├── .circleci
└── config.yml
├── .github
└── PULL_REQUEST_TEMPLATE.md
├── Dockerfile
├── Makefile
├── README.md
├── apache2
├── .hadolint.yaml
├── Dockerfile
├── Makefile
└── apache2.conf
├── athenapdf
├── .hadolint.yaml
├── Dockerfile
├── Makefile
├── aer.ttf
└── fonts.conf
├── cf-log-analyzer
├── .hadolint.yaml
├── Dockerfile
├── Makefile
├── README.md
└── cloud_front.rb
├── chrome-headless
├── .hadolint.yaml
├── Dockerfile
├── Makefile
├── fonts.conf
└── fonts
│ └── icomoon.ttf
├── clamd
├── .hadolint.yaml
├── Dockerfile
├── Makefile
└── clamd.conf
├── frontend
├── .hadolint.yaml
├── Dockerfile
├── Makefile
└── tests
│ └── frontend.yml
├── gastonjs
├── .hadolint.yaml
├── Dockerfile
└── Makefile
├── golang
├── .hadolint.yaml
├── Dockerfile
└── Makefile
├── mailhog
├── .hadolint.yaml
├── Dockerfile
└── Makefile
├── node
├── .hadolint.yaml
├── Dockerfile
└── Makefile
├── oauth2_proxy
├── .hadolint.yaml
├── Dockerfile
└── Makefile
├── passenger
├── .hadolint.yaml
├── Makefile
├── base
│ ├── Dockerfile
│ ├── apache2-foreground
│ ├── start.sh
│ └── vhost.conf
├── dev
│ └── Dockerfile
└── prod
│ └── Dockerfile
├── php-apache
├── .bashrc
├── .hadolint.yaml
├── Dockerfile
├── Makefile
├── apcu.ini
├── dev
│ ├── Dockerfile
│ ├── blackfire.ini
│ ├── dev.ini
│ ├── docker-entrypoint.d
│ │ ├── blackfire.sh
│ │ └── xdebug.sh
│ ├── tests
│ │ ├── alpine3.10.yml
│ │ ├── alpine3.8.yml
│ │ ├── alpine3.9.yml
│ │ ├── frontend.yml
│ │ ├── php.yml
│ │ └── tools.yml
│ └── xdebug.ini
├── docker-entrypoint.d
│ └── tuner.sh
├── docker-entrypoint.sh
├── drush.yml
├── drushrc.php
├── entrypoint.sh
├── httpd.conf
├── liveness
│ ├── d7.php
│ └── d8.php
├── newrelic.ini
├── overrides.ini
├── security.conf
├── skpr.php
├── status.conf
└── tests
│ ├── 7-2.yml
│ ├── 7-3.yml
│ ├── bash.yml
│ ├── composer.yml
│ ├── drush.yml
│ ├── drush9.yml
│ └── tuner.yml
├── pnx-packager
├── .hadolint.yaml
├── Dockerfile
└── Makefile
├── sftp
├── .hadolint.yaml
├── Dockerfile
├── Makefile
└── sshd_config
├── solr
├── .hadolint.yaml
├── 4.x
│ ├── Dockerfile
│ ├── conf
│ │ └── solr
│ │ │ ├── elevate.xml
│ │ │ ├── mapping-ISOLatin1Accent.txt
│ │ │ ├── protwords.txt
│ │ │ ├── schema.xml
│ │ │ ├── schema_extra_fields.xml
│ │ │ ├── schema_extra_types.xml
│ │ │ ├── solrconfig.xml
│ │ │ ├── solrconfig_extra.xml
│ │ │ ├── solrcore.properties
│ │ │ ├── stopwords.txt
│ │ │ └── synonyms.txt
│ └── entrypoint.sh
├── 5.x
│ ├── Dockerfile
│ ├── conf
│ │ ├── elevate.xml
│ │ ├── mapping-ISOLatin1Accent.txt
│ │ ├── protwords.txt
│ │ ├── schema.xml
│ │ ├── schema_extra_fields.xml
│ │ ├── schema_extra_types.xml
│ │ ├── solrconfig.xml
│ │ ├── solrconfig_extra.xml
│ │ ├── solrcore.properties
│ │ ├── stopwords.txt
│ │ └── synonyms.txt
│ └── scripts
│ │ ├── core.sh
│ │ └── heap.sh
├── 7.x
│ ├── Dockerfile
│ ├── conf
│ │ ├── data
│ │ │ └── elevate.xml
│ │ ├── mapping-ISOLatin1Accent.txt
│ │ ├── protwords.txt
│ │ ├── schema.xml
│ │ ├── schema_extra_fields.xml
│ │ ├── schema_extra_types.xml
│ │ ├── solrconfig.xml
│ │ ├── solrconfig_extra.xml
│ │ ├── solrconfig_index.xml
│ │ ├── solrconfig_spellcheck.xml
│ │ ├── solrcore.properties
│ │ ├── stopwords.txt
│ │ └── synonyms.txt
│ └── scripts
│ │ └── core.sh
├── Makefile
└── init
│ └── Dockerfile
└── tl
├── .hadolint.yaml
├── Dockerfile
└── Makefile
/.circleci/config.yml:
--------------------------------------------------------------------------------
1 | version: 2.1
2 |
3 | dirs: &dirs
4 | - apache2
5 | - athenapdf
6 | - cf-log-analyzer
7 | - chrome-headless
8 | - clamd
9 | - frontend
10 | - gastonjs
11 | - golang
12 | # - oauth2_proxy todo: fix failing test
13 | - mailhog
14 | - passenger
15 | - node
16 | - php-apache
17 | - pnx-packager
18 | - sftp
19 | - solr
20 | - tl
21 |
22 | jobs:
23 |
24 | build:
25 | parameters:
26 | dir:
27 | type: string
28 | default: ""
29 | docker:
30 | - image: previousnext/container-builder:latest
31 | steps:
32 | - setup_remote_docker
33 | - checkout
34 | - run:
35 | name: Lint
36 | command: |
37 | cd << parameters.dir >>
38 | make lint
39 | - run:
40 | name: Build
41 | command: |
42 | cd << parameters.dir >>
43 | make
44 |
45 | release:
46 | parameters:
47 | dir:
48 | type: string
49 | default: ""
50 | docker:
51 | - image: previousnext/container-builder:latest
52 | steps:
53 | - setup_remote_docker
54 | - checkout
55 | - run:
56 | name: Lint
57 | command: |
58 | cd << parameters.dir >>
59 | make lint
60 | - run:
61 | name: Build and Release
62 | command: |
63 | cd << parameters.dir >>
64 | docker login -u $DOCKER_USER -p $DOCKER_PASS
65 | make release
66 |
67 | workflows:
68 | build:
69 | jobs:
70 | - build:
71 | matrix:
72 | parameters:
73 | dir: *dirs
74 | filters:
75 | branches:
76 | ignore: master
77 | - release:
78 | matrix:
79 | parameters:
80 | dir: *dirs
81 | filters:
82 | branches:
83 | only: master
84 |
85 | nightly:
86 | jobs:
87 | - release:
88 | matrix:
89 | parameters:
90 | dir: *dirs
91 | triggers:
92 | - schedule:
93 | # Scheduled build for 2am AEST nightly.
94 | cron: "0 15 * * *"
95 | filters:
96 | branches:
97 | only:
98 | - master
99 |
--------------------------------------------------------------------------------
/.github/PULL_REQUEST_TEMPLATE.md:
--------------------------------------------------------------------------------
1 | #### What does this PR do?
2 |
3 |
4 | #### How should this be manually tested?
5 |
6 |
7 | #### Any background context you want to provide?
8 |
9 |
10 | #### What are the relevant tickets?
11 |
12 |
13 | #### Screenshots (if appropriate)
14 |
15 |
16 | #### Questions:
17 |
18 |
19 | ##### Does any external documentation require updating?
20 |
21 |
22 | ##### Does this changeset require specific versions of supporting software?
23 | (i.e. Go / Terraform / Docker)
24 |
--------------------------------------------------------------------------------
/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM debian:stable-slim
2 |
3 | RUN apt-get update && \
4 | apt-get install -y git \
5 | curl \
6 | make && \
7 | rm -rf /var/cache/apt/*
8 |
9 | # Building.
10 | RUN curl -sSL -o /tmp/docker-17.09.0-ce.tgz https://download.docker.com/linux/static/stable/x86_64/docker-17.09.0-ce.tgz && \
11 | tar -xz -C /tmp -f /tmp/docker-17.09.0-ce.tgz && \
12 | mv /tmp/docker/* /usr/local/bin && \
13 | rm -rf /tmp/docker
14 |
15 | # Linting.
16 | RUN curl -sSL -o /usr/local/bin/hadolint https://github.com/hadolint/hadolint/releases/download/v1.10.4/hadolint-Linux-x86_64 && \
17 | chmod +x /usr/local/bin/hadolint
18 |
19 | # Testing.
20 | RUN curl -sSLO https://storage.googleapis.com/container-structure-test/v1.4.0/container-structure-test-linux-amd64 && \
21 | mv container-structure-test-linux-amd64 container-structure-test && \
22 | chmod +x container-structure-test && \
23 | sudo mv container-structure-test /usr/local/bin/
24 |
--------------------------------------------------------------------------------
/Makefile:
--------------------------------------------------------------------------------
1 | #!/usr/bin/make -f
2 |
3 | IMAGE=previousnext/container-builder
4 | VERSION=latest
5 |
6 | # Build and tests
7 | build:
8 | docker build -t $(IMAGE):$(VERSION) .
9 |
10 | # Build and release
11 | release: build
12 | docker push $(IMAGE):$(VERSION)
13 |
14 | .PHONY: build release
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | Containers
2 | ==========
3 |
4 | [](https://circleci.com/gh/previousnext/containers)
5 |
6 | The official container suite for PreviousNext inhouse container management solution, Skipper.
7 |
8 | Goals:
9 |
10 | * Leverage official Docker Hub containers as a base.
11 | * Provide close Prod to Local configurations, this is done by leveraging the hosting container as a base container for `dev` images.
12 |
13 | Documentation for each container can be found in its respective directory.
14 |
15 | ## Building
16 |
17 | Each container has a Makefile in its directory with the workflow:
18 |
19 | ```bash
20 | # Build all versions
21 | make
22 |
23 | # Release to Docker Hub
24 | make release
25 | ```
--------------------------------------------------------------------------------
/apache2/.hadolint.yaml:
--------------------------------------------------------------------------------
1 | ignored:
2 | - DL3008
3 |
--------------------------------------------------------------------------------
/apache2/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM ubuntu:16.04
2 | LABEL maintainer="admin@previousnext.com.au"
3 |
4 | RUN DEBIAN_FRONTEND=noninteractive apt-get update && \
5 | apt-get install -y --no-install-recommends apache2 && \
6 | a2enmod rewrite && \
7 | rm -fR /var/www/html && \
8 | rm -f /etc/apache2/conf-enabled/other-vhosts-access-log.conf && \
9 | rm -f /etc/apache2/sites-enabled/000-default.conf && \
10 | rm -rf /var/lib/apt/lists/*
11 |
12 | COPY apache2.conf /etc/apache2/apache2.conf
13 |
14 | RUN mkdir -p /etc/apache2/logs && \
15 | chown -R www-data:www-data /etc/apache2/logs && \
16 | ln -sf /proc/self/fd/1 /etc/apache2/logs/access.log && \
17 | ln -sf /proc/self/fd/1 /etc/apache2/logs/error.log
18 |
19 | EXPOSE 80
20 |
21 | ONBUILD COPY . /data
22 | ONBUILD RUN chown -R www-data:www-data /data
23 |
24 | ENTRYPOINT [ "/usr/sbin/apache2", "-DFOREGROUND" ]
25 |
--------------------------------------------------------------------------------
/apache2/Makefile:
--------------------------------------------------------------------------------
1 | #!/usr/bin/make -f
2 |
3 | IMAGE=previousnext/apache2
4 | VERSION=latest
5 |
6 | # Build and tests
7 | build:
8 | docker build -t $(IMAGE):$(VERSION) .
9 |
10 | lint:
11 | hadolint Dockerfile
12 |
13 | # Build and release
14 | release: build
15 | docker push $(IMAGE):$(VERSION)
16 |
17 | .PHONY: build lint release
18 |
--------------------------------------------------------------------------------
/apache2/apache2.conf:
--------------------------------------------------------------------------------
1 | # see http://sources.debian.net/src/apache2/2.4.10-1/debian/config-dir/apache2.conf
2 |
3 | Mutex file:/var/lock default
4 | PidFile /var/run/apache2.pid
5 | Timeout 300
6 | KeepAlive On
7 | MaxKeepAliveRequests 100
8 | KeepAliveTimeout 5
9 | User www-data
10 | Group www-data
11 | HostnameLookups Off
12 |
13 | IncludeOptional mods-enabled/*.load
14 | IncludeOptional mods-enabled/*.conf
15 |
16 | # ports.conf
17 | Listen 80
18 |
19 | Listen 443
20 |
21 |
22 | Listen 443
23 |
24 |
25 |
26 | Options FollowSymLinks
27 | AllowOverride None
28 | Require all denied
29 |
30 |
31 |
32 | AllowOverride All
33 | Require all granted
34 |
35 |
36 | DocumentRoot /data/app
37 |
38 | AccessFileName .htaccess
39 |
40 | Require all denied
41 |
42 |
43 | LogLevel info
44 | LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" common
45 | ErrorLog /etc/apache2/logs/error.log
46 | CustomLog /etc/apache2/logs/access.log common
47 |
48 | # Multiple DirectoryIndex directives within the same context will add
49 | # to the list of resources to look for rather than replace
50 | # https://httpd.apache.org/docs/current/mod/mod_dir.html#directoryindex
51 | DirectoryIndex disabled
52 | DirectoryIndex index.html
53 |
54 | IncludeOptional conf-enabled/*.conf
55 | IncludeOptional sites-enabled/*.conf
56 |
--------------------------------------------------------------------------------
/athenapdf/.hadolint.yaml:
--------------------------------------------------------------------------------
1 | ignored:
2 | - DL3008
3 |
--------------------------------------------------------------------------------
/athenapdf/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM arachnysdocker/athenapdf-service:2
2 |
3 | RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys AA8E81B4331F7F50 04EE7237B7D453EC 648ACFD622F3D138 EF0F382A1A7B6500 DCC9EFBF77E11517
4 | RUN sed -i '/jessie-updates/d' /etc/apt/sources.list
5 | RUN apt-get update && \
6 | apt-get install -y --no-install-recommends \
7 | unzip && \
8 | rm -rf /var/lib/apt/lists/*
9 |
10 | RUN wget -nv http://www.latofonts.com/download/Lato2OFL.zip && unzip Lato2OFL.zip -d /usr/share/fonts
11 | COPY fonts.conf /etc/fonts/conf.d/100-athena.conf
12 | COPY aer.ttf /usr/share/fonts
13 | RUN fc-cache -f -v
14 |
--------------------------------------------------------------------------------
/athenapdf/Makefile:
--------------------------------------------------------------------------------
1 | #!/usr/bin/make -f
2 |
3 | IMAGE=previousnext/athenapdf
4 | VERSION=latest
5 |
6 | # Build and tests
7 | build:
8 | docker build -t $(IMAGE):$(VERSION) .
9 |
10 | lint:
11 | hadolint Dockerfile
12 |
13 | # Build and release
14 | release: build
15 | docker push $(IMAGE):$(VERSION)
16 |
17 | .PHONY: build lint release
18 |
--------------------------------------------------------------------------------
/athenapdf/aer.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/previousnext/containers/05264fa39bf479293eeb82f95eba9cad8b171e76/athenapdf/aer.ttf
--------------------------------------------------------------------------------
/athenapdf/fonts.conf:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 | none
7 |
8 |
9 |
10 |
11 | false
12 |
13 |
14 |
15 |
16 | hintnone
17 |
18 |
19 |
20 |
21 | false
22 |
23 |
24 |
25 |
26 | true
27 |
28 |
29 |
30 |
31 | lcddefault
32 |
33 |
34 |
35 |
--------------------------------------------------------------------------------
/cf-log-analyzer/.hadolint.yaml:
--------------------------------------------------------------------------------
1 | ignored:
2 | - DL3008
3 |
--------------------------------------------------------------------------------
/cf-log-analyzer/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM ruby:2-stretch
2 |
3 | RUN gem install request-log-analyzer
4 | COPY ./cloud_front.rb /root/cloud_front.rb
5 |
6 | VOLUME /data
7 | WORKDIR /data
8 |
9 | ENTRYPOINT [ \
10 | "request-log-analyzer", \
11 | "--format", "/root/cloud_front.rb", \
12 | "--output", "html", \
13 | "--file", "report.html" \
14 | ]
15 |
16 | CMD ["/data"]
17 |
--------------------------------------------------------------------------------
/cf-log-analyzer/Makefile:
--------------------------------------------------------------------------------
1 | #!/usr/bin/make -f
2 |
3 | IMAGE=previousnext/cf-log-analyzer
4 | VERSION=latest
5 |
6 | # Build and tests
7 | build:
8 | docker build -t $(IMAGE):$(VERSION) .
9 |
10 | lint:
11 | hadolint Dockerfile
12 |
13 | # Build and release
14 | release: build
15 | docker push $(IMAGE):$(VERSION)
16 |
17 | .PHONY: build lint release
18 |
--------------------------------------------------------------------------------
/cf-log-analyzer/README.md:
--------------------------------------------------------------------------------
1 | # Container
2 |
3 | ## CloudFront Log Analyser
4 |
5 | Container image for analysing cloudfront request logs.
6 |
7 | It uses the [request-log-analyzer](https://github.com/wvanbergen/request-log-analyzer/wiki) tool with a custom format parser.
8 |
9 | ### Usage
10 |
11 | Step 1: [Obtain CloudFront logs from s3 bucket](https://gist.github.com/nicksantamaria/ee6322161e6469daf31a2214d8fa9f80).
12 |
13 | Step 2: Run `cf-log-analyzer` tool to parse logs.
14 |
15 | ```bash
16 | docker run --rm -v $(pwd):/data previousnext/cf-log-analyzer
17 | ```
18 |
19 | Step 3: Open the report.
20 |
21 | ```bash
22 | open ./report.html
23 | ```
24 |
25 | ## Update Image
26 |
27 | ```
28 | # Build image.
29 | make build
30 |
31 | # Push image.
32 | make push
33 | ```
34 |
--------------------------------------------------------------------------------
/cf-log-analyzer/cloud_front.rb:
--------------------------------------------------------------------------------
1 | # Cloudfront parser for request-log-analyzer tool.
2 | #
3 | # See:
4 | # - https://github.com/wvanbergen/request-log-analyzer
5 | # - https://gist.github.com/quezacoatl/bbc8195d44e8a0817b90c9e01ce43fc9
6 |
7 | class CloudFront < RequestLogAnalyzer::FileFormat::Base
8 | extend RequestLogAnalyzer::FileFormat::CommonRegularExpressions
9 |
10 | line_definition :access do |line|
11 | line.header = true
12 | line.footer = true
13 |
14 | line.regexp = /^(#{timestamp('%Y-%m-%d %H:%M:%S')})\s(\w+)\s(\d+)\s(#{ip_address})\s(\w+)\s(\S+)\s(\S+)\s(\d+)\s(\S+)\s(\S+)\s(\S+)\s(\S+)\s(\w+)\s(\S+)\s(\S+)\s(\w+)\s(\d+)\s(\S+)\s(#{ip_address}|-)\s+(\S+)\s(\S+)\s(\w+)\s(\S+)/
15 |
16 | line.capture(:timestamp).as(:timestamp)
17 | line.capture(:edge_location)
18 | line.capture(:bytes_sent).as(:traffic, unit: :byte)
19 | line.capture(:remote_ip)
20 | line.capture(:http_method)
21 | line.capture(:cloudfront_distribution)
22 | line.capture(:path).as(:path)
23 | line.capture(:http_status).as(:integer)
24 | line.capture(:referer)
25 | line.capture(:user_agent)
26 | line.capture(:query)
27 | line.capture(:cookie)
28 | line.capture(:edge_result_type)
29 |
30 | line.capture(:edge_request_id)
31 | line.capture(:host)
32 | line.capture(:protocol)
33 | line.capture(:bytes_received).as(:traffic, unit: :byte)
34 |
35 | line.capture(:duration).as(:duration, unit: :msec)
36 | line.capture(:forwarded_for).as(:nillable_string)
37 | line.capture(:ssl_protocol)
38 | line.capture(:ssl_cipher)
39 |
40 | line.capture(:edge_response_result_type)
41 | line.capture(:protocol_version)
42 | end
43 |
44 | report do |analyze|
45 | analyze.timespan
46 | analyze.hourly_spread
47 |
48 | analyze.frequency category: :http_method, title: 'HTTP methods'
49 | analyze.frequency category: :http_status, title: 'HTTP statuses'
50 |
51 | analyze.frequency category: :path, title: 'Most popular URIs'
52 |
53 | analyze.frequency category: :remote_ip, title: 'Most active clients'
54 |
55 | analyze.frequency category: :user_agent, title: 'User agents'
56 | analyze.frequency category: :referer, title: 'Referers'
57 |
58 | analyze.frequency category: :edge_result_type, title: 'Edge result types'
59 |
60 | analyze.duration duration: :duration, category: :path, title: 'Request duration'
61 | analyze.traffic traffic: :bytes_sent, category: :path, title: 'Traffic out'
62 | analyze.traffic traffic: :bytes_received, category: :path, title: 'Traffic in'
63 | end
64 |
65 | class Request < RequestLogAnalyzer::Request
66 | # Do not use DateTime.parse, but parse the timestamp ourselves to return a integer
67 | # to speed up parsing.
