Switching builds to include PHP version to limit memory requirements on deploy.

improve build size and speed for images.

.dockerignore

@@ -0,0 +1,39 @@
+# Ignore version control
+.git
+.gitignore
+
+# Ignore CI/CD and workflow files
+.gitea/
+.github/
+.gitlab/
+
+# Ignore local development files
+*.swp
+*.swo
+*.bak
+*.tmp
+*.log
+
+# Ignore OS and editor files
+.DS_Store
+Thumbs.db
+.vscode/
+.idea/
+
+# Ignore test and documentation files
+tests/
+docs/
+README*
+
+# Ignore node and Python artifacts (if present)
+node_modules/
+__pycache__/
+
+# Ignore build output
+dist/
+build/
+
+# Ignore secrets and configs
+*.env
+.env.*
+secrets/ 

.gitea/workflows/build-push.yaml

@@ -8,6 +8,9 @@ on:
 jobs:
   Build-and-Push:
     runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        phpver: [74, 80, 81, 82, 83, 84]
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -16,7 +19,7 @@ jobs:
         uses: docker/setup-qemu-action@v3
 
       - name: Set up Docker Buildx
-        uses: https://github.com/docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@v3
 
       - name: Login to Gitea
         uses: docker/login-action@v3
@@ -25,10 +28,13 @@ jobs:
           username: ${{ secrets.CI_USER }}
           password: ${{ secrets.CI_TOKEN }}
 
-      - name: Build Image
+      - name: Build and Push Image
         uses: docker/build-push-action@v6
         with:
           platforms: linux/amd64
           push: true
+          build-args: |
+            PHPVER=${{ matrix.phpver }}
           tags: |
-            repo.anhonesthost.net/cloud-hosting-platform/cac:latest
+            repo.anhonesthost.net/cloud-hosting-platform/cac:php${{ matrix.phpver }}
+            ${{ matrix.phpver == '84' && 'repo.anhonesthost.net/cloud-hosting-platform/cac:latest' || '' }}

Dockerfile

@@ -1,26 +1,39 @@
 FROM almalinux/9-base
 ARG PHPVER=83
-RUN dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm -y
+
-RUN dnf install -y https://rpms.remirepo.net/enterprise/remi-release-9.rpm
+# Install repos, update, install only needed packages, clean up in one layer
-RUN dnf update -y && dnf upgrade -y
+RUN dnf install -y \
-RUN dnf install -y httpd mod_ssl wget procps cronie iproute microdnf
+      https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm \
-RUN openssl req -newkey rsa:2048 -nodes -keyout /etc/pki/tls/private/localhost.key -x509 -days 3650 -subj "/CN=localhost" -out /etc/pki/tls/certs/localhost.crt
+      https://rpms.remirepo.net/enterprise/remi-release-9.rpm && \
-RUN mkdir /run/php-fpm/
+    dnf update -y && \
-RUN mkdir /scripts
+    dnf install -y httpd mod_ssl wget procps cronie iproute && \
-COPY ./scripts/* /scripts/
+    dnf clean all && \
-RUN chmod +x /scripts/*
+    rm -rf /var/cache/dnf /usr/share/doc /usr/share/man /usr/share/locale/*
-#RUN /scripts/install-php$PHPVER.sh
+
-RUN curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
+# Generate self-signed cert, create needed dirs, copy scripts, set permissions, install PHP, clean up
-RUN chmod +x wp-cli.phar
+RUN openssl req -newkey rsa:2048 -nodes -keyout /etc/pki/tls/private/localhost.key -x509 -days 3650 -subj "/CN=localhost" -out /etc/pki/tls/certs/localhost.crt && \
-RUN mv wp-cli.phar /usr/local/bin/wp
+    mkdir -p /run/php-fpm/ /scripts && \
+    cp -r /scripts/* /scripts/ && \
+    chmod +x /scripts/* && \
+    /scripts/install-php$PHPVER.sh && \
+    rm -rf /tmp/*
+
+# Download and install wp-cli (consider pinning version for reproducibility)
+RUN curl -L -o /usr/local/bin/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar && \
+    chmod +x /usr/local/bin/wp
+
+# Copy configs and web files
 COPY ./configs/default-index.conf /etc/httpd/conf.d/
 COPY ./configs/prod-php.ini /etc/php.ini
 COPY ./configs/phpinfo.php /var/www/html/
 COPY ./configs/mariadb.repo /etc/yum.repos.d/
 COPY ./configs/index.php /var/www/html/
 COPY ./configs/remote_ip.conf /etc/httpd/conf.d/
+
+# Set up cron job in a single layer
 RUN echo "15 */12 * * * root /scripts/log-rotate.sh" >> /etc/crontab
-RUN yum clean all
+
 HEALTHCHECK --interval=30s --timeout=5s --start-period=60s --retries=3 \
   CMD curl -f http://localhost/ || exit 1
+
 ENTRYPOINT [ "/scripts/entrypoint.sh" ]

README.md

@@ -6,6 +6,14 @@ This is a base container for running PHP-based applications, supporting multiple
 
 ---
 
+## What's New?
+
+- **Optimized Image:** The Dockerfile has been refactored for smaller size, faster builds, and improved security. Unnecessary files and caches are removed during build.
+- **Pre-built Images for Each PHP Version:** On every push, images for all supported PHP versions are built and pushed to the registry. You can pull the exact version you need (e.g., `cac:php74`, `cac:php84`, or `cac:latest`).
+- **.dockerignore Added:** The build context is now minimized, making builds faster and more secure.
+
+---
+
 ## Quick Start: Local Development with `local-dev.sh`
 
 The easiest way to start a local development environment is with the provided `local-dev.sh` script. This script automates container setup, volume creation, log directories, and WordPress installation.
@@ -79,6 +87,8 @@ Then visit https://localhost (accept the SSL warning) to complete setup.
 ## Features
 
 - **Multiple PHP Versions:** 7.4, 8.0, 8.1, 8.2, 8.3, 8.4 (set with `PHPVER` or `-a` flag)
+- **Pre-built Images:** Pull the image for your desired PHP version directly from the registry. No need to build locally unless customizing.
+- **Optimized Build:** Smaller, faster, and more secure images thanks to the improved Dockerfile and `.dockerignore`.
 - **Automatic Database Setup:** MariaDB is started in DEV mode, credentials are auto-generated and stored in `/home/$user/mysql_creds`.
 - **Database Backups:** Cron job backs up the database every 15 minutes to `/home/$user/_db_backups`.
 - **Log Management:** Log rotation compresses logs older than 3 days and deletes those older than 7 days.
@@ -120,3 +130,5 @@ Then visit https://localhost (accept the SSL warning) to complete setup.
 - The first run may take several minutes as dependencies are installed.
 - If you need to change PHP version, stop and remove the container, then recreate with the desired version.
 - For advanced configuration, see the scripts in the `scripts/` directory.
+- The image is optimized for size and speed, but local development in DEV mode may install additional packages (MariaDB, memcached) at runtime using microdnf.
+- The build context is minimized by the included `.dockerignore` file.

scripts/entrypoint.sh

@@ -17,7 +17,7 @@ ln -s /home/$user/logs/php-fpm /var/log/php-fpm
 rm -f /etc/httpd/conf.d/userdir.conf
 docker_network=$(ip addr show |grep eth0 |grep inet |awk -F " " {'print $2'})
 echo "RemoteIPInternalProxy $docker_network" >> /etc/httpd/conf.d/remoteip.conf
-/scripts/install-php$PHPVER.sh
+# /scripts/install-php$PHPVER.sh
 
