ci: build .rpm and .deb packages (#1497)

* add ./create-rpm.sh file to build a "frankenphp" rpm package

* also build a deb package

* renamed to build-packages

* linter...

* add depends

* linter again?

* linter number 3

* linter number 4

* set default locations for ini file, conf files and extensions

* set unified path for modules that should be ok on all dists

* add default content into "package" folder

* make file executable

* worker is in public folder

* what on earth did I do x)

* use same FRANKENPHP_VERSION and make sure to let pr's run the rpm generation too (version 0.0.0) to see issues

* install ruby, fpm and rpm-build

* move to after changing base urls because it would fail with packages not found

* ruby 3 build needs gcc 10

* rpm-build is necessary too...

* and I forgot to link the package folder

* create directories if they don't exist

* copy out all frankenphp* files?

* lint fix

* only copy frankenphp-* files

* only copy frankenphp-* files

* the .deb file is name frankenphp_1.5.0... - create output folder instead and upload all things inside that
will simplify things when later adding xdebug.so and ffi.so

* update the last two steps to use the gh-output directory

* add post install script to set frankenphp able to bind to port 80 for non-root users

* dnf over yum, I think the yum alias was removed in RH 9.5

* newlines

* newlines

* add text what missing libcap means

* copy php.ini-production from php-src, linter, update ruby version

* move Caddyfile to /etc/frankenphp/Caddyfile

* linter

* fix a copy and paste error

* better describe fallback to 0.0.0

* linter

* copy installation scripts from official caddy packages, change user to frankenphp too

* bombombom

* make files executable

* tabs

* linter

* linter again

* use empty directory for three different destinations instead of keeping three empty local directories

* caddy says the file is incorrectly formatted without these spaces

* remove wildcard matcher from root directive

* Apply suggestions from code review

commit suggested changes to preinstall/postinstall scripts

Co-authored-by: Kévin Dunglas <kevin@dunglas.fr>

* Update dev.Dockerfile

Co-authored-by: Kévin Dunglas <kevin@dunglas.fr>

* remove misleading comment

* update documentation for paths

* update documentation for paths some more

* fix musl opcache-jit issue

* markdown linter

* the damn tab

* Apply suggestions from code review

Co-authored-by: Kévin Dunglas <kevin@dunglas.fr>

* drop dev.Dockerfile php location from config.md

* add php config note to CONTRIBUTING.md

* dashes instead of asterisks in chinese docs

* fix package building

* create frankenphp user in case it doesn't exist for deb packages

* create users if they don't exist, delete them again if they didn't exist

* satisfy linter

* create the user with the same commands as the postinst/preinstall scripts

* Removes toolchain requirements.

* trigger

* Removes explicit calls to go get

* trigger

* setcap by default

* simplify example project

* bring page more in line with the caddy / apache / nginx default page

* update to html 5

* oopsies

* revert style to original

* remove https:// (caddy uses http:// on RHEL, :80 on Debian)

---------

Co-authored-by: Kévin Dunglas <kevin@dunglas.fr>
Co-authored-by: Alliballibaba <alliballibaba@gmail.com>

.github/workflows/static.yaml

@@ -218,6 +218,7 @@ jobs:
           targets: static-builder-gnu
           set: |
             ${{ (github.event_name == 'pull_request' || matrix.platform == 'linux/arm64') && 'static-builder-gnu.args.NO_COMPRESS=1' || '' }}
+            static-builder-gnu.args.BUILD_PACKAGES=1
             *.tags=
             *.platform=${{ matrix.platform }}
             *.cache-from=type=gha,scope=${{ needs.prepare.outputs.ref || github.ref }}-static-builder-gnu
@@ -247,12 +248,18 @@ jobs:
           path: /tmp/metadata-gnu/*
           if-no-files-found: error
           retention-days: 1
-      - name: Copy binary
+      - name: Copy all frankenphp* files
         run: |
           # shellcheck disable=SC2034
           digest=$(jq -r '."static-builder-gnu"."${{ fromJson(needs.prepare.outputs.push) && 'containerimage.digest' || 'containerimage.config.digest' }}"' <<< "${METADATA}")
-          docker create --platform=${{ matrix.platform }} --name static-builder-gnu "${{ fromJson(needs.prepare.outputs.push) && '${IMAGE_NAME}@${digest}' || '${digest}' }}"
-          docker cp "static-builder-gnu:/go/src/app/dist/${BINARY}" "${BINARY}-gnu"
+          container_id=$(docker create --platform=${{ matrix.platform }} "${{ fromJson(needs.prepare.outputs.push) && '${IMAGE_NAME}@${digest}' || '${digest}' }}")
+          mkdir -p gh-output
+          cd gh-output
+          for file in $(docker run --rm "${{ fromJson(needs.prepare.outputs.push) && '${IMAGE_NAME}@${digest}' || '${digest}' }}" sh -c "ls /go/src/app/dist | grep '^frankenphp'"); do
+            docker cp "${container_id}:/go/src/app/dist/${file}" "./${file}"
+          done
+          docker rm "${container_id}"
+          mv "${BINARY}" "${BINARY}-gnu"
         env:
           METADATA: ${{ steps.build.outputs.metadata }}
           BINARY: frankenphp-linux-${{ matrix.platform == 'linux/amd64' && 'x86_64' || 'aarch64' }}
@@ -260,17 +267,17 @@ jobs:
         if: ${{ !fromJson(needs.prepare.outputs.push) }}
         uses: actions/upload-artifact@v4
         with:
-          name: frankenphp-linux-${{ matrix.platform == 'linux/amd64' && 'x86_64' || 'aarch64' }}-gnu
-          path: frankenphp-linux-${{ matrix.platform == 'linux/amd64' && 'x86_64' || 'aarch64' }}-gnu
+          name: frankenphp-linux-${{ matrix.platform == 'linux/amd64' && 'x86_64' || 'aarch64' }}-gnu-files
+          path: gh-output/*
       - name: Upload assets
         if: fromJson(needs.prepare.outputs.push) && (needs.prepare.outputs.ref || github.ref_type == 'tag')
-        run: gh release upload "${{ (github.ref_type == 'tag' && github.ref_name) || needs.prepare.outputs.ref }}" frankenphp-linux-${{ matrix.platform == 'linux/amd64' && 'x86_64' || 'aarch64' }}-gnu --repo dunglas/frankenphp --clobber
+        run: gh release upload "${{ (github.ref_type == 'tag' && github.ref_name) || needs.prepare.outputs.ref }}" gh-output/* --repo dunglas/frankenphp --clobber
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       - if: fromJson(needs.prepare.outputs.push) && (needs.prepare.outputs.ref || github.ref_type == 'tag')
         uses: actions/attest-build-provenance@v2
         with:
-          subject-path: ${{ github.workspace }}/frankenphp-linux-*-gnu
+          subject-path: ${{ github.workspace }}/gh-output/frankenphp-linux-*-gnu
       - name: Run sanity checks
         run: |
           "${BINARY}" version
@@ -281,7 +288,7 @@ jobs:
           "${BINARY}" list-modules | grep http.handlers.vulcain
           "${BINARY}" php-cli -r "echo 'Sanity check passed';"
         env:
-          BINARY: ./frankenphp-linux-${{ matrix.platform == 'linux/amd64' && 'x86_64' || 'aarch64' }}-gnu
+          BINARY: ./gh-output/frankenphp-linux-${{ matrix.platform == 'linux/amd64' && 'x86_64' || 'aarch64' }}-gnu
 
   # Adapted from https://docs.docker.com/build/ci/github-actions/multi-platform/
   push:

.gitignore

@@ -8,4 +8,5 @@
 __debug_bin
 frankenphp.test
 caddy/frankenphp/Build
+package/etc/php.ini
 *.log

CONTRIBUTING.md

@@ -11,9 +11,13 @@ docker build -t frankenphp-dev -f dev.Dockerfile .
 docker run --cap-add=SYS_PTRACE --security-opt seccomp=unconfined -p 8080:8080 -p 443:443 -p 443:443/udp -v $PWD:/go/src/app -it frankenphp-dev
 ```
 
-The image contains the usual development tools (Go, GDB, Valgrind, Neovim...).
+The image contains the usual development tools (Go, GDB, Valgrind, Neovim...) and uses the following php setting locations
 
-If docker version is lower than 23.0, build is failed by dockerignore [pattern issue](https://github.com/moby/moby/pull/42676). Add directories to `.dockerignore`.
+- php.ini: `/etc/frankenphp/php.ini` A php.ini file with development presets is provided by default.
+- additional configuration files: `/etc/frankenphp/php.d/*.ini`
+- php extensions: `/usr/lib/frankenphp/modules/`
+
+If your docker version is lower than 23.0, the build will fail due to dockerignore [pattern issue](https://github.com/moby/moby/pull/42676). Add directories to `.dockerignore`.
 
