Skip to content

Commit

Permalink
feat(debian)!: Changes to Debian 12 to Correlate with Latest Official…
Browse files Browse the repository at this point in the history
… OLS Ubuntu 22.04 Build

* Fixes #102
* Updates the Docker base image to use Debian 12.
* Updates build library requirements.
* Downgrades OpenSSL v3 to v1.1.1.
* Adds pull request Docker image build testing.
* Updates to build the OLS admin PHP version to match the system/hosting PHP version.
  • Loading branch information
timnolte committed Aug 6, 2023
1 parent c257b80 commit de3c8ea
Show file tree
Hide file tree
Showing 6 changed files with 118 additions and 28 deletions.
67 changes: 67 additions & 0 deletions .github/workflows/test-builds.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
name: docker-build

on:
workflow_dispatch:
pull_request:
branches:
- develop

env:
OLS_VERSION: 1.7.17
PHP_STABLE_VERSION: '8.2.8'
REGISTRY: ghcr.io

jobs:
buildx:
runs-on: self-hosted
strategy:
fail-fast: false
matrix:
PHP_VERSION: ['8.0.29', '8.1.21', '8.2.8']

steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0 # Required due to the way Git works, without it this action won't be able to find any or the correct tags

# https://github.com/marketplace/actions/docker-setup-buildx
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2

# https://github.com/marketplace/actions/docker-login
- name: Login to GitHub Packages
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
logout: false

# https://github.com/orgs/community/discussions/26625#discussioncomment-3252582
- name: Determine PHP Major/Minor Version
id: php-version
run: |
_0=$(echo ${{ matrix.PHP_VERSION }} | cut -d. -f1)
_1=$(echo ${{ matrix.PHP_VERSION }} | cut -d. -f2)
echo "_0=$_0" >> $GITHUB_OUTPUT
echo "_1=$_1" >> $GITHUB_OUTPUT
# https://github.com/marketplace/actions/build-and-push-docker-images
- name: Build Docker Images
uses: docker/build-push-action@v4
with:
context: template
platforms: linux/arm64
provenance: false
build-args: |
OLS_VERSION=${{ env.OLS_VERSION }}
PHP_VERSION=${{ matrix.PHP_VERSION }}
PHP_MAJOR_VERSION=${{ steps.php-version.outputs._0 }}
PHP_MINOR_VERSION=${{ steps.php-version.outputs._1 }}
push: false
tags: ${{ env.REGISTRY }}/ndigitals/openlitespeed:${{ env.OLS_VERSION }}-lsphp${{ steps.php-version.outputs._0 }}${{ steps.php-version.outputs._1 }}
no-cache: ${{ github.event_name == 'workflow_dispatch' && true || false }}
cache-from: type=registry,ref=${{ env.REGISTRY }}/ndigitals/openlitespeed:latest
cache-to: type=inline

47 changes: 34 additions & 13 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,60 +1,81 @@
# OpenLiteSpeed Docker Container

[![Build Status](https://github.com/ndigitals/ols-dockerfiles/workflows/docker-build/badge.svg)](https://github.com/ndigitals/ols-dockerfiles/actions/new)

Install a lightweight OpenLiteSpeed container using the Stable version in Debian 11 Linux on arm64.

### Prerequisites
* [Install Docker](https://www.docker.com/)

- [Install Docker](https://www.docker.com/)

## Build Components

The system will regulary build the OpenLiteSpeed Latest stable version, along with at least two PHP versions, currently only PHP 8.x.

|Component|Version|
| :-------------: | :-------------: |
|Linux|Debian 11|
|OpenLiteSpeed|[Latest stable version](https://openlitespeed.org/release-log/version-1-7-x)|
|PHP|[Latest stable version](https://www.php.net/downloads)|
| Component | Version |
| :-----------: | :--------------------------------------------------------------------------: |
| Linux | Debian 12(slim) |
| OpenLiteSpeed | [Latest stable version](https://openlitespeed.org/release-log/version-1-7-x) |
| PHP | [Latest stable versions](https://www.php.net/downloads) |

