├── .github └── FUNDING.yml ├── CHANGELOG.md ├── Dockerfile ├── Dockerfile-php7.4 ├── Dockerfile-php8.0 ├── LICENSE ├── README.md ├── asset ├── 000-default.conf ├── ecw │ ├── gdal340.zip │ ├── install-libkml-r864-64bit.tar.gz │ └── proj-8.2.0.tar.gz ├── security.conf └── ssl.conf ├── build.sh ├── docker-compose.yml ├── env └── startScript.sh /.github/FUNDING.yml: -------------------------------------------------------------------------------- 1 | # These are supported funding model platforms 2 | 3 | github: [atsanna] # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2] 4 | patreon: # Replace with a single Patreon username 5 | open_collective: # Replace with a single Open Collective username 6 | ko_fi: # Replace with a single Ko-fi username 7 | tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel 8 | community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry 9 | liberapay: # Replace with a single Liberapay username 10 | issuehunt: # Replace with a single IssueHunt username 11 | otechie: # Replace with a single Otechie username 12 | custom: ["https://www.paypal.me/atsanna"] # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2'] 13 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | # Changelog 2 | All notable changes to this project will be documented in this file. 3 | 4 | ## [4.2.3] - 2022-08-07 5 | 6 | - `Upgrade to PHP 8.1.9`: Upgrade from php 8.1.7 to 8.1.9 version 7 | - `Upgrade to CodeIgniter 4.2.3`: Upgrade Framework to Codeginiter 4.2.3 8 | 9 | 10 | ## [4.2.1] - 2022-06-17 11 | 12 | - `The new StartScript allows you to update Codeigniter 4`: by reading the file */vendor/codeigniter4/framework/system/CodeIgniter.php*, the script checks if a composer update is required to update the application. **Warning: Always backup before using a new image!** 13 | - `Added the support for environment variables`: environment variables can be used to generate the Codeigniter .env file. The file will be generated at container startup only if REGEN_ENV_FILE = 1. 14 | - `New PHP images`: they are images designed for application development, complete with many pre-installed php and apache modules. 15 | - `The new images will have a new numbering`: the numbering will contain both the codeigniter version and the php version 16 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM php:8.1.9-apache 2 | 3 | #====================================================================# 4 | # SET VERSION LABEL # 5 | #====================================================================# 6 | ARG BUILD_DATE="June 17 2022" 7 | ARG PHP_VERSION="8.1" 8 | 9 | ENV BUILD_DATE="${BUILD_DATE}" 10 | ENV PHP_VERSION="${PHP_VERSION}" 11 | 12 | #====================================================================# 13 | # SET LABELS # 14 | #====================================================================# 15 | LABEL build_version="PHP: ${PHP_VERSION}" 16 | LABEL build_date="${BUILD_DATE}" 17 | LABEL maintainer="Antonio Sanna " 18 | 19 | #====================================================================# 20 | # SET SERVER NAME # 21 | #====================================================================# 22 | ARG SERVERNAME="localhost" 23 | ARG DOMAIN="example.com" 24 | ARG WWWDOMAIN="www.example.com" 25 | ARG TZ="Europe/Rome" 26 | 27 | ENV SERVERNAME="${SERVERNAME}" 28 | ENV DOMAIN="${DOMAIN}" 29 | ENV WWWDOMAIN="${WWWDOMAIN}" 30 | 31 | #====================================================================# 32 | # SET USER NAME # 33 | #====================================================================# 34 | ARG USER="gisadmin" 35 | 36 | #====================================================================# 37 | # UPGRADE SYSTEM # 38 | #====================================================================# 39 | RUN \ 40 | DEBIAN_FRONTEND=noninteractive \ 41 | apt-get update && \ 42 | apt-get -y upgrade 43 | 44 | #====================================================================# 45 | # INSTALL UTILITY # 46 | #====================================================================# 47 | RUN apt-get -y install --fix-missing sudo \ 48 | gpg \ 49 | vim \ 50 | wget \ 51 | git \ 52 | software-properties-common 53 | 54 | #====================================================================# 55 | # ADD REPOSITORY # 56 | #====================================================================# 57 | RUN sed -i -e "s|# export LS_OPTIONS=|export LS_OPTIONS=|g" -e "s|# alias ls=|alias ls=|g" -e "s|# alias ll=|alias ll=|g" -e "s|# alias rm=|alias rm=|g" ~/.bashrc \ 58 | && ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone \ 59 | && echo "deb http://deb.debian.org/debian buster-backports main contrib non-free" > /etc/apt/sources.list.d/backports.list 60 | 61 | #====================================================================# 62 | # UPGRADE SYSTEM # 63 | #====================================================================# 64 | RUN apt-get update && \ 65 | apt-get -y upgrade 66 | 67 | #====================================================================# 68 | # INSTALL CURL # 69 | #====================================================================# 70 | RUN apt-get -y install --fix-missing curl 71 | 72 | #====================================================================# 73 | # INSTALL GIT # 74 | #====================================================================# 75 | RUN apt-get -y install --fix-missing git 76 | 77 | #====================================================================# 78 | # INSTALL ZIP - UNZIP # 79 | #====================================================================# 80 | RUN apt-get -y install --fix-missing zip unzip 81 | 82 | #====================================================================# 83 | # INSTALL DB CLIENT # 84 | #====================================================================# 85 | RUN apt-get -y install --fix-missing --no-install-recommends \ 86 | mariadb-client \ 87 | postgresql-client 88 | 89 | #====================================================================# 90 | # INSTALL SENDMAIL # 91 | #====================================================================# 92 | RUN apt-get install -q -y ssmtp mailutils 93 | 94 | RUN line=$(head -n 1 /etc/hosts) \ 95 | && line2=$(echo $line | awk '{print $2}') \ 96 | && echo "$line $line2.localdomain" >> /etc/hosts \ 97 | && apt install --fix-missing -y sendmail sendmail-cf m4 \ 98 | && hostname >> /etc/mail/relay-domains \ 99 | && m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf \ 100 | && sed -i -e "s/Port=smtp,Addr=127.0.0.1, Name=MTA/Port=smtp, Name=MTA/g" \ 101 | /etc/mail/sendmail.mc \ 102 | && sendmail -bd 103 | 104 | #====================================================================# 105 | # INSTALL PHP-IMAGIK # 106 | #====================================================================# 107 | RUN apt-get update && apt-get install --fix-missing -y \ 108 | libmagickwand-dev --no-install-recommends \ 109 | && pecl install imagick \ 110 | && docker-php-ext-enable imagick 111 | 112 | #====================================================================# 113 | # INSTALL GIS LIBRARIES # 114 | #====================================================================# 115 | #gdal with ecw and libkml support 116 | ## First remove gdal if it's already installed 117 | RUN apt remove -y gdal-bin gdal-data libgdal20 && \ 118 | apt -y autoremove && \ 119 | apt update && apt -y upgrade && \ 120 | apt install -y libpng-dev libgdal-dev 121 | 122 | ## Unzip ECW libraries "Desktop Read-Only Redistributable" 123 | COPY asset/ecw/hexagon.zip /root 124 | RUN cd /root && \ 125 | unzip hexagon.zip 126 | 127 | ## Copy new libraries to system folder 128 | ## Rename the newabi library as x64 and move necessary libraries to /usr/local/lib 129 | RUN cp -r /root/hexagon/ERDAS-ECW_JPEG_2000_SDK-5.5.0/Desktop_Read-Only /usr/local/hexagon && \ 130 | rm -r /usr/local/hexagon/lib/x64 && \ 131 | mv /usr/local/hexagon/lib/cpp11abi/x64 /usr/local/hexagon/lib/x64 && \ 132 | cp /usr/local/hexagon/lib/x64/release/libNCSEcw* /usr/local/lib && \ 133 | ldconfig /usr/local/hexagon 134 | 135 | ## Install libspatialite 136 | RUN apt-get update -y && \ 137 | apt-get install --fix-missing -y \ 138 | libspatialite-dev \ 139 | sqlite3 140 | 141 | ## Install PROJ 8 142 | COPY asset/ecw/proj-8.2.0.tar.gz /root 143 | RUN cd /root && \ 144 | tar xfvz proj-8.2.0.tar.gz && \ 145 | cd proj-8.2.0 && \ 146 | ./configure --prefix /usr/local && \ 147 | make -j2 && \ 148 | make install 149 | 150 | ## Install libkml 151 | COPY asset/ecw/install-libkml-r864-64bit.tar.gz /root 152 | RUN cd /root && \ 153 | tar xzf install-libkml-r864-64bit.tar.gz && \ 154 | cp -r install-libkml/include/* /usr/local/include && \ 155 | cp -r install-libkml/lib/* /usr/local/lib 156 | 157 | ## Install libavif 158 | RUN apt install --fix-missing -y libavif-dev 159 | 160 | ## Build GDAL with ECW and libkml support 161 | COPY asset/ecw/gdal340.zip /root 162 | RUN cd /root && \ 163 | unzip gdal340.zip && \ 164 | cd gdal-3.4.0 && \ 165 | ./configure \ 166 | --with-avif \ 167 | --with-ecw=/usr/local/hexagon \ 168 | # --with-libkml=/usr/local/lib \ 169 | --with-proj=/usr/local \ 170 | --with-libtiff \ 171 | --with-libz=internal \ 172 | --with-png=internal \ 173 | --with-geotiff=internal \ 174 | --with-threads \ 175 | --without-libkml \ 176 | && \ 177 | make clean && \ 178 | make && \ 179 | make install 180 | 181 | ## Check if it works 182 | RUN export PATH=/usr/local/bin:$PATH && \ 183 | export LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH && \ 184 | gdalinfo --version && \ 185 | gdalinfo --formats | grep ECW 186 | 187 | ## Remove installation files 188 | RUN rm -rf /root/hexagon/ && \ 189 | rm -rf /root/hexagon.zip && \ 190 | rm -rf /root/proj-8.2.0/ && \ 191 | rm -rf /root/proj-8.2.0.tar.gz && \ 192 | rm -rf /root/install-libkml/ && \ 193 | rm -rf /root/install-libkml-r864-64bit.tar.gz && \ 194 | rm -rf /root/gdal-3.4.0/ && \ 195 | rm -rf /root/gdal340.zip 196 | 197 | #====================================================================# 198 | # INSTALL MAPSERVER # 199 | #====================================================================# 200 | RUN apt-get -y install --fix-missing --no-install-recommends \ 201 | libmapserver2 \ 202 | fontconfig \ 203 | cgi-mapserver \ 204 | mapserver-bin \ 205 | libopenjp2-7-dev \ 206 | xl2tpd \ 207 | strongswan \ 208 | libapache2-mod-fcgid \ 209 | libfreetype6 210 | 211 | ## Check if it works 212 | RUN mapserv -v 213 | 214 | RUN apt-get install --fix-missing -y libpq-dev 215 | RUN apt-get install --no-install-recommends -y libpq-dev 216 | RUN apt-get install -y libxml2-dev libbz2-dev zlib1g-dev 217 | 218 | RUN apt-get install --fix-missing -y libsqlite3-dev \ 219 | libsqlite3-0 \ 220 | exif \ 221 | ftp \ 222 | ntp \ 223 | gdal-bin 224 | 225 | ADD https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions /usr/local/bin/ 226 | RUN chmod +x /usr/local/bin/install-php-extensions && \ 227 | install-php-extensions amqp ast bcmath bz2 calendar csv dba decimal ds enchant ev event excimer exif ffi \ 228 | geospatial gettext gd gmp gnupg grpc http igbinary imap intl inotify \ 229 | json_post ldap lzf mailparse maxminddb mcrypt memcache memcached mongodb msgpack mysqli oauth oci8 odbc opcache opencensus \ 230 | openswoole pcov pdo_dblib pdo_firebird pdo_oci pdo_odbc pdo_mysql pdo_pgsql pdo_sqlsrv pcntl pgsql \ 231 | pspell raphf redis seaslog shmop smbclient snmp \ 232 | soap sockets ssh2 sqlsrv uuid xmldiff xmlrpc xsl \ 233 | yac yaml yar zephir_parser zip zend_test zstd 234 | 235 | #====================================================================# 236 | # APACHE CONF # 237 | #====================================================================# 238 | COPY asset/ssl.conf /etc/apache2/mods-available/ssl.conf 239 | COPY asset/security.conf /etc/apache2/conf-available/security.conf 240 | COPY asset/000-default.conf /etc/apache2/sites-enabled/000-default.conf 241 | 242 | #====================================================================# 243 | # INSTALL COMPOSER 2.0 # 244 | #====================================================================# 245 | COPY --from=composer:latest /usr/bin/composer /usr/bin/composer 246 | RUN composer self-update --2 247 | 248 | #ENV APACHE_DOCUMENT_ROOT /var/www/html/codeigniter4/public 249 | RUN apt-get update && apt-get install -y ca-certificates gnupg 250 | RUN curl -fsSL https://deb.nodesource.com/setup_16.x | bash - 251 | 252 | #RUN sed -ri -e 's!/var/www/html!${APACHE_DOCUMENT_ROOT}!g' /etc/apache2/sites-available/*.conf 253 | #RUN sed -ri -e 's!/var/www/!