From faac68eac67c6717481c06a28509856ae3cc3a53 Mon Sep 17 00:00:00 2001 From: Dan Date: Tue, 24 Oct 2023 17:40:31 +0300 Subject: [PATCH 01/11] Adding the files to build the base Apache2 container --- .github/workflows/build-apache2.yaml | 60 +++++++ apache2/Dockerfile | 25 +++ apache2/conf/httpd.conf | 239 +++++++++++++++++++++++++++ 3 files changed, 324 insertions(+) create mode 100644 .github/workflows/build-apache2.yaml create mode 100644 apache2/Dockerfile create mode 100644 apache2/conf/httpd.conf diff --git a/.github/workflows/build-apache2.yaml b/.github/workflows/build-apache2.yaml new file mode 100644 index 0000000..bab8a61 --- /dev/null +++ b/.github/workflows/build-apache2.yaml @@ -0,0 +1,60 @@ +name: Build the Apache2 container + +on: + push: + branches: + - main + paths: + - apache2/** + schedule: + - cron: '0 7 * * *' + +jobs: + build-push-apache2: + runs-on: ubuntu-latest + permissions: + packages: write + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Cache Docker layers + uses: actions/cache@v3 + with: + path: /tmp/.buildx-cache + key: ${{ runner.os }}-buildx-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-buildx- + + - name: Login to GitHub Container Registry + uses: docker/login-action@v2 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push + uses: docker/build-push-action@v4 + with: + context: ./apache2 + platforms: linux/amd64,linux/arm64 + push: true + tags: | + ghcr.io/openconext/openconext-basecontainers/apache2:latest + ghcr.io/openconext/openconext-basecontainers/apache2:${{ github.sha }} + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max + + - # Temp fix + # https://github.com/docker/build-push-action/issues/252 + # https://github.com/moby/buildkit/issues/1896 + name: Move cache + run: | + rm -rf /tmp/.buildx-cache + mv /tmp/.buildx-cache-new /tmp/.buildx-cache diff --git a/apache2/Dockerfile b/apache2/Dockerfile new file mode 100644 index 0000000..8da2d12 --- /dev/null +++ b/apache2/Dockerfile @@ -0,0 +1,25 @@ +FROM httpd:2.4 + +# Do an initial clean up and general upgrade of the distribution +ENV DEBIAN_FRONTEND noninteractive +RUN apt clean && apt autoclean && apt update +RUN apt -y upgrade && apt -y dist-upgrade + +# Install the packages we need +RUN apt install -y curl \ + procps + +# Clean up +RUN apt autoremove -y && apt clean && apt autoclean && rm -rf /var/lib/apt/lists/* + +# Copy the default apache config +COPY ./conf/httpd.conf /usr/local/apache2/conf/httpd.conf + +# Set the default workdir +WORKDIR /usr/local/apache2 + +# Default port to listen on +EXPOSE 80 + +# Start Apache +CMD ["httpd-foreground"] diff --git a/apache2/conf/httpd.conf b/apache2/conf/httpd.conf new file mode 100644 index 0000000..66722e8 --- /dev/null +++ b/apache2/conf/httpd.conf @@ -0,0 +1,239 @@ +ServerRoot "/usr/local/apache2" +LoadModule mpm_event_module modules/mod_mpm_event.so +#LoadModule mpm_prefork_module modules/mod_mpm_prefork.so +#LoadModule mpm_worker_module modules/mod_mpm_worker.so +LoadModule authn_file_module modules/mod_authn_file.so +#LoadModule authn_dbm_module modules/mod_authn_dbm.so +#LoadModule authn_anon_module modules/mod_authn_anon.so +#LoadModule authn_dbd_module modules/mod_authn_dbd.so +#LoadModule authn_socache_module modules/mod_authn_socache.so +LoadModule authn_core_module modules/mod_authn_core.so +LoadModule authz_host_module modules/mod_authz_host.so +LoadModule authz_groupfile_module modules/mod_authz_groupfile.so +LoadModule authz_user_module modules/mod_authz_user.so +#LoadModule authz_dbm_module modules/mod_authz_dbm.so +#LoadModule authz_owner_module modules/mod_authz_owner.so +#LoadModule authz_dbd_module modules/mod_authz_dbd.so +LoadModule authz_core_module modules/mod_authz_core.so +#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so +#LoadModule authnz_fcgi_module modules/mod_authnz_fcgi.so +LoadModule access_compat_module modules/mod_access_compat.so +LoadModule auth_basic_module modules/mod_auth_basic.so +#LoadModule auth_form_module modules/mod_auth_form.so +#LoadModule auth_digest_module modules/mod_auth_digest.so +#LoadModule allowmethods_module modules/mod_allowmethods.so +#LoadModule isapi_module modules/mod_isapi.so +#LoadModule file_cache_module modules/mod_file_cache.so +#LoadModule cache_module modules/mod_cache.so +#LoadModule cache_disk_module modules/mod_cache_disk.so +#LoadModule cache_socache_module modules/mod_cache_socache.so +#LoadModule socache_shmcb_module modules/mod_socache_shmcb.so +#LoadModule socache_dbm_module modules/mod_socache_dbm.so +#LoadModule socache_memcache_module modules/mod_socache_memcache.so +#LoadModule socache_redis_module modules/mod_socache_redis.so +#LoadModule watchdog_module modules/mod_watchdog.so +#LoadModule macro_module modules/mod_macro.so +#LoadModule dbd_module modules/mod_dbd.so +#LoadModule bucketeer_module modules/mod_bucketeer.so +#LoadModule dumpio_module modules/mod_dumpio.so +#LoadModule echo_module modules/mod_echo.so +#LoadModule example_hooks_module modules/mod_example_hooks.so +#LoadModule case_filter_module modules/mod_case_filter.so +#LoadModule case_filter_in_module modules/mod_case_filter_in.so +#LoadModule example_ipc_module modules/mod_example_ipc.so +#LoadModule buffer_module modules/mod_buffer.so +#LoadModule data_module modules/mod_data.so +#LoadModule ratelimit_module modules/mod_ratelimit.so +LoadModule reqtimeout_module modules/mod_reqtimeout.so +#LoadModule ext_filter_module modules/mod_ext_filter.so +#LoadModule request_module modules/mod_request.so +#LoadModule include_module modules/mod_include.so +LoadModule filter_module modules/mod_filter.so +#LoadModule reflector_module modules/mod_reflector.so +#LoadModule substitute_module