Docker image for Nginx + php-fpm + composer managed with Supervisord

Dockerfile

# Dockerfile for Nnginx + PHP + Composer
#
# Installs Nginx and PHP from official sources.
# Runs nginx and php with supervisord.
#
# Various configuration files are placed under : docker_support_files/
#
# Source files in : 
#   public         - Public facing files (nginx root for static files)
#   src            - PHP source files
#   templates      - PHP Template files
#   composer.json  - PHP composer
#   composer.lock  - PHP composer

FROM debian:jessie

# PHP - https://hub.docker.com/_/php/

# persistent / runtime deps
ENV PHPIZE_DEPS \
		autoconf \
		file \
		g++ \
		gcc \
		libc-dev \
		make \
		pkg-config \
		re2c
RUN apt-get update && apt-get install -y \
		$PHPIZE_DEPS \
		ca-certificates \
		curl \
		libedit2 \
		libsqlite3-0 \
		libxml2 \
		xz-utils \
	--no-install-recommends && rm -r /var/lib/apt/lists/*

ENV PHP_INI_DIR /usr/local/etc/php
RUN mkdir -p $PHP_INI_DIR/conf.d

ENV PHP_EXTRA_CONFIGURE_ARGS --enable-fpm --with-fpm-user=www-data --with-fpm-group=www-data

ENV GPG_KEYS 1A4E8B7277C42E53DBA9C7B9BCAA30EA9C0D5763

ENV PHP_VERSION 7.0.10
ENV PHP_FILENAME php-7.0.10.tar.xz
ENV PHP_SHA256 348476ff7ba8d95a1e28e1059430c10470c5f8110f6d9133d30153dda4cdf56a

RUN set -xe \
	&& cd /usr/src \
	&& curl -fSL "https://secure.php.net/get/$PHP_FILENAME/from/this/mirror" -o php.tar.xz \
	&& echo "$PHP_SHA256 *php.tar.xz" | sha256sum -c - \
	&& curl -fSL "https://secure.php.net/get/$PHP_FILENAME.asc/from/this/mirror" -o php.tar.xz.asc \
	&& export GNUPGHOME="$(mktemp -d)" \
	&& for key in $GPG_KEYS; do \
		gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \
	done \
	&& gpg --batch --verify php.tar.xz.asc php.tar.xz \
	&& rm -r "$GNUPGHOME"

COPY docker_support_files/docker-php-source /usr/local/bin/

RUN set -xe \
	&& buildDeps=" \
		$PHP_EXTRA_BUILD_DEPS \
		libcurl4-openssl-dev \
		libedit-dev \
		libsqlite3-dev \
		libssl-dev \
		libxml2-dev \
	" \
	&& apt-get update && apt-get install -y $buildDeps --no-install-recommends && rm -rf /var/lib/apt/lists/* \
	\
	&& docker-php-source extract \
	&& cd /usr/src/php \
	&& ./configure \
		--with-config-file-path="$PHP_INI_DIR" \
		--with-config-file-scan-dir="$PHP_INI_DIR/conf.d" \
		\
		--disable-cgi \
		\
# --enable-ftp is included here because ftp_ssl_connect() needs ftp to be compiled statically (see https://github.com/docker-library/php/issues/236)
		#--enable-ftp \
# --enable-mbstring is included here because otherwise there's no way to get pecl to use it properly (see https://github.com/docker-library/php/issues/195)
		--enable-mbstring \
# --enable-mysqlnd is included here because it's harder to compile after the fact than extensions are (since it's a plugin for several extensions, not an extension in itself)
		--enable-mysqlnd \
		\
		--with-curl \
		--with-libedit \
		--with-openssl \
		--with-zlib \
		--with-gettext \
		\
		$PHP_EXTRA_CONFIGURE_ARGS \
	&& make -j"$(nproc)" \
	&& make install \
	&& { find /usr/local/bin /usr/local/sbin -type f -executable -exec strip --strip-all '{}' + || true; } \
	&& make clean \
	&& docker-php-source delete \
	\
	&& apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $buildDeps

COPY docker_support_files/docker-php-ext-* /usr/local/bin/
RUN /usr/local/bin/docker-php-ext-install mysqli

####################

# NGINX - https://hub.docker.com/_/nginx/

ENV NGINX_VERSION 1.10.1-1~jessie

RUN apt-key adv --keyserver hkp://pgp.mit.edu:80 --recv-keys 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62 \
	&& echo "deb http://nginx.org/packages/debian/ jessie nginx" >> /etc/apt/sources.list \
	&& apt-get update \
	&& apt-get install --no-install-recommends --no-install-suggests -y \
						ca-certificates \
						nginx=${NGINX_VERSION} \
						nginx-module-xslt \
						nginx-module-geoip \
						nginx-module-image-filter \
						nginx-module-perl \
						nginx-module-njs \
						gettext-base \
	&& rm -rf /var/lib/apt/lists/*


EXPOSE 80
WORKDIR /var/www/html

####################

# Composer - https://hub.docker.com/r/composer/composer/
ENV COMPOSER_VERSION 1.2.1

# We need git for using composer
RUN apt-get update && apt-get install -y \
      git-core \
      unzip

RUN curl -o /tmp/composer-setup.php https://getcomposer.org/installer \
  && curl -o /tmp/composer-setup.sig https://composer.github.io/installer.sig \
  && php -r "if (hash('SHA384', file_get_contents('/tmp/composer-setup.php')) !== trim(file_get_contents('/tmp/composer-setup.sig'))) { unlink('/tmp/composer-setup.php'); echo 'Invalid installer' . PHP_EOL; exit(1); }"

RUN php /tmp/composer-setup.php --no-ansi --install-dir=/usr/local/bin --filename=composer --version=${COMPOSER_VERSION} && rm -rf /tmp/composer-setup.php

####################

# Install Supervisord
RUN apt-get update && apt-get install -y supervisor

####################

# Configuration files for nginx, php, supervisor
COPY docker_support_files/nginx.conf /etc/nginx/nginx.conf
COPY docker_support_files/php.ini /usr/local/etc/php/php.ini
COPY docker_support_files/php-fpm.conf /usr/local/etc/php-fpm.conf
COPY docker_support_files/www.conf /usr/local/etc/php-fpm.d/www.conf
COPY docker_support_files/supervisord.conf /etc/supervisord.conf

####################

# Install source
COPY public /var/www/html
COPY composer.json /var/www/composer.json
COPY composer.lock /var/www/composer.lock
COPY src /var/www/src
COPY templates /var/www/templates

# Make sure nginx accessible files and folders have correct owner and group
RUN chown -R www-data:www-data /var/www/.*

# Install PHP dependencies with composer
USER www-data
RUN cd /var/www \
    && composer install

####################
# Copy any additional credentials(tokens, passwords, etc) from a safe location on target machine
####################

# Run supervisord
USER root
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]