Bumped version to 1.6.5

CloudronManifest.json

@@ -4,7 +4,7 @@
   "author": "Cloudron developers",
   "description": "file://DESCRIPTION.md",
   "tagline": "An empty LAMP stack (PHP 7)",
-  "version": "1.6.4",
+  "version": "1.6.5",
   "healthCheckPath": "/",
   "httpPort": 80,
   "manifestVersion": 1,
@@ -20,19 +20,12 @@
       }
     },
     "sendmail": {},
-    "redis": {},
-    "ldap": {}
-  },
-  "tcpPorts": {
-    "SFTP_PORT": {
-      "title": "SFTP Port",
-      "description": "SFTP Port. Disabling SFTP also disables phpMyAdmin",
-      "defaultValue": 2222
-    }
+    "redis": {}
   },
   "tags": [ "apache", "php", "mysql", "hosting", "lamp", "stacks", "development" ],
   "mediaLinks": [ "https://raw.githubusercontent.com/cloudron-io/lamp-app/master/medialinks/medialink_0.jpg" ],
   "changelog": "file://CHANGELOG",
-  "minBoxVersion": "1.8.5",
+  "postInstallMessage": "file://POSTINSTALL.md",
+  "minBoxVersion": "4.0.0",
   "documentationUrl": "https://cloudron.io/documentation/apps/lamp/"
 }

DESCRIPTION.md

@@ -5,10 +5,6 @@ This app only supports <upstream>PHP 7.2</upstream>
 LAMP is an archetypal model of web service stacks, named as an acronym of the names of its original four open-source components: the Linux operating system,
 the Apache HTTP Server, the MySQL relational database management system (RDBMS), and the PHP programming language.
 
-### SFTP
-
-This app also bundles [ProFTPD](http://www.proftpd.org/) which provides `sftp://` access. Use your preferred ftp client to manage all files on the server. The `public` folder contains your PHP files. You will find `php.ini` at the root directory.
-
 ### Cron
 
 This app supports running one or more cronjobs. The jobs are specified using the standard crontab syntax.

Dockerfile

@@ -1,10 +1,11 @@
 FROM docker.iske.dk/base-image:0.0.1
 
-RUN mkdir -p /app/code /run/app/sessions
+RUN mkdir -p /app/code
 WORKDIR /app/code
 
 RUN apt-get update && apt-get install -y php libapache2-mod-php crudini \
     php-redis \
+    php-apcu \
     php-bcmath \
     php-bz2 \
     php-curl \
@@ -31,9 +32,7 @@ RUN apt-get update && apt-get install -y php libapache2-mod-php crudini \
     php-validate \
     php-xml \
     php-xml-svg \
-    php-yac \
     php-zip \
-    proftpd proftpd-mod-ldap \
     cron \
     apache2-dev \
     build-essential \
@@ -43,12 +42,10 @@ RUN apt-get update && apt-get install -y php libapache2-mod-php crudini \
 RUN rm /etc/apache2/sites-enabled/*
 RUN sed -e 's,^ErrorLog.*,ErrorLog "|/bin/cat",' -i /etc/apache2/apache2.conf
 COPY apache/mpm_prefork.conf /etc/apache2/mods-available/mpm_prefork.conf
-
-RUN a2disconf other-vhosts-access-log
-ADD apache/lamp.conf /app/code/lamp.conf
-RUN ln -s /run/apache2/lamp.conf /etc/apache2/sites-enabled/lamp.conf
+COPY apache/lamp.conf /etc/apache2/sites-enabled/lamp.conf
 RUN echo "Listen 80" > /etc/apache2/ports.conf
-RUN a2enmod rewrite authnz_ldap headers rewrite expires cache
+RUN a2disconf other-vhosts-access-log
+RUN a2enmod rewrite headers rewrite expires cache
 
 # configure mod_php
 RUN crudini --set /etc/php/7.2/apache2/php.ini PHP upload_max_filesize 64M && \
@@ -77,11 +74,6 @@ RUN mkdir -p /app/code/phpmyadmin && \
     curl -L https://files.phpmyadmin.net/phpMyAdmin/4.8.3/phpMyAdmin-4.8.3-all-languages.tar.gz | tar zxvf - -C /app/code/phpmyadmin --strip-components=1
 COPY phpmyadmin-config.inc.php /app/code/phpmyadmin/config.inc.php
 
-# configure proftpd
-ADD proftpd.conf /app/code/proftpd.conf.template
-
-RUN rm -rf /var/log/proftpd && ln -s /run/proftpd /var/log/proftpd
-
 # configure cron
 RUN rm -rf /var/spool/cron && ln -s /run/cron /var/spool/cron
 # clear out the crontab
@@ -93,14 +85,18 @@ RUN mkdir /tmp/ioncube && \
     curl http://downloads.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz | tar zxvf - -C /tmp/ioncube && \
     cp /tmp/ioncube/ioncube/ioncube_loader_lin_7.2.so /usr/lib/php/20170718 && \
     rm -rf /tmp/ioncube && \
-    echo "zend_extension=/usr/lib/php/20170718/ioncube_loader_lin_7.2.so" > /etc/php/7.2/apache2/conf.d/00-ioncube.ini
+    echo "zend_extension=/usr/lib/php/20170718/ioncube_loader_lin_7.2.so" > /etc/php/7.2/apache2/conf.d/00-ioncube.ini && \
+    echo "zend_extension=/usr/lib/php/20170718/ioncube_loader_lin_7.2.so" > /etc/php/7.2/cli/conf.d/00-ioncube.ini
 
 # configure supervisor
 ADD supervisor/ /etc/supervisor/conf.d/
 RUN sed -e 's,^logfile=.*$,logfile=/run/supervisord.log,' -i /etc/supervisor/supervisord.conf
 
 # add code
-COPY start.sh index.php crontab.template /app/code/
+COPY start.sh index.php crontab.template credentials.template phpmyadmin_login.template /app/code/
+
+# lock www-data but allow su - www-data to work
+RUN passwd -l www-data && usermod --shell /bin/bash --home /app/data www-data
 
 # make cloudron exec sane
 WORKDIR /app/data

POSTINSTALL.md

@@ -0,0 +1,4 @@
+This app is setup to use a MySQL database, redis cache and ability to send emails. The database credentials are stored in `credentials.txt`. phpMyAdmin access is stored in `phpmyadmin_login.txt`.
+
+ 
+The code and credential files can be accessed via [SFTP](https://cloudron.io/documentation/apps/#ftp-access) or the [Web Terminal](https://cloudron.io/documentation/apps/#web-terminal).

README.md

@@ -1,4 +1,3 @@
-<<<<<<< HEAD
 # LAMP Stack Cloudron App
 
 This repository contains the Cloudron app package source for a plain LAMP stack.
@@ -56,6 +55,3 @@ if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
 * npm install
 * USERNAME=<> PASSWORD=<> mocha --bail test.js
 
-=======
-##lamp-app-alt
->>>>>>> 39b1eaa419ecd3e928bb94a50c820c79da99acb4

VERSION

@@ -1 +1 @@
-v1.6.4
+v1.6.5

VERSIONLOG

@@ -22,3 +22,4 @@ v1.6.1
 v1.6.2
 v1.6.3
 v1.6.4
+v1.6.5

apache/lamp.conf

@@ -22,14 +22,12 @@
     ## PMA BEGIN
 
     Alias /phpmyadmin /app/code/phpmyadmin
- 
+
     <Location /phpmyadmin>
         AuthType Basic
-        AuthBasicProvider ldap
-        AuthName "Cloudron Authorization"
-        AuthLDAPURL ldap://url/basedn?username??(objectclass=user)
-        AuthLDAPBindDN abouttochange
-        AuthLDAPBindPassword abouttochange
+        AuthBasicProvider file
+        AuthName "LAMP App Authorization"
+        AuthUserFile /app/data/.phpmyadminauth
         Require valid-user
     </Location>
 

