Last active
August 5, 2020 16:32
-
-
Save maxerbox/2c72a4429e6f0a0a54159b6d1708df1e to your computer and use it in GitHub Desktop.
Dockerfile for bedrock + sage theme example wordpress
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM php:7.4-apache | |
| # persistent dependencies | |
| RUN set -eux; \ | |
| apt-get update; \ | |
| apt-get install -y --no-install-recommends \ | |
| # Ghostscript is required for rendering PDF previews | |
| ghostscript \ | |
| ; \ | |
| rm -rf /var/lib/apt/lists/* | |
| # install the PHP extensions we need (https://make.wordpress.org/hosting/handbook/handbook/server-environment/#php-extensions) | |
| RUN set -ex; \ | |
| \ | |
| savedAptMark="$(apt-mark showmanual)"; \ | |
| \ | |
| apt-get update; \ | |
| apt-get install -y --no-install-recommends \ | |
| libfreetype6-dev \ | |
| libjpeg-dev \ | |
| libmagickwand-dev \ | |
| libpng-dev \ | |
| libzip-dev \ | |
| ; \ | |
| \ | |
| docker-php-ext-configure gd --with-freetype --with-jpeg; \ | |
| docker-php-ext-install -j "$(nproc)" \ | |
| bcmath \ | |
| exif \ | |
| gd \ | |
| mysqli \ | |
| zip \ | |
| ; \ | |
| pecl install imagick-3.4.4; \ | |
| docker-php-ext-enable imagick; \ | |
| \ | |
| # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies | |
| apt-mark auto '.*' > /dev/null; \ | |
| apt-mark manual $savedAptMark; \ | |
| ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ | |
| | awk '/=>/ { print $3 }' \ | |
| | sort -u \ | |
| | xargs -r dpkg-query -S \ | |
| | cut -d: -f1 \ | |
| | sort -u \ | |
| | xargs -rt apt-mark manual; \ | |
| \ | |
| apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ | |
| rm -rf /var/lib/apt/lists/* | |
| # set recommended PHP.ini settings | |
| # see https://secure.php.net/manual/en/opcache.installation.php | |
| RUN set -eux; \ | |
| docker-php-ext-enable opcache; \ | |
| { \ | |
| echo 'opcache.memory_consumption=128'; \ | |
| echo 'opcache.interned_strings_buffer=8'; \ | |
| echo 'opcache.max_accelerated_files=4000'; \ | |
| echo 'opcache.revalidate_freq=2'; \ | |
| echo 'opcache.fast_shutdown=1'; \ | |
| } > /usr/local/etc/php/conf.d/opcache-recommended.ini | |
| # https://wordpress.org/support/article/editing-wp-config-php/#configure-error-logging | |
| RUN { \ | |
| # https://www.php.net/manual/en/errorfunc.constants.php | |
| # https://github.com/docker-library/wordpress/issues/420#issuecomment-517839670 | |
| echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \ | |
| echo 'display_errors = Off'; \ | |
| echo 'display_startup_errors = Off'; \ | |
| echo 'log_errors = On'; \ | |
| echo 'error_log = /dev/stderr'; \ | |
| echo 'log_errors_max_len = 1024'; \ | |
| echo 'ignore_repeated_errors = On'; \ | |
| echo 'ignore_repeated_source = Off'; \ | |
| echo 'html_errors = Off'; \ | |
| } > /usr/local/etc/php/conf.d/error-logging.ini | |
| RUN set -eux; \ | |
| a2enmod rewrite expires; \ | |
| \ | |
| # https://httpd.apache.org/docs/2.4/mod/mod_remoteip.html | |
| a2enmod remoteip; \ | |
| { \ | |
| echo 'RemoteIPHeader X-Forwarded-For'; \ | |
| # these IP ranges are reserved for "private" use and should thus *usually* be safe inside Docker | |
| echo 'RemoteIPTrustedProxy 10.0.0.0/8'; \ | |
| echo 'RemoteIPTrustedProxy 172.16.0.0/12'; \ | |
| echo 'RemoteIPTrustedProxy 192.168.0.0/16'; \ | |
| echo 'RemoteIPTrustedProxy 169.254.0.0/16'; \ | |
| echo 'RemoteIPTrustedProxy 127.0.0.0/8'; \ | |
| } > /etc/apache2/conf-available/remoteip.conf; \ | |
| a2enconf remoteip; \ | |
| # https://github.com/docker-library/wordpress/issues/383#issuecomment-507886512 | |
| # (replace all instances of "%h" with "%a" in LogFormat) | |
| find /etc/apache2 -type f -name '*.conf' -exec sed -ri 's/([[:space:]]*LogFormat[[:space:]]+"[^"]*)%h([^"]*")/\1%a\2/g' '{}' + | |
| # ENV WORDPRESS_VERSION 5.4.2 | |
| # ENV WORDPRESS_SHA1 e5631f812232fbd45d3431783d3db2e0d5670d2d | |
| # | |
| # RUN set -ex; \ | |
| # curl -o wordpress.tar.gz -fSL "https://wordpress.org/wordpress-${WORDPRESS_VERSION}.tar.gz"; \ | |
| # echo "$WORDPRESS_SHA1 *wordpress.tar.gz" | sha1sum -c -; \ | |
| # # upstream tarballs include ./wordpress/ so this gives us /usr/src/wordpress | |
| # tar -xzf wordpress.tar.gz -C /usr/src/; \ | |
| # rm wordpress.tar.gz; \ | |
| # chown -R www-data:www-data /usr/src/wordpress; \ | |
| # # pre-create wp-content (and single-level children) for folks who want to bind-mount themes, etc so permissions are pre-created properly instead of root:root | |
| # mkdir wp-content; \ | |
| # for dir in /usr/src/wordpress/wp-content/*/; do \ | |
| # dir="$(basename "${dir%/}")"; \ | |
| # mkdir "wp-content/$dir"; \ | |
| # done; \ | |
| # chown -R www-data:www-data wp-content; \ | |
| # chmod -R 777 wp-content | |
| # wp cli | |
