# UK Data Services - Optimized Production Dockerfile FROM php:8.1-apache # Metadata LABEL maintainer="UK Data Services " LABEL description="UK Data Services website - Professional data solutions" LABEL version="1.0.0" # Install system dependencies and PHP extensions RUN apt-get update && apt-get install -y \ libpng-dev \ libjpeg-dev \ libfreetype6-dev \ libzip-dev \ libxml2-dev \ libcurl4-openssl-dev \ unzip \ wget \ && rm -rf /var/lib/apt/lists/* # Configure and install PHP extensions RUN docker-php-ext-configure gd --with-freetype --with-jpeg \ && docker-php-ext-install -j$(nproc) \ gd \ mysqli \ pdo \ pdo_mysql \ zip \ xml \ curl \ json # Enable Apache modules for production RUN a2enmod rewrite headers expires deflate ssl # Configure Apache for security and performance RUN echo "ServerName ukdataservices.local" >> /etc/apache2/apache2.conf RUN echo "ServerTokens Prod" >> /etc/apache2/apache2.conf RUN echo "ServerSignature Off" >> /etc/apache2/apache2.conf # Copy Apache configuration COPY docker/apache-config.conf /etc/apache2/sites-available/000-default.conf # Copy PHP configuration COPY docker/php.ini /usr/local/etc/php/conf.d/custom.ini # Create application directories RUN mkdir -p /var/www/html/logs \ && mkdir -p /var/www/html/uploads \ && mkdir -p /var/www/html/cache # Copy application files (excluding development files) COPY --chown=www-data:www-data . /var/www/html/ # Remove development and Git files from production image RUN rm -rf /var/www/html/.git* \ && rm -rf /var/www/html/PROJECT-MEMORY-REPORT.md \ && rm -rf /var/www/html/SITE-ERROR-ANALYSIS.md \ && rm -rf /var/www/html/docker* \ && rm -rf /var/www/html/README.md # Set correct permissions RUN chown -R www-data:www-data /var/www/html \ && find /var/www/html -type d -exec chmod 755 {} \; \ && find /var/www/html -type f -exec chmod 644 {} \; \ && chmod 755 /var/www/html/logs \ && chmod 755 /var/www/html/uploads \ && chmod 755 /var/www/html/cache # Copy and set up the enhanced .htaccess RUN cp /var/www/html/.htaccess-advanced /var/www/html/.htaccess # Health check HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \ CMD curl -f http://localhost/ || exit 1 # Security: Create non-root user for runtime (if needed) RUN groupadd -r appgroup && useradd -r -g appgroup appuser # Expose ports EXPOSE 80 EXPOSE 443 # Set working directory WORKDIR /var/www/html # Start Apache in foreground CMD ["apache2-ctl", "-D", "FOREGROUND"]