modules/mod_substitute.so +#LoadModule sed_module modules/mod_sed.so +#LoadModule charset_lite_module modules/mod_charset_lite.so +#LoadModule deflate_module modules/mod_deflate.so +LoadModule xml2enc_module modules/mod_xml2enc.so +LoadModule proxy_html_module modules/mod_proxy_html.so +#LoadModule brotli_module modules/mod_brotli.so +LoadModule mime_module modules/mod_mime.so +#LoadModule ldap_module modules/mod_ldap.so +LoadModule log_config_module modules/mod_log_config.so +#LoadModule log_debug_module modules/mod_log_debug.so +#LoadModule log_forensic_module modules/mod_log_forensic.so +#LoadModule logio_module modules/mod_logio.so +#LoadModule lua_module modules/mod_lua.so +LoadModule env_module modules/mod_env.so +#LoadModule mime_magic_module modules/mod_mime_magic.so +#LoadModule cern_meta_module modules/mod_cern_meta.so +#LoadModule expires_module modules/mod_expires.so +LoadModule headers_module modules/mod_headers.so +#LoadModule ident_module modules/mod_ident.so +#LoadModule usertrack_module modules/mod_usertrack.so +#LoadModule unique_id_module modules/mod_unique_id.so +LoadModule setenvif_module modules/mod_setenvif.so +LoadModule version_module modules/mod_version.so +#LoadModule remoteip_module modules/mod_remoteip.so +LoadModule proxy_module modules/mod_proxy.so +LoadModule proxy_connect_module modules/mod_proxy_connect.so +#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so +LoadModule proxy_http_module modules/mod_proxy_http.so +#LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so +#LoadModule proxy_scgi_module modules/mod_proxy_scgi.so +#LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so +#LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so +#LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so +#LoadModule proxy_ajp_module modules/mod_proxy_ajp.so +#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so +#LoadModule proxy_express_module modules/mod_proxy_express.so +#LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so +#LoadModule session_module modules/mod_session.so +#LoadModule session_cookie_module modules/mod_session_cookie.so +#LoadModule session_crypto_module modules/mod_session_crypto.so +#LoadModule session_dbd_module modules/mod_session_dbd.so +#LoadModule slotmem_shm_module modules/mod_slotmem_shm.so +#LoadModule slotmem_plain_module modules/mod_slotmem_plain.so +#LoadModule ssl_module modules/mod_ssl.so +#LoadModule optional_hook_export_module modules/mod_optional_hook_export.so +#LoadModule optional_hook_import_module modules/mod_optional_hook_import.so +#LoadModule optional_fn_import_module modules/mod_optional_fn_import.so +#LoadModule optional_fn_export_module modules/mod_optional_fn_export.so +#LoadModule dialup_module modules/mod_dialup.so +#LoadModule http2_module modules/mod_http2.so +#LoadModule proxy_http2_module modules/mod_proxy_http2.so +#LoadModule md_module modules/mod_md.so +#LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so +#LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so +#LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so +#LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so +LoadModule unixd_module modules/mod_unixd.so +#LoadModule heartbeat_module modules/mod_heartbeat.so +#LoadModule heartmonitor_module modules/mod_heartmonitor.so +#LoadModule dav_module modules/mod_dav.so +LoadModule status_module modules/mod_status.so +LoadModule autoindex_module modules/mod_autoindex.so +#LoadModule asis_module modules/mod_asis.so +#LoadModule info_module modules/mod_info.so +#LoadModule suexec_module modules/mod_suexec.so + + #LoadModule cgid_module modules/mod_cgid.so + + + #LoadModule cgi_module modules/mod_cgi.so + +#LoadModule dav_fs_module modules/mod_dav_fs.so +#LoadModule dav_lock_module modules/mod_dav_lock.so +#LoadModule vhost_alias_module modules/mod_vhost_alias.so +#LoadModule negotiation_module modules/mod_negotiation.so +LoadModule dir_module modules/mod_dir.so +#LoadModule imagemap_module modules/mod_imagemap.so +#LoadModule actions_module modules/mod_actions.so +#LoadModule speling_module modules/mod_speling.so +#LoadModule userdir_module modules/mod_userdir.so +LoadModule alias_module modules/mod_alias.so +LoadModule rewrite_module modules/mod_rewrite.so + + +# +# If you wish httpd to run as a different user or group, you must run +# httpd as root initially and it will switch. +# +# User/Group: The name (or #number) of the user/group to run httpd as. +# It is usually good practice to create a dedicated user and group for +# running httpd, as with most system services. +# +User www-data +Group www-data + + + +# 'Main' server configuration +# +# The directives in this section set up the values used by the 'main' +# server, which responds to any requests that aren't handled by a +# definition. These values also provide defaults for +# any containers you may define later in the file. +# +# All of these directives may appear inside containers, +# in which case these default settings will be overridden for the +# virtual host being defined. +# + +# +# ServerAdmin: Your address, where problems with the server should be +# e-mailed. This address appears on some server-generated pages, such +# as error documents. e.g. admin@your-domain.com +# +ServerAdmin you@example.com + +# +# ServerName gives the name and port that the server uses to identify itself. +# This can often be determined automatically, but we recommend you specify +# it explicitly to prevent problems during startup. +# +# If your host doesn't have a registered DNS name, enter its IP address here. +# +#ServerName www.example.com:80 + +# Listen port +Listen 80 + +# +# Deny access to the entirety of your server's