| RUN curl -o /bin/wp-cli.phar https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar | |
| COPY wp-su.sh /bin/wp | |
| RUN chmod +x /bin/wp-cli.phar /bin/wp | |
| RUN apt-get update && apt-get install -y sudo less | |
| # composer install | |
| RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer | |
| # Set document root | |
| ENV APACHE_DOCUMENT_ROOT /var/www/html/web | |
| RUN sed -ri -e 's!/var/www/html!${APACHE_DOCUMENT_ROOT}!g' /etc/apache2/sites-available/*.conf | |
| RUN sed -ri -e 's!/var/www/!${APACHE_DOCUMENT_ROOT}!g' /etc/apache2/apache2.conf /etc/apache2/conf-available/*.conf | |
| RUN apt-get -y update \ | |
| && apt-get -yq install \ | |
| gnupg2 \ | |
| curl \ | |
| && apt-get autoclean \ | |
| && apt-get clean \ | |
| && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* | |
| RUN groupadd --gid 1000 node \ | |
| && useradd --uid 1000 --gid node --shell /bin/bash --create-home node | |
| ENV NODE_VERSION 12.18.3 | |
| RUN ARCH= && dpkgArch="$(dpkg --print-architecture)" \ | |
| && case "${dpkgArch##*-}" in \ | |
| amd64) ARCH='x64';; \ | |
| ppc64el) ARCH='ppc64le';; \ | |
| s390x) ARCH='s390x';; \ | |
| arm64) ARCH='arm64';; \ | |
| armhf) ARCH='armv7l';; \ | |
| i386) ARCH='x86';; \ | |
| *) echo "unsupported architecture"; exit 1 ;; \ | |
| esac \ | |
| # gpg keys listed at https://github.com/nodejs/node#release-keys | |
| && set -ex \ | |
| && for key in \ | |
| 4ED778F539E3634C779C87C6D7062848A1AB005C \ | |
| 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 \ | |
| 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 \ | |
| 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \ | |
| C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \ | |
| C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C \ | |
| DD8F2338BAE7501E3DD5AC78C273792F7D83545D \ | |
| A48C2BEE680E841632CD4E44F07496B3EB3C1762 \ | |
| B9E2F5981AA6E0CD28160D9FF13993A75599653C \ | |
| ; do \ | |
| gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" || \ | |
| gpg --batch --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys "$key" || \ | |
| gpg --batch --keyserver hkp://pgp.mit.edu:80 --recv-keys "$key" ; \ | |
| done \ | |
| && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" \ | |
| && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \ | |
| && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \ | |
| && grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - \ | |
| && tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \ | |
| && rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \ | |
| && ln -s /usr/local/bin/node /usr/local/bin/nodejs \ | |
| # smoke tests | |
| && node --version \ | |
| && npm --version | |
| ENV YARN_VERSION 1.22.4 | |
| RUN set -ex \ | |
| && for key in \ | |
| 6A010C5166006599AA17F08146C2130DFD2497F5 \ | |
| ; do \ | |
| gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" || \ | |
| gpg --batch --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys "$key" || \ | |
| gpg --batch --keyserver hkp://pgp.mit.edu:80 --recv-keys "$key" ; \ | |
| done \ | |
| && curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz" \ | |
| && curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz.asc" \ | |
| && gpg --batch --verify yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \ | |
| && mkdir -p /opt \ | |
| && tar -xzf yarn-v$YARN_VERSION.tar.gz -C /opt/ \ | |
| && ln -s /opt/yarn-v$YARN_VERSION/bin/yarn /usr/local/bin/yarn \ | |
| && ln -s /opt/yarn-v$YARN_VERSION/bin/yarnpkg /usr/local/bin/yarnpkg \ | |
| && rm yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \ | |
| # smoke test | |
| && yarn --version | |
| ADD . ./ | |
| # deps install | |
| RUN composer install | |
| RUN chown -R www-data:www-data web/wp; \ | |
| chmod -R 777 web/wp/wp-content; \ | |
| chown www-data:www-data web/; | |
| RUN echo '<IfModule mod_rewrite.c>\n\ | |
| <IfModule mod_rewrite.c>\n \ | |
| RewriteEngine On\n\ | |
| RewriteBase /\n\ | |
| RewriteRule ^index\.php$ - [L]\n\ | |
| RewriteCond %{REQUEST_FILENAME} !-f\n\ | |
| RewriteCond %{REQUEST_FILENAME} !-d\n\ | |
| RewriteRule . /index.php [L]\n\ | |
| </IfModule>\n'\ | |
| > web/.htaccess | |
| # env generation | |
| COPY .env.example .env | |
| # RUN wp dotenv salts | |
| # Theme install | |
| WORKDIR /var/www/html/web/app/themes/emmanuelle-latest | |
| RUN composer install | |
| RUN yarn; \ | |
| yarn build:production | |
| # clean up | |
| RUN apt-get clean | |
| RUN rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* | |
| VOLUME /var/www/html | |
| WORKDIR /var/www/html | |
| # COPY docker-entrypoint.sh /usr/local/bin/ | |
| # ENTRYPOINT ["docker-entrypoint.sh"] | |
| CMD ["apache2-foreground"] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment