all-in-one/Containers/mastercontainer/Dockerfile

# syntax=docker/dockerfile:latest
# Docker CLI is a requirement
FROM docker:29.0.2-cli AS docker

# Caddy is a requirement
FROM caddy:2.10.2-alpine AS caddy

# From https://github.com/docker-library/php/blob/master/8.4/alpine3.22/fpm/Dockerfile
FROM php:8.4.15-fpm-alpine3.22

EXPOSE 80
EXPOSE 8080
EXPOSE 8443

# Overwrite home variable for subservices
ENV HOME=/var/www

COPY --from=caddy /usr/bin/caddy /usr/bin/caddy
COPY --from=docker /usr/local/bin/docker /usr/local/bin/docker

COPY community-containers /var/www/docker-aio/community-containers
COPY php /var/www/docker-aio/php
COPY --chmod=775 Containers/mastercontainer/*.sh /
COPY --chmod=664 Containers/mastercontainer/Caddyfile /Caddyfile
COPY --chmod=664 Containers/mastercontainer/supervisord.conf /supervisord.conf
COPY Containers/mastercontainer/mastercontainer.conf /etc/apache2/sites-available/mastercontainer.conf

WORKDIR /var/www/docker-aio

# hadolint ignore=SC2086,DL3047,DL3003,DL3004
RUN set -ex; \
    apk upgrade --no-cache -a; \
    apk add --no-cache shadow; \
    groupmod -g 33 www-data; \
    usermod -u 33 -g 33 www-data; \
    \
    apk add --no-cache \
        util-linux-misc \
        ca-certificates \
        wget \
        bash \
        apache2 \
        apache2-proxy \
        apache2-ssl \
        supervisor \
        openssl \
        sudo \
        netcat-openbsd \
        curl \
        grep; \
    \
    apk add --no-cache --virtual .build-deps \
        autoconf \
        build-base; \
    pecl install APCu-5.1.27; \
    docker-php-ext-enable apcu; \
    rm -r /tmp/pear; \
    runDeps="$( \
        scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/lib/php/extensions \
            | tr ',' '\n' \
            | sort -u \
            | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
    )"; \
    apk add --no-cache --virtual .nextcloud-aio-rundeps $runDeps; \
    apk del .build-deps; \
    grep -q '^pm = dynamic' /usr/local/etc/php-fpm.d/www.conf; \
    sed -i 's/^pm = dynamic/pm = ondemand/' /usr/local/etc/php-fpm.d/www.conf; \
    sed -i 's/^pm.max_children =.*/pm.max_children = 80/' /usr/local/etc/php-fpm.d/www.conf; \
    sed -i 's|access.log = /proc/self/fd/2|access.log = /proc/self/fd/1|' /usr/local/etc/php-fpm.d/docker.conf; \
    grep -q ';listen.allowed_clients' /usr/local/etc/php-fpm.d/www.conf; \
    sed -i 's|;listen.allowed_clients.*|listen.allowed_clients = 127.0.0.1,::1|' /usr/local/etc/php-fpm.d/www.conf; \
    \
    apk add --no-cache git; \
    wget https://getcomposer.org/installer -O - | php -- --install-dir=/usr/local/bin --filename=composer; \
    chmod +x /usr/local/bin/composer; \
    cd /var/www/docker-aio; \
    rm -r ./php/tests; \
    chown www-data:www-data -R /var/www/docker-aio; \
    cd php; \
    sudo -E -u www-data composer install --no-dev; \
    sudo -E -u www-data composer clear-cache; \
    cd ..; \
    rm -f /usr/local/bin/composer; \
    chmod -R 770 /var/www/docker-aio; \
    chown -R www-data:www-data /var/www; \
    rm -r php/data; \
    rm -r php/session; \
    \
    mkdir -p /etc/apache2/certs; \
    cd /etc/apache2/certs; \
    openssl req -new -newkey rsa:4096 -days 3650 -nodes -x509 -subj "/C=DE/ST=BE/L=Local/O=Dev/CN=nextcloud.local" -keyout /etc/apache2/certs/ssl.key -out /etc/apache2/certs/ssl.crt; \
    \
    sed -i \
            -e '/^Listen /d' \
            -e 's/^LogLevel .*/LogLevel error/' \
            -e 's|^ErrorLog .*|ErrorLog /proc/self/fd/2|' \
            -e 's/User apache/User www-data/g' \
            -e 's/Group apache/Group www-data/g' \
            -e 's/^#\(LoadModule .*mod_rewrite.so\)/\1/' \
            -e 's/^#\(LoadModule .*mod_headers.so\)/\1/' \
            -e 's/^#\(LoadModule .*mod_env.so\)/\1/' \
            -e 's/^#\(LoadModule .*mod_mime.so\)/\1/' \
            -e 's/^#\(LoadModule .*mod_dir.so\)/\1/' \
            -e 's/^#\(LoadModule .*mod_authz_core.so\)/\1/' \
            -e 's/^#\(LoadModule .*mod_mpm_event.so\)/\1/' \
            -e 's/\(LoadModule .*mod_mpm_worker.so\)/#\1/' \
            -e 's/\(LoadModule .*mod_mpm_prefork.so\)/#\1/' \
            -e 's/\(ScriptAlias \)/#\1/' \
        /etc/apache2/httpd.conf; \
        mkdir -p /etc/apache2/logs; \
        rm /etc/apache2/conf.d/ssl.conf; \
        echo "ServerName localhost" | tee -a /etc/apache2/httpd.conf; \
        grep -q '^LoadModule lbmethod_heartbeat_module' /etc/apache2/conf.d/proxy.conf; \
        sed -i 's|^LoadModule lbmethod_heartbeat_module.*|#LoadModule lbmethod_heartbeat_module|' /etc/apache2/conf.d/proxy.conf; \
        echo "SSLSessionCache nonenotnull" | tee -a /etc/apache2/httpd.conf; \
        echo "LoadModule ssl_module modules/mod_ssl.so" | tee -a /etc/apache2/httpd.conf; \
        echo "LoadModule socache_shmcb_module modules/mod_socache_shmcb.so" | tee -a /etc/apache2/httpd.conf; \
        echo "Include /etc/apache2/sites-available/mastercontainer.conf" | tee -a /etc/apache2/httpd.conf; \
    \
    rm -f /etc/apache2/conf.d/default.conf \
          /etc/apache2/conf.d/userdir.conf \
          /etc/apache2/conf.d/info.conf; \
    \
    rm -rf /var/www/localhost/cgi-bin/; \
    mkdir /var/log/supervisord; \
    mkdir /var/run/supervisord;

