docker/README.md 및 docker 하위 프로젝트 일괄 추가

docker/docker_centos/docker-compose-centos.yml

+version: '3'
+
+services:
+        os:
+            build:
+                context: .
+                dockerfile: Dockerfile
+                container_name: docker_jobtp
+                ports:
+                        - "2227:22"  # SSH
+                        - "8084:80"  # apache
+                        - "33061:3306" #mysql
+                volumes:
+                        - dbdata_jobtp:/var/lib/mysql
+                        - dbconfig_jobtp:/etc/mysql
+                        - apconfig_jobtp:/etc/httpd
+                        - /webFolder5.6/jobtp:/home/jobtp
+                depends_on:
+                        - os
+
+volumes:
+        dbdata_jobtp:
+                external: true
+        dbconfig_jobtp:
+                external: true
+        apconfig_jobtp:
+                external: true

docker/docker_centos/docker-compose.yml

+version: '3'
+
+services:
+  os:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    container_name: docker_tp
+    restart: always
+    ports:
+      - "2227:22"  # SSH
+      - "8084:80"  # apache
+      - "33061:3306" #mysql
+    network_mode: bridge
+    volumes:
+      - dbdata_tp:/var/lib/mysql
+      - dbconfig_tp:/etc/mysql
+      - apconfig_tp:/etc/httpd
+      - /webFolder5.6/jobtp:/home/jobtp
+      - mailerdata:/home/nmail2
+volumes:
+    dbdata_tp:
+      external: true
+    dbconfig_tp:
+      external: true 
+    apconfig_tp:
+      external: true
+    mailerdata:
+      external: true

docker/docker_centos/my.cnf

+[client]
+default-character-set=utf8
+
+[mysqld]
+collation-server = utf8_unicode_ci
+character-set-server = utf8
+skip-character-set-client-handshake
+datadir=/var/lib/mysql
+socket=/var/lib/mysql/mysql.sock
+user=mysql
+# Disabling symbolic-links is recommended to prevent assorted security risks
+symbolic-links=0
+
+[mysql]
+default-character-set=utf8
+
+[mysqld_safe]
+log-error=/var/log/mysqld.log
+pid-file=/var/run/mysqld/mysqld.pid
+lower_case_table_names=1
+default-time-zone=+9:00
+skip-character-set-client-handshake

docker/docker_centos/rebuild_docker.sh

+#!/bin/bash
+
+# Check and create volumes
+create_volume() {
+    docker volume inspect $1 > /dev/null 2>&1
+    if [ $? -eq 0 ]; then
+        echo "Volume '$1' already exists."
+    else
+        docker volume create --name=$1
+        echo "Volume '$1' created."
+    fi
+}
+
+# Create volumes
+create_volume dbdata_jobtp
+create_volume dbconfig_jobtp
+create_volume apconfig_jobtp
+create_volume mailerdata
+
+# Build Docker image
+docker build -t docker_centos_os .
+
+# Run Docker Compose
+docker-compose up -d

docker/docker_centos/setting.sql

+#원하는 루트 원격 계정 및 password 입력 
+grant all privileges on *.* to root@'%' identified by 'qockdtn!@#$';
+flush privileges;
+
+grant all privileges on biztp.* to biztp@localhost identified by 'biztp!@#$';
+flush privileges;

