sclorg · hhorak · Dec 19, 2017 · Dec 3, 2017 · Dec 3, 2017 · Dec 4, 2017
diff --git a/5.6/Dockerfile b/5.6/Dockerfile
@@ -4,6 +4,7 @@ FROM centos/s2i-base-centos7
 # applications.
 
 EXPOSE 8080
+EXPOSE 8443
 
 # Description
 # This image provides an Apache 2.4 + PHP 5.6 environment for running PHP applications.
@@ -13,7 +14,6 @@ EXPOSE 8080
 ENV PHP_VERSION=5.6 \
     PHP_VER_SHORT=56 \
     NAME=php \
-    VERSION=5.0 \
     PATH=$PATH:/opt/rh/rh-php56/root/usr/bin
 
 ENV SUMMARY="Platform for building and running PHP $PHP_VERSION applications" \
@@ -25,52 +25,53 @@ for several commercial and non-commercial database management systems, so writin
 a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding \
 is probably as a replacement for CGI scripts."
 
-LABEL summary="$SUMMARY" \
-      description="$DESCRIPTION" \
-      io.k8s.description="$DESCRIPTION" \
-      io.k8s.display-name="Apache 2.4 with PHP $PHP_VERSION" \
+LABEL summary="${SUMMARY}" \
+      description="${DESCRIPTION}" \
+      io.k8s.description="${DESCRIPTION}" \
+      io.k8s.display-name="Apache 2.4 with PHP ${PHP_VERSION}" \
       io.openshift.expose-services="8080:http" \
-      io.openshift.tags="builder,$NAME,$NAME$PHP_VER_SHORT,rh-$NAME$PHP_VER_SHORT" \
+      io.openshift.tags="builder,${NAME},${NAME}${PHP_VER_SHORT},rh-${NAME}${PHP_VER_SHORT}" \
       io.openshift.s2i.scripts-url="image:///usr/libexec/s2i" \
       io.s2i.scripts-url="image:///usr/libexec/s2i" \
-      name="centos/$NAME-$PHP_VER_SHORT-centos7" \
-      com.redhat.component="rh-$NAME$PHP_VER_SHORT-docker" \
-      version="$VERSION" \
-      release="1" \
-      maintainer="SoftwareCollections.org <[email protected]>" \
-      help="For more information visit https://github.com/sclorg/s2i-$NAME-container" \
-      usage="s2i build <SOURCE-REPOSITORY> centos/$NAME-$PHP_VER_SHORT-centos7:latest <APP-NAME>"
+      name="centos/${NAME}-${PHP_VER_SHORT}-centos7" \
+      com.redhat.component="rh-${NAME}${PHP_VER_SHORT}-docker" \
+      version="${PHP_VERSION}" \
+      help="For more information visit https://github.com/sclorg/s2i-${NAME}-container" \
+      usage="s2i build https://github.com/sclorg/s2i-php-container.git --context-dir=${PHP_VERSION}/test/test-app centos/${NAME}-${PHP_VER_SHORT}-centos7 sample-server" \
+      maintainer="SoftwareCollections.org <[email protected]>"
 
 # Install Apache httpd and PHP
 RUN yum install -y centos-release-scl && \
     INSTALL_PKGS="rh-php56 rh-php56-php rh-php56-php-mysqlnd rh-php56-php-pgsql rh-php56-php-bcmath \
                   rh-php56-php-gd rh-php56-php-intl rh-php56-php-ldap rh-php56-php-mbstring rh-php56-php-pdo \
                   rh-php56-php-pecl-memcache rh-php56-php-process rh-php56-php-soap rh-php56-php-opcache rh-php56-php-xml \
-                  rh-php56-php-pecl-xdebug rh-php56-php-gmp" && \
+                  rh-php56-php-pecl-xdebug rh-php56-php-gmp httpd24-mod_ssl" && \
     yum install -y --setopt=tsflags=nodocs --enablerepo=centosplus $INSTALL_PKGS && \
     rpm -V $INSTALL_PKGS && \
     yum clean all -y
 
