diff --git a/.github/workflows/build-php-images.yml b/.github/workflows/build-php-images.yml
index 9c7c1fa5..c9a6eb4d 100644
--- a/.github/workflows/build-php-images.yml
+++ b/.github/workflows/build-php-images.yml
@@ -22,6 +22,12 @@ jobs:
fail-fast: false
matrix:
include:
+ - image: php
+ tag: 8.5-fpm-5
+ context: images/8.5-fpm
+ - image: php
+ tag: 8.5-apache-5
+ context: images/8.5-apache
- image: php
tag: 8.4-fpm-5
context: images/8.4-fpm
diff --git a/.github/workflows/pr-php-tests.yml b/.github/workflows/pr-php-tests.yml
index 7ec0eb6c..21c7fe50 100644
--- a/.github/workflows/pr-php-tests.yml
+++ b/.github/workflows/pr-php-tests.yml
@@ -23,6 +23,7 @@ jobs:
- examples/8.2
- examples/8.3
- examples/8.4
+ - examples/8.5
- examples/custom
- examples/composer
- examples/php-extensions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4ab20f32..23f3e8d8 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,7 @@
## {{ UNRELEASED_VERSION }} - [{{ UNRELEASED_DATE }}]({{ UNRELEASED_LINK }})
+* Added support for PHP 8.5
+
## v1.8.0 - [September 2, 2025](https://github.com/lando/php/releases/tag/v1.8.0)
* Removed automatic installation of `hirak/prestissimo` for `composer:1`
diff --git a/builders/php.js b/builders/php.js
index bb4ea90f..f79ef6e1 100644
--- a/builders/php.js
+++ b/builders/php.js
@@ -126,7 +126,7 @@ module.exports = {
name: 'php',
config: {
version: '7.4',
- supported: ['8.4', '8.3', '8.2', '8.1', '8.0', '7.4', '7.3', '7.2', '7.1', '7.0', '5.6', '5.5', '5.4', '5.3'],
+ supported: ['8.5', '8.4', '8.3', '8.2', '8.1', '8.0', '7.4', '7.3', '7.2', '7.1', '7.0', '5.6', '5.5', '5.4', '5.3'],
legacy: ['7.2', '7.1', '7.0', '5.6', '5.5', '5.4', '5.3'],
gen2: ['5.5', '5.4', '5.3'],
path: [
diff --git a/docs/extensions.md b/docs/extensions.md
index cf417421..55052edf 100644
--- a/docs/extensions.md
+++ b/docs/extensions.md
@@ -5,66 +5,66 @@ description: Learn what extensions are installed in the Lando PHP plugin
# Installed Extensions
-| | 5.3 | 5.4 | 5.5 | 5.6 | 7.0 | 7.1 | 7.2 | 7.3 | 7.4 | 8.0 | 8.1 | 8.2 | 8.3 | 8.4 |
-| -- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- |
-| apc | X | X | | | | | | | | | | | | |
-| apcu | | | X | X | X | X | X | X | X | X | X | X | X | X |
-| bcmath | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| bz2 | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| calendar | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| Core | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| ctype | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| curl | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| date | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| dom | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| exif | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| fileinfo | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| filter | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| ftp | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| gd | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| gettext | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| hash | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| iconv | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| imagick | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| imap | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| intl | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| json | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| ldap | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| libxml | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| mbstring | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| mcrypt | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| memcached | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| mysqli | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| mysqlnd | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| OAuth | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| OPcache | | | X | X | X | X | X | X | X | X | X | X | X | X |
-| openssl | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| pcntl | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| pcre | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| PDO | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| pdo_mysql | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| pdo_pgsql | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| pdo_sqlite| X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| Phar | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| posix | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| readline | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| redis | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| readline | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| Reflection| X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| session | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| SimpleXML | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| soap | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| SPL | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| sqlite3 | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| standard | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| tokenizer | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| xdebug | * | * | * | * | * | * | * | * | * | * | * | * | * | * |
-| xhprof | | | | | | | | | X | X | X | X | X | X |
-| xml | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| xmlreader | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| xmlwriter | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| zip | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
-| zlib | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| | 5.3 | 5.4 | 5.5 | 5.6 | 7.0 | 7.1 | 7.2 | 7.3 | 7.4 | 8.0 | 8.1 | 8.2 | 8.3 | 8.4 | 8.5 |
