mirror of
https://github.com/danog/php.git
synced 2024-12-13 09:37:33 +01:00
dbd5d1e03d
This will hopefully help folks with the confusion around installing packages like "php-apcu" and then wondering why they don't actually "work" (because they pull in Debian's PHP, and that's not what this image packages).
172 lines
5.1 KiB
Docker
172 lines
5.1 KiB
Docker
#
|
|
# NOTE: THIS DOCKERFILE IS GENERATED VIA "update.sh"
|
|
#
|
|
# PLEASE DO NOT EDIT IT DIRECTLY.
|
|
#
|
|
|
|
FROM debian:stretch-slim
|
|
|
|
# prevent Debian's PHP packages from being installed
|
|
RUN set -eux; \
|
|
{ \
|
|
echo 'Package: php*'; \
|
|
echo 'Pin: release *'; \
|
|
echo 'Pin-Priority: -1'; \
|
|
} > /etc/apt/preferences.d/no-debian-php
|
|
|
|
# persistent / runtime deps
|
|
ENV PHPIZE_DEPS \
|
|
autoconf \
|
|
dpkg-dev \
|
|
file \
|
|
g++ \
|
|
gcc \
|
|
libc-dev \
|
|
make \
|
|
pkg-config \
|
|
re2c
|
|
RUN apt-get update && apt-get install -y \
|
|
$PHPIZE_DEPS \
|
|
ca-certificates \
|
|
curl \
|
|
libargon2-0 \
|
|
libedit2 \
|
|
libsqlite3-0 \
|
|
libxml2 \
|
|
xz-utils \
|
|
--no-install-recommends && rm -r /var/lib/apt/lists/*
|
|
|
|
ENV PHP_INI_DIR /usr/local/etc/php
|
|
RUN mkdir -p $PHP_INI_DIR/conf.d
|
|
|
|
##<autogenerated>##
|
|
##</autogenerated>##
|
|
|
|
# Apply stack smash protection to functions using local buffers and alloca()
|
|
# Make PHP's main executable position-independent (improves ASLR security mechanism, and has no performance impact on x86_64)
|
|
# Enable optimization (-O2)
|
|
# Enable linker optimization (this sorts the hash buckets to improve cache locality, and is non-default)
|
|
# Adds GNU HASH segments to generated executables (this is used if present, and is much faster than sysv hash; in this configuration, sysv hash is also generated)
|
|
# https://github.com/docker-library/php/issues/272
|
|
ENV PHP_CFLAGS="-fstack-protector-strong -fpic -fpie -O2"
|
|
ENV PHP_CPPFLAGS="$PHP_CFLAGS"
|
|
ENV PHP_LDFLAGS="-Wl,-O1 -Wl,--hash-style=both -pie"
|
|
|
|
ENV GPG_KEYS 1729F83938DA44E27BA0F4D3DBDB397470D12172 B1B44D8F021E4E2D6021E995DC9FF8D3EE5AF27F
|
|
|
|
ENV PHP_VERSION 7.2.0
|
|
ENV PHP_URL="https://secure.php.net/get/php-7.2.0.tar.xz/from/this/mirror" PHP_ASC_URL="https://secure.php.net/get/php-7.2.0.tar.xz.asc/from/this/mirror"
|
|
ENV PHP_SHA256="87572a6b924670a5d4aac276aaa4a94321936283df391d702c845ffc112db095" PHP_MD5=""
|
|
|
|
RUN set -xe; \
|
|
\
|
|
fetchDeps=' \
|
|
wget \
|
|
'; \
|
|
if ! command -v gpg > /dev/null; then \
|
|
fetchDeps="$fetchDeps \
|
|
dirmngr \
|
|
gnupg \
|
|
"; \
|
|
fi; \
|
|
apt-get update; \
|
|
apt-get install -y --no-install-recommends $fetchDeps; \
|
|
rm -rf /var/lib/apt/lists/*; \
|
|
\
|
|
mkdir -p /usr/src; \
|
|
cd /usr/src; \
|
|
\
|
|
wget -O php.tar.xz "$PHP_URL"; \
|
|
\
|
|
if [ -n "$PHP_SHA256" ]; then \
|
|
echo "$PHP_SHA256 *php.tar.xz" | sha256sum -c -; \
|
|
fi; \
|
|
if [ -n "$PHP_MD5" ]; then \
|
|
echo "$PHP_MD5 *php.tar.xz" | md5sum -c -; \
|
|
fi; \
|
|
\
|
|
if [ -n "$PHP_ASC_URL" ]; then \
|
