23 files changed, 496 insertions(+), 1 deletions(-)

A README.md
A fcgi/Dockerfile
A fcgi/Makefile
A fcgi/README.md
M nitter/Makefile
A php/Dockerfile
A php/Dockerfile.development
A php/Dockerfile.fpm
A php/Dockerfile.fpm-development
A php/Dockerfile.readwrite
A php/Makefile
A php/README.md
A php/php-fpm.conf
A php/php-fpm.d/www.conf
A php/php/conf.d/php.ini
A php/php/development.conf
A php/php/mysqli.conf
A php/php/pdo-mysql.conf
A php/php/pgsql.conf
A php/php/production-readonly.conf
A php/php/production-readwrite.conf
A php/php/production.conf
A php/php/sodium.conf

@@ 0,0 1,11 @@
+# Container Images
+
+|Images |Tags |Fully qualified name of the default image|
+|:------|:----|:----------------------------------------|
+|[dnsmasq](/~dricottone/container-images/tree/dev/item/dnsmasq/README.md)|latest|`registry.intra.dominic-ricottone.com/dnsmasq:latest`|
+|[fcgi](/~dricottone/container-images/tree/dev/item/fcgi/README.md)|latest|`registry.intra.dominic-ricottone.com/fcgi:latest`|
+|[haproxy](/~dricottone/container-images/tree/dev/item/haproxy/README.md)|latest|`registry.intra.dominic-ricottone.com/haproxy:latest`|
+|[nginx](/~dricottone/container-images/tree/dev/item/nginx/README.md)|latest|`registry.intra.dominic-ricottone.com/nginx:latest`|
+|[nitter](/~dricottone/container-images/tree/dev/item/nitter/README.md)|amd64,arm64|`registry.intra.dominic-ricottone.com/nitter:amd64`|
+|[php](/~dricottone/container-images/tree/dev/item/php/README.md)|latest,readwrite,fpm,development,fpm-development|`registry.intra.dominic-ricottone.com/php:latest`|
+

@@ 0,0 1,10 @@
+FROM docker.io/library/alpine:latest
+
+RUN apk add --no-cache spawn-fcgi fcgiwrap dumb-init
+
+EXPOSE 9000
+
+ENTRYPOINT ["/usr/bin/dumb-init", "--"]
+
+CMD ["spawn-fcgi", "-p", "9000", "-n", "--", "/usr/bin/fcgiwrap", "-f"]
+

@@ 0,0 1,13 @@
+CONMAN=sudo docker
+
+REGISTRY=registry.intra.dominic-ricottone.com
+IMAGE=fcgi
+TAG=latest
+
+image:
+	$(CONMAN) buildx build --push \
+		--platform linux/arm64,linux/amd64 \
+		--tag $(REGISTRY)/$(IMAGE):$(TAG) \
+		.
+
+.PHONY: image

@@ 0,0 1,34 @@
+# fcgi
+
+
+## Build and Deploy
+
+```
+make image
+```
+
+
+### Tags
+
+ + `latest`
+
+----
+
+## Use
+
+Can be used with any container manager toolchain.
+
+This is a base image for application-specific container images.
+
+```
+FROM fcgi
+
+WORKDIR /app
+
+COPY app-dist /app
+```
+
+The FastCGI server then can be proxied over port 9000.
+A script copied into the container at `/app/script.cgi` would be available
+at `example.com/script.cgi`.
+

@@ 19,4 19,4 @@ image-arm64:
 		--tag $(REGISTRY)/$(IMAGE):$(TAG_ARM64) \
 		. -f Dockerfile.arm64
 
-.PHONY: image
+.PHONY: image image-amd64 image-arm64

@@ 0,0 1,8 @@
+FROM docker.io/library/php:alpine
+
+COPY php/ /usr/local/etc/php/
+
+RUN rm /usr/local/etc/php/php.ini-development /usr/local/etc/php/php.ini-production /usr/local/etc/php/conf.d/docker-php-ext-sodium.ini
+RUN mv /usr/local/etc/php/production.conf /usr/local/etc/php/conf.d/production.ini
+RUN mv /usr/local/etc/php/production-readonly.conf /usr/local/etc/php/conf.d/production-readonly.ini
+

@@ 0,0 1,7 @@
+FROM docker.io/library/php:alpine
+
+COPY php/ /usr/local/etc/php/
+
+RUN rm /usr/local/etc/php/php.ini-development /usr/local/etc/php/php.ini-production /usr/local/etc/php/conf.d/docker-php-ext-sodium.ini
+RUN mv /usr/local/etc/php/development.conf /usr/local/etc/php/conf.d/development.ini
+