 ```patch
  !testdata/*.php

Dockerfile

@@ -19,17 +19,17 @@ RUN set -eux; \
 		/app/public \
 		/config/caddy \
 		/data/caddy \
-		/etc/caddy; \
+		/etc/frankenphp; \
 	sed -i 's/php/frankenphp run/g' /usr/local/bin/docker-php-entrypoint; \
 	echo '<?php phpinfo();' > /app/public/index.php
 
-COPY --link caddy/frankenphp/Caddyfile /etc/caddy/Caddyfile
+COPY --link caddy/frankenphp/Caddyfile /etc/frankenphp/Caddyfile
 RUN curl -sSLf \
 		-o /usr/local/bin/install-php-extensions \
 		https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions && \
 	chmod +x /usr/local/bin/install-php-extensions
 
-CMD ["--config", "/etc/caddy/Caddyfile", "--adapter", "caddyfile"]
+CMD ["--config", "/etc/frankenphp/Caddyfile", "--adapter", "caddyfile"]
 HEALTHCHECK CMD curl -f http://localhost:2019/metrics || exit 1
 
 # See https://caddyserver.com/docs/conventions#file-locations for details
@@ -113,7 +113,7 @@ RUN echo $CGO_LDFLAGS
 WORKDIR /go/src/app/caddy/frankenphp
 RUN GOBIN=/usr/local/bin go install -tags 'nobadger,nomysql,nopgx' -ldflags "-w -s -X 'github.com/caddyserver/caddy/v2.CustomVersion=FrankenPHP $FRANKENPHP_VERSION PHP $PHP_VERSION Caddy'" -buildvcs=true && \
 	setcap cap_net_bind_service=+ep /usr/local/bin/frankenphp && \
-	cp Caddyfile /etc/caddy/Caddyfile && \
+	cp Caddyfile /etc/frankenphp/Caddyfile && \
 	frankenphp version && \
  	frankenphp build-info
 

alpine.Dockerfile

@@ -18,17 +18,17 @@ RUN set -eux; \
 		/app/public \
 		/config/caddy \
 		/data/caddy \
-		/etc/caddy; \
+		/etc/frankenphp; \
 	sed -i 's/php/frankenphp run/g' /usr/local/bin/docker-php-entrypoint; \
 	echo '<?php phpinfo();' > /app/public/index.php
 
-COPY --link caddy/frankenphp/Caddyfile /etc/caddy/Caddyfile
+COPY --link caddy/frankenphp/Caddyfile /etc/frankenphp/Caddyfile
 RUN curl -sSLf \
 		-o /usr/local/bin/install-php-extensions \
 		https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions && \
 	chmod +x /usr/local/bin/install-php-extensions
 
-CMD ["--config", "/etc/caddy/Caddyfile", "--adapter", "caddyfile"]
+CMD ["--config", "/etc/frankenphp/Caddyfile", "--adapter", "caddyfile"]
 HEALTHCHECK CMD curl -f http://localhost:2019/metrics || exit 1
 
 # See https://caddyserver.com/docs/conventions#file-locations for details

build-packages.sh

@@ -0,0 +1,135 @@
+#!/bin/bash
+
+set -o errexit
+set -x
+
+# Ensure required tools are installed
+if ! command -v rpmbuild &>/dev/null; then
+	echo "Error: rpm-build is required to create RPM packages."
+	echo "Install it with: sudo dnf install rpm-build"
+	exit 1
+fi
+
+if ! command -v ruby &>/dev/null; then
+	echo "Error: Ruby is required by FPM."
+	echo "Install it with: sudo dnf install ruby"
+	exit 1
+fi
+
+if ! command -v fpm &>/dev/null; then
+	echo "Error: FPM (rubygem-fpm) is required to create RPM packages."
+	echo "Install it with: sudo gem install fpm"
+	exit 1
+fi
+
+arch="$(uname -m)"
+os="$(uname -s | tr '[:upper:]' '[:lower:]')"
+bin="frankenphp-${os}-${arch}"
+
+if [ ! -f "dist/$bin" ]; then
+	echo "Error: dist/$bin not found. Run './build-static.sh' first"
+	exit 1
+fi
+
+if [ -z "${FRANKENPHP_VERSION}" ]; then
+	FRANKENPHP_VERSION="$(git rev-parse --verify HEAD)"
+	export FRANKENPHP_VERSION
+elif [ -d ".git/" ]; then
+	CURRENT_REF="$(git rev-parse --abbrev-ref HEAD)"
+	export CURRENT_REF
+
+	if echo "${FRANKENPHP_VERSION}" | grep -F -q "."; then
+		# Tag
+
+		# Trim "v" prefix if any
+		FRANKENPHP_VERSION=${FRANKENPHP_VERSION#v}
+		export FRANKENPHP_VERSION
+
+		git checkout "v${FRANKENPHP_VERSION}"
+	else
+		git checkout "${FRANKENPHP_VERSION}"
+	fi
+fi
+
+if [[ ! "${FRANKENPHP_VERSION}" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+	echo "Warning: FRANKENPHP_VERSION must be set to X.Y.Z (e.g. 1.5.1), got '${FRANKENPHP_VERSION}'"
+	echo "Falling back to non-release version 0.0.0"
+	FRANKENPHP_VERSION=0.0.0
+fi
+
+group_preexists=0
+user_preexists=0
+
+if getent group frankenphp >/dev/null; then
+	group_preexists=1
+else
+	groupadd --system frankenphp
+fi
+
+if getent passwd frankenphp >/dev/null; then
+	user_preexists=1
+else
+	useradd --system \
+		--gid frankenphp \
+		--create-home \
+		--home-dir /var/lib/frankenphp \
+		--shell /usr/sbin/nologin \
+		--comment "FrankenPHP web server" \
+		frankenphp
+fi
+
+mkdir -p package/empty
+mkdir -p package/etc
+[ -f ./dist/static-php-cli/source/php-src/php.ini-production ] && cp -f ./dist/static-php-cli/source/php-src/php.ini-production ./package/etc/php.ini
+
+cd dist
+iteration=1
+glibc_version=$(ldd -v "$bin" | awk '/GLIBC_/ {gsub(/[()]/, "", $2); print $2}' | grep -v GLIBC_PRIVATE | sort -V | tail -n1)
+cxxabi_version=$(strings "$bin" | grep -oP 'CXXABI_\d+\.\d+(\.\d+)?' | sort -V | tail -n1)
+
+fpm -s dir -t rpm -n frankenphp -v "${FRANKENPHP_VERSION}" \
+	--config-files /etc/frankenphp/Caddyfile \
+	--config-files /etc/frankenphp/php.ini \
+	--depends "libc.so.6(${glibc_version})(64bit)" \
+	--depends "libstdc++.so.6(${cxxabi_version})(64bit)" \
+	--before-install ../package/rhel/preinstall.sh \
+	--after-install ../package/rhel/postinstall.sh \
+	--before-remove ../package/rhel/preuninstall.sh \
+	--after-remove ../package/rhel/postuninstall.sh \
+	--iteration "${iteration}" \
+	--rpm-user frankenphp --rpm-group frankenphp \
+	"${bin}=/usr/bin/frankenphp" \
+	"../package/rhel/frankenphp.service=/usr/lib/systemd/system/frankenphp.service" \
+	"../package/Caddyfile=/etc/frankenphp/Caddyfile" \
+	"../package/content/=/usr/share/frankenphp" \
+	"../package/etc/php.ini=/etc/frankenphp/php.ini" \
+	"../package/empty/=/etc/frankenphp/php.d" \
+	"../package/empty/=/usr/lib/frankenphp/modules" \
+	"../package/empty/=/var/lib/frankenphp"
+
+glibc_version=$(ldd -v "$bin" | awk '/GLIBC_/ {gsub(/[()]/, "", $2); print $2}' | grep -v GLIBC_PRIVATE | sed 's/GLIBC_//' | sort -V | tail -n1)
+cxxabi_version=$(strings "$bin" | grep -oP 'CXXABI_\d+\.\d+(\.\d+)?' | sed 's/CXXABI_//' | sort -V | tail -n1)
+
+fpm -s dir -t deb -n frankenphp -v "${FRANKENPHP_VERSION}" \
+	--config-files /etc/frankenphp/Caddyfile \
+	--config-files /etc/frankenphp/php.ini \
+	--depends "libc6 (>= ${glibc_version})" \
+	--depends "libstdc++6 (>= ${cxxabi_version})" \
+	--after-install ../package/debian/postinst.sh \
+	--before-remove ../package/debian/prerm.sh \
+	--after-remove ../package/debian/postrm.sh \
+	--iteration "${iteration}" \
+	--deb-user frankenphp --deb-group frankenphp \
+	"${bin}=/usr/bin/frankenphp" \
+	"../package/debian/frankenphp.service=/usr/lib/systemd/system/frankenphp.service" \
+	"../package/Caddyfile=/etc/frankenphp/Caddyfile" \
+	"../package/content/=/usr/share/frankenphp" \
+	"../package/etc/php.ini=/etc/frankenphp/php.ini" \
+	"../package/empty/=/etc/frankenphp/php.d" \
+	"../package/empty/=/usr/lib/frankenphp/modules" \
+	"../package/empty/=/var/lib/frankenphp"
+
+[ "$user_preexists" -eq 0 ] && userdel frankenphp
+[ "$group_preexists" -eq 0 ] && groupdel frankenphp
+
+cd ..

build-static.sh

@@ -40,9 +40,9 @@ fi
 # init spc build additional args
 if [ -z "${SPC_OPT_BUILD_ARGS}" ]; then
 	SPC_OPT_BUILD_ARGS=""
-	if [ "${SPC_LIBC}" = "musl" ]; then
-		SPC_OPT_BUILD_ARGS="${SPC_OPT_BUILD_ARGS} --disable-opcache-jit"
-	fi
+fi
+if [ "${SPC_LIBC}" = "musl" ] && [[ "${SPC_OPT_BUILD_ARGS}" != *"--disable-opcache-jit"* ]]; then
+	SPC_OPT_BUILD_ARGS="${SPC_OPT_BUILD_ARGS} --disable-opcache-jit"
 fi
 # init spc download additional args
 if [ -z "${SPC_OPT_DOWNLOAD_ARGS}" ]; then

caddy/frankenphp/Caddyfile

@@ -1,3 +1,8 @@
+# The Caddyfile is an easy way to configure FrankenPHP and the Caddy web server.
+#
+# https://frankenphp.dev/docs/config
+# https://caddyserver.com/docs/caddyfile
+{
 	{$CADDY_GLOBAL_OPTIONS}
 
 	frankenphp {
@@ -43,3 +48,9 @@
 	php_server
 }
 
+# As an alternative to editing the above site block, you can add your own site
+# block files in the Caddyfile.d directory, and they will be included as long
+# as they use the .caddyfile extension.
+
+import Caddyfile.d/*.caddyfile
+import Caddyfile.d/*.caddyfile

dev-alpine.Dockerfile

@@ -51,18 +51,21 @@ WORKDIR /usr/local/src/php
 RUN git clone --branch=PHP-8.4 https://github.com/php/php-src.git . && \
 	# --enable-embed is only necessary to generate libphp.so, we don't use this SAPI directly
 	./buildconf --force && \
-	./configure \
+	EXTENSION_DIR=/usr/lib/frankenphp/modules ./configure \
 		--enable-embed \
 		--enable-zts \
 		--disable-zend-signals \
 		--enable-zend-max-execution-timers \
+		--with-config-file-path=/etc/frankenphp/php.ini \
+		--with-config-file-scan-dir=/etc/frankenphp/php.d \
 		--enable-debug && \
 	make -j"$(nproc)" && \
 	make install && \
 	ldconfig /etc/ld.so.conf.d && \
-	cp php.ini-development /usr/local/lib/php.ini && \
-	echo "zend_extension=opcache.so" >> /usr/local/lib/php.ini && \
-	echo "opcache.enable=1" >> /usr/local/lib/php.ini && \
+		mkdir -p /etc/frankenphp/php.d && \
+			cp php.ini-development /etc/frankenphp/php.ini && \
+			echo "zend_extension=opcache.so" >> /etc/frankenphp/php.ini && \
+			echo "opcache.enable=1" >> /etcfrankenphp/php.ini && \
 	php --version
 
 # Install e-dant/watcher (necessary for file watching)

dev.Dockerfile

@@ -53,18 +53,21 @@ WORKDIR /usr/local/src/php
 RUN git clone --branch=PHP-8.4 https://github.com/php/php-src.git . && \
 	# --enable-embed is only necessary to generate libphp.so, we don't use this SAPI directly
 	./buildconf --force && \
-	./configure \
+	EXTENSION_DIR=/usr/lib/frankenphp/modules ./configure \
 		--enable-embed \
 		--enable-zts \
 		--disable-zend-signals \
 		--enable-zend-max-execution-timers \
+		--with-config-file-path=/etc/frankenphp/php.ini \
+		--with-config-file-scan-dir=/etc/frankenphp/php.d \
 		--enable-debug && \
 	make -j"$(nproc)" && \
 	make install && \
 	ldconfig && \
-	cp php.ini-development /usr/local/lib/php.ini && \
-	echo "zend_extension=opcache.so" >> /usr/local/lib/php.ini && \
-	echo "opcache.enable=1" >> /usr/local/lib/php.ini && \
+		mkdir -p /etc/frankenphp/php.d && \
+			cp php.ini-development /etc/frankenphp/php.ini && \
+			echo "zend_extension=opcache.so" >> /etc/frankenphp/php.ini && \
+			echo "opcache.enable=1" >> /etcfrankenphp/php.ini && \
 	php --version
 
 # Install e-dant/watcher (necessary for file watching)

docs/cn/CONTRIBUTING.md

@@ -11,9 +11,13 @@ docker build -t frankenphp-dev -f dev.Dockerfile .
 docker run --cap-add=SYS_PTRACE --security-opt seccomp=unconfined -p 8080:8080 -p 443:443 -p 443:443/udp -v $PWD:/go/src/app -it frankenphp-dev
 ```
 
-该镜像包含常用的开发工具（Go、GDB、Valgrind、Neovim等）。
+该镜像包含常用的开发工具（Go、GDB、Valgrind、Neovim等）并使用以下 php 设置位置
 
-如果 docker 版本低于 23.0，则会因为 dockerignore [pattern issue](https://github.com/moby/moby/pull/42676) 而导致构建失败。将目录添加到 `.dockerignore`。
+- php.ini: `/etc/frankenphp/php.ini` 默认提供了一个带有开发预设的 php.ini 文件。
+- 附加配置文件: `/etc/frankenphp/php.d/*.ini`
+- php 扩展: `/usr/lib/frankenphp/modules/`
+
+如果您的 docker 版本低于 23.0，则会因为 dockerignore [pattern issue](https://github.com/moby/moby/pull/42676) 而导致构建失败。将目录添加到 `.dockerignore`。
 
 ```patch
  !testdata/*.php
@@ -179,20 +183,20 @@ docker buildx bake -f docker-bake.hcl --pull --no-cache --push
 