+| -- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- |
+| apc | X | X | | | | | | | | | | | | | |
+| apcu | | | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| bcmath | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| bz2 | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| calendar | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| Core | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| ctype | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| curl | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| date | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| dom | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| exif | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| fileinfo | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| filter | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| ftp | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| gd | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| gettext | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| hash | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| iconv | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| imagick | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| imap | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| intl | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| json | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| ldap | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| libxml | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| mbstring | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| mcrypt | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| memcached | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| mysqli | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| mysqlnd | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| OAuth | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| OPcache | | | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| openssl | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| pcntl | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| pcre | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| PDO | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| pdo_mysql | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| pdo_pgsql | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| pdo_sqlite| X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| Phar | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| posix | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| readline | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| redis | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| readline | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| Reflection| X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| session | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| SimpleXML | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| soap | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| SPL | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| sqlite3 | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| standard | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| tokenizer | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| xdebug | * | * | * | * | * | * | * | * | * | * | * | * | * | * | * |
+| xhprof | | | | | | | | | X | X | X | X | X | X | X |
+| xml | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| xmlreader | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| xmlwriter | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| zip | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
+| zlib | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X |
__*__ Note that `xdebug` is off by default but you can enable it by setting your `php` services config to `xdebug: true`. Read more about this in "Configuration" above.
diff --git a/docs/index.md b/docs/index.md
index c81a798a..4ce65304 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -19,6 +19,7 @@ services:
## Supported versions
+* [8.5](https://hub.docker.com/r/devwithlando/php)
* [8.4](https://hub.docker.com/r/devwithlando/php)
* [8.3](https://hub.docker.com/r/devwithlando/php)
* [8.2](https://hub.docker.com/r/devwithlando/php)
diff --git a/examples/8.5/.gitignore b/examples/8.5/.gitignore
new file mode 100644
index 00000000..4ef7878c
--- /dev/null
+++ b/examples/8.5/.gitignore
@@ -0,0 +1,3 @@
+vendor
+composer.json
+test
diff --git a/examples/8.5/.lando.yml b/examples/8.5/.lando.yml
new file mode 100644
index 00000000..0f260cf5
--- /dev/null
+++ b/examples/8.5/.lando.yml
@@ -0,0 +1,57 @@
+name: lando-php85
+events:
+ post-start:
+ - defaults: php -i | grep memory_limit | grep -e "-1"
+services:
+ defaults:
+ type: php:8.5
+ cli:
+ type: php:8.5
+ via: cli
+ build_as_root:
+ - curl -sL https://deb.nodesource.com/setup_18.x | bash -
+ - apt-get update -y
+ - apt-get install -y nodejs
+ cliworker:
+ type: php:8.5
+ composer_version: false
+ via: cli
+ command: sleep infinity
+ custom:
+ type: php:8.5
+ composer_version: "2.9.2"
+ via: nginx
+ ssl: true
+ webroot: web
+ config:
+ php: config/php.ini
+ overrides:
+ image: devwithlando/php:8.5-fpm-5
+ environment:
+ DUALBLADE: maxim
+ OTHER: thing
+ custom_nginx:
+ build_as_root:
+ - apt-get update -y
+ - apt-get install curl -y
+ - mkdir -p /app/test && touch /app/test/managed_build_step
+ overrides:
+ environment:
+ MORE: things
+ OTHER: stuff
+tooling:
+ php:
+ service: defaults
+ node:
+ service: :host
+ options:
+ host:
+ description: The service to use
+ default: cli
+ alias:
+ - h
+
+# This is important because it lets lando know to test against the plugin in this repo
+# DO NOT REMOVE THIS!
+plugins:
+ "@lando/php": ../..
diff --git a/examples/8.5/README.md b/examples/8.5/README.md
new file mode 100644
index 00000000..8d603f05
--- /dev/null
+++ b/examples/8.5/README.md
@@ -0,0 +1,122 @@
+# PHP 8.5 Example
+
+This example exists primarily to test the following documentation:
+
+* [PHP Service](https://docs.lando.dev/config/php.html)
+
+And probably other stuff
+
+## Start up tests
+
+Run the following commands to get up and running with this example.
+
+```bash
+# Should start up successfully
+lando poweroff
+lando start
+```
+
+## Verification commands
+
+Run the following commands to validate things are rolling as they should.
+
+```bash
+# Should use 8.5 as the default php version
+lando exec defaults -- php -v | tee >(cat 1>&2) | grep "PHP 8.5"
+
+# Should use 15.x as the default postgresql-client version
+lando exec defaults -- psql -V | tee >(cat 1>&2) | grep "15."
+
+# Should use apache 2.4 as the default webserver version
+lando exec defaults -- apachectl -V | tee >(cat 1>&2) | grep "2.4."
+
+# Should only serve over http by default
+lando exec defaults -- curl https://localhost || echo $? | grep 7
+
+# Should serve from the app root by default
+lando exec defaults -- curl http://localhost | grep "ROOTDIR"
+
+# Should have a 1G php mem limit on appserver
+lando exec defaults -- curl http://localhost | grep "memory_limit" | grep "1G"
+
+# Should have COMPOSER_MEMORY_LIMIT set to -1
+lando exec defaults -- env | grep "COMPOSER_MEMORY_LIMIT=-1"
+
+# Should install composer 2.x by default
+lando exec defaults -- composer --version --no-ansi | tee >(cat 1>&2) | grep -q "Composer version 2."
+
+# Should have unlimited memory for php for CLI opts
+lando php -i | grep memory_limit | grep -e "-1"
+lando exec defaults -- php -i | grep "memory_limit" | grep -e "-1"
+
+# Should not enable xdebug by default
+lando exec defaults -- php -m | grep xdebug || echo $? | grep 1
+
+# Should have a PATH_INFO and PATH_TRANSLATED SERVER vars
+lando exec custom_nginx -- curl https://localhost | grep SERVER | grep PATH_INFO
+lando exec custom_nginx -- curl https://localhost | grep SERVER | grep PATH_TRANSLATED
+
+# Should use specified php version if given
+lando exec custom -- php -v | tee >(cat 1>&2) | grep "PHP 8.5"
+
+# Should install composer 2.9.2 if version number is set
+lando exec custom -- composer --version --no-ansi | tee >(cat 1>&2) | grep -q "Composer version 2.9.2"
+
+# Should serve via nginx if specified
+lando exec custom_nginx -- curl http://localhost | grep "WEBDIR"
+
+# Should serve via https if specified
+lando exec custom_nginx -- curl https://localhost | grep "WEBDIR"
+
+# Should not serve port 80 for cli
+lando exec cli -- curl http://localhost || echo $? | grep 7
+
+# Should use custom php ini if specified
+lando exec custom -- php -i | grep memory_limit | grep 514
+lando exec custom -- curl http://custom_nginx | grep html_errors | grep On | grep On
+
+# Should serve and be accessible over ssl if specified
+lando exec custom_nginx -- curl https://localhost
+lando exec custom -- curl https://custom_nginx
+
+# Should inherit overrides from its generator
+lando exec custom -- env | grep DUALBLADE | grep maxim
+lando exec custom_nginx -- env | grep DUALBLADE | grep maxim
+
+# Should be able to run build steps on lando managed nginx service
+# https://github.com/lando/lando/issues/1990
+lando exec custom_nginx -- cat /app/test/managed_build_step
+
+# Should be able to override lando managed nginx service
+# https://github.com/lando/lando/issues/1990
+lando exec custom_nginx -- env | grep OTHER | grep stuff
+lando exec custom_nginx -- env | grep MORE | grep things
+
+# Should set PATH_INFO and PATH_TRANSLATED if appropriate
+# https://github.com/lando/lando/issues/2192
+lando exec custom_nginx -- curl http://localhost/path_info.php/a/b.php | grep PATH_INFO | grep "/a/b.php"
+lando exec custom_nginx -- curl http://localhost/path_info.php/a/b.php | grep PATH_TRANSLATED | grep "/app/web/a/b.php"
+lando exec custom_nginx -- curl http://localhost/path_info.php/a/b.php | grep SCRIPT_NAME | grep "/path_info.php"
+lando exec defaults -- curl http://localhost/path_info.php/a/b.php | grep PATH_INFO | grep "/a/b.php"
+lando exec defaults -- curl http://localhost/path_info.php/a/b.php | grep PATH_TRANSLATED | grep "/app/a/b.php"
+lando exec defaults -- curl http://localhost/path_info.php/a/b.php | grep SCRIPT_NAME | grep "/path_info.php"
+
+# Should allow cli services to specify a boot up command
+lando info -s cliworker --deep | grep Cmd | grep sleep | grep infinity
+
+# Should not install composer when composer_version is false
+echo $(lando exec cliworker -- composer --version --no-ansi 2>&1) | grep "executable file not found"
+
+# Should have node 18 installed in cli service
+lando node -v | tee >(cat 1>&2) | grep v18.
+```
+
+## Destroy tests
+
+Run the following commands to trash this app like nothing ever happened.
+
+```bash
+# Should be destroyed with success
+lando destroy -y
+lando poweroff
+```
diff --git a/examples/8.5/config/apache.conf b/examples/8.5/config/apache.conf
new file mode 100644
index 00000000..3a829532
--- /dev/null
+++ b/examples/8.5/config/apache.conf
@@ -0,0 +1,188 @@
+
+ # WHAT IN THE WORLD HAPPENED TO YOU, SERIOUSLY
+ # The ServerName directive sets the request scheme, hostname and port that
+ # the server uses to identify itself. This is used when creating
+ # redirection URLs. In the context of virtual hosts, the ServerName
+ # specifies what hostname must appear in the request's Host: header to
+ # match this virtual host. For the default virtual host (this file) this
+ # value is not decisive as it is used as a last resort host regardless.
+ # However, you must set it for any further virtual host explicitly.
+ ServerName appserver
+
+ ServerAdmin webmaster@localhost
+ DocumentRoot ${LANDO_WEBROOT}
+
+ Options Indexes FollowSymLinks MultiViews
+ AllowOverride All
+ Order allow,deny
+ Allow from all
+ Require all granted
+
+
+ # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
+ # error, crit, alert, emerg.
+ # It is also possible to configure the loglevel for particular
+ # modules, e.g.
+ #LogLevel info ssl:warn
+
+ ErrorLog ${APACHE_LOG_DIR}/error.log
+ CustomLog ${APACHE_LOG_DIR}/access.log combined
+
+ # For most configuration files from conf-available/, which are
+ # enabled or disabled at a global level, it is possible to
+ # include a line for only one particular virtual host. For example the
+ # following line enables the CGI configuration for this host only
+ # after it has been globally disabled with "a2disconf".
+ #Include conf-available/serve-cgi-bin.conf
+
+ # Pass some common ENVs, its ok if this fails
+ SetEnv BACKDROP_SETTINGS ${BACKDROP_SETTINGS}
+ SetEnvIf x-forwarded-proto https HTTPS=on
+
+
+
+
+
+ ServerAdmin webmaster@localhost
+ ServerName appserver
+
+ DocumentRoot ${LANDO_WEBROOT}
+
+ Options Indexes FollowSymLinks MultiViews
+ AllowOverride All
+ Order allow,deny
+ Allow from all
+ Require all granted
+
+ # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
+ # error, crit, alert, emerg.
+ # It is also possible to configure the loglevel for particular
+ # modules, e.g.
+ #LogLevel info ssl:warn
+
+ ErrorLog ${APACHE_LOG_DIR}/error.log
+ CustomLog ${APACHE_LOG_DIR}/access.log combined
+
+ # For most configuration files from conf-available/, which are
+ # enabled or disabled at a global level, it is possible to
+ # include a line for only one particular virtual host. For example the
+ # following line enables the CGI configuration for this host only
+ # after it has been globally disabled with "a2disconf".
+ #Include conf-available/serve-cgi-bin.conf
+
+ # SSL Engine Switch:
+ # Enable/Disable SSL for this virtual host.
+ SSLEngine on
+
+ # A self-signed (snakeoil) certificate can be created by installing
+ # the ssl-cert package. See
+ # /usr/share/doc/apache2/README.Debian.gz for more info.
+ # If both key and certificate are stored in the same file, only the
+ # SSLCertificateFile directive is needed.
+ SSLCertificateFile "/certs/cert.crt"
+ SSLCertificateKeyFile "/certs/cert.key"
+
+ # Server Certificate Chain:
+ # Point SSLCertificateChainFile at a file containing the
+ # concatenation of PEM encoded CA certificates which form the
+ # certificate chain for the server certificate. Alternatively
+ # the referenced file can be the same as SSLCertificateFile
+ # when the CA certificates are directly appended to the server
+ # certificate for convenience.
+ #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt
+
+ # Certificate Authority (CA):
+ # Set the CA certificate verification path where to find CA
+ # certificates for client authentication or alternatively one
+ # huge file containing all of them (file must be PEM encoded)
+ # Note: Inside SSLCACertificatePath you need hash symlinks
+ # to point to the certificate files. Use the provided
+ # Makefile to update the hash symlinks after changes.
+ #SSLCACertificatePath /etc/ssl/certs/
+ #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt
+
+ # Certificate Revocation Lists (CRL):
+ # Set the CA revocation path where to find CA CRLs for client
+ # authentication or alternatively one huge file containing all
+ # of them (file must be PEM encoded)
+ # Note: Inside SSLCARevocationPath you need hash symlinks
+ # to point to the certificate files. Use the provided
+ # Makefile to update the hash symlinks after changes.
+ #SSLCARevocationPath /etc/apache2/ssl.crl/
+ #SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl
+
+ # Client Authentication (Type):
+ # Client certificate verification type and depth. Types are
+ # none, optional, require and optional_no_ca. Depth is a
+ # number which specifies how deeply to verify the certificate
+ # issuer chain before deciding the certificate is not valid.
+ #SSLVerifyClient require
+ #SSLVerifyDepth 10
+
+ # SSL Engine Options:
+ # Set various options for the SSL engine.
+ # o FakeBasicAuth:
+ # Translate the client X.509 into a Basic Authorisation. This means that
+ # the standard Auth/DBMAuth methods can be used for access control. The
+ # user name is the `one line' version of the client's X.509 certificate.
+ # Note that no password is obtained from the user. Every entry in the user
+ # file needs this password: `xxj31ZMTZzkVA'.
+ # o ExportCertData:
+ # This exports two additional environment variables: SSL_CLIENT_CERT and
+ # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
+ # server (always existing) and the client (only existing when client
+ # authentication is used). This can be used to import the certificates
+ # into CGI scripts.
+ # o StdEnvVars:
+ # This exports the standard SSL/TLS related `SSL_*' environment variables.
+ # Per default this exportation is switched off for performance reasons,
+ # because the extraction step is an expensive operation and is usually
+ # useless for serving static content. So one usually enables the
+ # exportation for CGI and SSI requests only.
+ # o OptRenegotiate:
+ # This enables optimized SSL connection renegotiation handling when SSL
+ # directives are used in per-directory context.
+ #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
+
+ SSLOptions +StdEnvVars
+
+
+ SSLOptions +StdEnvVars
+
+
+ # SSL Protocol Adjustments:
+ # The safe and default but still SSL/TLS standard compliant shutdown
+ # approach is that mod_ssl sends the close notify alert but doesn't wait for
+ # the close notify alert from client. When you need a different shutdown
+ # approach you can use one of the following variables:
+ # o ssl-unclean-shutdown:
+ # This forces an unclean shutdown when the connection is closed, i.e. no
+ # SSL close notify alert is send or allowed to received. This violates
+ # the SSL/TLS standard but is needed for some brain-dead browsers. Use
+ # this when you receive I/O errors because of the standard approach where
+ # mod_ssl sends the close notify alert.
+ # o ssl-accurate-shutdown:
+ # This forces an accurate shutdown when the connection is closed, i.e. a
+ # SSL close notify alert is send and mod_ssl waits for the close notify
+ # alert of the client. This is 100% SSL/TLS standard compliant, but in
+ # practice often causes hanging connections with brain-dead browsers. Use
+ # this only for browsers where you know that their SSL implementation
+ # works correctly.
+ # Notice: Most problems of broken clients are also related to the HTTP
+ # keep-alive facility, so you usually additionally want to disable
+ # keep-alive for those clients, too. Use variable "nokeepalive" for this.
+ # Similarly, one has to force some clients to use HTTP/1.0 to workaround
+ # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
+ # "force-response-1.0" for this.
+ BrowserMatch "MSIE [2-6]" \
+ nokeepalive ssl-unclean-shutdown \
+ downgrade-1.0 force-response-1.0
+ # MSIE 7 and newer should be able to use keepalive
+ BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
+
+ # Pass some common ENVs, its ok if this fails
+ SetEnv BACKDROP_SETTINGS ${BACKDROP_SETTINGS}
+ SetEnvIf x-forwarded-proto https HTTPS=on
+
+
+
diff --git a/examples/8.5/config/nginx.conf b/examples/8.5/config/nginx.conf
new file mode 100644
index 00000000..f8744509
--- /dev/null
+++ b/examples/8.5/config/nginx.conf
@@ -0,0 +1,30 @@
+server {
+ listen 443 ssl;
+ listen 80;
+ listen [::]:80 default ipv6only=on;
+ server_name localhost;
+
+ ssl_certificate /certs/cert.crt;
+ ssl_certificate_key /certs/cert.key;
+
+ ssl_session_cache shared:SSL:1m;
+ ssl_session_timeout 5m;
+
+ ssl_ciphers HIGH:!aNULL:!MD5;
+ ssl_prefer_server_ciphers on;
+
+ root "{{LANDO_WEBROOT}}";
+ index index.php index.html index.htm;
+
+ # hello
+ location ~ \.php$ {
+ fastcgi_pass fpm:9000;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_buffers 256 128k;
+ fastcgi_connect_timeout 300s;
+ fastcgi_send_timeout 300s;
+ fastcgi_read_timeout 300s;
+ include fastcgi_params;
+ }
+}
diff --git a/examples/8.5/config/php.ini b/examples/8.5/config/php.ini
new file mode 100644
index 00000000..1076fd29
--- /dev/null
+++ b/examples/8.5/config/php.ini
@@ -0,0 +1,4 @@
+[PHP]
+
+memory_limit = 514M
+html_errors = On
diff --git a/examples/8.5/index.php b/examples/8.5/index.php
new file mode 100644
index 00000000..d64cf6b3
--- /dev/null
+++ b/examples/8.5/index.php
@@ -0,0 +1,3 @@
+ROOTDIR
+
+
diff --git a/examples/8.5/path_info.php b/examples/8.5/path_info.php
new file mode 100644
index 00000000..ccce0c3c
--- /dev/null
+++ b/examples/8.5/path_info.php
@@ -0,0 +1 @@
+
diff --git a/examples/8.5/web/index.php b/examples/8.5/web/index.php
new file mode 100644
index 00000000..b9b85a7c
--- /dev/null
+++ b/examples/8.5/web/index.php
@@ -0,0 +1,3 @@
+WEBDIR
+
+
diff --git a/examples/8.5/web/path_info.php b/examples/8.5/web/path_info.php
new file mode 100644
index 00000000..ccce0c3c
--- /dev/null
+++ b/examples/8.5/web/path_info.php
@@ -0,0 +1 @@
+
diff --git a/images/8.5-apache/Dockerfile b/images/8.5-apache/Dockerfile
new file mode 100644
index 00000000..280ccbd2
--- /dev/null
+++ b/images/8.5-apache/Dockerfile
@@ -0,0 +1,78 @@
+# docker buildx build -t devwithlando/php:8.5-apache-5 .
+
+FROM php:8.5-apache-bookworm
+
+ARG TARGETARCH
+
+ADD --chmod=0755 https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions /usr/local/bin/
+
+RUN \
+ # MariaDB client compatibility (https://github.com/lando/php/issues/120)
+ mkdir -p /etc/apt/keyrings \
+ && curl -o /etc/apt/keyrings/mariadb-keyring.pgp 'https://mariadb.org/mariadb_release_signing_key.pgp' \
+ && echo "deb [signed-by=/etc/apt/keyrings/mariadb-keyring.pgp] https://mirror.mariadb.org/repo/11.4/debian bookworm main" > /etc/apt/sources.list.d/mariadb.list
+
+# Drupal 11 requires sqlite3 3.45+
+ARG SQLITE_VERSION=3.45.1
+RUN \
+ curl -Lo /tmp/sqlite3.deb "https://snapshot.debian.org/archive/debian/20240506T211830Z/pool/main/s/sqlite3/sqlite3_${SQLITE_VERSION}-1_${TARGETARCH}.deb" \
+ && curl -Lo /tmp/libsqlite3-0.deb "https://snapshot.debian.org/archive/debian/20240506T211830Z/pool/main/s/sqlite3/libsqlite3-0_${SQLITE_VERSION}-1_${TARGETARCH}.deb" \
+ && curl -Lo /tmp/libsqlite3-dev.deb "https://snapshot.debian.org/archive/debian/20240506T211830Z/pool/main/s/sqlite3/libsqlite3-dev_${SQLITE_VERSION}-1_${TARGETARCH}.deb"
+
+RUN \
+ mkdir -p /usr/share/man/man1 /usr/share/man/man7 \
+ && apt -y update && apt-get install -y \
+ default-mysql-client \
+ exiftool \
+ git-core \
+ gnupg2 \
+ imagemagick \
+ mariadb-client \
+ mariadb-client-compat \
+ postgresql-client-15 \
+ pv \
+ rsync \
+ ssh \
+ unzip \
+ wget \
+ /tmp/sqlite3.deb \
+ /tmp/libsqlite3-0.deb \
+ /tmp/libsqlite3-dev.deb
+
+RUN \
+ install-php-extensions @fix_letsencrypt \
+ && install-php-extensions apcu \
+ && install-php-extensions bcmath \
+ && install-php-extensions bz2 \
+ && install-php-extensions calendar \
+ && install-php-extensions exif \
+ && install-php-extensions gd \
+ && install-php-extensions gettext \
+ && install-php-extensions imagick/imagick@master \
+ && install-php-extensions imap \
+ && install-php-extensions intl \
+ && install-php-extensions ldap \
+ && install-php-extensions mbstring \
+ && install-php-extensions memcached \
+ && install-php-extensions mysqli \
+ && install-php-extensions oauth \
+ && install-php-extensions opcache \
+ && install-php-extensions pcntl \
+ && install-php-extensions pdo \
+ && install-php-extensions pdo_mysql \
+ && install-php-extensions pdo_pgsql \
+ && install-php-extensions redis \
+ && install-php-extensions soap \
+ && install-php-extensions xhprof \
+ && install-php-extensions zip
+
+# Install xdebug but disable it by default
+RUN install-php-extensions xdebug/xdebug@master \
+ && rm -f /usr/local/etc/php/conf.d/*xdebug.ini
+
+RUN \
+ chsh -s /bin/bash www-data && mkdir -p /var/www/.composer && chown -R www-data:www-data /var/www \
+ && apt-get -y clean \
+ && apt-get -y autoclean \
+ && apt-get -y autoremove \
+ && rm -rf /var/lib/apt/lists/* && rm -rf && rm -rf /var/lib/cache/* && rm -rf /var/lib/log/* && rm -rf /tmp/*
diff --git a/images/8.5-fpm/Dockerfile b/images/8.5-fpm/Dockerfile
new file mode 100644
index 00000000..a74be32c
--- /dev/null
+++ b/images/8.5-fpm/Dockerfile
@@ -0,0 +1,79 @@
+# docker buildx build -t devwithlando/php:8.5-fpm-5 .
