From 44a2684085bb700b59989f1a83e0a0f5d46f12c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20=22KPTN=22=20OUDOT?= Date: Mon, 30 Dec 2024 16:16:32 +0100 Subject: [PATCH] Upgrade Docker image (#202) * Use packaging work done in Self Service Password to rewrite Dockerfile * Update packaging instructions * Add instructions to run Docker image * Docker Alpine image --- Dockerfile.alpine | 1 + README.md | 28 ++ packaging/README.md | 34 ++- packaging/docker/Dockerfile | 182 +++++++++--- packaging/docker/Dockerfile.alpine | 281 ++++++++++++++++++ .../docker/apache2.alpine/service-desk.conf | 27 ++ packaging/docker/entrypoint.sh | 17 ++ packaging/docker/install | 62 ++++ 8 files changed, 592 insertions(+), 40 deletions(-) create mode 120000 Dockerfile.alpine create mode 100644 packaging/docker/Dockerfile.alpine create mode 100644 packaging/docker/apache2.alpine/service-desk.conf create mode 100755 packaging/docker/entrypoint.sh create mode 100755 packaging/docker/install diff --git a/Dockerfile.alpine b/Dockerfile.alpine new file mode 120000 index 00000000..950d63ad --- /dev/null +++ b/Dockerfile.alpine @@ -0,0 +1 @@ +packaging/docker/Dockerfile.alpine \ No newline at end of file diff --git a/README.md b/README.md index 5e813afa..d0522e69 100644 --- a/README.md +++ b/README.md @@ -10,3 +10,31 @@ See [list of features](https://service-desk.readthedocs.io/en/stable/presentatio ![Screenshot](https://raw.githubusercontent.com/ltb-project/service-desk/master/ltb_sd_screenshot.jpg) :exclamation: With great power comes great responsibility: this application allows to reset password of any user, you must protect it and allow access only to trusted users. + +## Documentation + +Documentation is available on https://service-desk.readthedocs.io/en/latest/ + +## Docker + +We provide an [official Docker image](https://hub.docker.com/r/ltbproject/service-desk). + +Create a minimal configuration file: +``` +vi sd.conf.php +``` +```php + +``` + +And run: +``` +docker run -p 80:80 \ + -v $PWD/sd.conf.php:/var/www/conf/config.inc.local.php \ + -it docker.io/ltbproject/service-desk:latest +``` diff --git a/packaging/README.md b/packaging/README.md index 13170741..7d6ad32a 100644 --- a/packaging/README.md +++ b/packaging/README.md @@ -103,8 +103,38 @@ rpm --addsign RPMS/noarch/service-desk* ## 4 - Docker -From current directory, do: +Pre-requisites: + +* docker / podman +* if docker: a version with buildkit (included by default in Docker Engine + as of version 23.0, but can be enabled in previous versions with + DOCKER_BUILDKIT=1 in build command line) + +From "packaging" directory, do: + +``` +DOCKER_BUILDKIT=1 docker build -t service-desk -f ./docker/Dockerfile ../ +``` + +You can also build with podman: + +``` +podman build --no-cache -t service-desk -f ./docker/Dockerfile ../ +``` + +For Alpine linux image : + +``` +DOCKER_BUILDKIT=1 docker build -t service-desk-alpine -f ./docker/Dockerfile.alpine ../ +``` + +Tag the defautl and alpine images with the major and minor version, for example: ``` -docker build -t service-desk -f ./docker/Dockerfile ../ +docker tag service-desk:latest ltbproject/service-desk:1.6.1 +docker tag service-desk:latest ltbproject/service-desk:1.6 +docker tag service-desk:latest ltbproject/service-desk:latest +docker tag service-desk-alpine:latest ltbproject/service-desk:alpine-1.6.1 +docker tag service-desk-alpine:latest ltbproject/service-desk:alpine-1.6 +docker tag service-desk-alpine:latest ltbproject/service-desk:alpine-latest ``` diff --git a/packaging/docker/Dockerfile b/packaging/docker/Dockerfile index 6398aa42..061f24ef 100644 --- a/packaging/docker/Dockerfile +++ b/packaging/docker/Dockerfile @@ -1,43 +1,149 @@ -FROM php:8.1-apache -# Install PHP extensions and PECL modules. -ENV BUILDDEP=" \ - libbz2-dev \ - libsasl2-dev \ - libonig-dev \ - git \ - zip \ +ARG VERSION=latest + +ARG SMARTY_VERSION=4.4.1 +ARG SMARTY_URL=https://github.com/smarty-php/smarty/archive/refs/tags/v${SMARTY_VERSION}.tar.gz + +ARG COMPOSER_VERSION=lts +ARG COMPOSER_IMAGE=composer/composer:${COMPOSER_VERSION}-bin + +ARG BASE_IMAGE=php:8.3-apache + +FROM ${COMPOSER_IMAGE} AS composer +FROM ${BASE_IMAGE} AS base + +ARG MIRROR= +ARG DEBIAN_MIRROR=${MIRROR:+${MIRROR}/debian} + +RUN [ -z "${DEBIAN_MIRROR}" ] || \ + sed -e "s#https\?://\(:\?\(:\?deb\)\|\(:\?security\)\)\.debian\.org/debian#${DEBIAN_MIRROR}#g" \ + -i \ + $([ -e "/etc/apt/sources.list.d/debian.sources" ] && \ + echo -n /etc/apt/sources.list.d/debian.sources || \ + echo -n /etc/apt/sources.list) + +ARG RUNTIME_DEPS=" \ + locales \ + locales-all \ " -RUN buildDeps="${BUILDDEP}" \ - runtimeDeps=" \ +RUN --mount=type=cache,target=/var/lib/apt/lists \ + set -ex; \ + \ + apt-get update; \ + apt-get install -y --no-install-recommends ${RUNTIME_DEPS}; \ + :; + +ARG LC_CTYPE=en_US.UTF-8 +ENV LC_CTYPE=${LC_CTYPE} + +ARG ADD_LOCALE_GEN="en_US.UTF-8 UTF-8" +RUN [ -z "$ADD_LOCALE_GEN" ] || \ + grep -x "$ADD_LOCALE_GEN" /etc/locale.gen || \ + { echo "$ADD_LOCALE_GEN" >> /etc/locale.gen && /usr/sbin/locale-gen; } + +ARG BUILD_DEPS=" \ + libbz2-dev \ libicu-dev \ - libldap-common \ + libfreetype6-dev \ + libpng-dev \ + libjpeg62-turbo-dev \ + libwebp-dev \ libldap2-dev \ - libzip-dev \ - locales \ - locales-all \ - " \ - && apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y $buildDeps $runtimeDeps \ - && docker-php-ext-install bcmath bz2 iconv intl opcache \ - && docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu/ \ - && docker-php-ext-install ldap \ - && echo en_US.UTF-8 UTF-8 >/etc/locale.gen \ - && /usr/sbin/locale-gen \ - && a2enmod rewrite -RUN mkdir -p /usr/share/php/smarty4/ && \ - curl -Lqs https://github.com/smarty-php/smarty/archive/v4.2.0.tar.gz | \ - tar xzf - -C /usr/share/php/smarty4/ --strip-components=2 -RUN mv "$PHP_INI_DIR/php.ini-production" "$PHP_INI_DIR/php.ini" -COPY . /var/www -RUN rmdir /var/www/html && \ - mv /var/www/htdocs /var/www/html && \ - mkdir -p /var/www/templates_c && \ - chown -R www-data: /var/www/templates_c && \ - sed -i 's/smarty3/smarty4/' /var/www/conf/config.inc.php -COPY --from=composer/composer:latest-bin /composer /usr/bin/composer -RUN cd /var/www && /usr/bin/composer install -RUN buildDeps="${BUILDDEP}" \ - && apt-get purge -y --auto-remove $buildDeps \ - && rm -r /var/lib/apt/lists/* -ENV LC_CTYPE=en_US.UTF-8 + " +RUN --mount=type=cache,target=/var/lib/apt/lists \ + set -ex; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + \ + apt-get update; \ + apt-get install -y --no-install-recommends ${BUILD_DEPS}; \ + \ + docker-php-source extract; \ + docker-php-ext-configure gd --with-freetype --with-jpeg --with-webp; \ + docker-php-ext-configure ldap --with-libdir=lib/$(uname -m)-linux-gnu/; \ + docker-php-ext-install -j "$(nproc)" \ + bcmath \ + bz2 \ + intl \ + opcache \ + ldap \ + gd \ + ; \ + docker-php-source delete; \ + a2enmod rewrite; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + apt-mark manual $savedAptMark; \ + ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ + | awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); print so }' \ + | sort -u \ + | xargs -r dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | xargs -rt apt-mark manual; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + apt-get purge -y linux-libc-dev gcc-12 cpp-12; \ + ln -s "$PHP_INI_DIR/php.ini-production" "$PHP_INI_DIR/php.ini"; \ + :; + +FROM base AS build + +WORKDIR /build + +ARG SMARTY_VERSION +ARG SMARTY_URL +ARG COMPOSER_IMAGE + +COPY --from=composer /composer /usr/bin/composer + +ADD $SMARTY_URL ./ +RUN set -ex; \ + \ + SMARTY_DIR=/usr/share/php/smarty${SMARTY_VERSION%%.*}; \ + install --owner www-data --group www-data --directory -D "/rootfs${SMARTY_DIR}"; \ + tar xzf *.tar.gz -C "/rootfs${SMARTY_DIR}" --strip-components=2 --verbose --owner www-data --group www-data; + +RUN set -ex; \ + \ + apt-get update; \ + apt-get install -y --no-install-recommends git unzip; + +ARG INSTALL_PATHS= +ARG EXCLUDE_PATHS= + +WORKDIR /build/ssp +RUN --mount=type=cache,target=/root/.composer \ + --mount=type=bind,target=/build/ssp,rw \ + packaging/docker/install; \ + find /etc/apache2/sites-available/ -type f -name \*.conf -exec install -p -m 644 -D {} /rootfs{} \; ; \ + sed -e "s#/var/www/html#/var/www/htdocs#g" -i /rootfs/etc/apache2/sites-available/*; \ + :; + +FROM base + +ARG VERSION +ARG BASE_IMAGE + +LABEL org.opencontainers.image.authors='LTB-project.org, ltb-dev@ow2.org' \ + org.opencontainers.image.base.name="${BASE_IMAGE}" \ + org.opencontainers.image.description='Service Desk is a web application to edit LDAP account passwords and status for administrators and support teams' \ + org.opencontainers.image.url='https://ltb-project.org/documentation/service-desk.html' \ + org.opencontainers.image.ref.name='service-desk' \ + org.opencontainers.image.documentation='https://service-desk.readthedocs.io/' \ + org.opencontainers.image.title='service-desk docker image' \ + org.opencontainers.image.source='https://github.com/ltb-project/service-desk/' \ + org.opencontainers.image.vendor='LTB-project.org' \ + org.opencontainers.image.version="${VERSION}" \ + org.opencontainers.image.licenses='GPL-2+' + +COPY --from=build /rootfs / + +WORKDIR /var/www/htdocs + +VOLUME [ "/var/www/templates_c", "/var/www/conf", "/var/www/cache" ] + EXPOSE 80 +ENTRYPOINT [ "/entrypoint.sh" ] +CMD [ "apache2-foreground" ] diff --git a/packaging/docker/Dockerfile.alpine b/packaging/docker/Dockerfile.alpine new file mode 100644 index 00000000..0393c2b8 --- /dev/null +++ b/packaging/docker/Dockerfile.alpine @@ -0,0 +1,281 @@ +ARG VERSION=latest + +ARG SMARTY_VERSION=4.4.1 +ARG SMARTY_URL=https://github.com/smarty-php/smarty/archive/refs/tags/v${SMARTY_VERSION}.tar.gz + +ARG COMPOSER_VERSION=lts +ARG COMPOSER_IMAGE=composer/composer:${COMPOSER_VERSION}-bin + +ARG ALPINE_VERSION=3.20 +ARG PHP_VERSION=8.2 + +ARG PHP_IMAGE=php:${PHP_VERSION}-alpine${ALPINE_VERSION} +ARG BASE_IMAGE=httpd:alpine${ALPINE_VERSION} +# ARG BASE_IMAGE=alpine:${ALPINE_VERSION} + +FROM ${COMPOSER_IMAGE} AS composer + +FROM ${PHP_IMAGE} AS php + +RUN install -m 644 -D /usr/src/php.tar.xz /rootfs/usr/src/php.tar.xz +RUN for f in \ + docker-php-source \ + docker-php-ext-install \ + docker-php-ext-enable \ + docker-php-ext-configure \ + ; do \ + install -m 755 -D /usr/local/bin/$f /rootfs/usr/local/bin/$f; \ + done + +FROM ${BASE_IMAGE} AS base + +ARG MIRROR= +ARG ALPINE_MIRROR=${MIRROR:+${MIRROR}/alpine} + +RUN [ -z "${ALPINE_MIRROR}" ] || \ + sed -e "s#https\?://dl\-cdn\.alpinelinux\.org/alpine#${ALPINE_MIRROR}#g" \ + -i /etc/apk/repositories + +# dependencies required for running "phpize" +# these get automatically installed and removed by "docker-php-ext-*" (unless they're already installed) +ENV PHPIZE_DEPS=" \ + autoconf \ + dpkg-dev dpkg \ + file \ + g++ \ + gcc \ + libc-dev \ + make \ + pkgconf \ + re2c \ + " + +# persistent / runtime deps +RUN --mount=type=cache,target=/var/cache/apk \ + set -eux; \ + apk update; \ + apk add \ + bash \ + ca-certificates \ + libcurl \ + openssl \ + tar \ + xz \ + ; + +ENV PHP_INI_DIR=/usr/local/etc/php +RUN mkdir -p "$PHP_INI_DIR/conf.d" + +# Apply stack smash protection to functions using local buffers and alloca() +# Make PHP's main executable position-independent (improves ASLR security mechanism, and has no performance impact on x86_64) +# Enable optimization (-O2) +# Enable linker optimization (this sorts the hash buckets to improve cache locality, and is non-default) +# https://github.com/docker-library/php/issues/272 +# -D_LARGEFILE_SOURCE and -D_FILE_OFFSET_BITS=64 (https://www.php.net/manual/en/intro.filesystem.php) +ENV PHP_CFLAGS="-fstack-protector-strong -fpic -fpie -O2 -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64" +ENV PHP_CPPFLAGS="$PHP_CFLAGS" +ENV PHP_LDFLAGS="-Wl,-O1 -pie" + +COPY --from=php /rootfs / + +RUN --mount=type=cache,target=/var/cache/apk \ + --mount=type=cache,target=/tmp/pear \ + --mount=type=cache,target=/root \ + set -eux; \ + apk add --virtual .build-deps \ + $PHPIZE_DEPS \ + bzip2-dev \ + icu-dev \ + freetype-dev \ + libpng-dev \ + libjpeg-turbo-dev \ + libwebp-dev \ + openldap-dev \ + argon2-dev \ + coreutils \ + curl-dev \ + gnu-libiconv-dev \ + libsodium-dev \ + libxml2-dev \ + linux-headers \ + oniguruma-dev \ + openssl-dev \ + readline-dev \ + sqlite-dev \ + apache2-dev \ + ; \ + \ +# make sure musl's iconv doesn't get used (https://www.php.net/manual/en/intro.iconv.php) + rm -vf /usr/include/iconv.h; \ + \ + export \ + CFLAGS="$PHP_CFLAGS" \ + CPPFLAGS="$PHP_CPPFLAGS" \ + LDFLAGS="$PHP_LDFLAGS" \ +# https://github.com/php/php-src/blob/d6299206dd828382753453befd1b915491b741c6/configure.ac#L1496-L1511 + PHP_BUILD_PROVIDER='https://github.com/docker-library/php' \ + PHP_UNAME='Linux - Docker' \ + ; \ + docker-php-source extract; \ + cd /usr/src/php; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + ./configure \ + --build="$gnuArch" \ + --with-config-file-path="$PHP_INI_DIR" \ + --with-config-file-scan-dir="$PHP_INI_DIR/conf.d" \ + \ +# make sure invalid --configure-flags are fatal errors instead of just warnings + --enable-option-checking=fatal \ + \ +# https://github.com/docker-library/php/issues/439 + --with-mhash \ + \ +# https://github.com/docker-library/php/issues/822 + --with-pic \ + \ +# --enable-mbstring is included here because otherwise there's no way to get pecl to use it properly (see https://github.com/docker-library/php/issues/195) + --enable-mbstring \ +# --enable-mysqlnd is included here because it's harder to compile after the fact than extensions are (since it's a plugin for several extensions, not an extension in itself) + --enable-mysqlnd \ +# https://wiki.php.net/rfc/argon2_password_hash + --with-password-argon2 \ +# https://wiki.php.net/rfc/libsodium + --with-sodium=shared \ +# always build against system sqlite3 (https://github.com/php/php-src/commit/6083a387a81dbbd66d6316a3a12a63f06d5f7109) + --with-pdo-sqlite=/usr \ + --with-sqlite3=/usr \ + \ + --with-curl \ + --with-iconv=/usr \ + --with-openssl \ + --with-readline \ + --with-zlib \ + \ +# https://github.com/docker-library/php/pull/1259 + --enable-phpdbg \ + --enable-phpdbg-readline \ + \ +# in PHP 7.4+, the pecl/pear installers are officially deprecated (requiring an explicit "--with-pear") + --with-pear \ + \ +# bundled pcre does not support JIT on riscv64 until 10.41 (php 8.3+) +# https://github.com/PCRE2Project/pcre2/commits/pcre2-10.41/src/sljit/sljitNativeRISCV_64.c +# https://github.com/php/php-src/tree/php-8.3.0/ext/pcre/pcre2lib + $(test "$gnuArch" = 'riscv64-linux-musl' && echo '--without-pcre-jit') \ + \ +# service-desk + --enable-bcmath \ + --enable-opcache \ + --enable-intl \ + --enable-gd --with-freetype --with-jpeg --with-webp \ + --with-bz2 \ + --with-ldap \ + --with-apxs2 \ + ; \ + make -j "$(nproc)"; \ + find -type f -name '*.a' -delete; \ + make install; \ + find \ + /usr/local \ + -type f \ + -perm '/0111' \ + -exec sh -euxc ' \ + strip --strip-all "$@" || : \ + ' -- '{}' + \ + ; \ + make clean; \ + \ +# https://github.com/docker-library/php/issues/692 (copy default example "php.ini" files somewhere easily discoverable) + cp -v php.ini-* "$PHP_INI_DIR/"; \ + ln -s "php.ini-production" "$PHP_INI_DIR/php.ini"; \ + \ + cd /; \ + docker-php-source delete; \ + \ + runDeps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + )"; \ + apk add --no-cache $runDeps; \ + \ + apk del --no-network .build-deps; \ + \ +# update pecl channel definitions https://github.com/docker-library/php/issues/443 + pecl update-channels; \ + \ +# smoke test + php --version + + +FROM base AS build + +WORKDIR /build + +ARG SMARTY_VERSION +ARG SMARTY_URL +ARG COMPOSER_IMAGE + +COPY --from=composer /composer /usr/bin/composer + +ADD $SMARTY_URL ./ +RUN set -ex; \ + \ + SMARTY_DIR=/usr/share/php/smarty${SMARTY_VERSION%%.*}; \ + install --owner www-data --group www-data --directory -D "/rootfs${SMARTY_DIR}"; \ + tar xzf *.tar.gz -C "/rootfs${SMARTY_DIR}" --strip-components=2 --verbose --owner www-data --group www-data; + +RUN --mount=type=cache,target=/var/cache/apk \ + set -ex; \ + \ + apk update; \ + apk add git unzip; + +ARG INSTALL_PATHS= +ARG EXCLUDE_PATHS= + +WORKDIR /build/sd +RUN --mount=type=cache,target=/root/.composer \ + --mount=type=bind,target=/build/sd,rw \ + packaging/docker/install; \ + \ + install -p -m 644 -D \ + /usr/local/apache2/conf/httpd.conf \ + /rootfs/usr/local/apache2/conf/httpd.conf; \ + install -p -m 644 -D \ + packaging/docker/apache2.alpine/service-desk.conf \ + /rootfs/usr/local/apache2/conf/extra/httpd-vhosts.conf; \ + sed -i /rootfs/usr/local/apache2/conf/httpd.conf \ + -e "s|^#Include conf/extra/httpd-vhosts.conf|Include conf/extra/httpd-vhosts.conf|g" \ + -e "s#/usr/local/apache2/htdocs#/var/www/htdocs#g" \ + ; \ + :; + +FROM base + +ARG VERSION +ARG BASE_IMAGE + +LABEL org.opencontainers.image.authors='LTB-project.org, ltb-dev@ow2.org' \ + org.opencontainers.image.base.name="${BASE_IMAGE}" \ + org.opencontainers.image.description='Service Desk is a web application to edit LDAP account passwords and status for administrators and support teams' \ + org.opencontainers.image.url='https://ltb-project.org/documentation/service-desk.html' \ + org.opencontainers.image.ref.name='service-desk' \ + org.opencontainers.image.documentation='https://service-desk.readthedocs.io/' \ + org.opencontainers.image.title='service-desk docker image' \ + org.opencontainers.image.source='https://github.com/ltb-project/service-desk/' \ + org.opencontainers.image.vendor='LTB-project.org' \ + org.opencontainers.image.version="${VERSION}" \ + org.opencontainers.image.licenses='GPL-2+' + +COPY --from=build /rootfs / + +WORKDIR /var/www/htdocs + +VOLUME [ "/var/www/templates_c", "/var/www/conf", "/var/www/cache" ] + +EXPOSE 80 + +ENTRYPOINT [ "/entrypoint.sh" ] +CMD [ "httpd-foreground" ] diff --git a/packaging/docker/apache2.alpine/service-desk.conf b/packaging/docker/apache2.alpine/service-desk.conf new file mode 100644 index 00000000..cfbbfe59 --- /dev/null +++ b/packaging/docker/apache2.alpine/service-desk.conf @@ -0,0 +1,27 @@ + + # ServerName sd.example.com + + DocumentRoot /var/www/htdocs + DirectoryIndex index.php + + AddDefaultCharset UTF-8 + + + SetHandler application/x-httpd-php + + + + AllowOverride None + = 2.3> + Require all granted + + + Order Deny,Allow + Allow from all + + + + LogLevel debug + ErrorLog /dev/stderr + CustomLog /dev/stdout combined + diff --git a/packaging/docker/entrypoint.sh b/packaging/docker/entrypoint.sh new file mode 100755 index 00000000..78b3feab --- /dev/null +++ b/packaging/docker/entrypoint.sh @@ -0,0 +1,17 @@ +#!/usr/bin/env bash +set -e + +[ -d "/var/www/conf" ] && { + [ -L "/var/www/conf/config.inc.php" ] || + ln -sb ../config.inc.php.orig /var/www/conf/config.inc.php +} + +if [ "${1#-}" != "$1" ]; then + { + apache2-foreground -v 2>&1 1>/dev/null && set -- apache2-foreground "$@" + } || { + httpd-foreground -v 2>&1 1>/dev/null && set -- httpd-foreground "$@" + } +fi + +exec "$@" diff --git a/packaging/docker/install b/packaging/docker/install new file mode 100755 index 00000000..dd8962cf --- /dev/null +++ b/packaging/docker/install @@ -0,0 +1,62 @@ +#!/usr/bin/env bash + +set -ex + +INSTALL_PATHS=${INSTALL_PATHS:-" \ + htdocs/ \ + lang/ \ + lib/ \ + templates/ \ + vendor/ \ + LICENCE \ +"} + +EXCLUDE_PATHS=${EXCLUDE_PATHS:-" \ + htdocs/vendor/.gitignore \ +"} + +composer update --no-dev + +INSTALL_EXPR= + +for p in ${INSTALL_PATHS}; do \ + [ -z "${p##*/}" ] && p="\"./${p}*\"" || p="\"./$p\"" + INSTALL_EXPR="${INSTALL_EXPR:+${INSTALL_EXPR} -or }-path $p" +done + +EXCLUDE_EXPR= +for p in ${EXCLUDE_PATHS}; do \ + [ -z "${p##*/}" ] && p="\"./${p}*\"" || p="\"./$p\"" + EXCLUDE_EXPR="${EXCLUDE_EXPR:+${EXCLUDE_EXPR} -or }-path $p" +done + +BIN_PATHS=$(eval "find -type d -name bin \( $INSTALL_EXPR \) -not \( $EXCLUDE_EXPR \)") +BIN_EXPR= + +for p in ${BIN_PATHS}; do \ + BIN_EXPR="${BIN_EXPR:+${BIN_EXPR} -or }-path \"$p/*\"" +done + +eval "find -type f \( $BIN_EXPR \) -exec install -p -m 755 -D {} /rootfs/var/www/{} \;" + +eval "find -type f \( $INSTALL_EXPR \) \ + -not \( $EXCLUDE_EXPR \) \ + -not \( $BIN_EXPR \) \ + -exec install -p -m 644 -D {} /rootfs/var/www/{} \;" + +install -m 755 packaging/docker/entrypoint.sh /rootfs/ + +install --directory -D \ + "/rootfs/var/www/htdocs/vendor" \ + "/rootfs/var/www/conf" \ + : + +install --owner www-data --group www-data --directory -D \ + "/rootfs/var/www/templates_c" \ + "/rootfs/var/www/cache" \ + : + +sed conf/config.inc.php \ + -e "s#/usr/share/php/smarty3#/usr/share/php/smarty${SMARTY_VERSION%%.*}#g" \ + -e "s#config\.inc\.local\.php#conf/\0#g" \ + > /rootfs/var/www/config.inc.php.orig