-
Notifications
You must be signed in to change notification settings - Fork 456
/
Copy pathDockerfile-debian.template
152 lines (144 loc) · 6.03 KB
/
Dockerfile-debian.template
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
FROM php:%%PHP_VERSION%%-%%VARIANT%%
# Install dependencies
RUN set -ex; \
\
savedAptMark="$(apt-mark showmanual)"; \
\
apt-get update; \
apt-get install -y --no-install-recommends \
libbz2-dev \
libfreetype6-dev \
libjpeg-dev \
libpng-dev \
libwebp-dev \
libxpm-dev \
libzip-dev \
; \
\
docker-php-ext-configure gd --with-freetype --with-jpeg --with-webp --with-xpm; \
docker-php-ext-install -j "$(nproc)" \
bz2 \
gd \
mysqli \
opcache \
zip \
bcmath \
; \
\
apt-mark auto '.*' > /dev/null; \
apt-mark manual $savedAptMark; \
extdir="$(php -r 'echo ini_get("extension_dir");')"; \
ldd "$extdir"/*.so \
| awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); print so }' \
| sort -u \
| xargs -r dpkg-query -S \
| cut -d: -f1 \
| sort -u \
| xargs -rt apt-mark manual; \
\
# start: Apache specific build
a2enmod remoteip; \
# end: Apache specific build
\
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
ldd "$extdir"/*.so | grep -qzv "=> not found" || (echo "Sanity check failed: missing libraries:"; ldd "$extdir"/*.so | grep " => not found"; exit 1); \
ldd "$extdir"/*.so | grep -q "libzip.so.* => .*/libzip.so.*" || (echo "Sanity check failed: libzip.so is not referenced"; ldd "$extdir"/*.so; exit 1); \
err="$(php --version 3>&1 1>&2 2>&3)"; \
[ -z "$err" ] || (echo "Sanity check failed: php returned errors; $err"; exit 1;);
# set recommended PHP.ini settings
# see https://secure.php.net/manual/en/opcache.installation.php
ENV PMA_SSL_DIR /etc/phpmyadmin/ssl
ENV MAX_EXECUTION_TIME 600
ENV MEMORY_LIMIT 512M
ENV UPLOAD_LIMIT 2048K
ENV TZ UTC
ENV SESSION_SAVE_PATH /sessions
RUN set -ex; \
\
{ \
echo 'opcache.memory_consumption=128'; \
echo 'opcache.interned_strings_buffer=8'; \
echo 'opcache.max_accelerated_files=4000'; \
echo 'opcache.revalidate_freq=2'; \
echo 'opcache.fast_shutdown=1'; \
} > $PHP_INI_DIR/conf.d/opcache-recommended.ini; \
\
{ \
echo 'session.cookie_httponly=1'; \
echo 'session.use_strict_mode=1'; \
} > $PHP_INI_DIR/conf.d/session-strict.ini; \
\
{ \
echo 'allow_url_fopen=Off'; \
echo 'max_execution_time=${MAX_EXECUTION_TIME}'; \
echo 'max_input_vars=10000'; \
echo 'memory_limit=${MEMORY_LIMIT}'; \
echo 'post_max_size=${UPLOAD_LIMIT}'; \
echo 'upload_max_filesize=${UPLOAD_LIMIT}'; \
echo 'date.timezone=${TZ}'; \
echo 'session.save_path=${SESSION_SAVE_PATH}'; \
} > $PHP_INI_DIR/conf.d/phpmyadmin-misc.ini
# Calculate download URL
ENV VERSION %%VERSION%%
ENV SHA256 %%SHA256%%
ENV URL https://files.phpmyadmin.net/phpMyAdmin/${VERSION}/phpMyAdmin-${VERSION}-all-languages.tar.xz
LABEL org.opencontainers.image.title="Official phpMyAdmin Docker image" \
org.opencontainers.image.description="Run phpMyAdmin with Alpine, Apache and PHP FPM." \
org.opencontainers.image.authors="The phpMyAdmin Team <[email protected]>" \
org.opencontainers.image.vendor="phpMyAdmin" \
org.opencontainers.image.documentation="https://github.com/phpmyadmin/docker#readme" \
org.opencontainers.image.licenses="GPL-2.0-only" \
org.opencontainers.image.version="${VERSION}" \
org.opencontainers.image.url="https://github.com/phpmyadmin/docker#readme" \
org.opencontainers.image.source="https://github.com/phpmyadmin/docker.git"
# Download tarball, verify it using gpg and extract
RUN set -ex; \
\
savedAptMark="$(apt-mark showmanual)"; \
\
apt-get update; \
apt-get install -y --no-install-recommends \
gnupg \
dirmngr \
; \
mkdir $SESSION_SAVE_PATH; \
mkdir -p $PMA_SSL_DIR; \
chmod 1777 $SESSION_SAVE_PATH; \
chmod 755 $PMA_SSL_DIR; \
chown www-data:www-data $SESSION_SAVE_PATH; \
chown www-data:www-data $PMA_SSL_DIR; \
\
export GNUPGHOME="$(mktemp -d)"; \
export GPGKEY="%%GPG_KEY%%"; \
curl -fsSL -o phpMyAdmin.tar.xz $URL; \
curl -fsSL -o phpMyAdmin.tar.xz.asc $URL.asc; \
echo "$SHA256 *phpMyAdmin.tar.xz" | sha256sum -c -; \
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$GPGKEY" \
|| gpg --batch --keyserver pgp.mit.edu --recv-keys "$GPGKEY" \
|| gpg --batch --keyserver keyserver.pgp.com --recv-keys "$GPGKEY" \
|| gpg --batch --keyserver keys.openpgp.org --recv-keys "$GPGKEY"; \
gpg --batch --verify phpMyAdmin.tar.xz.asc phpMyAdmin.tar.xz; \
tar -xf phpMyAdmin.tar.xz -C /var/www/html --strip-components=1; \
mkdir -p /var/www/html/tmp; \
chown www-data:www-data /var/www/html/tmp; \
gpgconf --kill all; \
rm -r "$GNUPGHOME" phpMyAdmin.tar.xz phpMyAdmin.tar.xz.asc; \
rm -r -v /var/www/html/setup/ /var/www/html/examples/ /var/www/html/js/src/ /var/www/html/babel.config.json /var/www/html/doc/html/_sources/ /var/www/html/RELEASE-DATE-$VERSION /var/www/html/CONTRIBUTING.md; \
grep -q -F "'configFile' => ROOT_PATH . 'config.inc.php'," /var/www/html/libraries/vendor_config.php; \
sed -i "s@'configFile' => .*@'configFile' => '/etc/phpmyadmin/config.inc.php',@" /var/www/html/libraries/vendor_config.php; \
grep -q -F "'configFile' => '/etc/phpmyadmin/config.inc.php'," /var/www/html/libraries/vendor_config.php; \
php -l /var/www/html/libraries/vendor_config.php; \
chown -R www-data:www-data -R /var/www/html/; \
\
apt-mark auto '.*' > /dev/null; \
apt-mark manual $savedAptMark; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*
# Copy configuration
COPY --chown=www-data:www-data config.inc.php /etc/phpmyadmin/config.inc.php
COPY --chown=www-data:www-data helpers.php /etc/phpmyadmin/helpers.php
# Copy main script
COPY docker-entrypoint.sh /docker-entrypoint.sh
ENTRYPOINT [ "/docker-entrypoint.sh" ]
CMD ["%%CMD%%"]