commit 7140fba05df4dc1efb7e17b2a89c70450d7ca51e
Author: Olivier Navas <olivier.navas@libretic.fr>
Date:   Sat Jan 28 15:28:34 2023 +0100

    Initial commit

diff --git a/.htaccess b/.htaccess
new file mode 100644
index 0000000..40a008d
--- /dev/null
+++ b/.htaccess
@@ -0,0 +1,21 @@
+# Disable multiviews (conflicts with /admin/plugin.php) and index (security)
+Options -MultiViews -Indexes
+DirectoryIndex disabled
+DirectoryIndex index.php index.html
+
+# Prevents access to these urls
+<IfModule mod_alias.c>
+	RedirectMatch 403 /include/
+	RedirectMatch 403 /templates/
+	RedirectMatch 403 ^/scripts/
+	RedirectMatch 403 /data/
+	RedirectMatch 403 /.*\.log
+	RedirectMatch 403 /(README|VERSION|COPYING|Makefile|cron\.php)
+	RedirectMatch 403 /config\.(.*)\.php
+	RedirectMatch 403 /sous-domaine\.html
+	RedirectMatch 403 _inc\.php
+</IfModule>
+
+# Assumes a reverse proxy provides https
+SetEnv HTTPS "on"
+SetEnv HTTP_X_FORWARDED_PROTO "https"
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..3b5b0de
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,43 @@
+FROM php:8.1.12-apache-bullseye
+LABEL Maintainer="Libretic"
+LABEL Description="Unofficial Docker image for Paheko."
+
+ARG PAHEKO_VERSION
+ENV PAHEKO_VERSION=$PAHEKO_VERSION
+
+ENV APACHE_DOCUMENT_ROOT /var/www/paheko/www
+
+# Required PHP extensions and packages
+RUN apt-get update && \
+    apt-get install -y libicu-dev zlib1g-dev libpng-dev libzip-dev libfreetype6-dev libjpeg62-turbo-dev chromium && \
+    docker-php-ext-configure gd --with-freetype --with-jpeg && \
+    docker-php-ext-install -j$(nproc) gd intl zip opcache
+
+# Downloading and installing Paheko
+RUN cd /var/www && \
+    curl -L -O https://fossil.kd2.org/paheko/uv/paheko-$PAHEKO_VERSION.tar.gz && \
+    tar xzvf paheko-$PAHEKO_VERSION.tar.gz && \
+    mv paheko-$PAHEKO_VERSION /var/www/paheko && \
+    chown -R www-data: /var/www/paheko && \
+    rm -f paheko-$PAHEKO_VERSION.tar.gz
+
+# Downloading plugins
+RUN cd /var/www/paheko/data/plugins/ && \
+    curl -L -O https://fossil.kd2.org/paheko-plugins/uv/stock_velos.tar.gz ; \
+    curl -L -O https://fossil.kd2.org/paheko-plugins/uv/reservations.tar.gz ; \
+    curl -L -O https://fossil.kd2.org/paheko-plugins/uv/webstats.tar.gz ; \
+    curl -L -O https://fossil.kd2.org/paheko-plugins/uv/git_documents.tar.gz ; \
+    curl -L -O https://fossil.kd2.org/paheko-plugins/uv/taima.tar.gz ; \
+    curl -L -O https://fossil.kd2.org/paheko-plugins/uv/caisse.tar.gz ; \
+    curl -L -O https://fossil.kd2.org/paheko-plugins/uv/helloasso.tar.gz ; \
+    chown -R www-data: /var/www/paheko/data/plugins
+
+# Configure apache
+RUN sed -i 's#/var/www/html#${APACHE_DOCUMENT_ROOT}#g' /etc/apache2/sites-enabled/000-default.conf 
+
+# Prepare .config dir for chromium
+RUN mkdir /.config && \
+    chown -R www-data: /.config
+
+# Prepare apache .htaccess
+COPY .htaccess /var/www/paheko/
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..f5bf48a
--- /dev/null
+++ b/README.md
@@ -0,0 +1,113 @@
+# Paheko docker image builder
+
+Unofficial [Paheko](https://paheko.cloud/) docker image with plugins based on php official image with apache.
+
+## How to build image
+
+If you choose to use image from [*Docker Hub*](https://hub.docker.com/r/libretic/paheko), you can skip to next section.
+
+If you prefer to build your own image with Dockerfile in [*Git repository*](https://git.libretic.fr/olivier.navas/paheko_docker_image_builder), you can do the following.
+
+
+* Clone the repository
+
+```
+git clone https://git.libretic.fr/olivier.navas/paheko_docker_image_builder
+cd paheko_docker_image_builder
+```
+
+* Edit version file to choose your version of paheko
+
+Content of version file for paheko version 1.2.4:
+
+```
+PAHEKO_VERSION=1.2.4
+```
+
+* Build and tag the image
+```
+./build.sh
+```
+
+At the end of the build process you can check that you have a docker image for paheko tagged with chosen version:
+```
+docker image ls | grep paheko
+```
+
+
+## Adapt docker-compose.yml to fit your needs
+
+* Example with traefik routing by fqdn, custom php.ini and custom paheko config:
+
+This example assumes that my.paheko.fqdn is resolved to the address of a reverse proxy that serves https and forwards requests to
+traefik container on port named "web" (see: [traefik](https://github.com/traefik/traefik) and [traefik configuration](https://git.libretic.fr/libretic/ansible-role-docker_host))
+
+```
+version: '3.1'
+services:
+  paheko:
+    image: libretic/paheko:1.2.4
+    restart: always
+    volumes:
+      - ./config.local.php:/var/www/paheko/config.local.php
+      - ./php.ini:/usr/local/etc/php/php.ini
+      - pahekodata:/var/www/paheko/data
+      - /var/www/paheko/data/plugins
+    labels:
+      - "traefik.enable=true"
+      - "traefik.docker.network=traefik"
+      - "traefik.http.routers.demogarradin.entrypoints=web"
+      - "traefik.http.routers.demogarradin.rule=Host(`my.paheko.fqdn`)"
+      - "traefik.http.services.demogarradin.loadbalancer.server.port=80"
+    networks:
+      - traefik
+
+networks:
+  traefik:
+    external: true
+```
+
+
+* Example with paheko container listening on port 8080:
+
+This example assumes that my.paheko.fqdn is resolved to the address of a reverse proxy that serves https and forwards requests to port 8080 on 
+the host running paheko container.
+
+```
+version: '3.1'
+services:
+  paheko:
+    image: libretic/paheko:1.2.4
+    restart: always
+    volumes:
+      - pahekodata:/var/www/paheko/data
+      - /var/www/paheko/data/plugins
+    ports:
+      - 8080:80
+```
+
+## Run the container
+
+* To start the container
+
+```
+docker-compose up -d
+```
+
+Then open `https://my.paheko.fqdn` in your browser.
+
+
+* To stop the container
+
+```
+docker-compose down
+```
+
+
+## Acknowledgements
+
+[Paheko](https://paheko.cloud/) is free (FOSS) software. Thanks to Paheko team!
+
+This builder relies on resources hosted on Paheko's fossil server :
+
+* [general installation page](https://fossil.kd2.org/paheko/wiki?name=Installation) in French
diff --git a/build.sh b/build.sh
new file mode 100755
index 0000000..ba36872
--- /dev/null
+++ b/build.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+
+. version
+
+docker build . -t libretic/paheko:$PAHEKO_VERSION --build-arg PAHEKO_VERSION=$PAHEKO_VERSION
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..eeda6c8
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,22 @@
+version: '3.1'
+services:
+  paheko:
+    image: libretic/paheko:1.2.4
+    restart: always
+    volumes:
+      - ./config.local.php:/var/www/paheko/config.local.php
+      - ./php.ini:/usr/local/etc/php/php.ini
+      - pahekodata:/var/www/paheko/data
+      - /var/www/paheko/data/plugins
+    labels:
+      - "traefik.enable=true"
+      - "traefik.docker.network=traefik"
+      - "traefik.http.routers.demogarradin.entrypoints=web"
+      - "traefik.http.routers.demogarradin.rule=Host(`my.paheko.fqdn`)"
+      - "traefik.http.services.demogarradin.loadbalancer.server.port=80"
+    networks:
+      - traefik
+
+networks:
+  traefik:
+    external: true
diff --git a/version b/version
new file mode 100644
index 0000000..29463ca
--- /dev/null
+++ b/version
@@ -0,0 +1 @@
+PAHEKO_VERSION=1.2.4