68 | def convert_timestamp(value, _definition)
69 | "#{value[0, 4]}#{value[5, 2]}#{value[8, 2]}#{value[11, 2]}#{value[14, 2]}#{value[17, 2]}".to_i
70 | end
71 | end
72 | end
73 |
--------------------------------------------------------------------------------
/chrome-headless/.hadolint.yaml:
--------------------------------------------------------------------------------
1 | ignored:
2 | - DL3008
3 | - DL4006
4 |
--------------------------------------------------------------------------------
/chrome-headless/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM debian:sid
2 | ARG CHROME_VERSION=68
3 | VOLUME /tmp
4 |
5 | RUN apt-get update && \
6 | apt-get install -y --no-install-recommends apt-transport-https ca-certificates curl unzip && \
7 | curl -sSL -o /tmp/google-chrome.deb https://s3-ap-southeast-2.amazonaws.com/pnx-misc/apt-archive/google-chrome-stable/${CHROME_VERSION}-amd64-linux.deb && \
8 | apt install -y /tmp/google-chrome.deb && \
9 | curl -sSL -o /tmp/Lato2OFL.zip http://www.latofonts.com/download/Lato2OFL.zip && \
10 | unzip /tmp/Lato2OFL.zip -d /usr/share/fonts && \
11 | apt-get purge --auto-remove -y curl gnupg unzip && \
12 | rm -rf /var/lib/apt/lists/*
13 |
14 | COPY ./fonts.conf /etc/fonts/conf.d/100-athena.conf
15 |
16 | COPY ./fonts/icomoon.ttf /usr/share/fonts
17 |
18 | RUN fc-cache -f -v
19 |
20 |
21 | RUN groupadd -r chrome && \
22 | useradd -r -g chrome -G audio,video chrome && \
23 | mkdir -p /home/chrome && \
24 | chown -R chrome:chrome /home/chrome
25 |
26 | USER chrome
27 |
28 | EXPOSE 9222
29 |
30 | ENTRYPOINT [ "google-chrome-stable" ]
31 | CMD [ "--headless", "--disable-gpu", "--no-sandbox", "--remote-debugging-address=0.0.0.0", "--remote-debugging-port=9222" ]
32 |
--------------------------------------------------------------------------------
/chrome-headless/Makefile:
--------------------------------------------------------------------------------
1 | #!/usr/bin/make -f
2 |
3 | IMAGE=previousnext/chrome-headless
4 | VERSION=latest
5 |
6 | # Build and tests
7 | build:
8 | docker build --build-arg CHROME_VERSION=68 -t $(IMAGE):68 -t $(IMAGE):$(VERSION) .
9 | docker build --build-arg CHROME_VERSION=67 -t $(IMAGE):67 .
10 | docker build --build-arg CHROME_VERSION=65 -t $(IMAGE):65 .
11 |
12 | lint:
13 | hadolint Dockerfile
14 |
15 | # Build and release
16 | release: build
17 | docker push $(IMAGE):$(VERSION)
18 | docker push $(IMAGE):68
19 | docker push $(IMAGE):67
20 | docker push $(IMAGE):65
21 |
22 | .PHONY: build lint release
23 |
--------------------------------------------------------------------------------
/chrome-headless/fonts.conf:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 | none
7 |
8 |
9 |
10 |
11 | false
12 |
13 |
14 |
15 |
16 | hintnone
17 |
18 |
19 |
20 |
21 | false
22 |
23 |
24 |
25 |
26 | true
27 |
28 |
29 |
30 |
31 | lcddefault
32 |
33 |
34 |
35 |
--------------------------------------------------------------------------------
/chrome-headless/fonts/icomoon.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/previousnext/containers/05264fa39bf479293eeb82f95eba9cad8b171e76/chrome-headless/fonts/icomoon.ttf
--------------------------------------------------------------------------------
/clamd/.hadolint.yaml:
--------------------------------------------------------------------------------
1 | ignored:
2 | - DL3018
3 |
--------------------------------------------------------------------------------
/clamd/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM alpine:3.3
2 | LABEL maintainer="admin@previousnext.com.au"
3 |
4 | ENV DEBIAN_FRONTEND noninteractive
5 |
6 | RUN apk add --no-cache -u clamav-daemon python py-pip wget clamav-libunrar unrar
7 |
8 | RUN wget -nv -O /var/lib/clamav/main.cvd http://database.clamav.net/main.cvd && \
9 | wget -nv -O /var/lib/clamav/daily.cvd http://database.clamav.net/daily.cvd && \
10 | wget -nv -O /var/lib/clamav/bytecode.cvd http://database.clamav.net/bytecode.cvd && \
11 | chown clamav:clamav /var/lib/clamav/*.cvd && \
12 | mkdir /run/clamav && \
13 | chown clamav:clamav /run/clamav
14 |
15 | COPY clamd.conf /etc/clamav/clamd.conf
16 |
17 | EXPOSE 3310
18 |
19 | CMD ["clamd"]
20 |
--------------------------------------------------------------------------------
/clamd/Makefile:
--------------------------------------------------------------------------------
1 | #!/usr/bin/make -f
2 |
3 | IMAGE=previousnext/clamd
4 | VERSION=latest
5 |
6 | # Build and tests
7 | build:
8 | docker build -t $(IMAGE):$(VERSION) .
9 |
10 | lint:
11 | hadolint Dockerfile
12 |
13 | # Build and release
14 | release: build
15 | docker push $(IMAGE):$(VERSION)
16 |
17 | .PHONY: build lint release
18 |
--------------------------------------------------------------------------------
/clamd/clamd.conf:
--------------------------------------------------------------------------------
1 | # This file is controlled by puppet
2 |
3 | LocalSocket /run/clamav/clamd.sock
4 | TCPAddr 0.0.0.0
5 | TCPSocket 3310
6 | FixStaleSocket true
7 | # TemporaryDirectory is not set to its default /tmp here to make overriding
8 | # the default with environment variables TMPDIR/TMP/TEMP possible
9 | User clamav
10 | AllowSupplementaryGroups true
11 | ScanMail false
12 | ScanArchive false
13 | ArchiveBlockEncrypted false
14 | MaxDirectoryRecursion 0
15 | FollowDirectorySymlinks false
16 | FollowFileSymlinks false
17 | ReadTimeout 180
18 | MaxThreads 12
19 | MaxConnectionQueueLength 15
20 | StreamMaxLength 50M
21 | MaxFileSize 50M
22 | LogSyslog false
23 | LogFacility LOG_LOCAL6
24 | LogClean false
25 | LogVerbose false
26 | PidFile /run/clamav/clamd.pid
27 | DatabaseDirectory /var/lib/clamav
28 | SelfCheck 3600
29 | Foreground true
30 | Debug false
31 | ScanPE false
32 | ScanOLE2 false
33 | ScanHTML true
34 | DetectBrokenExecutables false
35 | ExitOnOOM true
36 | LeaveTemporaryFiles false
37 | AlgorithmicDetection true
38 | ScanELF false
39 | IdleTimeout 30
40 | PhishingSignatures true
41 | PhishingScanURLs true
42 | PhishingAlwaysBlockSSLMismatch false
43 | PhishingAlwaysBlockCloak false
44 | DetectPUA false
45 | ScanPartialMessages false
46 | HeuristicScanPrecedence false
47 | StructuredDataDetection false
48 | CommandReadTimeout 5
49 | SendBufTimeout 200
50 | MaxQueue 100
51 |
--------------------------------------------------------------------------------
/frontend/.hadolint.yaml:
--------------------------------------------------------------------------------
1 | ignored:
2 | - DL3018
3 |
--------------------------------------------------------------------------------
/frontend/Dockerfile:
--------------------------------------------------------------------------------
1 | ARG ALPINE_VERSION=3.8
2 |
3 | FROM alpine:${ALPINE_VERSION}
4 |
5 | ENV PATH "$PATH:/data/node_modules/.bin"
6 |
7 | RUN apk add --no-cache -u \
8 | bash \
9 | bash-completion \
10 | curl \
11 | make \
12 | g++ \
13 | jq \
14 | libffi-dev \
15 | nodejs \
16 | npm \
17 | python2 \
18 | yarn
19 |
--------------------------------------------------------------------------------
/frontend/Makefile:
--------------------------------------------------------------------------------
1 | IMAGE=previousnext/frontend
2 | VERSION=latest
3 |
4 | # Build and tests
5 | build:
6 | docker build -t $(IMAGE):$(VERSION) .
7 | container-structure-test test --image $(IMAGE):$(VERSION) --config tests/frontend.yml
8 |
9 | lint:
10 | hadolint Dockerfile
11 |
12 | # Build and release
13 | release: build
14 | docker push $(IMAGE):$(VERSION)
15 |
16 | .PHONY: build test lint release
17 |
--------------------------------------------------------------------------------
/frontend/tests/frontend.yml:
--------------------------------------------------------------------------------
1 | schemaVersion: '2.0.0'
2 |
3 | commandTests:
4 | - name: 'command exists: npm'
5 | command: "npm"
6 | args: ["-v"]
7 | expectedOutput: ["6.4"]
8 |
9 | - name: 'command exists: yarn'
10 | command: "yarn"
11 | args: ["-v"]
12 | expectedOutput: ["1.7"]
13 |
14 | - name: 'check node version'
15 | command: 'node'
16 | args: ['-v']
17 | expectedOutput: ['v8']
18 |
--------------------------------------------------------------------------------
/gastonjs/.hadolint.yaml:
--------------------------------------------------------------------------------
1 | ignored:
2 | - DL3008
3 |
--------------------------------------------------------------------------------
/gastonjs/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM debian:jessie
2 |
3 | ENV PHANTOMJS_VERSION 2.1.1
4 | ENV PHANTOMJS_HASH "f8afc8a24eec34c2badccc93812879a3d6f2caf3 phantomjs-2.1.1-linux-x86_64.tar.bz2"
5 |
6 | WORKDIR /usr/local
7 |
8 | RUN sed -i '/jessie-updates/d' /etc/apt/sources.list
9 | RUN apt-get update && \
10 | apt-get install --no-install-recommends -y \
11 | wget \
12 | ca-certificates \
13 | bzip2 \
14 | libfontconfig \
15 | unzip && \
16 | apt-get clean && \
17 | rm -rf /var/lib/apt/lists/*
18 |
19 | # hadolint ignore=DL3003
20 | RUN cd /tmp && \
21 | echo $PHANTOMJS_HASH > phantomjs.sha1 && \
22 | wget -nv https://s3-ap-southeast-2.amazonaws.com/pnx-misc/phantomjs-2.1.1-linux-x86_64.tar.bz2 && \
23 | sha1sum -c phantomjs.sha1 && \
24 | tar -xvf phantomjs-$PHANTOMJS_VERSION-linux-x86_64.tar.bz2 && \
25 | mv phantomjs-$PHANTOMJS_VERSION-linux-x86_64/bin/phantomjs /usr/local/bin && \
26 | rm phantomjs-$PHANTOMJS_VERSION-linux-x86_64.tar.bz2
27 |
28 | # hadolint ignore=DL3003
29 | RUN mkdir /data && \
30 | cd /tmp && \
31 | wget -nv https://github.com/jcalderonzumba/gastonjs/archive/v1.0.2.zip && \
32 | unzip v1.0.2.zip && \
33 | mv gastonjs-1.0.2 /data/gastonjs
34 |
35 | EXPOSE 8510
36 |
37 | CMD ["/usr/local/bin/phantomjs", "--ssl-protocol=any", "--ignore-ssl-errors=true", "/data/gastonjs/src/Client/main.js", "8510", "1024", "768"]
38 |
--------------------------------------------------------------------------------
/gastonjs/Makefile:
--------------------------------------------------------------------------------
1 | #!/usr/bin/make -f
2 |
3 | IMAGE=previousnext/gastonjs
4 | VERSION=latest
5 |
6 | # Build and tests
7 | build:
8 | docker build -t $(IMAGE):$(VERSION) .
9 |
10 | lint:
11 | hadolint Dockerfile
12 |
13 | # Build and release
14 | release: build
15 | docker push $(IMAGE):$(VERSION)
16 |
17 | .PHONY: build lint release
18 |
--------------------------------------------------------------------------------
/golang/.hadolint.yaml:
--------------------------------------------------------------------------------
1 | ignored:
2 | - DL3008
3 |
--------------------------------------------------------------------------------
/golang/Dockerfile:
--------------------------------------------------------------------------------
1 | ARG GO_VERSION=1.13
2 | FROM golang:${GO_VERSION}
3 |
4 | RUN go get github.com/tcnksm/ghr && \
5 | go get github.com/mitchellh/gox && \
6 | go get github.com/jstemmer/go-junit-report && \
7 | go get golang.org/x/lint/golint
8 |
--------------------------------------------------------------------------------
/golang/Makefile:
--------------------------------------------------------------------------------
1 | #!/usr/bin/make -f
2 |
3 | IMAGE=previousnext/golang
4 |
5 | define build_test
6 | docker build --build-arg GO_VERSION=$(1) -t $(IMAGE):$(1) .
7 | # @todo, Add tests.
8 | endef
9 |
10 | define push
11 | docker push $(IMAGE):$(1)
12 | endef
13 |
14 | # Build all Go
15 | build: 1.11 1.12 1.13 1.14 1.15
16 |
17 | 1.11:
18 | $(call build_test,1.11)
19 |
20 | 1.12:
21 | $(call build_test,1.12)
22 |
23 | 1.13:
24 | $(call build_test,1.13)
25 |
26 | 1.14:
27 | $(call build_test,1.14)
28 |
29 | 1.15:
30 | $(call build_test,1.15)
31 |
32 | lint:
33 | hadolint Dockerfile
34 |
35 | # Build and release
36 | release: build
37 | $(call push,1.11)
38 | $(call push,1.12)
39 | $(call push,1.13)
40 | $(call push,1.14)
41 | $(call push,1.15)
42 |
43 | .PHONY: *
44 |
--------------------------------------------------------------------------------
/mailhog/.hadolint.yaml:
--------------------------------------------------------------------------------
1 | ignored:
2 | - DL3006
3 | - DL3007
4 | - DL3008
5 |
--------------------------------------------------------------------------------
/mailhog/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM mailhog/mailhog:latest
2 |
3 | ENTRYPOINT ["MailHog", "-ui-web-path", "mailhog"]
4 |
--------------------------------------------------------------------------------
/mailhog/Makefile:
--------------------------------------------------------------------------------
1 | #!/usr/bin/make -f
2 |
3 | IMAGE=previousnext/mailhog
4 | VERSION=latest
5 |
6 | # Build and tests
7 | build:
8 | docker build -t $(IMAGE):$(VERSION) .
9 |
10 | lint:
11 | hadolint Dockerfile
12 |
13 | # Build and release
14 | release: build
15 | docker push $(IMAGE):$(VERSION)
16 |
17 | .PHONY: build lint release
18 |
--------------------------------------------------------------------------------
/node/.hadolint.yaml:
--------------------------------------------------------------------------------
1 | ignored:
2 | - DL3018
3 |
--------------------------------------------------------------------------------
/node/Dockerfile:
--------------------------------------------------------------------------------
1 | ARG NODE_VERSION=10
2 | FROM node:${NODE_VERSION}-alpine
3 |
4 | RUN apk add --no-cache -u \
5 | ca-certificates \
6 | bash \
7 | make \
8 | git \
9 | python2 \
10 |
--------------------------------------------------------------------------------
/node/Makefile:
--------------------------------------------------------------------------------
1 | #!/usr/bin/make -f
2 |
3 | IMAGE=previousnext/node
4 |
5 | define build
6 | docker build --build-arg NODE_VERSION=$(1) -t $(IMAGE):$(1) .
7 | endef
8 |
9 | define push
10 | docker push $(IMAGE):$(1)
11 | endef
12 |
13 | all: 8 10 12 14 16
14 |
15 | lint:
16 | hadolint Dockerfile
17 |
18 | 8:
19 | $(call build,8)
20 |
21 | 10:
22 | $(call build,10)
23 |
24 | 12:
25 | $(call build,12)
26 |
27 | 14:
28 | $(call build,14)
29 |
30 | 16:
31 | $(call build,16)
32 |
33 | release: all
34 | $(call push,8)
35 | $(call push,10)
36 | $(call push,12)
37 | $(call push,14)
38 | $(call push,16)
39 |
40 | .PHONY: *
41 |
--------------------------------------------------------------------------------
/oauth2_proxy/.hadolint.yaml:
--------------------------------------------------------------------------------
1 | ignored:
2 | - DL3018
3 |
--------------------------------------------------------------------------------
/oauth2_proxy/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM gliderlabs/alpine:3.2
2 | LABEL maintainer="admin@previousnext.com.au"
3 |
4 | ENV OAUTH2_PROXY_VERSION 2.1.linux-amd64.go1.6
5 |
6 | RUN apk --no-cache add curl
7 |
8 | RUN curl -sSL -o oauth2_proxy.tar.gz \
9 | "https://github.com/bitly/oauth2_proxy/releases/download/v2.1/oauth2_proxy-$OAUTH2_PROXY_VERSION.tar.gz" \
10 | && tar xzvf oauth2_proxy.tar.gz \
11 | && mv oauth2_proxy-$OAUTH2_PROXY_VERSION/oauth2_proxy /bin/ \
12 | && chmod +x /bin/oauth2_proxy \
13 | && rm -r oauth2_proxy*
14 |
15 | ENTRYPOINT ["oauth2_proxy"]
16 |
--------------------------------------------------------------------------------
/oauth2_proxy/Makefile:
--------------------------------------------------------------------------------
1 | #!/usr/bin/make -f
2 |
3 | IMAGE=previousnext/oauth2_proxy
4 | VERSION=2.1
5 |
6 | # Build and tests
7 | build:
8 | docker build -t $(IMAGE):$(VERSION) .
9 |
10 | lint:
11 | hadolint Dockerfile
12 |
13 | # Build and release
14 | release: build
15 | docker push $(IMAGE):$(VERSION)
16 |
17 | .PHONY: build lint release
18 |
--------------------------------------------------------------------------------
/passenger/.hadolint.yaml:
--------------------------------------------------------------------------------
1 | ignored:
2 | - DL3008
3 | - DL3015
4 | - DL4001
5 |
--------------------------------------------------------------------------------
/passenger/Makefile:
--------------------------------------------------------------------------------
1 | #!/usr/bin/make -f
2 |
3 | IMAGE=previousnext/passenger
4 | VERSION=latest
5 |
6 | # Build and tests
7 | build:
8 | docker build -f base/Dockerfile -t $(IMAGE):base base
9 | docker build -f prod/Dockerfile -t $(IMAGE):$(VERSION) prod
10 | docker build -f dev/Dockerfile -t $(IMAGE):$(VERSION)-dev dev
11 |
12 | lint:
13 | hadolint base/Dockerfile
14 | hadolint prod/Dockerfile
15 | hadolint dev/Dockerfile
16 |
17 | # Build and release
18 | release: build
19 | docker push $(IMAGE):$(VERSION)
20 | docker push $(IMAGE):$(VERSION)-dev
21 |
22 | .PHONY: build lint release
23 |
--------------------------------------------------------------------------------
/passenger/base/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM ubuntu:16.04
2 | LABEL maintainer="admin@previousnext.com.au"
3 |
4 | WORKDIR /data
5 |
6 | ENV DEBIAN_FRONTEND=noninteractive
7 |
8 | # https://www.phusionpassenger.com/library/install/apache/install/oss/xenial/#step-1:-install-passenger-packages
9 | RUN apt-get update && \
10 | apt-get install -y software-properties-common ca-certificates apt-transport-https && \
11 | apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 561F9B9CAC40B2F7 && \
12 | echo "deb https://oss-binaries.phusionpassenger.com/apt/passenger xenial main" > /etc/apt/sources.list.d/passenger.list && \
13 | rm -rf /var/lib/apt/lists/*
14 |
15 | RUN apt-get update && \
16 | apt-get install -y \
17 | apache2 \
18 | curl \
19 | git \
20 | imagemagick \
21 | libapache2-mod-passenger \
22 | libapr1-dev \
23 | libaprutil1-dev \
24 | libcurl4-openssl-dev \
25 | libmagickcore-dev \
26 | libmagickwand-dev \
27 | libmysqlclient-dev \
28 | libsqlite3-dev \
29 | libssl-dev \
30 | libxml2-dev \
31 | libxslt-dev \
32 | mysql-client \
33 | ruby-json \
34 | ruby-libxml \
35 | ruby-mysql \
36 | ruby-nokogiri \
37 | ruby-rmagick \
38 | ruby2.3 \
39 | ruby2.3-dev \
40 | tzdata \
41 | zlib1g-dev && \
42 | apt-get clean && \
43 | rm -rf /var/lib/apt/lists/*
44 |
45 | # Rails not compatible with bundler >=2.0
46 | RUN gem install bundler -v 1.17.3
47 |
48 | # Enable STDOUT and STDERR.