|
wget -O php.tar.xz.asc "$PHP_ASC_URL"; \
|
|
export GNUPGHOME="$(mktemp -d)"; \
|
|
for key in $GPG_KEYS; do \
|
|
gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \
|
|
done; \
|
|
gpg --batch --verify php.tar.xz.asc php.tar.xz; \
|
|
rm -rf "$GNUPGHOME"; \
|
|
fi; \
|
|
\
|
|
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $fetchDeps
|
|
|
|
COPY docker-php-source /usr/local/bin/
|
|
|
|
RUN set -xe \
|
|
&& buildDeps=" \
|
|
$PHP_EXTRA_BUILD_DEPS \
|
|
libargon2-0-dev \
|
|
libcurl4-openssl-dev \
|
|
libedit-dev \
|
|
libsqlite3-dev \
|
|
libssl-dev \
|
|
libxml2-dev \
|
|
zlib1g-dev \
|
|
" \
|
|
&& apt-get update && apt-get install -y $buildDeps --no-install-recommends && rm -rf /var/lib/apt/lists/* \
|
|
\
|
|
&& export CFLAGS="$PHP_CFLAGS" \
|
|
CPPFLAGS="$PHP_CPPFLAGS" \
|
|
LDFLAGS="$PHP_LDFLAGS" \
|
|
&& docker-php-source extract \
|
|
&& cd /usr/src/php \
|
|
&& gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
|
|
&& debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)" \
|
|
# https://bugs.php.net/bug.php?id=74125
|
|
&& if [ ! -d /usr/include/curl ]; then \
|
|
ln -sT "/usr/include/$debMultiarch/curl" /usr/local/include/curl; \
|
|
fi \
|
|
&& ./configure \
|
|
--build="$gnuArch" \
|
|
--with-config-file-path="$PHP_INI_DIR" \
|
|
--with-config-file-scan-dir="$PHP_INI_DIR/conf.d" \
|
|
\
|
|
--disable-cgi \
|
|
\
|
|
# --enable-ftp is included here because ftp_ssl_connect() needs ftp to be compiled statically (see https://github.com/docker-library/php/issues/236)
|
|
--enable-ftp \
|
|
# --enable-mbstring is included here because otherwise there's no way to get pecl to use it properly (see https://github.com/docker-library/php/issues/195)
|
|
--enable-mbstring \
|
|
# --enable-mysqlnd is included here because it's harder to compile after the fact than extensions are (since it's a plugin for several extensions, not an extension in itself)
|
|
--enable-mysqlnd \
|
|
# https://wiki.php.net/rfc/argon2_password_hash (7.2+)
|
|
--with-password-argon2 \
|
|
\
|
|
--with-curl \
|
|
--with-libedit \
|
|
--with-openssl \
|
|
--with-zlib \
|
|
\
|
|
# bundled pcre does not support JIT on s390x
|
|
# https://manpages.debian.org/stretch/libpcre3-dev/pcrejit.3.en.html#AVAILABILITY_OF_JIT_SUPPORT
|
|
$(test "$gnuArch" = 's390x-linux-gnu' && echo '--without-pcre-jit') \
|
|
--with-libdir="lib/$debMultiarch" \
|
|
\
|
|
$PHP_EXTRA_CONFIGURE_ARGS \
|
|
&& make -j "$(nproc)" \
|
|
&& make install \
|
|
&& { find /usr/local/bin /usr/local/sbin -type f -executable -exec strip --strip-all '{}' + || true; } \
|
|
&& make clean \
|
|
&& cd / \
|
|
&& docker-php-source delete \
|
|
\
|
|
&& apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $buildDeps \
|
|
\
|
|
# https://github.com/docker-library/php/issues/443
|
|
&& pecl update-channels \
|
|
&& rm -rf /tmp/pear ~/.pearrc
|
|
|
|
COPY docker-php-ext-* docker-php-entrypoint /usr/local/bin/
|
|
|
|
ENTRYPOINT ["docker-php-entrypoint"]
|
|
##<autogenerated>##
|
|
CMD ["php", "-a"]
|
|
##</autogenerated>##
|