Enable remoteip mod for Apache

php-apache/Dockerfile

@@ -13,5 +13,7 @@ ENV COMPOSER_VERSION 1.9.1
 # https://github.com/wimg/PHPCompatibility/releases
 ENV PHP_COMPATIBILITY_VERSION 9.3.4
 
-COPY . /tmp/.
+COPY tmp /tmp
 RUN /tmp/build.sh
+
+COPY apache2 /etc/apache2

php-apache/VERSION

@@ -1 +1 @@
-7.3.12
+7.3.12c

php-apache/apache2/conf-available/xfrocks.conf

@@ -0,0 +1,11 @@
+ServerAdmin webmaster@localhost
+DocumentRoot /var/www/html
+
+ErrorLog ${APACHE_LOG_DIR}/error.log
+CustomLog ${APACHE_LOG_DIR}/access.log combined
+
+RemoteIPHeader X-Forwarded-For
+# https://tools.ietf.org/html/rfc1918#section-3
+RemoteIPTrustedProxy 10.0.0.0/8
+RemoteIPTrustedProxy 172.16.0.0/12
+RemoteIPTrustedProxy 192.168.0.0/16

php-apache/apache2/sites-available/000-default.conf

@@ -0,0 +1,3 @@
+<VirtualHost *:80>
+  Include conf-available/xfrocks.conf
+</VirtualHost>

php-apache/apache2/sites-available/default-ssl.conf

@@ -0,0 +1,7 @@
+<VirtualHost _default_:443>
+  Include conf-available/xfrocks.conf
+
+  SSLEngine on
+  SSLCertificateFile  /etc/ssl/certs/ssl-cert-snakeoil.pem
+  SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
+</VirtualHost>

php-apache/build_apache.sh → php-apache/tmp/build_apache.sh

@@ -8,14 +8,17 @@ curl -Lo /tmp/PHPCompatibility.tar.gz "https://github.com/wimg/PHPCompatibility/
 tar -xzf /tmp/PHPCompatibility.tar.gz -C /usr/local/share/
 phpcs --config-set installed_paths "/usr/local/share/PHPCompatibility-${PHP_COMPATIBILITY_VERSION}"
 
+# remote ip (`X-Forwarded-For` header etc.)
+a2enmod remoteip
+
 # tls
 openssl req \
   -days 365 \
   -keyout /etc/ssl/private/ssl-cert-snakeoil.key \
   -newkey rsa:4096 \
   -nodes \
   -out /etc/ssl/certs/ssl-cert-snakeoil.pem \
-  -subj "/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=php-apache.docker" \
+  -subj "/C=VN/ST=Hanoi/O=xfrocks/CN=php-apache" \
   -x509
 a2enmod ssl
 a2ensite default-ssl