From 2c524378f96e54f1467400838100541f9d4427aa Mon Sep 17 00:00:00 2001 From: Bertrand Gouny Date: Wed, 23 Aug 2017 16:34:30 +0200 Subject: [PATCH 1/3] [twgit] Init release 'release-0.7.1'. From 2ae5917d2f0d40bcaf20ca4e869d78746808c9a9 Mon Sep 17 00:00:00 2001 From: Bertrand Gouny Date: Wed, 23 Aug 2017 16:40:45 +0200 Subject: [PATCH 2/3] optimise apache and opcache config --- CHANGELOG.md | 4 +++ Makefile | 2 +- README.md | 32 +++++++++---------- example/kubernetes/phpldapadmin-rc.yaml | 2 +- .../phpldapadmin/assets/apache2/http.conf | 10 ++++++ .../phpldapadmin/assets/apache2/https.conf | 10 ++++++ .../assets/php7.0-fpm/opcache.ini | 6 ++++ image/service/phpldapadmin/install.sh | 6 ++++ 8 files changed, 54 insertions(+), 18 deletions(-) create mode 100644 image/service/phpldapadmin/assets/php7.0-fpm/opcache.ini diff --git a/CHANGELOG.md b/CHANGELOG.md index b445f3a..86d2264 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # Changelog +## 0.7.1 + - Optimise apache config + - Add opcache config + ## 0.7.0 - add config.php in config folder - Upgrade baseimage: web-baseimage:1.1.0 (debian stretch, php7) diff --git a/Makefile b/Makefile index 37281ad..c0281a8 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ NAME = osixia/phpldapadmin -VERSION = 0.7.0 +VERSION = 0.7.1 .PHONY: build build-nocache test tag-latest push push-latest release git-tag-version diff --git a/README.md b/README.md index c3b9b66..428c137 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ [hub]: https://hub.docker.com/r/osixia/phpldapadmin/ -Latest release: 0.7.0 - phpLDAPadmin 1.2.3 (with php7 patch) - [Changelog](CHANGELOG.md) | [Docker Hub](https://hub.docker.com/r/osixia/phpldapadmin/)  +Latest release: 0.7.1 - phpLDAPadmin 1.2.3 (with php7 patch) - [Changelog](CHANGELOG.md) | [Docker Hub](https://hub.docker.com/r/osixia/phpldapadmin/)  **A docker image to run phpLDAPadmin.** > [phpldapadmin.sourceforge.net](http://phpldapadmin.sourceforge.net) @@ -26,7 +26,7 @@ Latest release: 0.7.0 - phpLDAPadmin 1.2.3 (with php7 patch) - [Changelog](CHANG - [Link environment file](#link-environment-file) - [Make your own image or extend this image](#make-your-own-image-or-extend-this-image) - [Advanced User Guide](#advanced-user-guide) - - [Extend osixia/phpldapadmin:0.7.0 image](#extend-osixiaphpldapadmin070-image) + - [Extend osixia/phpldapadmin:0.7.1 image](#extend-osixiaphpldapadmin070-image) - [Make your own phpLDAPadmin image](#make-your-own-phpldapadmin-image) - [Tests](#tests) - [Kubernetes](#kubernetes) @@ -39,7 +39,7 @@ Run a phpLDAPadmin docker image by replacing `ldap.example.com` with your ldap h docker run -p 6443:443 \ --env PHPLDAPADMIN_LDAP_HOSTS=ldap.example.com \ - --detach osixia/phpldapadmin:0.7.0 + --detach osixia/phpldapadmin:0.7.1 That's it :) you can access phpLDAPadmin on [https://localhost:6443](https://localhost:6443) @@ -49,7 +49,7 @@ Example script: #!/bin/bash -e docker run --name ldap-service --hostname ldap-service --detach osixia/openldap:1.1.8 - docker run --name phpldapadmin-service --hostname phpldapadmin-service --link ldap-service:ldap-host --env PHPLDAPADMIN_LDAP_HOSTS=ldap-host --detach osixia/phpldapadmin:0.7.0 + docker run --name phpldapadmin-service --hostname phpldapadmin-service --link ldap-service:ldap-host --env PHPLDAPADMIN_LDAP_HOSTS=ldap-host --detach osixia/phpldapadmin:0.7.1 PHPLDAP_IP=$(docker inspect -f "{{ .NetworkSettings.IPAddress }}" phpldapadmin-service) @@ -66,7 +66,7 @@ but setting your own config.php is possible. 