Skip to content

Latest commit

 

History

History
499 lines (429 loc) · 29.6 KB

README.md

File metadata and controls

499 lines (429 loc) · 29.6 KB

PHP Docker Container Images

Build Status Docker Pulls Docker Stars Docker Layers

Table of Contents

Docker Images

❗For better reliability we release images with stability tags (wodby/php:7.2-X.X.X) which correspond to git tags. We strongly recommend using images only with stability tags.

About images:

Supported tags and respective Dockerfile links:

-dev

Images with -dev tag have a few differences:

  • sudo allowed for all commands for wodby user
  • PHP source code available under /usr/src/php.tar.xz
  • PHP_FPM_CLEAR_ENV is set to no by default

-dev-macos

Same as -dev but the default user/group wodby has uid/gid 501/20 to match the macOS default user/group ids.

-debug

Include all changes from -dev images and additionally:

  • PHP compiled with --enabled-debug flag
  • PHP binaries are not stripped from debug symbols
  • Some extensions do not work with --enabled-debug such as newrelic and blackfire
  • PHP_FPM_LOG_LEVEL is set to debug by default

We currently do not build -debug images to save build time

Environment Variables

PHP and PHP-FPM configuration

The default configuration is not recommended to be used for production environment:

Variable 7.2 7.1 5.6
PHP_ALLOW_URL_FOPEN On On On
PHP_ALWAYS_POPULATE_RAW_POST_DATA - - 0
PHP_APCU_ENABLE_CLI 0 0 0
PHP_APCU_ENABLED 1 1 1
PHP_APCU_ENTRIES_HINT 4096 4096 4096
PHP_APCU_COREDUMP_UNMAP 0 0 0
PHP_APCU_GC_TTL 3600 3600 3600
PHP_APCU_PRELOAD_PATH NULL NULL NULL
PHP_APCU_SERIALIZER
PHP_APCU_SHM_SEGMENTS 1 1 1
PHP_APCU_SHM_SIZE 32M 32M 32M
PHP_APCU_SLAM_DEFENSE 1 1 1
PHP_APCU_TTL 0 0 0
PHP_APCU_USE_REQUEST_TIME 1 1 1
PHP_ASSERT_ACTIVE On On On
PHP_AUTO_PREPEND_FILE
PHP_AUTO_APPEND_FILE
PHP_BLACKFIRE
PHP_BLACKFIRE_AGENT_HOST blackfire blackfire blackfire
PHP_BLACKFIRE_AGENT_PORT 8707 8707 8707
PHP_CLI_MEMORY_LIMIT -1 -1 -1
PHP_DATE_TIMEZONE UTC UTC UTC
PHP_DEFAULT_SOCKET_TIMEOUT 60 60 60
PHP_DISPLAY_ERRORS On On On
PHP_DISPLAY_STARTUP_ERRORS On On On
PHP_ERROR_REPORTING E_ALL E_ALL E_ALL
PHP_EXPOSE Off Off Off
PHP_EXTENSIONS_DISABLE
PHP_FPM_CLEAR_ENV* yes yes yes
PHP_FPM_ENV_VARS
PHP_FPM_LOG_LEVEL* notice notice notice
PHP_FPM_PM dynamic dynamic dynamic
PHP_FPM_PM_MAX_CHILDREN 8 8 8
PHP_FPM_PM_MAX_REQUESTS 500 500 500
PHP_FPM_PM_MAX_SPARE_SERVERS 3 3 3
PHP_FPM_PM_MIN_SPARE_SERVERS 1 1 1
PHP_FPM_PM_STATUS_PATH
PHP_FPM_REQUEST_SLOWLOG_TIMEOUT