+ENV PHP_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/php/ \
+    APP_DATA=${APP_ROOT}/src \
+    PHP_DEFAULT_INCLUDE_PATH=/opt/rh/rh-php56/root/usr/share/pear \
+    PHP_SYSCONF_PATH=/etc/opt/rh/rh-php56 \
+    PHP_HTTPD_CONF_FILE=rh-php56-php.conf \
+    HTTPD_CONFIGURATION_PATH=${APP_ROOT}/etc/conf.d \
+    HTTPD_MAIN_CONF_PATH=/etc/httpd/conf \
+    HTTPD_MAIN_CONF_D_PATH=/etc/httpd/conf.d \
+    HTTPD_VAR_RUN=/var/run/httpd \
+    HTTPD_DATA_PATH=/var/www \
+    HTTPD_DATA_ORIG_PATH=/opt/rh/httpd24/root/var/www \
+    HTTPD_VAR_PATH=/opt/rh/httpd24/root/var \
+    SCL_ENABLED=rh-php56
+
 # Copy the S2I scripts from the specific language image to $STI_SCRIPTS_PATH
 COPY ./s2i/bin/ $STI_SCRIPTS_PATH
 
 # Copy extra files to the image.
 COPY ./root/ /
 
-# In order to drop the root user, we have to make some directories world
-# writeable as OpenShift default security model is to run the container under
-# random UID.
-RUN sed -i -f /opt/app-root/etc/httpdconf.sed /opt/rh/httpd24/root/etc/httpd/conf/httpd.conf && \
-    echo "IncludeOptional /opt/app-root/etc/conf.d/*.conf" >> /opt/rh/httpd24/root/etc/httpd/conf/httpd.conf && \
-    sed -i '/php_value session.save_path/d' /opt/rh/httpd24/root/etc/httpd/conf.d/rh-php56-php.conf && \
-    head -n151 /opt/rh/httpd24/root/etc/httpd/conf/httpd.conf | tail -n1 | grep "AllowOverride All" || exit && \
-    mkdir /tmp/sessions && \
-    chown -R 1001:0 /opt/app-root /tmp/sessions && \
-    chmod -R a+rwx /tmp/sessions && \
-    chmod -R ug+rwx /opt/app-root && \
-    chmod -R a+rwx /etc/opt/rh/rh-php56 && \
-    chmod -R a+rwx /opt/rh/httpd24/root/var/run/httpd && \
-    rpm-file-permissions
+# Reset permissions of filesystem to default values
+RUN /usr/libexec/container-setup && rpm-file-permissions
 
 USER 1001
 

diff --git a/5.6/Dockerfile.rhel7 b/5.6/Dockerfile.rhel7
@@ -4,6 +4,7 @@ FROM rhscl/s2i-base-rhel7
 # applications.
 
 EXPOSE 8080
+EXPOSE 8443
 
 # Description
 # This image provides an Apache 2.4 + PHP 5.6 environment for running PHP applications.
@@ -13,7 +14,6 @@ EXPOSE 8080
 ENV PHP_VERSION=5.6 \
     PHP_VER_SHORT=56 \
     NAME=php \
-    VERSION=5.0 \
     PATH=$PATH:/opt/rh/rh-php56/root/usr/bin
 
 ENV SUMMARY="Platform for building and running PHP $PHP_VERSION applications" \
@@ -25,21 +25,20 @@ for several commercial and non-commercial database management systems, so writin
 a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding \
 is probably as a replacement for CGI scripts."
 
-LABEL summary="$SUMMARY" \
-      description="$DESCRIPTION" \
-      io.k8s.description="$DESCRIPTION" \
-      io.k8s.display-name="Apache 2.4 with PHP $PHP_VERSION" \
+LABEL summary="${SUMMARY}" \
+      description="${DESCRIPTION}" \
+      io.k8s.description="${DESCRIPTION}" \
+      io.k8s.display-name="Apache 2.4 with PHP ${PHP_VERSION}" \
       io.openshift.expose-services="8080:http" \
-      io.openshift.tags="builder,$NAME,$NAME$PHP_VER_SHORT,rh-$NAME$PHP_VER_SHORT" \
+      io.openshift.tags="builder,${NAME},${NAME}${PHP_VER_SHORT},rh-${NAME}${PHP_VER_SHORT}" \
       io.openshift.s2i.scripts-url="image:///usr/libexec/s2i" \
       io.s2i.scripts-url="image:///usr/libexec/s2i" \
-      name="rhscl/$NAME-$PHP_VER_SHORT-rhel7" \
-      com.redhat.component="rh-$NAME$PHP_VER_SHORT-docker" \
-      version="$VERSION" \
-      release="3" \
-      maintainer="SoftwareCollections.org <[email protected]>" \
-      help="For more information visit https://github.com/sclorg/s2i-$NAME-container" \
-      usage="s2i build <SOURCE-REPOSITORY> rhscl/$NAME-$PHP_VER_SHORT-rhel7:latest <APP-NAME>"
+      name="rhscl/${NAME}-${PHP_VER_SHORT}-rhel7" \
+      com.redhat.component="rh-${NAME}${PHP_VER_SHORT}-docker" \
+      version="${PHP_VERSION}" \
+      help="For more information visit https://github.com/sclorg/s2i-${NAME}-container" \
+      usage="s2i build https://github.com/sclorg/s2i-php-container.git --context-dir=${PHP_VERSION}/test/test-app rhscl/${NAME}-${PHP_VER_SHORT}-rhel7 sample-server" \
+      maintainer="SoftwareCollections.org <[email protected]>"
 
 # Install Apache httpd and PHP
 RUN yum install -y yum-utils && \
@@ -50,31 +49,33 @@ RUN yum install -y yum-utils && \
     INSTALL_PKGS="rh-php56 rh-php56-php rh-php56-php-mysqlnd rh-php56-php-pgsql rh-php56-php-bcmath \
                   rh-php56-php-gd rh-php56-php-intl rh-php56-php-ldap rh-php56-php-mbstring rh-php56-php-pdo \
                   rh-php56-php-pecl-memcache rh-php56-php-process rh-php56-php-soap rh-php56-php-opcache rh-php56-php-xml \
-                  rh-php56-php-pecl-xdebug rh-php56-php-gmp" && \
+                  rh-php56-php-pecl-xdebug rh-php56-php-gmp httpd24-mod_ssl" && \
     yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \
     rpm -V $INSTALL_PKGS && \
     yum clean all -y
 
+ENV PHP_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/php/ \
+    APP_DATA=${APP_ROOT}/src \
+    PHP_DEFAULT_INCLUDE_PATH=/opt/rh/rh-php56/root/usr/share/pear \
+    PHP_SYSCONF_PATH=/etc/opt/rh/rh-php56 \
+    PHP_HTTPD_CONF_FILE=rh-php56-php.conf \
+    HTTPD_CONFIGURATION_PATH=${APP_ROOT}/etc/conf.d \
+    HTTPD_MAIN_CONF_PATH=/etc/httpd/conf \
+    HTTPD_MAIN_CONF_D_PATH=/etc/httpd/conf.d \
+    HTTPD_VAR_RUN=/var/run/httpd \
+    HTTPD_DATA_PATH=/var/www \
+    HTTPD_DATA_ORIG_PATH=/opt/rh/httpd24/root/var/www \
+    HTTPD_VAR_PATH=/opt/rh/httpd24/root/var \
+    SCL_ENABLED=rh-php56
+
 # Copy the S2I scripts from the specific language image to $STI_SCRIPTS_PATH
 COPY ./s2i/bin/ $STI_SCRIPTS_PATH
 
 # Copy extra files to the image.
 COPY ./root/ /
 
-# In order to drop the root user, we have to make some directories world
-# writeable as OpenShift default security model is to run the container under
-# random UID.
-RUN sed -i -f /opt/app-root/etc/httpdconf.sed /opt/rh/httpd24/root/etc/httpd/conf/httpd.conf && \
-    sed -i '/php_value session.save_path/d' /opt/rh/httpd24/root/etc/httpd/conf.d/rh-php56-php.conf && \
-    head -n151 /opt/rh/httpd24/root/etc/httpd/conf/httpd.conf | tail -n1 | grep "AllowOverride All" || exit && \
-    echo "IncludeOptional /opt/app-root/etc/conf.d/*.conf" >> /opt/rh/httpd24/root/etc/httpd/conf/httpd.conf && \
-    mkdir /tmp/sessions && \
-    chown -R 1001:0 /opt/app-root /tmp/sessions && \
-    chmod -R a+rwx /tmp/sessions && \
-    chmod -R ug+rwx /opt/app-root && \
-    chmod -R a+rwx /etc/opt/rh/rh-php56 && \
-    chmod -R a+rwx /opt/rh/httpd24/root/var/run/httpd && \
-    rpm-file-permissions
+# Reset permissions of filesystem to default values
+RUN /usr/libexec/container-setup && rpm-file-permissions
 
 USER 1001
 

diff --git a/5.6/README.md b/5.6/README.md
@@ -153,6 +153,21 @@ After you [Docker exec](http://docker.io) into the running container, your curre
 to `/opt/app-root/src`, where the source code is located.
 