## Usage

### Download an image

Download the openlitespeed image, we can use latest for latest version

```
docker pull ghcr.io/ndigitals/openlitespeed:latest
```

or specify the OpenLiteSpeed version with lsphp version

```
docker pull ghcr.io/ndigitals/openlitespeed:1.7.16-lsphp80
docker pull ghcr.io/ndigitals/openlitespeed:1.7.17-lsphp80
```

### Start a Container

```
docker run --name openlitespeed -p 7080:7080 -p 80:80 -p 443:443 -it ghcr.io/ndigitals/openlitespeed:latest
```

You can also run with Detached mode, like so:

```
docker run -d --name openlitespeed -p 7080:7080 -p 80:80 -p 443:443 -it ghcr.io/ndigitals/openlitespeed:latest
```
Tip, you can get rid of `-p 7080:7080` from the command if you don’t need the web admin access.

Tip, you can get rid of `-p 7080:7080` from the command if you don’t need the web admin access.

### Add a sample page

The server should start running successfully, and you should be able to log into the container. Add some files you want to display with the following command:

```
docker exec -it openlitespeed bash
```
Your default `WORKDIR` should be `/var/www/vhosts/`, since the default document root path is `/var/www/vhosts/localhost/html`. Simply add the following command to `index.php`, then we can verify it from the browser with a public server IP address on both HTTP and HTTPS.

Your default `WORKDIR` should be `/var/www/vhosts/`, since the default document root path is `/var/www/vhosts/localhost/html`. Simply add the following command to `index.php`, then we can verify it from the browser with a public server IP address on both HTTP and HTTPS.

```
echo '<?php phpinfo();' > localhost/html/index.php
```

### Stop a Container

Feel free to substitute the "openlitespeed" to the "Container_ID" if you did not define any name for the container.

```
docker stop openlitespeed
```

## Support & Feedback

If you still have a question after using OpenLiteSpeed Docker, you have a few options.
* Join [the GoLiteSpeed Slack community](https://litespeedtech.com/slack) for real-time discussion
* Post to [the OpenLiteSpeed Forums](https://forum.openlitespeed.org/) for community support
* Reporting any issue on [Github ols-dockerfiles](https://github.com/ndigitals/ols-dockerfiles/issues) project

**Pull requests are always welcome**
- Join [the GoLiteSpeed Slack community](https://litespeedtech.com/slack) for real-time discussion
- Post to [the OpenLiteSpeed Forums](https://forum.openlitespeed.org/) for community support
- Reporting any issue on [Github ols-dockerfiles](https://github.com/ndigitals/ols-dockerfiles/issues) project

**Pull requests are always welcome**
8 changes: 4 additions & 4 deletions template/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ ARG PHP_MINOR_VERSION

FROM litespeedtech/openlitespeed:${OLS_VERSION}-lsphp${PHP_MAJOR_VERSION}0 AS ols

FROM debian:11-slim
FROM debian:12-slim

LABEL org.opencontainers.image.url=https://github.com/ndigitals/ols-dockerfiles
LABEL org.opencontainers.image.documentation=https://github.com/ndigitals/ols-dockerfiles/wiki
Expand All @@ -29,9 +29,9 @@ ENV OLS_VERSION=${OLS_VERSION}
ENV PHP_VERSION=${PHP_VERSION}
ENV PHP_MAJOR_VERSION=${PHP_MAJOR_VERSION}
ENV PHP_MINOR_VERSION=${PHP_MINOR_VERSION}
ENV OLS_ADMIN_PHP_VERSION=7.4.33
ENV OLS_ADMIN_PHP_MAJOR_VERSION=7
ENV OLS_ADMIN_PHP_MINOR_VERSION=4
ENV OLS_ADMIN_PHP_VERSION=${PHP_VERSION}
ENV OLS_ADMIN_PHP_MAJOR_VERSION=${PHP_MAJOR_VERSION}
ENV OLS_ADMIN_PHP_MINOR_VERSION=${PHP_MINOR_VERSION}

COPY *.sh /build/

Expand Down
6 changes: 3 additions & 3 deletions template/config-build-env.sh
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ MINIMAL_APT_GET_ARGS='-y --no-install-recommends'
PACKAGES_INSTALLED_LOG="/tmp/packages.lst"

## Run time dependencies ##
RUN_PACKAGES="ca-certificates cron tzdata openssl mariadb-client libgssapi-krb5-2 libkrb5-3 libexpat1 libxml2 libargon2-1 libenchant-2-2 libpng16-16 libwebp6 libjpeg62-turbo libxpm4 libfreetype6 libonig5 libsodium23 libxslt1.1 libzip4 libzstd1 liblz4-1 libcurl4 imagemagick libc-client2007e libmemcached11 libdbd-freetds freetds-bin procps libatomic1 net-tools less libjpeg-turbo-progs optipng gifsicle zip unzip libyajl2 libpcre2-posix2 libpcre++0v5 liblmdb0 libgeoip1 ruby-full gnupg2 nodejs yarn"
RUN_PACKAGES="ca-certificates cron tzdata mariadb-client openssl libssl1.1 libgssapi-krb5-2 libkrb5-3 libexpat1 libxml2 libargon2-1 libenchant-2-2 libpng16-16 libwebp6 libjpeg62-turbo libxpm4 libfreetype6 libonig5 libsodium23 libxslt1.1 libzip4 libzstd1 liblz4-1 libcurl4 libcurlpp0 imagemagick libc-client2007e libmemcached11 libdbd-freetds freetds-bin procps libatomic1 net-tools less libjpeg-turbo-progs optipng gifsicle zip unzip libyajl2 libpcre2-posix3 liblmdb0 libgeoip1 ruby-full gnupg2 nodejs yarn libmodsecurity3 modsecurity-crs liblua5.3-0"

## Build time dependencies ##

Expand All @@ -24,10 +24,10 @@ BUILD_PACKAGES="git curl wget"
BUILD_PACKAGES="$BUILD_PACKAGES pkg-config"

# OLS build required packages
BUILD_PACKAGES="$BUILD_PACKAGES cmake g++ libgeoip-dev liblmdb-dev libyajl-dev libpcre++-dev"
BUILD_PACKAGES="$BUILD_PACKAGES cmake g++ libgeoip-dev liblmdb-dev libyajl-dev libmodsecurity-dev liblua5.3-dev"

# PHP building required packages
BUILD_PACKAGES="$BUILD_PACKAGES build-essential libssl-dev libdb5.3-dev krb5-multidev libkrb5-dev bison autoconf automake libtool re2c flex libxml2-dev libbz2-dev libcurl4-openssl-dev libexpat1-dev libjpeg-dev libfreetype6-dev libgmp3-dev libpng-dev libxpm-dev libc-client2007e-dev libenchant-2-dev libsasl2-dev libc-client2007e-dev libldap2-dev libldb-dev libmcrypt-dev libmhash-dev freetds-dev zlib1g-dev libpq-dev libmariadb-dev-compat libmariadb-dev libncurses5-dev libpcre2-dev libpcre3-dev unixodbc-dev libsqlite3-dev libaspell-dev libreadline6-dev librecode-dev libsnmp-dev libtidy-dev libxslt-dev libonig-dev libzip-dev libwebp-dev freetds-dev libpspell-dev libedit-dev libsodium-dev libargon2-dev libvarnishapi-dev libmagickwand-dev libmagickcore-dev libmemcached-dev libzstd-dev liblz4-dev libyaml-dev libffi-dev"
BUILD_PACKAGES="$BUILD_PACKAGES build-essential libdb5.3-dev krb5-multidev libkrb5-dev bison autoconf automake libtool re2c flex libxml2-dev libbz2-dev libcurlpp-dev libssl-dev libcurl4-openssl-dev libexpat1-dev libjpeg-dev libfreetype6-dev libgmp3-dev libpng-dev libxpm-dev libc-client2007e-dev libenchant-2-dev libsasl2-dev libc-client2007e-dev libldap2-dev libldb-dev libmcrypt-dev libmhash-dev freetds-dev zlib1g-dev libpq-dev libmariadb-dev-compat libmariadb-dev libncurses5-dev libpcre2-dev unixodbc-dev libsqlite3-dev libaspell-dev libreadline6-dev librecode-dev libsnmp-dev libtidy-dev libxslt-dev libonig-dev libzip-dev libwebp-dev freetds-dev libpspell-dev libedit-dev libsodium-dev libargon2-dev libvarnishapi-dev libmagickwand-dev libmagickcore-dev libmemcached-dev libzstd-dev liblz4-dev libyaml-dev libffi-dev"