credentials.template

@@ -0,0 +1,32 @@
+Do not edit this file. It will be overwritten on any update or app restart and is autogenerated.
+
+MySQL Credentials
+=================
+
+Hostname:   MYSQL_HOST
+Port:       MYSQL_PORT
+Username:   MYSQL_USERNAME
+Password:   MYSQL_PASSWORD
+Database:   MYSQL_DATABASE
+URL:        MYSQL_URL
+
+
+Sendmail Credentials
+====================
+
+Hostname:   MAIL_SMTP_SERVER
+Port:       MAIL_SMTP_PORT
+TLS Port:   MAIL_SMTPS_PORT
+Username:   MAIL_SMTP_USERNAME
+Password:   MAIL_SMTP_PASSWORD
+Address:    MAIL_FROM
+Domain:     MAIL_DOMAIN
+
+
+Redis Credentials
+=================
+
+Hostname:   REDIS_HOST
+Port:       REDIS_PORT
+Password:   REDIS_PASSWORD
+URL:        REDIS_URL

index.php

@@ -34,6 +34,11 @@
       width: 100%;
     }
 
+    .table {
+      border-style: solid;
+      border-width: 1px;
+    }
+
     .h, .e {
       background-color: white !important;
     }
@@ -43,81 +48,131 @@
 </head>
 <body>
 
-<h1>Cloudron LAMP App</h1>
-
 <br/>
 
-<h2>MySQL credentials</h2>
-<p>Use the following environment variables in the PHP code to access MySQL:</p>
-<pre>
-getenv("MYSQL_HOST")
-getenv("MYSQL_PORT")
-getenv("MYSQL_USERNAME")
-getenv("MYSQL_PASSWORD")
-getenv("MYSQL_DATABASE")
-</pre>
+<h1>Cloudron LAMP App</h1>
 
 <br/>
 
-<h2>SFTP Transfer</h2>
+<h2>Overview</h2>
 <p>
-  You can SFTP files to the <b>public</b> folder using  <a href="https://cyberduck.io/" target="_blank">Cyberduck</a>,
-  <a href="https://filezilla-project.org/" target="_blank">FileZilla</a> or <a href="https://www.gftp.org/" target="_blank">gFTP</a>
-  (use your cloudron credentials to authenticate).
+  <div>
+  This page is a placeholder showing information on how to use the LAMP stack.
+  This page will get overwritten, when an index.php or index.html is uploaded. You can always
+  access the database credentials from the file <code>credentials.txt</code> with <a target="_blank" href="https://cloudron.io/documentation/apps/#ftp-access">SFTP</a>.
+  <div>
+  <br/>
+  <b>The credentials shown here can only be used from within your app. They will not work from outside the Cloudron.</b>
 </p>
-<p>
-  We recommend disabling SFTP access (from Cloudron's configuration panel) once you have uploaded your code.
-</p>
-<pre>
-sftp -P 2222 surfer.nebulon.info:public/
-</pre>
 
 <br/>
 
-<h2>phpMyAdmin access</h2>
-<p>
-  You can access phpMyAdmin using your Cloudron credentials <a href="/phpmyadmin" target="_blank">here</a>.
-</p>
+<h2>MySQL Credentials</h2>
+<p>Use the following environment variables in the PHP code to access MySQL:</p>
+<table>
+  <tr>
+    <td>MYSQL_HOST</td>
+    <td><?php echo getenv("MYSQL_HOST") ?></td>
+  </tr>
+  <tr>
+    <td>MYSQL_PORT</td>
+    <td><?php echo getenv("MYSQL_PORT") ?></td>
+  </tr>
+  <tr>
+    <td>MYSQL_USERNAME</td>
+    <td><?php echo getenv("MYSQL_USERNAME") ?></td>
+  </tr>
+  <tr>
+    <td>MYSQL_PASSWORD</td>
+    <td><?php echo getenv("MYSQL_PASSWORD") ?></td>
+  </tr>
+  <tr>
+    <td>MYSQL_DATABASE</td>
+    <td><?php echo getenv("MYSQL_DATABASE") ?></td>
+  </tr>
+</table>
+
+<br/>
+
+<h2>phpMyAdmin Access</h2>
 <p>
-  Note that disabling SFTP access also disables phpMyAdmin.
+  It is installed <a href="/phpmyadmin" target="_blank">here</a>. For login credentials see phpmyadmin_login.txt via SFTP.
 </p>
 
