Posted inDocker Linux MySQL Wordpress

Docker custom WordPress and SFTP image

No Comments

粗體的部份是新增SFTP的

vi dockerfile_web_wp8225
FROM php:8.2.25-apache
RUN rm -rf /etc/localtime && ln -s /usr/share/zoneinfo/Asia/Hong_Kong /etc/localtime
RUN apt-get update && apt-get install libzip-dev libpng-dev libicu-dev openssh-server -y && apt-get clean -y && rm -r /var/lib/apt/lists/*
RUN docker-php-ext-install mysqli gd exif zip intl && a2enmod ssl && a2ensite default-ssl
RUN useradd -d /var/www/html -s /usr/sbin/nologin sftpuser && usermod sftpuser -aG www-data && \
RUN echo "Match User sftpuser" >> /etc/ssh/sshd_config && \
echo "ChrootDirectory /var/www/" >> /etc/ssh/sshd_config && \
echo "ForceCommand internal-sftp -u 006" >> /etc/ssh/sshd_config && \
echo "X11Forwarding no" >> /etc/ssh/sshd_config && \
echo "AllowTcpForwarding no" >> /etc/ssh/sshd_config && \
echo "PasswordAuthentication yes" >> /etc/ssh/sshd_config
CMD service ssh start && apache2-foreground

docker build -f dockerfile_web_wp8225 -t web_wp:8225 --no-cache=true .
docker tag web_wp:8225 web_wp:latest

vi dockercompose_web.yml
services:
  web:
    image: web_wp
    volumes:
      - html:/var/www/html
      - apache2:/etc/apache2
      - php:/usr/local/etc/php/
    restart: unless-stopped
    ports:
      - xxx.xxx.xxx.xxx:80:80
      - xxx.xxx.xxx.xxx:443:443
      - xxx.xxx.xxx.xxx:2222:22
    container_name: my_web
    network_mode: bridge
  database:
    image: mysql:8.4.2
    volumes:
      - mysql:/var/lib/mysql
    restart: unless-stopped
    ports:
      - xxx.xxx.xxx.xxx:3306:3306
    container_name: my_mysql
    network_mode: bridge
    environment:
      MYSQL_ROOT_PASSWORD: RootPassword
      MYSQL_DATABASE: my_web_db
      MYSQL_USER: myname
      MYSQL_PASSWORD: db_password
volumes:
  html:
    driver: local
  apache2:
    driver: local
  php:
    driver: local
  mysql:
    driver: local

docker compose -p my_web -f dockercompose_web.yml up -d

這個時候Container應該可以正常服務的, 但是沒有
docker logs my_web

SSLCertificateFile: file '/etc/ssl/certs/ssl-cert-snakeoil.pem' does not exist or is empty
AH00526: Syntax error on line 31 of /etc/apache2/sites-enabled/default-ssl.conf:

因為我在上面啟用了SSL a2enmod ssl && a2ensite, 但是預設証書路徑不正確

mkdir /var/lib/docker/volumes/my_web_apache2/_data/certs

vi /var/lib/docker/volumes/my_web_apache2/_data/sites-enabled/default-ssl.conf
SSLCertificateFile /etc/apache2/certs/xxx.cer
SSLCertificateKeyFile /etc/apache2/certs/xxx.key
SSLCACertificateFile /etc/apache2/certs/rootCA.cer

docker restart my_web
上面已經可以正常看到web服務的反應

進入Container更改folder權限
docker exec -it my_web bash
chown -R www-data:www-data /var/www/html
chmod -R g+w /var/www/html
find /var/www/html -type d -exec chmod g+s {} \;

下面測試一下Docker更新php新版本
vi dockerfile_web_wp8312
FROM php:8.3.12-apache
RUN rm -rf /etc/localtime && ln -s /usr/share/zoneinfo/Asia/Hong_Kong /etc/localtime
RUN apt-get update && apt-get install libzip-dev libpng-dev libicu-dev openssh-server -y && apt-get clean -y && rm -r /var/lib/apt/lists/*
RUN docker-php-ext-install mysqli gd exif zip intl && a2enmod ssl && a2ensite default-ssl
RUN useradd -d /var/www/html -s /usr/sbin/nologin sftpuser && usermod sftpuser -aG www-data && \
RUN echo "Match User sftpuser" >> /etc/ssh/sshd_config && \
echo "ChrootDirectory /var/www/" >> /etc/ssh/sshd_config && \
echo "ForceCommand internal-sftp -u 006" >> /etc/ssh/sshd_config && \
echo "X11Forwarding no" >> /etc/ssh/sshd_config && \
echo "AllowTcpForwarding no" >> /etc/ssh/sshd_config && \
echo "PasswordAuthentication yes" >> /etc/ssh/sshd_config
CMD service ssh start && apache2-foreground

docker build -f dockerfile_web_wp8312 -t web_wp:8312 --no-cache=true .
docker tag web_wp:8312 web_wp:latest

docker compose -p my_web -f dockercompose_web.yml up -d

Remark
經phpinfo驗查後, 好像還是需要在container install mysqli gd exif zip intl, 還未能搞清楚能在否image pre-install
docker exec -it my_web bash
docker-php-ext-install mysqli gd exif zip intl

Tags:

Comments

No comments yet. Why don’t you start the discussion?

發佈留言

發佈留言必須填寫的電子郵件地址不會公開。 必填欄位標示為 *

CAPTCHA

*