diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..f1d19b8 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,10 @@ +.git +.gitignore +dist +test +LICENSE +README-short.txt +*.md +!README.md +**/*.mk +**/Makefile \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md index ffa699a..ba99d5f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,13 @@ Summary of release changes for Version 2. CentOS-6 6.9 x86_64, Apache 2.4, PHP-FPM 5.6, PHP memcached 2.2, Zend Opcache 7.0. +### 2.2.2 - 2017-12-25 + +- Updates `php56u` packages to 5.6.32-2. +- Updates `httpd24u` packages to 2.4.29-1. +- Adds a .dockerignore file. +- Adds httpoxy mitigation. + ### 2.2.1 - 2017-09-28 - Updates `php56u` packages to 5.6.31-1. diff --git a/Dockerfile b/Dockerfile index dd18d3b..581d629 100644 --- a/Dockerfile +++ b/Dockerfile @@ -15,15 +15,17 @@ ARG PACKAGE_RELEASE_VERSION="0.5.0" # IUS Apache 2.4, PHP-FPM 5.6 # ----------------------------------------------------------------------------- RUN rpm --rebuilddb \ - && yum --setopt=tsflags=nodocs -y install \ + && yum -y install \ + --setopt=tsflags=nodocs \ + --disableplugin=fastestmirror \ elinks-0.12-0.21.pre5.el6_3 \ - httpd24u-2.4.27-1.ius.centos6 \ - httpd24u-tools-2.4.27-1.ius.centos6 \ - httpd24u-mod_ssl-2.4.27-1.ius.centos6 \ - php56u-fpm-5.6.31-1.ius.centos6 \ - php56u-fpm-httpd-5.6.31-1.ius.centos6 \ - php56u-cli-5.6.31-1.ius.centos6 \ - php56u-opcache-5.6.31-1.ius.centos6 \ + httpd24u-2.4.29-1.ius.centos6 \ + httpd24u-tools-2.4.29-1.ius.centos6 \ + httpd24u-mod_ssl-2.4.29-1.ius.centos6 \ + php56u-fpm-5.6.32-2.ius.centos6 \ + php56u-fpm-httpd-5.6.32-2.ius.centos6 \ + php56u-cli-5.6.32-2.ius.centos6 \ + php56u-opcache-5.6.32-2.ius.centos6 \ php56u-pecl-memcached-2.2.0-6.ius.centos6 \ && yum versionlock add \ elinks \ @@ -345,7 +347,7 @@ ENV APACHE_AUTOSTART_HTTPD_BOOTSTRAP=true \ # ----------------------------------------------------------------------------- # Set image metadata # ----------------------------------------------------------------------------- -ARG RELEASE_VERSION="2.2.1" +ARG RELEASE_VERSION="2.2.2" LABEL \ maintainer="James Deathe " \ install="docker run \ diff --git a/README.md b/README.md index ce0ad3a..6f05b45 100644 --- a/README.md +++ b/README.md @@ -12,16 +12,16 @@ Apache PHP web server, loading only a minimal set of Apache modules by default. ### Tags and respective `Dockerfile` links -- `centos-6-httpd24u-php56u`, `centos-6-httpd24u-php56u-2.2.1`, `2.2.1` [(centos-6-httpd24u-php56u/Dockerfile)](https://github.com/jdeathe/centos-ssh-apache-php/blob/centos-6-httpd24u-php56u/Dockerfile) -- `centos-6`, `centos-6-1.10.1`, `1.10.1` [(centos-6/Dockerfile)](https://github.com/jdeathe/centos-ssh-apache-php/blob/centos-6/Dockerfile) +- `centos-6-httpd24u-php56u`, `centos-6-httpd24u-php56u-2.2.2`, `2.2.2` [(centos-6-httpd24u-php56u/Dockerfile)](https://github.com/jdeathe/centos-ssh-apache-php/blob/centos-6-httpd24u-php56u/Dockerfile) +- `centos-6`, `centos-6-1.10.2`, `1.10.2` [(centos-6/Dockerfile)](https://github.com/jdeathe/centos-ssh-apache-php/blob/centos-6/Dockerfile) #### centos-6 -The latest CentOS-6 Standard Package based release can be pulled from the `centos-6` Docker tag. It is recommended to select a specific release tag - the convention is `centos-6-1.10.1` or `1.10.1` for the [1.10.1](https://github.com/jdeathe/centos-ssh-apache-php/tree/1.10.1) release