49 | RUN ln -sf /dev/stdout /var/log/apache2/access.log && \
50 | ln -sf /dev/stderr /var/log/apache2/error.log
51 |
52 | RUN a2enmod passenger rewrite headers
53 | COPY vhost.conf /etc/apache2/sites-enabled/000-default.conf
54 | COPY apache2-foreground /usr/local/bin/
55 |
56 | # Tuner - https://github.com/previousnext/tuner
57 | RUN curl -sSL https://github.com/previousnext/tuner/releases/download/1.0.0/tuner-linux-amd64 -o /usr/local/bin/tuner && \
58 | chmod +rx /usr/local/bin/tuner
59 |
60 | # Backup - https://github.com/previousnext/skipper-backup
61 | RUN curl -sSL https://github.com/previousnext/skipper-backup/releases/download/v1.0.1/skipper-backup-linux-amd64 -o /usr/local/bin/backup && \
62 | chmod +rx /usr/local/bin/backup
63 |
64 | RUN curl -sSL https://github.com/skpr/mail/releases/download/v0.0.7/skprmail_linux_amd64 -o /usr/local/bin/skprmail && \
65 | chmod +rx /usr/local/bin/skprmail
66 |
67 | # Script that kicks it all off
68 | COPY start.sh /usr/local/bin/start
69 | RUN chmod a+x /usr/local/bin/start
70 |
71 | CMD ["start"]
72 |
--------------------------------------------------------------------------------
/passenger/base/apache2-foreground:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | set -e
3 |
4 | # Apache gets grumpy about PID files pre-existing
5 | rm -f /var/run/apache2/apache2.pid
6 |
7 | source /etc/apache2/envvars
8 | exec apache2 -DFOREGROUND
--------------------------------------------------------------------------------
/passenger/base/start.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Name: start.sh
4 | # Author: Nick Schuch
5 | # Comment: A lightweight script for configuring and starting Apache
6 |
7 | tuner --conf=passenger > /etc/apache2/mods-enabled/tuner.conf
8 |
9 | apache2-foreground
10 |
--------------------------------------------------------------------------------
/passenger/base/vhost.conf:
--------------------------------------------------------------------------------
1 |
2 | DocumentRoot "/data/app/public"
3 |
4 |
5 | AllowOverride None
6 | Require all granted
7 | PassengerEnabled on
8 |
9 |
10 | ServerSignature Off
11 | LogLevel error
12 | ErrorLog "|/bin/cat"
13 | LogFormat "%h %l %u %t \"%r\" %>s %b" common
14 | CustomLog "|/bin/cat" common
15 |
16 |
--------------------------------------------------------------------------------
/passenger/dev/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM previousnext/passenger:base
2 | LABEL maintainer="admin@previousnext.com.au"
3 |
4 | ENV HUB_VERSION 2.2.9
5 | ENV HUB_NAME hub-linux-amd64-$HUB_VERSION
6 |
7 | RUN apt-get update && \
8 | apt-get install -y \
9 | bash-completion \
10 | vim \
11 | wget && \
12 | rm -rf /var/lib/apt/lists/*
13 |
14 | # hadolint ignore=SC2016
15 | RUN echo '[[ $PS1 && -f /usr/share/bash-completion/bash_completion ]] && \
16 | . /usr/share/bash-completion/bash_completion' >> ~/.bashrc
17 |
18 | # Skipper CLI toolkit.
19 | RUN wget -nv http://bins.skpr.io/v1/linux-amd64-latest.tar.gz && \
20 | tar -zxf linux-amd64-latest.tar.gz -C /usr/local/bin/ && \
21 | rm -rf linux-amd64-latest.tar.gz
22 |
23 | # Temporary environment builder.
24 | RUN curl -sSL https://github.com/previousnext/m8s/releases/download/v0.8.0/m8s_linux_amd64 -o /usr/local/bin/m8s && \
25 | chmod a+x /usr/local/bin/m8s
26 |
27 | # Github deploy status
28 | RUN curl -sSL https://github.com/previousnext/go-deploy-status/releases/download/1.0.0-alpha3/deploy-status_linux_amd64 -o /usr/local/bin/deploy-status && \
29 | chmod a+x /usr/local/bin/deploy-status
30 |
31 | # Github Hub
32 | # hadolint ignore=DL3003
33 | RUN cd /tmp && curl -sSL -O https://github.com/github/hub/releases/download/v$HUB_VERSION/$HUB_NAME.tgz && \
34 | tar -zxf $HUB_NAME.tgz && \
35 | mv $HUB_NAME/bin/hub /usr/local/bin/ && \
36 | chmod +x /usr/local/bin/hub && \
37 | rm -rf /tmp/$HUB_NAME
38 |
39 | # gosu
40 | RUN curl -sSL https://github.com/tianon/gosu/releases/download/1.10/gosu-amd64 -o /usr/local/bin/gosu && \
41 | chmod a+x /usr/local/bin/gosu
42 |
--------------------------------------------------------------------------------
/passenger/prod/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM previousnext/passenger:base
2 | LABEL maintainer="admin@previousnext.com.au"
3 |
4 | # These get run on build.
5 | ONBUILD COPY . /data
6 | ONBUILD RUN chown -R www-data:www-data /data
7 |
--------------------------------------------------------------------------------
/php-apache/.bashrc:
--------------------------------------------------------------------------------
1 | export PS1='\u@\h:\W \$ '
2 | source /etc/profile.d/bash_completion.sh
3 |
--------------------------------------------------------------------------------
/php-apache/.hadolint.yaml:
--------------------------------------------------------------------------------
1 | ignored:
2 | - DL3018
3 |
--------------------------------------------------------------------------------
/php-apache/Dockerfile:
--------------------------------------------------------------------------------
1 | ARG ALPINE_VERSION=3.10
2 |
3 | FROM alpine:${ALPINE_VERSION}
4 | ARG ALPINE_VERSION=3.10
5 | ARG PHP_VERSION=7.3
6 |
7 | ENV PATH "$PATH:/data/bin"
8 |
9 | ENV PHP_INI_SCAN_DIR=/etc/php/${PHP_VERSION}/conf.d:/var/run/tuner/php
10 |
11 | RUN apk add --no-cache curl ca-certificates && \
12 | curl -sSL https://packages.skpr.io/php-alpine/skpr.rsa.pub -o /etc/apk/keys/skpr.rsa.pub && \
13 | echo "https://packages.skpr.io/php-alpine/${ALPINE_VERSION}/php${PHP_VERSION}" >> /etc/apk/repositories
14 |
15 | RUN apk --update --no-cache add \
16 | apache2 \
17 | apache2-utils \
18 | bash \
19 | bash-completion \
20 | jpegoptim \
21 | libsodium \
22 | make \
23 | mysql-client \
24 | optipng \
25 | php${PHP_VERSION} \
26 | php${PHP_VERSION}-apache2 \
27 | php${PHP_VERSION}-apcu \
28 | php${PHP_VERSION}-bcmath \
29 | php${PHP_VERSION}-ctype \
30 | php${PHP_VERSION}-curl \
31 | php${PHP_VERSION}-dom \
32 | php${PHP_VERSION}-fileinfo \
33 | php${PHP_VERSION}-ftp \
34 | php${PHP_VERSION}-gd \
35 | php${PHP_VERSION}-iconv \
36 | php${PHP_VERSION}-json \
37 | php${PHP_VERSION}-mbstring \
38 | php${PHP_VERSION}-memcached \
39 | php${PHP_VERSION}-opcache \
40 | php${PHP_VERSION}-openssl \
41 | php${PHP_VERSION}-pcntl \
42 | php${PHP_VERSION}-pdo \
43 | php${PHP_VERSION}-pdo_mysql \
44 | php${PHP_VERSION}-pdo_sqlite \
45 | php${PHP_VERSION}-phar \
46 | php${PHP_VERSION}-posix \
47 | php${PHP_VERSION}-session \
48 | php${PHP_VERSION}-simplexml \
49 | php${PHP_VERSION}-soap \
50 | php${PHP_VERSION}-sockets \
51 | php${PHP_VERSION}-sodium \
52 | php${PHP_VERSION}-sqlite3 \
53 | php${PHP_VERSION}-tokenizer \
54 | php${PHP_VERSION}-xml \
55 | php${PHP_VERSION}-xmlreader \
56 | php${PHP_VERSION}-xmlwriter \
57 | php${PHP_VERSION}-zip \
58 | pngquant \
59 | rsync \
60 | tesseract-ocr \
61 | tesseract-ocr-dev \
62 | poppler-utils \
63 | unzip \
64 | vim
65 |
66 | # This provides a compatibility layer for developer who are adding
67 | # custom php.ini files to their projects.
68 | # Bumping PHP versions should not result in changes to their Dockerfiles.
69 | RUN ln -s /etc/php/${PHP_VERSION} /etc/php7
70 |
71 | COPY .bashrc /root/.bashrc
72 | COPY httpd.conf /etc/apache2/httpd.conf
73 | COPY status.conf /etc/apache2/conf.d/status.conf
74 | COPY security.conf /etc/apache2/conf.d/security.conf
75 | COPY drushrc.php /etc/drush/drushrc.php
76 | COPY drush.yml /etc/drush/drush.yml
77 | COPY apcu.ini /etc/php7/conf.d/01_apcu.ini
78 | COPY overrides.ini /etc/php7/conf.d/50_overrides.ini
79 | COPY skpr.php /etc/skpr/skpr.php
80 |
81 | # Liveness
82 | COPY liveness /var/www/liveness
83 |
84 | # New Relic - https://docs.newrelic.com/docs/release-notes/agent-release-notes/php-release-notes
85 | # hadolint ignore=DL3003,DL4006,SC2115
86 | RUN export NR_INSTALL_SILENT=true && \
87 | export NR_INSTALL_USE_CP_NOT_LN=true && \
88 | export NR_VERSION=9.11.0.267 && \
89 | export NR_FILENAME=newrelic-php5-${NR_VERSION}-linux-musl && \
90 | curl -sSL https://download.newrelic.com/php_agent/archive/${NR_VERSION}/${NR_FILENAME}.tar.gz | gzip -dc | tar xf - && \
91 | cd ${NR_FILENAME} && ./newrelic-install install && \
92 | rm -fR /${NR_FILENAME}
93 | COPY newrelic.ini /etc/php7/conf.d/newrelic.ini
94 |
95 | # Logging
96 | RUN ln -sf /dev/stdout /var/log/apache2/access.log && \
97 | ln -sf /dev/stderr /var/log/apache2/error.log
98 |
99 | # Add Amazon RDS TLS public certificate.
100 | ADD https://s3.amazonaws.com/rds-downloads/rds-combined-ca-bundle.pem /etc/ssl/certs/rds-combined-ca-bundle.pem
101 | RUN chmod 755 /etc/ssl/certs/rds-combined-ca-bundle.pem
102 |
103 | # Composer 1 & 2
104 | # hadolint ignore=DL4006
105 | RUN curl -sS https://getcomposer.org/composer-1.phar -o /usr/local/bin/composer && \
106 | chmod +x /usr/local/bin/composer
107 | RUN curl -sS https://getcomposer.org/composer-2.phar -o /usr/local/bin/composer2 && \
108 | chmod +x /usr/local/bin/composer2
109 |
110 | # Tuner - https://github.com/previousnext/tuner
111 | RUN curl -sSL https://github.com/previousnext/tuner/releases/download/1.1.0/tuner_linux_amd64 -o /usr/local/bin/tuner && \
112 | chmod +rx /usr/local/bin/tuner
113 |
114 | RUN curl -sSL https://s3.amazonaws.com/pnx-bins/docconv-v1.0.0-129-geedabc4-alpine${ALPINE_VERSION} -o /usr/local/bin/docconv && \
115 | chmod +rx /usr/local/bin/docconv
116 |
117 | # Ruby errors if a sticky bit isn't set on /tmp.
118 | # @expire 2019-06-30
119 | RUN chmod +t /tmp
120 |
121 | # These volumes allow us to run our containers in "readonly" mode.
122 | VOLUME /run/apache2
123 | VOLUME /run/lock/apache2
124 | VOLUME /tmp
125 | VOLUME /var/log/newrelic
126 | VOLUME /var/run/tuner/apache2
127 | VOLUME /var/run/tuner/php
128 |
129 | WORKDIR /data
130 |
131 | # https://www.camptocamp.com/en/actualite/flexible-docker-entrypoints-scripts/
132 | COPY docker-entrypoint.sh /docker-entrypoint.sh
133 | RUN chmod +x /docker-entrypoint.sh
134 | COPY /docker-entrypoint.d/* /docker-entrypoint.d/
135 |
136 | COPY entrypoint.sh /entrypoint.sh
137 | RUN chmod +x /entrypoint.sh
138 |
139 | ENTRYPOINT ["/docker-entrypoint.sh"]
140 | # @todo, Change to use "httpd -D FOREGROUND" once entrypoint.sh can be retired.
141 | CMD ["/entrypoint.sh"]
142 |
--------------------------------------------------------------------------------
/php-apache/Makefile:
--------------------------------------------------------------------------------
1 | #!/usr/bin/make -f
2 |
3 | IMAGE=previousnext/php-apache
4 | VERSION=3.x
5 |
6 | # Allows for providing unique tags for images based on when they were built.
7 | # Ideal for debugging!
8 | TIMESTAMP=$(shell date +%F)
9 |
10 | define build_test
11 | # Building and testing PROD...
12 | docker build --build-arg ALPINE_VERSION=$(2) \
13 | --build-arg PHP_VERSION=$(1) \
14 | -t $(IMAGE):$(1)-$(VERSION) \
15 | -t $(IMAGE):$(1)-$(TIMESTAMP) \
16 | --no-cache .
17 | container-structure-test test --image $(IMAGE):$(1)-$(VERSION) \
18 | --config tests/$(subst .,-,$(1)).yml \
19 | --config tests/bash.yml \
20 | --config tests/composer.yml \
21 | --config tests/drush.yml \
22 | --config tests/tuner.yml
23 | # Building and testing DEV...
24 | docker build -f dev/Dockerfile \
25 | --build-arg FROM=$(IMAGE):$(1)-$(VERSION) \
26 | --build-arg ALPINE_VERSION=$(2) \
27 | --build-arg PHP_VERSION=$(1) \
28 | -t $(IMAGE):$(1)-$(VERSION)-dev \
29 | -t $(IMAGE):$(1)-$(TIMESTAMP)-dev \
30 | --no-cache dev
31 | container-structure-test test --image $(IMAGE):$(1)-$(VERSION)-dev \
32 | --config dev/tests/frontend.yml \
33 | --config dev/tests/php.yml \
34 | --config dev/tests/alpine$(2).yml \
35 | --config dev/tests/tools.yml
36 | endef
37 |
38 | define push
39 | # Pushing PROD...
40 | docker push $(IMAGE):$(1)-$(VERSION)
41 | docker push $(IMAGE):$(1)-$(TIMESTAMP)
42 | # Pushing DEV...
43 | docker push $(IMAGE):$(1)-$(VERSION)-dev
44 | docker push $(IMAGE):$(1)-$(TIMESTAMP)-dev
45 | endef
46 |
47 | # Build all PHP versions
48 | build: 7.2 7.3
49 |
50 | # Build PHP 7.2
51 | 7.2:
52 | $(call build_test,7.2,3.10)
53 |
54 | # Build PHP 7.3
55 | 7.3:
56 | $(call build_test,7.3,3.10)
57 |
58 | lint:
59 | hadolint Dockerfile
60 |
61 | # Build and release
62 | release: build
63 | $(call push,7.2)
64 | $(call push,7.3)
65 |
66 | .PHONY: build 7.2 7.3 lint release
67 |
--------------------------------------------------------------------------------
/php-apache/apcu.ini:
--------------------------------------------------------------------------------
1 | extension = apcu.so
2 | apc.shm_size = 128M
3 | apc.ttl = 86400
4 | apc.stat = 0
5 | apc.cli = 0
6 |
--------------------------------------------------------------------------------
/php-apache/dev/Dockerfile:
--------------------------------------------------------------------------------
1 | ARG FROM=previousnext/php-apache:latest
2 |
3 | FROM ${FROM}
4 |
5 | ARG ALPINE_VERSION=3.8
6 | ARG PHP_VERSION=7.3
7 |
8 | ENV PATH "$PATH:/data/node_modules/.bin"
9 |
10 | ENV XDEBUG_ENABLED=yes
11 |
12 | RUN apk add -u g++ \
13 | git \
14 | libffi-dev \
15 | jq \
16 | nodejs \
17 | npm \
18 | patch \
19 | php${PHP_VERSION}-xdebug \
20 | python \
21 | openssh-client \
22 | ruby \
23 | ruby-bundler \
24 | ruby-dev \
25 | wget \
26 | yarn && \
27 | rm -rf /var/cache/apk/*
28 |
29 | # https://blog.blackfire.io/alpine-linux-support.html
30 | RUN PHP_VERISON=$(php -r "echo PHP_MAJOR_VERSION.PHP_MINOR_VERSION;") && \
31 | curl -sSL -A "Docker" -o /tmp/blackfire-probe.tar.gz -D - -L -s https://blackfire.io/api/v1/releases/probe/php/alpine/amd64/$PHP_VERISON && \
32 | mkdir -p /tmp/blackfire && \
33 | tar zxpf /tmp/blackfire-probe.tar.gz -C /tmp/blackfire && \
34 | mv /tmp/blackfire/blackfire-*.so $(php -r "echo ini_get('extension_dir');")/blackfire.so && \
35 | rm -rf /tmp/blackfire /tmp/blackfire-probe.tar.gz
36 |
37 | # Example config files for docker-entrypoint.d toggles.
38 | RUN mkdir /etc/php7/conf.d/example
39 | COPY blackfire.ini /etc/php7/conf.d/example/blackfire.ini
40 |
41 | COPY xdebug.ini /etc/php7/conf.d/example/xdebug.ini
42 | RUN rm -f /etc/php7/conf.d/01_xdebug.ini
43 |
44 | COPY dev.ini /etc/php7/conf.d/dev.ini
45 |
46 | # Skipper
47 | RUN wget -nv http://bins.skpr.io/v1/linux-amd64-latest.tar.gz && \
48 | tar -zxf linux-amd64-latest.tar.gz -C /usr/local/bin/ && \
49 | rm -rf linux-amd64-latest.tar.gz
50 |
51 | # M8s
52 | RUN curl -sSL https://github.com/previousnext/m8s/releases/download/v0.9.0/m8s_linux_amd64 -o /usr/local/bin/m8s && \
53 | chmod a+x /usr/local/bin/m8s
54 |
55 | # Github deploy status
56 | RUN curl -sSL https://github.com/previousnext/go-deploy-status/releases/download/1.0.0-alpha3/deploy-status_linux_amd64 -o /usr/local/bin/deploy-status && \
57 | chmod a+x /usr/local/bin/deploy-status
58 |
59 | # Acquia CLI - https://github.com/previousnext/acquia-cli
60 | RUN curl -sSL https://github.com/previousnext/acquia-cli/releases/download/v0.0.1/acquia-cli_linux_amd64 -o /usr/local/bin/acquia-cli && \
61 | chmod +rx /usr/local/bin/acquia-cli
62 |
63 | # Hub
64 | RUN curl -sSL http://bins.skpr.io/hub-latest -o /usr/local/bin/hub && \
65 | chmod +rx /usr/local/bin/hub
66 |
67 | # Notify - https://github.com/previousnext/notify
68 | RUN curl -sSL https://github.com/previousnext/notify/releases/download/2.1.0/notify_linux_amd64 -o /usr/local/bin/notify && \
69 | chmod +rx /usr/local/bin/notify
70 |
71 | # MicroCron - https://github.com/previousnext/microcron
72 | RUN curl -sSL https://github.com/previousnext/microcron/releases/download/v0.0.1/microcron_linux_amd64 -o /usr/local/bin/microcron && \
73 | chmod +rx /usr/local/bin/microcron
74 |
75 | # Semantic - https://github.com/nickschuch/semantic
76 | RUN curl -sSL https://github.com/nickschuch/semantic/releases/download/0.0.2/semantic-linux-amd64 -o /usr/local/bin/semantic && \
77 | chmod +rx /usr/local/bin/semantic
78 |
79 | COPY /docker-entrypoint.d/* /docker-entrypoint.d/
80 |
--------------------------------------------------------------------------------
/php-apache/dev/blackfire.ini:
--------------------------------------------------------------------------------
1 | extension=blackfire.so
2 | blackfire.agent_socket=tcp://127.0.0.1:8707
3 | blackfire.log_level = 4
4 | blackfire.log_file = /tmp/blackfire.log
--------------------------------------------------------------------------------
/php-apache/dev/dev.ini:
--------------------------------------------------------------------------------
1 | ; Development PHP settings.
2 | display_errors = On
3 | display_startup_errors = On
4 | error_reporting = E_ALL
5 | html_errors = On
6 | session.gc_probability = 1
7 | max_execution_time = 0
8 |
--------------------------------------------------------------------------------
/php-apache/dev/docker-entrypoint.d/blackfire.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Name: blackfire.sh
4 | # Description: Enables Blackfire profiling.
5 |
6 | if [ "$BLACKFIRE_ENABLED" != "yes" ]; then
7 | echo "Skipping Backfire: Set BLACKFIRE_ENABLED=yes to enable"
8 | exit 0
9 | fi
10 |
11 | echo "Enabling Blackfire"
12 | mv /etc/php7/conf.d/example/blackfire.ini /etc/php7/conf.d/blackfire.ini
13 |
--------------------------------------------------------------------------------
/php-apache/dev/docker-entrypoint.d/xdebug.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Name: xdebug.sh
4 | # Description: Enables Xdebug.
5 |
6 | if [ "$XDEBUG_ENABLED" != "yes" ]; then
7 | echo "Skipping Xdebug: Set XDEBUG_ENABLED=yes to enable"
8 | exit 0
9 | fi
10 |
11 | echo "Enabling Xdebug"
12 | mv /etc/php7/conf.d/example/xdebug.ini /etc/php7/conf.d/xdebug.ini
--------------------------------------------------------------------------------
/php-apache/dev/tests/alpine3.10.yml:
--------------------------------------------------------------------------------
1 | schemaVersion: '2.0.0'
2 |
3 | commandTests:
4 | - name: 'check node version'
5 | command: 'node'
6 | args: ['-v']
7 | expectedOutput: ['v10']
8 |
--------------------------------------------------------------------------------
/php-apache/dev/tests/alpine3.8.yml:
--------------------------------------------------------------------------------
1 | schemaVersion: '2.0.0'
2 |
3 | commandTests:
4 | - name: 'check node version'
5 | command: 'node'
6 | args: ['-v']
7 | expectedOutput: ['v9']
8 |
9 |
--------------------------------------------------------------------------------
/php-apache/dev/tests/alpine3.9.yml:
--------------------------------------------------------------------------------
1 | schemaVersion: '2.0.0'
2 |
3 | commandTests:
4 | - name: 'check node version'
5 | command: 'node'
6 | args: ['-v']
7 | expectedOutput: ['v10']
8 |
--------------------------------------------------------------------------------
/php-apache/dev/tests/frontend.yml:
--------------------------------------------------------------------------------
1 | schemaVersion: '2.0.0'
2 |
3 | commandTests:
4 | - name: 'command exists: npm'
5 | command: "which"
6 | args: ["npm"]
7 | expectedOutput: ["/usr/bin/npm"]
8 |
9 | - name: 'command exists: yarn'
10 | command: "which"
11 | args: ["yarn"]
12 | expectedOutput: ["/usr/bin/yarn"]
13 |
--------------------------------------------------------------------------------
/php-apache/dev/tests/php.yml:
--------------------------------------------------------------------------------
1 | schemaVersion: '2.0.0'
2 |
3 | commandTests:
4 | - name: 'php: error_reporting'
5 | command: "php"
6 | args: ["-i"]
7 | expectedOutput: ["display_errors => STDOUT => STDOUT"]
8 |
9 | - name: 'php: xdebug enabled'
10 | envVars:
11 | # This should be set by default in the Dockerfile.
12 | # - key: "XDEBUG_ENABLED"
13 | # value: "yes"
14 | setup: [["/docker-entrypoint.sh"]]
15 | command: "php"
16 | args: ["-m"]
17 | expectedOutput: ["xdebug"]
18 |
19 | - name: 'php: blackfire enabled'
20 | envVars:
21 | - key: "BLACKFIRE_ENABLED"
22 | value: "yes"
23 | setup: [["/docker-entrypoint.sh"]]
24 | command: "php"
25 | args: ["-m"]
26 | expectedOutput: ["blackfire"]
27 |
--------------------------------------------------------------------------------
/php-apache/dev/tests/tools.yml:
--------------------------------------------------------------------------------
1 | schemaVersion: '2.0.0'
2 |
3 | commandTests:
4 | - name: 'command exists: git'
5 | command: "which"
6 | args: ["git"]
7 | expectedOutput: ["/usr/bin/git"]
8 |
9 | - name: 'command exists: patch'
10 | command: "which"
11 | args: ["patch"]
12 | expectedOutput: ["/usr/bin/patch"]
13 |
14 | - name: 'command exists: ssh'
15 | command: "which"
16 | args: ["ssh"]
17 | expectedOutput: ["/usr/bin/ssh"]
18 |
19 | - name: 'command exists: hub'
20 | command: "hub"
21 | args: ["--help"]
22 | expectedOutput: ["GitHub"]
23 |
24 | - name: 'command exists: ruby'
25 | command: "which"
26 | args: ["ruby"]
27 | expectedOutput: ["/usr/bin/ruby"]
28 |
29 | - name: 'command exists: bundle'
30 | command: "which"
31 | args: ["bundle"]
32 | expectedOutput: ["/usr/bin/bundle"]
33 |
34 | - name: 'command exists: semantic'
35 | command: "which"
36 | args: ["semantic"]
37 | expectedOutput: ["/usr/local/bin/semantic"]
38 |
39 | - name: 'command exists: notify'
40 | command: "which"
41 | args: ["notify"]
42 | expectedOutput: ["/usr/local/bin/notify"]
43 |
44 | - name: 'command exists: microcron'
45 | command: "which"
46 | args: ["microcron"]
47 | expectedOutput: ["/usr/local/bin/microcron"]
48 |
--------------------------------------------------------------------------------
/php-apache/dev/xdebug.ini:
--------------------------------------------------------------------------------
1 | zend_extension=xdebug.so
2 | xdebug.max_nesting_level=256 ; Fixes debugging for D8.
3 | xdebug.remote_enable=1
4 | xdebug.remote_handler=dbgp
5 | xdebug.remote_mode=req
6 | xdebug.remote_port=9000
7 | xdebug.remote_connect_back=1
8 |
--------------------------------------------------------------------------------
/php-apache/docker-entrypoint.d/tuner.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Name: tuner.sh
4 | # Author: Nick Schuch
5 | # Comment: Configure Apache + PHP based on resources.
6 |
7 | echo "Tuning: Apache: /var/run/tuner/apache2/tuner.conf"
8 | tuner --conf=apache > /var/run/tuner/apache2/tuner.conf
9 |
10 | echo "Tuning: PHP: /var/run/tuner/php/tuner.ini"
11 | tuner --conf=php > /var/run/tuner/php/tuner.ini
12 |
--------------------------------------------------------------------------------
/php-apache/docker-entrypoint.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | DIR=/docker-entrypoint.d
4 |
5 | if [[ -d "$DIR" ]]; then
6 | for f in $DIR/*.sh; do
7 | echo "Running entrypoint.d script: $f"
8 | bash "$f" -H || break
9 | done
10 | fi
11 |
12 | exec "$@"
13 |
--------------------------------------------------------------------------------
/php-apache/drush.yml:
--------------------------------------------------------------------------------
1 | # Drush 9 configuration.
2 | options:
3 | root: '/data/app'
4 |
--------------------------------------------------------------------------------
/php-apache/drushrc.php:
--------------------------------------------------------------------------------
1 | /dev/null)
11 | echo "New Relic: Found Skipper config: nr.install.key"
12 | fi
13 |
14 | if [ -f /etc/skpr/nr.app.name ]; then
15 | export NEW_RELIC_APP_NAME=$(cat /etc/skpr/nr.app.name 2> /dev/null)
16 | echo "New Relic: Found Skippr config: nr.app.name"
17 | fi
18 |
19 | if [ "$NEW_RELIC_LICENSE_KEY" != "" ] && [ "$NEW_RELIC_APP_NAME" != "" ]; then
20 | export NEW_RELIC_ENABLED=true
21 | echo "New Relic: Enabled"
22 | fi
23 |
24 | httpd -D FOREGROUND
25 |
--------------------------------------------------------------------------------
/php-apache/httpd.conf:
--------------------------------------------------------------------------------
1 | #
2 | # This is the main Apache HTTP server configuration file. It contains the
3 | # configuration directives that give the server its instructions.
4 | # See for detailed information.
5 | # In particular, see
6 | #
7 | # for a discussion of each configuration directive.
8 | #
9 | # Do NOT simply read the instructions in here without understanding
10 | # what they do. They're here only as hints or reminders. If you are unsure
11 | # consult the online docs. You have been warned.
12 | #
13 | # Configuration and logfile names: If the filenames you specify for many
14 | # of the server's control files begin with "/" (or "drive:/" for Win32), the
15 | # server will use that explicit path. If the filenames do *not* begin
16 | # with "/", the value of ServerRoot is prepended -- so "logs/access_log"
17 | # with ServerRoot set to "/usr/local/apache2" will be interpreted by the
18 | # server as "/usr/local/apache2/logs/access_log", whereas "/logs/access_log"
19 | # will be interpreted as '/logs/access_log'.
20 |
21 | #
22 | # ServerTokens
23 | # This directive configures what you return as the Server HTTP response
24 | # Header. The default is 'Full' which sends information about the OS-Type
25 | # and compiled in modules.
26 | # Set to one of: Full | OS | Minor | Minimal | Major | Prod
27 | # where Full conveys the most information, and Prod the least.
28 | #
29 | ServerTokens OS
30 |
31 | #
32 | # ServerRoot: The top of the directory tree under which the server's
33 | # configuration, error, and log files are kept.
34 | #
35 | # Do not add a slash at the end of the directory path. If you point
36 | # ServerRoot at a non-local disk, be sure to specify a local disk on the
37 | # Mutex directive, if file-based mutexes are used. If you wish to share the
38 | # same ServerRoot for multiple httpd daemons, you will need to change at
39 | # least PidFile.
40 | #
41 | ServerRoot /var/www
42 |
43 | #
44 | # Mutex: Allows you to set the mutex mechanism and mutex file directory
45 | # for individual mutexes, or change the global defaults
46 | #
47 | # Uncomment and change the directory if mutexes are file-based and the default
48 | # mutex file directory is not on a local disk or is not appropriate for some
49 | # other reason.
50 | #
51 | # Mutex default:/run/apache2
52 |
53 | #
54 | # Listen: Allows you to bind Apache to specific IP addresses and/or
55 | # ports, instead of the default. See also the
56 | # directive.
57 | #
58 | # Change this to Listen on specific IP addresses as shown below to
59 | # prevent Apache from glomming onto all bound IP addresses.
60 | #
61 | #Listen 12.34.56.78:80
62 | Listen 80
63 |
64 | #
65 | # Dynamic Shared Object (DSO) Support
66 | #
67 | # To be able to use the functionality of a module which was built as a DSO you
68 | # have to place corresponding `LoadModule' lines at this location so the
69 | # directives contained in it are actually available _before_ they are used.
70 | # Statically compiled modules (those listed by `httpd -l') do not need
71 | # to be loaded here.
72 | #
73 | # Example:
74 | # LoadModule foo_module modules/mod_foo.so
75 | #
76 | #LoadModule mpm_event_module modules/mod_mpm_event.so
77 | LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
78 | #LoadModule mpm_worker_module modules/mod_mpm_worker.so
79 | LoadModule authn_file_module modules/mod_authn_file.so
80 | #LoadModule authn_dbm_module modules/mod_authn_dbm.so
81 | #LoadModule authn_anon_module modules/mod_authn_anon.so
82 | #LoadModule authn_dbd_module modules/mod_authn_dbd.so
83 | #LoadModule authn_socache_module modules/mod_authn_socache.so
84 | LoadModule authn_core_module modules/mod_authn_core.so
85 | LoadModule authz_host_module modules/mod_authz_host.so
86 | LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
87 | LoadModule authz_user_module modules/mod_authz_user.so
88 | #LoadModule authz_dbm_module modules/mod_authz_dbm.so
89 | #LoadModule authz_owner_module modules/mod_authz_owner.so
90 | #LoadModule authz_dbd_module modules/mod_authz_dbd.so
91 | LoadModule authz_core_module modules/mod_authz_core.so
92 | LoadModule access_compat_module modules/mod_access_compat.so
93 | LoadModule auth_basic_module modules/mod_auth_basic.so
94 | #LoadModule auth_form_module modules/mod_auth_form.so
95 | #LoadModule auth_digest_module modules/mod_auth_digest.so
96 | #LoadModule allowmethods_module modules/mod_allowmethods.so
97 | #LoadModule file_cache_module modules/mod_file_cache.so
98 | #LoadModule cache_module modules/mod_cache.so
99 | #LoadModule cache_disk_module modules/mod_cache_disk.so
100 | #LoadModule cache_socache_module modules/mod_cache_socache.so
101 | #LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
102 | #LoadModule socache_dbm_module modules/mod_socache_dbm.so
103 | #LoadModule socache_memcache_module modules/mod_socache_memcache.so
104 | #LoadModule watchdog_module modules/mod_watchdog.so
105 | #LoadModule macro_module modules/mod_macro.so
106 | #LoadModule dbd_module modules/mod_dbd.so
107 | #LoadModule dumpio_module modules/mod_dumpio.so
108 | #LoadModule echo_module modules/mod_echo.so
109 | #LoadModule buffer_module modules/mod_buffer.so
110 | #LoadModule data_module modules/mod_data.so
111 | #LoadModule ratelimit_module modules/mod_ratelimit.so
112 | LoadModule reqtimeout_module modules/mod_reqtimeout.so
113 | #LoadModule ext_filter_module modules/mod_ext_filter.so
114 | #LoadModule request_module modules/mod_request.so
115 | #LoadModule include_module modules/mod_include.so
116 | LoadModule filter_module modules/mod_filter.so
117 | #LoadModule reflector_module modules/mod_reflector.so
118 | #LoadModule substitute_module modules/mod_substitute.so
119 | #LoadModule sed_module modules/mod_sed.so
120 | #LoadModule charset_lite_module modules/mod_charset_lite.so
121 | LoadModule deflate_module modules/mod_deflate.so
122 | LoadModule mime_module modules/mod_mime.so
123 | LoadModule log_config_module modules/mod_log_config.so
124 | #LoadModule log_debug_module modules/mod_log_debug.so
125 | #LoadModule log_forensic_module modules/mod_log_forensic.so
126 | #LoadModule logio_module modules/mod_logio.so
127 | LoadModule env_module modules/mod_env.so
128 | #LoadModule mime_magic_module modules/mod_mime_magic.so
129 | #LoadModule expires_module modules/mod_expires.so
130 | LoadModule headers_module modules/mod_headers.so
131 | #LoadModule usertrack_module modules/mod_usertrack.so
132 | #LoadModule unique_id_module modules/mod_unique_id.so
133 | LoadModule setenvif_module modules/mod_setenvif.so
134 | LoadModule version_module modules/mod_version.so
135 | #LoadModule remoteip_module modules/mod_remoteip.so
136 | #LoadModule session_module modules/mod_session.so
137 | #LoadModule session_cookie_module modules/mod_session_cookie.so
138 | #LoadModule session_crypto_module modules/mod_session_crypto.so
139 | #LoadModule session_dbd_module modules/mod_session_dbd.so
140 | #LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
141 | #LoadModule slotmem_plain_module modules/mod_slotmem_plain.so
142 | #LoadModule dialup_module modules/mod_dialup.so
143 | #LoadModule http2_module modules/mod_http2.so
144 | LoadModule unixd_module modules/mod_unixd.so
145 | #LoadModule heartbeat_module modules/mod_heartbeat.so
146 | #LoadModule heartmonitor_module modules/mod_heartmonitor.so
147 | LoadModule status_module modules/mod_status.so
148 | LoadModule autoindex_module modules/mod_autoindex.so
149 | #LoadModule asis_module modules/mod_asis.so
150 | #LoadModule info_module modules/mod_info.so
151 | #LoadModule suexec_module modules/mod_suexec.so
152 |
153 | #LoadModule cgid_module modules/mod_cgid.so
154 |
155 |
156 | #LoadModule cgi_module modules/mod_cgi.so
157 |
158 | LoadModule vhost_alias_module modules/mod_vhost_alias.so
159 | LoadModule negotiation_module modules/mod_negotiation.so
160 | LoadModule dir_module modules/mod_dir.so
161 | #LoadModule actions_module modules/mod_actions.so
162 | #LoadModule speling_module modules/mod_speling.so
163 | #LoadModule userdir_module modules/mod_userdir.so
164 | LoadModule alias_module modules/mod_alias.so
165 | LoadModule rewrite_module modules/mod_rewrite.so
166 |
167 | LoadModule negotiation_module modules/mod_negotiation.so
168 |
169 |
170 | #
171 | # If you wish httpd to run as a different user or group, you must run
172 | # httpd as root initially and it will switch.
173 | #
174 | # User/Group: The name (or #number) of the user/group to run httpd as.
175 | # It is usually good practice to create a dedicated user and group for
176 | # running httpd, as with most system services.
177 | #
178 | User apache
179 | Group apache
180 |
181 |
182 |
183 | # 'Main' server configuration
184 | #
185 | # The directives in this section set up the values used by the 'main'
186 | # server, which responds to any requests that aren't handled by a
187 | # definition. These values also provide defaults for
188 | # any containers you may define later in the file.
189 | #
190 | # All of these directives may appear inside containers,
191 | # in which case these default settings will be overridden for the
192 | # virtual host being defined.
193 | #
194 |
195 | #
196 | # ServerAdmin: Your address, where problems with the server should be
197 | # e-mailed. This address appears on some server-generated pages, such
198 | # as error documents. e.g. admin@your-domain.com
199 | #
200 | ServerAdmin you@example.com
201 |
202 | #
203 | # Optionally add a line containing the server version and virtual host
204 | # name to server-generated pages (internal error documents, FTP directory
205 | # listings, mod_status and mod_info output etc., but not CGI generated
206 | # documents or custom error documents).
207 | # Set to "EMail" to also include a mailto: link to the ServerAdmin.
208 | # Set to one of: On | Off | EMail
209 | #
210 | ServerSignature On
211 |
212 | #
213 | # ServerName gives the name and port that the server uses to identify itself.
214 | # This can often be determined automatically, but we recommend you specify
215 | # it explicitly to prevent problems during startup.
216 | #
217 | # If your host doesn't have a registered DNS name, enter its IP address here.
218 | #
219 | #ServerName www.example.com:80
220 |
221 | #
222 | # Deny access to the entirety of your server's filesystem. You must
223 | # explicitly permit access to web content directories in other
224 | # blocks below.
225 | #
226 |
227 | AllowOverride none
228 | Require all denied
229 |
230 |
231 | #
232 | # Note that from this point forward you must specifically allow
233 | # particular features to be enabled - so if something's not working as
234 | # you might expect, make sure that you have specifically enabled it
235 | # below.
236 | #
237 |
238 | #
239 | # DocumentRoot: The directory out of which you will serve your
240 | # documents. By default, all requests are taken from this directory, but
241 | # symbolic links and aliases may be used to point to other locations.
242 | #
243 | DocumentRoot "/data/app"
244 |
245 | Options Indexes FollowSymLinks
246 | AllowOverride All
247 | Require all granted
248 |
249 |
250 | # A set of health checking scripts for this project.
251 | # Users can add more to this directory via the Dockerfile.
252 | # Details for how to use these scripts can be found here:
253 | # https://docs.skpr.io/developer/drupal
254 | Alias "/liveness" "/var/www/liveness"
255 |
256 | # All health checks are blocked from external access.
257 | # Anything proxied from a layer 7 balancer will not be
258 | # allowed to check the health of the application.
259 | SetEnvIF X-Forwarded-For ^$ Internal
260 |
261 | Require env Internal
262 |
263 |
264 | #
265 | # DirectoryIndex: sets the file that Apache will serve if a directory
266 | # is requested.
267 | #
268 |
269 | DirectoryIndex index.html
270 |
271 |
272 | #
273 | # The following lines prevent .htaccess and .htpasswd files from being
274 | # viewed by Web clients.
275 | #
276 |
277 | Require all denied
278 |
279 |
280 | #
281 | # ErrorLog: The location of the error log file.
282 | # If you do not specify an ErrorLog directive within a
283 | # container, error messages relating to that virtual host will be
284 | # logged here. If you *do* define an error logfile for a
285 | # container, that host's errors will be logged there and not here.
286 | #
287 | ErrorLog logs/error.log
288 |
289 | #
290 | # LogLevel: Control the number of messages logged to the error_log.
291 | # Possible values include: debug, info, notice, warn, error, crit,
292 | # alert, emerg.
