public_git
/
bitnami-containers
mirror of https://github.com/bitnami/containers.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

2.4.41-ol-7-r42 release

This commit is contained in:
Bitnami Bot 2019-09-19 10:39:54 +00:00
parent 91e76b2186
commit af5dc1151a
16 changed files with 555 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
bitnami/apache/2.4/ol-7/Dockerfile
View File

@ -1,31 +1,24 @@
FROM bitnami/oraclelinux-extras:7-r471
FROM bitnami/oraclelinux-extras-base:7-r422
LABEL maintainer "Bitnami <containers@bitnami.com>"
ENV BITNAMI_PKG_CHMOD="-R g+rwX" \
HOME="/"
ENV HOME="/" \
OS_ARCH="x86_64" \
OS_FLAVOUR="ol-7" \
OS_NAME="linux"
# Install required system packages and dependencies
RUN install_packages cyrus-sasl-lib expat glibc keyutils-libs krb5-libs libcom_err libnghttp2 libselinux nspr nss nss-softokn-freebl nss-util openldap openssl-libs pcre zlib
RUN bitnami-pkg unpack apache-2.4.41-1 --checksum 64b7880c3d0f0f9e7cde0e71496eed06d4240a90a2b6d62c2443fce54c614691
RUN ln -sf /dev/stdout /opt/bitnami/apache/logs/access_log
RUN ln -sf /dev/stderr /opt/bitnami/apache/logs/error_log
RUN chmod -R g+rwX /opt/bitnami/apache/tmp /opt/bitnami/apache/conf
RUN . ./libcomponent.sh && component_unpack "apache" "2.4.41-1" --checksum 64b7880c3d0f0f9e7cde0e71496eed06d4240a90a2b6d62c2443fce54c614691
COPY rootfs /
ENV APACHE_HTTPS_PORT_NUMBER="8443" \
APACHE_HTTP_PORT_NUMBER="8080" \
APACHE_SET_HTTPS_PORT="no" \
APACHE_SET_HTTP_PORT="no" \
BITNAMI_APP_NAME="apache" \
BITNAMI_IMAGE_VERSION="2.4.41-ol-7-r41" \
NAMI_PREFIX="/.nami" \
RUN /postunpack.sh
ENV BITNAMI_APP_NAME="apache" \
BITNAMI_IMAGE_VERSION="2.4.41-ol-7-r42" \
PATH="/opt/bitnami/apache/bin:$PATH"
VOLUME [ "/certs" ]
EXPOSE 8080 8443
WORKDIR /app
USER 1001
ENTRYPOINT [ "/app-entrypoint.sh" ]
CMD [ "httpd", "-f", "/opt/bitnami/apache/conf/httpd.conf", "-DFOREGROUND" ]
ENTRYPOINT [ "/entrypoint.sh" ]
CMD [ "/run.sh" ]

7
bitnami/apache/2.4/ol-7/docker-compose.yml
View File

@ -1,8 +1,7 @@
version: '2'
services:
apache:
image: 'bitnami/apache:2.4-ol-7'
image: bitnami/apache:2.4-ol-7
ports:
- '80:8080'
- '443:8443'
- 80:8080
- 443:8443

