whatwedo / docker-base-images Goto Github PK

How do people enable email notifications?
icinga is running a script (/etc/icinga2/scripts/mail-service-notification.sh) which tries to execute the mail command, and there's no mail command installed.
It's an easy fix to install the mail command, but I'm wondering why it's missing, I thought maybe there is a reason. surely I'm not the first person to want to enable email notifications? what does everyone else do?

Thanks for providing the container!

I am doing a research aiming at finding issues in configuration files. After pulling the image we notice that ServerAdmin is set to webmaster@localhost in /etc/apache2/sites-enabled/000-default.conf.

However, the HttpD official document recommends the following config:

• ServerAdmin: "However, it's recommended to actually use an email address, since there are a lot of CGI scripts that make that assumption. "

Could you please provide a knob to specify the value of ServerAdmin?

WordPress Cron runs as root. Should run as www-data

https://github.com/whatwedo/docker-base-images/blob/master/files/wordpress-nginx-w3tc/crontab

Has been released on 2019-06-19 and can be safely used.

instead of having all locations in nginx.conf, we should include them in a separate file so that it can be overwritten easier.

probably it's possible to create something like a location.d folder so that we can remove/modify/add them more dynamically.

I have forked your great repo to add jmx4perl package to icinga2 but building icinga2 image gives an error on add-apt-repository -y ppa:ondrej/php5-5.6:
Cannot add PPA: 'ppa:ondrej/php5-5.6'. Please check that the PPA name or format is correct.

It looks like ppa:ondrej/php5-5.6 has been deprecated in favour of ppa:ondrej/php, I am not sure though if it provides the same functionalities your image needs

/etc/icingaweb2 don't get initialized properly if /etc/icingaweb2 is a mounted host directory. A possibility to fix this would be alter the Dockerfile so it copies /etc/icingaweb2 to /etc/icingaweb2_copy and /bin/firstboot tests if /etc/icingaweb2/ is empty, and if it is, copies /etc/icingaweb2_copy/* to /etc/icingaweb2.

with the fix to php repo installing php5.6 the default timezone of php is no longer set as the location of php.ini file has changed from /etc/php5/apache2/php.ini to /etc/php/5.6/apache2/php.ini

f.ex. use /etc/php7/conf.d/50_symfony2.ini instead of a RUN

Hi,
your latest image of whatwedo/icinga2 don't work.
I using latest official Mysql Docker image and in Icinga's container logs I can see this error:
[2016-07-15 13:09:28 +0200] critical/IdoMysqlConnection: Error "Incorrect datetime value: '0000-00-00 00:00:00' for column 'disconnect_time' at row 1" when executing query "INSERT INTO icinga_conninfo (instance_id, connect_time, last_checkin_time, agent_name, agent_version, connect_type, data_start_time) VALUES (1, NOW(), NOW(), 'icinga2 db_ido_mysql', 'r2.4.7-1', 'INITIAL', NOW())"

And another problem is verify my token in web UI which is generated in container startup.
When I click to "Next" button, this happens:
Cannot validate token: /etc/icingaweb2/setup.token (FileObject::__construct(/etc/icingaweb2/setup.token): failed to open stream: Permission denied)

Hello, I try to setup a container from your whatwedo/symfony4 image but I get the previous error, after troubleshooting a little bit, it turns out that the file exists nowhere in the system. Here is the complete stacktrace.

2020/02/20 16:45:08 [crit] 551#551: *1 connect() to unix:/var/run/php-fpm.sock failed (2: No such file or directory) while connecting to upstream, client: 172.17.0.1, server: , request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.sock:", host: "localhost:5000"
172.17.0.1 - - [20/Feb/2020:16:45:08 +0100] "GET / HTTP/1.1" 502 157 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:72.0) Gecko/20100101 Firefox/72.0"
2020/02/20 16:45:08 [crit] 551#551: *1 connect() to unix:/var/run/php-fpm.sock failed (2: No such file or directory) while connecting to upstream, client: 172.17.0.1, server: , request: "GET /favicon.ico HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.sock:", host: "localhost:5000"
172.17.0.1 - - [20/Feb/2020:16:45:08 +0100] "GET /favicon.ico HTTP/1.1" 502 157 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:72.0) Gecko/20100101 Firefox/72.0"

See https://github.com/peterbourgon/runsvinit for example solution.

Maybe it's enough to just modify our SIGTERM trap to send INT to runit, then users can implement the ctrlaltdel service to handle shutdown themselves? (see http://smarden.org/runit1/runit.8.html#sect6)

OS: Ubuntu 17.04 64-bit
Vagrant version: 1.9.7
Virtualbox Version; 5.1.26
Provider: Virtualbox

After 'vagrant up' executes the reload command, Ubuntu boots into a grub console.
At this point 'Vagrant up' hangs for several minutes trying to connect over ssh, resulting in an error.

