From 26dc8f6b4b2e59c274f74854b4b8843a04aa832d Mon Sep 17 00:00:00 2001 From: Raphael Martin Date: Fri, 1 Dec 2023 18:10:35 +0100 Subject: [PATCH] changed readme --- Dockerfile | 178 --------------------------------------------- README.md | 14 +++- docker-compose.yml | 2 +- 3 files changed, 13 insertions(+), 181 deletions(-) delete mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index 2b4f5b8..0000000 --- a/Dockerfile +++ /dev/null @@ -1,178 +0,0 @@ -# Dockerfile - -# Docker image for TYPO3 CMS -FROM php:8.2-apache - -LABEL maintainer="Raphael Martin " - -# set envirement -ENV LANG=de_AT.UTF-8 -ENV APACHE_RUN_USER a2g-www -ENV TYPO3_VERSION 12.4.8 -ENV TYPO3_SHA256CHECKSUM 8293b3441ec133fc8f9174fab5b88f450044ded0e188a0f12de37ad60a8bf8b3 - -# change apache user -RUN adduser --uid 1000 --gecos 'Apache User' --disabled-password $APACHE_RUN_USER \ - && chown -R "$APACHE_RUN_USER:$APACHE_RUN_USER" /var/lock/apache2 /var/run/apache2 - -# update system -RUN apt-get update -y && apt-get upgrade -y - -# Install wget and locales -RUN apt-get install -y --no-install-recommends \ - wget \ - locales - -RUN export LANG=${LANG} && \ - export LC_ALL=${LANG} && \ - export LC_TIME=${LANG} && \ - export LANGUAGE=${LANG} && \ - echo "${LANG} UTF-8" > /etc/locale.gen && \ - /usr/sbin/locale-gen - -# Export env vars -RUN { \ - echo "export LC_ALL=${LANG}"; \ - echo "export LANG=${LANG}"; \ - echo "export LANGUAGE=${LANG}"; \ -} >> ~/.bashrc - -RUN cp ~/.bashrc /home/${APACHE_RUN_USER} && \ - chown -R "$APACHE_RUN_USER:$APACHE_RUN_USER" /home/${APACHE_RUN_USER}/.bashrc - -# Download TYPO3 -RUN cd /tmp && \ - wget -O download.tar.gz https://get.typo3.org/${TYPO3_VERSION} && \ - echo "${TYPO3_SHA256CHECKSUM} /tmp/download.tar.gz" > /tmp/download.tar.gz.sum - -RUN sha256sum -c "/tmp/download.tar.gz.sum" - -# Install -RUN set -ex; \ - \ - apt-get install -y --no-install-recommends \ -# Configure PHP - libxml2-dev \ - libfreetype6-dev \ - libjpeg62-turbo-dev \ - libmcrypt-dev \ - libpng-dev \ - libpq-dev \ - zlib1g-dev \ - sendmail \ - graphicsmagick - -RUN docker-php-ext-configure gd --with-libdir=/usr/include/ --with-jpeg --with-freetype - -RUN docker-php-ext-install -j$(nproc) \ - pdo \ - pdo_mysql \ - soap \ - gd \ - opcache \ - intl - -RUN apt-get -y purge \ - libxml2-dev libfreetype6-dev \ - libjpeg62-turbo-dev \ - libmcrypt-dev \ - libpng-dev \ - zlib1g-dev \ - wget && \ - apt-get autoremove -y - -RUN apt-get install -y --no-install-recommends \ - libzip-dev \ - zip - -RUN docker-php-ext-install -j$(nproc) \ - zip - -# Clean -RUN apt-get -y purge \ - libzip-dev && \ - apt-get clean && \ - rm -rf /var/lib/apt/lists/* /usr/src/* - -# Configure Apache - -RUN set -eux; \ - a2enmod alias authz_core deflate filter rewrite expires setenvif remoteip headers; \ - docker-php-ext-enable opcache; - -RUN set -eux; \ - { \ - echo 'opcache.save_comments=1'; \ - echo 'opcache.use_cwd=1'; \ - echo 'opcache.validate_timestamps=1'; \ - echo 'opcache.max_accelerated_files=10000'; \ - echo 'opcache.revalidate_freq=30'; \ - echo 'opcache.revalidate_path=0'; \ - } > /usr/local/etc/php/conf.d/opcache-recommended.ini - -RUN set -eux; \ - { \ - echo 'memory_limit=256M'; \ - echo 'max_execution_time=240'; \ - echo 'max_input_vars=1500'; \ - } > /usr/local/etc/php/conf.d/typo3-recommended.ini - -RUN set -eux; \ - { \ - echo 'post_max_size=10M'; \ - echo 'upload_max_filesize=10M'; \ - } > /usr/local/etc/php/conf.d/upload-recommended.ini - -RUN set -eux; \ - { \ - echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \ - echo 'display_errors = Off'; \ - echo 'display_startup_errors = Off'; \ - echo 'log_errors = On'; \ - echo 'error_log = /dev/stderr'; \ - echo 'log_errors_max_len = 1024'; \ - echo 'ignore_repeated_errors = On'; \ - echo 'ignore_repeated_source = Off'; \ - echo 'html_errors = Off'; \ - } > /usr/local/etc/php/conf.d/error-logging.ini - -RUN set -eux; \ - { \ - echo 'RemoteIPHeader X-Forwarded-For'; \ -# these IP ranges are reserved for "private" use and should thus *usually* be safe inside Docker - echo 'RemoteIPInternalProxy 10.0.0.0/8'; \ - echo 'RemoteIPInternalProxy 172.16.0.0/12'; \ - echo 'RemoteIPInternalProxy 192.168.0.0/16'; \ - echo 'RemoteIPInternalProxy 169.254.0.0/16'; \ - echo 'RemoteIPInternalProxy 127.0.0.0/8'; \ - } > /etc/apache2/conf-available/remoteip.conf; \ - a2enconf remoteip; \ - find /etc/apache2 -type f -name '*.conf' -exec sed -ri 's/([[:space:]]*LogFormat[[:space:]]+"[^"]*)%h([^"]*")/\1%a\2/g' '{}' + - -RUN cp ${PHP_INI_DIR}/php.ini-production ${PHP_INI_DIR}/php.ini - -# install TYPO3 surf -# RUN mkdir /usr/local/surf && \ -# curl -L https://github.com/TYPO3/Surf/releases/download/3.4.6/surf.phar -o /usr/local/surf/surf.phar && \ -# chmod +x /usr/local/surf/surf.phar && \ -# ln -s /usr/local/surf/surf.phar /usr/local/bin/surf - -# install TYPO3 -RUN tar -xzf /tmp/download.tar.gz -C /var/www/ && \ - rm /tmp/download* - -RUN cd /var/www/html && \ - ln -s ../typo3_src-* typo3_src && \ - ln -s typo3_src/index.php && \ - ln -s typo3_src/typo3 - -RUN chown -R $APACHE_RUN_USER:$APACHE_RUN_USER /var/www/html && \ - chown -R $APACHE_RUN_USER:$APACHE_RUN_USER /var/www/typo3_src-* && \ - chown -R root:root /etc/apache2/sites-enabled - -RUN { \ - echo "ServerSignature Off"; \ - echo "ServerTokens Prod"; \ - } >> /etc/apache2/apache2.conf - -VOLUME /var/www \ No newline at end of file diff --git a/README.md b/README.md index d9f373e..3be065b 100644 --- a/README.md +++ b/README.md @@ -33,9 +33,19 @@ for development: 'transport_sendmail_command' => '/usr/sbin/sendmail -bs', -and append: +and append / set: - ['SYS']['features']['security.backend.enforceReferrer'] = true + ['SYS'][ + ... + 'systemLocale' => 'de_AT.UTF-8', + 'reverseProxyHeaderMultiValue' => 'first', + 'reverseProxyIP' => '127.0.0.1', + 'features' => [ + ... + 'security.backend.enforceReferrer] => false, + 'security.backend.enforceContentSecurityPolicy' => false, + ] + ] because we are behind the reverse proxy. diff --git a/docker-compose.yml b/docker-compose.yml index 64dd375..5d60084 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -12,7 +12,7 @@ services: typo3: container_name: "${PROJECT_NAME}_typo3" hostname: "${PROJECT_URL}" - build: . + image: "altogether/typo3:12.4.8-apache" user: "1000" networks: - "traefik"