34
bitnami/apache/2.4/ol-7/rootfs/apache-init.sh
View File

@ -1,34 +0,0 @@
#!/bin/bash
# Check whether Apache ports must be configured
if [[ -n "${APACHE_HTTP_PORT_NUMBER:-}" ]]; then
export APACHE_SET_HTTP_PORT="yes"
fi
if [[ -n "${APACHE_HTTPS_PORT_NUMBER:-}" ]]; then
export APACHE_SET_HTTPS_PORT="yes"
fi
# Copy vhosts file
if [[ "$(ls -A /vhosts 2>/dev/null)" ]]; then
info "Found vhost definitions in /vhosts. Copying them to /opt/bitnami/apache/conf/vhosts"
cp -r /vhosts/* /opt/bitnami/apache/conf/vhosts
fi
# Mount certificate files
if [[ -d "/opt/bitnami/apache/certs" ]]; then
warn "The directory '/opt/bitnami/apache/certs' was externally mounted. This is a legacy configuration and will be deprecated soon. Please mount certificate files at '/opt/bitnami/apache/conf/bitnami/certs' instead. Find an example at: https://github.com/bitnami/bitnami-docker-apache#using-custom-ssl-certificates"
warn "Restoring certificates at '/opt/bitnami/apache/certs' to '/opt/bitnami/apache/conf/bitnami/certs'..."
rm -rf /opt/bitnami/apache/conf/bitnami/certs
ln -sf /opt/bitnami/apache/certs /opt/bitnami/apache/conf/bitnami/certs
elif [ "$(ls -A /certs 2>/dev/null)" ]; then
info "Mounting certificates files from /certs..."
rm -rf /opt/bitnami/apache/conf/bitnami/certs
ln -sf /certs /opt/bitnami/apache/conf/bitnami/certs
fi
# Mount application files
if [ "$(ls -A /app 2>/dev/null)" ]; then
info "Mounting application files from /app..."
rm -rf /opt/bitnami/apache/htdocs
ln -sf /app /opt/bitnami/apache/htdocs
fi

14
bitnami/apache/2.4/ol-7/rootfs/app-entrypoint.sh
View File

@ -1,14 +0,0 @@
#!/bin/bash -e
. /opt/bitnami/base/functions
. /opt/bitnami/base/helpers
print_welcome_page
if [[ "$1" == "nami" && "$2" == "start" ]] || [[ "$1" == "httpd" ]]; then
. /apache-init.sh
nami_initialize apache
info "Starting apache... "
fi
exec tini -- "$@"

27
bitnami/apache/2.4/ol-7/rootfs/entrypoint.sh Executable file
View File

@ -0,0 +1,27 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
#set -o xtrace
# Load libraries
. /libapache.sh
. /libbitnami.sh
. /liblog.sh
# Load Apache environment
eval "$(apache_env)"
print_welcome_page
if [[ "$*" == *"/run.sh"* ]]; then
info "** Starting Apache setup **"
/setup.sh
info "** Apache setup finished! **"
fi
echo ""
exec "$@"

