# ゲストOS: Ubuntu 24.04 LTS

FROM ubuntu:24.04


# Change Your Own UNAME, UID, GID, PASS

ENV UNAME=guest
ENV UID=1000
ENV GID=1000
ENV PASS=password

ENV SSHD_PORT=22

# 必要なパッケージのインストール

RUN apt-get update && \
    DEBIAN_FRONTEND=noninteractive apt-get install -y \
    sudo \
    bash tcsh \
    ## sshd \
    openssh-server \
    supervisor \
    net-tools iputils-tracepath traceroute iputils-ping curl iproute2 \
    ufw \
    ## fail2ban \
    locales tzdata \
    rsyslog fail2ban \
    ## https \
    apache2 \
    libapache2-mod-php \
    php-fpm \
    cron certbot \
    ## others \
    && rm -rf /var/lib/apt/lists/*

## SSH 設定: パスワード認証を有効化

RUN sed -i 's/#PasswordAuthentication yes/PasswordAuthentication yes/' /etc/ssh/sshd_config && \
    sed -i "s/^#Port.*/Port ${SSHD_PORT}/" /etc/ssh/sshd_config && \
    mkdir /var/run/sshd

## Apache 設定: ServerName エラー防止

RUN echo "ServerName localhost" >> /etc/apache2/apache2.conf

## PHP 設定
RUN sed -i 's/^;date\.timezone =.*/date\.timezone = "Asia\/Tokyo"/' /etc/php/8.3/apache2/php.ini

# PHP-FPM によるPHPの高速化
RUN sed -i \
    '/<\/VirtualHost>/i <FilesMatch "\\.php$">\n  SetHandler "proxy:unix:/var/run/php/php8.3-fpm.sock|fcgi://localhost/"\n</FilesMatch>' \
    /etc/apache2/sites-available/default-ssl.conf

RUN a2enmod proxy_fcgi setenvif
RUN a2enconf php8.3-fpm


# supervisord の設定ファイルを設置する (Daemon 起動用)

RUN mkdir -p /var/log/supervisor/conf.d
COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf


## fail2bin: ネットワーク攻撃対策

# locale 設定
RUN locale-gen ja_JP.UTF-8 && \
    update-locale LANG=ja_JP.UTF-8
ENV LANG=ja_JP.UTF-8
ENV LC_ALL=ja_JP.UTF-8


# timezone 設定
RUN ln -sf /usr/share/zoneinfo/Asia/Tokyo /etc/localtime
RUN echo 'Asia/Tokyo' > /etc/timezone

# fail2bin
COPY jail.local /etc/fail2ban


# ポート開放

EXPOSE 22 80 443


# Copy Shell Script "entrypoint.sh"

COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh

ENTRYPOINT ["/entrypoint.sh"]

CMD []