Problem with Apache when running in Docker container for ezXSS

Question

Problem with Apache when running in Docker container for ezXSS

Closed this issue 3 months ago · 0 comments

Hello!

I ran into a problem running the ezXSS container with Apache. During startup, the following error message appeared:

I install projects through Docker containers and proxy requests to it through nginx proxy manager, which handles SSL issues.

AH00526: Syntax error on line 31 of /etc/apache2/sites-enabled/default-ssl.conf: SSLCertificateFile: file '/etc/ssl/certs/ssl-cert-snakeoil.pem' does not exist or is empty

This error occurred because the default certificate (ssl-cert-snakeoil.pem) was missing in the specified directory, which prevented Apache from starting successfully.

I solved the problem by adding the creation of a certificate file to the Dockerfile. Here are the changes I made:

FROM php:8-apache

# PHP and Apache configuration
RUN mv /usr/local/etc/php/php.ini-production /usr/local/etc/php/php.ini
RUN echo "RemoteIPHeader X-Forwarded-For" >> /etc/apache2/conf-enabled/remoteip.conf
RUN echo "RemoteIPInternalProxy 172.16.0.0/12" >> /etc/apache2/conf-enabled/remoteip.conf
RUN a2enmod rewrite headers remoteip
RUN docker-php-ext-install pdo_mysql

# Install necessary packages
RUN apt-get update && \
    apt-get install -y certbot python3-certbot-apache msmtp openssl && \
    rm -rf /var/lib/apt/lists/*

# Configure Apache and SSL
RUN a2enmod ssl

# Create a self-signed certificate
RUN openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
    -keyout /etc/ssl/private/ssl-cert-snakeoil.key \
    -out /etc/ssl/certs/ssl-cert-snakeoil.pem \
    -subj "/C=US/ST=State/L=City/O=Organization/OU=Unit/CN=localhost"

COPY ./docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
RUN chmod +x /usr/local/bin/docker-entrypoint.sh

# Copy the application files
COPY . /var/www/html

# Mail alerts service configuring
ARG USE_MAIL_ALERTS
RUN if [ "$USE_MAIL_ALERTS" = "true" ]; then \
        cp ./msmtprc /etc/msmtprc; \
        chmod 640 /etc/msmtprc; \
        touch /var/log/msmtp.log; \
        chown root:www-data /etc/msmtprc; \
        chown root:www-data /var/log/msmtp.log; \
        echo "sendmail_path = /usr/bin/msmtp -t" >> /usr/local/etc/php/conf.d/php-sendmail.ini; \
    fi

RUN chmod 777 /var/www/html/assets/img

# Set the entrypoint script to initialize everything
ENTRYPOINT ["docker-entrypoint.sh"]

These changes allowed the Apache container to start successfully and avoid problems with a missing certificate.

Thanks for your work on the project! If you need more information or have questions, please let me know.