Public | Automated Build

Last pushed: a year ago
Short Description
Hiawatha secure web-server (pure automated build on alpine without any additional files)
Full Description

Hiawatha Docker Container

This is a lightweight Docker container that provides the Hiawatha web server.

Usage is straightforward and relies only on a data volume mounted at /var/www. There is a second volume for logging at /var/log/hiawatha.

PHP is supported but is not built-in to the container. The startup script will make provision for linking to a PHP-FPM instance listening on port 9000. If this is not linked PHP scripts will not be intepreted.

Minimal Example Usage:

docker build -t heri16/hiawatha .
mkdir www
docker run -P --name web -v ./www/:/var/www -v ./hosts.conf:/etc/hiawatha/hosts.conf heri16/hiawatha

Full Example usage:

docker build -t heri16/hiawatha .
mkdir www log
docker run -d --name php-fpm php:fpm-alpine
docker run -P --name web --link php-fpm:php \
  -v ./www/:/var/www \
  -v ./log:/var/log/hiawatha \
  -v ./hosts.conf:/etc/hiawatha/hosts.conf \
  -v ./toolkits.conf:/etc/hiawatha/toolkits.conf \
  -v ./bindings.conf:/etc/hiawatha/bindings.conf heri16/hiawatha


The goal here is to provide the most secure basic Hiawatha web server supporting multiple virtual hosts through shared docker volumes.

Use the example .conf files below to ensure that your hiawatha image will upgrade seamlessly and remain secure (when new versions of hiawatha is released).

However, you may also fully override hiawatha.conf if desired:

docker run -v ./hiawatha.conf:/etc/hiawatha/hiawatha.conf

Example hosts.conf:

Define multiple virtualhosts (if required).

VirtualHost {
    Hostname =
    WebsiteRoot = /var/www/
    StartFile = index.php
    AccessLogfile = /var/www/
    ErrorLogfile = /var/www/
    TimeForCGI = 180
    UseFastCGI = PHP
    PreventCSRF = prevent
    PreventSQLi = prevent
    PreventXSS = prevent
    #RequireTLS = yes, 2678400
    #TLScertFile = /etc/letsencrypt/live/
    #UseToolkit = drupal

Example toolkits.conf :

Rewrite rules for drupal.

UrlToolkit {
    ToolkitID = drupal
    RequestURI isfile Return
    Match ^/favicon.ico$ Return
    Match /(.*)\?(.*) Rewrite /index.php?q=$1&$2
    Match /(.*) Rewrite /index.php?q=$1

Example bindings.conf :

Activate HTTPS with default self-signed cert. (For convenience, /etc/hiawatha/tls/selfcertwithkey.pem is generated locally, by when the docker container is first started.)

MinTLSversion = 1.2
DHsize = 4096
Binding {
    Port = 443
    TLScertFile = tls/selfcertwithkey.pem
    MaxRequestSize = 2048
    TimeForRequest = 5, 30

Docker compose

Using docker compose is optional, but it is the recommended way for painless multi-container Docker services.

Example docker-compose.yml:

version: '2'
    image: php:fpm-alpine
     - "9000"
      - ./www/
      - ./www/
    image: heri16/hiawatha:latest
      - php_fpm:php
      - PHP_HOST=php
      - PHP_FPM_PORT=9000
      - "80:80"
      - "443:443"
      - ./www/
      - ./www/
      - ./hiawatha/hosts.conf:/etc/hiawatha/hosts.conf:ro,Z
      - ./hiawatha/bindings.conf:/etc/hiawatha/bindings.conf:ro,Z
      - ./hiawatha/tls/,Z
Docker Pull Command
Source Repository