 
+Extending image
+---------------
+Not only content, but also startup scripts and configuration of the image can
+be extended using [source-to-image](https://github.com/openshift/source-to-image).
+
+The structure of the application can look like this:
+
+| Folder name       | Description                |
+|-------------------|----------------------------|
+| `./httpd-cfg`     | Can contain additional Apache configuration files (`*.conf`)|
+| `./httpd-pre-init`| Can contain shell scripts (`*.sh`) that are sourced before `httpd` is started|
+| `./httpd-ssl`     | Can contain own SSL certificate (in `certs/` subdirectory) and key (in `private/` subdirectory)|
+| `./`              | Application source code |
+
+
 See also
 --------
 Dockerfile and other sources are available on https://github.com/sclorg/s2i-php-container.

diff --git a/5.6/root/opt/app-root/etc/httpdconf.sed b/5.6/root/opt/app-root/etc/httpdconf.sed
diff --git a/5.6/root/opt/app-root/etc/php.d/10-opcache.ini.template b/5.6/root/opt/app-root/etc/php.d/10-opcache.ini.template
@@ -63,7 +63,7 @@ opcache.fast_shutdown=1
 ; The location of the OPcache blacklist file (wildcards allowed).
 ; Each OPcache blacklist file is a text file that holds the names of files
 ; that should not be accelerated.
-opcache.blacklist_filename=/etc/opt/rh/rh-php56/php.d/opcache*.blacklist
+opcache.blacklist_filename=${PHP_SYSCONF_PATH}/php.d/opcache*.blacklist
 
 ; Allows exclusion of large files from being cached. By default all files
 ; are cached.

diff --git a/5.6/root/opt/app-root/etc/scl_enable b/5.6/root/opt/app-root/etc/scl_enable
@@ -3,4 +3,4 @@
 #
 # This will make scl collection binaries work out of box.
 unset BASH_ENV PROMPT_COMMAND ENV
-source scl_source enable rh-php56 httpd24 rh-nodejs6
+source scl_source enable ${SCL_ENABLED} httpd24 rh-nodejs6
diff --git a/5.6/root/usr/libexec/container-setup b/5.6/root/usr/libexec/container-setup
@@ -0,0 +1,48 @@
+#!/bin/bash
+
+set -e
+
+# In order to drop the root user, we have to make some directories world
+# writeable as OpenShift default security model is to run the container under
+# random UID.
+
+source ${PHP_CONTAINER_SCRIPTS_PATH}/common.sh
+
+# compatibility symlinks so we hide SCL paths
+if [ -v SCL_ENABLED ] ; then
+  # /opt/rh/httpd24/root/etc/httpd will be symlink to /etc/httpd
+  mv /opt/rh/httpd24/root/etc/httpd /etc/httpd
+  ln -s /etc/httpd /opt/rh/httpd24/root/etc/httpd
+
+  # /opt/rh/httpd24/root/var/run/httpd will be symlink to /var/run/httpd
+  mv /opt/rh/httpd24/root/var/run/httpd /var/run/httpd
+  ln -s /var/run/httpd /opt/rh/httpd24/root/var/run/httpd
+
+  # /opt/rh/httpd24/root/var/www will be symlink to /var/www
+  rm -rf /var/www
+  mv ${HTTPD_DATA_ORIG_PATH} /var/www
+  ln -s /var/www ${HTTPD_DATA_ORIG_PATH}
+else
+  rm -f /opt/app-root/etc/scl_enable
+fi
+
+mkdir -p ${HTTPD_CONFIGURATION_PATH}
+chmod -R a+rwx ${HTTPD_MAIN_CONF_PATH}
+chmod -R a+rwx ${HTTPD_MAIN_CONF_D_PATH}
+chmod -R ug+r   /etc/pki/tls/certs/localhost.crt
+chmod -R ug+r   /etc/pki/tls/private/localhost.key
+chown -R 1000:0 /etc/pki/tls/certs/localhost.crt
+chown -R 1000:0 /etc/pki/tls/private/localhost.key
+mkdir -p ${APP_ROOT}/etc
+chmod -R a+rwx ${APP_ROOT}/etc
+chmod -R a+rwx ${HTTPD_VAR_RUN}
+chown -R 1001:0 ${APP_ROOT}
+mkdir /tmp/sessions
+chown -R 1000:0 /tmp/sessions
+chown -R 1001:0 ${HTTPD_DATA_PATH}
+chmod -R a+rwx ${PHP_SYSCONF_PATH}
+
+mkdir -p ${PHP_CONTAINER_SCRIPTS_PATH}/pre-init
+
+config_general
+