293 | #
294 | LogLevel warn
295 |
296 |
297 | #
298 | # The following directives define some format nicknames for use with
299 | # a CustomLog directive (see below).
300 | #
301 | LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
302 | LogFormat "%h %l %u %t \"%r\" %>s %b" common
303 |
304 |
305 | # You need to enable mod_logio.c to use %I and %O
306 | LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
307 |
308 |
309 | #
310 | # The location and format of the access logfile (Common Logfile Format).
311 | # If you do not define any access logfiles within a
312 | # container, they will be logged here. Contrariwise, if you *do*
313 | # define per- access logfiles, transactions will be
314 | # logged therein and *not* in this file.
315 | #
316 | #CustomLog logs/access.log common
317 |
318 | #
319 | # If you prefer a logfile with access, agent, and referer information
320 | # (Combined Logfile Format) you can use the following directive.
321 | #
322 | CustomLog logs/access.log combined
323 |
324 |
325 |
326 | #
327 | # Redirect: Allows you to tell clients about documents that used to
328 | # exist in your server's namespace, but do not anymore. The client
329 | # will make a new request for the document at its new location.
330 | # Example:
331 | # Redirect permanent /foo http://www.example.com/bar
332 |
333 | #
334 | # Alias: Maps web paths into filesystem paths and is used to
335 | # access content that does not live under the DocumentRoot.
336 | # Example:
337 | # Alias /webpath /full/filesystem/path
338 | #
339 | # If you include a trailing / on /webpath then the server will
340 | # require it to be present in the URL. You will also likely
341 | # need to provide a section to allow access to
342 | # the filesystem path.
343 |
344 | #
345 | # ScriptAlias: This controls which directories contain server scripts.
346 | # ScriptAliases are essentially the same as Aliases, except that
347 | # documents in the target directory are treated as applications and
348 | # run by the server when requested rather than as documents sent to the
349 | # client. The same rules about trailing "/" apply to ScriptAlias
350 | # directives as to Alias.
351 | #
352 | ScriptAlias /cgi-bin/ "/var/www/localhost/cgi-bin/"
353 |
354 |
355 |
356 |
357 | #
358 | # ScriptSock: On threaded servers, designate the path to the UNIX
359 | # socket used to communicate with the CGI daemon of mod_cgid.
360 | #
361 | #Scriptsock cgisock
362 |
363 |
364 | #
365 | # "/var/www/localhost/cgi-bin" should be changed to whatever your ScriptAliased
366 | # CGI directory exists, if you have that configured.
367 | #
368 |
369 | AllowOverride None
370 | Options None
371 | Require all granted
372 |
373 |
374 |
375 | #
376 | # Avoid passing HTTP_PROXY environment to CGI's on this or any proxied
377 | # backend servers which have lingering "httpoxy" defects.
378 | # 'Proxy' request header is undefined by the IETF, not listed by IANA
379 | #
380 | RequestHeader unset Proxy early
381 |
382 |
383 |
384 | #
385 | # TypesConfig points to the file containing the list of mappings from
386 | # filename extension to MIME-type.
387 | #
388 | TypesConfig /etc/apache2/mime.types
389 |
390 | #
391 | # AddType allows you to add to or override the MIME configuration
392 | # file specified in TypesConfig for specific file types.
393 | #
394 | #AddType application/x-gzip .tgz
395 | #
396 | # AddEncoding allows you to have certain browsers uncompress
397 | # information on the fly. Note: Not all browsers support this.
398 | #
399 | #AddEncoding x-compress .Z
400 | #AddEncoding x-gzip .gz .tgz
401 | #
402 | # If the AddEncoding directives above are commented-out, then you
403 | # probably should define those extensions to indicate media types:
404 | #
405 | AddType application/x-compress .Z
406 | AddType application/x-gzip .gz .tgz
407 |
408 | #
409 | # AddHandler allows you to map certain file extensions to "handlers":
410 | # actions unrelated to filetype. These can be either built into the server
411 | # or added with the Action directive (see below)
412 | #
413 | # To use CGI scripts outside of ScriptAliased directories:
414 | # (You will also need to add "ExecCGI" to the "Options" directive.)
415 | #
416 | #AddHandler cgi-script .cgi
417 |
418 | # For type maps (negotiated resources):
419 | #AddHandler type-map var
420 |
421 | #
422 | # Filters allow you to process content before it is sent to the client.
423 | #
424 | # To parse .shtml files for server-side includes (SSI):
425 | # (You will also need to add "Includes" to the "Options" directive.)
426 | #
427 | #AddType text/html .shtml
428 | #AddOutputFilter INCLUDES .shtml
429 |
430 |
431 | #
432 | # The mod_mime_magic module allows the server to use various hints from the
433 | # contents of the file itself to determine its type. The MIMEMagicFile
434 | # directive tells the module where the hint definitions are located.
435 | #
436 |
437 | MIMEMagicFile /etc/apache2/magic
438 |
439 |
440 | #
441 | # Customizable error responses come in three flavors:
442 | # 1) plain text 2) local redirects 3) external redirects
443 | #
444 | # Some examples:
445 | #ErrorDocument 500 "The server made a boo boo."
446 | #ErrorDocument 404 /missing.html
447 | #ErrorDocument 404 "/cgi-bin/missing_handler.pl"
448 | #ErrorDocument 402 http://www.example.com/subscription_info.html
449 | #
450 |
451 | #
452 | # MaxRanges: Maximum number of Ranges in a request before
453 | # returning the entire resource, or one of the special
454 | # values 'default', 'none' or 'unlimited'.
455 | # Default setting is to accept 200 Ranges.
456 | #MaxRanges unlimited
457 |
458 | #
459 | # EnableMMAP and EnableSendfile: On systems that support it,
460 | # memory-mapping or the sendfile syscall may be used to deliver
461 | # files. This usually improves server performance, but must
462 | # be turned off when serving from networked-mounted
463 | # filesystems or if support for these functions is otherwise
464 | # broken on your system.
465 | # Defaults: EnableMMAP On, EnableSendfile Off
466 | #
467 | #EnableMMAP off
468 | #EnableSendfile on
469 |
470 | # Load config files from the config directory "/etc/apache2/conf.d".
471 | #
472 | IncludeOptional /etc/apache2/conf.d/*.conf
473 | IncludeOptional /var/run/tuner/apache2/*.conf
474 |
--------------------------------------------------------------------------------
/php-apache/liveness/d7.php:
--------------------------------------------------------------------------------
1 | fetch();
41 | if ($account->uid != 1) {
42 | $errors[] = 'Database not responding.';
43 | }
44 |
45 | /**
46 | * Filesystem.
47 | */
48 |
49 | $vars = array(
50 | 'temp' => 'file_temporary_path',
51 | 'public' => 'file_public_path',
52 | 'private' => 'file_private_path',
53 | );
54 |
55 | foreach ($vars as $type => $var) {
56 | $dir = variable_get($var, FALSE);
57 | if (!$dir) {
58 | continue;
59 | }
60 |
61 | $real_dir = realpath($dir);
62 |
63 | // If we don't get a result then the directory doesn't exist.
64 | // This could mean the the directory has been unmounted.
65 | if (empty($real_dir)) {
66 | $errors[] = 'Could not find the directory: ' . $dir;
67 | continue;
68 | }
69 |
70 | $file = $real_dir . '/liveness_' . drupal_random_key(6) . '.txt';
71 |
72 | // Attempt to write the file to disk.
73 | $fp = fopen($file, 'w');
74 | $success = fwrite($fp, 'liveness ' . $type);
75 | fclose($fp);
76 | if (!$success) {
77 | $errors[] = 'Could not write to file: ' . $file;
78 | }
79 |
80 | // Cleanup the file on disk if present.
81 | if (!unlink($file)) {
82 | $errors[] = 'Could not delete file: ' . $name;
83 | }
84 | }
85 |
86 | /**
87 | * Results.
88 | */
89 |
90 | if ($errors) {
91 | header('HTTP/1.1 500 Internal Server Error');
92 | print implode("
\n", $errors);
93 | }
94 | else {
95 | print 'Healthy!';
96 | }
97 |
98 | // Exit immediately, note the shutdown function registered at the top of the file.
99 | exit();
100 |
--------------------------------------------------------------------------------
/php-apache/liveness/d8.php:
--------------------------------------------------------------------------------
1 | loadLegacyIncludes();
42 | $kernel->boot();
43 |
44 | /**
45 | * Database.
46 | */
47 |
48 | $database = Database::getConnection();
49 | $result = $database->select('users', 'u')
50 | ->fields('u')
51 | ->condition('uid', 1)
52 | ->execute();
53 | $account = $result->fetch();
54 | if ($account->uid != 1) {
55 | $errors[] = 'Database not responding.';
56 | }
57 |
58 | /**
59 | * Filesystem.
60 | */
61 |
62 | $schemes = [
63 | 'temp' => 'temporary://',
64 | 'public' => 'public://',
65 | ];
66 |
67 | // We don't always have the private service.
68 | if (Settings::get('file_private_path')) {
69 | $schemes['private'] = 'private://';
70 | }
71 |
72 | /* @var \Drupal\Core\File\FileSystemInterface $file_system */
73 | $file_system = $kernel->getContainer()->get('file_system');
74 | foreach ($schemes as $name => $scheme) {
75 | $real_dir = $file_system->realpath($scheme);
76 | // If we don't get a result then the directory doesn't exist.
77 | // This could mean the the directory has been unmounted.
78 | if (empty($real_dir)) {
79 | $errors[] = 'Could not find the directory: ' . $name;
80 | continue;
81 | }
82 | $file = $real_dir . '/liveness_' . Crypt::randomBytesBase64(6) . '.txt';
83 |
84 | // Attempt to write the file to disk.
85 | $fp = fopen($file, 'w');
86 | $success = fwrite($fp, 'liveness ' . $name);
87 | fclose($fp);
88 | if (!$success) {
89 | $errors[] = 'Could not write to file: ' . $file;
90 | }
91 |
92 | // Cleanup the file on disk if present.
93 | if (!unlink($file)) {
94 | $errors[] = 'Could not delete file: ' . $name;
95 | }
96 | }
97 |
98 | /**
99 | * Results.
100 | */
101 |
102 | if ($errors) {
103 | header('HTTP/1.1 500 Internal Server Error');
104 | print implode("
\n", $errors);
105 | }
106 | else {
107 | print 'Healthy!';
108 | }
109 |
110 | // Exit immediately, note the shutdown function registered at the top of the
111 | // file.
112 | exit();
113 |
--------------------------------------------------------------------------------
/php-apache/newrelic.ini:
--------------------------------------------------------------------------------
1 | ; This file contains the various settings for the New Relic PHP agent. There
2 | ; are many options, all of which are described in detail at the following URL:
3 | ; https://docs.newrelic.com/docs/agents/php-agent/configuration/php-agent-configuration
4 | ;
5 |
6 | ; If you use a full path to the extension you insulate yourself from the
7 | ; extension directory changing if you change PHP installations or versions.
8 | ; If you do not use an absolute path then the file must be installed in the
9 | ; active configuration's extension directory.
10 | extension = "newrelic.so"
11 |
12 | [newrelic]
13 | ; Setting: newrelic.enabled
14 | ; Type : boolean
15 | ; Scope : per-directory
16 | ; Default: true
17 | ; Info : Enable or disable the agent. Please note that you cannot globally
18 | ; disable the agent and then selectively enable it on a per-directory
19 | ; basis. If you disable the agent in the global INI file then the
20 | ; agent will not initialize at all. However, you can selectively
21 | ; disable the agent on a per-directory basis.
22 | ;
23 | newrelic.enabled = "${NEW_RELIC_ENABLED}"
24 |
25 | ; Setting: newrelic.license
26 | ; Type : string
27 | ; Scope : per-directory
28 | ; Default: none
29 | ; Info : Sets the New Relic license key to use. This can vary from directory
30 | ; to directory if you are running a multi-tenant system. By special
31 | ; dispensation if you upgraded from a previous version of the agent
32 | ; where the license key was set in the daemon, the installation and
33 | ; upgrade script will have preserved your license key from the file
34 | ; /etc/newrelic/newrelic.cfg, but ONLY if you installed via rpm/yum
35 | ; or dpkg. The key is saved in /etc/newrelic/upgrade_please.key
36 | ; and the agent will look for that file if you do not specify a valid
37 | ; license here.
38 | ; It is *STRONGLY* recommended that you set the license key in your
39 | ; INI file(s) and do not rely on the key file being present. Also
40 | ; please note that even if you are not letting the agent start the
41 | ; daemon and are still using newrelic.cfg (see below) the license
42 | ; keyword in that file is no longer obeyed. Instead the agent will
43 | ; use the preserved value of that license from the key file.
44 | ; Once you have updated your INI files to contain the license we
45 | ; urge you to remove /etc/newrelic/upgrade_please.key in order to
46 | ; eliminate the potential for confusion about exactly where the key
47 | ; is coming from.
48 | ;
49 | newrelic.license = "${NEW_RELIC_LICENSE_KEY}"
50 |
51 | ; Setting: newrelic.logfile
52 | ; Type : string
53 | ; Scope : system
54 | ; Default: none
55 | ; Info : Sets the name of the file to send log messages to.
56 | ;
57 | newrelic.logfile = "/var/log/newrelic/php_agent.log"
58 |
59 | ; Setting: newrelic.loglevel
60 | ; Type : string
61 | ; Scope : system
62 | ; Default: "info"
63 | ; Info : Sets the level of detail to include in the log file. You should
64 | ; rarely need to change this from the default, and usually only under
65 | ; the guidance of technical support.
66 | ; Must be one of the following values:
67 | ; always, error, warning, info, verbose, debug, verbosedebug
68 | ;
69 | ;newrelic.loglevel = "info"
70 |
71 | ; Setting: newrelic.high_security
72 | ; Type : boolean
73 | ; Scope : system
74 | ; Default: false
75 | ; Info : Enables high security for all applications. When high security is
76 | ; enabled, the following behavior will take effect:
77 | ; * Raw SQL strings will never be gathered, regardless of the value of
78 | ; newrelic.transaction_tracer.record_sql.
79 | ; * Request parameters will never be captured, regardless of the
80 | ; newrelic.attributes configuration settings.
81 | ; * The following API functions will have no effect, and will return
82 | ; false:
83 | ; newrelic_add_custom_parameter
84 | ; newrelic_set_user_attributes
85 | ; newrelic_record_custom_event
86 | ;
87 | ; IMPORTANT: If you change this setting, you must also change the RPM
88 | ; UI security setting. If the two settings do not match, then no data
89 | ; will be collected.
90 | ;
91 | ; IMPORTANT: This setting is not compatible with
92 | ; newrelic.security_policies_token. Only one may be set. If both are
93 | ; set an error will be thrown and the agent will not connect.
94 | ;
95 | ;newrelic.high_security = false
96 |
97 | ; Setting: newrelic.appname
98 | ; Type : string
99 | ; Scope : per-directory
100 | ; Default: "PHP Application"
101 | ; Info : Sets the name of the application that metrics will be reported into.
102 | ; This can in fact be a list of up to 3 application names, each of
103 | ; which must be separated by a semi-colon. The first name in any such
104 | ; list is considered the 'primary' application name and must be unique
105 | ; for each account / license key.
106 | ;
107 | newrelic.appname = "${NEW_RELIC_APP_NAME}"
108 |
109 | ; Setting: newrelic.process_host.display_name
110 | ; Type : string
111 | ; Scope : system
112 | ; Default: none
113 | ; Info : Sets a custom display name for your application server in the New
114 | ; Relic UI. Servers are normally identified by host and port number.
115 | ; This setting allows you to give your hosts more recognizable names.
116 | ;
117 | ;newrelic.process_host.display_name = ""
118 |
119 | ;
120 | ; Beginning with version 3.0 of the agent, the daemon can be automatically
121 | ; started by the agent. There is no need to start the daemon before starting
122 | ; Apache or PHP-FPM. All of the newrelic.daemon.* settings are options that
123 | ; control the behavior of the daemon. These settings are converted into the
124 | ; appropriate command line options when the agent starts the daemon. This is
125 | ; now the preferred method of starting the daemon. There are still usage cases
126 | ; (such as using a single daemon for serving multiple Apache instances) where
127 | ; you may want to start the daemon via it's init script, but for most users,
128 | ; this is the best place to configure and start the daemon.
129 | ;
130 | ; The agent will only launch the daemon if one isn't already running. Also
131 | ; note that the agent will NOT stop the daemon once it has started. If you
132 | ; want control over exactly when the daemon starts and stops you can still
133 | ; achieve that by creating a daemon configuration file (located by default at
134 | ; /etc/newrelic/newrelic.cfg) and running the chkconfig or equivalent command.
135 | ; Please see the newrelic.cfg template file for details. That template file
136 | ; is located at /usr/lib/newrelic-php5/scripts/newrelic.cfg.template.
137 | ;
138 | ; Also please note that the options here and in newrelic.cfg are identical,
139 | ; except that in this file they are preceded with "newrelic.daemon.".
140 | ;
141 |
142 | ; Setting: newrelic.daemon.logfile
143 | ; Type : string
144 | ; Scope : system
145 | ; Default: none
146 | ; Info : Sets the name of the file to send daemon log messages to.
147 | ;
148 | newrelic.daemon.logfile = "/var/log/newrelic/newrelic-daemon.log"
149 |
150 | ; Setting: newrelic.daemon.loglevel
151 | ; Type : string
152 | ; Scope : system
153 | ; Default: "info"
154 | ; Info : Sets the level of detail to include in the daemon log. You should
155 | ; rarely need to change this from the default, and usually only under
156 | ; the guidance of technical support.
157 | ; Must be one of the following values:
158 | ; always, error, warning, info, debug
159 | ;
160 | ; The values verbose and verbosedebug are deprecated aliases for debug.
161 | ;
162 | ;newrelic.daemon.loglevel = "info"
163 |
164 | ; Setting: newrelic.daemon.port
165 | ; Type : string or integer
166 | ; Scope : system
167 | ; Default: /tmp/.newrelic.sock
168 | ; Info : Sets how the agent and daemon communicate. How this is set can impact
169 | ; performance. The default is to use a UNIX-domain socket located at
170 | ; /tmp/.newrelic.sock. If you want to use UNIX domain sockets then
171 | ; this value must begin with a "/". If you set this to an integer
172 | ; value in the range 1-65534, then this will instruct the agent to use
173 | ; a normal TCP socket on the port specified. This may be easier to use
174 | ; if you are using a chroot environment. On Linux, an abstract socket
175 | ; can be created by prefixing the socket name with '@'. Support for
176 | ; abstract sockets was added in PHP agent version 5.2.
177 | ;
178 | ;newrelic.daemon.port = "/tmp/.newrelic.sock"
179 |
180 | ; Setting: newrelic.daemon.ssl_ca_bundle
181 | ; Type : string
182 | ; Scope : system
183 | ; Default: none
184 | ; Info : Sets the location of a file containing CA certificates in PEM
185 | ; format. When set, the certificates in this file will be used to
186 | ; authenticate the New Relic collector servers. If
187 | ; newrelic.daemon.ssl_ca_path is also set (see below), the
188 | ; certificates in this file will be searched first, followed by the
189 | ; certificates contained in the newrelic.daemon.ssl_ca_path
190 | ; directory.
191 | ;
192 | ;newrelic.daemon.ssl_ca_bundle = ""
193 |
194 | ; Setting: newrelic.daemon.ssl_ca_path
195 | ; Type : string
196 | ; Scope : system
197 | ; Default: none
198 | ; Info : Sets the location of a directory containing trusted CA certificates
199 | ; in PEM format. When set, the certificates in this directory will be
200 | ; used to authenticate the New Relic collector servers. If
201 | ; newrelic.daemon.ssl_ca_bundle is also set (see above), it will be
202 | ; searched first followed by the certificates contained in
203 | ; newrelic.daemon.ssl_ca_path.
204 | ;
205 | ;newrelic.daemon.ssl_ca_path = ""
206 |
207 | ; Setting: newrelic.daemon.proxy
208 | ; Type : string
209 | ; Scope : system
210 | ; Default: none
211 | ; Info : Sets the host and user credentials to use as an egress proxy. This
212 | ; is only used if your site requires a proxy in order to access
213 | ; external servers on the internet, in this case the New Relic data
214 | ; collection servers. This is expressed in one of the following forms:
215 | ; hostname
216 | ; hostname:port
217 | ; user@hostname
218 | ; user@hostname:port
219 | ; user:password@hostname
220 | ; user:password@hostname:port
221 | ;
222 | ;newrelic.daemon.proxy = ""
223 |
224 | ; Setting: newrelic.daemon.pidfile
225 | ; Type : string
226 | ; Scope : system
227 | ; Default: OS dependent
228 | ; Info : Sets the name of the file to store the running daemon's process ID
229 | ; (PID) in. This file is used by the daemon startup and shutdown
230 | ; script to determine whether or not the daemon is already running.
231 | ;
232 | ;newrelic.daemon.pidfile = ""
233 |
234 | ; Setting: newrelic.daemon.location
235 | ; Type : string
236 | ; Scope : system
237 | ; Default: /usr/bin/newrelic-daemon
238 | ; Info : Sets the name of the daemon executable to launch.