docker/docker_centos/sshd_config

+#       $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $
+
+# This is the sshd server system-wide configuration file.  See
+# sshd_config(5) for more information.
+
+# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin
+
+# The strategy used for options in the default sshd_config shipped with
+# OpenSSH is to specify options with their default value where
+# possible, but leave them commented.  Uncommented options change a
+# default value.
+
+Port 22
+#AddressFamily any
+ListenAddress 0.0.0.0
+#ListenAddress ::
+
+# Disable legacy (protocol version 1) support in the server for new
+# installations. In future the default will change to require explicit
+# activation of protocol 1
+Protocol 2
+
+# HostKey for protocol version 1
+#HostKey /etc/ssh/ssh_host_key
+# HostKeys for protocol version 2
+#HostKey /etc/ssh/ssh_host_rsa_key
+#HostKey /etc/ssh/ssh_host_dsa_key
+
+# Lifetime and size of ephemeral version 1 server key
+#KeyRegenerationInterval 1h
+#ServerKeyBits 1024
+
+# Logging
+# obsoletes QuietMode and FascistLogging
+#SyslogFacility AUTH
+SyslogFacility AUTHPRIV
+#LogLevel INFO
+
+# Authentication:
+
+#LoginGraceTime 2m
+PermitRootLogin yes
+#StrictModes yes
+#MaxAuthTries 6
+#MaxSessions 10
+
+#RSAAuthentication yes
+#PubkeyAuthentication yes
+#AuthorizedKeysFile     .ssh/authorized_keys
+#AuthorizedKeysCommand none
+#AuthorizedKeysCommandRunAs nobody
+
+# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
+#RhostsRSAAuthentication no
+# similar for protocol version 2
+#HostbasedAuthentication no
+# Change to yes if you don't trust ~/.ssh/known_hosts for
+# RhostsRSAAuthentication and HostbasedAuthentication
+#IgnoreUserKnownHosts no
+# Don't read the user's ~/.rhosts and ~/.shosts files
+#IgnoreRhosts yes
+
+# To disable tunneled clear text passwords, change to no here!
+#PasswordAuthentication yes
+#PermitEmptyPasswords no
+PasswordAuthentication yes
+
+# Change to no to disable s/key passwords
+#ChallengeResponseAuthentication yes
+ChallengeResponseAuthentication no
+
+# Kerberos options
+#KerberosAuthentication no
+#KerberosOrLocalPasswd yes
+#KerberosTicketCleanup yes
+#KerberosGetAFSToken no
+#KerberosUseKuserok yes
+
+# GSSAPI options
+#GSSAPIAuthentication no
+GSSAPIAuthentication yes
+#GSSAPICleanupCredentials yes
+GSSAPICleanupCredentials yes
+#GSSAPIStrictAcceptorCheck yes
+#GSSAPIKeyExchange no
+
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
+# be allowed through the ChallengeResponseAuthentication and
+# PasswordAuthentication.  Depending on your PAM configuration,
+# PAM authentication via ChallengeResponseAuthentication may bypass
+# the setting of "PermitRootLogin without-password".
+# If you just want the PAM account and session checks to run without
+# PAM authentication, then enable this but set PasswordAuthentication
+# and ChallengeResponseAuthentication to 'no'.
+#UsePAM no
+UsePAM yes
+
+# Accept locale-related environment variables
+AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
+AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
+AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
+AcceptEnv XMODIFIERS
+
+#AllowAgentForwarding yes
+#AllowTcpForwarding yes
+#GatewayPorts no
+#X11Forwarding no
+X11Forwarding yes
+#X11DisplayOffset 10
+#X11UseLocalhost yes
+#PrintMotd yes
+#PrintLastLog yes
+#TCPKeepAlive yes
+#UseLogin no
+#UsePrivilegeSeparation yes
+#PermitUserEnvironment no
+#Compression delayed
+#ClientAliveInterval 0
+#ClientAliveCountMax 3
+#ShowPatchLevel no
+#UseDNS yes
+#PidFile /var/run/sshd.pid
+#MaxStartups 10:30:100
+#PermitTunnel no
+#ChrootDirectory none
+
+# no default banner path
+#Banner none
+
+# override default of no subsystems
+Subsystem       sftp    /usr/libexec/openssh/sftp-server
+
+# Example of overriding settings on a per-user basis
+#Match User anoncvs
+#       X11Forwarding no
+#       AllowTcpForwarding no
+#       ForceCommand cvs server

docker/docker_centos/start_service.sh

+#!/bin/bash
+
+# Function to wait for a service to start
+wait_for_service() {
+    local service_name="$1"
+    local max_attempts=30
+    local delay=5
+
+    echo "Waiting for $service_name to start..."
+	    
+    for ((i = 0; i < max_attempts; i++)); do
+    	if systemctl is-active --quiet "$service_name"; then
+        	echo "$service_name is running."
+            	return 0
+        fi
+        sleep "$delay"
+    done
+
+    echo "Timed out waiting for $service_name to start."
+    return 1
+}
+
+# SSH 서버 시작
+/usr/sbin/sshd &
+
+# MySQL 시작 및 루트 계정 생성 및 DB 초기화 							
+service mysqld start
+wait_for_service "mysqld"
+
+mysql -u root --password=!@#gds$%^ < /service_script/setting.sql
+mysql -u root --password=!@#gds$%^ < /service_script/dump.sql
+
+# Apache 시작
+service httpd start
+wait_for_service "httpd"
+
+# 무한 대기를 대신하여 스크립트 종료 방법 (Ctrl+C를 누르면 종료)
+trap "exit" INT TERM
+while true; do
+    sleep 1
+done

docker/docker_centos_desktop/Dockerfile

+# os with ssh
+# images
+FROM centos:6.10
+
+# clear yum cache
+RUN rm -f /var/lib/rpm/__*
+RUN yum clean all
+RUN rm -rf /var/cache/yum
+
+# make new repo with vault.centos
+RUN mkdir -p /var/cache/yum/x86_64/6/base/
+RUN mkdir -p /var/cache/yum/x86_64/6/extras/
+RUN mkdir -p /var/cache/yum/x86_64/6/updates/
+
+RUN echo "http://vault.centos.org/6.10/os/x86_64/" > /var/cache/yum/x86_64/6/base/mirrorlist.txt
+RUN echo "http://vault.centos.org/6.10/extras/x86_64/" > /var/cache/yum/x86_64/6/extras/mirrorlist.txt
+RUN echo "http://vault.centos.org/6.10/updates/x86_64/" > /var/cache/yum/x86_64/6/updates/mirrorlist.txt
+#makecache
+RUN yum makecache
+
+# Update the system
+RUN yum -y update
+
+# Setting Utils
+RUN yum install -y vim net-tools iputils wget tar curl zip unzip scp gcc gcc-c++ xz glibc
+
+# Install OpenSSH Server
+RUN yum install -y openssh-server openssh-clients openssh-devel mod_ssl
+
+# Set up configuration for SSH
+RUN mkdir /var/run/sshd
+RUN echo 'root:!@#gds$%^' | chpasswd
+RUN echo "    StrictHostKeyChecking no" >> /etc/ssh/ssh_config
+
+# SSH login fix. Otherwise, the user is kicked off after login
+RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd
+
+ENV NOTVISIBLE="in users profile"
+RUN echo "export VISIBLE=now" >> /etc/profile
+
+# mySQL install
+RUN yum install -y mysql-server
+
+# mySQL setting
+RUN sed -ri 's/^#?bind-address\s+.*/bind-address = 0.0.0.0/' /etc/my.cnf
+RUN echo default-character-set=utf8 >> /etc/my.cnf
+RUN echo lower_case_table_names=1 >> /etc/my.cnf
+RUN echo default-time-zone='+9:00' >> /etc/my.cnf
+RUN echo skip-character-set-client-handshake >> /etc/my.cnf
+
+#apache install
+RUN yum install -y httpd
+
+#php install
+RUN yum install -y php php-mbstring php-pdo php-xml php-mysql php-gd
+
+# Install development tools and dependencies
+RUN yum install -y centos-release-scl
+RUN curl https://www.getpagespeed.com/files/centos6-scl-eol.repo --output /etc/yum.repos.d/CentOS-SCLo-scl.repo
+RUN curl https://www.getpagespeed.com/files/centos6-scl-rh-eol.repo --output /etc/yum.repos.d/CentOS-SCLo-scl-rh.repo
+RUN yum update -y
+RUN yum install -y devtoolset-8 gmp-devel mpfr-devel libmpc-devel
+
+# Set up working directory
+WORKDIR /usr/local/src
+
+# Install updated build tools
+RUN source /opt/rh/devtoolset-8/enable && \
+    wget https://ftp.gnu.org/gnu/m4/m4-1.4.19.tar.gz && \
+    tar -xzf m4-1.4.19.tar.gz && \
+    cd m4-1.4.19 && \
+    ./configure && \
+    make -j4 && \
+    make install && \
+    wget https://ftp.gnu.org/gnu/binutils/binutils-2.36.1.tar.gz && \
+    tar -xzf binutils-2.36.1.tar.gz && \
+    cd binutils-2.36.1 && \
+    ./configure --prefix=/usr/local && \
+    make -j4 && \
