Docker Container: Centos 7, Apache, PHP 5.5, and SSL
May 28, 2021
On our previous post we have created a Docker Container
based on Linux Centos 7, Apache Web Server, PHP 7.3, and SSL.
On this post we are creating a similar container but with PHP 5.5 instead.
Dockerfile
Copy the following content on a file named Dockerfile
FROM centos:7
# Install Apache
RUN yum -y update
RUN yum -y install httpd httpd-tools mod_ssl openssl expect
# Install EPEL Repo
RUN rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm \
&& rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
# Install PHP 5.5
RUN yum -y install php55w php55w-bcmath php55w-cli php55w-common php55w-gd php55w-intl php55w-ldap php55w-mbstring \
php55w-mcrypt php55w-mysql php55w-pdo php55w-pear php55w-soap php55w-xml php55w-xmlrpc
# Copy script that generates SSL certificate
COPY generate_certificate.exp /generate_certificate.exp
# Generate SSL certificate
RUN chmod +x /generate_certificate.exp \
&& ./generate_certificate.exp \
&& cp ca.crt /etc/pki/tls/certs \
&& cp ca.key /etc/pki/tls/private/ca.key \
&& cp ca.csr /etc/pki/tls/private/ca.csr
# Update Apache Configuration
RUN sed -E -i -e '/<Directory "\/var\/www\/html">/,/<\/Directory>/s/AllowOverride None/AllowOverride All/' /etc/httpd/conf/httpd.conf
RUN sed -E -i -e 's/DirectoryIndex (.*)$/DirectoryIndex index.php \1/g' /etc/httpd/conf/httpd.conf
# Update Apache SSL Configuration
RUN sed -E -i -e 's/\/etc\/pki\/tls\/certs\/localhost\.crt/\/etc\/pki\/tls\/certs\/ca.crt/g' /etc/httpd/conf.d/ssl.conf
RUN sed -E -i -e 's/\/etc\/pki\/tls\/private\/localhost\.key/\/etc\/pki\/tls\/private\/ca.key/g' /etc/httpd/conf.d/ssl.conf
RUN sed -E -i -e 's/#ServerName www\.example\.com\:443/ServerName www.example.com:443/g' /etc/httpd/conf.d/ssl.conf
EXPOSE 80 443
# Start Apache
CMD ["/usr/sbin/httpd","-D","FOREGROUND"]
You can download this Dockerfile, and the script, as a zipped file here
- On the first part of the Dockerfile we install apache, mod_ssl, openssl (for the SSL certificates),
and expect. (for the script that will create the certificate)
- After that, we install the EPEL repository, and then proceed to install PHP 5.5.
- We copy our script generate_certificate.exp into the Docker Container, and update its permissions to make it
executable. Then we run it.
The generated certificate files will be copied to their appropiate folders in /etc/pki/tls/.
- As the final step we update the Apache configuration on the files httpd.conf and ssl.conf.
Script to Generate SSL Certificate
Copy the following content on a file named generate_certificate.exp
#!/usr/bin/expect -f
# -------------------------
# Generate private key file
# -------------------------
spawn openssl genrsa -des3 -out ca.key 2048
expect "Enter pass phrase for ca.key:"
send -- "test\r"
expect "Verifying - Enter pass phrase for ca.key:"
send -- "test\r"
# ------------------------------------
# Generate certificate signing request
# ------------------------------------
spawn openssl req -new -key ca.key -out ca.csr
expect "Enter pass phrase for ca.key:"
send -- "test\r"
expect "Country Name (2 letter code)"
send -- "US\r"
expect "State or Province Name (full name)"
send -- "State\r"
expect "Locality Name (eg, city)"
send -- "City\r"
expect "Organization Name (eg, company)"
send -- "Company\r"
expect "Organizational Unit Name (eg, section)"
send -- "Section\r"
expect "Common Name (eg, your name or your server's hostname)"
send -- "localhost\r"
expect "Email Address"
send -- "email@localhost\r"
expect "A challenge password"
send -- "\r"
expect "An optional company name"
send -- "\r"
# --------------------
# Generate certificate
# --------------------
spawn openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt
expect "Enter pass phrase for ca.key:"
send -- "test\r"
# ---------------------------
# Remove certificate password
# ---------------------------
exec cp ca.key ca.tmp
spawn openssl rsa -in ca.tmp -out ca.key
expect "Enter pass phrase for ca.tmp:"
send -- "test\r"
exec rm ca.tmp
- The generate_certificate.exp script contains the commands that
will create the Self-Signed SSL Certificate.
Create the Docker Image and Container
Now we create the Docker Image.
docker build -t image_apache_ssl .
Then we create the Docker Container.
Notice that we need to indicate the path of our local folder that will be served as the root of the Apache Web Server, which in this example is /path_to/my_website. Replace it with the location of your site's root folder.
docker run -tid -p 4000:80 -p 4001:443 --name=container_apache_ssl -v /path_to/my_website:/var/www/html image_apache_ssl
After the Docker Container is created, we can go to the url https://localhost:4001 to open the local website.
Downloads
Related Posts
- Introduction to Docker, and a Practical Example
- How to install Docker on Mac OS X
- Docker Container: Centos 7, Apache, and PHP 7.3
- Docker Container: How to change PHP settings with inline replacements
- Docker Container: How to change PHP settings with a copy of php.ini
- Docker Container: MySQL 8
- Docker Container: MySQL 8, additional scenarios
- Docker Compose: Centos, Apache, PHP, MySQL
- Debugging PHP code with VSCode and XDebug on a Docker Container
- Docker Container: Centos 7, Apache, PHP 7.3, and SSL