wordpress:6.2-php8.2-fpm

을 기준으로 소스를 파해쳐 보기로 해보자

https://hub.docker.com/layers/library/wordpress/6.2-php8.2-fpm/images/sha256-3139a25671d99b01fd9f939a9ab5ea7b7de9ef0ffafe137d17c679f0dde14ab9?context=explore

Docker

hub.docker.com

처음은 dabian:11-slim을 받는다 그것을 php:8-fpm 에서 사용하고 또 그것을 wordpress에서 사용하는 식이다.

debian은 봐도 모르기에 패스하고 php8부터 보자

php 코드

https://github.com/docker-library/php/tree/21967e6cd5f1240093d4f0b03d579397571cab9c/8.2/bullseye/fpm

GitHub - docker-library/php: Docker Official Image packaging for PHP

Docker Official Image packaging for PHP. Contribute to docker-library/php development by creating an account on GitHub.

github.com

#
# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
#
# PLEASE DO NOT EDIT IT DIRECTLY.
#

FROM debian:bullseye-slim

일단 위에 설명했듯이 bullseye-slim 을 사용한다

RUN set -eux; \
	{ \
		echo 'Package: php*'; \
		echo 'Pin: release *'; \
		echo 'Pin-Priority: -1'; \
	} > /etc/apt/preferences.d/no-debian-php

위에는 나눠서 봐야한다

set 명령어의 옵션인데 -eux 옵션으로 에러를 잡아주려 한거같다

https://engineer-mole.tistory.com/291

[Linux] 좋은 쉘 스크립트 쓰는 팁

※ 일본의 글을 번역한 포스팅입니다. 오역 및 직역, 의역이 있을 수 있으며 틀린 내용은 지적해주시면 감사하겠습니다. 더 좋은 쉘 스크립트 쓰는 방법에 대해 정리해보았다. 아무것도 하지 않

engineer-mole.tistory.com

그리고 { 구조체로 }

etc/apt/preferences.d/no-debian-php 파일을 만들어 주엇다

docker run -it --rm debian:bullseye-slim 으로 실행하여 확인해보면

이런모습을 볼 수 있다

ENV PHPIZE_DEPS \
		autoconf \
		dpkg-dev \
		file \
		g++ \
		gcc \
		libc-dev \
		make \
		pkg-config \
		re2c
        
        
# PHPIZE_DEPS="autoconf dpkg-dev file g++ gcc libc-dev make pkg-config re2c" 와같음

이것은 우리가 slim으로 debian을 깔았기 때문에 없는 명령어들을 설치하려고 하는것이다

ㅈset 명령어로 환경변수가 잘 들어 갔는지 확인하면 좋다

지금 커멘드를 찾지 못했을때 꺼지는 것을 볼 수 있는데 set -eux;설정에 의해 그런것임으로 좀더 컨테이너가 잘작동 되는지 확인하기 위해 좋은 방법이다.

RUN set -eux; \
	apt-get update; \
	apt-get install -y --no-install-recommends \
		$PHPIZE_DEPS \
		ca-certificates \
		curl \
		xz-utils \
	; \
	rm -rf /var/lib/apt/lists/*
    
    #  apt-get install -y $PHPIZE_DEPS  ca-certificates curl xz-utils

이경우 --no-install-recommends 이 좀 걸리긴한다 강제적으로 환경 생각안하고 설치하는건데 음... 특별히 버전을 설정한게 아니기때문이다. 그러니 나는 빼주고 실행해 보앗다

그리고 밑에 있는 것은

이런식으로 우리가 다운받을때 만들어진 케시들이 있게된다 그것을 삭제해주 는것인데 음.. 해주는게 좋을거 같다

ENV PHP_INI_DIR /usr/local/etc/php
# PHP_INI_DIR="/usr/local/etc/php"
RUN set -eux; \
	mkdir -p "$PHP_INI_DIR/conf.d"; \
# allow running as an arbitrary user (https://github.com/docker-library/php/issues/743)
	[ ! -d /var/www/html ]; \
	mkdir -p /var/www/html; \
	chown www-data:www-data /var/www/html; \
	chmod 1777 /var/www/html

폴더를 만들어주고 (-p 옵션은 상하위 폴더를 한번에 만들어 준다)

if 문을 쓴거 같은데.. 음.. 원래는

if [ ! -d /var/www/html ]; then mkdir -p /var/www/html ;fi

이런식으로 사용한다

다음은 /var/www/html 폴더를 사용자 www-data 구릅 www-data로 만든다? 라고 한다 음..

이게 if문안에 있는건지 잘 모르겟다 내생각엔 밖에있는거같은데 그럼 어차피 폴더 만들어 주는거는 같은데 구지..?

이제 암호화이다

# Apply stack smash protection to functions using local buffers and alloca()
# Make PHP's main executable position-independent (improves ASLR security mechanism, and has no performance impact on x86_64)
# Enable optimization (-O2)
# Enable linker optimization (this sorts the hash buckets to improve cache locality, and is non-default)
# https://github.com/docker-library/php/issues/272
# -D_LARGEFILE_SOURCE and -D_FILE_OFFSET_BITS=64 (https://www.php.net/manual/en/intro.filesystem.php)
ENV PHP_CFLAGS="-fstack-protector-strong -fpic -fpie -O2 -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"
ENV PHP_CPPFLAGS="$PHP_CFLAGS"
ENV PHP_LDFLAGS="-Wl,-O1 -pie"

ENV GPG_KEYS 39B641343D8C104B2B146DC3F9C39DC0B9698544 E60913E4DF209907D8E30D96659A97C9CF2A795A 1198C0117593497A5EC5C199286AF1F9897469DC

ENV PHP_VERSION 8.2.6
ENV PHP_URL="https://www.php.net/distributions/php-8.2.6.tar.xz" PHP_ASC_URL="https://www.php.net/distributions/php-8.2.6.tar.xz.asc"
ENV PHP_SHA256="10b796f0ed45574229851212b30a596a76e70ae365322bcaaaf9c00fa7d58cca"

RUN set -eux; \
	\
	savedAptMark="$(apt-mark showmanual)"; \
	apt-get update; \
	apt-get install -y --no-install-recommends gnupg; \
	rm -rf /var/lib/apt/lists/*; \
	\
	mkdir -p /usr/src; \
	cd /usr/src; \
	\
	curl -fsSL -o php.tar.xz "$PHP_URL"; \
	\
	if [ -n "$PHP_SHA256" ]; then \
		echo "$PHP_SHA256 *php.tar.xz" | sha256sum -c -; \
	fi; \
	\
	if [ -n "$PHP_ASC_URL" ]; then \
		curl -fsSL -o php.tar.xz.asc "$PHP_ASC_URL"; \
		export GNUPGHOME="$(mktemp -d)"; \
		for key in $GPG_KEYS; do \
			gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
		done; \
		gpg --batch --verify php.tar.xz.asc php.tar.xz; \
		gpgconf --kill all; \
		rm -rf "$GNUPGHOME"; \
	fi; \
	\
	apt-mark auto '.*' > /dev/null; \
	apt-mark manual $savedAptMark > /dev/null; \
	apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false

중요한 부분만 보자

앞부분은 변수명 설정하는거고

savedAptMark="$(apt-mark showmanual)"; 은 apt를 받은 목록들이 보인다

그것들을 담아둔거고

gnupg 라는것을 받는다

암호화하여 통신하기 위한 것같다

http://www.linuxlab.co.kr/docs/01-01-3.htm

GnuPG 리눅스에서 안전하게 통신하기

GnuPG 리눅스에서 안전하게 통신하기 [譯: 윤봉환, el@linuxlab.co.kr] 원문 : By Kapil Sharma 개요 GnuPG는 통신상에서 혹은 데이터를 저장할 때 보안을 지키는 도구이다. GnuPG는 데이터를 암호화하고 전자

www.linuxlab.co.kr

또 캐쉬 지워주고

curl -fsSL -o php.tar.xz "$PHP_URL" 이건 저주소로가서 그파일을 php.tar.xz 로 다운로드 하는것이다

옵션에 s를 빼면 다운로드 상태를 볼수도 있다

그외에 옵션

https://fmhelp.filemaker.com/help/16/fmp/ko/index.html#page/FMP_Help/curl-options.html

FileMaker Pro 16 Help

fmhelp.filemaker.com

이파일과 sha256sum 알고리즘 암호화가 된다

export GNUPGHOME="$(mktemp -d)"; 이부분은 임시파일 형성이라는데 자세한건 모르겟다 임시파일을 만들어 주는 명령어같다

for 문으로 GPG_KEYS; 를 돌리는데

이런결과를 받을수 있다

다음으로 이위에 만들어 진것과 받은 파일들을 뭔가 하는거 같은데

이 한개 빼곤 어디에 쓰는지 모르겟다

뭐 통신이 잘된다는것을 확인하기위한 작업인거 같다

이제 뭐 dev/null은 버퍼 비우려고 하는것일거다

다음!

뭔가 삭제한다 ...음.............

