Merge branch '6621-update-to-php82' into 'master'

6621 update to php82

See merge request !2

.gitignore

-/nbproject/
 /packages/
 /public_html/inc_config.php
+/public_html/packages/used_hashes.txt
 /shellscripts/getfile.sh.cfg
+/static/*
+/tests/hello.txt

docker/.env

+# ======================================================================
+#
+# GENERATED BY init.sh - template: ./templates/dot_env - e2cde05722688ff85d3a93e9cd55787e
+# values to be used in docker-composer.yml
+#
+# ======================================================================
+
+# ----- application
+APP_NAME=ci-pkg
+
+# uid of www-data in the docker container
+DOCKER_USER_UID=33
+
+APP_PORT=8001
+WEBROOT=/var/www/ci-pkg/public_html
+

docker/containers/db-server/mariadb/my.cnf

+[mysqld]
+; collation-server = utf8mb4_unicode_ci
+; character-set-server = utf8mb4
\ No newline at end of file

docker/containers/web-server/Dockerfile

+#
+# GENERATED BY init.sh - template: ./templates/web-server-Dockerfile - 42dce773c83597a7d05af398bdd66d15
+#
+FROM php:8.2-apache
+
+# install packages
+RUN apt-get update && apt-get install -y git unzip zip libapache2-mod-xsendfile
+
+# enable apache modules
+RUN a2enmod xsendfile
+
+# install php packages
+COPY --from=mlocati/php-extension-installer /usr/bin/install-php-extensions /usr/local/bin/
+RUN install-php-extensions 

docker/containers/web-server/apache/sites-enabled/vhost_app.conf

+#
+# GENERATED BY init.sh - template: ./templates/vhost_app.conf - 4dfd63417ad808a5ed00ffaf117464a8
+#
+<VirtualHost *:80>
+  DocumentRoot /var/www/ci-pkg/public_html
+  <Directory /var/www/ci-pkg/public_html>
+      AllowOverride None
+      Order Allow,Deny
+      Allow from All
+  </Directory>
+
+  # redirect requests to handle packages
+  <Location "/packages">
+
+    # for Php as php-fpm service:
+    # SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
+
+    RewriteEngine on
+    RewriteCond %{REQUEST_FILENAME} !-f
+    RewriteRule ^(.*)$ index.php [QSA,L]
+
+  </Location>
+
+  # download files are outside webroot
+  XSendFile On
+  XSendFilePath "/var/www/ci-pkg/example-packages/"
+
+  # example to prevent access with http
+  <Location "/no-access">
+    Require all denied
+  </Location>
+
+</VirtualHost>
\ No newline at end of file

docker/containers/web-server/php/extra-php-config.ini

+;
+; GENERATED BY init.sh - template: ./templates/extra-php-config.ini - 9dce36d285d5b21d70e015c074c196c2
+;
+[PHP]
+
+error_reporting=E_ALL
+display_errors=1
+
+; ----------------------------------------------------------------------
+; XDEBUG STUFF BELOW
+; ----------------------------------------------------------------------
+; 
+; error_reporting=E_ALL
+; 
+; [xdebug]
+; xdebug.mode=develop,debug
+; ; xdebug.client_host=localhost
+; xdebug.start_with_request=yes
+; ; xdebug.start_with_request=trigger
+; 
+; xdebug.log=/tmp/xdebug.log
+; xdebug.discover_client_host = 1
+; ; xdebug.client_port=9003
+; xdebug.idekey="netbeans-xdebug"
\ No newline at end of file

