fix build issues

improve build size and speed for images.

.dockerignore

@@ -0,0 +1,39 @@
+# Ignore version control
+.git
+.gitignore
+
+# Ignore CI/CD and workflow files
+.gitea/
+.github/
+.gitlab/
+
+# Ignore local development files
+*.swp
+*.swo
+*.bak
+*.tmp
+*.log
+
+# Ignore OS and editor files
+.DS_Store
+Thumbs.db
+.vscode/
+.idea/
+
+# Ignore test and documentation files
+tests/
+docs/
+README*
+
+# Ignore node and Python artifacts (if present)
+node_modules/
+__pycache__/
+
+# Ignore build output
+dist/
+build/
+
+# Ignore secrets and configs
+*.env
+.env.*
+secrets/ 

.gitea/workflows/build-push.yaml

@@ -0,0 +1,40 @@
+name: Cloud Apache Container
+run-name: ${{ gitea.actor }} pushed a change to trunk
+on:
+  push:
+    branches:
+      - trunk
+
+jobs:
+  Build-and-Push:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        phpver: [74, 80, 81, 82, 83, 84]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to Gitea
+        uses: docker/login-action@v3
+        with:
+          registry: repo.anhonesthost.net
+          username: ${{ secrets.CI_USER }}
+          password: ${{ secrets.CI_TOKEN }}
+
+      - name: Build and Push Image
+        uses: docker/build-push-action@v6
+        with:
+          platforms: linux/amd64
+          push: true
+          build-args: |
+            PHPVER=${{ matrix.phpver }}
+          tags: |
+            repo.anhonesthost.net/cloud-hosting-platform/cac:php${{ matrix.phpver }}
+            ${{ matrix.phpver == '84' && 'repo.anhonesthost.net/cloud-hosting-platform/cac:latest' || '' }}

Dockerfile

@@ -1,23 +1,41 @@
 FROM almalinux/9-base
-ARG PHPVER=81
-#RUN dnf update -y && dnf upgrade -y
-RUN dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm -y
-RUN dnf install -y https://rpms.remirepo.net/enterprise/remi-release-9.rpm
-#RUN dnf update -y && dnf upgrade -y
-RUN dnf install -y httpd mod_ssl wget procps
-RUN openssl req -newkey rsa:2048 -nodes -keyout /etc/pki/tls/private/localhost.key -x509 -days 3650 -subj "/CN=localhost" -out /etc/pki/tls/certs/localhost.crt
-RUN mkdir /run/php-fpm/
-RUN mkdir /scripts
-COPY ./scripts/* /scripts/
+ARG PHPVER=83
+
+# Install repos, update, install only needed packages, clean up in one layer
+RUN dnf install -y \
+      https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm \
+      https://rpms.remirepo.net/enterprise/remi-release-9.rpm && \
+    dnf update -y && \
+    dnf install -y httpd mod_ssl wget procps cronie iproute && \
+    dnf clean all && \
+    rm -rf /var/cache/dnf /usr/share/doc /usr/share/man /usr/share/locale/*
+
+# Copy scripts into the image and set permissions
+COPY ./scripts/ /scripts/
 RUN chmod +x /scripts/*
-#RUN /scripts/install-php$PHPVER.sh
-RUN curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
-RUN chmod +x wp-cli.phar
-RUN mv wp-cli.phar /usr/local/bin/wp
+
+# Generate self-signed cert, create needed dirs, install PHP, clean up
+RUN openssl req -newkey rsa:2048 -nodes -keyout /etc/pki/tls/private/localhost.key -x509 -days 3650 -subj "/CN=localhost" -out /etc/pki/tls/certs/localhost.crt && \
+    mkdir -p /run/php-fpm/ && \
+    /scripts/install-php$PHPVER.sh && \
+    rm -rf /tmp/*
+
+# Download and install wp-cli (consider pinning version for reproducibility)
+RUN curl -L -o /usr/local/bin/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar && \
+    chmod +x /usr/local/bin/wp
+
+# Copy configs and web files
 COPY ./configs/default-index.conf /etc/httpd/conf.d/
 COPY ./configs/prod-php.ini /etc/php.ini
 COPY ./configs/phpinfo.php /var/www/html/
 COPY ./configs/mariadb.repo /etc/yum.repos.d/
 COPY ./configs/index.php /var/www/html/
-RUN yum clean all
+COPY ./configs/remote_ip.conf /etc/httpd/conf.d/
+
+# Set up cron job in a single layer
+RUN echo "15 */12 * * * root /scripts/log-rotate.sh" >> /etc/crontab
+
+HEALTHCHECK --interval=30s --timeout=5s --start-period=60s --retries=3 \
+  CMD curl -f http://localhost/ || exit 1
+
 ENTRYPOINT [ "/scripts/entrypoint.sh" ]

README.md

@@ -1,71 +1,134 @@
-# Cloud Apache Container #
-This is the base container for running PHP based applications.  Select the PHP version environment variables. PHP Version Defaults to PHP 8.1
+# Cloud Apache Container
 
-*__You mush have docker or compatable containerization software running.__*
+This is a base container for running PHP-based applications, supporting multiple PHP versions (7.4, 8.0, 8.1, 8.2, 8.3, 8.4). The default is PHP 8.3. The container is based on AlmaLinux 9 and uses Apache with mod_ssl. It is designed for both development and production use.
 
-__You can pull this image locally by running:__  
+**You must have Docker or compatible containerization software running.**
 
-```console
-docker pull public.ecr.aws/s1f6k4w4/cac:latest
+---
+
+## What's New?
+
+- **Optimized Image:** The Dockerfile has been refactored for smaller size, faster builds, and improved security. Unnecessary files and caches are removed during build.
+- **Pre-built Images for Each PHP Version:** On every push, images for all supported PHP versions are built and pushed to the registry. You can pull the exact version you need (e.g., `cac:php74`, `cac:php84`, or `cac:latest`).
+- **.dockerignore Added:** The build context is now minimized, making builds faster and more secure.
+
+---
+
+## Quick Start: Local Development with `local-dev.sh`
+
+The easiest way to start a local development environment is with the provided `local-dev.sh` script. This script automates container setup, volume creation, log directories, and WordPress installation.
+
+### Usage Example
+
+```bash
+./local-dev.sh -n local-dev
 ```
 
-__You can then run a development version of the server by running the following commands:__
-*Note this is an example, you can modify the command(s) to fit your needs.*
+**Flags:**
+- `-n`  Name of the container (required)
+- `-p`  HTTP port (default: 80)
+- `-s`  HTTPS port (default: 443)
+- `-r`  Root path for files and database (default: current directory)
+- `-a`  PHP version (default: 8.3; options: 74, 80, 81, 82, 83, 84)
+- `-v`  Enable verbose mode
+- `-h`  Show help
 
-```console
+The script will:
+- Create a user directory and log folders
+- Create a Docker volume for MySQL
+- Start the container with the correct environment variables
+- Generate helper scripts in your root path:
+  - `instance_start` – Start the container
+  - `instance_stop` – Stop the container
+  - `instance_logs` – Tail Apache logs
+  - `instance_db_info` – Show MySQL credentials
+- Install WordPress in your web root
+- Print MySQL credentials
+
+---
+
+## Manual Docker Usage
+
+You can also run the container manually:
+
+```bash
 mkdir -p local-development/domain.tld
 cd local-development/domain.tld
-mkdir {web,db}
-docker run -it -p 80:80 -p 443:443 -e PHPVER=81 -e environment=DEV --mount type=bind,source="$(pwd)"/web,target=/home/myuser/public_html --mount type=bind,source="$(pwd)"/db,target=/var/lib/mysql -e uid=30001 -e user=myuser -e domain=domain.tld -e serveralias=www.domain.tld --name local-dev  public.ecr.aws/s1f6k4w4/cac:latest
+mkdir user
+mkdir -p user/logs/{apache,system}
+docker run -d -it -p 80:80 -p 443:443 -e PHPVER=84 -e environment=DEV --mount type=bind,source="$(pwd)"/user,target=/home/myuser -v"$name-mysql":/var/lib/mysql -e uid=30001 -e user=myuser -e domain=localhost --name local-dev  repo.anhonesthost.net/cloud-hosting-platform/cac:latest
 ```
 
-*This will start the processes needed to run sites locally.*
+---
 
-The first time you start the container, it will take some time as it is installing all the required software to run the dev instance.
+## Accessing the Container
 
-__If you need to get into the container you can run:__
-
-```console
+```bash
 docker exec -it local-dev /bin/bash
 ```
 
-__To install WordPress for your site__  
+---
 
-```console
-cat /var/lib/mysql/creds
+## WordPress Installation
+
+If using `local-dev.sh`, WordPress is installed automatically. For manual setup:
+
+```bash
+cat /home/myuser/mysql_creds
 su - myuser
 cd ~/public_html
 wp core download
 ```
 
-You should be able to then go into your browser and go to  https://localhost (accept the SSL warning if it appears) and follow the prompts to setup the site.
+Then visit https://localhost (accept the SSL warning) to complete setup.
 