PHP_FPM_PM_START_SERVERS 2 2 2
PHP_FPM_USER www-data www-data www-data
PHP_FPM_GROUP www-data www-data www-data
PHP_GEOIP_CUSTOM_DIR
PHP_IGBINARY_COMPACT_STRINGS On On On
PHP_LOG_ERRORS On On On
PHP_LOG_ERRORS_MAX_LEN 0 0 0
PHP_MAX_EXECUTION_TIME 120 120 120
PHP_MAX_FILE_UPLOADS 20 20 20
PHP_MAX_INPUT_TIME 60 60 60
PHP_MAX_INPUT_VARS 2000 2000 2000
PHP_MBSTRING_HTTP_INPUT - -
PHP_MBSTRING_HTTP_OUTPUT - -
PHP_MBSTRING_ENCODING_TRANSLATION - - Off
PHP_MEMORY_LIMIT 512M 512M 512M
PHP_MYSQL_CACHE_SIZE - - 2000
PHP_MYSQLI_CACHE_SIZE 2000 2000 2000
PHP_NEWRELIC_APPNAME My PHP app My PHP app My PHP app
PHP_NEWRELIC_CAPTURE_PARAMS false false false
PHP_NEWRELIC_ENABLED false false false
PHP_NEWRELIC_FRAMEWORK
PHP_NEWRELIC_HIGH_SECURITY false false false
PHP_NEWRELIC_IGNORED_PARAMS
PHP_NEWRELIC_LABELS
PHP_NEWRELIC_LICENSE
PHP_NEWRELIC_LOGLEVEL info info info
PHP_NEWRELIC_TRANSACTION_TRACER_DETAIL 1 1 1
PHP_OPCACHE_ENABLE 1 1 1
PHP_OPCACHE_ENABLE_CLI 0 0 0
PHP_OPCACHE_VALIDATE_TIMESTAMPS 1 1 1
PHP_OPCACHE_REVALIDATE_FREQ 2 2 2
PHP_OPCACHE_MAX_ACCELERATED_FILES 4000 4000 4000
PHP_OPCACHE_MEMORY_CONSUMPTION 128 128 128
PHP_OPCACHE_INTERNED_STRINGS_BUFFER 8 8 8
PHP_OPCACHE_FAST_SHUTDOWN - 1 1
PHP_OUTPUT_BUFFERING 4096 4096 4096
PHP_PDO_MYSQL_CACHE_SIZE 2000 2000 2000
PHP_PHAR_READONLY 1 1 1
PHP_PHAR_REQUIRE_HASH 1 1 1
PHP_PHAR_CACHE_LIST
PHP_POST_MAX_SIZE 32M 32M 32M
PHP_REALPATH_CACHE_SIZE 4096k 4096k 16k
PHP_REALPATH_CACHE_TTL 120 120 120
PHP_SENDMAIL_PATH /bin/true /bin/true /bin/true
PHP_SESSION_SAVE_HANDLER files files files
see all session options 7.2 session 7.1 session 5.6 session
PHP_XHPROF -
PHP_TRACK_ERRORS - On On
PHP_UPLOAD_MAX_FILESIZE 32M 32M 32M
PHP_XDEBUG -
PHP_XDEBUG_DEFAULT_ENABLE - 0 0
see all xdebug ext options 7.x xdebug 7.x xdebug 5.6 xdebug
PHP_ZEND_ASSERTIONS 1 1 1

"-" - Not available for this version

Default value of environment variables marked with * is different for -dev and -debug images

Additional configuration

Variable Default value
GIT_USER_EMAIL [email protected]
GIT_USER_NAME wodby
SSH_PRIVATE_KEY
SSH_DISABLE_STRICT_KEY_CHECKING
SSHD_GATEWAY_PORTS no
SSHD_HOST_KEYS_DIR /etc/ssh
SSHD_LOG_LEVEL INFO
SSHD_PASSWORD_AUTHENTICATION no
SSHD_PERMIT_USER_ENV no
SSHD_USE_DNS yes

Build arguments

Argument Default value
PHP_VER
PHP_DEV
PHP_DEBUG
WODBY_GROUP_ID 1000
WODBY_USER_ID 1000

Change WODBY_USER_ID and WODBY_GROUP_ID mainly for local dev version of images, if it matches with existing system user/group ids the latter will be deleted.