239 | ; Please note that on OpenSolaris where /usr is frequently a read-only
240 | ; file system, the default daemon location is
241 | ; /opt/newrelic/bin/newrelic-daemon.
242 | ;
243 | ;newrelic.daemon.location = "/usr/bin/newrelic-daemon"
244 |
245 | ; Setting: newrelic.daemon.collector_host
246 | ; Type : string
247 | ; Scope : system
248 | ; Default: none
249 | ; Info : Sets the host name of the New Relic data collector host to use.
250 | ; Please note that this is NOT any form of local host. It refers to
251 | ; the New Relic provided host. There is very little reason to ever
252 | ; change this from the default except in certain very special
253 | ; circumstances, and then only on instruction from a New Relic sales
254 | ; person or support staff member.
255 | ;
256 | ;newrelic.daemon.collector_host = ""
257 |
258 | ; Setting: newrelic.daemon.dont_launch
259 | ; Type : integer (0, 1, 2 or 3)
260 | ; Scope : system
261 | ; Default: 0
262 | ; Info : If you prefer to have the daemon launched externally before the
263 | ; agent starts up, set this variable to non-zero. The value you
264 | ; choose determines exactly when the agent is allowed to start the
265 | ; daemon:
266 | ; 0 - agent can start the daemon any time it needs to
267 | ; 1 - non-CLI (i.e Apache / php-fpm) agents can start the daemon
268 | ; 2 - only CLI agents can start the daemon
269 | ; 3 - the agent will never start the daemon
270 | ;
271 | ;newrelic.daemon.dont_launch = 0
272 |
273 | ; Setting: newrelic.daemon.utilization.detect_aws
274 | ; Type : boolean
275 | ; Scope : system
276 | ; Default: true
277 | ; Info : Enable detection of whether the system is running on AWS. This will
278 | ; create a small amount of network traffic on daemon startup.
279 | ;
280 | ;newrelic.daemon.utilization.detect_aws = true
281 |
282 | ; Setting: newrelic.daemon.utilization.detect_azure
283 | ; Type : boolean
284 | ; Scope : system
285 | ; Default: true
286 | ; Info : Enable detection of whether the system is running on Azure. This will
287 | ; create a small amount of network traffic on daemon startup.
288 | ;
289 | ;newrelic.daemon.utilization.detect_azure = true
290 |
291 | ; Setting: newrelic.daemon.utilization.detect_gcp
292 | ; Type : boolean
293 | ; Scope : system
294 | ; Default: true
295 | ; Info : Enable detection of whether the system is running on Google Cloud
296 | ; Platform. This will create a small amount of network traffic on
297 | ; daemon startup.
298 | ;
299 | ;newrelic.daemon.utilization.detect_gcp = true
300 |
301 | ; Setting: newrelic.daemon.utilization.detect_pcf
302 | ; Type : boolean
303 | ; Scope : system
304 | ; Default: true
305 | ; Info : Enable detection of whether the system is running on Pivotal Cloud
306 | ; Foundry.
307 | ;
308 | ;newrelic.daemon.utilization.detect_pcf = true
309 |
310 | ; Setting: newrelic.daemon.utilization.detect_docker
311 | ; Type : boolean
312 | ; Scope : system
313 | ; Default: true
314 | ; Info : Enable detection of a system running on Docker. This will be used
315 | ; to support future features.
316 | ;
317 | ;newrelic.daemon.utilization.detect_docker = true
318 |
319 | ; Setting: newrelic.daemon.app_timeout
320 | ; Type : time specification string ("5m", "1h20m", etc)
321 | ; Scope : system
322 | ; Default: 10m
323 | ; Info : Sets the elapsed time after which an application will be considered
324 | ; inactive. Inactive applications do not count against the maximum
325 | ; limit of 250 applications. Allowed units are "ns", "us", "ms", "s",
326 | ; "m", and "h".
327 | ;
328 | ; A value of 0 is interpreted as "no timeout". New applications with
329 | ; this setting count toward the 250 application limit. In addition, with
330 | ; a 0-value setting, the agent's daemon process cannot release a small
331 | ; amount of memory per application back to the operating system.
332 | ;
333 | ; We do not recommend using a 0-value setting except under the guidance
334 | ; of technical support; instead, for occasional background transactions,
335 | ; we suggest using a value of twice the interval (so, for an hourly
336 | ; background job, set the timeout to 2 hours).
337 |
338 | ;newrelic.daemon.app_timeout = 10m
339 |
340 | ; Setting: newrelic.error_collector.enabled
341 | ; Type : boolean
342 | ; Scope : per-directory
343 | ; Default: true
344 | ; Info : Enable the New Relic error collector. This will record the 20 most
345 | ; severe errors per harvest cycle. It is rare to want to disable this.
346 | ; Please also note that your New Relic subscription level may force
347 | ; this to be disabled regardless of any value you set for it.
348 | ;
349 | ;newrelic.error_collector.enabled = true
350 |
351 | ; Setting: newrelic.error_collector.ignore_user_exception_handler
352 | ; Type : boolean
353 | ; Scope : per-directory
354 | ; Default: false
355 | ; Info : If enabled, the New Relic error collector will ignore any exceptions
356 | ; that are handled by an exception handler installed with
357 | ; set_exception_handler().
358 | ;
359 | ; If an exception handler has not been installed, this setting will
360 | ; have no effect, as PHP will turn the uncaught exception into a fatal
361 | ; error and it will be handled accordingly by the New Relic error
362 | ; collector.
363 | ;
364 | ;newrelic.error_collector.ignore_user_exception_handler = false
365 |
366 | ; Setting: newrelic.error_collector.ignore_exceptions
367 | ; Type: string
368 | ; Scope: per-directory
369 | ; Default: none
370 | ; Info: A comma separated list of exception classes that the agent should
371 | ; ignore. When an unhandled exception occurs, the agent will perform
372 | ; the equivalent of `$exception instanceof Class` for each of the
373 | ; classes listed. If any of those checks returns true, the agent
374 | ; will not record an error.
375 | ;
376 | ; Please note that this setting only applies to uncaught exceptions.
377 | ; Exceptions recorded using the newrelic_notice_error API are not
378 | ; subject to filtering.
379 | ;
380 | ;newrelic.error_collector.ignore_exceptions = ""
381 |
382 | ; Setting: newrelic.error_collector.ignore_errors
383 | ; Type: string
384 | ; Scope: per-directory
385 | ; Default: none
386 | ; Info: Sets the error levels that the agent should ignore.
387 | ;
388 | ; Please note that this setting does not apply to errors recorded
389 | ; using the newrelic_notice_error API.
390 | ;
391 | ;newrelic.error_collector.ignore_errors = ""
392 |
393 | ; Setting: newrelic.error_collector.record_database_errors
394 | ; Type : boolean
395 | ; Scope : per-directory
396 | ; Default: false
397 | ; Info : Currently only supported for MySQL database functions. If enabled,
398 | ; this will cause errors returned by various MySQL functions to be
399 | ; treated as if they were PHP errors, and thus subject to error
400 | ; collection. This is only obeyed if the error collector is enabled
401 | ; above and the account subscription level permits error trapping.
402 | ;
403 | ;newrelic.error_collector.record_database_errors = false
404 |
405 | ; Setting: newrelic.error_collector.prioritize_api_errors
406 | ; Type : boolean
407 | ; Scope : per-directory
408 | ; Default: false
409 | ; Info : If the error collector is enabled and you use the New Relic API to
410 | ; notice an error, if this is set to true then assign the highest
411 | ; priority to such errors.
412 | ;
413 | ;newrelic.error_collector.prioritize_api_errors = false
414 |
415 | ; Setting: newrelic.browser_monitoring.auto_instrument
416 | ; Type : boolean
417 | ; Scope : per-directory
418 | ; Default: true
419 | ; Info : Enables or disables automatic real user monitoring ("auto-RUM").
420 | ; When enabled will cause the agent to insert a header and a footer
421 | ; in HTML output that will time the actual end-user experience.
422 | ;
423 | ;newrelic.browser_monitoring.auto_instrument = true
424 |
425 | ; Setting: newrelic.transaction_tracer.enabled
426 | ; Type : boolean
427 | ; Scope : per-directory
428 | ; Default: true
429 | ; Info : Enables or disables the transaction tracer. When enabled this will
430 | ; produce a detailed call graph for any transaction that exceeds a
431 | ; certain threshold (see next entry). Only one transaction trace per
432 | ; application per harvest cycle is stored and it is always the slowest
433 | ; transaction during that cycle. Transaction traces are extremely
434 | ; useful when diagnosing problem spots in your application. Please
435 | ; note that TT's may be disabled by your account subscription level
436 | ; regardless of what you set here.
437 | ;
438 | ;newrelic.transaction_tracer.enabled = true
439 |
440 | ; Setting: newrelic.transaction_tracer.threshold
441 | ; Type : string with a time specification or the word "apdex_f"
442 | ; Scope : per-directory
443 | ; Default: "apdex_f"
444 | ; Info : Specifies the threshold above which a transaction becomes a
445 | ; candidate for the transaction tracer. This can either be an absolute
446 | ; time value like "200ms" or "1s250ms" or "1h30m" or "750us" or the
447 | ; word "apdex_f". This last value, "apdex_f", means "4 times apdex_t".
448 | ; Thus the threshold changes according to your apdex_t setting. This
449 | ; is the default.
450 | ;
451 | ;newrelic.transaction_tracer.threshold = "apdex_f"
452 |
453 | ; Setting: newrelic.transaction_tracer.detail
454 | ; Type : integer in the range 0-1
455 | ; Scope : per-directory
456 | ; Default: 1
457 | ; Info : Sets the level of detail in a transaction trace. Setting this to 0
458 | ; will only show the relatively few PHP functions that New Relic has
459 | ; deemed to be "interesting", as well as any custom functions you set
460 | ; (see below). A setting of 1 will trace and time all user functions.
461 | ;
462 | ; In earlier releases of the agent this was known as "top100".
463 | ;
464 | ;newrelic.transaction_tracer.detail = 1
465 |
466 | ; Setting: newrelic.transaction_tracer.slow_sql
467 | ; Type : boolean
468 | ; Scope : per-directory
469 | ; Default: true
470 | ; Info : Enables or disables the "slow SQL" tracer. When enabled, this will
471 | ; record the top 10 slowest SQL calls along with a stack trace of
472 | ; where the call occurred in your code.
473 | ;
474 | ;newrelic.transaction_tracer.slow_sql = true
475 |
476 | ; Setting: newrelic.transaction_tracer.stack_trace_threshold
477 | ; Type : time specification string ("500ms", "1s750ms" etc)
478 | ; Scope : per-directory
479 | ; Default: 500ms
480 | ; Info : Sets the threshold above which the New Relic agent will record a
481 | ; stack trace for a transaction trace.
482 | ;
483 | ;newrelic.transaction_tracer.stack_trace_threshold = 500
484 |
485 | ; Setting: newrelic.transaction_tracer.explain_enabled
486 | ; Type : boolean
487 | ; Scope : per-directory
488 | ; Default: true
489 | ; Info : Enables or disables requesting "explain plans" from MySQL databases
490 | ; accessed via MySQLi or PDO_MySQL for slow SQL calls. The threshold
491 | ; for requesting explain plans is defined below.
492 | ;
493 | ;newrelic.transaction_tracer.explain_enabled = true
494 |
495 | ; Setting: newrelic.transaction_tracer.explain_threshold
496 | ; Type : time specification string ("750ms", "1s 500ms" etc)
497 | ; Scope : per-directory
498 | ; Default: 500ms
499 | ; Info : Used by the slow SQL tracer to set the threshold above which an SQL
500 | ; statement is considered "slow", and to set the threshold above which
501 | ; the transaction tracer will request an "explain plan" from the data-
502 | ; base for slow SQL. This latter feature may not be active yet, please
503 | ; refer to the agent release notes to see when it becomes available.
504 | ; Only relevant if explain_enabled above is set to true.
505 | ;
506 | ;newrelic.transaction_tracer.explain_threshold = 500
507 |
508 | ; Setting: newrelic.transaction_tracer.record_sql
509 | ; Type : "off", "raw" or "obfuscated"
510 | ; Scope : per-directory
511 | ; Default: "obfuscated"
512 | ; Info : Sets how SQL statements are recorded (if at all). If this is set to
513 | ; "raw" then no attempt is made at obfuscating SQL statements.
514 | ; USING "raw" IS HIGHLY DISCOURAGED IN PRODUCTION ENVIRONMENTS!
515 | ; Setting this to "raw" has considerable security implications as it
516 | ; can expose sensitive and private customer data.
517 | ;
518 | ;newrelic.transaction_tracer.record_sql = "obfuscated"
519 |
520 | ; Setting: newrelic.transaction_tracer.custom
521 | ; Type : string
522 | ; Scope : per-directory
523 | ; Default: none
524 | ; Info : Sets the name(s) of additional functions you want to instrument and
525 | ; appear in transaction traces. This is only meaningful if you have
526 | ; set newrelic.transaction_tracer.detail to 0. This can be a comma-
527 | ; separated list of function or class method names.
528 | ;
529 | ;newrelic.transaction_tracer.custom = ""
530 |
531 | ; Setting: newrelic.transaction_tracer.internal_functions_enabled
532 | ; Type : boolean
533 | ; Scope : system
534 | ; Default: false
535 | ; Info : Enables or disables support for tracing internal functions (that is,
536 | ; functions written in C and provided either via the PHP standard
537 | ; library or PECL extensions). When enabled, internal functions will
538 | ; appear in transaction traces like functions written in PHP.
539 | ;
540 | ; Note that enabling this option may result in transactions being up to
541 | ; 5% slower. Enabling this option is only recommended when specifically
542 | ; debugging performance issues where an internal function is suspected
543 | ; to be slow.
544 | ;
545 | ;newrelic.transaction_tracer.internal_functions_enabled = false
546 |
547 | ; Setting: newrelic.framework
548 | ; Type : string
549 | ; Scope : per-directory
550 | ; Default: empty (auto-detect framework)
551 | ; Info : Disables automatic framework detection, telling the agent to
552 | ; attempt to name transactions according to the specified framework.
553 | ; Specifying "no_framework" will disable framework-related transaction
554 | ; naming entirely. Please let us know at support.newrelic.com if you
555 | ; encounter a failure with framework autodetection.
556 | ;
557 | ; Must be one of the following values:
558 | ; cakephp, codeigniter, drupal, drupal8, joomla, kohana, laravel,
559 | ; magento, magento2, mediawiki, silex, slim, symfony1, symfony2,
560 | ; wordpress, yii, zend, zend2, no_framework
561 | ;
562 | ; Note that "drupal" covers only Drupal 6 and 7.
563 | ;
564 | ;newrelic.framework = ""
565 |
566 | ; Setting: newrelic.webtransaction.name.remove_trailing_path
567 | ; Type : boolean
568 | ; Scope : per-directory
569 | ; Default: false
570 | ; Info : Used to aid naming transactions correctly when an unsupported
571 | ; framework is being used. This option will cause anything after the
572 | ; script name to be stripped from a URL. For example, setting this
573 | ; would cause the "/xyz/zy" to be stripped from a URL such as
574 | ; "/path/to/foo.php/xyz/zy".
575 | ;
576 | ;newrelic.webtransaction.name.remove_trailing_path = false
577 |
578 | ; Setting: newrelic.webtransaction.name.functions
579 | ; Type : string
580 | ; Scope : per-directory
581 | ; Default: none
582 | ; Info : Unless a specific framework such as Drupal or Wordpress has been
583 | ; detected, transactions are named according to the first script
584 | ; encountered, such as login.php. However, if you use a dispatcher
585 | ; file such as index.php this produces less useful data. If you use
586 | ; a dispatcher to redirect to actions such as "login", "show", "edit"
587 | ; etc, you can set this to the top level functions for those actions,
588 | ; and the function names specified here will be used to name the
589 | ; transaction.
590 | ;
591 | ;newrelic.webtransaction.name.functions = ""
592 |
593 | ; Setting: newrelic.webtransaction.name.files
594 | ; Type : string
595 | ; Scope : per-directory
596 | ; Default: none
597 | ; Info : Same as newrelic.webtransaction.name.functions above but using file
598 | ; names instead of function names. Accepts standard POSIX regular
599 | ; expressions.
600 | ;
601 | ;newrelic.webtransaction.name.files = ""
602 |
603 | ; Setting: newrelic.daemon.auditlog
604 | ; Type : string
605 | ; Scope : system
606 | ; Default: none
607 | ; Info : Sets the name of a file to record all uncompressed, un-encoded
608 | ; content that is sent from your machine to the New Relic servers.
609 | ; This includes the full URL for each command along with the payload
610 | ; delivered with the command. This allows you to satisfy yourself
611 | ; that the agent is not sending any sensitive data to our servers.
612 | ; This file must be a different file the the newrelic.daemon.logfile
613 | ; setting above. If you set it to the same name,
614 | ; then audit logging will be silently ignored.
615 | ;
616 | ;newrelic.daemon.auditlog = "/var/log/newrelic/audit.log"
617 |
618 | ; Setting: newrelic.transaction_events.enabled
619 | ; Type : boolean
620 | ; Scope : per-directory
621 | ; Default: true
622 | ; Info : Collect and report transaction analytics event data. Event data
623 | ; allows the New Relic UI to show additional information such as
624 | ; histograms. This setting was formerly called
625 | ; newrelic.analytics_events.enabled.
626 | ;
627 | ;newrelic.transaction_events.enabled = true
628 |
629 | ; Setting: newrelic.attributes.enabled
630 | ; Type : boolean
631 | ; Scope : per-directory
632 | ; Default: true
633 | ; Info : Enable or disable the collection of attributes generated by the
634 | ; agent or generated by the user though newrelic_add_custom_parameter.
635 | ; This setting will take precedence over all other attribute
636 | ; configuration settings. For more information, please refer to:
637 | ; https://docs.newrelic.com/docs/agents/manage-apm-agents/agent-metrics/agent-attributes
638 | ;
639 | ;newrelic.attributes.enabled = true
640 |
641 | ; Setting: newrelic.transaction_events.attributes.enabled
642 | ; newrelic.transaction_tracer.attributes.enabled
643 | ; newrelic.error_collector.attributes.enabled
644 | ; newrelic.browser_monitoring.attributes.enabled
645 | ; Type : boolean
646 | ; Scope : per-directory
647 | ; Default: true, except for browser_monitoring.attributes.enabled
648 | ; Info : Control which destinations receive attributes.
649 | ; These configuration settings will override the .include and .exclude
650 | ; settings below. For more information, please refer to:
651 | ; https://docs.newrelic.com/docs/agents/manage-apm-agents/agent-metrics/agent-attributes
652 | ;
653 | ; These settings were formerly called:
654 | ; newrelic.transaction_tracer.capture_attributes
655 | ; newrelic.error_collector.capture_attributes
656 | ; newrelic.analytics_events.capture_attributes
657 | ; newrelic.browser_monitoring.capture_attributes
658 | ;
659 | ;newrelic.transaction_events.attributes.enabled = true
660 | ;newrelic.transaction_tracer.attributes.enabled = true
661 | ;newrelic.error_collector.attributes.enabled = true
662 | ;newrelic.browser_monitoring.attributes.enabled = false
663 |
664 | ; Setting: newrelic.attributes.include
665 | ; newrelic.attributes.exclude
666 | ;
667 | ; newrelic.transaction_events.attributes.include
668 | ; newrelic.transaction_events.attributes.exclude
669 | ;
670 | ; newrelic.transaction_tracer.attributes.include
671 | ; newrelic.transaction_tracer.attributes.exclude
672 | ;
673 | ; newrelic.error_collector.attributes.include
674 | ; newrelic.error_collector.attributes.exclude
675 | ;
676 | ; newrelic.browser_monitoring.attributes.include
677 | ; newrelic.browser_monitoring.attributes.exclude
678 | ;
679 | ; Type : string
680 | ; Scope : per-directory
681 | ; Default: none
682 | ; Info : Each attribute has a default set of destinations. For example, the
683 | ; 'request_uri' attribute's default destinations are errors and
684 | ; transaction traces. The 'httpResponseCode' attribute's default
685 | ; destinations are errors, transaction traces, and transaction events.
686 | ;
687 | ; These configuration options allow complete control over the
688 | ; destinations of attributes.
689 | ;
690 | ; To include the attribute whose key is 'alpha' in errors, the
691 | ; configuration is:
692 | ; newrelic.error_collector.include = alpha
693 | ;
694 | ; To exclude the attribute whose key is 'alpha' from errors, the
695 | ; configuration is:
696 | ; newrelic.error_collector.exclude = alpha
697 | ;
698 | ; The newrelic.attributes.exclude and newrelic.attributes.include
699 | ; settings affect all destinations.