261
bitnami/apache/2.4/ol-7/rootfs/libapache.sh Normal file
View File

@ -0,0 +1,261 @@
#!/bin/bash
#
# Bitnami Apache library
# shellcheck disable=SC1090
# shellcheck disable=SC1091
# Load Generic Libraries
. /libfs.sh
. /liblog.sh
. /libos.sh
. /libvalidations.sh
########################
# Load global variables used on Apache configuration.
# Globals:
# APACHE_*
# Arguments:
# None
# Returns:
# Series of exports to be used as 'eval' arguments
#########################
apache_env() {
cat <<"EOF"
# Bitnami debug
export MODULE=apache
export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}"
# Paths
export APACHE_BASE_DIR="/opt/bitnami/apache"
export APACHE_BIN_DIR="${APACHE_BASE_DIR}/bin"
export APACHE_CONF_DIR="${APACHE_BASE_DIR}/conf"
export APACHE_LOG_DIR="${APACHE_BASE_DIR}/logs"
export APACHE_TMP_DIR="${APACHE_BASE_DIR}/tmp"
export APACHE_VHOSTS_DIR="${APACHE_CONF_DIR}/vhosts"
export APACHE_HTACCESS_DIR="${APACHE_VHOSTS_DIR}/htaccess"
export APACHE_CONF_FILE="${APACHE_CONF_DIR}/httpd.conf"
export APACHE_PID_FILE="${APACHE_TMP_DIR}/httpd.pid"
# Users
export APACHE_DAEMON_USER="daemon"
export APACHE_DAEMON_GROUP="daemon"
# Configuration
export APACHE_HTTP_PORT_NUMBER="${APACHE_HTTP_PORT_NUMBER:-}"
export APACHE_HTTPS_PORT_NUMBER="${APACHE_HTTPS_PORT_NUMBER:-}"
EOF
}
########################
# Validate settings in APACHE_* env vars
# Globals:
# APACHE_*
# Arguments:
# None
# Returns:
# None
#########################
apache_validate() {
debug "Validating settings in APACHE_* environment variables..."
local error_code=0
# Auxiliary functions
print_validation_error() {
error "$1"
error_code=1
}
check_allowed_port() {
local port_var="${1:?missing port variable}"
local validate_port_args=()
! am_i_root && validate_port_args+=("-unprivileged")
if ! err=$(validate_port "${validate_port_args[@]}" "${!port_var}"); then
print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}."
fi
}
[[ -w "$APACHE_CONF_FILE" ]] || warn "The Apache configuration file '${APACHE_CONF_FILE}' is not writable. Configurations based on environment variables will not be applied."
if [[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && [[ -n "$APACHE_HTTPS_PORT_NUMBER" ]]; then
if [[ "$APACHE_HTTP_PORT_NUMBER" -eq "$APACHE_HTTPS_PORT_NUMBER" ]]; then
print_validation_error "APACHE_HTTP_PORT_NUMBER and APACHE_HTTPS_PORT_NUMBER are bound to the same port!"
fi
fi
[[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && check_allowed_port APACHE_HTTP_PORT_NUMBER
[[ -n "$APACHE_HTTPS_PORT_NUMBER" ]] && check_allowed_port APACHE_HTTPS_PORT_NUMBER
[[ "$error_code" -eq 0 ]] || exit "$error_code"
}
########################
# Configure Apache's HTTP port
# Globals:
# APACHE_CONF_FILE, APACHE_CONF_DIR
# Arguments:
# None
# Returns:
# None
#########################
apache_configure_http_port() {
local -r port=${1:?missing port}
local -r listen_exp="s|^\s*Listen\s+([^:]*:)?[0-9]+\s*$|Listen ${port}|"
local -r server_name_exp="s|^\s*#?\s*ServerName\s+([^:\s]+)(:[0-9]+)?$|ServerName \1:${port}|"
local -r vhost_exp="s|VirtualHost\s+([^:>]+)(:[0-9]+)|VirtualHost \1:${port}|"
local apache_configuration
if [[ -w "$APACHE_CONF_FILE" ]]; then
debug "Configuring port ${port} on file ${APACHE_CONF_FILE}"
apache_configuration="$(sed -E -e "$listen_exp" -e "$server_name_exp" "$APACHE_CONF_FILE")"
echo "$apache_configuration" > "$APACHE_CONF_FILE"
fi
if [[ -w "${APACHE_CONF_DIR}/bitnami/bitnami.conf" ]]; then
debug "Configuring port ${port} on file ${APACHE_CONF_DIR}/bitnami/bitnami.conf"
apache_configuration="$(sed -E "$vhost_exp" "${APACHE_CONF_DIR}/bitnami/bitnami.conf")"
echo "$apache_configuration" > "${APACHE_CONF_DIR}/bitnami/bitnami.conf"
fi
if [[ -w "${APACHE_VHOSTS_DIR}/00_status-vhost.conf" ]]; then
debug "Configuring port ${port} on file ${APACHE_VHOSTS_DIR}/00_status-vhost.conf"
apache_configuration="$(sed -E "$vhost_exp" "${APACHE_VHOSTS_DIR}/00_status-vhost.conf")"
echo "$apache_configuration" > "${APACHE_VHOSTS_DIR}/00_status-vhost.conf"
fi
}
########################
# Configure Apache's HTTPS port
# Globals:
# APACHE_CONF_DIR
# Arguments:
# None
# Returns:
# None
#########################
apache_configure_https_port() {
local -r port=${1:?missing port}
local -r listen_exp="s|^\s*Listen\s+([^:]*:)?[0-9]+\s*$|Listen ${port}|"
local -r vhost_exp="s|VirtualHost\s+([^:>]+)(:[0-9]+)|VirtualHost \1:${port}|"