# apt-get remove --allow-remove-essential enters an infinite loop of
# pam errors with this package
Expand Down
1 change: 1 addition & 0 deletions template/config-php.sh
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ ln -sf $LSWS_HOME/lsphp${PHP_MAJOR_VERSION}${PHP_MINOR_VERSION}/bin/lsphp${PHP_M
ln -sf $LSWS_HOME/lsphp${PHP_MAJOR_VERSION}${PHP_MINOR_VERSION}/bin/lsphp${PHP_MAJOR_VERSION}.${PHP_MINOR_VERSION} $LSWS_HOME/lsphp${PHP_MAJOR_VERSION}${PHP_MINOR_VERSION}/bin/lsphp

# Install missing PECL PHP modules.
$LSWS_HOME/lsphp${PHP_MAJOR_VERSION}${PHP_MINOR_VERSION}/bin/pecl channel-update pecl.php.net
$LSWS_HOME/lsphp${PHP_MAJOR_VERSION}${PHP_MINOR_VERSION}/bin/pecl install igbinary
$LSWS_HOME/lsphp${PHP_MAJOR_VERSION}${PHP_MINOR_VERSION}/bin/pecl install msgpack
$LSWS_HOME/lsphp${PHP_MAJOR_VERSION}${PHP_MINOR_VERSION}/bin/pecl install lzf
Expand Down
17 changes: 9 additions & 8 deletions template/prepare-build.sh
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,15 @@ curl -sL https://deb.nodesource.com/setup_16.x | bash -
curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list

# Add snapshots reposted to install OpenSSL 1.1.1o & WebP6 libraries.
echo "deb [check-valid-until=no] https://snapshot.debian.org/archive/debian/20220507T034236Z/ bullseye main" | tee /etc/apt/sources.list.d/snapshots.list
echo "deb [check-valid-until=no] https://snapshot.debian.org/archive/debian-security/20230521T180335Z/ bullseye/updates main" | tee /etc/apt/sources.list.d/snapshots-security.list

echo libssl1.1 hold | dpkg --set-selections && \
echo libssl-dev hold | dpkg --set-selections && \
echo openssl hold | dpkg --set-selections && \
echo libwebp6 hold | dpkg --set-selections

apt-get update -y

dpkg --get-selections | awk '{print $1}' | sort > "$PACKAGES_INSTALLED_LOG"
Expand All @@ -20,11 +29,3 @@ cat "$PACKAGES_INSTALLED_LOG"

apt-get install $MINIMAL_APT_GET_ARGS $BUILD_PACKAGES $RUN_PACKAGES

# https://github.com/SpiderLabs/ModSecurity/issues/804#issuecomment-246158487
#cd /build || exit

# Download and prepare YAJL source.
#wget https://github.com/lloyd/yajl/archive/refs/tags/2.1.0.tar.gz -O yajl-2.1.0.tar.gz && \
# tar xzf yajl-2.1.0.tar.gz && cd yajl-2.1.0 && \
# ./configure

0 comments on commit de3c8ea

Please sign in to comment.