diff --git a/docker/Dockerfile b/docker/Dockerfile
new file mode 100644
index 000000000..0a28d7323
--- /dev/null
+++ b/docker/Dockerfile
@@ -0,0 +1,77 @@
+ARG base=debian:11
+FROM $base
+
+ARG url=https://github.com/foswiki/distro/releases/download/FoswikiRelease02x01x07/Foswiki-2.1.7.tgz
+ARG sha512=7196ce5a586a3770e2d198a79d0856f34724893746a40500b7f72d3efc48dcbdfb0292a3583186cf4e5b217a70df3b5dd8af80aa3e5c34987ca202a62dada0bf
+ARG root=/var/www/foswiki
+ARG user=www-data
+ARG group=www-data
+ARG port=80
+ARG lang=C.UTF-8
+ARG tz=Asia/Shanghai
+ARG mirror=""
+
+ENV LANG=$lang TZ=$tz
+
+RUN set -eux; \
+ [ -z "$mirror" ] || sed -i -E "s|http(s?)://deb.debian.org|$mirror|" /etc/apt/sources.list; \
+ apt update -y \
+ && apt install -y curl diffutils grep less logrotate vim w3m \
+ apache2 libapache2-mod-fcgid libapache2-mod-perl2 nginx \
+ libalgorithm-diff-perl \
+ libapache2-request-perl \
+ libarchive-zip-perl \
+ libcgi-session-perl \
+ libconvert-pem-perl \
+ libcrypt-eksblowfish-perl \
+ libcrypt-passwdmd5-perl \
+ libcrypt-smime-perl \
+ libcrypt-x509-perl \
+ libdbd-mariadb-perl \
+ libdbd-mysql-perl \
+ libdbd-pg-perl \
+ libdbd-sqlite3-perl \
+ libemail-address-xs-perl \
+ libemail-mime-perl \
+ libemail-simple-perl \
+ liberror-perl \
+ libfcgi-procmanager-perl \
+ libfile-copy-recursive-perl \
+ libfile-mmagic-xs-perl \
+ libjson-perl \
+ liblocale-codes-perl \
+ liblocale-maketext-lexicon-perl \
+ liblocale-msgfmt-perl \
+ && apt install -y --no-install-recommends \
+ libimage-magick-perl \
+ && rm -rf /var/lib/apt/lists/* \
+ && a2enmod access_compat rewrite \
+ && a2dissite 000-default \
+ && rm /etc/nginx/sites-enabled/default
+
+RUN set -eux; \
+ mkdir -p $root \
+ && cd $root \
+ && curl -L -s -o foswiki.tgz "$url" \
+ && echo "$sha512 foswiki.tgz" > foswiki.tgz.sha512 \
+ && sha512sum -c --status foswiki.tgz.sha512 \
+ && tar -xzvf foswiki.tgz --strip-components=1 \
+ && rm foswiki.tgz foswiki.tgz.sha512 \
+ && sh tools/fix_file_permissions.sh \
+ && chown -R $user:$group $root \
+ && echo "0,30 * * * * cd $root/bin && perl ../tools/tick_foswiki.pl" | crontab -u $user - \
+ && cp tools/foswiki.init-script /etc/init.d/foswiki \
+ && chmod 755 /etc/init.d/foswiki \
+ && update-rc.d foswiki defaults \
+ && cp tools/foswiki.defaults /etc/default/foswiki \
+ && chmod 644 /etc/default/foswiki
+
+COPY foswiki-apache.conf /etc/apache2/sites-enabled/foswiki.conf
+COPY foswiki-nginx.conf /etc/nginx/sites-enabled/foswiki.conf
+COPY start.sh /start.sh
+
+VOLUME $root
+
+EXPOSE $port
+
+CMD ["/bin/sh", "/start.sh"]
diff --git a/docker/LICENCE b/docker/LICENCE
new file mode 100644
index 000000000..08a8d849a
--- /dev/null
+++ b/docker/LICENCE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2022 Yubao Liu
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/docker/README.md b/docker/README.md
new file mode 100644
index 000000000..b2be8d52b
--- /dev/null
+++ b/docker/README.md
@@ -0,0 +1,64 @@
+# Dockerfile for Foswiki
+
+Run pristine Foswiki in Debian container with Apache 2 + mod_fcgid/mod_proxy_fcgi/mod_perl or Nginx.