Set Timezone for Gitlab.
see: https://docs.gitlab.com/ce/workflow/timezone.html

new features / bc

• creating /bin/everyboot.d instead of a single everyboot file
• creating /bin/firstboot.d instead of a single firstboot file
• create different images for different ruby versions (currently 2.1, 2.2 and 2.3)
• use --no-install-recommends for smaller images and prevent php7.1-cli installation in older versions
• new nginx-pagespeed image

refactoring

• use same functions for the same task (e.g. always use curl for downloads, not wget)
• check hashsum of every downloaded file
• only add those files needed by the image in the dist folders
• do apt cleanup after every apt run (see comment of @chesty)
• use HEALTHCHECK to check if all processes of supervisord are running
• change docroot of nginx/apache to /var/www/
• remove wordpress-nginx-w3tc and create instead wordpress-nginx based on nginx-pagespeed
• check if cron can be removed from base image

proposals

• update to bionic beaver or use a smaller image
• move image building to our own gitlab instance for a faster and better organised build process (Link)
• define a build order so that whatwedo/base is always the first image to build (Example)
• shrink number of layers and the size of whatwedo/base

https://nginx.org/en/linux_packages.html#Alpine

it's not possible to set an order of the upstart files based on the name because find will order the files (mostly) by date added

/var/www # find /etc/upstart -mindepth 1 -maxdepth 1 -type f
/etc/upstart/90-preload.sh
/etc/upstart/10-clear-cache.sh
/etc/upstart/20-translations.sh

add server_tokens off; in http.conf

Image build of whatwedo/icinga2:v1.7 is broken: https://dev.whatwedo.ch/whatwedo/docker-base-images/-/jobs/49747

Trying to run whatwedo/wordpress-nginx-w3tc and get this type of error, not sure how to handle it

2017-06-16 11:42:29,278 INFO success: memcached entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
nginx-access-log stderr | tail: unrecognized file system type 0x794c7630 for ‘/var/log/nginx/access.log’. please report this to [email protected]. reverting to polling
nginx-error-log stderr | tail: unrecognized file system type 0x794c7630 for ‘/var/log/nginx/error.log’. please report this to [email protected]. reverting to polling
syslog-log stderr | tail: unrecognized file system type 0x794c7630 for ‘/var/log/syslog’. please report this to [email protected]. reverting to polling
cron-log stderr | tail: unrecognized file system type 0x794c7630 for ‘/var/log/cron.log’. please report this to [email protected]. reverting to polling
syslog stderr | rsyslogd: imklog: cannot open kernel log (/proc/kmsg): Operation not permitted.
rsyslogd: activation of module imklog failed [try http://www.rsyslog.com/e/2145 ]
syslog stderr | rsyslogd: Could no open output pipe '/dev/xconsole': No such file or directory [try http://www.rsyslog.com/e/2039 ]

currently not available for php 8 (codecasts/php-alpine)

For our current CI we should use the image docker:20.10-dind, not docker:dind.

docker:dind currently throws a permission error on build; this isn't the case with `docker:20.10-dind

#8 11.48 make: /bin/sh: Operation not permitted

I 'm using ubuntu 12.04 and i want to upgrade my php version from 5.4 to 5.6
Cannot add PPA: 'ppa:ondrej/php'. Please check that the PPA name or format is correct
i install sudo apt-get install --reinstall ca-certificates . but i still have the sae issue . could someone help me please??

Add npm images as a future replacement for the outdated yarn version images.

It basically requires RUN apk add --update npm on the base images.

Bonus: Make the npm version controllable.

The nodejs version dictates what version of npm is used. There are cases we might want to try out a newer version.

Other notes that might be useful

A preferred way to install npm packages might be:

npm install --prefer-offline --no-audit --cache ./.npm

Or a clean install that deletes node_modules before running:

npm ci --prefer-offline --no-audit --cache ./.npm

1. You want to use --prefer-offline when running in a cached environment to make use of that cache
2. You might want to use npm ci when you want to make you have a clean install of all dependencies. You will not benefit from a cache node_modules folder.
3. You might want to strictly define the location of the cache folder and cache that folder, in case you would rather not cache all node_modules.

Simplify the config structure for nginx.
The current structure with directive.d, http.d, server.d and default.d makes it way more complicated than needed without added value

f.ex

Running upstart file /etc/upstart/10-set-permissions.sh... 0.5s
Running upstart file /etc/upstart/20-clear-cache.sh... 2s

doas will be pushed by alpine (see https://gitlab.alpinelinux.org/alpine/tsc/-/issues/1). we should replace gosu with doas

Today, we released the v2.0 version of our Docker images. It have been a long journey since version v1.0. Due to the end of life of many of software used in the v1.x, we decided to do a complete rewrite.