docker/docker-compose.yml

+#
+# GENERATED BY init.sh - template: ./templates/docker-compose.yml - fc2f1d55926abdb9c54f65afd0571d7b
+#
+# ======================================================================
+#
+# (1) see .env for set variables
+# (2) run "docker-compose up" to startup
+# 
+# ======================================================================
+version: '3.9'
+
+networks:
+  ci-pkg-network:
+
+services:
+
+  # ----- apache httpd + php
+  ci-pkg-web-server:
+    build:
+      context: .
+      dockerfile: ./containers/web-server/Dockerfile
+    image: "php:8.2-apache"
+    container_name: 'ci-pkg-server'
+    ports:
+      - '${APP_PORT}:80'
+
+    working_dir: ${WEBROOT}
+    
+    volumes:
+      - ../:/var/www/${APP_NAME}
+      - ./containers/web-server/apache/sites-enabled:/etc/apache2/sites-enabled
+      - ./containers/web-server/php/extra-php-config.ini:/usr/local/etc/php/conf.d/extra-php-config.ini
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost"]
+      interval: 10s
+      timeout: 3s
+      retries: 5
+      # start_period: 40s
+
+    networks:
+      - ci-pkg-network
+
+    user: ${DOCKER_USER_UID}
+

docker/init.sh

+#!/bin/bash
+# ======================================================================
+#
+# DOCKER PHP DEV ENVIRONMENT :: INIT
+#
+# ----------------------------------------------------------------------
+# 2021-11-nn  v1.0 <axel.hahn@iml.unibe.ch>
+# 2022-07-19  v1.1 <axel.hahn@iml.unibe.ch>  support multiple dirs for setfacl
+# 2022-11-16  v1.2 <www.axel-hahn.de>        use docker-compose -p "$APP_NAME"
+# 2022-12-18  v1.3 <www.axel-hahn.de>        add -p "$APP_NAME" in other docker commands
+# 2022-12-20  v1.4 <axel.hahn@unibe.ch>      replace fgrep with grep -F
+# 2023-03-06  v1.5 <www.axel-hahn.de>        up with and without --build
+# 2023-08-17  v1.6 <www.axel-hahn.de>        menu selection with single key (without return)
+# ======================================================================
+
+cd $( dirname $0 )
+. $( basename $0 ).cfg
+
+# git@git-repo.iml.unibe.ch:iml-open-source/docker-php-starterkit.git
+selfgitrepo="docker-php-starterkit.git"
+
+_version="1.6"
+
+# ----------------------------------------------------------------------
+# FUNCTIONS
+# ----------------------------------------------------------------------
+
+# draw a headline 2
+function h2(){
+    echo
+    echo -e "\e[33m>>>>> $*\e[0m"
+}
+
+# draw a headline 3
+function h3(){
+    echo
+    echo -e "\e[34m----- $*\e[0m"
+}
+
+# function _gitinstall(){
+#     h2 "install/ update app from git repo ${gitrepo} in ${gittarget} ..."
+#     test -d ${gittarget} && ( cd ${gittarget}  && git pull )
+#     test -d ${gittarget} || git clone -b ${gitbranch} ${gitrepo} ${gittarget} 
+# }
+
+# set acl on local directory
+function _setWritepermissions(){
+    h2 "set write permissions on ${gittarget} ..."
+
+    local _user=$( id -gn )
+    typeset -i local _user_uid=0
+    test -f /etc/subuid && _user_uid=$( grep $_user /etc/subuid 2>/dev/null | cut -f 2 -d ':' )-1
+    typeset -i local DOCKER_USER_OUTSIDE=$_user_uid+$DOCKER_USER_UID
+
+    set -vx
+
+    for mywritedir in ${WRITABLEDIR}
+    do 
+
+        echo "--- ${mywritedir}"
+        # remove current acl
+        sudo setfacl -bR "${mywritedir}"
+
+        # default permissions: both the host user and the user with UID 33 (www-data on many systems) are owners with rwx perms
+        sudo setfacl -dRm u:${DOCKER_USER_OUTSIDE}:rwx,${_user}:rwx "${mywritedir}"
+
+        # permissions: make both the host user and the user with UID 33 owner with rwx perms for all existing files/directories
+        sudo setfacl -Rm u:${DOCKER_USER_OUTSIDE}:rwx,${_user}:rwx "${mywritedir}"
+    done
+
+    set +vx
+}
+
+# cleanup starterkit git data
+function _removeGitdata(){
+    h2 "Remove git data of starterkit"
+    echo -n "Current git remote url: "
+    git config --get remote.origin.url
+    git config --get remote.origin.url 2>/dev/null | grep $selfgitrepo >/dev/null
+    if [ $? -eq 0 ]; then
+        echo
+        echo -n "Delete local .git and .gitignore? [y/N] > "
+        read answer
+        test "$answer" = "y" && ( echo "Deleting ... " && rm -rf ../.git ../.gitignore )
+    else
+        echo "It was done already - $selfgitrepo was not found."
+    fi
+
+}
+
+# helper function: cut a text file starting from database start marker
+# see _generateFiles()
+function _fix_no-db(){
+    local _file=$1
+    if [ $DB_ADD = false ]; then
+        typeset -i local iStart=$( cat ${_file} | grep -Fn "$CUTTER_NO_DATABASE" | cut -f 1 -d ':' )-1
+        if [ $iStart -gt 0 ]; then
+            sed -ni "1,${iStart}p" ${_file}
+        fi
+    fi
+}
+
+# loop over all files in templates subdir make replacements and generate
+# a target file.
+# It skips if 
+#   - 1st line is not starting with "# TARGET: filename"
+#   - target file has no updated lines
+function _generateFiles(){
+
+    # re-read config vars
+    . $( basename $0 ).cfg
+
+    local _tmpfile=/tmp/newfilecontent$$.tmp
+    h2 "generate files from templates..."
+    for mytpl in $( ls -1 ./templates/* )
+    do
+        # h3 $mytpl
+        local _doReplace=1
+
+        # fetch traget file from first line
+        target=$( head -1 $mytpl | grep "^# TARGET:" | cut -f 2- -d ":" | awk '{ print $1 }' )
+
+        if [ -z "$target" ]; then
+            echo SKIP: $mytpl - target was not found in 1st line
+            _doReplace=0
+        fi
+
+        # write generated files to target
+        if [ $_doReplace -eq 1 ]; then
+
+            # write file from line 2 to a tmp file
+            sed -n '2,$p' $mytpl >$_tmpfile
+
+            # add generator
+            # sed -i "s#{{generator}}#generated by $0 - template: $mytpl - $( date )#g" $_tmpfile
+            local _md5=$( md5sum $_tmpfile | awk '{ print $1 }' )
+            sed -i "s#{{generator}}#GENERATED BY $( basename $0 ) - template: $mytpl - $_md5#g" $_tmpfile
+
+            # loop over vars to make the replacement
+            grep "^[a-zA-Z]" $( basename $0 ).cfg | while read line
+            do
+                # echo replacement: $line
+                mykey=$( echo $line | cut -f 1 -d '=' )
+                myvalue="$( eval echo \"\${$mykey}\" )"
+                # grep "{{$mykey}}" $_tmpfile
+
+                # TODO: multiline values fail here in replacement with sed 
+                sed -i "s#{{$mykey}}#${myvalue}#g" $_tmpfile
+            done
+            _fix_no-db $_tmpfile
+
+            # echo "changes for $target:"
+            diff  "../$target"  "$_tmpfile" | grep -v "$_md5" | grep -v "^---" | grep .
+            if [ $? -eq 0 -o ! -f "../$target" ]; then
+                echo -n "$mytpl - changes detected - writing [$target] ... "
+                mkdir -p $( dirname  "../$target" ) || exit 2
+                mv "$_tmpfile" "../$target" || exit 2
+                echo OK
+            else
+                rm -f $_tmpfile
+                echo "SKIP: $mytpl - Nothing to do."
+            fi
+        fi
+        echo
+    done
+
+}
+
+# loop over all files in templates subdir make replacements and generate
+# a traget file.
+function _removeGeneratedFiles(){
+    h2 "remove generated files..."
+    for mytpl in $( ls -1 ./templates/* )
+    do
+        h3 $mytpl
+
+        # fetch traget file from first line
+        target=$( head -1 $mytpl | grep "^# TARGET:" | cut -f 2- -d ":" | awk '{ print $1 }' )
+
+        if [ ! -z "$target" -a -f "../$target" ]; then
+            echo -n "REMOVING "
+            ls -l "../$target" || exit 2
+            rm -f "../$target" || exit 2
+            echo OK
+        else
+            echo SKIP: $target
+        fi
+        
+    done
+}
+
+function _showContainers(){
+    local bLong=$1
+    h2 CONTAINERS
+    if [ -z "$bLong" ]; then