이제 php를 설치하려는거 같다

COPY docker-php-source /usr/local/bin/

RUN set -eux; \
	\
	savedAptMark="$(apt-mark showmanual)"; \
	apt-get update; \
	apt-get install -y --no-install-recommends \
		libargon2-dev \
		libcurl4-openssl-dev \
		libonig-dev \
		libreadline-dev \
		libsodium-dev \
		libsqlite3-dev \
		libssl-dev \
		libxml2-dev \
		zlib1g-dev \
	; \
	\
	export \
		CFLAGS="$PHP_CFLAGS" \
		CPPFLAGS="$PHP_CPPFLAGS" \
		LDFLAGS="$PHP_LDFLAGS" \
	; \
	docker-php-source extract; \
	cd /usr/src/php; \
	gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
	debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \
# https://bugs.php.net/bug.php?id=74125
	if [ ! -d /usr/include/curl ]; then \
		ln -sT "/usr/include/$debMultiarch/curl" /usr/local/include/curl; \
	fi; \
	./configure \
		--build="$gnuArch" \
		--with-config-file-path="$PHP_INI_DIR" \
		--with-config-file-scan-dir="$PHP_INI_DIR/conf.d" \
		\
# make sure invalid --configure-flags are fatal errors instead of just warnings
		--enable-option-checking=fatal \
		\
# https://github.com/docker-library/php/issues/439
		--with-mhash \
		\
# https://github.com/docker-library/php/issues/822
		--with-pic \
		\
# --enable-ftp is included here because ftp_ssl_connect() needs ftp to be compiled statically (see https://github.com/docker-library/php/issues/236)
		--enable-ftp \
# --enable-mbstring is included here because otherwise there's no way to get pecl to use it properly (see https://github.com/docker-library/php/issues/195)
		--enable-mbstring \
# --enable-mysqlnd is included here because it's harder to compile after the fact than extensions are (since it's a plugin for several extensions, not an extension in itself)
		--enable-mysqlnd \
# https://wiki.php.net/rfc/argon2_password_hash
		--with-password-argon2 \
# https://wiki.php.net/rfc/libsodium
		--with-sodium=shared \
# always build against system sqlite3 (https://github.com/php/php-src/commit/6083a387a81dbbd66d6316a3a12a63f06d5f7109)
		--with-pdo-sqlite=/usr \
		--with-sqlite3=/usr \
		\
		--with-curl \
		--with-iconv \
		--with-openssl \
		--with-readline \
		--with-zlib \
		\
# https://github.com/bwoebi/phpdbg-docs/issues/1#issuecomment-163872806 ("phpdbg is primarily a CLI debugger, and is not suitable for debugging an fpm stack.")
		--disable-phpdbg \
		\
# in PHP 7.4+, the pecl/pear installers are officially deprecated (requiring an explicit "--with-pear")
		--with-pear \
		\
# bundled pcre does not support JIT on s390x
# https://manpages.debian.org/bullseye/libpcre3-dev/pcrejit.3.en.html#AVAILABILITY_OF_JIT_SUPPORT
		$(test "$gnuArch" = 's390x-linux-gnu' && echo '--without-pcre-jit') \
		--with-libdir="lib/$debMultiarch" \
		\
		--disable-cgi \
		\
		--enable-fpm \
		--with-fpm-user=www-data \
		--with-fpm-group=www-data \
	; \
	make -j "$(nproc)"; \
	find -type f -name '*.a' -delete; \
	make install; \
	find \
		/usr/local \
		-type f \
		-perm '/0111' \
		-exec sh -euxc ' \
			strip --strip-all "$@" || : \
		' -- '{}' + \
	; \
	make clean; \
	\
# https://github.com/docker-library/php/issues/692 (copy default example "php.ini" files somewhere easily discoverable)
	cp -v php.ini-* "$PHP_INI_DIR/"; \
	\
	cd /; \
	docker-php-source delete; \
	\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
	apt-mark auto '.*' > /dev/null; \
	[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
	find /usr/local -type f -executable -exec ldd '{}' ';' \
		| awk '/=>/ { print $(NF-1) }' \
		| sort -u \
		| xargs -r dpkg-query --search \
		| cut -d: -f1 \
		| sort -u \
		| xargs -r apt-mark manual \
	; \
	apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
	rm -rf /var/lib/apt/lists/*; \
	\
# update pecl channel definitions https://github.com/docker-library/php/issues/443
	pecl update-channels; \
	rm -rf /tmp/pear ~/.pearrc; \
	\
# smoke test
	php --version

일단 copy docker-php-source 파일을 보자

#!/bin/sh
set -e

dir=/usr/src/php

usage() {
	echo "usage: $0 COMMAND"
	echo
	echo "Manage php source tarball lifecycle."
	echo
	echo "Commands:"
	echo "   extract  extract php source tarball into directory $dir if not already done."
	echo "   delete   delete extracted php source located into $dir if not already done."
	echo
}

case "$1" in
	extract)
		mkdir -p "$dir"
		if [ ! -f "$dir/.docker-extracted" ]; then
			tar -Jxf /usr/src/php.tar.xz -C "$dir" --strip-components=1
			touch "$dir/.docker-extracted"
		fi
		;;

	delete)
		rm -rf "$dir"
		;;

	*)
		usage
		exit 1
		;;
esac

이건 extract 가 입력갑 1번으로 들어오면 실핼하는 것같다 없는 케이스오면 echo 에있는 글나오고

https://hieunsoo.tistory.com/135

[Ubuntu 18.0.4] APM 소스 설치 - PHP 7.4.1 (수동 설치, 컴파일 설치)

Apache 2.4 설치 MySQL 8.0.19 설치 PHP 7.4.1 설치 지금까지 Ubuntu 18.04 위에 Apache 2.4.46과 MySQL 8.0.19를 설치하였다. 이어서 PHP를 설치해보자. PHP 7.4.1 수동설치 1. PHP를 컴파일하기 위한 필수 라이브러리 설

hieunsoo.tistory.com

이제 수동 설치하는 과정인거같다

libonig 라이브러리나 다른 라이브러리를 찾아보려햇는데 잘안나온다

그리고 아까 쉘을 실행하는데 압축 푼거 뿐이다

이건 뭔지 모르겟다

ln -sT "/usr/include/$debMultiarch/curl" /usr/local/include/curl; 는 링크 파일 만드는건데 바로가기 폴더라 생각하면된다

성공적으로 만들어진걸 볼수 있다

./configure \
		--build="$gnuArch" \
		--with-config-file-path="$PHP_INI_DIR" \
		--with-config-file-scan-dir="$PHP_INI_DIR/conf.d" \
		\
# make sure invalid --configure-flags are fatal errors instead of just warnings
		--enable-option-checking=fatal \
		\
# https://github.com/docker-library/php/issues/439
		--with-mhash \
		\
# https://github.com/docker-library/php/issues/822
		--with-pic \
		\
# --enable-ftp is included here because ftp_ssl_connect() needs ftp to be compiled statically (see https://github.com/docker-library/php/issues/236)
		--enable-ftp \
# --enable-mbstring is included here because otherwise there's no way to get pecl to use it properly (see https://github.com/docker-library/php/issues/195)
		--enable-mbstring \
# --enable-mysqlnd is included here because it's harder to compile after the fact than extensions are (since it's a plugin for several extensions, not an extension in itself)
		--enable-mysqlnd \
# https://wiki.php.net/rfc/argon2_password_hash
		--with-password-argon2 \
# https://wiki.php.net/rfc/libsodium
		--with-sodium=shared \
# always build against system sqlite3 (https://github.com/php/php-src/commit/6083a387a81dbbd66d6316a3a12a63f06d5f7109)
		--with-pdo-sqlite=/usr \
		--with-sqlite3=/usr \
		\
		--with-curl \
		--with-iconv \
		--with-openssl \
		--with-readline \
		--with-zlib \
		\
# https://github.com/bwoebi/phpdbg-docs/issues/1#issuecomment-163872806 ("phpdbg is primarily a CLI debugger, and is not suitable for debugging an fpm stack.")
		--disable-phpdbg \
		\
# in PHP 7.4+, the pecl/pear installers are officially deprecated (requiring an explicit "--with-pear")
		--with-pear \
		\
# bundled pcre does not support JIT on s390x
# https://manpages.debian.org/bullseye/libpcre3-dev/pcrejit.3.en.html#AVAILABILITY_OF_JIT_SUPPORT
		$(test "$gnuArch" = 's390x-linux-gnu' && echo '--without-pcre-jit') \
		--with-libdir="lib/$debMultiarch" \
		\
		--disable-cgi \
		\
		--enable-fpm \
		--with-fpm-user=www-data \
		--with-fpm-group=www-data \
	; \

이제 실행부분 흡!! 만타잉..

옵션들을 찾기위해 help 를 쳣다

root@bec61044e599:/usr/src/php#  ./configure --help
`configure' configures PHP 8.2.6 to adapt to many kinds of systems.

Usage: ./configure [OPTION]... [VAR=VALUE]...

To assign environment variables (e.g., CC, CFLAGS...), specify them as
VAR=VALUE.  See below for descriptions of some of the useful variables.

Defaults for the options are specified in brackets.

Configuration:
  -h, --help              display this help and exit
      --help=short        display options specific to this package
      --help=recursive    display the short help of all the included packages
  -V, --version           display version information and exit
  -q, --quiet, --silent   do not print `checking ...' messages
      --cache-file=FILE   cache test results in FILE [disabled]
  -C, --config-cache      alias for `--cache-file=config.cache'
  -n, --no-create         do not create output files
      --srcdir=DIR        find the sources in DIR [configure dir or `..']

Installation directories:
  --prefix=PREFIX         install architecture-independent files in PREFIX
                          [/usr/local]
  --exec-prefix=EPREFIX   install architecture-dependent files in EPREFIX
                          [PREFIX]

By default, `make install' will install all the files in
`/usr/local/bin', `/usr/local/lib' etc.  You can specify
an installation prefix other than `/usr/local' using `--prefix',
for instance `--prefix=$HOME'.

For better control, use the options below.

Fine tuning of the installation directories:
  --bindir=DIR            user executables [EPREFIX/bin]
  --sbindir=DIR           system admin executables [EPREFIX/sbin]
  --libexecdir=DIR        program executables [EPREFIX/libexec]
  --sysconfdir=DIR        read-only single-machine data [PREFIX/etc]
  --sharedstatedir=DIR    modifiable architecture-independent data [PREFIX/com]
  --localstatedir=DIR     modifiable single-machine data [PREFIX/var]
  --runstatedir=DIR       modifiable per-process data [LOCALSTATEDIR/run]
  --libdir=DIR            object code libraries [EPREFIX/lib]
  --includedir=DIR        C header files [PREFIX/include]
  --oldincludedir=DIR     C header files for non-gcc [/usr/include]
  --datarootdir=DIR       read-only arch.-independent data root [PREFIX/share]
  --datadir=DIR           read-only architecture-independent data [DATAROOTDIR]
  --infodir=DIR           info documentation [DATAROOTDIR/info]
  --localedir=DIR         locale-dependent data [DATAROOTDIR/locale]
  --mandir=DIR            man documentation [DATAROOTDIR/man]
  --docdir=DIR            documentation root [DATAROOTDIR/doc/php]
  --htmldir=DIR           html documentation [DOCDIR]
  --dvidir=DIR            dvi documentation [DOCDIR]
  --pdfdir=DIR            pdf documentation [DOCDIR]
  --psdir=DIR             ps documentation [DOCDIR]

Program names:
  --program-prefix=PREFIX            prepend PREFIX to installed program names
  --program-suffix=SUFFIX            append SUFFIX to installed program names
  --program-transform-name=PROGRAM   run sed PROGRAM on installed program names

System types:
  --build=BUILD     configure for building on BUILD [guessed]
  --host=HOST       cross-compile to build programs to run on HOST [BUILD]
  --target=TARGET   configure for building compilers for TARGET [HOST]

Optional Features and Packages:
  --disable-option-checking  ignore unrecognized --enable/--with options
  --disable-FEATURE       do not include FEATURE (same as --enable-FEATURE=no)
  --enable-FEATURE[=ARG]  include FEATURE [ARG=yes]
  --with-PACKAGE[=ARG]    use PACKAGE [ARG=yes]
  --without-PACKAGE       do not use PACKAGE (same as --with-PACKAGE=no)
  --with-libdir=NAME      Look for libraries in .../NAME rather than .../lib
  --disable-rpath         Disable passing additional runtime library search
                          paths
  --enable-re2c-cgoto     Enable -g flag to re2c to use computed goto gcc
                          extension
  --disable-gcc-global-regs
                          whether to enable GCC global register variables

SAPI modules:

  --with-apxs2[=FILE]     Build shared Apache 2 handler module. FILE is the
                          optional pathname to the Apache apxs tool [apxs]
  --disable-cli           Disable building CLI version of PHP (this forces
                          --without-pear)
  --enable-embed[=TYPE]   EXPERIMENTAL: Enable building of embedded SAPI
                          library TYPE is either 'shared' or 'static'.
                          [TYPE=shared]
  --enable-fpm            Enable building of the fpm SAPI executable
  --with-fpm-user[=USER]  Set the user for php-fpm to run as. (default:
                          nobody)
  --with-fpm-group[=GRP]  Set the group for php-fpm to run as. For a system
                          user, this should usually be set to match the fpm
                          username (default: nobody)
  --with-fpm-systemd      Activate systemd integration
  --with-fpm-acl          Use POSIX Access Control Lists
  --with-fpm-apparmor     Support AppArmor confinement through libapparmor
  --with-fpm-selinux      Support SELinux policy library
  --enable-fuzzer         Build PHP as clang fuzzing test module (for
                          developers)
  --enable-litespeed      Build PHP as litespeed module
  --enable-phpdbg         Build phpdbg
  --enable-phpdbg-debug   Build phpdbg in debug mode
  --enable-phpdbg-readline
                          Enable readline support in phpdbg (depends on static
                          ext/readline)
  --disable-cgi           Disable building CGI version of PHP
  --with-valgrind         Enable valgrind support

General settings:

  --enable-gcov           Enable GCOV code coverage - FOR DEVELOPERS ONLY!!
  --enable-debug          Compile with debugging symbols
  --enable-debug-assertions
                          Compile with debug assertions even in release mode
  --enable-zts            Enable thread safety
  --enable-rtld-now       Use dlopen with RTLD_NOW instead of RTLD_LAZY
  --with-layout=TYPE      Set how installed files will be laid out. Type can
                          be either PHP or GNU [PHP]
  --with-config-file-path=PATH
                          Set the path in which to look for php.ini
                          [PREFIX/lib]
  --with-config-file-scan-dir=PATH
                          Set the path where to scan for configuration files
  --enable-sigchild       Enable PHP's own SIGCHLD handler
  --enable-libgcc         Enable explicitly linking against libgcc
  --disable-short-tags    Disable the short-form <? start tag by default
  --enable-dmalloc        Enable dmalloc
  --disable-ipv6          Disable IPv6 support
  --enable-dtrace         Enable DTrace support
  --enable-fd-setsize     Set size of descriptor sets
  --enable-werror         Enable -Werror
  --enable-memory-sanitizer
                          Enable memory sanitizer (clang only)
  --enable-address-sanitizer
                          Enable address sanitizer
  --enable-undefined-sanitizer
                          Enable undefined sanitizer

Extensions:

  --with-EXTENSION=shared[,PATH]

    NOTE: Not all extensions can be build as 'shared'.

    Example: --with-foobar=shared,/usr/local/foobar/

      o Builds the foobar extension as shared extension.
      o foobar package install prefix is /usr/local/foobar/


  --disable-all           Disable all extensions which are enabled by default
  --without-libxml        Build without LIBXML support
  --with-openssl          Include OpenSSL support (requires OpenSSL >= 1.0.2)
  --with-kerberos         OPENSSL: Include Kerberos support
  --with-system-ciphers   OPENSSL: Use system default cipher list instead of
                          hardcoded value
  --with-external-pcre    Use external library for PCRE support
  --without-pcre-jit      Disable PCRE JIT functionality
  --without-sqlite3       Do not include SQLite3 support.
  --with-zlib             Include ZLIB support (requires zlib >= 1.2.0.4)
  --enable-bcmath         Enable bc style precision math functions
  --with-bz2[=DIR]        Include BZip2 support
  --enable-calendar       Enable support for calendar conversion
  --disable-ctype         Disable ctype functions
  --with-curl             Include cURL support
  --enable-dba            Build DBA with bundled modules. To build shared DBA
                          extension use --enable-dba=shared
  --with-qdbm[=DIR]       DBA: QDBM support
  --with-gdbm[=DIR]       DBA: GDBM support
  --with-ndbm[=DIR]       DBA: NDBM support
  --with-db4[=DIR]        DBA: Oracle Berkeley DB 4.x or 5.x support
  --with-db3[=DIR]        DBA: Oracle Berkeley DB 3.x support
  --with-db2[=DIR]        DBA: Oracle Berkeley DB 2.x support
  --with-db1[=DIR]        DBA: Oracle Berkeley DB 1.x support/emulation
  --with-dbm[=DIR]        DBA: DBM support
  --with-tcadb[=DIR]      DBA: Tokyo Cabinet abstract DB support
  --with-lmdb[=DIR]       DBA: Lightning memory-mapped database support
  --without-cdb[=DIR]     DBA: CDB support (bundled)
  --disable-inifile       DBA: INI support (bundled)
  --disable-flatfile      DBA: FlatFile support (bundled)
  --enable-dl-test        Enable dl_test extension
  --disable-dom           Disable DOM support
  --with-enchant          Include Enchant support
  --enable-exif           Enable EXIF (metadata from images) support
  --with-ffi              Include FFI support
  --disable-fileinfo      Disable fileinfo support
  --disable-filter        Disable input filter support
  --enable-ftp            Enable FTP support
  --with-openssl-dir      FTP: Whether to enable FTP SSL support without
                          ext/openssl
  --enable-gd             Include GD support
  --with-external-gd      Use external libgd
  --with-avif             GD: Enable AVIF support (only for bundled libgd)
  --with-webp             GD: Enable WEBP support (only for bundled libgd)
  --with-jpeg             GD: Enable JPEG support (only for bundled libgd)
  --with-xpm              GD: Enable XPM support (only for bundled libgd)
  --with-freetype         GD: Enable FreeType 2 support (only for bundled
                          libgd)
  --enable-gd-jis-conv    GD: Enable JIS-mapped Japanese font support (only
                          for bundled libgd)
  --with-gettext[=DIR]    Include GNU gettext support
  --with-gmp[=DIR]        Include GNU MP support
  --with-mhash            Include mhash support
  --without-iconv[=DIR]   Exclude iconv support
  --with-imap[=DIR]       Include IMAP support. DIR is the c-client install
                          prefix
  --with-kerberos         IMAP: Include Kerberos support
  --with-imap-ssl         IMAP: Include SSL support
  --enable-intl           Enable internationalization support
  --with-ldap[=DIR]       Include LDAP support
  --with-ldap-sasl        LDAP: Build with Cyrus SASL support
  --enable-mbstring       Enable multibyte string support
  --disable-mbregex       MBSTRING: Disable multibyte regex support
  --with-mysqli           Include MySQLi support. The MySQL native driver will
                          be used
  --with-mysql-sock[=SOCKPATH]
                          MySQLi/PDO_MYSQL: Location of the MySQL unix socket
                          pointer. If unspecified, the default locations are
                          searched
  --with-oci8[=DIR]       Include Oracle Database OCI8 support. DIR defaults
                          to $ORACLE_HOME. Use
                          --with-oci8=instantclient,/path/to/instant/client/lib
                          to use an Oracle Instant Client installation
  --with-odbcver[=HEX]    Force support for the passed ODBC version. A hex
                          number is expected, default 0x0350. Use the special
                          value of 0 to prevent an explicit ODBCVER to be
                          defined.
  --with-adabas[=DIR]     Include Adabas D support [/usr/local]
  --with-sapdb[=DIR]      Include SAP DB support [/usr/local]
  --with-solid[=DIR]      Include Solid support [/usr/local/solid]
  --with-ibm-db2[=DIR]    Include IBM DB2 support [/home/db2inst1/sqllib]
  --with-empress[=DIR]    Include Empress support $EMPRESSPATH (Empress
                          Version >= 8.60 required)
  --with-empress-bcs[=DIR]
                          Include Empress Local Access support $EMPRESSPATH
                          (Empress Version >= 8.60 required)
  --with-custom-odbc[=DIR]
                          Include user defined ODBC support. DIR is ODBC
                          install base directory [/usr/local]. Make sure to
                          define CUSTOM_ODBC_LIBS and have some odbc.h in your
                          include dirs. For example, you should define
                          following for Sybase SQL Anywhere 5.5.00 on QNX,
                          prior to running this configure script:
                          CPPFLAGS="-DODBC_QNX -DSQLANY_BUG" LDFLAGS=-lunix
                          CUSTOM_ODBC_LIBS="-ldblib -lodbc"
  --with-iodbc            Include iODBC support
  --with-esoob[=DIR]      Include Easysoft OOB support
                          [/usr/local/easysoft/oob/client]
  --with-unixODBC         Include unixODBC support
  --with-dbmaker[=DIR]    Include DBMaker support
  --disable-opcache       Disable Zend OPcache support
  --disable-huge-code-pages
                          Disable copying PHP CODE pages into HUGE PAGES
  --disable-opcache-jit   Disable JIT
  --enable-pcntl          Enable pcntl support (CLI/CGI only)
  --disable-pdo           Disable PHP Data Objects support
  --with-pdo-dblib[=DIR]  PDO: DBLIB-DB support. DIR is the FreeTDS home
                          directory
  --with-pdo-firebird[=DIR]
                          PDO: Firebird support. DIR is the Firebird base
                          install directory [/opt/firebird]
  --with-pdo-mysql[=DIR]  PDO: MySQL support. DIR is the MySQL base directory.
                          If no value or mysqlnd is passed as DIR, the MySQL
                          native driver will be used
  --with-zlib-dir[=DIR]   PDO_MySQL: Set the path to libz install prefix
  --with-pdo-oci[=DIR]    PDO: Oracle OCI support. DIR defaults to
                          $ORACLE_HOME. Use
                          --with-pdo-oci=instantclient,/path/to/instant/client/lib
                          for an Oracle Instant Client installation.
  --with-pdo-odbc=flavour,dir
                          PDO: Support for 'flavour' ODBC driver. The include
                          and lib dirs are looked for under 'dir'. The
                          'flavour' can be one of: ibm-db2, iODBC, unixODBC,
                          generic. If ',dir' part is omitted, default for the
                          flavour you have selected will be used. e.g.:
                          --with-pdo-odbc=unixODBC will check for unixODBC
                          under /usr/local. You may attempt to use an
                          otherwise unsupported driver using the 'generic'
                          flavour. The syntax for generic ODBC support is:
                          --with-pdo-odbc=generic,dir,libname,ldflags,cflags.
                          When built as 'shared' the extension filename is
                          always pdo_odbc.so
  --with-pdo-pgsql[=DIR]  PDO: PostgreSQL support. DIR is the PostgreSQL base
                          install directory or the path to pg_config
  --without-pdo-sqlite    PDO: sqlite 3 support.
  --with-pgsql[=DIR]      Include PostgreSQL support. DIR is the PostgreSQL
                          base install directory or the path to pg_config
  --disable-phar          Disable phar support
  --disable-posix         Disable POSIX-like functions
  --with-pspell[=DIR]     Include PSPELL support. GNU Aspell version 0.50.0 or
                          higher required
  --with-libedit          Include libedit readline replacement (CLI/CGI only)
  --with-readline[=DIR]   Include readline support (CLI/CGI only)
  --disable-session       Disable session support
  --with-mm[=DIR]         SESSION: Include mm support for session storage
  --enable-shmop          Enable shmop support
  --disable-simplexml     Disable SimpleXML support
  --with-snmp[=DIR]       Include SNMP support
  --enable-soap           Enable SOAP support
  --enable-sockets        Enable sockets support
  --with-sodium           Include sodium support
  --with-external-libcrypt
                          Use external libcrypt or libxcrypt
  --with-password-argon2  Include Argon2 support in password_*
  --enable-sysvmsg        Enable sysvmsg support
  --enable-sysvsem        Enable System V semaphore support
  --enable-sysvshm        Enable the System V shared memory support
  --with-tidy[=DIR]       Include TIDY support
  --disable-tokenizer     Disable tokenizer support
  --disable-xml           Disable XML support
  --with-expat            XML: use expat instead of libxml2
  --disable-xmlreader     Disable XMLReader support
  --disable-xmlwriter     Disable XMLWriter support
  --with-xsl              Build with XSL support
  --enable-zend-test      Enable zend_test extension
  --with-zip              Include Zip read/write support
  --enable-mysqlnd        Enable mysqlnd explicitly, will be done implicitly
                          when required by other extensions
  --disable-mysqlnd-compression-support
                          Disable support for the MySQL compressed protocol in
                          mysqlnd

PEAR:

  --with-pear[=DIR]       Install PEAR in DIR [PREFIX/lib/php]
  --disable-fiber-asm     Disable the use of boost fiber assembly files

Zend:

  --disable-zend-signals  whether to enable zend signal handling
  --enable-zend-max-execution-timers
                          whether to enable zend max execution timers

TSRM:


Libtool:

  --enable-shared=PKGS    Build shared libraries default=yes
  --enable-static=PKGS    Build static libraries default=yes
  --enable-fast-install=PKGS
                          Optimize for fast installation default=yes
  --with-gnu-ld           Assume the C compiler uses GNU ld default=no
  --disable-libtool-lock  Avoid locking (might break parallel builds)
  --with-pic              Try to use only PIC/non-PIC objects default=use both
  --with-tags=TAGS        Include additional configurations automatic