-The database credentials are shown in the /var/lib/mysql/creds file, which we had *cat* in the commands above.
+---
 
-### PHPVER ###  
-*74* - PHP 7.4  
-*80* - PHP 8.0  
-*81* - PHP 8.1  
-*82* - PHP 8.2  
+## Features
 
-### Environment Variables ###  
-__Required Tags__  
-*uid* - User ID for File Permissions  
-*user* - Username for File Permissions  
-*domain* - Primary Domain for configuration  
+- **Multiple PHP Versions:** 7.4, 8.0, 8.1, 8.2, 8.3, 8.4 (set with `PHPVER` or `-a` flag)
+- **Pre-built Images:** Pull the image for your desired PHP version directly from the registry. No need to build locally unless customizing.
+- **Optimized Build:** Smaller, faster, and more secure images thanks to the improved Dockerfile and `.dockerignore`.
+- **Automatic Database Setup:** MariaDB is started in DEV mode, credentials are auto-generated and stored in `/home/$user/mysql_creds`.
+- **Database Backups:** Cron job backs up the database every 15 minutes to `/home/$user/_db_backups`.
+- **Log Management:** Log rotation compresses logs older than 3 days and deletes those older than 7 days.
+- **Memcached:** Started automatically in DEV mode.
+- **SSL:** Self-signed certificate enabled by default.
+- **Default Web Content:** `/home/$user/public_html` is the web root. `/ping` endpoint and `phpinfo.php` are available for diagnostics.
+- **Helper Scripts:** `instance_start`, `instance_stop`, `instance_logs`, `instance_db_info` (created by `local-dev.sh`).
 
-__Optional Tags__  
-*environment* - Set to DEV to start memcached and mysql locally for development purposes  
-*serveralias* - Set to allow alternative hostnames for a site.
-*PHPVER* - Set to use a different version of PHP [refer to versions here.](#phpver) 
+---
 
-### Helpful Notes ###
+## Environment Variables
 
-* On your first creation of a dev instance, you will be dumped to the logs output.  Hit ```ctrl + c``` to exit the running process.
-* If you want to restart the instance again, run ```docker start {name-of-your-container}``` in the example, *name-of-your-cintainer* is *local-dev*
-* To stop a restarted instance, run ```docker stop {name-of-your-container}```
-* To view log stream from container, run ```docker logs -f {name-of-your-container}```
-* To delete a container, run ```docker rm {name-of-your-container}``` *__Note:__ this does not delete the files in public_html or database, as those are store in your system*
-* To view running containers, run ```docker ps```
-* To view all created containers, run ```docker ps --all``
-* To view all container images downloaded on your system, run ```docker images```
+**Required:**
+- `uid` – User ID for file permissions
+- `user` – Username for file permissions
+- `domain` – Primary domain for configuration
+
+**Optional:**
+- `environment` – Set to `DEV` to start memcached and MySQL locally for development
+- `serveralias` – Comma-separated list of alternative hostnames
+- `PHPVER` – PHP version (see above)
+
+---
+
+## Helpful Notes
+
+- To restart the instance: `./instance_start` or `docker start {container-name}`
+- To stop: `./instance_stop` or `docker stop {container-name}`
+- To view logs: `./instance_logs` or `docker logs -f {container-name}`
+- To get DB credentials: `./instance_db_info` or `cat /home/$user/mysql_creds`
+- To delete a container: `docker rm {container-name}` (does not delete user files or DB volume)
+- To view running containers: `docker ps`
+- To view all containers: `docker ps --all`
+- To view images: `docker images`
+
+---
+
+## Troubleshooting
+- The first run may take several minutes as dependencies are installed.
+- If you need to change PHP version, stop and remove the container, then recreate with the desired version.
+- For advanced configuration, see the scripts in the `scripts/` directory.
+- The image is optimized for size and speed, but local development in DEV mode may install additional packages (MariaDB, memcached) at runtime using microdnf.
+- The build context is minimized by the included `.dockerignore` file.