${APACHE_DOCUMENT_ROOT}!g' /etc/apache2/apache2.conf /etc/apache2/conf-available/*.conf 254 | RUN /usr/sbin/a2enmod rewrite && /usr/sbin/a2enmod headers && /usr/sbin/a2enmod expires 255 | RUN apt-get update && apt-get install -y libzip-dev zip && docker-php-ext-install zip 256 | RUN docker-php-ext-install pdo pdo_mysql mysqli 257 | RUN apt-get install -y libtidy-dev \ 258 | 259 | RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer 260 | RUN pecl install xdebug 261 | 262 | RUN echo 'zend_extension=xdebug' >> /usr/local/etc/php/php.ini 263 | RUN echo 'xdebug.mode=develop,debug' >> /usr/local/etc/php/php.ini 264 | RUN echo 'xdebug.client_host=host.docker.internal' >> /usr/local/etc/php/php.ini 265 | RUN echo 'xdebug.start_with_request=trigger' >> /usr/local/etc/php/php.ini 266 | RUN echo 'xdebug.client_port=9003' >> /usr/local/etc/php/php.ini 267 | RUN echo 'session.save_path = "/tmp"' >> /usr/local/etc/php/php.ini 268 | 269 | #====================================================================# 270 | # ENABLE SSL # 271 | #====================================================================# 272 | RUN a2enmod ssl 273 | 274 | #====================================================================# 275 | # ENABLE MAPSERVER # 276 | #====================================================================# 277 | RUN a2enmod cgi 278 | 279 | #====================================================================# 280 | # ENABLE MODULE HEADERS # 281 | #====================================================================# 282 | RUN a2enmod headers proxy_http 283 | 284 | #====================================================================# 285 | # INSTALL FOR # 286 | #====================================================================# 287 | RUN apt install -y nano udev dmidecode \ 288 | && echo "www-data ALL=(ALL) NOPASSWD: /usr/sbin/dmidecode" | sudo tee /etc/sudoers.d/dont-prompt-www-data-for-sudo-password \ 289 | && echo "www-data ALL=(ALL) NOPASSWD: /etc/init.d/sendmail" | sudo tee -a /etc/sudoers.d/dont-prompt-www-data-for-sudo-password 290 | 291 | #====================================================================# 292 | # START SCRIPT # 293 | #====================================================================# 294 | COPY startScript.sh /startScript.sh 295 | 296 | #====================================================================# 297 | # CREATE GROUP AND USER # 298 | #====================================================================# 299 | RUN groupadd -r ${USER} && useradd -g ${USER} ${USER} 300 | 301 | #====================================================================# 302 | # SET OWNERCHIP AND PERMISSION # 303 | #====================================================================# 304 | RUN chown -R www-data:www-data /var/www/html 305 | 306 | #====================================================================# 307 | # CLEAN SYSTEM # 308 | #====================================================================# 309 | RUN apt-get clean && rm -r /var/lib/apt/lists/* \ 310 | && rm -rf \ 311 | /tmp/* \ 312 | /root/.cache 313 | 314 | #====================================================================# 315 | # LOGS # 316 | #====================================================================# 317 | RUN ln -sf /proc/self/fd/1 "/var/log/apache2/access.log" \ 318 | && ln -sf /proc/self/fd/2 "/var/log/apache2/error.log" \ 319 | && ln -sfT /dev/stdout "/var/log/apache2/access.log" \ 320 | && ln -sfT /dev/stderr "/var/log/apache2/error.log" \ 321 | && chown -R --no-dereference "www-data:www-data" "/var/log/apache2" 322 | 323 | #====================================================================# 324 | # SWITH TO USER # 325 | #====================================================================# 326 | #USER ${USER} 327 | USER root 328 | 329 | #====================================================================# 330 | # SET WORKDIR # 331 | #====================================================================# 332 | WORKDIR /var/www/html/codeigniter4 333 | 334 | #====================================================================# 335 | # EXPOSE PORTS # 336 | #====================================================================# 337 | EXPOSE 80 338 | EXPOSE 443 339 | 340 | #====================================================================# 341 | # VOLUMES # 342 | #====================================================================# 343 | #VOLUME ["/var/www/html", "/usr/lib/php/20190902", "/etc/apache2", "/etc/php"] 344 | 345 | #====================================================================# 346 | # HEALTHCHECK # 347 | #====================================================================# 348 | HEALTHCHECK --interval=30s --timeout=3s --retries=5 CMD curl -f http://localhost/ || exit 1 349 | 350 | #====================================================================# 351 | # ENTRYPOINT # 352 | #====================================================================# 353 | CMD ["bash", "/startScript.sh"] 354 | -------------------------------------------------------------------------------- /Dockerfile-php7.4: -------------------------------------------------------------------------------- 1 | FROM php:7.4.30-apache 2 | 3 | #====================================================================# 4 | # SET VERSION LABEL # 5 | #====================================================================# 6 | ARG BUILD_DATE="June 17 2022" 7 | ARG PHP_VERSION="7.4" 8 | 9 | ENV BUILD_DATE="${BUILD_DATE}" 10 | ENV PHP_VERSION="${PHP_VERSION}" 11 | 12 | #====================================================================# 13 | # SET LABELS # 14 | #====================================================================# 15 | LABEL build_version="PHP: ${PHP_VERSION}" 16 | LABEL build_date="${BUILD_DATE}" 17 | LABEL maintainer="Antonio Sanna " 18 | 19 | #====================================================================# 20 | # SET SERVER NAME # 21 | #====================================================================# 22 | ARG SERVERNAME="localhost" 23 | ARG DOMAIN="example.com" 24 | ARG WWWDOMAIN="www.example.com" 25 | ARG TZ="Europe/Rome" 26 | 27 | ENV SERVERNAME="${SERVERNAME}" 28 | ENV DOMAIN="${DOMAIN}" 29 | ENV WWWDOMAIN="${WWWDOMAIN}" 30 | 31 | #====================================================================# 32 | # SET USER NAME # 33 | #====================================================================# 34 | ARG USER="gisadmin" 35 | 36 | #====================================================================# 37 | # UPGRADE SYSTEM # 38 | #====================================================================# 39 | RUN \ 40 | DEBIAN_FRONTEND=noninteractive \ 41 | apt-get update && \ 42 | apt-get -y upgrade 43 | 44 | #====================================================================# 45 | # INSTALL UTILITY # 46 | #====================================================================# 47 | RUN apt-get -y install --fix-missing sudo \ 48 | gpg \ 49 | vim \ 50 | wget \ 51 | git \ 52 | software-properties-common 53 | 54 | #====================================================================# 55 | # ADD REPOSITORY # 56 | #====================================================================# 57 | RUN sed -i -e "s|# export LS_OPTIONS=|export LS_OPTIONS=|g" -e "s|# alias ls=|alias ls=|g" -e "s|# alias ll=|alias ll=|g" -e "s|# alias rm=|alias rm=|g" ~/.bashrc \ 58 | && ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone \ 59 | && echo "deb http://deb.debian.org/debian buster-backports main contrib non-free" > /etc/apt/sources.list.d/backports.list 60 | 61 | #====================================================================# 62 | # UPGRADE SYSTEM # 63 | #====================================================================# 64 | RUN apt-get update && \ 65 | apt-get -y upgrade 66 | 67 | #====================================================================# 68 | # INSTALL CURL # 69 | #====================================================================# 70 | RUN apt-get -y install --fix-missing curl 71 | 72 | #====================================================================# 73 | # INSTALL GIT # 74 | #====================================================================# 75 | RUN apt-get -y install --fix-missing git 76 | 77 | #====================================================================# 78 | # INSTALL ZIP - UNZIP # 79 | #====================================================================# 80 | RUN apt-get -y install --fix-missing zip unzip 81 | 82 | #====================================================================# 83 | # INSTALL DB CLIENT # 84 | #====================================================================# 85 | RUN apt-get -y install --fix-missing --no-install-recommends \ 86 | mariadb-client \ 87 | postgresql-client 88 | 89 | #====================================================================# 90 | # INSTALL SENDMAIL # 91 | #====================================================================# 92 | RUN apt-get install -q -y ssmtp mailutils 93 | 94 | RUN line=$(head -n 1 /etc/hosts) \ 95 | && line2=$(echo $line | awk '{print $2}') \ 96 | && echo "$line $line2.localdomain" >> /etc/hosts \ 97 | && apt install --fix-missing -y sendmail sendmail-cf m4 \ 98 | && hostname >> /etc/mail/relay-domains \ 99 | && m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf \ 100 | && sed -i -e "s/Port=smtp,Addr=127.0.0.1, Name=MTA/Port=smtp, Name=MTA/g" \ 101 | /etc/mail/sendmail.mc \ 102 | && sendmail -bd 103 | 104 | #====================================================================# 105 | # INSTALL PHP-IMAGIK # 106 | #====================================================================# 107 | RUN apt-get update && apt-get install --fix-missing -y \ 108 | libmagickwand-dev --no-install-recommends \ 109 | && pecl install imagick \ 110 | && docker-php-ext-enable imagick 111 | 112 | #====================================================================# 113 | # INSTALL GIS LIBRARIES # 114 | #====================================================================# 115 | #gdal with ecw and libkml support 116 | ## First remove gdal if it's already installed 117 | RUN apt remove -y gdal-bin gdal-data libgdal20 && \ 118 | apt -y autoremove && \ 119 | apt update && apt -y upgrade && \ 120 | apt install -y libpng-dev libgdal-dev 121 | 122 | ## Unzip ECW libraries "Desktop Read-Only Redistributable" 123 | COPY asset/ecw/hexagon.zip /root 124 | RUN cd /root && \ 125 | unzip hexagon.zip 126 | 127 | ## Copy new libraries to system folder 128 | ## Rename the newabi library as x64 and move necessary libraries to /usr/local/lib 129 | RUN cp -r /root/hexagon/ERDAS-ECW_JPEG_2000_SDK-5.5.0/Desktop_Read-Only /usr/local/hexagon && \ 130 | rm -r /usr/local/hexagon/lib/x64 && \ 131 | mv /usr/local/hexagon/lib/cpp11abi/x64 /usr/local/hexagon/lib/x64 && \ 132 | cp /usr/local/hexagon/lib/x64/release/libNCSEcw* /usr/local/lib && \ 133 | ldconfig /usr/local/hexagon 134 | 135 | ## Install libspatialite 136 | RUN apt-get update -y && \ 137 | apt-get install --fix-missing -y \ 138 | libspatialite-dev \ 139 | sqlite3 140 | 141 | ## Install PROJ 8 142 | COPY asset/ecw/proj-8.2.0.tar.gz /root 143 | RUN cd /root && \ 144 | tar xfvz proj-8.2.0.tar.gz && \ 145 | cd proj-8.2.0 && \ 146 | ./configure --prefix /usr/local && \ 147 | make -j2 && \ 148 | make install 149 | 150 | ## Install libkml 151 | COPY asset/ecw/install-libkml-r864-64bit.tar.gz /root 152 | RUN cd /root && \ 153 | tar xzf install-libkml-r864-64bit.tar.gz && \ 154 | cp -r install-libkml/include/* /usr/local/include && \ 155 | cp -r install-libkml/lib/* /usr/local/lib 156 | 157 | ## Install libavif 158 | RUN apt install --fix-missing -y libavif-dev 159 | 160 | ## Build GDAL with ECW and libkml support 161 | COPY asset/ecw/gdal340.zip /root 162 | RUN cd /root && \ 163 | unzip gdal340.zip && \ 164 | cd gdal-3.4.0 && \ 165 | ./configure \ 166 | --with-avif \ 167 | --with-ecw=/usr/local/hexagon \ 168 | # --with-libkml=/usr/local/lib \ 169 | --with-proj=/usr/local \ 170 | --with-libtiff \ 171 | --with-libz=internal \ 172 | --with-png=internal \ 173 | --with-geotiff=internal \ 174 | --with-threads \ 175 | --without-libkml \ 176 | && \ 177 | make clean && \ 178 | make && \ 179 | make install 180 | 181 | ## Check if it works 182 | RUN export PATH=/usr/local/bin:$PATH && \ 183 | export LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH && \ 184 | gdalinfo --version && \ 185 | gdalinfo --formats | grep ECW 186 | 187 | ## Remove installation files 188 | RUN rm -rf /root/hexagon/ && \ 189 | rm -rf /root/hexagon.zip && \ 190 | rm -rf /root/proj-8.2.0/ && \ 191 | rm -rf /root/proj-8.2.0.tar.gz && \ 192 | rm -rf /root/install-libkml/ && \ 193 | rm -rf /root/install-libkml-r864-64bit.tar.gz && \ 194 | rm -rf /root/gdal-3.4.0/ && \ 195 | rm -rf /root/gdal340.zip 196 | 197 | #====================================================================# 198 | # INSTALL MAPSERVER # 199 | #====================================================================# 200 | RUN apt-get -y install --fix-missing --no-install-recommends \ 201 | libmapserver2 \ 202 | fontconfig \ 203 | cgi-mapserver \ 204 | mapserver-bin \ 205 | libopenjp2-7-dev \ 206 | xl2tpd \ 207 | strongswan \ 208 | libapache2-mod-fcgid \ 209 | libfreetype6 210 | 211 | ## Check if it works 212 | RUN mapserv -v 213 | 214 | RUN apt-get install --fix-missing -y libpq-dev 215 | RUN apt-get install --no-install-recommends -y libpq-dev 216 | RUN apt-get install -y libxml2-dev libbz2-dev zlib1g-dev 217 | 218 | RUN apt-get install --fix-missing -y libsqlite3-dev \ 219 | libsqlite3-0 \ 220 | exif \ 221 | ftp \ 222 | ntp \ 223 | gdal-bin 224 | 225 | ADD https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions /usr/local/bin/ 226 | RUN chmod +x /usr/local/bin/install-php-extensions && \ 227 | install-php-extensions amqp ast bcmath bz2 calendar csv dba decimal ds enchant ev event excimer exif ffi \ 228 | geospatial gettext gd gmp gnupg grpc http igbinary imap intl inotify \ 229 | json_post ldap lzf mailparse maxminddb mcrypt memcache memcached mongodb msgpack mysqli oauth oci8 odbc opcache opencensus \ 230 | openswoole pcov pdo_dblib pdo_firebird pdo_oci pdo_odbc pdo_mysql pdo_pgsql pdo_sqlsrv pcntl pgsql \ 231 | pspell raphf redis seaslog shmop smbclient snmp \ 232 | soap sockets ssh2 sqlsrv uuid xmldiff xmlrpc xsl \ 233 | yac yaml yar zephir_parser zip zend_test zstd 234 | 235 | #====================================================================# 236 | # APACHE CONF # 237 | #====================================================================# 238 | COPY asset/ssl.conf /etc/apache2/mods-available/ssl.conf 239 | COPY asset/security.conf /etc/apache2/conf-available/security.conf 240 | COPY asset/000-default.conf /etc/apache2/sites-enabled/000-default.conf 241 | 242 | #====================================================================# 243 | # INSTALL COMPOSER 2.0 # 244 | #====================================================================# 245 | COPY --from=composer:latest /usr/bin/composer /usr/bin/composer 246 | RUN composer self-update --2 247 | 248 | #ENV APACHE_DOCUMENT_ROOT /var/www/html/codeigniter4/public 249 | RUN apt-get update && apt-get install -y ca-certificates gnupg 250 | RUN curl -fsSL https://deb.nodesource.com/setup_16.x | bash - 251 | 252 | #RUN sed -ri -e 's!/var/www/html!${APACHE_DOCUMENT_ROOT}!g' /etc/apache2/sites-available/*.conf 253 | #RUN sed -ri -e 's!/var/www/!${APACHE_DOCUMENT_ROOT}!g' /etc/apache2/apache2.conf /etc/apache2/conf-available/*.conf 254 | RUN /usr/sbin/a2enmod rewrite && /usr/sbin/a2enmod headers && /usr/sbin/a2enmod expires 255 | RUN apt-get update && apt-get install -y libzip-dev zip && docker-php-ext-install zip 256 | RUN docker-php-ext-install pdo pdo_mysql mysqli 257 | RUN apt-get install -y libtidy-dev \ 258 | 259 | RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer 260 | RUN pecl install xdebug 261 | 262 | RUN echo 'zend_extension=xdebug' >> /usr/local/etc/php/php.ini 263 | RUN echo 'xdebug.mode=develop,debug' >> /usr/local/etc/php/php.ini 264 | RUN echo 'xdebug.client_host=host.docker.internal' >> /usr/local/etc/php/php.ini 265 | RUN echo 'xdebug.start_with_request=trigger' >> /usr/local/etc/php/php.ini 266 | RUN echo 'xdebug.client_port=9003' >> /usr/local/etc/php/php.ini 267 | RUN echo 'session.save_path = "/tmp"' >> /usr/local/etc/php/php.ini 268 | 269 | #====================================================================# 270 | # ENABLE SSL # 271 | #====================================================================# 272 | RUN a2enmod ssl 273 | 274 | #====================================================================# 275 | # ENABLE MAPSERVER # 276 | #====================================================================# 277 | RUN a2enmod cgi 278 | 279 | #====================================================================# 280 | # ENABLE MODULE HEADERS # 281 | #====================================================================# 282 | RUN a2enmod headers proxy_http 283 | 284 | #====================================================================# 285 | # INSTALL FOR # 286 | #====================================================================# 287 | RUN apt install -y nano udev dmidecode \ 288 | && echo "www-data ALL=(ALL) NOPASSWD: /usr/sbin/dmidecode" | sudo tee /etc/sudoers.d/dont-prompt-www-data-for-sudo-password \ 289 | && echo "www-data ALL=(ALL) NOPASSWD: /etc/init.d/sendmail" | sudo tee -a /etc/sudoers.d/dont-prompt-www-data-for-sudo-password 290 | 291 | #====================================================================# 292 | # START SCRIPT # 293 | #====================================================================# 294 | COPY startScript.sh /startScript.sh 295 | 296 | #====================================================================# 297 | # CREATE GROUP AND USER # 298 | #====================================================================# 299 | RUN groupadd -r ${USER} && useradd -g ${USER} ${USER} 300 | 301 | #====================================================================# 302 | # SET OWNERCHIP AND PERMISSION # 303 | #====================================================================# 304 | RUN chown -R www-data:www-data /var/www/html 305 | 306 | #====================================================================# 307 | # CLEAN SYSTEM # 308 | #====================================================================# 309 | RUN apt-get clean && rm -r /var/lib/apt/lists/* \ 310 | && rm -rf \ 311 | /tmp/* \ 312 | /root/.cache 313 | 314 | #====================================================================# 315 | # LOGS # 316 | #====================================================================# 317 | RUN ln -sf /proc/self/fd/1 "/var/log/apache2/access.log" \ 318 | && ln -sf /proc/self/fd/2 "/var/log/apache2/error.log" \ 319 | && ln -sfT /dev/stdout "/var/log/apache2/access.log" \ 320 | && ln -sfT /dev/stderr "/var/log/apache2/error.log" \ 321 | && chown -R --no-dereference "www-data:www-data" "/var/log/apache2" 322 | 323 | #====================================================================# 324 | # SWITH TO USER # 325 | #====================================================================# 326 | #USER ${USER} 327 | USER root 328 | 329 | #====================================================================# 330 | # SET WORKDIR # 331 | #====================================================================# 332 | WORKDIR /var/www/html/codeigniter4 333 | 334 | #====================================================================# 335 | # EXPOSE PORTS # 336 | #====================================================================# 337 | EXPOSE 80 338 | EXPOSE 443 339 | 340 | #====================================================================# 341 | # VOLUMES # 342 | #====================================================================# 343 | #VOLUME ["/var/www/html", "/usr/lib/php/20190902", "/etc/apache2", "/etc/php"] 344 | 345 | #====================================================================# 346 | # HEALTHCHECK # 347 | #====================================================================# 348 | HEALTHCHECK --interval=30s --timeout=3s --retries=5 CMD curl -f http://localhost/ || exit 1 349 | 350 | #====================================================================# 351 | # ENTRYPOINT # 352 | #====================================================================# 353 | CMD ["bash", "/startScript.sh"] 354 | -------------------------------------------------------------------------------- /Dockerfile-php8.0: -------------------------------------------------------------------------------- 1 | FROM php:8.0.20-apache 2 | 3 | #====================================================================# 4 | # SET VERSION LABEL # 5 | #====================================================================# 6 | ARG BUILD_DATE="June 17 2022" 7 | ARG PHP_VERSION="8.0" 8 | 9 | ENV BUILD_DATE="${BUILD_DATE}" 10 | ENV PHP_VERSION="${PHP_VERSION}" 11 | 12 | #====================================================================# 13 | # SET LABELS # 14 | #====================================================================# 15 | LABEL build_version="PHP: ${PHP_VERSION}" 16 | LABEL build_date="${BUILD_DATE}" 17 | LABEL maintainer="Antonio Sanna " 18 | 19 | #====================================================================# 20 | # SET SERVER NAME # 21 | #====================================================================# 22 | ARG SERVERNAME="localhost" 23 | ARG DOMAIN="example.com" 24 | ARG WWWDOMAIN="www.example.com" 25 | ARG TZ="Europe/Rome" 26 | 27 | ENV SERVERNAME="${SERVERNAME}" 28 | ENV DOMAIN="${DOMAIN}" 29 | ENV WWWDOMAIN="${WWWDOMAIN}" 30 | 31 | #====================================================================# 32 | # SET USER NAME # 33 | #====================================================================# 34 | ARG USER="gisadmin" 35 | 36 | #====================================================================# 37 | # UPGRADE SYSTEM # 38 | #====================================================================# 39 | RUN \ 40 | DEBIAN_FRONTEND=noninteractive \ 41 | apt-get update && \ 42 | apt-get -y upgrade 43 | 44 | #====================================================================# 45 | # INSTALL UTILITY # 46 | #====================================================================# 47 | RUN apt-get -y install --fix-missing sudo \ 48 | gpg \ 49 | vim \ 50 | wget \ 51 | git \ 52 | software-properties-common 53 | 54 | #====================================================================# 55 | # ADD REPOSITORY # 56 | #====================================================================# 57 | RUN sed -i -e "s|# export LS_OPTIONS=|export LS_OPTIONS=|g" -e "s|# alias ls=|alias ls=|g" -e "s|# alias ll=|alias ll=|g" -e "s|# alias rm=|alias rm=|g" ~/.bashrc \ 58 | && ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone \ 59 | && echo "deb http://deb.debian.org/debian buster-backports main contrib non-free" > /etc/apt/sources.list.d/backports.list 60 | 61 | #====================================================================# 62 | # UPGRADE SYSTEM # 63 | #====================================================================# 64 | RUN apt-get update && \ 65 | apt-get -y upgrade 66 | 67 | #====================================================================# 68 | # INSTALL CURL # 69 | #====================================================================# 70 | RUN apt-get -y install --fix-missing curl 71 | 72 | #====================================================================# 73 | # INSTALL GIT # 74 | #====================================================================# 75 | RUN apt-get -y install --fix-missing git 76 | 77 | #====================================================================# 78 | # INSTALL ZIP - UNZIP # 79 | #====================================================================# 80 | RUN apt-get -y install --fix-missing zip unzip 81 | 82 | #====================================================================# 83 | # INSTALL DB CLIENT # 84 | #====================================================================# 85 | RUN apt-get -y install --fix-missing --no-install-recommends \ 86 | mariadb-client \ 87 | postgresql-client 88 | 89 | #====================================================================# 90 | # INSTALL SENDMAIL # 91 | #====================================================================# 92 | RUN apt-get install -q -y ssmtp mailutils 93 | 94 | RUN line=$(head -n 1 /etc/hosts) \ 95 | && line2=$(echo $line | awk '{print $2}') \ 96 | && echo "$line $line2.localdomain" >> /etc/hosts \ 97 | && apt install --fix-missing -y sendmail sendmail-cf m4 \ 98 | && hostname >> /etc/mail/relay-domains \ 99 | && m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf \ 100 | && sed -i -e "s/Port=smtp,Addr=127.0.0.1, Name=MTA/Port=smtp, Name=MTA/g" \ 101 | /etc/mail/sendmail.mc \ 102 | && sendmail -bd 103 | 104 | #====================================================================# 105 | # INSTALL PHP-IMAGIK # 106 | #====================================================================# 107 | RUN apt-get update && apt-get install --fix-missing -y \ 108 | libmagickwand-dev --no-install-recommends \ 109 | && pecl install imagick \ 110 | && docker-php-ext-enable imagick 111 | 112 | #====================================================================# 113 | # INSTALL GIS LIBRARIES # 114 | #====================================================================# 115 | #gdal with ecw and libkml support 116 | ## First remove gdal if it's already installed 117 | RUN apt remove -y gdal-bin gdal-data libgdal20 && \ 118 | apt -y autoremove && \ 119 | apt update && apt -y upgrade && \ 120 | apt install -y libpng-dev libgdal-dev 121 | 122 | ## Unzip ECW libraries "Desktop Read-Only Redistributable" 123 | COPY asset/ecw/hexagon.zip /root 124 | RUN cd /root && \ 125 | unzip hexagon.zip 126 | 127 | ## Copy new libraries to system folder 128 | ## Rename the newabi library as x64 and move necessary libraries to /usr/local/lib 129 | RUN cp -r /root/hexagon/ERDAS-ECW_JPEG_2000_SDK-5.5.0/Desktop_Read-Only /usr/local/hexagon && \ 130 | rm -r /usr/local/hexagon/lib/x64 && \ 131 | mv /usr/local/hexagon/lib/cpp11abi/x64 /usr/local/hexagon/lib/x64 && \ 132 | cp /usr/local/hexagon/lib/x64/release/libNCSEcw* /usr/local/lib && \ 133 | ldconfig /usr/local/hexagon 134 | 135 | ## Install libspatialite 136 | RUN apt-get update -y && \ 137 | apt-get install --fix-missing -y \ 138 | libspatialite-dev \ 139 | sqlite3 140 | 141 | ## Install PROJ 8 142 | COPY asset/ecw/proj-8.2.0.tar.gz /root 143 | RUN cd /root && \ 144 | tar xfvz proj-8.2.0.tar.gz && \ 145 | cd proj-8.2.0 && \ 146 | ./configure --prefix /usr/local && \ 147 | make -j2 && \ 148 | make install 149 | 150 | ## Install libkml 151 | COPY asset/ecw/install-libkml-r864-64bit.tar.gz /root 152 | RUN cd /root && \ 153 | tar xzf install-libkml-r864-64bit.tar.gz && \ 154 | cp -r install-libkml/include/* /usr/local/include && \ 155 | cp -r install-libkml/lib/* /usr/local/lib 156 | 157 | ## Install libavif 158 | RUN apt install --fix-missing -y libavif-dev 159 | 160 | ## Build GDAL with ECW and libkml support 161 | COPY asset/ecw/gdal340.zip /root 162 | RUN cd /root && \ 163 | unzip gdal340.zip && \ 164 | cd gdal-3.4.0 && \ 165 | ./configure \ 166 | --with-avif \ 167 | --with-ecw=/usr/local/hexagon \ 168 | # --with-libkml=/usr/local/lib \ 169 | --with-proj=/usr/local \ 170 | --with-libtiff \ 171 | --with-libz=internal \ 172 | --with-png=internal \ 173 | --with-geotiff=internal \ 174 | --with-threads \ 175 | --without-libkml \ 176 | && \ 177 | make clean && \ 178 | make && \ 179 | make install 180 | 181 | ## Check if it works 182 | RUN export PATH=/usr/local/bin:$PATH && \ 183 | export LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH && \ 184 | gdalinfo --version && \ 185 | gdalinfo --formats | grep ECW 186 | 187 | ## Remove installation files 188 | RUN rm -rf /root/hexagon/ && \ 189 | rm -rf /root/hexagon.zip && \ 190 | rm -rf /root/proj-8.2.0/ && \ 191 | rm -rf /root/proj-8.2.0.tar.gz && \ 192 | rm -rf /root/install-libkml/ && \ 193 | rm -rf /root/install-libkml-r864-64bit.tar.gz && \ 194 | rm -rf /root/gdal-3.4.0/ && \ 195 | rm -rf /root/gdal340.zip 196 | 197 | #====================================================================# 198 | # INSTALL MAPSERVER # 199 | #====================================================================# 200 | RUN apt-get -y install --fix-missing --no-install-recommends \ 201 | libmapserver2 \ 202 | fontconfig \ 203 | cgi-mapserver \ 204 | mapserver-bin \ 205 | libopenjp2-7-dev \ 206 | xl2tpd \ 207 | strongswan \ 208 | libapache2-mod-fcgid \ 209 | libfreetype6 210 | 211 | ## Check if it works 212 | RUN mapserv -v 213 | 214 | RUN apt-get install --fix-missing -y libpq-dev 215 | RUN apt-get install --no-install-recommends -y libpq-dev 216 | RUN apt-get install -y libxml2-dev libbz2-dev zlib1g-dev 217 | 218 | RUN apt-get install --fix-missing -y libsqlite3-dev \ 219 | libsqlite3-0 \ 220 | exif \ 221 | ftp \ 222 | ntp \ 223 | gdal-bin 224 | 225 | ADD https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions /usr/local/bin/ 226 | RUN chmod +x /usr/local/bin/install-php-extensions && \ 227 | install-php-extensions amqp ast bcmath bz2 calendar csv dba decimal ds enchant ev event excimer exif ffi \ 228 | geospatial gettext gd gmp gnupg grpc http igbinary imap intl inotify \ 229 | json_post ldap lzf mailparse maxminddb mcrypt memcache memcached mongodb msgpack mysqli oauth oci8 odbc opcache opencensus \ 230 | openswoole pcov pdo_dblib pdo_firebird pdo_oci pdo_odbc pdo_mysql pdo_pgsql pdo_sqlsrv pcntl pgsql \ 231 | pspell raphf redis seaslog shmop smbclient snmp \ 232 | soap sockets ssh2 sqlsrv uuid xmldiff xmlrpc xsl \ 233 | yac yaml yar zephir_parser zip zend_test zstd 234 | 235 | #====================================================================# 236 | # APACHE CONF # 237 | #====================================================================# 238 | COPY asset/ssl.conf /etc/apache2/mods-available/ssl.conf 239 | COPY asset/security.conf /etc/apache2/conf-available/security.conf 240 | COPY asset/000-default.conf /etc/apache2/sites-enabled/000-default.conf 241 | 242 | #====================================================================# 243 | # INSTALL COMPOSER 2.0 # 244 | #====================================================================# 245 | COPY --from=composer:latest /usr/bin/composer /usr/bin/composer 246 | RUN composer self-update --2 247 | 248 | #ENV APACHE_DOCUMENT_ROOT /var/www/html/codeigniter4/public 249 | RUN apt-get update && apt-get install -y ca-certificates gnupg 250 | RUN curl -fsSL https://deb.nodesource.com/setup_16.x | bash - 251 | 252 | #RUN sed -ri -e 's!/var/www/html!${APACHE_DOCUMENT_ROOT}!g' /etc/apache2/sites-available/*.conf 253 | #RUN sed -ri -e 's!/var/www/!${APACHE_DOCUMENT_ROOT}!g' /etc/apache2/apache2.conf /etc/apache2/conf-available/*.conf 254 | RUN /usr/sbin/a2enmod rewrite && /usr/sbin/a2enmod headers && /usr/sbin/a2enmod expires 255 | RUN apt-get update && apt-get install -y libzip-dev zip && docker-php-ext-install zip 256 | RUN docker-php-ext-install pdo pdo_mysql mysqli 257 | RUN apt-get install -y libtidy-dev \ 258 | 259 | RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer 260 | RUN pecl install xdebug 261 | 262 | RUN echo 'zend_extension=xdebug' >> /usr/local/etc/php/php.ini 263 | RUN echo 'xdebug.mode=develop,debug' >> /usr/local/etc/php/php.ini 264 | RUN echo 'xdebug.client_host=host.docker.internal' >> /usr/local/etc/php/php.ini 265 | RUN echo 'xdebug.start_with_request=trigger' >> /usr/local/etc/php/php.ini 266 | RUN echo 'xdebug.client_port=9003' >> /usr/local/etc/php/php.ini 267 | RUN echo 'session.save_path = "/tmp"' >> /usr/local/etc/php/php.ini 268 | 269 | #====================================================================# 270 | # ENABLE SSL # 271 | #====================================================================# 272 | RUN a2enmod ssl 273 | 274 | #====================================================================# 275 | # ENABLE MAPSERVER # 276 | #====================================================================# 277 | RUN a2enmod cgi 278 | 279 | #====================================================================# 280 | # ENABLE MODULE HEADERS # 281 | #====================================================================# 282 | RUN a2enmod headers proxy_http 283 | 284 | #====================================================================# 285 | # INSTALL FOR # 286 | #====================================================================# 287 | RUN apt install -y nano udev dmidecode \ 288 | && echo "www-data ALL=(ALL) NOPASSWD: /usr/sbin/dmidecode" | sudo tee /etc/sudoers.d/dont-prompt-www-data-for-sudo-password \ 289 | && echo "www-data ALL=(ALL) NOPASSWD: /etc/init.d/sendmail" | sudo tee -a /etc/sudoers.d/dont-prompt-www-data-for-sudo-password 290 | 291 | #====================================================================# 292 | # START SCRIPT # 293 | #====================================================================# 294 | COPY startScript.sh /startScript.sh 295 | 296 | #====================================================================# 297 | # CREATE GROUP AND USER # 298 | #====================================================================# 299 | RUN groupadd -r ${USER} && useradd -g ${USER} ${USER} 300 | 301 | #====================================================================# 302 | # SET OWNERCHIP AND PERMISSION # 303 | #====================================================================# 304 | RUN chown -R www-data:www-data /var/www/html 305 | 306 | #====================================================================# 307 | # CLEAN SYSTEM # 308 | #====================================================================# 309 | RUN apt-get clean && rm -r /var/lib/apt/lists/* \ 310 | && rm -rf \ 311 | /tmp/* \ 312 | /root/.cache 313 | 314 | #====================================================================# 315 | # LOGS # 316 | #====================================================================# 317 | RUN ln -sf /proc/self/fd/1 "/var/log/apache2/access.log" \ 318 | && ln -sf /proc/self/fd/2 "/var/log/apache2/error.log" \ 319 | && ln -sfT /dev/stdout "/var/log/apache2/access.log" \ 320 | && ln -sfT /dev/stderr "/var/log/apache2/error.log" \ 321 | && chown -R --no-dereference "www-data:www-data" "/var/log/apache2" 322 | 323 | #====================================================================# 324 | # SWITH TO USER # 325 | #====================================================================# 326 | #USER ${USER} 327 | USER root 328 | 329 | #====================================================================# 330 | # SET WORKDIR # 331 | #====================================================================# 332 | WORKDIR /var/www/html/codeigniter4 333 | 334 | #====================================================================# 335 | # EXPOSE PORTS # 336 | #====================================================================# 337 | EXPOSE 80 338 | EXPOSE 443 339 | 340 | #====================================================================# 341 | # VOLUMES # 342 | #====================================================================# 343 | #VOLUME ["/var/www/html", "/usr/lib/php/20190902", "/etc/apache2", "/etc/php"] 344 | 345 | #====================================================================# 346 | # HEALTHCHECK # 347 | #====================================================================# 348 | HEALTHCHECK --interval=30s --timeout=3s --retries=5 CMD curl -f http://localhost/ || exit 1 349 | 350 | #====================================================================# 351 | # ENTRYPOINT # 352 | #====================================================================# 353 | CMD ["bash", "/startScript.sh"] 354 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2020 Antonio Sanna 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ## Docker Image for CodeIgniter4 development 2 | [![Docker Build Status](https://img.shields.io/docker/cloud/build/atsanna/codeigniter4?style=for-the-badge)](https://hub.docker.com/r/atsanna/codeigniter4/) 3 | [![Docker Stars](https://img.shields.io/docker/stars/atsanna/codeigniter4?style=for-the-badge)](https://hub.docker.com/r/atsanna/codeigniter4/) 4 | [![Docker Image Version (tag latest semver)](https://img.shields.io/docker/v/atsanna/codeigniter4/latest?style=for-the-badge)](https://hub.docker.com/r/atsanna/codeigniter4/) 5 | [![Docker Pulls](https://img.shields.io/docker/pulls/atsanna/codeigniter4?style=for-the-badge)](https://hub.docker.com/r/atsanna/codeigniter4/) 6 | [![Docker Image Size](https://img.shields.io/docker/image-size/atsanna/codeigniter4?latest&style=for-the-badge)](https://hub.docker.com/r/atsanna/codeigniter4/) 7 | 8 | This repository provides you a development environment without requiring you to install PHP, a web server, and any other server software on your local machine. For this, it requires Docker and Docker Compose. 9 | 10 | Basic example to create your container (tested on Ubuntu 20.04 - Docker version 20.10.11, build dea9396 - docker-compose version 1.25.0 ): 11 | 12 | **NOTE: This package is under early development and is not ready for prime-time.** 13 | 14 | **The old version is still available in the branch called "old"** 15 | 16 | ## Build Image 17 | 18 | Clone thi repository and run: 19 | ``` 20 | ./build.sh 21 | ``` 22 | 23 | start the container with php 7.4: 24 | ``` 25 | docker container run -it --publish 80:80 --name ci4 -v /localfolder:/var/www/html codeigniter4.2.3:7.4.30-apache 26 | ``` 27 | 28 | start the container with php 8.0: 29 | ``` 30 | docker container run -it --publish 80:80 --name ci4 -v /localfolder:/var/www/html codeigniter4.2.3:8.0.20-apache 31 | ``` 32 | 33 | start the container with php 8.1: 34 | ``` 35 | docker container run -it --publish 80:80 --name ci4 -v /localfolder:/var/www/html codeigniter4.2.3:8.1.9-apache 36 | ``` 37 | 38 | ## Installation 39 | 40 | 1. Install [docker](https://docs.docker.com/engine/installation/) and [docker-compose](https://docs.docker.com/compose/install/) ; 41 | 42 | 2. Copy `docker-compose.yml` file to your project root path, and edit it according to your needs ; 43 | 44 | 3. Uncomment, in the `docker-compose.yml` file, the image you want to use it ; 45 | 46 | 4. From your project directory, start up your application by running: 47 | 48 | ```sh 49 | docker-compose up -d 50 | ``` 51 | 52 | 4. From your project directory, stop your application by running: 53 | 54 | ```sh 55 | docker-compose down --volumes 56 | ``` 57 | 58 | # Environment variables summary: 59 | 60 | ## Environment file 61 | ### allowed values are: [`0`, `1`] 62 | - `REGEN_ENV_FILE` - if 1, the `.env` file will be created and overwritten when the container starts 63 | 64 | ## App Configuration 65 | - `CI_ENVIRONMENT` - ENVIRONMENT [`production`, `develompent`, `tests`] 66 | - `APP_BASE_URL` - URL to your CodeIgniter root. Typically this will be your base URL, WITH a trailing slash [`http://localhost/`] 67 | - `APP_FORCE_GLOBAl_SECURE_REQUESTS` - If true, this will force every request made to this application to be made via a secure connection (HTTPS) [`true`, `false`] 68 | 69 | 70 | ## App Session 71 | - `APP_SESSION_DRIVER` - [`CodeIgniter\Session\Handlers\FileHandler`] 72 | - `APP_SESSION_COOCKIE_NAME` - [`ci_session`] 73 | - `APP_SESSION_EXPIRATION` - [`7200`] 74 | - `APP_SESSION_SAVE_PATH` - [`null`] 75 | - `APP_SESSION_MATCH_CHIP` - [`true`, `false`] 76 | - `APP_SESSION_TIME_TO_UPDATE` - [`300`] 77 | - `APP_SESSION_REGENERATE_DESTROY` - [`true`, `false`] 78 | - `APP_CSP_ENABLED` - [`true`, `false`] 79 | 80 | ## Default Database Configuration 81 | - `DB_DEFAULT_HOSTNAME` - default hostname [`127.0.0.1`] 82 | - `DB_DEFAULT_DATABASE` - default database name 83 | - `DB_DEFAULT_USERNAME` - default database username 84 | - `DB_DEFAULT_PASSWORD` - default database password 85 | - `DB_DEFAULT_DRIVER` - default database driver [`MySQLi`, `SQLSRV`, `Postgre`, `OCI8`, `SQLite3`] 86 | - `DB_DEFAULT_PORT` - default database port [`3306`, `1443`, `5432`, `1521`] 87 | - `DB_DEFAULT_PREFIX` - default database prefix 88 | 89 | ## Tests Database Configuration 90 | - `DB_TESTS_HOSTNAME` - tests hostname [`127.0.0.1`] 91 | - `DB_TESTS_DATABASE` - tests database name 92 | - `DB_TESTS_USERNAME` - tests database username 93 | - `DB_TESTS_PASSWORD` - tests database password 94 | - `DB_TESTS_DRIVER` - tests database driver [`MySQLi`, `SQLSRV`, `Postgre`, `OCI8`, `SQLite3`] 95 | - `DB_TESTS_PORT` - tests database port [`3306`, `1443`, `5432`, `1521`] 96 | - `DB_TESTS_PREFIX` - tests database prefix 97 | 98 | - `DB_DEFAULT_PREFIX` - default database prefix 99 | 100 | ## Content Secure Policy Configuration 101 | - `CONTENT_SECURE_POLICY_REPORT_ONLY` - Default CSP report context [`true`, `false`] 102 | - `CONTENT_SECURE_POLICY_DEFAULT_SRC` - Will default to self if not overridden [`none`] 103 | - `CONTENT_SECURE_POLICY_SCRIPT_SRC` - Lists allowed scripts' URLs [`self`] 104 | - `CONTENT_SECURE_POLICY_STYLE_SRC` - Lists allowed stylesheets' URLs [`self`] 105 | - `CONTENT_SECURE_POLICY_IMAGE_SRC` - Defines the origins from which images can be loaded [`self`] 106 | - `CONTENT_SECURE_POLICY_BASE_URI` - Restricts the URLs that can appear in a page's `` element [`null`] 107 | - `CONTENT_SECURE_POLICY_CHILD_SRC` - Lists the URLs for workers and embedded frame contents [`null`] 108 | - `CONTENT_SECURE_POLICY_CONNECT_SRC` - Limits the origins that you can connect to (via XHR, WebSockets, and EventSource)[`self`] 109 | - `CONTENT_SECURE_POLICY_FONT_SRC` - Specifies the origins that can serve web fonts [`null`] 110 | - `CONTENT_SECURE_POLICY_FORM_ACTION` - Lists valid endpoints for submission from `