local apache_configuration
if [[ -w "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" ]]; then
debug "Configuring port ${port} on file ${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf"
apache_configuration="$(sed -E -e "$listen_exp" -e "$vhost_exp" "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf")"
echo "$apache_configuration" > "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf"
fi
}
########################
# Ensure Apache is initialized
# Globals:
# APACHE_*
# Arguments:
# None
# Returns:
# None
#########################
apache_initialize() {
# Copy vhosts files
if ! is_dir_empty "/vhosts"; then
info "Found mounted virtual hosts in '/vhosts'. Copying them to '/opt/bitnami/apache/conf/vhosts'"
cp -r "/vhosts/." "${APACHE_VHOSTS_DIR}"
fi
# Mount certificate files
if ! is_dir_empty "/opt/bitnami/apache/certs"; then
warn "The directory '/opt/bitnami/apache/certs' was externally mounted. This is a legacy configuration and will be deprecated soon. Please mount certificate files at '/certs' instead. Find an example at: https://github.com/bitnami/bitnami-docker-apache#using-custom-ssl-certificates"
warn "Restoring certificates at '/opt/bitnami/apache/certs' to '/opt/bitnami/apache/conf/bitnami/certs'..."
rm -rf "/opt/bitnami/apache/conf/bitnami/certs"
ln -sf "/opt/bitnami/apache/certs" "/opt/bitnami/apache/conf/bitnami/certs"
elif ! is_dir_empty "/certs"; then
info "Mounting certificates files from '/certs'..."
rm -rf "/opt/bitnami/apache/conf/bitnami/certs"
ln -sf "/certs" "/opt/bitnami/apache/conf/bitnami/certs"
fi
# Mount application files
if ! is_dir_empty "/app"; then
info "Mounting application files from '/app'..."
rm -rf "/opt/bitnami/apache/htdocs"
ln -sf "/app" "/opt/bitnami/apache/htdocs"
fi
# Port configuration
[[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && info "Configuring the HTTP port" && apache_configure_http_port "$APACHE_HTTP_PORT_NUMBER"
[[ -n "$APACHE_HTTPS_PORT_NUMBER" ]] && info "Configuring the HTTPS port" && apache_configure_https_port "$APACHE_HTTPS_PORT_NUMBER"
# Restore persisted configuration files (deprecated)
if ! is_dir_empty "/bitnami/apache/conf"; then
warn "The directory '/bitnami/apache/conf' was externally mounted. This is a legacy configuration and will be deprecated soon. Please mount certificate files at '${APACHE_CONF_DIR}' instead. Find an example at: https://github.com/bitnami/bitnami-docker-apache#full-configuration"
warn "Restoring configuration at '/bitnami/apache/conf' to '${APACHE_CONF_DIR}'..."
rm -rf "$APACHE_CONF_DIR"
ln -sf "/bitnami/apache/conf" "$APACHE_CONF_DIR"
fi
}
########################
# Enable a module in the Apache configuration file
# Globals:
# APACHE_CONF_FILE
# Arguments:
# $1 - Module to enable
# Returns:
# None
#########################
apache_enable_module() {
local -r module="${1:?missing module}"
local -r expression="s|^\s*#+\s*(LoadModule\s+[^ ]+\s+modules/${module}\.so.*)$|\1|"
local apache_configuration
debug "Enabling module '${module}'..."
if [[ -w "$APACHE_CONF_FILE" ]]; then
apache_configuration="$(sed -E "$expression" "$APACHE_CONF_FILE")"
echo "$apache_configuration" > "$APACHE_CONF_FILE"
fi
}
########################
# Disable a module in the Apache configuration file
# Globals:
# APACHE_CONF_FILE
# Arguments:
# $1 - Module to disable
# Returns:
# None
#########################
apache_disable_module() {
local -r module="${1:?missing module}"
local -r expression="s|^\s*(LoadModule\s+[^ ]+\s+modules/${module}\.so.*)$|#\1|"
local apache_configuration
debug "Disabling module '${module}'..."
if [[ -w "$APACHE_CONF_FILE" ]]; then
apache_configuration="$(sed -E "$expression" "$APACHE_CONF_FILE")"
echo "$apache_configuration" > "$APACHE_CONF_FILE"
fi
}
########################
# Enable a configuration entry in the Apache configuration file
# Globals:
# APACHE_CONF_FILE
# Arguments:
# $1 - Entry to enable
# Returns:
# None
#########################
apache_enable_configuration_entry() {
local -r entry="${1:?missing entry}"
local -r expression="s|^\s*#+\s*(${entry}\s*)$|\1|"
local apache_configuration
debug "Enabling entry '${entry}'..."
if [[ -w "$APACHE_CONF_FILE" ]]; then
apache_configuration="$(sed -E "$expression" "$APACHE_CONF_FILE")"
echo "$apache_configuration" > "$APACHE_CONF_FILE"
fi
}

