dockerlinuxphp-fpmnginx

Nginx, PHP-8.2, SQL Server 2019, Alpine, Custom OpenSSL Config

author

Ahmad Lukman Hakim

09 Juni 2024

This article covers how to build a docker image that supports sqlsrv, pdo_sqlsrv PHP module for connecting PHP to Microsoft SQL Server 2019. Maybe, this flow can be used in another version.

Kindly try guys, if you have new suggestions, please comment. Thanks

- Dockerfile

FROM webdevops/php-nginx:8.2-alpine

RUN apk add autoconf make g++ unixodbc-dev gpg --no-cache

COPY odbc18.sh .
COPY ssl.sh .

RUN bash ssl.sh

RUN bash odbc18.sh

RUN pecl install sqlsrv && \
    pecl install pdo_sqlsrv

RUN echo extension=pdo_sqlsrv.so >> /opt/docker/etc/php/php.ini && \
    echo extension=sqlsrv.so >> /opt/docker/etc/php/php.ini

- odbc18.sh

case $(uname -m) in
    x86_64)   architecture="amd64" ;;
    arm64)   architecture="arm64" ;;
    *) architecture="unsupported" ;;
esac
if [[ "unsupported" == "$architecture" ]];
then
    echo "Alpine architecture $(uname -m) is not currently supported.";
    exit;
fi

#Download the desired package(s)
curl -O https://download.microsoft.com/download/3/5/5/355d7943-a338-41a7-858d-53b259ea33f5/msodbcsql18_18.3.3.1-1_$architecture.apk
curl -O https://download.microsoft.com/download/3/5/5/355d7943-a338-41a7-858d-53b259ea33f5/mssql-tools18_18.3.1.1-1_$architecture.apk

#(Optional) Verify signature, if 'gpg' is missing install it using 'apk add gnupg':
curl -O https://download.microsoft.com/download/3/5/5/355d7943-a338-41a7-858d-53b259ea33f5/msodbcsql18_18.3.3.1-1_$architecture.sig
curl -O https://download.microsoft.com/download/3/5/5/355d7943-a338-41a7-858d-53b259ea33f5/mssql-tools18_18.3.1.1-1_$architecture.sig

curl https://packages.microsoft.com/keys/microsoft.asc  | gpg --import -
gpg --verify msodbcsql18_18.3.3.1-1_$architecture.sig msodbcsql18_18.3.3.1-1_$architecture.apk
gpg --verify mssql-tools18_18.3.1.1-1_$architecture.sig mssql-tools18_18.3.1.1-1_$architecture.apk

#Install the package(s)
apk add --allow-untrusted msodbcsql18_18.3.3.1-1_$architecture.apk
apk add --allow-untrusted mssql-tools18_18.3.1.1-1_$architecture.apk

- ssl.sh

#!/bin/bash

sed -i '17c\#openssl_conf = openssl_init' /etc/ssl/openssl.cnf
sed -i '1i\openssl_conf = default_conf' /etc/ssl/openssl.cnf

cat <<EOL >> /etc/ssl/openssl.cnf
[default_conf]
ssl_conf = ssl_sect

[ssl_sect]
system_default = system_default_sect

[system_default_sect]
MinProtocol = TLSv1
CipherString = DEFAULT@SECLEVEL=0
EOL

Test connection

<?php
// Connection parameters
$serverName = "103.161.185.66";
$connectionOptions = array(
    "Database" => "dbname",
    "Uid" => "dbuser",
    "PWD" => "dbpass",
    // Enabling encryption
    "Encrypt" => true,
    // Certificate verification (set to false for self-signed certs)
    "TrustServerCertificate" => true,
);

// Establishes the connection
$conn = sqlsrv_connect($serverName, $connectionOptions);

if ($conn === false) {
    die(print_r(sqlsrv_errors(), true));
} else {
    echo "Connection established successfully!";
}

// Perform database operations here

// Close the connection
sqlsrv_close($conn);
?>