configs/default-index.conf

@@ -7,7 +7,7 @@ Alias "/ping" "/var/www/html"
         MaxSpareThreads         75
         ThreadLimit             64
         ThreadsPerChild         25
-        MaxRequestWorkers       800
-        ServerLimit             32
-        MaxConnectionsPerChild  1500
+        MaxRequestWorkers       150
+        ServerLimit             16
+        MaxConnectionsPerChild  500
 </IfModule>

configs/mariadb.repo

@@ -1,11 +1,11 @@
-# MariaDB 10.11 CentOS repository list - created 2023-04-03 23:52 UTC
+# MariaDB 11.4.5 CentOS repository list - created 2023-04-03 23:52 UTC
 # https://mariadb.org/download/
 [mariadb]
 name = MariaDB
 # rpm.mariadb.org is a dynamic mirror if your preferred mirror goes offline. See https://mariadb.org/mirrorbits/ for details.
 # baseurl = https://rpm.mariadb.org/10.11/centos/$releasever/$basearch
-baseurl = https://mirrors.xtom.com/mariadb/yum/10.11/centos/$releasever/$basearch
+baseurl = https://mirror.mariadb.org/yum/11.4/almalinux$releasever-amd64
 module_hotfixes = 1
 # gpgkey = https://rpm.mariadb.org/RPM-GPG-KEY-MariaDB
 gpgkey = https://mirrors.xtom.com/mariadb/yum/RPM-GPG-KEY-MariaDB
-gpgcheck = 1
+gpgcheck = 1

configs/remote_ip.conf

@@ -0,0 +1,2 @@
+RemoteIPHeader X-Forwarded-For
+LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

configs/vhost-template.tpl

@@ -40,6 +40,42 @@
     RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
 </VirtualHost>
 
+#
+# When we also provide SSL we have to listen to the
+# standard HTTPS port in addition.
+#
+Listen 443 https
+
+##
+##  SSL Global Context
+##
+##  All SSL configuration in this context applies both to
+##  the main server and all SSL-enabled virtual hosts.
+##
+
+#   Pass Phrase Dialog:
+#   Configure the pass phrase gathering process.
+#   The filtering dialog program (`builtin' is a internal
+#   terminal dialog) has to provide the pass phrase on stdout.
+SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
+
+#   Inter-Process Session Cache:
+#   Configure the SSL Session Cache: First the mechanism
+#   to use and second the expiring timeout (in seconds).
+SSLSessionCache         shmcb:/run/httpd/sslcache(512000)
+SSLSessionCacheTimeout  300
+
+#
+# Use "SSLCryptoDevice" to enable any supported hardware
+# accelerators. Use "openssl engine -v" to list supported
+# engine names.  NOTE: If you enable an accelerator and the
+# server does not start, consult the error logs and ensure
+# your accelerator is functioning properly.
+#
+SSLCryptoDevice builtin
+
+
+
 <IfModule mod_ssl.c>
   <VirtualHost _default_:443>
     ServerName "~~domain~~"

local-dev.sh

@@ -5,18 +5,20 @@ https_port='443'
 root_path="$(pwd)"
 verbose='false'
 