+        docker-compose -p "$APP_NAME" ps
+    else
+        docker ps | grep $APP_NAME
+    fi
+}
+
+
+# a bit stupid ... i think I need to delete it.
+function _showInfos(){
+    _showContainers long
+    h2 INFO
+
+    h3 "processes"
+    docker-compose top
+
+    h3 "Check app port"
+    >/dev/tcp/localhost/${APP_PORT} 2>/dev/null && (
+        echo "OK, app port ${APP_PORT} is reachable"
+        echo
+        echo "In a web browser open:"
+        echo "  $frontendurl"
+    )
+    h3 "Check database port"
+    >/dev/tcp/localhost/${DB_PORT} 2>/dev/null && (
+        echo "OK, db port ${DB_PORT} is reachable"
+        echo
+        echo "In a local DB admin tool:"
+        echo "  host    : localhost"
+        echo "  port    : ${DB_PORT}"
+        echo "  user    : root"
+        echo "  password: ${MYSQL_ROOT_PASS}"
+    )
+    echo
+}
+
+# helper for menu: print an inverted key
+function  _key(){
+    printf "\e[4;7m ${1} \e[0m"
+}
+
+# helper: wait for a return key
+function _wait(){
+    echo -n "... press RETURN > "; read -r
+}
+
+# ----------------------------------------------------------------------
+# MAIN
+# ----------------------------------------------------------------------
+
+action=$1
+
+while true; do
+    echo
+    echo -e "\e[32m===== INITIALIZER FOR DOCKER APP [$APP_NAME] v$_version ===== \e[0m\n\r"
+
+    if [ -z "$action" ]; then
+
+        _showContainers
+
+        h2 MENU
+        echo "  $( _key g ) - remove git data of starterkit"
+        echo
+        echo "  $( _key i ) - init application: set permissions"
+        echo "  $( _key t ) - generate files from templates"
+        echo "  $( _key T ) - remove generated files"
+        echo
+        echo "  $( _key u ) - startup containers    docker-compose ... up -d"
+        echo "  $( _key U ) - startup containers    docker-compose ... up -d --build"
+        echo "  $( _key s ) - shutdown containers   docker-compose stop"
+        echo "  $( _key r ) - remove containers     docker-compose rm -f"
+        echo
+        echo "  $( _key m ) - more infos"
+        echo "  $( _key c ) - console (bash)"
+        echo
+        echo "  $( _key q ) - quit"
+        echo
+        echo -n "  select >"
+        read -rn 1 action 
+        echo
+    fi
+
+    case "$action" in
+        g)
+            _removeGitdata
+            ;;
+        i)
+            # _gitinstall
+            _setWritepermissions
+            ;;
+        t)
+            _generateFiles
+            ;;
+        T)
+            _removeGeneratedFiles
+            rm -rf containers
+            ;;
+        # not in the menu
+        # f)
+        #     _removeGeneratedFiles
+        #     _generateFiles
+        #     _wait
+        #     ;;
+        m)
+            _showInfos
+            _wait
+            ;;
+        u|U)
+            dockerUp="docker-compose -p "$APP_NAME" --verbose up -d --remove-orphans"
+            if [ "$action" = "U" ]; then
+                dockerUp+=" --build"
+            fi
+            if $dockerUp; then
+                echo "In a web browser:"
+                echo "  $frontendurl"
+            else
+                echo "ERROR: docker-compose up failed :-/"
+                docker-compose -p "$APP_NAME" logs | tail
+            fi
+            echo
+
+            _wait
+            ;;
+        s)
+            docker-compose -p "$APP_NAME" stop
+            ;;
+        r)
+            docker-compose -p "$APP_NAME" rm -f
+            ;;
+        c)
+            docker ps
+            echo -n "id or name >"
+            read dockerid
+            test -z "$dockerid" || docker exec -it $dockerid /bin/bash
+            ;;
+        q)
+            exit 0;
+            ;;
+        *) 
+            test -n "$action" && ( echo "  ACTION FOR [$action] NOT IMPLEMENTED."; sleep 1 )
+    esac
+    action=
+done
+
+
+# ----------------------------------------------------------------------