PHP Extensions

You can disable extension by listing them in $PHP_EXTENSIONS_DISABLE separated by ,, e.g. $PHP_EXTENSIONS_DISABLE=geoip,ds

Extension 7.2 7.1 5.6
amqp 1.9.3 1.9.3 1.9.3
apc - - -
apcu 5.1.12 5.1.12 4.0.11
ast 1.0.0 1.0.0 -
blackfire latest latest latest
bcmath
bz2
calendar
Core
ctype
curl
date
dom
ds 1.2.6 1.2.6 -
exif
ereg - -
event 2.4.1 2.4.1 2.4.1
fileinfo
filter
ftp
gd
geoip 1.1.1 1.1.1 1.1.1
grpc 1.16.0 1.16.0 1.16.0
hash
iconv
igbinary 2.0.8 2.0.8 2.0.8
imagick 3.4.3 3.4.3 3.4.3
imap
intl
json
ldap
libxml
mbstring
mcrypt 1.0.1
memcached 3.0.4 3.0.4 2.2.0
mongodb 1.5.3 1.5.3 1.5.3
mysql - -
mysqli
mysqlnd
newrelic latest latest latest
OAuth 2.0.3 2.0.3 1.2.3
openssl
pcntl
pcre
PDO
pdo_mysql
pdo_pgsql
pdo_sqlite
pgsql
Phar
posix
rdkafka 3.0.5 3.0.5 3.0.5
readline
redis 4.1.1 4.1.1 4.1.1
Reflection
session
SimpleXML
soap
sockets
sodium - -
SPL
sqlite3
standard
tideways_xhprof v5.0-beta2 v5.0-beta2
tidy
tokenizer
uploadprogress latest latest 1.0.3.1
uuid 1.0.4 1.0.4 1.0.4
xdebug 2.6.1 2.6.1 2.5.5
xml
xmlreader
xmlrpc
xmlwriter
xsl
yaml 2.0.2 2.0.2 1.3.1
Zend OPcache
zip
zlib

Legend:

  • [EMPTY] – Core PHP extension
  • "-" - Not exists in this version Some extensions may not be available in -dev and -debug images

Extensions xdebug, blackfire and xhprof disabled by default.

Tools

Tool 7.2 7.1 5.6
Composer latest latest latest
Walter (deprecated) 1.3.0 1.3.0 1.3.0

Global Composer Packages

Package Version
hirak/prestissimo ^0.3

Libraries

All essential linux libraries are freezed and updates will be reflected in changelog.

Changelog

Changes per stability tag reflected in git tags description under releases.

Crond

You can run Crond with this image changing the command to sudo -E crond -f -d 0 and mounting a crontab file to ./crontab:/etc/crontabs/www-data. Example crontab file contents:

# min	hour	day	month	weekday	command
*/1	*	*	*	*	echo "test" > /mnt/files/cron

SSHD

You can run SSHD with this image by changing the command to sudo /usr/sbin/sshd -De and mounting authorized public keys to /home/wodby/.ssh/authorized_keys

Adding SSH key

You can add a private SSH key to the container by mounting it to /home/wodby/.ssh/id_rsa

Users and permissions

Default container user is wodby:wodby (UID/GID 1000). PHP-FPM runs from www-data:www-data user (UID/GID 82) by default. User wodby is a part of www-data group.

Codebase volume $APP_ROOT (/var/www/html) owned by wodby:wodby. Files volume $FILES_DIR (/mnt/files) owned by www-data:www-data with 775 mode.

See wodby#22 for more details.

Helper scripts

  • files_chmod – in case you need write access for wodby user to a file/dir generated by www-data on this volume run sudo files_chmod [FILEPATH] script (FILEPATH must be under /mnt/files), it will recursively change the mode to ug=rwX,o=rX

  • files_chown – in case you manually uploaded files under wodby user to files volume and want to change the ownership of those files to www-data run sudo files_chown [FILEPATH] script (FILEPATH must be under /mnt/files), it will recursively change ownership to www-data:www-data

Complete PHP-based stacks

Images based on wodby/php

Orchestration Actions

Usage:

make COMMAND [params ...]

commands:
    migrate
    check-ready [host max_try wait_seconds delay_seconds]
    git-clone url [branch]
    git-checkout target [is_hash]   
    files-import source
    files-link public_dir 
    update-keys
    walter

default params values:
    is_hash 0
    branch "" Branch, tag or hash commit