 ## 其他开发资源
 
-* [PHP 嵌入 uWSGI](https://github.com/unbit/uwsgi/blob/master/plugins/php/php_plugin.c)
-* [PHP 嵌入 NGINX Unit](https://github.com/nginx/unit/blob/master/src/nxt_php_sapi.c)
-* [PHP 嵌入 Go (go-php)](https://github.com/deuill/go-php)
-* [PHP 嵌入 Go (GoEmPHP)](https://github.com/mikespook/goemphp)
-* [PHP 嵌入 C++](https://gist.github.com/paresy/3cbd4c6a469511ac7479aa0e7c42fea7)
-* [扩展和嵌入 PHP 作者：Sara Golemon](https://books.google.fr/books?id=zMbGvK17_tYC&pg=PA254&lpg=PA254#v=onepage&q&f=false)
-* [TSRMLS_CC到底是什么？](http://blog.golemon.com/2006/06/what-heck-is-tsrmlscc-anyway.html)
-* [Mac 上的 PHP 嵌入](https://gist.github.com/jonnywang/61427ffc0e8dde74fff40f479d147db4)
-* [SDL 绑定](https://pkg.go.dev/github.com/veandco/go-sdl2@v0.4.21/sdl#Main)
+- [PHP 嵌入 uWSGI](https://github.com/unbit/uwsgi/blob/master/plugins/php/php_plugin.c)
+- [PHP 嵌入 NGINX Unit](https://github.com/nginx/unit/blob/master/src/nxt_php_sapi.c)
+- [PHP 嵌入 Go (go-php)](https://github.com/deuill/go-php)
+- [PHP 嵌入 Go (GoEmPHP)](https://github.com/mikespook/goemphp)
+- [PHP 嵌入 C++](https://gist.github.com/paresy/3cbd4c6a469511ac7479aa0e7c42fea7)
+- [扩展和嵌入 PHP 作者：Sara Golemon](https://books.google.fr/books?id=zMbGvK17_tYC&pg=PA254&lpg=PA254#v=onepage&q&f=false)
+- [TSRMLS_CC到底是什么？](http://blog.golemon.com/2006/06/what-heck-is-tsrmlscc-anyway.html)
+- [Mac 上的 PHP 嵌入](https://gist.github.com/jonnywang/61427ffc0e8dde74fff40f479d147db4)
+- [SDL 绑定](https://pkg.go.dev/github.com/veandco/go-sdl2@v0.4.21/sdl#Main)
 
 ## Docker 相关资源
 
-* [Bake 文件定义](https://docs.docker.com/build/customize/bake/file-definition/)
-* [docker buildx 构建](https://docs.docker.com/engine/reference/commandline/buildx_build/)
+- [Bake 文件定义](https://docs.docker.com/build/customize/bake/file-definition/)
+- [docker buildx 构建](https://docs.docker.com/engine/reference/commandline/buildx_build/)
 
 ## 有用的命令
 

docs/cn/config.md

@@ -2,12 +2,17 @@
 
 FrankenPHP，Caddy 以及 Mercure 和 Vulcain 模块可以使用 [Caddy 支持的格式](https://caddyserver.com/docs/getting-started#your-first-config) 进行配置。
 
-在[Docker 映像](docker.md) 中，`Caddyfile` 位于 `/etc/caddy/Caddyfile`。
+在[Docker 映像](docker.md) 中，`Caddyfile` 位于 `/etc/frankenphp/Caddyfile`。
 静态二进制文件会在启动时所在的目录中查找 `Caddyfile`。
 PHP 本身可以[使用 `php.ini` 文件](https://www.php.net/manual/zh/configuration.file.php)进行配置。
-默认情况下，随 Docker 映像提供的 PHP 和静态二进制文件中包含的 PHP 将在启动 FrankenPHP 的目录和 `/usr/local/etc/php/` 中查找`php.ini` 文件。它们还会从 `/usr/local/etc/php/conf.d/` 中加载所有以 `.ini` 结尾的文件。
-默认情况下没有 `php.ini` 文件，因此应复制 PHP 项目提供的官方模板。
-在 Docker 上，模板在镜像中提供：
+PHP 解释器将在以下位置查找：
+
+Docker:
+
+- php.ini: `/usr/local/etc/php/php.ini` 默认情况下不提供 php.ini。
+- 附加配置文件: `/usr/local/etc/php/conf.d/*.ini`
+- php 扩展: `/usr/local/lib/php/extensions/no-debug-zts-<YYYYMMDD>/`
+- 您应该复制 PHP 项目提供的官方模板：
 
 ```dockerfile
 FROM dunglas/frankenphp
@@ -19,7 +24,18 @@ RUN cp $PHP_INI_DIR/php.ini-production $PHP_INI_DIR/php.ini
 RUN cp $PHP_INI_DIR/php.ini-development $PHP_INI_DIR/php.ini
 ```
 
-如果不使用 Docker，请复制[PHP 源代码](https://github.com/php/php-src/)中提供的`php.ini-production`或`php.ini-development`中的一个。
+FrankenPHP 安装 (.rpm 或 .deb):
+
+- php.ini: `/etc/frankenphp/php.ini` 默认情况下提供带有生产预设的 php.ini 文件。
+- 附加配置文件: `/etc/frankenphp/php.d/*.ini`
+- php 扩展: `/usr/lib/frankenphp/modules/`
+
+静态二进制:
+
+- php.ini: 执行 `frankenphp run` 或 `frankenphp php-server` 的目录，然后是 `/etc/frankenphp/php.ini`
+- 附加配置文件: `/etc/frankenphp/php.d/*.ini`
+- php 扩展: 无法加载
+- 复制[PHP 源代码](https://github.com/php/php-src/)中提供的`php.ini-production`或`php.ini-development`中的一个。
 
 ## Caddyfile 配置
 
@@ -133,9 +149,9 @@ php_server [<matcher>] {
 
 以下环境变量可用于在 `Caddyfile` 中注入 Caddy 指令，而无需对其进行修改：
 
-* `SERVER_NAME`: 更改 [要监听的地址](https://caddyserver.com/docs/caddyfile/concepts#addresses)，提供的主机名也将用于生成的 TLS 证书
-* `CADDY_GLOBAL_OPTIONS`: 注入 [全局选项](https://caddyserver.com/docs/caddyfile/options)
-* `FRANKENPHP_CONFIG`: 在 `frankenphp` 指令下注入配置
+- `SERVER_NAME`: 更改 [要监听的地址](https://caddyserver.com/docs/caddyfile/concepts#addresses)，提供的主机名也将用于生成的 TLS 证书
+- `CADDY_GLOBAL_OPTIONS`: 注入 [全局选项](https://caddyserver.com/docs/caddyfile/options)
+- `FRANKENPHP_CONFIG`: 在 `frankenphp` 指令下注入配置
 
 ## PHP 配置
 

docs/config.md

@@ -2,15 +2,20 @@
 
 FrankenPHP, Caddy as well as the Mercure and Vulcain modules can be configured using [the formats supported by Caddy](https://caddyserver.com/docs/getting-started#your-first-config).
 
-In [the Docker images](docker.md), the `Caddyfile` is located at `/etc/caddy/Caddyfile`. The static binary will look for the `Caddyfile` in the directory where the `frankenphp run` command is executed. You can specify a custom path with the `-c` or `--config` option.
+In [the Docker images](docker.md), the `Caddyfile` is located at `/etc/frankenphp/Caddyfile`.
+The static binary will also look for the `Caddyfile` in the directory where the `frankenphp run` command is executed.
+You can specify a custom path with the `-c` or `--config` option.
 
 PHP itself can be configured [using a `php.ini` file](https://www.php.net/manual/en/configuration.file.php).
 
-By default, PHP supplied with Docker images and the one included in the static binary will look for a `php.ini` file in the directory where FrankenPHP is started and in `/usr/local/etc/php/`. They will also load all files ending in `.ini` from `/usr/local/etc/php/conf.d/`.
+Depending on your installation method, the PHP interpreter will look for configuration files in locations described above.
 