# hadolint ignore=DL3048
LABEL org.label-schema.vendor="Nextcloud" \
    com.docker.compose.project="nextcloud-aio"

# hadolint ignore=DL3002
USER root

ENTRYPOINT ["/start.sh"]

HEALTHCHECK CMD /healthcheck.sh
add # syntax=docker/dockerfile:latest Signed-off-by: Zoey <zoey@z0ey.de> 2024-02-16 16:21:18 +01:00			`# syntax=docker/dockerfile:latest`
use dependabot to update containers Signed-off-by: szaimen <szaimen@e.mail.de> 2022-02-11 15:47:49 +01:00			`# Docker CLI is a requirement`
Revert "downgrade internal docker to fix incompatibility with synology DSM" 2025-11-20 16:02:34 +01:00			`FROM docker:29.0.2-cli AS docker`
use dependabot to update containers Signed-off-by: szaimen <szaimen@e.mail.de> 2022-02-11 15:47:49 +01:00
get caddy and apcu correctly Signed-off-by: szaimen <szaimen@e.mail.de> 2022-03-14 16:25:47 +01:00			`# Caddy is a requirement`
build(deps): bump caddy in /Containers/mastercontainer Bumps caddy from 2.10.0-alpine to 2.10.2-alpine. --- updated-dependencies: - dependency-name: caddy dependency-version: 2.10.2-alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> 2025-08-28 05:49:58 +00:00			`FROM caddy:2.10.2-alpine AS caddy`
get caddy and apcu correctly Signed-off-by: szaimen <szaimen@e.mail.de> 2022-03-14 16:25:47 +01:00
update remaining images and docs to alpine v3.22 Signed-off-by: Simon L. <szaimen@e.mail.de> 2025-07-17 11:57:35 +02:00			`# From https://github.com/docker-library/php/blob/master/8.4/alpine3.22/fpm/Dockerfile`
build(deps): bump php in /Containers/mastercontainer Bumps php from 8.4.14-fpm-alpine3.22 to 8.4.15-fpm-alpine3.22. --- updated-dependencies: - dependency-name: php dependency-version: 8.4.15-fpm-alpine3.22 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> 2025-11-21 04:16:50 +00:00			`FROM php:8.4.15-fpm-alpine3.22`
migrate mastercontainer to alpine (#1577) 2023-01-27 21:36:53 +01:00
Initial import 2021-11-30 11:20:42 +01:00			`EXPOSE 80`
adjust things Signed-off-by: szaimen <szaimen@e.mail.de> 2021-12-03 12:14:39 +01:00			`EXPOSE 8080`
Initial import 2021-11-30 11:20:42 +01:00			`EXPOSE 8443`

