# Dockerfile

# Docker image for TYPO3 CMS
FROM php:8.2-apache

LABEL maintainer="Raphael Martin <raphy.martin@protonmail.ch>"

# set envirement
ENV LANG=de_AT.UTF-8
ENV APACHE_RUN_USER a2g-www
ENV TYPO3_VERSION 12.4.8
ENV TYPO3_SHA256CHECKSUM 8293b3441ec133fc8f9174fab5b88f450044ded0e188a0f12de37ad60a8bf8b3

# change apache user
RUN adduser --uid 1000 --gecos 'Apache User' --disabled-password $APACHE_RUN_USER \
             && chown -R "$APACHE_RUN_USER:$APACHE_RUN_USER" /var/lock/apache2 /var/run/apache2

# update system
RUN apt-get update -y && apt-get upgrade -y

# Install wget and locales
RUN apt-get install -y --no-install-recommends \
        wget \
        locales

RUN export LANG=${LANG} && \
    export LC_ALL=${LANG} && \
    export LC_TIME=${LANG} && \
    export LANGUAGE=${LANG} && \
    echo "${LANG} UTF-8" > /etc/locale.gen && \
    /usr/sbin/locale-gen 

# Export env vars
RUN { \
    echo "export LC_ALL=${LANG}"; \
    echo "export LANG=${LANG}"; \
    echo "export LANGUAGE=${LANG}"; \
} >> ~/.bashrc

RUN cp ~/.bashrc /home/${APACHE_RUN_USER} && \
    chown -R "$APACHE_RUN_USER:$APACHE_RUN_USER" /home/${APACHE_RUN_USER}/.bashrc

# Download TYPO3
RUN cd /tmp && \
    wget -O download.tar.gz https://get.typo3.org/${TYPO3_VERSION} && \
    echo "${TYPO3_SHA256CHECKSUM} /tmp/download.tar.gz" > /tmp/download.tar.gz.sum

RUN sha256sum -c "/tmp/download.tar.gz.sum"

# Install
RUN set -ex; \
    \
    apt-get install -y --no-install-recommends \
# Configure PHP
        libxml2-dev \
        libfreetype6-dev \
        libjpeg62-turbo-dev \
        libmcrypt-dev \
        libpng-dev \
        libpq-dev \
        zlib1g-dev \
        sendmail \
        graphicsmagick

RUN docker-php-ext-configure gd --with-libdir=/usr/include/ --with-jpeg --with-freetype

RUN docker-php-ext-install -j$(nproc) \
        pdo \
        pdo_mysql \
        soap \
        gd \
        opcache \
        intl

RUN apt-get -y purge \
        libxml2-dev libfreetype6-dev \
        libjpeg62-turbo-dev \
        libmcrypt-dev \
        libpng-dev \
        zlib1g-dev \
        wget && \
    apt-get autoremove -y

RUN  apt-get install -y --no-install-recommends \
        libzip-dev \
        zip

RUN docker-php-ext-install -j$(nproc) \
        zip

# Clean
RUN apt-get -y purge \
        libzip-dev && \
        apt-get clean && \
    rm -rf /var/lib/apt/lists/* /usr/src/*

# Configure Apache

RUN set -eux; \
    a2enmod alias authz_core deflate filter rewrite expires setenvif remoteip headers; \
    docker-php-ext-enable opcache;

RUN set -eux; \
    { \
        echo 'opcache.save_comments=1'; \
        echo 'opcache.use_cwd=1'; \
        echo 'opcache.validate_timestamps=1'; \
        echo 'opcache.max_accelerated_files=10000'; \
        echo 'opcache.revalidate_freq=30'; \
        echo 'opcache.revalidate_path=0'; \
    } > /usr/local/etc/php/conf.d/opcache-recommended.ini

RUN set -eux; \
    { \
        echo 'memory_limit=256M'; \
        echo 'max_execution_time=240'; \
        echo 'max_input_vars=1500'; \
    } > /usr/local/etc/php/conf.d/typo3-recommended.ini

RUN set -eux; \
    { \
        echo 'post_max_size=10M'; \
        echo 'upload_max_filesize=10M'; \
    } > /usr/local/etc/php/conf.d/upload-recommended.ini

RUN set -eux; \
    { \
        echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \
        echo 'display_errors = Off'; \
        echo 'display_startup_errors = Off'; \
        echo 'log_errors = On'; \
        echo 'error_log = /dev/stderr'; \
        echo 'log_errors_max_len = 1024'; \
        echo 'ignore_repeated_errors = On'; \
        echo 'ignore_repeated_source = Off'; \
        echo 'html_errors = Off'; \
    } > /usr/local/etc/php/conf.d/error-logging.ini

RUN set -eux; \
    { \
        echo 'RemoteIPHeader X-Forwarded-For'; \
# these IP ranges are reserved for "private" use and should thus *usually* be safe inside Docker
        echo 'RemoteIPInternalProxy 10.0.0.0/8'; \
        echo 'RemoteIPInternalProxy 172.16.0.0/12'; \
        echo 'RemoteIPInternalProxy 192.168.0.0/16'; \
        echo 'RemoteIPInternalProxy 169.254.0.0/16'; \
        echo 'RemoteIPInternalProxy 127.0.0.0/8'; \
    } > /etc/apache2/conf-available/remoteip.conf; \
    a2enconf remoteip; \
    find /etc/apache2 -type f -name '*.conf' -exec sed -ri 's/([[:space:]]*LogFormat[[:space:]]+"[^"]*)%h([^"]*")/\1%a\2/g' '{}' +

RUN cp ${PHP_INI_DIR}/php.ini-production ${PHP_INI_DIR}/php.ini

# install TYPO3 surf
# RUN mkdir /usr/local/surf && \
#    curl -L https://github.com/TYPO3/Surf/releases/download/3.4.6/surf.phar -o /usr/local/surf/surf.phar && \
#    chmod +x /usr/local/surf/surf.phar && \
#    ln -s /usr/local/surf/surf.phar /usr/local/bin/surf

# install TYPO3
RUN tar -xzf /tmp/download.tar.gz -C /var/www/ && \
    rm /tmp/download*

RUN cd /var/www/html && \
    ln -s ../typo3_src-* typo3_src && \
    ln -s typo3_src/index.php && \
    ln -s typo3_src/typo3

RUN chown -R $APACHE_RUN_USER:$APACHE_RUN_USER /var/www/html && \
    chown -R $APACHE_RUN_USER:$APACHE_RUN_USER /var/www/typo3_src-* && \
    chown -R root:root /etc/apache2/sites-enabled

RUN { \
    echo "ServerSignature Off"; \
    echo "ServerTokens Prod"; \
    } >> /etc/apache2/apache2.conf

VOLUME /var/www