@@ 0,0 1,10 @@
+FROM docker.io/library/php:fpm-alpine
+
+COPY php/ /usr/local/etc/php/
+COPY php-fpm.conf /usr/local/etc/php-fpm.conf
+COPY php-fpm.d/ /usr/local/etc/php-fpm.d/
+
+RUN rm /usr/local/etc/php/php.ini-development /usr/local/etc/php/php.ini-production /usr/local/etc/php/conf.d/docker-php-ext-sodium.ini
+RUN mv /usr/local/etc/php/production.conf /usr/local/etc/php/conf.d/production.ini
+RUN mv /usr/local/etc/php/production-readonly.conf /usr/local/etc/php/conf.d/production-readonly.ini
+

@@ 0,0 1,9 @@
+FROM docker.io/library/php:fpm-alpine
+
+COPY php/ /usr/local/etc/php/
+COPY php-fpm.conf /usr/local/etc/php-fpm.conf
+COPY php-fpm.d/ /usr/local/etc/php-fpm.d/
+
+RUN rm /usr/local/etc/php/php.ini-development /usr/local/etc/php/php.ini-production /usr/local/etc/php/conf.d/docker-php-ext-sodium.ini
+RUN mv /usr/local/etc/php/development.conf /usr/local/etc/php/conf.d/development.ini
+

@@ 0,0 1,8 @@
+FROM docker.io/library/php:alpine
+
+COPY php/ /usr/local/etc/php/
+
+RUN rm /usr/local/etc/php/php.ini-development /usr/local/etc/php/php.ini-production /usr/local/etc/php/conf.d/docker-php-ext-sodium.ini
+RUN mv /usr/local/etc/php/production.conf /usr/local/etc/php/conf.d/production.ini
+RUN mv /usr/local/etc/php/production-readwrite.conf /usr/local/etc/php/conf.d/production-readwrite.ini
+

@@ 0,0 1,43 @@
+CONMAN=sudo docker
+
+REGISTRY=registry.intra.dominic-ricottone.com
+IMAGE=php
+TAG_DEV=development
+TAG_DEV_FPM=fpm-development
+TAG_PROD_RW=readwrite
+TAG_PROD_RO=latest
+TAG_PROD_FPM=fpm
+
+image: image-dev image-prod-rw image-prod-ro image-dev-fpm image-prod-fpm
+
+image-dev:
+	$(CONMAN) buildx build --push \
+		--platform linux/amd64 \
+		--tag $(REGISTRY)/$(IMAGE):$(TAG_DEV) \
+		. -f Dockerfile.development
+
+image-dev-fpm:
+	$(CONMAN) buildx build --push \
+		--platform linux/amd64 \
+		--tag $(REGISTRY)/$(IMAGE):$(TAG_DEV_FPM) \
+		. -f Dockerfile.fpm-development
+
+image-prod-rw:
+	$(CONMAN) buildx build --push \
+		--platform linux/arm64 \
+		--tag $(REGISTRY)/$(IMAGE):$(TAG_PROD_RW) \
+		. -f Dockerfile.readwrite
+
+image-prod-ro:
+	$(CONMAN) buildx build --push \
+		--platform linux/arm64 \
+		--tag $(REGISTRY)/$(IMAGE):$(TAG_PROD_RO) \
+		.
+
+image-prod-fpm:
+	$(CONMAN) buildx build --push \
+		--platform linux/amd64 \
+		--tag $(REGISTRY)/$(IMAGE):$(TAG_PROD_FPM) \
+		. -f Dockerfile.fpm
+
+.PHONY: image image-dev image-prod-rw image-prod-ro image-dev-fpm image-prod-fpm

@@ 0,0 1,55 @@
+# php
+
+
+## Build and Deploy
+
+```
+make image
+```
+
+
+### Tags
+
+ + `latest` (a read-only and production-ready interpreter)
+ + `fpm` (a read-only and production-ready FastCGI server)
+ + `readwrite` (a production-ready interpreter allowing 8 megabyte uploads)
+ + `development` (an unsafe interpreter)
+ + `development-fpm` (an unsafe FastCGI server)
+
+----
+
+## Use
+
+Can be used with any container manager toolchain.
+
+Can be used as a base image.
+To run a PHP application requiring MySQL, try:
+
+```
+FROM registry.intra.dominic-ricottone.com/php:latest
+
+RUN mv "$PHP_INI_DIR/pdo-mysql.conf" "$PHP_INI_DIR/conf.d/php-pdo-mysql.ini"
+```
+
+To run a FastCGI application, try:
+
+```
+FROM registry.intra.dominic-ricottone.com/php:fpm
+
+WORKDIR /app
+
+COPY app-dist /app
+```
+
+The FastCGI server then can be proxied over port 9000.
+A script copied into the container at `/app/script.cgi` would be available
+at `example.com/script.cgi`.
+
+Partial configurations are available for:
+
+ + MySQL/MariaDB...
+   + with the `mysqli` driver (`mysqli.conf`)
+   + with the `pdo_mysql` driver (`pdo-mysql.conf`)
+ + PostgreSQL (`pgsql.conf`)
+ + Sodium (`sodium.conf`)
+