docker/init.sh.cfg

+# ======================================================================
+#
+# settings for init.sh and base values for replacements in template files
+# This script is sourced by init.sh ... this file is bash syntax
+# 
+# ----------------------------------------------------------------------
+# 2021-12-17  <axel.hahn@iml.unibe.ch>
+# ======================================================================
+
+APP_NAME=ci-pkg
+
+# web port 80 in container is seen on localhost as ...
+APP_PORT=8001
+
+APP_APT_PACKAGES="git unzip zip libapache2-mod-xsendfile"
+
+#APP_APACHE_MODULES="rewrite"
+APP_APACHE_MODULES="xsendfile"
+
+APP_PHP_VERSION=8.2
+# APP_PHP_MODULES="curl pdo_mysql mbstring xml zip xdebug"
+APP_PHP_MODULES=""
+
+# optional exec command after container was started with init.sh script
+# APP_ONSTARTUP="php /var/www/${APP_NAME}/public_html/myservice.php"
+APP_ONSTARTUP=""
+
+# ----------------------------------------------------------------------
+
+# add a container with database?
+DB_ADD=false
+
+# ----------------------------------------------------------------------
+# for an optional database server
+
+DB_PORT=13306
+
+# ----- database settings
+MYSQL_IMAGE=mariadb:10.5.9
+MYSQL_RANDOM_ROOT_PASSWORD=0
+MYSQL_ALLOW_EMPTY_PASSWORD=0
+MYSQL_ROOT_PASS=12345678
+MYSQL_USER=${APP_NAME}
+MYSQL_PASS=mypassword
+MYSQL_DB=${APP_NAME}
+
+
+
+# ======================================================================
+# ignore things below
+
+
+# where to set acl where local user and web user in container
+# can write simultanously
+WRITABLEDIR=../public_html
+
+
+# web service user in container
+DOCKER_USER_UID=33
+
+# document root inside web-server container 
+WEBROOT=/var/www/${APP_NAME}/public_html
+
+CUTTER_NO_DATABASE="CUT-HERE-FOR-NO-DATABASE"
+
+frontendurl=http://localhost:${APP_PORT}/
+
+# ----------------------------------------------------------------------