-No `php.ini` file is present by default, you should copy an official template provided by the PHP project.
+## Docker
 
-On Docker, the templates are provided in the images:
+- `php.ini`: `/usr/local/etc/php/php.ini` (no `php.ini` is provided by default)
+- additional configuration files: `/usr/local/etc/php/conf.d/*.ini`
+- PHP extensions: `/usr/local/lib/php/extensions/no-debug-zts-<YYYYMMDD>/`
+- You should copy an official template provided by the PHP project:
 
 ```dockerfile
 FROM dunglas/frankenphp
@@ -22,7 +27,18 @@ RUN cp $PHP_INI_DIR/php.ini-production $PHP_INI_DIR/php.ini
 RUN cp $PHP_INI_DIR/php.ini-development $PHP_INI_DIR/php.ini
 ```
 
-If you don't use Docker, copy one of `php.ini-production` or `php.ini-development` provided [in the PHP sources](https://github.com/php/php-src/).
+## RPM and Debian packages
+
+- `php.ini`: `/etc/frankenphp/php.ini` (a `php.ini` file with production presets is provided by default)
+- additional configuration files: `/etc/frankenphp/php.d/*.ini`
+- PHP extensions: `/usr/lib/frankenphp/modules/`
+
+## Static binary
+
+- `php.ini`: The directory in which `frankenphp run` or `frankenphp php-server` is executed, then `/etc/frankenphp/php.ini`
+- additional configuration files: `/etc/frankenphp/php.d/*.ini`
+- PHP extensions: cannot be loaded, bundle them in the binary itself
+- copy one of `php.ini-production` or `php.ini-development` provided [in the PHP sources](https://github.com/php/php-src/).
 
 ## Caddyfile Config
 

docs/fr/CONTRIBUTING.md

@@ -11,9 +11,13 @@ docker build -t frankenphp-dev -f dev.Dockerfile .
 docker run --cap-add=SYS_PTRACE --security-opt seccomp=unconfined -p 8080:8080 -p 443:443 -p 443:443/udp -v $PWD:/go/src/app -it frankenphp-dev
 ```
 
-L'image contient les outils de développement habituels (Go, GDB, Valgrind, Neovim...).
+L'image contient les outils de développement habituels (Go, GDB, Valgrind, Neovim...) et utilise les emplacements de configuration PHP suivants
 
-Si la version de Docker est inférieure à 23.0, la construction échoue à cause d'un [problème de pattern](https://github.com/moby/moby/pull/42676) dans `.dockerignore`. Ajoutez les répertoires à `.dockerignore`.
+- php.ini: `/etc/frankenphp/php.ini` Un fichier php.ini avec des préréglages de développement est fourni par défaut.
+- fichiers de configuration supplémentaires: `/etc/frankenphp/php.d/*.ini`
+- extensions php: `/usr/lib/frankenphp/modules/`
+
+Si votre version de Docker est inférieure à 23.0, la construction échouera à cause d'un [problème de pattern](https://github.com/moby/moby/pull/42676) dans `.dockerignore`. Ajoutez les répertoires à `.dockerignore`.
 
 ```patch
  !testdata/*.php

docs/fr/config.md

@@ -2,16 +2,19 @@
 
 FrankenPHP, Caddy ainsi que les modules Mercure et Vulcain peuvent être configurés en utilisant [les formats pris en charge par Caddy](https://caddyserver.com/docs/getting-started#your-first-config).
 
-Dans [les images Docker](docker.md), le `Caddyfile` est situé dans `/etc/caddy/Caddyfile`.
+Dans [les images Docker](docker.md), le `Caddyfile` est situé dans `/etc/frankenphp/Caddyfile`.
 Le binaire statique cherchera le `Caddyfile` dans le répertoire dans lequel il est démarré.
 
 PHP lui-même peut être configuré [en utilisant un fichier `php.ini`](https://www.php.net/manual/fr/configuration.file.php).
 
-Par défaut, le PHP fourni avec les images Docker et celui inclus dans le binaire statique cherchera un fichier `php.ini` dans le répertoire dans lequel FrankenPHP est démarré et dans `/usr/local/etc/php/`. Ils chargeront également tous les fichiers se terminant par `.ini` dans `/usr/local/etc/php/conf.d/`.
+L'interpréteur PHP cherchera dans les emplacements suivants :
 
-Aucun fichier `php.ini` n'est présent par défaut, vous devriez copier un modèle officiel fourni par le projet PHP.
+Docker :
 
-Sur Docker, les modèles sont fournis dans les images :
+- php.ini : `/usr/local/etc/php/php.ini` Aucun php.ini n'est fourni par défaut.
+- fichiers de configuration supplémentaires : `/usr/local/etc/php/conf.d/*.ini`
+- extensions php : `/usr/local/lib/php/extensions/no-debug-zts-<YYYYMMDD>/`
+- Vous devriez copier un modèle officiel fourni par le projet PHP :
 
 ```dockerfile
 FROM dunglas/frankenphp
@@ -23,7 +26,18 @@ RUN cp $PHP_INI_DIR/php.ini-production $PHP_INI_DIR/php.ini
 RUN cp $PHP_INI_DIR/php.ini-development $PHP_INI_DIR/php.ini
 ```
 
-Si vous n'utilisez pas Docker, copiez l'un des fichiers `php.ini-production` ou `php.ini-development` fournis [dans les sources de PHP](https://github.com/php/php-src/).
+Installation de FrankenPHP (.rpm ou .deb) :
+
+- php.ini : `/etc/frankenphp/php.ini` Un fichier php.ini avec des préréglages de production est fourni par défaut.
+- fichiers de configuration supplémentaires : `/etc/frankenphp/php.d/*.ini`
+- extensions php : `/usr/lib/frankenphp/modules/`
+
+Binaire statique :
+
+- php.ini : Le répertoire dans lequel `frankenphp run` ou `frankenphp php-server` est exécuté, puis `/etc/frankenphp/php.ini`
+- fichiers de configuration supplémentaires : `/etc/frankenphp/php.d/*.ini`
+- extensions php : ne peuvent pas être chargées
+- copiez l'un des fichiers `php.ini-production` ou `php.ini-development` fournis [dans les sources de PHP](https://github.com/php/php-src/).
 
 ## Configuration du Caddyfile
 

docs/ru/CONTRIBUTING.md

@@ -11,9 +11,13 @@ docker build -t frankenphp-dev -f dev.Dockerfile .
 docker run --cap-add=SYS_PTRACE --security-opt seccomp=unconfined -p 8080:8080 -p 443:443 -p 443:443/udp -v $PWD:/go/src/app -it frankenphp-dev
 ```
 
-Образ содержит стандартные инструменты для разработки (Go, GDB, Valgrind, Neovim и др.).
+Образ содержит стандартные инструменты для разработки (Go, GDB, Valgrind, Neovim и др.) и использует следующие пути для настроек PHP
 
-Если версия Docker ниже 23.0, сборка может завершиться ошибкой из-за [проблемы с шаблонами dockerignore](https://github.com/moby/moby/pull/42676). Добавьте в `.dockerignore` следующие директории:
+- php.ini: `/etc/frankenphp/php.ini` По умолчанию предоставляется файл php.ini с настройками для разработки.
+- дополнительные файлы конфигурации: `/etc/frankenphp/php.d/*.ini`
+- расширения php: `/usr/lib/frankenphp/modules/`
+
+Если ваша версия Docker ниже 23.0, сборка может завершиться ошибкой из-за [проблемы с шаблонами dockerignore](https://github.com/moby/moby/pull/42676). Добавьте в `.dockerignore` следующие директории:
 
 ```patch
  !testdata/*.php

docs/ru/config.md

@@ -2,16 +2,19 @@
 
 FrankenPHP, Caddy, а также модули Mercure и Vulcain могут быть настроены с использованием [конфигурационных форматов, поддерживаемых Caddy](https://caddyserver.com/docs/getting-started#your-first-config).
 
-В [Docker-образах](docker.md) файл `Caddyfile` находится по пути `/etc/caddy/Caddyfile`.
+В [Docker-образах](docker.md) файл `Caddyfile` находится по пути `/etc/frankenphp/Caddyfile`.
 Статический бинарный файл будет искать `Caddyfile` в директории запуска.
 
 PHP можно настроить [с помощью файла `php.ini`](https://www.php.net/manual/en/configuration.file.php).
 
-PHP из Docker-образов и статического бинарного файла по умолчанию будет искать файл `php.ini` в директории, где был запущен FrankenPHP, а также в `/usr/local/etc/php/`. Кроме того, будут загружены все файлы с расширением `.ini` из директории `/usr/local/etc/php/conf.d/`.
+PHP-интерпретатор будет искать в следующих местах:
 
-Файл `php.ini` по умолчанию отсутствует. Вы можете скопировать официальный шаблон, предоставляемый проектом PHP.
+Docker:
 
-В Docker-шаблоны включены в образы:
+- php.ini: `/usr/local/etc/php/php.ini` По умолчанию php.ini не предоставляется.
+- дополнительные файлы конфигурации: `/usr/local/etc/php/conf.d/*.ini`
+- расширения php: `/usr/local/lib/php/extensions/no-debug-zts-<YYYYMMDD>/`
+- Вы должны скопировать официальный шаблон, предоставляемый проектом PHP:
 
 ```dockerfile
 FROM dunglas/frankenphp
@@ -23,7 +26,18 @@ RUN cp $PHP_INI_DIR/php.ini-production $PHP_INI_DIR/php.ini
 RUN cp $PHP_INI_DIR/php.ini-development $PHP_INI_DIR/php.ini
 ```
 
-Если вы не используете Docker, скопируйте один из шаблонов `php.ini-production` или `php.ini-development`, предоставленных [в исходниках PHP](https://github.com/php/php-src/).
+Установка FrankenPHP (.rpm или .deb):
+
+- php.ini: `/etc/frankenphp/php.ini` По умолчанию предоставляется файл php.ini с производственными настройками.
+- дополнительные файлы конфигурации: `/etc/frankenphp/php.d/*.ini`
+- расширения php: `/usr/lib/frankenphp/modules/`
+
+Статический бинарный файл:
+
+- php.ini: Директория, в которой выполняется `frankenphp run` или `frankenphp php-server`, затем `/etc/frankenphp/php.ini`
+- дополнительные файлы конфигурации: `/etc/frankenphp/php.d/*.ini`
+- расширения php: не могут быть загружены
+- скопируйте один из шаблонов `php.ini-production` или `php.ini-development`, предоставленных [в исходниках PHP](https://github.com/php/php-src/).
 
 ## Конфигурация Caddyfile
 

docs/tr/CONTRIBUTING.md

@@ -11,9 +11,13 @@ docker build -t frankenphp-dev -f dev.Dockerfile .
 docker run --cap-add=SYS_PTRACE --security-opt seccomp=unconfined -p 8080:8080 -p 443:443 -p 443:443/udp -v $PWD:/go/src/app -it frankenphp-dev
 ```
 
-İmaj genel geliştirme araçlarını (Go, GDB, Valgrind, Neovim...) içerir.
+İmaj genel geliştirme araçlarını (Go, GDB, Valgrind, Neovim...) içerir ve aşağıdaki php ayar konumlarını kullanır
 
-Docker sürümü 23.0'dan düşükse, derleme dockerignore [pattern issue](https://github.com/moby/moby/pull/42676) tarafından başarısız olur. Dizinleri `.dockerignore` dosyasına ekleyin.
+- php.ini: `/etc/frankenphp/php.ini` Varsayılan olarak geliştirme ön ayarlarına sahip bir php.ini dosyası sağlanır.
+- ek yapılandırma dosyaları: `/etc/frankenphp/php.d/*.ini`
+- php uzantıları: `/usr/lib/frankenphp/modules/`
+
+Docker sürümünüz 23.0'dan düşükse, derleme dockerignore [pattern issue](https://github.com/moby/moby/pull/42676) nedeniyle başarısız olacaktır. Dizinleri `.dockerignore` dosyasına ekleyin.
 
 ```patch
  !testdata/*.php

docs/tr/config.md

@@ -2,15 +2,19 @@
 
 FrankenPHP, Caddy'nin yanı sıra Mercure ve Vulcain modülleri [Caddy tarafından desteklenen formatlar](https://caddyserver.com/docs/getting-started#your-first-config) kullanılarak yapılandırılabilir.
 
-Docker imajlarında] (docker.md), `Caddyfile` `/etc/caddy/Caddyfile` adresinde bulunur.
+Docker imajlarında] (docker.md), `Caddyfile` `/etc/frankenphp/Caddyfile` adresinde bulunur.
 Statik ikili, başlatıldığı dizinde `Caddyfile` dosyasını arayacaktır.
 
 PHP'nin kendisi [bir `php.ini` dosyası kullanılarak yapılandırılabilir](https://www.php.net/manual/tr/configuration.file.php).
 
-Varsayılan olarak, Docker imajlarıyla birlikte verilen PHP ve statik ikili dosyada bulunan PHP, FrankenPHP'nin başlatıldığı dizinde ve `/usr/local/etc/php/` içinde bir `php.ini` dosyası arayacaktır. Ayrıca `.ini` ile biten tüm dosyaları `/usr/local/etc/php/conf.d/` dizininden yükleyecektir.
+PHP yorumlayıcısı aşağıdaki konumlarda arama yapacaktır:
 
-Öntanımlı olarak `php.ini` dosyası yoktur, PHP projesi tarafından sağlanan resmi bir şablonu kopyalamanız gerekir.
-Docker'da şablonlar imajlar içinde sağlanır:
+Docker:
+
+- php.ini: `/usr/local/etc/php/php.ini` Varsayılan olarak php.ini sağlanmaz.
+- ek yapılandırma dosyaları: `/usr/local/etc/php/conf.d/*.ini`
+- php uzantıları: `/usr/local/lib/php/extensions/no-debug-zts-<YYYYMMDD>/`
+- PHP projesi tarafından sağlanan resmi bir şablonu kopyalamalısınız:
 
 ```dockerfile
 FROM dunglas/frankenphp
@@ -22,7 +26,18 @@ RUN cp $PHP_INI_DIR/php.ini-development $PHP_INI_DIR/php.ini
 RUN cp $PHP_INI_DIR/php.ini-production $PHP_INI_DIR/php.ini
 ```
 
-Docker kullanmıyorsanız, [PHP kaynak kodu](https://github.com/php/php-src/) ile birlikte verilen `php.ini-production` veya `php.ini-development` dosyalarından birini kopyalayın.
+FrankenPHP kurulumu (.rpm veya .deb):
+
+- php.ini: `/etc/frankenphp/php.ini` Varsayılan olarak üretim ön ayarlarına sahip bir php.ini dosyası sağlanır.
+- ek yapılandırma dosyaları: `/etc/frankenphp/php.d/*.ini`
+- php uzantıları: `/usr/lib/frankenphp/modules/`
+
+Statik ikili:
+
+- php.ini: `frankenphp run` veya `frankenphp php-server` komutunun çalıştırıldığı dizin, ardından `/etc/frankenphp/php.ini`
+- ek yapılandırma dosyaları: `/etc/frankenphp/php.d/*.ini`
+- php uzantıları: yüklenemez
+- [PHP kaynak kodu](https://github.com/php/php-src/) ile birlikte verilen `php.ini-production` veya `php.ini-development` dosyalarından birini kopyalayın.
 
 ## Caddyfile Konfigürasyonu
 

package/Caddyfile

@@ -0,0 +1,19 @@
+# The Caddyfile is an easy way to configure FrankenPHP and the Caddy web server.
+#
+# https://frankenphp.dev/docs/config
+# https://caddyserver.com/docs/caddyfile
+{
+	frankenphp
+}
+
+http:// {
+	root /usr/share/frankenphp/
+	encode zstd br gzip
+
+	php_server
+}
+
+# As an alternative to editing the above site block, you can add your own site
+# block files in the Caddyfile.d directory, and they will be included as long
+# as they use the .caddyfile extension.
+import Caddyfile.d/*.caddyfile

package/content/index.php

@@ -0,0 +1,133 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>Test Page for FrankenPHP</title>
+    <style>
+        body {
+            background-color: #FAF5F5;
+            color: #000;
+            font-size: 0.9em;
+            font-family: sans-serif,helvetica;
+            margin: 0;
+            padding: 0;
+        }
+        :link, :visited {
+            color: #0B2335;
+        }
+        a:hover {
+            color: #0069DA;
+        }
+        h1 {
+            text-align: center;
+            margin: 0;
+            padding: 0.6em 2em 0.4em;
+            background-color: #0B2335;
+            color: #fff;
+            font-weight: normal;
+            font-size: 1.75em;
+            border-bottom: 2px solid #000;
+        }
+        h1 strong {
+            font-weight: bold;
+        }
+        h2 {
+            font-size: 1.1em;
+            font-weight: bold;
+        }
+        hr {
+            display: none;
+        }
+        .content {
+            padding: 1em 5em;
+        }
+        .content-columns {
+            position: relative;
+            padding-top: 1em;
+        }
+        .content-column-left, .content-column-right {
+            width: 47%;
+            float: left;
+            padding-bottom: 2em;
+        }
+        .content-column-left {
+            padding-right: 3%;
+        }
+        .content-column-right {
+            padding-left: 3%;
+        }
+        .logos {
+            text-align: center;
+            margin-top: 2em;
+        }
+        img {
+            border: 2px solid #fff;
+            padding: 2px;
+            margin: 2px;
+        }
+        a:hover img {
+            border: 2px solid #f50;
+        }
+        .footer {
+            clear: both;
+            text-align: center;
+            font-size: xx-small;
+        }
+        .runtime-info {
+            background: #efefef;
+            padding: 0.5em;
+            margin-top: 1em;
+            font-size: 0.85em;
+            border-left: 3px solid #0B2335;
+        }
+    </style>
+</head>
+
+<body>
+    <header>
+        <h1>FrankenPHP <strong>Test Page</strong></h1>
+    </header>
+
+    <main class="content">
+        <div class="content-columns">
+            <section class="content-column-left">
+                <h2>If you are a member of the general public:</h2>
+
+                <p>The fact that you are seeing this page indicates that the website you just visited is either experiencing problems, or is undergoing routine maintenance.</p>
+
+                <p>
+                    If you would like to let the administrators of this website know that you've seen this page instead of the page you expected, you should send them e-mail.
+                    In general, mail sent to the name "webmaster" and directed to the website's domain should reach the appropriate person.
+                </p>
+
+                <p>For example, try contacting <a href="mailto:webmaster@<?php echo $_SERVER['SERVER_NAME'] ?? 'example.com'; ?>">webmaster@<?php echo $_SERVER['SERVER_NAME'] ?? 'example.com'; ?></a>.</p>
+
+                <p>Learn more about FrankenPHP at the <a href="https://frankenphp.dev/">official website</a>.</p>
+            </section>
+
+            <section class="content-column-right">
+                <h2>If you are the website administrator:</h2>
+
+                <p>Your server is running and serving requests using FrankenPHP, powered by Caddy</p>
+
+                <p>To replace this page, deploy your application files to <code><?php echo getcwd(); ?></code>.</p>
+
+                <p>Configuration is handled in your <code>Caddyfile</code>.</p>
+
+                <div class="runtime-info">
+                    <strong>Served by PHP SAPI: </strong> <?php echo php_sapi_name(); ?><br />
+                </div>
+
+                <div class="logos">
+                    <a href="https://frankenphp.dev/"><img src="assets/frankenphp.svg" height="50" width="166" alt="Powered by FrankenPHP" /></a>
+                    <a href="https://caddyserver.com/"><img src="assets/caddy.png" height="50" width="166" alt="Powered by Caddy" /></a>
+                </div>
+            </section>
+        </div>
+    </main>
+
+    <footer class="footer">
+        <p><a href="https://frankenphp.dev">FrankenPHP</a> is an open-source web server for PHP built on top of <a href="https://caddyserver.com">Caddy</a>.</p>
+    </footer>
+</body>
+</html>

package/debian/frankenphp.service

@@ -0,0 +1,21 @@
+[Unit]
+Description=FrankenPHP
+Documentation=https://frankenphp.dev/docs/
+After=network.target network-online.target
+Requires=network-online.target
+
+[Service]
+Type=notify
+User=frankenphp
+Group=frankenphp
+ExecStart=/usr/bin/frankenphp run --environ --config /etc/frankenphp/Caddyfile
+ExecReload=/usr/bin/frankenphp reload --config /etc/frankenphp/Caddyfile --force
+TimeoutStopSec=5s
+LimitNOFILE=1048576
+LimitNPROC=512
+PrivateTmp=true
+ProtectSystem=full
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+
+[Install]
+WantedBy=multi-user.target

package/debian/postinst.sh

@@ -0,0 +1,67 @@
+#!/bin/sh
+set -e
+
+if [ "$1" = "configure" ]; then
+	# Add user and group
+	if ! getent group frankenphp >/dev/null; then
+		groupadd --system frankenphp
+	fi
+	if ! getent passwd frankenphp >/dev/null; then
+		useradd --system \
+			--gid frankenphp \
+			--create-home \
+			--home-dir /var/lib/frankenphp \
+			--shell /usr/sbin/nologin \
+			--comment "FrankenPHP web server" \
+			frankenphp
+	fi
+	if getent group www-data >/dev/null; then
+		usermod -aG www-data frankenphp
+	fi
+
+	# Handle cases where package was installed and then purged;
+	# user and group will still exist but with no home dir
+	if [ ! -d /var/lib/frankenphp ]; then
+		mkdir -p /var/lib/frankenphp
+		chown frankenphp:frankenphp /var/lib/frankenphp
+	fi
+
+	# Add log directory with correct permissions
+	if [ ! -d /var/log/frankenphp ]; then
+		mkdir -p /var/log/frankenphp
+		chown frankenphp:frankenphp /var/log/frankenphp
+	fi
+fi
+
+if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ]; then
+	# This will only remove masks created by d-s-h on package removal.
+	deb-systemd-helper unmask frankenphp.service >/dev/null || true
+
+	# was-enabled defaults to true, so new installations run enable.
+	if deb-systemd-helper --quiet was-enabled frankenphp.service; then
+		# Enables the unit on first installation, creates new
+		# symlinks on upgrades if the unit file has changed.
+		deb-systemd-helper enable frankenphp.service >/dev/null || true
+		deb-systemd-invoke start frankenphp.service >/dev/null || true
+	else
+		# Update the statefile to add new symlinks (if any), which need to be
+		# cleaned up on purge. Also remove old symlinks.
+		deb-systemd-helper update-state frankenphp.service >/dev/null || true
+	fi
+
+	# Restart only if it was already started
+	if [ -d /run/systemd/system ]; then
+		systemctl --system daemon-reload >/dev/null || true
+		if [ -n "$2" ]; then
+			deb-systemd-invoke try-restart frankenphp.service >/dev/null || true
+		fi
+	fi
+fi
+
+if command -v setcap >/dev/null 2>&1; then
+	setcap cap_net_bind_service=+ep /usr/bin/frankenphp || true
+fi
+
+if [ -x /usr/bin/frankenphp ]; then
+	HOME=/var/lib/frankenphp /usr/bin/frankenphp trust || true
+fi

package/debian/postrm.sh

@@ -0,0 +1,20 @@
+#!/bin/sh
+set -e
+
+if [ -d /run/systemd/system ]; then
+	systemctl --system daemon-reload >/dev/null || true
+fi
+
+if [ "$1" = "remove" ]; then
+	if [ -x "/usr/bin/deb-systemd-helper" ]; then
+		deb-systemd-helper mask frankenphp.service >/dev/null || true
+	fi
+fi
+
+if [ "$1" = "purge" ]; then
+	if [ -x "/usr/bin/deb-systemd-helper" ]; then
+		deb-systemd-helper purge frankenphp.service >/dev/null || true
+		deb-systemd-helper unmask frankenphp.service >/dev/null || true
+	fi
+	rm -rf /var/lib/frankenphp /var/log/frankenphp /etc/frankenphp
+fi

package/debian/prerm.sh

@@ -0,0 +1,6 @@
+#!/bin/sh
+set -e
+
+if [ -d /run/systemd/system ] && [ "$1" = remove ]; then
+	deb-systemd-invoke stop frankenphp.service >/dev/null || true
+fi

package/rhel/frankenphp.service

@@ -0,0 +1,21 @@
+[Unit]
+Description=FrankenPHP server
+After=network.target
+
+[Service]
+Type=notify
+User=frankenphp
+Group=frankenphp
+ExecStartPre=/usr/bin/frankenphp validate --config /etc/frankenphp/Caddyfile
+ExecStart=/usr/bin/frankenphp run --environ --config /etc/frankenphp/Caddyfile
+ExecReload=/usr/bin/frankenphp reload --config /etc/frankenphp/Caddyfile
+TimeoutStopSec=5s
+LimitNOFILE=1048576
+LimitNPROC=512
+PrivateTmp=true
+ProtectHome=true
+ProtectSystem=full
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+
+[Install]
+WantedBy=multi-user.target

package/rhel/postinstall.sh

@@ -0,0 +1,36 @@
+#!/bin/bash
+
+if [ "$1" -eq 1 ] && [ -x "/usr/lib/systemd/systemd-update-helper" ]; then
+	# Initial installation
+	/usr/lib/systemd/systemd-update-helper install-system-units frankenphp.service || :
+fi
+
+if [ -x /usr/sbin/getsebool ]; then
+	# Connect to ACME endpoint to request certificates
+	setsebool -P httpd_can_network_connect on
+fi
+
+if [ -x /usr/sbin/semanage ] && [ -x /usr/sbin/restorecon ]; then
+	# file contexts
+	semanage fcontext --add --type httpd_exec_t '/usr/bin/frankenphp' 2>/dev/null || :
+	semanage fcontext --add --type httpd_sys_content_t '/usr/share/frankenphp(/.*)?' 2>/dev/null || :
+	semanage fcontext --add --type httpd_config_t '/etc/frankenphp(/.*)?' 2>/dev/null || :
+	semanage fcontext --add --type httpd_var_lib_t '/var/lib/frankenphp(/.*)?' 2>/dev/null || :
+	restorecon -r /usr/bin/frankenphp /usr/share/frankenphp /etc/frankenphp /var/lib/frankenphp || :
+fi
+
+if [ -x /usr/sbin/semanage ]; then
+	# QUIC
+	semanage port --add --type http_port_t --proto udp 80 2>/dev/null || :
+	semanage port --add --type http_port_t --proto udp 443 2>/dev/null || :
+	# admin endpoint
+	semanage port --add --type http_port_t --proto tcp 2019 2>/dev/null || :
+fi
+
+if command -v setcap >/dev/null 2>&1; then
+	setcap cap_net_bind_service=+ep /usr/bin/frankenphp || :
+fi
+
+if [ -x /usr/bin/frankenphp ]; then
+	HOME=/var/lib/frankenphp /usr/bin/frankenphp trust || :
+fi

package/rhel/postuninstall.sh

@@ -0,0 +1,25 @@
+#!/bin/bash
+
+if [ "$1" -ge 1 ] && [ -x "/usr/lib/systemd/systemd-update-helper" ]; then
+	# Package upgrade, not uninstall
+	/usr/lib/systemd/systemd-update-helper mark-restart-system-units frankenphp.service || :
+fi
+
+if [ "$1" -eq 0 ]; then
+	if [ -x /usr/sbin/getsebool ]; then
+		# connect to ACME endpoint to request certificates
+		setsebool -P httpd_can_network_connect off
+	fi
+	if [ -x /usr/sbin/semanage ]; then
+		# file contexts
+		semanage fcontext --delete --type httpd_exec_t '/usr/bin/frankenphp' 2>/dev/null || :
+		semanage fcontext --delete --type httpd_sys_content_t '/usr/share/frankenphp(/.*)?' 2>/dev/null || :
+		semanage fcontext --delete --type httpd_config_t '/etc/frankenphp(/.*)?' 2>/dev/null || :
+		semanage fcontext --delete --type httpd_var_lib_t '/var/lib/frankenphp(/.*)?' 2>/dev/null || :
+		# QUIC
+		semanage port --delete --type http_port_t --proto udp 80 2>/dev/null || :
+		semanage port --delete --type http_port_t --proto udp 443 2>/dev/null || :
+		# admin endpoint
+		semanage port --delete --type http_port_t --proto tcp 2019 2>/dev/null || :
+	fi
+fi

package/rhel/preinstall.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+getent group frankenphp &>/dev/null ||
+	groupadd -r frankenphp &>/dev/null
+getent passwd frankenphp &>/dev/null ||
+	useradd -r -g frankenphp -d /var/lib/frankenphp -s /sbin/nologin -c 'FrankenPHP web server' frankenphp &>/dev/null
+exit 0

package/rhel/preuninstall.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+
+if [ "$1" -eq 0 ] && [ -x "/usr/lib/systemd/systemd-update-helper" ]; then
+	# Package removal, not upgrade
+	/usr/lib/systemd/systemd-update-helper remove-system-units frankenphp.service || :
+fi

static-builder-gnu.Dockerfile

@@ -6,6 +6,8 @@ FROM centos:7
 ARG FRANKENPHP_VERSION=''
 ENV FRANKENPHP_VERSION=${FRANKENPHP_VERSION}
 
+ARG BUILD_PACKAGES=''
+
 ARG PHP_VERSION=''
 ENV PHP_VERSION=${PHP_VERSION}
 
@@ -114,13 +116,27 @@ ENV SPC_DEFAULT_C_FLAGS='-fPIE -fPIC -O3'
 ENV SPC_LIBC='glibc'
 ENV SPC_CMD_VAR_PHP_MAKE_EXTRA_LDFLAGS_PROGRAM='-Wl,-O3 -pie'
 ENV SPC_CMD_VAR_PHP_MAKE_EXTRA_LIBS='-ldl -lpthread -lm -lresolv -lutil -lrt'
-ENV SPC_OPT_DOWNLOAD_ARGS='--ignore-cache-sources=php-src'
-ENV SPC_OPT_BUILD_ARGS=''
+ENV SPC_OPT_BUILD_ARGS='--with-config-file-path=/etc/frankenphp --with-config-file-scan-dir=/etc/frankenphp/php.d'
 ENV SPC_REL_TYPE='binary'
+ENV EXTENSION_DIR='/usr/lib/frankenphp/modules'
 
 # not sure if this is needed
 ENV COMPOSER_ALLOW_SUPERUSER=1
 
+# install tools to build packages, if requested - needs gcc 10
+RUN if [ "${BUILD_PACKAGES}" != "" ]; then \
+        yum install -y make bzip2 openssl-devel libffi-devel zlib-devel libyaml libyaml-devel rpm-build && \
+        curl -o ruby.tar.gz -fsSL https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.2.tar.gz && \
+        tar -xzf ruby.tar.gz && \
+        cd ruby-3.4.2 && \
+        ./configure --without-baseruby && \
+        make && \
+        make install && \
+        cd .. && \
+        rm -rf ruby-3.4.2 ruby.tar.gz && \
+        gem install fpm; \
+    fi
+
 WORKDIR /go/src/app
 COPY go.mod go.sum ./
 RUN go mod download
@@ -133,6 +149,10 @@ WORKDIR /go/src/app
 COPY --link *.* ./
 COPY --link caddy caddy
 COPY --link internal internal
+COPY --link package package
 
 RUN --mount=type=secret,id=github-token ./build-static.sh && \
+    if [ "${BUILD_PACKAGES}" != "" ]; then \
+        ./build-packages.sh; \
+    fi ; \
 	rm -Rf dist/static-php-cli/source/*

static-builder-musl.Dockerfile

@@ -95,6 +95,9 @@ COPY --link . ./
 ENV SPC_DEFAULT_C_FLAGS='-fPIE -fPIC -O3'
 ENV SPC_LIBC='musl'
 ENV SPC_CMD_VAR_PHP_MAKE_EXTRA_LDFLAGS_PROGRAM='-Wl,-O3 -pie'
+ENV SPC_OPT_BUILD_ARGS='--with-config-file-path=/etc/frankenphp --with-config-file-scan-dir=/etc/frankenphp/php.d'
+ENV SPC_REL_TYPE='binary'
+ENV EXTENSION_DIR='/usr/lib/frankenphp/modules'
 
 RUN --mount=type=secret,id=github-token GITHUB_TOKEN=$(cat /run/secrets/github-token) ./build-static.sh && \
 	rm -Rf dist/static-php-cli/source/*