@@ 0,0 1,20 @@
+[global]
+
+daemonize = no
+
+;;;;;;;;;;;
+; Logging ;
+;;;;;;;;;;;
+error_log = /proc/self/fd/2
+log_level = notice
+log_limit = 8192
+
+;TODO: implement syslog logging
+;error_log = syslog
+;syslog.facility = daemon
+
+;;;;;;;;;;;;;;;;;;;;
+; Pool Definitions ;
+;;;;;;;;;;;;;;;;;;;;
+include=etc/php-fpm.d/*.conf
+

@@ 0,0 1,52 @@
+[www]
+
+;;;;;;;;;;;;;;;
+; Permissions ;
+;;;;;;;;;;;;;;;
+user = www-data
+group = www-data
+
+;;;;;;;;;;
+; Socket ;
+;;;;;;;;;;
+listen = 9000
+
+;listen = /run/php-fpm/php-fpm.sock
+;listen.owner = www-data
+;listen.group = www-data
+;listen.mode = 0660
+
+;;;;;;;;;;;;;;;;;;;
+; Pool Management ;
+;;;;;;;;;;;;;;;;;;;
+pm = dynamic
+pm.max_children = 5
+pm.start_servers = 2
+pm.min_spare_servers = 1
+pm.max_spare_servers = 3
+
+;pm = static
+;pm.max_children = 5
+
+;pm = ondemand
+;pm.max_children = 5
+;pm.process_idle_timeout = 10s
+
+;;;;;;;;;;;;;;;;;;;;;;;;;
+; Environment Variables ;
+;;;;;;;;;;;;;;;;;;;;;;;;;
+clear_env = no
+
+;;;;;;;;;;;
+; Logging ;
+;;;;;;;;;;;
+access.log = /proc/self/fd/2
+catch_workers_output = yes
+decorate_workers_output = no
+
+;;;;;;;;;;;;
+; Security ;
+;;;;;;;;;;;;
+;listen.allowed_clients = 127.0.0.1
+;security.limit_extensions = .php .html .htm
+

@@ 0,0 1,73 @@
+[PHP]
+
+;;;;;;;;;;;;;;;;;;;
+; php.ini Options ;
+;;;;;;;;;;;;;;;;;;;
+user_ini.filename =
+
+;;;;;;;;;;;;;;;;;;;;
+; Language Options ;
+;;;;;;;;;;;;;;;;;;;;
+enable_dl = Off
+engine = Off
+implicit_flush = Off
+output_buffering = 4096
+precision = 14
+short_open_tag = Off
+zend.enable_gc = On
+zlib.output_compression = Off
+
+;;;;;;;;;;;;;;;;;
+; Miscellaneous ;
+;;;;;;;;;;;;;;;;;
+expose_php = Off
+
+;;;;;;;;;;;;;;;;;;;
+; Resource Limits ;
+;;;;;;;;;;;;;;;;;;;
+max_execution_time = 30
+max_input_time = 60
+memory_limit = 128M
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; Error handling and logging ;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;error_log = "/var/log/php.log"
+log_errors = On
+
+;TODO: implement syslog logging
+;error_log = syslog
+;syslog.ident = php
+;syslog.facility = user
+;syslog.filter = ascii
+
+;;;;;;;;;;;;;;
+; Data Model ;
+;;;;;;;;;;;;;;
+auto_globals_hit = On
+default_charset = "UTF-8"
+default_mimetype = "text/html"
+register_argc_argv = Off
+request_order = "GP"
+variables_order = "GPCS"
+
+;;;;;;;;;;;;;;;;;;;;;;;;;
+; Paths and Directories ;
+;;;;;;;;;;;;;;;;;;;;;;;;;
+doc_root =
+user_dir =
+
+;;;;;;;
+; FPM ;
+;;;;;;;
+fastcgi.logging = Off
+
+;;;;;;;;;;;;;;;;;;;;;;;
+; MySQL Native Driver ;
+;;;;;;;;;;;;;;;;;;;;;;;
+[mysqlnd]
+;mysqlnd.mempool_default_size = 16000
+;mysqlnd.net_cmd_buffer_size = 2048
+;mysqlnd.net_read_buffer_size = 32768
+;mysqlnd.net_read_timeout = 31536000
+