tag. This build of [Apache](https://httpd.apache.org/), (httpd CentOS package), uses the mpm_prefork_module and php5_module modules for handling [PHP](http://php.net/). +The latest CentOS-6 Standard Package based release can be pulled from the `centos-6` Docker tag. It is recommended to select a specific release tag - the convention is `centos-6-1.10.2` or `1.10.2` for the [1.10.2](https://github.com/jdeathe/centos-ssh-apache-php/tree/1.10.2) release tag. This build of [Apache](https://httpd.apache.org/), (httpd CentOS package), uses the mpm_prefork_module and php5_module modules for handling [PHP](http://php.net/). #### centos-6-httpd24u-php56u -The latest CentOS-6 [IUS](https://ius.io) Apache 2.4, PHP-FPM 5.6 based release can be pulled from the `centos-6-httpd24u-php56u` Docker tag. It is recommended to select a specific release tag - the convention is `centos-6-httpd24u-php56u-2.2.1` or `2.2.1` for the [2.2.1](https://github.com/jdeathe/centos-ssh-apache-php/tree/2.2.1) release tag. This build of [Apache](https://httpd.apache.org/), (httpd24u package), uses the mpm_prefork_module and php-fpm for handling [PHP](http://php.net/). This version has the option of using the worker or event MPM. +The latest CentOS-6 [IUS](https://ius.io) Apache 2.4, PHP-FPM 5.6 based release can be pulled from the `centos-6-httpd24u-php56u` Docker tag. It is recommended to select a specific release tag - the convention is `centos-6-httpd24u-php56u-2.2.2` or `2.2.2` for the [2.2.2](https://github.com/jdeathe/centos-ssh-apache-php/tree/2.2.2) release tag. This build of [Apache](https://httpd.apache.org/), (httpd24u package), uses the mpm_prefork_module and php-fpm for handling [PHP](http://php.net/). This version has the option of using the worker or event MPM. Included in the build are the [SCL](https://www.softwarecollections.org/), [EPEL](http://fedoraproject.org/wiki/EPEL) and [IUS](https://ius.io) repositories. Installed packages include [OpenSSH](http://www.openssh.com/portable.html) secure shell, [vim-minimal](http://www.vim.org/), [elinks](http://elinks.or.cz) (for fullstatus support), PHP [Memcached](http://pecl.php.net/package/memcached) are installed along with python-setuptools, [supervisor](http://supervisord.org/) and [supervisor-stdout](https://github.com/coderanger/supervisor-stdout). The `centos-6` "Standard" PHP 5.3 build includes PHP [APC](http://pecl.php.net/package/APC) where Zend Opcache is bundled in PHP 5.6. @@ -97,10 +97,10 @@ $ docker run \ --volume /:/media/root \ --env BASH_ENV="" \ --env ENV="" \ - jdeathe/centos-ssh-apache-php:2.2.1 \ + jdeathe/centos-ssh-apache-php:2.2.2 \ /usr/sbin/scmi install \ --chroot=/media/root \ - --tag=2.2.1 \ + --tag=2.2.2 \ --name=apache-php.pool-1.1.1 ``` @@ -115,10 +115,10 @@ $ docker run \ --volume /:/media/root \ --env BASH_ENV="" \ --env ENV="" \ - jdeathe/centos-ssh-apache-php:2.2.1 \ + jdeathe/centos-ssh-apache-php:2.2.2 \ /usr/sbin/scmi uninstall \ --chroot=/media/root \ - --tag=2.2.1 \ + --tag=2.2.2 \ --name=apache-php.pool-1.1.1 ``` @@ -133,10 +133,10 @@ $ docker run \ --volume /:/media/root \ --env BASH_ENV="" \ --env ENV="" \ - jdeathe/centos-ssh-apache-php:2.2.1 \ + jdeathe/centos-ssh-apache-php:2.2.2 \ /usr/sbin/scmi install \ --chroot=/media/root \ - --tag=2.2.1 \ + --tag=2.2.2 \ --name=apache-php.pool-1.1.1 \ --manager=systemd \ --register \ @@ -155,7 +155,7 @@ Since