From dd9cf6bbeeeb23c061cb62112e55633ae8c55b96 Mon Sep 17 00:00:00 2001 From: "Gurdeep Singh (Guru)" Date: Mon, 5 Aug 2024 00:58:36 +1000 Subject: [PATCH] Docker, phpfirewall on a stick --- docker/Dockerfile | 51 ++++++++++++++++++++++++++++++++++++++------ docker/entrypoint.sh | 2 ++ docker/index.php | 29 +++++++++++++++++++++++++ 3 files changed, 76 insertions(+), 6 deletions(-) create mode 100644 docker/index.php diff --git a/docker/Dockerfile b/docker/Dockerfile index bee5866..f776877 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,16 +1,50 @@ #From PHP8.3-cli -FROM php:8.3-cli-alpine +FROM php:8.3-fpm-alpine RUN adduser -h /home/admin -s /home/admin/vendor/bin/phpterminal -D admin RUN echo -n 'admin:admin' | chpasswd -WORKDIR /home/admin +WORKDIR /home/admin/ RUN apk update RUN apk add --update --no-cache git RUN apk add --update --no-cache zip +RUN apk add --update --no-cache vim +RUN apk add --update --no-cache openssh +RUN apk add --update --no-cache openrc +RUN apk add --update --no-cache apache2 +RUN apk add --update --no-cache apache2-proxy +RUN apk add --update --no-cache php83-apache2 +RUN apk add --update --no-cache shadow +RUN mkdir -p /run/openrc/exclusive +RUN touch /run/openrc/softlevel +RUN rc-update add apache2 RUN docker-php-ext-configure pcntl --enable-pcntl && docker-php-ext-install pcntl +RUN docker-php-ext-configure bcmath --enable-bcmath && docker-php-ext-install bcmath + +RUN cat < /etc/apache2/conf.d/phpfirewall.conf + + DocumentRoot /home/admin/public/ + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/home/admin/public/$1 + DirectoryIndex /index.php index.php + + + Options -Indexes + AllowOverride All + Order allow,deny + allow from all + + + +User admin +Group admin + +EOF RUN php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" RUN php composer-setup.php @@ -20,15 +54,20 @@ RUN chmod +x /home/admin/composer RUN /home/admin/composer require oyeaussie/phpfirewall ENV COMPOSER_ALLOW_SUPERUSER=1 -RUN mkdir /home/admin/terminaldata - -RUN apk add --update --no-cache openssh RUN echo 'PasswordAuthentication yes' >> /etc/ssh/sshd_config RUN echo 'Port 2233' >> /etc/ssh/sshd_config ENTRYPOINT ["/entrypoint.sh"] COPY entrypoint.sh / -RUN chown -R admin:admin /home/admin/ +RUN echo 'user = admin' >> /usr/local/etc/php-fpm.d/www.conf +RUN echo 'group = admin' >> /usr/local/etc/php-fpm.d/www.conf + +RUN mkdir /home/admin/terminaldata +RUN mkdir /home/admin/firewalldata +RUN mkdir /home/admin/public + +COPY index.php ./public/ +RUN chown -R admin:admin /home/admin # Running # docker run -d --name phpfirewall -h phpfirewall oyeaussie/phpfirewall # Grab IP diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh index 845d867..9febada 100755 --- a/docker/entrypoint.sh +++ b/docker/entrypoint.sh @@ -1,3 +1,5 @@ #!/bin/sh +php-fpm & +rc-service apache2 start ssh-keygen -A exec /usr/sbin/sshd -D -e "$@" \ No newline at end of file diff --git a/docker/index.php b/docker/index.php new file mode 100644 index 0000000..d93525b --- /dev/null +++ b/docker/index.php @@ -0,0 +1,29 @@ +checkIp($_GET['ip']); + + $response['details'] = $firewall->response->getAllData(); + + $response['lookup_details'] = $firewall->getProcessedMicroTimers(); + } catch (\throwable $e) { + $response['code'] = 1; + + $response['message'] = 'Error processing request. Please contact developer.'; + } +} + +echo json_encode($response); \ No newline at end of file