RedHatTraining/DO280-apps.git

parent: 10274223 | patch | commit | ignore whitespace

Add the php-ssl app. This is a lightweight app that is used in chapter 6 It...

Razique Mahroua

2019-12-16 b640959db1a97290fae22c3f3e3af5551c5881db

Add the php-ssl app. This is a lightweight app that is used in chapter 6
It detects whether we are running in HTTP or HTTPs mode.

7 files added

1 files modified

	php-ssl/Dockerfile	27 ●●●●● patch \| view \| raw \| blame \| history
	php-ssl/README.md	53 ●●●●● patch \| view \| raw \| blame \| history
	php-ssl/httpd/httpd.conf	83 ●●●●● patch \| view \| raw \| blame \| history
	php-ssl/httpd/ssl.conf	38 ●●●●● patch \| view \| raw \| blame \| history
	php-ssl/index.php	77 ●●●●● patch \| view \| raw \| blame \| history
	php-ssl/ssl/certs/tls.crt	24 ●●●●● patch \| view \| raw \| blame \| history
	php-ssl/ssl/certs/tls.key	28 ●●●●● patch \| view \| raw \| blame \| history
	python-load/load.py	2 ●●●●● patch \| view \| raw \| blame \| history

 php-ssl/Dockerfile

New file
@@ -0,0 +1,27 @@

FROM registry.access.redhat.com/ubi8:8.0
LABEL version="1.0" \
  description="A simple PHP application that tests TLS encryption" \
  creationDate="2019-12-13" \
  updatedDate="2019-12-13"

USER 0
RUN yum install -y --disableplugin=subscription-manager --nodocs \
  httpd mod_ssl php php-common net-tools procps-ng \
  && yum clean all

COPY httpd/httpd.conf /etc/httpd/conf/httpd.conf
## SSL - This directive configures SSL support for the container
COPY httpd/ssl.conf /etc/httpd/conf.d/ssl.conf
## End of SSL

COPY index.php /var/www/html/index.php

RUN mkdir /run/php-fpm && \
  chgrp -R 0 /var/www/html /var/log/httpd /var/run/httpd/ /run/php-fpm \
  && chmod -R g+rwx /var/www/html /var/log/httpd /var/run/httpd/ /run/php-fpm

EXPOSE 8080 8443
USER 1001

CMD  php-fpm && httpd -D FOREGROUND

 php-ssl/README.md

New file
@@ -0,0 +1,53 @@
## About this container
This container deploys a stand-alone PHP page to display some basic information about
the container. It is mostly used to determine whether this application is served via
TLS or is exposed via HTTP.

## How to build
Run the following command to build the container image:
`$ podman build -t php-ssl .`

The container expects a certificate and a key at `/usr/local/etc/ssl/certs`.
Run the following command to generate a self-signed certificate:
`$ openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout tls.key -out tls.crt`

## How to run

### In HTTP mode
```
podman run --name todo -p 8080:8080 php-ssl:latest`
```

### In HTTPs mode
```
podman run --userns keep-id \
  -v ./ssl/certs:/usr/local/etc/ssl/certs:Z \
  --name todo -p 8443:8443 php-ssl:latest`
```

### In HTTP & HTTPS mode
Notice the port range:

```
podman run --userns keep-id \
  -v ./ssl/certs:/usr/local/etc/ssl/certs:Z \
  --name test \
  -p 8080-8443:8080-8443 \
  php-ssl:latest
```

### Disable HTTPs support
If you need to disable HTTPs support, run the following steps:

  1. In `Dockerfile` -- comment line 15:
  ```
  # COPY httpd/ssl.conf /etc/httpd/conf.d/ssl.conf
  ```
  3. Rebuild the image:
  ```
  `$ podman build -t php-ssl:latest .`
  ```
  4. Run the following command to create the container:
  ```
  `$ podman run --name todo -p 8080:8080 php-ssl:latest`
  ```

 php-ssl/httpd/httpd.conf

New file
@@ -0,0 +1,83 @@
ServerRoot "/etc/httpd"
Listen 8080
Include conf.modules.d/*.conf
User apache
Group apache
PidFile /var/run/httpd/httpd.pid
ServerAdmin root@localhost

<Directory />
  AllowOverride none
  Require all denied
</Directory>

DocumentRoot "/var/www/html"

<Directory "/var/www">
  AllowOverride None
  # Allow open access:
  Require all granted
</Directory>

# Further relax access to the default document root:
<Directory "/var/www/html">
  Options Indexes FollowSymLinks
  AllowOverride None
  Require all granted
</Directory>

<IfModule dir_module>
  DirectoryIndex index.html
</IfModule>

#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<Files ".ht*">
  Require all denied
</Files>

# Changed by Steve Pousty
# ErrorLog "logs/error_log"
ErrorLog "|/bin/more"
LogLevel warn

<IfModule log_config_module>
  LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
  LogFormat "%h %l %u %t \"%r\" %>s %b" common

  <IfModule logio_module>
    # You need to enable mod_logio.c to use %I and %O
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
  </IfModule>

  CustomLog "|/bin/more" combined
</IfModule>

<IfModule alias_module>
  ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
</IfModule>

<Directory "/var/www/cgi-bin">
  AllowOverride None
  Options None
  Require all granted
</Directory>

<IfModule mime_module>
  TypesConfig /etc/mime.types
  AddType application/x-compress .Z
  AddType application/x-gzip .gz .tgz
  AddType text/html .shtml
  AddOutputFilter INCLUDES .shtml
</IfModule>

AddDefaultCharset UTF-8

<IfModule mime_magic_module>
    MIMEMagicFile conf/magic
</IfModule>

EnableSendfile on
IncludeOptional conf.d/*.conf

 php-ssl/httpd/ssl.conf

New file
@@ -0,0 +1,38 @@
#
# This is the Apache server configuration file providing SSL support.
# It contains the configuration directives to instruct the server how to
# serve pages over an https connection. For detailing information about these
# directives see <URL:http://httpd.apache.org/docs/2.2/mod/mod_ssl.html>
#
LoadModule              ssl_module modules/mod_ssl.so
Listen                  8443
SSLPassPhraseDialog     builtin
SSLSessionCache         shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout  300
SSLRandomSeed           startup file:/dev/urandom  256
SSLRandomSeed           connect builtin

<VirtualHost _default_:8443>
  ServerName localhost.localdomain:8443
  ErrorLog logs/ssl_error_log
  TransferLog logs/ssl_access_log
  LogLevel warn
  SSLEngine on

  SSLProtocol all -SSLv2
  SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
  SSLCertificateFile /usr/local/etc/ssl/certs/tls.crt
  SSLCertificateKeyFile /usr/local/etc/ssl/certs/tls.key
  # SSLCertificateChainFile /usr/local/etc/ssl/certs/tls-chain.crt

  SetEnvIf User-Agent ".*MSIE.*" \
    nokeepalive ssl-unclean-shutdown \
    downgrade-1.0 force-response-1.0
  CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
  <Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
  </Files>
  <Directory "/var/www/cgi-bin">
    SSLOptions +StdEnvVars
  </Directory>
</VirtualHost>

 php-ssl/index.php

New file
@@ -0,0 +1,77 @@
<?php
  function get_system_load($coreCount = 2, $interval = 1) {
    $rs = sys_getloadavg();
    $interval = $interval >= 1 && 3 <= $interval ? $interval : 1;
    $load = $rs[$interval];
    return round(($load * 100) / $coreCount,2);
  }

  function get_connections() {
    if (function_exists('exec')) {
      $www_total_count = 0;
      @exec ('netstat -an | egrep \':80|:443\' | awk \'{print $5}\' | grep -v \':::\*\' |  grep -v \'0.0.0.0\'', $results);

      foreach ($results as $result) {
        $array = explode(':', $result);
        $www_total_count ++;
        if (preg_match('/^::/', $result)) {
          $ipaddr = $array[3];
        } else {
          $ipaddr = $array[0];
        }
        if (!in_array($ipaddr, $unique)) {
          $unique[] = $ipaddr;
          $www_unique_count ++;
        }
      }
      unset ($results);

      return count($unique);
    }
  }

  function get_memory_usage() {
    $free = shell_exec('free');
    $free = (string)trim($free);
    $free_arr = explode("\n", $free);
    $mem = explode(" ", $free_arr[1]);
    $mem = array_filter($mem);
    $mem = array_merge($mem);
    $memory_usage = $mem[2] / $mem[1] * 100;

    return $memory_usage;
  }
?>

<!DOCTYPE html>
<html>
  <head>
    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
    <title>PHP Application</title>
  </head>
  <body>
    <h2><strong>About this application</strong></h2>
    <?php
      if (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off') { ?>
        <i class="fa fa-lock"/><span style="color: #339966;"><strong>
          <?php echo 'The application is currently served over TLS'; ?>
        </span></strong>
      <?php
      } else { ?>
        <i class="fa fa-exclamation-triangle"/><span style="color: #993300;"><strong>
          <?php echo 'The application is currently server over HTTP'; ?>
        </span></strong>
      <?php } ?>
    <ul>
      <li>
        <strong>Current system load:</strong> <?php echo get_system_load() ?>
      </li>
      <li>
        <strong>Number of connections:</strong> <?php echo get_connections() ?>
      </li>
      <li>
        <strong>Memory usage:</strong> <?php echo round(get_memory_usage()) .' Mb' ?>
      </li>
    </ul>
  </body>
</html>

 php-ssl/ssl/certs/tls.crt

New file
@@ -0,0 +1,24 @@
-----BEGIN CERTIFICATE-----
MIIEDTCCAvWgAwIBAgIUZ2ILvNHGb6kIggcIKY5ibQ5m1u4wDQYJKoZIhvcNAQEL
BQAwgZUxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJOQzEQMA4GA1UEBwwHUmFsZWln
aDEQMA4GA1UECgwHUmVkIEhhdDERMA8GA1UECwwIVHJhaW5pbmcxHjAcBgNVBAMM
FXRvZG8uYXBwcy5leGFtcGxlLmNvbTEiMCAGCSqGSIb3DQEJARYTdHJhaW5pbmdA
cmVkaGF0LmNvbTAeFw0xOTExMjgyMDQyMDJaFw0yMDExMjcyMDQyMDJaMIGVMQsw
CQYDVQQGEwJVUzELMAkGA1UECAwCTkMxEDAOBgNVBAcMB1JhbGVpZ2gxEDAOBgNV
BAoMB1JlZCBIYXQxETAPBgNVBAsMCFRyYWluaW5nMR4wHAYDVQQDDBV0b2RvLmFw
cHMuZXhhbXBsZS5jb20xIjAgBgkqhkiG9w0BCQEWE3RyYWluaW5nQHJlZGhhdC5j
b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCurfjfmTVju+uJxanJ
cio6DYs1lAQyzKuJeJeKlzIxdY1RT48QN8iBQ6egLCwgZxqUMKhEEHYfxAi6/aKl
cQdr3n77xMVQv+Bub34XX3H2aOE1V9kKh0og0srrvKBUb8su6uiqu0Jpq0eu+Xe7
gVe5WP1b4SeA4ZpAtPugqFRxXLufsyqpVCoGJKvi3XQGHOini/h+Oz/sirpUGJ60
P4IhYOsC3vNPTVB4Bgmcm7AsgEfK19+AQLqYqnmCc8iq2XFmHiAvd7VrqnLFOjpN
FR+x7xrDRAkEB/WiQ+s2HHWMpAYOJb9qfbBCKr1JUH7cX0ZHaEtwMxVvqNcjxpEI
CshpAgMBAAGjUzBRMB0GA1UdDgQWBBSkr4M7N/rBhHeVyBEU0MHlE0i67zAfBgNV
HSMEGDAWgBSkr4M7N/rBhHeVyBEU0MHlE0i67zAPBgNVHRMBAf8EBTADAQH/MA0G
CSqGSIb3DQEBCwUAA4IBAQA01PSkcS8SOgQpNSfIoJ8s2pMOlhQ/0VoEFofheGVt
kekFaPRGn0Z2DEorKXRuclR2Ye4+4zvvAsNXeZZa2jAbhFXA9Zs2SzUDK7xXebUc
azzGd4JFST5KqroV5lAgeEeZdW1r39PCFPLZ36c0jh5g6fbFws7atzO+dqATU2mX
c0qywhEZDz4PfUwyP6B2oG39oNGKj457WMg39oWjopZJ9NK0SKqFybeTjO/13pDr
CWJNC//Eralcdu8zoWF6U5BFiEQTXlmeD4J+AZTmBBT5vaAW1ypEkmRAhPIkAwVs
HryISUxmPg2JCrlU+52jCM3RCXoXCZerrdC+l/xirTgd
-----END CERTIFICATE-----

 php-ssl/ssl/certs/tls.key

New file
@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCurfjfmTVju+uJ
xanJcio6DYs1lAQyzKuJeJeKlzIxdY1RT48QN8iBQ6egLCwgZxqUMKhEEHYfxAi6
/aKlcQdr3n77xMVQv+Bub34XX3H2aOE1V9kKh0og0srrvKBUb8su6uiqu0Jpq0eu
+Xe7gVe5WP1b4SeA4ZpAtPugqFRxXLufsyqpVCoGJKvi3XQGHOini/h+Oz/sirpU
GJ60P4IhYOsC3vNPTVB4Bgmcm7AsgEfK19+AQLqYqnmCc8iq2XFmHiAvd7VrqnLF
OjpNFR+x7xrDRAkEB/WiQ+s2HHWMpAYOJb9qfbBCKr1JUH7cX0ZHaEtwMxVvqNcj
xpEICshpAgMBAAECggEBAIWXJZOTr2I0EMHP+rbGagb13rY+GivjnXjIUlU6prdu
qII77zS/BMffPu5feevaDlixEa7kTAKlQOwJF/+g/sT/Z2wTI7hK1lB/UhZ790M1
GK9cHPBRYV7S9z/shU2uJd0e6IvSJMt9o5fs0CYFmFp29WT0P+rwHrFH+Hz434PF
3WYswUyZLLpuC2bkOPam7AEHQgZ7UHW38GWC72zDVOCUZnxbqknWw9PKIHdMK5EK
7CNkRc9KwTOPnT4uE+h/RiO2LUapxPz9NSfCuGNVmRRPezNajIY8TELNXL4DxC8x
G7IXW3DXCqkHexg0e2YKWWPq9V/iiAJRVUcdTP8sQRECgYEA2NWNgBt1P5seRLy/
77Vz/w57r6Ds7rk/uDPC96SZVSTIHcwKx+UOSNIyzmbBAfW0QGaWnAz/XyUSe6Vj
5KKDHKSKUd7p4w3dzJFfgWl1/M+HyC2eTrDYYaqSAsqKcWLavF2sHU2ISYrGsVrI
czrGqK2LN4xwCFX1Q9hIs3G5mf0CgYEAzjsu+up9gudPdAfavYVyppNh8LABKVcV
1lIlz0UfS4aWq+C6gWjnEqrOKHkvWwzlgozvaEyIChHlTpc/zMo0/DMx+BngYNhh
uvMv7AgbBmo1MEHH/ZFwTKoWF2nlx9ER+FqyeTR8rfuff7fsNp/qwnTWJnY9QdEu
c7EPKXqrDd0CgYAjGcbTMx6y0jh/JhLoCfaiFkUddC6GooRXHEH2drW/m7mtYSdp
noHGdgh1cxrRZ2Xreu/siQoZ69VnIKngDBKvY09k23H/KHJ8OBg+ycSozSuM0x2q
XWRZwxPp0cHBgyAnl/5RrAhg508szKZgSOZ5zcYYkupb3xZaCjwSmFlUPQKBgBEm
Zs/C9FEQf1D83jnogRJNK1XirRYNAenixvYnn2SeeqUseRYN7TlmLuK6wS9nMSbc
JYSc6Ks9tb4FYe7b2fAnKb6iGEC1fdsYIiIUwnqUFnw+3CzADYCynEeyLMOjJUVr
9W+S59NoG2l5mBEq11D4el6Ucp+oj55bWRFv/A2ZAoGBAMehwcekk/7PhroCvuSf
nwsZAfKEC5jrcDkrhZ/Um5q2ca/E0HMKqLB1xscPrNHyNzuxORMPzKQpcQHOQIPW
isRyRaSbbJO23pDlgImY4LZYVjNwYM6bbJZGwr7K1IjPsosiE6j7jMNRVZVlmHA4
E0Gy+qsU9BPz6msZ2LFYRkWX
-----END PRIVATE KEY-----

 python-load/load.py

@@ -12,7 +12,7 @@
import signal

# Change the xrange (allocation) value accordingly.
allocation = 8192
allocation = 1512

stop_loop = 0
def exit_chld(x, y):

New file
			@@ -0,0 +1,27 @@

			FROM registry.access.redhat.com/ubi8:8.0
			LABEL version="1.0" \
			description="A simple PHP application that tests TLS encryption" \
			creationDate="2019-12-13" \
			updatedDate="2019-12-13"

			USER 0
			RUN yum install -y --disableplugin=subscription-manager --nodocs \
			httpd mod_ssl php php-common net-tools procps-ng \
			&& yum clean all

			COPY httpd/httpd.conf /etc/httpd/conf/httpd.conf
			## SSL - This directive configures SSL support for the container
			COPY httpd/ssl.conf /etc/httpd/conf.d/ssl.conf
			## End of SSL

			COPY index.php /var/www/html/index.php

			RUN mkdir /run/php-fpm && \
			chgrp -R 0 /var/www/html /var/log/httpd /var/run/httpd/ /run/php-fpm \
			&& chmod -R g+rwx /var/www/html /var/log/httpd /var/run/httpd/ /run/php-fpm

			EXPOSE 8080 8443
			USER 1001

			CMD php-fpm && httpd -D FOREGROUND

New file
			@@ -0,0 +1,53 @@
			## About this container
			This container deploys a stand-alone PHP page to display some basic information about
			the container. It is mostly used to determine whether this application is served via
			TLS or is exposed via HTTP.

			## How to build
			Run the following command to build the container image:
			`$ podman build -t php-ssl .`

			The container expects a certificate and a key at `/usr/local/etc/ssl/certs`.
			Run the following command to generate a self-signed certificate:
			`$ openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout tls.key -out tls.crt`

			## How to run

			### In HTTP mode
			```
			podman run --name todo -p 8080:8080 php-ssl:latest`
			```

			### In HTTPs mode
			```
			podman run --userns keep-id \
			-v ./ssl/certs:/usr/local/etc/ssl/certs:Z \
			--name todo -p 8443:8443 php-ssl:latest`
			```

			### In HTTP & HTTPS mode
			Notice the port range:

			```
			podman run --userns keep-id \
			-v ./ssl/certs:/usr/local/etc/ssl/certs:Z \
			--name test \
			-p 8080-8443:8080-8443 \
			php-ssl:latest
			```

			### Disable HTTPs support
			If you need to disable HTTPs support, run the following steps:

			1. In `Dockerfile` -- comment line 15:
			```
			# COPY httpd/ssl.conf /etc/httpd/conf.d/ssl.conf
			```
			3. Rebuild the image:
			```
			`$ podman build -t php-ssl:latest .`
			```
			4. Run the following command to create the container:
			```
			`$ podman run --name todo -p 8080:8080 php-ssl:latest`
			```

New file
			@@ -0,0 +1,83 @@
			ServerRoot "/etc/httpd"
			Listen 8080
			Include conf.modules.d/*.conf
			User apache
			Group apache
			PidFile /var/run/httpd/httpd.pid
			ServerAdmin root@localhost

			<Directory />
			AllowOverride none
			Require all denied
			</Directory>

			DocumentRoot "/var/www/html"

			<Directory "/var/www">
			AllowOverride None
			# Allow open access:
			Require all granted
			</Directory>

			# Further relax access to the default document root:
			<Directory "/var/www/html">
			Options Indexes FollowSymLinks
			AllowOverride None
			Require all granted
			</Directory>

			<IfModule dir_module>
			DirectoryIndex index.html
			</IfModule>

			#
			# The following lines prevent .htaccess and .htpasswd files from being
			# viewed by Web clients.
			#
			<Files ".ht*">
			Require all denied
			</Files>

			# Changed by Steve Pousty
			# ErrorLog "logs/error_log"
			ErrorLog "\|/bin/more"
			LogLevel warn

			<IfModule log_config_module>
			LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
			LogFormat "%h %l %u %t \"%r\" %>s %b" common

			<IfModule logio_module>
			# You need to enable mod_logio.c to use %I and %O
			LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
			</IfModule>

			CustomLog "\|/bin/more" combined
			</IfModule>

			<IfModule alias_module>
			ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
			</IfModule>

			<Directory "/var/www/cgi-bin">
			AllowOverride None
			Options None
			Require all granted
			</Directory>

			<IfModule mime_module>
			TypesConfig /etc/mime.types
			AddType application/x-compress .Z
			AddType application/x-gzip .gz .tgz
			AddType text/html .shtml
			AddOutputFilter INCLUDES .shtml
			</IfModule>

			AddDefaultCharset UTF-8

			<IfModule mime_magic_module>
			MIMEMagicFile conf/magic
			</IfModule>

			EnableSendfile on
			IncludeOptional conf.d/*.conf

New file
			@@ -0,0 +1,38 @@
			#
			# This is the Apache server configuration file providing SSL support.
			# It contains the configuration directives to instruct the server how to
			# serve pages over an https connection. For detailing information about these
			# directives see <URL:http://httpd.apache.org/docs/2.2/mod/mod_ssl.html>
			#
			LoadModule ssl_module modules/mod_ssl.so
			Listen 8443
			SSLPassPhraseDialog builtin
			SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
			SSLSessionCacheTimeout 300
			SSLRandomSeed startup file:/dev/urandom 256
			SSLRandomSeed connect builtin

			<VirtualHost _default_:8443>
			ServerName localhost.localdomain:8443
			ErrorLog logs/ssl_error_log
			TransferLog logs/ssl_access_log
			LogLevel warn
			SSLEngine on

			SSLProtocol all -SSLv2
			SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
			SSLCertificateFile /usr/local/etc/ssl/certs/tls.crt
			SSLCertificateKeyFile /usr/local/etc/ssl/certs/tls.key
			# SSLCertificateChainFile /usr/local/etc/ssl/certs/tls-chain.crt

			SetEnvIf User-Agent ".MSIE." \
			nokeepalive ssl-unclean-shutdown \
			downgrade-1.0 force-response-1.0
			CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
			<Files ~ "\.(cgi\|shtml\|phtml\|php3?)$">
			SSLOptions +StdEnvVars
			</Files>
			<Directory "/var/www/cgi-bin">
			SSLOptions +StdEnvVars
			</Directory>
			</VirtualHost>

New file
			@@ -0,0 +1,77 @@
			<?php
			function get_system_load($coreCount = 2, $interval = 1) {
			$rs = sys_getloadavg();
			$interval = $interval >= 1 && 3 <= $interval ? $interval : 1;
			$load = $rs[$interval];
			return round(($load * 100) / $coreCount,2);
			}

			function get_connections() {
			if (function_exists('exec')) {
			$www_total_count = 0;
			@exec ('netstat -an \| egrep \':80\|:443\' \| awk \'{print $5}\' \| grep -v \':::\*\' \| grep -v \'0.0.0.0\'', $results);

			foreach ($results as $result) {
			$array = explode(':', $result);
			$www_total_count ++;
			if (preg_match('/^::/', $result)) {
			$ipaddr = $array[3];
			} else {
			$ipaddr = $array[0];
			}
			if (!in_array($ipaddr, $unique)) {
			$unique[] = $ipaddr;
			$www_unique_count ++;
			}
			}
			unset ($results);

			return count($unique);
			}
			}

			function get_memory_usage() {
			$free = shell_exec('free');
			$free = (string)trim($free);
			$free_arr = explode("\n", $free);
			$mem = explode(" ", $free_arr[1]);
			$mem = array_filter($mem);
			$mem = array_merge($mem);
			$memory_usage = $mem[2] / $mem[1] * 100;

			return $memory_usage;
			}
			?>

			<!DOCTYPE html>
			<html>
			<head>
			<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
			<title>PHP Application</title>
			</head>
			<body>
			<h2><strong>About this application</strong></h2>
			<?php
			if (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off') { ?>
			<i class="fa fa-lock"/><span style="color: #339966;"><strong>
			<?php echo 'The application is currently served over TLS'; ?>
			</span></strong>
			<?php
			} else { ?>
			<i class="fa fa-exclamation-triangle"/><span style="color: #993300;"><strong>
			<?php echo 'The application is currently server over HTTP'; ?>
			</span></strong>
			<?php } ?>
			<ul>
			<li>
			<strong>Current system load:</strong> <?php echo get_system_load() ?>
			</li>
			<li>
			<strong>Number of connections:</strong> <?php echo get_connections() ?>
			</li>
			<li>
			<strong>Memory usage:</strong> <?php echo round(get_memory_usage()) .' Mb' ?>
			</li>
			</ul>
			</body>
			</html>

New file
			@@ -0,0 +1,24 @@
			-----BEGIN CERTIFICATE-----
			MIIEDTCCAvWgAwIBAgIUZ2ILvNHGb6kIggcIKY5ibQ5m1u4wDQYJKoZIhvcNAQEL
			BQAwgZUxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJOQzEQMA4GA1UEBwwHUmFsZWln
			aDEQMA4GA1UECgwHUmVkIEhhdDERMA8GA1UECwwIVHJhaW5pbmcxHjAcBgNVBAMM
			FXRvZG8uYXBwcy5leGFtcGxlLmNvbTEiMCAGCSqGSIb3DQEJARYTdHJhaW5pbmdA
			cmVkaGF0LmNvbTAeFw0xOTExMjgyMDQyMDJaFw0yMDExMjcyMDQyMDJaMIGVMQsw
			CQYDVQQGEwJVUzELMAkGA1UECAwCTkMxEDAOBgNVBAcMB1JhbGVpZ2gxEDAOBgNV
			BAoMB1JlZCBIYXQxETAPBgNVBAsMCFRyYWluaW5nMR4wHAYDVQQDDBV0b2RvLmFw
			cHMuZXhhbXBsZS5jb20xIjAgBgkqhkiG9w0BCQEWE3RyYWluaW5nQHJlZGhhdC5j
			b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCurfjfmTVju+uJxanJ
			cio6DYs1lAQyzKuJeJeKlzIxdY1RT48QN8iBQ6egLCwgZxqUMKhEEHYfxAi6/aKl
			cQdr3n77xMVQv+Bub34XX3H2aOE1V9kKh0og0srrvKBUb8su6uiqu0Jpq0eu+Xe7
			gVe5WP1b4SeA4ZpAtPugqFRxXLufsyqpVCoGJKvi3XQGHOini/h+Oz/sirpUGJ60
			P4IhYOsC3vNPTVB4Bgmcm7AsgEfK19+AQLqYqnmCc8iq2XFmHiAvd7VrqnLFOjpN
			FR+x7xrDRAkEB/WiQ+s2HHWMpAYOJb9qfbBCKr1JUH7cX0ZHaEtwMxVvqNcjxpEI
			CshpAgMBAAGjUzBRMB0GA1UdDgQWBBSkr4M7N/rBhHeVyBEU0MHlE0i67zAfBgNV
			HSMEGDAWgBSkr4M7N/rBhHeVyBEU0MHlE0i67zAPBgNVHRMBAf8EBTADAQH/MA0G
			CSqGSIb3DQEBCwUAA4IBAQA01PSkcS8SOgQpNSfIoJ8s2pMOlhQ/0VoEFofheGVt
			kekFaPRGn0Z2DEorKXRuclR2Ye4+4zvvAsNXeZZa2jAbhFXA9Zs2SzUDK7xXebUc
			azzGd4JFST5KqroV5lAgeEeZdW1r39PCFPLZ36c0jh5g6fbFws7atzO+dqATU2mX
			c0qywhEZDz4PfUwyP6B2oG39oNGKj457WMg39oWjopZJ9NK0SKqFybeTjO/13pDr
			CWJNC//Eralcdu8zoWF6U5BFiEQTXlmeD4J+AZTmBBT5vaAW1ypEkmRAhPIkAwVs
			HryISUxmPg2JCrlU+52jCM3RCXoXCZerrdC+l/xirTgd
			-----END CERTIFICATE-----

