diff --git a/Dockerfile b/Dockerfile index 272f0a3..09cfc5d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,25 +1,36 @@ -FROM boxedcode/alpine-nginx-php-fpm:v1.7.2 +FROM trafex/alpine-nginx-php7:2.0.2 -MAINTAINER Robert Schumann +LABEL maintainer="Robert Schumann " ENV REPORT_PARSER_SOURCE="https://github.com/techsneeze/dmarcts-report-parser/archive/master.zip" \ REPORT_VIEWER_SOURCE="https://github.com/techsneeze/dmarcts-report-viewer/archive/master.zip" +USER root + +WORKDIR / + COPY ./manifest/ / RUN set -x \ && apk update \ - && apk add expat-dev mariadb-dev gzip \ - && wget -q --no-check-certificate -O parser.zip $REPORT_PARSER_SOURCE \ - && wget -q --no-check-certificate -O viewer.zip $REPORT_VIEWER_SOURCE \ - && unzip parser.zip && cp -av dmarcts-report-parser-master/* /usr/bin/ && rm -f parser.zip \ - && unzip viewer.zip && cp -av dmarcts-report-viewer-master/* /var/www/viewer/ && rm -f viewer.zip \ + && apk add bash expat-dev mariadb-dev mariadb-client mariadb-connector-c openssl gzip wget perl-utils g++ make perl-dev \ + && wget -4 -q --no-check-certificate -O parser.zip $REPORT_PARSER_SOURCE \ + && wget -4 -q --no-check-certificate -O viewer.zip $REPORT_VIEWER_SOURCE \ + && unzip parser.zip && cp -av dmarcts-report-parser-master/* /usr/bin/ && rm -vf parser.zip && rm -rvf dmarcts-report-parser-master \ + && unzip viewer.zip && cp -av dmarcts-report-viewer-master/* /var/www/viewer/ && rm -vf viewer.zip && rm -rvf dmarcts-report-viewer-master \ && sed -i "1s/^/body { font-family: Sans-Serif; }\n/" /var/www/viewer/default.css \ + && sed -i 's%.*listen [::]:8080 default_server;% listen [::]:80 default_server;%g' /etc/nginx/nginx.conf \ + && sed -i 's%.*listen 8080 default_server;% listen 80 default_server;%g' /etc/nginx/nginx.conf \ + && sed -i 's%.*root /var/www/html;% root /var/www/viewer;%g' /etc/nginx/nginx.conf \ + && sed -i 's/.*index index.php index.html;/ index dmarcts-report-viewer.php;/g' /etc/nginx/nginx.conf \ + && sed -i 's%files = /etc/supervisor.d/\*.ini%files = /etc/supervisor/conf.d/*.conf%g' /etc/supervisord.conf \ + && chmod 755 /entrypoint.sh \ && (echo y;echo o conf prerequisites_policy follow;echo o conf commit)|cpan \ - && cpan install SULLR/IO-Socket-SSL-2.060.tar.gz \ - && cpan install MICHIELB/File-MimeInfo-0.28.tar.gz \ && for i in \ CPAN \ + CPAN::DistnameInfo \ + IO::Socket::SSL \ + File::MimeInfo \ IO::Compress::Gzip \ Getopt::Long \ Mail::IMAPClient \ @@ -36,12 +47,10 @@ RUN set -x \ Socket6 \ PerlIO::gzip \ ; do cpan install $i; done \ - && apk del mariadb-dev expat-dev \ - && apk add mariadb-client-libs \ - && sed -i 's%.*root /var/www/html;% root /var/www/viewer;%g' /etc/nginx/conf.d/default.conf \ - && sed -i 's/.*index index.php index.html index.htm;/ index dmarcts-report-viewer.php;/g' /etc/nginx/conf.d/default.conf \ - && chmod 755 /entrypoint.sh + && apk del mariadb-dev expat-dev perl-dev g++ make -EXPOSE 443 80 +HEALTHCHECK --interval=1m --timeout=3s CMD curl --silent --fail http://127.0.0.1:80/fpm-ping + +EXPOSE 80 CMD ["/bin/bash", "/entrypoint.sh"] diff --git a/README.md b/README.md index 23b5763..cd8416d 100644 --- a/README.md +++ b/README.md @@ -20,10 +20,12 @@ docker run -e ... -ti gutmensch/dmarc-report New dmarc reports will be fetched every 15 minutes past the hour, every hour. Therefore it can take up to one hour for the first report to be fetched. -## Versions for last build latest -dmarcts report viewer: 2020-09-06 +## Versions for last build latest and version 1.0 +dmarcts report viewer: 2021-07-04 -dmarcts report parser: 2020-09-06 +dmarcts report parser: 2021-07-04 + +CAUTION: The old gutmensch/dmarc-report:latest image (older alpine, php5, etc.) is available still as gutmensch/dmarc-report:0.5. The current latest (and 1.0) uses the latest