docker/templates/docker-compose.yml

+# TARGET: docker/docker-compose.yml
+#
+# {{generator}}
+#
+# ======================================================================
+#
+# (1) see .env for set variables
+# (2) run "docker-compose up" to startup
+# 
+# ======================================================================
+version: '3.9'
+
+networks:
+  {{APP_NAME}}-network:
+
+services:
+
+  # ----- apache httpd + php
+  {{APP_NAME}}-web-server:
+    build:
+      context: .
+      dockerfile: ./containers/web-server/Dockerfile
+    image: "php:{{APP_PHP_VERSION}}-apache"
+    container_name: '{{APP_NAME}}-server'
+    ports:
+      - '${APP_PORT}:80'
+
+    working_dir: ${WEBROOT}
+    
+    volumes:
+      - ../:/var/www/${APP_NAME}
+      - ./containers/web-server/apache/sites-enabled:/etc/apache2/sites-enabled
+      - ./containers/web-server/php/extra-php-config.ini:/usr/local/etc/php/conf.d/extra-php-config.ini
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost"]
+      interval: 10s
+      timeout: 3s
+      retries: 5
+      # start_period: 40s
+
+    networks:
+      - {{APP_NAME}}-network
+
+    user: ${DOCKER_USER_UID}
+
+    # --- 8< --- {{CUTTER_NO_DATABASE}} --- 8< ---
+
+    depends_on:
+      - {{APP_NAME}}-db-server
+
+  # ----- mariadb
+  {{APP_NAME}}-db-server:
+    image: {{MYSQL_IMAGE}}
+    container_name: '${APP_NAME}-db'
+    # restart: always
+    ports:
+      - '${DB_PORT}:3306'
+    environment:
+      MYSQL_ROOT_PASSWORD: '${MYSQL_ROOT_PASS}'
+      MYSQL_USER: '${MYSQL_USER}'
+      MYSQL_PASSWORD: '${MYSQL_PASS}'
+      MYSQL_DATABASE: '${MYSQL_DB}'
+    volumes:
+      # - ./containers/db-server/db_data:/var/lib/mysql
+      - ./containers/db-server/mariadb/my.cnf:/etc/mysql/conf.d/my.cnf
+    healthcheck:
+      test: mysqladmin ping -h 127.0.0.1 -u root --password=$$MYSQL_ROOT_PASSWORD
+      interval: 5s
+      retries: 5
+    networks:
+      - {{APP_NAME}}-network

docker/templates/dot_env

+# TARGET: docker/.env
+# ======================================================================
+#
+# {{generator}}
+# values to be used in docker-composer.yml
+#
+# ======================================================================
+
+# ----- application
+APP_NAME={{APP_NAME}}
+
+# uid of www-data in the docker container
+DOCKER_USER_UID={{DOCKER_USER_UID}}
+
+APP_PORT={{APP_PORT}}
+WEBROOT={{WEBROOT}}
+
+# --- 8< --- {{CUTTER_NO_DATABASE}} --- 8< ---
+
+DB_PORT={{DB_PORT}}
+
+# ----- database settings
+MYSQL_RANDOM_ROOT_PASSWORD={{MYSQL_RANDOM_ROOT_PASSWORD}}
+MYSQL_ALLOW_EMPTY_PASSWORD={{MYSQL_ALLOW_EMPTY_PASSWORD}}
+MYSQL_ROOT_PASS={{MYSQL_ROOT_PASS}}
+MYSQL_USER={{APP_NAME}}
+MYSQL_PASS={{MYSQL_PASS}}
+MYSQL_DB={{APP_NAME}}

docker/templates/extra-php-config.ini

+# TARGET: docker/containers/web-server/php/extra-php-config.ini
+;
+; {{generator}}
+;
+[PHP]
+
+error_reporting=E_ALL
+display_errors=1
+
+; ----------------------------------------------------------------------
+; XDEBUG STUFF BELOW
+; ----------------------------------------------------------------------
+; 
+; error_reporting=E_ALL
+; 
+; [xdebug]
+; xdebug.mode=develop,debug
+; ; xdebug.client_host=localhost
+; xdebug.start_with_request=yes
+; ; xdebug.start_with_request=trigger
+; 
+; xdebug.log=/tmp/xdebug.log
+; xdebug.discover_client_host = 1
+; ; xdebug.client_port=9003
+; xdebug.idekey="netbeans-xdebug"
\ No newline at end of file

docker/templates/my.cnf

+# TARGET: docker/containers/db-server/mariadb/my.cnf
+[mysqld]
+; collation-server = utf8mb4_unicode_ci
+; character-set-server = utf8mb4
\ No newline at end of file

docker/templates/readme.md

+# Templates
+
+## Rules
+
+* in the first line must be a line `# TARGET: [name of target file]` to define the target file
+* Placeholdrs have the syntax variable in double brackets, i.e. `{{VARNAME}}`
+* variables to be replaced are those in docker/init.sh.cfg and `{{genrator}}`

docker/templates/vhost_app.conf

+# TARGET: docker/containers/web-server/apache/sites-enabled/vhost_app.conf
+#
+# {{generator}}
+#
+<VirtualHost *:80>
+  DocumentRoot {{WEBROOT}}
+  <Directory {{WEBROOT}}>
+      AllowOverride None
+      Order Allow,Deny
+      Allow from All
+  </Directory>
+
+  # redirect requests to handle packages
+  <Location "/packages">
+
+    # for Php as php-fpm service:
+    # SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
+
+    RewriteEngine on
+    RewriteCond %{REQUEST_FILENAME} !-f
+    RewriteRule ^(.*)$ index.php [QSA,L]
+
+  </Location>
+
+  # download files are outside webroot
+  XSendFile On
+  XSendFilePath "/var/www/{{APP_NAME}}/example-packages/"
+
+  # example to prevent access with http
+  <Location "/no-access">
+    Require all denied
+  </Location>
+
+</VirtualHost>
\ No newline at end of file

docker/templates/web-server-Dockerfile

+# TARGET: docker/containers/web-server/Dockerfile
+#
+# {{generator}}
+#
+FROM php:{{APP_PHP_VERSION}}-apache
+
+# install packages
+RUN apt-get update && apt-get install -y {{APP_APT_PACKAGES}}
+
+# enable apache modules
+RUN a2enmod {{APP_APACHE_MODULES}}
+
+# install php packages
+COPY --from=mlocati/php-extension-installer /usr/bin/install-php-extensions /usr/local/bin/
+RUN install-php-extensions {{APP_PHP_MODULES}}

docs/20_Installation.md

 # Installation on server
 
-
 ## Receive data
 
 * Create an ssh user "deployment" to receive data
-* Create a package directory - it can be outside webroot eg. /var/www/cipkg.example.com/packages/ with write permissions for user "deployment" and read persmissions for webserver.
+* Create a package directory - it can be outside webroot eg. /var/www/cipkg.example.com/packages/ with write permissions for user "deployment" and read permissions for webserver.
 
 ```txt
 mkdir /var/www/cipkg.example.com/packages/
@@ -12,7 +11,11 @@ chown deployment:www-data /var/www/cipkg.example.com/packages/
 chmod 750 /var/www/cipkg.example.com/packages/
 ```
 
-* Configue the ci sever to rsync with ssh user "deployment" here
+In the config of CI web server add a sync target. Use
+
+* the deployment user as ssh
+* the fqdn as hostname
+* the defined *packagedir* in your inc_config.php as target directory
 
 ## Xsentfile module
 
@@ -29,7 +32,6 @@ path on your websever.
 