fix docker permiss issue notice Signed-off-by: Simon L. <szaimen@e.mail.de> 2025-11-20 16:31:19 +01:00			`# Overwrite home variable for subservices`
			`ENV HOME=/var/www`

optimze mastercontainer Dockerfile Signed-off-by: Zoey <zoey@z0ey.de> 2023-05-03 16:31:32 +02:00			`COPY --from=caddy /usr/bin/caddy /usr/bin/caddy`
			`COPY --from=docker /usr/local/bin/docker /usr/local/bin/docker`
Initial import 2021-11-30 11:20:42 +01:00
Add support for bypass_container_update param for easier local build and testing (#6702) Signed-off-by: Alan Savage <3028205+asavageiv@users.noreply.github.com> Signed-off-by: Simon L. <szaimen@e.mail.de> Signed-off-by: Alan Savage <asavageiv@users.noreply.github.com> Co-authored-by: Alan Savage <asavage@ifrit.internal> Co-authored-by: Alan Savage <3028205+asavageiv@users.noreply.github.com> Co-authored-by: Simon L. <szaimen@e.mail.de> 2025-08-22 04:47:29 -07:00			`COPY community-containers /var/www/docker-aio/community-containers`
			`COPY php /var/www/docker-aio/php`
			`COPY --chmod=775 Containers/mastercontainer/*.sh /`
			`COPY --chmod=664 Containers/mastercontainer/Caddyfile /Caddyfile`
			`COPY --chmod=664 Containers/mastercontainer/supervisord.conf /supervisord.conf`
			`COPY Containers/mastercontainer/mastercontainer.conf /etc/apache2/sites-available/mastercontainer.conf`

