dockerfiles/privatebin/Dockerfile

FROM hoellen/nginx-php

ARG PRIVATEBIN_VER=1.3.1

ENV GID=991 UID=991 \
    UPLOAD_MAX_SIZE=10M \
    MEMORY_LIMIT=128M \
    PHP_MAX_CHILDREN=15 \
    PHP_START_SERVERS=2 \
    PHP_MIN_SPARE_SERVERS=1 \
    PHP_MAX_SPARE_SERVERS=6

RUN BUILD_DEPS="tar gnupg" \
 && apk -U upgrade && apk add $BUILD_DEPS \
 && mkdir -p privatebin/data privatebin/cfg \
 && export GNUPGHOME="$(mktemp -d)" \
 && gpg2 --list-public-keys || /bin/true \
 && wget -qO- https://privatebin.info/key/release.asc | gpg2 --import - \
 && wget -qO /privatebin.tar.gz.asc https://github.com/PrivateBin/PrivateBin/releases/download/${PRIVATEBIN_VER}/PrivateBin-${PRIVATEBIN_VER}.tar.gz.asc \
 && wget -qO /privatebin.tar.gz https://github.com/PrivateBin/PrivateBin/archive/${PRIVATEBIN_VER}.tar.gz \
 && gpg2 --verify /privatebin.tar.gz.asc \
 && cd srv \
 && tar -xzf /privatebin.tar.gz --strip 1 \
 && mv cfg /privatebin \
 && mv lib /privatebin \
 && mv tpl /privatebin \
 && mv vendor /privatebin \
 && sed -i "s#define('PATH', '');#define('PATH', '/privatebin/');#" index.php \
 && apk del $BUILD_DEPS \
 && rm -rf /var/cache/apk/* *.md /privatebin.tar.gz* "${GNUPGHOME}"

COPY rootfs /

RUN chmod +x /usr/local/bin/run.sh /etc/s6.d/*/* /etc/s6.d/.s6-svscan/*

# mark dirs as volumes that need to be writable, allows running the container --read-only
VOLUME /privatebin/data /php /nginx /tmp /etc/s6.d

EXPOSE 8888

LABEL maintainer="hoellen <info@hoellen.eu>" \
      description="A minimalist, open source online pastebin where the server has zero knowledge of pasted data" \
      version="PrivateBin 1.3"

CMD ["run.sh"]
-												[privatebin] update Dockerfile and README

											
										
										
											2017-12-06 14:05:58 +01:00
+								FROM hoellen/nginx-php
-												initial commit

											
										
										
											2016-04-11 15:59:32 +02:00
-												update Privatebin to 1.3.1

											
										
										
											2019-09-23 05:30:19 +02:00
+								ARG PRIVATEBIN_VER=1.3.1
-												privatebin: use nginx-php as underlying image

											
										
										
											2017-04-29 03:16:15 +02:00
 								ENV GID=991 UID=991 \
 								    UPLOAD_MAX_SIZE=10M \
-												add ability to set php-workers/servers/children

											
										
										
											2018-06-07 11:46:47 +02:00
+								    MEMORY_LIMIT=128M \
 								    PHP_MAX_CHILDREN=15 \
 								    PHP_START_SERVERS=2 \
 								    PHP_MIN_SPARE_SERVERS=1 \
 								    PHP_MAX_SPARE_SERVERS=6
-												initial commit

											
										
										
											2016-04-11 15:59:32 +02:00
-												adding signature check for PrivateBin archive

											
										
										
											2018-08-01 15:55:40 +02:00
+								RUN BUILD_DEPS="tar gnupg" \
-												privatebin: use nginx-php as underlying image

											
										
										
											2017-04-29 03:16:15 +02:00
+								 && apk -U upgrade && apk add $BUILD_DEPS \
-												securing PrivateBin installation, by moving unneccessary bits out of the web root, making image support read-only operation, consistent white spaces in nginx config

											
										
										
											2018-08-01 16:33:51 +02:00
+								 && mkdir -p privatebin/data privatebin/cfg \
-												adding signature check for PrivateBin archive

											
										
										
											2018-08-01 15:55:40 +02:00
+								 && export GNUPGHOME="$(mktemp -d)" \
 								 && gpg2 --list-public-keys || /bin/true \
-												release 1.2.1

											
										
										
											2018-08-11 23:31:36 +02:00
+								 && wget -qO- https://privatebin.info/key/release.asc | gpg2 --import - \
-												adding signature check for PrivateBin archive

											
										
										
											2018-08-01 15:55:40 +02:00
+								 && wget -qO /privatebin.tar.gz.asc https://github.com/PrivateBin/PrivateBin/releases/download/${PRIVATEBIN_VER}/PrivateBin-${PRIVATEBIN_VER}.tar.gz.asc \
 								 && wget -qO /privatebin.tar.gz https://github.com/PrivateBin/PrivateBin/archive/${PRIVATEBIN_VER}.tar.gz \
 								 && gpg2 --verify /privatebin.tar.gz.asc \
-												securing PrivateBin installation, by moving unneccessary bits out of the web root, making image support read-only operation, consistent white spaces in nginx config

											
										
										
											2018-08-01 16:33:51 +02:00
+								 && cd srv \
-												adding signature check for PrivateBin archive

											
										
										
											2018-08-01 15:55:40 +02:00
+								 && tar -xzf /privatebin.tar.gz --strip 1 \
-												securing PrivateBin installation, by moving unneccessary bits out of the web root, making image support read-only operation, consistent white spaces in nginx config

											
										
										
											2018-08-01 16:33:51 +02:00
+								 && mv cfg /privatebin \
 								 && mv lib /privatebin \
 								 && mv tpl /privatebin \
 								 && mv vendor /privatebin \
 								 && sed -i "s#define('PATH', '');#define('PATH', '/privatebin/');#" index.php \
-												use https and get only latest commit with git clone

											
										
										
											2016-06-30 13:15:04 +02:00
+								 && apk del $BUILD_DEPS \
-												securing PrivateBin installation, by moving unneccessary bits out of the web root, making image support read-only operation, consistent white spaces in nginx config

											
										
										
											2018-08-01 16:33:51 +02:00
+								 && rm -rf /var/cache/apk/* *.md /privatebin.tar.gz* "${GNUPGHOME}"
-												initial commit

											
										
										
											2016-04-11 15:59:32 +02:00
-												privatebin: use nginx-php as underlying image

											
										
										
											2017-04-29 03:16:15 +02:00
+								COPY rootfs /
-												initial commit

											
										
										
											2016-04-11 15:59:32 +02:00
-												fix s6 permission

											
										
										
											2016-09-24 11:48:17 +02:00
+								RUN chmod +x /usr/local/bin/run.sh /etc/s6.d/*/* /etc/s6.d/.s6-svscan/*
-												initial commit

											
										
										
											2016-04-11 15:59:32 +02:00
-												securing PrivateBin installation, by moving unneccessary bits out of the web root, making image support read-only operation, consistent white spaces in nginx config

											
										
										
											2018-08-01 16:33:51 +02:00
+								# mark dirs as volumes that need to be writable, allows running the container --read-only
 								VOLUME /privatebin/data /php /nginx /tmp /etc/s6.d
-												use https and get only latest commit with git clone

											
										
										
											2016-06-30 13:15:04 +02:00
-												delete all root process

											
										
										
											2016-09-16 17:08:06 +02:00
+								EXPOSE 8888
-												initial commit

											
										
										
											2016-04-11 15:59:32 +02:00
-												[privatebin] update Dockerfile and README

											
										
										
											2017-12-06 14:05:58 +01:00
+								LABEL maintainer="hoellen <info@hoellen.eu>" \
-												privatebin: use nginx-php as underlying image

											
										
										
											2017-04-29 03:16:15 +02:00
+								      description="A minimalist, open source online pastebin where the server has zero knowledge of pasted data" \
-												update privatebin to 1.3

											
										
										
											2019-07-09 20:16:48 +02:00
+								      version="PrivateBin 1.3"
-												MAINTAINER is deprecated

											
										
										
											2017-01-19 02:31:59 +01:00
-												delete all root process

											
										
										
											2016-09-16 17:08:06 +02:00
+								CMD ["run.sh"]