Bump version and image, fixes #10

* alpine 3.5 to 3.13 * openssl upgrade, remove MimeInfo and SSL perl pkg hacks * mysql client library upgrades (compatibility with 8) * image size reduction 703 to 322 MB * bump upstream sources for viewer and parser * introduce tags (current and latest docker image 1.0, old image still available as 0.5)
2025-12-17 17:56:30 +00:00 · 2021-07-04 13:30:09 +02:00 · 2021-07-04 13:30:09 +02:00 · c74bc90d20
commit c74bc90d20
parent 96a344f70a
6 changed files with 42 additions and 24 deletions
--- a/39
+++ b/39
@ -1,25 +1,36 @@
-FROM boxedcode/alpine-nginx-php-fpm:v1.7.2
+FROM trafex/alpine-nginx-php7:2.0.2

-MAINTAINER Robert Schumann <gutmensch@n-os.org>
+LABEL maintainer="Robert Schumann <gutmensch@n-os.org>"

 ENV REPORT_PARSER_SOURCE="https://github.com/techsneeze/dmarcts-report-parser/archive/master.zip" \
    REPORT_VIEWER_SOURCE="https://github.com/techsneeze/dmarcts-report-viewer/archive/master.zip"

+USER root
+
+WORKDIR /
+
 COPY ./manifest/ /

 RUN set -x \
      && apk update \
-      && apk add expat-dev mariadb-dev gzip \
-      && wget -q --no-check-certificate -O parser.zip $REPORT_PARSER_SOURCE \
-      && wget -q --no-check-certificate -O viewer.zip $REPORT_VIEWER_SOURCE \
-      && unzip parser.zip && cp -av dmarcts-report-parser-master/* /usr/bin/ && rm -f parser.zip \
-      && unzip viewer.zip && cp -av dmarcts-report-viewer-master/* /var/www/viewer/ && rm -f viewer.zip \
+      && apk add bash expat-dev mariadb-dev mariadb-client mariadb-connector-c openssl gzip wget perl-utils g++ make perl-dev \
+      && wget -4 -q --no-check-certificate -O parser.zip $REPORT_PARSER_SOURCE \
+      && wget -4 -q --no-check-certificate -O viewer.zip $REPORT_VIEWER_SOURCE \
+      && unzip parser.zip && cp -av dmarcts-report-parser-master/* /usr/bin/ && rm -vf parser.zip && rm -rvf dmarcts-report-parser-master \
+      && unzip viewer.zip && cp -av dmarcts-report-viewer-master/* /var/www/viewer/ && rm -vf viewer.zip && rm -rvf dmarcts-report-viewer-master \
      && sed -i "1s/^/body { font-family: Sans-Serif; }\n/" /var/www/viewer/default.css \
+      && sed -i 's%.*listen [::]:8080 default_server;%        listen [::]:80 default_server;%g' /etc/nginx/nginx.conf \
+      && sed -i 's%.*listen 8080 default_server;%        listen 80 default_server;%g' /etc/nginx/nginx.conf \
+      && sed -i 's%.*root /var/www/html;%        root /var/www/viewer;%g' /etc/nginx/nginx.conf \
+      && sed -i 's/.*index index.php index.html;/        index dmarcts-report-viewer.php;/g' /etc/nginx/nginx.conf \
+      && sed -i 's%files = /etc/supervisor.d/\*.ini%files = /etc/supervisor/conf.d/*.conf%g' /etc/supervisord.conf \
+      && chmod 755 /entrypoint.sh \
      && (echo y;echo o conf prerequisites_policy follow;echo o conf commit)|cpan \
-      && cpan install SULLR/IO-Socket-SSL-2.060.tar.gz \
-      && cpan install MICHIELB/File-MimeInfo-0.28.tar.gz \
      && for i in \
 	CPAN \
+        CPAN::DistnameInfo \
+        IO::Socket::SSL \
+        File::MimeInfo \
        IO::Compress::Gzip \
        Getopt::Long \
 	Mail::IMAPClient \
@ -36,12 +47,10 @@ RUN set -x \
 	Socket6 \
        PerlIO::gzip \
        ; do cpan install $i; done \
-      && apk del mariadb-dev expat-dev \
-      && apk add mariadb-client-libs \
-      && sed -i 's%.*root /var/www/html;%        root /var/www/viewer;%g' /etc/nginx/conf.d/default.conf \
-      && sed -i 's/.*index index.php index.html index.htm;/        index dmarcts-report-viewer.php;/g' /etc/nginx/conf.d/default.conf \
-      && chmod 755 /entrypoint.sh
+      && apk del mariadb-dev expat-dev perl-dev g++ make

-EXPOSE 443 80
+HEALTHCHECK --interval=1m --timeout=3s CMD curl --silent --fail http://127.0.0.1:80/fpm-ping
+
+EXPOSE 80

 CMD ["/bin/bash", "/entrypoint.sh"]
--- a/README.md
+++ b/README.md
@ -20,10 +20,12 @@ docker run -e ... -ti gutmensch/dmarc-report

 New dmarc reports will be fetched every 15 minutes past the hour, every hour. Therefore it can take up to one hour for the first report to be fetched.

-## Versions for last build latest
-dmarcts report viewer: 2020-09-06
+## Versions for last build latest and version 1.0
+dmarcts report viewer: 2021-07-04

-dmarcts report parser: 2020-09-06
+dmarcts report parser: 2021-07-04
+
+CAUTION: The old gutmensch/dmarc-report:latest image (older alpine, php5, etc.) is available still as gutmensch/dmarc-report:0.5. The current latest (and 1.0) uses the latest alpine version, newer MySQL client libraries, newer OpenSSL, etc. and improves compatibilitiy with MySQL 8+. For full compatibility the upstream parser should merge https://github.com/techsneeze/dmarcts-report-parser/pull/103/files too.

 ## Frontend Screenshot
 ![DMARC Report Viewer](https://github.com/gutmensch/docker-dmarc-report/blob/master/screenshot.png?raw=true)
@ -46,6 +48,7 @@ services:
      - "80:80"
    environment:
      - "REPORT_DB_HOST=db"
+      - "REPORT_DB_PORT=3306"
      - "REPORT_DB_NAME=dmarc_report"
      - "REPORT_DB_USER=dmarc_report"
      - "REPORT_DB_PASS=dbpassword"
--- a/manifest/entrypoint.sh
+++ b/manifest/entrypoint.sh
@ -2,13 +2,13 @@

 # Display PHP error's or not
 if [[ "$ERRORS" != "1" ]] ; then
-  sed -i -e "s/error_reporting =.*=/error_reporting = E_ALL/g" /usr/etc/php.ini
-  sed -i -e "s/display_errors =.*/display_errors = stdout/g" /usr/etc/php.ini
+  sed -i -e "s/error_reporting =.*/error_reporting = E_ALL/g" /etc/php8/php.ini
+  sed -i -e "s/display_errors =.*/display_errors = stdout/g" /etc/php8/php.ini
 fi

 # Disable opcache?
 if [[ -v NO_OPCACHE ]]; then
-    sed -i -e "s/zend_extension=opcache.so/;zend_extension=opcache.so/g" /etc/php.d/zend-opcache.ini
+    sed -i -e "s/zend_extension=opcache.so/;zend_extension=opcache.so/g" /etc/php8/conf.d/00_opcache.ini
 fi

 # Tweak nginx to match the workers to cpu's
@ -16,9 +16,14 @@ procs=$(cat /proc/cpuinfo | grep processor | wc -l)
 sed -i -e "s/worker_processes 5/worker_processes $procs/" /etc/nginx/nginx.conf

 # Copy important env vars for PHP-FPM to access
-PHP_ENV_FILE="/usr/etc/php-fpm.d/${PHP_ENV_FILE:-env.conf}"
+PHP_ENV_FILE="/etc/php8/php-fpm.d/${PHP_ENV_FILE:-env.conf}"
 echo '[www]' > "$PHP_ENV_FILE"
-env | grep -e 'REPORT_DB_HOST' -e 'REPORT_DB_NAME' -e 'REPORT_DB_USER' -e 'REPORT_DB_PASS' | sed "s/\(.*\)=\(.*\)/env[\1]='\2'/" >> "$PHP_ENV_FILE"
+echo 'user = nginx' >> "$PHP_ENV_FILE"
+echo 'group = www-data' >> "$PHP_ENV_FILE"
+env | grep -e 'REPORT_DB_HOST' -e 'REPORT_DB_PORT' -e 'REPORT_DB_NAME' -e 'REPORT_DB_USER' -e 'REPORT_DB_PASS' | sed "s/\(.*\)=\(.*\)/env[\1] = '\2'/" >> "$PHP_ENV_FILE"
+
+# compat from older image where variable was not existing
+grep -e ^REPORT_DB_PORT "$PHP_ENV_FILE" || echo env[REPORT_DB_PORT] = 3306 >> "$PHP_ENV_FILE"

 # Start supervisord and services
 /usr/bin/supervisord -n -c /etc/supervisord.conf
--- a/manifest/usr/bin/dmarcts-report-parser.conf
+++ b/manifest/usr/bin/dmarcts-report-parser.conf
@ -12,6 +12,7 @@ $dbname = $ENV{'REPORT_DB_NAME'};
 $dbuser = $ENV{'REPORT_DB_USER'};
 $dbpass = $ENV{'REPORT_DB_PASS'};
 $dbhost = $ENV{'REPORT_DB_HOST'}; # Set the hostname if we can't connect to the local socket.
+$dbport = $ENV{'REPORT_DB_PORT'} || 3306;

 if(exists $ENV{PARSER_IMAP_SERVER_WITH_PORT} && defined $ENV{PARSER_IMAP_SERVER_WITH_PORT}) {
  my @server_attr  = split ':', $ENV{PARSER_IMAP_SERVER_WITH_PORT};
--- a/manifest/var/www/viewer/dmarcts-report-viewer-config.php
+++ b/manifest/var/www/viewer/dmarcts-report-viewer-config.php
@ -5,10 +5,10 @@
 // ####################################################################

 $dbhost=getenv('REPORT_DB_HOST');
+$dbport=getenv('REPORT_DB_PORT');
 $dbname=getenv('REPORT_DB_NAME');
 $dbuser=getenv('REPORT_DB_USER');
 $dbpass=getenv('REPORT_DB_PASS');
-$dbport='3306';

 $cssfile="default.css";

--- a/screenshot.png
+++ b/screenshot.png