` tags [`null`] 111 | - `CONTENT_SECURE_POLICY_FRAME_ANCESTORS` - Specifies the sources that can embed the current page [`null`] 112 | - `CONTENT_SECURE_POLICY_RFAME_SRC` - The frame-src directive restricts the URLs which may be loaded into nested browsing contexts [`null`] 113 | - `CONTENT_SECURE_POLICY_MEDIA_SRC` - Restricts the origins allowed to deliver video and audio [`null`] 114 | - `CONTENT_SECURE_POLICY_OBJECT_SRC` - Allows control over Flash and other plugins [`null`] 115 | - `CONTENT_SECURE_POLICY_PLUGIN_TYPES` - Limits the kinds of plugins a page may invoke [`null`] 116 | - `CONTENT_SECURE_POLICY_REPORT_URI` - Specifies a URL where a browser will send reports when a content security policy is violated [`null`] 117 | - `CONTENT_SECURE_POLICY_SANDBOX` - List of actions allowed [`true`, `false`] 118 | - `CONTENT_SECURE_POLICY_UPGRADE_INSECURE_REQUESTS` - Instructs user agents to rewrite URL schemes, changing HTTP to HTTPS. This directive is for websites with large numbers of old URLs that need to be rewritten[`true`, `false`] 119 | 120 | ## Cookie Configuration 121 | - `COOKIE_PREFIX` - Set a cookie name prefix if you need to avoid collisions [``] 122 | - `COOKIE_EXPIRES` - Default expires timestamp for cookies [`0`] 123 | - `COOKIE_PATH` - Typically will be a forward slash [`/`] 124 | - `COOKIE_DOMAIN` - Set to `.your-domain.com` for site-wide cookies [``] 125 | - `COOKIE_SECURE` - Cookie will only be set if a secure HTTPS connection exists [`true`, `false`] 126 | - `COOKIE_HTTP_ONLY` - Cookie will only be accessible via HTTP(S) (no JavaScript) [`true`, `false`] 127 | - `COOKIE_SAME_SITE` - Configure cookie SameSite setting [`None`, `Lax`, `Strict`, `''`] 128 | - `COOKIE_RAW` - This flag allows setting a "raw" cookie [`true`, `false`] 129 | 130 | ## Encryption Configuration 131 | - `ENCRYPTION_KEY` - If you use the Encryption class you must set an encryption key (seed) [``] 132 | - `ENCRYPTION_DRIVER` - One of the supported encryption drivers [`OpenSSL`, `Sodium`] 133 | - `ENCRYPTION_BLOCK_SIZE` - This is the number of bytes that will be padded to the plaintext message before it is encrypted [`16`] 134 | - `ENCRYPTION_DIGEST` - HMAC digest to use [`SHA256`, `SHA512`] 135 | 136 | ## Honeypot Configuration 137 | - `HONEYPOT_HIDDEN` - Makes Honeypot visible or not to human [`true`, `false`] 138 | - `HONEYPOT_LABEL` - Honeypot Label Content [`Fill This Field`] 139 | - `HONEYPOT_NAME` - Honeypot Field Name [`honeypot`] 140 | - `HONEYPOT_TEMPLATE` - Honeypot HTML Template [``] 141 | - `HONEYPOT_CONTAINER` - Honeypot container [`
{template}
`] 142 | 143 | ## Security Configuration 144 | - `SECURITY_CSRF_PROTECTION` - Protection Method for Cross Site Request Forgery protection [`cookie`, `session`] 145 | - `SECURITY_TOKEN_RANDOMIZE` - Randomize the CSRF Token for added security [`true`, `false`] 146 | - `SECURITY_TOKEN_NAME` - Token name for Cross Site Request Forgery protection [`csrf_token_name`] 147 | - `SECURITY_HEADER_NAME` - Header name for Cross Site Request Forgery protection [`X-CSRF-TOKE`] 148 | - `SECURITY_COOKIE_NAME` - Cookie name for Cross Site Request Forgery protection [`csrf_cookie_name`] 149 | - `SECURITY_EXPIRES` - Expiration time for Cross Site Request Forgery protection cookie [`7200`] 150 | - `SECURITY_REGENERATE` - Regenerate CSRF Token on every submission [`true`, `false`] 151 | - `SECURITY_REDIRECT` - Redirect to previous page with error on failure [`true`, `false`] 152 | - `SECURITY_SAME_SITE` - Setting for CSRF SameSite cookie token [`None`, `Lax`, `Strict`, `''`] 153 | 154 | ## Logger Configuration 155 | - `LOGGER_THRESHOLD` - You can enable error logging by setting a threshold over zero [`0`, `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`] 156 | - Threshold options are: 157 | * 0 = Disables logging, Error logging TURNED OFF 158 | * 1 = Emergency Messages - System is unusable 159 | * 2 = Alert Messages - Action Must Be Taken Immediately 160 | * 3 = Critical Messages - Application component unavailable, unexpected exception. 161 | * 4 = Runtime Errors - Don't need immediate action, but should be monitored. 162 | * 5 = Warnings - Exceptional occurrences that are not errors. 163 | * 6 = Notices - Normal but significant events. 164 | * 7 = Info - Interesting events, like user logging in, etc. 165 | * 8 = Debug - Detailed debug information. 166 | * 9 = All Messages 167 | 168 | ## Curl Request Configuration 169 | - `CURL_REQUEST_SHARE_OPTIONS` - Whether share options between requests or not [`true`, `false`] 170 | 171 | ## Sendmail Configuration 172 | - `ROOT_EMAIL` - The user that gets all mail for userids less than 1000. Ifblank, address rewriting is disabled. 173 | - `MAIL_SERVER` - The host to send mail to, in the form host. 174 | - `MAIL_SERVER_PORT` - The port to send mail to, in the form host. 175 | - `MAIL_SERVER_USER` - The user name to use for SMTP AUTH. 176 | - `MAIL_SERVER_PASSWORD` - The password to use for SMTP AUTH. 177 | - `MAIL_SERVER_TLS` - Specifies whether ssmtp uses TLS to talk to the SMTP server. 178 | - `MAIL_SERVER_STARTTLS` - Specifies whether ssmtp does a EHLO/STARTTLS before starting SSL negotiation. 179 | 180 | ## List of Apache Modules pre-installed on these Docker images (apachectl -M) 181 | 182 | - `core_module` (static) 183 | - `so_module` (static) 184 | - `watchdog_module` (static) 185 | - `http_module` (static) 186 | - `log_config_module` (static) 187 | - `logio_module` (static) 188 | - `version_module` (static) 189 | - `unixd_module` (static) 190 | - `access_compat_module` (shared) 191 | - `alias_module` (shared) 192 | - `auth_basic_module` (shared) 193 | - `authn_core_module` (shared) 194 | - `authn_file_module` (shared) 195 | - `authz_core_module` (shared) 196 | - `authz_host_module` (shared) 197 | - `authz_user_module` (shared) 198 | - `autoindex_module` (shared) 199 | - `cgi_module` (shared) 200 | - `deflate_module` (shared) 201 | - `dir_module` (shared) 202 | - `env_module` (shared) 203 | - `expires_module` (shared) 204 | - `fcgid_module` (shared) 205 | - `filter_module` (shared) 206 | - `headers_module` (shared) 207 | - `mime_module` (shared) 208 | - `mpm_prefork_module` (shared) 209 | - `negotiation_module` (shared) 210 | - `php_module` (shared) 211 | - `proxy_module` (shared) 212 | - `proxy_http_module` (shared) 213 | - `reqtimeout_module` (shared) 214 | - `rwrite_module` (shared) 215 | - `setenvif_module` (shared) 216 | - `socache_shmcb_module` (shared) 217 | - `ssl_module` (shared) 218 | - `status_module` (shared) 219 | 220 | 221 | ## List of PHP Modules pre-installed on these Docker images (php -m) 222 | 223 | [PHP Modules] 224 | - `amqp` 225 | - `ast` 226 | - `bcmath` 227 | - `bz2` 228 | - `calendar` 229 | - `Core` 230 | - `csv` 231 | - `ctype` 232 | - `curl` 233 | - `date` 234 | - `dba` 235 | - `decimal` 236 | - `dom` 237 | - `ds` 238 | - `enchant` 239 | - `ev` 240 | - `event` 241 | - `excimer` 242 | - `exif` 243 | - `FFI` 244 | - `fileinfo` 245 | - `filter` 246 | - `ftp` 247 | - `gd` 248 | - `geospatial` 249 | - `gettext` 250 | - `gmp` 251 | - `gnupg` 252 | - `grpc` 253 | - `hash` 254 | - `http` 255 | - `iconv` 256 | - `igbinary` 257 | - `imagick` 258 | - `imap` 259 | - `inotify` 260 | - `intl` 261 | - `json` 262 | - `json_post` 263 | - `ldap` 264 | - `libsmbclient` 265 | - `libxml` 266 | - `lzf` 267 | - `mailparse` 268 | - `maxminddb` 269 | - `mbstring` 270 | - `mcrypt` 271 | - `memcache` 272 | - `memcached` 273 | - `mongodb` 274 | - `msgpack` 275 | - `mysqli` 276 | - `mysqlnd` 277 | - `OAuth` 278 | - `oci8` 279 | - `odbc` 280 | - `opencensus` 281 | - `openssl` 282 | - `openswoole` 283 | - `pcntl` 284 | - `pcov` 285 | - `pcre` 286 | - `PDO` 287 | - `pdo_dblib` 288 | - `PDO_Firebird` 289 | - `pdo_mysql` 290 | - `PDO_OCI` 291 | - `PDO_ODBC` 292 | - `pdo_pgsql` 293 | - `pdo_sqlite` 294 | - `pdo_sqlsrv` 295 | - `pgsql` 296 | - `Phar` 297 | - `posix` 298 | - `pspell` 299 | - `raphf` 300 | - `readline` 301 | - `redis` 302 | - `Reflection` 303 | - `SeasLog` 304 | - `session` 305 | - `shmop` 306 | - `SimpleXML` 307 | - `smbclient` 308 | - `snmp` 309 | - `soap` 310 | - `sockets` 311 | - `sodium` 312 | - `SPL` 313 | - `sqlite3` 314 | - `sqlsrv` 315 | - `ssh2` 316 | - `standard` 317 | - `tokenizer` 318 | - `uuid` 319 | - `xdebug` 320 | - `xml` 321 | - `xmldiff` 322 | - `xmlreader` 323 | - `xmlrpc` 324 | - `xmlwriter` 325 | - `xsl` 326 | - `yac` 327 | - `yaml` 328 | - `yar` 329 | - `Zend OPcache` 330 | - `zend_test` 331 | - `zephir_parser` 332 | - `zip` 333 | - `zlib` 334 | - `zstd` 335 | 336 | [Zend Modules] 337 | - `Xdebug` 338 | - `Zend OPcache` 339 | 340 | ## Changelog 341 | 342 | You can find the changes made in the [changelog](CHANGELOG.md) file 343 | 344 | ## Contributing 345 | 346 | Contributions are welcome! 347 | Leave an issue on Github, or create a Pull Request. 348 | 349 | ## Licence 350 | 351 | This work is under [MIT](LICENSE) licence. 352 | -------------------------------------------------------------------------------- /asset/000-default.conf: -------------------------------------------------------------------------------- 1 | ServerName localhost 2 | 3 | 4 | ServerAdmin webmaster@localhost 5 | ServerName localhost 6 | # ServerAlias www.example.com 7 | 8 | DocumentRoot /var/www/html/codeigniter4/public 9 | 10 | 11 | Options Indexes FollowSymLinks MultiViews 12 | AllowOverride All 13 | Order allow,deny 14 | Allow from all 15 | 16 | 17 | 18 | SSLOptions +StdEnvVars 19 | 20 | ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ 21 | 22 | AllowOverride none 23 | Options ExecCGI MultiViews SymLinksIfOwnerMatch 24 | Order allow,deny 25 | Allow from all 26 | 27 | 28 | ErrorLog ${APACHE_LOG_DIR}/error.log 29 | CustomLog ${APACHE_LOG_DIR}/access.log combined 30 | 31 | BrowserMatch "MSIE [2-6]" \ 32 | nokeepalive ssl-unclean-shutdown \ 33 | downgrade-1.0 force-response-1.0 34 | BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown 35 | 36 | # One year for image files 37 | 38 | Header set Cache-Control "max-age=31536000, public" 39 | 40 | # One month for css and js 41 | 42 | Header set Cache-Control "max-age=2628000, public" 43 | 44 | 45 | 46 | -------------------------------------------------------------------------------- /asset/ecw/gdal340.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/atsanna/codeigniter4-docker/eaf03aadd5364a1ecfe0f5027cd78961b51256ae/asset/ecw/gdal340.zip -------------------------------------------------------------------------------- /asset/ecw/install-libkml-r864-64bit.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/atsanna/codeigniter4-docker/eaf03aadd5364a1ecfe0f5027cd78961b51256ae/asset/ecw/install-libkml-r864-64bit.tar.gz -------------------------------------------------------------------------------- /asset/ecw/proj-8.2.0.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/atsanna/codeigniter4-docker/eaf03aadd5364a1ecfe0f5027cd78961b51256ae/asset/ecw/proj-8.2.0.tar.gz -------------------------------------------------------------------------------- /asset/security.conf: -------------------------------------------------------------------------------- 1 | # 2 | # Disable access to the entire file system except for the directories that 3 | # are explicitly allowed later. 4 | # 5 | # This currently breaks the configurations that come with some web application 6 | # Debian packages. 7 | # 8 | # 9 | # AllowOverride None 10 | # Require all denied 11 | # 12 | 13 | 14 | # Changing the following options will not really affect the security of the 15 | # server, but might make attacks slightly more difficult in some cases. 16 | 17 | # 18 | # ServerTokens 19 | # This directive configures what you return as the Server HTTP response 20 | # Header. The default is 'Full' which sends information about the OS-Type 21 | # and compiled in modules. 22 | # Set to one of: Full | OS | Minimal | Minor | Major | Prod 23 | # where Full conveys the most information, and Prod the least. 