diff --git a/000-default.conf b/000-default.conf new file mode 100644 index 0000000..fac52fa --- /dev/null +++ b/000-default.conf @@ -0,0 +1,143 @@ + + # The ServerName directive sets the request scheme, hostname and port that + # the server uses to identify itself. This is used when creating + # redirection URLs. In the context of virtual hosts, the ServerName + # specifies what hostname must appear in the request's Host: header to + # match this virtual host. For the default virtual host (this file) this + # value is not decisive as it is used as a last resort host regardless. + # However, you must set it for any further virtual host explicitly. + #ServerName www.example.com + + ServerAdmin webmaster@localhost + DocumentRoot /var/www/paheko/www + + # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, + # error, crit, alert, emerg. + # It is also possible to configure the loglevel for particular + # modules, e.g. + #LogLevel info ssl:warn + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + # For most configuration files from conf-available/, which are + # enabled or disabled at a global level, it is possible to + # include a line for only one particular virtual host. For example the + # following line enables the CGI configuration for this host only + # after it has been globally disabled with "a2disconf". + #Include conf-available/serve-cgi-bin.conf + + # Following is from : https://fossil.kd2.org/paheko/file?name=src/apache-vhost.conf + Options -Indexes -Multiviews +FollowSymlinks + + DirectoryIndex index.php index.html + + # Some security + + RedirectMatch 404 _inc\.php + + + # Recommended, if you have xsendfile module + # see https://tn123.org/mod_xsendfile/ + # Also enable X-SendFile in config.local.php + # + # + # + # XSendFile On + # XSendFilePath /home/paheko/ + # + # + + # This is to avoid caching mismatch when using mod_deflate + # see https://github.com/symfony/symfony-docs/issues/12644 + + FileETag None + + + # Allow uploads up to 256 MB where it's required + + + php_value post_max_size 256M + php_value upload_max_filesize 256M + + + + php_value post_max_size 256M + php_value upload_max_filesize 256M + + + + + SetEnv PHP_VALUE "post_max_size=256M" + + # There is no way to pass multiple PHP ini settings via PHP_VALUE :-( + # so we use PHP_ADMIN_VALUE here. It works unless we have more than 2 settings to change. + SetEnv PHP_ADMIN_VALUE "upload_max_filesize=256M" + + + + + + AddDefaultCharset utf-8 + AddCharset utf-8 .html .css .js .txt + + RewriteEngine On + #RewriteBase / + + RewriteRule \.cache - [R=404] + RewriteRule \.well-known/assetlinks.json - [R=404] + + # Stop rewrite for /admin URL, except for /admin/p/ (plugins) + RewriteCond %{REQUEST_URI} ^/?admin(?!/p/) + RewriteRule ^ - [END] + + # Skip directly to router if possible + # Do not try cache if method is not GET or HEAD + RewriteCond %{REQUEST_METHOD} !GET|HEAD [OR] + + # Do not try to get from cache if URL is private, or belongs to modules/plugins + RewriteCond %{REQUEST_URI} ^/admin|^/?(?:dav|wopi|p|m|api)/|\.php$ [OR] + + # NextCloud routes + RewriteCond %{REQUEST_URI} ^/?(?:remote\.php|index\.php|ocs|avatars|status\.php)/ [OR] + + # Private files are not part of the cache + RewriteCond %{REQUEST_URI} ^/?(?:documents|user|transaction|ext|attachments|versions)/ + + # Skip, go to router directly + RewriteRule ^ - [skip=8] + + # Store MD5 hashes in environment variables + RewriteCond %{REQUEST_URI} ^(.+)(?:\?|$) + RewriteRule ^ "-" [E=CACHE_URI:%1] + # Extract file extension (required for Apache to serve the correct mimetype) + RewriteCond %{REQUEST_URI} (\.[a-z0-9]+)(?:\?|$) + RewriteRule ^ "-" [E=CACHE_EXT:%1] + # If no extension, default to .html + RewriteCond %{REQUEST_URI} !\.[a-z0-9]+(?:\?|$) + RewriteRule ^ "-" [E=CACHE_EXT:.html] + RewriteCond expr "md5(%{ENV:CACHE_URI}) =~ /^(.+)$/" + RewriteRule ^ "-" [E=CACHE_URI_MD5:%1] + RewriteCond expr "md5(tolower(%{HTTP_HOST})) =~ /^((.{2}).+)$/" + RewriteRule ^ "-" [E=CACHE_HOST_MD5:%1,E=CACHE_HOST2_MD5:%2] + RewriteCond /.cache/%{ENV:CACHE_HOST_MD5}/%{ENV:CACHE_URI_MD5} (.+) + RewriteRule ^ "-" [E=CACHE_PATH:%1] + + # Serve symlinks for files + RewriteCond %{QUERY_STRING} ="" [OR] + RewriteCond %{QUERY_STRING} ^h=[a-f0-9]+$ + RewriteCond %{DOCUMENT_ROOT}%{ENV:CACHE_PATH}%{ENV:CACHE_EXT} -l + RewriteRule ^ %{ENV:CACHE_PATH}%{ENV:CACHE_EXT} [END] + + # Do not try cache for pages if user is logged-in + RewriteCond %{HTTP_COOKIE} !pko= + # Serve static HTML pages + RewriteCond %{QUERY_STRING} ="" + RewriteCond %{DOCUMENT_ROOT}%{ENV:CACHE_PATH}%{ENV:CACHE_EXT} -f + RewriteCond %{DOCUMENT_ROOT}%{ENV:CACHE_PATH}%{ENV:CACHE_EXT} !-l + RewriteRule ^ %{ENV:CACHE_PATH}%{ENV:CACHE_EXT} [END] + + # Redirect to router + RewriteRule ^ /_route.php [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},END,QSA] + + diff --git a/Dockerfile b/Dockerfile index cc1d7b0..d417675 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM php:8.1.12-apache-bullseye +FROM php:8.2.10-apache-bullseye LABEL Maintainer="Libretic" LABEL Description="Unofficial Docker image for Paheko." @@ -10,6 +10,9 @@ RUN apt-get update && \ docker-php-ext-configure gd --with-freetype --with-jpeg && \ docker-php-ext-install -j$(nproc) gd intl zip opcache +# Enable Apache rewrite module +RUN a2enmod rewrite + ARG PAHEKO_VERSION ENV PAHEKO_VERSION=$PAHEKO_VERSION @@ -32,12 +35,17 @@ RUN cd /var/www/paheko/data/plugins/ && \ curl -L -O https://fossil.kd2.org/paheko-plugins/uv/helloasso.tar.gz ; \ chown -R www-data: /var/www/paheko/data/plugins -# Configure apache -RUN sed -i 's#/var/www/html#${APACHE_DOCUMENT_ROOT}#g' /etc/apache2/sites-enabled/000-default.conf +# Change apache documentroot +RUN sed -ri "s#/var/www/html#/var/www/paheko/www#g" /etc/apache2/sites-available/*.conf +RUN sed -ri -e "s#/var/www/#/var/www/paheko/www/#g" /etc/apache2/apache2.conf /etc/apache2/conf-available/*.conf # Prepare .config dir for chromium RUN mkdir /.config && \ chown -R www-data: /.config -# Prepare apache .htaccess -COPY .htaccess /var/www/paheko/ +# Prepare apache .htaccess and virtualhost +COPY .htaccess /var/www/paheko/www/ +COPY 000-default.conf /etc/apache2/sites-available/000-default.conf + +# Test apache responds to validate that everything is up&running +HEALTHCHECK --timeout=10s CMD curl --silent --fail http://127.0.0.1/admin/ diff --git a/README.md b/README.md index 950c266..0cd6f79 100644 --- a/README.md +++ b/README.md @@ -18,10 +18,10 @@ cd paheko_docker_image_builder * Edit version file to choose your version of paheko -Content of version file for paheko version 1.2.4: +Content of version file for paheko version 1.3.0: ``` -PAHEKO_VERSION=1.2.4 +PAHEKO_VERSION=1.3.0 ``` * Build and tag the image @@ -51,7 +51,7 @@ traefik container on port named "web" (see: [traefik](https://github.com/traefik version: '3.1' services: paheko: - image: libretic/paheko:1.2.4 + image: libretic/paheko:1.3.0 restart: always volumes: - ./config.local.php:/var/www/paheko/config.local.php @@ -82,7 +82,7 @@ the host running paheko container. version: '3.1' services: paheko: - image: libretic/paheko:1.2.4 + image: libretic/paheko:1.3.0 restart: always volumes: - ./config.local.php:/var/www/paheko/config.local.php diff --git a/config.local.php.example b/config.local.php.example index 3cbc2d8..3cc9a2c 100644 --- a/config.local.php.example +++ b/config.local.php.example @@ -1,5 +1,5 @@