# # NOTE: THIS DOCKERFILE IS GENERATED VIA "update.sh" # # PLEASE DO NOT EDIT IT DIRECTLY. # FROM debian:stretch-slim # persistent / runtime deps ENV PHPIZE_DEPS \ autoconf \ dpkg-dev \ file \ g++ \ gcc \ libc-dev \ libpcre3-dev \ make \ pkg-config \ re2c RUN apt-get update && apt-get install -y \ $PHPIZE_DEPS \ ca-certificates \ curl \ libargon2-0 \ libedit2 \ libsqlite3-0 \ libxml2 \ xz-utils \ --no-install-recommends && rm -r /var/lib/apt/lists/* ENV PHP_INI_DIR /usr/local/etc/php RUN mkdir -p $PHP_INI_DIR/conf.d #### RUN apt-get update \ && apt-get install -y --no-install-recommends \ apache2 \ && rm -rf /var/lib/apt/lists/* ENV APACHE_CONFDIR /etc/apache2 ENV APACHE_ENVVARS $APACHE_CONFDIR/envvars RUN set -ex \ \ # generically convert lines like # export APACHE_RUN_USER=www-data # into # : ${APACHE_RUN_USER:=www-data} # export APACHE_RUN_USER # so that they can be overridden at runtime ("-e APACHE_RUN_USER=...") && sed -ri 's/^export ([^=]+)=(.*)$/: ${\1:=\2}\nexport \1/' "$APACHE_ENVVARS" \ \ # setup directories and permissions && . "$APACHE_ENVVARS" \ && for dir in \ "$APACHE_LOCK_DIR" \ "$APACHE_RUN_DIR" \ "$APACHE_LOG_DIR" \ /var/www/html \ ; do \ rm -rvf "$dir" \ && mkdir -p "$dir" \ && chown -R "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$dir"; \ done # Apache + PHP requires preforking Apache for best results RUN a2dismod mpm_event && a2enmod mpm_prefork # logs should go to stdout / stderr RUN set -ex \ && . "$APACHE_ENVVARS" \ && ln -sfT /dev/stderr "$APACHE_LOG_DIR/error.log" \ && ln -sfT /dev/stdout "$APACHE_LOG_DIR/access.log" \ && ln -sfT /dev/stdout "$APACHE_LOG_DIR/other_vhosts_access.log" # PHP files should be handled by PHP, and should be preferred over any other file type RUN { \ echo ''; \ echo '\tSetHandler application/x-httpd-php'; \ echo ''; \ echo; \ echo 'DirectoryIndex disabled'; \ echo 'DirectoryIndex index.php index.html'; \ echo; \ echo ''; \ echo '\tOptions -Indexes'; \ echo '\tAllowOverride All'; \ echo ''; \ } | tee "$APACHE_CONFDIR/conf-available/docker-php.conf" \ && a2enconf docker-php ENV PHP_EXTRA_BUILD_DEPS apache2-dev ENV PHP_EXTRA_CONFIGURE_ARGS --with-apxs2 #### # Apply stack smash protection to functions using local buffers and alloca() # Make PHP's main executable position-independent (improves ASLR security mechanism, and has no performance impact on x86_64) # Enable optimization (-O2) # Enable linker optimization (this sorts the hash buckets to improve cache locality, and is non-default) # Adds GNU HASH segments to generated executables (this is used if present, and is much faster than sysv hash; in this configuration, sysv hash is also generated) # https://github.com/docker-library/php/issues/272 ENV PHP_CFLAGS="-fstack-protector-strong -fpic -fpie -O2" ENV PHP_CPPFLAGS="$PHP_CFLAGS" ENV PHP_LDFLAGS="-Wl,-O1 -Wl,--hash-style=both -pie" ENV GPG_KEYS 1729F83938DA44E27BA0F4D3DBDB397470D12172 B1B44D8F021E4E2D6021E995DC9FF8D3EE5AF27F ENV PHP_VERSION 7.2.0RC6 ENV PHP_URL="https://downloads.php.net/~pollita/php-7.2.0RC6.tar.xz" PHP_ASC_URL="https://downloads.php.net/~pollita/php-7.2.0RC6.tar.xz.asc" ENV PHP_SHA256="be4df00ff5b66e9f13c83e1d08d1d5384ae7ccc820e26f7e5f9e660011496a9e" PHP_MD5="" RUN set -xe; \ \ fetchDeps=' \ wget \ '; \ if ! command -v gpg > /dev/null; then \ fetchDeps="$fetchDeps \ dirmngr \ gnupg \ "; \ fi; \ apt-get update; \ apt-get install -y --no-install-recommends $fetchDeps; \ rm -rf /var/lib/apt/lists/*; \ \ mkdir -p /usr/src; \ cd /usr/src; \ \ wget -O php.tar.xz "$PHP_URL"; \ \ if [ -n "$PHP_SHA256" ]; then \ echo "$PHP_SHA256 *php.tar.xz" | sha256sum -c -; \ fi; \ if [ -n "$PHP_MD5" ]; then \ echo "$PHP_MD5 *php.tar.xz" | md5sum -c -; \ fi; \ \ if [ -n "$PHP_ASC_URL" ]; then \ wget -O php.tar.xz.asc "$PHP_ASC_URL"; \ export GNUPGHOME="$(mktemp -d)"; \ for key in $GPG_KEYS; do \ gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \ done; \ gpg --batch --verify php.tar.xz.asc php.tar.xz; \ rm -rf "$GNUPGHOME"; \ fi; \ \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $fetchDeps COPY docker-php-source /usr/local/bin/ RUN set -xe \ && buildDeps=" \ $PHP_EXTRA_BUILD_DEPS \ libargon2-0-dev \ libcurl4-openssl-dev \ libedit-dev \ libsqlite3-dev \ libssl-dev \ libxml2-dev \ zlib1g-dev \ " \ && apt-get update && apt-get install -y $buildDeps --no-install-recommends && rm -rf /var/lib/apt/lists/* \ \ && export CFLAGS="$PHP_CFLAGS" \ CPPFLAGS="$PHP_CPPFLAGS" \ LDFLAGS="$PHP_LDFLAGS" \ && docker-php-source extract \ && cd /usr/src/php \ && gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \ && debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)" \ # https://bugs.php.net/bug.php?id=74125 && if [ ! -d /usr/include/curl ]; then \ ln -sT "/usr/include/$debMultiarch/curl" /usr/local/include/curl; \ fi \ && ./configure \ --build="$gnuArch" \ --with-config-file-path="$PHP_INI_DIR" \ --with-config-file-scan-dir="$PHP_INI_DIR/conf.d" \ \ --disable-cgi \ \ # --enable-ftp is included here because ftp_ssl_connect() needs ftp to be compiled statically (see https://github.com/docker-library/php/issues/236) --enable-ftp \ # --enable-mbstring is included here because otherwise there's no way to get pecl to use it properly (see https://github.com/docker-library/php/issues/195) --enable-mbstring \ # --enable-mysqlnd is included here because it's harder to compile after the fact than extensions are (since it's a plugin for several extensions, not an extension in itself) --enable-mysqlnd \ # https://wiki.php.net/rfc/argon2_password_hash (7.2+) --with-password-argon2 \ \ --with-curl \ --with-libedit \ --with-openssl \ --with-zlib \ \ # bundled pcre is too old for s390x (which isn't exactly a good sign) # /usr/src/php/ext/pcre/pcrelib/pcre_jit_compile.c:65:2: error: #error Unsupported architecture --with-pcre-regex=/usr \ --with-libdir="lib/$debMultiarch" \ \ $PHP_EXTRA_CONFIGURE_ARGS \ && make -j "$(nproc)" \ && make install \ && { find /usr/local/bin /usr/local/sbin -type f -executable -exec strip --strip-all '{}' + || true; } \ && make clean \ && cd / \ && docker-php-source delete \ \ && apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $buildDeps \ \ # https://github.com/docker-library/php/issues/443 && pecl update-channels \ && rm -rf /tmp/pear ~/.pearrc COPY docker-php-ext-* docker-php-entrypoint /usr/local/bin/ ENTRYPOINT ["docker-php-entrypoint"] #### COPY apache2-foreground /usr/local/bin/ WORKDIR /var/www/html EXPOSE 80 CMD ["apache2-foreground"] ####