filesystem. You must +# explicitly permit access to web content directories in other +# blocks below. +# + + AllowOverride none + Require all denied + + +# +# Note that from this point forward you must specifically allow +# particular features to be enabled - so if something's not working as +# you might expect, make sure that you have specifically enabled it +# below. +# + +# +# DocumentRoot: The directory out of which you will serve your +# documents. By default, all requests are taken from this directory, but +# symbolic links and aliases may be used to point to other locations. +# + + + Require all denied + + +ErrorLog /proc/self/fd/2 + +# +LogLevel warn + + + LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined + LogFormat "%h %l %u %t \"%r\" %>s %b" common + + + LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio + + + CustomLog /proc/self/fd/1 common + + + + + RequestHeader unset Proxy early + + + + TypesConfig conf/mime.types + AddType application/x-compress .Z + AddType application/x-gzip .gz .tgz + + + +SSLRandomSeed startup builtin +SSLRandomSeed connect builtin + From f16056bb3c2176d2fca5fbd47adae78f6e0b06da Mon Sep 17 00:00:00 2001 From: Dan Date: Tue, 24 Oct 2023 18:02:21 +0300 Subject: [PATCH 02/11] Let's build our own image and base it on Debian buster slim --- apache2/Dockerfile | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/apache2/Dockerfile b/apache2/Dockerfile index 8da2d12..f3c9edc 100644 --- a/apache2/Dockerfile +++ b/apache2/Dockerfile @@ -1,4 +1,4 @@ -FROM httpd:2.4 +FROM debian:buster-slim # Do an initial clean up and general upgrade of the distribution ENV DEBIAN_FRONTEND noninteractive @@ -6,20 +6,20 @@ RUN apt clean && apt autoclean && apt update RUN apt -y upgrade && apt -y dist-upgrade # Install the packages we need -RUN apt install -y curl \ - procps +RUN apt install -y apache2 \ + curl # Clean up RUN apt autoremove -y && apt clean && apt autoclean && rm -rf /var/lib/apt/lists/* # Copy the default apache config -COPY ./conf/httpd.conf /usr/local/apache2/conf/httpd.conf +#COPY ./conf/httpd.conf /usr/local/apache2/conf/httpd.conf # Set the default workdir -WORKDIR /usr/local/apache2 +WORKDIR /var/www/html # Default port to listen on EXPOSE 80 # Start Apache -CMD ["httpd-foreground"] +CMD ["apache2", "-D", "foreground"] From 67e7cd54c2a64c3eca4a1bd67786bcaf3fd145c9 Mon Sep 17 00:00:00 2001 From: Michiel Kodde Date: Thu, 19 Oct 2023 09:41:09 +0200 Subject: [PATCH 03/11] Install the GD PHP extension on php82-apache2 --- php82-apache2/Dockerfile | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/php82-apache2/Dockerfile b/php82-apache2/Dockerfile index 1a5ec8d..39d4eb5 100644 --- a/php82-apache2/Dockerfile +++ b/php82-apache2/Dockerfile @@ -12,12 +12,16 @@ RUN apt -y upgrade && apt -y dist-upgrade # Install the packages we need RUN apt install -y curl \ libgmp-dev \ - libicu-dev + libicu-dev \ + libfreetype6-dev \ + libjpeg62-turbo-dev \ + libpng-dev # Install the PHP extensions we need RUN docker-php-ext-install gmp \ opcache \ - intl + intl \ + gd # Clean up RUN apt autoremove -y && apt clean && apt autoclean && rm -rf /var/lib/apt/lists/* From 70f26cd32deac45f9ca045f0d8d296012adc483a Mon Sep 17 00:00:00 2001 From: Bart Geesink Date: Wed, 25 Oct 2023 14:46:35 +0200 Subject: [PATCH 04/11] php82-apache2-node16: Install yarn as well --- php82-apache2-node16-composer2/Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/php82-apache2-node16-composer2/Dockerfile b/php82-apache2-node16-composer2/Dockerfile index 1703312..b054987 100644 --- a/php82-apache2-node16-composer2/Dockerfile +++ b/php82-apache2-node16-composer2/Dockerfile @@ -1,6 +1,7 @@ FROM ghcr.io/openconext/openconext-basecontainers/php82-apache2:latest COPY --from=composer:2 /usr/bin/composer /usr/bin/composer COPY --from=node:16-slim /usr/local/bin /usr/local/bin +COPY --from=node:16-slim /opt /opt COPY --from=node:16-slim /usr/local/lib/node_modules /usr/local/lib/node_modules SHELL ["/bin/bash", "--login", "-c"] RUN apt update && apt -y install git unzip From 4badc9ef997b975dfb483950d03a18a15e06a571 Mon Sep 17 00:00:00 2001 From: Bart Geesink Date: Wed, 25 Oct 2023 14:31:00 +0200 Subject: [PATCH 05/11] php82-apache image: Use the 8.2 latest image. Also removes composer 1, not needed anywhere --- php82-apache2/Dockerfile | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/php82-apache2/Dockerfile b/php82-apache2/Dockerfile index 39d4eb5..46c9a01 100644 --- a/php82-apache2/Dockerfile +++ b/php82-apache2/Dockerfile @@ -1,8 +1,4 @@ -FROM php:8.2.6-apache-bullseye - -# Copy the Composer PHAR from the Composer image into the PHP image -COPY --from=composer:1.9.3 /usr/bin/composer /usr/bin/composer -RUN chmod +x /usr/bin/composer +FROM php:8.2-apache-bullseye # Do an initial clean up and general upgrade of the distribution ENV DEBIAN_FRONTEND noninteractive From 6ccc1625704c75247a02d033a701756a98893bf1 Mon Sep 17 00:00:00 2001 From: Bart Geesink Date: Wed, 25 Oct 2023 14:31:53 +0200 Subject: [PATCH 06/11] php82-apache: Follow the official instructions for installing gd. Also remove the development packages, which are not needed after building the extensions --- php82-apache2/Dockerfile | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/php82-apache2/Dockerfile b/php82-apache2/Dockerfile index 46c9a01..4b176c3 100644 --- a/php82-apache2/Dockerfile +++ b/php82-apache2/Dockerfile @@ -3,24 +3,33 @@ FROM php:8.2-apache-bullseye # Do an initial clean up and general upgrade of the distribution ENV DEBIAN_FRONTEND noninteractive RUN apt clean && apt autoclean && apt update -RUN apt -y upgrade && apt -y dist-upgrade # Install the packages we need RUN apt install -y curl \ + libpng16-16 \ + libjpeg62-turbo \ + libfreetype6 \ libgmp-dev \ libicu-dev \ libfreetype6-dev \ libjpeg62-turbo-dev \ - libpng-dev - -# Install the PHP extensions we need -RUN docker-php-ext-install gmp \ + libpng-dev &&\ + docker-php-ext-configure gd --with-freetype --with-jpeg &&\ + docker-php-ext-install -j$(nproc) gmp \ opcache \ intl \ gd # Clean up -RUN apt autoremove -y && apt clean && apt autoclean && rm -rf /var/lib/apt/lists/* +RUN apt -y remove libgmp-dev \ + libicu-dev \ + libfreetype6-dev \ + libjpeg62-turbo-dev \ + libpng-dev && \ + apt autoremove -y && \ + apt clean && \ + apt autoclean && \ + rm -rf /var/lib/apt/lists/* # Enable the Apache2 modules we need RUN a2enmod rewrite headers expires proxy_fcgi From a218df8718c428bc54893986dba59948e9c2b852 Mon Sep 17 00:00:00 2001 From: Dan Date: Wed, 25 Oct 2023 17:42:23 +0300 Subject: [PATCH 07/11] Adding the Apache2 config files for both Debian and Surf's needs --- apache2/Dockerfile | 12 +- apache2/conf/httpd.conf | 239 ------------------------------------- conf/apache2/apache2.conf | 230 +++++++++++++++++++++++++++++++++++ conf/apache2/security.conf | 77 ++++++++++++ 4 files changed, 318 insertions(+), 240 deletions(-) delete mode 100644 apache2/conf/httpd.conf create mode 100644 conf/apache2/apache2.conf create mode 100644 conf/apache2/security.conf diff --git a/apache2/Dockerfile b/apache2/Dockerfile index f3c9edc..6fcf17a 100644 --- a/apache2/Dockerfile +++ b/apache2/Dockerfile @@ -12,8 +12,18 @@ RUN apt install -y apache2 \ # Clean up RUN apt autoremove -y && apt clean && apt autoclean && rm -rf /var/lib/apt/lists/* +# Enable the apache2 modules we need +RUN a2enmod authz_groupfile \ + xml2enc \ + headers \ + proxy \ + proxy_connect \ + proxy_http \ + rewrite + # Copy the default apache config -#COPY ./conf/httpd.conf /usr/local/apache2/conf/httpd.conf +COPY ./conf/apache2/apache2.conf /etc/apache2/apache2.conf +COPY ./conf/apache2/security.conf /etc/apache2/security.conf # Set the default workdir WORKDIR /var/www/html diff --git a/apache2/conf/httpd.conf b/apache2/conf/httpd.conf deleted file mode 100644 index 66722e8..0000000 --- a/apache2/conf/httpd.conf +++ /dev/null @@ -1,239 +0,0 @@ -ServerRoot "/usr/local/apache2" -LoadModule mpm_event_module modules/mod_mpm_event.so -#LoadModule mpm_prefork_module modules/mod_mpm_prefork.so -#LoadModule mpm_worker_module modules/mod_mpm_worker.so -LoadModule authn_file_module modules/mod_authn_file.so -#LoadModule authn_dbm_module modules/mod_authn_dbm.so -#LoadModule authn_anon_module modules/mod_authn_anon.so -#LoadModule authn_dbd_module modules/mod_authn_dbd.so -#LoadModule authn_socache_module modules/mod_authn_socache.so -LoadModule authn_core_module modules/mod_authn_core.so -LoadModule authz_host_module modules/mod_authz_host.so -LoadModule authz_groupfile_module modules/mod_authz_groupfile.so -LoadModule authz_user_module modules/mod_authz_user.so -#LoadModule authz_dbm_module modules/mod_authz_dbm.so -#LoadModule authz_owner_module modules/mod_authz_owner.so -#LoadModule authz_dbd_module modules/mod_authz_dbd.so -LoadModule authz_core_module modules/mod_authz_core.so -#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so -#LoadModule authnz_fcgi_module modules/mod_authnz_fcgi.so -LoadModule access_compat_module modules/mod_access_compat.so -LoadModule auth_basic_module modules/mod_auth_basic.so -#LoadModule auth_form_module modules/mod_auth_form.so -#LoadModule auth_digest_module modules/mod_auth_digest.so -#LoadModule allowmethods_module modules/mod_allowmethods.so -#LoadModule isapi_module modules/mod_isapi.so -#LoadModule file_cache_module modules/mod_file_cache.so -#LoadModule cache_module modules/mod_cache.so -#LoadModule cache_disk_module modules/mod_cache_disk.so -#LoadModule cache_socache_module modules/mod_cache_socache.so -#LoadModule socache_shmcb_module modules/mod_socache_shmcb.so -#LoadModule socache_dbm_module modules/mod_socache_dbm.so -#LoadModule socache_memcache_module modules/mod_socache_memcache.so -#LoadModule socache_redis_module modules/mod_socache_redis.so -#LoadModule watchdog_module modules/mod_watchdog.so -#LoadModule macro_module modules/mod_macro.so -#LoadModule dbd_module modules/mod_dbd.so -#LoadModule bucketeer_module modules/mod_bucketeer.so -#LoadModule dumpio_module modules/mod_dumpio.so -#LoadModule echo_module modules/mod_echo.so -#LoadModule example_hooks_module modules/mod_example_hooks.so -#LoadModule case_filter_module modules/mod_case_filter.so -#LoadModule case_filter_in_module modules/mod_case_filter_in.so -#LoadModule example_ipc_module modules/mod_example_ipc.so -#LoadModule buffer_module modules/mod_buffer.so -#LoadModule data_module modules/mod_data.so -#LoadModule ratelimit_module modules/mod_ratelimit.so -LoadModule reqtimeout_module modules/mod_reqtimeout.so -#LoadModule ext_filter_module modules/mod_ext_filter.so -#LoadModule request_module modules/mod_request.so -#LoadModule include_module modules/mod_include.so -LoadModule filter_module modules/mod_filter.so -#LoadModule reflector_module modules/mod_reflector.so -#LoadModule substitute_module modules/mod_substitute.so -#LoadModule sed_module modules/mod_sed.so -#LoadModule charset_lite_module modules/mod_charset_lite.so -#LoadModule deflate_module modules/mod_deflate.so -LoadModule xml2enc_module modules/mod_xml2enc.so -LoadModule proxy_html_module modules/mod_proxy_html.so -#LoadModule brotli_module modules/mod_brotli.so -LoadModule mime_module modules/mod_mime.so -#LoadModule ldap_module modules/mod_ldap.so -LoadModule log_config_module modules/mod_log_config.so -#LoadModule log_debug_module modules/mod_log_debug.so -#LoadModule log_forensic_module modules/mod_log_forensic.so -#LoadModule logio_module modules/mod_logio.so -#LoadModule lua_module modules/mod_lua.so -LoadModule env_module modules/mod_env.so -#LoadModule mime_magic_module modules/mod_mime_magic.so -#LoadModule cern_meta_module modules/mod_cern_meta.so -#LoadModule expires_module modules/mod_expires.so -LoadModule headers_module modules/mod_headers.so -#LoadModule ident_module modules/mod_ident.so -#LoadModule usertrack_module modules/mod_usertrack.so -#LoadModule unique_id_module modules/mod_unique_id.so -LoadModule setenvif_module modules/mod_setenvif.so -LoadModule version_module modules/mod_version.so -#LoadModule remoteip_module modules/mod_remoteip.so -LoadModule proxy_module modules/mod_proxy.so -LoadModule proxy_connect_module modules/mod_proxy_connect.so -#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so -LoadModule proxy_http_module modules/mod_proxy_http.so -#LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so -#LoadModule proxy_scgi_module modules/mod_proxy_scgi.so -#LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so -#LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so -#LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so -#LoadModule proxy_ajp_module modules/mod_proxy_ajp.so -#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so -#LoadModule proxy_express_module modules/mod_proxy_express.so -#LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so -#LoadModule session_module modules/mod_session.so -#LoadModule session_cookie_module modules/mod_session_cookie.so -#LoadModule session_crypto_module modules/mod_session_crypto.so -#LoadModule session_dbd_module modules/mod_session_dbd.so -#LoadModule slotmem_shm_module modules/mod_slotmem_shm.so -#LoadModule slotmem_plain_module modules/mod_slotmem_plain.so -#LoadModule ssl_module modules/mod_ssl.so -#LoadModule optional_hook_export_module modules/mod_optional_hook_export.so -#LoadModule optional_hook_import_module modules/mod_optional_hook_import.so -#LoadModule optional_fn_import_module modules/mod_optional_fn_import.so -#LoadModule optional_fn_export_module modules/mod_optional_fn_export.so -#LoadModule dialup_module modules/mod_dialup.so -#LoadModule http2_module modules/mod_http2.so -#LoadModule proxy_http2_module modules/mod_proxy_http2.so -#LoadModule md_module modules/mod_md.so -#LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so -#LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so -#LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so -#LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so -LoadModule unixd_module modules/mod_unixd.so -#LoadModule heartbeat_module modules/mod_heartbeat.so -#LoadModule heartmonitor_module modules/mod_heartmonitor.so -#LoadModule dav_module modules/mod_dav.so -LoadModule status_module modules/mod_status.so -LoadModule autoindex_module modules/mod_autoindex.so -#LoadModule asis_module modules/mod_asis.so -#LoadModule info_module modules/mod_info.so -#LoadModule suexec_module modules/mod_suexec.so - - #LoadModule cgid_module modules/mod_cgid.so - - - #LoadModule cgi_module modules/mod_cgi.so - -#LoadModule dav_fs_module modules/mod_dav_fs.so -#LoadModule dav_lock_module modules/mod_dav_lock.so -#LoadModule vhost_alias_module modules/mod_vhost_alias.so -#LoadModule negotiation_module modules/mod_negotiation.so -LoadModule dir_module modules/mod_dir.so -#LoadModule imagemap_module modules/mod_imagemap.so -#LoadModule actions_module modules/mod_actions.so -#LoadModule speling_module modules/mod_speling.so -#LoadModule userdir_module modules/mod_userdir.so -LoadModule alias_module modules/mod_alias.so -LoadModule rewrite_module modules/mod_rewrite.so - - -# -# If you wish httpd to run as a different user or group, you must run -# httpd as root initially and it will switch. -# -# User/Group: The name (or #number) of the user/group to run httpd as. -# It is usually good practice to create a dedicated user and group for -# running httpd, as with most system services. -# -User www-data -Group www-data - - - -# 'Main' server configuration -# -# The directives in this section set up the values used by the 'main' -# server, which responds to any requests that aren't handled by a -# definition. These values also provide defaults for -# any containers you may define later in the file. -# -# All of these directives may appear inside containers, -# in which case these default settings will be overridden for the -# virtual host being defined. -# - -# -# ServerAdmin: Your address, where problems with the server should be -# e-mailed. This address appears on some server-generated pages, such -# as error documents. e.g. admin@your-domain.com -# -ServerAdmin you@example.com - -# -# ServerName gives the name and port that the server uses to identify itself. -# This can often be determined automatically, but we recommend you specify -# it explicitly to prevent problems during startup. -# -# If your host doesn't have a registered DNS name, enter its IP address here. -# -#ServerName www.example.com:80 - -# Listen port -Listen 80 - -# -# Deny access to the entirety of your server's filesystem. You must -# explicitly permit access to web content directories in other -# blocks below. -# - - AllowOverride none - Require all denied - - -# -# Note that from this point forward you must specifically allow -# particular features to be enabled - so if something's not working as -# you might expect, make sure that you have specifically enabled it -# below. -# - -# -# DocumentRoot: The directory out of which you will serve your -# documents. By default, all requests are taken from this directory, but -# symbolic links and aliases may be used to point to other locations. -# - - - Require