30
bitnami/apache/2.4/ol-7/rootfs/opt/bitnami/apache/conf/bitnami-templates/bitnami-ssl.conf.tpl Normal file
View File

@ -0,0 +1,30 @@
# Default SSL Virtual Host configuration.
<IfModule !ssl_module>
LoadModule ssl_module modules/mod_ssl.so
</IfModule>
Listen 443
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !EDH !RC4"
SSLPassPhraseDialog builtin
SSLSessionCache "shmcb:{{APACHE_LOG_DIR}}/ssl_scache(512000)"
SSLSessionCacheTimeout 300
<VirtualHost _default_:443>
DocumentRoot "{{APACHE_BASE_DIR}}/htdocs"
SSLEngine on
SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt"
SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key"
<Directory "{{APACHE_BASE_DIR}}/htdocs">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
# Error Documents
ErrorDocument 503 /503.html
</VirtualHost>

19
bitnami/apache/2.4/ol-7/rootfs/opt/bitnami/apache/conf/bitnami-templates/bitnami.conf.tpl Normal file
View File

@ -0,0 +1,19 @@
# Default Virtual Host configuration.
# Let apache know we're behind a SSL reverse proxy
SetEnvIf X-Forwarded-Proto https HTTPS=on
<VirtualHost _default_:80>
DocumentRoot "{{APACHE_BASE_DIR}}/htdocs"
<Directory "{{APACHE_BASE_DIR}}/htdocs">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
# Error Documents
ErrorDocument 503 /503.html
</VirtualHost>
Include "{{APACHE_CONF_DIR}}/bitnami/bitnami-ssl.conf"

17
bitnami/apache/2.4/ol-7/rootfs/opt/bitnami/apache/conf/bitnami/certs/server.crt Normal file
View File

@ -0,0 +1,17 @@
-----BEGIN CERTIFICATE-----
MIICqDCCAZACCQCz8T3726LYsjANBgkqhkiG9w0BAQUFADAWMRQwEgYDVQQDDAtl
eGFtcGxlLmNvbTAeFw0xMjExMTQxMTE4MjdaFw0yMjExMTIxMTE4MjdaMBYxFDAS
BgNVBAMMC2V4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5NHl5TfZtO6zugau2tp5mWIcQYJhuwKTmYeXDLYAGJpoD2SixwPL5c8glneI
Rz1N2EQIZVeaWGbS0FLFlPdOkCkplpW9isYVC4XqKrk5b4HW4+YC+Cup0k+Kd4NM
eZOTUvWr5N6dIpdibkVumBc/pao8VtdwywlCL/PwGRsQtkXrRICzdtRa3MXqTmEF
foyVCGgBRtronlB9x4Plfb8Psk4GrPkjrWYgO8peKrl0O5+F+sYg7Gj95zCH73BQ
ANzCVNrgD9fs9cyx3ru9CUdEoIxAAJwQFkjm7xr6xqhIlSgnQ7B0uOSTNRcXY6rw
s+PxGneec/kRPRgzjC/QHY6n8QIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQBbyMqF
RDsX8zX1EW5qA8AQ8Jb2XqWrVeSO8blMV3WagJ2airMm3+c/82FCwsd/cZ08UXhA
/Kou0gi/F16tV26PiiUdp590Qao3d8H2qxc1rzzULimZPgxH4iA4vRyMHtyZN6h4
7Fdn7O9xNMPu8siOz8rrzsEdEX5URbOMkDLCZsbTIUWVv2XmqrR0K10d5VuLWeLi
r+4G6c6jpa244WmqT9ClqceJ12G1Wnmezy7ybiW0l5M2iuIKFEiRP5Hj0J15o1I2
pXAbKysAdWRHsJSQOtcgO8Vh9k0wo3tKg4HDp1hbrEzoGzOv92Vjg3lG8X+hzbMJ
MQURotHkD4Gk57wL
-----END CERTIFICATE-----

27
bitnami/apache/2.4/ol-7/rootfs/opt/bitnami/apache/conf/bitnami/certs/server.key Normal file
View File

@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA5NHl5TfZtO6zugau2tp5mWIcQYJhuwKTmYeXDLYAGJpoD2Si
xwPL5c8glneIRz1N2EQIZVeaWGbS0FLFlPdOkCkplpW9isYVC4XqKrk5b4HW4+YC
+Cup0k+Kd4NMeZOTUvWr5N6dIpdibkVumBc/pao8VtdwywlCL/PwGRsQtkXrRICz
dtRa3MXqTmEFfoyVCGgBRtronlB9x4Plfb8Psk4GrPkjrWYgO8peKrl0O5+F+sYg
7Gj95zCH73BQANzCVNrgD9fs9cyx3ru9CUdEoIxAAJwQFkjm7xr6xqhIlSgnQ7B0
uOSTNRcXY6rws+PxGneec/kRPRgzjC/QHY6n8QIDAQABAoIBACo3G131tuGtpFTu
xLW11vdYZXQklNlGuWp63IBI162yVv54B5wF9Ek6tH1uIiNaiREcRBxGVEB4/+3V
R4SbN9Ba98RDbgu7TcipdTFaqOEMqFO1bNjSXWtip14zSBmqA2Ur1AHOnFj0awGD
J8tBhsmOpcEz0Ch1VdO5ApPvLV8jH9wQiMI/Q6yYQMtmzTMCUMYdMqe+LOziIOzL
oqN/WXnKL5E5TiO1bIxSpWPbT+IVn1c3/PShmvmRrLWsFUQlkwXJKMYZPO+rCCfe
b+Q9lMLMnj+vOnM3z16WC3aiiJGCZjVTvQ+x22YrBTRPxZmHO2eZ4H/cUQM7Y/tw
I7RjEM0CgYEA9Kxt1t8bWonzBii3P0rwyx0IECvg63k+pp4BpxpeWQKL7NVdSzk3
AyJVcNjUoZgi2kVPdxzZGLrnZfuZ691xQB3oZF0LwBzQ4GFHkTRCB0s8ZA5lcJaI
9pBu91bhz2VOZSTeQWpdMMURjXVyTXZInU1mwzmjVOIAYmO33shH9gcCgYEA72mX
UoIrFPLkOTSZOb7UbjYH01vf6ThQiYCEWg7mD3CbY7n9oobIcQMzNnt7xN4wOl/V
eKfZ7G56q8enfqm45Dyo9aCBCENVzmwO8wLe5UnvJBNL20KjvtwG8w5A6UZQzC7p
3QS+U2zxVQNEeaE6a8Wrq2d1PlhVAHYw8odgNEcCgYBN38+58xrmrz99d1oTuAt5
6kyVsRGOgPGS4HmQMRFUbT4R7DscZSKASd4945WRtTVqmWLYe4MRnvNlfzYXX0zb
ZmmAAClsRP+qWuwHaEWXwrd+9SIOOqtvJrta1/lZJFpWUOy4j10H18Flb7sosnwc
LPWHL4Iv0xriNfDg5Iga4wKBgQDLJBU59SkJBW+Q+oho7vrg6QeK15IOGbJ8eYfT
woCC6VFwNQh5N1QsUELMH8rNKJpTba18SzAl5ThBOY9tciVnw/C5Og9CK6BLHnUw
zWbDtxAq1BSxXsIB2EAtTBLX3MoB9myJFNVJhE7hi3w2mA8yEu+u6IIa/Ghjk+XE
ZAnFUQKBgQDjMinRZrK5wA09jcetI+dNiLnKHoQG6OaXDDsNCatex0O2F36BvVXE
P78qDz/i5aBMWsLx6VDvWJAkBIpZoNS5UsOn17tFaocGUSkcm48bs8Dn6VvsE8Bd
XMPAHyKuILlKYifBvNq5T22KhqKX7yGmk/AeOOiKr2KeMnh27JYrCA==
-----END RSA PRIVATE KEY-----