700 | ;
701 | ; To exclude the attributes 'beta' and 'gamma' from all destinations,
702 | ; the configuration is:
703 | ; newrelic.attributes.exclude = beta,gamma
704 | ;
705 | ; If one of the values in the comma separated list ends in a '*',
706 | ; it will match any suffix. For example, to exclude any attributes
707 | ; which begin with 'psi', the configuration is:
708 | ; newrelic.attributes.exclude = psi*
709 | ;
710 | ; For more information, please refer to:
711 | ; https://docs.newrelic.com/docs/agents/manage-apm-agents/agent-metrics/agent-attributes
712 | ;
713 | ;newrelic.attributes.include = ""
714 | ;newrelic.attributes.exclude = ""
715 | ;
716 | ;newrelic.transaction_events.attributes.include = ""
717 | ;newrelic.transaction_events.attributes.exclude = ""
718 | ;
719 | ;newrelic.transaction_tracer.attributes.include = ""
720 | ;newrelic.transaction_tracer.attributes.exclude = ""
721 | ;
722 | ;newrelic.error_collector.attributes.include = ""
723 | ;newrelic.error_collector.attributes.exclude = ""
724 | ;
725 | ;newrelic.browser_monitoring.attributes.include = ""
726 | ;newrelic.browser_monitoring.attributes.exclude = ""
727 |
728 | ; Setting: newrelic.feature_flag
729 | ; Type : string
730 | ; Scope : system
731 | ; Default: none
732 | ; Info : Enables new and experimental features within the PHP agent. These
733 | ; flags are used to selectively enable features that are intended to be
734 | ; enabled by default in later versions of the PHP agent.
735 | ;
736 | ;newrelic.feature_flag = ""
737 |
738 | ; Setting: newrelic.custom_insights_events.enabled
739 | ; Type : boolean
740 | ; Scope : per-directory
741 | ; Default: true
742 | ; Info : Enables or disables the API function newrelic_record_custom_event.
743 | ;
744 | ;newrelic.custom_insights_events.enabled = true
745 |
746 | ; Setting: newrelic.labels
747 | ; Type : string (Use quotes)
748 | ; Scope : per-directory
749 | ; Default: none
750 | ; Info : Sets the label names and values to associate with the application.
751 | ; The list is a semi-colon delimited list of colon-separated name and
752 | ; value pairs.
753 | ;
754 | ; There are a maximum of 64 label name/value pairs allowed.
755 | ;
756 | ; The maximum length of the name and value is 255 characters each.
757 | ;
758 | ; Leading or trailing whitespace in the name or value will be trimmed.
759 | ;
760 | ; UTF-8 characters are allowed.
761 | ;
762 | ; E.g., "Server:One;Data Center:Primary"
763 | ;
764 | ;newrelic.labels = ""
765 |
766 | ; Setting: newrelic.synthetics.enabled
767 | ; Type : boolean
768 | ; Scope : per-directory
769 | ; Default: true
770 | ; Info : Enables or disables support for Synthetics transactions.
771 | ; For more information, please see:
772 | ; https://docs.newrelic.com/docs/synthetics/new-relic-synthetics/getting-started/new-relic-synthetics
773 | ;
774 | ;newrelic.synthetics.enabled = true
775 |
776 | ; Setting: newrelic.cross_application_tracer.enabled
777 | ; Type : boolean
778 | ; Scope : per-directory
779 | ; Default: true
780 | ; Info : Enables or disables support for Cross Application Tracing, aka "CAT".
781 | ;
782 | ;newrelic.cross_application_tracer.enabled = true
783 |
784 | ; Setting: newrelic.transaction_tracer.gather_input_queries
785 | ; Type : boolean
786 | ; Scope : per-directory
787 | ; Default: true
788 | ; Info : Enables or disables support for tracing Doctrine DQL with Slow SQL queries.
789 | ; This requires Slow SQLs to be enabled.
790 | ;
791 | ;newrelic.transaction_tracer.gather_input_queries = true
792 |
793 | ; Setting: newrelic.error_collector.capture_events
794 | ; Type : boolean
795 | ; Scope : per-directory
796 | ; Default: true
797 | ; Info : Enables or disables capturing error events, which are displayed as
798 | ; Error Analytics in the UI.
799 | ;
800 | ;newrelic.error_collector.capture_events = true
801 |
802 | ; Setting: newrelic.guzzle.enabled
803 | ; Type : boolean
804 | ; Scope : per-directory
805 | ; Default: true
806 | ; Info : Enables or disables support for the Guzzle library.
807 | ;
808 | ;newrelic.guzzle.enabled = true
809 |
810 | ; Setting: newrelic.phpunit_events.enabled
811 | ; Type : boolean
812 | ; Scope : per-directory
813 | ; Default: false
814 | ; Info : Collect and report PHPUnit (https://phpunit.de/) data as custom
815 | ; Insights events. Test suite summary data are sent as "TestSuite"
816 | ; events, while individual test cases are sent as "Test" events.
817 | ; Depending on your events retention policy, enabling this setting may
818 | ; impact your billing statement.
819 | ;
820 | ; Please note that exception messages are collected and sent with
821 | ; events. Additionally, if you use PHPUnit's --disallow-test-output
822 | ; flag, any offending output from a risky test will also be included.
823 | ;
824 | ;newrelic.phpunit_events.enabled = false
825 |
826 | ; Setting: newrelic.datastore_tracer.instance_reporting.enabled
827 | ; Type : boolean
828 | ; Scope : per-directory
829 | ; Default: true
830 | ; Info : Enables or disables capturing datastore instance information,
831 | ; specifically host and port_path_or_id. This information is sent as a
832 | ; metric and as attributes on transaction traces and slow SQL traces.
833 | ;
834 | ;newrelic.datastore_tracer.instance_reporting.enabled = true
835 |
836 | ; Setting: newrelic.datastore_tracer.database_name_reporting.enabled
837 | ; Type : boolean
838 | ; Scope : per-directory
839 | ; Default: true
840 | ; Info : Enables or disables capturing information about database names. This
841 | ; information is sent as an attribute on transaction traces and slow
842 | ; SQL traces.
843 | ;
844 | ;newrelic.datastore_tracer.database_name_reporting.enabled = true
845 |
846 | ; Setting: newrelic.security_policies_token
847 | ; Type : string
848 | ; Scope : per-directory
849 | ; Default: none
850 | ; Info : Enables or disables security policies. If security policies are
851 | ; enabled on your account, you should paste the security policies token
852 | ; from the New Relic APM UI here.
853 | ;
854 | ; IMPORTANT: This setting is not compatible with newrelic.high_security.
855 | ; Only one may be set. If both are set an error will be thrown and the
856 | ; agent will not connect.
857 | ;
858 | ;newrelic.security_policies_token = ""
859 | ;
860 | ; Distributed Tracing
861 | newrelic.transaction_tracer.enabled = true
862 | newrelic.distributed_tracing_enabled = true
863 | newrelic.transaction_tracer.threshold = 0
864 |
--------------------------------------------------------------------------------
/php-apache/overrides.ini:
--------------------------------------------------------------------------------
1 | # This is to avoid X-Powered-By header being returned to the browser.
2 | expose_php = off
3 |
--------------------------------------------------------------------------------
/php-apache/security.conf:
--------------------------------------------------------------------------------
1 | ServerTokens ProductOnly
2 | ServerSignature Off
3 | TraceEnable Off
4 |
--------------------------------------------------------------------------------
/php-apache/skpr.php:
--------------------------------------------------------------------------------
1 | /etc/skpr/..data/var.foo -> /etc/skpr/..4984_21_04_13_51_28.237024315/var.foo
14 | // The issue is here is when values are updated there is a short TTL of time where PHP will
15 | // keep looking at a non existant timestamped directory.
16 | // After looking into opcache and apc it turns out core php has a cache for this as well.
17 | // These lines ensure that our Skipper configuration is always fresh and readily available for
18 | // the remaing config lookups by the application.
19 | foreach (realpath_cache_get() as $path => $cache) {
20 | if (strpos($path, $dir) === 0) {
21 | clearstatcache(TRUE, $path);
22 | }
23 | }
24 | foreach (glob($dir . '/*') as $file) {
25 | $confs[basename($file)] = str_replace("\n", '', file_get_contents(realpath($file)));
26 | }
27 | if (empty($confs)) {
28 | // On environments with no skpr, this will run every time because conf is empty.
29 | // Flag that we've done this dance once, and don't need to do it again.
30 | $confs['no_skpr_for_you'] = TRUE;
31 | }
32 | }
33 | return !empty($confs[$key]) ? $confs[$key] : FALSE;
34 | }
35 |
--------------------------------------------------------------------------------
/php-apache/status.conf:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | SetHandler server-status
5 |
6 | Order deny,allow
7 | Deny from all
8 | Allow from localhost ip6-localhost 127.0.0.1
9 | Satisfy any
10 |
11 |
12 | RewriteEngine off
13 |
14 |
15 |
16 |
17 |
--------------------------------------------------------------------------------
/php-apache/tests/7-2.yml:
--------------------------------------------------------------------------------
1 | schemaVersion: '2.0.0'
2 |
3 | commandTests:
4 | - name: 'check php version'
5 | command: 'php'
6 | args: ['-v']
7 | expectedOutput: ['PHP 7.2']
--------------------------------------------------------------------------------
/php-apache/tests/7-3.yml:
--------------------------------------------------------------------------------
1 | schemaVersion: '2.0.0'
2 |
3 | commandTests:
4 | - name: 'check php version'
5 | command: 'php'
6 | args: ['-v']
7 | expectedOutput: ['PHP 7.3']
8 |
--------------------------------------------------------------------------------
/php-apache/tests/bash.yml:
--------------------------------------------------------------------------------
1 | schemaVersion: '2.0.0'
2 |
3 | commandTests:
4 |
5 | - name: 'command exists: make'
6 | command: "which"
7 | args: ["make"]
8 | expectedOutput: ["/usr/bin/make"]
9 |
10 | - name: 'command exists: jpegoptim'
11 | command: "which"
12 | args: ["jpegoptim"]
13 | expectedOutput: ["/usr/bin/jpegoptim"]
14 |
15 | - name: 'command exists: optipng'
16 | command: "which"
17 | args: ["optipng"]
18 | expectedOutput: ["/usr/bin/optipng"]
19 |
20 | - name: 'command exists: pngquant'
21 | command: "which"
22 | args: ["pngquant"]
23 | expectedOutput: ["/usr/bin/pngquant"]
24 |
25 | fileExistenceTests:
26 |
27 | - name: 'file exists: bash_completion'
28 | path: '/usr/share/bash-completion/bash_completion'
29 | shouldExist: true
30 |
31 | - name: 'file exists: bashrc'
32 | path: '/root/.bashrc'
33 | shouldExist: true
34 |
--------------------------------------------------------------------------------
/php-apache/tests/composer.yml:
--------------------------------------------------------------------------------
1 | schemaVersion: '2.0.0'
2 |
3 | commandTests:
4 | - name: 'command exists'
5 | command: "which"
6 | args: ["composer"]
7 | expectedOutput: ["/usr/local/bin/composer"]
--------------------------------------------------------------------------------
/php-apache/tests/drush.yml:
--------------------------------------------------------------------------------
1 | schemaVersion: '2.0.0'
2 |
3 | fileExistenceTests:
4 | - name: 'drushrc.php'
5 | path: '/etc/drush/drushrc.php'
6 | shouldExist: true
7 | permissions: '-rw-r--r--'
--------------------------------------------------------------------------------
/php-apache/tests/drush9.yml:
--------------------------------------------------------------------------------
1 | schemaVersion: '2.0.0'
2 |
3 | fileExistenceTests:
4 | - name: 'drush.yml'
5 | path: '/etc/drush/drush.yml'
6 | shouldExist: true
7 | permissions: '-rw-r--r--'
8 |
--------------------------------------------------------------------------------
/php-apache/tests/tuner.yml:
--------------------------------------------------------------------------------
1 | schemaVersion: '2.0.0'
2 |
3 | commandTests:
4 | - name: 'command exists'
5 | command: "which"
6 | args: ["tuner"]
7 | expectedOutput: ["/usr/local/bin/tuner"]
--------------------------------------------------------------------------------
/pnx-packager/.hadolint.yaml:
--------------------------------------------------------------------------------
1 | ignored:
2 | - DL3008
3 | - DL3013
4 | - DL3015
5 |
--------------------------------------------------------------------------------
/pnx-packager/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM debian:stable-slim
2 |
3 | RUN apt-get update && \
4 | apt-get install -y \
5 | git \
6 | curl \
7 | make \
8 | virtualenv \
9 | python-pip && \
10 | rm -rf /var/cache/apt/*
11 |
12 | # Docker client.
13 | RUN curl -sSL -o /tmp/docker-17.09.0-ce.tgz https://download.docker.com/linux/static/stable/x86_64/docker-17.09.0-ce.tgz && \
14 | tar -xz -C /tmp -f /tmp/docker-17.09.0-ce.tgz && \
15 | mv /tmp/docker/* /usr/local/bin && \
16 | rm -rf /tmp/docker
17 |
18 | # Skipper binaries.
19 | RUN curl -sSL -o /tmp/skpr-linux-amd64-latest.tar.gz http://bins.skpr.io/v1/linux-amd64-latest.tar.gz && \
20 | tar -zxf /tmp/skpr-linux-amd64-latest.tar.gz -C /usr/local/bin/ && \
21 | rm -rf /tmp/*
22 |
23 | # Notify - https://github.com/previousnext/notify
24 | RUN curl -sSL https://github.com/previousnext/notify/releases/download/2.1.0/notify_linux_amd64 -o /usr/local/bin/notify && \
25 | chmod +rx /usr/local/bin/notify
26 |
27 | # Install aws utilities.
28 | RUN virtualenv --python=python3 /usr/local/share/virtualenv
29 | RUN echo ". /usr/local/share/virtualenv/bin/activate" >> /root/.bashrc
30 | RUN pip install awscli
31 |
--------------------------------------------------------------------------------
/pnx-packager/Makefile:
--------------------------------------------------------------------------------
1 | #!/usr/bin/make -f
2 |
3 | IMAGE=previousnext/pnx-packager
4 | VERSION=latest
5 |
6 | # Build and tests
7 | build:
8 | docker build -t $(IMAGE):$(VERSION) .
9 |
10 | lint:
11 | hadolint Dockerfile
12 |
13 | # Build and release
14 | release: build
15 | docker push $(IMAGE):$(VERSION)
16 |
17 | .PHONY: build lint release
18 |
--------------------------------------------------------------------------------
/sftp/.hadolint.yaml:
--------------------------------------------------------------------------------
1 | ignored:
2 | - DL3018
3 |
--------------------------------------------------------------------------------
/sftp/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM alpine:3.4
2 | LABEL maintainer="admin@previousnext.com.au"
3 |
4 | ENV FTP_USER=dev
5 |
6 | # Install.
7 | RUN echo "@community http://dl-cdn.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories && \
8 | apk add --no-cache bash shadow@community openssh openssh-sftp-server && \
9 | mkdir -p /var/run/sshd
10 |
11 | # Regenerate keys.
12 | RUN rm -f /etc/ssh/ssh_host_*key* && \
13 | ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N '' && \
14 | ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key -N ''
15 |
16 | # Add a developer user.
17 | RUN useradd $FTP_USER && \
18 | usermod -p "*" $FTP_USER && \
19 | mkdir -p /home/${FTP_USER}/.ssh && \
20 | chown -R ${FTP_USER}:${FTP_USER} /home/${FTP_USER}
21 |
22 | # Configuration.
23 | COPY sshd_config /etc/ssh/sshd_config
24 |
25 | # Data.
26 | RUN mkdir -p /data/$FTP_USER && \
27 | chown root:root /data && \
28 | chmod 755 /data && \
29 | chown ${FTP_USER}:${FTP_USER} /data/${FTP_USER} && \
30 | chmod 755 /data/${FTP_USER}
31 |
32 | # Custom on build configuration.
33 | ONBUILD COPY authorized_keys /home/${FTP_USER}/.ssh/authorized_keys
34 | ONBUILD RUN chown -R ${FTP_USER}:${FTP_USER} /home/${FTP_USER} && \
35 | chmod 400 /home/${FTP_USER}/.ssh/authorized_keys
36 |
37 | EXPOSE 22
38 |
39 | CMD ["/usr/sbin/sshd", "-D", "-e"]
40 |
--------------------------------------------------------------------------------
/sftp/Makefile:
--------------------------------------------------------------------------------
1 | #!/usr/bin/make -f
2 |
3 | IMAGE=previousnext/sftp
4 | VERSION=latest
5 |
6 | # Build and tests
7 | build:
8 | docker build -t $(IMAGE):$(VERSION) .
9 |
10 | lint:
11 | hadolint Dockerfile
12 |
13 | # Build and release
14 | release: build
15 | docker push $(IMAGE):$(VERSION)
16 |
17 | .PHONY: build lint release
18 |
--------------------------------------------------------------------------------
/sftp/sshd_config:
--------------------------------------------------------------------------------
1 | Protocol 2
2 | HostKey /etc/ssh/ssh_host_ed25519_key
3 | HostKey /etc/ssh/ssh_host_rsa_key
4 | PubkeyAuthentication yes
5 | ChallengeResponseAuthentication no
6 | PasswordAuthentication no
7 | UseDNS no
8 | PermitRootLogin no
9 | X11Forwarding no
10 | AllowTcpForwarding no
11 | Subsystem sftp internal-sftp
12 | ForceCommand internal-sftp
13 | ChrootDirectory /data
14 |
--------------------------------------------------------------------------------
/solr/.hadolint.yaml:
--------------------------------------------------------------------------------
1 | ignored:
2 | - DL3008
3 | - DL3018
4 |
--------------------------------------------------------------------------------
/solr/4.x/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM alpine:3.4
2 | LABEL maintainer="admin@previousnext.com.au"
3 |
4 | ENV SOLR_VERSION 4.9.1
5 | ENV SOLR_HEAP 256m
6 |
7 | RUN apk add --no-cache openjdk7-jre tar wget
8 |
9 | WORKDIR /tmp
10 | RUN wget -nv http://archive.apache.org/dist/lucene/solr/$SOLR_VERSION/solr-$SOLR_VERSION.tgz && \
11 | tar -C /tmp --extract --file /tmp/solr-$SOLR_VERSION.tgz && \
12 | rm /tmp/solr-$SOLR_VERSION.tgz && \
13 | mkdir -p /opt && \
14 | mv /tmp/solr-$SOLR_VERSION /opt/solr && \
15 | mv /opt/solr/example /opt/solr/core
16 |
17 | # Drupal specific configuration provided by
18 | # http://cgit.drupalcode.org/search_api_solr/tree/solr-conf/4.x
19 | COPY conf/solr /opt/search_api
20 | RUN mv /opt/search_api/* /opt/solr/core/solr/collection1/conf/ && \
21 | rm -fR /opt/search_api
22 |
23 | COPY entrypoint.sh /entrypoint.sh
24 | RUN chmod 755 /entrypoint.sh
25 |
26 | # Where we store our persistent data.
27 | RUN mkdir /opt/solr/data
28 |
29 | WORKDIR /
30 | EXPOSE 8983
31 |
32 | CMD ["/entrypoint.sh"]
33 |
--------------------------------------------------------------------------------
/solr/4.x/conf/solr/elevate.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
17 |
18 |
19 |
20 |
25 |
26 |
27 |
28 |
--------------------------------------------------------------------------------
/solr/4.x/conf/solr/mapping-ISOLatin1Accent.txt:
--------------------------------------------------------------------------------
1 | # This file contains character mappings for the default fulltext field type.
2 | # The source characters (on the left) will be replaced by the respective target
3 | # characters before any other processing takes place.
4 | # Lines starting with a pound character # are ignored.
5 | #
6 | # For sensible defaults, use the mapping-ISOLatin1Accent.txt file distributed
7 | # with the example application of your Solr version.
8 | #
9 | # Examples:
10 | # "À" => "A"
11 | # "\u00c4" => "A"
12 | # "\u00c4" => "\u0041"
13 | # "æ" => "ae"
14 | # "\n" => " "
15 |
--------------------------------------------------------------------------------
/solr/4.x/conf/solr/protwords.txt:
--------------------------------------------------------------------------------
1 | #-----------------------------------------------------------------------
2 | # This file blocks words from being operated on by the stemmer and word delimiter.
