forked from koken/docker-koken-lemp
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
103 lines (91 loc) · 3.26 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
FROM phusion/baseimage:0.11
ENV HOME /root
# Install required packages
# LANG=C.UTF-8 line is needed for ondrej/php repository
RUN \
export LANG=C.UTF-8 && \
export DEBIAN_FRONTEND=noninteractive && \
apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8 && \
add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://ams2.mirrors.digitalocean.com/mariadb/repo/10.3/ubuntu bionic main' && \
add-apt-repository ppa:ondrej/php && \
add-apt-repository -y ppa:ondrej/nginx-mainline && \
add-apt-repository -y ppa:rwky/graphicsmagick && \
apt-get update && \
apt-get -y upgrade && \
apt-get -y install \
nginx \
mariadb-server \
mariadb-client \
php7.3-dev \
php7.3-fpm \
php7.3-mysqli \
php7.3-curl \
php7.3-intl \
php7.3-mbstring \
php-pear \
graphicsmagick \
pwgen \
wget \
unzip \
openssl \
gcc \
make \
autoconf \
libc-dev \
pkg-config \
libmcrypt-dev && \
# Clean apt when done
apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* && \
# Install mcrypt PECL extension
pecl channel-update pecl.php.net && \
pecl install mcrypt-1.0.2 && \
echo “extension=mcrypt.so” > /etc/php/7.3/mods-available/mcrypt.ini && \
phpenmod mcrypt && \
# Configuration
sed -i -e"s/events\s{/events {\n\tuse epoll;/" /etc/nginx/nginx.conf && \
sed -i -e"s/keepalive_timeout\s*65/keepalive_timeout 2;\n\tclient_max_body_size 100m;\n\tport_in_redirect off/" /etc/nginx/nginx.conf && \
echo "daemon off;" >> /etc/nginx/nginx.conf && \
sed -i -e "s/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g" /etc/php/7.3/fpm/php.ini && \
sed -i -e "s/upload_max_filesize\s*=\s*2M/upload_max_filesize = 100M/g" /etc/php/7.3/fpm/php.ini && \
sed -i -e "s/post_max_size\s*=\s*8M/post_max_size = 101M/g" /etc/php/7.3/fpm/php.ini && \
sed -i -e "s/;daemonize\s*=\s*yes/daemonize = no/g" /etc/php/7.3/fpm/php-fpm.conf
# nginx site conf
ADD ./conf/nginx-site.conf /etc/nginx/sites-available/default
ADD ./conf/ssl-params.conf /etc/nginx/snippets/ssl-params.conf
# PHP-FPM pools conf
ADD ./conf/images.conf /etc/php/7.3/fpm/pool.d
ADD ./conf/www.conf /etc/php/7.3/fpm/pool.d
# Add runit files for each service
ADD ./services/nginx /etc/service/nginx/run
ADD ./services/mysql /etc/service/mysql/run
ADD ./services/php-fpm /etc/service/php-fpm/run
ADD ./services/koken /etc/service/koken/run
# Installation helpers
ADD ./php/index.php /installer.php
ADD ./php/database.php /database.php
ADD ./php/user_setup.php /user_setup.php
# Cron
ADD ./shell/koken.sh /etc/cron.daily/koken
# Startup script
ADD ./shell/start.sh /etc/my_init.d/001_koken.sh
# Execute permissions where needed
RUN \
chmod +x /etc/service/nginx/run && \
chmod +x /etc/service/mysql/run && \
chmod +x /etc/service/php-fpm/run && \
chmod +x /etc/service/koken/run && \
chmod +x /etc/cron.daily/koken && \
chmod +x /etc/my_init.d/001_koken.sh
# Data volumes
VOLUME ["/usr/share/nginx/www", "/var/lib/mysql" "/etc/letsencrypt/live/"]
# Expose 8080 to the host
EXPOSE 8080
# Make directory for PHP sockets
RUN mkdir -p /var/run/php && \
mkdir -p /etc/letsencrypt/live/
# Disable SSH
RUN rm -rf /etc/service/sshd /etc/my_init.d/00_regen_ssh_host_keys.sh && \
# Generate strong DH group
openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
# Use baseimage-docker's init system.
CMD ["/sbin/my_init"]