Skip to content

Commit aaed7d1

Browse files
Tob1asTob1as
committed
DHI PHP-FPM WSC
DHI (Docker Hardened Images) with PHP-FPM for WSC
1 parent 65300a9 commit aaed7d1

File tree

2 files changed

+232
-18
lines changed

2 files changed

+232
-18
lines changed

dhi.alpine.fpm.wsc.Dockerfile

Lines changed: 187 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,187 @@
1+
# build: docker build --no-cache --progress=plain --build-arg PHP_VERSION=8.4 -t docker.io/tobi312/php:8.4-dhi-fpm-alpine-wsc -f dhi.alpine.fpm.wsc.Dockerfile .
2+
# check: docker run --rm --name phptest -it docker.io/tobi312/php:8.4-dhi-fpm-alpine-wsc -m
3+
# https://hub.docker.com/hardened-images/catalog/dhi/php | short: https://dhi.io/catalog/php
4+
# https://github.com/docker-hardened-images/catalog
5+
ARG PHP_VERSION=8.4
6+
ARG BUILD_PHP_VERSION=${PHP_VERSION}
7+
ARG BUILD_OS=alpine3.22
8+
# =========================
9+
# Stage 0: Build Base Image
10+
# =========================
11+
FROM dhi.io/php:${BUILD_PHP_VERSION}${BUILD_OS:+-${BUILD_OS}}-dev AS dev
12+
ARG BUILD_PHP_VERSION
13+
14+
# =========================
15+
# Stage 1: Build Extensions
16+
# =========================
17+
FROM dev AS builder
18+
ARG BUILD_PHP_VERSION
19+
20+
WORKDIR /tmp
21+
22+
# Install required system libraries for building PHP extensions
23+
RUN apk add --no-cache \
24+
git \
25+
unzip \
26+
autoconf \
27+
build-base \
28+
linux-headers \
29+
libjpeg-turbo-dev \
30+
libpng-dev \
31+
libwebp-dev \
32+
libxpm-dev \
33+
freetype-dev \
34+
icu-dev \
35+
openldap-dev \
36+
gmp-dev \
37+
imagemagick-dev
38+
39+
# =========================
40+
# Core PHP Extensions
41+
# =========================
42+
43+
# gd
44+
RUN cd $PHP_SRC_DIR/ext/gd \
45+
&& phpize \
46+
&& ./configure --with-webp --with-jpeg --with-xpm --with-freetype \
47+
&& make -j$(nproc) \
48+
&& make install
49+
50+
# pdo_mysql
51+
RUN cd $PHP_SRC_DIR/ext/pdo_mysql \
52+
&& phpize \
53+
&& ./configure \
54+
&& make -j$(nproc) \
55+
&& make install
56+
57+
# ldap
58+
RUN cd $PHP_SRC_DIR/ext/ldap \
59+
&& phpize \
60+
&& ./configure --with-ldap \
61+
&& make -j$(nproc) \
62+
&& make install
63+
64+
# gmp
65+
RUN cd $PHP_SRC_DIR/ext/gmp \
66+
&& phpize \
67+
&& ./configure \
68+
&& make -j$(nproc) \
69+
&& make install
70+
71+
# exif
72+
RUN cd $PHP_SRC_DIR/ext/exif \
73+
&& phpize \
74+
&& ./configure \
75+
&& make -j$(nproc) \
76+
&& make install
77+
78+
# =========================
79+
# PECL Extensions
80+
# =========================
81+
WORKDIR /tmp
82+
83+
# Redis
84+
RUN pecl download redis \
85+
&& tar xzf redis-*.tgz \
86+
&& rm redis-*.tgz \
87+
&& cd redis-* \
88+
&& phpize \
89+
&& ./configure \
90+
&& make -j$(nproc) \
91+
&& make install \
92+
&& cd ..
93+
94+
## Imagick
95+
RUN pecl download imagick \
96+
&& tar xzf imagick-*.tgz \
97+
&& rm imagick-*.tgz \
98+
&& cd imagick-* \
99+
&& phpize \
100+
&& ./configure \
101+
&& make -j$(nproc) \
102+
&& make install \
103+
&& cd ..
104+
105+
# Enable all extensions
106+
RUN echo "" \
107+
&& echo "extension=gd.so" > $PHP_INI_DIR/conf.d/gd.ini \
108+
&& echo "extension=pdo_mysql.so" > $PHP_INI_DIR/conf.d/pdo_mysql.ini \
109+
&& echo "extension=ldap.so" > $PHP_INI_DIR/conf.d/ldap.ini \
110+
&& echo "extension=gmp.so" > $PHP_INI_DIR/conf.d/gmp.ini \
111+
&& echo "extension=exif.so" > $PHP_INI_DIR/conf.d/exif.ini \
112+
&& echo "extension=redis.so" > $PHP_INI_DIR/conf.d/redis.ini \
113+
&& echo "extension=imagick.so" > $PHP_INI_DIR/conf.d/imagick.ini \
114+
&& echo ""
115+
116+
## create symlinks
117+
#RUN ls -lah ${PHP_PREFIX}/lib/php/extensions/no-debug-non-zts-20240924/ \
118+
# && mkdir -p /usr/local/lib/php \
119+
# && ln -s $(php -r "echo ini_get('extension_dir');") /usr/local/lib/php/extensions \
120+
# && ls -lah $PHP_INI_DIR/conf.d/ \
121+
# && ln -s $PHP_INI_DIR/conf.d /usr/local/lib/php/conf.d
122+
123+
# =========================
124+
# Stage 2: Package extractor
125+
# =========================
126+
# more see: https://github.com/Tob1as/docker-build-example/blob/main/distroless.debian.Dockerfile#L54-L100
127+
FROM dev AS apk-extractor
128+
129+
WORKDIR /tmp
130+
SHELL ["/bin/sh", "-o", "pipefail", "-c"]
131+
132+
# List of packages for download separated by spaces. (Helpful: https://pkgs.alpinelinux.org/contents)
133+
ENV PACKAGE_LIST_LDAP='libldap libsasl'
134+
ENV PACKAGE_LIST_GD="gmp libpng libwebp libjpeg-turbo freetype libsharpyuv libxpm libx11 libbz2 libxcb libxau libxdmcp libbsd libmd"
135+
ENV PACKAGE_LIST_IMAGICK="libgomp imagemagick-libs lcms2 fftw-double-libs fontconfig libxext libltdl libexpat"
136+
ENV PACKAGE_LIST="${PACKAGE_LIST_LDAP} ${PACKAGE_LIST_GD} ${PACKAGE_LIST_IMAGICK}"
137+
138+
# hadolint ignore=DL3008,DL3015,SC2086
139+
RUN \
140+
#apk fetch --no-cache --recursive $PACKAGE_LIST && \
141+
apk fetch --no-cache $PACKAGE_LIST && \
142+
mkdir -p /apkroot && \
143+
for pkg in *.apk; do \
144+
tar -xzf "$pkg" -C /apkroot; \
145+
done && \
146+
echo "Packages have been processed !"
147+
148+
# List directory and file structure
149+
#RUN tree /apkroot
150+
151+
# Remove unnecessary files extracted from apk packages like man pages and docs etc.
152+
#RUN rm -rf \
153+
# /apkroot/usr/share/man \
154+
# /apkroot/usr/share/doc \
155+
# /apkroot/usr/share/info
156+
157+
# Remove other not needed folder and files ?
158+
RUN find /apkroot -mindepth 1 \
159+
! -path '/apkroot/usr' \
160+
! -path '/apkroot/usr/lib' \
161+
! -path '/apkroot/usr/lib/*' \
162+
-exec rm -rf {} +
163+
164+
# List directory and file structure
165+
RUN tree /apkroot
166+
167+
# =========================
168+
# Stage 3: DHI FPM Image
169+
# =========================
170+
FROM dhi.io/php:${BUILD_PHP_VERSION}${BUILD_OS:+-${BUILD_OS}}-fpm AS production
171+
ARG BUILD_PHP_VERSION
172+
#ARG BUILD_OS
173+
ARG VCS_REF
174+
ARG BUILD_DATE
175+
LABEL org.opencontainers.image.authors="Tobias Hargesheimer <docker@ison.ws>" \
176+
org.opencontainers.image.title="DHI PHP-FPM for WSC" \
177+
org.opencontainers.image.description="DHI (Docker Hardened Images): Alpine with PHP-FPM ${BUILD_PHP_VERSION} for WSC (WoltLab Suite Core)" \
178+
org.opencontainers.image.created="${BUILD_DATE}" \
179+
org.opencontainers.image.revision="${VCS_REF}" \
180+
org.opencontainers.image.licenses="Apache-2.0" \
181+
org.opencontainers.image.url="https://hub.docker.com/r/tobi312/php" \
182+
org.opencontainers.image.source="https://github.com/Tob1as/docker-php"
183+
# Copy php extensions
184+
COPY --from=builder ${PHP_PREFIX}/lib/php/extensions/ ${PHP_PREFIX}/lib/php/extensions/
185+
COPY --from=builder ${PHP_PREFIX}/etc/php/conf.d ${PHP_PREFIX}/etc/php/conf.d
186+
# Copy the libraries from the extractor stage into root
187+
COPY --from=apk-extractor /apkroot /