2 options: - Link your config file at run time to `/container/service/phpldapadmin/assets/config/config.php` : - docker run --volume /data/my-config.php:/container/service/phpldapadmin/assets/config/config.php --detach osixia/phpldapadmin:0.7.0 + docker run --volume /data/my-config.php:/container/service/phpldapadmin/assets/config/config.php --detach osixia/phpldapadmin:0.7.1 - Add your config file by extending or cloning this image, please refer to the [Advanced User Guide](#advanced-user-guide) @@ -75,7 +75,7 @@ but setting your own config.php is possible. 2 options: #### Use autogenerated certificate By default HTTPS is enable, a certificate is created with the container hostname (it can be set by docker run --hostname option eg: phpldapadmin.my-company.com). - docker run --hostname phpldapadmin.my-company.com --detach osixia/phpldapadmin:0.7.0 + docker run --hostname phpldapadmin.my-company.com --detach osixia/phpldapadmin:0.7.1 #### Use your own certificate @@ -85,14 +85,14 @@ You can set your custom certificate at run time, by mounting a directory contain --env PHPLDAPADMIN_HTTPS_CRT_FILENAME=my-cert.crt \ --env PHPLDAPADMIN_HTTPS_KEY_FILENAME=my-cert.key \ --env PHPLDAPADMIN_HTTPS_CA_CRT_FILENAME=the-ca.crt \ - --detach osixia/phpldapadmin:0.7.0 + --detach osixia/phpldapadmin:0.7.1 Other solutions are available please refer to the [Advanced User Guide](#advanced-user-guide) #### Disable HTTPS Add --env PHPLDAPADMIN_HTTPS=false to the run command : - docker run --env PHPLDAPADMIN_HTTPS=false --detach osixia/phpldapadmin:0.7.0 + docker run --env PHPLDAPADMIN_HTTPS=false --detach osixia/phpldapadmin:0.7.1 ### Fix docker mounted file problems @@ -100,7 +100,7 @@ You may have some problems with mounted files on some systems. The startup scrip To fix that run the container with `--copy-service` argument : - docker run [your options] osixia/phpldapadmin:0.7.0 --copy-service + docker run [your options] osixia/phpldapadmin:0.7.1 --copy-service ### Debug @@ -109,11 +109,11 @@ Available levels are: `none`, `error`, `warning`, `info`, `debug` and `trace`. Example command to run the container in `debug` mode: - docker run --detach osixia/phpldapadmin:0.7.0 --loglevel debug + docker run --detach osixia/phpldapadmin:0.7.1 --loglevel debug See all command line options: - docker run osixia/phpldapadmin:0.7.0 --help + docker run osixia/phpldapadmin:0.7.1 --help ## Environment Variables @@ -166,7 +166,7 @@ See how to [set your own environment variables](#set-your-own-environment-variab If you want to set this variable at docker run command add the tag `#PYTHON2BASH:` and convert the yaml in python: - docker run --env PHPLDAPADMIN_LDAP_HOSTS="#PYTHON2BASH:[{'ldap.example.org': [{'server': [{'tls': True}]},{'login': [{'bind_id': 'cn=admin,dc=example,dc=org'}]}]}, 'ldap2.example.org', 'ldap3.example.org']" --detach osixia/phpldapadmin:0.7.0 + docker run --env PHPLDAPADMIN_LDAP_HOSTS="#PYTHON2BASH:[{'ldap.example.org': [{'server': [{'tls': True}]},{'login': [{'bind_id': 'cn=admin,dc=example,dc=org'}]}]}, 'ldap2.example.org', 'ldap3.example.org']" --detach osixia/phpldapadmin:0.7.1 To convert yaml to python online: http://yaml-online-parser.appspot.com/ @@ -203,14 +203,14 @@ Other environment variables: Environment variables can be set by adding the --env argument in the command line, for example: docker run --env PHPLDAPADMIN_LDAP_HOSTS="ldap.example.org" \ - --detach osixia/phpldapadmin:0.7.0 + --detach osixia/phpldapadmin:0.7.1 #### Link environment file For example if your environment file is in : /data/environment/my-env.yaml