From 40e058a32a6e73e0afab55889302956ebf12d459 Mon Sep 17 00:00:00 2001 From: throwaway Date: Wed, 23 Aug 2023 18:31:08 -0500 Subject: Add Dockerfile and docker entrypoint (#5) Add Dockerfile and docker entrypoint Co-authored-by: lolcat Reviewed-on: https://git.lolcat.ca/lolcat/4get/pulls/5 Co-authored-by: throwaway Co-committed-by: throwaway --- Dockerfile | 16 ++++++++ README.md | 17 ++++++++ apache/httpd.conf | 98 +++++++++++++++++++++++++++++++++++++++++++++ docker/docker-entrypoint.sh | 4 ++ 4 files changed, 135 insertions(+) create mode 100644 Dockerfile create mode 100644 apache/httpd.conf create mode 100755 docker/docker-entrypoint.sh diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..bff4532 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,16 @@ +FROM alpine:latest +WORKDIR /var/www/html/4get + +RUN apk update && apk upgrade +RUN apk add apache2-ssl php82-fileinfo php82-openssl php82-iconv php82-common php82-dom php82-curl curl php82-pecl-apcu php82-apache2 imagemagick php82-pecl-imagick + +COPY ./apache/httpd.conf /etc/apache2/httpd.conf +COPY . . + +RUN chmod 777 /var/www/html/4get/icons + +VOLUME ["/etc/4get/certs"] +EXPOSE 80 +EXPOSE 443 + +CMD ["./docker/docker-entrypoint.sh"] diff --git a/README.md b/README.md index 6a88308..9f1282f 100644 --- a/README.md +++ b/README.md @@ -102,3 +102,20 @@ service apache2 restart You'll probably want to setup a tor address at this point, but I'm too lazy to put instructions here. Ok bye!!! + + + +## Docker Install + +``` +git clone https://git.lolcat.ca/lolcat/4get +cd 4get +docker build -t 4get . +docker run -d -p 80:80 -p 443:443 -e FOURGET_SERVER_NAME="4get.ca" -e FOURGET_SERVER_ADMIN_EMAIL="you@example.com" -v /etc/letsencrypt/live/domain.tld:/etc/4get/certs 4get +``` + +replace enviroment variables FOURGET_SERVER_NAME and FOURGET_SERVER_ADMIN_EMAIL with relevant values + +the certs directory expects files named `cert.pem`, `chain.pem`, `privkey.pem` + + diff --git a/apache/httpd.conf b/apache/httpd.conf new file mode 100644 index 0000000..8a4caa7 --- /dev/null +++ b/apache/httpd.conf @@ -0,0 +1,98 @@ +ServerTokens OS +ServerRoot /var/www +ServerSignature On +ServerName 4get.ca +ServerAdmin you@example.com + +DocumentRoot "/var/www/html/4get" + +LogLevel warn +CustomLog /dev/null common +ErrorLog /dev/null + + + SSLEngine on + SSLCertificateFile /etc/4get/certs/cert.pem + SSLCertificateKeyFile /etc/4get/certs/privkey.pem + SSLCertificateChainFile /etc/4get/certs/chain.pem + + + + RewriteEngine On + RewriteCond %{THE_REQUEST} ^\w+\ /(.*)\.php(\?.*)?\ HTTP/ + RewriteRule ^ http://%{HTTP_HOST}/%1 [R=301] + RewriteCond %{REQUEST_FILENAME}.php -f + RewriteRule .* $0.php + Options Indexes FollowSymLinks + AllowOverride None + Require all granted + + + + +LoadModule rewrite_module modules/mod_rewrite.so +LoadModule mpm_prefork_module modules/mod_mpm_prefork.so +LoadModule authn_file_module modules/mod_authn_file.so +LoadModule authn_core_module modules/mod_authn_core.so +LoadModule authz_host_module modules/mod_authz_host.so +LoadModule authz_groupfile_module modules/mod_authz_groupfile.so +LoadModule authz_user_module modules/mod_authz_user.so +LoadModule authz_core_module modules/mod_authz_core.so +LoadModule access_compat_module modules/mod_access_compat.so +LoadModule auth_basic_module modules/mod_auth_basic.so +LoadModule reqtimeout_module modules/mod_reqtimeout.so +LoadModule filter_module modules/mod_filter.so +LoadModule mime_module modules/mod_mime.so +LoadModule log_config_module modules/mod_log_config.so +LoadModule env_module modules/mod_env.so +LoadModule headers_module modules/mod_headers.so +LoadModule setenvif_module modules/mod_setenvif.so +LoadModule version_module modules/mod_version.so +LoadModule unixd_module modules/mod_unixd.so +LoadModule status_module modules/mod_status.so +LoadModule autoindex_module modules/mod_autoindex.so +LoadModule dir_module modules/mod_dir.so +LoadModule alias_module modules/mod_alias.so +LoadModule negotiation_module modules/mod_negotiation.so + + +User apache +Group apache + + + + + + AllowOverride none + Require all denied + + + + + + + DirectoryIndex index.html + + + + Require all denied + + + + + + RequestHeader unset Proxy early + + + + TypesConfig /etc/apache2/mime.types + AddType application/x-compress .Z + AddType application/x-gzip .gz .tgz + + + + MIMEMagicFile /etc/apache2/magic + + +IncludeOptional /etc/apache2/conf.d/*.conf + diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh new file mode 100755 index 0000000..469f810 --- /dev/null +++ b/docker/docker-entrypoint.sh @@ -0,0 +1,4 @@ +#!/bin/sh +sed -i "s/ServerName.*/ServerName ${FOURGET_SERVER_NAME}/g" /etc/apache2/httpd.conf +sed -i "s/ServerAdmin.*/ServerAdmin ${FOURGET_SERVER_ADMIN_EMAIL}/g" /etc/apache2/httpd.conf +httpd -DFOREGROUND -- cgit v1.2.3