dockerapachecontainers

Share an dockerized apache/php/mysql app without having to create a apache config file


I created a simple todo list apache/php/mysql web app with 2 docker containers (one apache/php/code and one mysql). I then created an image on docker hub which embark the php code.

If someone wants to deploy my app, it has to :

  • Create a docker-compose.yml file with the content I provide (maybe from Github)
  • Create a .env file with mysql password, ports etc.
  • Create a 000-default.conf file for apache vhost config
  • Create a fullchain.pem and privkey.pem for https
  • Run the docker-compose.yml

I'm not sure it is best practise to distribute a public app this way. I would like to simplify the process. I think I could first remove the need to create a 000-default.conf file but I really don't know how where to start. Any thought or advise would be much appreciated. Thanks!

EDIT 1: following David comment :

The apache config file is very simple. It looks like this :

<VirtualHost *:80>
  ServerName XXXXXX
  DocumentRoot /var/www/html
</VirtualHost>
   
<IfModule mod_ssl.c>
<VirtualHost *:443>
  ServerName XXXXXX
  DocumentRoot /var/www/html
  SSLCertificateFile /etc/apache2/ssl/fullchain.pem
  SSLCertificateKeyFile /etc/apache2/ssl/privkey.pem
  SSLEngine on
</VirtualHost>
</IfModule>

I see two problems:

  1. The SeverName changes according to the domain of the person deploying the application.
  2. If the deployer doesn't provide a certificate, the container cannot start because looking for .pem files that don't exist.

Solution

  • I managed to include the apache config into the Docker image.

    1. Make a variable in the apache config file for ServerName and SSL paths:
    <VirtualHost *:80>
        ServerName ${SERVER_NAME}
        DocumentRoot /var/www/html
    </VirtualHost>
           
    <IfModule mod_ssl.c>
    <VirtualHost *:443>
        ServerName ${SERVER_NAME}
        DocumentRoot /var/www/html
        SSLCertificateFile ${SSL_CERT_FILE}
        SSLCertificateKeyFile ${SSL_KEY_FILE}
        SSLEngine on
    </VirtualHost>
    </IfModule>
    
    1. In Dockerfile, copy apache config:
    COPY ./000-default.conf /etc/apache2/sites-available/000-default.conf
    
    1. Pass the value from .env file :
    SERVER_NAME=mydomain.com
    SSL_CERT_FILE=/etc/apache2/ssl/fullchain.pem  # Uncomment if certificate provided into ssl folder
    SSL_KEY_FILE=/etc/apache2/ssl/privkey.pem  # Uncomment if certificate provided into ssl folder
    

    to docker-compose.yml :

    environment:
          SERVER_NAME: ${SERVER_NAME}
          SSL_CERT_FILE: ${SSL_CERT_FILE:-/etc/apache2/default_ssl/fullchain.pem}
          SSL_KEY_FILE: ${SSL_KEY_FILE:-/etc/apache2/default_ssl/privkey.pem}
    
    1. Bind volume for SSL certificate provided by deployer
        volumes:       
          - "./ssl:/etc/apache2/ssl"
    

    The apache config in the container takes the values provided by the deployer in the .env. If he doesn't provide certificate, it takes the default auto-signed one included into the docker image.