-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile.template
131 lines (127 loc) · 4.03 KB
/
Dockerfile.template
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
{{
def is_alpine:
env.variant | index("alpine")
-}}
# Layer 1
# Provide an option to build a "base" target that doesn't include the code
FROM php:{{ env.phpVersion }}-{{ env.variant }} AS standalone-base
# Layer 2
# install the PHP extensions we need
RUN set -eux; \
\
{{ if is_alpine then ( -}}
apk add --no-cache --virtual .build-deps \
coreutils \
freetype-dev \
libjpeg-turbo-dev \
libpng-dev \
libwebp-dev \
libzip-dev \
{{ ) else ( -}}
if command -v a2enmod; then \
a2enmod expires rewrite; \
fi; \
\
savedAptMark="$(apt-mark showmanual)"; \
\
apt-get update; \
apt-get install -y --no-install-recommends \
libfreetype6-dev \
libjpeg-dev \
libpng-dev \
libpq-dev \
libzip-dev \
libxml2-dev \
libicu-dev \
libc-client-dev \
libkrb5-dev \
libmcrypt-dev \
{{ ) end -}}
; \
\
docker-php-ext-configure gd \
--with-freetype \
--with-jpeg={{ if is_alpine then "/usr/include" else "/usr" end }} \
; \
\
docker-php-ext-configure imap --with-imap-ssl --with-kerberos; \
docker-php-ext-install -j "$(nproc)" \
gd \
opcache \
pdo_mysql \
pdo_pgsql \
zip \
mysqli \
dom \
soap \
sockets \
intl \
bcmath \
gettext \
imap \
; \
\
pecl install -o apcu && docker-php-ext-enable apcu; \
docker-php-ext-install exif; \
{{ if is_alpine then ( -}}
runDeps="$( \
scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \
| tr ',' '\n' \
| sort -u \
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
)"; \
apk add --no-network --virtual .standalone-phpexts-rundeps $runDeps; \
apk del --no-network .build-deps
{{ ) else ( -}}
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
apt-mark manual $savedAptMark; \
ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \
| awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); print so }' \
| sort -u \
| xargs -r dpkg-query -S \
| cut -d: -f1 \
| sort -u \
| xargs -rt apt-mark manual; \
\
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*
{{ ) end -}}
# set recommended PHP.ini settings
# see https://secure.php.net/manual/en/opcache.installation.php
RUN { \
echo 'opcache.memory_consumption=128'; \
echo 'opcache.interned_strings_buffer=8'; \
echo 'opcache.max_accelerated_files=4000'; \
echo 'opcache.revalidate_freq=60'; \
} > /usr/local/etc/php/conf.d/opcache-recommended.ini
# Layer 3 with build bits to allow for future upgrades in the container
FROM standalone-base as standalone-build-crm
COPY --from=composer:{{ .composer.version }} /usr/bin/composer /usr/local/bin/
# We create a standalone user to own all the code, using 1978 as the uid
RUN useradd -u 1978 -g www-data -ms /bin/bash standalone
RUN mkdir -p /var/www/html
RUN chown standalone:www-data /var/www/html
WORKDIR /var/www/html
USER standalone:www-data
ENV CIVICRM_VERSION {{ .civicrmVersion }}
RUN set -eux; \
git clone https://github.com/civicrm/civicrm-standalone /var/www/standalone; \
composer require --no-update -W "civicrm/civicrm-core:$CIVICRM_VERSION"; \
composer require --no-update -W "civicrm/civicrm-packages:$CIVICRM_VERSION"; \
composer update;
# Add what is now an empty initialize script
COPY commands/initialize.sh /usr/local/bin/initialize.sh
COPY commands/entrypoint.sh /usr/local/bin/entrypoint.sh
RUN chmod u+x /usr/local/bin/*.sh
# default entrypoint runs initialize and then default/inherited CMD to start apache
RUN chmod 775 /usr/local/bin/entrypoint.sh
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
# inherited default CMD["apache2-foreground"], repeated here for good measure.
CMD ["apache2-foreground"]
# Now create with a different more minimal Layer 3 without build bits
# This image would only be upgraded via image update
FROM standalone-base as standalone-crm
COPY --from=standalone-build-crm /var/www/html /var/www/html
COPY --from=standalone-build-crm /usr/local/bin /usr/local/bin
# vim:set ft=dockerfile: