Remove Wheezy that is EOL

This commit is contained in:
Jan Dittberner 2019-04-20 13:12:11 +02:00
parent c3ae577c1b
commit fc6c79328d
9 changed files with 1 additions and 445 deletions

View file

@ -2,7 +2,7 @@
set -e set -e
for dist in wheezy_php5 jessie_php5 stretch_php7 buster_php7; do for dist in jessie_php5 stretch_php7 buster_php7; do
docker build --pull -t gnuviech/${dist}-base ${dist} -f ${dist}/Dockerfile-base docker build --pull -t gnuviech/${dist}-base ${dist} -f ${dist}/Dockerfile-base
docker build -t gnuviech/${dist} ${dist} -f ${dist}/Dockerfile docker build -t gnuviech/${dist} ${dist} -f ${dist}/Dockerfile
docker build -t gnuviech/${dist}-mysql ${dist} -f ${dist}/Dockerfile-mysql docker build -t gnuviech/${dist}-mysql ${dist} -f ${dist}/Dockerfile-mysql

View file

@ -1,8 +0,0 @@
FROM gnuviech/wheezy_php5-base:latest
LABEL maintainer="jan@dittberner.info"
COPY start-fpm.sh /usr/local/sbin
COPY fpm-pool.conf.tmpl /usr/local/etc
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
CMD ["/usr/local/sbin/start-fpm.sh"]

View file

@ -1,39 +0,0 @@
FROM debian:wheezy
LABEL maintainer="jan@dittberner.info"
VOLUME /srv
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive \
apt-get install -y --no-install-recommends \
ca-certificates \
curl \
libnss-ldap \
libphp-adodb \
nullmailer \
php-apc \
php-mail-mime \
php-mail-mimedecode \
php-net-smtp \
php-net-socket \
php5-adodb \
php5-curl \
php5-fpm \
php5-gd \
php5-gmp \
php5-imap \
php5-intl \
php5-mcrypt \
php5-pspell \
php5-sqlite \
php5-xmlrpc \
procps \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*.*
RUN curl -o dumb-init_1.2.2.deb -L https://github.com/Yelp/dumb-init/releases/download/v1.2.2/dumb-init_1.2.2_amd64.deb && \
dpkg -i dumb-init_1.2.2.deb && \
rm -f dumb-init_1.2.2.deb
ADD --chown=root:root nsswitch.conf libnss-ldap.conf /etc/
RUN rm -f /etc/php5/fpm/pool.d/www.conf

View file

@ -1,15 +0,0 @@
FROM gnuviech/wheezy_php5-base:latest
LABEL maintainer="jan@dittberner.info"
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive \
apt-get install -y --no-install-recommends \
php5-mysql \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*.*
COPY start-fpm.sh /usr/local/sbin
COPY fpm-pool.conf.tmpl /usr/local/etc
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
CMD ["/usr/local/sbin/start-fpm.sh"]

View file

@ -1,15 +0,0 @@
FROM gnuviech/wheezy_php5-base:latest
LABEL maintainer="jan@dittberner.info"
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive \
apt-get install -y --no-install-recommends \
php5-pgsql \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*.*
COPY start-fpm.sh /usr/local/sbin
COPY fpm-pool.conf.tmpl /usr/local/etc
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
CMD ["/usr/local/sbin/start-fpm.sh"]

View file

@ -1,15 +0,0 @@
[@user@]
user = @user@
group = @user@
listen = /var/run/php-fpm-docker/@user@-@variant@.sock
listen.owner = www-data
listen.group = www-data
pm = dynamic
pm.max_children = 20
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
pm.max_requests = 1000
chdir = /
request_slowlog_timeout = 10s
slowlog = /var/log/php-fpm-docker/@user@-@variant@.slow.log

View file

@ -1,323 +0,0 @@
###DEBCONF###
# the configuration of this file will be done by debconf as long as the
# first line of the file says '###DEBCONF###'
#
# you should use dpkg-reconfigure libnss-ldap to configure this file.
#
# @(#)$Id: ldap.conf,v 2.48 2008/07/03 02:30:29 lukeh Exp $
#
# This is the configuration file for the LDAP nameservice
# switch library and the LDAP PAM module.
#
# PADL Software
# http://www.padl.com
#
# Your LDAP server. Must be resolvable without using LDAP.
# Multiple hosts may be specified, each separated by a
# space. How long nss_ldap takes to failover depends on
# whether your LDAP client library supports configurable
# network or connect timeouts (see bind_timelimit).
#host 127.0.0.1
# The distinguished name of the search base.
base dc=gnuviech,dc=internal
# Another way to specify your LDAP server is to provide an
uri ldap://10.0.0.11/
# Unix Domain Sockets to connect to a local LDAP Server.
#uri ldap://127.0.0.1/
#uri ldaps://127.0.0.1/
#uri ldapi://%2fvar%2frun%2fldapi_sock/
# Note: %2f encodes the '/' used as directory separator
# The LDAP version to use (defaults to 3
# if supported by client library)
ldap_version 3
# The distinguished name to bind to the server with.
# Optional: default is to bind anonymously.
# Please do not put double quotes around it as they
# would be included literally.
#binddn cn=proxyuser,dc=padl,dc=com
# The credentials to bind with.
# Optional: default is no credential.
#bindpw secret
# The distinguished name to bind to the server with
# if the effective user ID is root. Password is
# stored in /etc/libnss-ldap.secret (mode 600)
# Use 'echo -n "mypassword" > /etc/libnss-ldap.secret' instead
# of an editor to create the file.
#rootbinddn cn=manager,dc=example,dc=net
# The port.
# Optional: default is 389.
#port 389
# The search scope.
#scope sub
#scope one
#scope base
# Search timelimit
#timelimit 30
# Bind/connect timelimit
#bind_timelimit 30
# Reconnect policy:
# hard_open: reconnect to DSA with exponential backoff if
# opening connection failed
# hard_init: reconnect to DSA with exponential backoff if
# initializing connection failed
# hard: alias for hard_open
# soft: return immediately on server failure
#bind_policy hard
# Connection policy:
# persist: DSA connections are kept open (default)
# oneshot: DSA connections destroyed after request
#nss_connect_policy persist
# Idle timelimit; client will close connections
# (nss_ldap only) if the server has not been contacted
# for the number of seconds specified below.
#idle_timelimit 3600
# Use paged rseults
#nss_paged_results yes
# Pagesize: when paged results enable, used to set the
# pagesize to a custom value
#pagesize 1000
# Filter to AND with uid=%s
#pam_filter objectclass=account
# The user ID attribute (defaults to uid)
#pam_login_attribute uid
# Search the root DSE for the password policy (works
# with Netscape Directory Server)
#pam_lookup_policy yes
# Check the 'host' attribute for access control
# Default is no; if set to yes, and user has no
# value for the host attribute, and pam_ldap is
# configured for account management (authorization)
# then the user will not be allowed to login.
#pam_check_host_attr yes
# Check the 'authorizedService' attribute for access
# control
# Default is no; if set to yes, and the user has no
# value for the authorizedService attribute, and
# pam_ldap is configured for account management
# (authorization) then the user will not be allowed
# to login.
#pam_check_service_attr yes
# Group to enforce membership of
#pam_groupdn cn=PAM,ou=Groups,dc=padl,dc=com
# Group member attribute
#pam_member_attribute uniquemember
# Specify a minium or maximum UID number allowed
#pam_min_uid 0
#pam_max_uid 0
# Template login attribute, default template user
# (can be overriden by value of former attribute
# in user's entry)
#pam_login_attribute userPrincipalName
#pam_template_login_attribute uid
#pam_template_login nobody
# HEADS UP: the pam_crypt, pam_nds_passwd,
# and pam_ad_passwd options are no
# longer supported.
#
# Do not hash the password at all; presume
# the directory server will do it, if
# necessary. This is the default.
#pam_password clear
# Hash password locally; required for University of
# Michigan LDAP server, and works with Netscape
# Directory Server if you're using the UNIX-Crypt
# hash mechanism and not using the NT Synchronization
# service.
#pam_password crypt
# Remove old password first, then update in
# cleartext. Necessary for use with Novell
# Directory Services (NDS)
#pam_password nds
# RACF is an alias for the above. For use with
# IBM RACF
#pam_password racf
# Update Active Directory password, by
# creating Unicode password and updating
# unicodePwd attribute.
#pam_password ad
# Use the OpenLDAP password change
# extended operation to update the password.
#pam_password exop
# Redirect users to a URL or somesuch on password
# changes.
#pam_password_prohibit_message Please visit http://internal to change your password.
# Use backlinks for answering initgroups()
#nss_initgroups backlink
# Enable support for RFC2307bis (distinguished names in group
# members)
#nss_schema rfc2307bis
# RFC2307bis naming contexts
# Syntax:
# nss_base_XXX base?scope?filter
# where scope is {base,one,sub}
# and filter is a filter to be &'d with the
# default filter.
# You can omit the suffix eg:
# nss_base_passwd ou=People,
# to append the default base DN but this
# may incur a small performance impact.
#nss_base_passwd ou=People,dc=padl,dc=com?one
#nss_base_shadow ou=People,dc=padl,dc=com?one
#nss_base_group ou=Group,dc=padl,dc=com?one
#nss_base_hosts ou=Hosts,dc=padl,dc=com?one
#nss_base_services ou=Services,dc=padl,dc=com?one
#nss_base_networks ou=Networks,dc=padl,dc=com?one
#nss_base_protocols ou=Protocols,dc=padl,dc=com?one
#nss_base_rpc ou=Rpc,dc=padl,dc=com?one
#nss_base_ethers ou=Ethers,dc=padl,dc=com?one
#nss_base_netmasks ou=Networks,dc=padl,dc=com?ne
#nss_base_bootparams ou=Ethers,dc=padl,dc=com?one
#nss_base_aliases ou=Aliases,dc=padl,dc=com?one
#nss_base_netgroup ou=Netgroup,dc=padl,dc=com?one
# attribute/objectclass mapping
# Syntax:
#nss_map_attribute rfc2307attribute mapped_attribute
#nss_map_objectclass rfc2307objectclass mapped_objectclass
# configure --enable-nds is no longer supported.
# NDS mappings
#nss_map_attribute uniqueMember member
# Services for UNIX 3.5 mappings
#nss_map_objectclass posixAccount User
#nss_map_objectclass shadowAccount User
#nss_map_attribute uid msSFU30Name
#nss_map_attribute uniqueMember msSFU30PosixMember
#nss_map_attribute userPassword msSFU30Password
#nss_map_attribute homeDirectory msSFU30HomeDirectory
#nss_map_attribute homeDirectory msSFUHomeDirectory
#nss_map_objectclass posixGroup Group
#pam_login_attribute msSFU30Name
#pam_filter objectclass=User
#pam_password ad
# configure --enable-mssfu-schema is no longer supported.
# Services for UNIX 2.0 mappings
#nss_map_objectclass posixAccount User
#nss_map_objectclass shadowAccount user
#nss_map_attribute uid msSFUName
#nss_map_attribute uniqueMember posixMember
#nss_map_attribute userPassword msSFUPassword
#nss_map_attribute homeDirectory msSFUHomeDirectory
#nss_map_attribute shadowLastChange pwdLastSet
#nss_map_objectclass posixGroup Group
#nss_map_attribute cn msSFUName
#pam_login_attribute msSFUName
#pam_filter objectclass=User
#pam_password ad
# RFC 2307 (AD) mappings
#nss_map_objectclass posixAccount user
#nss_map_objectclass shadowAccount user
#nss_map_attribute uid sAMAccountName
#nss_map_attribute homeDirectory unixHomeDirectory
#nss_map_attribute shadowLastChange pwdLastSet
#nss_map_objectclass posixGroup group
#nss_map_attribute uniqueMember member
#pam_login_attribute sAMAccountName
#pam_filter objectclass=User
#pam_password ad
# configure --enable-authpassword is no longer supported
# AuthPassword mappings
#nss_map_attribute userPassword authPassword
# AIX SecureWay mappings
#nss_map_objectclass posixAccount aixAccount
#nss_base_passwd ou=aixaccount,?one
#nss_map_attribute uid userName
#nss_map_attribute gidNumber gid
#nss_map_attribute uidNumber uid
#nss_map_attribute userPassword passwordChar
#nss_map_objectclass posixGroup aixAccessGroup
#nss_base_group ou=aixgroup,?one
#nss_map_attribute cn groupName
#nss_map_attribute uniqueMember member
#pam_login_attribute userName
#pam_filter objectclass=aixAccount
#pam_password clear
# For pre-RFC2307bis automount schema
#nss_map_objectclass automountMap nisMap
#nss_map_attribute automountMapName nisMapName
#nss_map_objectclass automount nisObject
#nss_map_attribute automountKey cn
#nss_map_attribute automountInformation nisMapEntry
# Netscape SDK LDAPS
#ssl on
# Netscape SDK SSL options
#sslpath /etc/ssl/certs
# OpenLDAP SSL mechanism
# start_tls mechanism uses the normal LDAP port, LDAPS typically 636
#ssl start_tls
#ssl on
# OpenLDAP SSL options
# Require and verify server certificate (yes/no)
# Default is to use libldap's default behavior, which can be configured in
# /etc/openldap/ldap.conf using the TLS_REQCERT setting. The default for
# OpenLDAP 2.0 and earlier is "no", for 2.1 and later is "yes".
#tls_checkpeer yes
# CA certificates for server certificate verification
# At least one of these are required if tls_checkpeer is "yes"
#tls_cacertfile /etc/ssl/ca.cert
#tls_cacertdir /etc/ssl/certs
# Seed the PRNG if /dev/urandom is not provided
#tls_randfile /var/run/egd-pool
# SSL cipher suite
# See man ciphers for syntax
#tls_ciphers TLSv1
# Client certificate and key
# Use these, if your server requires client authentication.
#tls_cert
#tls_key
# Disable SASL security layers. This is needed for AD.
#sasl_secprops maxssf=0
# Override the default Kerberos ticket cache location.
#krb5_ccname FILE:/etc/.ldapcache

View file

@ -1,19 +0,0 @@
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
passwd: compat ldap
group: compat ldap
shadow: compat
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis

View file

@ -1,10 +0,0 @@
#!/bin/sh
set -e
sed "s/@user@/${FPM_USER}/g; s/@variant@/${FPM_VARIANT}/g" \
< /usr/local/etc/fpm-pool.conf.tmpl \
> "/etc/php5/fpm/pool.d/${FPM_USER}.conf"
/etc/init.d/nullmailer start
/usr/sbin/php5-fpm --nodaemonize