{"id":18906525,"url":"https://github.com/claranet/php","last_synced_at":"2025-04-15T04:31:37.680Z","repository":{"id":41176080,"uuid":"132140844","full_name":"claranet/php","owner":"claranet","description":"PHP docker base image","archived":false,"fork":false,"pushed_at":"2024-04-30T15:32:11.000Z","size":266,"stargazers_count":12,"open_issues_count":6,"forks_count":8,"subscribers_count":7,"default_branch":"master","last_synced_at":"2025-03-28T00:34:27.980Z","etag":null,"topics":["concept","php-docker","php-fpm"],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/claranet.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-05-04T13:01:51.000Z","updated_at":"2024-04-30T15:32:10.000Z","dependencies_parsed_at":"2022-09-09T21:32:26.878Z","dependency_job_id":null,"html_url":"https://github.com/claranet/php","commit_stats":null,"previous_names":[],"tags_count":63,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/claranet%2Fphp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/claranet%2Fphp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/claranet%2Fphp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/claranet%2Fphp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/claranet","download_url":"https://codeload.github.com/claranet/php/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249006449,"owners_count":21197279,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["concept","php-docker","php-fpm"],"created_at":"2024-11-08T09:16:37.945Z","updated_at":"2025-04-15T04:31:37.160Z","avatar_url":"https://github.com/claranet.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n![badge](docs/badge_kubernetes_docker.svg)\n\n# Claranet PHP\n\nProvides an opinionated, extensible PHP docker image build \u0026 run concept, which unifies common scenarios to build and run PHP applications / jobs in a container world.\nIt ships with default configurations for nginx and php-fpm, supports the most important configurations to be\nset via environment variables and makes it easy to check external services (like a DBMS, cache, object-store) before proceeding with the container startup.\n\n\u003c!-- TOC --\u003e\n\n- [Claranet PHP](#claranet-php)\n - [TL;DR](#tldr)\n - [Build \u0026 Run Concept](#build--run-concept)\n - [Main Sections](#main-sections)\n - [Subsections](#subsections)\n - [Steps](#steps)\n - [Configure Sections](#configure-sections)\n - [Docker Image Builds](#docker-image-builds)\n - [Environment Variables](#environment-variables)\n - [Docker Build Arguments](#docker-build-arguments)\n - [General](#general)\n - [GCP](#gcp)\n - [OS](#os)\n - [Nginx](#nginx)\n - [NodeJS](#nodejs)\n - [PHP](#php)\n - [Mailing](#mailing)\n - [Configuration](#configuration)\n - [Nginx](#nginx-1)\n - [PHP](#php-1)\n - [Pre-compiled Modules](#pre-compiled-modules)\n - [Cronjobs](#cronjobs)\n - [Sending A Mail](#sending-a-mail)\n\n\u003c!-- /TOC --\u003e\n\n## TL;DR\n\n* extends official docker php images\n* provides generic build and life cycle infrastructure for containerized PHP applications (well prepared for kubernetes)\n* shipped as PHP 7.1.x, 7.2.x and 7.3.x flavor\n* there is a (build\u003ebase already run / build\u003ebase only prepared) flavor for each PHP version\n* general run concept: `docker run --rm -t claranet/php:1.1.59-php7.3.13 \u003cmain-section\u003e [subsection] [subsection-args, ...]`\n* overview: `docker run --rm -t claranet/php:1.1.59-php7.3.13 help`\n* supplied services\n - nginx\n - phpfpm\n - crond\n\nBuild image locally:\n```sh\n# generates local/claranet/php:1.1.59-php7.3.13\n./bin/image.sh build\n```\n\n## Build \u0026 Run Concept\n\n**System requirements**: To be able to build this docker image, you need `docker`, `gettext` (envsubst) and the `bash`.\n\nThe concept is based on the good old `.d` directory concept from debian. There are 3 levels we need to discuss\n\n1. main section\n1. subsection\n1. steps\n\nA quick visual overview gives (see more details below) ![section pattern image](docs/sectionPattern.png)\n\n### Main Sections\n\nA main section is collection of `subsections` which share an abstract topic. For example on default we provide the following\nmain sections by default:\n\n* build\n* start\n* stop\n* test\n\nMain sections are identified by looking for a `.d` directory within `docker/`. The entrypoint is designed to look up\navailable main sections automatically. So you are able to introduce new main sections in your custom derivate of this\nimage by adding an additional `.d` directory.\n\nTo execute all subsections of a main section, you need to call the main section from `/entrypoint.sh`. So running all\nbuild subsections is done by calling `/entrypoint.sh build`.\n\nNote: not all main sections are able to run all subsections! (e.g. `start`). See [configure sections](#configure-sections)\nfor more details regarding this topic.\n\n### Subsections\n\nEach main section must have at least one subsection. Subsections exist in order to organize related, self-contained steps\n(scripts). Subsections can be executed directly by specifying the subsection after the main section. So calling only\nthe subsection `base` from the main section `build`, you need to execute `/entrypoint.sh build base`.\n\nSubsections are directories within a main section - naming doesn't matter!\n\nCalling a subsection results in a execution of all steps contained in the subsection. Steps are executed in alphanumeric order.\n\nNote: you can describe subsections in the `/entrypoint.sh help` by [configuring them](#configure-sections)\n\n### Steps\n\n**Context**\n\nA step lives inside a subsection, so the hierarchy looks like `main section \u003e subsection \u003e step`. A step is represented in\nform of a script. This script can be referenced by a symlink or live directly inside the subsection. Only bash scripts\nare currently supported. A step will be sourced by the caller, which makes all functions / vars from previous steps and\n`docker/*.inc.sh` files available to the script itself.\n\nEach step current dir is set to `$WORKDIR` before executing the step.\n\n**Shared steps**\n\nSome steps are required in multiple subsections. To overcome the need of reimplementing / having duplicated steps\nsteps can be references via symlinks. The Claranet PHP image already makes use of this and provides a directory\ncalled `docker/shared_steps/`. You can find scripts there, which will be referenced by multiple subsections.\n\n_If you need a step in multiple subsections, please make use of this mechanism!_\n\n\n### Configure Sections\n\nMain sections and subsections share the same way how they can be configured. A section may contain a file named `META`.\nIf available, this file will be included by `/entrypoint.sh help` and in the run to iterate of all subsections \n(e.g. `/entrypoint.sh build`).\n\nThe help method uses the `SECTION_DESCRIPTION` to print more details about the available sections. In case of a main section\nit will be able to print a multi line string - standing by it's own. In case of a subsection the content should be\nkept short and one-line only - as it gets print after the subsection name.\n\n`META` file schema:\n```sh\n# a one line description text which will be printed inside the help message\n# Default: no description specified (see Configure Sections in documentation)\nSECTION_DESCRIPTION=\"...your description...\"\n\n# AFFECT MAIN SECTIONS ONLY\n# if false =\u003e requires the user to call a subsection directly\n# and prohibits running all subsections by calling the main section only\n# Default: true\nCATCH_ALL_EXECUTION=\"\u003ctrue|false\u003e\"\n```\n\n### Docker Image Builds\n\nThe docker image build is, despite the recommendation, outsourced in multiple shell scripts, living within the section `build`. The build process is split in at least 2 subsections (parts): `base` and `deps`. The user is able and encouraged to add custom subsections and overwrite or enhance current subsections.\n\n**base**:\n\nThe subsection `base` prepares the image OS by...\n* configure APT sources\n* install APT packages (listed in `SYSTEM_PACKAGES` env var)\n* install / compile PHP modules\n* install / configure PHP composer\n* install nodejs and npm\n* install git and configure it to use HTTPS instead of SSH for cloning\n* install the newrelic daemon / php module if `ENABLE_NEWRELIC` is set to `true`\n\nIf you are lucky, you shouldn't be required to run this subsection in your customized image.\n\nIn order to speed up the build process for images based on this one, we already run the `base` subsection while building this image. If you need a lot of customization, you might need to run the base subsection by your own - this is why we also provide a `-nobase` flavoured image! The `-nobase` flavour comes with all the prepared scripts from `build \u003e base`, but those script haven't been executed yet.\n\nHowever, you should run the `base` subsection before running any other subsection!\n\n**deps**:\n\nDeps is a prepared-only subsection. It is meant to install application specific dependencies like npm or composer packages; apply code patches or do any other task to make the application code runnable.\n\nThis subsection should be called by the depending custom docker image!\n\n\n## Environment Variables\n\nCheckout default values in the [Dockerfile](Dockerfile).\n\n### Docker Build Arguments\n\nTo easy docker builds, we provide a few handy options here\n\n| Name | Default value | Description |\n|--------------------|-----------------|---------------------------------------------------------------------------------|\n| ERROR_EXIT_CODE | 1 | Docker build RUN step error code on failure; handy for debugging |\n| ENABLE_CLEANUP | true | If true, prevents cache clearing, removing of build packages/download artifacts |\n| ENABLE_GCP | false | Enable GCP optimizations (e.g. use GCP APT mirror) |\n| RUN_BUILD_BASE | true | Switch to disable `build \u003e base` for the `-nobase` flavoured image |\n| GITLAB_SERVER_NAME | | Normaly the content of `$CI_SERVER_NAME` in gitlab-ci jobs; `ONBUILD` only |\n| GITLAB_USER | gitlab-ci-token | The token user to auth against gitlab; `ONBUILD` only |\n| GITLAB_TOKEN | emtpy | The actual token to auth against gitlab; `ONBUILD` only |\n\n\n### General\n\n| Name | Description |\n|----------------|------------------------------------------------------|\n| WORKDIR | Docker WORKDIR, exposed as env var to easy scripting |\n| BUILD_LOG | Path to the build log file |\n| ENABLE_PATCHES | Enables/disables `deps \u003e apply patches` step |\n\n\n### GCP\n\n| Name | Description |\n|-----------------------------|-----------------------------------------------------------------|\n| ENABLE_GCP | If true, enables GCP optimizations |\n| GOOGLE_ASSET_BUCKET_ENABLED | Enable bucket support in nginx |\n| ASSET_BUCKET_NAME | The GCP Cloud Storage name, will be used for the nginx config |\n| ASSET_VERSION | A string which indicates the asset version, e.g. the commit SHA |\n\n\n### OS\n\n| Name | Description |\n|--------------------|----------------------------------------------------------------------------|\n| PATH | OS PATH variable |\n| BUILD_PACKAGES | APT packages, removed by CLEANUP, if `ENABLE_CLEANUP` is `true` |\n| SYSTEM_PACKAGES | APT packages |\n| JESSIE_PACKAGE_MAP | Maps Debian stretch to jessie package names `\u003cstretch-name\u003e:\u003cjessie-name\u003e` |\n| ENABLE_NEWRELIC | If true, install the newrelic daemon + php module at build time (`base`) |\n\n\n### Nginx\n\nNginx does not support environment variables by itself (except if you enable the lua script support...). So we are using `envsubst` before enabling configs from `/etc/nginx/sites-available/*.conf`.