Dockerfile for latest WordPress and Latest PHP

I am using Docker to run WordPress. Official image doesn’t contain imagick as well as tidy. These two are necessary extensions for cache plugins and image manipulations including resize and compression to work.

Follwing Dockerfile will have latest PHP as well as WordPress. As long as you are at PHP7.4.X as well as wordpress 5.4.X we are good to go.


FROM wordpress:5.4.2-php7.4-apache
# Better WordPress Health-Check
RUN apt-get update && apt-get install -y libmagickwand-dev --no-install-recommends && rm -rf /var/lib/apt/lists/*
#RUN printf "\n" | pecl install imagick
RUN docker-php-ext-enable imagick
RUN docker-php-ext-install bcmath exif
# W3Cache tweaks
RUN apt-get update && apt-get install -y tidy libtidy-dev --no-install-recommends && rm -rf /var/lib/apt/lists/*
RUN a2enmod headers ext_filter 

RUN set -eux; \
	a2enmod rewrite expires; \
	a2enmod remoteip; \
	{ \
		echo 'RemoteIPHeader X-Forwarded-For'; \
# these IP ranges are reserved for "private" use and should thus *usually* be safe inside Docker
		echo 'RemoteIPTrustedProxy'; \
	} > /etc/apache2/conf-available/remoteip.conf; \
	a2enconf remoteip; \
# (replace all instances of "%h" with "%a" in LogFormat)
	find /etc/apache2 -type f -name '*.conf' -exec sed -ri 's/([[:space:]]*LogFormat[[:space:]]+"[^"]*)%h([^"]*")/\1%a\2/g' '{}' +

RUN docker-php-ext-install tidy

Worth Sharing?

How to have MySQL backup with Docker?

Dockerized Ruby Backup Gem

I created a dockerized image for ruby gem backup/backup It was unfortunately older ruby where it worked flawlessly. Image can be found here varunbatrait/backup

If you are coming from Ruby, backup is a popular ruby gem which can be used to backup the database. Unfortunately it is maintenance only but it works flawlessly with current features. Since, it is not compatible with latest ruby, it makes sense to make a docker image of it.


I am assuming that you have configured the models inside models folder where you are right now. Then you can perform a trigger like this. Config can be an empty ruby file if you have everything mentioned in your model.

docker run --rm -v $(pwd):/usr/src/app  --user $(id -u):$(id -g) varunbatrait/backup:latest perform -t database_name --config-file config.rb --root-path . 


As usual, you can use alias and invoke it with just backup by using following:

alias backup='docker run --rm -it -v $(pwd):/usr/src/app  --user $(id -u):$(id -g) varunbatrait/backup:latest'

Provided you have added above alias to your .zshrc or .bashrc, You can generate a model – you can generate using:

backup generate:model --trigger=demo --config-file config.rb 

This will generate model file demo.rb under models/demo.rb

# encoding: utf-8

# Backup Generated: demo
# Once configured, you can run the backup with the following command:
# $ backup perform -t demo [-c <path_to_configuration_file>]
# For more information about Backup's components, see the documentation at:
#, 'Description for demo') do


For information related to usage of backup. Please visit official documentation

Worth Sharing?

How to Find Expiry of SSL Certificates using Command line (certok) using Docker?

certok (cert ok) is a command-line tool that can quickly give you information related to SSL certificates.

If you have go – you can simply install certok inside the system by following command:

go get

Using Docker

I have created a docker image which can be used in place of go tool which is only 11mb in size.

Simply use it like following:

docker run --rm -it -v $(pwd):/app --user $(id -u):$(id -g) varunbatrait/certok:latest

Add it as alias: You can add the following line to your .zshrc file or .bashrc file.

alias certok='docker run --rm -it -v $(pwd):/app --user $(id -u):$(id -g) varunbatrait/certok:latest'

Usage with certok as Docker

Provided that you have added an alias you can use it like following

Create a hostsfile (or any file) with domains

Now run dockerized certok using certok

certok hostsfile
// One with Warning
certok --days=50 hostsfile

Sample output

NAME                              SUBJECT                         ISSUER                      ALGO                EXPIRES             SUNSET DATE         ERROR                *                Let's Encrypt Authority X3  SHA256-RSA          81 days                          *  Let's Encrypt Authority X3  SHA256-RSA          48 days                                 

Worth Sharing?

