Use a stable Alpine version instead of edge to avoid untrusted signatures.

Author: tormi

Dockerfile

@@ -1,5 +1,6 @@
-FROM alpine:edge
-MAINTAINER Arnaud de Mouhy <[email protected]>
+# Use a stable Alpine version instead of edge to avoid untrusted signatures
+FROM alpine:3
+LABEL maintainer="Arnaud de Mouhy <[email protected]>"
 
 ARG VCS_REF
 ARG BUILD_DATE
@@ -14,10 +15,15 @@ LABEL org.label-schema.build-date=$BUILD_DATE \
       org.label-schema.version=$VERSION \
       org.label-schema.schema-version="1.0"
 
+# Copy custom configurations and scripts
 COPY rootfs /
+
+# Expose port 80 for Adminer
 EXPOSE 80
 
+# Run the build script and clean up
 RUN sh /build.sh && rm /build.sh
 
+# Set the entrypoint to s6 supervisor
 ENTRYPOINT ["/bin/s6-svscan", "/etc/services.d"]
 CMD []

rootfs/build.sh

@@ -2,6 +2,7 @@
 
 set -eux
 
+# Install necessary packages, including SSL support
 apk --update add \
     s6 \
     nginx \
@@ -13,7 +14,12 @@ apk --update add \
     php8-pecl-mongodb \
     php8-xml \
     php8-json \
-    php8-session
+    php8-session \
+    openssl \
+    ca-certificates
+
+# Update CA certificates for SSL
+update-ca-certificates
 
 # Fixing file upload rights
 chown -R nginx: /var/lib/nginx
@@ -28,4 +34,5 @@ sed -r -i -e 's/upload_max_filesize = [0-9]+M/upload_max_filesize = 2000M/g' \
 sed -r -i -e 's/;request_terminate_timeout = [0-9]+/request_terminate_timeout = 300/g' \
     /etc/php8/php-fpm.d/www.conf
 
+# Ensure run scripts are executable
 find /etc/services.d -name run -exec chmod 755 {} \;