michael-grunder · April 2, 2025 18:55
diff --git a/Dockerfile b/Dockerfile
 FROM debian:latest

 RUN apt-get update && apt-get install -y \
    php-cli \
    php-dev \
    php-pear \
    gcc \
    make \
    redis \
    openssl \
    git \
    neovim \
    gdb \
    && rm -rf /var/lib/apt/lists/*

 RUN cd /root/ && git clone https://github.com/phpredis/phpredis && \
    cd phpredis && \
    phpize && \
    ./configure && \
    make && make install && \
    echo "extension=redis.so" > $(php-config --ini-dir)/20-redis.ini

 RUN mkdir -p /etc/redis && \
    openssl req \
      -newkey rsa:2048 -nodes -keyout /etc/redis/server.key \
      -x509 -days 365 -out /etc/redis/server.crt \
      -subj "/C=US/ST=Example/L=Example/O=Example/OU=IT/CN=localhost" && \
    # For a simple example, just reuse server.crt as the CA
    cp /etc/redis/server.crt /etc/redis/CA.crt

 RUN { \
  echo "bind 0.0.0.0"; \
  echo "port 6380"; \
  echo "tls-port 6379"; \
  echo "tls-cert-file /etc/redis/server.crt"; \
  echo "tls-key-file /etc/redis/server.key"; \
  echo "tls-ca-cert-file /etc/redis/CA.crt"; \
  echo "tls-auth-clients no"; \
  echo "requirepass secret"; \
  echo "daemonize yes"; \
 } > /etc/redis/redis.conf

 RUN echo 'session.save_handler = redis' \
        >> $(php-config --ini-dir)/20-redis.ini && \
    echo 'session.save_path = "tls://127.0.0.1:6379?auth[user]=default&auth[pass]=secret&stream[cafile]=file:////etc/redis/CA.crt&stream[verify_peer_name]=0&stream[verify_peer]=0"' \
        >> $(php-config --ini-dir)/20-redis.ini

 RUN echo '<?php \
 session_start(); \
 $_SESSION["test"] = "Hello from TLS Session:" . time(); \
 echo "Session data saved: ".$_SESSION["test"].PHP_EOL; \
 ?>' \
  > /test.php

 CMD redis-server /etc/redis/redis.conf && tail -f /dev/null
	FROM debian:latest

	RUN apt-get update && apt-get install -y \
	php-cli \
	php-dev \
	php-pear \
	gcc \
	make \
	redis \
	openssl \
	git \
	neovim \
	gdb \
	&& rm -rf /var/lib/apt/lists/*

	RUN cd /root/ && git clone https://github.com/phpredis/phpredis && \
	cd phpredis && \
	phpize && \
	./configure && \
	make && make install && \
	echo "extension=redis.so" > $(php-config --ini-dir)/20-redis.ini

	RUN mkdir -p /etc/redis && \
	openssl req \
	-newkey rsa:2048 -nodes -keyout /etc/redis/server.key \
	-x509 -days 365 -out /etc/redis/server.crt \
	-subj "/C=US/ST=Example/L=Example/O=Example/OU=IT/CN=localhost" && \
	# For a simple example, just reuse server.crt as the CA
	cp /etc/redis/server.crt /etc/redis/CA.crt

	RUN { \
	echo "bind 0.0.0.0"; \
	echo "port 6380"; \
	echo "tls-port 6379"; \
	echo "tls-cert-file /etc/redis/server.crt"; \
	echo "tls-key-file /etc/redis/server.key"; \
	echo "tls-ca-cert-file /etc/redis/CA.crt"; \
	echo "tls-auth-clients no"; \
	echo "requirepass secret"; \
	echo "daemonize yes"; \
	} > /etc/redis/redis.conf

	RUN echo 'session.save_handler = redis' \
	>> $(php-config --ini-dir)/20-redis.ini && \
	echo 'session.save_path = "tls://127.0.0.1:6379?auth[user]=default&auth[pass]=secret&stream[cafile]=file:////etc/redis/CA.crt&stream[verify_peer_name]=0&stream[verify_peer]=0"' \
	>> $(php-config --ini-dir)/20-redis.ini

	RUN echo '<?php \
	session_start(); \
	$_SESSION["test"] = "Hello from TLS Session:" . time(); \
	echo "Session data saved: ".$_SESSION["test"].PHP_EOL; \
	?>' \
	> /test.php

	CMD redis-server /etc/redis/redis.conf && tail -f /dev/null