-
Notifications
You must be signed in to change notification settings - Fork 452
/
Copy pathDockerfile-debian.template
148 lines (139 loc) · 5.88 KB
/
Dockerfile-debian.template
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
FROM php:%%PHP_VERSION%%-%%VARIANT%%
# Install dependencies
RUN set -ex; \
\
apt-get update; \
apt-get install -y --no-install-recommends \
gnupg \
dirmngr \
; \
\
savedAptMark="$(apt-mark showmanual)"; \
\
apt-get install -y --no-install-recommends \
libbz2-dev \
libfreetype6-dev \
libjpeg-dev \
libpng-dev \
libwebp-dev \
libxpm-dev \
libzip-dev \
; \
\
docker-php-ext-configure gd --with-freetype --with-jpeg --with-webp --with-xpm; \
docker-php-ext-install -j "$(nproc)" \
bz2 \
gd \
mysqli \
opcache \
zip \
bcmath \
; \
\
apt-mark auto '.*' > /dev/null; \
apt-mark manual $savedAptMark; \
extdir="$(php -r 'echo ini_get("extension_dir");')"; \
ldd "$extdir"/*.so \
| awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); print so }' \
| sort -u \
| xargs -r dpkg-query -S \
| cut -d: -f1 \
| sort -u \
| xargs -rt apt-mark manual; \
\
# start: Apache specific build
a2enmod remoteip; \
# end: Apache specific build
\
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
ldd "$extdir"/*.so | grep -qzv "=> not found" || (echo "Sanity check failed: missing libraries:"; ldd "$extdir"/*.so | grep " => not found"; exit 1); \
ldd "$extdir"/*.so | grep -q "libzip.so.* => .*/libzip.so.*" || (echo "Sanity check failed: libzip.so is not referenced"; ldd "$extdir"/*.so; exit 1); \
err="$(php --version 3>&1 1>&2 2>&3)"; \
[ -z "$err" ] || (echo "Sanity check failed: php returned errors; $err"; exit 1;);
# set recommended PHP.ini settings
# see https://secure.php.net/manual/en/opcache.installation.php
ENV PMA_SSL_DIR /etc/phpmyadmin/ssl
ENV MAX_EXECUTION_TIME 600
ENV MEMORY_LIMIT 512M
ENV UPLOAD_LIMIT 2048K
ENV TZ UTC
ENV SESSION_SAVE_PATH /sessions
RUN set -ex; \
mkdir $SESSION_SAVE_PATH; \
mkdir -p $PMA_SSL_DIR; \
chmod 1777 $SESSION_SAVE_PATH; \
chmod 755 $PMA_SSL_DIR; \
chown www-data:www-data /etc/phpmyadmin; \
chown www-data:www-data $PMA_SSL_DIR; \
chown www-data:www-data $SESSION_SAVE_PATH; \
\
{ \
echo 'opcache.memory_consumption=128'; \
echo 'opcache.interned_strings_buffer=8'; \
echo 'opcache.max_accelerated_files=4000'; \
echo 'opcache.revalidate_freq=2'; \
echo 'opcache.fast_shutdown=1'; \
} > $PHP_INI_DIR/conf.d/opcache-recommended.ini; \
\
{ \
echo 'session.cookie_httponly=1'; \
echo 'session.use_strict_mode=1'; \
} > $PHP_INI_DIR/conf.d/session-strict.ini; \
\
{ \
echo 'allow_url_fopen=Off'; \
echo 'max_execution_time=${MAX_EXECUTION_TIME}'; \
echo 'max_input_vars=10000'; \
echo 'memory_limit=${MEMORY_LIMIT}'; \
echo 'post_max_size=${UPLOAD_LIMIT}'; \
echo 'upload_max_filesize=${UPLOAD_LIMIT}'; \
echo 'date.timezone=${TZ}'; \
echo 'session.save_path=${SESSION_SAVE_PATH}'; \
} > $PHP_INI_DIR/conf.d/phpmyadmin-misc.ini
USER www-data:www-data
# Calculate download URL
ENV VERSION %%VERSION%%
ENV SHA256 %%SHA256%%
ENV URL https://files.phpmyadmin.net/phpMyAdmin/${VERSION}/phpMyAdmin-${VERSION}-all-languages.tar.xz
LABEL org.opencontainers.image.title="Official phpMyAdmin Docker image" \
org.opencontainers.image.description="Run phpMyAdmin with Alpine, Apache and PHP FPM." \
org.opencontainers.image.authors="The phpMyAdmin Team <developers@phpmyadmin.net>" \
org.opencontainers.image.vendor="phpMyAdmin" \
org.opencontainers.image.documentation="https://github.com/phpmyadmin/docker#readme" \
org.opencontainers.image.licenses="GPL-2.0-only" \
org.opencontainers.image.version="${VERSION}" \
org.opencontainers.image.url="https://github.com/phpmyadmin/docker#readme" \
org.opencontainers.image.source="https://github.com/phpmyadmin/docker.git"
# Download tarball, verify it using gpg and extract
RUN set -ex; \
export GNUPGHOME="$(mktemp -d)"; \
export GPGKEY="%%GPG_KEY%%"; \
curl -fsSL -o phpMyAdmin.tar.xz $URL; \
curl -fsSL -o phpMyAdmin.tar.xz.asc $URL.asc; \
echo "$SHA256 *phpMyAdmin.tar.xz" | sha256sum -c -; \
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$GPGKEY" \
|| gpg --batch --keyserver pgp.mit.edu --recv-keys "$GPGKEY" \
|| gpg --batch --keyserver keyserver.pgp.com --recv-keys "$GPGKEY" \
|| gpg --batch --keyserver keys.openpgp.org --recv-keys "$GPGKEY"; \
gpg --batch --verify phpMyAdmin.tar.xz.asc phpMyAdmin.tar.xz; \
tar -xf phpMyAdmin.tar.xz -C /var/www/html --strip-components=1; \
mkdir -p /var/www/html/tmp; \
gpgconf --kill all; \
rm -r "$GNUPGHOME" phpMyAdmin.tar.xz phpMyAdmin.tar.xz.asc; \
rm -r -v /var/www/html/setup/ /var/www/html/examples/ /var/www/html/js/src/ /var/www/html/babel.config.json /var/www/html/doc/html/_sources/ /var/www/html/RELEASE-DATE-$VERSION /var/www/html/CONTRIBUTING.md; \
grep -q -F "'configFile' => ROOT_PATH . 'config.inc.php'," /var/www/html/libraries/vendor_config.php; \
sed -i "s@'configFile' => .*@'configFile' => '/etc/phpmyadmin/config.inc.php',@" /var/www/html/libraries/vendor_config.php; \
grep -q -F "'configFile' => '/etc/phpmyadmin/config.inc.php'," /var/www/html/libraries/vendor_config.php; \
php -l /var/www/html/libraries/vendor_config.php; \
find /var/www/html -type d -exec chmod 555 {} \;; \
find /var/www/html -type f -exec chmod 444 {} \;; \
chmod 1777 /var/www/html/tmp;
# Copy configuration
COPY --chown=www-data:www-data config.inc.php /etc/phpmyadmin/config.inc.php
COPY --chown=www-data:www-data helpers.php /etc/phpmyadmin/helpers.php
# Copy main script
COPY docker-entrypoint.sh /docker-entrypoint.sh
USER root
ENTRYPOINT [ "/docker-entrypoint.sh" ]
CMD ["%%CMD%%"]