docker run --volume /data/environment/my-env.yaml:/container/environment/01-custom/env.yaml \ - --detach osixia/phpldapadmin:0.7.0 + --detach osixia/phpldapadmin:0.7.1 Take care to link your environment file to `/container/environment/XX-somedir` (with XX < 99 so they will be processed before default environment files) and not directly to `/container/environment` because this directory contains predefined baseimage environment files to fix container environment (INITRD, LANG, LANGUAGE and LC_CTYPE). @@ -220,13 +220,13 @@ This is the best solution if you have a private registry. Please refer to the [A ## Advanced User Guide -### Extend osixia/phpldapadmin:0.7.0 image +### Extend osixia/phpldapadmin:0.7.1 image If you need to add your custom TLS certificate, bootstrap config or environment files the easiest way is to extends this image. Dockerfile example: - FROM osixia/phpldapadmin:0.7.0 + FROM osixia/phpldapadmin:0.7.1 MAINTAINER Your Name ADD https-certs /container/service/phpldapadmin/assets/apache2/certs diff --git a/example/kubernetes/phpldapadmin-rc.yaml b/example/kubernetes/phpldapadmin-rc.yaml index b9cb372..e7ff119 100644 --- a/example/kubernetes/phpldapadmin-rc.yaml +++ b/example/kubernetes/phpldapadmin-rc.yaml @@ -15,7 +15,7 @@ spec: spec: containers: - name: phpldapadmin - image: osixia/phpldapadmin:0.7.0 + image: osixia/phpldapadmin:0.7.1 volumeMounts: - name: phpldapadmin-certs mountPath: /container/service/phpldapadmin/assets/apache2/certs diff --git a/image/service/phpldapadmin/assets/apache2/http.conf b/image/service/phpldapadmin/assets/apache2/http.conf index 3ef84db..d7d2437 100644 --- a/image/service/phpldapadmin/assets/apache2/http.conf +++ b/image/service/phpldapadmin/assets/apache2/http.conf @@ -6,6 +6,16 @@ DocumentRoot /var/www/phpldapadmin/htdocs + SetOutputFilter DEFLATE + DeflateCompressionLevel 9 + AddOutputFilterByType DEFLATE text/html application/javascript text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon + Header append Vary User-Agent env=!dont-vary + + + ExpiresActive on + ExpiresDefault "access plus 30 days" + + Require all granted diff --git a/image/service/phpldapadmin/assets/apache2/https.conf b/image/service/phpldapadmin/assets/apache2/https.conf index 88457ad..bc3523a 100644 --- a/image/service/phpldapadmin/assets/apache2/https.conf +++ b/image/service/phpldapadmin/assets/apache2/https.conf @@ -12,6 +12,16 @@ SSLCertificateKeyFile ${CONTAINER_SERVICE_DIR}/phpldapadmin/assets/apache2/certs/${PHPLDAPADMIN_HTTPS_KEY_FILENAME} #SSLCACertificateFile ${CONTAINER_SERVICE_DIR}/phpldapadmin/assets/apache2/certs/${PHPLDAPADMIN_HTTPS_CA_CRT_FILENAME} + SetOutputFilter DEFLATE + DeflateCompressionLevel 9 + AddOutputFilterByType DEFLATE text/html application/javascript text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon + Header append Vary User-Agent env=!dont-vary + + + ExpiresActive on + ExpiresDefault "access plus 30 days" + + Require all granted diff --git a/image/service/phpldapadmin/assets/php7.0-fpm/opcache.ini b/image/service/phpldapadmin/assets/php7.0-fpm/opcache.ini new file mode 100644 index 0000000..e93177a --- /dev/null +++ b/image/service/phpldapadmin/assets/php7.0-fpm/opcache.ini @@ -0,0 +1,6 @@ +opcache.enable=1 +opcache.validate_timestamps=0 +opcache.max_accelerated_files=5413 +opcache.memory_consumption=128 +opcache.interned_strings_buffer=16 +opcache.fast_shutdown=1 diff --git a/image/service/phpldapadmin/install.sh b/image/service/phpldapadmin/install.sh index 492dcaa..c99c033 100755 --- a/image/service/phpldapadmin/install.sh +++ b/image/service/phpldapadmin/install.sh @@ -4,6 +4,9 @@ cat /container/service/phpldapadmin/assets/php7.0-fpm/pool.conf >> /etc/php/7.0/fpm/pool.d/www.conf rm /container/service/phpldapadmin/assets/php7.0-fpm/pool.conf +cp -f /container/service/phpldapadmin/assets/php7.0-fpm/opcache.ini /etc/php/7.0/fpm/conf.d/opcache.ini +rm /container/service/phpldapadmin/assets/php7.0-fpm/opcache.ini + mkdir -p /var/www/tmp chown www-data:www-data /var/www/tmp @@ -11,6 +14,9 @@ chown www-data:www-data /var/www/tmp a2dissite 000-default rm -rf /var/www/html +# Add apache modules +a2enmod deflate expires + # delete unnecessary files rm -rf /var/www/phpldapadmin_bootstrap/doc From 9d2fa4d5aa4679380ef2ff619c18d223115d524f Mon Sep 17 00:00:00 2001 From: Bertrand Gouny Date: Thu, 26 Oct 2017 16:50:22 +0200 Subject: [PATCH 3/3] web-baseimage:1.1.1 --- CHANGELOG.md | 1 + image/Dockerfile | 2 +- image/service/phpldapadmin/assets/apache2/http.conf | 11 ++--------- .../service/phpldapadmin/assets/apache2/https.conf | 13 +++---------- 4 files changed, 7 insertions(+), 20 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 86d2264..2215e05 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ ## 0.7.1 - Optimise apache config - Add opcache config + - Upgrade baseimage: web-baseimage:1.1.1 ## 0.7.0 - add config.php in config folder diff --git a/image/Dockerfile b/image/Dockerfile index 6096088..05fc555 100644 --- a/image/Dockerfile +++ b/image/Dockerfile @@ -1,4 +1,4 @@ -FROM osixia/web-baseimage:1.1.0 +FROM osixia/web-baseimage:1.1.1 MAINTAINER Bertrand Gouny # phpLDAPadmin version diff --git a/image/service/phpldapadmin/assets/apache2/http.conf b/image/service/phpldapadmin/assets/apache2/http.conf index d7d2437..2400c40 100644 --- a/image/service/phpldapadmin/assets/apache2/http.conf +++ b/image/service/phpldapadmin/assets/apache2/http.conf @@ -6,15 +6,8 @@ DocumentRoot /var/www/phpldapadmin/htdocs - SetOutputFilter DEFLATE - DeflateCompressionLevel 9 - AddOutputFilterByType DEFLATE text/html application/javascript text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon - Header append Vary User-Agent env=!dont-vary - - - ExpiresActive on - ExpiresDefault "access plus 30 days" - + Include /etc/apache2/conf-available/gzip.conf + Include /etc/apache2/conf-available/cache.conf Require all granted diff --git a/image/service/phpldapadmin/assets/apache2/https.conf b/image/service/phpldapadmin/assets/apache2/https.conf index bc3523a..a0c39e3 100644 --- a/image/service/phpldapadmin/assets/apache2/https.conf +++ b/image/service/phpldapadmin/assets/apache2/https.conf @@ -6,21 +6,14 @@ DocumentRoot /var/www/phpldapadmin/htdocs - Include /etc/apache2/conf-available/vhost-partial-ssl.conf + Include /etc/apache2/conf-available/ssl.conf SSLCertificateFile ${CONTAINER_SERVICE_DIR}/phpldapadmin/assets/apache2/certs/${PHPLDAPADMIN_HTTPS_CRT_FILENAME} SSLCertificateKeyFile ${CONTAINER_SERVICE_DIR}/phpldapadmin/assets/apache2/certs/${PHPLDAPADMIN_HTTPS_KEY_FILENAME} #SSLCACertificateFile ${CONTAINER_SERVICE_DIR}/phpldapadmin/assets/apache2/certs/${PHPLDAPADMIN_HTTPS_CA_CRT_FILENAME} - SetOutputFilter DEFLATE - DeflateCompressionLevel 9 - AddOutputFilterByType DEFLATE text/html application/javascript text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon - Header append Vary User-Agent env=!dont-vary - - - ExpiresActive on - ExpiresDefault "access plus 30 days" - + Include /etc/apache2/conf-available/gzip.conf + Include /etc/apache2/conf-available/cache.conf Require all granted