-
Notifications
You must be signed in to change notification settings - Fork 1
/
Dockerfile
205 lines (181 loc) · 6.44 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
FROM php:8.1-apache as mw39
# System dependencies
RUN set -eux; \
\
apt-get update; \
apt-get install -y --no-install-recommends \
git \
librsvg2-bin \
imagemagick \
# Required for SyntaxHighlighting
python3 \
; \
rm -rf /var/lib/apt/lists/*
# Install the PHP extensions we need
RUN set -eux; \
\
savedAptMark="$(apt-mark showmanual)"; \
\
apt-get update; \
apt-get install -y --no-install-recommends \
libicu-dev \
libonig-dev \
; \
\
docker-php-ext-install -j "$(nproc)" \
intl \
mbstring \
mysqli \
opcache \
calendar \
; \
\
pecl install APCu-5.1.22; \
docker-php-ext-enable \
apcu \
; \
rm -r /tmp/pear; \
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
apt-mark manual $savedAptMark; \
ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \
| awk '/=>/ { print $3 }' \
| sort -u \
| xargs -r dpkg-query -S \
| cut -d: -f1 \
| sort -u \
| xargs -rt apt-mark manual; \
\
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*
# Enable Short URLs
RUN set -eux; \
a2enmod rewrite; \
{ \
echo "<Directory /var/www/html>"; \
echo " RewriteEngine On"; \
echo " RewriteCond %{REQUEST_FILENAME} !-f"; \
echo " RewriteCond %{REQUEST_FILENAME} !-d"; \
echo " RewriteRule ^ %{DOCUMENT_ROOT}/index.php [L]"; \
echo "</Directory>"; \
} > "$APACHE_CONFDIR/conf-available/short-url.conf"; \
a2enconf short-url
# Enable AllowEncodedSlashes for VisualEditor
RUN sed -i "s/<\/VirtualHost>/\tAllowEncodedSlashes NoDecode\n<\/VirtualHost>/" "$APACHE_CONFDIR/sites-available/000-default.conf"
# set recommended PHP.ini settings
# see https://secure.php.net/manual/en/opcache.installation.php
RUN { \
echo 'opcache.memory_consumption=128'; \
echo 'opcache.interned_strings_buffer=8'; \
echo 'opcache.max_accelerated_files=4000'; \
echo 'opcache.revalidate_freq=60'; \
} > /usr/local/etc/php/conf.d/opcache-recommended.ini
# SQLite Directory Setup
RUN set -eux; \
mkdir -p /var/www/data; \
chown -R www-data:www-data /var/www/data
# MediaWiki setup
RUN set -eux; \
fetchDeps=" \
gnupg \
dirmngr \
"; \
apt-get update; \
apt-get install -y --no-install-recommends $fetchDeps; \
\
curl -fSL "https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.4.tar.gz" -o mediawiki.tar.gz; \
curl -fSL "https://releases.wikimedia.org/mediawiki/1.39/mediawiki-1.39.4.tar.gz.sig" -o mediawiki.tar.gz.sig; \
export GNUPGHOME="$(mktemp -d)"; \
# gpg key from https://www.mediawiki.org/keys/keys.txt
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys \
D7D6767D135A514BEB86E9BA75682B08E8A3FEC4 \
441276E9CCD15F44F6D97D18C119E1A64D70938E \
F7F780D82EBFB8A56556E7EE82403E59F9F8CD79 \
1D98867E82982C8FE0ABC25F9B69B3109D3BB7B0 \
; \
gpg --batch --verify mediawiki.tar.gz.sig mediawiki.tar.gz; \
tar -x --strip-components=1 -f mediawiki.tar.gz; \
gpgconf --kill all; \
rm -r "$GNUPGHOME" mediawiki.tar.gz.sig mediawiki.tar.gz; \
chown -R www-data:www-data extensions skins cache images; \
\
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $fetchDeps; \
rm -rf /var/lib/apt/lists/*
CMD ["apache2-foreground"]
FROM mw39 as pro-mw
RUN set -eux; \
\
apt-get update; \
apt-get install -y --no-install-recommends \
cron \
vim \
libbz2-dev=1.* gettext-base \
zip unzip libzip-dev \
# Required for PDFHandler
ghostscript \
xpdf-utils \
# Required for Scribunto
liblua5.1-0-dev \
; \
docker-php-ext-install -j "$(nproc)" calendar bz2 \
; \
rm -rf /var/lib/apt/lists/*
# Install the PHP luasendbox extension we need for Scribunto
RUN docker-php-source extract && \
\
git clone https://gerrit.wikimedia.org/r/mediawiki/php/luasandbox.git /usr/local/src/luasandbox && \
docker-php-ext-configure /usr/local/src/luasandbox && \
docker-php-ext-install /usr/local/src/luasandbox && \
rm -rf /usr/local/src/luasandbox
COPY resources/htaccess /var/www/html/.htaccess
RUN ln -s /var/www/html/ /var/www/html/w
CMD ["apache2-foreground"]
# START AQUA custom setup
# Define the MW_ROOT in MediaWiki as a variable name.
ENV MW_ROOT /var/www/html
# Make sure that existing software are updated and install development tools.
# The /etc/apt/preferences.d/no-debian-php is to ensure that we can install php-zip.
# We need php-zip so that Composer can install packages.
# TODO remove the /etc/apt/preferences.d/no-debian-php and apt-get -q install -y --no-install-recommends zip unzip php-zip once we upgrade to 1.36 because they are not necessary anymore.
RUN set -ex && \
apt-get -q update && apt-get upgrade -y && \
apt-get -q install -y --no-install-recommends wget nano vim ripgrep tig fd-find && \
rm /etc/apt/preferences.d/no-debian-php && \
apt-get -q install -y --no-install-recommends zip unzip php-zip && \
apt-get -q install -y --no-install-recommends mariadb-client && \
rm -rf /var/lib/apt/lists/* # Remove unnecessary apt cache to keep the layer small
# Define working directory for the following commands
WORKDIR ${MW_ROOT}
# Copy the php.ini with desired upload_max_filesize into the php directory.
COPY ./resources/php.ini /usr/local/etc/php/php.ini
# Copy more assets and composer file.
COPY ./resources/aqua.png resources/assets/aqua.png
COPY ./composer.local.json composer.local.json
COPY ./build.sh .
RUN chmod +x ./build.sh
RUN ./build.sh
RUN rm ./build.sh
# TODO hack to address https://github.com/inblockio/DataAccounting/issues/244.
# Remove this once MediaWiki has made a patch release.
RUN sed -i 's/$this->package->setProvides( \[ $link \] );/$this->package->setProvides( \[ self::MEDIAWIKI_PACKAGE_NAME => $link \] );/' ./includes/composer/ComposerPackageModifier.php
# If this environment is not set, Composer does not work as intended.
ENV COMPOSER_ALLOW_SUPERUSER=1
# Install the latest version of PHP package manager "Composer" and install
# MW-OAuth2Client from Git master.
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin/ --filename=composer && \
composer update --no-dev && \
cd extensions && \
git clone https://github.com/rht/MW-OAuth2Client.git && \
cd MW-OAuth2Client && \
git submodule update --init && \
cd vendors/oauth2-client && \
composer install
# Prepare patches
COPY ./apply-patches.sh apply-patches.sh
COPY ./resources/patch _patches
RUN chmod +x apply-patches.sh
RUN ./apply-patches.sh
# cleanup patches
RUN rm ./apply-patches.sh
RUN rm -r ./_patches