Some influential environment variables:
  PKG_CONFIG  path to pkg-config utility
  PKG_CONFIG_PATH
              directories to add to pkg-config's search path
  PKG_CONFIG_LIBDIR
              path overriding pkg-config's built-in search path
  CC          C compiler command
  CFLAGS      C compiler flags
  LDFLAGS     linker flags, e.g. -L<lib dir> if you have libraries in a
              nonstandard directory <lib dir>
  LIBS        libraries to pass to the linker, e.g. -l<library>
  CPPFLAGS    (Objective) C/C++ preprocessor flags, e.g. -I<include dir> if
              you have headers in a nonstandard directory <include dir>
  CPP         C preprocessor
  SYSTEMD_CFLAGS
              C compiler flags for SYSTEMD, overriding pkg-config
  SYSTEMD_LIBS
              linker flags for SYSTEMD, overriding pkg-config
  CXX         C++ compiler command
  CXXFLAGS    C++ compiler flags
  CXXCPP      C++ preprocessor
  VALGRIND_CFLAGS
              C compiler flags for VALGRIND, overriding pkg-config
  VALGRIND_LIBS
              linker flags for VALGRIND, overriding pkg-config
  LIBXML_CFLAGS
              C compiler flags for LIBXML, overriding pkg-config
  LIBXML_LIBS linker flags for LIBXML, overriding pkg-config
  KERBEROS_CFLAGS
              C compiler flags for KERBEROS, overriding pkg-config
  KERBEROS_LIBS
              linker flags for KERBEROS, overriding pkg-config
  OPENSSL_CFLAGS
              C compiler flags for OPENSSL, overriding pkg-config
  OPENSSL_LIBS
              linker flags for OPENSSL, overriding pkg-config
  PCRE2_CFLAGS
              C compiler flags for PCRE2, overriding pkg-config
  PCRE2_LIBS  linker flags for PCRE2, overriding pkg-config
  SQLITE_CFLAGS
              C compiler flags for SQLITE, overriding pkg-config
  SQLITE_LIBS linker flags for SQLITE, overriding pkg-config
  ZLIB_CFLAGS C compiler flags for ZLIB, overriding pkg-config
  ZLIB_LIBS   linker flags for ZLIB, overriding pkg-config
  CURL_CFLAGS C compiler flags for CURL, overriding pkg-config
  CURL_LIBS   linker flags for CURL, overriding pkg-config
  CURL_FEATURES
              value of supported_features for libcurl, overriding pkg-config
  ENCHANT2_CFLAGS
              C compiler flags for ENCHANT2, overriding pkg-config
  ENCHANT2_LIBS
              linker flags for ENCHANT2, overriding pkg-config
  ENCHANT_CFLAGS
              C compiler flags for ENCHANT, overriding pkg-config
  ENCHANT_LIBS
              linker flags for ENCHANT, overriding pkg-config
  FFI_CFLAGS  C compiler flags for FFI, overriding pkg-config
  FFI_LIBS    linker flags for FFI, overriding pkg-config
  PNG_CFLAGS  C compiler flags for PNG, overriding pkg-config
  PNG_LIBS    linker flags for PNG, overriding pkg-config
  AVIF_CFLAGS C compiler flags for AVIF, overriding pkg-config
  AVIF_LIBS   linker flags for AVIF, overriding pkg-config
  WEBP_CFLAGS C compiler flags for WEBP, overriding pkg-config
  WEBP_LIBS   linker flags for WEBP, overriding pkg-config
  JPEG_CFLAGS C compiler flags for JPEG, overriding pkg-config
  JPEG_LIBS   linker flags for JPEG, overriding pkg-config
  XPM_CFLAGS  C compiler flags for XPM, overriding pkg-config
  XPM_LIBS    linker flags for XPM, overriding pkg-config
  FREETYPE2_CFLAGS
              C compiler flags for FREETYPE2, overriding pkg-config
  FREETYPE2_LIBS
              linker flags for FREETYPE2, overriding pkg-config
  GDLIB_CFLAGS
              C compiler flags for GDLIB, overriding pkg-config
  GDLIB_LIBS  linker flags for GDLIB, overriding pkg-config
  ICU_CFLAGS  C compiler flags for ICU, overriding pkg-config
  ICU_LIBS    linker flags for ICU, overriding pkg-config
  SASL_CFLAGS C compiler flags for SASL, overriding pkg-config
  SASL_LIBS   linker flags for SASL, overriding pkg-config
  ONIG_CFLAGS C compiler flags for ONIG, overriding pkg-config
  ONIG_LIBS   linker flags for ONIG, overriding pkg-config
  ODBC_CFLAGS C compiler flags for ODBC, overriding pkg-config
  ODBC_LIBS   linker flags for ODBC, overriding pkg-config
  CAPSTONE_CFLAGS
              C compiler flags for CAPSTONE, overriding pkg-config
  CAPSTONE_LIBS
              linker flags for CAPSTONE, overriding pkg-config
  EDIT_CFLAGS C compiler flags for EDIT, overriding pkg-config
  EDIT_LIBS   linker flags for EDIT, overriding pkg-config
  LIBSODIUM_CFLAGS
              C compiler flags for LIBSODIUM, overriding pkg-config
  LIBSODIUM_LIBS
              linker flags for LIBSODIUM, overriding pkg-config
  ARGON2_CFLAGS
              C compiler flags for ARGON2, overriding pkg-config
  ARGON2_LIBS linker flags for ARGON2, overriding pkg-config
  EXPAT_CFLAGS
              C compiler flags for EXPAT, overriding pkg-config
  EXPAT_LIBS  linker flags for EXPAT, overriding pkg-config
  XSL_CFLAGS  C compiler flags for XSL, overriding pkg-config
  XSL_LIBS    linker flags for XSL, overriding pkg-config
  EXSLT_CFLAGS
              C compiler flags for EXSLT, overriding pkg-config
  EXSLT_LIBS  linker flags for EXSLT, overriding pkg-config
  LIBZIP_CFLAGS
              C compiler flags for LIBZIP, overriding pkg-config
  LIBZIP_LIBS linker flags for LIBZIP, overriding pkg-config

Use these variables to override the choices made by `configure' or to help
it to find libraries and programs with nonstandard names/locations.

Report bugs to <https://github.com/php/php-src/issues>.
PHP home page: <https://www.php.net>.

갑자기 기부니가 안좋아졋다 ㅠ

enable-option-checking 이녀석은 없기까지한다

$(test "$gnuArch" = 's390x-linux-gnu' && echo '--without-pcre-jit') 이건 버전이 맞을때만 설정하나보다

# 명령어 정리
./configure \
	--build="$gnuArch" \
    --with-config-file-path="$PHP_INI_DIR" \
    --with-config-file-scan-dir="$PHP_INI_DIR/conf.d" \
    --enable-option-checking=fatal \
    --with-mhash \
    --with-pic \
    --enable-ftp \
    --enable-mbstring \
    --enable-mysqlnd \
    --with-password-argon2 \
    --with-sodium=shared \
    --with-pdo-sqlite=/usr \
    --with-sqlite3=/usr \
    --with-curl \
    --with-iconv \
    --with-openssl \
    --with-readline \
    --with-zlib \
    --disable-phpdbg \
    --with-pear \
    $(test "$gnuArch" = 's390x-linux-gnu' && echo '--without-pcre-jit') \
    --with-libdir="lib/$debMultiarch" \
    --disable-cgi \
    --enable-fpm \
    --with-fpm-user=www-data \
    --with-fpm-group=www-data \

make -j "$(nproc)"; 이걸 해주는데 무엇인가 만들어 지나보다

중간중간 워닝이 보이긴한다

make test로 확인도 가능한듯 (14000개 검사하기에 오래걸림)

find -type f -name '*.a' -delete; 메이크된 라이브러리를 삭제하는듯하다

make install

뭔가 된듯한데 모르겟다

결국 되긴함

이제 php 실행 하는 부분인거 같음

COPY docker-php-ext-* docker-php-entrypoint /usr/local/bin/

# sodium was built as a shared module (so that it can be replaced later if so desired), so let's enable it too (https://github.com/docker-library/php/issues/598)
RUN docker-php-ext-enable sodium

ENTRYPOINT ["docker-php-entrypoint"]
WORKDIR /var/www/html

RUN set -eux; \
	cd /usr/local/etc; \
	if [ -d php-fpm.d ]; then \
		# for some reason, upstream's php-fpm.conf.default has "include=NONE/etc/php-fpm.d/*.conf"
		sed 's!=NONE/!=!g' php-fpm.conf.default | tee php-fpm.conf > /dev/null; \
		cp php-fpm.d/www.conf.default php-fpm.d/www.conf; \
	else \
		# PHP 5.x doesn't use "include=" by default, so we'll create our own simple config that mimics PHP 7+ for consistency
		mkdir php-fpm.d; \
		cp php-fpm.conf.default php-fpm.d/www.conf; \
		{ \
			echo '[global]'; \
			echo 'include=etc/php-fpm.d/*.conf'; \
		} | tee php-fpm.conf; \
	fi; \
	{ \
		echo '[global]'; \
		echo 'error_log = /proc/self/fd/2'; \
		echo; echo '; https://github.com/docker-library/php/pull/725#issuecomment-443540114'; echo 'log_limit = 8192'; \
		echo; \
		echo '[www]'; \
		echo '; php-fpm closes STDOUT on startup, so sending logs to /proc/self/fd/1 does not work.'; \
		echo '; https://bugs.php.net/bug.php?id=73886'; \
		echo 'access.log = /proc/self/fd/2'; \
		echo; \
		echo 'clear_env = no'; \
		echo; \
		echo '; Ensure worker stdout and stderr are sent to the main error log.'; \
		echo 'catch_workers_output = yes'; \
		echo 'decorate_workers_output = no'; \
	} | tee php-fpm.d/docker.conf; \
	{ \
		echo '[global]'; \
		echo 'daemonize = no'; \
		echo; \
		echo '[www]'; \
		echo 'listen = 9000'; \
	} | tee php-fpm.d/zz-docker.conf; \
	mkdir -p "$PHP_INI_DIR/conf.d"; \
	{ \
		echo '; https://github.com/docker-library/php/issues/878#issuecomment-938595965'; \
		echo 'fastcgi.logging = Off'; \
	} > "$PHP_INI_DIR/conf.d/docker-fpm.ini"

# Override stop signal to stop process gracefully
# https://github.com/php/php-src/blob/17baa87faddc2550def3ae7314236826bc1b1398/sapi/fpm/php-fpm.8.in#L163
STOPSIGNAL SIGQUIT

EXPOSE 9000
CMD ["php-fpm"]

이부분들은 설치 확인 같은 거같다 그러니 이건 나중에 확인하는 거로 하자

!/bin/sh
set -e

extDir="$(php -d 'display_errors=stderr' -r 'echo ini_get("extension_dir");')"
cd "$extDir"

usage() {
	echo "usage: $0 [options] module-name [module-name ...]"
	echo "   ie: $0 gd mysqli"
	echo "       $0 pdo pdo_mysql"
	echo "       $0 --ini-name 0-apc.ini apcu apc"
	echo
	echo 'Possible values for module-name:'
	find -maxdepth 1 \
			-type f \
			-name '*.so' \
			-exec basename '{}' ';' \
		| sort \
		| xargs
	echo
	echo 'Some of the above modules are already compiled into PHP; please check'
	echo 'the output of "php -i" to see which modules are already loaded.'
}

opts="$(getopt -o 'h?' --long 'help,ini-name:' -- "$@" || { usage >&2 && false; })"
eval set -- "$opts"

iniName=
while true; do
	flag="$1"
	shift
	case "$flag" in
		--help|-h|'-?') usage && exit 0 ;;
		--ini-name) iniName="$1" && shift ;;
		--) break ;;
		*)
			{
				echo "error: unknown flag: $flag"
				usage
			} >&2
			exit 1
			;;
	esac
done

modules=
for module; do
	if [ -z "$module" ]; then
		continue
	fi
	if ! [ -f "$module" ] && ! [ -f "$module.so" ]; then
		echo >&2 "error: '$module' does not exist"
		echo >&2
		usage >&2
		exit 1
	fi
	modules="$modules $module"
done

if [ -z "$modules" ]; then
	usage >&2
	exit 1
fi

pm='unknown'
if [ -e /lib/apk/db/installed ]; then
	pm='apk'
fi

apkDel=
if [ "$pm" = 'apk' ]; then
	if \
		[ -n "$PHPIZE_DEPS" ] \
		&& ! apk info --installed .phpize-deps > /dev/null \
		&& ! apk info --installed .phpize-deps-configure > /dev/null \
	; then
		apk add --no-cache --virtual '.docker-php-ext-enable-deps' binutils
		apkDel='.docker-php-ext-enable-deps'
	fi
fi

for module in $modules; do
	moduleFile="$module"
	if [ -f "$module.so" ] && ! [ -f "$module" ]; then
		moduleFile="$module.so"
	fi
	if readelf --wide --syms "$moduleFile" | grep -q ' zend_extension_entry$'; then
		# https://wiki.php.net/internals/extensions#loading_zend_extensions
		line="zend_extension=$module"
	else
		line="extension=$module"
	fi

	ext="$(basename "$module")"
	ext="${ext%.*}"
	if php -d 'display_errors=stderr' -r 'exit(extension_loaded("'"$ext"'") ? 0 : 1);'; then
		# this isn't perfect, but it's better than nothing
		# (for example, 'opcache.so' presents inside PHP as 'Zend OPcache', not 'opcache')
		echo >&2
		echo >&2 "warning: $ext ($module) is already loaded!"
		echo >&2
		continue
	fi

	case "$iniName" in
		/*)
			# allow an absolute path
			ini="$iniName"
			;;
		*)
			ini="$PHP_INI_DIR/conf.d/${iniName:-"docker-php-ext-$ext.ini"}"
			;;
	esac
	if ! grep -qFx -e "$line" -e "$line.so" "$ini" 2>/dev/null; then
		echo "$line" >> "$ini"
	fi
done

if [ "$pm" = 'apk' ] && [ -n "$apkDel" ]; then
	apk del --no-network $apkDel
fi

ㅇ이제 워드 프레스 를 보자

#
# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
#
# PLEASE DO NOT EDIT IT DIRECTLY.
#

FROM php:8.2-fpm

# persistent dependencies
RUN set -eux; \
	apt-get update; \
	apt-get install -y --no-install-recommends \
# Ghostscript is required for rendering PDF previews
		ghostscript \
	; \
	rm -rf /var/lib/apt/lists/*

# install the PHP extensions we need (https://make.wordpress.org/hosting/handbook/handbook/server-environment/#php-extensions)
RUN set -ex; \
	\
	savedAptMark="$(apt-mark showmanual)"; \
	\
	apt-get update; \
	apt-get install -y --no-install-recommends \
		libfreetype6-dev \
		libicu-dev \
		libjpeg-dev \
		libmagickwand-dev \
		libpng-dev \
		libwebp-dev \
		libzip-dev \
	; \
	\
	docker-php-ext-configure gd \
		--with-freetype \
		--with-jpeg \
		--with-webp \
	; \
	docker-php-ext-install -j "$(nproc)" \
		bcmath \
		exif \
		gd \
		intl \
		mysqli \
		zip \
	; \
# https://pecl.php.net/package/imagick
	pecl install imagick-3.6.0; \
	docker-php-ext-enable imagick; \
	rm -r /tmp/pear; \
	\
# some misbehaving extensions end up outputting to stdout 🙈 (https://github.com/docker-library/wordpress/issues/669#issuecomment-993945967)
	out="$(php -r 'exit(0);')"; \
	[ -z "$out" ]; \
	err="$(php -r 'exit(0);' 3>&1 1>&2 2>&3)"; \
	[ -z "$err" ]; \
	\
	extDir="$(php -r 'echo ini_get("extension_dir");')"; \
	[ -d "$extDir" ]; \
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
	apt-mark auto '.*' > /dev/null; \
	apt-mark manual $savedAptMark; \
	ldd "$extDir"/*.so \
		| awk '/=>/ { print $3 }' \
		| sort -u \
		| xargs -r dpkg-query -S \
		| cut -d: -f1 \
		| sort -u \
		| xargs -rt apt-mark manual; \
	\
	apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
	rm -rf /var/lib/apt/lists/*; \
	\
	! { ldd "$extDir"/*.so | grep 'not found'; }; \
# check for output like "PHP Warning:  PHP Startup: Unable to load dynamic library 'foo' (tried: ...)
	err="$(php --version 3>&1 1>&2 2>&3)"; \
	[ -z "$err" ]

# set recommended PHP.ini settings
# see https://secure.php.net/manual/en/opcache.installation.php
RUN set -eux; \
	docker-php-ext-enable opcache; \
	{ \
		echo 'opcache.memory_consumption=128'; \
		echo 'opcache.interned_strings_buffer=8'; \
		echo 'opcache.max_accelerated_files=4000'; \
		echo 'opcache.revalidate_freq=2'; \
	} > /usr/local/etc/php/conf.d/opcache-recommended.ini
# https://wordpress.org/support/article/editing-wp-config-php/#configure-error-logging
RUN { \
# https://www.php.net/manual/en/errorfunc.constants.php
# https://github.com/docker-library/wordpress/issues/420#issuecomment-517839670
		echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \
		echo 'display_errors = Off'; \
		echo 'display_startup_errors = Off'; \
		echo 'log_errors = On'; \
		echo 'error_log = /dev/stderr'; \
		echo 'log_errors_max_len = 1024'; \
		echo 'ignore_repeated_errors = On'; \
		echo 'ignore_repeated_source = Off'; \
		echo 'html_errors = Off'; \
	} > /usr/local/etc/php/conf.d/error-logging.ini

RUN set -eux; \
	version='6.2.2'; \
	sha1='a355d1b975405a391c4a78f988d656b375683fb2'; \
	\
	curl -o wordpress.tar.gz -fL "https://wordpress.org/wordpress-$version.tar.gz"; \
	echo "$sha1 *wordpress.tar.gz" | sha1sum -c -; \
	\
# upstream tarballs include ./wordpress/ so this gives us /usr/src/wordpress
	tar -xzf wordpress.tar.gz -C /usr/src/; \
	rm wordpress.tar.gz; \
	\
# https://wordpress.org/support/article/htaccess/
	[ ! -e /usr/src/wordpress/.htaccess ]; \
	{ \
		echo '# BEGIN WordPress'; \
		echo ''; \
		echo 'RewriteEngine On'; \
		echo 'RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]'; \
		echo 'RewriteBase /'; \
		echo 'RewriteRule ^index\.php$ - [L]'; \
		echo 'RewriteCond %{REQUEST_FILENAME} !-f'; \
		echo 'RewriteCond %{REQUEST_FILENAME} !-d'; \
		echo 'RewriteRule . /index.php [L]'; \
		echo ''; \
		echo '# END WordPress'; \
	} > /usr/src/wordpress/.htaccess; \
	\
	chown -R www-data:www-data /usr/src/wordpress; \
# pre-create wp-content (and single-level children) for folks who want to bind-mount themes, etc so permissions are pre-created properly instead of root:root
# wp-content/cache: https://github.com/docker-library/wordpress/issues/534#issuecomment-705733507
	mkdir wp-content; \
	for dir in /usr/src/wordpress/wp-content/*/ cache; do \
		dir="$(basename "${dir%/}")"; \
		mkdir "wp-content/$dir"; \
	done; \
	chown -R www-data:www-data wp-content; \
	chmod -R 1777 wp-content

VOLUME /var/www/html

COPY --chown=www-data:www-data wp-config-docker.php /usr/src/wordpress/
COPY docker-entrypoint.sh /usr/local/bin/

ENTRYPOINT ["docker-entrypoint.sh"]
CMD ["php-fpm"]

처음 부분에 위에 만든 php8.2를 가져오는걸 볼수 있고

# install the PHP extensions we need (https://make.wordpress.org/hosting/handbook/handbook/server-environment/#php-extensions)
RUN set -ex; \
	\
	savedAptMark="$(apt-mark showmanual)"; \
	\
	apt-get update; \
	apt-get install -y --no-install-recommends \
		libfreetype6-dev \
		libicu-dev \
		libjpeg-dev \
		libmagickwand-dev \
		libpng-dev \
		libwebp-dev \
		libzip-dev \
	; \
	\
	docker-php-ext-configure gd \
		--with-freetype \
		--with-jpeg \
		--with-webp \
	; \
	docker-php-ext-install -j "$(nproc)" \
		bcmath \
		exif \
		gd \
		intl \
		mysqli \
		zip \
	; \
# https://pecl.php.net/package/imagick
	pecl install imagick-3.6.0; \
	docker-php-ext-enable imagick; \
	rm -r /tmp/pear; \
	\
# some misbehaving extensions end up outputting to stdout 🙈 (https://github.com/docker-library/wordpress/issues/669#issuecomment-993945967)
	out="$(php -r 'exit(0);')"; \
	[ -z "$out" ]; \
	err="$(php -r 'exit(0);' 3>&1 1>&2 2>&3)"; \
	[ -z "$err" ]; \
	\
	extDir="$(php -r 'echo ini_get("extension_dir");')"; \
	[ -d "$extDir" ]; \
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
	apt-mark auto '.*' > /dev/null; \
	apt-mark manual $savedAptMark; \
	ldd "$extDir"/*.so \
		| awk '/=>/ { print $3 }' \
		| sort -u \
		| xargs -r dpkg-query -S \
		| cut -d: -f1 \
		| sort -u \
		| xargs -rt apt-mark manual; \
	\
	apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
	rm -rf /var/lib/apt/lists/*; \
	\
	! { ldd "$extDir"/*.so | grep 'not found'; }; \
# check for output like "PHP Warning:  PHP Startup: Unable to load dynamic library 'foo' (tried: ...)
	err="$(php --version 3>&1 1>&2 2>&3)"; \
	[ -z "$err" ]

이부분에서 필요한 라이브러리들과

docker-php-ext-configure gd \
		--with-freetype \
		--with-jpeg \
		--with-webp \

이부분이 있는데 도커안에 php를 사용할때 상태를 알려줄수 있는 명령어인거같다

https://sangchul.kr/319

[리눅스] dockerfile docker-php-ext-install, docker-php-ext-enable, docker-php-ext-configure 명령

dockerfile docker-php-ext-install, docker-php-ext-enable, docker-php-ext-configure 명령 php 8.1 도커 컨테이너 실행 docker run -it --rm php:8.1-fpm bash php 8.1 컨테이너에 설치되어 있는 기본 모듈 root@894e0cb82f31:/var/www/html# php

sangchul.kr

그리고 gd와 빠른 무언가들을 설치하는데

docker-php-ext-install -j "$(nproc)" \
		bcmath \
		exif \
		gd \
		intl \
		mysqli \
		zip \

https://devdo9.tistory.com/entry/PHP%ED%8E%8C-GD-%EB%9D%BC%EC%9D%B4%EB%B8%8C%EB%9F%AC%EB%A6%AC%EB%9E%80

[PHP][펌] GD 라이브러리란?

GD 라이브러리란? 웹상에서 구동하는 어플리케이션에서 이미지를 효율적으로 다룰수 있게끔 고안된 "명령어의 집합"입니다. GD는 서버 관리자가 서버에 설치하는 라이브러리로써 일반 호스팅 사

devdo9.tistory.com

gd에 관한 설명이다

생각보다 php에는 필요한 모둘이 많은거같다

pecl install imagick 에는 이미지를 처리하기 위한 모듈이라는데 gd는 이미지를 효율적인 관리이고 보여주는건 아닌가보다

그리고 php에 out err 에대한 설정을 해주ㅇ고

왜 매번 삭제하는지 모르지만 purge 해주는거 같다

RUN set -eux; \
	docker-php-ext-enable opcache; \
	{ \
		echo 'opcache.memory_consumption=128'; \
		echo 'opcache.interned_strings_buffer=8'; \
		echo 'opcache.max_accelerated_files=4000'; \
		echo 'opcache.revalidate_freq=2'; \
	} > /usr/local/etc/php/conf.d/opcache-recommended.ini
# https://wordpress.org/support/article/editing-wp-config-php/#configure-error-logging

이젠 opcache 이다 이러한 php 모듈들이 속도 향상 혹은 성능 개선의 모듈같다

https://www.lesstif.com/php-and-laravel/zend-opcache-23757119.html

Zend OPcache 설치 및 설정

RHEL/CentOS 은 opcache 패키지 설치시 /etc/php.d/opcache.ini 파일에 기본 설정이 들어있으므로 이 파일을 수정해야 한다.

www.lesstif.com

그다음은 에러 체킹 파일

RUN set -eux; \
	version='6.2.2'; \
	sha1='a355d1b975405a391c4a78f988d656b375683fb2'; \
	\
	curl -o wordpress.tar.gz -fL "https://wordpress.org/wordpress-$version.tar.gz"; \
	echo "$sha1 *wordpress.tar.gz" | sha1sum -c -; \
	\
# upstream tarballs include ./wordpress/ so this gives us /usr/src/wordpress
	tar -xzf wordpress.tar.gz -C /usr/src/; \
	rm wordpress.tar.gz; \
	\
# https://wordpress.org/support/article/htaccess/
	[ ! -e /usr/src/wordpress/.htaccess ]; \
	{ \
		echo '# BEGIN WordPress'; \
		echo ''; \
		echo 'RewriteEngine On'; \
		echo 'RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]'; \
		echo 'RewriteBase /'; \
		echo 'RewriteRule ^index\.php$ - [L]'; \
		echo 'RewriteCond %{REQUEST_FILENAME} !-f'; \
		echo 'RewriteCond %{REQUEST_FILENAME} !-d'; \
		echo 'RewriteRule . /index.php [L]'; \
		echo ''; \
		echo '# END WordPress'; \
	} > /usr/src/wordpress/.htaccess; \
	\
	chown -R www-data:www-data /usr/src/wordpress; \
# pre-create wp-content (and single-level children) for folks who want to bind-mount themes, etc so permissions are pre-created properly instead of root:root
# wp-content/cache: https://github.com/docker-library/wordpress/issues/534#issuecomment-705733507
	mkdir wp-content; \
	for dir in /usr/src/wordpress/wp-content/*/ cache; do \
		dir="$(basename "${dir%/}")"; \
		mkdir "wp-content/$dir"; \
	done; \
	chown -R www-data:www-data wp-content; \
	chmod -R 1777 wp-content

드디어 php 설정이 끝나고

wordpress를 다운한다

보안해제를 위해 sha1를 가져와 주고

잘만들어진 파일을 푼다

https://m.blog.naver.com/PostView.naver?isHttpsRedirect=true&blogId=rlackd93&logNo=221311222063

wp-content 폴더 소유 변경 & 권한 변경

/var/www/html/wp-content 폴더에 유저가 업로드한 모든 파일들 (사진 등) 이 올라가있다. 하지만 wordpres...

blog.naver.com

이렇게 웹에서 오는 것을 www-data: 인터넷?유저(아파치 nigx 등등)라 하나보다 거기에 usrsrc/wordpress 접근 권한을 주는거 같은데

mkdir wp-content ;

for dir in /usr/src/wordpress/wp-content/

권한에 대한 설명 https://velog.io/@sasakwonkwon/%EB%A6%AC%EB%88%85%EC%8A%A4%EB%A6%AC%EB%88%85%EC%8A%A4-%ED%8A%B9%EC%88%98-%EA%B6%8C%ED%95%9C

[Linux]특수 권한

1. 리눅스 특수 권한 2. setUID setUID가 설정된 파일은 실행 시 일시적으로 파일 소유자의 권한으로 실행할 수 있도록 한다. 권한 설정 3. setGID setGID가 설정된 파일은 실행 시 일시적으로 파일 그룹의

velog.io

음 다된거 같은데 어디서 폴더를 지정해 주는거지?

docker-entrypoint.sh 을살 펴보자

#!/usr/bin/env bash
set -Eeuo pipefail

if [[ "$1" == apache2* ]] || [ "$1" = 'php-fpm' ]; then
	uid="$(id -u)"
	gid="$(id -g)"
	if [ "$uid" = '0' ]; then
		case "$1" in
			apache2*)
				user="${APACHE_RUN_USER:-www-data}"
				group="${APACHE_RUN_GROUP:-www-data}"

				# strip off any '#' symbol ('#1000' is valid syntax for Apache)
				pound='#'
				user="${user#$pound}"
				group="${group#$pound}"
				;;
			*) # php-fpm
				user='www-data'
				group='www-data'
				;;
		esac
	else
		user="$uid"
		group="$gid"
	fi

	if [ ! -e index.php ] && [ ! -e wp-includes/version.php ]; then
		# if the directory exists and WordPress doesn't appear to be installed AND the permissions of it are root:root, let's chown it (likely a Docker-created directory)
		if [ "$uid" = '0' ] && [ "$(stat -c '%u:%g' .)" = '0:0' ]; then
			chown "$user:$group" .
		fi

		echo >&2 "WordPress not found in $PWD - copying now..."
		if [ -n "$(find -mindepth 1 -maxdepth 1 -not -name wp-content)" ]; then
			echo >&2 "WARNING: $PWD is not empty! (copying anyhow)"
		fi
		sourceTarArgs=(
			--create
			--file -
			--directory /usr/src/wordpress
			--owner "$user" --group "$group"
		)
		targetTarArgs=(
			--extract
			--file -
		)
		if [ "$uid" != '0' ]; then
			# avoid "tar: .: Cannot utime: Operation not permitted" and "tar: .: Cannot change mode to rwxr-xr-x: Operation not permitted"
			targetTarArgs+=( --no-overwrite-dir )
		fi
		# loop over "pluggable" content in the source, and if it already exists in the destination, skip it
		# https://github.com/docker-library/wordpress/issues/506 ("wp-content" persisted, "akismet" updated, WordPress container restarted/recreated, "akismet" downgraded)
		for contentPath in \
			/usr/src/wordpress/.htaccess \
			/usr/src/wordpress/wp-content/*/*/ \
		; do
			contentPath="${contentPath%/}"
			[ -e "$contentPath" ] || continue
			contentPath="${contentPath#/usr/src/wordpress/}" # "wp-content/plugins/akismet", etc.
			if [ -e "$PWD/$contentPath" ]; then
				echo >&2 "WARNING: '$PWD/$contentPath' exists! (not copying the WordPress version)"
				sourceTarArgs+=( --exclude "./$contentPath" )
			fi
		done
		tar "${sourceTarArgs[@]}" . | tar "${targetTarArgs[@]}"
		echo >&2 "Complete! WordPress has been successfully copied to $PWD"
	fi

	wpEnvs=( "${!WORDPRESS_@}" )
	if [ ! -s wp-config.php ] && [ "${#wpEnvs[@]}" -gt 0 ]; then
		for wpConfigDocker in \
			wp-config-docker.php \
			/usr/src/wordpress/wp-config-docker.php \
		; do
			if [ -s "$wpConfigDocker" ]; then
				echo >&2 "No 'wp-config.php' found in $PWD, but 'WORDPRESS_...' variables supplied; copying '$wpConfigDocker' (${wpEnvs[*]})"
				# using "awk" to replace all instances of "put your unique phrase here" with a properly unique string (for AUTH_KEY and friends to have safe defaults if they aren't specified with environment variables)
				awk '
					/put your unique phrase here/ {
						cmd = "head -c1m /dev/urandom | sha1sum | cut -d\\  -f1"
						cmd | getline str
						close(cmd)
						gsub("put your unique phrase here", str)
					}
					{ print }
				' "$wpConfigDocker" > wp-config.php
				if [ "$uid" = '0' ]; then
					# attempt to ensure that wp-config.php is owned by the run user
					# could be on a filesystem that doesn't allow chown (like some NFS setups)
					chown "$user:$group" wp-config.php || true
				fi
				break
			fi
		done
	fi
fi

exec "$@"

처음에는 유저와 유저 그룹을 만들어 주는거 같다

www-data엿으니까 아까

드디어 찾앗다 디렉토리!!

if [ ! -e index.php ] && [ ! -e wp-includes/version.php ]; then
		# if the directory exists and WordPress doesn't appear to be installed AND the permissions of it are root:root, let's chown it (likely a Docker-created directory)
		if [ "$uid" = '0' ] && [ "$(stat -c '%u:%g' .)" = '0:0' ]; then
			chown "$user:$group" .
		fi

		echo >&2 "WordPress not found in $PWD - copying now..."
		if [ -n "$(find -mindepth 1 -maxdepth 1 -not -name wp-content)" ]; then
			echo >&2 "WARNING: $PWD is not empty! (copying anyhow)"
		fi
		sourceTarArgs=(
			--create
			--file -
			--directory /usr/src/wordpress
			--owner "$user" --group "$group"
		)
		targetTarArgs=(
			--extract
			--file -
		)
		if [ "$uid" != '0' ]; then
			# avoid "tar: .: Cannot utime: Operation not permitted" and "tar: .: Cannot change mode to rwxr-xr-x: Operation not permitted"
			targetTarArgs+=( --no-overwrite-dir )
		fi
		# loop over "pluggable" content in the source, and if it already exists in the destination, skip it
		# https://github.com/docker-library/wordpress/issues/506 ("wp-content" persisted, "akismet" updated, WordPress container restarted/recreated, "akismet" downgraded)
		for contentPath in \
			/usr/src/wordpress/.htaccess \
			/usr/src/wordpress/wp-content/*/*/ \
		; do
			contentPath="${contentPath%/}"
			[ -e "$contentPath" ] || continue
			contentPath="${contentPath#/usr/src/wordpress/}" # "wp-content/plugins/akismet", etc.
			if [ -e "$PWD/$contentPath" ]; then
				echo >&2 "WARNING: '$PWD/$contentPath' exists! (not copying the WordPress version)"
				sourceTarArgs+=( --exclude "./$contentPath" )
			fi
		done
		tar "${sourceTarArgs[@]}" . | tar "${targetTarArgs[@]}"
		echo >&2 "Complete! WordPress has been successfully copied to $PWD"
	fi

위에 소스tar 과 target tar 만들고 이 와일문

문자자르는거에 대한 설명

https://codechacha.com/ko/shell-script-substring/

Bash Shell - 문자열 자르기 (substring, split)

리눅스의 Bash shell에서 문자열을 자르는 방법을 소개합니다. 다음과 같은 Syntax로 특정 Index 범위의 문자열을 자를 수 있습니다. `offset`은 문자열이 시작하는 `index`를 입력하며, length에는 offset부터

codechacha.com

for contentPath in \
			/usr/src/wordpress/.htaccess \
			/usr/src/wordpress/wp-content/*/*/ \
		; do
			contentPath="${contentPath%/}"
			[ -e "$contentPath" ] || continue
			contentPath="${contentPath#/usr/src/wordpress/}" # "wp-content/plugins/akismet", etc.
			if [ -e "$PWD/$contentPath" ]; then
				echo >&2 "WARNING: '$PWD/$contentPath' exists! (not copying the WordPress version)"
				sourceTarArgs+=( --exclude "./$contentPath" )
			fi
		done

보면 음 .... 왜 돌리는거지 뭔가 검증할려고 한건가

다 있는지

모르겟다.. 큰일낫다 음... 좀더 공부하고 나중에 뒤져봐야지 일단 워드프레스 깔고 실행하는것부터 해봐야 겟다

'42Seoul > Docker' 카테고리의 다른 글

vmbox static network 만들기 (0)	2023.05.25
openssl tls 알고리즘 해석해주신분 + mac cpu 보는법 (0)	2023.05.18
docker search version 검색하기 (0)	2023.05.18
33. docker 메뉴얼 파해치기 Build compose (0)	2023.04.04
32. docker 메뉴얼 파해치기 Build buildKit (0)	2023.04.01

티스토리툴바

wordpress 파해치기

wordpress:6.2-php8.2-fpm

docker-entrypoint.sh 을살 펴보자

'42Seoul > Docker' 카테고리의 다른 글

티스토리툴바