@@ 0,0 1,37 @@
+[PHP]
+
+;; This is a partial configuration file for php(1).
+;; Intended for development use ONLY.
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; Error handling and logging ;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+report_memleaks = On
+report_zend_debug = On
+zend.assertions = 1
+
+;;;;;;;;;;;;;;
+; Data Model ;
+;;;;;;;;;;;;;;
+post_max_size = 0
+
+;;;;;;;;;;;;;;;;
+; File Uploads ;
+;;;;;;;;;;;;;;;;
+file_uploads = On
+upload_max_filesize = 512M
+max_file_uploads = 20
+
+;;;;;;;;;;;;;;;;;;
+; Fopen wrappers ;
+;;;;;;;;;;;;;;;;;;
+allow_url_fopen = On
+default_socket_timeout = -1
+
+;;;;;;;;;;;;;;;;;;;;;;;
+; MySQL Native Driver ;
+;;;;;;;;;;;;;;;;;;;;;;;
+[mysqlnd]
+mysqlnd.collect_statistics = On
+mysqlnd.collect_memory_statistics = On
+

@@ 0,0 1,18 @@
+[PHP]
+
+;; This is a partial configuration file for php(1).
+;; The interpreter will be configured for the mysqli driver.
+
+extension=mysqli
+
+[MySQLi]
+mysqli.allow_persistent = On
+mysqli.default_host =
+mysqli.default_port = 3306
+mysqli.default_pw =
+mysqli.default_user =
+mysqli.default_socket =
+mysqli.max_links = -1
+mysqli.max_persistent = -1
+mysqli.reconnect = Off
+

@@ 0,0 1,10 @@
+[PHP]
+
+;; This is a partial configuration file for php(1).
+;; The interpreter will be configured for the pdo_mysql driver.
+
+extension=pdo_mysql
+
+[Pdo_mysql]
+pdo_mysql.default_socket =
+

@@ 0,0 1,15 @@
+[PHP]
+
+;; This is a partial configuration file for php(1).
+;; The interpreter will be configured for the pgsql driver.
+
+extension=pgsql
+
+[PostgreSQL]
+pgsql.allow_persistent = On
+pgsql.auto_reset_persistent = Off
+pgsql.max_persistent = -1
+pgsql.max_links = -1
+pgsql.ignore_notice = 0
+pgsql.log_notice = 0
+

@@ 0,0 1,12 @@
+[PHP]
+
+;; This is a partial configuration file for php(1).
+;; The interpreter will be configured to not accept file uploads.
+
+;;;;;;;;;;;;;;;;
+; File Uploads ;
+;;;;;;;;;;;;;;;;
+file_uploads = Off
+upload_max_filesize = 0
+max_file_uploads = 0
+

@@ 0,0 1,14 @@
+[PHP]
+
+;; This is a partial configuration file for php(1).
+;; The interpreter will be configured to accept file uploads
+;; up to 8 megabytes (same as post_max_size).
+;; To adjust this limit, overwrite both post_max_size AND upload_max_filesize.
+
+;;;;;;;;;;;;;;;;
+; File Uploads ;
+;;;;;;;;;;;;;;;;
+file_uploads = On
+upload_max_filesize = 8M\
+max_file_uploads = 20
+

@@ 0,0 1,29 @@
+[PHP]
+
+;; This is a partial configuration file for php(1).
+;; Intended for production use.
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; Error handling and logging ;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+display_errors = Off
+display_startup_errors = Off
+error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
+report_memleaks = Off
+report_zend_debug = Off
+zend.assertions = -1
+zend.exception_ignore_args = On
+zend.exception_string_param_max_len = 0
+
+;;;;;;;;;;;;;;
+; Data Model ;
+;;;;;;;;;;;;;;
+post_max_size = 8M
+
+;;;;;;;;;;;;;;;;;;;;;;;
+; MySQL Native Driver ;
+;;;;;;;;;;;;;;;;;;;;;;;
+[mysqlnd]
+mysqlnd.collect_statistics = Off
+mysqlnd.collect_memory_statistics = Off
+

@@ 0,0 1,7 @@
+[PHP]
+
+;; This is a partial configuration file for php(1).
+;; The interpreter will be configured to use sodium.
+
+extension=sodium
+