 <br/>
 
 <h2>Cron</h2>
 <p>
-  Just put a file called crontab to the directory /app/data and it will picked up at next app restart. It has to be in the cron syntax without username
-  and must end with a newline. For example, the following crontab updates feeds every hour:
+  Put a file called <code>crontab</code> into the directory <code>/app/data</code> and it will picked up at next app restart.
+  It has to be in the cron syntax without username and must end with a newline.
+  For example, the following crontab updates feeds every hour:
 </p>
 <pre>
 0 * * * * php /app/code/update.php --feeds
-
 </pre>
 <p>
-  Commands are executed as the user www-data. See <a href="https://linux.die.net/man/5/crontab">manpage</a> for a description of the file.
+  Commands are executed as the user www-data. Generate cron patterns via <a href="http://www.crontabgenerator.com/">crontabgenerator</a>.
 </p>
 
 <br/>
 
-<h2>Addons</h2>
-<p>The app is configured to have access to the following Cloudron addons:</p>
-<ul>
-  <li><a href="https://cloudron.io/developer/addons/#mysql" target="_blank">mysql</a></li>
-  <li><a href="https://cloudron.io/developer/addons/#localstorage" target="_blank">localstorage</a></li>
-  <li><a href="https://cloudron.io/developer/addons/#sendmail" target="_blank">sendmail</a></li>
-  <li><a href="https://cloudron.io/developer/addons/#redis" target="_blank">redis</a></li>
-  <li><a href="https://cloudron.io/developer/addons/#ldap" target="_blank">ldap</a></li>
-</ul>
-<p>Read more about Cloudron addons and how to use them <a href="https://cloudron.io/developer/addons/" target="_blank">here</a>.</p>
+<h2>Sendmail Credentials</h2>
+<p>Use the following environment variables in the PHP code to send email:</p>
+<table>
+  <tr>
+    <td>MAIL_SMTP_SERVER</td>
+    <td><?php echo getenv("MAIL_SMTP_SERVER") ?></td>
+  </tr>
+  <tr>
+    <td>MAIL_SMTP_PORT</td>
+    <td><?php echo getenv("MAIL_SMTP_PORT") ?></td>
+  </tr>
+  <tr>
+    <td>MAIL_SMTPS_PORT</td>
+    <td><?php echo getenv("MAIL_SMTPS_PORT") ?></td>
+  </tr>
+  <tr>
+    <td>MAIL_SMTP_USERNAME</td>
+    <td><?php echo getenv("MAIL_SMTP_USERNAME") ?></td>
+  </tr>
+  <tr>
+    <td>MAIL_SMTP_PASSWORD</td>
+    <td><?php echo getenv("MAIL_SMTP_PASSWORD") ?></td>
+  </tr>
+  <tr>
+    <td>MAIL_FROM</td>
+    <td><?php echo getenv("MAIL_FROM") ?></td>
+  </tr>
+  <tr>
+    <td>MAIL_DOMAIN</td>
+    <td><?php echo getenv("MAIL_DOMAIN") ?></td>
+  </tr>
+</table>
 
 <br/>
 
-<h2>PHP Setup</h2>
-<?php
+<h2>Redis Credentials</h2>
+<p>Use the following environment variables in the PHP code to connect to Redis:</p>
+<table>
+  <tr>
+    <td>REDIS_URL</td>
+    <td><?php echo getenv("REDIS_URL") ?></td>
+  </tr>
+  <tr>
+    <td>REDIS_HOST</td>
+    <td><?php echo getenv("REDIS_HOST") ?></td>
+  </tr>
+  <tr>
+    <td>REDIS_PORT</td>
+    <td><?php echo getenv("REDIS_PORT") ?></td>
+  </tr>
+  <tr>
+    <td>REDIS_PASSWORD</td>
+    <td><?php echo getenv("REDIS_PASSWORD") ?></td>
+  </tr>
+</table>
 
-echo phpInfo();
-
-?>
+<br/>
 
 </body>
 </html>

phpmyadmin_login.template

@@ -0,0 +1,15 @@
+phpMyAdmin login
+================
+
+phpMyAdmin is installed at /phpmyadmin
+
+Username: admin
+Password: PASSWORD
+
+If additional users need to be given access, those can be managed through htpasswd.
+
+Add or modify a user:
+$ htpasswd /app/data/.phpmyadminauth newusername
+
+Remove a user:
+$ htpasswd -D /app/data/.phpmyadminauth oldusername

proftpd.conf

@@ -1,126 +0,0 @@
-# Includes DSO modules
-Include /etc/proftpd/modules.conf
-
-# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
-UseIPv6				off
-# If set on you can experience a longer connection delay in many cases.
-IdentLookups			off
-
-ServerName			"##SERVER_NAME"
-ServerType			standalone
-DeferWelcome			off
-
-MultilineRFC2228		on
-DefaultServer			on
-ShowSymlinks			on
-
-TimeoutNoTransfer		600
-TimeoutStalled			600
-TimeoutIdle			1200
-
-DisplayLogin                    welcome.msg
-DisplayChdir               	.message true
-ListOptions                	"-l"
-
-DenyFilter			\*.*/
-
-# Use this to jail all users in their homes
-# DefaultRoot			~
-
-# Users require a valid shell listed in /etc/shells to login.
-# Use this directive to release that constrain.
-# RequireValidShell		off
-
-# Port 21 is the standard FTP port.
-Port				0
-
-# To prevent DoS attacks, set the maximum number of child processes
-# to 30.  If you need to allow more than 30 concurrent connections
-# at once, simply increase this value.  Note that this ONLY works
-# in standalone mode, in inetd mode you should use an inetd server
-# that allows you to limit maximum number of processes per service
-# (such as xinetd)
-MaxInstances			10
-
-# Set the user and group that the server normally runs at.
-User				www-data
-Group				www-data
-
-# Umask 022 is a good standard umask to prevent new files and dirs
-# (second parm) from being group and world writable.
-Umask				022  022
-# Normally, we want files to be overwriteable.
-AllowOverwrite			on
-
-TransferLog /run/proftpd/xferlog
-SystemLog   /run/proftpd/proftpd.log
-
-<IfModule mod_quotatab.c>
-QuotaEngine off
-</IfModule>
-
-<IfModule mod_ratio.c>
-Ratios off
-</IfModule>
-
-# Delay engine reduces impact of the so-called Timing Attack described in
-# http://www.securityfocus.com/bid/11430/discuss
-# It is on by default.
-<IfModule mod_delay.c>
-DelayEngine on
-</IfModule>
-
-<IfModule mod_ctrls.c>
-ControlsEngine        off
-ControlsMaxClients    2
-ControlsLog           /var/log/proftpd/controls.log
-ControlsInterval      5
-ControlsSocket        /var/run/proftpd/proftpd.sock
-</IfModule>
-
-<IfModule mod_ctrls_admin.c>
-    AdminControlsEngine off
-</IfModule>
-
-LoadModule mod_ldap.c
-<IfModule mod_ldap.c>
-# https://forums.proftpd.org/smf/index.php?topic=6368.0
-LDAPServer "##LDAP_URL/??sub"
-LDAPBindDN "##LDAP_BIND_DN" "##LDAP_BIND_PASSWORD"
-LDAPUsers "##LDAP_USERS_BASE_DN" (username=%u)
-
-LDAPForceDefaultUID on
-LDAPDefaultUID ##LDAP_UID
-LDAPForceDefaultGID on
-LDAPDefaultGID ##LDAP_GID
-
-LDAPForceGeneratedHomedir on
-LDAPGenerateHomedir on
-LDAPGenerateHomedirPrefix /app/data
-LDAPGenerateHomedirPrefixNoUsername on
-
-#LDAPUseTLS off
-#LDAPLog /run/proftpd/ldap.log
-</IfModule>
-
-<IfModule mod_sftp.c>
-SFTPEngine on
-Port ##SFTP_PORT
-SFTPLog /run/proftpd/sftp.log
-
-# Configure both the RSA and DSA host keys, using the same host key
-# files that OpenSSH uses.
-SFTPHostKey /app/data/sftpd/ssh_host_rsa_key
-SFTPHostKey /app/data/sftpd/ssh_host_dsa_key
-
-SFTPAuthMethods password
-
-# Enable compression
-SFTPCompression delayed
-
-RequireValidShell off
-</IfModule>
-
-<Directory />
-  HideNoAccess yes
-</Directory>

start.sh

@@ -2,85 +2,68 @@
 
 set -eu
 
-mkdir -p /app/data/public /run/apache2 /run/proftpd /run/app /run/cron
+mkdir -p /app/data/public /run/apache2 /run/cron /run/app/sessions
 