24 | #ServerTokens Minimal 25 | ServerTokens OS 26 | #ServerTokens Full 27 | 28 | # 29 | # Optionally add a line containing the server version and virtual host 30 | # name to server-generated pages (internal error documents, FTP directory 31 | # listings, mod_status and mod_info output etc., but not CGI generated 32 | # documents or custom error documents). 33 | # Set to "EMail" to also include a mailto: link to the ServerAdmin. 34 | # Set to one of: On | Off | EMail 35 | #ServerSignature Off 36 | ServerSignature On 37 | 38 | # 39 | # Allow TRACE method 40 | # 41 | # Set to "extended" to also reflect the request body (only for testing and 42 | # diagnostic purposes). 43 | # 44 | # Set to one of: On | Off | extended 45 | TraceEnable Off 46 | #TraceEnable On 47 | 48 | # 49 | # Forbid access to version control directories 50 | # 51 | # If you use version control systems in your document root, you should 52 | # probably deny access to their directories. For example, for subversion: 53 | # 54 | # 55 | # Require all denied 56 | # 57 | 58 | # 59 | # Setting this header will prevent MSIE from interpreting files as something 60 | # else than declared by the content type in the HTTP headers. 61 | # Requires mod_headers to be enabled. 62 | # 63 | #Header set X-Content-Type-Options: "nosniff" 64 | 65 | # 66 | # Setting this header will prevent other sites from embedding pages from this 67 | # site as frames. This defends against clickjacking attacks. 68 | # Requires mod_headers to be enabled. 69 | # 70 | #Header set X-Frame-Options: "sameorigin" 71 | 72 | # https://www.owasp.org/index.php/Clickjacking 73 | Header always append X-Frame-Options SAMEORIGIN 74 | # https://www.owasp.org/index.php/List_of_useful_HTTP_headers 75 | Header always append X-XSS-Protection "1; mode=block" 76 | Header always append X-Content-Type-Options "nosniff" 77 | Header always append Strict-Transport-Security "max-age=16070400; includeSubDomains" 78 | 79 | # Avoid displaying the exact Apache version number, the description of the 80 | # generic OS-type and the information about Apache's compiled-in modules. 81 | ServerTokens Prod 82 | 83 | # vim: syntax=apache ts=4 sw=4 sts=4 sr noet 84 | -------------------------------------------------------------------------------- /asset/ssl.conf: -------------------------------------------------------------------------------- 1 | 2 | 3 | # Pseudo Random Number Generator (PRNG): 4 | # Configure one or more sources to seed the PRNG of the SSL library. 5 | # The seed data should be of good random quality. 6 | # WARNING! On some platforms /dev/random blocks if not enough entropy 7 | # is available. This means you then cannot use the /dev/random device 8 | # because it would lead to very long connection times (as long as 9 | # it requires to make more entropy available). But usually those 10 | # platforms additionally provide a /dev/urandom device which doesn't 11 | # block. So, if available, use this one instead. Read the mod_ssl User 12 | # Manual for more details. 13 | # 14 | SSLRandomSeed startup builtin 15 | SSLRandomSeed startup file:/dev/urandom 512 16 | SSLRandomSeed connect builtin 17 | SSLRandomSeed connect file:/dev/urandom 512 18 | 19 | ## 20 | ## SSL Global Context 21 | ## 22 | ## All SSL configuration in this context applies both to 23 | ## the main server and all SSL-enabled virtual hosts. 24 | ## 25 | 26 | # 27 | # Some MIME-types for downloading Certificates and CRLs 28 | # 29 | AddType application/x-x509-ca-cert .crt 30 | AddType application/x-pkcs7-crl .crl 31 | 32 | # Pass Phrase Dialog: 33 | # Configure the pass phrase gathering process. 34 | # The filtering dialog program (`builtin' is a internal 35 | # terminal dialog) has to provide the pass phrase on stdout. 36 | SSLPassPhraseDialog exec:/usr/share/apache2/ask-for-passphrase 37 | 38 | # Inter-Process Session Cache: 39 | # Configure the SSL Session Cache: First the mechanism 40 | # to use and second the expiring timeout (in seconds). 41 | # (The mechanism dbm has known memory leaks and should not be used). 42 | #SSLSessionCache dbm:${APACHE_RUN_DIR}/ssl_scache 43 | SSLSessionCache shmcb:${APACHE_RUN_DIR}/ssl_scache(512000) 44 | SSLSessionCacheTimeout 300 45 | 46 | # Semaphore: 47 | # Configure the path to the mutual exclusion semaphore the 48 | # SSL engine uses internally for inter-process synchronization. 49 | # (Disabled by default, the global Mutex directive consolidates by default 50 | # this) 51 | #Mutex file:${APACHE_LOCK_DIR}/ssl_mutex ssl-cache 52 | 53 | 54 | # SSL Cipher Suite: 55 | # List the ciphers that the client is permitted to negotiate. See the 56 | # ciphers(1) man page from the openssl package for list of all available 57 | # options. 58 | # Enable only secure ciphers: 59 | #SSLCipherSuite HIGH:!aNULL 60 | SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH 61 | SSLHonorCipherOrder on 62 | 63 | # SSL server cipher order preference: 64 | # Use server priorities for cipher algorithm choice. 65 | # Clients may prefer lower grade encryption. You should enable this 66 | # option if you want to enforce stronger encryption, and can afford 67 | # the CPU cost, and did not override SSLCipherSuite in a way that puts 68 | # insecure ciphers first. 69 | # Default: Off 70 | #SSLHonorCipherOrder on 71 | 72 | # The protocols to enable. 73 | # Available values: all, SSLv3, TLSv1, TLSv1.1, TLSv1.2 74 | # SSL v2 is no longer supported 75 | #SSLProtocol all -SSLv3 76 | #SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 77 | SSLProtocol -all +TLSv1.2 +TLSv1.3 78 | 79 | # Allow insecure renegotiation with clients which do not yet support the 80 | # secure renegotiation protocol. Default: Off 81 | #SSLInsecureRenegotiation on 82 | 83 | # Whether to forbid non-SNI clients to access name based virtual hosts. 84 | # Default: Off 85 | #SSLStrictSNIVHostCheck On 86 | 87 | 88 | 89 | # vim: syntax=apache ts=4 sw=4 sts=4 sr noet -------------------------------------------------------------------------------- /build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | docker build --pull --rm -f "Dockerfile" -t codeigniter4:v4.2.3-php8.1.9-apache "." 4 | 5 | docker build --pull --rm -f "Dockerfile-php8.0" -t codeigniter4:v4.2.3-php8.0.20-apache "." 6 | 7 | docker build --pull --rm -f "Dockerfile-php7.4" -t codeigniter4:v4.2.3-php7.4.30-apache "." -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | services: 4 | #--------------------------------------------------------------------------# 5 | #--------------------------------------------------------------------------# 6 | # C O D E I G N I T E R v4.2.3 # 7 | #--------------------------------------------------------------------------# 8 | #--------------------------------------------------------------------------# 9 | codeigniter4: 10 | image: atsanna/codeigniter4:latest 11 | # image: atsanna/codeigniter4:v4.2.3-php8.1-apache 12 | # image: atsanna/codeigniter4:v4.2.3-php8.1.9-apache 13 | # image: atsanna/codeigniter4:v4.2.3-php8.0-apache 14 | # image: atsanna/codeigniter4:v4.2.3-php8.0.20-apache 15 | # image: atsanna/codeigniter4:v4.2.3-php7.4-apache 16 | # image: atsanna/codeigniter4:v4.2.3-php7.4.30-apache 17 | container_name: 'codeigniter4' 18 | environment: 19 | - REGEN_ENV_FILE=1 20 | 21 | - CI_ENVIRONMENT=development 22 | - APP_BASE_URL=https://${PROJECT_BASE_URL}/ 23 | - DB_DEFAULT_HOSTNAME=${MYSQL_HOSTNAME} 24 | - DB_DEFAULT_DATABASE=${MYSQL_DATABASE} 25 | - DB_DEFAULT_USERNAME=${MYSQL_USER} 26 | - DB_DEFAULT_PASSWORD=${MYSQL_PASSWORD} 27 | - DB_DEFAULT_DRIVER=MySQLi 28 | - DB_DEFAULT_PORT=3306 29 | 30 | - ROOT_EMAIL=${EMAIL_ROOT} 31 | - MAIL_SERVER=${MAIL_SERVER} 32 | - MAIL_SERVER_PORT=${MAIL_SERVER_PORT} 33 | - MAIL_SERVER_USER=${MAIL_SERVER_USER} 34 | - MAIL_SERVER_PASSWORD=${MAIL_SERVER_PASSWORD} 35 | - MAIL_SERVER_TLS=${MAIL_SERVER_TLS} 36 | - MAIL_SERVER_STARTTLS=${MAIL_SERVER_STARTTLS} 37 | ports: 38 | - 80:80 39 | links: 40 | - codeigniter4_mysql 41 | volumes: 42 | - ./localfolder/www:/var/www/html 43 | 44 | #--------------------------------------------------------------------------# 45 | #--------------------------------------------------------------------------# 46 | # M Y S Q L # 47 | #--------------------------------------------------------------------------# 48 | #--------------------------------------------------------------------------# 49 | codeigniter4_mysql: 50 | image: mariadb:10.5.5 51 | container_name: 'codeigniter4_mysql' 52 | ports: 53 | - 3306:3306 54 | volumes: 55 | - ./localfolder/mysql:/var/lib/mysql 56 | - ./localfolder/logs/mysql:/var/log/mysql 57 | environment: 58 | MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD} 59 | MYSQL_DATABASE: ${MYSQL_DATABASE} 60 | MYSQL_USER: ${MYSQL_USER} 61 | MYSQL_PASSWORD: ${MYSQL_PASSWORD} 62 | 63 | #--------------------------------------------------------------------------# 64 | #--------------------------------------------------------------------------# 65 | # P H P M Y A D M I N # 66 | #--------------------------------------------------------------------------# 67 | #--------------------------------------------------------------------------# 68 | codeigniter4_phpmyadmin: 69 | image: phpmyadmin/phpmyadmin:5.0.2 70 | container_name: 'codeigniter4_phpmyadmin' 71 | links: 72 | - codeigniter4_mysql 73 | environment: 74 | PMA_HOST: codeigniter4_mysql 75 | PMA_PORT: 3306 76 | ports: 77 | - 81:80 78 | volumes: 79 | - ./localfolder/sessions:/sessions 80 | -------------------------------------------------------------------------------- /env: -------------------------------------------------------------------------------- 1 | PROJECT_BASE_URL=localhost 2 | 3 | MYSQL_HOSTNAME=codeigniter4_mysql 4 | MYSQL_DATABASE=codeigniter4 5 | MYSQL_USER=codeigniter4 6 | MYSQL_PASSWORD=codeigniter4 7 | MYSQL_ROOT_PASSWORD=rootpassword 8 | 9 | EMAIL_ROOT=postmaster@localhost 10 | MAIL_SERVER=mail.localhost 11 | MAIL_SERVER_PORT=465 12 | MAIL_SERVER_USER=username@localhost 13 | MAIL_SERVER_PASSWORD=password 14 | MAIL_SERVER_TLS=YES 15 | MAIL_SERVER_STARTTLS=YES -------------------------------------------------------------------------------- /startScript.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | export PATH=/usr/local/bin:$PATH 3 | export LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH 4 | 5 | app_name="codeigniter4" 6 | new_version="4.2.3" 7 | 8 | set -eu 9 | 10 | #compare version 11 | vercomp () { 12 | if [[ $1 == $2 ]] 13 | then 14 | return 0 15 | fi 16 | local IFS=. 17 | local i ver1=($1) ver2=($2) 18 | # fill empty fields in ver1 with zeros 19 | for ((i=${#ver1[@]}; i<${#ver2[@]}; i++)) 20 | do 21 | ver1[i]=0 22 | done 23 | for ((i=0; i<${#ver1[@]}; i++)) 24 | do 25 | if [[ -z ${ver2[i]} ]] 26 | then 27 | # fill empty fields in ver2 with zeros 28 | ver2[i]=0 29 | fi 30 | if ((10#${ver1[i]} > 10#${ver2[i]})) 31 | then 32 | return 1 33 | fi 34 | if ((10#${ver1[i]} < 10#${ver2[i]})) 35 | then 36 | return 2 37 | fi 38 | done 39 | return 0 40 | } 41 | 42 | print_text () { 43 | GREEN="\e[321m" 44 | ENDCOLOR="\e[0m" 45 | echo -e "${GREEN}#====================================================================#${ENDCOLOR}\r\n"; 46 | echo -e "${GREEN}# $1${ENDCOLOR}\r\n"; 47 | echo -e "${GREEN}#====================================================================#${ENDCOLOR}\r\n"; 48 | } 49 | 50 | #test compare version 51 | testvercomp () { 52 | vercomp $1 $2 53 | case $? in 54 | 0) op='=';; 55 | 1) op='>';; 56 | 2) op='<';; 57 | esac 58 | if [[ $op != $3 ]] 59 | then 60 | #echo "FAIL: Expected '$3', Actual '$op', Arg1 '$1', Arg2 '$2'" 61 | print_text "CodeIgniter ${installed_version} are installed"; 62 | return 0 63 | else 64 | #echo "Pass: '$1 $op $2'" 65 | print_text "CodeIgniter are not latest version"; 66 | print_text "Starting CodeIgniter update" 67 | #====================================================================# 68 | # UPDATE CODEIGNITER 4 # 69 | #====================================================================# 70 | cd /var/www/html/$app_name && \ 71 | composer update 72 | return 1 73 | fi 74 | } 75 | 76 | # return true if specified directory is empty 77 | directory_empty() { 78 | [ -z "$(ls -A "$1/")" ] 79 | } 80 | 81 | # usage: file_env VAR [DEFAULT] 82 | # ie: file_env 'XYZ_DB_PASSWORD' 'example' 83 | # (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of 84 | # "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) 85 | file_env() { 86 | local var="$1" 87 | local fileVar="${var}_FILE" 88 | local def="${2:-}" 89 | local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") 90 | local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") 91 | if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then 92 | echo >&2 "error: both $var and $fileVar are set (but are exclusive)" 93 | exit 1 94 | fi 95 | if [ -n "${varValue}" ]; then 96 | export "$var"="${varValue}" 97 | elif [ -n "${fileVarValue}" ]; then 98 | export "$var"="$(cat "${fileVarValue}")" 99 | elif [ -n "${def}" ]; then 100 | export "$var"="$def" 101 | fi 102 | unset "$fileVar" 103 | } 104 | 105 | # check if composer package is installed 106 | package_exist() { 107 | composer show | grep $1 >/dev/null 108 | } 109 | 110 | # Codeigniter .env file generator 111 | codeigniter_env_generator() { 112 | cd /var/www/html/$app_name 113 | echo "#--------------------------------------------------------------------" > .env 114 | echo "# Example Environment Configuration file" >> .env 115 | echo "#" >> .env 116 | echo "# This file can be used as a starting point for your own" >> .env 117 | echo "# custom .env files, and contains most of the possible settings" >> .env 118 | echo "# available in a default install." >> .env 119 | echo "#" >> .env 120 | echo "# By default, all of the settings are commented out. If you want" >> .env 121 | echo "# to override the setting, you must un-comment it by removing the '#'" >> .env 122 | echo "# at the beginning of the line." >> .env 123 | echo "#--------------------------------------------------------------------" >> .env 124 | echo "" >> .env 125 | echo "#--------------------------------------------------------------------" >> .env 126 | echo "# ENVIRONMENT" >> .env 127 | echo "#--------------------------------------------------------------------" >> .env 128 | echo "" >> .env 129 | 130 | ci_environment=${CI_ENVIRONMENT} 131 | if [[ -z "${ci_environment}" ]]; then 132 | echo "# CI_ENVIRONMENT = production" >> .env 133 | else 134 | echo "CI_ENVIRONMENT = ${ci_environment}" >> .env 135 | fi 136 | 137 | echo "" >> .env 138 | echo "#--------------------------------------------------------------------" >> .env 139 | echo "# APP" >> .env 140 | echo "#--------------------------------------------------------------------" >> .env 141 | echo "" >> .env 142 | 143 | baseURL=${APP_BASE_URL} 144 | if [[ -z "${baseURL}" ]]; then 145 | echo "# app.baseURL = ''" >> .env 146 | else 147 | echo "app.baseURL = '${baseURL}'" >> .env 148 | fi 149 | 150 | forceGlobalSecureRequests=${APP_FORCE_GLOBAL_SECURE_REQUESTS:-} 151 | if [[ -z "${forceGlobalSecureRequests}" ]]; then 152 | echo "# app.forceGlobalSecureRequests = false" >> .env 153 | else 154 | echo "app.forceGlobalSecureRequests = ${forceGlobalSecureRequests}" >> .env 155 | fi 156 | echo "" >> .env 157 | 158 | sessionDriver=${APP_SESSION_DRIVER:-} 159 | if [[ -z "${sessionDriver}" ]]; then 160 | echo "# app.sessionDriver = 'CodeIgniter\Session\Handlers\FileHandler'" >> .env 161 | else 162 | echo "app.sessionDriver = '${sessionDriver}'" >> .env 163 | fi 164 | 165 | sessionCookieName=${APP_SESSION_COOCKIE_NAME:-} 166 | if [[ -z "${sessionCookieName}" ]]; then 167 | echo "# app.sessionCookieName = 'ci_session'" >> .env 168 | else 169 | echo "app.sessionCookieName = '${sessionCookieName}'" >> .env 170 | fi 171 | 172 | sessionExpiration=${APP_SESSION_EXPIRATION:-} 173 | if [[ -z "${sessionExpiration}" ]]; then 174 | echo "# app.sessionExpiration = 7200" >> .env 175 | else 176 | echo "app.sessionExpiration = ${sessionExpiration}" >> .env 177 | fi 178 | 179 | sessionSavePath=${APP_SESSION_SAVE_PATH:-} 180 | if [[ -z "${sessionSavePath}" ]]; then 181 | echo "# app.sessionSavePath = null" >> .env 182 | else 183 | echo "app.sessionSavePath = ${sessionSavePath}" >> .env 184 | fi 185 | 186 | sessionMatchIP=${APP_SESSION_MATCH_CHIP:-} 187 | if [[ -z "${sessionMatchIP}" ]]; then 188 | echo "# app.sessionMatchIP = false" >> .env 189 | else 190 | echo "app.sessionMatchIP = ${sessionMatchIP}" >> .env 191 | fi 192 | 193 | sessionTimeToUpdate=${APP_SESSION_TIME_TO_UPDATE:-} 194 | if [[ -z "${sessionTimeToUpdate}" ]]; then 195 | echo "# app.sessionTimeToUpdate = 300" >> .env 196 | else 197 | echo "app.sessionTimeToUpdate = ${sessionTimeToUpdate}" >> .env 198 | fi 199 | 200 | sessionRegenerateDestroy=${APP_SESSION_REGENERATE_DESTROY:-} 201 | if [[ -z "${sessionRegenerateDestroy}" ]]; then 202 | echo "# app.sessionRegenerateDestroy = false" >> .env 203 | else 204 | echo "app.sessionRegenerateDestroy = ${sessionRegenerateDestroy}" >> .env 205 | fi 206 | echo "" >> .env 207 | 208 | CSPEnabled=${APP_CSP_ENABLED:-} 209 | if [[ -z "${CSPEnabled}" ]]; then 210 | echo "# app.CSPEnabled = false" >> .env 211 | else 212 | echo "app.CSPEnabled = ${CSPEnabled}" >> .env 213 | fi 214 | 215 | echo "" >> .env 216 | echo "#--------------------------------------------------------------------" >> .env 217 | echo "# DATABASE" >> .env 218 | echo "#--------------------------------------------------------------------" >> .env 219 | echo "" >> .env 220 | 221 | db_default_hostname=${DB_DEFAULT_HOSTNAME:-} 222 | if [[ -z "${db_default_hostname}" ]]; then 223 | echo "# database.default.hostname = localhost" >> .env 224 | else 225 | echo "database.default.hostname = ${db_default_hostname}" >> .env 226 | fi 227 | 228 | db_default_database=${DB_DEFAULT_DATABASE:-} 229 | if [[ -z "${db_default_database}" ]]; then 230 | echo "# database.default.database = ci4" >> .env 231 | else 232 | echo "database.default.database = ${db_default_database}" >> .env 233 | fi 234 | 235 | db_default_username=${DB_DEFAULT_USERNAME:-} 236 | if [[ -z "${db_default_username}" ]]; then 237 | echo "# database.default.username = root" >> .env 238 | else 239 | echo "database.default.username = ${db_default_username}" >> .env 240 | fi 241 | 242 | db_default_password=${DB_DEFAULT_PASSWORD:-} 243 | if [[ -z "${db_default_password}" ]]; then 244 | echo "# database.default.password = root" >> .env 245 | else 246 | echo "database.default.password = ${db_default_password}" >> .env 247 | fi 248 | 249 | db_default_DBDriver=${DB_DEFAULT_DRIVER:-} 250 | if [[ -z "${db_default_DBDriver}" ]]; then 251 | echo "# database.default.DBDriver = MySQLi" >> .env 252 | else 253 | echo "database.default.DBDriver = ${db_default_DBDriver}" >> .env 254 | fi 255 | 256 | db_default_port=${DB_DEFAULT_PORT:-} 257 | if [[ -z "${db_default_port}" ]]; then 258 | echo "# database.default.port = 3306" >> .env 259 | else 260 | echo "database.default.port = ${db_default_port}" >> .env 261 | fi 262 | 263 | db_default_DBPrefix=${DB_DEFAULT_PREFIX:-} 264 | if [[ -z "${db_default_DBPrefix}" ]]; then 265 | echo "# database.default.DBPrefix = " >> .env 266 | else 267 | echo "database.default.DBPrefix = ${db_default_DBPrefix}" >> .env 268 | fi 269 | echo "" >> .env 270 | 271 | db_tests_hostname=${DB_TESTS_HOSTNAME:-} 272 | if [[ -z "${db_tests_hostname}" ]]; then 273 | echo "# database.tests.hostname = localhost" >> .env 274 | else 275 | echo "database.tests.hostname = ${db_tests_hostname}" >> .env 276 | fi 277 | 278 | db_tests_database=${DB_TESTS_DATABASE:-} 279 | if [[ -z "${db_tests_database}" ]]; then 280 | echo "# database.tests.database = ci4" >> .env 281 | else 282 | echo "database.tests.database = ${db_tests_database}" >> .env 283 | fi 284 | 285 | db_tests_username=${DB_TESTS_USERNAME:-} 286 | if [[ -z "${db_tests_username}" ]]; then 287 | echo "# database.tests.username = root" >> .env 288 | else 289 | echo "database.tests.username = ${db_tests_username}" >> .env 290 | fi 291 | 292 | db_tests_password=${DB_TESTS_PASSWORD:-} 293 | if [[ -z "${db_tests_password}" ]]; then 294 | echo "# database.tests.password = root" >> .env 295 | else 296 | echo "database.tests.password = ${db_tests_password}" >> .env 297 | fi 298 | 299 | db_tests_DBDriver=${DB_TESTS_DRIVER:-} 300 | if [[ -z "${db_tests_DBDriver}" ]]; then 301 | echo "# database.tests.DBDriver = MySQLi" >> .env 302 | else 303 | echo "database.tests.DBDriver = ${db_tests_DBDriver}" >> .env 304 | fi 305 | 306 | db_tests_port=${DB_TESTS_PORT:-} 307 | if [[ -z "${db_tests_port}" ]]; then 308 | echo "# database.tests.port = 3306" >> .env 309 | else 310 | echo "database.tests.port = ${db_tests_port}" >> .env 311 | fi 312 | 313 | db_tests_DBPrefix=${DB_TESTS_PREFIX:-} 314 | if [[ -z "${db_tests_DBPrefix}" ]]; then 315 | echo "# database.tests.DBPrefix = " >> .env 316 | else 317 | echo "database.tests.DBPrefix = ${db_tests_DBPrefix}" >> .env 318 | fi 319 | echo "" >> .env 320 | echo "#--------------------------------------------------------------------" >> .env 321 | echo "# CONTENT SECURITY POLICY" >> .env 322 | echo "#--------------------------------------------------------------------" >> .env 323 | echo "" >> .env 324 | 325 | contentsecuritypolicy_reportOnly=${CONTENT_SECURE_POLICY_REPORT_ONLY:-} 326 | if [[ -z "${contentsecuritypolicy_reportOnly}" ]]; then 327 | echo "# contentsecuritypolicy.reportOnly = false" >> .env 328 | else 329 | echo "contentsecuritypolicy.reportOnly = ${contentsecuritypolicy_reportOnly}" >> .env 330 | fi 331 | 332 | contentsecuritypolicy_defaultSrc=${CONTENT_SECURE_POLICY_DEFAULT_SRC:-} 333 | if [[ -z "${contentsecuritypolicy_defaultSrc}" ]]; then 334 | echo "# contentsecuritypolicy.defaultSrc = 'none'" >> .env 335 | else 336 | echo "contentsecuritypolicy.defaultSrc = '${contentsecuritypolicy_defaultSrc}'" >> .env 337 | fi 338 | 339 | contentsecuritypolicy_scriptSrc=${CONTENT_SECURE_POLICY_SCRIPT_SRC:-} 340 | if [[ -z "${contentsecuritypolicy_scriptSrc}" ]]; then 341 | echo "# contentsecuritypolicy.scriptSrc = 'self'" >> .env 342 | else 343 | echo "contentsecuritypolicy.scriptSrc = '${contentsecuritypolicy_scriptSrc}'" >> .env 344 | fi 345 | 346 | contentsecuritypolicy_styleSrc=${CONTENT_SECURE_POLICY_STYLE_SRC:-} 347 | if [[ -z "${contentsecuritypolicy_styleSrc}" ]]; then 348 | echo "# contentsecuritypolicy.styleSrc = 'self'" >> .env 349 | else 350 | echo "contentsecuritypolicy.styleSrc = '${contentsecuritypolicy_styleSrc}'" >> .env 351 | fi 352 | 353 | contentsecuritypolicy_imageSrc=${CONTENT_SECURE_POLICY_IMAGE_SRC:-} 354 | if [[ -z "${contentsecuritypolicy_imageSrc}" ]]; then 355 | echo "# contentsecuritypolicy.imageSrc = 'self'" >> .env 356 | else 357 | echo "contentsecuritypolicy.imageSrc = '${contentsecuritypolicy_imageSrc}'" >> .env 358 | fi 359 | 360 | contentsecuritypolicy_base_uri=${CONTENT_SECURE_POLICY_BASE_URI:-} 361 | if [[ -z "${contentsecuritypolicy_base_uri}" ]]; then 362 | echo "# contentsecuritypolicy.base_uri = null" >> .env 363 | else 364 | echo "contentsecuritypolicy.base_uri = ${contentsecuritypolicy_base_uri}" >> .env 365 | fi 366 | 367 | contentsecuritypolicy_childSrc=${CONTENT_SECURE_POLICY_CHILD_SRC:-} 368 | if [[ -z "${contentsecuritypolicy_childSrc}" ]]; then 369 | echo "# contentsecuritypolicy.childSrc = null" >> .env 370 | else 371 | echo "contentsecuritypolicy.childSrc = ${contentsecuritypolicy_childSrc}" >> .env 372 | fi 373 | 374 | contentsecuritypolicy_connectSrc=${CONTENT_SECURE_POLICY_CONNECT_SRC:-} 375 | if [[ -z "${contentsecuritypolicy_connectSrc}" ]]; then 376 | echo "# contentsecuritypolicy.connectSrc = 'self'" >> .env 377 | else 378 | echo "contentsecuritypolicy.connectSrc = '${contentsecuritypolicy_childSrc}'" >> .env 379 | fi 380 | 381 | contentsecuritypolicy_fontSrc=${CONTENT_SECURE_POLICY_FONT_SRC:-} 382 | if [[ -z "${contentsecuritypolicy_fontSrc}" ]]; then 383 | echo "# contentsecuritypolicy.fontSrc = null" >> .env 384 | else 385 | echo "contentsecuritypolicy.fontSrc = ${contentsecuritypolicy_fontSrc}" >> .env 386 | fi 387 | 388 | contentsecuritypolicy_formAction=${CONTENT_SECURE_POLICY_FORM_ACTION:-} 389 | if [[ -z "${contentsecuritypolicy_formAction}" ]]; then 390 | echo "# contentsecuritypolicy.formAction = null" >> .env 391 | else 392 | echo "contentsecuritypolicy.formAction = ${contentsecuritypolicy_formAction}" >> .env 393 | fi 394 | 395 | contentsecuritypolicy_frameAncestors=${CONTENT_SECURE_POLICY_FRAME_ANCESTORS:-} 396 | if [[ -z "${contentsecuritypolicy_frameAncestors}" ]]; then 397 | echo "# contentsecuritypolicy.frameAncestors = null" >> .env 398 | else 399 | echo "contentsecuritypolicy.frameAncestors = ${contentsecuritypolicy_frameAncestors}" >> .env 400 | fi 401 | 402 | contentsecuritypolicy_frameSrc=${CONTENT_SECURE_POLICY_FRAME_SRC:-} 403 | if [[ -z "${contentsecuritypolicy_frameSrc}" ]]; then 404 | echo "# contentsecuritypolicy.frameSrc = null" >> .env 405 | else 406 | echo "contentsecuritypolicy.frameSrc = ${contentsecuritypolicy_frameSrc}" >> .env 407 | fi 408 | 409 | contentsecuritypolicy_mediaSrc=${CONTENT_SECURE_POLICY_MEDIA_SRC:-} 410 | if [[ -z "${contentsecuritypolicy_mediaSrc}" ]]; then 411 | echo "# contentsecuritypolicy.mediaSrc = null" >> .env 412 | else 413 | echo "contentsecuritypolicy.mediaSrc = ${contentsecuritypolicy_mediaSrc}" >> .env 414 | fi 415 | 416 | contentsecuritypolicy_objectSrc=${CONTENT_SECURE_POLICY_OBJECT_SRC:-} 417 | if [[ -z "${contentsecuritypolicy_objectSrc}" ]]; then 418 | echo "# contentsecuritypolicy.objectSrc = null" >> .env 419 | else 420 | echo "contentsecuritypolicy.objectSrc = ${contentsecuritypolicy_objectSrc}" >> .env 421 | fi 422 | 423 | contentsecuritypolicy_pluginTypes=${CONTENT_SECURE_POLICY_PLUGIN_TYPES:-} 424 | if [[ -z "${contentsecuritypolicy_pluginTypes}" ]]; then 425 | echo "# contentsecuritypolicy.pluginTypes = null" >> .env 426 | else 427 | echo "contentsecuritypolicy.pluginTypes = ${contentsecuritypolicy_pluginTypes}" >> .env 428 | fi 429 | 430 | contentsecuritypolicy_reportURI=${CONTENT_SECURE_POLICY_REPORT_URI:-} 431 | if [[ -z "${contentsecuritypolicy_reportURI}" ]]; then 432 | echo "# contentsecuritypolicy.reportURI = null" >> .env 433 | else 434 | echo "contentsecuritypolicy.reportURI = ${contentsecuritypolicy_reportURI}" >> .env 435 | fi 436 | 437 | contentsecuritypolicy_sandbox=${CONTENT_SECURE_POLICY_SANDBOX:-} 438 | if [[ -z "${contentsecuritypolicy_sandbox}" ]]; then 439 | echo "# contentsecuritypolicy.sandbox = false" >> .env 440 | else 441 | echo "contentsecuritypolicy.sandbox = ${contentsecuritypolicy_sandbox}" >> .env 442 | fi 443 | 444 | contentsecuritypolicy_upgradeInsecureRequests=${CONTENT_SECURE_POLICY_UPGRADE_INSECURE_REQUESTS:-} 