+
+## Build
+
+```sh
+docker build . -t foswiki --progress plain
+```
+
+Notice this Dockerfile uses volume for `/var/www/foswiki`.
+
+## Run
+
+```sh
+# Use Apache, may use `-e MODULE=[fcigd|proxy_fcgi|perl]` to choose different Apache module.
+docker run -dt --init --name foswiki -p 8888:80 -e TZ=Asia/Shanghai -e HTTPD=apache foswiki
+
+
+# Use Nginx
+docker run -dt --init --name foswiki -p 8888:80 -e TZ=Asia/Shanghai foswiki
+```
+
+Access http://localhost:8888 to further configure Foswiki:
+
+1. http://localhost:8888/bin/configure
+ 1. `Security and Authentication` -> `Registration`: select `Enable User Registration`
+ 2. `General settings` -> `File System Paths`: set `Safe PATH` to `/bin:/usr/bin`
+ 3. Click button `Save 2 changes` on the top right corner
+2. http://localhost:8888/System/UserRegistration Register your first user, such as WikiName `FirstAdmin`
+3. http://localhost:8888/Main/WikiGroups Click `Add Members...` in the group `AdminGroup`, add newly registered user's WikiName
+4. Run `docker restart foswiki` to restart the Docker container
+
+Although you can directly access Foswiki in the container, this container is expected to be behind a reverse proxy that terminates HTTPS connections and handles virtual site, you must replace the hostname above to `https://your-reverse-proxy?SSL=1`.
+
+## Extensions
+
+Highly recommended extension for Nginx:
+
+``` sh
+su -s /bin/bash www-data
+cd /var/www/foswiki
+tools/extension_installer XSendFileContrib -r install
+tools/configure -save -set '{XSendFileContrib}{Header}=X-Accel-Redirect'
+tools/configure -save -set '{XSendFileContrib}{Location}=/files'
+```
+
+Beautiful skin extension [NatSkin](https://foswiki.org/Extensions/NatSkin):
+``` sh
+su -s /bin/bash www-data
+cd /var/www/foswiki
+tools/extension_installer NatSkin -r install
+```
+
+Check https://foswiki.org/Extensions for more extensions.
+
+## Reference
+
+* https://github.com/timlegge/docker-foswiki
+* https://foswiki.org/System/InstallationGuide
+* https://foswiki.org/System/InstallationGuidePart2
+* https://foswiki.org/Support/FoswikiOnNginx
+* https://foswiki.org/System/FastCGIEngineContrib#Nginx
+
diff --git a/docker/foswiki-apache.conf b/docker/foswiki-apache.conf
new file mode 100644
index 000000000..48ec00a46
--- /dev/null
+++ b/docker/foswiki-apache.conf
@@ -0,0 +1,311 @@
+# Merge autogenerated httpd.conf files for Foswiki.
+# Generated at https://foswiki.org/Support/ApacheConfigGenerator?vhost=;port=;dir=/var/www/foswiki;symlink=;pathurl=/;shorterurls=enabled;engine=mod_perl;fastcgimodule=fcgid;fcgidreqlen=;apver=2;confighost=;configip=;configuser=;loginmanager=Template;htpath=;errordocument=UserRegistration;errorcustom=;disablephp=on;blockpubhtml=on;blocktrashpub=on;controlattach=;blockspiders=on;foswikiversion=2.x;apacheversion=2.4;timeout=;ssl=;sslcert=/etc/ssl/apache2/yourservercert.pem;sslchain=/etc/ssl/apache2/sub.class1.server.ca.pem;sslkey=/etc/ssl/apache2/yourservercertkey.pem
+# Generated at https://foswiki.org/Support/ApacheConfigGenerator?vhost=;port=;dir=/var/www/foswiki;symlink=;pathurl=/;shorterurls=enabled;engine=FastCGI;fastcgimodule=fcgid;fcgidreqlen=;apver=2;confighost=;configip=;configuser=;loginmanager=Template;htpath=;errordocument=UserRegistration;errorcustom=;disablephp=on;blockpubhtml=on;blocktrashpub=on;controlattach=;blockspiders=on;foswikiversion=2.x;apacheversion=2.4;timeout=;ssl=;sslcert=/etc/ssl/apache2/yourservercert.pem;sslchain=/etc/ssl/apache2/sub.class1.server.ca.pem;sslkey=/etc/ssl/apache2/yourservercertkey.pem
+
+# Configuration generated for Foswiki 2.x, Apache 2.4
+
+Define foswikiroot "/var/www/foswiki"
+
+# The Alias defines a url that points to the root of the Foswiki installation.
+# The first parameter will be part of the URL to your installation e.g.
+# http://my.co.uk/foswiki/bin/view/...
+# The second parameter must point to the physical path on your disc.
+
+
+Alias /bin "${foswikiroot}/bin"
+
+
+Alias /bin "${foswikiroot}/bin/foswiki.fcgi"
+
+
+# The following Alias is used to access files in the pub directory (attachments etc)
+# It must come _after_ the ScriptAlias.
+# If short URLs are enabled, and any other local directories or files need to be accessed directly, they
+# must also be specified in an Alias statement, and must not conflict with a web name.
+
+Alias /pub "${foswikiroot}/pub"
+Alias /robots.txt "${foswikiroot}/robots.txt"
+# Add aliases for any other files that must be read at the root level. eg.
+# Alias /google[somehashkey].html "${foswikiroot}/google[somehashkey].html"
+
+# Rewriting is required for Short URLs, and Attachment redirecting to viewfile
+RewriteEngine on
+#LogLevel alert rewrite:trace3
+
+# Shortest URLs block access to the Apache standard error documents. The following alias will
+# restore access to these error messages. The actual location may vary by OS distribution.
+# This may need to be tailored depending upon location of the Apache error documents. Below
+# are examples for Linux, and FreeBSD
+# Alias /error/ "/usr/share/apache2/error/"
+# Alias /error/ "/usr/local/www/apache24/error/"
+
+# short urls
+
+Alias / "${foswikiroot}/bin/view/"
+
+
+Alias / "${foswikiroot}/bin/foswiki.fcgi/"
+
+RewriteRule ^/+bin/+view/+(.*) /$1 [L,NE,R]
+RewriteRule ^/+bin/+view$ / [L,NE,R]
+
+# Block access to typical spam related attachments
+# Except the Foswiki directory which is read only and does have attached html files.
+SetEnvIf Request_URI "/pub/.*\.[hH][tT][mM][lL]?$" blockAccess
+SetEnvIf Request_URI "/pub/System/.*\.[hH][tT][mM][lL]?$" !blockAccess
+
+# This enables access to the documents in the Foswiki root directory
+
+
+
+ Require all granted
+ Require not env blockAccess
+
+
+
+
+# mod_perl_startup.pl must exist, otherwise Apache will not start.
+PerlRequire "${foswikiroot}/tools/mod_perl_startup.pl"
+
+
+ DefaultMaxClassProcessCount 3
+ # Request length must be larger than largest ATTACHFILESIZELIMIT x 1024
+ FcgidMaxRequestLen 52428800
+ # Limit requests to control memory growth.
+ FcgidMaxRequestsPerProcess 400
+
+
+
+# This specifies the options on the Foswiki scripts directory. The ExecCGI
+# and SetHandler tell apache that it contains scripts. "Allow from all"
+# lets any IP address access this URL.
+# Note: If you use SELinux, you also have to "Allow httpd cgi support" in your SELinux policies
+
+
+ AllowOverride None
+
+
+ Require all granted
+ Require not env blockAccess
+
+
+ Options +ExecCGI -FollowSymLinks
+
+ SetHandler perl-script
+ PerlResponseHandler Foswiki::Engine::Apache
+
+
+ SetHandler cgi-script
+
+
+
+ SetHandler fcgid-script
+
+
+
+ # Password file for Foswiki users
+ AuthUserFile "${foswikiroot}/data/.htpasswd"
+ AuthName 'Enter your WikiName: (First name and last name, no space, no dots, capitalized, e.g. JohnSmith). Cancel to register if you do not have one.'
+ AuthType Basic
+
+ # File to return on access control error (e.g. wrong password)
+ ErrorDocument 401 /System/UserRegistration
+
+
+
+# This sets the options on the pub directory, which contains attachments and
+# other files like CSS stylesheets and icons. AllowOverride None stops a
+# user installing a .htaccess file that overrides these options.
+# Note that files in pub are *not* protected by Foswiki Access Controls,
+# so if you want to control access to files attached to topics you need to
+# block access to the specific directories same way as the ApacheConfigGenerator
+# blocks access to the pub directory of the Trash web
+
+ Options None
+ Options -FollowSymLinks
+ AllowOverride None
+
+
+ Require all granted
+ Require not env blockAccess
+
+ ErrorDocument 404 /bin/viewfile
+
+ # If you have PHP installed as Apache module, one of the below directives will ensure
+ # that it is disabled. The "ifmodule" statements should prevent this from causing
+ # errors if php is not installed.
+
+
+ php3_engine off
+
+
+ php_admin_flag engine off
+
+
+ php_admin_flag engine off
+
+
+ # This line will redefine the mime type for the most common types of scripts
+ AddType text/plain .shtml .php .php3 .phtml .phtm .pl .py .cgi
+
+ # add an Expires header that is sufficiently in the future that the browser does not even ask if its uptodate
+ # reducing the load on the server significantly
+ # IF you can, you should enable this - it _will_ improve your Foswiki experience, even if you set it to under one day.
+ # you may need to enable expires_module in your main apache config
+
+ #
+ #
+ # ExpiresActive on
+ # ExpiresDefault "access plus 11 days"
+ #
+ #
+ #
+ # Serve pre-compressed versions of .js and .css files, if they exist
+ # Some browsers do not handle this correctly, which is why it is disabled by default
+ #
+ # RewriteCond %{HTTP:Accept-encoding} gzip
+ # RewriteCond %{REQUEST_FILENAME}.gz -f
+ # RewriteRule ^(.*)$ %{REQUEST_URI}.gz [L,QSA]
+ #
+ #
+ # RewriteCond %{HTTP:Accept-encoding} gzip
+ # RewriteCond %{REQUEST_FILENAME}.gz -f
+ # RewriteRule ^([^?]*)\?(.*)$ $1.gz?$2 [L]
+ #
+ #
+ # AddEncoding x-gzip .gz
+ # AddType application/x-javascript .gz
+ #
+ #
+ # AddEncoding x-gzip .gz
+ # AddType text/css .gz
+ #
+
+
+
+# Spammers are known to attach their stuff and then move it to trash where it remains unnoticed.
+# We prevent viewing any attachments directly from pub
+
+ Require all denied
+
+
+# Security note: All other directories should be set so
+# that they are *not* visible as URLs, so we set them as =deny from all=.
+
+ Require all denied
+
+
+
+ Require all denied
+
+
+
+ Require all denied
+
+
+
+ Require all denied
+
+
+
+ Require all denied
+
+
+
+ Require all denied
+
+
+# We set an environment variable called blockAccess.
+#
+# Setting a BrowserMatchNoCase to ^$ is important. It prevents Foswiki from
+# including its own topics as URLs and also prevents other Foswikis from
+# doing the same. This is important to prevent the most obvious
+# Denial of Service attacks.
+#
+# You can expand this by adding more BrowserMatchNoCase statements to
+# block evil browser agents trying to crawl your Foswiki
+#
+# Example:
+# BrowserMatchNoCase ^SiteSucker blockAccess
+# BrowserMatchNoCase ^$ blockAccess
+
+BrowserMatchNoCase ^Accoona blockAccess
+BrowserMatchNoCase ^ActiveAgent blockAccess
+BrowserMatchNoCase ^Attache blockAccess
+BrowserMatchNoCase BecomeBot blockAccess
+BrowserMatchNoCase ^bot blockAccess
+BrowserMatchNoCase Charlotte/ blockAccess
+BrowserMatchNoCase ^ConveraCrawler blockAccess
+BrowserMatchNoCase ^CrownPeak-HttpAgent blockAccess
+BrowserMatchNoCase ^EmailCollector blockAccess
+BrowserMatchNoCase ^EmailSiphon blockAccess
+BrowserMatchNoCase ^e-SocietyRobot blockAccess
+BrowserMatchNoCase ^Exabot blockAccess
+BrowserMatchNoCase ^FAST blockAccess
+BrowserMatchNoCase ^FDM blockAccess
+BrowserMatchNoCase ^GetRight/6.0a blockAccess
+BrowserMatchNoCase ^GetWebPics blockAccess
+BrowserMatchNoCase ^Gigabot blockAccess
+BrowserMatchNoCase ^gonzo1 blockAccess
+BrowserMatchNoCase ^Google\sSpider blockAccess
+BrowserMatchNoCase ^ichiro blockAccess
+BrowserMatchNoCase ^ie_crawler blockAccess
+BrowserMatchNoCase ^iGetter blockAccess
+BrowserMatchNoCase ^IRLbot blockAccess
+BrowserMatchNoCase Jakarta blockAccess
+BrowserMatchNoCase ^Java blockAccess
+BrowserMatchNoCase ^KrakSpider blockAccess
+BrowserMatchNoCase ^larbin blockAccess
+BrowserMatchNoCase ^LeechGet blockAccess
+BrowserMatchNoCase ^LinkWalker blockAccess
+BrowserMatchNoCase ^Lsearch blockAccess
+BrowserMatchNoCase ^Microsoft blockAccess
+BrowserMatchNoCase MJ12bot blockAccess
+BrowserMatchNoCase MSIECrawler blockAccess
+BrowserMatchNoCase ^MSRBOT blockAccess
+BrowserMatchNoCase ^noxtrumbot blockAccess
+BrowserMatchNoCase ^NutchCVS blockAccess
+BrowserMatchNoCase ^RealDownload blockAccess
+BrowserMatchNoCase ^Rome blockAccess
+BrowserMatchNoCase ^Roverbot blockAccess
+BrowserMatchNoCase ^schibstedsokbot blockAccess
+BrowserMatchNoCase SemrushBot blockAccess
+BrowserMatchNoCase ^Seekbot blockAccess
+BrowserMatchNoCase ^SiteSnagger blockAccess
+BrowserMatchNoCase ^SiteSucker blockAccess
+BrowserMatchNoCase ^Snapbot blockAccess
+BrowserMatchNoCase ^sogou blockAccess
+BrowserMatchNoCase ^SpiderKU blockAccess
+BrowserMatchNoCase ^SpiderMan blockAccess
+BrowserMatchNoCase ^Squid blockAccess
+BrowserMatchNoCase ^Teleport blockAccess
+BrowserMatchNoCase ^User-Agent\: blockAccess
+BrowserMatchNoCase VoilaBot blockAccess
+BrowserMatchNoCase ^voyager blockAccess
+BrowserMatchNoCase ^w3search blockAccess
+BrowserMatchNoCase ^Web\sDownloader blockAccess
+BrowserMatchNoCase ^WebCopier blockAccess
+BrowserMatchNoCase ^WebDevil blockAccess
+BrowserMatchNoCase ^WebSec blockAccess
+BrowserMatchNoCase ^WebVac blockAccess
+BrowserMatchNoCase ^Webwhacker blockAccess
+BrowserMatchNoCase ^Webzip blockAccess
+BrowserMatchNoCase ^Wells blockAccess
+BrowserMatchNoCase ^WhoWhere blockAccess
+BrowserMatchNoCase www\.netforex\.org blockAccess
+BrowserMatchNoCase ^WX_mail blockAccess
+BrowserMatchNoCase ^yacybot blockAccess
+BrowserMatchNoCase ^ZIBB blockAccess
+
+# Setting the NO_FOSWIKI_SESSION environment variable prevents a
+# session being created for the Google Search Appliance bot. This
+# is useful if you have the Google Search Appliance installed on
+# your intranet, as they can be very aggressive when indexing, creating
+# a lot of session files and slowing Foswiki down.
+# You can also set this environment variable for public sites, to
+# prevent Google and other search engines' bots. However, these tend
+# to index your site a lot less often than the Google Search Appliance.
+# *Works on Foswiki 1.1 and later only*
+BrowserMatch "^gsa-crawler" NO_FOSWIKI_SESSION
+
+BrowserMatchNoCase ^$ blockAccess
diff --git a/docker/foswiki-nginx.conf b/docker/foswiki-nginx.conf
new file mode 100644
index 000000000..bd99aa26f
--- /dev/null
+++ b/docker/foswiki-nginx.conf
@@ -0,0 +1,87 @@
+server {
+ listen 80 default_server;
+ listen [::]:80 default_server;
+ server_name _;
+
+ set $foswiki_root /var/www/foswiki; # <=== Path to expanded foswiki distribution
+ root /var/www/html;
+ index index.html;
+
+ #access_log /var/log/nginx/foswiki-access.log;
+ #error_log /var/log/nginx/foswiki-error.log debug;
+
+ # Uncomment for htpasswd
+ #auth_basic "FOSWiki";
+ #auth_basic_user_file $foswiki_root/data/.htpasswd;
+
+ # raise upload limit (foswiki has its own limit : %ATTACHFILESIZELIMIT% in System/PreferenceSettings)
+ client_max_body_size 50M;
+
+ # browsers tend to search for a favicons and robots.txt in the root directory: if it is there fine, if not don't bother
+ location /favicon.ico {
+ root $foswiki_root;
+ log_not_found off;
+ access_log off;
+ }
+ location /robots.txt {
+ root $foswiki_root;
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location = / {
+ root $foswiki_root;
+ rewrite .* /Main/WebHome;
+ }
+
+ # redirect short urls to view
+ location ~ ^/(?:bin/)?([A-Z_].*)$ {
+ rewrite ^/(.*)$ /bin/view/$1 last;
+ }
+
+ # static files that we don't need to authenticate, i.e. css and js
+ location ~ ^/pub/(System|Applications|images|cache)/ {
+ root $foswiki_root;
+ expires 8h;
+ gzip_static on;
+ }
+
+ # any other static files need to be sanctioned by the foswiki backened
+ location /pub {
+ # either by the standard viewfile approach ...
+ rewrite ^/pub/(.*)$ /bin/viewfile/$1;
+
+ # or by XSendFileContrib using
+ #
+ # The following setting must be in LocalSite.cfg
+ # {XSendFileContrib}{Header} = 'X-Accel-Redirect';
+ # {XSendFileContrib}{Location} = '/files';
+ #rewrite ^/pub/(.*)$ /bin/xsendfile/$1;
+ }
+
+ # internal location that sendfile serves sanctioned static files from
+ location /files {
+ internal;
+ alias $foswiki_root/pub/;
+ expires 8h;
+ access_log off;
+ }
+
+ # deny any direct access to these directores
+ # note that this only is required in case the document root equals the $foswiki_root
+ location ~ (^/lib|^/data|^/locale|^/templates|^/tools|^/work) {
+ deny all;
+ }
+
+ location ~ ^/bin/([a-z]+) {
+ gzip off;
+ # a request taking more than 2 minutes is considered an error
+ fastcgi_read_timeout 120s;
+ fastcgi_split_path_info ^/bin/(.+?)(/.*)$;
+ fastcgi_param SCRIPT_FILENAME $foswiki_root/bin/foswiki.fcgi;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ fastcgi_pass 127.0.0.1:9000;
+ include fastcgi_params;
+ }
+}
diff --git a/docker/start.sh b/docker/start.sh
new file mode 100755
index 000000000..a741a4638
--- /dev/null
+++ b/docker/start.sh
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -eux
+
+service cron start
+
+httpd=${HTTPD:-nginx}
+module=${MODULE:-fcgid} # for Apache only
+
+unset HTTPD MODULE # unset environment variables
+
+case "$httpd" in
+ apache)
+ case "$module" in
+ *fcgid)
+ a2enmod fcgid
+ a2dismod proxy_fcgi
+ a2dismod perl
+ ;;
+
+ *proxy_fcgi)
+ a2enmod proxy_fcgi
+ a2dismod fcgid
+ a2dismod perl
+
+ rm -f /var/run/foswiki.pid
+ service foswiki start
+ ;;
+
+ *perl)
+ a2enmod perl
+ a2dismod fcgid
+ a2dismod proxy_fcgi
+ ;;
+
+ *)
+ echo "ERROR: unknown engine $module" >&2
+ exit 1
+ esac
+
+ exec apache2ctl -DFOREGROUND -k start
+ ;;
+
+ nginx)
+ # Enable xsendfile in Nginx if XSendFileContrib is properly configured
+ foswiki_conf=/etc/nginx/sites-enabled/foswiki.conf
+ localsite_cfg=/var/www/foswiki/lib/LocalSite.cfg
+ if grep -q '^\s*#rewrite.*xsendfile' $foswiki_conf &&
+ grep -q '{XSendFileContrib}{Header}\s*=\s*.X-Accel-Redirect.' $localsite_cfg &&
+ grep -q '{XSendFileContrib}{Location}\s*=\s*./files.' $localsite_cfg; then
+ sed -i -E 's|^(\s*)(rewrite.*viewfile)|\1#\2|; s|^(\s*)#(rewrite.*sendfile)|\1\2|' $foswiki_conf
+ fi
+
+ rm -f /var/run/foswiki.pid
+ service foswiki start
+ exec nginx -g "daemon off;"
+ ;;
+
+ *)
+ echo "ERROR: unknown httpd $httpd" >&2
+ exit 1
+esac