\n\n| Name | Description |\n|-----------------------|------------------------------------------------------------------------|\n| NGINX_SITES_AVAILABLE | Path to the `sites-available/` directory |\n| NGINX_SITES_ENABLED | Path to the `sites-enabled/` directory |\n| PHPFPM_HOST | IP/Domain where to find the php-fpm fastcgi service |\n| PHPFPM_PORT | Port of the php-fpm fastcgi service |\n| DOCUMENT_ROOT | Default document root for the default vhost |\n| COMPRESS_FILE_MATCH | Extended regex for matching files which should be compressed for nginx |\n| COMPRESS_FILE_PATHS | Where to look for files to be compressed during build time |\n\n\n### NodeJS\n\n| Name | Description |\n|--------------------|------------------------------------------------------------------|\n| ENABLE_NODEJS | Install nodejs at build time `base` |\n| NODEJS_VERSION | Major version (e.g. `8` or `10`) |\n| ENABLE_BOWER | Install bower at build time `deps` |\n| NPM | Name of the `npm` cli binary (`npm` or `yarn`) |\n| NPM_BUILD_PACKAGES | APT packages to be able to compile packages at build time `deps` |\n| NPM_ARGS | Additional arguments for `$NPM install` |\n\n\n### PHP\n\nWe are exposing most of the important `php.ini` settings via environment variables and\nuse the [ini-env-var substitution feature](http://php.net/manual/en/configuration.file.php) from PHP for that.\n\n| Name | Description |\n|-------------------------------------|-----------------------------------------------------------------------------------|\n| PHP | The PHP binary name |\n| FPM | The PHP-FPM binary name |\n| NEWRELIC_PHP_VERSION | The newrelic php module package version, only useful, if ENABLE_NEWRELIC is true |\n| PHP_EXTENSIONS_STARTUP_ONLY | A list of modules which shouldn't be enabled at build time |\n| PHP_EXTENSIONS_STARTUP_ENABLE | A list of modules, which should get enabled at container startup |\n| PHP_EXTENSIONS | List of modules which should get compiled at build time (build base) |\n| PHP_BUILD_PACKAGES | APT packages required to compile extensions |\n| PHP_INI_DIR | Where to look for and store php ini files? |\n| PHP_INI_ALLOW_URL_FOPEN | PHP ini _allow_url_fopen_ value |\n| PHP_INI_DATE_TIMEZONE | PHP ini _date.timezone_ value |\n| PHP_INI_INCLUDE_PATH | PHP ini _include\\_path_ value |\n| PHP_INI_MAX_EXECUTION_TIME | PHP ini _max\\_execution\\_time_ value |\n| PHP_INI_MAX_INPUT_TIME | PHP ini _max\\_input\\_time_ value |\n| PHP_INI_MAX_INPUT_VARS | PHP ini _max\\_input\\_vars_ value |\n| PHP_INI_MEMORY_LIMIT | PHP ini _memory\\_limit_ value |\n| PHP_INI_ERROR_LOG | PHP ini _error\\_log_ value |\n| PHP_INI_POST_MAX_SIZE | PHP ini _post\\_max\\_size_ value |\n| PHP_INI_APC_ENABLED | PHP ini _apc\\_enabled_ value |\n| PHP_INI_APC_SHM_SIZE | PHP ini _apc\\_shm\\_size_ value |\n| PHP_INI_OPCACHE_ENABLE | PHP ini _opcache\\_enable_ value |\n| PHP_INI_OPCACHE_ENABLE_CLI | PHP ini _opcache\\_enable\\_cli_ value |\n| PHP_INI_OPCACHE_MEMORY_CONSUMPTION | PHP ini _opcache\\_memory\\_consumption_ value |\n| PHP_INI_OPCACHE_VALIDATE_TIMESTAMPS | PHP ini _opcache\\_validate\\_timestamps_ value |\n| PHP_INI_FILE_UPLOADS | PHP ini _file\\_uploads_ value |\n| PHP_INI_UPLOAD_MAX_FILESIZE | PHP ini _upload\\_max\\_filesize_ value |\n| PHP_INI_MAX_FILE_UPLOADS | PHP ini _max\\_file\\_uploads_ value |\n| PHP_INI_SHORT_OPEN_TAG | PHP ini __short_open_tag_ |\n| PHP_INI_NEWRELIC_APPNAME | PHP ini _newrelic\\_appname_ value |\n| PHP_INI_NEWRELIC_FRAMEWORK | PHP ini _newrelic\\_framework_ value |\n| PHP_INI_NEWRELIC_LICENSE | PHP ini _newrelic\\_license_ value |\n| BLACKFIRE_AGENT | URL of the blackfire agent |\n| CONSOLE | Composer console command name |\n| CODECEPT | The codeception cli command name (with path) |\n| CODECEPTION_ARGS | Args which should get added to the codeception cli command name |\n| COMPOSER_VERSION | Specify the composer version, which gets installed in `build \u003e base` |\n| COMPOSER_ARGS | Additional `composer install` arguments, passed in `build \u003e deps` subsection |\n| COMPOSER_DUMP_ARGS | Args applied to the `composer autodump` command |\n\n### PHP-FPM (Default Pool)\n\n| Name | Description |\n|-------------------------------------|-------------------------------------------|\n| FPM_PM\t\t\t | Process management type e.g dynamic \t |\n| FPM_PM_MAX_CHILDREN | pm.max_children in default pool\t \t |\n| FPM_PM_START_SERVERS | pm.start_servers in default pool \t |\n| FPM_PM_MIN_SPARE_SERVERS | pm.min_spare_servers in default pool \t |\n| FPM_PM_MAX_SPARE_SERVERS | pm.max_spare_servers in default pool \t |\n| FPM_PM_MAX_REQUESTS | pm.max_requests in default pool\t \t |\n\n### Mailing\n\n| Name | Description |\n|------------------|------------------------------------------------------------------|\n| ENABLE_SMTP | Enable / Disable ssmtp configuration and therefor mailing |\n| SMTP_ENCRYPTION | Connection encryption used, e.g. `tls` (is STARTTLS) or `ssl` |\n| SMTP_AUTH_METHOD | Method used to authenticate against the SMTP server e.g. `login` |\n| SMTP_HOST | IP or domain of the SMTP service |\n| SMTP_PORT | Port of the SMTP service |\n| SMTP_USERNAME | Username used in conjunction with `SMTP_AUTH_METHOD` |\n| SMTP_PASSWORD | Password used in conjunction with `SMTP_AUTH_METHOD` |\n| SMTP_TIMEOUT | Connection timeout for established SMTP service connections |\n\n\n\n## Configuration\n\n### Nginx\n\n* uses filesystem meta information cache\n* configurable via `DOCUMENT_ROOT`, `PHPFPM_HOST` and `PHPFPM_PORT` environment variables\n\n### PHP\n\n**php-fpm**\n\nThe php-fpm configuration is designed to match a generic pattern - optimized to leverage the usual load\nper container. Normally you shouldn't be required to change the fpm configuration at all - if your container\nneeds to handle more requests, launch another one and balance the traffic.substitute\n\nIf you still need to extend the php-fpm config there are 2 options:\n\n1) Adjust the environment variables for the default pool e.g. `FPM_PM_MAX_CHILDREN`.\n\n2) The `start \u003e phpfpm` subsection is prepared to launch different\nfpm pools. To launch e.g. a pool named `wordpress`, after you added the pools config to the container:\n`/entrypoint.sh start phpfpm wordpress`\n\nIt will start the `default` phpfpm pool if no other pool name is given.\n\nNOTE: On default, OPCACHE is enabled and won't revalidate filesystem changes.\n\n**php.ini**\n\nIn order to allow PHP config customization, this image uses the PHP ini parsers ability to substitute ENV\nvars for ini values. See [available PHP env vars](#php) for more details.\n\n#### Pre-compiled Modules\n\nA list of module, coming with this docker image:\n\n| Name | Source | Enabled |\n|-----------|--------|---------|\n| bcmath | core | yes |\n| bz2 | core | yes |\n| gd | core | yes |\n| gmp | core | yes |\n| intl | core | yes |\n| json | core | yes |\n| mbstring | core | yes |\n| opcache | core | yes |\n| dom | core | yes |\n| curl | core | yes |\n| pgsql | core | yes |\n| pdo_pgsql | core | yes |\n| mysqlnd | core | yes |\n| pdo_mysql | core | yes |\n| ldap | core | yes |\n| soap | core | yes |\n| zip | core | yes |\n| xdebug | pecl | no |\n| imagick | pecl | no |\n| redis | pecl | no |\n| APCu | pecl | no |\n\n## Cronjobs\n\nTo overcome the vixie-cron (debian default) environment variables issue (they are not propagated to launched cron-jobs), this image uses busybox' crond.\n\nCronjobs can be configured in the [docker/etc/cron.d](docker/etc/cron.d) directory. You can put there a file per username (e.g. named _root_) with cronjob entries based on the normal cron config syntax and `COPY` those files via your `Dockerfile` to `/etc/cron.d/` within the image.\n\n```\n# Cron config syntax\n# m h dom mon dow command\n * * * * * mytask\n```\n\nThose files will be linked to `/var/spool/cron/crontabs/` when `start \u003e crond` gets executed.\n\n## Sending A Mail\n\nMailing via CLI is an easy topic with this image. Set `ENABLE_SMTP` to `true` and ssmtp will be pre-configured on the `start` subsections `crond`, `pre-deployment` and `post-deployment`. After that, you can use the `ssmtp` tool to send your mails synchronously.\n\nFor example:\n```sh\nssmtp to@local \u003c\u003cEOF\nTo: to@local\nFrom: from@local\nSubject: [claranet] This is a nice mail\n\nHelo,\n\nfrom CLI\n\nRegards,\nMe - the CLI\nEOF\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fclaranet%2Fphp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fclaranet%2Fphp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fclaranet%2Fphp/lists"}