dhi.debian.fpm.wsc.Dockerfile

Lines changed: 45 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -5,10 +5,16 @@
55
ARG PHP_VERSION=8.4
66
ARG BUILD_PHP_VERSION=${PHP_VERSION}
77
ARG BUILD_OS=debian13
8+
# =========================
9+
# Stage 0: Build Base Image
10+
# =========================
11+
FROM dhi.io/php:${BUILD_PHP_VERSION}${BUILD_OS:+-${BUILD_OS}}-dev AS dev
12+
ARG BUILD_PHP_VERSION
13+
814
# =========================
915
# Stage 1: Build Extensions
1016
# =========================
11-
FROM dhi.io/php:${BUILD_PHP_VERSION}${BUILD_OS:+-${BUILD_OS}}-dev AS builder
17+
FROM dev AS builder
1218
ARG BUILD_PHP_VERSION
1319

1420
WORKDIR /tmp
@@ -87,15 +93,15 @@ RUN pecl download redis \
8793
&& cd ..
8894

8995
## Imagick
90-
#RUN pecl download imagick \
91-
# && tar xzf imagick-*.tgz \
92-
# && rm imagick-*.tgz \
93-
# && cd imagick-* \
94-
# && phpize \
95-
# && ./configure \
96-
# && make -j$(nproc) \
97-
# && make install \
98-
# && cd ..
96+
RUN pecl download imagick \
97+
&& tar xzf imagick-*.tgz \
98+
&& rm imagick-*.tgz \
99+
&& cd imagick-* \
100+
&& phpize \
101+
&& ./configure \
102+
&& make -j$(nproc) \
103+
&& make install \
104+
&& cd ..
99105

100106
# Enable all extensions
101107
RUN echo "" \
@@ -105,7 +111,7 @@ RUN echo "" \
105111
&& echo "extension=gmp.so" > $PHP_INI_DIR/conf.d/gmp.ini \
106112
&& echo "extension=exif.so" > $PHP_INI_DIR/conf.d/exif.ini \
107113
&& echo "extension=redis.so" > $PHP_INI_DIR/conf.d/redis.ini \
108-
#&& echo "extension=imagick.so" > $PHP_INI_DIR/conf.d/imagick.ini \
114+
&& echo "extension=imagick.so" > $PHP_INI_DIR/conf.d/imagick.ini \
109115
&& echo ""
110116

111117
## create symlinks
@@ -119,13 +125,15 @@ RUN echo "" \
119125
# Stage 2: Package extractor
120126
# =========================
121127
# more see: https://github.com/Tob1as/docker-build-example/blob/main/distroless.debian.Dockerfile#L54-L100
122-
FROM dhi.io/php:${BUILD_PHP_VERSION}${BUILD_OS:+-${BUILD_OS}}-dev AS deb-extractor
128+
FROM dev AS deb-extractor
123129

124130
WORKDIR /tmp
125131
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
126132

127133
# List of packages for download separated by spaces.
128-
ENV PACKAGE_LIST='libpng16-16t64 libwebp7 libjpeg62-turbo libxpm4 libfreetype6 libbz2-1.0 libsharpyuv0 libx11-6 libxau6 libxcb1 libxdmcp6'
134+
ENV PACKAGE_LIST_GD='libpng16-16t64 libwebp7 libjpeg62-turbo libxpm4 libfreetype6 libbz2-1.0 libsharpyuv0 libx11-6 libxau6 libxcb1 libxdmcp6'
135+
ENV PACKAGE_LIST_IMAGICK="libgomp1 imagemagick-7-common libmagickcore-7.q16-10 libmagickcore-7.q16-10-extra libmagickwand-7.q16-10 liblcms2-2 liblqr-1-0 libfftw3-double3 libfontconfig1 libxext6 libltdl7 libglib2.0-0t64 libexpat1 libatomic1"
136+
ENV PACKAGE_LIST="${PACKAGE_LIST_GD} ${PACKAGE_LIST_IMAGICK}"
129137

130138
# hadolint ignore=DL3008,DL3015,SC2086
131139
RUN \
@@ -154,19 +162,38 @@ RUN \
154162
&& \
155163
echo "Packages have been processed !"
156164

157-
# Remove unnecessary files extracted from deb packages like man pages and docs etc.
158-
RUN find /dpkg/ -type d -empty -delete && \
159-
rm -r /dpkg/usr/share/doc/
160-
161165
# List directory and file structure
162166
#RUN tree /dpkg
163167

168+
# Remove empty folder
169+
RUN find /dpkg/ -type d -empty -delete
170+
171+
# Remove other not needed folder and files ?
172+
RUN find /dpkg -mindepth 1 \
173+
! -path '/dpkg/usr' \
174+
! -path '/dpkg/usr/lib' \
175+
! -path '/dpkg/usr/lib/*' \
176+
-exec rm -rf {} +
177+
178+
# List directory and file structure
179+
RUN tree /dpkg
180+
164181
# =========================
165182
# Stage 3: DHI FPM Image
166183
# =========================
167184
FROM dhi.io/php:${BUILD_PHP_VERSION}${BUILD_OS:+-${BUILD_OS}}-fpm AS production
168185
ARG BUILD_PHP_VERSION
169-
LABEL org.opencontainers.image.source="https://github.com/Tob1as/docker-php"
186+
#ARG BUILD_OS
187+
ARG VCS_REF
188+
ARG BUILD_DATE
189+
LABEL org.opencontainers.image.authors="Tobias Hargesheimer <docker@ison.ws>" \
190+
org.opencontainers.image.title="DHI PHP-FPM for WSC" \
191+
org.opencontainers.image.description="DHI (Docker Hardened Images): Debian with PHP-FPM ${BUILD_PHP_VERSION} for WSC (WoltLab Suite Core)" \
192+
org.opencontainers.image.created="${BUILD_DATE}" \
193+
org.opencontainers.image.revision="${VCS_REF}" \
194+
org.opencontainers.image.licenses="Apache-2.0" \
195+
org.opencontainers.image.url="https://hub.docker.com/r/tobi312/php" \
196+
org.opencontainers.image.source="https://github.com/Tob1as/docker-php"
170197
# Copy php extensions
171198
COPY --from=builder ${PHP_PREFIX}/lib/php/extensions/ ${PHP_PREFIX}/lib/php/extensions/
172199
COPY --from=builder ${PHP_PREFIX}/etc/php/conf.d ${PHP_PREFIX}/etc/php/conf.d

0 commit comments

Comments
 (0)