From a4924537de46a7f6c72b46c1525d5bb342a643b7 Mon Sep 17 00:00:00 2001 From: cytopia Date: Sun, 20 May 2018 16:43:44 +0200 Subject: [PATCH] Feature: Disable PHP modules --- .../docker-entrypoint.d/38-disable-modules.sh | 49 +++++++++++++++++++ Dockerfiles/prod/data/docker-entrypoint.sh | 6 +++ Dockerfiles/work/data/docker-entrypoint.sh | 6 +++ README.md | 8 ++- 4 files changed, 68 insertions(+), 1 deletion(-) create mode 100755 Dockerfiles/prod/data/docker-entrypoint.d/38-disable-modules.sh diff --git a/Dockerfiles/prod/data/docker-entrypoint.d/38-disable-modules.sh b/Dockerfiles/prod/data/docker-entrypoint.d/38-disable-modules.sh new file mode 100755 index 00000000..0c0ee8fa --- /dev/null +++ b/Dockerfiles/prod/data/docker-entrypoint.d/38-disable-modules.sh @@ -0,0 +1,49 @@ +#!/usr/bin/env bash + +set -e +set -u +set -o pipefail + + +############################################################ +# Functions +############################################################ + +### +### Disable PHP Modules +### +disable_modules() { + local mod_varname="${1}" + local debug="${2}" + local mod_path="/usr/local/etc/php/conf.d" + + if ! env_set "${mod_varname}"; then + log "info" "\$${mod_varname} not set. Not disabling any PHP modules." "${debug}" + else + mods="$( env_get "${mod_varname}" )" + + if [ -z "${mods}" ]; then + log "warn" "\$${mod_varname} set, but empty. Not disabling any PHP modules." "${debug}" + else + log "info" "Disabling the following PHP modules: ${mods}" "${debug}" + fi + + while read -r mod; do + #for mod in ${mods//,/ }; do + mod="$( echo "${mod}" | xargs )" # trim + + # Find all config files that enable that module + files="$( grep -Er "^(zend_)?extension.*(=|/)${mod}\.so" "${mod_path}" || true )" + + if [ -n "${files}" ]; then + while read -r f; do + # Get filename + f="$( echo "${f}" | awk -F':' '{ print $1 }' )" + # Remove file + run "rm ${f}" "${debug}" + done <<< "${files}" + fi + done <<< "$( echo "${mods}" | tr ',' '\n' )" + #done + fi +} diff --git a/Dockerfiles/prod/data/docker-entrypoint.sh b/Dockerfiles/prod/data/docker-entrypoint.sh index 15834bde..3255fa07 100755 --- a/Dockerfiles/prod/data/docker-entrypoint.sh +++ b/Dockerfiles/prod/data/docker-entrypoint.sh @@ -160,6 +160,12 @@ copy_ini_files "${PHP_CUST_INI_DIR}" "${PHP_INI_DIR}" "${DEBUG_LEVEL}" copy_fpm_files "${PHP_CUST_FPM_DIR}" "${PHP_FPM_DIR}" "${DEBUG_LEVEL}" +### +### Disable PHP Modules +### +disable_modules "DISABLE_MODULES" "${DEBUG_LEVEL}" + + ### ### Startup ### diff --git a/Dockerfiles/work/data/docker-entrypoint.sh b/Dockerfiles/work/data/docker-entrypoint.sh index f5ffc668..038983b0 100755 --- a/Dockerfiles/work/data/docker-entrypoint.sh +++ b/Dockerfiles/work/data/docker-entrypoint.sh @@ -160,6 +160,12 @@ copy_ini_files "${PHP_CUST_INI_DIR}" "${PHP_INI_DIR}" "${DEBUG_LEVEL}" copy_fpm_files "${PHP_CUST_FPM_DIR}" "${PHP_FPM_DIR}" "${DEBUG_LEVEL}" +### +### Disable PHP Modules +### +disable_modules "DISABLE_MODULES" "${DEBUG_LEVEL}" + + ### ### mysqldump-secure ### diff --git a/README.md b/README.md index e64b4861..9c766b6a 100644 --- a/README.md +++ b/README.md @@ -610,7 +610,7 @@ Have a look at the following table to see all supported environment variables fo - prod

work + prod

work TIMEZONE string UTC @@ -622,6 +622,12 @@ Have a look at the following table to see all supported environment variables fo 1 By default all Docker images are configured to output their PHP-FPM access and error logs to stdout and stderr. Those which support it can change the behaviour to log into files inside the container. Their respective directories are available as volumes that can be mounted to the host computer. This feature might help developer who are more comfortable with tailing or searching through actual files instead of using docker logs.

Set this variable to 0 in order to enable logging to files. Log files are avilable under /var/log/php/ which is also a docker volume that can be mounted locally. + + DISABLE_MODULES + string + '' + Comma separated list of PHP modules to disable.
Example:
DISABLE_MODULES=swoole,imagick + ENABLE_MAIL bool