|
| 1 | +# Change Log |
| 2 | + |
| 3 | +## centos-6 |
| 4 | + |
| 5 | +Summary of release changes for Version 1. |
| 6 | + |
| 7 | +CentOS-6 6.8 x86_64, Apache 2.2, PHP-CGI 5.3 (FastCGI), PHP memcached 1.0, PHP APC 3.1. |
| 8 | + |
| 9 | +### 1.8.1 - 2017-01-29 |
| 10 | + |
| 11 | +- Updates image source to release 1.8.2 including required Makefile and environment changes. |
| 12 | +- Adds test cases for FastCGI operation. |
| 13 | +- Adds a Change Log. |
| 14 | +- Adds support for semantic release tag version numbers. |
| 15 | +- Changes description to PHP-CGI instead of PHP. |
| 16 | + |
| 17 | +### 1.8.0 - 2016-10-25 |
| 18 | + |
| 19 | +- Changes source to release 1.8.0. |
| 20 | +- Adds installation of php-hello-world app from [external release source](https://github.com/jdeathe/php-hello-world/releases). |
| 21 | +- Adds UseCanonicalName On httpd setting. |
| 22 | +- Adds reduced Dockerfile build layers for installing PHP app package. |
| 23 | +- Adds startup script `/usr/sbin/httpd-startup` used to initialise environment variables; paths that are relative are expanded to absolute and the hostname placeholder is replaced with the container's hostname. This logic has been moved out of the Apache wrapper script so it can be set globally and made available when accessing the container interactively. |
| 24 | +- Adds package php-hello-world 0.4.0. |
| 25 | +- Adds update browser screenshots to documentation. |
| 26 | + |
| 27 | +### 1.7.2 - 2016-10-02 |
| 28 | + |
| 29 | +- Adds Makefile help target with usage instructions. |
| 30 | +- Splits up the Makefile targets into internal and public types. |
| 31 | +- Adds correct `scmi` path in usage instructions. |
| 32 | +- Changes `PACKAGE_PATH` to `DIST_PATH` in line with the Makefile environment include. Not currently used by `scmi` but changing for consistency. |
| 33 | +- Changes `DOCKER_CONTAINER_PARAMETERS_APPEND` to `DOCKER_CONTAINER_OPTS` for usability. This is a potentially breaking change that could affect systemd service configurations if using the Environment variable in a drop-in customisation. However, if using the systemd template unit-files it should be pinned to a specific version tag. The Makefile should only be used for development/testing and usage in `scmi` is internal only as the `--setopt` parameter is used to build up the optional container parameters. |
| 34 | +- Removes X-Fleet section from template unit-file. |
| 35 | + |
| 36 | +### 1.7.1 - 2016-09-30 |
| 37 | + |
| 38 | +- Updates source to release 1.7.2. |
| 39 | +- Replaces `PACKAGE_PATH` with `DIST_PATH` in Makefile. The package output directory created will be `./dist` instead of `./packages/jdeathe`. |
| 40 | +- Apache VirtualHost configuration has been simplified to only require a single certificate bundle file (`/etc/pki/tls/certs/localhost.crt`) in PEM format. |
| 41 | +- Adds `APACHE_SSL_CERTIFICATE` to allow the operator to add a PEM, (and optionally base64), encoded certificate bundle (inclusive of key + certificate + intermediate certificate. Base64 encoding of the PEM file contents is recommended. |
| 42 | +- Adds `APACHE_SSL_CIPHER_SUITE` to allow the operator to define a custom CipherSuite. |
| 43 | +- Adds `APACHE_SSL_PROTOCOL` to allow the operator to add/remove SSL protocol support. |
| 44 | +- Adds usage instructions for `APACHE_SSL_CERTIFICATE`, `APACHE_SSL_CIPHER_SUITE` and `APACHE_SSL_PROTOCOL`. |
| 45 | +- Removes requirement to pass php package name to the php-wrapper - feature was undocumented and unused. |
| 46 | +- Removes MySQL legacy-linked environment variable population and handling. |
| 47 | +- Adds correct path to `scmi` in image metadata to allow `atomic install` to complete successfully. |
| 48 | + |
| 49 | +#### Known Issues |
| 50 | + |
| 51 | +The Makefile install (create) target fails when a `APACHE_SSL_CERTIFICATE` is set as multiline formatted string in the environment as follows. |
| 52 | + |
| 53 | +``` |
| 54 | +$ export APACHE_SSL_CERTIFICATE="$( |
| 55 | + < "/etc/pki/tls/certs/localhost.crt" |
| 56 | +)" |
| 57 | +``` |
| 58 | + |
| 59 | +The recommended way to set the certificate value is to base64 encode it as a string value. |
| 60 | + |
| 61 | +Mac OSX: |
| 62 | + |
| 63 | +``` |
| 64 | +$ export APACHE_SSL_CERTIFICATE="$( |
| 65 | + base64 -i "/etc/pki/tls/certs/localhost.crt" |
| 66 | +)" |
| 67 | +``` |
| 68 | + |
| 69 | +Linux: |
| 70 | + |
| 71 | +``` |
| 72 | +$ export APACHE_SSL_CERTIFICATE="$( |
| 73 | + base64 -w 0 -i "/etc/pki/tls/certs/localhost.crt" |
| 74 | +)" |
| 75 | +``` |
| 76 | + |
| 77 | +### 1.7.0 - 2016-09-14 |
| 78 | + |
| 79 | +- Updates source tag to 1.7.1. |
| 80 | +- Adds `scmi` and metadata for atomic install/uninstall usage. |
| 81 | +- Removes deprecated run.sh and build.sh helper scripts. These have been replaced with the make targets `make` (or `make build`) and `make install start`. |
| 82 | +- Removes support for and documentation on configuration volumes. These can still be implemented by making use of the `DOCKER_CONTAINER_PARAMETERS_APPEND` environment variable or using the `scmi` option `--setopt` to append additional docker parameters to the default docker create template. |
| 83 | +- Changes systemd template unit-file environment variable for `DOCKER_IMAGE_PACKAGE_PATH` now defaults to the path `/var/opt/scmi/packages` instead of `/var/services-packages` however this can be reverted back using the `scmi` option `--env='DOCKER_IMAGE_PACKAGE_PATH="/var/services-packages"'` if necessary. |
| 84 | +- Replaces `HTTPD` with `APACHE_MPM`; instead of needing to supply the path to the correct binary `APACHE_MPM` takes the Apache MPM name (i.e. `prefork` or `worker`). |
| 85 | +- Replaces `SERVICE_UID` with `APACHE_HEADER_X_SERVICE_UID`. |
| 86 | +- Default to using the `{{HOSTNAME}}` placeholder for the value of `APACHE_HEADER_X_SERVICE_UID`. |
| 87 | +- Adds the `/usr/sbin/httpd-wrapper` script to make the wrapper more robust and simpler to maintain that the one-liner that was added directly using the supervisord program command. |
| 88 | +- Adds Lockfile handling into the `/usr/sbin/httpd-bootstrap` script making it more robust and simpler to maintain. |
| 89 | +- Adds a minor correction to a couple of the README `scmi` examples. |
| 90 | +- Reviewed quoting of environment variables used in Apache include templates and in the bootstrap script. |
| 91 | +- To be consistent with other `jdeathe/centos-ssh` based containers the default group used in the docker name has been changed to `pool-1` from `app-1`. |
| 92 | +- Adds a niceness value of 10 to the httpd process in the httpd-wrapper script. |
| 93 | +- Stops header X-Service-UID being set if `APACHE_HEADER_X_SERVICE_UID` is empty. |
| 94 | +- Adds support for defining `APACHE_CUSTOM_LOG_LOCATION` and `APACHE_ERROR_LOG_LOCATION` paths that are relative to `APACHE_CONTENT_ROOT`. This allows for a simplified configuration. |
| 95 | +- Prevents `scmi` installer publishing port 443 if `APACHE_MOD_SSL_ENABLED` is false. |
| 96 | +- Adds a fix for the default value of `APACHE_HEADER_X_SERVICE_UID` when using `scmi`. |
| 97 | +- Adds method to prevent exposed ports being published when installing using the embedded `scmi` installation method or the Makefile's create/run template. e.g. To prevent port `8443` getting published set the value of the environment variable `DOCKER_PORT_MAP_TCP_8443` to `NULL` |
| 98 | +- Disables publishing port `8443` by default in scmi/make/systemd install templates. |
| 99 | + |
| 100 | +### 1.6.0 - 2016-09-10 |
| 101 | + |
| 102 | +- Updates source tag to [1.6.1](https://github.com/jdeathe/centos-ssh-apache-php/releases/tag/1.6.1). |
| 103 | +- Relocates VirtualHost configuration out of app package and into the container package. |
| 104 | +- Adds simplified php-wrapper script now that configuration is handled by the php.d/\*ini scan directory includes. |
| 105 | +- Adds restructured httpd configuration. Replaced the single template VirtualHost that was used to generate an SSL copy using the bootstrap script with 2 basic VirtualHost definitions. The majority of configuration is now pulled in from the scan directory `/etc/services-config/httpd/conf.d/*.conf` where core container configuration is prefixed with `00-`. App package configuration (`/var/www/app/etc/httpd/conf.d/*.conf`) files are added to this directory as part of the container build and prefixed with `50-` to indicate their source and influence load order. |
| 106 | +- Adds the PHP Info script into the demo app package the source instead of generating it as part of the container build. |
| 107 | +- Adds an increased MaxKeepAliveRequests value of 200 from the default 100. |
| 108 | +- Removes some unused configuration scripts. |
| 109 | +- Fixes an issue with the php-wrapper script not loading in the configuration environment variables from `/etc/httpd-bootstrap.conf`. |
| 110 | +- Adds minor improvement to the demo app's index.php to prevent errors if either the PHP Info or APC Info scripts are unavailable. |
| 111 | +- The placeholder `{{HOSTNAME}}` will be replaced with the system (container) hostname when used in the value of the environment variable `SERVICE_UID`. |
| 112 | +- Adds default of `expose_php = Off` even if the user configuration is not loaded. |
| 113 | +- Adds `PACKAGE_PATH` environment variable to the bootstrap. |
| 114 | +- Loading of app PHP configuration is now carried out in the bootstrap before starting `httpd` (Apache) and not as an image build time step. This is necessary to allow the environment variables to be replaced before being loaded by the fcgid php-wrapper script where the environment is cleared down. |
| 115 | +- Adds loading of Apache app package configuration files into the bootstrap. |
| 116 | +- Adds enable/disable of the SSL VirtualHost configuration into the bootstrap. |
| 117 | +- Removes configuration files now pulled in from the app package's configuration. |
| 118 | +- Adds fix for incorrect binary defined in the latest systemd template unit-file and in the makefile environment definition. |
| 119 | + |
| 120 | +### 1.5.0 - 2016-09-04 |
| 121 | + |
| 122 | +- Updates source tag to [1.5.0](https://github.com/jdeathe/centos-ssh-apache-php/releases/tag/1.5.0). (i.e. Updates CentOS to 6.8). |
| 123 | +- Adds `APACHE_OPERATING_MODE` to the systemd run command. |
| 124 | +- Disables the default Apache DocumentRoot `/var/www/html`. |
| 125 | +- Disables the `TRACE` method in the VirtualHost configuration. |
| 126 | +- Updates examples in README. |
| 127 | +- Updates SSL configuration to use 2048 bit key size to reduce CPU usage. |
| 128 | +- Enables `SSLSessionCache` in the VirtualHost configuration. |
| 129 | +- Updates SSL configuration to use Mozilla recommended cipher suites and order. |
| 130 | +- Maintenance: Use single a line ENV to set all environment variables. |
| 131 | +- Fixes an issue with log paths being incorrect due to `APACHE_CONTENT_ROOT` being undefined. |
| 132 | +- Removes use of "AllowOverride All" in the VirtualHost configuration when no .htaccess exists in the DocumentRoot path. This would otherwise log the following error: "(13)Permission denied: /var/www/app/public_html/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable" |
| 133 | +- Adds Makefile to replace build.sh and run.sh |
| 134 | +- Updates systemd template unit-files. |
| 135 | +- Updates and relocates bootstrap script. |
| 136 | +- Changes supervisord configuration and adds improvements to bootstrap reliability. |
| 137 | + |
| 138 | + |
| 139 | +### 1.4.5 - 2016-04-27 |
| 140 | + |
| 141 | +- Updates source tag to [1.4.5](https://github.com/jdeathe/centos-ssh-apache-php/releases/tag/1.4.5). |
| 142 | +- Removes files that are available in the upstream repository and not used by this `Dockerfile`. |
| 143 | + - Note: the [php-wrapper](https://github.com/jdeathe/centos-ssh-apache-php/blob/1.4.5/var/www/app/bin/php-wrapper) script is now maintained in the upstream source. |
| 144 | + - Updates `README.md` to reflect the files being available in the upstream repository. |
| 145 | + |
| 146 | +### 1.4.4 - 2016-03-11 |
| 147 | + |
| 148 | +- Deprecates `APACHE_SUEXEC_USER_GROUP` now that `APACHE_RUN_USER` and `APACHE_RUN_GROUP` are available. |
| 149 | +- Removes redundant build steps. |
| 150 | +- Adds revised installation / configuration for `mod_fcgid` and erase unused `php` package. |
| 151 | +- Sort the Apache modules in log output. |
| 152 | +- Locate the fcgid `php-wrapper` script within the package directory. |
| 153 | + |
| 154 | +### 1.4.3 - 2016-03-08 |
| 155 | + |
| 156 | +- Updates source tag to 1.4.3. |
| 157 | +- Adds syntax and readability update to the php-wrapper. |
| 158 | + |
| 159 | +### 1.4.2 - 2016-01-27 |
| 160 | + |
| 161 | +- Updates source tag to 1.4.2. |
| 162 | +- Revised method + instructions on data volume usage. |
| 163 | +- Improved systemd definition file and installation script. |
| 164 | + |
| 165 | +### 1.4.1 - 2016-01-26 |
| 166 | + |
| 167 | +- Updates source tag to 1.4.1. |
| 168 | +- Adds `HTTPD` environment variable to allow operator to switch between `httpd` (Prefork) and `httpd.worker` (Worker) Apache MPM. |
| 169 | +- Adds feature to populate the container's /etc/hosts with `APACHE_SERVER_NAME` and `APACHE_SERVER_ALIAS` values. |
| 170 | +- Changes the HTTP and HTTPS configuration includes and comment/uncomment entire block for the SSL configuration instead of targeting each line. _NOTE_ If you are using an existing vhost.conf and want to use the mod_ssl feature of the container instead of terminating the SSL upstream then you should update the mod_ssl configuration to the following (with the '#' at the beginning of the line): |
| 171 | + |
| 172 | + ``` |
| 173 | + # <IfModule mod_ssl.c> |
| 174 | + # SSLEngine on |
| 175 | + # SSLOptions +StrictRequire |
| 176 | + # SSLProtocol -all +TLSv1 |
| 177 | + # SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM |
| 178 | + # SSLCertificateFile /etc/pki/tls/certs/localhost.crt |
| 179 | + # SSLCertificateKeyFile /etc/pki/tls/private/localhost.key |
| 180 | + # #SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt |
| 181 | + # </IfModule> |
| 182 | + ``` |
| 183 | +- Adds function to set Apache's main ServerName to suppress startup message. |
| 184 | +- Changes the ExtendedStatus directive to to Off by default and adds `APACHE_EXTENDED_STATUS_ENABLED` to allow it to be enabled by the operator. |
| 185 | + |
| 186 | +### 1.4.0 - 2016-01-16 |
| 187 | + |
| 188 | +- Updates CentOS to 6.7. |
| 189 | + |
| 190 | +### 1.3.1 - 2016-01-16 |
| 191 | + |
| 192 | +- Updates upstream image to centos-6-1.3.1 tag. |
| 193 | +- Updates the systemd definition file and installer script. Now using etcd2. |
| 194 | +- Adds `rpm --rebuilddb` before `yum install` to resolve checksum issues that prevented build completion. |
| 195 | +- Adds feature to apply config via environment variables + documentation updated with example use cases. |
| 196 | +- Adds Apache module `reqtimeout_module`. |
| 197 | + |
| 198 | +### 1.3.0 - 2015-10-31 |
| 199 | + |
| 200 | +- Changes the image to build from a specified source tag instead of branch. |
| 201 | +- Changes the image build to specify package versions, add `versionlock` package and lock packages. |
| 202 | +- Changes the location of the SSH configuration file to a subdirectory to be more consistent. |
| 203 | +- Adds support for running and building on OSX Docker hosts (i.e boot2docker). |
| 204 | + |
| 205 | +### 1.2.1 - 2015-05-25 |
| 206 | + |
| 207 | +- Fixes the systemd service file to reference the correct tag version. |
| 208 | +- Fixes spelling errors in the README. |
| 209 | + |
| 210 | +### 1.2.0 - 2015-05-04 |
| 211 | + |
| 212 | +- Updates CentOS to 6.6. |
| 213 | +- Adds MIT License. |
| 214 | + |
| 215 | +### 1.0.1 - 2014-08-29 |
| 216 | + |
| 217 | +- Fixes errors during startup of Apache due to missing `fcgid.conf` configuration file. |
| 218 | + |
| 219 | +### 1.0.0 - 2014-08-27 |
| 220 | + |
| 221 | +- Initial release |
0 commit comments