-while getopts 'n:p:s:r:vh' flag; do
+while getopts 'n:p:s:r:a:vh' flag; do
   case "${flag}" in
     n) name="${OPTARG}" ;;
     p) http_port="${OPTARG}" ;;
     s) https_port="${OPTARG}" ;;
     r) root_path="${OPTARG}" ;;
+    a) phpver="${OPTARG}" ;;
     v) verbose='true' ;;
     h) echo "Variables"
        echo "-n = Name of Container, Required"
        echo "-p = Non-https Port Override, default 80"
        echo "-s = Https Port Override, default 443"
        echo "-r = Root Path for files and database, defaults to current working path"
+       echo "-a = PHP App Version, Default to 8.3"
        echo "-v = Enable Verbose Mode"
        exit 1 ;;
   esac
@@ -34,16 +36,20 @@ if [ -z "$name" ]; then
     echo "Name not set, please set it with -n"
     exit 1
 fi
+
+if [ -z "$phpver" ]; then
+    phpver=83;
+fi
+
 echo "Building Docker Image..."
 user=$(whoami)
 uid=$(id -u)
-if [ ! -d "$root_path/db" ]; then
-  mkdir -p "$root_path/db";
+if [ ! -d "$root_path/user" ]; then
+  mkdir -p "$root_path/user";
+  mkdir -p "$root_path/user/logs/{apache,system}";
 fi
-if [ ! -d "$root_path/web" ]; then
-  mkdir -p "$root_path/web";
-fi
-$check_docker run -d -p "$http_port":80 -p "$https_port":443 -e PHPVER=82 -e environment=DEV --mount type=bind,source="$root_path"/web,target=/home/"$user"/public_html --mount type=bind,source="$root_path"/db,target=/var/lib/mysql -e uid="$uid" -e user="$user" -e domain="$name-local.dev" --name "$name" public.ecr.aws/s1f6k4w4/cac
+$check_docker volume create "$name-mysql"
+$check_docker run --pull=always -d -p "$http_port":80 -p "$https_port":443 -e PHPVER=$phpver -e environment=DEV --mount type=bind,source="$root_path"/user,target=/home/"$user" --mount type=bind,source="$(pwd)"/user/logs/apache,target=/etc/httpd/logs --mount type=bind,source="$(pwd)"/user/logs/system,target=/var/log  -v"$name-mysql":/var/lib/mysql -e uid="$uid" -e user="$user" -e domain="$name-local.dev" --name "$name" repo.anhonesthost.net/cloud-hosting-platform/cac:latest
 echo "Creating management scripts in root directory..."
 echo "#!/usr/bin/env bash" > "$root_path/instance_start"
 echo "docker start $name" >> "$root_path/instance_start"
@@ -54,8 +60,8 @@ echo "docker exec $name bash -c 'tail -f /etc/httpd/logs/*'" >> "$root_path/inst
 echo "#!/usr/bin/env bash" > "$root_path/instance_db_info"
 echo "docker exec $name cat /var/lib/mysql/creds" >> "$root_path/instance_db_info"
 chmod +x $root_path/instance_*
-echo "Waiting 120 seconds for setup to finish"
-sleep 120;
+echo "Waiting 160 seconds for setup to finish"
+sleep 160;
 echo "Installing WordPress..."
 wpdbuser=$(docker exec $name cat /var/lib/mysql/creds |grep User| awk -F ": " {'print $2'})
 wpdbpass=$(docker exec $name cat /var/lib/mysql/creds |grep Password| awk -F ": " {'print $2'})

pipeline/automated-build.yml

@@ -1,70 +0,0 @@
----
-resources:
-- name: cac
-  type: git
-  source:
-    uri: https://repo.anhonesthost.net/cloud-hosting-platform/cloud-apache-container.git
-    branch: trunk 
-
-- name: build-cac-74
-  type: docker-image
-  source:
-    repository: registry.dnspegasus.net/cac
-    tag: 74
-
-- name: build-cac-80
-  type: docker-image
-  source:
-    repository: registry.dnspegasus.net/cac
-    tag: 80
-
-- name: build-cac-81
-  type: docker-image
-  source:
-    repository: registry.dnspegasus.net/cac
-    tag: 81
-
-- name: build-cac-82
-  type: docker-image
-  source:
-    repository: registry.dnspegasus.net/cac
-    tag: 82
-
-jobs:
-  - name: publish-cac-74
-    plan:
-    - get: cac
-      trigger: true
-    - put: build-cac-74
-      params:
-        build: cac
-        build_args:
-          PHPVER: 74
-  - name: publish-cac-80
-    plan:
-    - get: cac
-      trigger: true
-    - put: build-cac-80
-      params:
-        build: cac
-        build_args:
-          PHPVER: 80
-  - name: publish-cac-81
-    plan:
-    - get: cac
-      trigger: true
-    - put: build-cac-81
-      params:
-        build: cac
-        build_args:
-          PHPVER: 81
-  - name: publish-cac-82
-    plan:
-    - get: cac
-      trigger: true
-    - put: build-cac-82
-      params:
-        build: cac
-        build_args:
-          PHPVER: 82
-    

scripts/create-vhost.sh

@@ -34,6 +34,12 @@ cat <<EOF > /etc/httpd/conf.d/$domain.conf
     RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
 </VirtualHost>
 
+Listen 443 https
+SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
+SSLSessionCache         shmcb:/run/httpd/sslcache(512000)
+SSLSessionCacheTimeout  300
+SSLCryptoDevice builtin
+
 <IfModule mod_ssl.c>
   <VirtualHost _default_:443>
     ServerName "$domain"

scripts/entrypoint.sh

@@ -1,29 +1,47 @@
-#!/bin/bash
+#!/usr/bin/env bash
 
 if [ -z "$PHPVER" ]; then
-  PHPVER="81";
+  PHPVER="83";
 fi
 
 adduser -u $uid $user
 
 mkdir -p /home/$user/public_html
+mkdir -p /home/$user/logs/{apache,php-fpm}
 
-chown -R $user:$user /home/$user
-chmod -R 755 /home/$user
+mv /var/log/httpd /var/log/httpd.bak
 
-/scripts/install-php$PHPVER.sh
+ln -s /home/$user/logs/apache /var/log/httpd
+ln -s /home/$user/logs/php-fpm /var/log/php-fpm
+
+rm -f /etc/httpd/conf.d/userdir.conf
+docker_network=$(ip addr show |grep eth0 |grep inet |awk -F " " {'print $2'})
+echo "RemoteIPInternalProxy $docker_network" >> /etc/httpd/conf.d/remoteip.conf
+# /scripts/install-php$PHPVER.sh
 
 /scripts/create-vhost.sh
 /scripts/create-php-config.sh
 
+if [ -f /etc/httpd/conf.d/ssl.conf ]; then
+  mv /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.bak
+fi
+
 /usr/sbin/httpd -k start
 /usr/sbin/php-fpm -y /etc/php-fpm.conf
+chown -R $user:$user /home/$user
+chmod -R 755 /home/$user
 
 if [[ $environment == 'DEV' ]]; then
   echo "Starting Dev Deployment"
-  dnf install -y MariaDB-server MariaDB-client memcached
+  mkdir -p /home/$user/_db_backups
+  # Ensure microdnf is available for installing MariaDB and memcached in DEV mode
+  if ! command -v microdnf &> /dev/null; then
+    echo "microdnf not found, installing with dnf..."
+    dnf install -y microdnf && dnf clean all
+  fi
+  microdnf install -y MariaDB-server MariaDB-client memcached
   nohup mysqld -umysql &
-  if [ ! -f /var/lib/mysql/creds ]; then
+  if [ ! -f /home/$user/mysql_creds ]; then
     echo "Give MySQL a chance to finish starting..."
     sleep 10
     mysql_user=$(tr -dc A-Za-z0-9 </dev/urandom | head -c 13 ; echo '')
@@ -33,14 +51,22 @@ if [[ $environment == 'DEV' ]]; then
     mysql -e "CREATE USER '"$mysql_user"'@'localhost' IDENTIFIED BY '"$mysql_password"';"
     mysql -e "GRANT ALL PRIVILEGES ON *.* TO '"$mysql_user"'@'localhost' WITH GRANT OPTION;"
     mysql -e "FLUSH PRIVILEGES;"
-    echo "MySQL User: "$mysql_user > /var/lib/mysql/creds
-    echo "MySQL Password: "$mysql_password >> /var/lib/mysql/creds
-    echo "MySQL Database: devdb_"$mysql_db >> /var/lib/mysql/creds
-    cat /var/lib/mysql/creds
+    echo "*/15 * * * * root /scripts/mysql-backup.sh $user devdb_$mysql_db"  >> /etc/crontab
+    echo "MySQL User: "$mysql_user > /home/$user/mysql_creds
+    echo "MySQL Password: "$mysql_password >> /home/$user/mysql_creds
+    echo "MySQL Database: devdb_"$mysql_db >> /home/$user/mysql_creds
+    cat /home/$user/mysql_creds
+
   fi
   /usr/bin/memcached -d -u $user
+  
 fi
-tail -f /etc/httpd/logs/*
+
+if [[ $environment == 'PROD' ]]; then
+    sed -r -i 's/;session.save_path="localhost:11211/session.save_path="memcache:11211/' /etc/php.d/50-memcached.ini
+fi
+/usr/sbin/crond
+tail -f /var/log/httpd/*
 