all denied - - -ErrorLog /proc/self/fd/2 - -# -LogLevel warn - - - LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined - LogFormat "%h %l %u %t \"%r\" %>s %b" common - - - LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio - - - CustomLog /proc/self/fd/1 common - - - - - RequestHeader unset Proxy early - - - - TypesConfig conf/mime.types - AddType application/x-compress .Z - AddType application/x-gzip .gz .tgz - - - -SSLRandomSeed startup builtin -SSLRandomSeed connect builtin - diff --git a/conf/apache2/apache2.conf b/conf/apache2/apache2.conf new file mode 100644 index 0000000..c01a8b1 --- /dev/null +++ b/conf/apache2/apache2.conf @@ -0,0 +1,230 @@ +# This is the main Apache server configuration file. It contains the +# configuration directives that give the server its instructions. +# See http://httpd.apache.org/docs/2.4/ for detailed information about +# the directives and /usr/share/doc/apache2/README.Debian about Debian specific +# hints. +# +# +# Summary of how the Apache 2 configuration works in Debian: +# The Apache 2 web server configuration in Debian is quite different to +# upstream's suggested way to configure the web server. This is because Debian's +# default Apache2 installation attempts to make adding and removing modules, +# virtual hosts, and extra configuration directives as flexible as possible, in +# order to make automating the changes and administering the server as easy as +# possible. + +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf-enabled +# | `-- *.conf +# `-- sites-enabled +# `-- *.conf +# +# +# * apache2.conf is the main configuration file (this file). It puts the pieces +# together by including all remaining configuration files when starting up the +# web server. +# +# * ports.conf is always included from the main configuration file. It is +# supposed to determine listening ports for incoming connections which can be +# customized anytime. +# +# * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/ +# directories contain particular configuration snippets which manage modules, +# global configuration fragments, or virtual host configurations, +# respectively. +# +# They are activated by symlinking available configuration files from their +# respective *-available/ counterparts. These should be managed by using our +# helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See +# their respective man pages for detailed information. +# +# * The binary is called apache2. Due to the use of environment variables, in +# the default configuration, apache2 needs to be started/stopped with +# /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not +# work with the default configuration. + + +# Global configuration +# + +# +# ServerRoot: The top of the directory tree under which the server's +# configuration, error, and log files are kept. +# +# NOTE! If you intend to place this on an NFS (or otherwise network) +# mounted filesystem then please read the Mutex documentation (available +# at ); +# you will save yourself a lot of trouble. +# +# Do NOT add a slash at the end of the directory path. +# +#ServerRoot "/etc/apache2" + +# +# The accept serialization lock file MUST BE STORED ON A LOCAL DISK. +# +#Mutex file:${APACHE_LOCK_DIR} default + +# +# The directory where shm and other runtime files will be stored. +# + +DefaultRuntimeDir ${APACHE_RUN_DIR} + +# +# PidFile: The file in which the server should record its process +# identification number when it starts. +# This needs to be set in /etc/apache2/envvars +# +PidFile ${APACHE_PID_FILE} + +# +# Timeout: The number of seconds before receives and sends time out. +# +Timeout 300 + +# +# KeepAlive: Whether or not to allow persistent connections (more than +# one request per connection). Set to "Off" to deactivate. +# +KeepAlive On + +# +# MaxKeepAliveRequests: The maximum number of requests to allow +# during a persistent connection. Set to 0 to allow an unlimited amount. +# We recommend you leave this number high, for maximum performance. +# +MaxKeepAliveRequests 100 + +# +# KeepAliveTimeout: Number of seconds to wait for the next request from the +# same client on the same connection. +# +KeepAliveTimeout 5 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} + +# +# HostnameLookups: Log the names of clients or just their IP addresses +# e.g., www.apache.org (on) or 204.62.129.132 (off). +# The default is off because it'd be overall better for the net if people +# had to knowingly turn this feature on, since enabling it means that +# each client request will result in AT LEAST one lookup request to the +# nameserver. +# +HostnameLookups Off + +# ErrorLog: The location of the error log file. +# If you do not specify an ErrorLog directive within a +# container, error messages relating to that virtual host will be +# logged here. If you *do* define an error logfile for a +# container, that host's errors will be logged there and not here. +# +#ErrorLog ${APACHE_LOG_DIR}/error.log +ErrorLog /proc/self/fd/2 + +# +# LogLevel: Control the severity of messages logged to the error_log. +# Available values: trace8, ..., trace1, debug, info, notice, warn, +# error, crit, alert, emerg. +# It is also possible to configure the log level for particular modules, e.g. +# "LogLevel info ssl:warn" +# +LogLevel warn + +# Include module configuration: +IncludeOptional mods-enabled/*.load +IncludeOptional mods-enabled/*.conf + +# Include list of ports to listen on +Include ports.conf + + +# Sets the default security model of the Apache2 HTTPD server. It does +# not allow access to the root filesystem outside of /usr/share and /var/www. +# The former is used by web applications packaged in Debian, +# the