diff --git a/CHANGELOG.md b/CHANGELOG.md index 6ba16e6..4875be2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,13 @@ Summary of release changes. +### 2.2.1 - 2019-07-28 + +- Updates php-hello-world to [0.13.0](https://github.com/jdeathe/php-hello-world/releases/tag/0.13.0). +- Updates screenshots in README. +- Adds setting PHP `date.timezone` to `PHP_OPTIONS_DATE_TIMEZONE` into service configuration; removes dependency on app package configuration. +- Adds session PHP settings into service configuration; removes dependency on app package configuration. + ### 2.2.0 - 2019-07-20 - Updates source image to [2.6.0](https://github.com/jdeathe/centos-ssh/releases/tag/2.6.0). diff --git a/Dockerfile b/Dockerfile index 0e8dde7..28232cb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,8 +3,8 @@ FROM jdeathe/centos-ssh:2.6.0 # Use the form ([{fqdn}-]{package-name}|[{fqdn}-]{provider-name}) ARG PACKAGE_NAME="app" ARG PACKAGE_PATH="/opt/${PACKAGE_NAME}" -ARG PACKAGE_RELEASE_VERSION="0.12.0" -ARG RELEASE_VERSION="2.2.0" +ARG PACKAGE_RELEASE_VERSION="0.13.0" +ARG RELEASE_VERSION="2.2.1" # ------------------------------------------------------------------------------ # Base install of required packages @@ -47,9 +47,9 @@ ADD src / # - Disable Apache default fcgid configuration; replaced with 00-fcgid.conf # - Custom Apache configuration # - Disable all Apache modules and enable the minimum -# - Disable SSL # - Disable the default SSL Virtual Host -# - Global PHP configuration changes +# - Disable SSL +# - Add default PHP configuration overrides to 00-php.ini drop-in. # - Replace placeholders with values in systemd service unit template # - Set permissions # ------------------------------------------------------------------------------ @@ -163,15 +163,19 @@ RUN useradd -r -M -d /var/www/app -s /sbin/nologin app \ /etc/php.ini \ > /etc/php.d/00-php.ini.default \ && sed -r \ - -e 's~^;(user_ini.filename =)$~\1~g' \ - -e 's~^;(cgi.fix_pathinfo=1)$~\1~g' \ - -e 's~^;(date.timezone =)$~\1 UTC~g' \ - -e 's~^(expose_php = )On$~\1Off~g' \ - -e 's~^;(realpath_cache_size = ).*$~\14096k~' \ - -e 's~^;(realpath_cache_ttl = ).*$~\1600~' \ - -e 's~^;?(session.name = ).*$~\1"${PHP_OPTIONS_SESSION_NAME:-PHPSESSID}"~' \ - -e 's~^;?(session.save_handler = ).*$~\1"${PHP_OPTIONS_SESSION_SAVE_HANDLER:-files}"~' \ - -e 's~^;?(session.save_path = ).*$~\1"${PHP_OPTIONS_SESSION_SAVE_PATH:-/var/lib/php/session}"~' \ + -e 's~^;?(cgi.fix_pathinfo( )?=).*$~\1\21~g' \ + -e 's~^;?(date.timezone( )?=).*$~\1\2"${PHP_OPTIONS_DATE_TIMEZONE:-UTC}"~g' \ + -e 's~^;?(expose_php( )?=).*$~\1\2Off~g' \ + -e 's~^;?(realpath_cache_size( )?=).*$~\1\24096k~' \ + -e 's~^;?(realpath_cache_ttl( )?=).*$~\1\2600~' \ + -e 's~^;?(session.cookie_httponly( )?=).*$~\1\21~' \ + -e 's~^;?(session.name( )?=).*$~\1\2"${PHP_OPTIONS_SESSION_NAME:-PHPSESSID}"~' \ + -e 's~^;?(session.save_handler( )?=).*$~\1\2"${PHP_OPTIONS_SESSION_SAVE_HANDLER:-files}"~' \ + -e 's~^;?(session.save_path( )?=).*$~\1\2"${PHP_OPTIONS_SESSION_SAVE_PATH:-/var/lib/php/session}"~' \ + -e 's~^;?(session.sid_bits_per_character( )?=).*$~\1\25~' \ + -e 's~^;?(session.sid_length( )?=).*$~\1\264~' \ + -e 's~^;?(session.use_strict_mode( )?=).*$~\1\21~' \ + -e 's~^;?(user_ini.filename( )?=).*$~\1~g' \ /etc/php.d/00-php.ini.default \ > /etc/php.d/00-php.ini \ && sed \ @@ -211,9 +215,6 @@ RUN mkdir -p -m 750 ${PACKAGE_PATH} \ && mv \ ${PACKAGE_PATH}/public \ ${PACKAGE_PATH}/public_html \ - && rm -f \ - ${PACKAGE_PATH}/bin/php-wrapper \ - ${PACKAGE_PATH}/etc/httpd/conf.d/50-fcgid.conf \ && $(\ if [[ -f /usr/share/php-pecl-apc/apc.php ]]; then \ cp \ @@ -224,8 +225,7 @@ RUN mkdir -p -m 750 ${PACKAGE_PATH} \ && chown -R app:app-www ${PACKAGE_PATH} \ && find ${PACKAGE_PATH} -type d -exec chmod 750 {} + \ && find ${PACKAGE_PATH}/var -type d -exec chmod 770 {} + \ - && find ${PACKAGE_PATH} -type f -exec chmod 640 {} + \ - && find ${PACKAGE_PATH}/bin -type f -exec chmod 750 {} + + && find ${PACKAGE_PATH} -type f -exec chmod 640 {} + EXPOSE 80 443 8443 diff --git a/README.md b/README.md index ad03640..06577fe 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ ### Tags and respective `Dockerfile` links -- `centos-7`, `2.2.0` [(centos-7/Dockerfile)](https://github.com/jdeathe/centos-ssh-apache-php-fcgi/blob/centos-7/Dockerfile) -- `centos-6`, `1.13.0` [(centos-6/Dockerfile)](https://github.com/jdeathe/centos-ssh-apache-php-fcgi/blob/centos-6/Dockerfile) +- `centos-7`, `2.2.1` [(centos-7/Dockerfile)](https://github.com/jdeathe/centos-ssh-apache-php-fcgi/blob/centos-7/Dockerfile) +- `centos-6`, `1.13.1` [(centos-6/Dockerfile)](https://github.com/jdeathe/centos-ssh-apache-php-fcgi/blob/centos-6/Dockerfile) ## Overview @@ -25,12 +25,12 @@ $ docker run -d \ --name apache-php.1 \ -p 8080:80 \ -e "APACHE_SERVER_NAME=app-1.local" \ - jdeathe/centos-ssh-apache-php-fcgi:2.2.0 + jdeathe/centos-ssh-apache-php-fcgi:2.2.1 ``` Go to `http://{{docker-host}}:8080` using a browser where `{{docker-host}}` is the host name of your docker server and, if all went well, you should see the "Hello, world!" page. -![PHP "Hello, world!" - Chrome screenshot](https://raw.github.com/jdeathe/centos-ssh-apache-php-fcgi/centos-7/images/php-hello-world-chrome-fcgi.png) +![PHP "Hello, world!" - Chrome screenshot](https://raw.github.com/jdeathe/centos-ssh-apache-php-fcgi/centos-7/images/php-hello-world-chrome-v2.2.1.png) To be able to access the server using the "app-1.local" domain name you need to add a hosts file entry locally; such that the IP address of the Docker host resolves to the name "app-1.local". Alternatively, you can use the `elinks` browser installed in the container. @@ -41,7 +41,7 @@ $ docker exec -it apache-php.1 \ elinks http://app-1.local ``` -![PHP "Hello, world!" - eLinks screenshot](https://raw.github.com/jdeathe/centos-ssh-apache-php-fcgi/centos-7/images/php-hello-world-elinks-fcgi.png) +![PHP "Hello, world!" - eLinks screenshot](https://raw.github.com/jdeathe/centos-ssh-apache-php-fcgi/centos-7/images/php-hello-world-elinks-v2.2.1.png) Verify the named container's process status and health. @@ -90,7 +90,7 @@ $ docker stop apache-php.1 && \ --env "APACHE_SERVER_NAME=app-1.local" \ --env "APACHE_SSL_PROTOCOL=All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1" \ --env "PHP_OPTIONS_DATE_TIMEZONE=Europe/London" \ - jdeathe/centos-ssh-apache-php-fcgi:2.2.0 + jdeathe/centos-ssh-apache-php-fcgi:2.2.1 ``` #### Environment Variables @@ -204,7 +204,7 @@ $ docker stop apache-php.1 && \ --env "APACHE_SERVER_ALIAS=app-1" \ --env "APACHE_SERVER_NAME=app-1.local" \ --env "APACHE_MOD_SSL_ENABLED=true" \ - jdeathe/centos-ssh-apache-php-fcgi:2.2.0 + jdeathe/centos-ssh-apache-php-fcgi:2.2.1 ``` ##### APACHE_MPM diff --git a/images/php-hello-world-chrome-fcgi.png b/images/php-hello-world-chrome-fcgi.png deleted file mode 100644 index 8a96d5f..0000000 Binary files a/images/php-hello-world-chrome-fcgi.png and /dev/null differ diff --git a/images/php-hello-world-chrome-v2.2.1.png b/images/php-hello-world-chrome-v2.2.1.png new file mode 100644 index 0000000..b9d6a56 Binary files /dev/null and b/images/php-hello-world-chrome-v2.2.1.png differ diff --git a/images/php-hello-world-elinks-fcgi.png b/images/php-hello-world-elinks-fcgi.png deleted file mode 100644 index f8e42bf..0000000 Binary files a/images/php-hello-world-elinks-fcgi.png and /dev/null differ diff --git a/images/php-hello-world-elinks-v2.2.1.png b/images/php-hello-world-elinks-v2.2.1.png new file mode 100644 index 0000000..33e5f9f Binary files /dev/null and b/images/php-hello-world-elinks-v2.2.1.png differ diff --git a/src/usr/sbin/httpd-bootstrap b/src/usr/sbin/httpd-bootstrap index 889e684..8c71aea 100644 --- a/src/usr/sbin/httpd-bootstrap +++ b/src/usr/sbin/httpd-bootstrap @@ -1900,13 +1900,20 @@ function main () __enable_apache_modules )" - # Set ownership for fcgid php-wrapper and socket if necessary - if [[ -d /var/run/mod_fcgid ]] \ - && [[ -d ${package_path}/bin ]] + # Set ownership for fcgid socket + if [[ -d /var/run/mod_fcgid ]] then chown -R \ "${apache_run_user}":"${apache_run_group}" \ - {"${package_path}"/bin,/var/run/mod_fcgid} + /var/run/mod_fcgid + fi + + # Set ownership for any package binaries + if [[ -d ${package_path}/bin ]] + then + chown -R \ + "${apache_run_user}":"${apache_run_group}" \ + "${package_path}"/bin fi __init_datadir \