Dockerized Tor Browsing without Logs

Tor Project is the most popular browser to access internet in complete anonymity. There is a VPN alternative for the tor, However, I am concerned with finishing off as soon as I am done with the browsing.

I have written a one-liner which has no logging and it removes itself

sudo docker run -it  --log-driver none  --rm -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix:ro --entrypoint="/usr/local/bin/Browser/start-tor-browser" jess/tor-browser

–rm tells the docker to clean up the container once it is exit.

–log-driver none gives no logging while it is running.

–entrypoint disables the stdout

You can add an alias in your bashrc or zshrc file as following and access it with tor

alias tor='sudo docker run -it  --log-driver none  --rm -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix:ro --entrypoint="/usr/local/bin/Browser/start-tor-browser" jess/tor-browser'

Worth Sharing?

Why don’t I use array iterators in PHP?

Art VS Performance

When I started learning PHP, most beautiful thing which I could do is to use array_walk, array_map and array_filter functions along with some closure which will attracts some cheers. Today I told my team that they should remove it. But why? The question was raised instantaneously. I said, do the benchmark and you will know the answer.

PHP Functions are overkill! Which should be the part of third party libraries are part of core libraries. Unfortunately, our interview selections make us learn the unwanted core functions. Two years experience favorite question would be different between them! Give it another year and you would know why for loops are great!

Arguably – Performance isn’t much! Check few results over here but then it also depends on how much traffic are you handling. This demands a read on an article on Freaks – Sanity in Insanity I wrote. The overall results from above read is as following:

    //1M numbers across a dozen attempts
    Foreach: 0.7 sec
    Map on closure: 3.4 sec
    Map on function name: 1.2 sec.

But then – Readability!

The functions – array_walk, array_map and array_filter kill the readability all together. It might reduce the number of lines you are reading but – and it is a big but – the loops are more familiar as well as keeps thing in indentation.

Worth Sharing?

How to limit the docker log size?

Have you given a surprise after a month or two that all the space in your server is filled with docker logs? Do you know that if you don’t control the size of the log, it will also impact running containers?

These two problems can be resolved easily by configuring the docker container. It is preferred that you control each log size separately because some logs you don’t need much while some you do.

For instance, in case of Nginx/Apache you might want to keep more logs while for some less relevant applications like emailing, you might want to keep logs for only a few days.

version: "3.8"
    image: nginx
      driver: "json-file"
        max-size: "20m"
        max-file: "30"

This will ensure that at max, you will have 30 files and each file size will be a maximum of 20 megabytes. You can use 20k for kilobytes

Worth Sharing?

How to install GVM and latest Go (One-Liner)?

The gvm a.k.a. Go Version Manager is an excellent tool to maintain multiple version of Go in your system.


If you are using zsh

Assuming that latest go at the moment is 1.14.4 and you are using zsh

zsh < <(curl -s -S -L \
      && echo "source /home/$USERNAME/.gvm/scripts/gvm" >> ~/.zshrc && source ~/.zshrc \
      && gvm install go1.4 -B && gvm use go1.4 --default \
      && gvm install go1.14.4 && gvm use go 1.14.4 --default

If you are using bash

bash < <(curl -s -S -L \
      && echo "source /home/$USERNAME/.gvm/scripts/gvm" >> ~/.bashrc && source ~/.bashrc \
      && gvm install go1.4 -B && gvm use go1.4 --default \
      && gvm install go1.14.4 && gvm use go 1.14.4 --default

The above one liner works with Ubuntu as well as Debian.


First line (below) will install gvm.

zsh < <(curl -s -S -L

Second line will ensure loading of gvm in your shell and it will load shell configuration again for this instance

echo "source /home/$USERNAME/.gvm/scripts/gvm" >> ~/.bashrc && source ~/.bashrc

Third line will install the go version without source (-B is for Binary) which will be loaded then as default

gvm install go1.4 -B && gvm use go1.4 --default

Fourth line will install the go specified version with source and compile it using go1.4

gvm install go1.14.4 && gvm use go 1.14.4 --default

Worth Sharing?

How to stress test your CPU?

At the moment, I am using Ubuntu. It has an amazing package which is stress to give some stress testing to your new machine. Like any other stress testing, idea here is to simply make sure that your machine is running at its full capacity and you are going to observe the temperature of CPU as well as the fan’s rpm.

Install stress

sudo apt-get install stress -y


stress --cpu $(grep -c ^processor /proc/cpuinfo) --timeout 60

The grep -c ^processor /proc/cpuinfo will just tell you how many cpu cores are there. This will spawn that number of cpus.

Worth Sharing?

Sanity in Insanity

Upon showing an App we developed, my good friend from service based company said that he could make that app in a week. I said – of course you can. He was a bit sceptical with my comment and tried to validate his point. He shown me some of his codes and then talk about how he created a bunch of libraries which he just imports to the project. The language he is talking about is PHP. This is a sane way to do things right? Of course!

It is easy to build an app. He said he can create that app in a week, I say, I can make that app in 5 days. Some, who can type even faster would make that app in few hours. But what about benchmarking?

A few weeks earlier, I had a LinkedIn comment giving the more efficient way to do the code. The guy commented that under the hood everything is probably the same. Then I shared the link: The codes were 1% faster. This is insane – just that a bit right? No!

Insanity in Attitude!

As I said, it is just a matter of typing speed who will finish the app first! But is it really a race? I don’t think so! I am sure most of you would agree with me.

A programmer who is doing benchmark his codes, profiling the code even the bit which has absolutely shown no alerts will create a nearly perfect app. Every day he will be learning which is more efficient. This will look insane but after say over 300 benchmarking and recognizing over 1000 places of these small bits, he will be writing the efficient codes right? Then it will come down to typing speed! But the result will be more efficient codes. I strongly recommend you hire these insane people, that will be the sanest thing to do!

Worth Sharing?

Self Hosted Solutions with Android and iOS apps to protect privacy and data

More I have used Google, Facebook, Disqus – more I feel that I have been tracked! This time it was insane, I am not sure if it is coincidence or not – I created a Google Keep checklist while on the call and put Antifragile to list – since then I have been seeing its ad. I haven’t even searched for it yet but somehow Ads knows that I want this book. So far, I was only worried about re-targeting and it is easy to ditch it – simply keep shuffling your cookies and do browsing on Incognito. Look at the curious case of Whatsapp – They say they can’t read the Whatsapp messages as they have an end to end encryption. THOUGH! Cops/Hackers could trace back to the origin. Even it has been requested to Whatsapp to add the digital signature. Every link you through on Skype is visited by MS Bot – for parsing but it does. Now it is known where you are right now. The Google DNS will always know what is your IP address and pinpoint your location. Even with the encryption, this is known!

What does a 20$/month Linode spin will get you? – A lot

  1. TODO: Most innocent looking is your ToDo list. You can simply have EtesSync to stop worrying about it.
  2. DNS: Deploy CoreDNS with TLS for E2E Encryption and forwarded Google will always have your server IP address. You must have some sort of checking to allow only a few IP ranges which you will get.
  3. Messenger – Riot based on Matrix can help you chat with your friends without worrying about messages being read/shared or tracked.
  4. Files: You can either use Standard FTP or use OwnCloud to share data and get Google Drive like experience
  5. Ad Block: As long as you are living near the server, it is okay to host on Linode. You can spin AdGuardHome and control what can be open. This can be running on a different port and DNS can proxy to this.
  6. Location Sharing – For location sharing – you can use owntracks

What is my status?

I have been using everything I have mentioned personally except OwnTracks. I have helped a few clients and friends to spin all of them for their use. I can also help you 🙂

Worth Sharing?