5
bitnami/apache/2.4/ol-7/rootfs/opt/bitnami/apache/conf/deflate.conf Normal file
View File

@ -0,0 +1,5 @@
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css
AddOutputFilterByType DEFLATE application/x-javascript application/javascript application/ecmascript
AddOutputFilterByType DEFLATE application/rss+xml
</IfModule>

6
bitnami/apache/2.4/ol-7/rootfs/opt/bitnami/apache/conf/vhosts/00_status-vhost.conf Normal file
View File

@ -0,0 +1,6 @@
<VirtualHost localhost:80>
ServerName status.localhost
<Location /server-status>
SetHandler server-status
</Location>
</VirtualHost>

93
bitnami/apache/2.4/ol-7/rootfs/postunpack.sh Executable file
View File

@ -0,0 +1,93 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
. /libapache.sh
. /libfs.sh
. /liblog.sh
########################
# Sets up the default Bitnami configuration
# Globals:
# APACHE_*
# Arguments:
# None
# Returns:
# None
#########################
apache_setup_bitnami_config() {
local -r template_dir="${APACHE_CONF_DIR}/bitnami-templates"
# Enable Apache modules
modules_to_enable="mod_version mod_socache_shmcb mod_negotiation mod_ssl mod_slotmem_shm mod_deflate mod_rewrite mod_proxy.* mod_status"
for module in $modules_to_enable; do
apache_enable_module "$module"
done
# Disable Apache modules
modules_to_disable="mod_proxy_hcheck mod_http2"
for module in $modules_to_disable; do
apache_disable_module "$module"
done
apache_enable_configuration_entry "Include conf/extra/httpd-default.conf"
# Bitnami customizations
render-template "${template_dir}/bitnami.conf.tpl" > "${APACHE_CONF_DIR}/bitnami/bitnami.conf"
render-template "${template_dir}/bitnami-ssl.conf.tpl" > "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf"
rm -rf "$template_dir"
cat >>"${APACHE_CONF_FILE}" <<EOF
PidFile "${APACHE_PID_FILE}"
TraceEnable Off
Include ${APACHE_CONF_DIR}/deflate.conf
IncludeOptional ${APACHE_VHOSTS_DIR}/*.conf
Include ${APACHE_CONF_DIR}/bitnami/bitnami.conf
EOF
# Configure the default ports since the container is non root by default
apache_configure_http_port "8080"
apache_configure_https_port "8443"
# Patch the HTTPoxy vulnerability - see: https://docs.bitnami.com/general/security/security-2016-07-18/
apache_patch_httpoxy_vulnerability
# Remove unneeded directories that come with the tarball
rm -rf "/opt/bitnami/certs" "/opt/bitnami/conf"
}
########################
# Patches the HTTPoxy vulnerability - see: https://docs.bitnami.com/general/security/security-2016-07-18/
# Globals:
# APACHE_CONF_FILE
# Arguments:
# None
# Returns:
# None
#########################
apache_patch_httpoxy_vulnerability() {
cat >>"${APACHE_CONF_FILE}" <<EOF
<IfModule mod_headers.c>
RequestHeader unset Proxy
</IfModule>
EOF
}
# Load Apache environment
eval "$(apache_env)"
apache_setup_bitnami_config
# Ensure non-root user has write permissions on a set of directories
for dir in "$APACHE_TMP_DIR" "$APACHE_CONF_DIR" "$APACHE_LOG_DIR" "$APACHE_VHOSTS_DIR" "$APACHE_HTACCESS_DIR"; do
ensure_dir_exists "$dir"
chmod -R g+rwX "$dir"
done
ln -sf "/dev/stdout" "${APACHE_LOG_DIR}/access_log"
ln -sf "/dev/stderr" "${APACHE_LOG_DIR}/error_log"