alpine version, newer MySQL client libraries, newer OpenSSL, etc. and improves compatibilitiy with MySQL 8+. For full compatibility the upstream parser should merge https://github.com/techsneeze/dmarcts-report-parser/pull/103/files too. ## Frontend Screenshot ![DMARC Report Viewer](https://github.com/gutmensch/docker-dmarc-report/blob/master/screenshot.png?raw=true) @@ -46,6 +48,7 @@ services: - "80:80" environment: - "REPORT_DB_HOST=db" + - "REPORT_DB_PORT=3306" - "REPORT_DB_NAME=dmarc_report" - "REPORT_DB_USER=dmarc_report" - "REPORT_DB_PASS=dbpassword" diff --git a/manifest/entrypoint.sh b/manifest/entrypoint.sh index 7615228..47e27f1 100644 --- a/manifest/entrypoint.sh +++ b/manifest/entrypoint.sh @@ -2,13 +2,13 @@ # Display PHP error's or not if [[ "$ERRORS" != "1" ]] ; then - sed -i -e "s/error_reporting =.*=/error_reporting = E_ALL/g" /usr/etc/php.ini - sed -i -e "s/display_errors =.*/display_errors = stdout/g" /usr/etc/php.ini + sed -i -e "s/error_reporting =.*/error_reporting = E_ALL/g" /etc/php8/php.ini + sed -i -e "s/display_errors =.*/display_errors = stdout/g" /etc/php8/php.ini fi # Disable opcache? if [[ -v NO_OPCACHE ]]; then - sed -i -e "s/zend_extension=opcache.so/;zend_extension=opcache.so/g" /etc/php.d/zend-opcache.ini + sed -i -e "s/zend_extension=opcache.so/;zend_extension=opcache.so/g" /etc/php8/conf.d/00_opcache.ini fi # Tweak nginx to match the workers to cpu's @@ -16,9 +16,14 @@ procs=$(cat /proc/cpuinfo | grep processor | wc -l) sed -i -e "s/worker_processes 5/worker_processes $procs/" /etc/nginx/nginx.conf # Copy important env vars for PHP-FPM to access -PHP_ENV_FILE="/usr/etc/php-fpm.d/${PHP_ENV_FILE:-env.conf}" +PHP_ENV_FILE="/etc/php8/php-fpm.d/${PHP_ENV_FILE:-env.conf}" echo '[www]' > "$PHP_ENV_FILE" -env | grep -e 'REPORT_DB_HOST' -e 'REPORT_DB_NAME' -e 'REPORT_DB_USER' -e 'REPORT_DB_PASS' | sed "s/\(.*\)=\(.*\)/env[\1]='\2'/" >> "$PHP_ENV_FILE" +echo 'user = nginx' >> "$PHP_ENV_FILE" +echo 'group = www-data' >> "$PHP_ENV_FILE" +env | grep -e 'REPORT_DB_HOST' -e 'REPORT_DB_PORT' -e 'REPORT_DB_NAME' -e 'REPORT_DB_USER' -e 'REPORT_DB_PASS' | sed "s/\(.*\)=\(.*\)/env[\1] = '\2'/" >> "$PHP_ENV_FILE" + +# compat from older image where variable was not existing +grep -e ^REPORT_DB_PORT "$PHP_ENV_FILE" || echo env[REPORT_DB_PORT] = 3306 >> "$PHP_ENV_FILE" # Start supervisord and services /usr/bin/supervisord -n -c /etc/supervisord.conf diff --git a/manifest/usr/bin/dmarcts-report-parser.conf b/manifest/usr/bin/dmarcts-report-parser.conf index 15284fd..332e5c9 100644 --- a/manifest/usr/bin/dmarcts-report-parser.conf +++ b/manifest/usr/bin/dmarcts-report-parser.conf @@ -12,6 +12,7 @@ $dbname = $ENV{'REPORT_DB_NAME'}; $dbuser = $ENV{'REPORT_DB_USER'}; $dbpass = $ENV{'REPORT_DB_PASS'}; $dbhost = $ENV{'REPORT_DB_HOST'}; # Set the hostname if we can't connect to the local socket. +$dbport = $ENV{'REPORT_DB_PORT'} || 3306; if(exists $ENV{PARSER_IMAP_SERVER_WITH_PORT} && defined $ENV{PARSER_IMAP_SERVER_WITH_PORT}) { my @server_attr = split ':', $ENV{PARSER_IMAP_SERVER_WITH_PORT}; diff --git a/manifest/var/www/viewer/dmarcts-report-viewer-config.php b/manifest/var/www/viewer/dmarcts-report-viewer-config.php index 966af69..f6a1d02 100644 --- a/manifest/var/www/viewer/dmarcts-report-viewer-config.php +++ b/manifest/var/www/viewer/dmarcts-report-viewer-config.php @@ -5,10 +5,10 @@ // #################################################################### $dbhost=getenv('REPORT_DB_HOST'); +$dbport=getenv('REPORT_DB_PORT'); $dbname=getenv('REPORT_DB_NAME'); $dbuser=getenv('REPORT_DB_USER'); $dbpass=getenv('REPORT_DB_PASS'); -$dbport='3306'; $cssfile="default.css"; diff --git a/screenshot.png b/screenshot.png index fc46743..78253b6 100644 Binary files a/screenshot.png and b/screenshot.png differ