Initial import 2021-11-30 11:20:42 +01:00			`WORKDIR /var/www/docker-aio`

adjust docker-lint to use hadolint Signed-off-by: Simon L <szaimen@e.mail.de> Co-Authored-By: Zoey <zoey@z0ey.de> 2023-08-23 16:06:17 +02:00			`# hadolint ignore=SC2086,DL3047,DL3003,DL3004`
migrate mastercontainer to alpine (#1577) 2023-01-27 21:36:53 +01:00			`RUN set -ex; \`
close #4491 Signed-off-by: Zoey <zoey@z0ey.de> 2024-04-17 17:52:42 +02:00			`apk upgrade --no-cache -a; \`
optimze mastercontainer Dockerfile Signed-off-by: Zoey <zoey@z0ey.de> 2023-05-03 16:31:32 +02:00			`apk add --no-cache shadow; \`
			`groupmod -g 33 www-data; \`
			`usermod -u 33 -g 33 www-data; \`
			`\`
migrate mastercontainer to alpine (#1577) 2023-01-27 21:36:53 +01:00			`apk add --no-cache \`
add util-linux-misc which might be required on alpine linux Signed-off-by: Simon L <szaimen@e.mail.de> 2023-02-20 10:47:11 +01:00			`util-linux-misc \`
migrate mastercontainer to alpine (#1577) 2023-01-27 21:36:53 +01:00			`ca-certificates \`
			`wget \`
			`bash \`
			`apache2 \`
			`apache2-proxy \`
Revert "mastercontainer - use Caddy for generating self-singed cert" Signed-off-by: Simon L <szaimen@e.mail.de> 2023-10-04 13:21:14 +02:00			`apache2-ssl \`
Initial import 2021-11-30 11:20:42 +01:00			`supervisor \`
Revert "mastercontainer - use Caddy for generating self-singed cert" Signed-off-by: Simon L <szaimen@e.mail.de> 2023-10-04 13:21:14 +02:00			`openssl \`
Initial import 2021-11-30 11:20:42 +01:00			`sudo \`
migrate mastercontainer to alpine (#1577) 2023-01-27 21:36:53 +01:00			`netcat-openbsd \`
add curl back Signed-off-by: Simon L <szaimen@e.mail.de> 2023-01-27 21:52:37 +01:00			`curl \`
optimze mastercontainer Dockerfile Signed-off-by: Zoey <zoey@z0ey.de> 2023-05-03 16:31:32 +02:00			`grep; \`
			`\`
migrate mastercontainer to alpine (#1577) 2023-01-27 21:36:53 +01:00			`apk add --no-cache --virtual .build-deps \`
			`autoconf \`
			`build-base; \`
php dependency updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> 2025-09-04 12:16:12 +00:00			`pecl install APCu-5.1.27; \`
migrate mastercontainer to alpine (#1577) 2023-01-27 21:36:53 +01:00			`docker-php-ext-enable apcu; \`
			`rm -r /tmp/pear; \`
			`runDeps="$( \`
			`scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/lib/php/extensions \`
			`\| tr ',' '\n' \`
			`\| sort -u \`
			`\| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \`
			`)"; \`
adjust docker-lint to use hadolint Signed-off-by: Simon L <szaimen@e.mail.de> Co-Authored-By: Zoey <zoey@z0ey.de> 2023-08-23 16:06:17 +02:00			`apk add --no-cache --virtual .nextcloud-aio-rundeps $runDeps; \`
migrate mastercontainer to alpine (#1577) 2023-01-27 21:36:53 +01:00			`apk del .build-deps; \`
mastercontainer - increase max children and switch to pm dynamic Signed-off-by: Simon L <szaimen@e.mail.de> 2023-02-10 13:42:03 +01:00			`grep -q '^pm = dynamic' /usr/local/etc/php-fpm.d/www.conf; \`
			`sed -i 's/^pm = dynamic/pm = ondemand/' /usr/local/etc/php-fpm.d/www.conf; \`
			`sed -i 's/^pm.max_children =.*/pm.max_children = 80/' /usr/local/etc/php-fpm.d/www.conf; \`
optimze mastercontainer Dockerfile Signed-off-by: Zoey <zoey@z0ey.de> 2023-05-03 16:31:32 +02:00			`sed -i 's\|access.log = /proc/self/fd/2\|access.log = /proc/self/fd/1\|' /usr/local/etc/php-fpm.d/docker.conf; \`