18
bitnami/apache/2.4/ol-7/rootfs/run.sh Executable file
View File

@ -0,0 +1,18 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load libraries
. /libapache.sh
. /liblog.sh
# Load Apache environment
eval "$(apache_env)"
info "** Starting apache **"
exec "${APACHE_BIN_DIR}/httpd" -f "$APACHE_CONF_FILE" -D "FOREGROUND"

20
bitnami/apache/2.4/ol-7/rootfs/setup.sh Executable file
View File

@ -0,0 +1,20 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load libraries
. /libapache.sh
# Load Apache environment
eval "$(apache_env)"
# Ensure apache environment variables are valid
apache_validate
# Ensure apache is initialized
apache_initialize

28
bitnami/apache/README.md
View File

@ -45,9 +45,11 @@ Non-root container images add an extra layer of security and are generally recom
Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/).
* [`2.4-ol-7`, `2.4.41-ol-7-r41` (2.4/ol-7/Dockerfile)](https://github.com/bitnami/bitnami-docker-apache/blob/2.4.41-ol-7-r41/2.4/ol-7/Dockerfile)
* [`2.4-ol-7`, `2.4.41-ol-7-r42` (2.4/ol-7/Dockerfile)](https://github.com/bitnami/bitnami-docker-apache/blob/2.4.41-ol-7-r42/2.4/ol-7/Dockerfile)
* [`2.4-debian-9`, `2.4.41-debian-9-r39`, `2.4`, `2.4.41`, `2.4.41-r39`, `latest` (2.4/debian-9/Dockerfile)](https://github.com/bitnami/bitnami-docker-apache/blob/2.4.41-debian-9-r39/2.4/debian-9/Dockerfile)
Subscribe to project updates by watching the [bitnami/apache GitHub repo](https://github.com/bitnami/bitnami-docker-apache).
# Get this image
The recommended way to get the Bitnami Apache Docker Image is to pull the prebuilt image from the [Docker Hub Registry](https://hub.docker.com/r/bitnami/apache).
@ -288,20 +290,22 @@ You can configure the containers [logging driver](https://docs.docker.com/engine
The Bitnami Apache Docker image is built using a Dockerfile with the structure below:
```Dockerfile
FROM bitnami/minideb-extras
FROM bitnami/minideb-extras-base
...
# Install required system packages and dependencies
RUN install_packages xxx yyy zzz
RUN bitnami-pkg unpack apache-aa.bb.cc-dd
RUN . ./libcomponent.sh && component_unpack "apache" "aa.bb.cc-dd"
...
COPY rootfs /
ENV APACHE_PARAMETER="xyz" ...
VOLUME [ "/app", "/certs" ]
ENV ...
EXPOSE 8080 8443
WORKDIR /app
USER 1001
ENTRYPOINT [ "/app-entrypoint.sh" ]
CMD [ "httpd", "-f", "/opt/bitnami/apache/conf/httpd.conf", "-DFOREGROUND" ]
ENTRYPOINT [ "/entrypoint.sh" ]
CMD [ "/run.sh" ]
```
The Dockerfile has several sections related to:
@ -360,8 +364,8 @@ RUN sed -i -r 's/#LoadModule ratelimit_module/LoadModule ratelimit_module/' /opt
## Modify the ports used by Apache by default
# It is also possible to change these environment variables at runtime
ENV APACHE_HTTP_PORT_NUMBER=8181
EXPOSE 8181 8143
ENV APACHE_HTTP_PORT_NUMBER=8181
EXPOSE 8181 8443
## Modify the default container user
USER 1002
@ -385,7 +389,7 @@ services:
depends_on:
- cloner
volumes:
- ./config/my_vhost.conf:/opt/bitnami/apache/conf/vhosts/my_vhost.conf:ro
- ./config/my_vhost.conf:/vhosts/my_vhost.conf:ro
- ./certs:/certs
- data:/app
cloner:
@ -471,6 +475,10 @@ $ docker-compose up apache
# Notable Changes
## 2.4.41-debian-9-r40 and 2.4.41-ol-7-r42
- Decrease the size of the container. The configuration logic is now based on Bash scripts in the `rootfs/` folder.
## 2.4.39-debian-9-r40 and 2.4.39-ol-7-r50
- This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information.