 php-fpm-startup /usr/bin/php-fpm +CMD /usr/bin/php-fpm + +# Open up fcgi port +EXPOSE 9000 + +RUN apt-get update; \ + apt-get -y --no-install-recommends install \ + git \ + php5.6-bz2 \ + php5.6-gd \ + php5.6-igbinary \ + php5.6-imap \ + php5.6-imagick \ + php5.6-intl \ + php5.6-memcached \ + php5.6-mysql \ + php5.6-redis \ + php5.6-soap \ + php5.6-ssh2 \ + php5.6-tidy \ + php5.6-xsl \ + php5.6-curl \ + php5.6-json \ + php5.6-mcrypt \ + less nano wget curl; \ + apt-get clean; \ + rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/share/doc/*; diff --git a/resources/tools/dockerwebcontainer/template/images/php-5.6-fpm/overrides.conf b/resources/tools/dockerwebcontainer/template/images/php-5.6-fpm/overrides.conf new file mode 100644 index 000000000..51c835c02 --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/images/php-5.6-fpm/overrides.conf @@ -0,0 +1,17 @@ +[global] +; Override default pid file +pid = /run/php-fpm.pid + +; Avoid logs being sent to syslog +error_log = /proc/self/fd/2 + +[www] +; Access from webserver container is via network, not socket file +listen = [::]:9000 + +; Redirect logs to stdout - FPM closes /dev/std* on startup +access.log = /proc/self/fd/2 +catch_workers_output = yes + +; Required to allow config-by-environment +clear_env = no diff --git a/resources/tools/dockerwebcontainer/template/images/php-5.6-fpm/php-fpm-startup b/resources/tools/dockerwebcontainer/template/images/php-5.6-fpm/php-fpm-startup new file mode 100644 index 000000000..c7e3f5c5f --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/images/php-5.6-fpm/php-fpm-startup @@ -0,0 +1,2 @@ +#!/usr/bin/env bash +/usr/sbin/php-fpm5.6 -F -O 2>&1 | sed -u 's,.*: \"\(.*\)$,\1,'| sed -u 's,"$,,' 1>&1 diff --git a/resources/tools/dockerwebcontainer/template/images/php-fpm/Dockerfile b/resources/tools/dockerwebcontainer/template/images/php-fpm/Dockerfile new file mode 100644 index 000000000..f7102e19e --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/images/php-fpm/Dockerfile @@ -0,0 +1,84 @@ +############################################ +# PHPDocker.io PHP $phpversion / CLI and FPM image # +############################################ + +FROM ubuntu:jammy AS cli + +WORKDIR "/application" + +# Fixes some weird terminal issues such as broken clear / CTRL+L +ENV TERM=linux + +# Ensure apt doesn't ask questions when installing stuff +ENV DEBIAN_FRONTEND=noninteractive + +# Add Ondrej PHP repository +RUN apt update \ + && apt install -y --no-install-recommends gnupg \ + && echo "deb http://ppa.launchpad.net/ondrej/php/ubuntu jammy main" > /etc/apt/sources.list.d/ondrej-php.list \ + && apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 4F4EA0AAE5267A6C + +# Install nodejs repository +RUN curl -fsSL https://deb.nodesource.com/setup_19.x | bash - + +RUN apt update + +RUN apt -y --no-install-recommends install \ + ca-certificates \ + curl \ + unzip \ + git \ + php$phpversion-apcu \ + php$phpversion-cli \ + php$phpversion-curl \ + php$phpversion-mbstring \ + php$phpversion-opcache \ + php$phpversion-readline \ + php$phpversion-xml \ + php$phpversion-zip \ + php$phpversion-bz2 \ + php$phpversion-gd \ + php$phpversion-igbinary \ + php$phpversion-imap \ + php$phpversion-imagick \ + php$phpversion-intl \ + php$phpversion-memcached \ + php$phpversion-mysql \ + php$phpversion-redis \ + php$phpversion-soap \ + php$phpversion-ssh2 \ + php$phpversion-tidy \ + php$phpversion-xsl \ + php$phpversion-curl \ + php$phpversion-mcrypt \ + php$phpversion-fpm \ + less nano wget