From fc6c79328dceab59039242515043b81a3fa39bbe Mon Sep 17 00:00:00 2001 From: Jan Dittberner Date: Sat, 20 Apr 2019 13:12:11 +0200 Subject: [PATCH] Remove Wheezy that is EOL --- build.sh | 2 +- wheezy_php5/Dockerfile | 8 - wheezy_php5/Dockerfile-base | 39 ---- wheezy_php5/Dockerfile-mysql | 15 -- wheezy_php5/Dockerfile-pgsql | 15 -- wheezy_php5/fpm-pool.conf.tmpl | 15 -- wheezy_php5/libnss-ldap.conf | 323 --------------------------------- wheezy_php5/nsswitch.conf | 19 -- wheezy_php5/start-fpm.sh | 10 - 9 files changed, 1 insertion(+), 445 deletions(-) delete mode 100644 wheezy_php5/Dockerfile delete mode 100644 wheezy_php5/Dockerfile-base delete mode 100644 wheezy_php5/Dockerfile-mysql delete mode 100644 wheezy_php5/Dockerfile-pgsql delete mode 100644 wheezy_php5/fpm-pool.conf.tmpl delete mode 100644 wheezy_php5/libnss-ldap.conf delete mode 100644 wheezy_php5/nsswitch.conf delete mode 100755 wheezy_php5/start-fpm.sh diff --git a/build.sh b/build.sh index db98ee4..201143b 100755 --- a/build.sh +++ b/build.sh @@ -2,7 +2,7 @@ set -e -for dist in wheezy_php5 jessie_php5 stretch_php7 buster_php7; do +for dist in jessie_php5 stretch_php7 buster_php7; do docker build --pull -t gnuviech/${dist}-base ${dist} -f ${dist}/Dockerfile-base docker build -t gnuviech/${dist} ${dist} -f ${dist}/Dockerfile docker build -t gnuviech/${dist}-mysql ${dist} -f ${dist}/Dockerfile-mysql diff --git a/wheezy_php5/Dockerfile b/wheezy_php5/Dockerfile deleted file mode 100644 index b85d1d5..0000000 --- a/wheezy_php5/Dockerfile +++ /dev/null @@ -1,8 +0,0 @@ -FROM gnuviech/wheezy_php5-base:latest -LABEL maintainer="jan@dittberner.info" - -COPY start-fpm.sh /usr/local/sbin -COPY fpm-pool.conf.tmpl /usr/local/etc - -ENTRYPOINT ["/usr/bin/dumb-init", "--"] -CMD ["/usr/local/sbin/start-fpm.sh"] diff --git a/wheezy_php5/Dockerfile-base b/wheezy_php5/Dockerfile-base deleted file mode 100644 index 4f29fb2..0000000 --- a/wheezy_php5/Dockerfile-base +++ /dev/null @@ -1,39 +0,0 @@ -FROM debian:wheezy -LABEL maintainer="jan@dittberner.info" -VOLUME /srv - -RUN apt-get update \ - && DEBIAN_FRONTEND=noninteractive \ - apt-get install -y --no-install-recommends \ - ca-certificates \ - curl \ - libnss-ldap \ - libphp-adodb \ - nullmailer \ - php-apc \ - php-mail-mime \ - php-mail-mimedecode \ - php-net-smtp \ - php-net-socket \ - php5-adodb \ - php5-curl \ - php5-fpm \ - php5-gd \ - php5-gmp \ - php5-imap \ - php5-intl \ - php5-mcrypt \ - php5-pspell \ - php5-sqlite \ - php5-xmlrpc \ - procps \ - && apt-get clean \ - && rm -rf /var/lib/apt/lists/*.* - -RUN curl -o dumb-init_1.2.2.deb -L https://github.com/Yelp/dumb-init/releases/download/v1.2.2/dumb-init_1.2.2_amd64.deb && \ - dpkg -i dumb-init_1.2.2.deb && \ - rm -f dumb-init_1.2.2.deb - -ADD --chown=root:root nsswitch.conf libnss-ldap.conf /etc/ - -RUN rm -f /etc/php5/fpm/pool.d/www.conf diff --git a/wheezy_php5/Dockerfile-mysql b/wheezy_php5/Dockerfile-mysql deleted file mode 100644 index 17001cf..0000000 --- a/wheezy_php5/Dockerfile-mysql +++ /dev/null @@ -1,15 +0,0 @@ -FROM gnuviech/wheezy_php5-base:latest -LABEL maintainer="jan@dittberner.info" - -RUN apt-get update \ - && DEBIAN_FRONTEND=noninteractive \ - apt-get install -y --no-install-recommends \ - php5-mysql \ - && apt-get clean \ - && rm -rf /var/lib/apt/lists/*.* - -COPY start-fpm.sh /usr/local/sbin -COPY fpm-pool.conf.tmpl /usr/local/etc - -ENTRYPOINT ["/usr/bin/dumb-init", "--"] -CMD ["/usr/local/sbin/start-fpm.sh"] diff --git a/wheezy_php5/Dockerfile-pgsql b/wheezy_php5/Dockerfile-pgsql deleted file mode 100644 index ea8bda1..0000000 --- a/wheezy_php5/Dockerfile-pgsql +++ /dev/null @@ -1,15 +0,0 @@ -FROM gnuviech/wheezy_php5-base:latest -LABEL maintainer="jan@dittberner.info" - -RUN apt-get update \ - && DEBIAN_FRONTEND=noninteractive \ - apt-get install -y --no-install-recommends \ - php5-pgsql \ - && apt-get clean \ - && rm -rf /var/lib/apt/lists/*.* - -COPY start-fpm.sh /usr/local/sbin -COPY fpm-pool.conf.tmpl /usr/local/etc - -ENTRYPOINT ["/usr/bin/dumb-init", "--"] -CMD ["/usr/local/sbin/start-fpm.sh"] diff --git a/wheezy_php5/fpm-pool.conf.tmpl b/wheezy_php5/fpm-pool.conf.tmpl deleted file mode 100644 index b5f2976..0000000 --- a/wheezy_php5/fpm-pool.conf.tmpl +++ /dev/null @@ -1,15 +0,0 @@ -[@user@] -user = @user@ -group = @user@ -listen = /var/run/php-fpm-docker/@user@-@variant@.sock -listen.owner = www-data -listen.group = www-data -pm = dynamic -pm.max_children = 20 -pm.start_servers = 2 -pm.min_spare_servers = 1 -pm.max_spare_servers = 3 -pm.max_requests = 1000 -chdir = / -request_slowlog_timeout = 10s -slowlog = /var/log/php-fpm-docker/@user@-@variant@.slow.log diff --git a/wheezy_php5/libnss-ldap.conf b/wheezy_php5/libnss-ldap.conf deleted file mode 100644 index 068b433..0000000 --- a/wheezy_php5/libnss-ldap.conf +++ /dev/null @@ -1,323 +0,0 @@ -###DEBCONF### -# the configuration of this file will be done by debconf as long as the -# first line of the file says '###DEBCONF###' -# -# you should use dpkg-reconfigure libnss-ldap to configure this file. -# -# @(#)$Id: ldap.conf,v 2.48 2008/07/03 02:30:29 lukeh Exp $ -# -# This is the configuration file for the LDAP nameservice -# switch library and the LDAP PAM module. -# -# PADL Software -# http://www.padl.com -# - -# Your LDAP server. Must be resolvable without using LDAP. -# Multiple hosts may be specified, each separated by a -# space. How long nss_ldap takes to failover depends on -# whether your LDAP client library supports configurable -# network or connect timeouts (see bind_timelimit). -#host 127.0.0.1 - -# The distinguished name of the search base. -base dc=gnuviech,dc=internal - -# Another way to specify your LDAP server is to provide an -uri ldap://10.0.0.11/ -# Unix Domain Sockets to connect to a local LDAP Server. -#uri ldap://127.0.0.1/ -#uri ldaps://127.0.0.1/ -#uri ldapi://%2fvar%2frun%2fldapi_sock/ -# Note: %2f encodes the '/' used as directory separator - -# The LDAP version to use (defaults to 3 -# if supported by client library) -ldap_version 3 - -# The distinguished name to bind to the server with. -# Optional: default is to bind anonymously. -# Please do not put double quotes around it as they -# would be included literally. -#binddn cn=proxyuser,dc=padl,dc=com - -# The credentials to bind with. -# Optional: default is no credential. -#bindpw secret - -# The distinguished name to bind to the server with -# if the effective user ID is root. Password is -# stored in /etc/libnss-ldap.secret (mode 600) -# Use 'echo -n "mypassword" > /etc/libnss-ldap.secret' instead -# of an editor to create the file. -#rootbinddn cn=manager,dc=example,dc=net - -# The port. -# Optional: default is 389. -#port 389 - -# The search scope. -#scope sub -#scope one -#scope base - -# Search timelimit -#timelimit 30 - -# Bind/connect timelimit -#bind_timelimit 30 - -# Reconnect policy: -# hard_open: reconnect to DSA with exponential backoff if -# opening connection failed -# hard_init: reconnect to DSA with exponential backoff if -# initializing connection failed -# hard: alias for hard_open -# soft: return immediately on server failure -#bind_policy hard - -# Connection policy: -# persist: DSA connections are kept open (default) -# oneshot: DSA connections destroyed after request -#nss_connect_policy persist - -# Idle timelimit; client will close connections -# (nss_ldap only) if the server has not been contacted -# for the number of seconds specified below. -#idle_timelimit 3600 - -# Use paged rseults -#nss_paged_results yes - -# Pagesize: when paged results enable, used to set the -# pagesize to a custom value -#pagesize 1000 - -# Filter to AND with uid=%s -#pam_filter objectclass=account - -# The user ID attribute (defaults to uid) -#pam_login_attribute uid - -# Search the root DSE for the password policy (works -# with Netscape Directory Server) -#pam_lookup_policy yes - -# Check the 'host' attribute for access control -# Default is no; if set to yes, and user has no -# value for the host attribute, and pam_ldap is -# configured for account management (authorization) -# then the user will not be allowed to login. -#pam_check_host_attr yes - -# Check the 'authorizedService' attribute for access -# control -# Default is no; if set to yes, and the user has no -# value for the authorizedService attribute, and -# pam_ldap is configured for account management -# (authorization) then the user will not be allowed -# to login. -#pam_check_service_attr yes - -# Group to enforce membership of -#pam_groupdn cn=PAM,ou=Groups,dc=padl,dc=com - -# Group member attribute -#pam_member_attribute uniquemember - -# Specify a minium or maximum UID number allowed -#pam_min_uid 0 -#pam_max_uid 0 - -# Template login attribute, default template user -# (can be overriden by value of former attribute -# in user's entry) -#pam_login_attribute userPrincipalName -#pam_template_login_attribute uid -#pam_template_login nobody - -# HEADS UP: the pam_crypt, pam_nds_passwd, -# and pam_ad_passwd options are no -# longer supported. -# -# Do not hash the password at all; presume -# the directory server will do it, if -# necessary. This is the default. -#pam_password clear - -# Hash password locally; required for University of -# Michigan LDAP server, and works with Netscape -# Directory Server if you're using the UNIX-Crypt -# hash mechanism and not using the NT Synchronization -# service. -#pam_password crypt - -# Remove old password first, then update in -# cleartext. Necessary for use with Novell -# Directory Services (NDS) -#pam_password nds - -# RACF is an alias for the above. For use with -# IBM RACF -#pam_password racf - -# Update Active Directory password, by -# creating Unicode password and updating -# unicodePwd attribute. -#pam_password ad - -# Use the OpenLDAP password change -# extended operation to update the password. -#pam_password exop - -# Redirect users to a URL or somesuch on password -# changes. -#pam_password_prohibit_message Please visit http://internal to change your password. - -# Use backlinks for answering initgroups() -#nss_initgroups backlink - -# Enable support for RFC2307bis (distinguished names in group -# members) -#nss_schema rfc2307bis - -# RFC2307bis naming contexts -# Syntax: -# nss_base_XXX base?scope?filter -# where scope is {base,one,sub} -# and filter is a filter to be &'d with the -# default filter. -# You can omit the suffix eg: -# nss_base_passwd ou=People, -# to append the default base DN but this -# may incur a small performance impact. -#nss_base_passwd ou=People,dc=padl,dc=com?one -#nss_base_shadow ou=People,dc=padl,dc=com?one -#nss_base_group ou=Group,dc=padl,dc=com?one -#nss_base_hosts ou=Hosts,dc=padl,dc=com?one -#nss_base_services ou=Services,dc=padl,dc=com?one -#nss_base_networks ou=Networks,dc=padl,dc=com?one -#nss_base_protocols ou=Protocols,dc=padl,dc=com?one -#nss_base_rpc ou=Rpc,dc=padl,dc=com?one -#nss_base_ethers ou=Ethers,dc=padl,dc=com?one -#nss_base_netmasks ou=Networks,dc=padl,dc=com?ne -#nss_base_bootparams ou=Ethers,dc=padl,dc=com?one -#nss_base_aliases ou=Aliases,dc=padl,dc=com?one -#nss_base_netgroup ou=Netgroup,dc=padl,dc=com?one - -# attribute/objectclass mapping -# Syntax: -#nss_map_attribute rfc2307attribute mapped_attribute -#nss_map_objectclass rfc2307objectclass mapped_objectclass - -# configure --enable-nds is no longer supported. -# NDS mappings -#nss_map_attribute uniqueMember member - -# Services for UNIX 3.5 mappings -#nss_map_objectclass posixAccount User -#nss_map_objectclass shadowAccount User -#nss_map_attribute uid msSFU30Name -#nss_map_attribute uniqueMember msSFU30PosixMember -#nss_map_attribute userPassword msSFU30Password -#nss_map_attribute homeDirectory msSFU30HomeDirectory -#nss_map_attribute homeDirectory msSFUHomeDirectory -#nss_map_objectclass posixGroup Group -#pam_login_attribute msSFU30Name -#pam_filter objectclass=User -#pam_password ad - -# configure --enable-mssfu-schema is no longer supported. -# Services for UNIX 2.0 mappings -#nss_map_objectclass posixAccount User -#nss_map_objectclass shadowAccount user -#nss_map_attribute uid msSFUName -#nss_map_attribute uniqueMember posixMember -#nss_map_attribute userPassword msSFUPassword -#nss_map_attribute homeDirectory msSFUHomeDirectory -#nss_map_attribute shadowLastChange pwdLastSet -#nss_map_objectclass posixGroup Group -#nss_map_attribute cn msSFUName -#pam_login_attribute msSFUName -#pam_filter objectclass=User -#pam_password ad - -# RFC 2307 (AD) mappings -#nss_map_objectclass posixAccount user -#nss_map_objectclass shadowAccount user -#nss_map_attribute uid sAMAccountName -#nss_map_attribute homeDirectory unixHomeDirectory -#nss_map_attribute shadowLastChange pwdLastSet -#nss_map_objectclass posixGroup group -#nss_map_attribute uniqueMember member -#pam_login_attribute sAMAccountName -#pam_filter objectclass=User -#pam_password ad - -# configure --enable-authpassword is no longer supported -# AuthPassword mappings -#nss_map_attribute userPassword authPassword - -# AIX SecureWay mappings -#nss_map_objectclass posixAccount aixAccount -#nss_base_passwd ou=aixaccount,?one -#nss_map_attribute uid userName -#nss_map_attribute gidNumber gid -#nss_map_attribute uidNumber uid -#nss_map_attribute userPassword passwordChar -#nss_map_objectclass posixGroup aixAccessGroup -#nss_base_group ou=aixgroup,?one -#nss_map_attribute cn groupName -#nss_map_attribute uniqueMember member -#pam_login_attribute userName -#pam_filter objectclass=aixAccount -#pam_password clear - -# For pre-RFC2307bis automount schema -#nss_map_objectclass automountMap nisMap -#nss_map_attribute automountMapName nisMapName -#nss_map_objectclass automount nisObject -#nss_map_attribute automountKey cn -#nss_map_attribute automountInformation nisMapEntry - -# Netscape SDK LDAPS -#ssl on - -# Netscape SDK SSL options -#sslpath /etc/ssl/certs - -# OpenLDAP SSL mechanism -# start_tls mechanism uses the normal LDAP port, LDAPS typically 636 -#ssl start_tls -#ssl on - -# OpenLDAP SSL options -# Require and verify server certificate (yes/no) -# Default is to use libldap's default behavior, which can be configured in -# /etc/openldap/ldap.conf using the TLS_REQCERT setting. The default for -# OpenLDAP 2.0 and earlier is "no", for 2.1 and later is "yes". -#tls_checkpeer yes - -# CA certificates for server certificate verification -# At least one of these are required if tls_checkpeer is "yes" -#tls_cacertfile /etc/ssl/ca.cert -#tls_cacertdir /etc/ssl/certs - -# Seed the PRNG if /dev/urandom is not provided -#tls_randfile /var/run/egd-pool - -# SSL cipher suite -# See man ciphers for syntax -#tls_ciphers TLSv1 - -# Client certificate and key -# Use these, if your server requires client authentication. -#tls_cert -#tls_key - -# Disable SASL security layers. This is needed for AD. -#sasl_secprops maxssf=0 - -# Override the default Kerberos ticket cache location. -#krb5_ccname FILE:/etc/.ldapcache - diff --git a/wheezy_php5/nsswitch.conf b/wheezy_php5/nsswitch.conf deleted file mode 100644 index 1d69bd7..0000000 --- a/wheezy_php5/nsswitch.conf +++ /dev/null @@ -1,19 +0,0 @@ -# /etc/nsswitch.conf -# -# Example configuration of GNU Name Service Switch functionality. -# If you have the `glibc-doc-reference' and `info' packages installed, try: -# `info libc "Name Service Switch"' for information about this file. - -passwd: compat ldap -group: compat ldap -shadow: compat - -hosts: files dns -networks: files - -protocols: db files -services: db files -ethers: db files -rpc: db files - -netgroup: nis diff --git a/wheezy_php5/start-fpm.sh b/wheezy_php5/start-fpm.sh deleted file mode 100755 index 75f2869..0000000 --- a/wheezy_php5/start-fpm.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/sh - -set -e - -sed "s/@user@/${FPM_USER}/g; s/@variant@/${FPM_VARIANT}/g" \ - < /usr/local/etc/fpm-pool.conf.tmpl \ - > "/etc/php5/fpm/pool.d/${FPM_USER}.conf" - -/etc/init.d/nullmailer start -/usr/sbin/php5-fpm --nodaemonize