Below, you will find the most important changes:

• Common
  • All images run with Alpine 3.9 instead of Ubuntu 14.04.
  • There will be no latest tag available in future. Using a latest tag can cause a lot of troubles, especially if you are using Docker in production. Currently there is a latest tag available due to compatibility issues, but it will be removed in summer 2019. Please use the current stable tag (v2.0) instead or for the old images v1.7.
  • All v2.0 images are a lot smaller than the old v1.x images. e. g. bash oder make aren't part of the images anymore. They are tools which often aren't needed on production.
• Init system
  • The script /bin/firstboot and /bin/everyboot do not exist anymore. Instead your are able to place one or multiple scripts in the /etc/upstart directory. These scripts are going to be automatically executed in alphabetical order at the container startup. There is no integrated firstboot check anymore.
  • All Images uses runit instead of supervisord. runit is a lightweight init system with service supervision. runit is configured to load and monitor all services in the /etc/service directory.
• Healhcheck
  • goss is now integrated per default. goss is a tool for validating a server’s configuration and health. goss is preconfigured to run several checks which are automatically exposed to Docker health check. If you are using Kubernetes, you can run goss validate as liveness/readyness probe. If you want to add you own checks, you can place it in the /etc/goss/conf.d directory.
• They are many images we we don't support in future and which are only receiving security updates. You will find a list below:
  • whatwedo/apache-php56
  • whatwedo/apache-php70
  • whatwedo/apache-php71
  • whatwedo/apache-php72
  • whatwedo/apache
  • whatwedo/bind
  • whatwedo/cloudflare-railgun
  • whatwedo/docker
  • whatwedo/elasticsearch
  • whatwedo/golang
  • whatwedo/icinga2
  • whatwedo/java
  • whatwedo/kibana
  • whatwedo/logstash-forwarder
  • whatwedo/logstash
  • whatwedo/mariadb
  • whatwedo/memcached
  • whatwedo/mongodb
  • whatwedo/nextcloud
  • whatwedo/node
  • whatwedo/owncloud
  • whatwedo/postgres
  • whatwedo/puppet-client
  • whatwedo/redis
  • whatwedo/ruby
  • whatwedo/squid
  • whatwedo/tomcat
  • whatwedo/wordpress
• PHP/Symfony
  • Images are based on PHP 7.3 now
  • composer is now installed per default
  • There are no different image repos with different PHP versions. Instead the PHP version is fixed based on the Docker image tag.
• Symfony
  • Symfony images do not longer container Node/NPM. We suggest do use a Docker multi stage build together with our new whatwedo/yarn image instead.

You will find the full list of all new images and their documentation under: https://github.com/whatwedo/docker-base-images/tree/v2.0

https://github.com/whatwedo/docker-base-images/tree/v2.1/images/symfony5

existiert aber falsch benannt etc.

Hello,

I would like to add mongodb extension.
I can't put it in my composer.json because If I do, I've got an error message
Class "MongoDB\Driver\Monitoring\CommandSubscriber" not found while loading "Doctrine\Bundle\MongoDBBundle\APM\PSRCommandLogger".

So is there any way to do it easily ?

Currently you have to pull the container or look into the sources, to know which tag correspondents to which version of f.e php or nginx

Create nginx-pagespeed-php image

The links point to v2.1 branch, but the branch is still called v2.1-dev.

If you're creating an iimage without and upstart file, /bin/upstart shows a weird message (Running upstart file sh):

docker run xyz
Running upstart file sh...
Running runit services...

The container will still work without problems.

Create OpenLDAP image based on Alpine

used e.g. for file upload via multipart (nginx tries to store in /var/lib/nginx/tmp/client_body/)

Currently, the health check runs every 30s. Even if our container boot only takes some seconds, this means, the reverse proxy sends the first traffic after 30 seconds after starting the container if the container is healthy at this time.

With Docker Engine 25.0, a new "StartInterval" configuration was introduced to mark the container as started / healthy more quicky:

moby/moby#40894

We should add this to our healthcheck.

I'm building a Docker image based on nginx-php70. I want to add a new script to be executed when the container is booted but I'm having a hard time figuring out how to properly do it.

P.S. I'm a beginner in a Docker and this might be more related to that than to this image in particular.

Hi,

with /bin/firstboot

if [ -f /etc/firstboot/flag ];
then
   exit
fi

date > /etc/firstboot/flag
echo "Run content of /bin/firstboot..."
...

would you be open to making the firstboot check something like

if [[ ! -z `mysql -h $DB_SERVER -u $DB_USER -p$DB_PW -P $DB_PORT -e "SELECT SCHEMA_NAME FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME='$DB_NAME'"  $DB_NAME` ]]; then 
  exit ; 
fi
echo "Run content of /bin/firstboot..."
...

I'm new to docker, I can't see how to upgrade the container when you're checking the existence of a file to determine first boot. and as I typed that, I thought I could probably make /etc/firstboot/flag a volume.

I guess my real question is, how do i upgrade the container when a new image drops? what's the docker way?

We should run mysql_upgrade -p$MYSQL_ROOT_PASSWORD in the everyboot script. But this only works if mysqld is running. How to solve?

https://github.com/whatwedo/docker-base-images/blob/master/modules/mariadb.m4#L29

creating databases with - is not possible due to missing `. for example: example-dev