Qnap [Tuto] - Container Station - Apache + PHP

osimood

Nouveau membre
26 Septembre 2016
25
2
3
I created this tuto in order to help people who want to use Apache and PHP without having to depend on a module and to have the flexibility you have with doing things by hand.
First of all thank you to Stéphane for his QApache module that gave me the idea to try the container "path" (from Padawan to Jedi)
This set of information is mainly done to use NextCloud but can be used as a base for any PHP app

In the QNAP apps, install container than, in container :
  • Go to "Create"
  • search for "nfatrez/docker-apache24-php72"
  • Press the "Create" button
  • Go to "Advanced settings"
  • in "Network"
    • Network Mode -> NAT
    • Port forwarding:
      • 88 -> 80 - TCP
      • 448 -> 443 - TCP
  • In "Shared Folders" (You will need to map every drives you will want to access from the app!! think twice or more before or you have to do it all again). I personnaly map (in "Volume from host"):
    • /Web -> /var/www/html
    • /WhereverSharedFolderYoullStoreYourNextcloudDataIn -> /nextcloud
    • /WhatEverFolderYoullNeedToReadorWriteIn -> /YouPick
  • once the container is running, you need to SSH your NAS - once in your need to log to your container by running the following commands:
    • "docker ps" -> will give you the container IDs or your images - locate nfatrez/docker-apache24-php72 and its ID !
    • "docker exec -i -t <IDOfTheContainer> bash"
  • You're now in. Run:
    • "apt update && apt upgrade -y && apt dist-upgrade && apt-get -y autoremove" -> Will update the container, with all the latest versions and remove all the useless components
    • "dpkg-reconfigure tzdata" to set the time zone your server is located in
    • OPTIONAL: I personnally install those modules for NextCloud and also for editing files: "apt-get install -y nano php7.2-zip php7.2-mbstring apt-utils php-apcu"


  • Now, time to set up Apache config file:
    • "nano /etc/apache2/apache2.conf"
    • at the very bottom, change: ServerName <yoursubdomain>.myqnapcloud.com
    • If you need https, also add this:
      Code:
      		LoadModule ssl_module /usr/lib/apache2/modules/mod_ssl.so
      		SSLRandomSeed startup file:/dev/urandom 512
      		Listen 443
      		AddType application/x-x509-ca-cert .crt
      		AddType application/x-pkcs7-crl    .crl
      
      		<VirtualHost _default_:443>
      			Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
      			ErrorLog /dev/null
      			TransferLog /dev/null
      			SSLEngine on
      			SSLProxyCheckPeerExpire off
      			SSLProxyCheckPeerName off
      			SSLProxyCheckPeerCN off
      			SSLProxyEngine on
      			SSLHonorCipherOrder on
      			SSLCipherSuite EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:!MD5
      			SSLProtocol All -SSLv2 -SSLv3
      			SSLCertificateFile "/<forlderContainingYourCertificates>/stunnel.pem"
      			SSLCertificateChainFile "/<forlderContainingYourCertificates>/uca.pem"
      
      			<FilesMatch "\.(cgi|shtml|phtml|php)$">
      				SSLOptions +StdEnvVars
      			</FilesMatch>
      
      			BrowserMatch ".*MSIE.*" \
      				nokeepalive ssl-unclean-shutdown \
      				downgrade-1.0 force-response-1.0
      
      		</VirtualHost>
      CAREFUL about the tag: <forlderContainingYourCertificates>, you need to change it to your usage
  • For NextCloud, we need to configure the opcache:
    • edit the php.ini: "nano /etc/php/7.2/apache2/php.ini"
    • in the [opcache] section we add
      Code:
      				opcache.enable=1
      				opcache.enable_cli=1
      				opcache.interned_strings_buffer=8
      				opcache.max_accelerated_files=10000
      				opcache.memory_consumption=128
      				opcache.save_comments=1
      				opcache.revalidate_freq=1
  • Time to restart apache and see if everything works
    • first, enable module headers: "a2enmod headers"
    • Then "service apache2 restart" - if it writes OK, you're good to go
  • NOW BE CAREFULL! If you restart the container, all you just did will be LOST !!! You now need to COMMIT your changes so they become permanent:
    • Exit the container -> "exit"
    • get the ID of the container you want to commit -> "docker ps" (should be the same as the one used earlier)
    • "docker commit <IDOfTheContainer>"


Voilà, you should be good to go, let me know if you have any comments, all the best
O