release `centos-6-1.7.2` the install template has been added to the image _NOTE:_ A prerequisite of the following examples is that the image has been pulled (or loaded from the release package). ``` -$ docker pull jdeathe/centos-ssh-apache-php:2.2.1 +$ docker pull jdeathe/centos-ssh-apache-php:2.2.2 ``` To see detailed information about the image run `scmi` with the `--info` option. To see all available `scmi` options run with the `--help` option. @@ -164,7 +164,7 @@ To see detailed information about the image run `scmi` with the `--info` option. $ eval "sudo -E $( docker inspect \ -f "{{.ContainerConfig.Labels.install}}" \ - jdeathe/centos-ssh-apache-php:2.2.1 + jdeathe/centos-ssh-apache-php:2.2.2 ) --info" ``` @@ -174,7 +174,7 @@ To perform an installation using the docker name `apache-php.pool-1.2.1` simply $ eval "sudo -E $( docker inspect \ -f "{{.ContainerConfig.Labels.install}}" \ - jdeathe/centos-ssh-apache-php:2.2.1 + jdeathe/centos-ssh-apache-php:2.2.2 ) --name=apache-php.pool-1.2.1" ``` @@ -184,7 +184,7 @@ To uninstall use the *same command* that was used to install but with the `unins $ eval "sudo -E $( docker inspect \ -f "{{.ContainerConfig.Labels.uninstall}}" \ - jdeathe/centos-ssh-apache-php:2.2.1 + jdeathe/centos-ssh-apache-php:2.2.2 ) --name=apache-php.pool-1.2.1" ``` @@ -197,7 +197,7 @@ To see detailed information about the image run `scmi` with the `--info` option. ``` $ sudo -E atomic install \ -n apache-php.pool-1.3.1 \ - jdeathe/centos-ssh-apache-php:2.2.1 \ + jdeathe/centos-ssh-apache-php:2.2.2 \ --info ``` @@ -206,14 +206,14 @@ To perform an installation using the docker name `apache-php.pool-1.3.1` simply ``` $ sudo -E atomic install \ -n apache-php.pool-1.3.1 \ - jdeathe/centos-ssh-apache-php:2.2.1 + jdeathe/centos-ssh-apache-php:2.2.2 ``` Alternatively, you could use the `scmi` options `--name` or `-n` for naming the container. ``` $ sudo -E atomic install \ - jdeathe/centos-ssh-apache-php:2.2.1 \ + jdeathe/centos-ssh-apache-php:2.2.2 \ --name apache-php.pool-1.3.1 ``` @@ -222,7 +222,7 @@ To uninstall use the *same command* that was used to install but with the `unins ``` $ sudo -E atomic uninstall \ -n apache-php.pool-1.3.1 \ - jdeathe/centos-ssh-apache-php:2.2.1 + jdeathe/centos-ssh-apache-php:2.2.2 ``` #### Environment Variables diff --git a/src/etc/services-config/httpd/conf.d/00-headers.conf b/src/etc/services-config/httpd/conf.d/00-headers.conf index d2d839c..1e107f5 100644 --- a/src/etc/services-config/httpd/conf.d/00-headers.conf +++ b/src/etc/services-config/httpd/conf.d/00-headers.conf @@ -1,4 +1,5 @@ + RequestHeader unset Proxy early Header unset X-Service-Operating-Mode Header set X-Service-Operating-Mode development diff --git a/src/etc/systemd/system/centos-ssh-apache-php@.service b/src/etc/systemd/system/centos-ssh-apache-php@.service index fe34da5..81d97e2 100644 --- a/src/etc/systemd/system/centos-ssh-apache-php@.service +++ b/src/etc/systemd/system/centos-ssh-apache-php@.service @@ -52,7 +52,7 @@ Environment="DOCKER_USER=jdeathe" Environment="DOCKER_CONTAINER_OPTS=" Environment="DOCKER_IMAGE_PACKAGE_PATH=/var/opt/scmi/packages" Environment="DOCKER_IMAGE_NAME=centos-ssh-apache-php" -Environment="DOCKER_IMAGE_TAG=2.2.1" +Environment="DOCKER_IMAGE_TAG=2.2.2" Environment="DOCKER_PORT_MAP_TCP_80=8080" Environment="DOCKER_PORT_MAP_TCP_443=9443" Environment="DOCKER_PORT_MAP_TCP_8443=NULL"