curl + +RUN apt -y --no-install-recommends install nodejs sudo openssh-server rsyslog cron mariadb-client + +RUN apt -y --no-install-recommends install locales +RUN sed -i '/$locale.UTF-8/s/^# //g' /etc/locale.gen && \ + locale-gen +ENV LANG $locale.UTF-8 +ENV LANGUAGE $locale:$localshort +ENV LC_ALL $locale.UTF-8 + +COPY --from=composer:2 /usr/bin/composer /usr/bin/composer + +# IF you need some npm globally installed packages +# RUN npm install --unsafe-perm --global + +CMD ["php", "-a"] + +STOPSIGNAL SIGQUIT + +RUN groupadd sudo;useradd -d /application -g 33 -G sudo -s /bin/bash -u 1001 $name + +# PHP-FPM packages need a nudge to make them docker-friendly +COPY overrides.conf /etc/php/$phpversion/fpm/pool.d/z-overrides.conf + +COPY --chmod=755 startup /usr/bin/startup +CMD exec /usr/bin/startup + +# Open up fcgi port +EXPOSE 9000 diff --git a/resources/tools/dockerwebcontainer/template/images/php-fpm/overrides.conf b/resources/tools/dockerwebcontainer/template/images/php-fpm/overrides.conf new file mode 100644 index 000000000..b799bf136 --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/images/php-fpm/overrides.conf @@ -0,0 +1,37 @@ +[global] +; Override default pid file +pid = /run/php-fpm.pid + +; Avoid logs being sent to syslog +error_log = /proc/self/fd/2 + +; Set this to php default's max_execution_time to allow children to stop gracefully when fpm is commanded to stop +; This helps avoiding 502's +process_control_timeout = 30 + +; Do not daemonize (eg send process to the background) +daemonize = no + +[www] +; Access from webserver container is via network, not socket file +listen = [::]:9000 + +; Redirect logs to stdout - FPM closes /dev/std* on startup +access.log = /proc/self/fd/1 +catch_workers_output = yes + +; Remove "pool www" decoration from log output (older phpdocker.io containers for php use sed for this) +decorate_workers_output = no + +; Required to allow config-by-environment +clear_env = no + +user = 1001 +group = 33 + +pm = dynamic +pm.max_children = 16 +pm.start_servers = 4 +pm.min_spare_servers = 4 +pm.max_spare_servers = 8 +pm.max_requests = 500 diff --git a/resources/tools/dockerwebcontainer/template/images/php-fpm/startup b/resources/tools/dockerwebcontainer/template/images/php-fpm/startup new file mode 100644 index 000000000..0341d5abc --- /dev/null +++ b/resources/tools/dockerwebcontainer/template/images/php-fpm/startup @@ -0,0 +1,33 @@ +#!/bin/sh + +# Set file rights +umask 0000 +chmod -R 777 /tmp + +chown -R root:root /etc/sudoers.d +chown -R $name:www-data /application + +# Rsyslog +start-stop-daemon --start -b -x /usr/sbin/rsyslogd -- -n + +# SSH Server +ssh-keygen -A +chmod 755 /etc/ssh/*.d +chmod 600 /etc/ssh/*_key +chmod 750 /application +#chmod 600 /application/.ssh/id_rsa +chmod 700 /application/.ssh/ +chmod 600 /application/.ssh/authorized_keys2 +#chmod 600 /root/.ssh/id_rsa +chmod 700 /root/.ssh/ +chmod 600 /root/.ssh/authorized_keys2 +/usr/sbin/service ssh start + +# Cron +chmod 0644 /etc/crontab && crontab -u root /etc/crontab && /usr/sbin/service cron start + +# Set user password +chpasswd < /root/passwords + +# Launch PHP +/usr/sbin/php-fpm$phpversion -O diff --git a/resources/tools/dockerwebcontainer/template/phpdocker/README.html b/resources/tools/dockerwebcontainer/template/phpdocker/README.html deleted file mode 100644 index 95d333258..000000000 --- a/resources/tools/dockerwebcontainer/template/phpdocker/README.html +++ /dev/null @@ -1,204 +0,0 @@ - - - PHPDocker.io Readme - - - - - - -
-
-
-

PHPDocker.io generated environment

- -

Add to your project

- -

Simply, unzip the file into your project, this will create docker-compose.yml on the root of your project and a folder -named phpdocker containing nginx and php-fpm config for it.

- -

Ensure the webserver config on phpdocker/nginx/nginx.conf is correct for your project. PHPDocker.io will have -customised this file according to the front controller location relative to the docker-compose file you chose on the -generator (by default public/index.php).

- -

Note: you may place the files elsewhere in your project. Make sure you modify the locations for the php-fpm dockerfile, -the php.ini overrides and nginx config on docker-compose.yml if you do so.

- -

How to run

- -

Dependencies:

- - - -

Once you're done, simply cd to your project and run docker-compose up -d. This will initialise and start all the -containers, then leave them running in the background.

- -

Services exposed outside your environment

- -

You can access your application via localhost. Mailhog and nginx both respond to any hostname, in case you want to -add your own hostname on your /etc/hosts

- - - - - - - - - - - - - - -
ServiceAddress outside containers
Webserverlocalhost:29000
- -

Hosts within your environment

- -

You'll need to configure your application to use any services you enabled:

- - - - - - - - - - - - - - - - - - - - - -
ServiceHostnamePort number
php-fpmphp-fpm9000
Redisredis6379 (default)
- -

Docker compose cheatsheet

- -

Note: you need to cd first to where your docker-compose.yml file lives.

- -
    -
  • Start containers in the background: docker-compose up -d
    • -
  • Start containers on the foreground: docker-compose up. You will see a stream of logs for every container running. -ctrl+c stops containers.
    • -
  • Stop containers: docker-compose stop
    • -
  • Kill containers: docker-compose kill
    • -
  • View container logs: docker-compose logs for all containers or docker-compose logs SERVICE_NAME for the logs of -all containers in SERVICE_NAME.
    • -
  • Execute command inside of container: docker-compose exec SERVICE_NAME COMMAND where COMMAND is whatever you want -to run. Examples: - -
      -
    • Shell into the PHP container, docker-compose exec php-fpm bash
      • -
    • Run symfony console, docker-compose exec php-fpm bin/console
      • -
    • Open a mysql shell, docker-compose exec mysql mysql -uroot -pCHOSEN_ROOT_PASSWORD
      • -
    • -
- -

Application file permissions

- -

As in all server environments, your application needs the correct file permissions to work properly. You can change the -files throughout the container, so you won't care if the user exists or has the same ID on your host.

- -

docker-compose exec php-fpm chown -R www-data:www-data /application/public

- -

Recommendations

- -

It's hard to avoid file permission issues when fiddling about with containers due to the fact that, from your OS point -of view, any files created within the container are owned by the process that runs the docker engine (this is usually -root). Different OS will also have different problems, for instance you can run stuff in containers -using docker exec -it -u $(id -u):$(id -g) CONTAINER_NAME COMMAND to force your current user ID into the process, but -this will only work if your host OS is Linux, not mac. Follow a couple of simple rules and save yourself a world of -hurt.

- -
    -
  • Run composer outside of the php container, as doing so would install all your dependencies owned by root within your -vendor folder.
    • -
  • Run commands (ie Symfony's console, or Laravel's artisan) straight inside of your container. You can easily open a -shell as described above and do your thing from there.
    • -
- -

Simple basic Xdebug configuration with integration to PHPStorm

- -

Xdebug 2

- -

To configure Xdebug 2 you need add these lines in php-fpm/php-ini-overrides.ini:

- -

For linux:

- -
xdebug.remote_enable = 1
-xdebug.remote_connect_back = 1
-xdebug.remote_autostart = 1
-
- -

For macOS and Windows:

- -
xdebug.remote_enable = 1
-xdebug.remote_host = host.docker.internal
-xdebug.remote_autostart = 1
-
- -

Xdebug 3

- -

To configure Xdebug 3 you need add these lines in php-fpm/php-ini-overrides.ini:

- -

For linux:

- -
xdebug.mode = debug
-xdebug.remote_connect_back = true
-xdebug.start_with_request = yes
-
- -

For macOS and Windows:

- -
xdebug.mode = debug
-xdebug.remote_host = host.docker.internal
-xdebug.start_with_request = yes
-
- -

Add the section “environment” to the php-fpm service in docker-compose.yml:

- -
environment:
-  PHP_IDE_CONFIG: "serverName=Docker"
-
- -

Create a server configuration in PHPStorm:

- -
    -
  • In PHPStorm open Preferences | Languages & Frameworks | PHP | Servers
    • -
  • Add new server
    • -
  • The “Name” field should be the same as the parameter “serverName” value in “environment” in docker-compose.yml (i.e. * -Docker* in the example above)
    • -
  • A value of the "port" field should be the same as first port(before a colon) in "webserver" service in -docker-compose.yml
    • -
  • Select "Use path mappings" and set mappings between a path to your project on a host system and the Docker container.
    • -
  • Finally, add “Xdebug helper” extension in your browser, set breakpoints and start debugging
    • -
-
-
-
- - - - diff --git a/resources/tools/dockerwebcontainer/template/phpdocker/README.md b/resources/tools/dockerwebcontainer/template/phpdocker/README.md deleted file mode 100644 index 9dcfed9c2..000000000 --- a/resources/tools/dockerwebcontainer/template/phpdocker/README.md +++ /dev/null @@ -1,143 +0,0 @@ -PHPDocker.io generated environment -================================== - -# Add to your project # - -Simply, unzip the file into your project, this will create `docker-compose.yml` on the root of your project and a folder -named `phpdocker` containing nginx and php-fpm config for it. - -Ensure the webserver config on `phpdocker/nginx/nginx.conf` is correct for your project. PHPDocker.io will have -customised this file according to the front controller location relative to the docker-compose file you chose on the -generator (by default `public/index.php`). - -Note: you may place the files elsewhere in your project. Make sure you modify the locations for the php-fpm dockerfile, -the php.ini overrides and nginx config on `docker-compose.yml` if you do so. - -# How to run # - -Dependencies: - -* docker. See [https://docs.docker.com/engine/installation](https://docs.docker.com/engine/installation) -* docker-compose. See [docs.docker.com/compose/install](https://docs.docker.com/compose/install/) - -Once you're done, simply `cd` to your project and run `docker-compose up -d`. This will initialise and start all the -containers, then leave them running in the background. - -## Services exposed outside your environment ## - -You can access your application via **`localhost`**. Mailhog and nginx both respond to any hostname, in case you want to -add your own hostname on your `/etc/hosts` - -Service|Address outside containers --------|-------------------------- -Webserver|[localhost:29000](http://localhost:29000) - -## Hosts within your environment ## - -You'll need to configure your application to use any services you enabled: - -Service|Hostname|Port number -------|---------|----------- -php-fpm|php-fpm|9000 -Redis|redis|6379 (default) - -# Docker compose cheatsheet # - -**Note:** you need to cd first to where your docker-compose.yml file lives. - -* Start containers in the background: `docker-compose up -d` -* Start containers on the foreground: `docker-compose up`. You will see a stream of logs for every container running. - ctrl+c stops containers. -* Stop containers: `docker-compose stop` -* Kill containers: `docker-compose kill` -* View container logs: `docker-compose logs` for all containers or `docker-compose logs SERVICE_NAME` for the logs of - all containers in `SERVICE_NAME`. -* Execute command inside of container: `docker-compose exec SERVICE_NAME COMMAND` where `COMMAND` is whatever you want - to run. Examples: - * Shell into the PHP container, `docker-compose exec php-fpm bash` - * Run symfony console, `docker-compose exec php-fpm bin/console` - * Open a mysql shell, `docker-compose exec mysql mysql -uroot -pCHOSEN_ROOT_PASSWORD` - -# Application file permissions # - -As in all server environments, your application needs the correct file permissions to work properly. You can change the -files throughout the container, so you won't care if the user exists or has the same ID on your host. - -`docker-compose exec php-fpm chown -R www-data:www-data /application/public` - -# Recommendations # - -It's hard to avoid file permission issues when fiddling about with containers due to the fact that, from your OS point -of view, any files created within the container are owned by the process that runs the docker engine (this is usually -root). Different OS will also have different problems, for instance you can run stuff in containers -using `docker exec -it -u $(id -u):$(id -g) CONTAINER_NAME COMMAND` to force your current user ID into the process, but -this will only work if your host OS is Linux, not mac. Follow a couple of simple rules and save yourself a world of -hurt. - -* Run composer outside of the php container, as doing so would install all your dependencies owned by `root` within your - vendor folder. -* Run commands (ie Symfony's console, or Laravel's artisan) straight inside of your container. You can easily open a - shell as described above and do your thing from there. - -# Simple basic Xdebug configuration with integration to PHPStorm - -## Xdebug 2 - -To configure **Xdebug 2** you need add these lines in php-fpm/php-ini-overrides.ini: - -### For linux: - -``` -xdebug.remote_enable = 1 -xdebug.remote_connect_back = 1 -xdebug.remote_autostart = 1 -``` - -### For macOS and Windows: - -``` -xdebug.remote_enable = 1 -xdebug.remote_host = host.docker.internal -xdebug.remote_autostart = 1 -``` - -## Xdebug 3 - -To configure **Xdebug 3** you need add these lines in php-fpm/php-ini-overrides.ini: - -### For linux: - -``` -xdebug.mode = debug -xdebug.remote_connect_back = true -xdebug.start_with_request = yes -``` - -### For macOS and Windows: - -``` -xdebug.mode = debug -xdebug.remote_host = host.docker.internal -xdebug.start_with_request = yes -``` - -## Add the section “environment” to the php-fpm service in docker-compose.yml: - -``` -environment: - PHP_IDE_CONFIG: "serverName=Docker" -``` - -### Create a server configuration in PHPStorm: - -* In PHPStorm open Preferences | Languages & Frameworks | PHP | Servers -* Add new server -* The “Name” field should be the same as the parameter “serverName” value in “environment” in docker-compose.yml (i.e. * - Docker* in the example above) -* A value of the "port" field should be the same as first port(before a colon) in "webserver" service in - docker-compose.yml -* Select "Use path mappings" and set mappings between a path to your project on a host system and the Docker container. -* Finally, add “Xdebug helper” extension in your browser, set breakpoints and start debugging - - - diff --git a/resources/tools/dockerwebcontainer/template/phpdocker/php-5.6-fpm/Dockerfile b/resources/tools/dockerwebcontainer/template/phpdocker/php-5.6-fpm/Dockerfile deleted file mode 100644 index 94587999a..000000000 --- a/resources/tools/dockerwebcontainer/template/phpdocker/php-5.6-fpm/Dockerfile +++ /dev/null @@ -1,81 +0,0 @@ -FROM ubuntu:bionic AS cli - -WORKDIR "/application" - -# Fixes some weird terminal issues such as broken clear / CTRL+L -ENV TERM=linux - -# Install Ondrej repos for Ubuntu Bionic, PHP7.2, composer and selected extensions - better selection than -# the distro's packages -RUN apt-get update \ - && apt-get install -y --no-install-recommends gnupg \ - && echo "deb http://ppa.launchpad.net/ondrej/php/ubuntu bionic main" > /etc/apt/sources.list.d/ondrej-php.list \ - && apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 4F4EA0AAE5267A6C \ - && apt-get update \ - && apt-get update \ - && apt-get -y --no-install-recommends install \ - curl \ - ca-certificates \ - unzip \ - php5.6-cli \ - php5.6-curl \ - php5.6-json \ - php5.6-mbstring \ - php5.6-opcache \ - php5.6-readline \ - php5.6-xml \ - php5.6-zip \ - && apt-get clean \ - && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/share/doc/* - -COPY --from=composer:2 /usr/bin/composer /usr/bin/composer - -CMD ["php", "-a"] - -# If you'd like to be able to use this container on a docker-compose environment as a quiescent PHP CLI container -# you can /bin/bash into, override CMD with the following - bear in mind that this will make docker-compose stop -# slow on such a container, docker-compose kill might do if you're in a hurry -# CMD ["tail", "-f", "/dev/null"] - -FROM cli AS fpm - -# Install FPM -RUN export DEBIAN_FRONTEND=noninteractive \ - && apt-get update \ - && apt-get -y --no-install-recommends install php5.6-fpm \ - && apt-get clean \ - && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/share/doc/* - -# PHP-FPM packages need a nudge to make them docker-friendly -COPY overrides.conf /etc/php/5.6/fpm/pool.d/z-overrides.conf - -# PHP-FPM has really dirty logs, certainly not good for dockerising -# The following startup script contains some magic to clean these up -COPY --chmod=755 php-fpm-startup /usr/bin/php-fpm -CMD /usr/bin/php-fpm - -# Open up fcgi port -EXPOSE 9000 - -RUN apt-get update; \ - apt-get -y --no-install-recommends install \ - git \ - php5.6-bz2 \ - php5.6-gd \ - php5.6-igbinary \ - php5.6-imap \ - php5.6-imagick \ - php5.6-intl \ - php5.6-memcached \ - php5.6-mysql \ - php5.6-redis \ - php5.6-soap \ - php5.6-ssh2 \ - php5.6-tidy \ - php5.6-xsl \ - php5.6-curl \ - php5.6-json \ - php5.6-mcrypt \ - less nano wget curl; \ - apt-get clean; \ - rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/share/doc/*; diff --git a/resources/tools/dockerwebcontainer/template/phpdocker/php-5.6-fpm/overrides.conf b/resources/tools/dockerwebcontainer/template/phpdocker/php-5.6-fpm/overrides.conf deleted file mode 100644 index 51c835c02..000000000 --- a/resources/tools/dockerwebcontainer/template/phpdocker/php-5.6-fpm/overrides.conf +++ /dev/null @@ -1,17 +0,0 @@ -[global] -; Override default pid file -pid = /run/php-fpm.pid - -; Avoid logs being sent to syslog -error_log = /proc/self/fd/2 - -[www] -; Access from webserver container is via network, not socket file -listen = [::]:9000 - -; Redirect logs to stdout - FPM closes /dev/std* on startup -access.log = /proc/self/fd/2 -catch_workers_output = yes - -; Required to allow config-by-environment -clear_env = no diff --git a/resources/tools/dockerwebcontainer/template/phpdocker/php-5.6-fpm/php-fpm-startup b/resources/tools/dockerwebcontainer/template/phpdocker/php-5.6-fpm/php-fpm-startup deleted file mode 100644 index c7e3f5c5f..000000000 --- a/resources/tools/dockerwebcontainer/template/phpdocker/php-5.6-fpm/php-fpm-startup +++ /dev/null @@ -1,2 +0,0 @@ -#!/usr/bin/env bash -/usr/sbin/php-fpm5.6 -F -O 2>&1 | sed -u 's,.*: \"\(.*\)$,\1,'| sed -u 's,"$,,' 1>&1 diff --git a/resources/tools/dockerwebcontainer/template/phpdocker/php-5.6-fpm/php-ini-overrides.ini b/resources/tools/dockerwebcontainer/template/phpdocker/php-5.6-fpm/php-ini-overrides.ini deleted file mode 100644 index bf24fefb3..000000000 --- a/resources/tools/dockerwebcontainer/template/phpdocker/php-5.6-fpm/php-ini-overrides.ini +++ /dev/null @@ -1,2 +0,0 @@ -upload_max_filesize = 2G -post_max_size = 2G diff --git a/resources/tools/dockerwebcontainer/template/phpdocker/php-fpm/Dockerfile b/resources/tools/dockerwebcontainer/template/phpdocker/php-fpm/Dockerfile deleted file mode 100644 index 0ee19fc63..000000000 --- a/resources/tools/dockerwebcontainer/template/phpdocker/php-fpm/Dockerfile +++ /dev/null @@ -1,80 +0,0 @@ -############################################ -# PHPDocker.io PHP $phpversion / CLI and FPM image # -############################################ - -FROM ubuntu:jammy AS cli - -WORKDIR "/application" - -# Fixes some weird terminal issues such as broken clear / CTRL+L -ENV TERM=linux - -# Ensure apt doesn't ask questions when installing stuff -ENV DEBIAN_FRONTEND=noninteractive - -# Install Ondrej repos for Ubuntu jammy, PHP, composer and selected extensions - better selection than -# the distro's packages -RUN apt-get update \ - && apt-get install -y --no-install-recommends gnupg \ - && echo "deb http://ppa.launchpad.net/ondrej/php/ubuntu jammy main" > /etc/apt/sources.list.d/ondrej-php.list \ - && apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 4F4EA0AAE5267A6C \ - && apt-get update \ - && apt-get -y --no-install-recommends install \ - ca-certificates \ - curl \ - unzip \ - git \ - php$phpversion-apcu \ - php$phpversion-cli \ - php$phpversion-curl \ - php$phpversion-mbstring \ - php$phpversion-opcache \ - php$phpversion-readline \ - php$phpversion-xml \ - php$phpversion-zip \ - php$phpversion-bz2 \ - php$phpversion-gd \ - php$phpversion-igbinary \ - php$phpversion-imap \ - php$phpversion-imagick \ - php$phpversion-intl \ - php$phpversion-memcached \ - php$phpversion-mysql \ - php$phpversion-redis \ - php$phpversion-soap \ - php$phpversion-ssh2 \ - php$phpversion-tidy \ - php$phpversion-xsl \ - php$phpversion-curl \ - php$phpversion-json \ - php$phpversion-mcrypt \ - less nano wget curl \ - && apt-get clean \ - && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/share/doc/* ~/.composer - -COPY --from=composer:2 /usr/bin/composer /usr/bin/composer - -CMD ["php", "-a"] - -# If you'd like to be able to use this container on a docker-compose environment as a quiescent PHP CLI container -# you can /bin/bash into, override CMD with the following - bear in mind that this will make docker-compose stop -# slow on such a container, docker-compose kill might do if you're in a hurry -# CMD ["tail", "-f", "/dev/null"] - -FROM cli AS fpm - -# Install FPM -RUN apt-get update \ - && apt-get -y --no-install-recommends install php$phpversion-fpm \ - && apt-get clean \ - && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/share/doc/* - -STOPSIGNAL SIGQUIT - -# PHP-FPM packages need a nudge to make them docker-friendly -COPY overrides.conf /etc/php/$phpversion/fpm/pool.d/z-overrides.conf - -CMD ["/usr/sbin/php-fpm$phpversion", "-O" ] - -# Open up fcgi port -EXPOSE 9000 diff --git a/resources/tools/dockerwebcontainer/template/phpdocker/php-fpm/overrides.conf b/resources/tools/dockerwebcontainer/template/phpdocker/php-fpm/overrides.conf deleted file mode 100644 index 4a99e3e4e..000000000 --- a/resources/tools/dockerwebcontainer/template/phpdocker/php-fpm/overrides.conf +++ /dev/null @@ -1,37 +0,0 @@ -[global] -; Override default pid file -pid = /run/php-fpm.pid - -; Avoid logs being sent to syslog -error_log = /proc/self/fd/2 - -; Set this to php default's max_execution_time to allow children to stop gracefully when fpm is commanded to stop -; This helps avoiding 502's -process_control_timeout = 30 - -; Do not daemonize (eg send process to the background) -daemonize = no - -[www] -; Access from webserver container is via network, not socket file -listen = [::]:9000 - -; Redirect logs to stdout - FPM closes /dev/std* on startup -access.log = /proc/self/fd/1 -catch_workers_output = yes - -; Remove "pool www" decoration from log output (older phpdocker.io containers for php use sed for this) -decorate_workers_output = no - -; Required to allow config-by-environment -clear_env = no - -user = 1001 -group = 33 - -pm = dynamic -pm.max_children = 160 -pm.start_servers = 48 -pm.min_spare_servers = 40 -pm.max_spare_servers = 80 -pm.max_requests = 1000 diff --git a/resources/tools/dockerwebcontainer/template/phpdocker/php-fpm/php-ini-overrides.ini b/resources/tools/dockerwebcontainer/template/phpdocker/php-fpm/php-ini-overrides.ini deleted file mode 100644 index bf24fefb3..000000000 --- a/resources/tools/dockerwebcontainer/template/phpdocker/php-fpm/php-ini-overrides.ini +++ /dev/null @@ -1,2 +0,0 @@ -upload_max_filesize = 2G -post_max_size = 2G diff --git a/resources/tools/dockerwebcontainer/template/www/index.php b/resources/tools/dockerwebcontainer/template/www/index.php deleted file mode 100644 index 61ace196d..000000000 --- a/resources/tools/dockerwebcontainer/template/www/index.php +++ /dev/null @@ -1,2 +0,0 @@ -