-# check if any index file exists
-for f in /app/data/public/index.*; do
-    [ -e "$f" ] && echo "Do not override existing index file" || cp /app/code/index.php /app/data/public/index.php
-    break
-done
+# generate files if neither index.* or .htaccess
+if [[ -z "$(ls -A /app/data/public)" ]]; then
+    echo "==> Generate files on first run" # possibly not first run if user deleted index.*
+    cp /app/code/index.php /app/data/public/index.php
+    echo -e "#!/bin/bash\n\n# Place custom startup commands here" > /app/data/run.sh
+    touch /app/data/public/.htaccess
+else
+    echo "==> Do not override existing index file"
+fi
 
-if [ ! -f "/app/data/php.ini" ]; then
+if [[ ! -f "/app/data/php.ini" ]]; then
+    echo "==> Generating php.ini"
     cp /etc/php/7.2/apache2/php.ini.orig /app/data/php.ini
 else
     crudini --set /app/data/php.ini Session session.gc_probability 1
     crudini --set /app/data/php.ini Session session.gc_divisor 100
 fi
 
-# SFTP_PORT can be unset to disable SFTP
-disable_sftp="false"
-if [[ -z "${SFTP_PORT:-}" ]]; then
-    echo "SSH disabled"
-    SFTP_PORT=29418 # arbitrary port to keep sshd happy
-    disable_sftp="true"
-else
-    sed -e "s,##SERVER_NAME,${APP_DOMAIN}," \
-        -e "s/##SFTP_PORT/${SFTP_PORT}/" \
-        -e "s,##LDAP_URL,${LDAP_URL},g" \
-        -e "s/##LDAP_BIND_DN/${LDAP_BIND_DN}/g" \
-        -e "s/##LDAP_BIND_PASSWORD/${LDAP_BIND_PASSWORD}/g" \
-        -e "s/##LDAP_USERS_BASE_DN/${LDAP_USERS_BASE_DN}/g" \
-        -e "s/##LDAP_UID/$(id -u www-data)/g" \
-        -e "s/##LDAP_GID/$(id -g www-data)/g" \
-        /app/code/proftpd.conf.template > /run/proftpd/proftpd.conf
-
-    if [[ -f /app/data/public/index.php ]]; then
-        sed -e "s,^sftp -P.*public/$,sftp -P ${SFTP_PORT} ${APP_DOMAIN}:public/," \
-            -i /app/data/public/index.php
-    fi
-fi
-
-if [[ ! -f "/app/data/sftpd/ssh_host_ed25519_key" ]]; then
-    echo "Generating ssh host keys"
-    mkdir -p /app/data/sftpd
-    ssh-keygen -qt rsa -N '' -f /app/data/sftpd/ssh_host_rsa_key
-    ssh-keygen -qt dsa -N '' -f /app/data/sftpd/ssh_host_dsa_key
-    ssh-keygen -qt ecdsa -N '' -f /app/data/sftpd/ssh_host_ecdsa_key
-    ssh-keygen -qt ed25519 -N '' -f /app/data/sftpd/ssh_host_ed25519_key
-else
-    echo "Reusing existing host keys"
-fi
-
-chmod 0600 /app/data/sftpd/*_key
-chmod 0644 /app/data/sftpd/*.pub
-
-## Generate apache config. PMA is disabled based on SFTP config
-if [[ "${disable_sftp}" == "true" ]]; then
-    echo "PMA disabled"
-    sed '/.*PMA BEGIN/,/.*PMA END/d' /app/code/lamp.conf > /run/apache2/lamp.conf
-else
-    sed -e "s@AuthLDAPURL .*@AuthLDAPURL ${LDAP_URL}/${LDAP_USERS_BASE_DN}?username??(objectclass=user)@" \
-        -e "s@AuthLDAPBindDN .*@AuthLDAPBindDN ${LDAP_BIND_DN}@" \
-        -e "s@AuthLDAPBindPassword .*@AuthLDAPBindPassword ${LDAP_BIND_PASSWORD}@" \
-        /app/code/lamp.conf > /run/apache2/lamp.conf
-fi
-
-## hook for custom start script in /app/data/run.sh
-if [ -f "/app/data/run.sh" ]; then
-    /bin/bash /app/data/run.sh
-fi
+echo "==> Running custom startup script"
+[[ -f /app/data/run.sh ]] && /bin/bash /app/data/run.sh
 