+    make install && \
+    cd .. && \
+    wget https://ftp.gnu.org/gnu/make/make-4.3.tar.gz && \
+    tar -xzf make-4.3.tar.gz && \
+    cd make-4.3 && \
+    ./configure --prefix=/usr/local && \
+    make -j4 && \
+    make install && \
+    wget https://ftp.gnu.org/gnu/bison/bison-3.7.6.tar.gz  && \
+    tar -xzf bison-3.7.6.tar.gz && \
+    cd bison-3.7.6 && \
+    ./configure --prefix=/usr/local && \
+    make -j4 && \
+    make install && \
+    wget https://cdn.kernel.org/pub/linux/kernel/v4.x/linux-4.19.tar.xz && \
+    tar -xJf linux-4.19.tar.xz && \
+    cd linux-4.19 && \
+    make headers_install INSTALL_HDR_PATH=/usr/local
+
+# Install gettext from source
+RUN source /opt/rh/devtoolset-8/enable && \
+    wget https://ftp.gnu.org/gnu/gettext/gettext-0.21.tar.gz && \
+    tar -xzf gettext-0.21.tar.gz && \
+    cd gettext-0.21 && \
+    ./configure --prefix=/usr/local && \
+    make -j4 && \
+    make install
+
+#Set enable variables for gblic compile
+ENV CFLAGS="-O2 -U_FORTIFY_SOURCE -fno-stack-protector"
+ENV CPPFLAGS="-I/usr/local/include"
+ENV LDFLAGS="-L/usr/local/lib"    
+
+RUN wget http://ftp.gnu.org/gnu/libc/glibc-2.28.tar.gz && \
+    tar -xzf glibc-2.28.tar.gz
+COPY test-installation.pl /usr/local/src/glibc-2.28/scripts/test-installation.pl 
+RUN source /opt/rh/devtoolset-8/enable && \
+    cd ./glibc-2.28 && \
+    mkdir build && \
+    cd build && \
+    ../configure --prefix=/usr --enable-add-ons --enable-obsolete-nsl --disable-profile --disable-sanity-checks --disable-werror \
+                 --with-headers=/usr/local/include \
+                 --with-binutils=/usr/local/bin && \
+    make && \
+    make install
+
+RUN wget http://www.vuln.cn/wp-content/uploads/2019/08/libstdc.so_.6.0.26.zip && \
+    unzip libstdc.so_.6.0.26.zip && \
+    cp libstdc++.so.6.0.26 /usr/lib64/ && \
+    cd /usr/lib64 && \
+    cp libstdc++.so.6 libstdc++.so.6.bak && \
+    rm -f libstdc++.so.6 && \
+    ln -s libstdc++.so.6.0.26 libstdc++.so.6
+
+# run script folder and copy script
+RUN mkdir /service_script
+COPY start_service.sh /service_script
+RUN rm /etc/httpd/conf/httpd.conf
+RUN rm /etc/ssh/sshd_config
+RUN rm /etc/php.ini
+RUN rm /etc/my.cnf
+COPY httpd.conf /etc/httpd/conf
+COPY sshd_config /etc/ssh/
+COPY php.ini /etc
+COPY my.cnf /etc
+COPY setting.sql /service_script
+COPY ssl.conf /etc/httpd/conf.d
+
+# Setting locale ko
+RUN localedef -i ko_KR -f UTF-8 ko_KR.UTF-8 && \
+    echo -e "# Setting Language(ko_KR.UTF-8)\nexport LANGUAGE=ko_KR.UTF-8\nexport LANG=ko_KR.UTF-8" >> /etc/profile
+
+RUN echo -e "source /opt/rh/devtoolset-8/enable" >> /etc/profile
+
+# Expose port
+EXPOSE 22 3306 80 443
+
+# Run SSH, DB, APACHE
+CMD ["/service_script/start_service.sh"]