latter may be used for local directories served by the web server. If +# your system is serving content from a sub-directory in /srv you must allow +# access here, or in any related virtual host. + + Options FollowSymLinks + AllowOverride None + Require all denied + + + + AllowOverride None + Require all granted + + + + Options Indexes FollowSymLinks + AllowOverride None + Require all granted + + +# +# Options Indexes FollowSymLinks +# AllowOverride None +# Require all granted +# + + + + +# AccessFileName: The name of the file to look for in each directory +# for additional configuration directives. See also the AllowOverride +# directive. +# +AccessFileName .htaccess + +# +# The following lines prevent .htaccess and .htpasswd files from being +# viewed by Web clients. +# + + Require all denied + + + +# +# The following directives define some format nicknames for use with +# a CustomLog directive. +# +# These deviate from the Common Log Format definitions in that they use %O +# (the actual bytes sent including headers) instead of %b (the size of the +# requested file), because the latter makes it impossible to detect partial +# requests. +# +# Note that the use of %{X-Forwarded-For}i instead of %h is not recommended. +# Use mod_remoteip instead. +# +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent + +CustomLog /proc/self/fd/1 common + +# Include of directories ignores editors' and dpkg's backup files, +# see README.Debian for details. + +# Include generic snippets of statements +IncludeOptional conf-enabled/*.conf + +# Include the virtual host configurations: +IncludeOptional sites-enabled/*.conf + +# vim: syntax=apache ts=4 sw=4 sts=4 sr noet diff --git a/conf/apache2/security.conf b/conf/apache2/security.conf new file mode 100644 index 0000000..2c8b233 --- /dev/null +++ b/conf/apache2/security.conf @@ -0,0 +1,77 @@ +# +# Disable access to the entire file system except for the directories that +# are explicitly allowed later. +# +# This currently breaks the configurations that come with some web application +# Debian packages. +# +# +# AllowOverride None +# Require all denied +# + + +# Changing the following options will not really affect the security of the +# server, but might make attacks slightly more difficult in some cases. + +# +# ServerTokens +# This directive configures what you return as the Server HTTP response +# Header. The default is 'Full' which sends information about the OS-Type +# and compiled in modules. +# Set to one of: Full | OS | Minimal | Minor | Major | Prod +# where Full conveys the most information, and Prod the least. +#ServerTokens Minimal +ServerTokens OS +#ServerTokens Full + +# +# Optionally add a line containing the server version and virtual host +# name to server-generated pages (internal error documents, FTP directory +# listings, mod_status and mod_info output etc., but not CGI generated +# documents or custom error documents). +# Set to "EMail" to also include a mailto: link to the ServerAdmin. +# Set to one of: On | Off | EMail +#ServerSignature Off +ServerSignature On + +# +# Allow TRACE method +# +# Set to "extended" to also reflect the request body (only for testing and +# diagnostic purposes). +# +# Set to one of: On | Off | extended +TraceEnable Off +#TraceEnable On + +# +# Forbid access to version control directories +# +# If you use version control systems in your document root, you should +# probably deny access to their directories. For example, for subversion: +# +# +# Require all denied +# + +# +# Setting this header will prevent MSIE from interpreting files as something +# else than declared by the content type in the HTTP headers. +# Requires mod_headers to be enabled. +# +#Header set X-Content-Type-Options: "nosniff" + +# +# Setting this header will prevent other sites from embedding pages from this +# site as frames. This defends against clickjacking attacks. +# Requires mod_headers to be enabled. +# +#Header set X-Frame-Options: "sameorigin" + +RequestHeader unset Proxy early + +SSLRandomSeed startup builtin +SSLRandomSeed connect builtin + +# vim: syntax=apache ts=4 sw=4 sts=4 sr noet From e55a4e2be208ab9bba86c71709b854d81de2c270 Mon Sep 17 00:00:00 2001 From: Dan Date: Wed, 25 Oct 2023 18:03:46 +0300 Subject: [PATCH 08/11] For now the config files need to be in the apache2 repo --- apache2/Dockerfile | 12 +++++++++--- apache2/bin/start.sh | 7 +++++++ {conf/apache2 => apache2/conf}/apache2.conf | 0 {conf/apache2 => apache2/conf}/security.conf | 0 4 files changed, 16 insertions(+), 3 deletions(-) create mode 100755 apache2/bin/start.sh rename {conf/apache2 => apache2/conf}/apache2.conf (100%) rename {conf/apache2 => apache2/conf}/security.conf (100%) diff --git a/apache2/Dockerfile b/apache2/Dockerfile index 6fcf17a..3ef1cce 100644 --- a/apache2/Dockerfile +++ b/apache2/Dockerfile @@ -22,8 +22,14 @@ RUN a2enmod authz_groupfile \ rewrite # Copy the default apache config -COPY ./conf/apache2/apache2.conf /etc/apache2/apache2.conf -COPY ./conf/apache2/security.conf /etc/apache2/security.conf +COPY ./conf/apache2.conf /etc/apache2/apache2.conf +COPY ./conf/security.conf /etc/apache2/security.conf + +# Copy the startup script +COPY ./bin/start.sh /usr/local/bin/start.sh + +# Create the Apache2 run dir +RUN mkdir -p /var/run/apache2 # Set the default workdir WORKDIR /var/www/html @@ -32,4 +38,4 @@ WORKDIR /var/www/html EXPOSE 80 # Start Apache -CMD ["apache2", "-D", "foreground"] +CMD ["/usr/local/bin/start.sh"] diff --git a/apache2/bin/start.sh b/apache2/bin/start.sh new file mode 100755 index 0000000..3b42f36 --- /dev/null +++ b/apache2/bin/start.sh @@ -0,0 +1,7 @@ +#!