445 | if [[ -z "${contentsecuritypolicy_upgradeInsecureRequests}" ]]; then 446 | echo "# contentsecuritypolicy.upgradeInsecureRequests = false" >> .env 447 | else 448 | echo "contentsecuritypolicy.upgradeInsecureRequests = ${contentsecuritypolicy_upgradeInsecureRequests}" >> .env 449 | fi 450 | 451 | echo "" >> .env 452 | echo "#--------------------------------------------------------------------" >> .env 453 | echo "# COOKIE" >> .env 454 | echo "#--------------------------------------------------------------------" >> .env 455 | echo "" >> .env 456 | 457 | cookie_prefix=${COOKIE_PREFIX:-} 458 | if [[ -z "${cookie_prefix}" ]]; then 459 | echo "# cookie.prefix = ''" >> .env 460 | else 461 | echo "cookie.prefix = '${cookie_prefix}'" >> .env 462 | fi 463 | 464 | cookie_expires=${COOKIE_EXPIRES:-} 465 | if [[ -z "${cookie_expires}" ]]; then 466 | echo "# cookie.expires = 0" >> .env 467 | else 468 | echo "cookie.expires = ${cookie_expires}" >> .env 469 | fi 470 | 471 | cookie_path=${COOKIE_PATH:-} 472 | if [[ -z "${cookie_path}" ]]; then 473 | echo "# cookie.path = '/'" >> .env 474 | else 475 | echo "cookie.path = '${cookie_path}'" >> .env 476 | fi 477 | 478 | cookie_domain=${COOKIE_DOMAIN:-} 479 | if [[ -z "${cookie_domain}" ]]; then 480 | echo "# cookie.domain = ''" >> .env 481 | else 482 | echo "cookie.domain = '${cookie_domain}'" >> .env 483 | fi 484 | 485 | cookie_secure=${COOKIE_SECURE:-} 486 | if [[ -z "${cookie_secure}" ]]; then 487 | echo "# cookie.secure = false" >> .env 488 | else 489 | echo "cookie.secure = ${cookie_secure}" >> .env 490 | fi 491 | 492 | cookie_httponly=${COOKIE_HTTP_ONLY:-} 493 | if [[ -z "${cookie_httponly}" ]]; then 494 | echo "# cookie.httponly = false" >> .env 495 | else 496 | echo "cookie.httponly = ${cookie_httponly}" >> .env 497 | fi 498 | 499 | cookie_samesite=${COOKIE_SAME_SITE:-} 500 | if [[ -z "${cookie_samesite}" ]]; then 501 | echo "# cookie.samesite = 'Lax'" >> .env 502 | else 503 | echo "cookie.samesite = '${cookie_samesite}'" >> .env 504 | fi 505 | 506 | cookie_raw=${COOKIE_RAW:-} 507 | if [[ -z "${cookie_raw}" ]]; then 508 | echo "# cookie.raw = false" >> .env 509 | else 510 | echo "cookie.raw = ${cookie_raw}" >> .env 511 | fi 512 | 513 | echo "" >> .env 514 | echo "#--------------------------------------------------------------------" >> .env 515 | echo "# ENCRYPTION" >> .env 516 | echo "#--------------------------------------------------------------------" >> .env 517 | echo "" >> .env 518 | 519 | encryption_key=${ENCRYPTION_KEY:-} 520 | if [[ -z "${encryption_key}" ]]; then 521 | echo "# encryption.key = " >> .env 522 | else 523 | echo "encryption.key = ${encryption_key}" >> .env 524 | fi 525 | 526 | encryption_driver=${ENCRYPTION_DRIVER:-} 527 | if [[ -z "${encryption_driver}" ]]; then 528 | echo "# encryption.driver = OpenSSL" >> .env 529 | else 530 | echo "encryption.driver = ${encryption_driver}" >> .env 531 | fi 532 | 533 | encryption_blockSize=${ENCRYPTION_BLOCK_SIZE:-} 534 | if [[ -z "${encryption_blockSize}" ]]; then 535 | echo "# encryption.blockSize = 16" >> .env 536 | else 537 | echo "encryption.blockSize = ${encryption_blockSize}" >> .env 538 | fi 539 | 540 | encryption_digest=${ENCRYPTION_DIGEST:-} 541 | if [[ -z "${encryption_digest}" ]]; then 542 | echo "# encryption.digest = 256" >> .env 543 | else 544 | echo "encryption.digest = ${encryption_digest}" >> .env 545 | fi 546 | 547 | echo "" >> .env 548 | echo "#--------------------------------------------------------------------" >> .env 549 | echo "# HONEYPOT" >> .env 550 | echo "#--------------------------------------------------------------------" >> .env 551 | echo "" >> .env 552 | 553 | honeypot_hidden=${HONEYPOT_HIDDEN:-} 554 | if [[ -z "${honeypot_hidden}" ]]; then 555 | echo "# honeypot.hidden = 'true'" >> .env 556 | else 557 | echo "honeypot.hidden = '${honeypot_hidden}'" >> .env 558 | fi 559 | 560 | honeypot_label=${HONEYPOT_LABEL:-} 561 | if [[ -z "${honeypot_label}" ]]; then 562 | echo "# honeypot.label = 'Fill This Field'" >> .env 563 | else 564 | echo "honeypot.label = '${honeypot_label}'" >> .env 565 | fi 566 | 567 | honeypot_name=${HONEYPOT_NAME:-} 568 | if [[ -z "${honeypot_name}" ]]; then 569 | echo "# honeypot.name = 'honeypot'" >> .env 570 | else 571 | echo "honeypot.name = '${honeypot_name}'" >> .env 572 | fi 573 | 574 | honeypot_template=${HONEYPOT_TEMPLATE:-} 575 | if [[ -z "${honeypot_template}" ]]; then 576 | echo "# honeypot.template = ''" >> .env 577 | else 578 | echo "honeypot.template = '${honeypot_template}'" >> .env 579 | fi 580 | 581 | honeypot_container=${HONEYPOT_CONTAINER:-} 582 | if [[ -z "${honeypot_container}" ]]; then 583 | echo "# honeypot.container = '
{template}
'" >> .env 584 | else 585 | echo "honeypot.container = '${honeypot_container}'" >> .env 586 | fi 587 | 588 | echo "" >> .env 589 | echo "#--------------------------------------------------------------------" >> .env 590 | echo "# SECURITY" >> .env 591 | echo "#--------------------------------------------------------------------" >> .env 592 | echo "" >> .env 593 | 594 | security_csrfProtection=${SECURITY_CSRF_PROTECTION:-} 595 | if [[ -z "${security_csrfProtection}" ]]; then 596 | echo "# security.csrfProtection = 'cookie'" >> .env 597 | else 598 | echo "security.csrfProtection = '${security_csrfProtection}'" >> .env 599 | fi 600 | 601 | security_tokenRandomize=${SECURITY_TOKEN_RANDOMIZE:-} 602 | if [[ -z "${security_tokenRandomize}" ]]; then 603 | echo "# security.tokenRandomize = false" >> .env 604 | else 605 | echo "security.tokenRandomize = ${security_tokenRandomize}" >> .env 606 | fi 607 | 608 | security_tokenName=${SECURITY_TOKEN_NAME:-} 609 | if [[ -z "${security_tokenName}" ]]; then 610 | echo "# security.tokenName = 'csrf_token_name'" >> .env 611 | else 612 | echo "security.tokenName = '${security_tokenName}'" >> .env 613 | fi 614 | 615 | security_headerName=${SECURITY_HEADER_NAME:-} 616 | if [[ -z "${security_headerName}" ]]; then 617 | echo "# security.headerName = 'X-CSRF-TOKEN'" >> .env 618 | else 619 | echo "security.headerName = '${security_headerName}'" >> .env 620 | fi 621 | 622 | security_cookieName=${SECURITY_COOKIE_NAME:-} 623 | if [[ -z "${security_cookieName}" ]]; then 624 | echo "# security.cookieName = 'csrf_cookie_name'" >> .env 625 | else 626 | echo "security.cookieName = '${security_cookieName}'" >> .env 627 | fi 628 | 629 | security_expires=${SECURITY_EXPIRES:-} 630 | if [[ -z "${security_expires}" ]]; then 631 | echo "# security.expires = 7200" >> .env 632 | else 633 | echo "security.expires = ${security_expires}" >> .env 634 | fi 635 | 636 | security_regenerate=${SECURITY_REGENERATE:-} 637 | if [[ -z "${security_regenerate}" ]]; then 638 | echo "# security.regenerate = true" >> .env 639 | else 640 | echo "security.regenerate = ${security_regenerate}" >> .env 641 | fi 642 | 643 | security_redirect=${SECURITY_REDIRECT:-} 644 | if [[ -z "${security_redirect}" ]]; then 645 | echo "# security.redirect = true" >> .env 646 | else 647 | echo "security.redirect = ${security_redirect}" >> .env 648 | fi 649 | 650 | security_samesite=${SECURITY_SAME_SITE:-} 651 | if [[ -z "${security_samesite}" ]]; then 652 | echo "# security.samesite = 'Lax'" >> .env 653 | else 654 | echo "security.samesite = '${security_samesite}'" >> .env 655 | fi 656 | 657 | echo "" >> .env 658 | echo "#--------------------------------------------------------------------" >> .env 659 | echo "# LOGGER" >> .env 660 | echo "#--------------------------------------------------------------------" >> .env 661 | echo "" >> .env 662 | 663 | logger_threshold=${LOGGER_THRESHOLD:-} 664 | if [[ -z "${logger_threshold}" ]]; then 665 | echo "# logger.threshold = 4" >> .env 666 | else 667 | echo "logger.threshold = ${logger_threshold}" >> .env 668 | fi 669 | 670 | echo "" >> .env 671 | echo "#--------------------------------------------------------------------" >> .env 672 | echo "# CURLRequest" >> .env 673 | echo "#--------------------------------------------------------------------" >> .env 674 | echo "" >> .env 675 | 676 | curlrequest_shareOptions=${CURL_REQUEST_SHARE_OPTIONS:-} 677 | if [[ -z "${curlrequest_shareOptions}" ]]; then 678 | echo "# curlrequest.shareOptions = true" >> .env 679 | else 680 | echo "curlrequest.shareOptions = ${curlrequest_shareOptions}" >> .env 681 | fi 682 | 683 | } 684 | 685 | #====================================================================# 686 | # CHECK IF CODEIGNITER 4 IS INSTALLED AND GET VERSION # 687 | #====================================================================# 688 | installed_version="0.0.0.0" 689 | if [ -f /var/www/html/$app_name/vendor/codeigniter4/framework/system/CodeIgniter.php ]; then 690 | # Installed; 691 | get_version="$(php -r '$file=file("/var/www/html/'"$app_name"'/vendor/codeigniter4/framework/system/CodeIgniter.php")[49];$version = str_replace(" public const CI_VERSION = ","", $file);echo str_replace(";","",$version);')" 692 | else 693 | # Not Installed; 694 | get_version="'${installed_version}'"; 695 | fi 696 | 697 | installed_version="${get_version:1:-1}"; 698 | 699 | if [ "${installed_version}" != "0.0.0.0" ]; then 700 | echo $(testvercomp "${new_version}" "${installed_version}" ">"); 701 | else 702 | print_text "New CodeIgniter instance"; 703 | 704 | #====================================================================# 705 | # INSTALL CODEIGNITER 4 # 706 | #====================================================================# 707 | print_text "Starting CodeIgniter installation" 708 | cd /var/www/html && \ 709 | composer create-project codeigniter4/appstarter:$new_version $app_name 710 | 711 | #====================================================================# 712 | # Create test file # 713 | #====================================================================# 714 | print_text "Create Test file" 715 | printf "" > /var/www/html/$app_name/public/test.php 716 | 717 | #====================================================================# 718 | # Permissions # 719 | #====================================================================# 720 | chown -R www-data:www-data /var/www/html 721 | chmod -R 0777 /var/www/html/$app_name/writable 722 | fi 723 | 724 | #====================================================================# 725 | # ENV FILE # 726 | #====================================================================# 727 | 728 | if [[ -z "${REGEN_ENV_FILE}" ]]; then 729 | regen_env_file="Some default value because REGEN_ENV_FILE is undefined" 730 | else 731 | regen_env_file="${REGEN_ENV_FILE}" 732 | if [ "${regen_env_file}" == "1" ]; then 733 | print_text "Regen .env file" 734 | 735 | codeigniter_env_generator 736 | 737 | else 738 | print_text "Same .env file" 739 | fi 740 | fi 741 | 742 | #====================================================================# 743 | # MAIL CONFIG # 744 | #====================================================================# 745 | 746 | if [[ -z "${ROOT_EMAIL}" ]]; then 747 | root_email="" 748 | else 749 | root_email="${ROOT_EMAIL}" 750 | fi 751 | if [[ -z "${MAIL_SERVER}" ]]; then 752 | mail_server="" 753 | else 754 | mail_server="${MAIL_SERVER}" 755 | fi 756 | if [[ -z "${MAIL_SERVER_PORT}" ]]; then 757 | mail_server_port="" 758 | else 759 | mail_server_port="${MAIL_SERVER_PORT}" 760 | fi 761 | if [[ -z "${MAIL_SERVER_USER}" ]]; then 762 | mail_server_user="" 763 | else 764 | mail_server_user="${MAIL_SERVER_USER}" 765 | fi 766 | if [[ -z "${MAIL_SERVER_PASSWORD}" ]]; then 767 | mail_server_password="" 768 | else 769 | mail_server_password="${MAIL_SERVER_PASSWORD}" 770 | fi 771 | if [[ -z "${MAIL_SERVER_TLS}" ]]; then 772 | mail_server_tls="" 773 | else 774 | mail_server_tls="${MAIL_SERVER_TLS}" 775 | fi 776 | if [[ -z "${MAIL_SERVER_STARTTLS}" ]]; then 777 | mail_server_starttls="" 778 | else 779 | mail_server_starttls="${MAIL_SERVER_STARTTLS}" 780 | fi 781 | 782 | servername="localhost" 783 | echo "root=${root_email}" > /etc/ssmtp/ssmtp.conf 784 | echo "mailhub=${mail_server}:${mail_server_port}" >> /etc/ssmtp/ssmtp.conf 785 | echo "hostname=${servername}" >> /etc/ssmtp/ssmtp.conf 786 | echo "AuthUser=${mail_server_user}" >> /etc/ssmtp/ssmtp.conf 787 | echo "AuthPass=${mail_server_password}" >> /etc/ssmtp/ssmtp.conf 788 | echo "UseTLS=${mail_server_tls}" >> /etc/ssmtp/ssmtp.conf 789 | echo "UseSTARTTLS=${mail_server_starttls}" >> /etc/ssmtp/ssmtp.conf 790 | echo "sendmail_path=sendmail -i -t" >> /usr/local/etc/php/conf.d/20-sendmail.ini 791 | 792 | yes 'y' | /usr/sbin/sendmailconfig 793 | chmod 777 /etc/ssmtp /etc/ssmtp/* 794 | 795 | #====================================================================# 796 | # APACHE CONFIGURATION # 797 | #====================================================================# 798 | #sed -ri -e 's!/var/www/html!$app_name!g' /etc/apache2/sites-available/*.conf 799 | #sed -ri -e 's!/var/www/!$app_name!g' /etc/apache2/apache2.conf /etc/apache2/conf-available/*.conf 800 | 801 | 802 | #====================================================================# 803 | # A P A C H E R U N # 804 | #====================================================================# 805 | /usr/sbin/apache2ctl -D FOREGROUND 806 | --------------------------------------------------------------------------------