docker/docker_centos_desktop/README.md

+# CentOS 6 기반 웹 서버 환경
+
+이 프로젝트는 오래된 운영 환경인 CentOS 6.10을 기반으로 하는 완전한 웹 서버 환경을 Docker를 사용하여 구축합니다. Apache, PHP, MySQL(APM) 스택을 포함하며, 소스 코드 컴파일을 통해 최신 빌드 도구(GCC 8, Glibc 2.28 등)를 설치하여 레거시 시스템과의 호환성을 유지하면서도 개발 환경을 개선합니다.
+
+## 주요 기능
+
+- **베이스 이미지**: CentOS 6.10 (YUM 저장소 `vault.centos.org`로 재설정)
+- **웹 서버**: Apache HTTP Server, PHP
+- **데이터베이스**: MySQL Server
+- **원격 접속**: OpenSSH Server
+- **빌드 환경**:
+  - `devtoolset-8` (GCC 8)
+  - `glibc 2.28`, `binutils`, `make` 등 주요 라이브러리 및 도구를 소스 컴파일하여 설치
+
+## 사전 요구사항
+
+- [Docker](https://www.docker.com/get-started)
+- [Docker Compose](https://docs.docker.com/compose/install/)
+
+## 사용 방법
+
+제공되는 쉘 스크립트를 사용하여 Docker 볼륨 생성, 이미지 빌드, 서비스 시작을 한 번에 처리할 수 있습니다.
+
+### 1. 서비스 시작 및 빌드
+
+아래 명령어를 실행하여 Docker 컨테이너를 빌드하고 백그라운드에서 실행합니다.
+
+```bash
+./rebuild_docker.sh
+```
+
+이 스크립트는 다음 작업을 자동으로 수행합니다:
+1.  데이터, 설정 등을 영속적으로 저장하기 위한 Docker 볼륨(`dbdata_geumdo`, `dbconfig_geumdo`, `apconfig_geumdo`, `sourcedata_geumdo`)을 확인하고 없는 경우 생성합니다.
+2.  `Dockerfile`을 기반으로 이미지를 빌드합니다. (최초 빌드 시 시간이 매우 오래 걸릴 수 있습니다.)
+3.  `docker-compose.yml` 설정을 사용하여 서비스를 시작합니다.
+
+### 2. 서비스 중지
+
+실행 중인 서비스를 중지하려면 아래 명령어를 사용합니다.
+
+```bash
+docker-compose down
+```
+
+## 서비스 접속 정보
+
+| 서비스 | 호스트 포트 | 컨테이너 포트 | 주소 / 명령어 | 계정 | 비밀번호 |
+|---|---|---|---|---|---|
+| SSH | `2230` | `22` | `ssh root@<서버_IP> -p 2230` | `root` | `!@#gds$%^` |
+| Apache HTTP | `8091` | `80` | `http://<서버_IP>:8091` | - | - |
+| Apache HTTPS | `4445` | `443` | `https://<서버_IP>:4445`| - | - |
+| MySQL | `33063` | `3306` | `<서버_IP>` | `root` | `!@#gds$%^` |
+
+
+## 데이터 영속성 및 설정
+
+- **볼륨**:
+  - `dbdata_geumdo`: MySQL 데이터 파일 (`/var/lib/mysql`)
+  - `dbconfig_geumdo`: MySQL 설정 파일 (`/etc/mysql`)
+  - `apconfig_geumdo`: Apache 설정 파일 (`/etc/httpd`)
+  - `sourcedata_geumdo`: 웹 소스 코드 디렉토리 (`/webFolder`)
+- **설정 파일**:
+  - 프로젝트 루트의 `httpd.conf`, `php.ini`, `my.cnf`, `sshd_config`, `ssl.conf` 파일이 빌드 시 이미지 내부의 설정 파일을 덮어씁니다. 서버 설정을 변경하려면 이 파일들을 수정한 후 `./rebuild_docker.sh`를 다시 실행해야 합니다.
+
+## 기타 참고사항
+1. SSH 접속이 되지 않을 경우, 컨테이너 내부에서 `service sshd restart` 명령 실행 후 재접속을 시도해 보십시오.
+2. VSCode Remote 등으로 접속하여 터미널이 제대로 동작하지 않을 경우, `source /etc/profile` 명령을 실행하여 환경 변수를 다시 불러오십시오. 
\ No newline at end of file

docker/docker_centos_desktop/docker-compose.yml

+version: '3'
+
+services:
+  os:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    container_name: docker_geumdo
+    restart: always
+    ports:
+      - "2230:22"  # SSH
+      - "8091:80"  # apache HTTP
+      - "33063:3306" #mysql
+      - "4445:443" #apache HTTPS
+    network_mode: bridge
+    volumes:
+      - dbdata_geumdo:/var/lib/mysql
+      - dbconfig_geumdo:/etc/mysql
+      - apconfig_geumdo:/etc/httpd
+      - sourcedata_geumdo:/webFolder
+    logging:
+      driver: json-file
+      options:
+        max-size: 10m
+        max-file: "3"
+volumes:
+    dbdata_geumdo:
+      external: true
+    dbconfig_geumdo:
+      external: true 
+    apconfig_geumdo:
+      external: true
+    sourcedata_geumdo:
+      external: true

docker/docker_centos_desktop/my.cnf

+[client]
+default-character-set=utf8
+
+[mysqld]
+collation-server = utf8_unicode_ci
+character-set-server = utf8
+skip-character-set-client-handshake
+datadir=/var/lib/mysql
+socket=/var/lib/mysql/mysql.sock
+user=mysql
+# Disabling symbolic-links is recommended to prevent assorted security risks
+symbolic-links=0
+
+[mysql]
+default-character-set=utf8
+
+[mysqld_safe]
+log-error=/var/log/mysqld.log
+pid-file=/var/run/mysqld/mysqld.pid
+lower_case_table_names=1
+default-time-zone=+9:00
+skip-character-set-client-handshake

docker/docker_centos_desktop/rebuild_docker.sh

+#!/bin/bash
+
+# Check and create volumes
+create_volume() {
+    docker volume inspect $1 > /dev/null 2>&1
+    if [ $? -eq 0 ]; then
+        echo "Volume '$1' already exists."
+    else
+        docker volume create --name=$1
+        echo "Volume '$1' created."
+    fi
+}
+
+# Create volumes
+create_volume dbdata_geumdo
+create_volume dbconfig_geumdo
+create_volume apconfig_geumdo
+create_volume sourcedata_geumdo
+
+# Build Docker image
+docker build -t docker_centos .
+
+# Run Docker Compose
+docker-compose up --build -d

docker/docker_centos_desktop/setting.sql

+#원하는 루트 원격 계정 및 password 입력 
+grant all privileges on *.* to root@'%' identified by '!@#gds$%^';
+flush privileges;

docker/docker_centos_desktop/sshd_config

+#       $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $
+
+# This is the sshd server system-wide configuration file.  See
+# sshd_config(5) for more information.
+
+# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin
+
+# The strategy used for options in the default sshd_config shipped with
+# OpenSSH is to specify options with their default value where
+# possible, but leave them commented.  Uncommented options change a
+# default value.
+
+Port 22
+#AddressFamily any
+ListenAddress 0.0.0.0
+#ListenAddress ::
+
+# Disable legacy (protocol version 1) support in the server for new
+# installations. In future the default will change to require explicit
+# activation of protocol 1
+Protocol 2
+
+# HostKey for protocol version 1
+#HostKey /etc/ssh/ssh_host_key
+# HostKeys for protocol version 2
+#HostKey /etc/ssh/ssh_host_rsa_key
+#HostKey /etc/ssh/ssh_host_dsa_key
+
+# Lifetime and size of ephemeral version 1 server key
+#KeyRegenerationInterval 1h
+#ServerKeyBits 1024
+
+# Logging
+# obsoletes QuietMode and FascistLogging
+#SyslogFacility AUTH
+SyslogFacility AUTHPRIV
+#LogLevel INFO
+
+# Authentication:
+
+#LoginGraceTime 2m
+PermitRootLogin yes
+#StrictModes yes
+#MaxAuthTries 6
+#MaxSessions 10
+
+#RSAAuthentication yes
+#PubkeyAuthentication yes
+#AuthorizedKeysFile     .ssh/authorized_keys
+#AuthorizedKeysCommand none
+#AuthorizedKeysCommandRunAs nobody
+
+# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
+#RhostsRSAAuthentication no
+# similar for protocol version 2
+#HostbasedAuthentication no
+# Change to yes if you don't trust ~/.ssh/known_hosts for
+# RhostsRSAAuthentication and HostbasedAuthentication
+#IgnoreUserKnownHosts no
+# Don't read the user's ~/.rhosts and ~/.shosts files
+#IgnoreRhosts yes
+
+# To disable tunneled clear text passwords, change to no here!
+#PasswordAuthentication yes
+#PermitEmptyPasswords no
+PasswordAuthentication yes
+
+# Change to no to disable s/key passwords
+#ChallengeResponseAuthentication yes
+ChallengeResponseAuthentication no
+
+# Kerberos options
+#KerberosAuthentication no
+#KerberosOrLocalPasswd yes
+#KerberosTicketCleanup yes
+#KerberosGetAFSToken no
+#KerberosUseKuserok yes
+
+# GSSAPI options
+#GSSAPIAuthentication no
+GSSAPIAuthentication yes
+#GSSAPICleanupCredentials yes
+GSSAPICleanupCredentials yes
+#GSSAPIStrictAcceptorCheck yes
+#GSSAPIKeyExchange no
+
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
+# be allowed through the ChallengeResponseAuthentication and
+# PasswordAuthentication.  Depending on your PAM configuration,
+# PAM authentication via ChallengeResponseAuthentication may bypass
+# the setting of "PermitRootLogin without-password".
+# If you just want the PAM account and session checks to run without
+# PAM authentication, then enable this but set PasswordAuthentication
+# and ChallengeResponseAuthentication to 'no'.
+#UsePAM no
+UsePAM yes
+
+# Accept locale-related environment variables
+AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
+AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
+AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
+AcceptEnv XMODIFIERS
+
+#AllowAgentForwarding yes
+#AllowTcpForwarding yes
+#GatewayPorts no
+#X11Forwarding no
+X11Forwarding yes
+#X11DisplayOffset 10
+#X11UseLocalhost yes
+#PrintMotd yes
+#PrintLastLog yes
+#TCPKeepAlive yes
+#UseLogin no
+#UsePrivilegeSeparation yes
+#PermitUserEnvironment no
+#Compression delayed
+#ClientAliveInterval 0
+#ClientAliveCountMax 3
+#ShowPatchLevel no
+#UseDNS yes
+#PidFile /var/run/sshd.pid
+#MaxStartups 10:30:100
+#PermitTunnel no
+#ChrootDirectory none
+
+# no default banner path
+#Banner none
+
+# override default of no subsystems
+Subsystem       sftp    /usr/libexec/openssh/sftp-server
+
+# Example of overriding settings on a per-user basis
+#Match User anoncvs
+#       X11Forwarding no
+#       AllowTcpForwarding no
+#       ForceCommand cvs server

docker/docker_centos_desktop/ssl.conf

+# Ensure mod_ssl is loaded
+LoadModule ssl_module modules/mod_ssl.so
+
+# Listen on port 443 for SSL
+Listen 443
+
+# NameVirtualHost for SSL
+NameVirtualHost *:443
+
+# Global SSL configuration
+SSLSessionCache         shmcb:/run/httpd/sslcache(512000)
+SSLSessionCacheTimeout  300
+SSLRandomSeed connect builtin
+SSLCryptoDevice builtin
+
+# Default SSL VirtualHost
+<VirtualHost _default_:443>
+    SSLEngine on
+    SSLProtocol all -SSLv2
+    SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA
+    SSLCertificateFile /etc/pki/tls/certs/localhost.crt
+    SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
+
+    <Files ~ "\.(cgi|shtml|phtml|php3?)$">
+        SSLOptions +StdEnvVars
+    </Files>
+    <Directory "/var/www/cgi-bin">
+        SSLOptions +StdEnvVars
+    </Directory>
+
+    CustomLog logs/ssl_request_log \
+              "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
+</VirtualHost>
+
+# Custom SSL VirtualHost
+<VirtualHost *:443>
+    ServerAdmin admin@geumdo.net
+    ServerName geumdo.net
+    ServerAlias geumdo.net www.geumdo.net
+    DocumentRoot /webFolder/geumdo
+    ErrorLog /var/log/httpd/geumdo.net-error_log
+    CustomLog /var/log/httpd/geumdo.net-access_log combined
+    SSLEngine on
+    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
+    SSLCertificateFile /webFolder/geumdo/ssl/2023/geumdo.net.crt
+    SSLCertificateKeyFile /webFolder/geumdo/ssl/2023/geumdo.net.key
+    SSLCACertificateFile /webFolder/geumdo/ssl/2023/TrustedRootG2.crt
+    SSLCertificateChainFile /webFolder/geumdo/ssl/2023/DigiCertCAG1.crt
+
+    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
+
+    <Directory /webFolder/geumdo/>
+        Order Allow,Deny
+        Allow from all
+        Deny from env=bad_bot
+    </Directory>
+</VirtualHost>

docker/docker_centos_desktop/start_service.sh

+#!/bin/bash
+
+# SSH
+/usr/sbin/sshd -D & sleep 5
+
+# MariaDB 시작 (DB 실행 후 루트 원격 계정 생성을 위해 sleep)
+service mysqld start && sleep 5
+
+# 루트 원격 계정 생성
+mysql -u root --password=!@#gds$%^ < /service_script/setting.sql
+
+# Apache 시작
+service httpd start && sleep 5
+
+source /etc/profile
+
+tail -f /dev/null