diff --git a/Dockerfile b/Dockerfile index 7cf142d..17ee60d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,15 +1,15 @@ -FROM niiknow/docker-hostingbase:1.0.3 +FROM niiknow/docker-hostingbase:1.0.8 MAINTAINER friends@niiknow.org ENV DEBIAN_FRONTEND=noninteractive \ VESTA=/usr/local/vesta \ - GOLANG_VERSION=1.9.3 \ + GOLANG_VERSION=1.10 \ NGINX_BUILD_DIR=/usr/src/nginx \ NGINX_DEVEL_KIT_VERSION=0.3.0 NGINX_SET_MISC_MODULE_VERSION=0.31 \ - NGINX_VERSION=1.13.8 \ - NGINX_PAGESPEED_VERSION=1.12.34.3 \ - NGINX_PSOL_VERSION=1.12.34.2 \ + NGINX_VERSION=1.13.9 \ + NGINX_PAGESPEED_VERSION=1.13.35.2 \ + NGINX_PSOL_VERSION=1.13.35.2 \ IMAGE_FILTER_URL=https://raw.githubusercontent.com/niiknow/docker-nginx-image-proxy/master/build/src/ngx_http_image_filter_module.c # start @@ -52,7 +52,7 @@ RUN \ # update && apt-get update && apt-get -y --no-install-recommends upgrade \ - && apt-get install -y --no-install-recommends libpcre3-dev libssl-dev dpkg-dev libgd-dev iproute \ + && apt-get install -y --no-install-recommends libpcre3-dev libssl-dev dpkg-dev libgd-dev iproute uuid-dev \ # install nginx with pagespeed first so vesta config can override && mkdir -p ${NGINX_BUILD_DIR} \ @@ -69,7 +69,7 @@ RUN \ && sed -i "s/--with-http_ssl_module/--with-http_ssl_module --with-http_image_filter_module --add-module=\/usr\/src\/nginx\/ngx_devel_kit --add-module=\/usr\/src\/nginx\/set-misc-nginx-module --add-module=\/usr\/src\/nginx\/ngx_pagespeed-latest-stable/g" ${NGINX_BUILD_DIR}/nginx-${NGINX_VERSION}/debian/rules \ # Load Pagespeed module, PSOL and nginx - && curl -SL https://github.com/pagespeed/ngx_pagespeed/archive/v${NGINX_PAGESPEED_VERSION}-stable.zip -o ${NGINX_BUILD_DIR}/latest-stable.zip \ + && curl -SL https://github.com/apache/incubator-pagespeed-ngx/archive/v${NGINX_PAGESPEED_VERSION}-stable.zip -o latest-stable.zip \ && unzip latest-stable.zip \ && mv incubator-pagespeed-ngx-${NGINX_PAGESPEED_VERSION}-stable ngx_pagespeed-latest-stable \ && cd ngx_pagespeed-latest-stable \ @@ -166,7 +166,7 @@ RUN \ # install nodejs, memcached, redis-server, openvpn, mongodb, dotnet-sdk, and couchdb && apt-get install -yf --no-install-recommends nodejs memcached php-memcached redis-server \ - openvpn mongodb-org php-mongodb couchdb dotnet-sdk-2.1.4 \ + openvpn mongodb-org php-mongodb couchdb dotnet-sdk-2.1.101 \ # setting upawscli, golang # awscli @@ -474,7 +474,6 @@ RUN \ && sed -i -e 's:^save:# save:g' \ -e 's:^bind:# bind:g' \ -e 's:^logfile:# logfile:' \ - -e 's:daemonize yes:daemonize no:' \ -e 's:# maxmemory \(.*\)$:maxmemory 256mb:' \ -e 's:# maxmemory-policy \(.*\)$:maxmemory-policy allkeys-lru:' \ /etc/redis/redis.conf \ diff --git a/README.md b/README.md index e0fd3c0..9ccf8e4 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ What's included? * ubuntu 16.04 lts + Vesta 0.9.8-18 * nginx (proxy) -> apache2 -> php-fcgi - high performance and flexible implementation * added ability to also run php-fpm -* ssh/sftp, letsencrypt, memcached, redis, MariaDB 10.1, postgresql 9.5, nodejs 8.x, golang 1.9, openvpn, mongodb, couchdb, .net core 2.0 runtime +* ssh/sftp, letsencrypt, memcached, redis, MariaDB 10.2, postgresql 9.5, nodejs 8.x, golang 1.10, openvpn, mongodb, couchdb, .net core 2.0 runtime * folder redirection for data persistence and automatic daily backup provided by VestaCP * DNS, named, dovecot/roundcube, spamassassin, clamav, etc... -- disabled by default * vesta panel SSL (LE-issued) for mail and control panel - provide $VESTA_DOMAIN environment variable @@ -41,7 +41,7 @@ FTP was not installed on purpose because it's not secure. Use SFTP instead on t - [x] **Dovecot/roundcube email, phpmyadmin, phppgadmin, and DNS services** are disabled by default. Look at /home/admin/bin/my-startup.sh for instruction on how to re-enable these services. ### misc/tested/verified -- [x] ssh/sftp, nginx, apache2, php7.1 + v8js +- [x] ssh/sftp, nginx, apache2, php7.0+ & v8js - [x] log viewing in Vesta - [x] backup and restore - [x] Vesta FileManager @@ -75,12 +75,17 @@ If you use this Docker for hosting and allow your user to login, I also recommen Enjoy!!! ## Release Notes -1.1.0 - starting from this version, we upgraded to MariaDB 10.2, please login as root and run the command: +1.1.9 - Update to be more secure and compliance. A bunch of security issues discovered during the holidays were patched by various vendors including cpu (meltdown & spectre) and .net core issues: + ``` -# mysql_upgrade --verbose -u root -p -# service mysql restart +- php 5.6 v8js no longer supported due to security issues resulting in older v8 deprecation. +- update nginx to 1.13.9 - rebuilt with latest ngx_pagespeed +- update golang 1.10 +- update to dotnet-sdk-2.1.101 +- update from 3.4 to 3.6 for mongodb ``` -And finish by restarting the docker container. + +1.1.0 - starting from this version, we upgraded to MariaDB 10.2. 1.0.8 - introducing vesta 0.9.8-18, update to this docker image then run */bin/vesta-update.sh* to update Vesta.