New file
			@@ -0,0 +1,28 @@
			-----BEGIN PRIVATE KEY-----
			MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCurfjfmTVju+uJ
			xanJcio6DYs1lAQyzKuJeJeKlzIxdY1RT48QN8iBQ6egLCwgZxqUMKhEEHYfxAi6
			/aKlcQdr3n77xMVQv+Bub34XX3H2aOE1V9kKh0og0srrvKBUb8su6uiqu0Jpq0eu
			+Xe7gVe5WP1b4SeA4ZpAtPugqFRxXLufsyqpVCoGJKvi3XQGHOini/h+Oz/sirpU
			GJ60P4IhYOsC3vNPTVB4Bgmcm7AsgEfK19+AQLqYqnmCc8iq2XFmHiAvd7VrqnLF
			OjpNFR+x7xrDRAkEB/WiQ+s2HHWMpAYOJb9qfbBCKr1JUH7cX0ZHaEtwMxVvqNcj
			xpEICshpAgMBAAECggEBAIWXJZOTr2I0EMHP+rbGagb13rY+GivjnXjIUlU6prdu
			qII77zS/BMffPu5feevaDlixEa7kTAKlQOwJF/+g/sT/Z2wTI7hK1lB/UhZ790M1
			GK9cHPBRYV7S9z/shU2uJd0e6IvSJMt9o5fs0CYFmFp29WT0P+rwHrFH+Hz434PF
			3WYswUyZLLpuC2bkOPam7AEHQgZ7UHW38GWC72zDVOCUZnxbqknWw9PKIHdMK5EK
			7CNkRc9KwTOPnT4uE+h/RiO2LUapxPz9NSfCuGNVmRRPezNajIY8TELNXL4DxC8x
			G7IXW3DXCqkHexg0e2YKWWPq9V/iiAJRVUcdTP8sQRECgYEA2NWNgBt1P5seRLy/
			77Vz/w57r6Ds7rk/uDPC96SZVSTIHcwKx+UOSNIyzmbBAfW0QGaWnAz/XyUSe6Vj
			5KKDHKSKUd7p4w3dzJFfgWl1/M+HyC2eTrDYYaqSAsqKcWLavF2sHU2ISYrGsVrI
			czrGqK2LN4xwCFX1Q9hIs3G5mf0CgYEAzjsu+up9gudPdAfavYVyppNh8LABKVcV
			1lIlz0UfS4aWq+C6gWjnEqrOKHkvWwzlgozvaEyIChHlTpc/zMo0/DMx+BngYNhh
			uvMv7AgbBmo1MEHH/ZFwTKoWF2nlx9ER+FqyeTR8rfuff7fsNp/qwnTWJnY9QdEu
			c7EPKXqrDd0CgYAjGcbTMx6y0jh/JhLoCfaiFkUddC6GooRXHEH2drW/m7mtYSdp
			noHGdgh1cxrRZ2Xreu/siQoZ69VnIKngDBKvY09k23H/KHJ8OBg+ycSozSuM0x2q
			XWRZwxPp0cHBgyAnl/5RrAhg508szKZgSOZ5zcYYkupb3xZaCjwSmFlUPQKBgBEm
			Zs/C9FEQf1D83jnogRJNK1XirRYNAenixvYnn2SeeqUseRYN7TlmLuK6wS9nMSbc
			JYSc6Ks9tb4FYe7b2fAnKb6iGEC1fdsYIiIUwnqUFnw+3CzADYCynEeyLMOjJUVr
			9W+S59NoG2l5mBEq11D4el6Ucp+oj55bWRFv/A2ZAoGBAMehwcekk/7PhroCvuSf
			nwsZAfKEC5jrcDkrhZ/Um5q2ca/E0HMKqLB1xscPrNHyNzuxORMPzKQpcQHOQIPW
			isRyRaSbbJO23pDlgImY4LZYVjNwYM6bbJZGwr7K1IjPsosiE6j7jMNRVZVlmHA4
			E0Gy+qsU9BPz6msZ2LFYRkWX
			-----END PRIVATE KEY-----

			@@ -12,7 +12,7 @@
			import signal

			# Change the xrange (allocation) value accordingly.
			allocation = 8192
			allocation = 1512

			stop_loop = 0
			def exit_chld(x, y):