 Redirect all requests to /packages/[whatever] to /packages/index.php
 
-
 Example snippet
 
 ```text
@@ -39,6 +41,9 @@ Example snippet
 
     <Location "/packages">
 
+        # for Php as php-fpm service:
+        SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
+
         RewriteEngine on
         RewriteCond %{REQUEST_FILENAME} !-f
         RewriteRule ^(.*)$ index.php [QSA,L]

docs/30_Configuration.md

@@ -21,8 +21,6 @@ return array(
     'maxage'=>60,
 
     // force that a hash can be used only once
-    // a side effect is that fast repeat or simultanius requests
-    // will be denied.
     'onetimesecret'=>true,
 
     // filesize of lock file with stored hashed before starting garbage collection
@@ -35,27 +33,20 @@ return array(
     // allow directory listing when accessing a path of a package
     // true is required to fetch all packages
     'showdircontent'=>true,
-);
-```
-
-## Prepare receive of packages
-
-* Create an deployment account package server that can be used to be connected 
-  via SSH by the ci server
-* add the public key of www-data of the ci server into
-  /home/deployment/.ssh/authorized keys
-* Set permissions that the deployment user can write into
-  /var/www/cipkg.example.com/packages/
-  and the user of the webeservice can read it 
-  `chown deployment:apache /var/www/cipkg.example.com/packages/` and
-  `chmod 750 /var/www/cipkg.example.com/packages/`
 
-## Ci server: add a sync target
+    // Enable for troubleshooting
+    'debug'=>false,
 
-TODO
-
-In the config of CI web server add a sync target. Use
+);
+```
 
-* the deployment user as ssh
-* the fqdn as hostname
-* the defined *packagedir* in your inc_config.php as target directory
+| Key                | Description |
+|---                 |---          |
+| apikey             | A secret for the server. A client that wants to fetch a package must use the same secret |
+| packagedir         | physical folder where to find the packages. To this folder you need to point XSendFilePath in your apache httpd vhost too. |
+| maxage             | max age of request ... client and server need to be in sync |
+| onetimesecret      | force that a hash can be used only once. There should be no reason to turn it off. |
+| maxlockfilesize    | filesize of lock file with stored hashed before starting garbage collection. 10.000 byte are reached after 114 req |
+| tmpdir             | tmp dir to store used hashes  |
+| showdircontent     | allow directory listing when accessing a path of a package. true is required to fetch all packages by a single request |
+| debug              | enable debug output |

docs/40_Usage.md

@@ -7,6 +7,11 @@ See deployment project <https://git-repo.iml.unibe.ch/iml-open-source/imldeploym
 
 The download script is bin/getfile.sh.
 
+```text
+wget -O getfile.sh "https://git-repo.iml.unibe.ch/iml-open-source/imldeployment-client/-/raw/master/bin/getfile.sh?ref_type=heads"
+chmod 755 getfile.sh
+```
+
 ## How does it work?
 
 TODO: needs to be completed.
@@ -33,3 +38,57 @@ Possible GET requests are:
 
 If a valid request came in then the hash will be written to `[approot]/tmp/used_hashes.txt`.
 This file will be cleaned up if reaching the defined file size with value of *maxlockfilesize*.
+
+## Test package download
+
+If you use the docker environment for development:
+
+In your app root you there is a folder "example-packages". Inside the docker container it is available as /var/www/ci-pkg/example-packages/.
+
+* Below the package folder folders are subfolders for phases (preview, stage, live and "test").
+* below a phase are the folders with the project id
+* inside the project folder are the files per project
+
+```text
+example-packages/
+├── live
+├── preview
+├── stage
+└── test
+    └── example-prj
+        └── hello.txt
+```
+
+In your app root go to the the "tests" folder.
+This will download the "hello.txt" into the current folder:
+
+```txt
+./getfile.sh -u http://localhost:8001 -s myapikey -e test -p example-prj -f hello.txt
+-rw-r--r-- 1 axel axel 12 Sep 15 14:34 hello.txt
+```
+
+For less params with getfile.sh there is a config:
+
+```txt
+cat getfile.sh.cfg
+# for less params with getfile.sh
+IMLCI_PKG_SECRET=myapikey
+IMLCI_URL=http://localhost:8001
+IMLCI_PHASE=test
+```
+
+With it you can execute ``./getfile.sh -p example-prj -f hello.txt`` too.
+
+If you enabled the file listing you get a list of files:
+
+```txt
+./getfile.sh -p example-prj
+file:hello.txt
+```
+
+## Troubleshooting
+
+To have more output you have these possibilities:
+
+* in the command with ./getfile.sh add the flag ``-d`` to enable debugging for this script
+* in public_html/inc_config.php set the key debug to enable the debugging on server (disable it as soon you can)

example-packages/test/example-prj/hello.txt

+Hello world!
\ No newline at end of file