/usr/bin/env bash + +# Read the envars for Apache2 +source /etc/apache2/envvars + +# Start Apache2 +apache2 -D FOREGROUND diff --git a/conf/apache2/apache2.conf b/apache2/conf/apache2.conf similarity index 100% rename from conf/apache2/apache2.conf rename to apache2/conf/apache2.conf diff --git a/conf/apache2/security.conf b/apache2/conf/security.conf similarity index 100% rename from conf/apache2/security.conf rename to apache2/conf/security.conf From 9bcdfd0fc20efb672d53df7e085c6dc73fb0ad6b Mon Sep 17 00:00:00 2001 From: Bart Geesink Date: Thu, 26 Oct 2023 14:46:31 +0200 Subject: [PATCH 09/11] PHP82: Create a node20 image. Node14 is not used at all. Removing it --- ....yaml => build-php82-apache2-node20-composer2.yaml} | 10 +++++----- .../Dockerfile | 9 +++++---- .../conf/xdebug.ini | 0 3 files changed, 10 insertions(+), 9 deletions(-) rename .github/workflows/{build-php82-apache2-node14-composer2.yaml => build-php82-apache2-node20-composer2.yaml} (87%) rename {php82-apache2-node14-composer2 => php82-apache2-node20-composer2}/Dockerfile (54%) rename {php82-apache2-node14-composer2 => php82-apache2-node20-composer2}/conf/xdebug.ini (100%) diff --git a/.github/workflows/build-php82-apache2-node14-composer2.yaml b/.github/workflows/build-php82-apache2-node20-composer2.yaml similarity index 87% rename from .github/workflows/build-php82-apache2-node14-composer2.yaml rename to .github/workflows/build-php82-apache2-node20-composer2.yaml index 7b4e916..abd1a20 100644 --- a/.github/workflows/build-php82-apache2-node14-composer2.yaml +++ b/.github/workflows/build-php82-apache2-node20-composer2.yaml @@ -1,11 +1,11 @@ -name: Build the PHP 8.2 Apache2 Node14 Composer2 container +name: Build the PHP 8.2 Apache2 Node20 Composer2 container on: push: branches: - main paths: - - php82-apache2-node14-composer2/** + - php82-apache2-node20-composer2/** schedule: - cron: '0 7 * * *' @@ -42,12 +42,12 @@ jobs: - name: Build and push uses: docker/build-push-action@v4 with: - context: ./php82-apache2-node14-composer2 + context: ./php82-apache2-node20-composer2 platforms: linux/amd64,linux/arm64 push: true tags: | - ghcr.io/openconext/openconext-basecontainers/php82-apache2-node14-composer2:latest - ghcr.io/openconext/openconext-basecontainers/php82-apache2-node14-composer2:${{ github.sha }} + ghcr.io/openconext/openconext-basecontainers/php82-apache2-node20-composer2:latest + ghcr.io/openconext/openconext-basecontainers/php82-apache2-node20-composer2:${{ github.sha }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max diff --git a/php82-apache2-node14-composer2/Dockerfile b/php82-apache2-node20-composer2/Dockerfile similarity index 54% rename from php82-apache2-node14-composer2/Dockerfile rename to php82-apache2-node20-composer2/Dockerfile index 0288d86..cd08ebb 100644 --- a/php82-apache2-node14-composer2/Dockerfile +++ b/php82-apache2-node20-composer2/Dockerfile @@ -1,9 +1,10 @@ FROM ghcr.io/openconext/openconext-basecontainers/php82-apache2:latest COPY --from=composer:2 /usr/bin/composer /usr/bin/composer -SHELL ["/bin/bash", "--login", "-c"] +COPY --from=node:20-slim /usr/local/bin /usr/local/bin +COPY --from=node:20-slim /opt /opt +COPY --from=node:20-slim /usr/local/lib/node_modules /usr/local/lib/node_modules RUN apt update && apt -y install git unzip -RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.3/install.sh | bash -RUN nvm install 14 -RUN npm install -g yarn RUN pecl install xdebug && docker-php-ext-enable xdebug COPY ./conf/xdebug.ini /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini +RUN apt autoremove -y && apt clean && apt autoclean && rm -rf /var/lib/apt/lists/* + diff --git a/php82-apache2-node14-composer2/conf/xdebug.ini b/php82-apache2-node20-composer2/conf/xdebug.ini similarity index 100% rename from php82-apache2-node14-composer2/conf/xdebug.ini rename to php82-apache2-node20-composer2/conf/xdebug.ini From 284248396a77b92401dd51a10a5abcebc68b0292 Mon Sep 17 00:00:00 2001 From: Bart Geesink Date: Mon, 30 Oct 2023 08:48:41 +0100 Subject: [PATCH 10/11] README.md: Add php82 node20 build status --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index cf76985..e6c50a2 100644 --- a/README.md +++ b/README.md @@ -19,5 +19,5 @@ We provide the following base containers which can be used in downstream project ![Build status for php82 apache2 production image](https://github.com/OpenConext/OpenConext-BaseContainers/actions/workflows/build-php82-apache2.yaml/badge.svg) **Dev images:**
-![Build status for php72 apache2 node14 image](https://github.com/OpenConext/OpenConext-BaseContainers/actions/workflows/build-php82-apache2-node14-composer2.yaml/badge.svg)
-![Build status for php72 apache2 node16 image](https://github.com/OpenConext/OpenConext-BaseContainers/actions/workflows/build-php82-apache2-node16-composer2.yaml/badge.svg) +![Build status for php82 apache2 node16 image](https://github.com/OpenConext/OpenConext-BaseContainers/actions/workflows/build-php82-apache2-node16-composer2.yaml/badge.svg)
+![Build status for php82 apache2 node20 image](https://github.com/OpenConext/OpenConext-BaseContainers/actions/workflows/build-php82-apache2-node20-composer2.yaml/badge.svg) From 6bf52021cf7008d9a514d969b121701e43d12b61 Mon Sep 17 00:00:00 2001 From: Bart Geesink Date: Mon, 30 Oct 2023 16:42:39 +0100 Subject: [PATCH 11/11] Apache2 container: Add workflow_dispatch option --- .github/workflows/build-apache2.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build-apache2.yaml b/.github/workflows/build-apache2.yaml index bab8a61..0e39ee4 100644 --- a/.github/workflows/build-apache2.yaml +++ b/.github/workflows/build-apache2.yaml @@ -8,6 +8,8 @@ on: - apache2/** schedule: - cron: '0 7 * * *' + workflow_dispatch: + jobs: build-push-apache2: