178 lines
5.2 KiB
Docker
178 lines
5.2 KiB
Docker
# Dockerfile
|
|
|
|
# Docker image for TYPO3 CMS
|
|
FROM php:8.2-apache
|
|
|
|
LABEL maintainer="Raphael Martin <raphy.martin@protonmail.ch>"
|
|
|
|
# set envirement
|
|
ENV LANG=de_AT.UTF-8
|
|
ENV APACHE_RUN_USER a2g-www
|
|
ENV TYPO3_VERSION 12.4.8
|
|
ENV TYPO3_SHA256CHECKSUM 8293b3441ec133fc8f9174fab5b88f450044ded0e188a0f12de37ad60a8bf8b3
|
|
|
|
# change apache user
|
|
RUN adduser --uid 1000 --gecos 'Apache User' --disabled-password $APACHE_RUN_USER \
|
|
&& chown -R "$APACHE_RUN_USER:$APACHE_RUN_USER" /var/lock/apache2 /var/run/apache2
|
|
|
|
# update system
|
|
RUN apt-get update -y && apt-get upgrade -y
|
|
|
|
# Install wget and locales
|
|
RUN apt-get install -y --no-install-recommends \
|
|
wget \
|
|
locales
|
|
|
|
RUN export LANG=${LANG} && \
|
|
export LC_ALL=${LANG} && \
|
|
export LC_TIME=${LANG} && \
|
|
export LANGUAGE=${LANG} && \
|
|
echo "${LANG} UTF-8" > /etc/locale.gen && \
|
|
/usr/sbin/locale-gen
|
|
|
|
# Export env vars
|
|
RUN { \
|
|
echo "export LC_ALL=${LANG}"; \
|
|
echo "export LANG=${LANG}"; \
|
|
echo "export LANGUAGE=${LANG}"; \
|
|
} >> ~/.bashrc
|
|
|
|
RUN cp ~/.bashrc /home/${APACHE_RUN_USER} && \
|
|
chown -R "$APACHE_RUN_USER:$APACHE_RUN_USER" /home/${APACHE_RUN_USER}/.bashrc
|
|
|
|
# Download TYPO3
|
|
RUN cd /tmp && \
|
|
wget -O download.tar.gz https://get.typo3.org/${TYPO3_VERSION} && \
|
|
echo "${TYPO3_SHA256CHECKSUM} /tmp/download.tar.gz" > /tmp/download.tar.gz.sum
|
|
|
|
RUN sha256sum -c "/tmp/download.tar.gz.sum"
|
|
|
|
# Install
|
|
RUN set -ex; \
|
|
\
|
|
apt-get install -y --no-install-recommends \
|
|
# Configure PHP
|
|
libxml2-dev \
|
|
libfreetype6-dev \
|
|
libjpeg62-turbo-dev \
|
|
libmcrypt-dev \
|
|
libpng-dev \
|
|
libpq-dev \
|
|
zlib1g-dev \
|
|
sendmail \
|
|
graphicsmagick
|
|
|
|
RUN docker-php-ext-configure gd --with-libdir=/usr/include/ --with-jpeg --with-freetype
|
|
|
|
RUN docker-php-ext-install -j$(nproc) \
|
|
pdo \
|
|
pdo_mysql \
|
|
soap \
|
|
gd \
|
|
opcache \
|
|
intl
|
|
|
|
RUN apt-get -y purge \
|
|
libxml2-dev libfreetype6-dev \
|
|
libjpeg62-turbo-dev \
|
|
libmcrypt-dev \
|
|
libpng-dev \
|
|
zlib1g-dev \
|
|
wget && \
|
|
apt-get autoremove -y
|
|
|
|
RUN apt-get install -y --no-install-recommends \
|
|
libzip-dev \
|
|
zip
|
|
|
|
RUN docker-php-ext-install -j$(nproc) \
|
|
zip
|
|
|
|
# Clean
|
|
RUN apt-get -y purge \
|
|
libzip-dev && \
|
|
apt-get clean && \
|
|
rm -rf /var/lib/apt/lists/* /usr/src/*
|
|
|
|
# Configure Apache
|
|
|
|
RUN set -eux; \
|
|
a2enmod alias authz_core deflate filter rewrite expires setenvif remoteip headers; \
|
|
docker-php-ext-enable opcache;
|
|
|
|
RUN set -eux; \
|
|
{ \
|
|
echo 'opcache.save_comments=1'; \
|
|
echo 'opcache.use_cwd=1'; \
|
|
echo 'opcache.validate_timestamps=1'; \
|
|
echo 'opcache.max_accelerated_files=10000'; \
|
|
echo 'opcache.revalidate_freq=30'; \
|
|
echo 'opcache.revalidate_path=0'; \
|
|
} > /usr/local/etc/php/conf.d/opcache-recommended.ini
|
|
|
|
RUN set -eux; \
|
|
{ \
|
|
echo 'memory_limit=256M'; \
|
|
echo 'max_execution_time=240'; \
|
|
echo 'max_input_vars=1500'; \
|
|
} > /usr/local/etc/php/conf.d/typo3-recommended.ini
|
|
|
|
RUN set -eux; \
|
|
{ \
|
|
echo 'post_max_size=10M'; \
|
|
echo 'upload_max_filesize=10M'; \
|
|
} > /usr/local/etc/php/conf.d/upload-recommended.ini
|
|
|
|
RUN set -eux; \
|
|
{ \
|
|
echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \
|
|
echo 'display_errors = Off'; \
|
|
echo 'display_startup_errors = Off'; \
|
|
echo 'log_errors = On'; \
|
|
echo 'error_log = /dev/stderr'; \
|
|
echo 'log_errors_max_len = 1024'; \
|
|
echo 'ignore_repeated_errors = On'; \
|
|
echo 'ignore_repeated_source = Off'; \
|
|
echo 'html_errors = Off'; \
|
|
} > /usr/local/etc/php/conf.d/error-logging.ini
|
|
|
|
RUN set -eux; \
|
|
{ \
|
|
echo 'RemoteIPHeader X-Forwarded-For'; \
|
|
# these IP ranges are reserved for "private" use and should thus *usually* be safe inside Docker
|
|
echo 'RemoteIPInternalProxy 10.0.0.0/8'; \
|
|
echo 'RemoteIPInternalProxy 172.16.0.0/12'; \
|
|
echo 'RemoteIPInternalProxy 192.168.0.0/16'; \
|
|
echo 'RemoteIPInternalProxy 169.254.0.0/16'; \
|
|
echo 'RemoteIPInternalProxy 127.0.0.0/8'; \
|
|
} > /etc/apache2/conf-available/remoteip.conf; \
|
|
a2enconf remoteip; \
|
|
find /etc/apache2 -type f -name '*.conf' -exec sed -ri 's/([[:space:]]*LogFormat[[:space:]]+"[^"]*)%h([^"]*")/\1%a\2/g' '{}' +
|
|
|
|
RUN cp ${PHP_INI_DIR}/php.ini-production ${PHP_INI_DIR}/php.ini
|
|
|
|
# install TYPO3 surf
|
|
# RUN mkdir /usr/local/surf && \
|
|
# curl -L https://github.com/TYPO3/Surf/releases/download/3.4.6/surf.phar -o /usr/local/surf/surf.phar && \
|
|
# chmod +x /usr/local/surf/surf.phar && \
|
|
# ln -s /usr/local/surf/surf.phar /usr/local/bin/surf
|
|
|
|
# install TYPO3
|
|
RUN tar -xzf /tmp/download.tar.gz -C /var/www/ && \
|
|
rm /tmp/download*
|
|
|
|
RUN cd /var/www/html && \
|
|
ln -s ../typo3_src-* typo3_src && \
|
|
ln -s typo3_src/index.php && \
|
|
ln -s typo3_src/typo3
|
|
|
|
RUN chown -R $APACHE_RUN_USER:$APACHE_RUN_USER /var/www/html && \
|
|
chown -R $APACHE_RUN_USER:$APACHE_RUN_USER /var/www/typo3_src-* && \
|
|
chown -R root:root /etc/apache2/sites-enabled
|
|
|
|
RUN { \
|
|
echo "ServerSignature Off"; \
|
|
echo "ServerTokens Prod"; \
|
|
} >> /etc/apache2/apache2.conf
|
|
|
|
VOLUME /var/www |