+
+FROM php:8.5-fpm-bookworm
+
+ARG TARGETARCH
+
+ADD --chmod=0755 https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions /usr/local/bin/
+
+RUN \
+ # MariaDB client compatibility (https://github.com/lando/php/issues/120)
+ mkdir -p /etc/apt/keyrings \
+ && curl -o /etc/apt/keyrings/mariadb-keyring.pgp 'https://mariadb.org/mariadb_release_signing_key.pgp' \
+ && echo "deb [signed-by=/etc/apt/keyrings/mariadb-keyring.pgp] https://mirror.mariadb.org/repo/11.4/debian bookworm main" > /etc/apt/sources.list.d/mariadb.list
+
+# Drupal 11 requires sqlite3 3.45+
+ARG SQLITE_VERSION=3.45.1
+RUN \
+ curl -Lo /tmp/sqlite3.deb "https://snapshot.debian.org/archive/debian/20240506T211830Z/pool/main/s/sqlite3/sqlite3_${SQLITE_VERSION}-1_${TARGETARCH}.deb" \
+ && curl -Lo /tmp/libsqlite3-0.deb "https://snapshot.debian.org/archive/debian/20240506T211830Z/pool/main/s/sqlite3/libsqlite3-0_${SQLITE_VERSION}-1_${TARGETARCH}.deb" \
+ && curl -Lo /tmp/libsqlite3-dev.deb "https://snapshot.debian.org/archive/debian/20240506T211830Z/pool/main/s/sqlite3/libsqlite3-dev_${SQLITE_VERSION}-1_${TARGETARCH}.deb"
+
+RUN \
+ mkdir -p /usr/share/man/man1 /usr/share/man/man7 \
+ && apt -y update && apt-get install -y \
+ bzip2 \
+ default-mysql-client \
+ exiftool \
+ git-core \
+ gnupg2 \
+ imagemagick \
+ mariadb-client \
+ mariadb-client-compat \
+ postgresql-client-15 \
+ pv \
+ rsync \
+ ssh \
+ unzip \
+ wget \
+ /tmp/sqlite3.deb \
+ /tmp/libsqlite3-0.deb \
+ /tmp/libsqlite3-dev.deb
+
+RUN \
+ install-php-extensions @fix_letsencrypt \
+ && install-php-extensions apcu \
+ && install-php-extensions bcmath \
+ && install-php-extensions bz2 \
+ && install-php-extensions calendar \
+ && install-php-extensions exif \
+ && install-php-extensions gd \
+ && install-php-extensions gettext \
+ && install-php-extensions imagick/imagick@master \
+ && install-php-extensions imap \
+ && install-php-extensions intl \
+ && install-php-extensions ldap \
+ && install-php-extensions mbstring \
+ && install-php-extensions memcached \
+ && install-php-extensions mysqli \
+ && install-php-extensions oauth \
+ && install-php-extensions opcache \
+ && install-php-extensions pcntl \
+ && install-php-extensions pdo \
+ && install-php-extensions pdo_mysql \
+ && install-php-extensions pdo_pgsql \
+ && install-php-extensions redis \
+ && install-php-extensions soap \
+ && install-php-extensions xhprof \
+ && install-php-extensions zip
+
+# Install xdebug but disable it by default
+RUN install-php-extensions xdebug/xdebug@master \
+ && rm -f /usr/local/etc/php/conf.d/*xdebug.ini
+
+RUN \
+ chsh -s /bin/bash www-data && mkdir -p /var/www/.composer && chown -R www-data:www-data /var/www \
+ && apt-get -y clean \
+ && apt-get -y autoclean \
+ && apt-get -y autoremove \
+ && rm -rf /var/lib/apt/lists/* && rm -rf && rm -rf /var/lib/cache/* && rm -rf /var/lib/log/* && rm -rf /tmp/*