Revert "Mastercontainer - use php unix socket" 2023-09-21 15:38:23 +02:00			`grep -q ';listen.allowed_clients' /usr/local/etc/php-fpm.d/www.conf; \`
			`sed -i 's\|;listen.allowed_clients.*\|listen.allowed_clients = 127.0.0.1,::1\|' /usr/local/etc/php-fpm.d/www.conf; \`
optimze mastercontainer Dockerfile Signed-off-by: Zoey <zoey@z0ey.de> 2023-05-03 16:31:32 +02:00			`\`
migrate mastercontainer to alpine (#1577) 2023-01-27 21:36:53 +01:00			`apk add --no-cache git; \`
			`wget https://getcomposer.org/installer -O - \| php -- --install-dir=/usr/local/bin --filename=composer; \`
			`chmod +x /usr/local/bin/composer; \`
address review Signed-off-by: szaimen <szaimen@e.mail.de> 2022-01-10 11:31:44 +01:00			`cd /var/www/docker-aio; \`
fix removing tests from aio-interface Signed-off-by: Simon L. <szaimen@e.mail.de> 2025-03-20 12:45:05 +01:00			`rm -r ./php/tests; \`
run composer during install as non-root user Signed-off-by: Simon L <szaimen@e.mail.de> 2023-05-01 23:31:20 +02:00			`chown www-data:www-data -R /var/www/docker-aio; \`
address review Signed-off-by: szaimen <szaimen@e.mail.de> 2022-01-10 11:31:44 +01:00			`cd php; \`
keep envs for sudo command Signed-off-by: Simon L. <szaimen@e.mail.de> 2025-11-20 16:07:07 +01:00			`sudo -E -u www-data composer install --no-dev; \`
			`sudo -E -u www-data composer clear-cache; \`
address review Signed-off-by: szaimen <szaimen@e.mail.de> 2022-01-10 11:31:44 +01:00			`cd ..; \`
			`rm -f /usr/local/bin/composer; \`
optimze mastercontainer Dockerfile Signed-off-by: Zoey <zoey@z0ey.de> 2023-05-03 16:31:32 +02:00			`chmod -R 770 /var/www/docker-aio; \`
			`chown -R www-data:www-data /var/www; \`
			`rm -r php/data; \`
			`rm -r php/session; \`
			`\`
Revert "mastercontainer - use Caddy for generating self-singed cert" Signed-off-by: Simon L <szaimen@e.mail.de> 2023-10-04 13:21:14 +02:00			`mkdir -p /etc/apache2/certs; \`
			`cd /etc/apache2/certs; \`
			`openssl req -new -newkey rsa:4096 -days 3650 -nodes -x509 -subj "/C=DE/ST=BE/L=Local/O=Dev/CN=nextcloud.local" -keyout /etc/apache2/certs/ssl.key -out /etc/apache2/certs/ssl.crt; \`
			`\`
optimze mastercontainer Dockerfile Signed-off-by: Zoey <zoey@z0ey.de> 2023-05-03 16:31:32 +02:00			`sed -i \`
migrate mastercontainer to alpine (#1577) 2023-01-27 21:36:53 +01:00			`-e '/^Listen /d' \`
fix and adjust mastercontainer apache logging Signed-off-by: Simon L <szaimen@e.mail.de> 2023-06-18 01:04:42 +02:00			`-e 's/^LogLevel .*/LogLevel error/' \`
			`-e 's\|^ErrorLog .*\|ErrorLog /proc/self/fd/2\|' \`
migrate mastercontainer to alpine (#1577) 2023-01-27 21:36:53 +01:00			`-e 's/User apache/User www-data/g' \`
			`-e 's/Group apache/Group www-data/g' \`
			`-e 's/^#\(LoadModule .*mod_rewrite.so\)/\1/' \`
			`-e 's/^#\(LoadModule .*mod_headers.so\)/\1/' \`
			`-e 's/^#\(LoadModule .*mod_env.so\)/\1/' \`
			`-e 's/^#\(LoadModule .*mod_mime.so\)/\1/' \`
			`-e 's/^#\(LoadModule .*mod_dir.so\)/\1/' \`
			`-e 's/^#\(LoadModule .*mod_authz_core.so\)/\1/' \`
			`-e 's/^#\(LoadModule .*mod_mpm_event.so\)/\1/' \`
			`-e 's/\(LoadModule .*mod_mpm_worker.so\)/#\1/' \`