 exit 0
-  
+  

scripts/install-php74.sh

@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/usr/bin/env bash
 dnf module enable php:remi-7.4 -y
 dnf install -y php php-fpm php-mysqlnd php-xml php-pecl-zip php-sodium php-soap php-xmlrpc \
 php-pecl-redis5 php-pecl-memcached php-pecl-memcache php-pecl-ip2location php-pecl-imagick php-pecl-geoip \

scripts/install-php80.sh

@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/usr/bin/env bash
 dnf module enable php:remi-8.0 -y
 dnf install -y php php-fpm php-mysqlnd php-xml php-pecl-zip php-sodium php-soap php-pecl-xmlrpc \
 php-pecl-redis5 php-pecl-memcached php-pecl-memcache php-pecl-ip2location php-pecl-imagick php-pecl-geoip \

scripts/install-php81.sh

@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/usr/bin/env bash
 dnf module enable php:remi-8.1 -y
 dnf install -y php php-fpm php-mysqlnd php-xml php-pecl-zip php-sodium php-soap php-pecl-xmlrpc \
 php-pecl-redis5 php-pecl-memcached php-pecl-memcache php-pecl-ip2location php-pecl-imagick php-pecl-geoip \

scripts/install-php82.sh

@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/usr/bin/env bash
 dnf module enable php:remi-8.2 -y
 dnf install -y php php-fpm php-mysqlnd php-xml php-pecl-zip php-sodium php-soap php-pecl-xmlrpc \
 php-pecl-redis5 php-pecl-memcached php-pecl-memcache php-pecl-ip2location php-pecl-imagick php-pecl-geoip \

scripts/install-php83.sh

@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+dnf module enable php:remi-8.3 -y
+dnf install -y php php-fpm php-mysqlnd php-xml php-pecl-zip php-sodium php-soap php-pecl-xmlrpc \
+php-pecl-redis5 php-pecl-memcached php-pecl-memcache php-pecl-ip2location php-pecl-imagick php-pecl-geoip \
+php-mysqlnd php-mbstring php-intl php-gd libzip php-cli
+exit 0

scripts/install-php84.sh

@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+dnf module enable php:remi-8.4 -y
+dnf install -y php php-fpm php-mysqlnd php-xml php-pecl-zip php-sodium php-soap php-pecl-xmlrpc \
+php-pecl-redis5 php-pecl-memcached php-pecl-memcache php-pecl-ip2location php-pecl-imagick php-pecl-geoip \
+php-mysqlnd php-mbstring php-intl php-gd libzip php-cli
+exit 0

scripts/log-rotate.sh

@@ -0,0 +1,26 @@
+#!/usr/bin/env bash
+
+# Set the log directory
+LOG_DIR="/var/log/httpd"
+
+# Get current date
+DATE=$(date +%Y%m%d)
+
+# Rotate access log
+if [ -f "$LOG_DIR/access_log" ]; then
+    cp "$LOG_DIR/access_log" "$LOG_DIR/access_log.$DATE"
+    cat /dev/null > "$LOG_DIR/access_log"
+fi
+
+# Rotate error log
+if [ -f "$LOG_DIR/error_log" ]; then
+    cp "$LOG_DIR/error_log" "$LOG_DIR/error_log.$DATE"
+    cat /dev/null > "$LOG_DIR/error_log"
+fi
+
+# Compress logs older than 3 days
+find "$LOG_DIR" -name "*.log.*" -type f -mtime +3 -exec gzip {} \;
+
+# Delete logs older than 7 days
+find "$LOG_DIR" -name "*.log.*" -type f -mtime +7 -delete
+

scripts/mysql-backup.sh

@@ -0,0 +1,14 @@
+#!/usr/bin/env bash
+
+user=$1
+mysql_db=$2
+dt=$(date +%y%m%d-%T)
+if [ ! -d /home/$user/_db_backups ]; then
+  mkdir -p /home/$user/_db_backups
+fi
+
+/usr/bin/mysqldump $mysql_db > /home/$user/_db_backups/$mysql_db.$dt.sql
+chown -R $user:$user /home/$user/_db_backups
+/usr/bin/find /home/$user/_db_backups/ -type f -mmin +360 -delete
+
+exit 0