 /scripts/create-vhost.sh
 /scripts/create-php-config.sh
@@ -34,6 +34,11 @@ chmod -R 755 /home/$user
 if [[ $environment == 'DEV' ]]; then
   echo "Starting Dev Deployment"
   mkdir -p /home/$user/_db_backups
+  # Ensure microdnf is available for installing MariaDB and memcached in DEV mode
+  if ! command -v microdnf &> /dev/null; then
+    echo "microdnf not found, installing with dnf..."
+    dnf install -y microdnf && dnf clean all
+  fi
   microdnf install -y MariaDB-server MariaDB-client memcached
   nohup mysqld -umysql &
   if [ ! -f /home/$user/mysql_creds ]; then

scripts/install-php74.sh

@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
-microdnf module enable php:remi-7.4 -y
+dnf module enable php:remi-7.4 -y
-microdnf install -y php php-fpm php-mysqlnd php-xml php-pecl-zip php-sodium php-soap php-xmlrpc \
+dnf install -y php php-fpm php-mysqlnd php-xml php-pecl-zip php-sodium php-soap php-xmlrpc \
 php-pecl-redis5 php-pecl-memcached php-pecl-memcache php-pecl-ip2location php-pecl-imagick php-pecl-geoip \
 php-mysqlnd php-mbstring php-ioncube-loader php-intl php-gd libzip php-cli
 exit 0

scripts/install-php80.sh

@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
-microdnf module enable php:remi-8.0 -y
+dnf module enable php:remi-8.0 -y
-microdnf install -y php php-fpm php-mysqlnd php-xml php-pecl-zip php-sodium php-soap php-pecl-xmlrpc \
+dnf install -y php php-fpm php-mysqlnd php-xml php-pecl-zip php-sodium php-soap php-pecl-xmlrpc \
 php-pecl-redis5 php-pecl-memcached php-pecl-memcache php-pecl-ip2location php-pecl-imagick php-pecl-geoip \
 php-mysqlnd php-mbstring php-ioncube-loader php-intl php-gd libzip php-cli
 exit 0

scripts/install-php81.sh

@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
-microdnf module enable php:remi-8.1 -y
+dnf module enable php:remi-8.1 -y
-microdnf install -y php php-fpm php-mysqlnd php-xml php-pecl-zip php-sodium php-soap php-pecl-xmlrpc \
+dnf install -y php php-fpm php-mysqlnd php-xml php-pecl-zip php-sodium php-soap php-pecl-xmlrpc \
 php-pecl-redis5 php-pecl-memcached php-pecl-memcache php-pecl-ip2location php-pecl-imagick php-pecl-geoip \
 php-mysqlnd php-mbstring php-ioncube-loader php-intl php-gd libzip php-cli
 exit 0

scripts/install-php82.sh

@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
-microdnf module enable php:remi-8.2 -y
+dnf module enable php:remi-8.2 -y
-microdnf install -y php php-fpm php-mysqlnd php-xml php-pecl-zip php-sodium php-soap php-pecl-xmlrpc \
+dnf install -y php php-fpm php-mysqlnd php-xml php-pecl-zip php-sodium php-soap php-pecl-xmlrpc \
 php-pecl-redis5 php-pecl-memcached php-pecl-memcache php-pecl-ip2location php-pecl-imagick php-pecl-geoip \
 php-mysqlnd php-mbstring php-intl php-gd libzip php-cli
 exit 0

scripts/install-php83.sh

@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
-microdnf module enable php:remi-8.3 -y
+dnf module enable php:remi-8.3 -y
-microdnf install -y php php-fpm php-mysqlnd php-xml php-pecl-zip php-sodium php-soap php-pecl-xmlrpc \
+dnf install -y php php-fpm php-mysqlnd php-xml php-pecl-zip php-sodium php-soap php-pecl-xmlrpc \
 php-pecl-redis5 php-pecl-memcached php-pecl-memcache php-pecl-ip2location php-pecl-imagick php-pecl-geoip \
 php-mysqlnd php-mbstring php-intl php-gd libzip php-cli
 exit 0

scripts/install-php84.sh

@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
-microdnf module enable php:remi-8.4 -y
+dnf module enable php:remi-8.4 -y
-microdnf install -y php php-fpm php-mysqlnd php-xml php-pecl-zip php-sodium php-soap php-pecl-xmlrpc \
+dnf install -y php php-fpm php-mysqlnd php-xml php-pecl-zip php-sodium php-soap php-pecl-xmlrpc \
 php-pecl-redis5 php-pecl-memcached php-pecl-memcache php-pecl-ip2location php-pecl-imagick php-pecl-geoip \
 php-mysqlnd php-mbstring php-intl php-gd libzip php-cli
 exit 0