			`-e 's/\(LoadModule .*mod_mpm_prefork.so\)/#\1/' \`
remove cgi-bin scripts Signed-off-by: Simon L <szaimen@e.mail.de> 2023-07-17 09:51:43 +02:00			`-e 's/\(ScriptAlias \)/#\1/' \`
migrate mastercontainer to alpine (#1577) 2023-01-27 21:36:53 +01:00			`/etc/apache2/httpd.conf; \`
			`mkdir -p /etc/apache2/logs; \`
Revert "mastercontainer - use Caddy for generating self-singed cert" Signed-off-by: Simon L <szaimen@e.mail.de> 2023-10-04 13:21:14 +02:00			`rm /etc/apache2/conf.d/ssl.conf; \`
migrate mastercontainer to alpine (#1577) 2023-01-27 21:36:53 +01:00			`echo "ServerName localhost" \| tee -a /etc/apache2/httpd.conf; \`
Revert "mastercontainer - use Caddy for generating self-singed cert" Signed-off-by: Simon L <szaimen@e.mail.de> 2023-10-04 13:21:14 +02:00			`grep -q '^LoadModule lbmethod_heartbeat_module' /etc/apache2/conf.d/proxy.conf; \`
			`sed -i 's\|^LoadModule lbmethod_heartbeat_module.*\|#LoadModule lbmethod_heartbeat_module\|' /etc/apache2/conf.d/proxy.conf; \`
			`echo "SSLSessionCache nonenotnull" \| tee -a /etc/apache2/httpd.conf; \`
			`echo "LoadModule ssl_module modules/mod_ssl.so" \| tee -a /etc/apache2/httpd.conf; \`
			`echo "LoadModule socache_shmcb_module modules/mod_socache_shmcb.so" \| tee -a /etc/apache2/httpd.conf; \`
optimze mastercontainer Dockerfile Signed-off-by: Zoey <zoey@z0ey.de> 2023-05-03 16:31:32 +02:00			`echo "Include /etc/apache2/sites-available/mastercontainer.conf" \| tee -a /etc/apache2/httpd.conf; \`
			`\`
migrate mastercontainer to alpine (#1577) 2023-01-27 21:36:53 +01:00			`rm -f /etc/apache2/conf.d/default.conf \`
			`/etc/apache2/conf.d/userdir.conf \`
optimze mastercontainer Dockerfile Signed-off-by: Zoey <zoey@z0ey.de> 2023-05-03 16:31:32 +02:00			`/etc/apache2/conf.d/info.conf; \`
			`\`
remove cgi-bin scripts Signed-off-by: Simon L <szaimen@e.mail.de> 2023-07-17 09:51:43 +02:00			`rm -rf /var/www/localhost/cgi-bin/; \`
optimze mastercontainer Dockerfile Signed-off-by: Zoey <zoey@z0ey.de> 2023-05-03 16:31:32 +02:00			`mkdir /var/log/supervisord; \`
adjust things Signed-off-by: szaimen <szaimen@e.mail.de> 2021-12-03 12:14:39 +01:00			`mkdir /var/run/supervisord;`
Initial import 2021-11-30 11:20:42 +01:00
add `"com.docker.compose.project" => "nextcloud-aio"` to all containers Signed-off-by: Simon L. <szaimen@e.mail.de> 2025-11-24 19:28:53 +01:00			`# hadolint ignore=DL3048`
			`LABEL org.label-schema.vendor="Nextcloud" \`
			`com.docker.compose.project="nextcloud-aio"`
add `org.label-schema.vendor="Nextcloud"` label to all containers Signed-off-by: Simon L. <szaimen@e.mail.de> 2025-05-19 14:31:29 +02:00
adjust docker-lint to use hadolint Signed-off-by: Simon L <szaimen@e.mail.de> Co-Authored-By: Zoey <zoey@z0ey.de> 2023-08-23 16:06:17 +02:00			`# hadolint ignore=DL3002`
adjust things Signed-off-by: szaimen <szaimen@e.mail.de> 2021-12-03 12:14:39 +01:00			`USER root`
Initial import 2021-11-30 11:20:42 +01:00
put scripts into / Signed-off-by: Zoey <zoey@z0ey.de> 2023-05-12 17:58:47 +02:00			`ENTRYPOINT ["/start.sh"]`
add docker healthchecks to the docker images Signed-off-by: Zoey <zoey@z0ey.de> 2022-08-25 15:06:23 +02:00
migrate mastercontainer to alpine (#1577) 2023-01-27 21:36:53 +01:00			`HEALTHCHECK CMD /healthcheck.sh`