Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

PHP 5.3.10 and Apache 2.2.22 upgrade #4

Merged
merged 10 commits into from

4 participants

@tmaher

Motivated by some traffic on security@

  • Apache from 2.2.19 to 2.2.22
  • PHP from 5.3.6 to 5.3.10
  • fixed APC (it was built but not enabled)
  • added mcrypt module at compile-time
  • Cut "hello world" slug size from 22MB to 9.5MB (stripped debugging symbols; removed apache docs)
  • Stopped using per-app buildpack CACHE_DIR; should significantly reduce storage overhead
  • switched display_errors from On to Off

The last one is the only thing that I anticipate actually impacting the experience of PHP developers. In the current buildpack, display_errors is On. All errors are sent to stdout (read: the user's
browser). With display_errors Off, they only go into the system. This is normal production practice.

The build artifacts are already in place in the php-lp bucket. If you want to see an example of the new buildpack in action, check out

old: http://php-default-bp.herokuapp.com/
new: http://php-tmaher-bp.herokuapp.com/

@pedro pedro was assigned
@tmaher

Per conversation with @pedro , I cloned the FB PHP template app and tested it on my buildpack. It works fine - https://high-cloud-2320.herokuapp.com/

I'm now merging the pull request myself. I'll re-test with a new app once it's live to make sure I haven't broken FB provisioning.

@tmaher tmaher merged commit f902738 into heroku:master
@dinhkhanh

Hi there,
Could you give me detailed instruction?
I'm newbie and really need your help now.
I don't know how to use this. I'm building an app that need GD library. I'm a Windows' user.
How can I use this buildpack?

@winglian

@pedro Why was this merged in? It doesn't show the steps to recreate the binary so doesn't allow anyone who forks from this point to build a working binary. Also why was support for the cache removed?

@tmaher

@winglian - This was merged in to upgrade to PHP 5.3.10 and Apache 2.2.22, as well as flip the PHP config display_errors to off (general security best practice and minimizes error spew on the page being displayed).

For the build instructions - #3 (comment) but the conversation might be better tracked in #6 as part of the move to Vulcan

For the cache: It's a little tricky. Buildpack caches are intended to create app-specific persistent artifacts from build to build, and those artifacts for whatever reason don't belong in the git repo itself. For Ruby, you'd use this to have the build system pull in various Ruby gems the app uses and (if necessary) compile shared libraries. For PHP, an obvious use would be to pull in pear/pecl dependencies and stash them there. However, that wasn't how this buildpack was actually using it. Instead, what happened was that the build system was copying the PHP & Apache binaries from the S3 bucket and copying them into the cache, ostensibly to save itself the work from re-downloading them again out of S3. However, in between builds, the cache itself is archived into S3, and then fetched back to the build system. So, there was no actual efficiency improvement, and in fact it winds up creating a bunch of useless copies of the PHP & Apache binaries.

Now, it'd certainly make sense to add some sort of automatic pear/pecl extension fetching system (similar to Ruby's builder), and that'd totally make sense to use the cache. I think we'd welcome a pull request of that nature.

@barock19 barock19 referenced this pull request from a commit
Commit has since been removed from the repository and is no longer available.
@ryanbrainard ryanbrainard referenced this pull request from a commit
@ryanbrainard ryanbrainard Revert "merge pull request #4 into redis branch"
This reverts commit 60929fe, reversing
changes made to f902738.
9058d37
@gnovaro gnovaro referenced this pull request from a commit
Commit has since been removed from the repository and is no longer available.
@dzuelke dzuelke referenced this pull request from a commit
Commit has since been removed from the repository and is no longer available.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Mar 26, 2012
  1. @tmaher

    wip

    tmaher authored
  2. @tmaher

    more wip

    tmaher authored
  3. @tmaher
  4. @tmaher

    fix indent

    tmaher authored
  5. @tmaher

    up to the new version

    tmaher authored
  6. @tmaher

    wip

    tmaher authored
  7. @tmaher
  8. @tmaher

    enable apc

    tmaher authored
Commits on Mar 27, 2012
  1. @tmaher
  2. @tmaher

    remove orphan comment

    tmaher authored
This page is out of date. Refresh to see the latest.
Showing with 14 additions and 32 deletions.
  1. +10 −29 bin/compile
  2. +1 −1  conf/httpd.conf
  3. +3 −2 conf/php.ini
View
39 bin/compile
@@ -5,9 +5,9 @@
set -e
# config
-APACHE_VERSION="2.2.19"
+APACHE_VERSION="2.2.22"
APACHE_PATH="apache"
-PHP_VERSION="5.3.6"
+PHP_VERSION="5.3.10"
PHP_PATH="php"
BIN_DIR=$(dirname $0)
@@ -30,27 +30,13 @@ if [ -f www/Procfile ]; then
mv www/Procfile .
fi
-# unpack cache
-for DIR in $APACHE_PATH $PHP_PATH ; do
- rm -rf $DIR
- if [ -d $CACHE_DIR/$DIR ]; then
- cp -r $CACHE_DIR/$DIR $DIR
- fi
-done
-
-# install apache if needed
-if [ ! -d $APACHE_PATH ]; then
- APACHE_URL="https://s3.amazonaws.com/php-lp/apache-$APACHE_VERSION.tar.gz"
- echo "-----> Bundling Apache v$APACHE_VERSION"
- curl --silent --max-time 60 --location $APACHE_URL | tar xz
-fi
+APACHE_URL="https://s3.amazonaws.com/php-lp/apache-$APACHE_VERSION.tar.gz"
+echo "-----> Bundling Apache version $APACHE_VERSION"
+curl --silent --max-time 60 --location "$APACHE_URL" | tar xz
-# install php if needed
-if [ ! -d $PHP_PATH ]; then
- PHP_URL="https://s3.amazonaws.com/php-lp/php-$PHP_VERSION.tar.gz"
- echo "-----> Bundling PHP v$PHP_VERSION"
- curl --silent --max-time 60 --location $PHP_URL | tar xz
-fi
+PHP_URL="https://s3.amazonaws.com/php-lp/php-$PHP_VERSION.tar.gz"
+echo "-----> Bundling PHP version $PHP_VERSION"
+curl --silent --max-time 60 --location "$PHP_URL" | tar xz
# update config files
cp $LP_DIR/conf/httpd.conf $APACHE_PATH/conf
@@ -61,7 +47,6 @@ mkdir -p bin
ln -s /app/php/bin/php bin/php
cat >>boot.sh <<EOF
-sed -i 's/Listen 80/Listen '\$PORT'/' /app/apache/conf/httpd.conf
for var in \`env|cut -f1 -d=\`; do
echo "PassEnv \$var" >> /app/apache/conf/httpd.conf;
done
@@ -77,9 +62,5 @@ EOF
chmod +x boot.sh
-# repack cache
-mkdir -p $CACHE_DIR
-for DIR in $APACHE_PATH $PHP_PATH ; do
- rm -rf $CACHE_DIR/$DIR
- cp -R $DIR $CACHE_DIR/$DIR
-done
+# clean the cache
+rm -rf $CACHE_DIR/*
View
2  conf/httpd.conf
@@ -37,7 +37,7 @@ ServerRoot "/app/apache/"
# prevent Apache from glomming onto all bound IP addresses.
#
#Listen 12.34.56.78:80
-Listen 80
+Listen ${PORT}
ServerLimit 1
MaxClients 1
View
5 conf/php.ini
@@ -528,7 +528,7 @@ error_reporting = E_ALL & ~E_NOTICE
; Development Value: On
; Production Value: Off
; http://php.net/display-errors
-display_errors = On
+display_errors = Off
; The display of errors which occur during PHP's startup sequence are handled
; separately from display_errors. PHP's default behavior is to suppress those
@@ -945,6 +945,7 @@ default_socket_timeout = 60
; Be sure to appropriately set the extension_dir directive.
;
extension=soap.so
+extension=apc.so
;extension=php_bz2.dll
;extension=php_curl.dll
;extension=php_fileinfo.dll
@@ -994,7 +995,7 @@ extension=soap.so
[Date]
; Defines the default timezone used by the date functions
; http://php.net/date.timezone
-;date.timezone =
+date.timezone = UTC
; http://php.net/date.default-latitude
;date.default_latitude = 31.7667
Something went wrong with that request. Please try again.