diff --git a/8.1/bookworm/apache/Dockerfile b/8.1/bookworm/apache/Dockerfile index f4f1f8b727..4c89a38c9f 100644 --- a/8.1/bookworm/apache/Dockerfile +++ b/8.1/bookworm/apache/Dockerfile @@ -293,4 +293,5 @@ COPY apache2-foreground /usr/local/bin/ WORKDIR /var/www/html EXPOSE 80 +EXPOSE 443 CMD ["apache2-foreground"] diff --git a/8.1/bookworm/apache/apache2-foreground b/8.1/bookworm/apache/apache2-foreground index 5fe22e26f7..aeaad8859d 100755 --- a/8.1/bookworm/apache/apache2-foreground +++ b/8.1/bookworm/apache/apache2-foreground @@ -4,6 +4,22 @@ set -e # Note: we don't just use "apache2ctl" here because it itself is just a shell-script wrapper around apache2 which provides extra functionality like "apache2ctl start" for launching apache2 in the background. # (also, when run as "apache2ctl ", it does not use "exec", which leaves an undesirable resident shell process) +# Default SSL directory +SSL_DIR=${APACHE_SSL_DIR:-/etc/apache2/ssl} + +# Create the directory if it doesn't exist +# Check and decode the certificate and key +if [ -n "$APACHE_CERT_BASE64" ] && [ -n "$APACHE_KEY_BASE64" ]; then + mkdir -p "$SSL_DIR" + echo "$APACHE_CERT_BASE64" | base64 -d > "$SSL_DIR/apache-cert.pem.crt" + echo "$APACHE_KEY_BASE64" | base64 -d > "$SSL_DIR/apache-key.pem.key" + sed -i "s|/etc/ssl/certs/ssl-cert-snakeoil.pem|$SSL_DIR/apache-cert.pem.crt|g" /etc/apache2/sites-available/default-ssl.conf + sed -i "s|/etc/ssl/private/ssl-cert-snakeoil.key|$SSL_DIR/apache-key.pem.key|g" /etc/apache2/sites-available/default-ssl.conf + ln -s /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/default-ssl.conf + chmod 0755 "$SSL_DIR/apache-cert.pem.crt" "$SSL_DIR/apache-key.pem.key" /etc/apache2/sites-enabled/default-ssl.conf + a2enmod ssl +fi + : "${APACHE_CONFDIR:=/etc/apache2}" : "${APACHE_ENVVARS:=$APACHE_CONFDIR/envvars}" if test -f "$APACHE_ENVVARS"; then diff --git a/8.1/bullseye/apache/Dockerfile b/8.1/bullseye/apache/Dockerfile index cc2c19cdc0..af3947ce95 100644 --- a/8.1/bullseye/apache/Dockerfile +++ b/8.1/bullseye/apache/Dockerfile @@ -291,4 +291,5 @@ COPY apache2-foreground /usr/local/bin/ WORKDIR /var/www/html EXPOSE 80 +EXPOSE 443 CMD ["apache2-foreground"] diff --git a/8.1/bullseye/apache/apache2-foreground b/8.1/bullseye/apache/apache2-foreground index 5fe22e26f7..aeaad8859d 100755 --- a/8.1/bullseye/apache/apache2-foreground +++ b/8.1/bullseye/apache/apache2-foreground @@ -4,6 +4,22 @@ set -e # Note: we don't just use "apache2ctl" here because it itself is just a shell-script wrapper around apache2 which provides extra functionality like "apache2ctl start" for launching apache2 in the background. # (also, when run as "apache2ctl ", it does not use "exec", which leaves an undesirable resident shell process) +# Default SSL directory +SSL_DIR=${APACHE_SSL_DIR:-/etc/apache2/ssl} + +# Create the directory if it doesn't exist +# Check and decode the certificate and key +if [ -n "$APACHE_CERT_BASE64" ] && [ -n "$APACHE_KEY_BASE64" ]; then + mkdir -p "$SSL_DIR" + echo "$APACHE_CERT_BASE64" | base64 -d > "$SSL_DIR/apache-cert.pem.crt" + echo "$APACHE_KEY_BASE64" | base64 -d > "$SSL_DIR/apache-key.pem.key" + sed -i "s|/etc/ssl/certs/ssl-cert-snakeoil.pem|$SSL_DIR/apache-cert.pem.crt|g" /etc/apache2/sites-available/default-ssl.conf + sed -i "s|/etc/ssl/private/ssl-cert-snakeoil.key|$SSL_DIR/apache-key.pem.key|g" /etc/apache2/sites-available/default-ssl.conf + ln -s /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/default-ssl.conf + chmod 0755 "$SSL_DIR/apache-cert.pem.crt" "$SSL_DIR/apache-key.pem.key" /etc/apache2/sites-enabled/default-ssl.conf + a2enmod ssl +fi + : "${APACHE_CONFDIR:=/etc/apache2}" : "${APACHE_ENVVARS:=$APACHE_CONFDIR/envvars}" if test -f "$APACHE_ENVVARS"; then diff --git a/8.2/bookworm/apache/Dockerfile b/8.2/bookworm/apache/Dockerfile index 28f456d270..050f2acf25 100644 --- a/8.2/bookworm/apache/Dockerfile +++ b/8.2/bookworm/apache/Dockerfile @@ -291,4 +291,5 @@ COPY apache2-foreground /usr/local/bin/ WORKDIR /var/www/html EXPOSE 80 +EXPOSE 443 CMD ["apache2-foreground"] diff --git a/8.2/bookworm/apache/apache2-foreground b/8.2/bookworm/apache/apache2-foreground index 5fe22e26f7..aeaad8859d 100755 --- a/8.2/bookworm/apache/apache2-foreground +++ b/8.2/bookworm/apache/apache2-foreground @@ -4,6 +4,22 @@ set -e # Note: we don't just use "apache2ctl" here because it itself is just a shell-script wrapper around apache2 which provides extra functionality like "apache2ctl start" for launching apache2 in the background. # (also, when run as "apache2ctl ", it does not use "exec", which leaves an undesirable resident shell process) +# Default SSL directory +SSL_DIR=${APACHE_SSL_DIR:-/etc/apache2/ssl} + +# Create the directory if it doesn't exist +# Check and decode the certificate and key +if [ -n "$APACHE_CERT_BASE64" ] && [ -n "$APACHE_KEY_BASE64" ]; then + mkdir -p "$SSL_DIR" + echo "$APACHE_CERT_BASE64" | base64 -d > "$SSL_DIR/apache-cert.pem.crt" + echo "$APACHE_KEY_BASE64" | base64 -d > "$SSL_DIR/apache-key.pem.key" + sed -i "s|/etc/ssl/certs/ssl-cert-snakeoil.pem|$SSL_DIR/apache-cert.pem.crt|g" /etc/apache2/sites-available/default-ssl.conf + sed -i "s|/etc/ssl/private/ssl-cert-snakeoil.key|$SSL_DIR/apache-key.pem.key|g" /etc/apache2/sites-available/default-ssl.conf + ln -s /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/default-ssl.conf + chmod 0755 "$SSL_DIR/apache-cert.pem.crt" "$SSL_DIR/apache-key.pem.key" /etc/apache2/sites-enabled/default-ssl.conf + a2enmod ssl +fi + : "${APACHE_CONFDIR:=/etc/apache2}" : "${APACHE_ENVVARS:=$APACHE_CONFDIR/envvars}" if test -f "$APACHE_ENVVARS"; then diff --git a/8.2/bullseye/apache/Dockerfile b/8.2/bullseye/apache/Dockerfile index a254030db2..9269a869c0 100644 --- a/8.2/bullseye/apache/Dockerfile +++ b/8.2/bullseye/apache/Dockerfile @@ -289,4 +289,5 @@ COPY apache2-foreground /usr/local/bin/ WORKDIR /var/www/html EXPOSE 80 +EXPOSE 443 CMD ["apache2-foreground"] diff --git a/8.2/bullseye/apache/apache2-foreground b/8.2/bullseye/apache/apache2-foreground index 5fe22e26f7..aeaad8859d 100755 --- a/8.2/bullseye/apache/apache2-foreground +++ b/8.2/bullseye/apache/apache2-foreground @@ -4,6 +4,22 @@ set -e # Note: we don't just use "apache2ctl" here because it itself is just a shell-script wrapper around apache2 which provides extra functionality like "apache2ctl start" for launching apache2 in the background. # (also, when run as "apache2ctl ", it does not use "exec", which leaves an undesirable resident shell process) +# Default SSL directory +SSL_DIR=${APACHE_SSL_DIR:-/etc/apache2/ssl} + +# Create the directory if it doesn't exist +# Check and decode the certificate and key +if [ -n "$APACHE_CERT_BASE64" ] && [ -n "$APACHE_KEY_BASE64" ]; then + mkdir -p "$SSL_DIR" + echo "$APACHE_CERT_BASE64" | base64 -d > "$SSL_DIR/apache-cert.pem.crt" + echo "$APACHE_KEY_BASE64" | base64 -d > "$SSL_DIR/apache-key.pem.key" + sed -i "s|/etc/ssl/certs/ssl-cert-snakeoil.pem|$SSL_DIR/apache-cert.pem.crt|g" /etc/apache2/sites-available/default-ssl.conf + sed -i "s|/etc/ssl/private/ssl-cert-snakeoil.key|$SSL_DIR/apache-key.pem.key|g" /etc/apache2/sites-available/default-ssl.conf + ln -s /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/default-ssl.conf + chmod 0755 "$SSL_DIR/apache-cert.pem.crt" "$SSL_DIR/apache-key.pem.key" /etc/apache2/sites-enabled/default-ssl.conf + a2enmod ssl +fi + : "${APACHE_CONFDIR:=/etc/apache2}" : "${APACHE_ENVVARS:=$APACHE_CONFDIR/envvars}" if test -f "$APACHE_ENVVARS"; then diff --git a/8.3-rc/bookworm/apache/Dockerfile b/8.3-rc/bookworm/apache/Dockerfile index c01c76f773..fd348ef2c5 100644 --- a/8.3-rc/bookworm/apache/Dockerfile +++ b/8.3-rc/bookworm/apache/Dockerfile @@ -287,4 +287,5 @@ COPY apache2-foreground /usr/local/bin/ WORKDIR /var/www/html EXPOSE 80 +EXPOSE 443 CMD ["apache2-foreground"] diff --git a/8.3-rc/bookworm/apache/apache2-foreground b/8.3-rc/bookworm/apache/apache2-foreground index 5fe22e26f7..aeaad8859d 100755 --- a/8.3-rc/bookworm/apache/apache2-foreground +++ b/8.3-rc/bookworm/apache/apache2-foreground @@ -4,6 +4,22 @@ set -e # Note: we don't just use "apache2ctl" here because it itself is just a shell-script wrapper around apache2 which provides extra functionality like "apache2ctl start" for launching apache2 in the background. # (also, when run as "apache2ctl ", it does not use "exec", which leaves an undesirable resident shell process) +# Default SSL directory +SSL_DIR=${APACHE_SSL_DIR:-/etc/apache2/ssl} + +# Create the directory if it doesn't exist +# Check and decode the certificate and key +if [ -n "$APACHE_CERT_BASE64" ] && [ -n "$APACHE_KEY_BASE64" ]; then + mkdir -p "$SSL_DIR" + echo "$APACHE_CERT_BASE64" | base64 -d > "$SSL_DIR/apache-cert.pem.crt" + echo "$APACHE_KEY_BASE64" | base64 -d > "$SSL_DIR/apache-key.pem.key" + sed -i "s|/etc/ssl/certs/ssl-cert-snakeoil.pem|$SSL_DIR/apache-cert.pem.crt|g" /etc/apache2/sites-available/default-ssl.conf + sed -i "s|/etc/ssl/private/ssl-cert-snakeoil.key|$SSL_DIR/apache-key.pem.key|g" /etc/apache2/sites-available/default-ssl.conf + ln -s /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/default-ssl.conf + chmod 0755 "$SSL_DIR/apache-cert.pem.crt" "$SSL_DIR/apache-key.pem.key" /etc/apache2/sites-enabled/default-ssl.conf + a2enmod ssl +fi + : "${APACHE_CONFDIR:=/etc/apache2}" : "${APACHE_ENVVARS:=$APACHE_CONFDIR/envvars}" if test -f "$APACHE_ENVVARS"; then diff --git a/8.3-rc/bullseye/apache/Dockerfile b/8.3-rc/bullseye/apache/Dockerfile index f4f0a7206d..668536cd34 100644 --- a/8.3-rc/bullseye/apache/Dockerfile +++ b/8.3-rc/bullseye/apache/Dockerfile @@ -285,4 +285,5 @@ COPY apache2-foreground /usr/local/bin/ WORKDIR /var/www/html EXPOSE 80 +EXPOSE 443 CMD ["apache2-foreground"] diff --git a/8.3-rc/bullseye/apache/apache2-foreground b/8.3-rc/bullseye/apache/apache2-foreground index 5fe22e26f7..aeaad8859d 100755 --- a/8.3-rc/bullseye/apache/apache2-foreground +++ b/8.3-rc/bullseye/apache/apache2-foreground @@ -4,6 +4,22 @@ set -e # Note: we don't just use "apache2ctl" here because it itself is just a shell-script wrapper around apache2 which provides extra functionality like "apache2ctl start" for launching apache2 in the background. # (also, when run as "apache2ctl ", it does not use "exec", which leaves an undesirable resident shell process) +# Default SSL directory +SSL_DIR=${APACHE_SSL_DIR:-/etc/apache2/ssl} + +# Create the directory if it doesn't exist +# Check and decode the certificate and key +if [ -n "$APACHE_CERT_BASE64" ] && [ -n "$APACHE_KEY_BASE64" ]; then + mkdir -p "$SSL_DIR" + echo "$APACHE_CERT_BASE64" | base64 -d > "$SSL_DIR/apache-cert.pem.crt" + echo "$APACHE_KEY_BASE64" | base64 -d > "$SSL_DIR/apache-key.pem.key" + sed -i "s|/etc/ssl/certs/ssl-cert-snakeoil.pem|$SSL_DIR/apache-cert.pem.crt|g" /etc/apache2/sites-available/default-ssl.conf + sed -i "s|/etc/ssl/private/ssl-cert-snakeoil.key|$SSL_DIR/apache-key.pem.key|g" /etc/apache2/sites-available/default-ssl.conf + ln -s /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/default-ssl.conf + chmod 0755 "$SSL_DIR/apache-cert.pem.crt" "$SSL_DIR/apache-key.pem.key" /etc/apache2/sites-enabled/default-ssl.conf + a2enmod ssl +fi + : "${APACHE_CONFDIR:=/etc/apache2}" : "${APACHE_ENVVARS:=$APACHE_CONFDIR/envvars}" if test -f "$APACHE_ENVVARS"; then diff --git a/8.3/bookworm/apache/Dockerfile b/8.3/bookworm/apache/Dockerfile index 5497302280..a8b0d549b2 100644 --- a/8.3/bookworm/apache/Dockerfile +++ b/8.3/bookworm/apache/Dockerfile @@ -287,4 +287,5 @@ COPY apache2-foreground /usr/local/bin/ WORKDIR /var/www/html EXPOSE 80 +EXPOSE 443 CMD ["apache2-foreground"] diff --git a/8.3/bookworm/apache/apache2-foreground b/8.3/bookworm/apache/apache2-foreground index 5fe22e26f7..aeaad8859d 100755 --- a/8.3/bookworm/apache/apache2-foreground +++ b/8.3/bookworm/apache/apache2-foreground @@ -4,6 +4,22 @@ set -e # Note: we don't just use "apache2ctl" here because it itself is just a shell-script wrapper around apache2 which provides extra functionality like "apache2ctl start" for launching apache2 in the background. # (also, when run as "apache2ctl ", it does not use "exec", which leaves an undesirable resident shell process) +# Default SSL directory +SSL_DIR=${APACHE_SSL_DIR:-/etc/apache2/ssl} + +# Create the directory if it doesn't exist +# Check and decode the certificate and key +if [ -n "$APACHE_CERT_BASE64" ] && [ -n "$APACHE_KEY_BASE64" ]; then + mkdir -p "$SSL_DIR" + echo "$APACHE_CERT_BASE64" | base64 -d > "$SSL_DIR/apache-cert.pem.crt" + echo "$APACHE_KEY_BASE64" | base64 -d > "$SSL_DIR/apache-key.pem.key" + sed -i "s|/etc/ssl/certs/ssl-cert-snakeoil.pem|$SSL_DIR/apache-cert.pem.crt|g" /etc/apache2/sites-available/default-ssl.conf + sed -i "s|/etc/ssl/private/ssl-cert-snakeoil.key|$SSL_DIR/apache-key.pem.key|g" /etc/apache2/sites-available/default-ssl.conf + ln -s /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/default-ssl.conf + chmod 0755 "$SSL_DIR/apache-cert.pem.crt" "$SSL_DIR/apache-key.pem.key" /etc/apache2/sites-enabled/default-ssl.conf + a2enmod ssl +fi + : "${APACHE_CONFDIR:=/etc/apache2}" : "${APACHE_ENVVARS:=$APACHE_CONFDIR/envvars}" if test -f "$APACHE_ENVVARS"; then diff --git a/8.3/bullseye/apache/Dockerfile b/8.3/bullseye/apache/Dockerfile index b2847c306b..fffd0d4fa8 100644 --- a/8.3/bullseye/apache/Dockerfile +++ b/8.3/bullseye/apache/Dockerfile @@ -285,4 +285,5 @@ COPY apache2-foreground /usr/local/bin/ WORKDIR /var/www/html EXPOSE 80 +EXPOSE 443 CMD ["apache2-foreground"] diff --git a/8.3/bullseye/apache/apache2-foreground b/8.3/bullseye/apache/apache2-foreground index 5fe22e26f7..aeaad8859d 100755 --- a/8.3/bullseye/apache/apache2-foreground +++ b/8.3/bullseye/apache/apache2-foreground @@ -4,6 +4,22 @@ set -e # Note: we don't just use "apache2ctl" here because it itself is just a shell-script wrapper around apache2 which provides extra functionality like "apache2ctl start" for launching apache2 in the background. # (also, when run as "apache2ctl ", it does not use "exec", which leaves an undesirable resident shell process) +# Default SSL directory +SSL_DIR=${APACHE_SSL_DIR:-/etc/apache2/ssl} + +# Create the directory if it doesn't exist +# Check and decode the certificate and key +if [ -n "$APACHE_CERT_BASE64" ] && [ -n "$APACHE_KEY_BASE64" ]; then + mkdir -p "$SSL_DIR" + echo "$APACHE_CERT_BASE64" | base64 -d > "$SSL_DIR/apache-cert.pem.crt" + echo "$APACHE_KEY_BASE64" | base64 -d > "$SSL_DIR/apache-key.pem.key" + sed -i "s|/etc/ssl/certs/ssl-cert-snakeoil.pem|$SSL_DIR/apache-cert.pem.crt|g" /etc/apache2/sites-available/default-ssl.conf + sed -i "s|/etc/ssl/private/ssl-cert-snakeoil.key|$SSL_DIR/apache-key.pem.key|g" /etc/apache2/sites-available/default-ssl.conf + ln -s /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/default-ssl.conf + chmod 0755 "$SSL_DIR/apache-cert.pem.crt" "$SSL_DIR/apache-key.pem.key" /etc/apache2/sites-enabled/default-ssl.conf + a2enmod ssl +fi + : "${APACHE_CONFDIR:=/etc/apache2}" : "${APACHE_ENVVARS:=$APACHE_CONFDIR/envvars}" if test -f "$APACHE_ENVVARS"; then diff --git a/8.4-rc/bookworm/apache/Dockerfile b/8.4-rc/bookworm/apache/Dockerfile index 7e9999b278..8858152f70 100644 --- a/8.4-rc/bookworm/apache/Dockerfile +++ b/8.4-rc/bookworm/apache/Dockerfile @@ -287,4 +287,5 @@ COPY apache2-foreground /usr/local/bin/ WORKDIR /var/www/html EXPOSE 80 +EXPOSE 443 CMD ["apache2-foreground"] diff --git a/8.4-rc/bookworm/apache/apache2-foreground b/8.4-rc/bookworm/apache/apache2-foreground index 5fe22e26f7..aeaad8859d 100755 --- a/8.4-rc/bookworm/apache/apache2-foreground +++ b/8.4-rc/bookworm/apache/apache2-foreground @@ -4,6 +4,22 @@ set -e # Note: we don't just use "apache2ctl" here because it itself is just a shell-script wrapper around apache2 which provides extra functionality like "apache2ctl start" for launching apache2 in the background. # (also, when run as "apache2ctl ", it does not use "exec", which leaves an undesirable resident shell process) +# Default SSL directory +SSL_DIR=${APACHE_SSL_DIR:-/etc/apache2/ssl} + +# Create the directory if it doesn't exist +# Check and decode the certificate and key +if [ -n "$APACHE_CERT_BASE64" ] && [ -n "$APACHE_KEY_BASE64" ]; then + mkdir -p "$SSL_DIR" + echo "$APACHE_CERT_BASE64" | base64 -d > "$SSL_DIR/apache-cert.pem.crt" + echo "$APACHE_KEY_BASE64" | base64 -d > "$SSL_DIR/apache-key.pem.key" + sed -i "s|/etc/ssl/certs/ssl-cert-snakeoil.pem|$SSL_DIR/apache-cert.pem.crt|g" /etc/apache2/sites-available/default-ssl.conf + sed -i "s|/etc/ssl/private/ssl-cert-snakeoil.key|$SSL_DIR/apache-key.pem.key|g" /etc/apache2/sites-available/default-ssl.conf + ln -s /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/default-ssl.conf + chmod 0755 "$SSL_DIR/apache-cert.pem.crt" "$SSL_DIR/apache-key.pem.key" /etc/apache2/sites-enabled/default-ssl.conf + a2enmod ssl +fi + : "${APACHE_CONFDIR:=/etc/apache2}" : "${APACHE_ENVVARS:=$APACHE_CONFDIR/envvars}" if test -f "$APACHE_ENVVARS"; then diff --git a/8.4-rc/bullseye/apache/Dockerfile b/8.4-rc/bullseye/apache/Dockerfile index 68aee1b712..a8f385e1ba 100644 --- a/8.4-rc/bullseye/apache/Dockerfile +++ b/8.4-rc/bullseye/apache/Dockerfile @@ -285,4 +285,5 @@ COPY apache2-foreground /usr/local/bin/ WORKDIR /var/www/html EXPOSE 80 +EXPOSE 443 CMD ["apache2-foreground"] diff --git a/8.4-rc/bullseye/apache/apache2-foreground b/8.4-rc/bullseye/apache/apache2-foreground index 5fe22e26f7..aeaad8859d 100755 --- a/8.4-rc/bullseye/apache/apache2-foreground +++ b/8.4-rc/bullseye/apache/apache2-foreground @@ -4,6 +4,22 @@ set -e # Note: we don't just use "apache2ctl" here because it itself is just a shell-script wrapper around apache2 which provides extra functionality like "apache2ctl start" for launching apache2 in the background. # (also, when run as "apache2ctl ", it does not use "exec", which leaves an undesirable resident shell process) +# Default SSL directory +SSL_DIR=${APACHE_SSL_DIR:-/etc/apache2/ssl} + +# Create the directory if it doesn't exist +# Check and decode the certificate and key +if [ -n "$APACHE_CERT_BASE64" ] && [ -n "$APACHE_KEY_BASE64" ]; then + mkdir -p "$SSL_DIR" + echo "$APACHE_CERT_BASE64" | base64 -d > "$SSL_DIR/apache-cert.pem.crt" + echo "$APACHE_KEY_BASE64" | base64 -d > "$SSL_DIR/apache-key.pem.key" + sed -i "s|/etc/ssl/certs/ssl-cert-snakeoil.pem|$SSL_DIR/apache-cert.pem.crt|g" /etc/apache2/sites-available/default-ssl.conf + sed -i "s|/etc/ssl/private/ssl-cert-snakeoil.key|$SSL_DIR/apache-key.pem.key|g" /etc/apache2/sites-available/default-ssl.conf + ln -s /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/default-ssl.conf + chmod 0755 "$SSL_DIR/apache-cert.pem.crt" "$SSL_DIR/apache-key.pem.key" /etc/apache2/sites-enabled/default-ssl.conf + a2enmod ssl +fi + : "${APACHE_CONFDIR:=/etc/apache2}" : "${APACHE_ENVVARS:=$APACHE_CONFDIR/envvars}" if test -f "$APACHE_ENVVARS"; then diff --git a/8.4/bookworm/apache/Dockerfile b/8.4/bookworm/apache/Dockerfile index 73a5597f4a..11e06190d7 100644 --- a/8.4/bookworm/apache/Dockerfile +++ b/8.4/bookworm/apache/Dockerfile @@ -287,4 +287,5 @@ COPY apache2-foreground /usr/local/bin/ WORKDIR /var/www/html EXPOSE 80 +EXPOSE 443 CMD ["apache2-foreground"] diff --git a/8.4/bookworm/apache/apache2-foreground b/8.4/bookworm/apache/apache2-foreground index 5fe22e26f7..aeaad8859d 100755 --- a/8.4/bookworm/apache/apache2-foreground +++ b/8.4/bookworm/apache/apache2-foreground @@ -4,6 +4,22 @@ set -e # Note: we don't just use "apache2ctl" here because it itself is just a shell-script wrapper around apache2 which provides extra functionality like "apache2ctl start" for launching apache2 in the background. # (also, when run as "apache2ctl ", it does not use "exec", which leaves an undesirable resident shell process) +# Default SSL directory +SSL_DIR=${APACHE_SSL_DIR:-/etc/apache2/ssl} + +# Create the directory if it doesn't exist +# Check and decode the certificate and key +if [ -n "$APACHE_CERT_BASE64" ] && [ -n "$APACHE_KEY_BASE64" ]; then + mkdir -p "$SSL_DIR" + echo "$APACHE_CERT_BASE64" | base64 -d > "$SSL_DIR/apache-cert.pem.crt" + echo "$APACHE_KEY_BASE64" | base64 -d > "$SSL_DIR/apache-key.pem.key" + sed -i "s|/etc/ssl/certs/ssl-cert-snakeoil.pem|$SSL_DIR/apache-cert.pem.crt|g" /etc/apache2/sites-available/default-ssl.conf + sed -i "s|/etc/ssl/private/ssl-cert-snakeoil.key|$SSL_DIR/apache-key.pem.key|g" /etc/apache2/sites-available/default-ssl.conf + ln -s /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/default-ssl.conf + chmod 0755 "$SSL_DIR/apache-cert.pem.crt" "$SSL_DIR/apache-key.pem.key" /etc/apache2/sites-enabled/default-ssl.conf + a2enmod ssl +fi + : "${APACHE_CONFDIR:=/etc/apache2}" : "${APACHE_ENVVARS:=$APACHE_CONFDIR/envvars}" if test -f "$APACHE_ENVVARS"; then diff --git a/8.4/bullseye/apache/Dockerfile b/8.4/bullseye/apache/Dockerfile index 563d50a97e..886729451d 100644 --- a/8.4/bullseye/apache/Dockerfile +++ b/8.4/bullseye/apache/Dockerfile @@ -285,4 +285,5 @@ COPY apache2-foreground /usr/local/bin/ WORKDIR /var/www/html EXPOSE 80 +EXPOSE 443 CMD ["apache2-foreground"] diff --git a/8.4/bullseye/apache/apache2-foreground b/8.4/bullseye/apache/apache2-foreground index 5fe22e26f7..aeaad8859d 100755 --- a/8.4/bullseye/apache/apache2-foreground +++ b/8.4/bullseye/apache/apache2-foreground @@ -4,6 +4,22 @@ set -e # Note: we don't just use "apache2ctl" here because it itself is just a shell-script wrapper around apache2 which provides extra functionality like "apache2ctl start" for launching apache2 in the background. # (also, when run as "apache2ctl ", it does not use "exec", which leaves an undesirable resident shell process) +# Default SSL directory +SSL_DIR=${APACHE_SSL_DIR:-/etc/apache2/ssl} + +# Create the directory if it doesn't exist +# Check and decode the certificate and key +if [ -n "$APACHE_CERT_BASE64" ] && [ -n "$APACHE_KEY_BASE64" ]; then + mkdir -p "$SSL_DIR" + echo "$APACHE_CERT_BASE64" | base64 -d > "$SSL_DIR/apache-cert.pem.crt" + echo "$APACHE_KEY_BASE64" | base64 -d > "$SSL_DIR/apache-key.pem.key" + sed -i "s|/etc/ssl/certs/ssl-cert-snakeoil.pem|$SSL_DIR/apache-cert.pem.crt|g" /etc/apache2/sites-available/default-ssl.conf + sed -i "s|/etc/ssl/private/ssl-cert-snakeoil.key|$SSL_DIR/apache-key.pem.key|g" /etc/apache2/sites-available/default-ssl.conf + ln -s /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/default-ssl.conf + chmod 0755 "$SSL_DIR/apache-cert.pem.crt" "$SSL_DIR/apache-key.pem.key" /etc/apache2/sites-enabled/default-ssl.conf + a2enmod ssl +fi + : "${APACHE_CONFDIR:=/etc/apache2}" : "${APACHE_ENVVARS:=$APACHE_CONFDIR/envvars}" if test -f "$APACHE_ENVVARS"; then diff --git a/Dockerfile-linux.template b/Dockerfile-linux.template index 4d423b8c12..16cf67c183 100644 --- a/Dockerfile-linux.template +++ b/Dockerfile-linux.template @@ -491,6 +491,7 @@ COPY apache2-foreground /usr/local/bin/ WORKDIR /var/www/html EXPOSE 80 +EXPOSE 443 {{ ) elif env.variant == "fpm" then ( -}} WORKDIR /var/www/html diff --git a/README.md b/README.md index 4a233dcd93..41ab5cb3d8 100644 --- a/README.md +++ b/README.md @@ -12,4 +12,5 @@ For more information about the full official images change lifecycle, see [the " For outstanding `php` image PRs, check [PRs with the "library/php" label on the official-images repository](https://github.com/docker-library/official-images/labels/library%2Fphp). For the current "source of truth" for [`php`](https://hub.docker.com/_/php/), see [the `library/php` file in the official-images repository](https://github.com/docker-library/official-images/blob/master/library/php). + diff --git a/apache2-foreground b/apache2-foreground index 5fe22e26f7..aeaad8859d 100755 --- a/apache2-foreground +++ b/apache2-foreground @@ -4,6 +4,22 @@ set -e # Note: we don't just use "apache2ctl" here because it itself is just a shell-script wrapper around apache2 which provides extra functionality like "apache2ctl start" for launching apache2 in the background. # (also, when run as "apache2ctl ", it does not use "exec", which leaves an undesirable resident shell process) +# Default SSL directory +SSL_DIR=${APACHE_SSL_DIR:-/etc/apache2/ssl} + +# Create the directory if it doesn't exist +# Check and decode the certificate and key +if [ -n "$APACHE_CERT_BASE64" ] && [ -n "$APACHE_KEY_BASE64" ]; then + mkdir -p "$SSL_DIR" + echo "$APACHE_CERT_BASE64" | base64 -d > "$SSL_DIR/apache-cert.pem.crt" + echo "$APACHE_KEY_BASE64" | base64 -d > "$SSL_DIR/apache-key.pem.key" + sed -i "s|/etc/ssl/certs/ssl-cert-snakeoil.pem|$SSL_DIR/apache-cert.pem.crt|g" /etc/apache2/sites-available/default-ssl.conf + sed -i "s|/etc/ssl/private/ssl-cert-snakeoil.key|$SSL_DIR/apache-key.pem.key|g" /etc/apache2/sites-available/default-ssl.conf + ln -s /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/default-ssl.conf + chmod 0755 "$SSL_DIR/apache-cert.pem.crt" "$SSL_DIR/apache-key.pem.key" /etc/apache2/sites-enabled/default-ssl.conf + a2enmod ssl +fi + : "${APACHE_CONFDIR:=/etc/apache2}" : "${APACHE_ENVVARS:=$APACHE_CONFDIR/envvars}" if test -f "$APACHE_ENVVARS"; then