3 | &
4 | <
5 | >
6 | '
7 | "
8 |
--------------------------------------------------------------------------------
/solr/4.x/conf/solr/schema.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
12 |
13 |
14 |
23 |
24 |
31 |
32 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
56 |
57 |
58 |
59 |
60 |
61 |
62 |
63 |
73 |
74 |
75 |
76 |
77 |
78 |
88 |
89 |
90 |
91 |
92 |
93 |
99 |
100 |
101 |
102 |
122 |
123 |
124 |
125 |
126 |
127 |
138 |
139 |
145 |
146 |
147 |
148 |
149 |
150 |
151 |
152 |
153 |
154 |
161 |
162 |
163 |
164 |
165 |
168 |
172 |
177 |
186 |
187 |
188 |
189 |
190 |
191 |
192 |
193 |
194 |
195 |
200 |
209 |
210 |
211 |
212 |
213 |
214 |
215 |
216 |
217 |
218 |
219 |
220 |
221 |
229 |
230 |
231 |
232 |
233 |
234 |
235 |
240 |
248 |
249 |
250 |
251 |
252 |
253 |
254 |
255 |
256 |
257 |
258 |
262 |
271 |
272 |
273 |
274 |
275 |
276 |
277 |
278 |
279 |
280 |
284 |
285 |
286 |
287 |
288 |
289 |
290 |
291 |
295 |
296 |
297 |
298 |
299 |
300 |
304 |
305 |
306 |
307 |
308 |
309 |
310 |
311 |
312 |
313 |
314 |
315 |
316 |
317 |
318 |
319 |
320 |
321 |
322 |
323 |
324 |
325 |
326 |
327 |
331 |
332 |
333 |
336 |
337 |
340 |
341 |
342 |
343 |
358 |
359 |
360 |
361 |
362 |
363 |
364 |
367 |
368 |
369 |
370 |
371 |
372 |
373 |
374 |
375 |
378 |
379 |
380 |
381 |
382 |
383 |
384 |
385 |
386 |
387 |
388 |
389 |
403 |
404 |
411 |
412 |
413 |
416 |
417 |
418 |
419 |
420 |
421 |
422 |
423 |
424 |
425 |
426 |
427 |
428 |
429 |
430 |
431 |
432 |
433 |
434 |
435 |
436 |
437 |
438 |
439 |
440 |
441 |
442 |
443 |
444 |
445 |
446 |
447 |
448 |
451 |
452 |
453 |
454 |
455 |
456 |
458 |
459 |
460 |
461 |
462 |
463 |
466 |
467 |
468 |
469 |
470 |
471 |
472 |
479 |
480 |
482 |
483 |
484 |
486 |
487 |
488 |
489 |
490 |
491 |
492 |
493 |
494 |
495 |
496 |
497 |
498 |
499 |
500 |
501 |
502 |
503 |
504 |
505 |
506 |
507 |
508 |
509 |
510 |
511 |
512 |
513 |
514 |
515 |
516 |
517 |
518 |
519 |
520 |
521 |
522 |
523 |
524 |
525 |
526 |
527 |
528 |
530 |
531 |
532 |
533 |
534 |
535 |
537 |
538 |
539 |
540 |
541 |
542 |
543 |
544 |
545 |
546 |
547 |
548 |
549 |
550 |
551 |
552 |
553 |
554 |
555 |
556 |
558 |
559 |
560 |
561 |
562 |
563 |
564 |
565 |
566 |
567 |
568 |
569 |
570 |
571 |
572 |
573 |
574 |
575 |
576 |
577 |
581 |
582 |
583 |
584 |
585 |
586 |
587 |
588 |
589 |
590 |
593 | id
594 |
595 |
596 | content
597 |
598 |
599 |
600 |
601 |
602 |
--------------------------------------------------------------------------------
/solr/4.x/conf/solr/schema_extra_fields.xml:
--------------------------------------------------------------------------------
1 |
2 |
8 |
23 |
24 |
--------------------------------------------------------------------------------
/solr/4.x/conf/solr/schema_extra_types.xml:
--------------------------------------------------------------------------------
1 |
2 |
7 |
30 |
31 |
--------------------------------------------------------------------------------
/solr/4.x/conf/solr/solrconfig_extra.xml:
--------------------------------------------------------------------------------
1 |
8 |
9 |
10 | textSpell
11 |
12 |
15 |
16 |
19 |
20 | default
21 | spell
22 | spellchecker
23 | true
24 |
27 |
28 |
29 |
33 |
41 |
42 |
43 |
53 |
54 |
61 |
69 |
70 |
71 |
80 |
81 |
--------------------------------------------------------------------------------
/solr/4.x/conf/solr/solrcore.properties:
--------------------------------------------------------------------------------
1 | # Defines Solr properties for this specific core.
2 | solr.replication.master=false
3 | solr.replication.slave=false
4 | solr.replication.pollInterval=00:00:60
5 | solr.replication.masterUrl=http://localhost:8983/solr
6 | solr.replication.confFiles=schema.xml,mapping-ISOLatin1Accent.txt,protwords.txt,stopwords.txt,synonyms.txt,elevate.xml
7 | solr.mlt.timeAllowed=2000
8 | # You should not set your luceneMatchVersion to anything lower than your Solr
9 | # Version.
10 | solr.luceneMatchVersion=LUCENE_45
11 | solr.pinkPony.timeAllowed=-1
12 | # autoCommit after 10000 docs
13 | solr.autoCommit.MaxDocs=10000
14 | # autoCommit after 2 minutes
15 | solr.autoCommit.MaxTime=120000
16 | # autoSoftCommit after 2000 docs
17 | solr.autoSoftCommit.MaxDocs=2000
18 | # autoSoftCommit after 10 seconds
19 | solr.autoSoftCommit.MaxTime=10000
20 | solr.install.dir=../../..
21 |
22 | # PNX settings:
23 | solr.data.dir=/opt/solr/data
24 |
--------------------------------------------------------------------------------
/solr/4.x/conf/solr/stopwords.txt:
--------------------------------------------------------------------------------
1 | # Contains words which shouldn't be indexed for fulltext fields, e.g., because
2 | # they're too common. For documentation of the format, see
3 | # http://wiki.apache.org/solr/AnalyzersTokenizersTokenFilters#solr.StopFilterFactory
4 | # (Lines starting with a pound character # are ignored.)
5 |
--------------------------------------------------------------------------------
/solr/4.x/conf/solr/synonyms.txt:
--------------------------------------------------------------------------------
1 | # Contains synonyms to use for your index. For the format used, see
2 | # http://wiki.apache.org/solr/AnalyzersTokenizersTokenFilters#solr.SynonymFilterFactory
3 | # (Lines starting with a pound character # are ignored.)
4 |
--------------------------------------------------------------------------------
/solr/4.x/entrypoint.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | # Name: entrypoint.sh
4 | # Comment: First command to run on container boot.
5 | # Author: Nick Schuch
6 |
7 | cd /opt/solr/core
8 |
9 | java -Xms${SOLR_HEAP} -Xmx${SOLR_HEAP} -jar start.jar
10 |
--------------------------------------------------------------------------------
/solr/5.x/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM solr:5.5
2 | LABEL maintainer="admin@previousnext.com.au"
3 |
4 | ENV SOLR_HEAP="256m"
5 | ENV SOLR_CORE="drupal"
6 |
7 | COPY conf /opt/search_api
8 |
9 | COPY scripts/heap.sh /docker-entrypoint-initdb.d/set-heap.sh
10 | COPY scripts/core.sh /docker-entrypoint-initdb.d/set-core.sh
11 |
12 | # Where we store our persistent data so we can swap it for mounted storage.
13 | RUN mkdir /opt/solr/data
14 |
--------------------------------------------------------------------------------
/solr/5.x/conf/elevate.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
17 |
18 |
19 |
20 |
25 |
26 |
27 |
28 |
--------------------------------------------------------------------------------
/solr/5.x/conf/mapping-ISOLatin1Accent.txt:
--------------------------------------------------------------------------------
1 | # This file contains character mappings for the default fulltext field type.
2 | # The source characters (on the left) will be replaced by the respective target
3 | # characters before any other processing takes place.
4 | # Lines starting with a pound character # are ignored.
5 | #
6 | # For sensible defaults, use the mapping-ISOLatin1Accent.txt file distributed
7 | # with the example application of your Solr version.
8 | #
9 | # Examples:
10 | # "À" => "A"
11 | # "\u00c4" => "A"
12 | # "\u00c4" => "\u0041"
13 | # "æ" => "ae"
14 | # "\n" => " "
15 |
--------------------------------------------------------------------------------
/solr/5.x/conf/protwords.txt:
--------------------------------------------------------------------------------
1 | #-----------------------------------------------------------------------
2 | # This file blocks words from being operated on by the stemmer and word delimiter.
3 | &
4 | <
5 | >
6 | '
7 | "
8 |
--------------------------------------------------------------------------------
/solr/5.x/conf/schema_extra_fields.xml:
--------------------------------------------------------------------------------
1 |
2 |
8 |
23 |
24 |
--------------------------------------------------------------------------------
/solr/5.x/conf/schema_extra_types.xml:
--------------------------------------------------------------------------------
1 |
2 |
11 |
34 |
35 |
--------------------------------------------------------------------------------
/solr/5.x/conf/solrconfig_extra.xml:
--------------------------------------------------------------------------------
1 |
8 |
9 |
10 | textSpell
11 |
12 |
15 |
16 |
19 |
20 | default
21 | spell
22 | spellchecker
23 | true
24 |
27 |
28 |
29 |
33 |
41 |
42 |
43 |
53 |
54 |
61 |
69 |
70 |
71 |
80 |
81 |
--------------------------------------------------------------------------------
/solr/5.x/conf/solrcore.properties:
--------------------------------------------------------------------------------
1 | # Defines Solr properties for this specific core.
2 | solr.replication.master=false
3 | solr.replication.slave=false
4 | solr.replication.pollInterval=00:00:60
5 | solr.replication.masterUrl=http://localhost:8983/solr
6 | solr.replication.confFiles=schema.xml,mapping-ISOLatin1Accent.txt,protwords.txt,stopwords.txt,synonyms.txt,elevate.xml
7 | solr.mlt.timeAllowed=2000
8 | # You should not set your luceneMatchVersion to anything lower than your Solr
9 | # Version.
10 | solr.luceneMatchVersion=5.0
11 | solr.pinkPony.timeAllowed=-1
12 | # autoCommit after 10000 docs
13 | solr.autoCommit.MaxDocs=10000
14 | # autoCommit after 2 minutes
15 | solr.autoCommit.MaxTime=120000
16 | # autoSoftCommit after 2000 docs
17 | solr.autoSoftCommit.MaxDocs=2000
18 | # autoSoftCommit after 10 seconds
19 | solr.autoSoftCommit.MaxTime=10000
20 | solr.install.dir=../../..
21 |
--------------------------------------------------------------------------------
/solr/5.x/conf/stopwords.txt:
--------------------------------------------------------------------------------
1 | # Contains words which shouldn't be indexed for fulltext fields, e.g., because
2 | # they're too common. For documentation of the format, see
3 | # http://wiki.apache.org/solr/AnalyzersTokenizersTokenFilters#solr.StopFilterFactory
4 | # (Lines starting with a pound character # are ignored.)
5 |
--------------------------------------------------------------------------------
/solr/5.x/conf/synonyms.txt:
--------------------------------------------------------------------------------
1 | # Contains synonyms to use for your index. For the format used, see
2 | # http://wiki.apache.org/solr/AnalyzersTokenizersTokenFilters#solr.SynonymFilterFactory
3 | # (Lines starting with a pound character # are ignored.)
4 |
--------------------------------------------------------------------------------
/solr/5.x/scripts/core.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Name: core.sh
4 | # Description: Sets up the Solr core. Default SOLR_CORE set in Dockerfile.
5 |
6 | FILE=/opt/solr/provisioned
7 |
8 | if [ -f "${FILE}" ]; then
9 | echo "The core was already provisioned"
10 | return
11 | fi
12 |
13 | start-local-solr && \
14 | /opt/solr/bin/solr create -c $SOLR_CORE -d /opt/search_api && \
15 | stop-local-solr
16 |
17 | echo $(date) > $FILE
18 |
--------------------------------------------------------------------------------
/solr/5.x/scripts/heap.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Name: heap.sh
4 | # Description: Sets the Solr heap size (memory). Default SOLR_HEAP set in Dockerfile.
5 |
6 | sed -i -e "s/SOLR_HEAP=\".*\"/SOLR_HEAP=\"${SOLR_HEAP}\"/g" /opt/solr/bin/solr.in.sh
7 |
--------------------------------------------------------------------------------
/solr/7.x/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM solr:7
2 | LABEL maintainer="admin@previousnext.com.au"
3 |
4 | ENV SOLR_HEAP="256m"
5 | ENV SOLR_CORE="drupal"
6 |
7 | COPY --chown=solr:solr conf /opt/search_api
8 | COPY --chown=solr:solr scripts/core.sh /docker-entrypoint-initdb.d/set-core.sh
9 |
10 | VOLUME /opt/solr/server/solr/mycores
11 |
--------------------------------------------------------------------------------
/solr/7.x/conf/data/elevate.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
17 |
18 |
19 |
20 |
25 |
26 |
27 |
28 |
--------------------------------------------------------------------------------
/solr/7.x/conf/mapping-ISOLatin1Accent.txt:
--------------------------------------------------------------------------------
1 | # This file contains character mappings for the default fulltext field type.
2 | # The source characters (on the left) will be replaced by the respective target
3 | # characters before any other processing takes place.
4 | # Lines starting with a pound character # are ignored.
5 | #
6 | # For sensible defaults, use the mapping-ISOLatin1Accent.txt file distributed
7 | # with the example application of your Solr version.
8 | #
9 | # Examples:
10 | # "À" => "A"
11 | # "\u00c4" => "A"
12 | # "\u00c4" => "\u0041"
13 | # "æ" => "ae"
14 | # "\n" => " "
15 |
--------------------------------------------------------------------------------
/solr/7.x/conf/protwords.txt:
--------------------------------------------------------------------------------
1 | #-----------------------------------------------------------------------
2 | # This file blocks words from being operated on by the stemmer and word delimiter.
3 | &
4 | <
5 | >
6 | '
7 | "
8 |
--------------------------------------------------------------------------------
/solr/7.x/conf/schema_extra_fields.xml:
--------------------------------------------------------------------------------
1 |
10 | Don't use the config XML templates directly. Use the config generator to get
11 | your individual config files. Use the "Get config.zip" button in the UI or
12 | drush solr-gsc my_solr_server
13 | See INSTALL.md for details.
14 |
--------------------------------------------------------------------------------
/solr/7.x/conf/schema_extra_types.xml:
--------------------------------------------------------------------------------
1 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
30 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
48 |
56 |
57 |
58 |
59 |
60 |
--------------------------------------------------------------------------------
/solr/7.x/conf/solrconfig_extra.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 | und
4 | AnalyzingInfixLookupFactory
5 | DocumentDictionaryFactory
6 | twm_suggest
7 | text
8 | sm_context_tags
9 | true
10 | false
11 |
12 |
13 |
--------------------------------------------------------------------------------
/solr/7.x/conf/solrconfig_index.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/previousnext/containers/05264fa39bf479293eeb82f95eba9cad8b171e76/solr/7.x/conf/solrconfig_index.xml
--------------------------------------------------------------------------------
/solr/7.x/conf/solrconfig_spellcheck.xml:
--------------------------------------------------------------------------------
1 |
9 |
10 |
11 | textSpell
12 |
13 |
14 |
17 |
18 |
19 |
20 | default
21 | spell
22 | solr.DirectSolrSpellChecker
23 |
24 | internal
25 |
26 | 0.5
27 |
28 | 2
29 |
30 | 1
31 |
32 | 5
33 |
34 | 4
35 |
36 | 0.01
37 |
40 |
41 |
42 |
43 |
44 | wordbreak
45 | solr.WordBreakSolrSpellChecker
46 | name
47 | true
48 | true
49 | 10
50 |
51 |
52 |
53 |
63 |
64 |
71 |
78 |
79 |
80 |
89 |
90 |
--------------------------------------------------------------------------------
/solr/7.x/conf/solrcore.properties:
--------------------------------------------------------------------------------
1 | # Defines Solr properties for this specific core.
2 | solr.replication.master=false
3 | solr.replication.slave=false
4 | solr.replication.pollInterval=00:00:60
5 | solr.replication.masterUrl=http://localhost:8983/solr
6 | solr.replication.confFiles=schema.xml,mapping-ISOLatin1Accent.txt,protwords.txt,stopwords.txt,synonyms.txt,elevate.xml
7 | solr.mlt.timeAllowed=2000
8 | # You should not set your luceneMatchVersion to anything lower than your Solr
9 | # Version.
10 | solr.luceneMatchVersion=7.0
11 | solr.selectSearchHandler.timeAllowed=-1
12 | # don't autoCommit after x docs
13 | solr.autoCommit.MaxDocs=-1
14 | # autoCommit after 15 seconds
15 | solr.autoCommit.MaxTime=15000
16 | # don't autoSoftCommit after x docs
17 | solr.autoSoftCommit.MaxDocs=-1
18 | # don't autoSoftCommit after x seconds
19 | solr.autoSoftCommit.MaxTime=-1
20 | solr.install.dir=../../..
21 |
--------------------------------------------------------------------------------
/solr/7.x/conf/stopwords.txt:
--------------------------------------------------------------------------------
1 | # Contains words which shouldn't be indexed for fulltext fields, e.g., because
2 | # they're too common. For documentation of the format, see
3 | # http://wiki.apache.org/solr/AnalyzersTokenizersTokenFilters#solr.StopFilterFactory
4 | # (Lines starting with a pound character # are ignored.)
5 |
--------------------------------------------------------------------------------
/solr/7.x/conf/synonyms.txt:
--------------------------------------------------------------------------------
1 | # Contains synonyms to use for your index. For the format used, see
2 | # http://wiki.apache.org/solr/AnalyzersTokenizersTokenFilters#solr.SynonymFilterFactory
3 | # (Lines starting with a pound character # are ignored.)
4 |
--------------------------------------------------------------------------------
/solr/7.x/scripts/core.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Name: core.sh
4 | # Description: Sets up the Solr core. Default SOLR_CORE set in Dockerfile.
5 |
6 | FILE=/opt/solr/provisioned
7 |
8 | if [ -f "${FILE}" ]; then
9 | echo "The core was already provisioned"
10 | return
11 | fi
12 |
13 | precreate-core $SOLR_CORE /opt/search_api
14 |
15 | echo $(date) > $FILE
16 |
--------------------------------------------------------------------------------
/solr/Makefile:
--------------------------------------------------------------------------------
1 | #!/usr/bin/make -f
2 |
3 | IMAGE=previousnext/solr
4 |
5 | define build_test
6 | docker build -f $(1)/Dockerfile -t $(IMAGE):$(1) $(1)
7 | # @todo, Add tests.
8 | endef
9 |
10 | define lint
11 | hadolint $(1)/Dockerfile
12 | endef
13 |
14 | define push
15 | docker push $(IMAGE):$(1)
16 | endef
17 |
18 | # Build and tests
19 | build: 4.x 5.x 7.x init
20 |
21 | # Build Solr 4.x
22 | 4.x:
23 | $(call build_test,4.x)
24 |
25 | # Build Solr 5.x
26 | 5.x:
27 | $(call build_test,5.x)
28 |
29 | # Build Solr 7.x
30 | 7.x:
31 | $(call build_test,7.x)
32 |
33 | # Build Solr init
34 | init:
35 | $(call build_test,init)
36 |
37 | lint:
38 | $(call lint,4.x)
39 | $(call lint,5.x)
40 | $(call lint,7.x)
41 | $(call lint,init)
42 |
43 | # Build and release
44 | release: build
45 | $(call push,4.x)
46 | $(call push,5.x)
47 | $(call push,7.x)
48 | $(call push,init)
49 |
50 | .PHONY: build 4.x 5.x 7.x init release
51 |
--------------------------------------------------------------------------------
/solr/init/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM debian:9.5-slim
2 | LABEL maintainer="admin@previousnext.com.au"
3 |
4 | ENV SOLR_USER="solr"
5 | ENV SOLR_UID="8983"
6 | ENV SOLR_GROUP="solr"
7 | ENV SOLR_GID="8983"
8 |
9 | # https://github.com/docker-solr/docker-solr/blob/4ed56419308ecee62149a65db8b4b9ef7fab05c1/5.5/Dockerfile
10 | RUN groupadd -r --gid $SOLR_GID $SOLR_GROUP && \
11 | useradd -r --uid $SOLR_UID --gid $SOLR_GID $SOLR_USER
12 |
--------------------------------------------------------------------------------
/tl/.hadolint.yaml:
--------------------------------------------------------------------------------
1 | ignored:
2 | - DL3007
3 |
--------------------------------------------------------------------------------
/tl/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM alpine/git:latest AS clone
2 |
3 | RUN mkdir /data
4 | WORKDIR /data
5 | RUN git clone https://github.com/larowlan/tl.git
6 |
7 | FROM php:latest
8 | COPY --from=clone /data/tl/tl.phar /tl
9 | ENTRYPOINT ["/tl"]
10 |
--------------------------------------------------------------------------------
/tl/Makefile:
--------------------------------------------------------------------------------
1 | #!/usr/bin/make -f
2 |
3 | IMAGE=previousnext/tl
4 | VERSION=latest
5 |
6 | # Build and tests
7 | build:
8 | docker build -t $(IMAGE):$(VERSION) .
9 |
10 | lint:
11 | hadolint Dockerfile
12 |
13 | # Build and release
14 | release: build
15 | docker push $(IMAGE):$(VERSION)
16 |
17 | .PHONY: build lint release
18 |
--------------------------------------------------------------------------------