 [[ ! -f /app/data/crontab ]] && cp /app/code/crontab.template /app/data/crontab
 
 ## configure in-container Crontab
 # http://www.gsp.com/cgi-bin/man.cgi?section=5&topic=crontab
 if ! (env; cat /app/data/crontab; echo -e '\nMAILTO=""') | crontab -u www-data -; then
-    echo "Error importing crontab. Continuing anyway"
+    echo "==> Error importing crontab. Continuing anyway"
 else
-    echo "Imported crontab"
+    echo "==> Imported crontab"
+fi
+
+# phpMyAdmin auth file
+if [[ ! -f /app/data/.phpmyadminauth ]]; then
+    echo "==> Generating phpMyAdmin authentication file"
+    PASSWORD=`pwgen -1 16`
+    htpasswd -cb /app/data/.phpmyadminauth admin "${PASSWORD}"
+    sed -e "s,PASSWORD,${PASSWORD}," /app/code/phpmyadmin_login.template > /app/data/phpmyadmin_login.txt
 fi
 
-chown -R www-data:www-data /app/data /run/apache2 /run/proftpd /run/app
+echo "==> Creating credentials.txt"
+sed -e "s,MYSQL_HOST,${MYSQL_HOST}," \
+    -e "s,MYSQL_PORT,${MYSQL_PORT}," \
+    -e "s,MYSQL_USERNAME,${MYSQL_USERNAME}," \
+    -e "s,MYSQL_PASSWORD,${MYSQL_PASSWORD}," \
+    -e "s,MYSQL_DATABASE,${MYSQL_DATABASE}," \
+    -e "s,MYSQL_URL,${MYSQL_URL}," \
+    -e "s,MAIL_SMTP_SERVER,${MAIL_SMTP_SERVER}," \
+    -e "s,MAIL_SMTP_PORT,${MAIL_SMTP_PORT}," \
+    -e "s,MAIL_SMTPS_PORT,${MAIL_SMTPS_PORT}," \
+    -e "s,MAIL_SMTP_USERNAME,${MAIL_SMTP_USERNAME}," \
+    -e "s,MAIL_SMTP_PASSWORD,${MAIL_SMTP_PASSWORD}," \
+    -e "s,MAIL_FROM,${MAIL_FROM}," \
+    -e "s,MAIL_DOMAIN,${MAIL_DOMAIN}," \
+    -e "s,REDIS_HOST,${REDIS_HOST}," \
+    -e "s,REDIS_PORT,${REDIS_PORT}," \
+    -e "s,REDIS_PASSWORD,${REDIS_PASSWORD}," \
+    -e "s,REDIS_URL,${REDIS_URL}," \
+    /app/code/credentials.template > /app/data/credentials.txt
+
+chown -R www-data:www-data /app/data /run/apache2 /run/app
 
-echo "Starting supervisord"
+echo "==> Starting Lamp stack"
 exec /usr/bin/supervisord --configuration /etc/supervisor/supervisord.conf --nodaemon -i Lamp

supervisor/proftpd.conf

@@ -1,11 +0,0 @@
-[program:proftpd]
-directory=/
-command=/usr/sbin/proftpd --nodaemon -c /run/proftpd/proftpd.conf
-user=root
-autostart=true
-autorestart=true
-stdout_logfile=/dev/stdout
-stdout_logfile_maxbytes=0
-stderr_logfile=/dev/stderr
-stderr_logfile_maxbytes=0
-